admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-03-26T19:00:19.806925+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-03-26 19:03:50 +00:00
parent cd462a73fd
commit 2c5f18529a
73 changed files with 2938 additions and 564 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
CVE-2018/CVE-2018-105xx/CVE-2018-10562.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-10562",
"sourceIdentifier": "cve@mitre.org",
"published": "2018-05-04T03:29:00.287",
"lastModified": "2025-02-04T15:15:10.307",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-26T17:08:08.180",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -145,7 +145,8 @@
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
"VDB Entry",
"Broken Link"
]
},
{
@ -171,7 +172,8 @@
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
"VDB Entry",
"Broken Link"
]
},
{

6
CVE-2020/CVE-2020-362xx/CVE-2020-36248.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-36248",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-02-19T08:15:11.760",
"lastModified": "2024-11-21T05:29:09.447",
"lastModified": "2025-03-26T17:06:15.547",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -105,9 +105,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:android:*:*",
"criteria": "cpe:2.3:a:owncloud:owncloud_client:*:*:*:*:*:android:*:*",
"versionEndExcluding": "2.15",
"matchCriteriaId": "3D4EB34D-C2BC-41EC-AA21-21010B27ADF5"
"matchCriteriaId": "0361E783-EED5-4388-A812-74DF6C0A5E5E"
}
]
}

6
CVE-2020/CVE-2020-362xx/CVE-2020-36250.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-36250",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-02-19T07:15:13.590",
"lastModified": "2024-11-21T05:29:09.770",
"lastModified": "2025-03-26T17:06:15.547",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -105,9 +105,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:android:*:*",
"criteria": "cpe:2.3:a:owncloud:owncloud_client:*:*:*:*:*:android:*:*",
"versionEndExcluding": "2.15",
"matchCriteriaId": "3D4EB34D-C2BC-41EC-AA21-21010B27ADF5"
"matchCriteriaId": "0361E783-EED5-4388-A812-74DF6C0A5E5E"
}
]
}

32
CVE-2021/CVE-2021-364xx/CVE-2021-36424.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-36424",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-03T18:15:09.200",
"lastModified": "2024-11-21T06:13:42.693",
"lastModified": "2025-03-26T18:15:15.000",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-94"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-364xx/CVE-2021-36425.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-36425",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-03T18:15:09.300",
"lastModified": "2024-11-21T06:13:42.863",
"lastModified": "2025-03-26T18:15:16.017",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-22"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-364xx/CVE-2021-36426.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-36426",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-03T18:15:09.370",
"lastModified": "2024-11-21T06:13:43.043",
"lastModified": "2025-03-26T18:15:16.180",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-434"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-364xx/CVE-2021-36431.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-36431",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-03T18:15:09.433",
"lastModified": "2024-11-21T06:13:43.200",
"lastModified": "2025-03-26T18:15:16.340",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-364xx/CVE-2021-36432.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-36432",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-03T18:15:09.497",
"lastModified": "2024-11-21T06:13:43.363",
"lastModified": "2025-03-26T18:15:16.507",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-364xx/CVE-2021-36433.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-36433",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-03T18:15:09.567",
"lastModified": "2024-11-21T06:13:43.520",
"lastModified": "2025-03-26T18:15:16.670",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-364xx/CVE-2021-36434.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-36434",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-03T18:15:09.637",
"lastModified": "2024-11-21T06:13:43.670",
"lastModified": "2025-03-26T17:15:18.920",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-364xx/CVE-2021-36443.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-36443",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-03T18:15:09.767",
"lastModified": "2024-11-21T06:13:44.180",
"lastModified": "2025-03-26T17:15:20.843",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-352"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-364xx/CVE-2021-36444.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-36444",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-03T18:15:09.883",
"lastModified": "2024-11-21T06:13:44.327",
"lastModified": "2025-03-26T17:15:21.047",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-352"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-364xx/CVE-2021-36484.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-36484",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-03T18:15:10.023",
"lastModified": "2024-11-21T06:13:45.607",
"lastModified": "2025-03-26T17:15:21.240",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-365xx/CVE-2021-36535.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-36535",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-03T18:15:10.653",
"lastModified": "2024-11-21T06:13:47.747",
"lastModified": "2025-03-26T17:15:21.453",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-365xx/CVE-2021-36538.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-36538",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-03T18:15:10.760",
"lastModified": "2024-11-21T06:13:47.897",
"lastModified": "2025-03-26T17:15:21.657",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-365xx/CVE-2021-36544.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-36544",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-03T18:15:10.877",
"lastModified": "2024-11-21T06:13:48.510",
"lastModified": "2025-03-26T17:15:21.853",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-532"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-365xx/CVE-2021-36545.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-36545",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-03T18:15:11.027",
"lastModified": "2024-11-21T06:13:48.677",
"lastModified": "2025-03-26T17:15:22.137",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-365xx/CVE-2021-36546.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-36546",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-03T18:15:11.163",
"lastModified": "2024-11-21T06:13:48.813",
"lastModified": "2025-03-26T17:15:22.397",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-922"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-922"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-365xx/CVE-2021-36569.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-36569",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-03T18:15:11.290",
"lastModified": "2024-11-21T06:13:50.293",
"lastModified": "2025-03-26T17:15:22.617",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-352"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-365xx/CVE-2021-36570.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-36570",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-03T18:15:11.393",
"lastModified": "2024-11-21T06:13:50.433",
"lastModified": "2025-03-26T17:15:22.847",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-352"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-367xx/CVE-2021-36712.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-36712",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-03T18:15:11.520",
"lastModified": "2024-11-21T06:13:57.670",
"lastModified": "2025-03-26T17:15:23.063",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-372xx/CVE-2021-37234.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-37234",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-03T18:15:11.623",
"lastModified": "2024-11-21T06:14:54.353",
"lastModified": "2025-03-26T17:15:23.280",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-352"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-373xx/CVE-2021-37304.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-37304",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-03T18:15:11.770",
"lastModified": "2024-11-21T06:14:56.527",
"lastModified": "2025-03-26T17:15:23.523",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-732"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
}
],
"configurations": [

10
CVE-2022/CVE-2022-253xx/CVE-2022-25338.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-25338",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-04-07T14:15:07.747",
"lastModified": "2024-11-21T06:52:02.040",
"vulnStatus": "Modified",
"lastModified": "2025-03-26T18:06:02.303",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -85,9 +85,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:android:*:*",
"versionEndExcluding": "2.20",
"matchCriteriaId": "E078E880-E85D-42B1-8D09-5B5E911EBA03"
"criteria": "cpe:2.3:a:owncloud:owncloud_client:*:*:*:*:*:android:*:*",
"versionEndExcluding": "2.20.0",
"matchCriteriaId": "DD2C9187-1755-4AC3-9203-DEDA2CBF078F"
}
]
}

