From 36325f26fc2cea2103a09f2067b3050adfb29037 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Wed, 2 Jul 2025 10:03:46 +0000 Subject: [PATCH] Auto-Update: 2025-07-02T10:00:11.498527+00:00 --- CVE-2024/CVE-2024-454xx/CVE-2024-45497.json | 6 ++- CVE-2024/CVE-2024-86xx/CVE-2024-8676.json | 6 ++- CVE-2025/CVE-2025-243xx/CVE-2025-24328.json | 25 +++++++++++ CVE-2025/CVE-2025-243xx/CVE-2025-24329.json | 21 +++++++++ CVE-2025/CVE-2025-243xx/CVE-2025-24330.json | 21 +++++++++ CVE-2025/CVE-2025-243xx/CVE-2025-24331.json | 21 +++++++++ CVE-2025/CVE-2025-243xx/CVE-2025-24332.json | 21 +++++++++ CVE-2025/CVE-2025-243xx/CVE-2025-24333.json | 21 +++++++++ CVE-2025/CVE-2025-243xx/CVE-2025-24334.json | 21 +++++++++ CVE-2025/CVE-2025-243xx/CVE-2025-24335.json | 21 +++++++++ CVE-2025/CVE-2025-270xx/CVE-2025-27021.json | 48 +++++++++++++++++++++ CVE-2025/CVE-2025-270xx/CVE-2025-27022.json | 48 +++++++++++++++++++++ CVE-2025/CVE-2025-527xx/CVE-2025-52711.json | 6 +-- CVE-2025/CVE-2025-60xx/CVE-2025-6020.json | 6 ++- CVE-2025/CVE-2025-60xx/CVE-2025-6032.json | 10 ++++- README.md | 30 ++++++++----- _state.csv | 30 ++++++++----- 17 files changed, 335 insertions(+), 27 deletions(-) create mode 100644 CVE-2025/CVE-2025-243xx/CVE-2025-24328.json create mode 100644 CVE-2025/CVE-2025-243xx/CVE-2025-24329.json create mode 100644 CVE-2025/CVE-2025-243xx/CVE-2025-24330.json create mode 100644 CVE-2025/CVE-2025-243xx/CVE-2025-24331.json create mode 100644 CVE-2025/CVE-2025-243xx/CVE-2025-24332.json create mode 100644 CVE-2025/CVE-2025-243xx/CVE-2025-24333.json create mode 100644 CVE-2025/CVE-2025-243xx/CVE-2025-24334.json create mode 100644 CVE-2025/CVE-2025-243xx/CVE-2025-24335.json create mode 100644 CVE-2025/CVE-2025-270xx/CVE-2025-27021.json create mode 100644 CVE-2025/CVE-2025-270xx/CVE-2025-27022.json diff --git a/CVE-2024/CVE-2024-454xx/CVE-2024-45497.json b/CVE-2024/CVE-2024-454xx/CVE-2024-45497.json index 7b07462d98d..e403c891068 100644 --- a/CVE-2024/CVE-2024-454xx/CVE-2024-45497.json +++ b/CVE-2024/CVE-2024-454xx/CVE-2024-45497.json @@ -2,7 +2,7 @@ "id": "CVE-2024-45497", "sourceIdentifier": "secalert@redhat.com", "published": "2024-12-31T03:15:05.543", - "lastModified": "2025-06-26T01:15:20.083", + "lastModified": "2025-07-02T09:15:23.290", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -56,6 +56,10 @@ "url": "https://access.redhat.com/errata/RHSA-2025:9269", "source": "secalert@redhat.com" }, + { + "url": "https://access.redhat.com/errata/RHSA-2025:9765", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2024-45497", "source": "secalert@redhat.com" diff --git a/CVE-2024/CVE-2024-86xx/CVE-2024-8676.json b/CVE-2024/CVE-2024-86xx/CVE-2024-8676.json index 88b71cced8f..186e698ad80 100644 --- a/CVE-2024/CVE-2024-86xx/CVE-2024-8676.json +++ b/CVE-2024/CVE-2024-86xx/CVE-2024-8676.json @@ -2,7 +2,7 @@ "id": "CVE-2024-8676", "sourceIdentifier": "secalert@redhat.com", "published": "2024-11-26T20:15:34.260", - "lastModified": "2025-05-01T08:15:16.693", + "lastModified": "2025-07-02T09:15:24.243", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -72,6 +72,10 @@ "url": "https://access.redhat.com/errata/RHSA-2025:4211", "source": "secalert@redhat.com" }, + { + "url": "https://access.redhat.com/errata/RHSA-2025:9765", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2024-8676", "source": "secalert@redhat.com" diff --git a/CVE-2025/CVE-2025-243xx/CVE-2025-24328.json b/CVE-2025/CVE-2025-243xx/CVE-2025-24328.json new file mode 100644 index 00000000000..8ffb8591821 --- /dev/null +++ b/CVE-2025/CVE-2025-243xx/CVE-2025-24328.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2025-24328", + "sourceIdentifier": "b48c3b8f-639e-4c16-8725-497bc411dad0", + "published": "2025-07-02T08:15:21.477", + "lastModified": "2025-07-02T08:15:21.477", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Sending a crafted SOAP \"set\" operation message within the Mobile Network Operator (MNO) internal Radio Access Network (RAN) management network can cause Nokia Single RAN baseband OAM service component restart with software versions earlier than release 24R1-SR 1.0 MP. This issue has been corrected to release 24R1-SR 1.0 MP and later.