mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-07-09 16:05:11 +00:00
Auto-Update: 2025-02-22T15:00:21.190758+00:00
This commit is contained in:
parent
9e6c2e33b0
commit
3d34cef4cc
60
CVE-2024/CVE-2024-138xx/CVE-2024-13869.json
Normal file
60
CVE-2024/CVE-2024-138xx/CVE-2024-13869.json
Normal file
@ -0,0 +1,60 @@
|
|||||||
|
{
|
||||||
|
"id": "CVE-2024-13869",
|
||||||
|
"sourceIdentifier": "security@wordfence.com",
|
||||||
|
"published": "2025-02-22T13:15:10.920",
|
||||||
|
"lastModified": "2025-02-22T13:15:10.920",
|
||||||
|
"vulnStatus": "Received",
|
||||||
|
"cveTags": [],
|
||||||
|
"descriptions": [
|
||||||
|
{
|
||||||
|
"lang": "en",
|
||||||
|
"value": "The Migration, Backup, Staging \u2013 WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'upload_files' function in all versions up to, and including, 0.9.112. This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. NOTE: Uploaded files are only accessible on WordPress instances running on the NGINX web server as the existing .htaccess within the target file upload folder prevents access on Apache servers."
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"metrics": {
|
||||||
|
"cvssMetricV31": [
|
||||||
|
{
|
||||||
|
"source": "security@wordfence.com",
|
||||||
|
"type": "Primary",
|
||||||
|
"cvssData": {
|
||||||
|
"version": "3.1",
|
||||||
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
|
||||||
|
"baseScore": 7.2,
|
||||||
|
"baseSeverity": "HIGH",
|
||||||
|
"attackVector": "NETWORK",
|
||||||
|
"attackComplexity": "LOW",
|
||||||
|
"privilegesRequired": "HIGH",
|
||||||
|
"userInteraction": "NONE",
|
||||||
|
"scope": "UNCHANGED",
|
||||||
|
"confidentialityImpact": "HIGH",
|
||||||
|
"integrityImpact": "HIGH",
|
||||||
|
"availabilityImpact": "HIGH"
|
||||||
|
},
|
||||||
|
"exploitabilityScore": 1.2,
|
||||||
|
"impactScore": 5.9
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"weaknesses": [
|
||||||
|
{
|
||||||
|
"source": "security@wordfence.com",
|
||||||
|
"type": "Primary",
|
||||||
|
"description": [
|
||||||
|
{
|
||||||
|
"lang": "en",
|
||||||
|
"value": "CWE-434"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"references": [
|
||||||
|
{
|
||||||
|
"url": "https://plugins.trac.wordpress.org/changeset/3242904/wpvivid-backuprestore",
|
||||||
|
"source": "security@wordfence.com"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0082e46d-fdbe-4ab7-bba3-0681a25d4495?source=cve",
|
||||||
|
"source": "security@wordfence.com"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
72
CVE-2025/CVE-2025-09xx/CVE-2025-0918.json
Normal file
72
CVE-2025/CVE-2025-09xx/CVE-2025-0918.json
Normal file
@ -0,0 +1,72 @@
|
|||||||
|
{
|
||||||
|
"id": "CVE-2025-0918",
|
||||||
|
"sourceIdentifier": "security@wordfence.com",
|
||||||
|
"published": "2025-02-22T13:15:11.687",
|
||||||
|
"lastModified": "2025-02-22T13:15:11.687",
|
||||||
|
"vulnStatus": "Received",
|
||||||
|
"cveTags": [],
|
||||||
|
"descriptions": [
|
||||||
|
{
|
||||||
|
"lang": "en",
|
||||||
|
"value": "The SMTP for SendGrid \u2013 YaySMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"metrics": {
|
||||||
|
"cvssMetricV31": [
|
||||||
|
{
|
||||||
|
"source": "security@wordfence.com",
|
||||||
|
"type": "Primary",
|
||||||
|
"cvssData": {
|
||||||
|
"version": "3.1",
|
||||||
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
|
||||||
|
"baseScore": 7.2,
|
||||||
|
"baseSeverity": "HIGH",
|
||||||
|
"attackVector": "NETWORK",
|
||||||
|
"attackComplexity": "LOW",
|
||||||
|
"privilegesRequired": "NONE",
|
||||||
|
"userInteraction": "NONE",
|
||||||
|
"scope": "CHANGED",
|
||||||
|
"confidentialityImpact": "LOW",
|
||||||
|
"integrityImpact": "LOW",
|
||||||
|
"availabilityImpact": "NONE"
|
||||||
|
},
|
||||||
|
"exploitabilityScore": 3.9,
|
||||||
|
"impactScore": 2.7
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"weaknesses": [
|
||||||
|
{
