From 5612ab5657786bbba5aec48cf6776a625769e708 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Fri, 21 Feb 2025 13:04:27 +0000 Subject: [PATCH] Auto-Update: 2025-02-21T13:01:00.013693+00:00 --- CVE-2024/CVE-2024-116xx/CVE-2024-11628.json | 48 ++++++- CVE-2024/CVE-2024-134xx/CVE-2024-13416.json | 4 +- CVE-2024/CVE-2024-134xx/CVE-2024-13455.json | 60 +++++++++ CVE-2024/CVE-2024-137xx/CVE-2024-13713.json | 64 +++++++++ CVE-2024/CVE-2024-137xx/CVE-2024-13783.json | 41 +++++- CVE-2024/CVE-2024-137xx/CVE-2024-13797.json | 58 +++++++- CVE-2024/CVE-2024-138xx/CVE-2024-13846.json | 60 +++++++++ CVE-2024/CVE-2024-139xx/CVE-2024-13900.json | 60 +++++++++ CVE-2024/CVE-2024-91xx/CVE-2024-9150.json | 86 ++++++++++++ CVE-2025/CVE-2025-03xx/CVE-2025-0332.json | 47 ++++++- CVE-2025/CVE-2025-05xx/CVE-2025-0521.json | 58 +++++++- CVE-2025/CVE-2025-08xx/CVE-2025-0817.json | 63 ++++++++- CVE-2025/CVE-2025-10xx/CVE-2025-1094.json | 6 +- CVE-2025/CVE-2025-12xx/CVE-2025-1208.json | 83 ++++++++++-- CVE-2025/CVE-2025-14xx/CVE-2025-1402.json | 72 ++++++++++ CVE-2025/CVE-2025-14xx/CVE-2025-1489.json | 64 +++++++++ CVE-2025/CVE-2025-15xx/CVE-2025-1535.json | 141 ++++++++++++++++++++ README.md | 37 ++--- _state.csv | 46 ++++--- 19 files changed, 1025 insertions(+), 73 deletions(-) create mode 100644 CVE-2024/CVE-2024-134xx/CVE-2024-13455.json create mode 100644 CVE-2024/CVE-2024-137xx/CVE-2024-13713.json create mode 100644 CVE-2024/CVE-2024-138xx/CVE-2024-13846.json create mode 100644 CVE-2024/CVE-2024-139xx/CVE-2024-13900.json create mode 100644 CVE-2024/CVE-2024-91xx/CVE-2024-9150.json create mode 100644 CVE-2025/CVE-2025-14xx/CVE-2025-1402.json create mode 100644 CVE-2025/CVE-2025-14xx/CVE-2025-1489.json create mode 100644 CVE-2025/CVE-2025-15xx/CVE-2025-1535.json diff --git a/CVE-2024/CVE-2024-116xx/CVE-2024-11628.json b/CVE-2024/CVE-2024-116xx/CVE-2024-11628.json index 16a31e4dd0d..788c3dffbeb 100644 --- a/CVE-2024/CVE-2024-116xx/CVE-2024-11628.json +++ b/CVE-2024/CVE-2024-116xx/CVE-2024-11628.json @@ -2,8 +2,8 @@ "id": "CVE-2024-11628", "sourceIdentifier": "security@progress.com", "published": "2025-02-12T17:15:22.067", - "lastModified": "2025-02-12T17:15:22.067", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-02-21T12:08:11.927", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 0.7, "impactScore": 3.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.2, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 } ] }, @@ -51,10 +71,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:telerik:kendo_ui_for_vue:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2.4.0", + "versionEndExcluding": "6.1.0", + "matchCriteriaId": "1F3119A5-2160-46C0-804B-56269A1D204D" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.telerik.com/kendo-vue-ui/components/knowledge-base/kb-security-protoype-pollution-2024-11628", - "source": "security@progress.com" + "source": "security@progress.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-134xx/CVE-2024-13416.json b/CVE-2024/CVE-2024-134xx/CVE-2024-13416.json index 123d94530e0..f0f43b8daca 100644 --- a/CVE-2024/CVE-2024-134xx/CVE-2024-13416.json +++ b/CVE-2024/CVE-2024-134xx/CVE-2024-13416.json @@ -2,13 +2,13 @@ "id": "CVE-2024-13416", "sourceIdentifier": "product-security@axis.com", "published": "2025-02-06T19:15:19.220", - "lastModified": "2025-02-06T19:15:19.220", + "lastModified": "2025-02-21T12:15:29.193", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Using API in the 2N OS device, authorized user can enable logging, which discloses valid authentication tokens in system log." + "value": "Using API in the 2N OS device, authorized user can enable logging, which discloses valid authentication tokens in system log.\n\n\n\n\n2N has released an updated version 2.46 of 2N OS, where this vulnerability is mitigated. It is recommended that all customers update their devices to the latest 2N OS." }, { "lang": "es", diff --git a/CVE-2024/CVE-2024-134xx/CVE-2024-13455.json b/CVE-2024/CVE-2024-134xx/CVE-2024-13455.json new file mode 100644 index 00000000000..4a611a535c0 --- /dev/null +++ b/CVE-2024/CVE-2024-134xx/CVE-2024-13455.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-13455", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-21T12:15:29.823", + "lastModified": "2025-02-21T12:15:29.823", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The igumbi Online Booking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'igumbi_calendar' shortcode in all versions up to, and including, 1.40 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3243431%40igumbi-online-booking&new=3243431%40igumbi-online-booking&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b21f9cfa-8113-42bc-a9dc-4d891bd9821b?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-137xx/CVE-2024-13713.json b/CVE-2024/CVE-2024-137xx/CVE-2024-13713.json new file mode 100644 index 00000000000..624a580b213 --- /dev/null +++ b/CVE-2024/CVE-2024-137xx/CVE-2024-13713.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-13713", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-21T12:15:30.040", + "lastModified": "2025-02-21T12:15:30.040", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The WPExperts Square For GiveWP plugin for WordPress is vulnerable to SQL Injection via the 'post' parameter in all versions up to, and including, 1.3.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/wpexperts-square-for-give/trunk/includes/class-give-square.php#L189", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3242658/wpexperts-square-for-give/trunk/includes/class-give-square.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7863c5fb-1eda-41a3-b8ec-054784ab2438?