Auto-Update: 2025-05-11T06:00:19.830179+00:00

2025-06-01 03:01:36 +00:00 · 2025-05-11 06:03:54 +00:00 · 2025-05-11 06:03:54 +00:00 · 42029eee9b
commit 42029eee9b
parent 0159969e2e
4 changed files with 285 additions and 10 deletions
--- a/CVE-2025/CVE-2025-45xx/CVE-2025-4529.json
+++ b/CVE-2025/CVE-2025-45xx/CVE-2025-4529.json
@ -0,0 +1,137 @@
+{
+  "id": "CVE-2025-4529",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2025-05-11T04:15:17.933",
+  "lastModified": "2025-05-11T04:15:17.933",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability was found in Seeyon Zhiyuan OA Web Application System 8.1 SP2. It has been classified as problematic. Affected is the function Download of the file seeyon\\opt\\Seeyon\\A8\\ApacheJetspeed\\webapps\\seeyon\\WEB-INF\\lib\\seeyon-apps-m3.jar!\\com\\seeyon\\apps\\m3\\core\\controller\\M3CoreController.class of the component ZIP File Handler. The manipulation of the argument Name leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "vulnConfidentialityImpact": "LOW",
+          "vulnIntegrityImpact": "NONE",
+          "vulnAvailabilityImpact": "NONE",
+          "subConfidentialityImpact": "NONE",
+          "subIntegrityImpact": "NONE",
+          "subAvailabilityImpact": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirement": "NOT_DEFINED",
+          "integrityRequirement": "NOT_DEFINED",
+          "availabilityRequirement": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
+          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
+          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
+          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
+          "modifiedSubIntegrityImpact": "NOT_DEFINED",
+          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
+          "Safety": "NOT_DEFINED",
+          "Automatable": "NOT_DEFINED",
+          "Recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
+          "baseScore": 4.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 1.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
+          "baseScore": 4.0,
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE"
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 2.9,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-22"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://vuldb.com/?ctiid.308274",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.308274",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.565379",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://wx.mail.qq.com/s?k=h3jd6HR4UnUJxQZ0RG",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/CVE-2025/CVE-2025-45xx/CVE-2025-4530.json
+++ b/CVE-2025/CVE-2025-45xx/CVE-2025-4530.json
@ -0,0 +1,137 @@
+{
+  "id": "CVE-2025-4530",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2025-05-11T05:15:16.167",
+  "lastModified": "2025-05-11T05:15:16.167",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability was found in feng_ha_ha/megagao ssm-erp and production_ssm 1.0. It has been declared as problematic. Affected by this vulnerability is the function handleFileDownload of the file FileController.java of the component File Handler. The manipulation leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product is distributed under two entirely different names."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "vulnConfidentialityImpact": "LOW",
+          "vulnIntegrityImpact": "NONE",
+          "vulnAvailabilityImpact": "NONE",
+          "subConfidentialityImpact": "NONE",
+          "subIntegrityImpact": "NONE",
+          "subAvailabilityImpact": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirement": "NOT_DEFINED",
+          "integrityRequirement": "NOT_DEFINED",
+          "availabilityRequirement": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
+          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
+          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
