admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-04-20T14:00:19.512704+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-04-20 14:03:52 +00:00
parent 9f05d42f15
commit 491f1ac7e9
4 changed files with 291 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

141
CVE-2025/CVE-2025-38xx/CVE-2025-3825.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-3825",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-20T12:15:14.113",
"lastModified": "2025-04-20T12:15:14.113",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, has been found in SourceCodester Web-based Pharmacy Product Management System 1.0. Affected by this issue is some unknown functionality of the file add-category.php. The manipulation of the argument txtcategory_name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "HIGH",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 2.4,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N",
"baseScore": 3.3,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.4,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
},
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://github.com/yaklang/IRifyScanResult/blob/main/Web-based%20Pharmacy%20Product%20Management%20System/xss_from_input_with_post.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.305732",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.305732",
"source": "cna@vuldb.com"
},
{
"url": "https://www.sourcecodester.com/",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2025/CVE-2025-38xx/CVE-2025-3826.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-3826",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-20T13:15:44.937",
"lastModified": "2025-04-20T13:15:44.937",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, was found in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unknown part of the file add-supplier.php. The manipulation of the argument txtsupplier_name/txtaddress leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "HIGH",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 2.4,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N",
"baseScore": 3.3,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.4,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
},
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://github.com/yaklang/IRifyScanResult/blob/main/Web-based%20Pharmacy%20Product%20Management%20System/xss_from_input_with_post.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.305733",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.305733",
"source": "cna@vuldb.com"
},
{
"url": "https://www.sourcecodester.com/",
"source": "cna@vuldb.com"
}
]
}

10
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2025-04-20T12:00:21.971474+00:00 2025-04-20T14:00:19.512704+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2025-04-20T11:15:44.937000+00:00 2025-04-20T13:15:44.937000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -33,15 +33,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
290935 290937
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `2` Recently added CVEs: `2`
- [CVE-2025-3823](CVE-2025/CVE-2025-38xx/CVE-2025-3823.json) (`2025-04-20T11:15:44.057`) - [CVE-2025-3825](CVE-2025/CVE-2025-38xx/CVE-2025-3825.json) (`2025-04-20T12:15:14.113`)
- [CVE-2025-3824](CVE-2025/CVE-2025-38xx/CVE-2025-3824.json) (`2025-04-20T11:15:44.937`) - [CVE-2025-3826](CVE-2025/CVE-2025-38xx/CVE-2025-3826.json) (`2025-04-20T13:15:44.937`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit

6
_state.csv
View File

@ -290763,9 +290763,11 @@ CVE-2025-3819,0,0,364377ad54d70df860fc9ec00ab9e1d4d8eb233351a7f92ce1289b9b90b3f6
CVE-2025-3820,0,0,bd63f641be19cb790a0f0ceb45fc52d02a8f7828a89af0f8ffc659042a7d1628,2025-04-19T21:15:45.660000 CVE-2025-3820,0,0,bd63f641be19cb790a0f0ceb45fc52d02a8f7828a89af0f8ffc659042a7d1628,2025-04-19T21:15:45.660000
CVE-2025-3821,0,0,d858b31c07c0d51da5c674b08505aa8e0806ebde89ea307526d32e0a41895c21,2025-04-20T04:15:20.610000 CVE-2025-3821,0,0,d858b31c07c0d51da5c674b08505aa8e0806ebde89ea307526d32e0a41895c21,2025-04-20T04:15:20.610000
CVE-2025-3822,0,0,ea516a66da392b94100ba03e49146fb36805f8eb91db2f30ea934b47f2e75a27,2025-04-20T07:15:28.407000 CVE-2025-3822,0,0,ea516a66da392b94100ba03e49146fb36805f8eb91db2f30ea934b47f2e75a27,2025-04-20T07:15:28.407000
CVE-2025-3823,1,1,141c2a6394d1599e8fed2233e745b9ee1081c6312aaffd891cb6374d6bba4603,2025-04-20T11:15:44.057000 CVE-2025-3823,0,0,141c2a6394d1599e8fed2233e745b9ee1081c6312aaffd891cb6374d6bba4603,2025-04-20T11:15:44.057000
CVE-2025-3824,1,1,b965e5d32afe683a75f0838637bd08ae64a757afc4446e12179b507fbbeaf656,2025-04-20T11:15:44.937000 CVE-2025-3824,0,0,b965e5d32afe683a75f0838637bd08ae64a757afc4446e12179b507fbbeaf656,2025-04-20T11:15:44.937000
CVE-2025-38240,0,0,55c3c53507175385d390f4e5f0701155663d7d45488ce3854f0ce48d67d704f4,2025-04-18T07:15:43.510000 CVE-2025-38240,0,0,55c3c53507175385d390f4e5f0701155663d7d45488ce3854f0ce48d67d704f4,2025-04-18T07:15:43.510000
CVE-2025-3825,1,1,b0e42a018583b9ba31e420c2ccd93016111550e85efb6830da587538548ada98,2025-04-20T12:15:14.113000
CVE-2025-3826,1,1,16667ae8014611f3ba610c83d8dac4ed037e4c57a8e2ec56facb3e00355785c6,2025-04-20T13:15:44.937000
CVE-2025-38479,0,0,b2b6ea65e240d4ffeed782b9d037d3b3cf1f0ae1e3ce4a6e40a815527e135169,2025-04-18T07:15:43.613000 CVE-2025-38479,0,0,b2b6ea65e240d4ffeed782b9d037d3b3cf1f0ae1e3ce4a6e40a815527e135169,2025-04-18T07:15:43.613000
CVE-2025-38575,0,0,fc45fd45a431f685538b4001e1e87131d23faf0a16a9209a56843479513a7e70,2025-04-18T07:15:43.717000 CVE-2025-38575,0,0,fc45fd45a431f685538b4001e1e87131d23faf0a16a9209a56843479513a7e70,2025-04-18T07:15:43.717000
CVE-2025-38637,0,0,994255e82cd74ce8666ff4c2bb27a6e5073245f15905958a121473a3bd555340,2025-04-18T07:15:43.823000 CVE-2025-38637,0,0,994255e82cd74ce8666ff4c2bb27a6e5073245f15905958a121473a3bd555340,2025-04-18T07:15:43.823000

Can't render this file because it is too large.