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-137xx/CVE-2024-13783.json b/CVE-2024/CVE-2024-137xx/CVE-2024-13783.json index e550003d4c8..a80d9883f4b 100644 --- a/CVE-2024/CVE-2024-137xx/CVE-2024-13783.json +++ b/CVE-2024/CVE-2024-137xx/CVE-2024-13783.json @@ -2,13 +2,17 @@ "id": "CVE-2024-13783", "sourceIdentifier": "security@wordfence.com", "published": "2025-02-18T11:15:11.600", - "lastModified": "2025-02-18T11:15:11.600", - "vulnStatus": "Received", + "lastModified": "2025-02-21T12:19:42.537", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The FormCraft plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check in formcraft-main.php in all versions up to, and including, 3.9.11. This makes it possible for authenticated attackers, with Subscriber-level access and above, to export all plugin data which may contain sensitive information from form submissions." + }, + { + "lang": "es", + "value": "El complemento FormCraft para WordPress es vulnerable al acceso no autorizado de datos debido a una verificaci\u00f3n de capacidad faltante en formcraft-main.php en todas las versiones hasta 3.9.11 incluida. Esto hace posible que los atacantes autenticados, con acceso a nivel de suscriptor y superior, exporten todos los datos de complementos que pueden contener informaci\u00f3n confidencial de los env\u00edos de formularios." } ], "metrics": { @@ -47,18 +51,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ncrafts:formcraft:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.9.12", + "matchCriteriaId": "8DB20998-2100-4457-A89C-B39832638855" + } + ] + } + ] + } + ], "references": [ { "url": "https://codecanyon.net/item/formcraft-premium-wordpress-form-builder/5335056", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://formcraft-wp.com/changelog/", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Release Notes" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f7b45b1d-7ed6-4382-b69c-45ea45e4d0db?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-137xx/CVE-2024-13797.json b/CVE-2024/CVE-2024-137xx/CVE-2024-13797.json index 0d14bc12480..9a80cd612a3 100644 --- a/CVE-2024/CVE-2024-137xx/CVE-2024-13797.json +++ b/CVE-2024/CVE-2024-137xx/CVE-2024-13797.json @@ -2,20 +2,24 @@ "id": "CVE-2024-13797", "sourceIdentifier": "security@wordfence.com", "published": "2025-02-18T11:15:11.753", - "lastModified": "2025-02-18T11:15:11.753", - "vulnStatus": "Received", + "lastModified": "2025-02-21T12:17:17.200", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The PressMart - Modern Elementor WooCommerce WordPress Theme theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.2.16. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes." + }, + { + "lang": "es", + "value": "El tema PressMart - Modern Elementor WooCommerce WordPress Theme para WordPress es vulnerable a la ejecuci\u00f3n arbitraria de los c\u00f3digos cortos en todas las versiones hasta 1.2.16 incluida. Esto se debe al software que permite a los usuarios ejecutar una acci\u00f3n que no valida correctamente un valor antes de ejecutar do_shortcode. Esto hace posible que los atacantes no autenticados ejecuten c\u00f3digos cortos arbitrarios." } ], "metrics": { "cvssMetricV31": [ { "source": "security@wordfence.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", @@ -32,6 +36,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ] }, @@ -47,14 +71,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:presslayouts:pressmart:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.2.17", + "matchCriteriaId": "4ABD74C4-4AB4-4919-B99F-2031592F7D3A" + } + ] + } + ] + } + ], "references": [ { "url": "https://themeforest.net/item/pressmart-modern-elementor-woocommerce-wordpress-theme/39241221", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/24aa6c0b-88bc-4c3e-ada7-2e89d84bdfc3?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-138xx/CVE-2024-13846.json b/CVE-2024/CVE-2024-138xx/CVE-2024-13846.json new file mode 100644 index 00000000000..18eea31c444 --- /dev/null +++ b/CVE-2024/CVE-2024-138xx/CVE-2024-13846.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-13846", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-21T12:15:30.183", + "lastModified": "2025-02-21T12:15:30.183", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Indeed Ultimate Learning Pro plugin for WordPress is vulnerable to time-based SQL Injection via the \u2018post_id\u2019 parameter in all versions up to, and including, 3.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 4.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://codecanyon.net/item/ultimate-learning-pro-wordpress-plugin/21772657", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e9ccd2cc-ee5e-40e3-905d-21884ec01f72?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-139xx/CVE-2024-13900.json b/CVE-2024/CVE-2024-139xx/CVE-2024-13900.json new file mode 100644 index 00000000000..577d08fe63d --- /dev/null +++ b/CVE-2024/CVE-2024-139xx/CVE-2024-13900.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-13900", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-21T12:15:30.320", + "lastModified": "2025-02-21T12:15:30.320", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Head, Footer and Post Injections plugin for WordPress is vulnerable to PHP Code Injection in all versions up to, and including, 3.3.0. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject PHP Code in multisite environments." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 4.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 0.7, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3244016/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5177bde6-4922-48ee-9155-577c392809a0?