admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-03-20T17:00:35.896605+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-03-20 17:04:09 +00:00
parent 0d0e9b7433
commit 3db902056d
75 changed files with 1928 additions and 381 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CVE-2019/CVE-2019-67xx/CVE-2019-6781.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-6781",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-05-17T16:29:05.797",
"lastModified": "2024-11-21T04:47:08.277",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-20T16:52:51.140",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

32
CVE-2023/CVE-2023-230xx/CVE-2023-23003.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-23003",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-03-01T20:15:14.233",
"lastModified": "2024-11-21T07:45:46.707",
"lastModified": "2025-03-20T15:15:38.760",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 0.3,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.3,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-252"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-252"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-291xx/CVE-2023-29162.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-29162",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-14T14:15:49.777",
"lastModified": "2024-11-21T07:56:38.497",
"lastModified": "2025-03-20T15:15:39.713",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html",

39
CVE-2023/CVE-2023-370xx/CVE-2023-37014.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-37014",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-22T15:15:10.987",
"lastModified": "2025-02-18T20:15:16.950",
"lastModified": "2025-03-20T16:15:13.170",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Las versiones de Open5GS MME anteriores a la 2.6.4 contienen una aserci\u00f3n que se puede activar de forma remota a trav\u00e9s de un paquete ASN.1 mal formado a trav\u00e9s de la interfaz S1AP. Un atacante puede enviar un mensaje de \"Solicitud de liberaci\u00f3n de contexto de UE\" sin el campo \"MME_UE_S1AP_ID\" requerido para bloquear repetidamente el MME, lo que da como resultado la denegaci\u00f3n de servicio."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://cellularsecurity.org/ransacked",

4
CVE-2023/CVE-2023-37xx/CVE-2023-3777.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3777",
"sourceIdentifier": "cve-coordination@google.com",
"published": "2023-09-06T14:15:10.860",
"lastModified": "2025-02-13T17:16:59.127",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-20T17:00:02.777",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2023/CVE-2023-39xx/CVE-2023-3922.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3922",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-09-29T08:15:09.537",
"lastModified": "2024-11-21T08:18:20.803",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-20T16:59:56.803",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2023/CVE-2023-46xx/CVE-2023-4623.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4623",
"sourceIdentifier": "cve-coordination@google.com",
"published": "2023-09-06T14:15:12.357",
"lastModified": "2025-02-13T18:15:46.367",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-20T16:59:51.550",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2023/CVE-2023-53xx/CVE-2023-5345.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5345",
"sourceIdentifier": "cve-coordination@google.com",
"published": "2023-10-03T03:15:09.750",
"lastModified": "2025-02-13T18:15:56.767",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-20T16:59:45.643",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2023/CVE-2023-60xx/CVE-2023-6040.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6040",
"sourceIdentifier": "security@ubuntu.com",
"published": "2024-01-12T02:15:44.683",
"lastModified": "2024-11-21T08:43:01.680",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-20T16:59:40.090",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2023/CVE-2023-61xx/CVE-2023-6111.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6111",
"sourceIdentifier": "cve-coordination@google.com",
"published": "2023-11-14T14:15:29.063",
"lastModified": "2025-02-13T18:16:03.587",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-20T16:59:34.600",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2023/CVE-2023-67xx/CVE-2023-6736.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6736",
"sourceIdentifier": "cve@gitlab.com",
"published": "2024-02-07T22:15:09.043",
"lastModified": "2024-11-21T08:44:27.117",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-20T16:59:18.097",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

10
CVE-2024/CVE-2024-102xx/CVE-2024-10272.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10272",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:15.730",
"lastModified": "2025-03-20T10:15:15.730",
"vulnStatus": "Received",
"lastModified": "2025-03-20T16:15:13.357",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -38,7 +38,7 @@
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -55,6 +55,10 @@
{
"url": "https://huntr.com/bounties/3de48a54-b5c9-40a1-b794-d59c36d58fb6",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/3de48a54-b5c9-40a1-b794-d59c36d58fb6",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

10
CVE-2024/CVE-2024-107xx/CVE-2024-10727.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10727",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:19.633",
"lastModified": "2025-03-20T10:15:19.633",
"vulnStatus": "Received",
"lastModified": "2025-03-20T16:15:13.443",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -38,7 +38,7 @@
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -55,6 +55,10 @@
{
"url": "https://huntr.com/bounties/259eed22-4d6f-4229-92e5-04674f302d5d",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/259eed22-4d6f-4229-92e5-04674f302d5d",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

10
CVE-2024/CVE-2024-108xx/CVE-2024-10830.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10830",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:20.380",
"lastModified": "2025-03-20T10:15:20.380",
"vulnStatus": "Received",
"lastModified": "2025-03-20T15:15:39.980",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -38,7 +38,7 @@
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,6 +51,10 @@
{
"url": "https://huntr.com/bounties/26adf08a-9262-4d5a-a2ee-ce12ed919620",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/26adf08a-9262-4d5a-a2ee-ce12ed919620",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

10
CVE-2024/CVE-2024-113xx/CVE-2024-11300.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-11300",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:24.777",
"lastModified": "2025-03-20T10:15:24.777",
"vulnStatus": "Received",
"lastModified": "2025-03-20T15:15:40.080",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -38,7 +38,7 @@
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -55,6 +55,10 @@
{
"url": "https://huntr.com/bounties/8dca7994-0d92-491e-a419-02adfe23ffa4",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/8dca7994-0d92-491e-a419-02adfe23ffa4",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

10
CVE-2024/CVE-2024-120xx/CVE-2024-12029.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-12029",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:26.157",
"lastModified": "2025-03-20T10:15:26.157",
"vulnStatus": "Received",
"lastModified": "2025-03-20T15:15:40.423",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -38,7 +38,7 @@
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -55,6 +55,10 @@
{
"url": "https://huntr.com/bounties/9b790f94-1b1b-4071-bc27-78445d1a87a3",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/9b790f94-1b1b-4071-bc27-78445d1a87a3",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

10
CVE-2024/CVE-2024-122xx/CVE-2024-12217.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-12217",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:27.560",
"lastModified": "2025-03-20T10:15:27.560",
"vulnStatus": "Received",
"lastModified": "2025-03-20T16:15:13.620",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -38,7 +38,7 @@
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,6 +51,10 @@
{
"url": "https://huntr.com/bounties/0439bf3d-cb38-43a5-8314-0fadf85cc5a0",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/0439bf3d-cb38-43a5-8314-0fadf85cc5a0",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

10
CVE-2024/CVE-2024-124xx/CVE-2024-12450.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-12450",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:28.883",
"lastModified": "2025-03-20T10:15:28.883",
"vulnStatus": "Received",
"lastModified": "2025-03-20T16:15:13.727",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -38,7 +38,7 @@
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -55,6 +55,10 @@
{
"url": "https://huntr.com/bounties/da06360c-87c3-4ba9-be67-29f6eff9d44a",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/da06360c-87c3-4ba9-be67-29f6eff9d44a",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

10
CVE-2024/CVE-2024-125xx/CVE-2024-12537.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-12537",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:29.140",
"lastModified": "2025-03-20T10:15:29.140",
"vulnStatus": "Received",
"lastModified": "2025-03-20T15:15:40.673",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -38,7 +38,7 @@
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,6 +51,10 @@
{
"url": "https://huntr.com/bounties/edabd06c-acc0-428c-a481-271f333755bc",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/edabd06c-acc0-428c-a481-271f333755bc",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