|
||||||
|
"source": "security@wordfence.com",
|
||||||
|
"type": "Primary",
|
||||||
|
"description": [
|
||||||
|
{
|
||||||
|
"lang": "en",
|
||||||
|
"value": "CWE-79"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"references": [
|
||||||
|
{
|
||||||
|
"url": "https://plugins.trac.wordpress.org/browser/smtp-sendgrid/trunk/includes/Functions.php",
|
||||||
|
"source": "security@wordfence.com"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"url": "https://plugins.trac.wordpress.org/changeset/3056461/",
|
||||||
|
"source": "security@wordfence.com"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"url": "https://plugins.trac.wordpress.org/changeset/3234377/",
|
||||||
|
"source": "security@wordfence.com"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"url": "https://wordpress.org/plugins/smtp-sendgrid/#developers",
|
||||||
|
"source": "security@wordfence.com"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b98f2a85-9535-4bf5-900c-f4f630c7b502?source=cve",
|
||||||
|
"source": "security@wordfence.com"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
72
CVE-2025/CVE-2025-09xx/CVE-2025-0953.json
Normal file
72
CVE-2025/CVE-2025-09xx/CVE-2025-0953.json
Normal file
@ -0,0 +1,72 @@
|
|||||||
|
{
|
||||||
|
"id": "CVE-2025-0953",
|
||||||
|
"sourceIdentifier": "security@wordfence.com",
|
||||||
|
"published": "2025-02-22T13:15:11.850",
|
||||||
|
"lastModified": "2025-02-22T13:15:11.850",
|
||||||
|
"vulnStatus": "Received",
|
||||||
|
"cveTags": [],
|
||||||
|
"descriptions": [
|
||||||
|
{
|
||||||
|
"lang": "en",
|
||||||
|
"value": "The SMTP for Sendinblue \u2013 YaySMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"metrics": {
|
||||||
|
"cvssMetricV31": [
|
||||||
|
{
|
||||||
|
"source": "security@wordfence.com",
|
||||||
|
"type": "Primary",
|
||||||
|
"cvssData": {
|
||||||
|
"version": "3.1",
|
||||||
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
|
||||||
|
"baseScore": 7.2,
|
||||||
|
"baseSeverity": "HIGH",
|
||||||
|
"attackVector": "NETWORK",
|
||||||
|
"attackComplexity": "LOW",
|
||||||
|
"privilegesRequired": "NONE",
|
||||||
|
"userInteraction": "NONE",
|
||||||
|
"scope": "CHANGED",
|
||||||
|
"confidentialityImpact": "LOW",
|
||||||
|
"integrityImpact": "LOW",
|
||||||
|
"availabilityImpact": "NONE"
|
||||||
|
},
|
||||||
|
"exploitabilityScore": 3.9,
|
||||||
|
"impactScore": 2.7
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"weaknesses": [
|
||||||
|
{
|
||||||
|
"source": "security@wordfence.com",
|
||||||
|
"type": "Primary",
|
||||||
|
"description": [
|
||||||
|
{
|
||||||
|
"lang": "en",
|
||||||
|
"value": "CWE-79"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"references": [
|
||||||
|
{
|
||||||
|
"url": "https://plugins.trac.wordpress.org/browser/smtp-sendinblue/trunk/includes/Functions.php",
|
||||||
|
"source": "security@wordfence.com"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"url": "https://plugins.trac.wordpress.org/browser/smtp-sendinblue/trunk/includes/Helper/Utils.php",
|
||||||
|
"source": "security@wordfence.com"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"url": "https://plugins.trac.wordpress.org/changeset/3234379/",
|
||||||
|
"source": "security@wordfence.com"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"url": "https://wordpress.org/plugins/smtp-sendinblue/#developers",
|
||||||
|
"source": "security@wordfence.com"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e7ba65ac-e568-4c13-961d-6453f281d9fc?source=cve",
|
||||||
|
"source": "security@wordfence.com"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
72
CVE-2025/CVE-2025-09xx/CVE-2025-0957.json
Normal file
72
CVE-2025/CVE-2025-09xx/CVE-2025-0957.json
Normal file
@ -0,0 +1,72 @@
|
|||||||
|
{
|
||||||
|
"id": "CVE-2025-0957",
|
||||||
|
"sourceIdentifier": "security@wordfence.com",
|
||||||
|
"published": "2025-02-22T14:15:29.710",
|
||||||
|
