From 47ad63fd59478f26d9d3c486bae9153d394d0672 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Sat, 1 Feb 2025 09:03:49 +0000 Subject: [PATCH] Auto-Update: 2025-02-01T09:00:20.615481+00:00 --- CVE-2024/CVE-2024-118xx/CVE-2024-11829.json | 68 +++++++++++++++++++++ CVE-2024/CVE-2024-128xx/CVE-2024-12825.json | 60 ++++++++++++++++++ CVE-2024/CVE-2024-133xx/CVE-2024-13341.json | 60 ++++++++++++++++++ CVE-2024/CVE-2024-133xx/CVE-2024-13371.json | 64 +++++++++++++++++++ CVE-2024/CVE-2024-133xx/CVE-2024-13372.json | 60 ++++++++++++++++++ CVE-2024/CVE-2024-134xx/CVE-2024-13425.json | 60 ++++++++++++++++++ CVE-2024/CVE-2024-134xx/CVE-2024-13428.json | 60 ++++++++++++++++++ CVE-2024/CVE-2024-134xx/CVE-2024-13429.json | 60 ++++++++++++++++++ CVE-2025/CVE-2025-09xx/CVE-2025-0939.json | 60 ++++++++++++++++++ CVE-2025/CVE-2025-230xx/CVE-2025-23091.json | 44 +++++++++++++ README.md | 27 ++++---- _state.csv | 28 ++++++--- 12 files changed, 629 insertions(+), 22 deletions(-) create mode 100644 CVE-2024/CVE-2024-118xx/CVE-2024-11829.json create mode 100644 CVE-2024/CVE-2024-128xx/CVE-2024-12825.json create mode 100644 CVE-2024/CVE-2024-133xx/CVE-2024-13341.json create mode 100644 CVE-2024/CVE-2024-133xx/CVE-2024-13371.json create mode 100644 CVE-2024/CVE-2024-133xx/CVE-2024-13372.json create mode 100644 CVE-2024/CVE-2024-134xx/CVE-2024-13425.json create mode 100644 CVE-2024/CVE-2024-134xx/CVE-2024-13428.json create mode 100644 CVE-2024/CVE-2024-134xx/CVE-2024-13429.json create mode 100644 CVE-2025/CVE-2025-09xx/CVE-2025-0939.json create mode 100644 CVE-2025/CVE-2025-230xx/CVE-2025-23091.json diff --git a/CVE-2024/CVE-2024-118xx/CVE-2024-11829.json b/CVE-2024/CVE-2024-118xx/CVE-2024-11829.json new file mode 100644 index 00000000000..8c047485be6 --- /dev/null +++ b/CVE-2024/CVE-2024-118xx/CVE-2024-11829.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2024-11829", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-01T07:15:06.940", + "lastModified": "2025-02-01T07:15:06.940", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The The Plus Addons for Elementor \u2013 Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Table Widget's searchable_label parameter in all versions up to, and including, 6.1.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3207945/the-plus-addons-for-elementor-page-builder/tags/6.1.2/modules/widgets/tp_table.php?old=3207456&old_path=the-plus-addons-for-elementor-page-builder%2Ftags%2F6.1.1%2Fmodules%2Fwidgets%2Ftp_table.php", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3218225/the-plus-addons-for-elementor-page-builder/tags/6.1.4/modules/widgets/tp_table.php?old=3212455&old_path=the-plus-addons-for-elementor-page-builder%2Ftags%2F6.1.3%2Fmodules%2Fwidgets%2Ftp_table.php", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?old_path=/the-plus-addons-for-elementor-page-builder/tags/6.1.8&new_path=/the-plus-addons-for-elementor-page-builder/tags/6.2.0&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/edf62f82-448a-4ed8-8d4b-7215223494cb?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-128xx/CVE-2024-12825.json b/CVE-2024/CVE-2024-128xx/CVE-2024-12825.json new file mode 100644 index 00000000000..a73c692e0a4 --- /dev/null +++ b/CVE-2024/CVE-2024-128xx/CVE-2024-12825.