29
CVE-2024/CVE-2024-127xx/CVE-2024-12772.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-12772",
"sourceIdentifier": "contact@wpscan.com",
"published": "2025-01-31T06:15:27.783",
"lastModified": "2025-02-18T19:15:12.523",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-20T15:15:40.773",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
@ -15,7 +15,30 @@
"value": "El complemento Ninja Tables para WordPress anterior a la versi\u00f3n 5.0.17 no Desinfectar ni escapa un par\u00e1metro antes de mostrarlo nuevamente en la p\u00e1gina al importar un CSV, lo que genera una vulnerabilidad Cross Site Scripting."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://wpscan.com/vulnerability/7b6d0f95-6632-4079-8c1b-517a8d02c330/",

10
CVE-2024/CVE-2024-128xx/CVE-2024-12869.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-12869",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:31.087",
"lastModified": "2025-03-20T10:15:31.087",
"vulnStatus": "Received",
"lastModified": "2025-03-20T15:15:41.003",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -38,7 +38,7 @@
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,6 +51,10 @@
{
"url": "https://huntr.com/bounties/768b1a56-1e79-416a-8445-65953568b04a",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/768b1a56-1e79-416a-8445-65953568b04a",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

10
CVE-2024/CVE-2024-130xx/CVE-2024-13060.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13060",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:32.210",
"lastModified": "2025-03-20T10:15:32.210",
"vulnStatus": "Received",
"lastModified": "2025-03-20T15:15:41.097",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -38,7 +38,7 @@
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -55,6 +55,10 @@
{
"url": "https://huntr.com/bounties/98a49c90-e095-441f-900c-59d463dc8e8f",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/98a49c90-e095-441f-900c-59d463dc8e8f",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

27
CVE-2024/CVE-2024-132xx/CVE-2024-13220.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-13220",
"sourceIdentifier": "contact@wpscan.com",
"published": "2025-01-31T06:15:28.623",
"lastModified": "2025-02-18T19:15:12.920",
"lastModified": "2025-03-20T15:15:41.193",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "El complemento WordPress Google Map Professional (Map In Your Language) para WordPress hasta la versi\u00f3n 1.0 no desinfecta ni escapa un par\u00e1metro antes de mostrarlo nuevamente en la p\u00e1gina, lo que genera un Cross-Site Scripting Reflejado que podr\u00eda usarse contra usuarios con privilegios altos, como el administrador."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://wpscan.com/vulnerability/33ef27b4-e88f-46ec-9b3f-0a3e16d6f82e/",

14
CVE-2024/CVE-2024-211xx/CVE-2024-21141.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-21141",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2024-07-16T23:15:15.230",
"lastModified": "2024-11-21T08:53:51.873",
"lastModified": "2025-03-20T15:15:41.383",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "secalert_us@oracle.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"configurations": [

52
CVE-2024/CVE-2024-222xx/CVE-2024-22298.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22298",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-10T08:15:48.253",
"lastModified": "2024-11-21T08:56:00.737",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-20T15:39:01.090",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -51,14 +71,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tms-outsource:amelia:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.0.99",
"matchCriteriaId": "F130359B-59D0-4C27-A1D9-BA48743CBC35"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/ameliabooking/wordpress-amelia-plugin-1-0-96-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://patchstack.com/database/vulnerability/ameliabooking/wordpress-amelia-plugin-1-0-96-broken-access-control-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

32
CVE-2024/CVE-2024-275xx/CVE-2024-27564.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-27564",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-05T17:15:06.997",
"lastModified": "2025-03-20T04:15:17.907",
"lastModified": "2025-03-20T15:15:41.543",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -56,26 +56,6 @@
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
@ -99,16 +79,6 @@
"value": "CWE-918"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-278xx/CVE-2024-27860.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27860",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-09-17T00:15:47.847",
"lastModified": "2024-09-23T19:10:07.350",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-20T15:15:41.693",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [

12
CVE-2024/CVE-2024-31xx/CVE-2024-3174.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-3174",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-07-16T23:15:24.087",
"lastModified": "2024-11-21T09:29:04.553",
"lastModified": "2025-03-20T15:15:42.193",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2024/CVE-2024-329xx/CVE-2024-32912.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-32912",
"sourceIdentifier": "dsap-vuln-management@google.com",
"published": "2024-06-13T21:15:55.250",
"lastModified": "2024-11-21T09:16:00.933",
"lastModified": "2025-03-20T15:15:41.853",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"configurations": [

32
CVE-2024/CVE-2024-389xx/CVE-2024-38970.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-38970",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-09T18:15:10.517",
"lastModified": "2024-11-21T09:27:01.543",
"lastModified": "2025-03-20T15:15:42.037",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"configurations": [

32
CVE-2024/CVE-2024-408xx/CVE-2024-40804.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-40804",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-07-29T23:15:12.947",
"lastModified": "2024-11-21T09:31:40.083",
"lastModified": "2025-03-20T15:15:42.350",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-441xx/CVE-2024-44181.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44181",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-09-17T00:15:51.790",
"lastModified": "2024-09-24T18:39:12.733",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-20T15:15:42.527",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"configurations": [

27
CVE-2024/CVE-2024-447xx/CVE-2024-44756.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-44756",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-18T17:15:11.450",
"lastModified": "2024-11-21T17:15:14.863",
"lastModified": "2025-03-20T15:15:42.690",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "Se descubri\u00f3 que NUS-M9 ERP Management Software v3.0.0 conten\u00eda una vulnerabilidad de inyecci\u00f3n SQL a trav\u00e9s del par\u00e1metro de c\u00f3digo de usuario en /UserWH/checkLogin."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",

27
CVE-2024/CVE-2024-469xx/CVE-2024-46974.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-46974",
"sourceIdentifier": "367425dc-4d06-4041-9650-c2dc6aaa27ce",
"published": "2025-01-31T03:15:11.053",
"lastModified": "2025-02-18T19:15:16.563",
"lastModified": "2025-03-20T15:15:42.867",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "El software instalado y ejecutado como un usuario sin privilegios puede realizar operaciones de lectura/escritura incorrectas en b\u00faferes DMA importados/exportados."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "367425dc-4d06-4041-9650-c2dc6aaa27ce",

27
CVE-2024/CVE-2024-478xx/CVE-2024-47898.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-47898",
"sourceIdentifier": "367425dc-4d06-4041-9650-c2dc6aaa27ce",
"published": "2025-01-31T04:15:08.683",
"lastModified": "2025-02-18T19:15:16.970",
"lastModified": "2025-03-20T15:15:43.130",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "El software instalado y ejecutado como un usuario sin privilegios puede realizar llamadas de GPU sistema incorrectas para activar excepciones de kernel use-after-free."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "367425dc-4d06-4041-9650-c2dc6aaa27ce",

21
CVE-2024/CVE-2024-485xx/CVE-2024-48591.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-48591",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-20T15:15:43.270",
"lastModified": "2025-03-20T15:15:43.270",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Inflectra SpiraTeam 7.2.00 is vulnerable to Cross Site Scripting (XSS). A specially crafted SVG file can be uploaded that will render and execute JavaScript upon direct viewing."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/GCatt-AS/CVE-2024-48591",
"source": "cve@mitre.org"
}
]
}

