diff --git a/CVE-2024/CVE-2024-118xx/CVE-2024-11831.json b/CVE-2024/CVE-2024-118xx/CVE-2024-11831.json index 0d13ab2a89a..817f16e5714 100644 --- a/CVE-2024/CVE-2024-118xx/CVE-2024-11831.json +++ b/CVE-2024/CVE-2024-118xx/CVE-2024-11831.json @@ -2,7 +2,7 @@ "id": "CVE-2024-11831", "sourceIdentifier": "secalert@redhat.com", "published": "2025-02-10T16:15:37.080", - "lastModified": "2025-05-21T07:16:00.833", + "lastModified": "2025-06-04T03:15:26.317", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -72,6 +72,10 @@ "url": "https://access.redhat.com/errata/RHSA-2025:8059", "source": "secalert@redhat.com" }, + { + "url": "https://access.redhat.com/errata/RHSA-2025:8479", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2024-11831", "source": "secalert@redhat.com" diff --git a/CVE-2025/CVE-2025-492xx/CVE-2025-49202.json b/CVE-2025/CVE-2025-492xx/CVE-2025-49202.json new file mode 100644 index 00000000000..e23ff9aac6e --- /dev/null +++ b/CVE-2025/CVE-2025-492xx/CVE-2025-49202.json @@ -0,0 +1,16 @@ +{ + "id": "CVE-2025-49202", + "sourceIdentifier": "psirt@fortinet.com", + "published": "2025-06-04T03:15:26.543", + "lastModified": "2025-06-04T03:15:26.543", + "vulnStatus": "Rejected", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Rejected reason: Not used" + } + ], + "metrics": {}, + "references": [] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-492xx/CVE-2025-49203.json b/CVE-2025/CVE-2025-492xx/CVE-2025-49203.json new file mode 100644 index 00000000000..24207c4c5c2 --- /dev/null +++ b/CVE-2025/CVE-2025-492xx/CVE-2025-49203.json @@ -0,0 +1,16 @@ +{ + "id": "CVE-2025-49203", + "sourceIdentifier": "psirt@fortinet.com", + "published": "2025-06-04T03:15:26.630", + "lastModified": "2025-06-04T03:15:26.630", + "vulnStatus": "Rejected", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Rejected reason: Not used" + } + ], + "metrics": {}, + "references": [] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-492xx/CVE-2025-49204.json b/CVE-2025/CVE-2025-492xx/CVE-2025-49204.json new file mode 100644 index 00000000000..7369fd34bdf --- /dev/null +++ b/CVE-2025/CVE-2025-492xx/CVE-2025-49204.json @@ -0,0 +1,16 @@ +{ + "id": "CVE-2025-49204", + "sourceIdentifier": "psirt@fortinet.com", + "published": "2025-06-04T03:15:26.713", + "lastModified": "2025-06-04T03:15:26.713", + "vulnStatus": "Rejected", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Rejected reason: Not used" + } + ], + "metrics": {}, + "references": [] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-492xx/CVE-2025-49205.json b/CVE-2025/CVE-2025-492xx/CVE-2025-49205.json new file mode 100644 index 00000000000..93174177ead --- /dev/null +++ b/CVE-2025/CVE-2025-492xx/CVE-2025-49205.json @@ -0,0 +1,16 @@ +{ + "id": "CVE-2025-49205", + "sourceIdentifier": "psirt@fortinet.com", + "published": "2025-06-04T03:15:26.787", + "lastModified": "2025-06-04T03:15:26.787", + "vulnStatus": "Rejected", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Rejected reason: Not used" + } + ], + "metrics": {}, + "references": [] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-492xx/CVE-2025-49206.json