From 483d2f1eebf3c5024653922f3b3b9ca1244f66a3 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Thu, 24 Apr 2025 08:03:52 +0000 Subject: [PATCH] Auto-Update: 2025-04-24T08:00:20.677145+00:00 --- CVE-2024/CVE-2024-26xx/CVE-2024-2637.json | 4 +- CVE-2025/CVE-2025-14xx/CVE-2025-1453.json | 21 ++++ CVE-2025/CVE-2025-17xx/CVE-2025-1731.json | 10 +- CVE-2025/CVE-2025-25xx/CVE-2025-2558.json | 21 ++++ CVE-2025/CVE-2025-327xx/CVE-2025-32730.json | 104 ++++++++++++++++++++ CVE-2025/CVE-2025-359xx/CVE-2025-35965.json | 56 +++++++++++ CVE-2025/CVE-2025-37xx/CVE-2025-3761.json | 60 +++++++++++ CVE-2025/CVE-2025-413xx/CVE-2025-41395.json | 56 +++++++++++ CVE-2025/CVE-2025-414xx/CVE-2025-41423.json | 56 +++++++++++ README.md | 20 ++-- _state.csv | 13 ++- 11 files changed, 407 insertions(+), 14 deletions(-) create mode 100644 CVE-2025/CVE-2025-14xx/CVE-2025-1453.json create mode 100644 CVE-2025/CVE-2025-25xx/CVE-2025-2558.json create mode 100644 CVE-2025/CVE-2025-327xx/CVE-2025-32730.json create mode 100644 CVE-2025/CVE-2025-359xx/CVE-2025-35965.json create mode 100644 CVE-2025/CVE-2025-37xx/CVE-2025-3761.json create mode 100644 CVE-2025/CVE-2025-413xx/CVE-2025-41395.json create mode 100644 CVE-2025/CVE-2025-414xx/CVE-2025-41423.json diff --git a/CVE-2024/CVE-2024-26xx/CVE-2024-2637.json b/CVE-2024/CVE-2024-26xx/CVE-2024-2637.json index a573df97099..34b45ff5ee6 100644 --- a/CVE-2024/CVE-2024-26xx/CVE-2024-2637.json +++ b/CVE-2024/CVE-2024-26xx/CVE-2024-2637.json @@ -2,13 +2,13 @@ "id": "CVE-2024-2637", "sourceIdentifier": "cybersecurity@ch.abb.com", "published": "2024-05-14T19:15:10.230", - "lastModified": "2024-11-21T09:10:11.330", + "lastModified": "2025-04-24T07:15:29.910", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "An Uncontrolled Search Path Element vulnerability in B&R Industrial Automation Scene Viewer, B&R Industrial Automation Automation Runtime, B&R Industrial Automation mapp Vision, B&R Industrial Automation mapp View, B&R Industrial Automation mapp Cockpit, B&R Industrial Automation mapp Safety, B&R Industrial Automation VC4 could allow an authenticated local attacker to execute malicious code by placing specially crafted files in the loading search path.This issue affects Scene Viewer: before 4.4.0; Automation Runtime: before J4.93; mapp Vision: before 5.26.1; mapp View: before 5.24.2; mapp Cockpit: before 5.24.2; mapp Safety: before 5.24.2; VC4: before 4.73.2." + "value": "An Uncontrolled Search Path Element vulnerability\u00a0in B&R Industrial Automation Scene Viewer, B&R Industrial Automation Automation Runtime, B&R Industrial Automation mapp Vision, B&R Industrial Automation mapp View, B&R Industrial Automation mapp Cockpit, B&R Industrial Automation mapp Safety, B&R Industrial Automation VC4, B&R Industrial Automation APROL, B&R Industrial Automation CAN Driver, B&R Industrial Automation CAN Driver CC770, B&R Industrial Automation CAN Driver SJA1000, B&R Industrial Automation Tou0ch Lock, B&R Industrial Automation B&R Single-Touch Driver, B&R Industrial Automation Serial User Mode Touch Driver, B&R Industrial Automation Windows Settings Changer (LTSC), B&R Industrial Automation Windows Settings Changer (2019 LTSC), B&R Industrial Automation Windows 10 Recovery Solution, B&R Industrial Automation ADI driver universal, B&R Industrial Automation ADI Development Kit, B&R Industrial