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-91xx/CVE-2024-9150.json b/CVE-2024/CVE-2024-91xx/CVE-2024-9150.json new file mode 100644 index 00000000000..82facac85fa --- /dev/null +++ b/CVE-2024/CVE-2024-91xx/CVE-2024-9150.json @@ -0,0 +1,86 @@ +{ + "id": "CVE-2024-9150", + "sourceIdentifier": "cvd@cert.pl", + "published": "2025-02-21T12:15:30.463", + "lastModified": "2025-02-21T12:15:30.463", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Report generation functionality in Wyn Enterprise allows for code inclusion, but not sufficiently limits what code might be included. An attacker is able use a low privileges account in order to abuse this functionality and execute malicious code, load DLL libraries and executing OS commands on a host system with applications high privileges.\nThis issue has been fixed in version\u00a08.0.00204.0" + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cvd@cert.pl", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 8.7, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "cvd@cert.pl", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-1336" + } + ] + } + ], + "references": [ + { + "url": "https://cert.pl/en/posts/2025/02/CVE-2024-9150", + "source": "cvd@cert.pl" + }, + { + "url": "https://efigo.pl/blog/cve-2024-9150/", + "source": "cvd@cert.pl" + }, + { + "url": "https://www.wynenterprise.com/", + "source": "cvd@cert.pl" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-03xx/CVE-2025-0332.json b/CVE-2025/CVE-2025-03xx/CVE-2025-0332.json index 19b6ad06f5d..6a622652743 100644 --- a/CVE-2025/CVE-2025-03xx/CVE-2025-0332.json +++ b/CVE-2025/CVE-2025-03xx/CVE-2025-0332.json @@ -2,8 +2,8 @@ "id": "CVE-2025-0332", "sourceIdentifier": "security@progress.com", "published": "2025-02-12T16:15:42.703", - "lastModified": "2025-02-12T16:15:42.703", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-02-21T12:03:31.920", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ] }, @@ -51,10 +71,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:telerik:ui_for_winforms:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2025.1.211", + "matchCriteriaId": "73713D9A-E2AA-4803-891B-30BF1904FF47" + } + ] + } + ] + } + ], "references": [ { "url": "https://docs.telerik.com/devtools/winforms/knowledge-base/kb-security-path-traversal-cve-2025-0332", - "source": "security@progress.com" + "source": "security@progress.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-05xx/CVE-2025-0521.json b/CVE-2025/CVE-2025-05xx/CVE-2025-0521.json index 2299e3e6308..2d1883816b0 100644 --- a/CVE-2025/CVE-2025-05xx/CVE-2025-0521.json +++ b/CVE-2025/CVE-2025-05xx/CVE-2025-0521.json @@ -2,20 +2,24 @@ "id": "CVE-2025-0521", "sourceIdentifier": "security@wordfence.com", "published": "2025-02-18T11:15:12.740", - "lastModified": "2025-02-18T11:15:12.740", - "vulnStatus": "Received", + "lastModified": "2025-02-21T12:16:09.897", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Post SMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the from and subject parameter in all versions up to, and including, 3.0.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento Post SMTP para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del par\u00e1metro from y subject en todas las versiones hasta 3.0.2 incluida, debido a una depuraci\u00f3n de entrada insuficiente y al escape de salida. Esto hace posible que los atacantes no autenticados inyecten una web arbitraria scripts en p\u00e1ginas que se ejecutar\u00e1n siempre que un usuario acceda a una p\u00e1gina inyectada. " } ], "metrics": { "cvssMetricV31": [ { "source": "security@wordfence.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", @@ -32,6 +36,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 2.7 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 } ] }, @@ -47,14 +71,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpexperts:post_smtp:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.1.0", + "matchCriteriaId": "6CFC5EE8-9980-4893-A6AB-882EBC8509D1" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3237626%40post-smtp%2Ftrunk&old=3229076%40post-smtp%2Ftrunk&sfp_email=&sfph_mail=", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/366dfbf1-870c-4ce3-abc4-a2b2f4e72175?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-08xx/CVE-2025-0817.json b/CVE-2025/CVE-2025-08xx/CVE-2025-0817.json index e5ce3762d12..6d5c8aa05b9 100644 --- a/CVE-2025/CVE-2025-08xx/CVE-2025-0817.json +++ b/CVE-2025/CVE-2025-08xx/CVE-2025-0817.json @@ -2,20 +2,24 @@ "id": "CVE-2025-0817", "sourceIdentifier": "security@wordfence.com", "published": "2025-02-18T11:15:12.893", - "lastModified": "2025-02-18T11:15:12.893", - "vulnStatus": "Received", + "lastModified": "2025-02-21T12:15:11.963", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The FormCraft plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 3.9.11 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file." + }, + { + "lang": "es", + "value": "El complemento FormCraft para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s de cargas de archivo SVG en todas las versiones hasta 3.9.11 incluida, debido a una depuraci\u00f3n de entrada insuficiente y al escape de salida. Esto hace posible que los atacantes no autenticados inyecten una web arbitraria scripts en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda al archivo SVG." } ], "metrics": { "cvssMetricV31": [ { "source": "security@wordfence.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", @@ -32,6 +36,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 2.7 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 } ] }, @@ -47,18 +71,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ncrafts:formcraft:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.9.12", + "matchCriteriaId": "8DB20998-2100-4457-A89C-B39832638855" + } + ] + } + ] + } + ], "references": [ { "url": "https://codecanyon.net/item/formcraft-premium-wordpress-form-builder/5335056", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://formcraft-wp.com/changelog/", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Release Notes" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7ae0710a-8c9b-41b0-860f-ae79b7ed1ee4?