"lastModified": "2025-02-22T14:15:29.710",
|
||||||
|
"vulnStatus": "Received",
|
||||||
|
"cveTags": [],
|
||||||
|
"descriptions": [
|
||||||
|
{
|
||||||
|
"lang": "en",
|
||||||
|
"value": "The SMTP for Amazon SES \u2013 YaySMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.7.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"metrics": {
|
||||||
|
"cvssMetricV31": [
|
||||||
|
{
|
||||||
|
"source": "security@wordfence.com",
|
||||||
|
"type": "Primary",
|
||||||
|
"cvssData": {
|
||||||
|
"version": "3.1",
|
||||||
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
|
||||||
|
"baseScore": 7.2,
|
||||||
|
"baseSeverity": "HIGH",
|
||||||
|
"attackVector": "NETWORK",
|
||||||
|
"attackComplexity": "LOW",
|
||||||
|
"privilegesRequired": "NONE",
|
||||||
|
"userInteraction": "NONE",
|
||||||
|
"scope": "CHANGED",
|
||||||
|
"confidentialityImpact": "LOW",
|
||||||
|
"integrityImpact": "LOW",
|
||||||
|
"availabilityImpact": "NONE"
|
||||||
|
},
|
||||||
|
"exploitabilityScore": 3.9,
|
||||||
|
"impactScore": 2.7
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"weaknesses": [
|
||||||
|
{
|
||||||
|
"source": "security@wordfence.com",
|
||||||
|
"type": "Primary",
|
||||||
|
"description": [
|
||||||
|
{
|
||||||
|
"lang": "en",
|
||||||
|
"value": "CWE-79"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"references": [
|
||||||
|
{
|
||||||
|
"url": "https://plugins.trac.wordpress.org/browser/smtp-amazon-ses/trunk/includes/Functions.php",
|
||||||
|
"source": "security@wordfence.com"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"url": "https://plugins.trac.wordpress.org/browser/smtp-amazon-ses/trunk/includes/Helper/Utils.php",
|
||||||
|
"source": "security@wordfence.com"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"url": "https://plugins.trac.wordpress.org/changeset/3234351/",
|
||||||
|
"source": "security@wordfence.com"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"url": "https://wordpress.org/plugins/smtp-amazon-ses/#developers",
|
||||||
|
"source": "security@wordfence.com"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f6424fc9-f118-4654-89a7-1f7e6efa2c02?source=cve",
|
||||||
|
"source": "security@wordfence.com"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
141
CVE-2025/CVE-2025-15xx/CVE-2025-1556.json
Normal file
141
CVE-2025/CVE-2025-15xx/CVE-2025-1556.json
Normal file
@ -0,0 +1,141 @@
|
|||||||
|
{
|
||||||
|
"id": "CVE-2025-1556",
|
||||||
|
"sourceIdentifier": "cna@vuldb.com",
|
||||||
|
"published": "2025-02-22T13:15:12.010",
|
||||||
|
"lastModified": "2025-02-22T13:15:12.010",
|
||||||
|
"vulnStatus": "Received",
|
||||||
|
"cveTags": [],
|
||||||
|
"descriptions": [
|
||||||
|
{
|
||||||
|
"lang": "en",
|
||||||
|
"value": "A vulnerability, which was classified as problematic, has been found in westboy CicadasCMS 1.0. This issue affects some unknown processing of the file /system of the component Template Management. The manipulation leads to deserialization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"metrics": {
|
||||||
|
"cvssMetricV40": [
|
||||||
|
{
|
||||||
|
"source": "cna@vuldb.com",
|
||||||
|
"type": "Secondary",
|
||||||
|
"cvssData": {
|
||||||
|
"version": "4.0",
|
||||||
|
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
|
||||||
|
"baseScore": 5.1,
|
||||||
|
"baseSeverity": "MEDIUM",
|
||||||
|
"attackVector": "NETWORK",
|
||||||
|
"attackComplexity": "LOW",
|
||||||
|
"attackRequirements": "NONE",
|
||||||
|
"privilegesRequired": "HIGH",
|
||||||
|
"userInteraction": "NONE",
|
||||||
|
"vulnerableSystemConfidentiality": "LOW",
|
||||||
|
"vulnerableSystemIntegrity": "LOW",
|
||||||
|
"vulnerableSystemAvailability": "LOW",
|
||||||
|
"subsequentSystemConfidentiality": "NONE",
|
||||||
|
"subsequentSystemIntegrity": "NONE",
|
||||||
|
"subsequentSystemAvailability": "NONE",
|
||||||
|
"exploitMaturity": "NOT_DEFINED",
|
||||||
|