Automation ADI .NET SDK, B&R Industrial Automation SRAM driver, B&R Industrial Automation HMI Service Center, B&R Industrial Automation HMI Service Center Maintenance, B&R Industrial Automation Windows 10 IoT Enterprise 2019 LTSC, B&R Industrial Automation KCF Editor could allow an authenticated local attacker to execute malicious code by placing specially crafted files in the loading search path..This issue affects Scene Viewer: before 4.4.0; Automation Runtime: before J4.93; mapp Vision: before 5.26.1; mapp View: before 5.24.2; mapp Cockpit: before 5.24.2; mapp Safety: before 5.24.2; VC4: before 4.73.2; APROL: before 4.4-01; CAN Driver: before 1.1.0; CAN Driver CC770: before 3.3.0; CAN Driver SJA1000: before 1.3.0; Tou0ch Lock: before 2.1.0; B&R Single-Touch Driver: before 2.0.0; Serial User Mode Touch Driver: before 1.7.1; Windows Settings Changer (LTSC): before 3.2.0; Windows Settings Changer (2019 LTSC): before 2.2.0; Windows 10 Recovery Solution: before 3.2.0; ADI driver universal: before 3.2.0; ADI Development Kit: before 5.5.0; ADI .NET SDK: before 4.1.0; SRAM driver: before 1.2.0; HMI Service Center: before 3.1.0; HMI Service Center Maintenance: before 2.1.0; Windows 10 IoT Enterprise 2019 LTSC: through 1.1; KCF Editor: before 1.1.0." }, { "lang": "es", diff --git a/CVE-2025/CVE-2025-14xx/CVE-2025-1453.json b/CVE-2025/CVE-2025-14xx/CVE-2025-1453.json new file mode 100644 index 00000000000..992bdae907e --- /dev/null +++ b/CVE-2025/CVE-2025-14xx/CVE-2025-1453.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2025-1453", + "sourceIdentifier": "contact@wpscan.com", + "published": "2025-04-24T06:15:43.957", + "lastModified": "2025-04-24T06:15:43.957", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Category Posts Widget WordPress plugin before 4.9.20 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/6bf93a34-a19f-4266-a95d-033551db43e6/", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-17xx/CVE-2025-1731.json b/CVE-2025/CVE-2025-17xx/CVE-2025-1731.json index 033468aabc9..ab79a7bc8a2 100644 --- a/CVE-2025/CVE-2025-17xx/CVE-2025-1731.json +++ b/CVE-2025/CVE-2025-17xx/CVE-2025-1731.json @@ -2,7 +2,7 @@ "id": "CVE-2025-1731", "sourceIdentifier": "security@zyxel.com.tw", "published": "2025-04-22T03:15:21.177", - "lastModified": "2025-04-23T14:08:13.383", + "lastModified": "2025-04-24T06:15:45.497", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -19,7 +19,7 @@ "cvssMetricV31": [ { "source": "security@zyxel.com.tw", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", @@ -42,7 +42,7 @@ "weaknesses": [ { "source": "security@zyxel.com.tw", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -55,6 +55,10 @@ { "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-incorrect-permission-assignment-and-improper-privilege-management-vulnerabilities-in-usg-flex-h-series-firewalls-04-22-2025", "source": "security@zyxel.com.tw" + }, + { + "url": "http://seclists.org/fulldisclosure/2025/Apr/27", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-25xx/CVE-2025-2558.json b/CVE-2025/CVE-2025-25xx/CVE-2025-2558.json new file mode 100644 index 00000000000..55195f8dd46 --- /dev/null +++ b/CVE-2025/CVE-2025-25xx/CVE-2025-2558.