b/CVE-2025/CVE-2025-492xx/CVE-2025-49206.json new file mode 100644 index 00000000000..fb2997b55ef --- /dev/null +++ b/CVE-2025/CVE-2025-492xx/CVE-2025-49206.json @@ -0,0 +1,16 @@ +{ + "id": "CVE-2025-49206", + "sourceIdentifier": "psirt@fortinet.com", + "published": "2025-06-04T03:15:26.860", + "lastModified": "2025-06-04T03:15:26.860", + "vulnStatus": "Rejected", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Rejected reason: Not used" + } + ], + "metrics": {}, + "references": [] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-492xx/CVE-2025-49207.json b/CVE-2025/CVE-2025-492xx/CVE-2025-49207.json new file mode 100644 index 00000000000..46eee5d515f --- /dev/null +++ b/CVE-2025/CVE-2025-492xx/CVE-2025-49207.json @@ -0,0 +1,16 @@ +{ + "id": "CVE-2025-49207", + "sourceIdentifier": "psirt@fortinet.com", + "published": "2025-06-04T03:15:26.920", + "lastModified": "2025-06-04T03:15:26.920", + "vulnStatus": "Rejected", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Rejected reason: Not used" + } + ], + "metrics": {}, + "references": [] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-492xx/CVE-2025-49208.json b/CVE-2025/CVE-2025-492xx/CVE-2025-49208.json new file mode 100644 index 00000000000..c41002303dd --- /dev/null +++ b/CVE-2025/CVE-2025-492xx/CVE-2025-49208.json @@ -0,0 +1,16 @@ +{ + "id": "CVE-2025-49208", + "sourceIdentifier": "psirt@fortinet.com", + "published": "2025-06-04T03:15:26.987", + "lastModified": "2025-06-04T03:15:26.987", + "vulnStatus": "Rejected", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Rejected reason: Not used" + } + ], + "metrics": {}, + "references": [] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-492xx/CVE-2025-49209.json b/CVE-2025/CVE-2025-492xx/CVE-2025-49209.json new file mode 100644 index 00000000000..180ac6dc230 --- /dev/null +++ b/CVE-2025/CVE-2025-492xx/CVE-2025-49209.json @@ -0,0 +1,16 @@ +{ + "id": "CVE-2025-49209", + "sourceIdentifier": "psirt@fortinet.com", + "published": "2025-06-04T03:15:27.057", + "lastModified": "2025-06-04T03:15:27.057", + "vulnStatus": "Rejected", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Rejected reason: Not used" + } + ], + "metrics": {}, + "references": [] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-492xx/CVE-2025-49210.json b/CVE-2025/CVE-2025-492xx/CVE-2025-49210.json new file mode 100644 index 00000000000..195f82859a5 --- /dev/null +++ b/CVE-2025/CVE-2025-492xx/CVE-2025-49210.json @@ -0,0 +1,16 @@ +{ + "id": "CVE-2025-49210", + "sourceIdentifier": "psirt@fortinet.com", + "published": "2025-06-04T03:15:27.127", + "lastModified": "2025-06-04T03:15:27.127", + "vulnStatus": "Rejected", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Rejected reason: Not used" + } + ], + "metrics": {}, + "references": [] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-492xx/CVE-2025-49223.json b/CVE-2025/CVE-2025-492xx/CVE-2025-49223.json new file mode 100644 index 00000000000..de0b6ef2d01 --- /dev/null +++ b/CVE-2025/CVE-2025-492xx/CVE-2025-49223.