\n\nThe OAM service component restarts automatically after the stack overflow without causing a base station restart or network service degradation, and without leaving any permanent impact on the Nokia Single RAN baseband OAM service." + }, + { + "lang": "es", + "value": "El env\u00edo de un mensaje de operaci\u00f3n SOAP \"set\" manipulado dentro de la red de gesti\u00f3n de la Red de Acceso Radio (RAN) interna del Operador de Red M\u00f3vil (MNO) puede provocar el reinicio del componente del servicio OAM de banda base de Nokia Single RAN con versiones de software anteriores a la versi\u00f3n 24R1-SR 1.0 MP. Este problema se ha corregido para la versi\u00f3n 24R1-SR 1.0 MP y posteriores. El componente del servicio OAM se reinicia autom\u00e1ticamente tras el desbordamiento de pila sin provocar el reinicio de la estaci\u00f3n base ni la degradaci\u00f3n del servicio de red, ni un impacto permanente en el servicio OAM de banda base de Nokia Single RAN." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.nokia.com/about-us/security-and-privacy/product-security-advisory/cve-2025-24328/", + "source": "b48c3b8f-639e-4c16-8725-497bc411dad0" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-243xx/CVE-2025-24329.json b/CVE-2025/CVE-2025-243xx/CVE-2025-24329.json new file mode 100644 index 00000000000..c99369af58d --- /dev/null +++ b/CVE-2025/CVE-2025-243xx/CVE-2025-24329.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2025-24329", + "sourceIdentifier": "b48c3b8f-639e-4c16-8725-497bc411dad0", + "published": "2025-07-02T09:15:24.390", + "lastModified": "2025-07-02T09:15:24.390", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Sending a crafted SOAP \"provision\" operation message archive field within the Mobile Network Operator (MNO) internal Radio Access Network (RAN) management network can cause path traversal issue in Nokia Single RAN baseband software with versions earlier than release 24R1-SR 1.0 MP. This issue has been corrected to release 24R1-SR 1.0 MP and later.\n\nBeginning with release 24R1-SR 1.0 MP, the OAM service software utilizes libarchive APIs with security options enabled, effectively mitigating the reported path traversal issue." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.nokia.com/about-us/security-and-privacy/product-security-advisory/cve-2025-24329/", + "source": "b48c3b8f-639e-4c16-8725-497bc411dad0" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-243xx/CVE-2025-24330.json b/CVE-2025/CVE-2025-243xx/CVE-2025-24330.json new file mode 100644 index 00000000000..1e334a4baed --- /dev/null +++ b/CVE-2025/CVE-2025-243xx/CVE-2025-24330.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2025-24330", + "sourceIdentifier": "b48c3b8f-639e-4c16-8725-497bc411dad0", + "published": "2025-07-02T09:15:24.500", + "lastModified": "2025-07-02T09:15:24.500", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Sending a crafted SOAP \"provision\" operation message PlanId field within the Mobile Network Operator (MNO) internal Radio Access Network (RAN) management network can cause path traversal issue in Nokia Single RAN baseband software with versions earlier than release 24R1-SR 1.0 MP. This issue has been corrected to release 24R1-SR 1.0 MP and later.\n\nBeginning with release 24R1-SR 1.0 MP, the OAM service software performed PlanId field input validations mitigate the reported path traversal issue." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.nokia.com/about-us/security-and-privacy/product-security-advisory/cve-2025-24330/", + "source": "b48c3b8f-639e-4c16-8725-497bc411dad0" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-243xx/CVE-2025-24331.json b/CVE-2025/CVE-2025-243xx/CVE-2025-24331.json new file mode 100644 index 00000000000..40994852f26 --- /dev/null +++ b/CVE-2025/CVE-2025-243xx/CVE-2025-24331.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2025-24331", + "sourceIdentifier": "b48c3b8f-639e-4c16-8725-497bc411dad0", + "published": "2025-07-02T09:15:24.597", + "lastModified": "2025-07-02T09:15:24.597", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Single RAN baseband OAM service is intended to run as an unprivileged service. However, it initially starts with root privileges and assigns certain capabilities before dropping to an unprivileged level. The capabilities retained from the root period are considered extensive after the privilege drop and, in theory, could potentially allow actions beyond the intended scope of the OAM service. These actions could include gaining root privileges, accessing root-owned files, modifying them as the file owner, and then returning them to root ownership. This issue has been corrected starting from release 24R1-SR 0.2 MP and later.