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2025-2558", + "sourceIdentifier": "contact@wpscan.com", + "published": "2025-04-24T06:15:45.800", + "lastModified": "2025-04-24T06:15:45.800", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The-wound WordPress theme through 0.0.1 does not validate some parameters before using them to generate paths passed to include function/s, allowing unauthenticated users to perform LFI attacks and download arbitrary file from the server" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/6a8e1c89-a01d-4347-91fc-ba454784b153/", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-327xx/CVE-2025-32730.json b/CVE-2025/CVE-2025-327xx/CVE-2025-32730.json new file mode 100644 index 00000000000..0379ead8b3f --- /dev/null +++ b/CVE-2025/CVE-2025-327xx/CVE-2025-32730.json @@ -0,0 +1,104 @@ +{ + "id": "CVE-2025-32730", + "sourceIdentifier": "vultures@jpcert.or.jp", + "published": "2025-04-24T07:15:31.077", + "lastModified": "2025-04-24T07:15:31.077", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Use of hard-coded cryptographic key vulnerability in i-PRO Configuration Tool affects the network system for i-PRO Co., Ltd. surveillance cameras and recorders. This vulnerability allows a local authenticated attacker to use the authentication information from the last connected surveillance cameras and recorders." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "vultures@jpcert.or.jp", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.8, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "HIGH", + "vulnIntegrityImpact": "NONE", + "vulnAvailabilityImpact": "NONE", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV30": [ + { + "source": "vultures@jpcert.or.jp", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "vultures@jpcert.or.jp", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-321" + } + ] + } + ], + "references": [ + { + "url": "https://i-pro.com/products_and_solutions/en/surveillance/solutions/technologies/cyber-security/psirt/security-advisories", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://jvn.jp/en/jp/JVN84627857/", + "source": "vultures@jpcert.or.jp" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-359xx/CVE-2025-35965.json b/CVE-2025/CVE-2025-359xx/CVE-2025-35965.json new file mode 100644 index 00000000000..70538ee65fa --- /dev/null +++ b/CVE-2025/CVE-2025-359xx/CVE-2025-35965.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-35965", + "sourceIdentifier": "responsibledisclosure@mattermost.com", + "published": "2025-04-24T07:15:31.280", + "lastModified": "2025-04-24T07:15:31.280", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Mattermost versions 10.4.x <= 10.4.2, 10.5.x <= 10.5.0, 9.11.x <= 9.11.10 fail to validate the uniqueness and quantity of task actions within the UpdateRunTaskActions GraphQL operation, which allows an attacker to create task items containing an excessive number of actions triggered by specific posts, overloading the server and leading to a denial-of-service (DoS) condition." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "responsibledisclosure@mattermost.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "responsibledisclosure@mattermost.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-770" + } + ] + } + ], + "references": [ + { + "url": "https://mattermost.com/security-updates", + "source": "responsibledisclosure@mattermost.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-37xx/CVE-2025-3761.json b/CVE-2025/CVE-2025-37xx/CVE-2025-3761.json new file mode 100644 index 00000000000..41d43d9a0a8 --- /dev/null +++ b/CVE-2025/CVE-2025-37xx/CVE-2025-3761.