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2025-49223", + "sourceIdentifier": "cve@navercorp.com", + "published": "2025-06-04T03:15:27.190", + "lastModified": "2025-06-04T03:15:27.190", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "billboard.js before 3.15.1 was discovered to contain a prototype pollution via the function generate, which could allow attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "cve@navercorp.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-1321" + } + ] + } + ], + "references": [ + { + "url": "https://cve.naver.com/detail/cve-2025-49223.html", + "source": "cve@navercorp.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-55xx/CVE-2025-5551.json b/CVE-2025/CVE-2025-55xx/CVE-2025-5551.json new file mode 100644 index 00000000000..cf0a03ccf36 --- /dev/null +++ b/CVE-2025/CVE-2025-55xx/CVE-2025-5551.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2025-5551", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-06-04T02:15:21.580", + "lastModified": "2025-06-04T02:15:21.580", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in FreeFloat FTP Server 1.0. It has been classified as critical. This affects an unknown part of the component SYSTEM Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "LOW", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "LOW", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "baseScore": 7.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + }, + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "references": [ + { + "url": "https://fitoxs.com/exploit/exploit-538c6a53e2781f3f3842d470c4e7cb8fa36a94d4a028d72c13f61db8c6c4a1fa.txt", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.311001", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.311001", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.586988", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-55xx/CVE-2025-5552.json b/CVE-2025/CVE-2025-55xx/CVE-2025-5552.json new file mode 100644 index 00000000000..93c5c0a919a --- /dev/null +++ b/CVE-2025/CVE-2025-55xx/CVE-2025-5552.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2025-5552", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-06-04T03:15:27.317", + "lastModified": "2025-06-04T03:15:27.317", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in ChestnutCMS up to 15.1. It has been declared as critical. This vulnerability affects unknown code of the file /dev-api/groovy/exec of the component API Endpoint. The manipulation leads to deserialization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "LOW", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "LOW", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "baseScore": 6.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + }, + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/byxs0x0/cve/issues/7", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.311002", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.311002", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.587199", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-55xx/CVE-2025-5553.json b/CVE-2025/CVE-2025-55xx/CVE-2025-5553.json new file mode 100644 index 00000000000..353e9ba5ca0 --- /dev/null +++ b/CVE-2025/CVE-2025-55xx/CVE-2025-5553.json @@ -0,0 +1,145 @@ +{ + "id": "CVE-2025-5553", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-06-04T03:15:27.517", + "lastModified": "2025-06-04T03:15:27.517", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability classified as critical was found in PHPGurukul Rail Pass Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /download-pass.php. The manipulation of the argument searchdata leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "LOW", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "LOW", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "baseScore": 7.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/f1rstb100d/myCVE/issues/30", + "source": "cna@vuldb.com" + }, + { + "url": "https://phpgurukul.com/", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.311005", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.311005", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.587416", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-55xx/CVE-2025-5554.json b/CVE-2025/CVE-2025-55xx/CVE-2025-5554.json new file mode 100644 index 00000000000..d7ce55de4b8 --- /dev/null +++ b/CVE-2025/CVE-2025-55xx/CVE-2025-5554.json @@ -0,0 +1,145 @@ +{ + "id": "CVE-2025-5554", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-06-04T03:15:27.693", + "lastModified": "2025-06-04T03:15:27.693", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as critical, has been found in PHPGurukul Rail Pass Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/pass-bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "LOW", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "LOW", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "baseScore": 6.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/f1rstb100d/myCVE/issues/31", + "source": "cna@vuldb.com" + }, + { + "url": "https://phpgurukul.com/", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.311006", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.311006", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.587417", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 9b4873680b4..bddebf915f9 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-06-04T02:00:18.888491+00:00 +2025-06-04T04:00:18.977970+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-06-04T01:15:20.250000+00:00 +2025-06-04T03:15:27.693000+00:00 ``` ### Last Data Feed Release @@ -33,28 +33,34 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -296383 +296397 ``` ### CVEs added in the last Commit -Recently added CVEs: `6` +Recently added CVEs: `14` -- [CVE-2025-5545](CVE-2025/CVE-2025-55xx/CVE-2025-5545.json) (`2025-06-04T00:15:25.333`) -- [CVE-2025-5546](CVE-2025/CVE-2025-55xx/CVE-2025-5546.json) (`2025-06-04T00:15:25.540`) -- [CVE-2025-5547](CVE-2025/CVE-2025-55xx/CVE-2025-5547.json) (`2025-06-04T00:15:25.713`) -- [CVE-2025-5548](CVE-2025/CVE-2025-55xx/CVE-2025-5548.json) (`2025-06-04T01:15:19.873`) -- [CVE-2025-5549](CVE-2025/CVE-2025-55xx/CVE-2025-5549.json) (`2025-06-04T01:15:20.083`) -- [CVE-2025-5550](CVE-2025/CVE-2025-55xx/CVE-2025-5550.json) (`2025-06-04T01:15:20.250`) +- [CVE-2025-49202](CVE-2025/CVE-2025-492xx/