10
CVE-2022/CVE-2022-253xx/CVE-2022-25339.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-25339",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-04-07T15:15:07.747",
"lastModified": "2024-11-21T06:52:02.190",
"vulnStatus": "Modified",
"lastModified": "2025-03-26T18:05:56.120",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -85,9 +85,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:android:*:*",
"versionEndExcluding": "2.20",
"matchCriteriaId": "E078E880-E85D-42B1-8D09-5B5E911EBA03"
"criteria": "cpe:2.3:a:owncloud:owncloud_client:*:*:*:*:*:android:*:*",
"versionEndExcluding": "2.20.0",
"matchCriteriaId": "DD2C9187-1755-4AC3-9203-DEDA2CBF078F"
}
]
}

32
CVE-2022/CVE-2022-341xx/CVE-2022-34138.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-34138",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-03T15:15:08.927",
"lastModified": "2024-11-21T07:08:55.683",
"lastModified": "2025-03-26T18:15:17.243",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-639"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-639"
}
]
}
],
"configurations": [

6
CVE-2023/CVE-2023-239xx/CVE-2023-23948.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-23948",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-02-13T17:15:11.347",
"lastModified": "2024-11-21T07:47:09.617",
"lastModified": "2025-03-26T17:06:15.547",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -90,9 +90,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:android:*:*",
"criteria": "cpe:2.3:a:owncloud:owncloud_client:*:*:*:*:*:android:*:*",
"versionEndIncluding": "3.0",
"matchCriteriaId": "CE639FC3-71DA-4EAD-A4FD-8BA194C4583B"
"matchCriteriaId": "D72DF001-0DD7-4A81-94BE-5261630598A9"
}
]
}

10
CVE-2023/CVE-2023-248xx/CVE-2023-24804.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-24804",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-02-13T17:15:11.487",
"lastModified": "2024-11-21T07:48:25.763",
"vulnStatus": "Modified",
"lastModified": "2025-03-26T17:34:24.590",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -90,9 +90,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:android:*:*",
"versionEndExcluding": "3.0",
"matchCriteriaId": "58DF6EE2-DD7C-4458-B897-F00F2818B7EA"
"criteria": "cpe:2.3:a:owncloud:owncloud_client:*:*:*:*:*:android:*:*",
"versionEndExcluding": "3.0.0",
"matchCriteriaId": "CC2D17B0-55D5-4AEB-9FCA-C688B0E387E0"
}
]
}

32
CVE-2023/CVE-2023-250xx/CVE-2023-25013.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25013",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-02T01:15:08.600",
"lastModified": "2024-11-21T07:48:55.870",
"lastModified": "2025-03-26T18:15:23.207",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -52,6 +52,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -65,6 +85,16 @@
"value": "CWE-306"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"configurations": [

12
CVE-2023/CVE-2023-250xx/CVE-2023-25014.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25014",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-02T01:15:08.670",
"lastModified": "2024-11-21T07:48:56.013",
"lastModified": "2025-03-26T18:15:23.490",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -65,6 +65,16 @@
"value": "CWE-306"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-250xx/CVE-2023-25015.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25015",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-02T04:15:08.107",
"lastModified": "2024-11-21T07:48:56.147",
"lastModified": "2025-03-26T18:15:23.670",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-352"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-652"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-69xx/CVE-2023-6936.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6936",
"sourceIdentifier": "facts@wolfssl.com",
"published": "2024-02-20T22:15:08.197",
"lastModified": "2025-02-12T17:01:14.790",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-26T17:15:23.757",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -69,6 +69,16 @@
"value": "CWE-125"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-126"
}
]
}
],
"configurations": [

54
CVE-2024/CVE-2024-100xx/CVE-2024-10096.json
View File

@ -2,59 +2,15 @@
"id": "CVE-2024-10096",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:14.613",
"lastModified": "2025-03-20T10:15:14.613",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-26T17:15:23.943",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dask versions <=2024.8.2 contain a vulnerability in the Dask Distributed Server where the use of pickle serialization allows attackers to craft malicious objects. These objects can be serialized on the client side and sent to the server for deserialization, leading to remote command execution and potentially granting full control over the Dask server."
},
{
"lang": "es",
"value": "Las versiones de Dask anteriores a la 2024.8.2 contienen una vulnerabilidad en el servidor distribuido de Dask donde el uso de la serializaci\u00f3n de pickle permite a los atacantes manipular objetos maliciosos. Estos objetos pueden serializarse en el cliente y enviarse al servidor para su deserializaci\u00f3n, lo que permite la ejecuci\u00f3n remota de comandos y potencialmente otorga control total sobre el servidor de Dask."
"value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/a4be847b-a52d-42cc-9e78-3299e2d30ab2",
"source": "security@huntr.dev"
}
]
"metrics": {},
"references": []
}

77
CVE-2024/CVE-2024-139xx/CVE-2024-13921.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13921",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-03-20T12:15:13.633",
"lastModified": "2025-03-20T12:15:13.633",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-26T17:49:09.037",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,6 +19,26 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -49,28 +69,71 @@
"value": "CWE-502"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webtoffee:order_export_\\&_order_import_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.6.1",
"matchCriteriaId": "4786F195-CDD4-40AD-902A-2D7D9F83B27B"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/order-import-export-for-woocommerce/trunk/admin/modules/export/classes/class-export-ajax.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/order-import-export-for-woocommerce/trunk/admin/modules/import/classes/class-import-ajax.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3258567/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://wordpress.org/plugins/users-customers-import-export-for-wp-woocommerce/#developers",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c5fcfa21-b3f7-4241-a931-9708ced4f811?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-139xx/CVE-2024-13922.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13922",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-03-20T12:15:13.777",
"lastModified": "2025-03-20T12:15:13.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-26T18:05:29.983",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2
}
]
},
@ -49,24 +69,64 @@
"value": "CWE-73"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webtoffee:order_export_\\&_order_import_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.6.1",
"matchCriteriaId": "4786F195-CDD4-40AD-902A-2D7D9F83B27B"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/order-import-export-for-woocommerce/trunk/admin/modules/history/history.php#L248",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3258567/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://wordpress.org/plugins/product-import-export-for-woo/#developers",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4eb8f85f-656a-4e5a-a57d-7289da2cd951?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-139xx/CVE-2024-13923.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13923",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-03-20T12:15:13.933",
"lastModified": "2025-03-20T12:15:13.933",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-26T18:18:32.280",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 4.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2
}
]
},
@ -49,24 +69,64 @@
"value": "CWE-918"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webtoffee:order_export_\\&_order_import_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.6.1",
"matchCriteriaId": "4786F195-CDD4-40AD-902A-2D7D9F83B27B"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/order-import-export-for-woocommerce/trunk/admin/modules/import/classes/class-import-ajax.php#L175",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3258567/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://wordpress.org/plugins/order-import-export-for-woocommerce/#developers",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3283b3ff-1787-466b-9517-84bd715e4165?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