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-3761", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-04-24T07:15:31.437", + "lastModified": "2025-04-24T07:15:31.437", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The My Tickets \u2013 Accessible Event Ticketing plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.0.16. This is due to the mt_save_profile() function not appropriately restricting access to unauthorized users to update roles. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update their role to that of an administrator." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-269" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3280248/my-tickets/trunk/my-tickets.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6d875c23-3d8a-4f82-bea3-1c46b5045d94?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-413xx/CVE-2025-41395.json b/CVE-2025/CVE-2025-413xx/CVE-2025-41395.json new file mode 100644 index 00000000000..fc6d6373606 --- /dev/null +++ b/CVE-2025/CVE-2025-413xx/CVE-2025-41395.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-41395", + "sourceIdentifier": "responsibledisclosure@mattermost.com", + "published": "2025-04-24T07:15:31.600", + "lastModified": "2025-04-24T07:15:31.600", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Mattermost versions 10.4.x <= 10.4.2, 10.5.x <= 10.5.0, 9.11.x <= 9.11.10 fail to properly validate the props used by the RetrospectivePost custom post type in the Playbooks plugin, which\u00a0allows an attacker to create a specially crafted post with maliciously crafted props\u00a0and cause a denial of service (DoS) of the web app for all users." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "responsibledisclosure@mattermost.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "responsibledisclosure@mattermost.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-1287" + } + ] + } + ], + "references": [ + { + "url": "https://mattermost.com/security-updates", + "source": "responsibledisclosure@mattermost.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-414xx/CVE-2025-41423.json b/CVE-2025/CVE-2025-414xx/CVE-2025-41423.json new file mode 100644 index 00000000000..03f595aded8 --- /dev/null +++ b/CVE-2025/CVE-2025-414xx/CVE-2025-41423.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-41423", + "sourceIdentifier": "responsibledisclosure@mattermost.com", + "published": "2025-04-24T07:15:31.740", + "lastModified": "2025-04-24T07:15:31.740", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Mattermost versions 10.4.x <= 10.4.2, 10.5.x <= 10.5.0, 9.11.x <= 9.11.10\u00a0fail to properly validate permissions for the API endpoint /plugins/playbooks/api/v0/signal/keywords/ignore-thread, allowing any user or attacker to delete posts containing actions created by the Playbooks bot, even without channel access or appropriate permissions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "responsibledisclosure@mattermost.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 3.1, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.6, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "responsibledisclosure@mattermost.