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-12825", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-01T08:15:07.337", + "lastModified": "2025-02-01T08:15:07.337", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Custom Related Posts plugin for WordPress is vulnerable to unauthorized access & modification of data due to a missing capability check on three AJAX actions in all versions up to, and including, 1.7.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to search posts and link/unlink relations." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3226283%40custom-related-posts&new=3226283%40custom-related-posts&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/40ba98a0-2193-4201-8370-34fd438dadb3?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-133xx/CVE-2024-13341.json b/CVE-2024/CVE-2024-133xx/CVE-2024-13341.json new file mode 100644 index 00000000000..60498f78bf3 --- /dev/null +++ b/CVE-2024/CVE-2024-133xx/CVE-2024-13341.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-13341", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-01T07:15:07.900", + "lastModified": "2025-02-01T07:15:07.900", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The MultiLoca - WooCommerce Multi Locations Inventory Management plugin for WordPress is vulnerable to SQL Injection via the 'data-id' parameter in all versions up to, and including, 4.1.11 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://codecanyon.net/item/woocommerce-multi-locations-inventory-management/28949586", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8bb172cc-b7a6-401d-a246-1918702d654d?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-133xx/CVE-2024-13371.json b/CVE-2024/CVE-2024-133xx/CVE-2024-13371.json new file mode 100644 index 00000000000..5bd3a1a6227 --- /dev/null +++ b/CVE-2024/CVE-2024-133xx/CVE-2024-13371.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-13371", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-01T08:15:08.567", + "lastModified": "2025-02-01T08:15:08.567", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The WP Job Portal \u2013 A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to unauthorized arbitrary emails sending due to a missing capability check on the sendEmailToJobSeeker() function in all versions up to, and including, 2.2.6. This makes it possible for unauthenticated attackers to send arbitrary emails with arbitrary content from the sites mail server." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://gist.github.com/g1-nhantv/31b04bc057046ecc54c3552387eb7bca", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3229608/wp-job-portal/tags/2.2.7/modules/jobapply/model.php?old=3216415&old_path=wp-job-portal%2Ftags%2F2.2.6%2Fmodules%2Fjobapply%2Fmodel.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a84a4c56-a44e-450d-91fc-024f8ddeedee?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-133xx/CVE-2024-13372.json b/CVE-2024/CVE-2024-133xx/CVE-2024-13372.json new file mode 100644 index 00000000000..67bd390e4b3 --- /dev/null +++ b/CVE-2024/CVE-2024-133xx/CVE-2024-13372.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-13372", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-01T08:15:09.020", + "lastModified": "2025-02-01T08:15:09.020", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The WP Job Portal \u2013 A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.6 via the getresumefiledownloadbyid() and getallresumefiles() functions due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to download users resumes without the appropriate authorization to do so." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-639" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3229608/wp-job-portal/tags/2.2.7/modules/resume/controller.php?old=3216415&old_path=wp-job-portal%2Ftags%2F2.2.6%2Fmodules%2Fresume%2Fcontroller.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e00e65ba-db58-4d13-8cb3-c4d62a2553fb?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-134xx/CVE-2024-13425.json b/CVE-2024/CVE-2024-134xx/CVE-2024-13425.json new file mode 100644 index 00000000000..e305978e9ff --- /dev/null +++ b/CVE-2024/CVE-2024-134xx/CVE-2024-13425.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-13425", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-01T08:15:09.483", + "lastModified": "2025-02-01T08:15:09.483", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The WP Job Portal \u2013 A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.6 via the enforcedelete() function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Employer-level access and above, to delete other users companies." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-639" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3229608/wp-job-portal/tags/2.2.7/modules/company/controller.php?old=3216415&old_path=wp-job-portal%2Ftags%2F2.2.6%2Fmodules%2Fcompany%2Fcontroller.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a14e110f-0850-44f4-8de3-95a654096ae8?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-134xx/CVE-2024-13428.json b/CVE-2024/CVE-2024-134xx/CVE-2024-13428.json new file mode 100644 index 00000000000..72a49373675 --- /dev/null +++ b/CVE-2024/CVE-2024-134xx/CVE-2024-13428.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-13428", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-01T08:15:09.910", + "lastModified": "2025-02-01T08:15:09.910", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The WP Job Portal \u2013 A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.6 via the deleteCompanyLogo() due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to delete arbitrary company logos." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-639" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3229608/wp-job-portal/tags/2.2.7/modules/company/model.php?old=3216415&old_path=wp-job-portal%2Ftags%2F2.2.6%2Fmodules%2Fcompany%2Fmodel.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a7c786fe-898e-4478-97b9-c1fb41c9081c?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-134xx/CVE-2024-13429.json b/CVE-2024/CVE-2024-134xx/CVE-2024-13429.json new file mode 100644 index 00000000000..9f756452c86 --- /dev/null +++ b/CVE-2024/CVE-2024-134xx/CVE-2024-13429.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-13429", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-01T08:15:10.340", + "lastModified": "2025-02-01T08:15:10.340", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The WP Job Portal \u2013 A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.6 via the 'jobenforcedelete' due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with employer-level access and above, to delete arbitrary" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-639" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3229608/wp-job-portal/tags/2.2.7/modules/job/controller.php?old=3216415&old_path=wp-job-portal%2Ftags%2F2.2.6%2Fmodules%2Fjob%2Fcontroller.