admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-06-18T10:00:22.564295+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-06-18 10:04:01 +00:00
parent 08725974cb
commit 3dd99cd98b
5 changed files with 179 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
CVE-2022/CVE-2022-14xx/CVE-2022-1471.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-1471",
"sourceIdentifier": "cve-coordination@google.com",
"published": "2022-12-01T11:15:10.553",
"lastModified": "2025-02-13T17:15:35.627",
"lastModified": "2025-06-18T09:15:47.243",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -116,6 +116,10 @@
"Third Party Advisory"
]
},
{
"url": "https://confluence.atlassian.com/security/cve-2022-1471-snakeyaml-library-rce-vulnerability-in-multiple-products-1296171009.html",
"source": "cve-coordination@google.com"
},
{
"url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2",
"source": "cve-coordination@google.com",
@ -136,6 +140,10 @@
"url": "https://groups.google.com/g/kubernetes-security-announce/c/mwrakFaEdnc",
"source": "cve-coordination@google.com"
},
{
"url": "https://infosecwriteups.com/%EF%B8%8F-inside-the-160-comment-fight-to-fix-snakeyamls-rce-default-1a20c5ca4d4c",
"source": "cve-coordination@google.com"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230818-0015/",
"source": "cve-coordination@google.com"

76
CVE-2025/CVE-2025-15xx/CVE-2025-1562.json Normal file
View File

@ -0,0 +1,76 @@
{
"id": "CVE-2025-1562",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-06-18T08:15:28.987",
"lastModified": "2025-06-18T08:15:28.987",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the install_or_activate_addon_plugins() function and a weak nonce hash in all versions up to, and including, 3.5.3. This makes it possible for unauthenticated attackers to install arbitrary plugins on the site that can be leveraged to further infect a vulnerable site."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wp-marketing-automations/tags/2.5.0/includes/api/plugin_status/class-bwfan-api-install-and-activate-plugin.php",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/wp-marketing-automations/tags/2.5.0/includes/class-bwfan-db.php#L153",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3305437/wp-marketing-automations/trunk/admin/class-bwfan-admin.php",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3305437/wp-marketing-automations/trunk/includes/abstracts/class-bwfan-api-base.php",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3305437/wp-marketing-automations/trunk/includes/class-bwfan-api-loader.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/094972e6-7e02-4060-b069-e39c8cde9331?source=cve",
"source": "security@wordfence.com"
}
]
}

82
CVE-2025/CVE-2025-59xx/CVE-2025-5981.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2025-5981",
"sourceIdentifier": "cve-coordination@google.com",
"published": "2025-06-18T09:15:47.660",
"lastModified": "2025-06-18T09:15:47.660",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Arbitrary file write as the OSV-SCALIBR user on the host system via a path traversal vulnerability when using OSV-SCALIBR's unpack()\u00a0function for container images. Particularly, when using the CLI flag --remote-image\u00a0on untrusted container images."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cve-coordination@google.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:L/VA:N/SC:H/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"privilegesRequired": "LOW",
"userInteraction": "ACTIVE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "LOW",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "cve-coordination@google.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"references": [
{
"url": "https://github.com/google/osv-scalibr/commit/2444419b1818c2d6917fc3394c947fb3276e9d59",
"source": "cve-coordination@google.com"
},
{
"url": "https://github.com/google/osv-scalibr/releases/tag/v0.1.8",
"source": "cve-coordination@google.com"
}
]
}

14
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-06-18T08:00:19.429631+00:00
2025-06-18T10:00:22.564295+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-06-18T06:15:28.397000+00:00
2025-06-18T09:15:47.660000+00:00
```
### Last Data Feed Release
@ -33,20 +33,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
298258
298260
```
### CVEs added in the last Commit
Recently added CVEs: `1`
Recently added CVEs: `2`
- [CVE-2025-4955](CVE-2025/CVE-2025-49xx/CVE-2025-4955.json) (`2025-06-18T06:15:28.397`)
- [CVE-2025-1562](CVE-2025/CVE-2025-15xx/CVE-2025-1562.json) (`2025-06-18T08:15:28.987`)
- [CVE-2025-5981](CVE-2025/CVE-2025-59xx/CVE-2025-5981.json) (`2025-06-18T09:15:47.660`)
### CVEs modified in the last Commit
Recently modified CVEs: `0`
Recently modified CVEs: `1`
- [CVE-2022-1471](CVE-2022/CVE-2022-14xx/CVE-2022-1471.json) (`2025-06-18T09:15:47.243`)
## Download and Usage