"confidentialityRequirements": "NOT_DEFINED",
|
||||||
|
"integrityRequirements": "NOT_DEFINED",
|
||||||
|
"availabilityRequirements": "NOT_DEFINED",
|
||||||
|
"modifiedAttackVector": "NOT_DEFINED",
|
||||||
|
"modifiedAttackComplexity": "NOT_DEFINED",
|
||||||
|
"modifiedAttackRequirements": "NOT_DEFINED",
|
||||||
|
"modifiedPrivilegesRequired": "NOT_DEFINED",
|
||||||
|
"modifiedUserInteraction": "NOT_DEFINED",
|
||||||
|
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
|
||||||
|
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
|
||||||
|
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
|
||||||
|
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
|
||||||
|
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
|
||||||
|
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
|
||||||
|
"safety": "NOT_DEFINED",
|
||||||
|
"automatable": "NOT_DEFINED",
|
||||||
|
"recovery": "NOT_DEFINED",
|
||||||
|
"valueDensity": "NOT_DEFINED",
|
||||||
|
"vulnerabilityResponseEffort": "NOT_DEFINED",
|
||||||
|
"providerUrgency": "NOT_DEFINED"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"cvssMetricV31": [
|
||||||
|
{
|
||||||
|
"source": "cna@vuldb.com",
|
||||||
|
"type": "Primary",
|
||||||
|
"cvssData": {
|
||||||
|
"version": "3.1",
|
||||||
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
|
||||||
|
"baseScore": 4.7,
|
||||||
|
"baseSeverity": "MEDIUM",
|
||||||
|
"attackVector": "NETWORK",
|
||||||
|
"attackComplexity": "LOW",
|
||||||
|
"privilegesRequired": "HIGH",
|
||||||
|
"userInteraction": "NONE",
|
||||||
|
"scope": "UNCHANGED",
|
||||||
|
"confidentialityImpact": "LOW",
|
||||||
|
"integrityImpact": "LOW",
|
||||||
|
"availabilityImpact": "LOW"
|
||||||
|
},
|
||||||
|
"exploitabilityScore": 1.2,
|
||||||
|
"impactScore": 3.4
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"cvssMetricV2": [
|
||||||
|
{
|
||||||
|
"source": "cna@vuldb.com",
|
||||||
|
"type": "Secondary",
|
||||||
|
"cvssData": {
|
||||||
|
"version": "2.0",
|
||||||
|
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P",
|
||||||
|
"baseScore": 5.8,
|
||||||
|
"accessVector": "NETWORK",
|
||||||
|
"accessComplexity": "LOW",
|
||||||
|
"authentication": "MULTIPLE",
|
||||||
|
"confidentialityImpact": "PARTIAL",
|
||||||
|
"integrityImpact": "PARTIAL",
|
||||||
|
"availabilityImpact": "PARTIAL"
|
||||||
|
},
|
||||||
|
"baseSeverity": "MEDIUM",
|
||||||
|
"exploitabilityScore": 6.4,
|
||||||
|
"impactScore": 6.4,
|
||||||
|
"acInsufInfo": false,
|
||||||
|
"obtainAllPrivilege": false,
|
||||||
|
"obtainUserPrivilege": false,
|
||||||
|
"obtainOtherPrivilege": false,
|
||||||
|
"userInteractionRequired": false
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"weaknesses": [
|
||||||
|
{
|
||||||
|
"source": "cna@vuldb.com",
|
||||||
|
"type": "Primary",
|
||||||
|
"description": [
|
||||||
|
{
|
||||||
|
"lang": "en",
|
||||||
|
"value": "CWE-20"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"lang": "en",
|
||||||
|
"value": "CWE-502"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"references": [
|
||||||
|
{
|
||||||
|
"url": "https://github.com/FightingLzn9/vul/blob/main/CicadasCMS(2).md",
|
||||||
|
"source": "cna@vuldb.com"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"url": "https://vuldb.com/?ctiid.296507",
|
||||||
|
"source": "cna@vuldb.com"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"url": "https://vuldb.com/?id.296507",
|
||||||
|
"source": "cna@vuldb.com"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"url": "https://vuldb.com/?submit.499520",
|
||||||
|
"source": "cna@vuldb.com"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
141
CVE-2025/CVE-2025-15xx/CVE-2025-1557.json
Normal file
141
CVE-2025/CVE-2025-15xx/CVE-2025-1557.json
Normal file
@ -0,0 +1,141 @@
|
|||||||
|
{
|
||||||
|
"id": "CVE-2025-1557",
|
||||||
|
"sourceIdentifier": "cna@vuldb.com",
|
||||||
|
