admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-06-01T18:00:20.483231+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-06-01 18:03:57 +00:00
parent 1f4014d741
commit 40f6a7ca36
4 changed files with 289 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

141
CVE-2025/CVE-2025-54xx/CVE-2025-5403.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-5403",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-01T16:15:20.210",
"lastModified": "2025-06-01T16:15:20.210",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513. This affects an unknown part of the file /admin/view_all_posts.php of the component GET Parameter Handler. The manipulation of the argument post_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 6.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/rllvusgnzm98/Report/blob/main/blogbook/BlogBook%20posts.php%20delete_post%20delete%20Parameter%20SQL%20Injection.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.310743",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.310743",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.582910",
"source": "cna@vuldb.com"
}
]
}

137
CVE-2025/CVE-2025-54xx/CVE-2025-5404.json Normal file
View File

@ -0,0 +1,137 @@
{
"id": "CVE-2025-5404",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-01T17:15:20.377",
"lastModified": "2025-06-01T17:15:20.377",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513. This vulnerability affects unknown code of the file /search.php of the component GET Parameter Handler. The manipulation of the argument Search leads to denial of service. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P",
"baseScore": 2.9,
"accessVector": "ADJACENT_NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "LOW",
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-404"
}
]
}
],
"references": [
{
"url": "https://github.com/rllvusgnzm98/Report/blob/main/blogbook/BlogBook%20search.php%20search%20Parameter%20SQL%20Injection.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.310744",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.310744",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.582915",
"source": "cna@vuldb.com"
}
]
}

13
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-06-01T16:00:18.783958+00:00
2025-06-01T18:00:20.483231+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-06-01T14:15:21.250000+00:00
2025-06-01T17:15:20.377000+00:00
```
### Last Data Feed Release
@ -33,22 +33,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
296132
296134
```
### CVEs added in the last Commit
Recently added CVEs: `2`
- [CVE-2025-40908](CVE-2025/CVE-2025-409xx/CVE-2025-40908.json) (`2025-06-01T14:15:21.113`)
- [CVE-2025-5402](CVE-2025/CVE-2025-54xx/CVE-2025-5402.json) (`2025-06-01T14:15:21.250`)
- [CVE-2025-5403](CVE-2025/CVE-2025-54xx/CVE-2025-5403.json) (`2025-06-01T16:15:20.210`)
- [CVE-2025-5404](CVE-2025/CVE-2025-54xx/CVE-2025-5404.json) (`2025-06-01T17:15:20.377`)
### CVEs modified in the last Commit
Recently modified CVEs: `1`
Recently modified CVEs: `0`
- [CVE-2022-37620](CVE-2022/CVE-2022-376xx/CVE-2022-37620.json) (`2025-06-01T14:15:19.937`)
## Download and Usage

8
_state.csv
View File

@ -204889,7 +204889,7 @@ CVE-2022-37614,0,0,a85fca31222920750d1091b8b9cfe29d6feacef0ecdd9750f44511b893fe0
CVE-2022-37616,0,0,9fb82a71c6346fae8e09383e86759101e3d762f5adb7467b9234a9ac6e38c6ad,2024-11-21T07:15:03.297000
CVE-2022-37617,0,0,a9832226abcb13512b3fbd4b47827899ac2094aebb9c293ae6456ae7752abc1b,2024-11-21T07:15:03.490000
CVE-2022-3762,0,0,36ecff47d441eb5342a5789a4073d9c542411a6e19335a22295ca559e6e2d286,2025-04-30T16:15:25.697000
CVE-2022-37620,0,1,cb7fd2c3ecf9b479a21148fc1bd9beb08cf23bd5ab6e149f6f003fa75e69d632,2025-06-01T14:15:19.937000
CVE-2022-37620,0,0,cb7fd2c3ecf9b479a21148fc1bd9beb08cf23bd5ab6e149f6f003fa75e69d632,2025-06-01T14:15:19.937000
CVE-2022-37621,0,0,dfae1deb44aefb49bee1ddfbc44023fca6db16c651f59f056177fa03ba3ad0f7,2025-05-07T15:15:52.987000
CVE-2022-37623,0,0,c209249aef4a7760a1114dd31b7ba9538a67f2fb9631ebc7a86629e48815ef1e,2025-05-06T16:15:23.547000
CVE-2022-3763,0,0,d63559d4ec8308a4c26065bd6010b775b534980f7fa845f56ae956975c6dc29c,2025-04-30T16:15:25.897000
@ -293863,7 +293863,7 @@ CVE-2025-4089,0,0,505a4df56497bc3e08f2e58439684c838786761a96bd4da3f2b0e37b4fa97e
CVE-2025-4090,0,0,7f9eabb4ad6772523e0c5f0a270166b4617494fcbb3075e75cc2736a0fa15b02,2025-05-09T19:32:34.333000
CVE-2025-40906,0,0,3bcd0a99f567a8c8c8c888444bf8652ce672ff26763dd9562ab4be9a1279c017,2025-05-19T13:35:50.497000
CVE-2025-40907,0,0,02479ee238b9c2c4380d00bd9d3c9ee05adf00f8c7961fd6f9263c931d94c687,2025-05-16T16:15:41.590000
CVE-2025-40908,1,1,c44cfeeef6d66b76589d2ba6197e0366b615837a8f47723010484949715bf8dd,2025-06-01T14:15:21.113000
CVE-2025-40908,0,0,c44cfeeef6d66b76589d2ba6197e0366b615837a8f47723010484949715bf8dd,2025-06-01T14:15:21.113000
CVE-2025-40909,0,0,18728e90d02bd071d5442765be38f7f39285eeeb0496c2d4d452027e8589c68c,2025-05-31T01:15:20.217000
CVE-2025-4091,0,0,798a4cccfe2006913bea941ae05240fec836c7335fe01bd824f887f2a82ba4a5,2025-05-09T19:32:09.470000
CVE-2025-40911,0,0,fcf4deedf6cc79e67d521479df45c4b1f5ac81bf8605fcf0e3b318f0c121b089,2025-05-28T15:01:30.720000
@ -296130,4 +296130,6 @@ CVE-2025-5389,0,0,68044e5d3eafac14b5d7e70a6caaf6aae1f9189ac1ca75a8a2d835118d2e23
CVE-2025-5390,0,0,0f629e4c27390d24dda33cd6f2a84059798e0729af2f4b3390ee9b19adbf5b3c,2025-05-31T19:15:20.920000
CVE-2025-5400,0,0,fe01393dd37daa6c23ecaf9e51bb54a4c056222d37464215e4f315a31a579145,2025-06-01T09:15:20.557000
CVE-2025-5401,0,0,8433685660b004747f431385bfa82a6189c723295da55ac29b74b0b3bf48dbf9,2025-06-01T13:15:19.893000
CVE-2025-5402,1,1,9694b334c23a68c74cc55de6d7283e4de098e350c54b310eb741600c94155b07,2025-06-01T14:15:21.250000
CVE-2025-5402,0,0,9694b334c23a68c74cc55de6d7283e4de098e350c54b310eb741600c94155b07,2025-06-01T14:15:21.250000
CVE-2025-5403,1,1,83baa46570f5d87da0a2e97708810137cf2af6a5dac4da69e59d187d8f9d4ceb,2025-06-01T16:15:20.210000
CVE-2025-5404,1,1,dda9b8704e2665dad57cfd2dcbb9beed266349f21c801a08c6a8e181d60a3e53,2025-06-01T17:15:20.377000

Can't render this file because it is too large.