27
CVE-2024/CVE-2024-23xx/CVE-2024-2322.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-2322",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-04-03T05:15:47.920",
"lastModified": "2024-11-21T09:09:30.220",
"lastModified": "2025-03-26T18:15:23.890",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "El complemento WooCommerce Cart Abandonment Recovery de WordPress anterior a 1.2.27 no tiene verificaci\u00f3n CSRF en sus acciones masivas, lo que podr\u00eda permitir a los atacantes hacer que los administradores registrados eliminen plantillas de correo electr\u00f3nico arbitrarias, as\u00ed como eliminar y cancelar la suscripci\u00f3n de usuarios de pedidos abandonados a trav\u00e9s de ataques CSRF."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://wpscan.com/vulnerability/c740ed3b-d6b8-4afc-8c6b-a1ec37597055/",

14
CVE-2024/CVE-2024-263xx/CVE-2024-26309.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26309",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-08T02:15:50.640",
"lastModified": "2025-03-12T13:25:47.260",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-26T17:15:24.067",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -69,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"configurations": [

27
CVE-2024/CVE-2024-276xx/CVE-2024-27632.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-27632",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-08T22:15:08.413",
"lastModified": "2024-11-21T09:04:50.717",
"lastModified": "2025-03-26T17:15:24.263",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "Un problema en GNU Savane v.3.12 y anteriores permite a un atacante remoto escalar privilegios a trav\u00e9s de form_id en la funci\u00f3n form_header()."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",

32
CVE-2024/CVE-2024-278xx/CVE-2024-27823.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-27823",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-07-29T23:15:10.170",
"lastModified": "2024-11-21T09:05:10.170",
"lastModified": "2025-03-26T17:15:24.463",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-362"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [

27
CVE-2024/CVE-2024-345xx/CVE-2024-34529.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-34529",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-06T00:15:10.320",
"lastModified": "2024-11-21T09:18:52.587",
"lastModified": "2025-03-26T17:15:24.770",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "Nebari hasta 2024.4.1 imprime la contrase\u00f1a ra\u00edz temporal de Keycloak."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.2,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",

32
CVE-2024/CVE-2024-408xx/CVE-2024-40803.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-40803",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-07-29T23:15:12.873",
"lastModified": "2024-11-21T09:31:39.960",
"lastModified": "2025-03-26T17:15:24.990",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-843"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
}
],
"configurations": [

21
CVE-2024/CVE-2024-416xx/CVE-2024-41643.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-41643",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-26T18:15:24.317",
"lastModified": "2025-03-26T18:15:24.317",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in Arris NVG443B 9.3.0h3d36 allows a physically proximate attacker to execute arbitrary code via the cshell login component."
}
],
"metrics": {},
"references": [
{
"url": "https://gavpherk.github.io/GavinKelsey/",
"source": "cve@mitre.org"
}
]
}

22
CVE-2024/CVE-2024-43xx/CVE-2024-4382.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-4382",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-06-21T06:15:12.017",
"lastModified": "2024-11-21T09:42:44.307",
"lastModified": "2025-03-26T17:15:25.243",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},

60
CVE-2024/CVE-2024-77xx/CVE-2024-7773.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7773",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:37.393",
"lastModified": "2025-03-20T14:15:21.793",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-26T17:27:56.490",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -51,18 +73,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ollama:ollama:0.1.37:*:*:*:*:*:*:*",
"matchCriteriaId": "D47A8C6D-889D-4DB7-97CB-2B8A657F7CAC"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/ollama/ollama/commit/123a722a6f541e300bc8e34297ac378ebe23f527",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.com/bounties/aeb82e05-484f-4431-9ede-25a3478d8dbb",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://huntr.com/bounties/aeb82e05-484f-4431-9ede-25a3478d8dbb",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

56
CVE-2024/CVE-2024-77xx/CVE-2024-7776.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7776",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:37.520",
"lastModified": "2025-03-20T16:15:14.010",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-26T17:20:27.680",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -51,14 +73,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:onnx:onnx:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.16.1",
"matchCriteriaId": "F3C3A586-29F2-4E07-AF43-2C1428A90EF2"
}
]
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/a7a46cf6-1fa0-454b-988c-62d222e83f63",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://huntr.com/bounties/a7a46cf6-1fa0-454b-988c-62d222e83f63",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

54
CVE-2024/CVE-2024-98xx/CVE-2024-9880.json
View File

@ -2,59 +2,15 @@
"id": "CVE-2024-9880",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:50.300",
"lastModified": "2025-03-20T10:15:50.300",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-26T17:15:25.453",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A command injection vulnerability exists in the `pandas.DataFrame.query` function of pandas-dev/pandas versions up to and including v2.2.2. This vulnerability allows an attacker to execute arbitrary commands on the server by crafting a malicious query. The issue arises from the improper validation of user-supplied input in the `query` function when using the 'python' engine, leading to potential remote command execution."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de inyecci\u00f3n de comandos en la funci\u00f3n `pandas.DataFrame.query` de las versiones de pandas-dev/pandas hasta la v2.2.2 incluida. Esta vulnerabilidad permite a un atacante ejecutar comandos arbitrarios en el servidor mediante la creaci\u00f3n de una consulta maliciosa. El problema surge debido a la validaci\u00f3n incorrecta de la entrada proporcionada por el usuario en la funci\u00f3n `query` al usar el motor `Python`, lo que puede provocar la ejecuci\u00f3n remota de comandos."
"value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/a49baae1-4652-4d6c-a179-313c21c41a8d",
"source": "security@huntr.dev"
}
]
"metrics": {},
"references": []
}