"published": "2025-02-22T13:15:12.247",
|
||||||
|
"lastModified": "2025-02-22T13:15:12.247",
|
||||||
|
"vulnStatus": "Received",
|
||||||
|
"cveTags": [],
|
||||||
|
"descriptions": [
|
||||||
|
{
|
||||||
|
"lang": "en",
|
||||||
|
"value": "A vulnerability, which was classified as problematic, was found in OFCMS 1.1.3. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"metrics": {
|
||||||
|
"cvssMetricV40": [
|
||||||
|
{
|
||||||
|
"source": "cna@vuldb.com",
|
||||||
|
"type": "Secondary",
|
||||||
|
"cvssData": {
|
||||||
|
"version": "4.0",
|
||||||
|
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
|
||||||
|
"baseScore": 5.3,
|
||||||
|
"baseSeverity": "MEDIUM",
|
||||||
|
"attackVector": "NETWORK",
|
||||||
|
"attackComplexity": "LOW",
|
||||||
|
"attackRequirements": "NONE",
|
||||||
|
"privilegesRequired": "NONE",
|
||||||
|
"userInteraction": "PASSIVE",
|
||||||
|
"vulnerableSystemConfidentiality": "NONE",
|
||||||
|
"vulnerableSystemIntegrity": "LOW",
|
||||||
|
"vulnerableSystemAvailability": "NONE",
|
||||||
|
"subsequentSystemConfidentiality": "NONE",
|
||||||
|
"subsequentSystemIntegrity": "NONE",
|
||||||
|
"subsequentSystemAvailability": "NONE",
|
||||||
|
"exploitMaturity": "NOT_DEFINED",
|
||||||
|
"confidentialityRequirements": "NOT_DEFINED",
|
||||||
|
"integrityRequirements": "NOT_DEFINED",
|
||||||
|
"availabilityRequirements": "NOT_DEFINED",
|
||||||
|
"modifiedAttackVector": "NOT_DEFINED",
|
||||||
|
"modifiedAttackComplexity": "NOT_DEFINED",
|
||||||
|
"modifiedAttackRequirements": "NOT_DEFINED",
|
||||||
|
"modifiedPrivilegesRequired": "NOT_DEFINED",
|
||||||
|
"modifiedUserInteraction": "NOT_DEFINED",
|
||||||
|
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
|
||||||
|
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
|
||||||
|
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
|
||||||
|
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
|
||||||
|
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
|
||||||
|
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
|
||||||
|
"safety": "NOT_DEFINED",
|
||||||
|
"automatable": "NOT_DEFINED",
|
||||||
|
"recovery": "NOT_DEFINED",
|
||||||
|
"valueDensity": "NOT_DEFINED",
|
||||||
|
"vulnerabilityResponseEffort": "NOT_DEFINED",
|
||||||
|
"providerUrgency": "NOT_DEFINED"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"cvssMetricV31": [
|
||||||
|
{
|
||||||
|
"source": "cna@vuldb.com",
|
||||||
|
"type": "Primary",
|
||||||
|
"cvssData": {
|
||||||
|
"version": "3.1",
|
||||||
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
|
||||||
|
"baseScore": 4.3,
|
||||||
|
"baseSeverity": "MEDIUM",
|
||||||
|
"attackVector": "NETWORK",
|
||||||
|
"attackComplexity": "LOW",
|
||||||
|
"privilegesRequired": "NONE",
|
||||||
|
"userInteraction": "REQUIRED",
|
||||||
|
"scope": "UNCHANGED",
|
||||||
|
"confidentialityImpact": "NONE",
|
||||||
|
"integrityImpact": "LOW",
|
||||||
|
"availabilityImpact": "NONE"
|
||||||
|
},
|
||||||
|
"exploitabilityScore": 2.8,
|
||||||
|
"impactScore": 1.4
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"cvssMetricV2": [
|
||||||
|
{
|
||||||
|
"source": "cna@vuldb.com",
|
||||||
|
"type": "Secondary",
|
||||||
|
"cvssData": {
|
||||||
|
"version": "2.0",
|
||||||
|
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
|
||||||
|
"baseScore": 5.0,
|
||||||
|
"accessVector": "NETWORK",
|
||||||
|
"accessComplexity": "LOW",
|
||||||
|
"authentication": "NONE",
|
||||||
|
"confidentialityImpact": "NONE",
|
||||||
|
"integrityImpact": "PARTIAL",
|
||||||
|
"availabilityImpact": "NONE"
|
||||||
|
},
|
||||||
|
"baseSeverity": "MEDIUM",
|
||||||
|
"exploitabilityScore": 10.0,
|
||||||
|
"impactScore": 2.9,
|
||||||
|
"acInsufInfo": false,
|
||||||
|
"obtainAllPrivilege": false,
|
||||||
|
"obtainUserPrivilege": false,
|
||||||
|
"obtainOtherPrivilege": false,
|
||||||
|
"userInteractionRequired": false