39
CVE-2024/CVE-2024-497xx/CVE-2024-49749.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-49749",
"sourceIdentifier": "security@android.com",
"published": "2025-01-21T23:15:15.283",
"lastModified": "2025-02-18T20:15:21.073",
"lastModified": "2025-03-20T15:15:43.360",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "En DGifSlurp de dgif_lib.c, existe una posible escritura fuera de los l\u00edmites debido a un desbordamiento de enteros. Esto podr\u00eda provocar la ejecuci\u00f3n remota de c\u00f3digo sin necesidad de privilegios de ejecuci\u00f3n adicionales. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://source.android.com/security/bulletin/2025-01-01",

64
CVE-2024/CVE-2024-50xx/CVE-2024-5039.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5039",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-05-29T13:15:49.790",
"lastModified": "2024-11-21T09:46:50.100",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-20T15:37:56.427",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,30 +39,78 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pluginus:husky_-_products_filter_professional_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3.6",
"matchCriteriaId": "76837156-B7A8-44F6-B3FC-6FA8DE040B70"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/woocommerce-products-filter/trunk/views/woof.php#L525",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3093324/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0f6e7fcd-f5f5-47a0-9d8a-74e2f67d10b5?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/woocommerce-products-filter/trunk/views/woof.php#L525",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3093324/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0f6e7fcd-f5f5-47a0-9d8a-74e2f67d10b5?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

39
CVE-2024/CVE-2024-535xx/CVE-2024-53537.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-53537",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-31T16:15:34.963",
"lastModified": "2025-02-18T19:15:18.083",
"lastModified": "2025-03-20T15:15:43.490",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Un problema en OpenPanel v0.3.4 a v0.2.1 permite a los atacantes ejecutar un Directory Traversal en las Acciones de archivo del Administrador de archivos."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://openpanel.com/docs/changelog/0.3.5/#%EF%B8%8F-security-fixes",

34
CVE-2024/CVE-2024-570xx/CVE-2024-57021.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-57021",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-15T17:15:17.987",
"lastModified": "2025-03-10T17:26:48.597",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-20T15:15:43.837",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-78"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [

39
CVE-2024/CVE-2024-574xx/CVE-2024-57473.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-57473",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-14T23:15:08.953",
"lastModified": "2025-02-18T22:15:14.820",
"lastModified": "2025-03-20T16:15:13.837",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": " H3C N12 V100R005 contiene una vulnerabilidad de desbordamiento de b\u00fafer debido a la falta de verificaci\u00f3n de longitud en la funci\u00f3n de edici\u00f3n de direcciones MAC. Los atacantes que aprovechen esta vulnerabilidad con \u00e9xito pueden provocar que el dispositivo de destino remoto se bloquee o ejecute comandos arbitrarios enviando una solicitud POST a /bin/webs."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "http://h3c.com",

39
CVE-2024/CVE-2024-576xx/CVE-2024-57604.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-57604",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-12T22:15:41.100",
"lastModified": "2025-02-18T18:15:27.827",
"lastModified": "2025-03-20T15:15:43.980",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Un problema en MaysWind ezBookkeeping 0.7.0 permite que un atacante remoto escale privilegios a trav\u00e9s del componente token."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"references": [
{
"url": "https://github.com/mayswind/ezbookkeeping/issues/33",

14
CVE-2024/CVE-2024-68xx/CVE-2024-6838.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-6838",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:33.620",
"lastModified": "2025-03-20T10:15:33.620",
"vulnStatus": "Received",
"lastModified": "2025-03-20T15:15:44.157",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In mlflow/mlflow version v2.13.2, a vulnerability exists that allows the creation or renaming of an experiment with a large number of integers in its name due to the lack of a limit on the experiment name. This can cause the MLflow UI panel to become unresponsive, leading to a potential denial of service. Additionally, there is no character limit in the `artifact_location` parameter while creating the experiment."
},
{
"lang": "es",
"value": "En mlflow/mlflow versi\u00f3n v2.13.2, existe una vulnerabilidad que permite crear o renombrar un experimento con una gran cantidad de enteros debido a la falta de un l\u00edmite en el nombre del experimento. Esto puede provocar que el panel de interfaz de usuario de MLflow deje de responder, lo que puede provocar una denegaci\u00f3n de servicio. Adem\u00e1s, no hay l\u00edmite de caracteres en el par\u00e1metro `artifact_location` al crear el experimento."
}
],
"metrics": {
@ -38,7 +42,7 @@
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,6 +55,10 @@
{
"url": "https://huntr.com/bounties/8ad52cb2-2cda-4eb0-aec9-586060ee43e0",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/8ad52cb2-2cda-4eb0-aec9-586060ee43e0",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

106
CVE-2024/CVE-2024-68xx/CVE-2024-6848.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6848",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-07-20T12:15:02.203",
"lastModified": "2024-11-21T09:50:24.510",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-20T15:40:08.330",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -49,48 +69,110 @@
"value": "CWE-79"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:boldgrid:post_and_page_builder:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.26.7",
"matchCriteriaId": "B13C979F-E31C-4A3D-A693-159836367E04"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/BoldGrid/post-and-page-builder/issues/612",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://github.com/BoldGrid/post-and-page-builder/pull/613/commits/64c33a6d0c9dbb0151d3af5fee9e026df6c5a2f6",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/post-and-page-builder/tags/1.26.6/includes/class-boldgrid-editor-ajax.php#L372",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://wordpress.org/plugins/post-and-page-builder/#developers",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4d5dcec8-fa36-43ab-9a35-0b391fe1d88e?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/BoldGrid/post-and-page-builder/issues/612",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://github.com/BoldGrid/post-and-page-builder/pull/613/commits/64c33a6d0c9dbb0151d3af5fee9e026df6c5a2f6",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/post-and-page-builder/tags/1.26.6/includes/class-boldgrid-editor-ajax.php#L372",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://wordpress.org/plugins/post-and-page-builder/#developers",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4d5dcec8-fa36-43ab-9a35-0b391fe1d88e?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

10
CVE-2024/CVE-2024-77xx/CVE-2024-7765.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7765",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:36.867",
"lastModified": "2025-03-20T10:15:36.867",
"vulnStatus": "Received",
"lastModified": "2025-03-20T15:15:44.283",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -38,7 +38,7 @@
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,6 +51,10 @@
{
"url": "https://huntr.com/bounties/0e58b1a5-bdca-4e60-af92-09de9c76a9ff",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/0e58b1a5-bdca-4e60-af92-09de9c76a9ff",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

10
CVE-2024/CVE-2024-77xx/CVE-2024-7776.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7776",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:37.520",
"lastModified": "2025-03-20T10:15:37.520",
"vulnStatus": "Received",
"lastModified": "2025-03-20T16:15:14.010",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -38,7 +38,7 @@
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,6 +51,10 @@
{
"url": "https://huntr.com/bounties/a7a46cf6-1fa0-454b-988c-62d222e83f63",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/a7a46cf6-1fa0-454b-988c-62d222e83f63",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