84
CVE-2025/CVE-2025-18xx/CVE-2025-1802.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-1802",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-03-20T12:15:14.413",
"lastModified": "2025-03-20T12:15:14.413",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-26T18:22:17.850",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -49,32 +69,78 @@
"value": "CWE-79"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hasthemes:ht_mega:*:*:*:*:free:wordpress:*:*",
"versionEndExcluding": "2.8.4",
"matchCriteriaId": "F816488A-BF55-4194-BAB8-348CCBDE1942"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/ht-mega-for-elementor/trunk/extensions/scroll-to-top/assets/js/htmega-scroll-to-top.js",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/ht-mega-for-elementor/trunk/includes/widgets/htmega_googlemap.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/ht-mega-for-elementor/trunk/includes/widgets/htmega_notify.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3249106/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3257530/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/68530904-22d2-4228-b9f2-76f5ee1fd541?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

14
CVE-2025/CVE-2025-19xx/CVE-2025-1936.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-1936",
"sourceIdentifier": "security@mozilla.org",
"published": "2025-03-04T14:15:38.500",
"lastModified": "2025-03-25T18:15:34.550",
"lastModified": "2025-03-26T17:15:25.527",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-158"
}
]
}
],
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1940027",

33
CVE-2025/CVE-2025-24xx/CVE-2025-2499.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2025-2499",
"sourceIdentifier": "security@devolutions.net",
"published": "2025-03-26T18:15:25.720",
"lastModified": "2025-03-26T18:15:25.720",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Client side access control bypass in the permission component in \nDevolutions Remote Desktop Manager on Windows. An authenticated user can exploit this flaw to bypass certain permission restrictions\u2014specifically View Password, Edit Asset, and Edit Permissions by performing specific actions. \n\nThis issue affects Remote Desktop Manager versions from 2025.1.24 through 2025.1.25, and all versions up to 2024.3.29."
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@devolutions.net",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://devolutions.net/security/advisories/DEVO-2025-0005/",
"source": "security@devolutions.net"
}
]
}

33
CVE-2025/CVE-2025-25xx/CVE-2025-2528.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2025-2528",
"sourceIdentifier": "security@devolutions.net",
"published": "2025-03-26T18:15:26.020",
"lastModified": "2025-03-26T18:15:26.020",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper authorization in application password policy in Devolutions Remote Desktop Manager on Windows allows an authenticated user to \nuse a configuration different from the one mandated by the system administrators.\n\n\n\n\n\nThis issue affects Remote Desktop Manager versions from 2025.1.24 through 2025.1.25, and all versions up to 2024.3.29."
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@devolutions.net",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-285"
}
]
}
],
"references": [
{
"url": "https://devolutions.net/security/advisories/DEVO-2025-0005/",
"source": "security@devolutions.net"
}
]
}

33
CVE-2025/CVE-2025-25xx/CVE-2025-2562.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2025-2562",
"sourceIdentifier": "security@devolutions.net",
"published": "2025-03-26T18:15:26.247",
"lastModified": "2025-03-26T18:15:26.247",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Insufficient logging in the autotyping feature in Devolutions Remote Desktop Manager on Windows allows an authenticated user to use a stored password without generating a corresponding log event, via the use of the autotyping functionality.\n\n\n\n\n\n\n\nThis issue affects Remote Desktop Manager versions from 2025.1.24 through 2025.1.25, and all versions up to 2024.3.29."
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@devolutions.net",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-778"
}
]
}
],
"references": [
{
"url": "https://devolutions.net/security/advisories/DEVO-2025-0005/",
"source": "security@devolutions.net"
}
]
}

33
CVE-2025/CVE-2025-26xx/CVE-2025-2600.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2025-2600",
"sourceIdentifier": "security@devolutions.net",
"published": "2025-03-26T18:15:26.437",
"lastModified": "2025-03-26T18:15:26.437",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper authorization in the variable component in Devolutions Remote Desktop Manager on Windows allows an authenticated password to use the ELEVATED_PASSWORD variable even though not allowed by the \"Allow password in variable policy\". \n\n\n\n\n\nThis issue affects Remote Desktop Manager versions from 2025.1.24 through 2025.1.25, and all versions up to 2024.3.29."
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@devolutions.net",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-285"
}
]
}
],
"references": [
{
"url": "https://devolutions.net/security/advisories/DEVO-2025-0005/",
"source": "security@devolutions.net"
}
]
}

78
CVE-2025/CVE-2025-26xx/CVE-2025-2618.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2618",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-22T14:15:16.650",
"lastModified": "2025-03-24T18:15:23.980",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-26T18:48:51.253",
"vulnStatus": "Analyzed",
"cveTags": [
{
"sourceIdentifier": "cna@vuldb.com",
@ -129,32 +129,94 @@
"value": "CWE-122"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dap-1620_firmware:1.03:*:*:*:*:*:*:*",
"matchCriteriaId": "D7AC78AA-D1B1-401C-A98A-1409533F4F77"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dap-1620:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D651B571-E516-40C6-84A0-17EF83DC9D57"
}
]
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.300620",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.300620",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"VDB Entry",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?submit.518963",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://witty-maiasaura-083.notion.site/D-link-DAP-1620-set_ws_action-Vulnerability-1afb2f2a6361804e86dcde1e78ea2a8e",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.dlink.com/",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Product"
]
},
{
"url": "https://witty-maiasaura-083.notion.site/D-link-DAP-1620-set_ws_action-Vulnerability-1afb2f2a6361804e86dcde1e78ea2a8e",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

78
CVE-2025/CVE-2025-26xx/CVE-2025-2619.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2619",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-22T14:15:16.867",
"lastModified": "2025-03-24T18:15:24.110",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-26T18:46:06.633",
"vulnStatus": "Analyzed",
"cveTags": [
{
"sourceIdentifier": "cna@vuldb.com",
@ -129,32 +129,94 @@
"value": "CWE-121"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dap-1620_firmware:1.03:*:*:*:*:*:*:*",
"matchCriteriaId": "D7AC78AA-D1B1-401C-A98A-1409533F4F77"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dap-1620:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D651B571-E516-40C6-84A0-17EF83DC9D57"
}
]
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.300621",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.300621",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"VDB Entry",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?submit.518968",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://witty-maiasaura-083.notion.site/D-link-DAP-1620-check_dws_cookie-Vulnerability-1b4b2f2a6361805ca74fdf4949385ade",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.dlink.com/",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Product"
]
},
{
"url": "https://witty-maiasaura-083.notion.site/D-link-DAP-1620-check_dws_cookie-Vulnerability-1b4b2f2a6361805ca74fdf4949385ade",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