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-10xx/CVE-2025-1094.json b/CVE-2025/CVE-2025-10xx/CVE-2025-1094.json index d2b75a59493..dff19a7a978 100644 --- a/CVE-2025/CVE-2025-10xx/CVE-2025-1094.json +++ b/CVE-2025/CVE-2025-10xx/CVE-2025-1094.json @@ -2,7 +2,7 @@ "id": "CVE-2025-1094", "sourceIdentifier": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "published": "2025-02-13T13:15:09.130", - "lastModified": "2025-02-20T19:15:11.847", + "lastModified": "2025-02-21T11:15:09.800", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -67,6 +67,10 @@ { "url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00015.html", "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00024.html", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-12xx/CVE-2025-1208.json b/CVE-2025/CVE-2025-12xx/CVE-2025-1208.json index a33b7659fe1..8c71e05a16c 100644 --- a/CVE-2025/CVE-2025-12xx/CVE-2025-1208.json +++ b/CVE-2025/CVE-2025-12xx/CVE-2025-1208.json @@ -2,8 +2,8 @@ "id": "CVE-2025-1208", "sourceIdentifier": "cna@vuldb.com", "published": "2025-02-12T16:15:44.613", - "lastModified": "2025-02-12T16:15:44.613", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-02-21T12:03:49.027", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -63,7 +63,7 @@ "cvssMetricV31": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", @@ -80,6 +80,26 @@ }, "exploitabilityScore": 2.1, "impactScore": 1.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 } ], "cvssMetricV2": [ @@ -111,7 +131,7 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -122,28 +142,73 @@ "value": "CWE-94" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:anisha:wazifa_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "0017ACDA-AB2A-4C45-81E8-8646C3FF9CE3" + } + ] + } + ] } ], "references": [ { "url": "https://code-projects.org/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] }, { "url": "https://github.com/nanguawuming/CVE2/blob/main/cve1.pdf", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.295145", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.295145", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.497355", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-14xx/CVE-2025-1402.json b/CVE-2025/CVE-2025-14xx/CVE-2025-1402.json new file mode 100644 index 00000000000..cdc1ecb816a --- /dev/null +++ b/CVE-2025/CVE-2025-14xx/CVE-2025-1402.json @@ -0,0 +1,72 @@ +{ + "id": "CVE-2025-1402", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-21T12:15:30.607", + "lastModified": "2025-02-21T12:15:30.607", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Event Tickets and Registration plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'ajax_ticket_delete' function in all versions up to, and including, 5.19.1.1. This makes it possible for authenticated attackers, with Contributor-level access and above, to delete arbitrary Attendee tickets." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/event-tickets/tags/5.18.1/src/Tribe/Assets.php#L202", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/event-tickets/tags/5.18.1/src/Tribe/Metabox.php#L30", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/event-tickets/tags/5.18.1/src/Tribe/Metabox.php#L490", + "source": "security@wordfence.com" + }, + { + "url": "https://wordfence.freshdesk.com/a/tickets/375051", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dbd838b6-7792-4378-8969-a70c6e16ff6a?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-14xx/CVE-2025-1489.json b/CVE-2025/CVE-2025-14xx/CVE-2025-1489.json new file mode 100644 index 00000000000..6fb1aabc04d --- /dev/null +++ b/CVE-2025/CVE-2025-14xx/CVE-2025-1489.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2025-1489", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-21T12:15:30.740", + "lastModified": "2025-02-21T12:15:30.740", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The WP-Appbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's appbox shortcode in all versions up to, and including, 4.5.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3244084/", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/wp-appbox/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6d58355d-2762-4ecc-aec2-52a1e3323017?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-15xx/CVE-2025-1535.json b/CVE-2025/CVE-2025-15xx/CVE-2025-1535.json new file mode 100644 index 00000000000..b5e2ec39848 --- /dev/null +++ b/CVE-2025/CVE-2025-15xx/CVE-2025-1535.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2025-1535", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-02-21T12:15:30.877", + "lastModified": "2025-02-21T12:15:30.877", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in Baiyi Cloud Asset Management System 8.142.100.161. It has been classified as critical. This affects an unknown part of the file /wuser/admin.ticket.close.php. The manipulation of the argument ticket_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "baseScore": 7.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/sekaino-sakura/CVE/blob/main/CVE_2.