Auto-Update: 2025-04-21T04:00:20.074403+00:00

CVE-2024/CVE-2024-139xx/CVE-2024-13926.json

@@ -2,7 +2,7 @@
   "id": "CVE-2024-13926",
   "sourceIdentifier": "contact@wpscan.com",
   "published": "2025-04-19T06:15:18.347",
-  "lastModified": "2025-04-19T06:15:18.347",
+  "lastModified": "2025-04-21T03:15:16.627",
   "vulnStatus": "Received",
   "cveTags": [],
   "descriptions": [
@@ -11,7 +11,30 @@
       "value": "The WP-Syntax WordPress plugin through 1.2 does not properly handle input, allowing an attacker to create a post containing a large number of tags, thereby exploiting a catastrophic backtracking issue in the regular expression processing to cause a DoS."
     }
   ],
-  "metrics": {},
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+          "baseScore": 7.5,
+          "baseSeverity": "HIGH",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 3.6
+      }
+    ]
+  },
   "references": [
     {
       "url": "https://wpscan.com/vulnerability/b5f0092e-7cd5-412f-a8ea-7bd4a8bf86d2/",

CVE-2025/CVE-2025-439xx/CVE-2025-43970.json

@@ -2,13 +2,13 @@
   "id": "CVE-2025-43970",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2025-04-21T01:15:45.310",
-  "lastModified": "2025-04-21T01:15:45.310",
+  "lastModified": "2025-04-21T02:15:43.077",
   "vulnStatus": "Received",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
-      "value": "An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g.. by ensuring that there are 12 bytes or 36 bytes (depending on the address family)."
+      "value": "An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g., by ensuring that there are 12 bytes or 36 bytes (depending on the address family)."
     }
   ],
   "metrics": {
@@ -18,7 +18,7 @@
         "type": "Secondary",
         "cvssData": {
           "version": "3.1",
-          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
           "baseScore": 4.3,
           "baseSeverity": "MEDIUM",
           "attackVector": "LOCAL",
@@ -27,8 +27,8 @@
           "userInteraction": "NONE",
           "scope": "CHANGED",
           "confidentialityImpact": "NONE",
-          "integrityImpact": "LOW",
-          "availabilityImpact": "NONE"
+          "integrityImpact": "NONE",
+          "availabilityImpact": "LOW"
         },
         "exploitabilityScore": 2.5,
         "impactScore": 1.4

CVE-2025/CVE-2025-439xx/CVE-2025-43971.json

@@ -2,7 +2,7 @@
   "id": "CVE-2025-43971",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2025-04-21T01:15:45.457",
-  "lastModified": "2025-04-21T01:15:45.457",
+  "lastModified": "2025-04-21T02:15:43.210",
   "vulnStatus": "Received",
   "cveTags": [],
   "descriptions": [
@@ -11,7 +11,42 @@
       "value": "An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go allows attackers to cause a panic via a zero value for softwareVersionLen."
     }
   ],
-  "metrics": {},
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@mitre.org",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
+          "baseScore": 8.6,
+          "baseSeverity": "HIGH",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 4.0
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve@mitre.org",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-193"
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://github.com/osrg/gobgp/commit/08a001e06d90e8bcc190084c66992f46f62c0986",

CVE-2025/CVE-2025-439xx/CVE-2025-43972.json

@@ -2,7 +2,7 @@
   "id": "CVE-2025-43972",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2025-04-21T01:15:45.563",
-  "lastModified": "2025-04-21T01:15:45.563",
+  "lastModified": "2025-04-21T02:15:43.340",
   "vulnStatus": "Received",
   "cveTags": [],
   "descriptions": [
@@ -11,7 +11,42 @@
       "value": "An issue was discovered in GoBGP before 3.35.0. An attacker can cause a crash in the pkg/packet/bgp/bgp.go flowspec parser by sending fewer than 20 bytes in a certain context."
     }
   ],
-  "metrics": {},
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@mitre.org",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
+          "baseScore": 6.8,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 2.2,
+        "impactScore": 4.0
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve@mitre.org",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-1284"
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://github.com/osrg/gobgp/commit/ca7383f450f7b296c5389feceef2467de5ab6e5a",

CVE-2025/CVE-2025-439xx/CVE-2025-43973.json

@@ -2,7 +2,7 @@
   "id": "CVE-2025-43973",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2025-04-21T01:15:45.670",
-  "lastModified": "2025-04-21T01:15:45.670",
+  "lastModified": "2025-04-21T02:15:43.470",
   "vulnStatus": "Received",
   "cveTags": [],
   "descriptions": [
@@ -11,7 +11,42 @@
       "value": "An issue was discovered in GoBGP before 3.35.0. pkg/packet/rtr/rtr.go does not verify that the input length corresponds to a situation in which all bytes are available for an RTR message."
     }
   ],
-  "metrics": {},
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@mitre.org",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
+          "baseScore": 6.8,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 2.2,
+        "impactScore": 4.0
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve@mitre.org",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-193"
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://github.com/osrg/gobgp/commit/5693c58a4815cc6327b8d3b6980f0e5aced28abe",