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"weaknesses": [
|
||||||
|
{
|
||||||
|
"source": "cna@vuldb.com",
|
||||||
|
"type": "Primary",
|
||||||
|
"description": [
|
||||||
|
{
|
||||||
|
"lang": "en",
|
||||||
|
"value": "CWE-352"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"lang": "en",
|
||||||
|
"value": "CWE-862"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"references": [
|
||||||
|
{
|
||||||
|
"url": "https://vuldb.com/?ctiid.296508",
|
||||||
|
"source": "cna@vuldb.com"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"url": "https://vuldb.com/?id.296508",
|
||||||
|
"source": "cna@vuldb.com"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"url": "https://vuldb.com/?submit.500269",
|
||||||
|
"source": "cna@vuldb.com"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"url": "https://www.yuque.com/u123456789-6sobi/cdgcbq/kq7117ogyycutxo2?singleDoc#%20%E3%80%8ACSRF%20Vulnerability%20in%20OfCms%20%2F%20OfCms%E5%AD%98%E5%9C%A8CSRF%E6%BC%8F%E6%B4%9E%E3%80%8B",
|
||||||
|
"source": "cna@vuldb.com"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
17
README.md
17
README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
|
|||||||
### Last Repository Update
|
### Last Repository Update
|
||||||
|
|
||||||
```plain
|
```plain
|
||||||
2025-02-22T13:00:19.093983+00:00
|
2025-02-22T15:00:21.190758+00:00
|
||||||
```
|
```
|
||||||
|
|
||||||
### Most recent CVE Modification Timestamp synchronized with NVD
|
### Most recent CVE Modification Timestamp synchronized with NVD
|
||||||
|
|
||||||
```plain
|
```plain
|
||||||
2025-02-22T12:15:30.927000+00:00
|
2025-02-22T14:15:29.710000+00:00
|
||||||
```
|
```
|
||||||
|
|
||||||
### Last Data Feed Release
|
### Last Data Feed Release
|
||||||
@ -33,20 +33,25 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
|
|||||||
### Total Number of included CVEs
|
### Total Number of included CVEs
|
||||||
|
|
||||||
```plain
|
```plain
|
||||||
282067
|
282073
|
||||||
```
|
```
|
||||||
|
|
||||||
### CVEs added in the last Commit
|
### CVEs added in the last Commit
|
||||||
|
|
||||||
Recently added CVEs: `0`
|
Recently added CVEs: `6`
|
||||||
|
|
||||||
|
- [CVE-2024-13869](CVE-2024/CVE-2024-138xx/CVE-2024-13869.json) (`2025-02-22T13:15:10.920`)
|
||||||
|
- [CVE-2025-0918](CVE-2025/CVE-2025-09xx/CVE-2025-0918.json) (`2025-02-22T13:15:11.687`)
|
||||||
|
- [CVE-2025-0953](CVE-2025/CVE-2025-09xx/CVE-2025-0953.json) (`2025-02-22T13:15:11.850`)
|
||||||
|
- [CVE-2025-0957](CVE-2025/CVE-2025-09xx/CVE-2025-0957.json) (`2025-02-22T14:15:29.710`)
|
||||||
|
- [CVE-2025-1556](CVE-2025/CVE-2025-15xx/CVE-2025-1556.json) (`2025-02-22T13:15:12.010`)
|
||||||
|
- [CVE-2025-1557](CVE-2025/CVE-2025-15xx/CVE-2025-1557.json) (`2025-02-22T13:15:12.247`)
|
||||||
|
|
||||||
|
|
||||||
### CVEs modified in the last Commit
|
### CVEs modified in the last Commit
|
||||||
|
|
||||||
Recently modified CVEs: `1`
|
Recently modified CVEs: `0`
|
||||||
|
|
||||||
- [CVE-2023-6648](CVE-2023/CVE-2023-66xx/CVE-2023-6648.json) (`2025-02-22T12:15:30.927`)
|
|
||||||
|
|
||||||
|
|
||||||
## Download and Usage
|
## Download and Usage
|
||||||
|
@ -242020,7 +242020,7 @@ CVE-2023-6640,0,0,4c1de3385a32f286c0b75b0b253dae7e11e4d89cf203bb099ad3f58f6c385c
|
|||||||
CVE-2023-6645,0,0,18d7b1db6d45d511489f0088fbcda1d70409d9803c5553814d8e2b60fd676b42,2024-11-21T08:44:16.430000
|
CVE-2023-6645,0,0,18d7b1db6d45d511489f0088fbcda1d70409d9803c5553814d8e2b60fd676b42,2024-11-21T08:44:16.430000
|
||||||
CVE-2023-6646,0,0,43309576514af4cb07e93f126e0f158d82b8629e3c47d5943302d08d30997d61,2024-11-21T08:44:16.600000
|
CVE-2023-6646,0,0,43309576514af4cb07e93f126e0f158d82b8629e3c47d5943302d08d30997d61,2024-11-21T08:44:16.600000
|
||||||
CVE-2023-6647,0,0,780302fda21e798fe5ca06edfdf1cebf880447e49cae48df60b9306a284f29c8,2024-11-21T08:44:16.793000
|
CVE-2023-6647,0,0,780302fda21e798fe5ca06edfdf1cebf880447e49cae48df60b9306a284f29c8,2024-11-21T08:44:16.793000