10
CVE-2024/CVE-2024-78xx/CVE-2024-7806.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7806",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:37.893",
"lastModified": "2025-03-20T10:15:37.893",
"vulnStatus": "Received",
"lastModified": "2025-03-20T16:15:14.117",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -38,7 +38,7 @@
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,6 +51,10 @@
{
"url": "https://huntr.com/bounties/9350a68d-5f33-4b3d-988b-81e778160ab8",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/9350a68d-5f33-4b3d-988b-81e778160ab8",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

10
CVE-2024/CVE-2024-80xx/CVE-2024-8026.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8026",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:39.503",
"lastModified": "2025-03-20T10:15:39.503",
"vulnStatus": "Received",
"lastModified": "2025-03-20T16:15:14.220",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -38,7 +38,7 @@
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,6 +51,10 @@
{
"url": "https://huntr.com/bounties/e57f1e32-0fe5-4997-926c-587461aa6274",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/e57f1e32-0fe5-4997-926c-587461aa6274",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

10
CVE-2024/CVE-2024-80xx/CVE-2024-8062.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8062",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:40.627",
"lastModified": "2025-03-20T10:15:40.627",
"vulnStatus": "Received",
"lastModified": "2025-03-20T16:15:14.310",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -38,7 +38,7 @@
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,6 +51,10 @@
{
"url": "https://huntr.com/bounties/a04190d9-4acb-449a-9a7f-f1bf6be1ed23",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/a04190d9-4acb-449a-9a7f-f1bf6be1ed23",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

14
CVE-2024/CVE-2024-84xx/CVE-2024-8400.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-8400",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:42.110",
"lastModified": "2025-03-20T10:15:42.110",
"vulnStatus": "Received",
"lastModified": "2025-03-20T16:15:14.417",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stored cross-site scripting (XSS) vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. The vulnerability allows an attacker to upload a malicious HTML file containing JavaScript code, which is then executed when the file is accessed. This can lead to the execution of arbitrary JavaScript in the context of the user's browser."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de Cross-Site Scripting (XSS) almacenado en la \u00faltima versi\u00f3n de gaizhenbiao/chuanhuchatgpt. Esta vulnerabilidad permite a un atacante cargar un archivo HTML malicioso con c\u00f3digo JavaScript, que se ejecuta al acceder a \u00e9l. Esto puede provocar la ejecuci\u00f3n de JavaScript arbitrario en el navegador del usuario."
}
],
"metrics": {
@ -38,7 +42,7 @@
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -55,6 +59,10 @@
{
"url": "https://huntr.com/bounties/405f16b8-848e-427d-a61a-ea7d3fd6f0e3",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/405f16b8-848e-427d-a61a-ea7d3fd6f0e3",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

14
CVE-2024/CVE-2024-85xx/CVE-2024-8501.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-8501",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:42.610",
"lastModified": "2025-03-20T10:15:42.610",
"vulnStatus": "Received",
"lastModified": "2025-03-20T15:15:44.657",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An arbitrary file download vulnerability exists in the rpc_agent_client component of modelscope/agentscope version v0.0.4. This vulnerability allows any user to download any file from the rpc_agent's host by exploiting the download_file method. This can lead to unauthorized access to sensitive information, including configuration files, credentials, and potentially system files, which may facilitate further exploitation such as privilege escalation or lateral movement within the network."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de descarga de archivos arbitrarios en el componente rpc_agent_client de modelscope/agentscope versi\u00f3n v0.0.4. Esta vulnerabilidad permite a cualquier usuario descargar cualquier archivo del host de rpc_agent explotando el m\u00e9todo download_file. Esto puede provocar acceso no autorizado a informaci\u00f3n confidencial, como archivos de configuraci\u00f3n, credenciales y, posiblemente, archivos del sistema, lo que puede facilitar una mayor explotaci\u00f3n, como la escalada de privilegios o el movimiento lateral dentro de la red."
}
],
"metrics": {
@ -38,7 +42,7 @@
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,6 +55,10 @@
{
"url": "https://huntr.com/bounties/83e433c0-ed2d-4b10-8358-d3c1eee0a47c",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/83e433c0-ed2d-4b10-8358-d3c1eee0a47c",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

14
CVE-2024/CVE-2024-85xx/CVE-2024-8524.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-8524",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:42.853",
"lastModified": "2025-03-20T10:15:42.853",
"vulnStatus": "Received",
"lastModified": "2025-03-20T15:15:44.790",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A directory traversal vulnerability exists in modelscope/agentscope version 0.0.4. An attacker can exploit this vulnerability to read any local JSON file by sending a crafted POST request to the /read-examples endpoint."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de directory traversal en modelscope/agentscope versi\u00f3n 0.0.4. Un atacante puede aprovechar esta vulnerabilidad para leer cualquier archivo JSON local enviando una solicitud POST manipulada al endpoint /read-examples."
}
],
"metrics": {
@ -38,7 +42,7 @@
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,6 +55,10 @@
{
"url": "https://huntr.com/bounties/cc4acf33-700d-4220-8a8a-db28f5c4cc8f",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/cc4acf33-700d-4220-8a8a-db28f5c4cc8f",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

14
CVE-2024/CVE-2024-87xx/CVE-2024-8736.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-8736",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:43.720",
"lastModified": "2025-03-20T10:15:43.720",
"vulnStatus": "Received",
"lastModified": "2025-03-20T16:15:14.520",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Denial of Service (DoS) vulnerability exists in multiple file upload endpoints of parisneo/lollms-webui version V12 (Strawberry). The vulnerability can be exploited remotely via Cross-Site Request Forgery (CSRF). Despite CSRF protection preventing file uploads, the application still processes multipart boundaries, leading to resource exhaustion. By appending additional characters to the multipart boundary, an attacker can cause the server to parse each byte of the boundary, ultimately leading to service unavailability. This vulnerability is present in the `/upload_avatar`, `/upload_app`, and `/upload_logo` endpoints."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de denegaci\u00f3n de servicio (DoS) en varios endpoints de carga de archivos de parisneo/lollms-webui versi\u00f3n V12 (Strawberry). Esta vulnerabilidad puede explotarse remotamente mediante Cross-Site Request Forgery (CSRF). A pesar de que la protecci\u00f3n CSRF impide la carga de archivos, la aplicaci\u00f3n sigue procesando l\u00edmites multiparte, lo que provoca el agotamiento de recursos. Al a\u00f1adir caracteres adicionales al l\u00edmite multiparte, un atacante puede provocar que el servidor analice cada byte del l\u00edmite, lo que en \u00faltima instancia provoca la indisponibilidad del servicio. Esta vulnerabilidad est\u00e1 presente en los endpoints `/upload_avatar`, `/upload_app` y `/upload_logo`."
}
],
"metrics": {
@ -38,7 +42,7 @@
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,6 +55,10 @@
{
"url": "https://huntr.com/bounties/935dbc03-1b43-4dbb-b6cd-1aa95a789d4f",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/935dbc03-1b43-4dbb-b6cd-1aa95a789d4f",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