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.296475", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.296475", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.496969", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 7c267e6985f..582f9234ff6 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-02-21T11:00:29.838951+00:00 +2025-02-21T13:01:00.013693+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-02-21T10:15:11.413000+00:00 +2025-02-21T12:19:42.537000+00:00 ``` ### Last Data Feed Release @@ -33,29 +33,36 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -281999 +282007 ``` ### CVEs added in the last Commit -Recently added CVEs: `10` +Recently added CVEs: `8` -- [CVE-2024-12276](CVE-2024/CVE-2024-122xx/CVE-2024-12276.json) (`2025-02-21T10:15:10.290`) -- [CVE-2024-12452](CVE-2024/CVE-2024-124xx/CVE-2024-12452.json) (`2025-02-21T10:15:10.457`) -- [CVE-2024-13353](CVE-2024/CVE-2024-133xx/CVE-2024-13353.json) (`2025-02-21T10:15:10.607`) -- [CVE-2024-13461](CVE-2024/CVE-2024-134xx/CVE-2024-13461.json) (`2025-02-21T10:15:10.767`) -- [CVE-2024-13648](CVE-2024/CVE-2024-136xx/CVE-2024-13648.json) (`2025-02-21T10:15:10.927`) -- [CVE-2025-0727](CVE-2025/CVE-2025-07xx/CVE-2025-0727.json) (`2025-02-21T09:15:09.010`) -- [CVE-2025-0728](CVE-2025/CVE-2025-07xx/CVE-2025-0728.json) (`2025-02-21T09:15:10.077`) -- [CVE-2025-1410](CVE-2025/CVE-2025-14xx/CVE-2025-1410.json) (`2025-02-21T09:15:10.200`) -- [CVE-2025-1470](CVE-2025/CVE-2025-14xx/CVE-2025-1470.json) (`2025-02-21T10:15:11.243`) -- [CVE-2025-1471](CVE-2025/CVE-2025-14xx/CVE-2025-1471.json) (`2025-02-21T10:15:11.413`) +- [CVE-2024-13455](CVE-2024/CVE-2024-134xx/CVE-2024-13455.json) (`2025-02-21T12:15:29.823`) +- [CVE-2024-13713](CVE-2024/CVE-2024-137xx/CVE-2024-13713.json) (`2025-02-21T12:15:30.040`) +- [CVE-2024-13846](CVE-2024/CVE-2024-138xx/CVE-2024-13846.json) (`2025-02-21T12:15:30.183`) +- [CVE-2024-13900](CVE-2024/CVE-2024-139xx/CVE-2024-13900.json) (`2025-02-21T12:15:30.320`) +- [CVE-2024-9150](CVE-2024/CVE-2024-91xx/CVE-2024-9150.json) (`2025-02-21T12:15:30.463`) +- [CVE-2025-1402](CVE-2025/CVE-2025-14xx/CVE-2025-1402.json) (`2025-02-21T12:15:30.607`) +- [CVE-2025-1489](CVE-2025/CVE-2025-14xx/CVE-2025-1489.json) (`2025-02-21T12:15:30.740`) +- [CVE-2025-1535](CVE-2025/CVE-2025-15xx/CVE-2025-1535.json) (`2025-02-21T12:15:30.877`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `9` +- [CVE-2024-11628](CVE-2024/CVE-2024-116xx/CVE-2024-11628.json) (`2025-02-21T12:08:11.927`) +- [CVE-2024-13416](CVE-2024/CVE-2024-134xx/CVE-2024-13416.json) (`2025-02-21T12:15:29.193`) +- [CVE-2024-13783](CVE-2024/CVE-2024-137xx/CVE-2024-13783.json) (`2025-02-21T12:19:42.537`) +- [CVE-2024-13797](CVE-2024/CVE-2024-137xx/CVE-2024-13797.json) (`2025-02-21T12:17:17.200`) +- [CVE-2025-0332](CVE-2025/CVE-2025-03xx/CVE-2025-0332.json) (`2025-02-21T12:03:31.920`) +- [CVE-2025-0521](CVE-2025/CVE-2025-05xx/CVE-2025-0521.json) (`2025-02-21T12:16:09.897`) +- [CVE-2025-0817](CVE-2025/CVE-2025-08xx/CVE-2025-0817.json) (`2025-02-21T12:15:11.963`) +- [CVE-2025-1094](CVE-2025/CVE-2025-10xx/CVE-2025-1094.json) (`2025-02-21T11:15:09.800`) +- [CVE-2025-1208](CVE-2025/CVE-2025-12xx/CVE-2025-1208.json) (`2025-02-21T12:03:49.027`) ## Download and Usage diff --git a/_state.csv b/_state.csv index bc254460f0e..2c711ac63a2 100644 --- a/_state.csv +++ b/_state.csv @@ -244984,7 +244984,7 @@ CVE-2024-11624,0,0,2fbadf82b86c601ba5e3c164ddb11cdb07fbf96914b2d5fb97e205c966153 CVE-2024-11625,0,0,c71612eff4dbfdfd57dcd77786b9f90aeda1003c787b3baa9b3e022b7aa38e14,2025-01-07T09:15:06.560000 CVE-2024-11626,0,0,e05f68563d0cfe4fcf37166c88856797ec0301944e16df5d7b6760557f29956d,2025-01-07T09:15:07.533000 CVE-2024-11627,0,0,9ff1a8df860daf1368acfa4151c0612097655e3c1d986846213632a0d4bd06d7,2025-01-07T09:15:07.633000 -CVE-2024-11628,0,0,702b95bca9dfca9e62eeaa1a623b8c1f804ea09880c2a2beee620d96779775db,2025-02-12T17:15:22.067000 +CVE-2024-11628,0,1,7c5616b880f8e46349d606dff048f573949b5a6f95ae4c87d4a1d5678ef21441,2025-02-21T12:08:11.927000 CVE-2024-11629,0,0,c03c8073dae9eb5d857d83b66f0e9182250584b24834bf542305a5224d4450fc,2025-02-19T19:09:11.177000 CVE-2024-1163,0,0,3534cb0564ba7e08015dfddf52a975a19f7b672cf09e3f78e469f84e669f2cea,2024-11-21T08:49:56.403000 CVE-2024-11630,0,0,602de6590967350fd7f3827b1a11ce4a1c578a1994d3c132149d73cf61dca0eb,2024-11-22T22:15:13.637000 @@ -245599,7 +245599,7 @@ CVE-2024-12271,0,0,e756524ee3996486f46fc9dfb0848744c8a90daec55e50296545ffd31d194 CVE-2024-12272,0,0,cbbb238a5fc49c4ada4f96dbd5ec3bf6a1bab33a6ad37ef5b0235e516631a83b,2024-12-25T04:15:06.457000 CVE-2024-12274,0,0,754c33d384166421b8530c0b6be4d1f50e294eb962f01142a13c10f72064a9a9,2025-01-13T15:15:07.727000 CVE-2024-12275,0,0,b6c89aad753f4288f4ee3eb48d039165a7e55489cd8f246e0432f82458e25832,2025-01-31T17:15:11.957000 -CVE-2024-12276,1,1,ac87679c832d171d2f05cc5a33dd2cbdfb1662932e63d4d23d1bd768125d730d,2025-02-21T10:15:10.290000 +CVE-2024-12276,0,0,ac87679c832d171d2f05cc5a33dd2cbdfb1662932e63d4d23d1bd768125d730d,2025-02-21T10:15:10.290000 CVE-2024-12279,0,0,28f926ab6f57c2b10bee59d6914cc0152fa6a23fa0d172ad6d11e3d9d407b5c2,2025-01-04T12:15:24.453000 CVE-2024-1228,0,0,02a2d35b9c29d8600ba5afee210d0e6465f5ee41eb5d9edcafc9d5f9e15f44ef,2024-11-21T08:50:06.280000 CVE-2024-12280,0,0,877a1ef9090370a5789c2e7362afe046232f3567d1b51a01b5cd894549fa6293,2025-01-28T21:15:16.317000 @@ -245754,7 +245754,7 @@ CVE-2024-12448,0,0,4923580d5a5f99d530db30df1f25529a66e5faa8f94f1d2c65ae42b9f669a CVE-2024-12449,0,0,5fcc22f14406311e0fc83130f321673a9681bcd45ccd4b15a7e6df2428ef10f4,2024-12-18T04:15:08.103000 CVE-2024-1245,0,0,95e8542ba13fb11ab7fe96b21acceb5168a3d85655e46eadbf4243e255ea26c4,2024-11-21T08:50:08.740000 CVE-2024-12451,0,0,67c653f5b766de9eabac31aac33935b0d524840bf4e4a950cc1dfb440a57f21e,2025-01-31T18:55:11.707000 -CVE-2024-12452,1,1,7d880a9042e36d32233de02d3a7a57b792407a1771be133aa9843ea62498cb99,2025-02-21T10:15:10.457000 +CVE-2024-12452,0,0,7d880a9042e36d32233de02d3a7a57b792407a1771be133aa9843ea62498cb99,2025-02-21T10:15:10.457000 CVE-2024-12453,0,0,76ad3f9c42446921081688745051c38b136a07ee1614804cd400b083fd2b395b,2025-01-07T05:15:19.260000 CVE-2024-12454,0,0,8d73661dfeacd698ba1638817b062fe681bc6bd2d9cfe150642a15e6ed3c799a,2024-12-18T10:15:08.117000 CVE-2024-12457,0,0,8b6dcd10765fdf34de144f9bc8c49e92cdcb9e82bb357349c5178d12bb4f5cd7,2025-01-07T05:15:19.453000 @@ -246541,7 +246541,7 @@ CVE-2024-13349,0,0,1a00cf757b3ec26bd50ea0e563207e24798d3893002c58755b8b9af1d4127 CVE-2024-1335,0,0,82fb69da532892baa7a81804ae338bd46e69a8bbbad77be8c22b678b91bcc8f9,2024-12-31T16:50:11.167000 CVE-2024-13351,0,0,7985eca9113b0e4ff9b5606ce71f06a97acfce6eac97b8c91847c6875b508284,2025-01-15T10:15:07.993000 CVE-2024-13352,0,0,e3b517ead7778233dbb1fb4b3ec3651780c4dec33a82aff69cd76909bd75eb05,2025-02-07T16:15:35.960000 -CVE-2024-13353,1,1,5a8f3045058a1f00f14443cb43400264ab271ef4f72330e58ff7dad66a3150ca,2025-02-21T10:15:10.607000 +CVE-2024-13353,0,0,5a8f3045058a1f00f14443cb43400264ab271ef4f72330e58ff7dad66a3150ca,2025-02-21T10:15:10.607000 CVE-2024-13354,0,0,70c8df8ffc765e671782c1c5275e6f7668ade0103b0f3f6fd1920147a9a818fb,2025-02-05T01:36:55.960000 CVE-2024-13355,0,0,b14926ff025e929de229a84af4734d711f0473d16ba82bc6498a7b20173af029,2025-01-16T10:15:08.750000 CVE-2024-13356,0,0,4c62ebf770eb8ffd31345cb0ef6c5025a9e134a147f2b545dcf049e579341f09,2025-02-04T10:15:07.920000 @@ -246593,7 +246593,7 @@ CVE-2024-13408,0,0,e396f32e4dcbb651814f9215fd3a09eb2577d8842a6e7054a1c2694b62332 CVE-2024-13409,0,0,16195c232130678b474ab73526a536d491d9fdbf657fb8a2a79faa0112e2d1e0,2025-02-05T01:36:36.047000 CVE-2024-1341,0,0,090bf84c5ce2b0dfeca3a04f998237d36add49409b51be286587af2f8364beb8,2024-11-21T08:50:22.300000 CVE-2024-13415,0,0,20f4b651b70587580f805a97274e0650f9bb61a3067aa9a0bda1ff129a051ce4,2025-01-31T06:15:29.287000 -CVE-2024-13416,0,0,8ad08b3960e2b2d4c6644ae345c6c571f903315ed0f985d54f77df4fa51b72bc,2025-02-06T19:15:19.220000 +CVE-2024-13416,0,1,d71120210a80712a2c247daf0d2ae5cb04d95a19fc86e36a7c69ffa25a62e7ae,2025-02-21T12:15:29.193000 CVE-2024-13417,0,0,38e6064a571c4d048cdc5ef6ae47228b6b31b2af2307c872610581c0fe53c957,2025-02-06T20:15:39.273000 CVE-2024-1342,0,0,2f41e6eac1e33a309fc72543d371a67df7cdf22eae12449849cd3aab8e438d93,2024-10-14T22:15:03.180000 CVE-2024-13421,0,0,aae3ef0eb8d6c0cd7f92da1264e974f580e1e1fa3a4819378de00b044a858918,2025-02-12T05:15:11.653000 @@ -246624,13 +246624,14 @@ CVE-2024-1345,0,0,7c212e7b361746cfecf33f6e4ed924489ff6a3a938083dd73fe4da2b7b4649 CVE-2024-13450,0,0,43fcdfa95c84c4f9958bcf0ed96f0c3b1c10185c108adb08c789dbe5f2feb02b,2025-02-04T20:48:58 CVE-2024-13453,0,0,e64fc58d83e3540bb01a99edb8cd9df274ae0c7a0249b0fd357ec05d1fc54281,2025-02-18T19:15:13.770000 CVE-2024-13454,0,0,14313d18c59abf0795f9e65c924b2232675b3f5fcf8c69fe1d32af5f5cac5a65,2025-01-21T20:15:30.793000 +CVE-2024-13455,1,1,2964634e2f357de3a92e73640f9a530dc8c95bb0ed72f05aaca2f88adb270deb,2025-02-21T12:15:29.823000 CVE-2024-13456,0,0,8ae271cb88225163ad5e7c38bef05ea0477f45cf928a6e7997913ed30ed7628b,2025-02-12T10:15:11.240000 CVE-2024-13457,0,0,51be24ad36e285925bb980a73e7213c707c5621ab118dd91f24b07146640a607,2025-02-07T15:34:15.553000 CVE-2024-13458,0,0,b0c82b9a6a2ae8ab3e75191e77bf09ecd6761e542d7fe4c0d50e106a0dd3473b,2025-02-04T19:35:30.473000 CVE-2024-13459,0,0,a9fe845bd277299369bc3f6cedb4f513e577d0a95806c4e189fd9614c9d6fa2e,2025-02-18T19:11:47.197000 CVE-2024-1346,0,0,67674c75c08ebc67974102102d05a3921f8c61d1fe386fe7de33f2c37b3bc24d,2024-11-21T08:50:22.793000 CVE-2024-13460,0,0,9c101ce4e9a0b77c24ea9727b59b3a3bfa4cbf94a343064a0ab69a083a2820cf,2025-01-31T18:07:24.277000 -CVE-2024-13461,1,1,7310b23419daedb24e559d3e84e89095cccd323ffb73d8e4bc88880b2b6bd17b,2025-02-21T10:15:10.767000 +CVE-2024-13461,0,0,7310b23419daedb24e559d3e84e89095cccd323ffb73d8e4bc88880b2b6bd17b,2025-02-21T10:15:10.767000 CVE-2024-13462,0,0,bd808375ae18220a9dd6d9ebbed45c53c83edb8ab02aeb633cd1274f400f3576,2025-02-19T08:15:15.620000 CVE-2024-13463,0,0,a74bd740de3fc458ef5c03de3331d5acaeffdc8e1dd114982c1f405dca936e7c,2025-01-31T04:15:07.497000 CVE-2024-13464,0,0,c7ce95854847c11fde5a1ddc21e150442b9e815758c964241dcc7c0eae02ec39,2025-02-18T05:15:11.673000 @@ -246781,7 +246782,7 @@ CVE-2024-13642,0,0,e62737ae89b22b0d2ca4d332b68aa19e6175af0f52e0500481826051778e9 CVE-2024-13643,0,0,976eb3748a453f62f41c154b29792936c30855f6728fa73bdd9cf169ffa6a36c,2025-02-11T08:15:30.450000 CVE-2024-13644,0,0,103d60e076f3c7bd4ae30253359a8c34e6a584ab6c0d85823d2a2e5827ff1420,2025-02-13T02:15:29.320000 CVE-2024-13646,0,0,df579ebc80f166383afd2bf72cceedaa012995a592dad78c8758f9a4e2dd62bd,2025-01-31T18:19:45.780000 -CVE-2024-13648,1,1,f589efbdd78e1f30099fe430f3ef2d8f3f3a111a9876802924f438e5321ec20b,2025-02-21T10:15:10.927000 +CVE-2024-13648,0,0,f589efbdd78e1f30099fe430f3ef2d8f3f3a111a9876802924f438e5321ec20b,2025-02-21T10:15:10.927000 CVE-2024-1365,0,0,0f6156fbf2b7d3a217bf5d4ee39b3ca345099663b38e102dcb249b872d4e92ab,2024-11-21T08:50:25.350000 CVE-2024-13651,0,0,7254671bcf096b25864421ea702cf7c7150d2b6e2d950cb4a4179c92a42d85a9,2025-02-01T04:15:30.997000 CVE-2024-13652,0,0,ed8d8236d1a3115f336400cbdd4ac56e250a414778c3b1c32835210395f1f04d,2025-01-31T18:21:53.167000 @@ -246832,6 +246833,7 @@ CVE-2024-13709,0,0,89bb0c649902e7b71dd397a2d1262eb45ecb5db3a49c5090d0564ce4341f0 CVE-2024-1371,0,0,700f360c37065b466d7daf295c0b566055365a6732e2b4756cd7fe3bd3dfd8e6,2024-11-21T08:50:26.150000 CVE-2024-13711,0,0,28001e86fb043564d3a2fa90df9b7c35a4ccbdf5b6fc94ce2c871cacc4e4e50c,2025-02-19T08:15:20.007000 CVE-2024-13712,0,0,030d96b716f25bafd54e090712c9bb60cc23ce32577681d3cdb6f0bf5f78f893,2025-02-19T08:15:20.380000 +CVE-2024-13713,1,1,325bf5535693a886456d4dc30288f32e2355aa6c0f7fe640457617c4bf8a5017,2025-02-21T12:15:30.040000 CVE-2024-13714,0,0,b97d32dee0692688a979a37af59123f65e30a687518c4b6566287e3189fcc055,2025-02-12T06:15:19.987000 CVE-2024-13715,0,0,f17d510da8f1903ed11deb0997b2f7b6b7c66954d157d92b6358d4c629959cde,2025-01-30T18:53:45.883000 CVE-2024-13717,0,0,4177d6f2dff693b69b1517de82a3632e741bac0287c1343530f73c4d6d1ed41b,2025-01-31T06:15:29.770000 @@ -246868,14 +246870,14 @@ CVE-2024-1377,0,0,76446229d1bded69224cd2e98212f244bd2380b3470adb0152ce2b85f9216c