CVE-2025-49202.json) (`2025-06-04T03:15:26.543`) +- [CVE-2025-49203](CVE-2025/CVE-2025-492xx/CVE-2025-49203.json) (`2025-06-04T03:15:26.630`) +- [CVE-2025-49204](CVE-2025/CVE-2025-492xx/CVE-2025-49204.json) (`2025-06-04T03:15:26.713`) +- [CVE-2025-49205](CVE-2025/CVE-2025-492xx/CVE-2025-49205.json) (`2025-06-04T03:15:26.787`) +- [CVE-2025-49206](CVE-2025/CVE-2025-492xx/CVE-2025-49206.json) (`2025-06-04T03:15:26.860`) +- [CVE-2025-49207](CVE-2025/CVE-2025-492xx/CVE-2025-49207.json) (`2025-06-04T03:15:26.920`) +- [CVE-2025-49208](CVE-2025/CVE-2025-492xx/CVE-2025-49208.json) (`2025-06-04T03:15:26.987`) +- [CVE-2025-49209](CVE-2025/CVE-2025-492xx/CVE-2025-49209.json) (`2025-06-04T03:15:27.057`) +- [CVE-2025-49210](CVE-2025/CVE-2025-492xx/CVE-2025-49210.json) (`2025-06-04T03:15:27.127`) +- [CVE-2025-49223](CVE-2025/CVE-2025-492xx/CVE-2025-49223.json) (`2025-06-04T03:15:27.190`) +- [CVE-2025-5551](CVE-2025/CVE-2025-55xx/CVE-2025-5551.json) (`2025-06-04T02:15:21.580`) +- [CVE-2025-5552](CVE-2025/CVE-2025-55xx/CVE-2025-5552.json) (`2025-06-04T03:15:27.317`) +- [CVE-2025-5553](CVE-2025/CVE-2025-55xx/CVE-2025-5553.json) (`2025-06-04T03:15:27.517`) +- [CVE-2025-5554](CVE-2025/CVE-2025-55xx/CVE-2025-5554.json) (`2025-06-04T03:15:27.693`) ### CVEs modified in the last Commit -Recently modified CVEs: `3` +Recently modified CVEs: `1` -- [CVE-2025-21479](CVE-2025/CVE-2025-214xx/CVE-2025-21479.json) (`2025-06-04T01:00:02.020`) -- [CVE-2025-21480](CVE-2025/CVE-2025-214xx/CVE-2025-21480.json) (`2025-06-04T01:00:02.020`) -- [CVE-2025-27038](CVE-2025/CVE-2025-270xx/CVE-2025-27038.json) (`2025-06-04T01:00:02.020`) +- [CVE-2024-11831](CVE-2024/CVE-2024-118xx/CVE-2024-11831.json) (`2025-06-04T03:15:26.317`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 3a6a6247528..f655b439ad7 100644 --- a/_state.csv +++ b/_state.csv @@ -246939,7 +246939,7 @@ CVE-2024-11828,0,0,2182fcc94d5c2924b387611eabcc64629aff0d6ea201e85bc92b19a7228cc CVE-2024-11829,0,0,69c985051f8ba94b9fa4dc84b0c753dff2563e51518549f413112c5cfd5d6732,2025-02-04T17:49:14.273000 CVE-2024-1183,0,0,65ecfa5c3d2b221c19281f6b798c6cc7087d171223e10f3dd191314d09620aec,2024-11-21T08:49:58.950000 CVE-2024-11830,0,0,2b9bcbcc6b8510fbe3715609ebd917cba06af0eebf5118baa1afa85039e0b1f0,2025-01-08T11:15:06.443000 -CVE-2024-11831,0,0,bfa84fc953eeec4480bc618f208b11ef56a3bac90453030e3ce1f74fadcad3c0,2025-05-21T07:16:00.833000 +CVE-2024-11831,0,1,1db79b1438eaabb3967258abe29ddc2a7474da8f6b533e54482d7ba0b8554ed6,2025-06-04T03:15:26.317000 CVE-2024-11832,0,0,7a6414b8a97e02ea73c05598b642d3e1c0cc9c0557b16b568dca85c729ab2498,2025-01-07T18:12:54.040000 CVE-2024-11833,0,0,508bcce82814de0a5ab20d2d4557e0c0ce4c9dd038000fc513cde0b65b845abf,2024-12-13T06:15:25.233000 CVE-2024-11834,0,0,3e4bbf7d975d33cb98deb34c5acbe1f3c43954f92e3b7f44576d4d1a8fcd397a,2024-12-16T18:15:08.243000 @@ -284719,9 +284719,9 @@ CVE-2025-21469,0,0,44a98d2c7da1387889249fd5539f1241bba1748830f946c1d60c946e176d6 CVE-2025-2147,0,0,74883129637bc3238403c8977cb3f6a890ade1afe4467a882851a126f0eb8edc,2025-03-24T14:30:40.943000 CVE-2025-21470,0,0,302140affced5624b7926ec75d432b3f98e7a2f5e5c1d9590233b858d4c47845,2025-05-09T19:08:42.713000 