README.md

@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2025-04-21T02:00:19.177917+00:00
+2025-04-21T04:00:20.074403+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2025-04-21T01:15:45.670000+00:00
+2025-04-21T03:15:16.627000+00:00
 ```
 
 ### Last Data Feed Release
@@ -38,24 +38,19 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `10`
+Recently added CVEs: `0`
 
-- [CVE-2025-43961](CVE-2025/CVE-2025-439xx/CVE-2025-43961.json) (`2025-04-21T00:15:32.873`)
-- [CVE-2025-43962](CVE-2025/CVE-2025-439xx/CVE-2025-43962.json) (`2025-04-21T00:15:33.027`)
-- [CVE-2025-43963](CVE-2025/CVE-2025-439xx/CVE-2025-43963.json) (`2025-04-21T00:15:33.173`)
-- [CVE-2025-43964](CVE-2025/CVE-2025-439xx/CVE-2025-43964.json) (`2025-04-21T00:15:33.310`)
-- [CVE-2025-43966](CVE-2025/CVE-2025-439xx/CVE-2025-43966.json) (`2025-04-21T00:15:33.457`)
-- [CVE-2025-43967](CVE-2025/CVE-2025-439xx/CVE-2025-43967.json) (`2025-04-21T00:15:33.607`)
-- [CVE-2025-43970](CVE-2025/CVE-2025-439xx/CVE-2025-43970.json) (`2025-04-21T01:15:45.310`)
-- [CVE-2025-43971](CVE-2025/CVE-2025-439xx/CVE-2025-43971.json) (`2025-04-21T01:15:45.457`)
-- [CVE-2025-43972](CVE-2025/CVE-2025-439xx/CVE-2025-43972.json) (`2025-04-21T01:15:45.563`)
-- [CVE-2025-43973](CVE-2025/CVE-2025-439xx/CVE-2025-43973.json) (`2025-04-21T01:15:45.670`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `0`
+Recently modified CVEs: `5`
 
+- [CVE-2024-13926](CVE-2024/CVE-2024-139xx/CVE-2024-13926.json) (`2025-04-21T03:15:16.627`)
+- [CVE-2025-43970](CVE-2025/CVE-2025-439xx/CVE-2025-43970.json) (`2025-04-21T02:15:43.077`)
+- [CVE-2025-43971](CVE-2025/CVE-2025-439xx/CVE-2025-43971.json) (`2025-04-21T02:15:43.210`)
+- [CVE-2025-43972](CVE-2025/CVE-2025-439xx/CVE-2025-43972.json) (`2025-04-21T02:15:43.340`)
+- [CVE-2025-43973](CVE-2025/CVE-2025-439xx/CVE-2025-43973.json) (`2025-04-21T02:15:43.470`)
 
 
 ## Download and Usage

_state.csv

@@ -248422,7 +248422,7 @@ CVE-2024-13922,0,0,64d32f8cc001c0208e83a7173628a0ec2ddaa5056ca5adfd73e407425d149
 CVE-2024-13923,0,0,64c138e5c400c66f92fa44454bcf781527d96c92fdabf9991413d4506432c205,2025-03-26T18:18:32.280000
 CVE-2024-13924,0,0,6771f2a575eb9b234ba437c9c60a2d5807f8aded376287df6e1ca4c3782207e4,2025-03-12T16:23:39.567000
 CVE-2024-13925,0,0,d5381786baf413fd2dd4859dd45a92bcf06b65f21ce2fc9312416a8cb44b68e1,2025-04-18T14:15:20.327000
-CVE-2024-13926,0,0,9751c4684e7a15fd9721704e8ab59162051e824997423d3ef3b66ed778df9446,2025-04-19T06:15:18.347000
+CVE-2024-13926,0,1,69bd6e361677e594fd8dcc1b22d162e6386b1229b816eba0ea3d1974d0f67350,2025-04-21T03:15:16.627000
 CVE-2024-1393,0,0,807d9a3a72d3c227cf073d19ae4d043ce29012d9a81f19ad09766963a4531e84,2025-01-17T19:54:07.350000
 CVE-2024-13933,0,0,6c1d1592227807572b59c7607e13d58cd1b568936f1ec0b9bb42956c7610a4b0,2025-03-19T12:15:14.003000