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9cbce69a-53d0-4b83-9b7a-893a6b9c39c4?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-09xx/CVE-2025-0939.json b/CVE-2025/CVE-2025-09xx/CVE-2025-0939.json new file mode 100644 index 00000000000..fb82ae16941 --- /dev/null +++ b/CVE-2025/CVE-2025-09xx/CVE-2025-0939.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-0939", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-01T07:15:08.097", + "lastModified": "2025-02-01T07:15:08.097", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The MagicForm plugin for WordPress is vulnerable to access and modification of data due to a missing capability check on the plugin's AJAX actions in all versions up to, and including, 1.6.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to invoke those actions in order to delete or view logs, modify forms or modify plugin settings." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/magicform/trunk/admin/admin-menu.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/aa3497ae-7f3a-4e67-ad7a-77b50dccaf3b?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-230xx/CVE-2025-23091.json b/CVE-2025/CVE-2025-230xx/CVE-2025-23091.json new file mode 100644 index 00000000000..b23898d24ae --- /dev/null +++ b/CVE-2025/CVE-2025-230xx/CVE-2025-23091.json @@ -0,0 +1,44 @@ +{ + "id": "CVE-2025-23091", + "sourceIdentifier": "support@hackerone.com", + "published": "2025-02-01T07:15:08.277", + "lastModified": "2025-02-01T07:15:08.277", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An Improper Certificate Validation on UniFi OS devices, with Identity Enterprise configured, could allow a malicious actor to execute a man-in-the-middle (MitM) attack during application update." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "support@hackerone.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", + "baseScore": 5.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.2, + "impactScore": 3.6 + } + ] + }, + "references": [ + { + "url": "https://community.ui.com/releases/Security-Advisory-Bulletin-045-045/6011bc61-f2eb-457f-b71d-755703817aaf", + "source": "support@hackerone.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 0fc465279b1..311574902f3 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-02-01T07:00:19.863255+00:00 +2025-02-01T09:00:20.615481+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-02-01T06:15:31.367000+00:00 +2025-02-01T08:15:10.340000+00:00 ``` ### Last Data Feed Release @@ -33,22 +33,23 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -279738 +279748 ``` ### CVEs added in the last Commit -Recently added CVEs: `9` +Recently added CVEs: `10` -- [CVE-2024-12041](CVE-2024/CVE-2024-120xx/CVE-2024-12041.json) (`2025-02-01T06:15:29.527`) -- [CVE-2024-12768](CVE-2024/CVE-2024-127xx/CVE-2024-12768.json) (`2025-02-01T06:15:30.740`) -- [CVE-2024-13096](CVE-2024/CVE-2024-130xx/CVE-2024-13096.json) (`2025-02-01T06:15:30.837`) -- [CVE-2024-13097](CVE-2024/CVE-2024-130xx/CVE-2024-13097.json) (`2025-02-01T06:15:30.927`) -- [CVE-2024-13098](CVE-2024/CVE-2024-130xx/CVE-2024-13098.json) (`2025-02-01T06:15:31.010`) -- [CVE-2024-13099](CVE-2024/CVE-2024-130xx/CVE-2024-13099.json) (`2025-02-01T06:15:31.100`) -- [CVE-2024-53295](CVE-2024/CVE-2024-532xx/CVE-2024-53295.json) (`2025-02-01T05:15:10.847`) -- [CVE-2025-0365](CVE-2025/CVE-2025-03xx/CVE-2025-0365.json) (`2025-02-01T06:15:31.213`) -- [CVE-2025-0366](CVE-2025/CVE-2025