|
||||||
CVE-2023-6648,0,1,d2eaef290089f83c5f4b15c4ac795d0b50ac11bf6b06c1dd3db8e9da1c1af229,2025-02-22T12:15:30.927000
|
CVE-2023-6648,0,0,d2eaef290089f83c5f4b15c4ac795d0b50ac11bf6b06c1dd3db8e9da1c1af229,2025-02-22T12:15:30.927000
|
||||||
CVE-2023-6649,0,0,f16b8f43e18a15ee86fc969f2c30723fdfe0f83e4134dca4815ab7280fb58480,2024-11-21T08:44:17.087000
|
CVE-2023-6649,0,0,f16b8f43e18a15ee86fc969f2c30723fdfe0f83e4134dca4815ab7280fb58480,2024-11-21T08:44:17.087000
|
||||||
CVE-2023-6650,0,0,e0ca62c1cae5ab471f951c716a9965cadf71a09d15f12cd3c2bc955aba81253d,2024-11-21T08:44:17.247000
|
CVE-2023-6650,0,0,e0ca62c1cae5ab471f951c716a9965cadf71a09d15f12cd3c2bc955aba81253d,2024-11-21T08:44:17.247000
|
||||||
CVE-2023-6651,0,0,cd74fedcbcf3d4fe8699e1ecf0fc78dfd7702f334bc3fdfb7c4ff3782b3771ea,2024-11-21T08:44:17.393000
|
CVE-2023-6651,0,0,cd74fedcbcf3d4fe8699e1ecf0fc78dfd7702f334bc3fdfb7c4ff3782b3771ea,2024-11-21T08:44:17.393000
|
||||||
@ -246918,6 +246918,7 @@ CVE-2024-13854,0,0,da76605e45e5cccb1e4ac357ef915fd87a7797a2aa194293a861365173d04
|
|||||||
CVE-2024-13855,0,0,87ff80a4a4bcadf924c0b68cea8cd371d8a19ee5f045d490959e15e51f021d88,2025-02-20T10:15:11.530000
|
CVE-2024-13855,0,0,87ff80a4a4bcadf924c0b68cea8cd371d8a19ee5f045d490959e15e51f021d88,2025-02-20T10:15:11.530000
|
||||||
CVE-2024-1386,0,0,0e88f4287d62ff6aff092302a9322ab713c8f07c6df5c6bed70e82252a8c824b,2024-11-21T08:50:28.063000
|
CVE-2024-1386,0,0,0e88f4287d62ff6aff092302a9322ab713c8f07c6df5c6bed70e82252a8c824b,2024-11-21T08:50:28.063000
|
||||||
CVE-2024-13867,0,0,d1ccd3c88095b1998a7fe8f4f64aebb963278c8b08e66fe2014f445cd5f48e2a,2025-02-18T18:41:21.660000
|
CVE-2024-13867,0,0,d1ccd3c88095b1998a7fe8f4f64aebb963278c8b08e66fe2014f445cd5f48e2a,2025-02-18T18:41:21.660000
|
||||||
|
CVE-2024-13869,1,1,6cf76ca30972bb4e146a69d16f09015336f9457aca89967f7112327623dcc3eb,2025-02-22T13:15:10.920000
|
||||||
CVE-2024-1387,0,0,8e6bcbdaec79085616e17d0cff8f7e9074033b4370339ebb2fb375231d6ccb3f,2025-01-07T18:19:26.400000
|
CVE-2024-1387,0,0,8e6bcbdaec79085616e17d0cff8f7e9074033b4370339ebb2fb375231d6ccb3f,2025-01-07T18:19:26.400000
|
||||||
CVE-2024-13873,0,0,ddf058f4c75682e8cf7335d38f43094b08f172b8fcc2d656f2cc5238777fc340,2025-02-22T04:15:09.567000
|
CVE-2024-13873,0,0,ddf058f4c75682e8cf7335d38f43094b08f172b8fcc2d656f2cc5238777fc340,2025-02-22T04:15:09.567000
|
||||||
CVE-2024-13879,0,0,9feaa77a4a107496b778129b23b28c9a020cd8ce5e3b7bb155fa8c6898d38c2d,2025-02-17T16:15:15.950000
|
CVE-2024-13879,0,0,9feaa77a4a107496b778129b23b28c9a020cd8ce5e3b7bb155fa8c6898d38c2d,2025-02-17T16:15:15.950000
|
||||||
@ -279406,6 +279407,7 @@ CVE-2025-0909,0,0,1ff7d78519026d4b0df5324b5b84f781600c6266238b96b6e6fda4fafcd94e
|
|||||||
CVE-2025-0910,0,0,5441c161f7257bb6355c09b7b0bb2df312d9b6c6d59e58e837649ec8c68777c9,2025-02-12T18:59:18.447000
|
CVE-2025-0910,0,0,5441c161f7257bb6355c09b7b0bb2df312d9b6c6d59e58e837649ec8c68777c9,2025-02-12T18:59:18.447000
|
||||||
CVE-2025-0911,0,0,b9aa939093c00e0782e255aa47e49c2cf1d4559eb848b6a9c47f1e00b8bd8fad,2025-02-12T19:00:17
|
CVE-2025-0911,0,0,b9aa939093c00e0782e255aa47e49c2cf1d4559eb848b6a9c47f1e00b8bd8fad,2025-02-12T19:00:17
|
||||||
CVE-2025-0916,0,0,9f634049c98a708569d7f2be6c0fdaeeb2a62cd7e2136bc12c84981688ac3796,2025-02-19T12:15:31.630000
|
CVE-2025-0916,0,0,9f634049c98a708569d7f2be6c0fdaeeb2a62cd7e2136bc12c84981688ac3796,2025-02-19T12:15:31.630000
|
||||||
|
CVE-2025-0918,1,1,3a735425a74a1c0bbfdbd7a0fbcbdab0443a6b145783519e1d180e6751979379,2025-02-22T13:15:11.687000
|
||||||
CVE-2025-0919,0,0,f3c40a8c3e9859b98dc4dbb233022019405b6bb3a32be39636bc5e978bd23a1b,2025-02-12T17:15:23.357000
|
CVE-2025-0919,0,0,f3c40a8c3e9859b98dc4dbb233022019405b6bb3a32be39636bc5e978bd23a1b,2025-02-12T17:15:23.357000
|
||||||
CVE-2025-0924,0,0,aee87ee741a81d5e3594f3d82c18001c32a0f8c18175f96bf3ced22a7e7ace42,2025-02-17T05:15:09.410000
|