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + } + ], + "references": [ + { + "url": "https://mattermost.com/security-updates", + "source": "responsibledisclosure@mattermost.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index f90abb781df..05c66abe738 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-04-24T06:00:19.529579+00:00 +2025-04-24T08:00:20.677145+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-04-24T04:15:49.710000+00:00 +2025-04-24T07:15:31.740000+00:00 ``` ### Last Data Feed Release @@ -33,20 +33,28 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -291220 +291227 ``` ### CVEs added in the last Commit -Recently added CVEs: `1` +Recently added CVEs: `7` -- [CVE-2025-3435](CVE-2025/CVE-2025-34xx/CVE-2025-3435.json) (`2025-04-24T04:15:49.710`) +- [CVE-2025-1453](CVE-2025/CVE-2025-14xx/CVE-2025-1453.json) (`2025-04-24T06:15:43.957`) +- [CVE-2025-2558](CVE-2025/CVE-2025-25xx/CVE-2025-2558.json) (`2025-04-24T06:15:45.800`) +- [CVE-2025-32730](CVE-2025/CVE-2025-327xx/CVE-2025-32730.json) (`2025-04-24T07:15:31.077`) +- [CVE-2025-35965](CVE-2025/CVE-2025-359xx/CVE-2025-35965.json) (`2025-04-24T07:15:31.280`) +- [CVE-2025-3761](CVE-2025/CVE-2025-37xx/CVE-2025-3761.json) (`2025-04-24T07:15:31.437`) +- [CVE-2025-41395](CVE-2025/CVE-2025-413xx/CVE-2025-41395.json) (`2025-04-24T07:15:31.600`) +- [CVE-2025-41423](CVE-2025/CVE-2025-414xx/CVE-2025-41423.json) (`2025-04-24T07:15:31.740`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `2` +- [CVE-2024-2637](CVE-2024/CVE-2024-26xx/CVE-2024-2637.json) (`2025-04-24T07:15:29.910`) +- [CVE-2025-1731](CVE-2025/CVE-2025-17xx/CVE-2025-1731.json) (`2025-04-24T06:15:45.497`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 4188eb1eae2..6db304a69da 100644 --- a/_state.csv +++ b/_state.csv @@ -254034,7 +254034,7 @@ CVE-2024-2636,0,0,129863ab8220a5a793261a0f53b6625d5b1715c77601fc7265e1c778ba60fe CVE-2024-26362,0,0,e834700fba5d3ed8885f15b0a32604b45d432edd1830049b357b7fb96ec22779,2024-11-21T09:02:25.010000 CVE-2024-26367,0,0,b529aaafa17b67cb2acc86454f07d52ca5f63eec818154b71c2a9d73a74194ff,2024-11-21T09:02:25.230000 CVE-2024-26369,0,0,4e01a7ea9f778bafd7275b141c0b3f2179ae10cc998894eb5e91895b90153fcf,2024-11-21T09:02:25.457000 -CVE-2024-2637,0,0,9cd9e62d3b5c765b4d13913d1b3e4ea3f727aeabbe0d73bed75e296b86de1a13,2024-11-21T09:10:11.330000 +CVE-2024-2637,0,1,8b612a524d30311dd22af4291dccfe6d8338e3ec33a4a4f671d3ca8301a4b6cd,2025-04-24T07:15:29.910000 CVE-2024-2639,0,0,45a532020fe06674d823d0b4e264d15e0ee33a5111617c7171979d4c53ef786c,2024-11-21T09:10:11.473000 CVE-2024-2640,0,0,2d97cdb3e462b6f0c784d4db1a7d7c20cbceea5fa11206e832577d8c929d2bf6,2024-11-21T09:10:11.623000 CVE-2024-2641,0,0,70a70be0b042731ccdc73536925161bf9a9aa50cb2b7e715353e185314654c4e,2024-11-21T09:10:11.820000 @@ -282355,6 +282355,7 @@ CVE-2025-1449,0,0,96e80016899d7efd6b5903e0bd5984545e6534e36d574b5746b82bf2741684 CVE-2025-1450,0,0,f0a28cf37155f4c16fff9326b0ffe6a415c6c5c1475546052ba68718728afcec,2025-03-11T15:46:05.180000 CVE-2025-1451,0,0,ec6fe899fd888829fdb360d361245840f88ca8152b7a7e9839ef57ba5f996bb9,2025-03-27T15:40:03.640000 CVE-2025-1452,0,0,3e2a2b961d493642668dd5d757e3135aee03e85d6914645ab6a62b9e89b5cf1e,2025-03-27T16:45:46.410000 +CVE-2025-1453,1,1,ed80660196c00e8706285a1099ca8d573a2289535b0fc02c5e7cc2c796206771,2025-04-24T06:15:43.957000 CVE-2025-1455,0,0,46a6d9d419b4419f96bc8b6c258423e9acd2c1f0395e883d289d7f812d9565fa,2025-04-15T18:39:27.967000 