-03xx/CVE-2025-0366.json) (`2025-02-01T06:15:31.367`) +- [CVE-2024-11829](CVE-2024/CVE-2024-118xx/CVE-2024-11829.json) (`2025-02-01T07:15:06.940`) +- [CVE-2024-12825](CVE-2024/CVE-2024-128xx/CVE-2024-12825.json) (`2025-02-01T08:15:07.337`) +- [CVE-2024-13341](CVE-2024/CVE-2024-133xx/CVE-2024-13341.json) (`2025-02-01T07:15:07.900`) +- [CVE-2024-13371](CVE-2024/CVE-2024-133xx/CVE-2024-13371.json) (`2025-02-01T08:15:08.567`) +- [CVE-2024-13372](CVE-2024/CVE-2024-133xx/CVE-2024-13372.json) (`2025-02-01T08:15:09.020`) +- [CVE-2024-13425](CVE-2024/CVE-2024-134xx/CVE-2024-13425.json) (`2025-02-01T08:15:09.483`) +- [CVE-2024-13428](CVE-2024/CVE-2024-134xx/CVE-2024-13428.json) (`2025-02-01T08:15:09.910`) +- [CVE-2024-13429](CVE-2024/CVE-2024-134xx/CVE-2024-13429.json) (`2025-02-01T08:15:10.340`) +- [CVE-2025-0939](CVE-2025/CVE-2025-09xx/CVE-2025-0939.json) (`2025-02-01T07:15:08.097`) +- [CVE-2025-23091](CVE-2025/CVE-2025-230xx/CVE-2025-23091.json) (`2025-02-01T07:15:08.277`) ### CVEs modified in the last Commit diff --git a/_state.csv b/_state.csv index 0b5f9924bab..20e4ed59d95 100644 --- a/_state.csv +++ b/_state.csv @@ -244994,6 +244994,7 @@ CVE-2024-11825,0,0,96c5070e436ca13c0f485f1de873107f18b277abea2e3dfbe2f45da01b02a CVE-2024-11826,0,0,714757b0f1ee90efb73e13391b9bb62ff3eaf1b93791e1acd0225d6c5a53499e,2025-01-27T18:15:36.540000 CVE-2024-11827,0,0,56fd4585b95b5b001b477bafaf482165d34a68f8e4c23484879244ef8898da04,2024-12-13T12:15:19.050000 CVE-2024-11828,0,0,2182fcc94d5c2924b387611eabcc64629aff0d6ea201e85bc92b19a7228cc503,2024-12-12T21:07:04.270000 +CVE-2024-11829,1,1,11ca589965256825956df9e25749ca56582e92b92b4e747980c6eb592b0f7df4,2025-02-01T07:15:06.940000 CVE-2024-1183,0,0,65ecfa5c3d2b221c19281f6b798c6cc7087d171223e10f3dd191314d09620aec,2024-11-21T08:49:58.950000 CVE-2024-11830,0,0,2b9bcbcc6b8510fbe3715609ebd917cba06af0eebf5118baa1afa85039e0b1f0,2025-01-08T11:15:06.443000 CVE-2024-11832,0,0,7a6414b8a97e02ea73c05598b642d3e1c0cc9c0557b16b568dca85c729ab2498,2025-01-07T18:12:54.040000 @@ -245181,7 +245182,7 @@ CVE-2024-12034,0,0,9c507f78158cc030dfd314ae6dde1db490ceaf3d6dfd0f8120e54566524e4 CVE-2024-12037,0,0,555d7dd12e66a0d13f5e4a7a1c20cbb2a135c4dc6d0e90ff76b843d01e574bd7,2025-01-31T11:15:08.517000 CVE-2024-1204,0,0,52c83c0f4289636bc1afd18cb37875b782729e90167239cc1a53f532e5633e12,2024-11-21T08:50:02.033000 CVE-2024-12040,0,0,82ff661fdb988bbdc555297e0b0d4a5a42a6c3fde3cb51373bdf40b4e4dd0633,2024-12-12T06:15:22.947000 -CVE-2024-12041,1,1,47082ba9778a8e8f387e97794ecc83e5026dfc63a3058e5ad0a6682c315b44f2,2025-02-01T06:15:29.527000 +CVE-2024-12041,0,0,47082ba9778a8e8f387e97794ecc83e5026dfc63a3058e5ad0a6682c315b44f2,2025-02-01T06:15:29.527000 CVE-2024-12042,0,0,b4111492e93c9126d488ebee36a5b9ed9603a0917a66407440ec106154a8d6d8,2024-12-13T09:15:07.370000 CVE-2024-12043,0,0,b5054b9bd075d8c3ead66ca32a1ca052db466c35c1d720d53985644b65f0bbf4,2025-01-23T11:15:09.147000 CVE-2024-12045,0,0,129733e1a8172f1173193ada9167ebfa92abcbaf9c1c22ab7b433d2b7a56ea29,2025-01-08T08:15:24.683000 @@ -245765,7 +245766,7 @@ CVE-2024-12753,0,0,4271c9d86ac6ffc21783ff22aa4d21dfabf207717e4c237171a1fe2075c45 CVE-2024-12754,0,0,df24fa8ce9df112eb8cb8438eca3154b7b11a8ee42e16751c31ec0de51ba4cbc,2024-12-30T17:15:07.127000 CVE-2024-12757,0,0,001b6506f2f8c2c25161ff7428c9761e0eb53687dc4724791aa2f4c1d089377a,2025-01-17T18:15:24.690000 CVE-2024-1276,0,0,7fd672f8ab2d0313a55eef11978a3cbaaea942b78d4dfb1702b583b731b53a9a,2025-01-08T18:37:36.067000 -CVE-2024-12768,1,1,28a534dbe392442c63ac36ac2519043e2ec885abf5db1d80a6a61bbb1841d6d2,2025-02-01T06:15:30.740000 +CVE-2024-12768,0,0,28a534dbe392442c63ac36ac2519043e2ec885abf5db1d80a6a61bbb1841d6d2,2025-02-01T06:15:30.740000 CVE-2024-1277,0,0,fdccc6e1d66b4b759fea691d8a9a7ad4f8cc0afd5b2fb224e654b3bd9de12942,2024-11-21T08:50:13.170000 CVE-2024-12771,0,0,adaa7480d8738512efdcfd2f9f87c67eebbb8482c06b61f78400b2b84e02b742,2024-12-21T07:15:09.997000 CVE-2024-12772,0,0,aebd14797dad5b000b7b30dd2cc61fcad13daed0fb6d0f27e36d3accddc1c06a,2025-01-31T06:15:27.783000 @@ -245802,6 +245803,7 @@ CVE-2024-12819,0,0,d67b85742967f9e166e23a2e5c4440d086b3b3988f6b73108d4bee255219b CVE-2024-1282,0,0,e6b07825f0f3597687613e3a6164d0e157f6f527c33c61eb8d90ec07193bdec2,2024-11-21T08:50:13.520000 CVE-2024-12821,0,0,e588fd0d09947b07d09c8d3f282b63ea0e1f492dc00ee4435ee9c9b82132788c,2025-01-30T14:15:32.843000 CVE-2024-12822,0,0,192c28e8527adecfccce851b33e27323e02d5b46aeeffff5461062f4314ed85b,2025-01-30T14:15:33.017000 +CVE-2024-12825,1,1,02e36af40cd57a1d522669892e7084adc2801df76d70186253d0f50df9fc4568,2025-02-01T08:15:07.337000 CVE-2024-12826,0,0,c720c0675605f102a13449f7c719465cad74869404c1c6afa4c9516f512ea0ef,2025-01-25T08:15:08.463000 CVE-2024-12828,0,0,a29f7d175d08af9e9a3e3b2d9a239843d4c47c7b84f9529c7b9ddf19ae5c7fea,2024-12-30T17:15:07.717000 CVE-2024-12829,0,0,b6def8373fb939ecec35d929ec57c311d0480519af7a0919a5038b5b832e9ed5,2025-01-03T17:46:48.507000 @@ -246031,10 +246033,10 @@ CVE-2024-13092,0,0,8a150593dbe1f180e29b1c2e3ea75cd720a3d6f50bb74cd3f244a3b1730f6 CVE-2024-13093,0,0,efaf6e963b0d924999f6d8167a81917175f763e9f833fbf291aa1961a6ad2e71,2025-01-06T21:15:14.427000 CVE-2024-13094,0,0,ff89d51df0f55e55e053e6eb04680580a78be0201255f2c5e137b3c57d192608,2025-01-27T20:15:33.390000 CVE-2024-13095,0,0,09539e5e7a6afc7749c47ed659ed27b3a015bec4283229fae0e1cc00475de367,2025-01-28T21:15:16.453000 -CVE-2024-13096,1,1,9ab3d9fc76ba78cdf7e1ad12ec603a1e7ff70ffc5d0d8cda505ec6243fb3c154,2025-02-01T06:15:30.837000 -CVE-2024-13097,1,1,03cc870ac20a2773f0eab13b32bd154cfc9434994fb96802f3584a355695acaa,2025-02-01T06:15:30.927000 -CVE-2024-13098,1,1,312bbaa95f31c5db0b8c2c343017b86ec2c78a3b36272b2a7df30a7b49376747,2025-02-01T06:15:31.010000 -CVE-2024-13099,1,1,f267384880a16696e06ceaae2070ec849fcb5927944a96428f51b5cc08105346,2025-02-01T06:15:31.100000 +CVE-2024-13096,0,0,9ab3d9fc76ba78cdf7e1ad12ec603a1e7ff70ffc5d0d8cda505ec6243fb3c154,2025-02-01T06:15:30.837000 +CVE-2024-13097,0,0,03cc870ac20a2773f0eab13b32bd154cfc9434994fb96802f3584a355695acaa,2025-02-01T06:15:30.927000 +CVE-2024-13098,0,0,312bbaa95f31c5db0b8c2c343017b86ec2c78a3b36272b2a7df30a7b49376747,2025-02-01T06:15:31.010000 +CVE-2024-13099,0,0,f267384880a16696e06ceaae2070ec849fcb5927944a96428f51b5cc08105346,2025-02-01T06:15:31.100000 CVE-2024-1310,0,0,8eacc1832dc63ed57a42c33584abbb481a62a43a07e6f25f2b4df813accea989,2024-11-21T08:50:17.717000 CVE-2024-13100,0,0,0c05b639d5a94b93394bebae18f760bf73523ad15f07849f2a7bd9a5c86be6d3,2025-01-31T17:15:12.263000 CVE-2024-13101,0,0,68ba8f284660fdd1c62ca770d34488ca072457ef5c7f946a009b6969483d1f87,2025-01-31T17:15:12.400000 @@ -246241,6 +246243,7 @@ CVE-2024-13334,0,0,892c3ce546b2f6a66e9e4dfd761dd08aaefb851a17185548e40c2e88d5655 CVE-2024-13335,0,0,2fcef25251bb68a715e890eb0cf4e30f6ed93385a9d1ce3a44dbe1289f4c0426,2025-01-24T11:15:07.973000 