CVE-2025-21475,0,0,f2f32195890d4a050cc8c69ec5f14e2e026ddc3e3e1c08b511c44a38ddd17bc2,2025-05-09T19:08:32.710000 -CVE-2025-21479,0,1,b383d399249a8b696425c45d434b27a11bbfd89b3535464396b5e4472d8ccc0e,2025-06-04T01:00:02.020000 +CVE-2025-21479,0,0,b383d399249a8b696425c45d434b27a11bbfd89b3535464396b5e4472d8ccc0e,2025-06-04T01:00:02.020000 CVE-2025-2148,0,0,d4190a3f054e2420a8d60bda0390077417613c29dc75da593352ca97816f8b9e,2025-03-10T14:15:26.130000 -CVE-2025-21480,0,1,3d6c12ebd4174700c7e8b93422e4107901bd25746dda5636897f4eb0a80c4d61,2025-06-04T01:00:02.020000 +CVE-2025-21480,0,0,3d6c12ebd4174700c7e8b93422e4107901bd25746dda5636897f4eb0a80c4d61,2025-06-04T01:00:02.020000 CVE-2025-21485,0,0,73010e18ec621a1a17167f907048fc66beee8b9c3599de3cddf72f09ee8387e1,2025-06-03T06:15:26.423000 CVE-2025-21486,0,0,c5e16de3bcadc7d595ee20023571b8c6f4699e27d552dea8d1e8a4a8eed6c72d,2025-06-03T06:15:26.590000 CVE-2025-21489,0,0,5d30c3b0acc3ddba1057df1a4f29e61d74be0ae611271efb1a2a3c05a60a8cda,2025-01-23T20:15:31.630000 @@ -289012,7 +289012,7 @@ CVE-2025-2702,0,0,7ef0bfa66e07c4fb7c181b57cab1217f373873ecf500d50de0d874610b0745 CVE-2025-27029,0,0,52ac68a9cdf6220cc18c5e7cbb583d98e66fa0a9fab7cdc377fda1e06ea9860c,2025-06-03T06:15:26.777000 CVE-2025-2703,0,0,1cd2ec1071e8a854a09aaa20f8e960bae5b0d0c1a938baebd649e294b60810d4,2025-04-23T14:08:13.383000 CVE-2025-27031,0,0,f69e1e0dba9ba78d4c6190b5ed5e711fd3643a9a1a5a7fd6ecc0a1e4b91fc55c,2025-06-03T06:15:26.960000 -CVE-2025-27038,0,1,515cf89db010c9346d0344253e5f834db6cf025152fe7353fbd6fefeac2af6b0,2025-06-04T01:00:02.020000 +CVE-2025-27038,0,0,515cf89db010c9346d0344253e5f834db6cf025152fe7353fbd6fefeac2af6b0,2025-06-04T01:00:02.020000 CVE-2025-2704,0,0,2cd2fdcb7bf078b49adccb5ec3568934eab2cf5655946edca476f7cde559986a,2025-05-24T01:38:01.433000 CVE-2025-2705,0,0,d7cf085971e80ff2f3017b9a76ca7e7c021414ba6b4da520921b330deccd7930,2025-03-27T16:45:46.410000 CVE-2025-2706,0,0,b7301874e71862c2693f8002ec404483a315cca246767eff2f97ca78b31281f9,2025-03-27T16:45:46.410000 @@ -296004,7 +296004,17 @@ CVE-2025-4917,0,0,402a8702a0d07685076d8d3bbf70a58c8189448c063fea494a0fac6dd2626e CVE-2025-4918,0,0,ab4c079e1da6cd4dfa69cf1fcc57b5e852fcef00a973643da3dd71ab3f3ec47e,2025-05-28T14:05:35.853000 CVE-2025-4919,0,0,d317e3bd578018ad84a455f2232992db1a6397292bb6496f6e9135fa366be8bd,2025-05-28T14:08:29.293000 CVE-2025-4920,0,0,3f754dcd1f915b78f78753940c39593d2b8252e0b2ac1b3316d99c54b7913aab,2025-05-18T20:15:19.190000 +CVE-2025-49202,1,1,2c5c9667db538a79d009e5583b6254f35d0efe9f6889853dcf5402ba540d6c29,2025-06-04T03:15:26.543000 +CVE-2025-49203,1,1,1e61ad43bbe6e0a7d8beb8b024b99438ddd239ff4a9cf8273214795d9dd3a4f8,2025-06-04T03:15:26.630000 +CVE-2025-49204,1,1,770d30dcd8c18655c23133ddcf0f9d79a9d3a4f9de4f41d2b486adc794fec8aa,2025-06-04T03:15:26.713000 +CVE-2025-49205,1,1,c2b147deada1b4bdac23611b8e2d541814f68334b2dea68933be0a8655ff6066,2025-06-04T03:15:26.787000 +CVE-2025-49206,1,1,98f898ab52aec92daf7d4ae4f078fab0bcbfa6c360d3c74687901036a5ab1904,2025-06-04T03:15:26.860000 +CVE-2025-49207,1,1,393c46873cdf2942c063471d7aa4bd4dcbfbde646badf80aac11c2333e05ce30,2025-06-04T03:15:26.920000 +CVE-2025-49208,1,1,a8e96108da8f9e7efa92e227e5541e40bf6024b1bdd55d38cbd0bffbcfb12f89,2025-06-04T03:15:26.987000 +CVE-2025-49209,1,1,293d4b58934d7545b7379d142ec4ec0556406a7f545f40e2a06e2176fbaac700,2025-06-04T03:15:27.057000 CVE-2025-4921,0,0,6764dccda373512b657fe3c8300f9213acc595572fe2b42c347ebcd82da48e2d,2025-05-18T20:15:19.273000 +CVE-2025-49210,1,1,0d98b9f5865953f1015e0875c4ef02572a5474d0f348f574d55b17a2fdab9325,2025-06-04T03:15:27.127000 +CVE-2025-49223,1,1,5ee6e90cf628721bfcce151d18d285e9f3161a50d55830fb52943a581b9b611b,2025-06-04T03:15:27.190000 CVE-2025-4923,0,0,9beba7071c51eba6c1d71d0a324059e1f5260406f92dc4aea21591df042815db,2025-05-28T12:50:28.590000 CVE-2025-4924,0,0,6342dffe7c54a8c2d32839791ad5c0a2c9552a698655503ab5c38da322aa6bba,2025-05-21T17:41:56.433000 CVE-2025-4925,0,0,c7c7b57edd485a39535f310e5e884e623df880c83d50cc9504511597c6a8f4a8,2025-05-21T12:58:28.507000 @@ -296376,9 +296386,13 @@ CVE-2025-5527,0,0,03310183d2aef227c6a1af19d90fe9ac6ecad6dbe77245588bea99fb6d9c40 CVE-2025-5542,0,0,1e6e744ebb0a2c1a2692d13778fb88132ad850afa28e615541ce79006c169f6d,2025-06-03T22:15:21.807000 CVE-2025-5543,0,0,447d1d07ab39d91499ca8cf0d5888f436ad1047d9c468269401dd8672a2b072b,2025-06-03T23:15:20.953000 CVE-2025-5544,0,0,a6bf184be32d4b28dc6ea6c64cedded3fff4ed129d6ee7e61f93554efced2c94,2025-06-03T23:15:21.147000 -CVE-2025-5545,1,1,2143597ebf76758a3c993bdf21d2076788d638aac22e98c1edba0a47936bae63,2025-06-04T00:15:25.333000 -CVE-2025-5546,1,1,8522740ba16e189a9b8302801828de4e6a88153386f6a0dc2b34f04f8972a43b,2025-06-04T00:15:25.540000 -CVE-2025-5547,1,1,869bd95cc8c8080c32873649b0b0dbeeb0275508ee1dc6fca87be38c63f264ba,2025-06-04T00:15:25.713000 -CVE-2025-5548,1,1,68d81ff412ea6615da97f34eec34fe154734e5acc046c6e66ad4317c007099a1,2025-06-04T01:15:19.873000 -CVE-2025-5549,1,1,05a6d069b1057abc17dc8cdb1a793e8a4efc6ecd5f1e563fdff29c4c6ea9477c,2025-06-04T01:15:20.083000 -CVE-2025-5550,1,1,ea3b4aeb88c500fd695ad65233d523362f997aec35c79c8018c66ace218a9ae9,2025-06-04T01:15:20.250000 +CVE-2025-5545,0,0,2143597ebf76758a3c993bdf21d2076788d638aac22e98c1edba0a47936bae63,2025-06-04T00:15:25.333000 +CVE-2025-5546,0,0,8522740ba16e189a9b8302801828de4e6a88153386f6a0dc2b34f04f8972a43b,2025-06-04T00:15:25.540000 +CVE-2025-5547,0,0,869bd95cc8c8080c32873649b0b0dbeeb0275508ee1dc6fca87be38c63f264ba,2025-06-04T00:15:25.713000 +CVE-2025-5548,0,0,68d81ff412ea6615da97f34eec34fe154734e5acc046c6e66ad4317c007099a1,2025-06-04T01:15:19.873000 +CVE-2025-5549,0,0,05a6d069b1057abc17dc8cdb1a793e8a4efc6ecd5f1e563fdff29c4c6ea9477c,2025-06-04T01:15:20.083000 +CVE-2025-5550,0,0,ea3b4aeb88c500fd695ad65233d523362f997aec35c79c8018c66ace218a9ae9,2025-06-04T01:15:20.250000 +CVE-2025-5551,1,1,a9d0ae13a25ef644b6fe35ca6de3c9440f9de5bdfaaa73c4c4e323d054a128f8,2025-06-04T02:15:21.580000 +CVE-2025-5552,1,1,fb3235812088df6647c3a5044f9c34d0f2a86a72c12c70273a62205c4568b921,2025-06-04T03:15:27.317000 +CVE-2025-5553,1,1,85bd0d919e6a0a7013072fae87065f6bbf805d10036cc5ed961f1e262d703b67,2025-06-04T03:15:27.517000 +CVE-2025-5554,1,1,7eba4157558b584f8548b438bfe48e1f5ea389188f3763d56f8bda0cf181853a,2025-06-04T03:15:27.693000