78
CVE-2025/CVE-2025-26xx/CVE-2025-2620.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2620",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-22T15:15:38.860",
"lastModified": "2025-03-24T18:15:24.240",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-26T18:44:24.017",
"vulnStatus": "Analyzed",
"cveTags": [
{
"sourceIdentifier": "cna@vuldb.com",
@ -129,32 +129,94 @@
"value": "CWE-121"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dap-1620_firmware:1.03:*:*:*:*:*:*:*",
"matchCriteriaId": "D7AC78AA-D1B1-401C-A98A-1409533F4F77"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dap-1620:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D651B571-E516-40C6-84A0-17EF83DC9D57"
}
]
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.300622",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.300622",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"VDB Entry",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?submit.518969",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://witty-maiasaura-083.notion.site/D-link-DAP-1620-mod_graph_auth_uri_handler-Vulnerability-1afb2f2a6361809ea7f2dc4df3b85f1f",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.dlink.com/",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Product"
]
},
{
"url": "https://witty-maiasaura-083.notion.site/D-link-DAP-1620-mod_graph_auth_uri_handler-Vulnerability-1afb2f2a6361809ea7f2dc4df3b85f1f",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

98
CVE-2025/CVE-2025-26xx/CVE-2025-2621.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2621",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-22T17:15:34.790",
"lastModified": "2025-03-24T13:15:26.220",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-26T18:43:08.013",
"vulnStatus": "Analyzed",
"cveTags": [
{
"sourceIdentifier": "cna@vuldb.com",
@ -87,6 +87,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -129,32 +149,94 @@
"value": "CWE-121"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dap-1620_firmware:1.03:*:*:*:*:*:*:*",
"matchCriteriaId": "D7AC78AA-D1B1-401C-A98A-1409533F4F77"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dap-1620:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D651B571-E516-40C6-84A0-17EF83DC9D57"
}
]
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.300623",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.300623",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.518980",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://witty-maiasaura-083.notion.site/D-link-DAP-1620-check_dws_uid-Vulnerability-1b4b2f2a63618025b049f6e62a1835c0",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.dlink.com/",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Product"
]
},
{
"url": "https://witty-maiasaura-083.notion.site/D-link-DAP-1620-check_dws_uid-Vulnerability-1b4b2f2a63618025b049f6e62a1835c0",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

91
CVE-2025/CVE-2025-26xx/CVE-2025-2622.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2622",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-22T17:15:35.213",
"lastModified": "2025-03-24T20:15:18.683",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-26T18:38:53.113",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -80,6 +80,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -122,32 +142,87 @@
"value": "CWE-502"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:aizuda:snail-job:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C4C5B8D-DAD7-455F-B05B-6F11C3802C6F"
}
]
}
]
}
],
"references": [
{
"url": "https://gitee.com/aizuda/snail-job/issues/IBSQ24",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://gitee.com/aizuda/snail-job/issues/IBSQ24#note_38500450_link",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.300624",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.300624",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.518999",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://gitee.com/aizuda/snail-job/issues/IBSQ24",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

83
CVE-2025/CVE-2025-26xx/CVE-2025-2623.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2623",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-22T18:15:12.497",
"lastModified": "2025-03-24T15:15:17.380",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-26T18:29:45.483",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -80,6 +80,26 @@
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
],
"cvssMetricV2": [
@ -122,28 +142,77 @@
"value": "CWE-94"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:westboy:cicadascms:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9379B538-FA85-401F-9C78-CA16985000E1"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/IceFoxH/VULN/issues/10",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.300625",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.300625",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.519294",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://github.com/IceFoxH/VULN/issues/10",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

81
CVE-2025/CVE-2025-26xx/CVE-2025-2624.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2624",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-22T19:15:34.450",
"lastModified": "2025-03-24T13:15:26.373",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-26T18:26:27.147",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -80,6 +80,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [
@ -122,28 +142,75 @@
"value": "CWE-89"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:westboy:cicadascms:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9379B538-FA85-401F-9C78-CA16985000E1"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/IceFoxH/VULN/issues/11",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://vuldb.com/?ctiid.300626",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.300626",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.519295",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://github.com/IceFoxH/VULN/issues/11",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

86
CVE-2025/CVE-2025-276xx/CVE-2025-27609.json Normal file
View File

@ -0,0 +1,86 @@
{
"id": "CVE-2025-27609",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-03-26T17:15:25.877",
"lastModified": "2025-03-26T17:15:25.877",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 allows an attacker to craft a request that, once transmitted to a victim's Icinga Web, allows to embed arbitrary Javascript into it and to act on behalf of that user. This issue has been resolved in versions 2.11.5 and 2.12.3 of Icinga Web 2. As a workaround, those who have Icinga Web 2.12.2 may enable a content security policy in the application settings. Any modern browser with a working CORS implementation also sufficiently guards against the vulnerability."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 1.1,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "UNREPORTED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/Icinga/icingaweb2/releases/tag/v2.11.5",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/Icinga/icingaweb2/releases/tag/v2.12.3",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/Icinga/icingaweb2/security/advisories/GHSA-5cjw-fwjc-8j38",
"source": "security-advisories@github.com"
}
]
}

27
CVE-2025/CVE-2025-27xx/CVE-2025-2783.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-2783",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2025-03-26T16:15:23.693",
"lastModified": "2025-03-26T16:15:23.693",
"lastModified": "2025-03-26T17:15:26.237",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -11,7 +11,30 @@
"value": "Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 6.0
}
]
},
"references": [
{
"url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html",

14
CVE-2025/CVE-2025-28xx/CVE-2025-2825.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-2825",
"sourceIdentifier": "disclosure@vulncheck.com",
"published": "2025-03-26T16:15:23.883",
"lastModified": "2025-03-26T16:15:23.883",
"lastModified": "2025-03-26T17:15:26.410",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -35,6 +35,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"references": [
{
"url": "https://www.crushftp.com/crush11wiki/Wiki.jsp?page=Update",

50
CVE-2025/CVE-2025-292xx/CVE-2025-29218.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-29218",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-20T19:15:37.790",
"lastModified": "2025-03-21T18:15:37.503",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-26T18:23:20.987",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,18 +51,58 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:w18e_firmware:16.01.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "125BF798-C5BA-40C5-A7C9-CC3F09102584"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:w18e:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9DAD12-6B22-41A8-9C1B-69498C5BBDE1"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/isstabber/a03c9dc3e89d5cf3b9e46dbef1ee5bf1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/isstabber/my_VulnHub/blob/main/TendaW18eV2/poc_wifipwd_stack_overflow.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://gist.github.com/isstabber/a03c9dc3e89d5cf3b9e46dbef1ee5bf1",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