CVE-2025-1456,0,0,346ab480833591aafa4def0db688e39a034a34b0a2fc258a44bae62c0e34161a,2025-04-15T18:39:27.967000 CVE-2025-1457,0,0,3bc1de1804be30e1ce1d9f9076f02cce357793914c558c053d99dad4ac2fe48b,2025-04-21T14:23:45.950000 @@ -282550,7 +282551,7 @@ CVE-2025-1724,0,0,b8e86d6fa70198b5cc9fe6224a04663cb9564b5f8c33fbf347cdad07f13847 CVE-2025-1726,0,0,2f1dd31a8200e6d83c282baf3f0abaf3df3bb9d56b822973c75d4b2e2b3c7f8c,2025-02-26T20:15:13.510000 CVE-2025-1728,0,0,126b29abd5a8b7142eab21be075a4425d5b9e0d4bb1eedd2c9477807954e2152,2025-02-26T22:15:14.333000 CVE-2025-1730,0,0,1995ccb1e144a2c7a6984fe76cde065e7b6f85edc7bf90ff89583ed751f146df,2025-03-01T07:15:11.380000 -CVE-2025-1731,0,0,bcc720075f9bcefe07eae66fd5e657fafd47f065e6f139e28dc8318f42430714,2025-04-23T14:08:13.383000 +CVE-2025-1731,0,1,c650641065d59837e5bca7f887fb7b6578f0044f21cb48d28604109c99bdf9eb,2025-04-24T06:15:45.497000 CVE-2025-1732,0,0,89566dbdf349338f87602aa4638efc6dfed9f15e7115320e46d7ed10d08d0bf7,2025-04-23T14:08:13.383000 CVE-2025-1734,0,0,30fc1fb2735b5f2600cc56424de4c5b2acf076d3cbcb8f2f5e0f5cad4b061c05,2025-04-01T20:26:30.593000 CVE-2025-1736,0,0,88a51c283f4d0834bbf11d46dc4103f7cba768043b28133bff6d571f4b16f08b,2025-04-01T20:26:30.593000 @@ -286647,6 +286648,7 @@ CVE-2025-25568,0,0,8bf6eccd897b3aef0c5b736978952194e590be79850ad050dceac1781eef8 CVE-2025-2557,0,0,a42b70c78dcd89b9d3e57fec472337c34078e8807b7744b63a4210d869265076,2025-03-20T19:15:38.220000 CVE-2025-25570,0,0,a1a60fff83d4e58f97f6cb73bc995dd008cce7cbdda97b57369c1d11bafc9be9,2025-02-28T22:15:39.630000 CVE-2025-25579,0,0,9ad1112c1ed3d836da183b36b2d4375f4736b0d6d1110b2bc10e441acd9590d4,2025-04-07T14:23:36.660000 +CVE-2025-2558,1,1,cebc7cb40d2a0e4a6066f0dad8de4daa9c8e7d745868bfdd5a72a8cf684c9754,2025-04-24T06:15:45.800000 CVE-2025-25580,0,0,981db6fd6e3e758c95a7a3f18e0cb48f5883f5e68031cb88007741a3d3ada90e,2025-03-19T19:15:44.917000 CVE-2025-25582,0,0,fdff5f005418e70695619b15a5365b87844b6870f1b28eb8b42a995086eb8722,2025-04-02T12:27:19.593000 CVE-2025-25585,0,0,aa4f3350849e7a6d1d328ba035f3acd3940e4357ca726a2c6819200e720715c1,2025-03-19T19:15:45.203000 @@ -290467,6 +290469,7 @@ CVE-2025-32699,0,0,23a94d723c50baa82e78f6da8a3b64d0890697435859549aeff9405065761 CVE-2025-32700,0,0,c0e8c73e6cd2dba0f2638bdb87a5004e45d9151953fe53305663743891fc2cb9,2025-04-11T15:39:52.920000 CVE-2025-32726,0,0,91136782c0c58a96138194cd454d47b71b0e86e3f0a06431e8d3ca26e00cb323,2025-04-15T18:39:43.697000 CVE-2025-32728,0,0,3412470eeb78d54bf8cb06076372596e4f91bb03b171bf6dd938a768564aebbf,2025-04-11T15:40:10.277000 +CVE-2025-32730,1,1,76d9ca346b4892e5dd1d8b4adc82d1295f78401acdc334bc0b1103063eb983c4,2025-04-24T07:15:31.077000 CVE-2025-32743,0,0,22cd88375a4ea091d730f6e11751ffcb7fa9bb31f6c5963a03a37755aa77afd4,2025-04-11T15:39:52.920000 CVE-2025-3275,0,0,f07968903a6add25d3bac4ab6edf4f2011e9a13d4882b8fd03f1851e6b4624b5,2025-04-21T14:23:45.950000 CVE-2025-32754,0,0,b06e63b88f7bcd6c413b62f3af573f57520ee0eb9275ec793f6c9f8573602933,2025-04-11T15:39:52.920000 @@ -290744,7 +290747,7 @@ CVE-2025-3431,0,0,3268c065a33ed9c3e0d65730bc3852cbe02c3e2891ed1aaf906166836cdedb CVE-2025-3432,0,0,32b4909a605e3dc15d41b2069e1ead14c30bcbe2dfa78debc747a89be022e4ba,2025-04-08T18:13:53.347000 CVE-2025-3433,0,0,46dd66c57af291abbb1b77326145823e13d716692eb68902a18c25a048a17397,2025-04-08T18:13:53.347000 CVE-2025-3434,0,0,b8eaddf3b141c5d0cb4bc5eabf7fd897b349acdd6b9551b14d0e525f524ac410,2025-04-11T15:39:52.920000 -CVE-2025-3435,1,1,0c8de90c7a942e176e22d08fde32fded2a47720b085923e4341fab97d0c2e4eb,2025-04-24T04:15:49.710000 +CVE-2025-3435,0,0,0c8de90c7a942e176e22d08fde32fded2a47720b085923e4341fab97d0c2e4eb,2025-04-24T04:15:49.710000 CVE-2025-3436,0,0,350fe0ab040ca88ca01e6b9c153bc7bb9c0c6c278cf5357b8d0cb98bb355f464,2025-04-08T18:13:53.347000 CVE-2025-3437,0,0,e73b4884af1e4c5b90938b61853540dd90f98780db8cdd9f4d702d9b75697db1,2025-04-08T18:13:53.347000 CVE-2025-3439,0,0,c856a46777e8255648bf85604989713627eb1017b3571788b95f54d7615bb425,2025-04-23T16:47:50.093000 @@ -290829,6 +290832,7 @@ CVE-2025-3590,0,0,4a0453d8b3689d6f2e7dcbfdf29c48f9e72ed335c884f8c177d44093a3f9f8 CVE-2025-3591,0,0,9faf0d8d54afa4d861e787bba12e728bac4244da2f6db382b13f6aac7674e68a,2025-04-15T18:39:27.967000 CVE-2025-3592,0,0,3766f02a8a9b7546b3744ae601fb2a46406e95eb867e2ef9712274445e3cdb7b,2025-04-15T18:39:27.967000 CVE-2025-3593,0,0,a01f66982e63d1a9077a22fb9d3bb17c3788e9968a5ce8acfaa25734a955883b,2025-04-15T18:39:27.967000 +CVE-2025-35965,1,1,5032599512a77bd51cf02842d0854bae70c3e0a5ffd87935d76910ac7a5562b3,2025-04-24T07:15:31.280000 CVE-2025-3598,0,0,edf26968210ce22617ec678e5e822a9b5bd12eb64af0b7486db98454fc1aebda,2025-04-21T14:23:45.950000 CVE-2025-3608,0,0,39b182f4ebb2561066bac4e2df270fac3ea79c341f6f5d3809c1d21f023dee46,2025-04-18T15:15:59.183000 CVE-2025-3612,0,0,b3e7e1fd46c9147c27f3feb15d1a5ba8eabce3f8bab41f1f78e6d74dff7b1b50,2025-04-15T18:39:27.967000 @@ -290892,6 +290896,7 @@ CVE-2025-3737,0,0,98a95ab2f4879b0b170253df49030361243357a0145c7fdf9d3fa9de5820ef CVE-2025-3738,0,0,c83d4f2a6441d2be69ba3cb43eb59d7030deb3093e3e67d3c0e56f5cdb68cd8a,2025-04-17T20:22:16.240000 CVE-2025-3739,0,0,3ba4b773d7335861548869f23a25d3ac3371b26ca4f649a48ada76178430d177,2025-04-17T20:22:16.240000 CVE-2025-3760,0,0,36221436c9b2aad8e2661d17eeb875cdb75bc11bc6de102414da035a40dafb2c,2025-04-17T20:21:48.243000 +CVE-2025-3761,1,1,29b48d6ef97bbd82b1ba2374596b164d6785c6a2f2073db12b269cee052b0c63,2025-04-24T07:15:31.437000 CVE-2025-3762,0,0,2cd33c56775b0364c0c4571374c3d034630212b70aa6400f2018cfd1493149ca,2025-04-17T20:21:05.203000 CVE-2025-3763,0,0,75c598dd1784756201983d6c04c42b970f6d55306d12e8ca927bf77d5715fca5,2025-04-18T21:15:44.287000 CVE-2025-3764,0,0,192085e50203a378873b0fba70930bdb42ca705b402010a5434576b8a6b54b6e,2025-04-17T20:21:05.203000 @@ -291107,6 +291112,8 @@ CVE-2025-40014,0,0,9c93b86036d60f38f0f187b8c5793318088bfcafe515374cce4c97c53c702 CVE-2025-40114,0,0,e4d744f28120ab6554e4d13f2f9f1eeaeee8726fca02a9f9f521440a390d4e6d,2025-04-21T14:23:45.950000 CVE-2025-40325,0,0,a6e3862a6512d1062886fb893478a1faf062d9cb4443f34babdc0e4290aabe28,2025-04-21T14:23:45.950000 CVE-2025-40364,0,0,7079032d03c94977f22edeb418796e7b8ec133f463d81beda02e4d226b1c4205,2025-04-21T14:23:45.950000 +CVE-2025-41395,1,1,535739cf2f1a09a04fcaca5ebbacbc6eaa961a29bb18bbf7692303a2821f73cf,2025-04-24T07:15:31.600000 +CVE-2025-41423,1,1,1095c0d3ca93e5bc70d40ca9eca63c9012de951a569f9fed2371202752c239a6,2025-04-24T07:15:31.740000 CVE-2025-42599,0,0,9659da8e8aac322bbaf38e5450526281170e18645caf922988ff7e1c8a3c28d4,2025-04-21T14:23:45.950000 CVE-2025-42600,0,0,fea8dbfef12655e45d47bfa0fa1e2e7aa4b0b4b0150cdf9ac0d36b90366220f1,2025-04-23T14:08:13.383000 CVE-2025-42601,0,0,268646a252883d6a305220008d02b9e9cd7f8aa05fbc78623e895b8a325a3fda,2025-04-23T14:08:13.383000