\n\nBeginning with release 24R1-SR 0.2 MP, the OAM service software capabilities are restricted to the minimum necessary." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.nokia.com/about-us/security-and-privacy/product-security-advisory/cve-2025-24331/", + "source": "b48c3b8f-639e-4c16-8725-497bc411dad0" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-243xx/CVE-2025-24332.json b/CVE-2025/CVE-2025-243xx/CVE-2025-24332.json new file mode 100644 index 00000000000..9d9a3877d08 --- /dev/null +++ b/CVE-2025/CVE-2025-243xx/CVE-2025-24332.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2025-24332", + "sourceIdentifier": "b48c3b8f-639e-4c16-8725-497bc411dad0", + "published": "2025-07-02T09:15:24.703", + "lastModified": "2025-07-02T09:15:24.703", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Nokia Single RAN AirScale baseband allows an authenticated administrative user access to all physical boards after performing a single login to the baseband system board. The baseband does not re-authenticate the user when they connect from the baseband system board to the baseband capacity boards using the internal bsoc SSH service, which is available only internally within the baseband and through the internal backplane between the boards. The bsoc SSH allows login from one board to another via the baseband internal backplane using an SSH private key present on the baseband system board.\n\nThis bsoc SSH capability was previously considered an administrative functionality but has now been restricted to be available only to baseband root-privileged administrators. This restriction mitigates the possibility of misuse with lower-level privileges (e.g., from baseband software images). This mitigation is included starting from release 23R4-SR 3.0 MP and later" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.nokia.com/about-us/security-and-privacy/product-security-advisory/cve-2025-24332/", + "source": "b48c3b8f-639e-4c16-8725-497bc411dad0" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-243xx/CVE-2025-24333.json b/CVE-2025/CVE-2025-243xx/CVE-2025-24333.json new file mode 100644 index 00000000000..8c6c54177e2 --- /dev/null +++ b/CVE-2025/CVE-2025-243xx/CVE-2025-24333.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2025-24333", + "sourceIdentifier": "b48c3b8f-639e-4c16-8725-497bc411dad0", + "published": "2025-07-02T09:15:24.800", + "lastModified": "2025-07-02T09:15:24.800", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Nokia Single RAN baseband software earlier than 24R1-SR 1.0 MP contains administrative shell input validation fault, which authenticated admin user can, in theory, potentially use for injecting arbitrary commands for unprivileged baseband OAM service process execution via special characters added to baseband internal COMA_config.xml file.\n\nThis issue has been corrected starting from release 24R1-SR 1.0 MP and later, by adding proper input validation to OAM service process which prevents injecting special characters via baseband internal COMA_config.xml file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.nokia.com/about-us/security-and-privacy/product-security-advisory/cve-2025-24333/", + "source": "b48c3b8f-639e-4c16-8725-497bc411dad0" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-243xx/CVE-2025-24334.json b/CVE-2025/CVE-2025-243xx/CVE-2025-24334.json new file mode 100644 index 00000000000..06c065131f3 --- /dev/null +++ b/CVE-2025/CVE-2025-243xx/CVE-2025-24334.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2025-24334", + "sourceIdentifier": "b48c3b8f-639e-4c16-8725-497bc411dad0", + "published": "2025-07-02T09:15:24.910", + "lastModified": "2025-07-02T09:15:24.910", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Nokia Single RAN baseband software earlier than 23R2-SR 1.0 MP can be made to reveal the exact software release version by sending a specific HTTP POST request through the Mobile Network Operator (MNO) internal RAN management network." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.nokia.com/about-us/security-and-privacy/product-security-advisory/cve-2025-24334/", + "source": "b48c3b8f-639e-4c16-8725-497bc411dad0" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-243xx/CVE-2025-24335.json b/CVE-2025/CVE-2025-243xx/CVE-2025-24335.json new file mode 100644 index 00000000000..33dcdf91887 --- /dev/null +++ b/CVE-2025/CVE-2025-243xx/CVE-2025-24335.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2025-24335", + "sourceIdentifier": "b48c3b8f-639e-4c16-8725-497bc411dad0", + "published": "2025-07-02T09:15:25.010", + "lastModified": "2025-07-02T09:15:25.010", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Nokia Single RAN baseband software versions earlier than 24R1-SR 2.1 MP contain a SOAP message input validation flaw, which in theory could potentially be used for causing resource exhaustion in the Single RAN baseband OAM service.\n\nNo practical exploit has been detected for this flaw. However, the issue has been corrected starting from release 24R1-SR 2.1 MP by adding sufficient input validation for received SOAP requests, effectively mitigating the reported issue." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.nokia.com/about-us/security-and-privacy/product-security-advisory/cve-2025-24335/", + "source": "b48c3b8f-639e-4c16-8725-497bc411dad0" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-270xx/CVE-2025-27021.json b/CVE-2025/CVE-2025-270xx/CVE-2025-27021.json new file mode 100644 index 00000000000..088e8ca577d --- /dev/null +++ b/CVE-2025/CVE-2025-270xx/CVE-2025-27021.json @@ -0,0 +1,48 @@ +{ + "id": "CVE-2025-27021", + "sourceIdentifier": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158", + "published": "2025-07-02T09:15:25.117", + "lastModified": "2025-07-02T09:15:25.117", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The misconfiguration in the sudoers configuration of the operating system in\n Infinera G42 version R6.1.3 allows low privileged OS users to \nread/write physical memory via devmem command line tool. \nThis could \nallow sensitive information disclosure, denial of service, and privilege \nescalation by tampering with kernel memory.\n\n\nDetails: The output of \"sudo -l\" reports the presence of \"devmem\" command \nexecutable as super user without using a password. This command allows \nto read and write an arbitrary memory area of the target device, \nspecifying an absolute address." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.0, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.0, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://euvd.enisa.europa.eu/vulnerability/CVE-2025-27021", + "source": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158" + }, + { + "url": "https://www.cvcn.gov.it/cvcn/cve/CVE-2025-27021", + "source": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-270xx/CVE-2025-27022.json b/CVE-2025/CVE-2025-270xx/CVE-2025-27022.json new file mode 100644 index 00000000000..b60ff7fb465 --- /dev/null +++ b/CVE-2025/CVE-2025-270xx/CVE-2025-27022.json @@ -0,0 +1,48 @@ +{ + "id": "CVE-2025-27022", + "sourceIdentifier": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158", + "published": "2025-07-02T09:15:25.290", + "lastModified": "2025-07-02T09:15:25.290", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Path traversal in WebGUI HTTP endpoint in Infinera G42 version R6.1.3 \nallows remote authenticated users to download all OS files via HTTP \nrequests.\n\n\nDetails: \n\nLack or insufficient validation of user-supplied input allows \nauthenticated users to access all files on the target machine file \nsystem that are readable to the user account used to run the httpd \nservice." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "references": [ + { + "url": "https://euvd.enisa.europa.eu/vulnerability/CVE-2025-27022", + "source": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158" + }, + { + "url": "https://www.cvcn.gov.it/cvcn/cve/CVE-2025-27022", + "source": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-527xx/CVE-2025-52711.json b/CVE-2025/CVE-2025-527xx/CVE-2025-52711.json index a49253ced2a..ce3c6720b01 100644 --- a/CVE-2025/CVE-2025-527xx/CVE-2025-52711.json +++ b/CVE-2025/CVE-2025-527xx/CVE-2025-52711.json @@ -2,13 +2,13 @@ "id": "CVE-2025-52711", "sourceIdentifier": "audit@patchstack.com", "published": "2025-06-20T15:15:32.353", - "lastModified": "2025-06-23T20:16:40.143", + "lastModified": "2025-07-02T09:15:25.423", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Cross-Site Request Forgery (CSRF) vulnerability in BoldGrid Post and Page Builder by BoldGrid \u2013 Visual Drag and Drop Editor allows Cross Site Request Forgery. This issue affects Post and Page Builder by BoldGrid \u2013 Visual Drag and Drop Editor: from n/a through 1.27.8." + "value": "Cross-Site Request Forgery (CSRF) vulnerability in BoldGrid Post and Page Builder by BoldGrid \u2013 Visual Drag and Drop Editor allows Cross Site Request Forgery.This issue affects Post and Page Builder by BoldGrid \u2013 Visual Drag and Drop Editor: from n/a through 1.27.8." }, { "lang": "es", @@ -42,7 +42,7 @@ "weaknesses": [ { "source": "audit@patchstack.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2025/CVE-2025-60xx/CVE-2025-6020.json b/CVE-2025/CVE-2025-60xx/CVE-2025-6020.json index 4fc0fa8344b..67520510384 100644 --- a/CVE-2025/CVE-2025-60xx/CVE-2025-6020.json +++ b/CVE-2025/CVE-2025-60xx/CVE-2025-6020.json @@ -2,7 +2,7 @@ "id": "CVE-2025-6020", "sourceIdentifier": "secalert@redhat.com", "published": "2025-06-17T13:15:21.660", - "lastModified": "2025-07-01T20:15:27.190", + "lastModified": "2025-07-02T08:15:22.410", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -60,6 +60,10 @@ "url": "https://access.redhat.com/errata/RHSA-2025:10027", "source": "secalert@redhat.com" }, + { + "url": "https://access.redhat.com/errata/RHSA-2025:10180", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/errata/RHSA-2025:9526", "source": "secalert@redhat.com" diff --git a/CVE-2025/CVE-2025-60xx/CVE-2025-6032.json b/CVE-2025/CVE-2025-60xx/CVE-2025-6032.json index eaf809c2257..e707657107b 100644 --- a/CVE-2025/CVE-2025-60xx/CVE-2025-6032.json +++ b/CVE-2025/CVE-2025-60xx/CVE-2025-6032.json @@ -2,7 +2,7 @@ "id": "CVE-2025-6032", "sourceIdentifier": "secalert@redhat.com", "published": "2025-06-24T14:15:30.703", - "lastModified": "2025-07-01T08:15:24.757", + "lastModified": "2025-07-02T08:15:57.507", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -52,10 +52,18 @@ } ], "references": [ + { + "url": "https://access.redhat.com/errata/RHSA-2025:9726", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/errata/RHSA-2025:9751", "source": "secalert@redhat.com" }, + { + "url": "https://access.redhat.com/errata/RHSA-2025:9766", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2025-6032", "source": "secalert@redhat.com" diff --git a/README.md b/README.md index 25def087f7f..3a88a6d6a48 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-07-02T08:00:15.964576+00:00 +2025-07-02T10:00:11.498527+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-07-02T07:15:23.493000+00:00 +2025-07-02T09:15:25.423000+00:00 ``` ### Last Data Feed Release @@ -33,24 +33,34 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -300037 +300047 ``` ### CVEs added in the last Commit -Recently added CVEs: `4` +Recently added CVEs: `10` -- [CVE-2024-13451](CVE-2024/CVE-2024-134xx/CVE-2024-13451.json) (`2025-07-02T06:15:22.630`) -- [CVE-2024-13786](CVE-2024/CVE-2024-137xx/CVE-2024-13786.json) (`2025-07-02T07:15:22.857`) -- [CVE-2025-6017](CVE-2025/CVE-2025-60xx/CVE-2025-6017.json) (`2025-07-02T07:15:23.293`) -- [CVE-2025-6464](CVE-2025/CVE-2025-64xx/CVE-2025-6464.json) (`2025-07-02T06:15:23.520`) +- [CVE-2025-24328](CVE-2025/CVE-2025-243xx/CVE-2025-24328.json) (`2025-07-02T08:15:21.477`) +- [CVE-2025-24329](CVE-2025/CVE-2025-243xx/CVE-2025-24329.json) (`2025-07-02T09:15:24.390`) +- [CVE-2025-24330](CVE-2025/CVE-2025-243xx/CVE-2025-24330.json) (`2025-07-02T09:15:24.500`) +- [CVE-2025-24331](CVE-2025/CVE-2025-243xx/CVE-2025-24331.json) (`2025-07-02T09:15:24.597`) +- [CVE-2025-24332](CVE-2025/CVE-2025-243xx/CVE-2025-24332.json) (`2025-07-02T09:15:24.703`) +- [CVE-2025-24333](CVE-2025/CVE-2025-243xx/CVE-2025-24333.json) (`2025-07-02T09:15:24.800`) +- [CVE-2025-24334](CVE-2025/CVE-2025-243xx/CVE-2025-24334.json) (`2025-07-02T09:15:24.910`) +- [CVE-2025-24335](CVE-2025/CVE-2025-243xx/CVE-2025-24335.json) (`2025-07-02T09:15:25.010`) +- [CVE-2025-27021](CVE-2025/CVE-2025-270xx/CVE-2025-27021.json) (`2025-07-02T09:15:25.117`) +- [CVE-2025-27022](CVE-2025/CVE-2025-270xx/CVE-2025-27022.json) (`2025-07-02T09:15:25.290`) ### CVEs