14
CVE-2024/CVE-2024-89xx/CVE-2024-8952.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-8952",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:44.720",
"lastModified": "2025-03-20T10:15:44.720",
"vulnStatus": "Received",
"lastModified": "2025-03-20T16:15:14.620",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Server-Side Request Forgery (SSRF) vulnerability exists in composiohq/composio version v0.4.2, specifically in the /api/actions/execute/WEBTOOL_SCRAPE_WEBSITE_CONTENT endpoint. This vulnerability allows an attacker to read files, access AWS metadata, and interact with local services on the system."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de Server-Side Request Forgery (SSRF) en composiohq/composio versi\u00f3n v0.4.2, espec\u00edficamente en el endpoint /api/actions/execute/WEBTOOL_SCRAPE_WEBSITE_CONTENT. Esta vulnerabilidad permite a un atacante leer archivos, acceder a metadatos de AWS e interactuar con servicios locales del sistema."
}
],
"metrics": {
@ -38,7 +42,7 @@
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,6 +55,10 @@
{
"url": "https://huntr.com/bounties/d1acdd38-10d7-45df-9df0-9fc71f0e1c2a",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/d1acdd38-10d7-45df-9df0-9fc71f0e1c2a",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

14
CVE-2024/CVE-2024-89xx/CVE-2024-8966.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-8966",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:45.340",
"lastModified": "2025-03-20T10:15:45.340",
"vulnStatus": "Received",
"lastModified": "2025-03-20T16:15:14.727",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the file upload process of gradio-app/gradio version @gradio/video@0.10.2 allows for a Denial of Service (DoS) attack. An attacker can append a large number of characters to the end of a multipart boundary, causing the system to continuously process each character and issue warnings. This can render Gradio inaccessible for extended periods, disrupting services and causing significant downtime."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el proceso de carga de archivos de gradio-app/gradio versi\u00f3n @gradio/video@0.10.2 permite un ataque de denegaci\u00f3n de servicio (DoS). Un atacante puede a\u00f1adir una gran cantidad de caracteres al final de un l\u00edmite multiparte, lo que provoca que el sistema procese continuamente cada car\u00e1cter y emita advertencias. Esto puede dejar a Gradio inaccesible durante periodos prolongados, interrumpiendo los servicios y provocando un tiempo de inactividad significativo."
}
],
"metrics": {
@ -38,7 +42,7 @@
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,6 +55,10 @@
{
"url": "https://huntr.com/bounties/7b5932bb-58d1-4e71-b85c-43dc40522ff2",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/7b5932bb-58d1-4e71-b85c-43dc40522ff2",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

14
CVE-2024/CVE-2024-89xx/CVE-2024-8998.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-8998",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:45.707",
"lastModified": "2025-03-20T10:15:45.707",
"vulnStatus": "Received",
"lastModified": "2025-03-20T16:15:14.823",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Regular Expression Denial of Service (ReDoS) vulnerability exists in lunary-ai/lunary version git f07a845. The server uses the regex /{.*?}/ to match user-controlled strings. In the default JavaScript regex engine, this regex can take polynomial time to match certain crafted user inputs. As a result, an attacker can cause the server to hang for an arbitrary amount of time by submitting a specially crafted payload. This issue is fixed in version 1.4.26."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de denegaci\u00f3n de servicio por expresi\u00f3n regular (ReDoS) en la versi\u00f3n git f07a845 de lunary-ai/lunary. El servidor utiliza la expresi\u00f3n regular /{.*?}/ para coincidir con cadenas controladas por el usuario. En el motor de expresiones regulares predeterminado de JavaScript, esta expresi\u00f3n regular puede tardar un tiempo polin\u00f3mico en coincidir con ciertas entradas de usuario manipuladas. Como resultado, un atacante puede provocar que el servidor se bloquee durante un tiempo arbitrario enviando un payload especialmente manipulada. Este problema se solucion\u00f3 en la versi\u00f3n 1.4.26."
}
],
"metrics": {
@ -38,7 +42,7 @@
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -55,6 +59,10 @@
{
"url": "https://huntr.com/bounties/4dbd8648-1dca-4f95-b74f-978ef030e97e",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/4dbd8648-1dca-4f95-b74f-978ef030e97e",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

14
CVE-2025/CVE-2025-01xx/CVE-2025-0185.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-0185",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:51.293",
"lastModified": "2025-03-20T10:15:51.293",
"vulnStatus": "Received",
"lastModified": "2025-03-20T15:15:44.933",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Dify Tools' Vanna module of the langgenius/dify repository allows for a Pandas Query Injection in the latest version. The vulnerability occurs in the function `vn.get_training_plan_generic(df_information_schema)`, which does not properly sanitize user inputs before executing queries using the Pandas library. This can potentially lead to Remote Code Execution (RCE) if exploited."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el m\u00f3dulo Vanna de Dify Tools del repositorio langgenius/dify permite la inyecci\u00f3n de consultas de Pandas en la \u00faltima versi\u00f3n. La vulnerabilidad se produce en la funci\u00f3n `vn.get_training_plan_generic(df_information_schema)`, que no depura correctamente las entradas del usuario antes de ejecutar consultas con la librer\u00eda de Pandas. Esto podr\u00eda provocar la ejecuci\u00f3n remota de c\u00f3digo (RCE) si se explota."
}
],
"metrics": {
@ -38,7 +42,7 @@
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,6 +55,10 @@
{
"url": "https://huntr.com/bounties/7d9eb9b2-7b86-45ed-89bd-276c1350db7e",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/7d9eb9b2-7b86-45ed-89bd-276c1350db7e",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

16
CVE-2025/CVE-2025-02xx/CVE-2025-0254.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-0254",
"sourceIdentifier": "psirt@hcl.com",
"published": "2025-03-20T14:15:22.493",
"lastModified": "2025-03-20T14:15:22.493",
"vulnStatus": "Received",
"lastModified": "2025-03-20T15:15:45.030",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -35,6 +35,18 @@
}
]
},
"weaknesses": [
{
"source": "psirt@hcl.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
],
"references": [
{
"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0120000",

14
CVE-2025/CVE-2025-03xx/CVE-2025-0313.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-0313",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:52.403",
"lastModified": "2025-03-20T10:15:52.403",
"vulnStatus": "Received",
"lastModified": "2025-03-20T16:15:14.923",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in ollama/ollama versions <=0.3.14 allows a malicious user to create a GGUF model that can cause a denial of service (DoS) attack. The vulnerability is due to improper validation of array index bounds in the GGUF model handling code, which can be exploited via a remote network."
},
{
"lang": "es",
"value": "Una vulnerabilidad en ollama/ollama versiones anteriores a la 0.3.14 permite a un usuario malintencionado crear un modelo GGUF que puede provocar un ataque de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de los l\u00edmites del \u00edndice de la matriz en el c\u00f3digo de gesti\u00f3n del modelo GGUF, que puede explotarse a trav\u00e9s de una red remota."
}
],
"metrics": {
@ -38,7 +42,7 @@
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,6 +55,10 @@
{
"url": "https://huntr.com/bounties/450c90f9-bc02-4560-afd4-d0aa057ac82c",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/450c90f9-bc02-4560-afd4-d0aa057ac82c",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