64
CVE-2025/CVE-2025-301xx/CVE-2025-30164.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2025-30164",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-03-26T17:15:26.560",
"lastModified": "2025-03-26T17:15:26.560",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 vulnerability allows an attacker to craft a URL that, once visited by an authenticated user (or one that is able to authenticate), allows to manipulate the backend to redirect the user to any location. This issue has been resolved in versions 2.11.5 and 2.12.3 of Icinga Web 2. No known workarounds are available."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
],
"references": [
{
"url": "https://github.com/Icinga/icingaweb2/releases/tag/v2.11.5",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/Icinga/icingaweb2/releases/tag/v2.12.3",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/Icinga/icingaweb2/security/advisories/GHSA-8r73-6686-wv8q",
"source": "security-advisories@github.com"
}
]
}

78
CVE-2025/CVE-2025-302xx/CVE-2025-30217.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2025-30217",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-03-26T17:15:26.740",
"lastModified": "2025-03-26T17:15:26.740",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Frappe is a full-stack web application framework. Prior to versions 14.93.2 and 15.55.0, a SQL Injection vulnerability has been identified in Frappe Framework which could allow a malicious actor to access sensitive information. Versions 14.93.2 and 15.55.0 contain a patch for the issue. No known workarounds are available."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "UNREPORTED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/frappe/frappe/security/advisories/GHSA-6phg-4wmq-h5h3",
"source": "security-advisories@github.com"
}
]
}

56
CVE-2025/CVE-2025-302xx/CVE-2025-30225.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-30225",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-03-26T17:15:26.917",
"lastModified": "2025-03-26T17:15:26.917",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directus is a real-time API and App dashboard for managing SQL database content. The `@directus/storage-driver-s3` package starting in version 9.22.0 and prior to version 12.0.1, corresponding to Directus starting in version 9.22.0 and prior to 11.5.0, is vulnerable to asset unavailability after a burst of malformed transformations. When making many malformed transformation requests at once, at some point, all assets are served as 403. This causes denial of assets for all policies of Directus, including Admin and Public. Version 12.0.1 of the `@directus/storage-driver-s3` package, corresponding to version 11.5.0 of Directus, fixes the issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"references": [
{
"url": "https://github.com/directus/directus/security/advisories/GHSA-j8xj-7jff-46mx",
"source": "security-advisories@github.com"
}
]
}

56
CVE-2025/CVE-2025-303xx/CVE-2025-30350.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-30350",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-03-26T17:15:27.093",
"lastModified": "2025-03-26T17:15:27.093",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directus is a real-time API and App dashboard for managing SQL database content. The `@directus/storage-driver-s3` package starting in version 9.22.0 and prior to version 12.0.1, corresponding to Directus starting in version 9.22.0 and prior to 11.5.0, is vulnerable to asset unavailability after a burst of HEAD requests. Some tools use Directus to sync content and assets, and some of those tools use the HEAD method to check the existence of files. When making many HEAD requests at once, at some point, all assets are eventually served as 403. This causes denial of assets for all policies of Directus, including Admin and Public. Version 12.0.1 of the `@directus/storage-driver-s3` package, corresponding to version 11.5.0 of Directus, fixes the issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"references": [
{
"url": "https://github.com/directus/directus/security/advisories/GHSA-rv78-qqrq-73m5",
"source": "security-advisories@github.com"
}
]
}

64
CVE-2025/CVE-2025-303xx/CVE-2025-30351.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2025-30351",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-03-26T18:15:26.873",
"lastModified": "2025-03-26T18:15:26.873",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 10.10.0 and prior to version 11.5.0, a suspended user can use the token generated in session auth mode to access the API despite their status. This happens because there is a check missing in `verifySessionJWT` to verify that a user is actually still active and allowed to access the API. One can extract the session token obtained by, e.g. login in to the app while still active and then, after the user has been suspended continue to use that token until it expires. Version 11.5.0 patches the issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"baseScore": 3.5,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-672"
}
]
}
],
"references": [
{
"url": "https://github.com/directus/directus/commit/ef179931c55b50c110feca8404901d5633940771",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/directus/directus/security/advisories/GHSA-56p6-qw3c-fq2g",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/directus/directus/security/advisories/GHSA-56p6-qw3c-fq2g",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

60
CVE-2025/CVE-2025-303xx/CVE-2025-30352.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-30352",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-03-26T18:15:27.080",
"lastModified": "2025-03-26T18:15:27.080",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 9.0.0-alpha.4 and prior to version 11.5.0, the `search` query parameter allows users with access to a collection to filter items based on fields they do not have permission to view. This allows the enumeration of unknown field contents. The searchable columns (numbers & strings) are not checked against permissions when injecting the `where` clauses for applying the search query. This leads to the possibility of enumerating those un-permitted fields. Version 11.5.0 fixes the issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://github.com/directus/directus/commit/ac5a9964d9926f20dc063a74cb417dc7bbad676d",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/directus/directus/security/advisories/GHSA-7wq3-jr35-275c",
"source": "security-advisories@github.com"
}
]
}

60
CVE-2025/CVE-2025-303xx/CVE-2025-30353.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-30353",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-03-26T18:15:27.327",
"lastModified": "2025-03-26T18:15:27.327",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 9.12.0 and prior to version 11.5.0, when a Flow with the \"Webhook\" trigger and the \"Data of Last Operation\" response body encounters a ValidationError thrown by a failed condition operation, the API response includes sensitive data. This includes environmental variables, sensitive API keys, user accountability information, and operational data. This issue poses a significant security risk, as any unintended exposure of this data could lead to potential misuse. Version 11.5.0 fixes the issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://github.com/directus/directus/security/advisories/GHSA-fm3h-p9wm-h74h",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/directus/directus/security/advisories/GHSA-fm3h-p9wm-h74h",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