modified in the last Commit -Recently modified CVEs: `1` +Recently modified CVEs: `5` -- [CVE-2025-6705](CVE-2025/CVE-2025-67xx/CVE-2025-6705.json) (`2025-07-02T07:15:23.493`) +- [CVE-2024-45497](CVE-2024/CVE-2024-454xx/CVE-2024-45497.json) (`2025-07-02T09:15:23.290`) +- [CVE-2024-8676](CVE-2024/CVE-2024-86xx/CVE-2024-8676.json) (`2025-07-02T09:15:24.243`) +- [CVE-2025-52711](CVE-2025/CVE-2025-527xx/CVE-2025-52711.json) (`2025-07-02T09:15:25.423`) +- [CVE-2025-6020](CVE-2025/CVE-2025-60xx/CVE-2025-6020.json) (`2025-07-02T08:15:22.410`) +- [CVE-2025-6032](CVE-2025/CVE-2025-60xx/CVE-2025-6032.json) (`2025-07-02T08:15:57.507`) ## Download and Usage diff --git a/_state.csv b/_state.csv index db289abdd87..0cd882eda2a 100644 --- a/_state.csv +++ b/_state.csv @@ -248971,7 +248971,7 @@ CVE-2024-13448,0,0,99bef776585fb11dba8e8ef9f028b4f3c7371956a91f9b56a4977bbe471e6 CVE-2024-13449,0,0,52b88677fd423c43b44e149505ef75bf01f315f780529f08af2d104c0e8e8913,2025-02-04T18:12:53.713000 CVE-2024-1345,0,0,b705c881b64934a656687f4bb2d7ed2b74763da5751afa84b0b2fd5eae033431,2025-03-24T17:12:18.113000 CVE-2024-13450,0,0,43fcdfa95c84c4f9958bcf0ed96f0c3b1c10185c108adb08c789dbe5f2feb02b,2025-02-04T20:48:58 -CVE-2024-13451,1,1,ee642ba22d2b21c3215470ca49dbbf8939427185455c37887a14fc29e9944a42,2025-07-02T06:15:22.630000 +CVE-2024-13451,0,0,ee642ba22d2b21c3215470ca49dbbf8939427185455c37887a14fc29e9944a42,2025-07-02T06:15:22.630000 CVE-2024-13452,0,0,d34dc6261a25765dcd9b4a870b6e0b9f5cf10581b9911f2a574e3c38c272d73c,2025-04-16T13:25:37.340000 CVE-2024-13453,0,0,e64fc58d83e3540bb01a99edb8cd9df274ae0c7a0249b0fd357ec05d1fc54281,2025-02-18T19:15:13.770000 CVE-2024-13454,0,0,14313d18c59abf0795f9e65c924b2232675b3f5fcf8c69fe1d32af5f5cac5a65,2025-01-21T20:15:30.793000 @@ -249323,7 +249323,7 @@ CVE-2024-1378,0,0,041aa523b6aa5691bc95edbf2c3845e6125399d35aa90aa412089416e101b8 CVE-2024-13780,0,0,9fade2e92a194c6d1c1d55729fb4b3bacb736f94c006c5bee75aab65d23f2430,2025-03-05T10:15:16.513000 CVE-2024-13781,0,0,55b434da390091121d3d513d1001af7581c49a5184e304eb6431dc22698b902a,2025-03-13T17:45:04.640000 CVE-2024-13783,0,0,4d1adc087edd34d52079e199658ef345cbd94c9c74350c99493fda1d34bf23f7,2025-02-21T12:19:42.537000 -CVE-2024-13786,1,1,cb6c6d72e66c1e4d8bb1f6b3aa431130f38c67033fa24416b67ce87aee0fd7ba,2025-07-02T07:15:22.857000 +CVE-2024-13786,0,0,cb6c6d72e66c1e4d8bb1f6b3aa431130f38c67033fa24416b67ce87aee0fd7ba,2025-07-02T07:15:22.857000 CVE-2024-13787,0,0,0eff21fc23493e01651531789dedbb01e9f9791c6b2318877412ee79834420bc,2025-03-05T10:15:16.810000 CVE-2024-13789,0,0,2b0af9ac1cf71402f1bdf617ac72ff1dc3e5b91a3734626a9c4e88889f4b7dad,2025-02-25T20:56:25.757000 CVE-2024-1379,0,0,329b3b08765a69102416ab28d875ef22ab72660cea0367e0a1a6768dc9317682,2025-03-24T14:48:13.980000 @@ -270024,7 +270024,7 @@ CVE-2024-45493,0,0,63ded12e1cce66753793ae82bef6c61efd91f10fe98a5bd1c054c3ddfbe0b CVE-2024-45494,0,0,e62b8176d74731dfdb1c9ebc3d4575fcabd14aac12deeb9776633eac1b50aecb,2024-12-17T19:15:06.497000 CVE-2024-45495,0,0,052cbd46ff58a2733b006c164c39180c42ff3c9c0f05edf173b6ee70b661cd18,2024-12-04T17:15:14.537000 CVE-2024-45496,0,0,f647c5447ed213c353caf91ddf707bc78331ddddcd98c233146cc0a0d9ee301a,2025-01-09T09:15:07.600000 -CVE-2024-45497,0,0,15a69b199522691c8781b1273e413826a6ff0aa74ebc9b35334fa99141f1eb3d,2025-06-26T01:15:20.083000 +CVE-2024-45497,0,1,53a7f15546741074e12fdf12aa0db1b6ceecb91ed174d672eb3ba1967d3337c3,2025-07-02T09:15:23.290000 CVE-2024-45498,0,0,1b37b8abea607b55d06bdeca0f52a798741defd10e0d0992aaa1892048a4a705,2025-06-03T21:12:43.280000 CVE-2024-4550,0,0,d020c2baa57a4c8c78c6437cdbbe1c555a0bddf99dab5627801ef1d8b20c6e80,2024-09-14T11:47:14.677000 CVE-2024-45504,0,0,117e3b0ea98f4e26734959281e27af071785e94eccc716f5288207bae003b1cf,2024-11-04T21:35:09.173000 @@ -281599,7 +281599,7 @@ CVE-2024-8672,0,0,a15444b342cb51704c6035355a8239e8b1581fa22931a6c667330f1628aeb3 