14
CVE-2025/CVE-2025-04xx/CVE-2025-0453.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-0453",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:53.017",
"lastModified": "2025-03-20T10:15:53.017",
"vulnStatus": "Received",
"lastModified": "2025-03-20T16:15:15.017",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In mlflow/mlflow version 2.17.2, the `/graphql` endpoint is vulnerable to a denial of service attack. An attacker can create large batches of queries that repeatedly request all runs from a given experiment. This can tie up all the workers allocated by MLFlow, rendering the application unable to respond to other requests. This vulnerability is due to uncontrolled resource consumption."
},
{
"lang": "es",
"value": "En mlflow/mlflow versi\u00f3n 2.17.2, el endpoint `/graphql` es vulnerable a un ataque de denegaci\u00f3n de servicio. Un atacante puede crear grandes lotes de consultas que solicitan repetidamente todas las ejecuciones de un experimento determinado. Esto puede saturar todos los trabajadores asignados por MLFlow, impidiendo que la aplicaci\u00f3n responda a otras solicitudes. Esta vulnerabilidad se debe al consumo descontrolado de recursos."
}
],
"metrics": {
@ -38,7 +42,7 @@
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,6 +55,10 @@
{
"url": "https://huntr.com/bounties/788327ec-714a-4d5c-83aa-8df04dd7612b",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/788327ec-714a-4d5c-83aa-8df04dd7612b",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

14
CVE-2025/CVE-2025-06xx/CVE-2025-0655.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-0655",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:53.533",
"lastModified": "2025-03-20T10:15:53.533",
"vulnStatus": "Received",
"lastModified": "2025-03-20T16:15:15.167",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in man-group/dtale versions 3.15.1 allows an attacker to override global state settings to enable the `enable_custom_filters` feature, which is typically restricted to trusted environments. Once enabled, the attacker can exploit the /test-filter endpoint to execute arbitrary system commands, leading to remote code execution (RCE). This issue is addressed in version 3.16.1."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la versi\u00f3n 3.15.1 de man-group/dtale permite a un atacante anular la configuraci\u00f3n de estado global para habilitar la funci\u00f3n `enable_custom_filters`, que suele estar restringida a entornos de confianza. Una vez habilitada, el atacante puede explotar el endpoint /test-filter para ejecutar comandos arbitrarios del sistema, lo que provoca la ejecuci\u00f3n remota de c\u00f3digo (RCE). Este problema se soluciona en la versi\u00f3n 3.16.1."
}
],
"metrics": {
@ -38,7 +42,7 @@
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -55,6 +59,10 @@
{
"url": "https://huntr.com/bounties/f63af7bd-5438-4b36-a39b-4c90466cff13",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/f63af7bd-5438-4b36-a39b-4c90466cff13",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

14
CVE-2025/CVE-2025-10xx/CVE-2025-1040.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-1040",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:53.653",
"lastModified": "2025-03-20T10:15:53.653",
"vulnStatus": "Received",
"lastModified": "2025-03-20T16:15:15.267",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "AutoGPT versions 0.3.4 and earlier are vulnerable to a Server-Side Template Injection (SSTI) that could lead to Remote Code Execution (RCE). The vulnerability arises from the improper handling of user-supplied format strings in the `AgentOutputBlock` implementation, where malicious input is passed to the Jinja2 templating engine without adequate security measures. Attackers can exploit this flaw to execute arbitrary commands on the host system. The issue is fixed in version 0.4.0."
},
{
"lang": "es",
"value": "Las versiones 0.3.4 y anteriores de AutoGPT son vulnerables a Server-Side Template Injection (SSTI) que podr\u00eda provocar una Ejecuci\u00f3n Remota de C\u00f3digo (RCE). Esta vulnerabilidad se debe al manejo inadecuado de las cadenas de formato proporcionadas por el usuario en la implementaci\u00f3n `AgentOutputBlock`, donde se pasa informaci\u00f3n maliciosa al motor de plantillas Jinja2 sin las medidas de seguridad adecuadas. Los atacantes pueden explotar esta vulnerabilidad para ejecutar comandos arbitrarios en el sistema host. El problema se ha corregido en la versi\u00f3n 0.4.0."
}
],
"metrics": {
@ -38,7 +42,7 @@
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -55,6 +59,10 @@
{
"url": "https://huntr.com/bounties/b74ef75f-61d5-4422-ab15-9550c8b4f185",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/b74ef75f-61d5-4422-ab15-9550c8b4f185",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

39
CVE-2025/CVE-2025-229xx/CVE-2025-22905.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-22905",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-16T03:15:06.430",
"lastModified": "2025-02-18T21:15:27.153",
"lastModified": "2025-03-20T16:15:15.713",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": " Se descubri\u00f3 que RE11S v1.11 conten\u00eda una vulnerabilidad de inyecci\u00f3n de comandos a trav\u00e9s del par\u00e1metro command en /goform/mp."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "http://re11s.com",

39
CVE-2025/CVE-2025-229xx/CVE-2025-22957.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-22957",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-31T17:15:16.583",
"lastModified": "2025-02-18T19:15:26.813",
"lastModified": "2025-03-20T16:15:16.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Existe una vulnerabilidad de inyecci\u00f3n SQL en el front-end del sitio web en ZZCMS &lt;= 2023, que puede explotarse sin ninguna autenticaci\u00f3n. Esta vulnerabilidad podr\u00eda permitir a los atacantes obtener acceso no autorizado a la base de datos y extraer informaci\u00f3n confidencial."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "http://www.zzcms.net/",

44
CVE-2025/CVE-2025-231xx/CVE-2025-23120.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2025-23120",
"sourceIdentifier": "support@hackerone.com",
"published": "2025-03-20T16:15:16.380",
"lastModified": "2025-03-20T16:15:16.380",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability allowing remote code execution (RCE) for domain users."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "support@hackerone.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
}
]
},
"references": [
{
"url": "https://www.veeam.com/kb4724",
"source": "support@hackerone.com"
}
]
}

34
CVE-2025/CVE-2025-242xx/CVE-2025-24200.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-24200",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-02-10T19:15:40.107",
"lastModified": "2025-03-07T17:12:01.477",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-20T15:15:45.357",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.9,
"impactScore": 5.2
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.9,
"impactScore": 5.2
}
]
},
@ -53,6 +73,16 @@
"value": "CWE-863"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [

6
CVE-2025/CVE-2025-242xx/CVE-2025-24201.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-24201",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-03-11T18:15:30.190",
"lastModified": "2025-03-20T14:15:23.733",
"lastModified": "2025-03-20T15:15:45.627",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -167,6 +167,10 @@
{
"url": "http://seclists.org/fulldisclosure/2025/Mar/4",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Mar/5",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}

156
CVE-2025/CVE-2025-25xx/CVE-2025-2546.json Normal file
View File

@ -0,0 +1,156 @@
{
"id": "CVE-2025-2546",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-20T15:15:46.420",
"lastModified": "2025-03-20T15:15:46.420",
"vulnStatus": "Awaiting Analysis",
"cveTags": [
{
"sourceIdentifier": "cna@vuldb.com",
"tags": [
"unsupported-when-assigned"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in D-Link DIR-618 and DIR-605L 2.02/3.02. This vulnerability affects unknown code of the file /goform/formAdvFirewall of the component Firewall Service. The manipulation leads to improper access controls. The attack needs to be approached within the local network. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
"baseScore": 3.3,
"accessVector": "ADJACENT_NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-266"
},
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://lavender-bicycle-a5a.notion.site/D-Link-DIR-605L-formAdvFirewall-1b153a41781f80aca28ec11da787f0e8?pvs=4",
"source": "cna@vuldb.com"
},
{
"url": "https://lavender-bicycle-a5a.notion.site/D-Link-DIR-618-formAdvFirewall-1b053a41781f801ca1a5e09bb83a22c5?pvs=4",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.300160",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.300160",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.516788",
"source": "cna@vuldb.com"
},
{
"url": "https://www.dlink.com/",
"source": "cna@vuldb.com"
}
]
}