CVE-2024-1334,0,0,5cd8113de272a8c461c68981cf2d6addc6166d9cf4d9dbad0d56a2a1ca671349,2024-12-31T16:48:40.290000 CVE-2024-13340,0,0,410a07bb948a432c6c68e7813dd264dbb94d6d7c0c36b44969bc437f75da1ae8,2025-01-31T16:02:16.553000 +CVE-2024-13341,1,1,16acded92547be67b8d1319a2af71c7cc4dd793d079329b45b0485cf9f1e2a5f,2025-02-01T07:15:07.900000 CVE-2024-13343,0,0,f82a6052ccce2ed181e863ae61f345a91ef7738bcd705b7c57eb9cd26a33b700,2025-02-01T04:15:30.717000 CVE-2024-13348,0,0,e7356b4b7de40bfcab5dcbdec8635d94ba57c9cc43546ece560a6873afe1ba28,2025-01-30T15:15:16.223000 CVE-2024-13349,0,0,1a00cf757b3ec26bd50ea0e563207e24798d3893002c58755b8b9af1d412744e,2025-01-31T17:58:59.027000 @@ -246256,6 +246259,8 @@ CVE-2024-13367,0,0,28bc518effbeac20d5854322c01ceb858440caae6a5bae49591369a0a18ef CVE-2024-13368,0,0,0cebd01114688a38654235872525dd94dee4e6b9d8c0c778f5ec6dd70bab5851,2025-01-25T08:15:08.830000 CVE-2024-1337,0,0,ecd9569d803b0ad7e93765437336dbe54b6bca900bd0d8d6a4265ae95a2bd0fa,2024-11-21T08:50:21.857000 CVE-2024-13370,0,0,4534ec8ffe42544d561bfc608813f027b638b469843d2bcdc0a7c27144b929ed,2025-01-25T08:15:08.990000 +CVE-2024-13371,1,1,490b85009fe81e5b4c3836eea1e092d9e78e9bad7ef014d0cc98908cb014dda9,2025-02-01T08:15:08.567000 +CVE-2024-13372,1,1,368b8d99dc354725c9f573ade34340d0dcd2dc4dc4f3200dde76728a3c7dd40d,2025-02-01T08:15:09.020000 CVE-2024-13375,0,0,509bfd3a7c3f76e008f9bf54ba53750a8708a5d8eaf24ea17a33be3c80dc44d0,2025-01-18T09:15:07.120000 CVE-2024-13377,0,0,a25050bd2bbff023d447f5d602b24decf0d9fe3f99412e4f96b0e55aac73332f,2025-01-17T10:15:07.240000 CVE-2024-13378,0,0,7ea1d4cbb0f87859cae348c2da93d49f3902e773337fd492c684caf29392972d,2025-01-17T10:15:07.457000 @@ -246286,7 +246291,10 @@ CVE-2024-13415,0,0,078aa9b6eeb5af1c8634c02c595bbb40a0a7ec1b15e21674b1397103dd29c CVE-2024-1342,0,0,2f41e6eac1e33a309fc72543d371a67df7cdf22eae12449849cd3aab8e438d93,2024-10-14T22:15:03.180000 CVE-2024-13422,0,0,3d45f2466e53dfac69ec8dd343775dbe7473e4817099b26926d3d7b297be7b01,2025-01-23T12:15:28.163000 CVE-2024-13424,0,0,60791b2caef2c4384bda44bc4634febeec12d84f3bded4fd1a0d6202fd13ad5f,2025-01-31T06:15:29.443000 +CVE-2024-13425,1,1,08ef4f1b081737910f392244ba05da58d4cda2f63c81c6691bdd52d5b3c0e694,2025-02-01T08:15:09.483000 CVE-2024-13426,0,0,86fab2a47173ecbfa78b3dbc75ac72da294fc64d34b2b04366fafee0f3e9a13d,2025-01-24T18:37:38.503000 +CVE-2024-13428,1,1,8128bc8b864438479b00e90c4cc602c03e67236b9553061e120ac9d6a6f9ca30,2025-02-01T08:15:09.910000 +CVE-2024-13429,1,1,6fab7f0dc417bb40b2289985607f1c34c9972fc20bfbe830ca4813e83f198897,2025-02-01T08:15:10.340000 CVE-2024-1343,0,0,7c2447499342d3573955d9e9545316db90429adf3b266826e2ed2754189f075e,2024-11-21T08:50:22.433000 CVE-2024-13432,0,0,2420e31f27384cf3a3b972e6593316283200b18cb659242a854ce1e6ee4aeb4a,2025-01-18T07:15:08.983000 CVE-2024-13433,0,0,2a9d89514e9ca62330f67417cbd4f0a14554f70d781af736185219d7398dc564,2025-01-18T07:15:09.160000 @@ -271897,7 +271905,7 @@ CVE-2024-5329,0,0,daffb0d0cde1b0a7abdef85d122cb231171a58845d7b7cc2d00de14c5f127b CVE-2024-53290,0,0,08e0a042eea6dcb1196f79e060fe5af8f554fba59cbaa553b3654d405551bc5e,2024-12-11T08:15:06.250000 CVE-2024-53291,0,0,f458e544e78a21ac318b3f57de0e880167c6757e00adcc9b4813b246d9d1a4a3,2025-01-29T20:26:51.673000 CVE-2024-53292,0,0,67896e5cb823d0bbe120641ca2bcb7973e9580249f1b4ecda20948602273ce08,2024-12-11T08:15:06.423000 -CVE-2024-53295,1,1,0623e08e5af9c68c610470140678ff5dc297cdaae7c2f7aca97db41a5ff7415a,2025-02-01T05:15:10.847000 +CVE-2024-53295,0,0,0623e08e5af9c68c610470140678ff5dc297cdaae7c2f7aca97db41a5ff7415a,2025-02-01T05:15:10.847000 CVE-2024-53296,0,0,e28bf767e01b1aaa2164d43f0620bdb3386846f2c98a1468aa6affeb743edc60,2025-02-01T04:15:31.293000 CVE-2024-53299,0,0,5bd58c041c7a73cbc45ae8ad11b649dabfb60db76dce6f2d331a4b9bd3f0400d,2025-01-23T18:15:30.777000 CVE-2024-5330,0,0,d644a32144d291678dd5bb7f21b934bb851a049e1a1dcad7ed14bbc2171615fb,2024-11-21T22:46:26.800000 @@ -277992,8 +278000,8 @@ CVE-2025-0354,0,0,428d38f2781814173c07276c3123b7894bf18887b24de42981453e8b9fe91f CVE-2025-0355,0,0,60139aab38184d5553deea3c96ee67451ff405f2b0f65acb32b8c01c91586866,2025-01-21T04:15:07.877000 CVE-2025-0356,0,0,00c4e703b995e5d2c2e4f165848b6efa20e85198e0b810bdb74efa5802e75a40,2025-01-21T04:15:07.980000 CVE-2025-0357,0,0,637a6ef73ca88597a9faee7a213f2c9e042293b4e1599306e7baf4be91a58fdb,2025-01-25T02:15:26.990000 -CVE-2025-0365,1,1,924739f025699e60a77c9079ccaa4521009185df8bf4b303e903786abf0eefb1,2025-02-01T06:15:31.213000 -CVE-2025-0366,1,1,fc4431d10dedc4aa4c68aeb4aa2f95c6b652d05cace4cdd54e5a03c0ad3aa5f2,2025-02-01T06:15:31.367000 +CVE-2025-0365,0,0,924739f025699e60a77c9079ccaa4521009185df8bf4b303e903786abf0eefb1,2025-02-01T06:15:31.213000 +CVE-2025-0366,0,0,fc4431d10dedc4aa4c68aeb4aa2f95c6b652d05cace4cdd54e5a03c0ad3aa5f2,2025-02-01T06:15:31.367000 CVE-2025-0367,0,0,cf5f1f0c6b84167d76798142a8c95635acae920e83dd59ae57d8ce8af54a8dc7,2025-01-30T17:15:18.097000 CVE-2025-0369,0,0,968f1c7b7fff7a404f2212aa81591bd64fc1ef313f079e18ed81ef90b8b12902,2025-01-18T07:15:09.720000 CVE-2025-0371,0,0,de30e603b077e64693a9f53a95b364cbc495f2694acb2d5aef6b2eb3aaaea9a8,2025-01-31T20:16:11.363000 @@ -278241,6 +278249,7 @@ CVE-2025-0929,0,0,ffaf780d1ad9f6bd5b422a6baa5a3c033dab993db1633cc62dfab8ec5e22c8 CVE-2025-0930,0,0,3208fbfb04878de0bb664bbdbe3c44e4e3f7a92268295009077cc2402da021f1,2025-01-31T14:15:34.293000 CVE-2025-0934,0,0,e3663ee9a4c4fab98de0a308775cdf9833b791256f04cc964b86e7e2758a3bc1,2025-01-31T20:15:32.893000 CVE-2025-0938,0,0,f483a985147355beda1ac5ec6a46732d1e38a3e469c32fde2fdbbf0317921d33,2025-01-31T20:15:33.083000 +CVE-2025-0939,1,1,4fee9d9bf91b5fba4fb21bcf1da5a530cf0306cb5ecc2eae58c32ef5efdc8b24,2025-02-01T07:15:08.097000 CVE-2025-20014,0,0,708b5660539e4ab2830a732991daead462d3c8df88b4205953edf58b017cb8b0,2025-01-29T20:15:35.207000 CVE-2025-20016,0,0,6fccb84eb01c2cd66b422e82777f9738bfe5004121e1b551d0ae454724543c0e,2025-01-14T10:15:07.500000 CVE-2025-20033,0,0,6c60c85e451f1d6db70378d678ddf83dacc7c823ecfb493748ed6d94114eff49,2025-01-09T07:15:28.450000 @@ -279018,6 +279027,7 @@ CVE-2025-23087,0,0,ff3ef66bbdfadd92f4bceb83f017cee238f01afd217540d38de3c3bc4241e CVE-2025-23088,0,0,351c4fc9ce77a4e8c7f582485a4c81d867817a4e67e2a7d92df2d5afd4de1eba,2025-01-23T22:15:16.370000 CVE-2025-23089,0,0,53211e365cb35c1ca6468f83d4cfd887f23da2be04794ebbf5b6bdd46246c6fa,2025-01-23T22:15:16.460000 CVE-2025-23090,0,0,1fa9642da31f6a1f285e901b43018a8c7dae722f8fb49437e281ea29c270fa57,2025-01-22T02:15:34.443000 +CVE-2025-23091,1,1,b0cc14c8e209fbe6063fb24eff4314bed321c702e3c91518f97b3035bbea10ee,2025-02-01T07:15:08.277000 CVE-2025-23108,0,0,0867ae52bf9537919e00df206497183b5abf45a3a43e56579f476cc3d26e8d6c,2025-01-13T18:15:22.680000 CVE-2025-23109,0,0,4d519c5c41161d21ebd8f814ea3659acc2224a598528dd7d3e4c7b87a5ad8cc0,2025-01-13T18:15:22.903000 CVE-2025-23110,0,0,b9e32d20d7e6cf23b28c590dc2ad7f239b5186f27517cd303db97f7275b077fa,2025-01-10T22:15:27.550000