+          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
+          "modifiedSubIntegrityImpact": "NOT_DEFINED",
+          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
+          "Safety": "NOT_DEFINED",
+          "Automatable": "NOT_DEFINED",
+          "Recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
+          "baseScore": 4.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 1.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
+          "baseScore": 4.0,
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE"
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 2.9,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-22"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/Hao-Ni/CVE/issues/2",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.308275",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.308275",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.565380",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2025-05-11T04:00:19.892173+00:00
+2025-05-11T06:00:19.830179+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2025-05-11T03:15:24.970000+00:00
+2025-05-11T05:15:16.167000+00:00
 ```

 ### Last Data Feed Release
@ -33,16 +33,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-293396
+293398
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `3`
+Recently added CVEs: `2`

- [CVE-2025-4527](CVE-2025/CVE-2025-45xx/CVE-2025-4527.json) (`2025-05-11T03:15:24.740`)
- [CVE-2025-4528](CVE-2025/CVE-2025-45xx/CVE-2025-4528.json) (`2025-05-11T03:15:24.970`)
- [CVE-2025-47828](CVE-2025/CVE-2025-478xx/CVE-2025-47828.json) (`2025-05-11T03:15:23.533`)
+- [CVE-2025-4529](CVE-2025/CVE-2025-45xx/CVE-2025-4529.json) (`2025-05-11T04:15:17.933`)
+- [CVE-2025-4530](CVE-2025/CVE-2025-45xx/CVE-2025-4530.json) (`2025-05-11T05:15:16.167`)


 ### CVEs modified in the last Commit
--- a/_state.csv
+++ b/_state.csv
@ -292850,8 +292850,10 @@ CVE-2025-45242,0,0,36f934926e07ba7e9332b5541f124f03a9edff59fec5fdafed956a62eb096
 CVE-2025-4525,0,0,cbf81012f441fc799b923162eaee6580b3d908051b527f5ebbd82a2aa7363e56,2025-05-10T23:15:51.507000
 CVE-2025-45250,0,0,1295737dd945a4b775ec304e443102ab54877a6f262027aa1c35545a3ea136c4,2025-05-07T14:13:20.483000
 CVE-2025-4526,0,0,a0b65c289eddc51c6e82accf9f64f157f0bb5e06d23a42d299723265b30ca613,2025-05-11T01:15:52
-CVE-2025-4527,1,1,9a42b2c179bab100ee82ea40a786f813b1b8f2646af489a258a95e4cd4888bbd,2025-05-11T03:15:24.740000
-CVE-2025-4528,1,1,038f679c4a0c3cbc8e46d5b6eb315c67ddab96b6440217480189eac1c8413212,2025-05-11T03:15:24.970000
+CVE-2025-4527,0,0,9a42b2c179bab100ee82ea40a786f813b1b8f2646af489a258a95e4cd4888bbd,2025-05-11T03:15:24.740000
+CVE-2025-4528,0,0,038f679c4a0c3cbc8e46d5b6eb315c67ddab96b6440217480189eac1c8413212,2025-05-11T03:15:24.970000
+CVE-2025-4529,1,1,c7eed7b7a4616af0d318360f1dff0045255efd951e9d5537254bac075fe5f7e7,2025-05-11T04:15:17.933000
+CVE-2025-4530,1,1,fa49e11c9c49f82a07bde719ffb569fa00c38fd3d046650678813ef0d0eb6c67,2025-05-11T05:15:16.167000
 CVE-2025-45320,0,0,15b1e7dbf377c6ff7a6cbe854637c867075861d87b6f352a54c30f4edc9bfdbe,2025-05-07T16:39:37.977000
 CVE-2025-45321,0,0,9227564f6386651a6df0923ea8fb2c1e9f2a2f4487dcf05f9020b166648d7fdc,2025-05-07T16:39:53.170000
 CVE-2025-45322,0,0,bd98baac9032c4924e89f536321099d3c4e9b0a26b0e91693b82dcae0f7fc3be,2025-05-07T16:40:08.760000
@ -293394,4 +293396,4 @@ CVE-2025-47814,0,0,ffd0024ffb189fd45887021877c285a4f648a6b7cb90849b4fd47c42977b8
 CVE-2025-47815,0,0,180ce3970ec7333a438812101e55e84ed2411f32cd92ce2f6665a9a08fbf47e0,2025-05-10T22:15:20.357000
 CVE-2025-47816,0,0,26d3c17704942f9d96d7fade9234e2c434089a00d2636abd8457bf0135ccb970,2025-05-10T22:15:20.507000
 CVE-2025-47817,0,0,0f3240acb6f03cd8454d04fa3fe44409d42109dce50314e733278d1f20ae6076,2025-05-10T22:15:20.657000
-CVE-2025-47828,1,1,65bbf55d6a31df279b36e86e5c89e24f09a1f94d0cefbf6019492965915f94b5,2025-05-11T03:15:23.533000
+CVE-2025-47828,0,0,65bbf55d6a31df279b36e86e5c89e24f09a1f94d0cefbf6019492965915f94b5,2025-05-11T03:15:23.533000