156
CVE-2025/CVE-2025-25xx/CVE-2025-2547.json Normal file
View File

@ -0,0 +1,156 @@
{
"id": "CVE-2025-2547",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-20T16:15:16.607",
"lastModified": "2025-03-20T16:15:16.607",
"vulnStatus": "Received",
"cveTags": [
{
"sourceIdentifier": "cna@vuldb.com",
"tags": [
"unsupported-when-assigned"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, has been found in D-Link DIR-618 and DIR-605L 2.02/3.02. This issue affects some unknown processing of the file /goform/formAdvNetwork. The manipulation leads to improper access controls. The attack can only be done within the local network. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
"baseScore": 3.3,
"accessVector": "ADJACENT_NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-266"
},
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://lavender-bicycle-a5a.notion.site/D-Link-DIR-605L-formAdvNetwork-1b153a41781f80109325dbc96ffc0295?pvs=4",
"source": "cna@vuldb.com"
},
{
"url": "https://lavender-bicycle-a5a.notion.site/D-Link-DIR-618-formAdvNetwork-1b053a41781f8085a4e8d3c1d1de5f56?pvs=4",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.300161",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.300161",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.516789",
"source": "cna@vuldb.com"
},
{
"url": "https://www.dlink.com/",
"source": "cna@vuldb.com"
}
]
}

156
CVE-2025/CVE-2025-25xx/CVE-2025-2548.json Normal file
View File

@ -0,0 +1,156 @@
{
"id": "CVE-2025-2548",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-20T16:15:16.810",
"lastModified": "2025-03-20T16:15:16.810",
"vulnStatus": "Received",
"cveTags": [
{
"sourceIdentifier": "cna@vuldb.com",
"tags": [
"unsupported-when-assigned"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, was found in D-Link DIR-618 and DIR-605L 2.02/3.02. Affected is an unknown function of the file /goform/formSetDomainFilter. The manipulation leads to improper access controls. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
"baseScore": 3.3,
"accessVector": "ADJACENT_NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-266"
},
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://lavender-bicycle-a5a.notion.site/D-Link-DIR-605L-formSetDomainFilter-1b153a41781f80498fcdf9d675df9b39?pvs=4",
"source": "cna@vuldb.com"
},
{
"url": "https://lavender-bicycle-a5a.notion.site/D-Link-DIR-618-formSetDomainFilter-1b053a41781f80ffa989c54c391636f6?pvs=4",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.300162",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.300162",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.516790",
"source": "cna@vuldb.com"
},
{
"url": "https://www.dlink.com/",
"source": "cna@vuldb.com"
}
]
}

25
CVE-2025/CVE-2025-292xx/CVE-2025-29214.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2025-29214",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-20T16:15:16.493",
"lastModified": "2025-03-20T16:15:16.493",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Tenda AX12 v22.03.01.46_CN was discovered to contain a stack overflow via the sub_42F69C function at /goform/setMacFilterCfg."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/isstabber/85fe01ed47ad7ef820f86bfbd64a022c",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/isstabber/my_VulnHub/blob/main/Tenda/AX12/tenda_ax12_setMacFilterCfg_stack_overflow_en.pdf",
"source": "cve@mitre.org"
}
]
}

25
CVE-2025/CVE-2025-294xx/CVE-2025-29411.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2025-29411",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-20T15:15:46.050",
"lastModified": "2025-03-20T15:15:46.050",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An arbitrary file upload vulnerability in the Client Profile Update section of Mart Developers iBanking v2.0.0 allows attackers to execute arbitrary code via uploading a crafted PHP file."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/MartMbithi/iBanking/issues/12",
"source": "cve@mitre.org"
},
{
"url": "https://www.simonjuguna.com/cve-2025-29411-authenticated-remote-code-execution-rce-via-arbitrary-file-upload/",
"source": "cve@mitre.org"
}
]
}

2
CVE-2025/CVE-2025-294xx/CVE-2025-29412.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-20T14:15:24.653",
"lastModified": "2025-03-20T14:15:24.653",
"vulnStatus": "Received",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