98
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-03-26T17:00:19.995683+00:00
2025-03-26T19:00:19.806925+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-03-26T16:46:35.783000+00:00
2025-03-26T18:48:51.253000+00:00
```
### Last Data Feed Release
@ -33,69 +33,57 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
286693
286706
```
### CVEs added in the last Commit
Recently added CVEs: `86`
Recently added CVEs: `13`
- [CVE-2025-28858](CVE-2025/CVE-2025-288xx/CVE-2025-28858.json) (`2025-03-26T15:16:14.317`)
- [CVE-2025-28865](CVE-2025/CVE-2025-288xx/CVE-2025-28865.json) (`2025-03-26T15:16:14.460`)
- [CVE-2025-28869](CVE-2025/CVE-2025-288xx/CVE-2025-28869.json) (`2025-03-26T15:16:14.617`)
- [CVE-2025-28873](CVE-2025/CVE-2025-288xx/CVE-2025-28873.json) (`2025-03-26T15:16:14.767`)
- [CVE-2025-28877](CVE-2025/CVE-2025-288xx/CVE-2025-28877.json) (`2025-03-26T15:16:14.917`)
- [CVE-2025-28880](CVE-2025/CVE-2025-288xx/CVE-2025-28880.json) (`2025-03-26T15:16:15.070`)
- [CVE-2025-28882](CVE-2025/CVE-2025-288xx/CVE-2025-28882.json) (`2025-03-26T15:16:15.227`)
- [CVE-2025-28885](CVE-2025/CVE-2025-288xx/CVE-2025-28885.json) (`2025-03-26T15:16:15.380`)
- [CVE-2025-28889](CVE-2025/CVE-2025-288xx/CVE-2025-28889.json) (`2025-03-26T15:16:15.543`)
- [CVE-2025-28890](CVE-2025/CVE-2025-288xx/CVE-2025-28890.json) (`2025-03-26T15:16:15.700`)
- [CVE-2025-28893](CVE-2025/CVE-2025-288xx/CVE-2025-28893.json) (`2025-03-26T15:16:15.873`)
- [CVE-2025-28898](CVE-2025/CVE-2025-288xx/CVE-2025-28898.json) (`2025-03-26T15:16:16.030`)
- [CVE-2025-28899](CVE-2025/CVE-2025-288xx/CVE-2025-28899.json) (`2025-03-26T15:16:16.190`)
- [CVE-2025-28903](CVE-2025/CVE-2025-289xx/CVE-2025-28903.json) (`2025-03-26T15:16:16.340`)
- [CVE-2025-28911](CVE-2025/CVE-2025-289xx/CVE-2025-28911.json) (`2025-03-26T15:16:16.493`)
- [CVE-2025-28916](CVE-2025/CVE-2025-289xx/CVE-2025-28916.json) (`2025-03-26T15:16:16.653`)
- [CVE-2025-28917](CVE-2025/CVE-2025-289xx/CVE-2025-28917.json) (`2025-03-26T15:16:16.803`)
- [CVE-2025-28921](CVE-2025/CVE-2025-289xx/CVE-2025-28921.json) (`2025-03-26T15:16:16.943`)
- [CVE-2025-28924](CVE-2025/CVE-2025-289xx/CVE-2025-28924.json) (`2025-03-26T15:16:17.100`)
- [CVE-2025-28928](CVE-2025/CVE-2025-289xx/CVE-2025-28928.json) (`2025-03-26T15:16:17.307`)
- [CVE-2025-28934](CVE-2025/CVE-2025-289xx/CVE-2025-28934.json) (`2025-03-26T15:16:17.517`)
- [CVE-2025-28935](CVE-2025/CVE-2025-289xx/CVE-2025-28935.json) (`2025-03-26T15:16:17.727`)
- [CVE-2025-28939](CVE-2025/CVE-2025-289xx/CVE-2025-28939.json) (`2025-03-26T15:16:17.923`)
- [CVE-2025-28942](CVE-2025/CVE-2025-289xx/CVE-2025-28942.json) (`2025-03-26T15:16:18.107`)
- [CVE-2025-30524](CVE-2025/CVE-2025-305xx/CVE-2025-30524.json) (`2025-03-26T15:16:22.580`)
- [CVE-2024-41643](CVE-2024/CVE-2024-416xx/CVE-2024-41643.json) (`2025-03-26T18:15:24.317`)
- [CVE-2025-2499](CVE-2025/CVE-2025-24xx/CVE-2025-2499.json) (`2025-03-26T18:15:25.720`)
- [CVE-2025-2528](CVE-2025/CVE-2025-25xx/CVE-2025-2528.json) (`2025-03-26T18:15:26.020`)
- [CVE-2025-2562](CVE-2025/CVE-2025-25xx/CVE-2025-2562.json) (`2025-03-26T18:15:26.247`)
- [CVE-2025-2600](CVE-2025/CVE-2025-26xx/CVE-2025-2600.json) (`2025-03-26T18:15:26.437`)
- [CVE-2025-27609](CVE-2025/CVE-2025-276xx/CVE-2025-27609.json) (`2025-03-26T17:15:25.877`)
- [CVE-2025-30164](CVE-2025/CVE-2025-301xx/CVE-2025-30164.json) (`2025-03-26T17:15:26.560`)
- [CVE-2025-30217](CVE-2025/CVE-2025-302xx/CVE-2025-30217.json) (`2025-03-26T17:15:26.740`)
- [CVE-2025-30225](CVE-2025/CVE-2025-302xx/CVE-2025-30225.json) (`2025-03-26T17:15:26.917`)
- [CVE-2025-30350](CVE-2025/CVE-2025-303xx/CVE-2025-30350.json) (`2025-03-26T17:15:27.093`)
- [CVE-2025-30351](CVE-2025/CVE-2025-303xx/CVE-2025-30351.json) (`2025-03-26T18:15:26.873`)
- [CVE-2025-30352](CVE-2025/CVE-2025-303xx/CVE-2025-30352.json) (`2025-03-26T18:15:27.080`)
- [CVE-2025-30353](CVE-2025/CVE-2025-303xx/CVE-2025-30353.json) (`2025-03-26T18:15:27.327`)
### CVEs modified in the last Commit
Recently modified CVEs: `102`
Recently modified CVEs: `58`
- [CVE-2024-4149](CVE-2024/CVE-2024-41xx/CVE-2024-4149.json) (`2025-03-26T15:15:52.433`)
- [CVE-2024-41511](CVE-2024/CVE-2024-415xx/CVE-2024-41511.json) (`2025-03-26T15:15:51.120`)
- [CVE-2024-41564](CVE-2024/CVE-2024-415xx/CVE-2024-41564.json) (`2025-03-26T15:15:51.477`)