CVE-2025-0924,0,0,aee87ee741a81d5e3594f3d82c18001c32a0f8c18175f96bf3ced22a7e7ace42,2025-02-17T05:15:09.410000
|
||||||
CVE-2025-0925,0,0,96e6ae1415f7de21f9d2302b09edfb8f35c8ed2d838c20a02e0bb3cb8fbcd173,2025-02-12T17:15:23.437000
|
CVE-2025-0925,0,0,96e6ae1415f7de21f9d2302b09edfb8f35c8ed2d838c20a02e0bb3cb8fbcd173,2025-02-12T17:15:23.437000
|
||||||
@ -279424,6 +279426,8 @@ CVE-2025-0947,0,0,d86087faf15d7e6a63109e47bfca07163762fc534d74ac472b8031d14a77e7
|
|||||||
CVE-2025-0948,0,0,8aa6a50c200d1920de9f20b6b39e518a0d142377f946f24ca23afa086a6a6c5e,2025-02-03T18:15:41.580000
|
CVE-2025-0948,0,0,8aa6a50c200d1920de9f20b6b39e518a0d142377f946f24ca23afa086a6a6c5e,2025-02-03T18:15:41.580000
|
||||||
CVE-2025-0949,0,0,039d871602cd9428128821cc37027e6e8dee60ecee8ac64dcd53b31ffe11da3d,2025-02-03T18:15:41.727000
|
CVE-2025-0949,0,0,039d871602cd9428128821cc37027e6e8dee60ecee8ac64dcd53b31ffe11da3d,2025-02-03T18:15:41.727000
|
||||||
CVE-2025-0950,0,0,b7bfb032b40dfc48cfc3ea52c5e6e62b743bd5cc010ad44bc8604664ed295438,2025-02-03T18:15:41.847000
|
CVE-2025-0950,0,0,b7bfb032b40dfc48cfc3ea52c5e6e62b743bd5cc010ad44bc8604664ed295438,2025-02-03T18:15:41.847000
|
||||||
|
CVE-2025-0953,1,1,048cc197ca970de5fde847ecab581986b58675b3dc4db0983287b715bf967350,2025-02-22T13:15:11.850000
|
||||||
|
CVE-2025-0957,1,1,ce96b57dc5a1d7911b2973eca447d8c2a84bd9409019560a93b413d929c8b35e,2025-02-22T14:15:29.710000
|
||||||
CVE-2025-0960,0,0,7d99f6e3510e94dddcebd5fc3388664132c2f2132e2b612ed8279ce23b89027f,2025-02-04T20:15:50.103000
|
CVE-2025-0960,0,0,7d99f6e3510e94dddcebd5fc3388664132c2f2132e2b612ed8279ce23b89027f,2025-02-04T20:15:50.103000
|
||||||
CVE-2025-0961,0,0,51398360322c1646c196e54ab1a92e1f37267b5b266c9b18c4da19ec7b68c1a4,2025-02-10T13:15:26.413000
|
CVE-2025-0961,0,0,51398360322c1646c196e54ab1a92e1f37267b5b266c9b18c4da19ec7b68c1a4,2025-02-10T13:15:26.413000
|
||||||
CVE-2025-0967,0,0,48a999283e5df37f2ad381f76667fdb4991732db2f436607d24ac0a470ce1d15,2025-02-02T16:15:27.693000
|
CVE-2025-0967,0,0,48a999283e5df37f2ad381f76667fdb4991732db2f436607d24ac0a470ce1d15,2025-02-02T16:15:27.693000
|
||||||
@ -279684,6 +279688,8 @@ CVE-2025-1546,0,0,7a27654d265dd0e0c87a112414ca356bea46a4aa4326e4b6c538ca7fa17cdb
|
|||||||
CVE-2025-1548,0,0,dc77eed63b703112b11128556adaac7473d7e2c58e805a91497e7bcaa94271fc,2025-02-21T17:15:13.897000
|
CVE-2025-1548,0,0,dc77eed63b703112b11128556adaac7473d7e2c58e805a91497e7bcaa94271fc,2025-02-21T17:15:13.897000
|
||||||
CVE-2025-1553,0,0,b76c346b19ed32adbb90097d30125f53b18d6b15a685f1353673e4fcdc636324,2025-02-22T10:15:09.853000
|
CVE-2025-1553,0,0,b76c346b19ed32adbb90097d30125f53b18d6b15a685f1353673e4fcdc636324,2025-02-22T10:15:09.853000
|
||||||
CVE-2025-1555,0,0,1c7a4c27ed9d1502d0e15c0e5a57e371d72228c620058c2537224f8b85248601,2025-02-21T21:15:13.703000
|
CVE-2025-1555,0,0,1c7a4c27ed9d1502d0e15c0e5a57e371d72228c620058c2537224f8b85248601,2025-02-21T21:15:13.703000
|
||||||
|
CVE-2025-1556,1,1,724b13759326d4daa23c48d02c1ce795525d880ae020ac09a68b1de9594640a5,2025-02-22T13:15:12.010000
|
||||||
|
CVE-2025-1557,1,1,49607b48e972d9fd5d215f054ea7353b084df75dff065ecc488af6c52d9e37af,2025-02-22T13:15:12.247000
|
||||||
CVE-2025-20014,0,0,9692e5cd581a413def58e50a6734c5a89401a76673de37fc6a41ad824a4429cc,2025-01-29T20:15:35.207000
|
CVE-2025-20014,0,0,9692e5cd581a413def58e50a6734c5a89401a76673de37fc6a41ad824a4429cc,2025-01-29T20:15:35.207000
|
||||||
CVE-2025-20016,0,0,6fccb84eb01c2cd66b422e82777f9738bfe5004121e1b551d0ae454724543c0e,2025-01-14T10:15:07.500000
|
CVE-2025-20016,0,0,6fccb84eb01c2cd66b422e82777f9738bfe5004121e1b551d0ae454724543c0e,2025-01-14T10:15:07.500000
|
||||||
CVE-2025-20029,0,0,9b8781ac9a16d1f4940e1c86f8d87c8f1f8e66cb5b362950b6fdcd60c25126c4,2025-02-05T18:15:29.573000
|
CVE-2025-20029,0,0,9b8781ac9a16d1f4940e1c86f8d87c8f1f8e66cb5b362950b6fdcd60c25126c4,2025-02-05T18:15:29.573000
|
||||||
|
Can't render this file because it is too large.
|
Loading…
x
Reference in New Issue
Block a user