73
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-03-20T15:00:20.106219+00:00
2025-03-20T17:00:35.896605+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-03-20T14:15:24.653000+00:00
2025-03-20T17:00:02.777000+00:00
```
### Last Data Feed Release
@ -33,50 +33,51 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
286083
286090
```
### CVEs added in the last Commit
Recently added CVEs: `6`
Recently added CVEs: `7`
- [CVE-2024-48590](CVE-2024/CVE-2024-485xx/CVE-2024-48590.json) (`2025-03-20T14:15:20.830`)
- [CVE-2025-0254](CVE-2025/CVE-2025-02xx/CVE-2025-0254.json) (`2025-03-20T14:15:22.493`)
- [CVE-2025-1496](CVE-2025/CVE-2025-14xx/CVE-2025-1496.json) (`2025-03-20T14:15:22.920`)
- [CVE-2025-29101](CVE-2025/CVE-2025-291xx/CVE-2025-29101.json) (`2025-03-20T13:15:36.467`)
- [CVE-2025-29410](CVE-2025/CVE-2025-294xx/CVE-2025-29410.json) (`2025-03-20T14:15:24.540`)
- [CVE-2025-29412](CVE-2025/CVE-2025-294xx/CVE-2025-29412.json) (`2025-03-20T14:15:24.653`)
- [CVE-2024-48591](CVE-2024/CVE-2024-485xx/CVE-2024-48591.json) (`2025-03-20T15:15:43.270`)
- [CVE-2025-23120](CVE-2025/CVE-2025-231xx/CVE-2025-23120.json) (`2025-03-20T16:15:16.380`)
- [CVE-2025-2546](CVE-2025/CVE-2025-25xx/CVE-2025-2546.json) (`2025-03-20T15:15:46.420`)
- [CVE-2025-2547](CVE-2025/CVE-2025-25xx/CVE-2025-2547.json) (`2025-03-20T16:15:16.607`)
- [CVE-2025-2548](CVE-2025/CVE-2025-25xx/CVE-2025-2548.json) (`2025-03-20T16:15:16.810`)
- [CVE-2025-29214](CVE-2025/CVE-2025-292xx/CVE-2025-29214.json) (`2025-03-20T16:15:16.493`)
- [CVE-2025-29411](CVE-2025/CVE-2025-294xx/CVE-2025-29411.json) (`2025-03-20T15:15:46.050`)
### CVEs modified in the last Commit
Recently modified CVEs: `76`
Recently modified CVEs: `66`
- [CVE-2024-7053](CVE-2024/CVE-2024-70xx/CVE-2024-7053.json) (`2025-03-20T14:15:21.553`)
- [CVE-2024-7767](CVE-2024/CVE-2024-77xx/CVE-2024-7767.json) (`2025-03-20T14:15:21.697`)
- [CVE-2024-7773](CVE-2024/CVE-2024-77xx/CVE-2024-7773.json) (`2025-03-20T14:15:21.793`)
- [CVE-2024-8021](CVE-2024/CVE-2024-80xx/CVE-2024-8021.json) (`2025-03-20T14:15:21.883`)
- [CVE-2024-8053](CVE-2024/CVE-2024-80xx/CVE-2024-8053.json) (`2025-03-20T14:15:21.977`)
- [CVE-2024-8101](CVE-2024/CVE-2024-81xx/CVE-2024-8101.json) (`2025-03-20T13:15:36.007`)
- [CVE-2024-8156](CVE-2024/CVE-2024-81xx/CVE-2024-8156.json) (`2025-03-20T14:15:22.073`)
- [CVE-2024-8487](CVE-2024/CVE-2024-84xx/CVE-2024-8487.json) (`2025-03-20T13:15:36.117`)
- [CVE-2024-8556](CVE-2024/CVE-2024-85xx/CVE-2024-8556.json) (`2025-03-20T13:15:36.213`)
- [CVE-2024-8769](CVE-2024/CVE-2024-87xx/CVE-2024-8769.json) (`2025-03-20T13:15:36.303`)
- [CVE-2024-8958](CVE-2024/CVE-2024-89xx/CVE-2024-8958.json) (`2025-03-20T14:15:22.220`)
- [CVE-2024-9612](CVE-2024/CVE-2024-96xx/CVE-2024-9612.json) (`2025-03-20T14:15:22.310`)
- [CVE-2024-9900](CVE-2024/CVE-2024-99xx/CVE-2024-9900.json) (`2025-03-20T14:15:22.403`)
- [CVE-2025-0438](CVE-2025/CVE-2025-04xx/CVE-2025-0438.json) (`2025-03-20T14:15:22.613`)
- [CVE-2025-1066](CVE-2025/CVE-2025-10xx/CVE-2025-1066.json) (`2025-03-20T14:15:22.783`)
- [CVE-2025-1508](CVE-2025/CVE-2025-15xx/CVE-2025-1508.json) (`2025-03-20T13:57:41.123`)
- [CVE-2025-22904](CVE-2025/CVE-2025-229xx/CVE-2025-22904.json) (`2025-03-20T14:15:23.117`)
- [CVE-2025-22912](CVE-2025/CVE-2025-229xx/CVE-2025-22912.json) (`2025-03-20T14:15:23.270`)
- [CVE-2025-22913](CVE-2025/CVE-2025-229xx/CVE-2025-22913.json) (`2025-03-20T14:15:23.423`)
- [CVE-2025-23007](CVE-2025/CVE-2025-230xx/CVE-2025-23007.json) (`2025-03-20T14:15:23.570`)
- [CVE-2025-24201](CVE-2025/CVE-2025-242xx/CVE-2025-24201.json) (`2025-03-20T14:15:23.733`)
- [CVE-2025-24400](CVE-2025/CVE-2025-244xx/CVE-2025-24400.json) (`2025-03-20T14:15:23.903`)
- [CVE-2025-25291](CVE-2025/CVE-2025-252xx/CVE-2025-25291.json) (`2025-03-20T14:15:24.050`)
- [CVE-2025-25292](CVE-2025/CVE-2025-252xx/CVE-2025-25292.json) (`2025-03-20T14:15:24.213`)
- [CVE-2025-26318](CVE-2025/CVE-2025-263xx/CVE-2025-26318.json) (`2025-03-20T14:15:24.353`)
- [CVE-2024-6838](CVE-2024/CVE-2024-68xx/CVE-2024-6838.json) (`2025-03-20T15:15:44.157`)
- [CVE-2024-6848](CVE-2024/CVE-2024-68xx/CVE-2024-6848.json) (`2025-03-20T15:40:08.330`)
- [CVE-2024-7765](CVE-2024/CVE-2024-77xx/CVE-2024-7765.json) (`2025-03-20T15:15:44.283`)
- [CVE-2024-7776](CVE-2024/CVE-2024-77xx/CVE-2024-7776.json) (`2025-03-20T16:15:14.010`)
- [CVE-2024-7806](CVE-2024/CVE-2024-78xx/CVE-2024-7806.json) (`2025-03-20T16:15:14.117`)
- [CVE-2024-8026](CVE-2024/CVE-2024-80xx/CVE-2024-8026.json) (`2025-03-20T16:15:14.220`)
- [CVE-2024-8062](CVE-2024/CVE-2024-80xx/CVE-2024-8062.json) (`2025-03-20T16:15:14.310`)
- [CVE-2024-8400](CVE-2024/CVE-2024-84xx/CVE-2024-8400.json) (`2025-03-20T16:15:14.417`)
- [CVE-2024-8501](CVE-2024/CVE-2024-85xx/CVE-2024-8501.json) (`2025-03-20T15:15:44.657`)
- [CVE-2024-8524](CVE-2024/CVE-2024-85xx/CVE-2024-8524.json) (`2025-03-20T15:15:44.790`)
- [CVE-2024-8736](CVE-2024/CVE-2024-87xx/CVE-2024-8736.json) (`2025-03-20T16:15:14.520`)
- [CVE-2024-8952](CVE-2024/CVE-2024-89xx/CVE-2024-8952.json) (`2025-03-20T16:15:14.620`)
- [CVE-2024-8966](CVE-2024/CVE-2024-89xx/CVE-2024-8966.json) (`2025-03-20T16:15:14.727`)
- [CVE-2024-8998](CVE-2024/CVE-2024-89xx/CVE-2024-8998.json) (`2025-03-20T16:15:14.823`)
- [CVE-2025-0185](CVE-2025/CVE-2025-01xx/CVE-2025-0185.json) (`2025-03-20T15:15:44.933`)
- [CVE-2025-0254](CVE-2025/CVE-2025-02xx/CVE-2025-0254.json) (`2025-03-20T15:15:45.030`)
- [CVE-2025-0313](CVE-2025/CVE-2025-03xx/CVE-2025-0313.json) (`2025-03-20T16:15:14.923`)
- [CVE-2025-0453](CVE-2025/CVE-2025-04xx/CVE-2025-0453.json) (`2025-03-20T16:15:15.017`)
- [CVE-2025-0655](CVE-2025/CVE-2025-06xx/CVE-2025-0655.json) (`2025-03-20T16:15:15.167`)
- [CVE-2025-1040](CVE-2025/CVE-2025-10xx/CVE-2025-1040.json) (`2025-03-20T16:15:15.267`)
- [CVE-2025-22905](CVE-2025/CVE-2025-229xx/CVE-2025-22905.json) (`2025-03-20T16:15:15.713`)
- [CVE-2025-22957](CVE-2025/CVE-2025-229xx/CVE-2025-22957.json) (`2025-03-20T16:15:16.223`)
- [CVE-2025-24200](CVE-2025/CVE-2025-242xx/CVE-2025-24200.json) (`2025-03-20T15:15:45.357`)
- [CVE-2025-24201](CVE-2025/CVE-2025-242xx/CVE-2025-24201.json) (`2025-03-20T15:15:45.627`)
- [CVE-2025-29412](CVE-2025/CVE-2025-294xx/CVE-2025-29412.json) (`2025-03-20T14:15:24.653`)
## Download and Usage

297
_state.csv
View File

File diff suppressed because it is too large Load Diff