6
_state.csv
View File

@ -189355,7 +189355,7 @@ CVE-2022-1467,0,0,4244fa85c07ce188281e2e68274dd3b1bddab19e609dae2da2a3f3e391a8c6
CVE-2022-1468,0,0,bc78f55881e01a6f023eb4f4498c5c9bb9f5e7012eb94752fc063ff4f1a2c8ec,2024-11-21T06:40:46.943000
CVE-2022-1469,0,0,7ffd0498f3a2f922b0a02ebb6229d13a6432911e6e35206695c7945f0a722e6f,2024-11-21T06:40:47.090000
CVE-2022-1470,0,0,5642de4bd55e594f5d5abdf5e790ace17eef364ea96e290fe8852a1dc073b82b,2024-11-21T06:40:47.200000
CVE-2022-1471,0,0,4b4d510bf4f68ae2ddf057d32e8bb808db4e78574a4a26fa59d0294cff7a9a25,2025-02-13T17:15:35.627000
CVE-2022-1471,0,1,07739a2dcf41438b07c0afd9039ff02073b4078d37371735ea774aea38fda7e4,2025-06-18T09:15:47.243000
CVE-2022-1472,0,0,edb7e07a336c37fb964f0f209addd02630616647aaef0a97f2f250f838db2840,2024-11-21T06:40:47.477000
CVE-2022-1473,0,0,651f93b93ece2974f85deec109efd4323f7342c6df9846e3248acb59b12b31d0,2025-05-05T17:17:34.867000
CVE-2022-1474,0,0,b5586935a38e326f7385281cad87b285bdb53d4974e14a2e5d208fb1689388fa,2024-11-21T06:40:47.740000
@ -283670,6 +283670,7 @@ CVE-2025-1558,0,0,c78589d5810333dd5b267c981b16d0ba3ae44b98790279ca9bbe06e61569b3
CVE-2025-1559,0,0,709a243835f3c6ce0779a28711cc25be41f0a8c4f301b124730fe9903567f95d,2025-03-13T02:15:12.917000
CVE-2025-1560,0,0,5806fdd5d9f8e8a09704d33fd8caadc121e4fbb048f372fad8d43065a1e4a103,2025-03-06T16:15:42.753000
CVE-2025-1561,0,0,33a657fb8a4122eef68e03cf0206d7dfa8ce683bdf001162cf57406315521345,2025-05-26T02:14:52.170000
CVE-2025-1562,1,1,2f1a546af7a9e680b6e9e17b545c2838e9905defeb3d99dd716116f7fa0d1e2e,2025-06-18T08:15:28.987000
CVE-2025-1564,0,0,9d62e5431da133f133499b29bcb96aa13e41c1b673396891299a0b15aab9c828,2025-03-01T08:15:34.007000
CVE-2025-1565,0,0,35456b68df2d2d86ef4d0fb4554495a75d56271b6d28363288295dec6a61577e,2025-04-29T13:52:28.490000
CVE-2025-1566,0,0,b62614d5a9b64c7c70aa72ecefcdd1eced14936f4f2bd9f2f3dab198c8a80ced,2025-05-06T01:15:50.030000
@ -297315,7 +297316,7 @@ CVE-2025-4951,0,0,8d2965f90ffa46a261e1b06cd533aeb358abbd5115dc1f57a5b34acf12ab58
CVE-2025-49510,0,0,3bb8122e36ad249db39449b81c1d9bb5005e0826a2addc079025211cebc0dc64,2025-06-12T16:06:39.330000
CVE-2025-49511,0,0,5857ce4f5934ac8d4eab419d1a69fa9027dcf280ff9a1fb08e4e3e1a5703ab2f,2025-06-12T16:06:39.330000
CVE-2025-4954,0,0,1ec01516c4567931b4ffc24e86d8b1eee9006bb52ce75acce1cd554027fb1f48,2025-06-12T16:06:39.330000
CVE-2025-4955,1,1,962cee29f822d69a2f21c0606639ab24445601b1ed0ade1b93280fab766be82f,2025-06-18T06:15:28.397000
CVE-2025-4955,0,0,962cee29f822d69a2f21c0606639ab24445601b1ed0ade1b93280fab766be82f,2025-06-18T06:15:28.397000
CVE-2025-49575,0,0,5239212f6088f8e9f5d72981748315013281ee63030d12ad53f604f56fb5ce0a,2025-06-16T12:32:18.840000
CVE-2025-49576,0,0,d91dc4671dcd271f2349061a8890351137f780e1115b96e716a0a31c8aba01ac,2025-06-16T12:32:18.840000
CVE-2025-49577,0,0,28aa0b942534a5a538c80dbb8b7460e9323fd7179a5e937d1ba2f1eb56bd16ad,2025-06-16T12:32:18.840000
@ -298134,6 +298135,7 @@ CVE-2025-5977,0,0,f1be6f85f13503775c495ea6cc25e73f56acbe00f921f8b9bd047e78e8e954
CVE-2025-5978,0,0,0dead1a357778d240f3ef63e07a94108270bf41eaba57dcb5df97505742c3c80,2025-06-12T16:06:29.520000
CVE-2025-5979,0,0,62f87aab912999e1a8c01e4f2d3083fff610fe2dfce4896415cd0de1f9a17fa5,2025-06-16T15:00:09.443000
CVE-2025-5980,0,0,8af030447f54b16e451333aa706668a1da67e0c666b6c363521b0e8683bf238c,2025-06-16T14:52:30.557000
CVE-2025-5981,1,1,e4c58eb43ea09829bebd1a1cdae851d0a5fba24a5d716fd4703c47abbdf8bb60,2025-06-18T09:15:47.660000
CVE-2025-5982,0,0,d9487128b71b64381d82a652f7a1122df97e22510aec0c066c9d874bcd0cf999,2025-06-16T12:32:18.840000
CVE-2025-5984,0,0,9c065cc4f1bf71f29d217205fa1a3017b01589309492c87e21e29320e0443497,2025-06-17T20:34:36.177000
CVE-2025-5985,0,0,6bc7c20833bbb87d89e08ff2c433a1431f6002ad9972fe39c1f3aa9dac9d18ca,2025-06-17T20:34:19.473000

Can't render this file because it is too large.