CVE-2024-8673,0,0,14e6fb540bdc9b90fe3eebc9b2a0836035130b22f32a5d32860491af709458cc,2025-05-28T15:42:17.150000 CVE-2024-8674,0,0,346b5859dd79895a03165d24e9b602a990cf40990eacbe9188550aceade5c799,2025-02-11T02:15:36.413000 CVE-2024-8675,0,0,d4603b0787f1359762182dfd0b6464a7217287d096015439ee3a45da5ea12b68,2024-10-04T13:51:25.567000 -CVE-2024-8676,0,0,ea5c627a6f59b47a0514523c89ae44a68f1f6d83badbe10c427a6f3f39e4ba83,2025-05-01T08:15:16.693000 +CVE-2024-8676,0,1,b0a89bafe853f4ccd02cff382ce8143cd13a11f3baf494e34c4c7c21d9ab804a,2025-07-02T09:15:24.243000 CVE-2024-8677,0,0,60f0fdd7af95bdac2c0e1884d42dbe76c9ab4cea5844c97ea5bb9aa452948afc,2025-02-11T02:15:36.463000 CVE-2024-8678,0,0,c9f19131bded613da0c19c1444b8e8a8b9cc51fc5c1cf15447ee67809c6ea12c,2024-10-02T19:06:48.983000 CVE-2024-8679,0,0,2b814e408085282aa43a44f419617020b8c9c8c614fcd1f864e869f9853d89cd,2024-12-07T02:15:19.457000 @@ -287884,6 +287884,14 @@ CVE-2025-24318,0,0,45737d4f27e86b0669543a856f157a50a0c8a223d43ce9658341d0666e6cb CVE-2025-24319,0,0,9187be60b0cac196c7936aff1f9769e0582f5aeeb7750ad9a385d1c3e1292585,2025-02-05T18:15:34.557000 CVE-2025-24320,0,0,22204bebd126ec0b8efa20c54300c5d2c2817352b294d53c5a23f29d2ef87e4f,2025-02-05T18:15:34.960000 CVE-2025-24326,0,0,dd13af4709b7b17ac448c947eb2606b60fddc8b7e04055280df591b39ac70dcf,2025-02-05T18:15:35.420000 +CVE-2025-24328,1,1,73375da6816f543bb187e8a639ac925318c5ebfdf1309923e786f3b68237ec24,2025-07-02T08:15:21.477000 +CVE-2025-24329,1,1,c0f88c99c04bcb5f05c73a9c28ad35fbdb6dbd59fa46b0dab0b5e941dc9eb9b7,2025-07-02T09:15:24.390000 +CVE-2025-24330,1,1,e821d88b90f13ab4a0ead18636efd9c4429bc30f74732e01d8abd5060568fa9b,2025-07-02T09:15:24.500000 +CVE-2025-24331,1,1,cb38452889e615338e8b3ae4e7e66d51804d25d730300641143d80651f55c18f,2025-07-02T09:15:24.597000 +CVE-2025-24332,1,1,6a0299b4d1f863604c0e3cda2b0b40f00a5fec36948a87b8f6c836e3f3fdaa37,2025-07-02T09:15:24.703000 +CVE-2025-24333,1,1,57f26a1ff808fe742d25ee7ba1fe0994d218d1488c336462d0a314807233df58,2025-07-02T09:15:24.800000 +CVE-2025-24334,1,1,a3daf8cb13297269aa016817b886e46a279dd2a832aadb0291054d9d3260d457,2025-07-02T09:15:24.910000 +CVE-2025-24335,1,1,800c296970655e93bc42cfd04f539c2776ce39380a897124ce5577762708166a,2025-07-02T09:15:25.010000 CVE-2025-24336,0,0,0c1fb43f965e1337be57c1e176a52234211acbdc43cd0f3b53a81b279dc7a08b,2025-01-31T00:15:20.607000 CVE-2025-24337,0,0,909a943b00c8b637d3fed5ce70273699981b2448e37e3c32ed1614924942542d,2025-01-20T14:15:27.130000 CVE-2025-24338,0,0,51f28d610d07735df33e6021354d3cf76a5c16844d5e9f6d78a9656ffa3b7cde,2025-05-02T13:53:40.163000 @@ -289665,6 +289673,8 @@ CVE-2025-27016,0,0,f2c7dbbbe198c036189ea7e0294285906759c96b4b4fc3925b1ca597f8d45 CVE-2025-27017,0,0,487799b83e349646c0969a6714868b1c6a1e0d2f10d5e6737c1115cacdd0bce5,2025-03-12T17:15:50.327000 CVE-2025-27018,0,0,48d58c9e9c902b1eaa7722cd7e4f3337c69ebc3fec7269de4a4a5a702e3570f7,2025-06-03T21:11:28.860000 CVE-2025-2702,0,0,7ef0bfa66e07c4fb7c181b57cab1217f373873ecf500d50de0d874610b07459c,2025-03-24T10:15:12.943000 +CVE-2025-27021,1,1,11a2b2c104f914bb0b789443e955cbdf235124c2918ebbcd16b07eeb6bdc0b87,2025-07-02T09:15:25.117000 +CVE-2025-27022,1,1,a32141fc309c02b07c2b06d46affea8c5c48be5cc00625666e7d0662d9e9a1d9,2025-07-02T09:15:25.290000 CVE-2025-27029,0,0,f19508e0628f7c772651f93e1b12fe9874fd4060cecec22f220c71602c00f8da,2025-06-04T14:54:33.783000 CVE-2025-2703,0,0,d5ea40e178148932f49d90ec4c309716760c7d3b1ed975c047629950db3be6df,2025-06-10T11:15:52.680000 CVE-2025-27031,0,0,9fa4d5238e55dfabc5a9becc0748532469d6008767dbc00fd4050a94f50be84d,2025-06-04T14:54:33.783000 @@ -298624,7 +298634,7 @@ CVE-2025-52708,0,0,07371d3e6763c031627e7d58d2301539bbfa662c5efb39e7673730c3c856c CVE-2025-52709,0,0,e697426a66c5d894e8873805b8a22f9eacdafbb37b8734c02ce23b98745d2dba,2025-06-30T18:38:48.477000 CVE-2025-5271,0,0,e8162e6d0dc193ebe9401a5dcd034fa2e97416454d77b1504f9845da76fee3ef,2025-06-11T12:15:28.647000 CVE-2025-52710,0,0,9052ccf3e099379fd0b0d4582ba513b1277a37a92a12a5a543c4398ec675d3c6,2025-06-23T20:16:40.143000 -CVE-2025-52711,0,0,74fd556cda73fae6f70a4060c835dd6f7decff8154a0b5a6da061454e660fa9e,2025-06-23T20:16:40.143000 +CVE-2025-52711,0,1,89905531ab9ffc8f95c007eebb988a86cafda84726fa0a1e8a67963e52646d04,2025-07-02T09:15:25.423000 CVE-2025-52713,0,0,dd903bf26897039ff2663d3fa53844a1463ba8229d49746f6dc30423c84667ea,2025-06-23T20:16:40.143000 