- [CVE-2024-42616](CVE-2024/CVE-2024-426xx/CVE-2024-42616.json) (`2025-03-26T15:15:51.890`)
- [CVE-2024-48818](CVE-2024/CVE-2024-488xx/CVE-2024-48818.json) (`2025-03-26T15:15:52.140`)
- [CVE-2024-55028](CVE-2024/CVE-2024-550xx/CVE-2024-55028.json) (`2025-03-26T15:15:52.693`)
- [CVE-2024-55030](CVE-2024/CVE-2024-550xx/CVE-2024-55030.json) (`2025-03-26T15:15:52.960`)
- [CVE-2024-7806](CVE-2024/CVE-2024-78xx/CVE-2024-7806.json) (`2025-03-26T16:46:35.783`)
- [CVE-2024-8021](CVE-2024/CVE-2024-80xx/CVE-2024-8021.json) (`2025-03-26T16:39:28.747`)
- [CVE-2024-8026](CVE-2024/CVE-2024-80xx/CVE-2024-8026.json) (`2025-03-26T16:26:39.410`)
- [CVE-2024-8053](CVE-2024/CVE-2024-80xx/CVE-2024-8053.json) (`2025-03-26T16:18:07.887`)
- [CVE-2024-8062](CVE-2024/CVE-2024-80xx/CVE-2024-8062.json) (`2025-03-26T16:10:51.357`)
- [CVE-2025-1413](CVE-2025/CVE-2025-14xx/CVE-2025-1413.json) (`2025-03-26T16:15:20.833`)
- [CVE-2025-24808](CVE-2025/CVE-2025-248xx/CVE-2025-24808.json) (`2025-03-26T15:16:07.630`)
- [CVE-2025-25373](CVE-2025/CVE-2025-253xx/CVE-2025-25373.json) (`2025-03-26T15:16:08.443`)
- [CVE-2025-2652](CVE-2025/CVE-2025-26xx/CVE-2025-2652.json) (`2025-03-26T15:16:11.270`)
- [CVE-2025-2691](CVE-2025/CVE-2025-26xx/CVE-2025-2691.json) (`2025-03-26T15:06:35.310`)
- [CVE-2025-27553](CVE-2025/CVE-2025-275xx/CVE-2025-27553.json) (`2025-03-26T15:22:59.280`)
- [CVE-2025-29100](CVE-2025/CVE-2025-291xx/CVE-2025-29100.json) (`2025-03-26T15:16:18.333`)
- [CVE-2025-29135](CVE-2025/CVE-2025-291xx/CVE-2025-29135.json) (`2025-03-26T15:16:20.343`)
- [CVE-2025-29310](CVE-2025/CVE-2025-293xx/CVE-2025-29310.json) (`2025-03-26T15:16:20.583`)
- [CVE-2025-29311](CVE-2025/CVE-2025-293xx/CVE-2025-29311.json) (`2025-03-26T15:16:20.817`)
- [CVE-2025-29312](CVE-2025/CVE-2025-293xx/CVE-2025-29312.json) (`2025-03-26T15:16:21.063`)
- [CVE-2025-29315](CVE-2025/CVE-2025-293xx/CVE-2025-29315.json) (`2025-03-26T15:16:21.323`)
- [CVE-2025-30118](CVE-2025/CVE-2025-301xx/CVE-2025-30118.json) (`2025-03-26T15:16:22.327`)
- [CVE-2024-13921](CVE-2024/CVE-2024-139xx/CVE-2024-13921.json) (`2025-03-26T17:49:09.037`)
- [CVE-2024-13922](CVE-2024/CVE-2024-139xx/CVE-2024-13922.json) (`2025-03-26T18:05:29.983`)
- [CVE-2024-13923](CVE-2024/CVE-2024-139xx/CVE-2024-13923.json) (`2025-03-26T18:18:32.280`)
- [CVE-2024-2322](CVE-2024/CVE-2024-23xx/CVE-2024-2322.json) (`2025-03-26T18:15:23.890`)
- [CVE-2024-26309](CVE-2024/CVE-2024-263xx/CVE-2024-26309.json) (`2025-03-26T17:15:24.067`)
- [CVE-2024-27632](CVE-2024/CVE-2024-276xx/CVE-2024-27632.json) (`2025-03-26T17:15:24.263`)
- [CVE-2024-27823](CVE-2024/CVE-2024-278xx/CVE-2024-27823.json) (`2025-03-26T17:15:24.463`)
- [CVE-2024-34529](CVE-2024/CVE-2024-345xx/CVE-2024-34529.json) (`2025-03-26T17:15:24.770`)
- [CVE-2024-40803](CVE-2024/CVE-2024-408xx/CVE-2024-40803.json) (`2025-03-26T17:15:24.990`)
- [CVE-2024-4382](CVE-2024/CVE-2024-43xx/CVE-2024-4382.json) (`2025-03-26T17:15:25.243`)
- [CVE-2024-7773](CVE-2024/CVE-2024-77xx/CVE-2024-7773.json) (`2025-03-26T17:27:56.490`)
- [CVE-2024-7776](CVE-2024/CVE-2024-77xx/CVE-2024-7776.json) (`2025-03-26T17:20:27.680`)
- [CVE-2024-9880](CVE-2024/CVE-2024-98xx/CVE-2024-9880.json) (`2025-03-26T17:15:25.453`)
- [CVE-2025-1802](CVE-2025/CVE-2025-18xx/CVE-2025-1802.json) (`2025-03-26T18:22:17.850`)
- [CVE-2025-1936](CVE-2025/CVE-2025-19xx/CVE-2025-1936.json) (`2025-03-26T17:15:25.527`)
- [CVE-2025-2618](CVE-2025/CVE-2025-26xx/CVE-2025-2618.json) (`2025-03-26T18:48:51.253`)
- [CVE-2025-2619](CVE-2025/CVE-2025-26xx/CVE-2025-2619.json) (`2025-03-26T18:46:06.633`)
- [CVE-2025-2620](CVE-2025/CVE-2025-26xx/CVE-2025-2620.json) (`2025-03-26T18:44:24.017`)
- [CVE-2025-2621](CVE-2025/CVE-2025-26xx/CVE-2025-2621.json) (`2025-03-26T18:43:08.013`)
- [CVE-2025-2622](CVE-2025/CVE-2025-26xx/CVE-2025-2622.json) (`2025-03-26T18:38:53.113`)
- [CVE-2025-2623](CVE-2025/CVE-2025-26xx/CVE-2025-2623.json) (`2025-03-26T18:29:45.483`)
- [CVE-2025-2624](CVE-2025/CVE-2025-26xx/CVE-2025-2624.json) (`2025-03-26T18:26:27.147`)
- [CVE-2025-2783](CVE-2025/CVE-2025-27xx/CVE-2025-2783.json) (`2025-03-26T17:15:26.237`)
- [CVE-2025-2825](CVE-2025/CVE-2025-28xx/CVE-2025-2825.json) (`2025-03-26T17:15:26.410`)
- [CVE-2025-29218](CVE-2025/CVE-2025-292xx/CVE-2025-29218.json) (`2025-03-26T18:23:20.987`)
## Download and Usage

501
_state.csv
View File

File diff suppressed because it is too large Load Diff