 CVE-2024-13939,0,0,921141b59fb64caa413d175858785c8fecf23c4615e123e5aadc58ca56a65359,2025-04-11T18:10:56.160000
@@ -290944,13 +290944,13 @@ CVE-2025-43928,0,0,7e137dc78a97082b3c993605d044d26a389eebe6d6590183c90296f75caf0
 CVE-2025-43929,0,0,b7b16912e19748274928ce4ed708cddadca19d9026021836109f3f82db667fc8,2025-04-20T14:15:13.230000
 CVE-2025-43954,0,0,f2044552c25b024e3accb93e74b0e1e3ecf9ad47f8e8029720c29485b7686cc3,2025-04-20T19:15:43.137000
 CVE-2025-43955,0,0,0a56ed412a1ea3144b576f60e4e3fb6913c480fcdf88a628feedd34ca43f5fa8,2025-04-20T20:15:13.553000
-CVE-2025-43961,1,1,392cf865fa1f5c6a9a582197f39192d9cf25ef868e0f7c86d32ee55aefb1a6f6,2025-04-21T00:15:32.873000
-CVE-2025-43962,1,1,30f038378954877fedba52e8270dce25f8585f9d92d47218510b283bcb946ae3,2025-04-21T00:15:33.027000
-CVE-2025-43963,1,1,3731957d674178b4f34b55563993c2dbea2c456cb2d9e353bb5fedc9bc2b8713,2025-04-21T00:15:33.173000
-CVE-2025-43964,1,1,fc258df96e9c07e4ea36b997a2ccd21aeb89f2d64537f68c4cfc259db04418aa,2025-04-21T00:15:33.310000
-CVE-2025-43966,1,1,4bc59672dab6b688c8e360afe4fb98d997592771e6b8053057cd8b549a819ebe,2025-04-21T00:15:33.457000
-CVE-2025-43967,1,1,8039987bace19a5b812e185915b1369c4b30f43f4d666f21df0b1bac11de4366,2025-04-21T00:15:33.607000
-CVE-2025-43970,1,1,5e5dd2dc396cd7168fd731eb1b27a67bf0d02bf3e18c8bd281e5dde97ef8b33e,2025-04-21T01:15:45.310000
-CVE-2025-43971,1,1,a69476d4e885679367341bf6b8e090bba8435534676741e23a94761f513aa1d0,2025-04-21T01:15:45.457000
-CVE-2025-43972,1,1,e42ebe54e54ae4e8c91575e9b4a9657092d0d91b915a509126af48d506b010c7,2025-04-21T01:15:45.563000
-CVE-2025-43973,1,1,edd3aa84e13ec6138866da343b64bd662393e7555d12709ad9ad70b108769826,2025-04-21T01:15:45.670000
+CVE-2025-43961,0,0,392cf865fa1f5c6a9a582197f39192d9cf25ef868e0f7c86d32ee55aefb1a6f6,2025-04-21T00:15:32.873000
+CVE-2025-43962,0,0,30f038378954877fedba52e8270dce25f8585f9d92d47218510b283bcb946ae3,2025-04-21T00:15:33.027000
+CVE-2025-43963,0,0,3731957d674178b4f34b55563993c2dbea2c456cb2d9e353bb5fedc9bc2b8713,2025-04-21T00:15:33.173000
+CVE-2025-43964,0,0,fc258df96e9c07e4ea36b997a2ccd21aeb89f2d64537f68c4cfc259db04418aa,2025-04-21T00:15:33.310000
+CVE-2025-43966,0,0,4bc59672dab6b688c8e360afe4fb98d997592771e6b8053057cd8b549a819ebe,2025-04-21T00:15:33.457000
+CVE-2025-43967,0,0,8039987bace19a5b812e185915b1369c4b30f43f4d666f21df0b1bac11de4366,2025-04-21T00:15:33.607000
+CVE-2025-43970,0,1,0fa1b9cf157899c3ec3f0444c3a54be086a324e1bf2f86d52d7953f2a9f3fc36,2025-04-21T02:15:43.077000
+CVE-2025-43971,0,1,6032a33d4686f21d721b2c9b25d386642dae25ed3df0b414aaab73baa6d37a71,2025-04-21T02:15:43.210000
+CVE-2025-43972,0,1,aa56fa6ff2ae608e385dabd21ec77702ad1bfb8e36fa3989807ad09ad531ae28,2025-04-21T02:15:43.340000
+CVE-2025-43973,0,1,655684b52b3ead4b276d885d2eda1323991f3044121b9392c69888367d0ff69a,2025-04-21T02:15:43.470000