CVE-2025-52715,0,0,a4815f001b2ab15993c3ab0dbb5671632e88731698b4eae1f2c32fc42830020f,2025-06-23T20:16:40.143000 CVE-2025-52717,0,0,08af7c95982a241bd309ceada869c66b69693c4ab91aa3522e39aca35fad1aa4,2025-06-30T18:38:48.477000 @@ -299433,14 +299443,14 @@ CVE-2025-6007,0,0,ad7217a46edf88f3122f03c09e2fdcfd31382468cbe1002c4a5de402899399 CVE-2025-6008,0,0,cf45d1b8877307f98a5e962959db4dd8b70df84c99522375a10c3d04cde0826f,2025-06-19T01:26:01.867000 CVE-2025-6009,0,0,78abb2d4f36e6029b865859c44e8b3b2ae426316eb8bf2e15ca3e33565c4ca16,2025-06-19T01:25:17.743000 CVE-2025-6012,0,0,26f2f66d87f45d6aa756cc004552cfa11ed42d44708395d664a6658fe8d21b45,2025-06-16T12:32:18.840000 -CVE-2025-6017,1,1,19876fcb691b9c803b46b850d86a17b355a7f79c1d6768035f0b4a448ddb3e0f,2025-07-02T07:15:23.293000 +CVE-2025-6017,0,0,19876fcb691b9c803b46b850d86a17b355a7f79c1d6768035f0b4a448ddb3e0f,2025-07-02T07:15:23.293000 CVE-2025-6019,0,0,5477ec15a82be0c2a93ed9a3473af3a8dab5cb2afdbbfee75cdeb137fdc5af5e,2025-06-30T03:15:25.990000 -CVE-2025-6020,0,0,b85ef9f6c5f5442f1d1ef504462147aaf9cf11c1d4e49c0627f985d711085c6d,2025-07-01T20:15:27.190000 +CVE-2025-6020,0,1,e062399a09534f4784abcb3a9d5410e3c7d80193d562220764cf339e1750b907,2025-07-02T08:15:22.410000 CVE-2025-6021,0,0,4d6c316d6b2265feaa5a1f1976caab5acbb233a1583e3791720a0a82dcf439c4,2025-06-12T16:06:20.180000 CVE-2025-6029,0,0,e9108be7e98d0780991a9dbc9771d79381463de686ea76ad25b1212ca465841e,2025-06-16T12:32:18.840000 CVE-2025-6030,0,0,e2d083f85b4980fab673be25fe64ff6c58fe5f2e84e15893b8c80d92f1561a4f,2025-06-16T12:32:18.840000 CVE-2025-6031,0,0,8862006220262f75545734fb5f034c6db29d3c4cbd11030b12e4d70636f9f9cc,2025-06-16T12:32:18.840000 -CVE-2025-6032,0,0,014f9ead9a096c2552bec1427c0bb6bffaac544598b639c9601573d50f357ea8,2025-07-01T08:15:24.757000 +CVE-2025-6032,0,1,7d36c2d58b732d43afa3008a3147d35986d6ec9223b352842d54a5562a9f2d17,2025-07-02T08:15:57.507000 CVE-2025-6035,0,0,b71b50bc0c235c19b2d078bb69ae3921b820489d58f8688dea7a7bdd7515f125,2025-06-16T12:32:18.840000 CVE-2025-6040,0,0,76a8c143b5834b0cf93cda3bf80ab595e40b144f2532ce0d72ddcf42d08934bb,2025-06-16T12:32:18.840000 CVE-2025-6050,0,0,67e03dde344620698f5a7773057ca524136abcdd721ce9bc82366b3da1039da8,2025-06-17T20:50:23.507000 @@ -299725,7 +299735,7 @@ CVE-2025-6458,0,0,083518c79650bb4c88fc42ff0fa6cfc761ce82844b15365e5e4b749048d96c CVE-2025-6459,0,0,cda5c51df012e536f278bb68333a4c16582d37b5504e2fd0bb1edcef440c5d77,2025-07-02T04:15:59.413000 CVE-2025-6462,0,0,c54e78f06549a47bea6df85cbe1ac92bc0a08b11b6cd67df5b6afe80d9d36c4f,2025-06-30T18:38:23.493000 CVE-2025-6463,0,0,f623b23117c533853ef6ed59dcea3a4ba6017945a3e0ef47aef7b343ec72bcd5,2025-07-02T05:15:27.737000 -CVE-2025-6464,1,1,47f7e66e4696502cc760c40ae17b01f2955a4e326619c603f6abbb588edca083,2025-07-02T06:15:23.520000 +CVE-2025-6464,0,0,47f7e66e4696502cc760c40ae17b01f2955a4e326619c603f6abbb588edca083,2025-07-02T06:15:23.520000 CVE-2025-6466,0,0,02dda139ebc87521cef69d237c47fae4cb16f9d5a4fcba111e2a9a76c60a2e10,2025-06-23T20:16:21.633000 CVE-2025-6467,0,0,2111c66db0969d1c41fc8564ca68139c60962dcd1f7bb6c000aa2a277af3863e,2025-06-27T16:30:42.310000 CVE-2025-6468,0,0,b609e6c1f1cb2cca716729822e4b5563b8a9898d707e405d1e94b0c4142dd708,2025-06-27T16:37:25.340000 @@ -299885,7 +299895,7 @@ CVE-2025-6700,0,0,ec5745583eb140cd6e26feee4053d027111d4002634d3b2809beb12abbf163 CVE-2025-6701,0,0,a2b9f73092ff21b75d30180c6bdfa3afa17be30c5d5819f4bd36ae185260ce2e,2025-06-27T14:15:57.400000 CVE-2025-6702,0,0,13231e4711014b4c1e2bcb464a07a77f1c3df71f881feb5132d2eb6cd4917cee,2025-06-27T14:15:57.553000 CVE-2025-6703,0,0,0d9be36ef80bdf06400d3f3c9d49c1e852425f26caf80a96158d35b6fe0baf1a,2025-06-26T18:57:43.670000 -CVE-2025-6705,0,1,122b715fdd013e3e71f08cd868626dfbe2b9bcde8329e0b4b4c87a4f0aba31ae,2025-07-02T07:15:23.493000 +CVE-2025-6705,0,0,122b715fdd013e3e71f08cd868626dfbe2b9bcde8329e0b4b4c87a4f0aba31ae,2025-07-02T07:15:23.493000 CVE-2025-6706,0,0,e1ad2661eb0b2cc00595c80c51f437664f432617b81595d4eee5ef9e521b3ca6,2025-06-26T18:57:43.670000 CVE-2025-6707,0,0,aef66556c55eec41bae463c7faf45c123c97efb1da15664a3018a0cfbb06ba4a,2025-06-26T18:57:43.670000 CVE-2025-6709,0,0,90498322242e290afd27889d9cfd65fddf909a1cfa7b78d899a4f3639a3f1253,2025-06-26T18:57:43.670000