CVE-2024-13770,0,0,a44f66c1dcb1ed45bbd56efa11122dee804aa0389e710164fb7a159776bdc27c,2025-02-13T05:15:14.177000 CVE-2024-13775,0,0,89d1ec6a71cec12ef8d6fda55cf89bde1f18738024bb28bd682eafe6ee6a6e20,2025-02-01T13:15:22.847000 CVE-2024-1378,0,0,041aa523b6aa5691bc95edbf2c3845e6125399d35aa90aa412089416e101b866,2024-11-21T08:50:26.997000 -CVE-2024-13783,0,0,ac9bfe0bdafe91bcdd1a8a8c9fc20390084611c0cb7ca54a0c41211f48373302,2025-02-18T11:15:11.600000 +CVE-2024-13783,0,1,4d1adc087edd34d52079e199658ef345cbd94c9c74350c99493fda1d34bf23f7,2025-02-21T12:19:42.537000 CVE-2024-13789,0,0,66685c0c937a45caf4804fdbb0f6a654b7766a4df93c13ce786e130fd2ed5ff5,2025-02-20T10:15:10.637000 CVE-2024-1379,0,0,d57d063aae1fbcb792bd04eccc73dc16507c20c6267e19d5bea5a4e5413062c5,2024-11-21T08:50:27.157000 CVE-2024-13791,0,0,e8f3bd70e313cf86e3514fe881c4b6e7c79dc2453560333d0bb8ba37212823df,2025-02-14T11:15:09.320000 CVE-2024-13792,0,0,5eea2eb9c2e9b718585e09fb9464cf4787dcedab1db15551defa783e010d8240,2025-02-20T10:15:10.850000 CVE-2024-13794,0,0,27d6b89d805464403aa5cd7b47bffa4f0df39472970f2a8182a5a27be68e3d41,2025-02-18T18:15:19.290000 CVE-2024-13795,0,0,5ff186d2b18ebdd910aed1b17c910f62f178a43b9b5396d894a01eab3d2cf2bf,2025-02-18T08:15:09.980000 -CVE-2024-13797,0,0,fe09b7061fe6273763b2c8668b8146404830403c0458cc4116f6d91c5b5628d2,2025-02-18T11:15:11.753000 +CVE-2024-13797,0,1,784cf91e048f4958bdad15f96921115cca7505f76e057d124aec3331890c0072,2025-02-21T12:17:17.200000 CVE-2024-13799,0,0,ec8cb514ef31404e1cd13657eea18c026b0b0f4d5ffefec8356a7aac820d1c0c,2025-02-19T06:15:21.283000 CVE-2024-1380,0,0,189ef0e7c99b94999bf853d72512eb8cc5fd5c5f665b06c2b0baa188813ae89d,2025-01-31T13:26:51.163000 CVE-2024-13800,0,0,f8189949096d0fbf1e64f83c4f4243db2d6cd8eee32b0c9aa4085efbf0645426,2025-02-12T05:15:12.810000 @@ -246896,6 +246898,7 @@ CVE-2024-1384,0,0,f50cb0336a3fe51b62fe599c783d20749a5fb92b8e797d5c0ac36d466c13f7 CVE-2024-13841,0,0,42857531268142aae6c02637b3b6e7d79dd71736d6804136946d48ddaede14a2,2025-02-07T07:15:14.573000 CVE-2024-13842,0,0,e27bb87d0390ea96b584ec0f6fbe747157fb2de816ea15a1791b354e66567fcd,2025-02-20T15:55:29.770000 CVE-2024-13843,0,0,7b075d61798f8069984290c52e4033a7424dc56423296944d32554dce61a6d7f,2025-02-20T15:55:03.547000 +CVE-2024-13846,1,1,7a6b2d68f6b35a1c0346eb229a9db02fce41ef7ca697acebf08e29ec1c1313dc,2025-02-21T12:15:30.183000 CVE-2024-13848,0,0,df6c3059e3b4c6e50b09360738ce65b75366af6866f9db1d8dd4c079c2d2cfbe,2025-02-18T05:15:19.157000 CVE-2024-13849,0,0,d98f7937784c29e9abe71d6667822b62b2ca578c3586a491787af9ba63c49a21,2025-02-20T10:15:11.330000 CVE-2024-1385,0,0,8d44f2ddcfbec761b90cec48d83e59f97d1a3c53ec848ed4ca09c1c2ed005096,2024-11-21T08:50:27.933000 @@ -246912,6 +246915,7 @@ CVE-2024-13883,0,0,dddb8b479d8345e49ddd8f724d4ab3348652441913a63435d046cdd13b4c8 CVE-2024-13888,0,0,c87839d2bca683e4e01b4f16bf4650844bb0d5c14b76b96fd45e3c4854b6fe97,2025-02-20T09:15:09.577000 CVE-2024-1389,0,0,44c915b89d8f24815db27dcf9521c10fcca5d968291afb2cbd201094aadb9d12,2025-01-27T17:15:51.567000 CVE-2024-1390,0,0,ffdeb8cc4a3b1077717739c1e237f842eedff68b0ec02858887f3acd549f9f88,2025-01-22T16:49:11.553000 +CVE-2024-13900,1,1,e38dcc4fcfc78cce76d078c209401822bf3093a6d9e71c0ee76ba272c5fbfa29,2025-02-21T12:15:30.320000 CVE-2024-1391,0,0,fccbf24dfb651f372e2b51106217c90f4de85c1f936edcd91290184be12fa7b9,2025-01-17T19:52:57.843000 CVE-2024-1392,0,0,7d376d426c7bde42291bb43e543815dd80a04cb004b570eb44a0e5840366c498,2025-01-17T19:53:57.010000 CVE-2024-1393,0,0,807d9a3a72d3c227cf073d19ae4d043ce29012d9a81f19ad09766963a4531e84,2025-01-17T19:54:07.350000 @@ -278186,6 +278190,7 @@ CVE-2024-9145,0,0,3dd9bcad2a2fee7d05e394a6c147376f977693416e207026532ba073c858cc CVE-2024-9146,0,0,b2bcae27bf136fac98f5cca96bf30e297b145f83fbf374484b4b69bb66a11534,2024-10-07T17:48:28.117000 CVE-2024-9147,0,0,4e12ed99087058c5ab273f6a2c5655dda51c7a05718eb2e9409e0779fbea7704,2024-11-06T15:53:59.983000 CVE-2024-9148,0,0,a904c9834abceb13922e1cc588509f574c6534f26c7e1a2e5af468520b2fb09c,2024-09-30T17:34:12.760000 +CVE-2024-9150,1,1,dcffeacda294f1b86f266516093543f60ad0dab963e948b94d79760e6baf0ec4,2025-02-21T12:15:30.463000 CVE-2024-9154,0,0,d282749ef1136bcf186accc6aa703c9bda98d2789e552864849c54e1a0cf5e43,2024-12-22T07:15:06.307000 CVE-2024-9155,0,0,6b831cc9815c7982fccb5bb1db903558181a3d9726f2c50e686b372d7d7ea737,2024-09-30T12:46:20.237000 CVE-2024-9156,0,0,f51f01b34d81b342f8758ec8a55450b2ee8e6ae57d651f88883c804dd1af5436,2024-10-15T14:40:45.093000 @@ -279030,7 +279035,7 @@ CVE-2025-0321,0,0,949a46e9b053903a4a5e7760dec47f1d94e986bd99c2cdf86cabc314ed2bfd CVE-2025-0327,0,0,078b628fa1779e106aa5151c11b6499af01eb5757d477e1454204158f66a288c,2025-02-13T07:15:10.570000 CVE-2025-0328,0,0,983a37850e7593e52c7049d9c87a360510a226adf3c659d5ad2fe111082fc07f,2025-01-09T17:15:17.330000 CVE-2025-0331,0,0,dbc642b98482c7a868d38d7a4b1240421a9e262e76044ff9bb695321876694a4,2025-01-09T17:15:17.933000 -CVE-2025-0332,0,0,63367ff8c5f76ed71f6300ddc4a3cdc98d972c2e691233316297063a372815aa,2025-02-12T16:15:42.703000 +CVE-2025-0332,0,1,10e294c3bcb66386a9705e885fda97504f486a40642545ec52dba01d6b68bca7,2025-02-21T12:03:31.920000 CVE-2025-0333,0,0,3183afb9350c8085fce656cea7939729bf7b0c3b383c8f7105e9da54dedb25bd,2025-01-09T17:15:18.077000 CVE-2025-0334,0,0,e3a8c3debfd678ee7c1344f925152dfd8cfa42591be5b844f5f2a9504bc9f616,2025-01-09T06:15:15.610000 CVE-2025-0335,0,0,ba6bd83ac72a18cacfb4c8aed3dc5b6304b883b41ec133eb940fb09de3e363fd,2025-01-09T06:15:15.850000 @@ -279165,7 +279170,7 @@ CVE-2025-0515,0,0,5ac36c3cf0188576defc5041e4d2f1cb1b09ae44d7e3c5256fa040d2f88a47 CVE-2025-0516,0,0,54ab7a64b43a5bfec8dcc0561006b4b6d888b05cbf982c088d6e719e3d73b992,2025-02-12T16:15:42.883000 CVE-2025-0517,0,0,59a53be50b99baee653b756881cc0ee4d0832bd3c59bfa5e70566936733554ba,2025-02-08T22:15:28.823000 CVE-2025-0518,0,0,6d3c5b8ffb150f75c389bd7e05b7aa905d22be4fb895631f5a9526d167be6180,2025-01-16T17:15:12.577000 -CVE-2025-0521,0,0,d141672158f3dd6b43e8362cbb49b94292957b9dc12c9c2a20a4b4cb911bea60,2025-02-18T11:15:12.740000 +CVE-2025-0521,0,1,ae94a1fe73318139f9da2622de592c6e10d25105d56f65a8078c6428a35bf271,2025-02-21T12:16:09.897000 CVE-2025-0522,0,0,049494dc5db0d63aea89474c83a4309664a2b8074bd7164b1ed7fff81c86960f,2025-02-18T19:15:23.177000 CVE-2025-0525,0,0,c288f27e7cbfee2400ae138222cd0f0778e1304ba3ca58c91a31add13accca58,2025-02-18T18:15:28.850000 CVE-2025-0526,0,0,72c048b07f37484ff5411cf9170da2e1d74699bcf31208d52953a5f6b4d6ef19,2025-02-18T18:15:28.993000 @@ -279278,8 +279283,8 @@ CVE-2025-0721,0,0,9b15b019b479c4479137e55c74f2da2652b1f56c2d67e45558507ea73a96e7 CVE-2025-0722,0,0,d286657780f2322cec5dfe4e8af4674bbdc5e8a8b778a753270cdbdd213a2c1d,2025-01-27T00:15:26.517000 CVE-2025-0725,0,0,933a9ff65143c6df56b3e49502ce5d61c7538865f62de87a7e6b7da33078c72d,2025-02-06T19:15:19.733000 CVE-2025-0726,0,0,212658285d0dca65eb38afbe2d0cc022419c14eff42b3a61d47e964a9493cddf,2025-02-21T08:15:28.417000 -CVE-2025-0727,1,1,bb76426d7360ab591b4341810574104175a8b841230e45a68fe25f6f54b22f96,2025-02-21T09:15:09.010000 -CVE-2025-0728,1,1,fbe2ca789a8cd169b541c150bb8deacad0a074160227e69d375dcc5d934fc86c,2025-02-21T09:15:10.077000 +CVE-2025-0727,0,0,bb76426d7360ab591b4341810574104175a8b841230e45a68fe25f6f54b22f96,2025-02-21T09:15:09.010000 +CVE-2025-0728,0,0,fbe2ca789a8cd169b541c150bb8deacad0a074160227e69d375dcc5d934fc86c,2025-02-21T09:15:10.077000 CVE-2025-0729,0,0,47f7aa1143af5ff386851185d07322b33da91a6c70254019e675c66f6b698c27,2025-01-27T17:15:16.917000 CVE-2025-0730,0,0,2af04aa386ac678a6fc944dd8f7ba46d52548cae0bde338f3a493a49b6512319,2025-01-27T17:15:17.133000 CVE-2025-0732,0,0,1ce675ab3efd6ec96092631e523be68cbc1c9a729d4a9ad32dfbaf47ed4ee068,2025-01-27T18:15:40.550000 @@ -279330,7 +279335,7 @@ CVE-2025-0809,0,0,886fb9b396d2aad5cff53c02349fc0fee570a4920d4c4e68da65e25a660a34 CVE-2025-0814,0,0,6e84b81253656a1d32a82ba911740347214b0ddf70b532a879c2dbfdc544f5dd,2025-02-13T07:15:10.973000 CVE-2025-0815,0,0,7de889e4d3bd0a2a91237ff690c09d713b31f9d5f2a51b5b2591129d680ff441,2025-02-13T07:15:11.160000 CVE-2025-0816,0,0,d15c54cfa7b84645defa8a62e6e50a00e104c593cdfd6c16c28c49b600c34291,2025-02-13T07:15:11.353000 -CVE-2025-0817,0,0,fa85cbf919c0f1f78d80bbc9c45d6dbc7441179fd105aef6a72c7d08c87fad7f,2025-02-18T11:15:12.893000 +CVE-2025-0817,0,1,11343ed20662b8da62be45ff4c13d864ae4d9a05be3d231b0a3e4a5cb280e5dc,2025-02-21T12:15:11.963000 CVE-2025-0821,0,0,eef623ecbc4f931b67c977737dbf8b956ec963ba6d7dfab149142eb36bc3e525,2025-02-14T11:15:10.230000 CVE-2025-0822,0,0,19eb63234ef431f63c50ebd89131653cdb608481cafa3dc46ad8d59b634f7d92,2025-02-15T13:15:28.847000 CVE-2025-0825,0,0,7f81ca19fb96d77c0731181ff23092e49d4e8a157f0a8fa4a0ca13f53bda7923,2025-02-04T15:15:19.420000 @@ -279471,7 +279476,7 @@ CVE-2025-1083,0,0,16064cc59146b17006d53d67046a65a9c0b364257a94b2b373fa99c27da341 CVE-2025-1084,0,0,93fee3949ec546a58cb9da1c1619fb657dbde041632da87d4ac6e93d0d865098,2025-02-07T00:15:28.180000 CVE-2025-1085,0,0,1ad67fc3dcecff349f45b0918fd96e4db08dcd56b6d0ad12a44043dc90d21f08,2025-02-07T01:15:07.930000 CVE-2025-1086,0,0,224643d9b2f43f102432df09cca95386bdc4432ae24da6e421d85411b67c24c6,2025-02-07T02:15:30.523000 -CVE-2025-1094,0,0,ee3cc7d585f88caf58a91fbd38578ccf5a360321091281770e20b7b9be5f8320,2025-02-20T19:15:11.847000 +CVE-2025-1094,0,1,afe463c9103362ac899e2882edae895a7387cb03ad909215aec875f07598b388,2025-02-21T11:15:09.800000 CVE-2025-1096,0,0,f369ee58dbaa6e142f3d975d8711cac15a0a303facd75e898c558f3e454cc535,2025-02-08T01:15:07.947000 CVE-2025-1099,0,0,866ea005495998eedc94be57a64f094566d9af9b611a4dc7ae3f41bc7a1f4d42,2025-02-14T12:15:29.460000 CVE-2025-1100,0,0,006211606093ec28f1ff8daf942d69911ef4c534c65359a0897a00ee27f87cf6,2025-02-12T14:15:31.647000 @@ -279555,7 +279560,7 @@ CVE-2025-1201,0,0,bf3e8ac22ebf988432aa71d4e5462b0f09f58c2593da323d6fb54b6e8c2538 CVE-2025-1202,0,0,52dbd111bdba6642349217f5a5e9aa58580640d5efecd8d9ccd8521dcc74d783,2025-02-18T18:02:04.383000 CVE-2025-1206,0,0,9e7ba88164fab9a04369a4db867a9e8e6c082c4724fdd5132981ff19327e3f78,2025-02-20T20:39:04.393000 CVE-2025-1207,0,0,518ea976e835e5d2e9daf8b69c95e3e72206f7bb3a8162c7be7b93925d62ba41,2025-02-12T16:15:44.393000 -CVE-2025-1208,0,0,944ef3909d00298a5468923e8ae65e2d99c50759f8df888a5fac58ccad7ae971,2025-02-12T16:15:44.613000 +CVE-2025-1208,0,1,d315b01d152dbab8d58f1774169e176e36efd6772420e875d3fc692e7894b488,2025-02-21T12:03:49.027000 CVE-2025-1209,0,0,8c71e5fca191088db0db2ac12dae4227d461afc892d89a2bdc4b8b04d0f3a7ce,2025-02-19T19:04:43.770000 CVE-2025-1210,0,0,f28950e134a15e9426e5bc1eace543698800081ebe92aca0a069c7a1f123f194,2025-02-19T19:03:10.870000 CVE-2025-1211,0,0,38ce788c374a72bbc1ba3c8209de97adc3b8b37f2859b77797e85b3a9273ddba,2025-02-11T16:15:50.660000 @@ -279629,9 +279634,10 @@ CVE-2025-1389,0,0,b6f1b0c672dbbad3874206b7be5adc417f88010255a18af2ae0024e0bb3a7b CVE-2025-1390,0,0,02ff75a3058ee51af8713fa469c7bed94932b28a55e59655029e36f100f66a9a,2025-02-18T03:15:10.447000 CVE-2025-1391,0,0,a1f2e3a8ca093b8de620c0e72b50119acca7a6fd87679168958e3acea938ff79,2025-02-17T14:15:08.413000 CVE-2025-1392,0,0,381fc64763a47738c9a933c7e4bcfcc84ef66c73e4a81eacddf01751da768947,2025-02-17T16:15:16.120000 +CVE-2025-1402,1,1,d705975e2d4d051899b63fd949106f689e6c20cfe60f25e8d672a004176300f9,2025-02-21T12:15:30.607000 CVE-2025-1406,0,0,4b4d1ff21a0ba0811215bc35d6774baf51e77603ba63fc9e650d11b6ceed4f86,2025-02-21T04:15:10.347000 CVE-2025-1407,0,0,70f77407081cff4de8b8d13a9badac21a5019470fe2d018139382b1f1331d1e8,2025-02-21T04:15:10.510000 -CVE-2025-1410,1,1,f4fa6259cc030a3c18635b5a57715bd57396d86c3ee145748700746fe04576c9,2025-02-21T09:15:10.200000 +CVE-2025-1410,0,0,f4fa6259cc030a3c18635b5a57715bd57396d86c3ee145748700746fe04576c9,2025-02-21T09:15:10.200000 CVE-2025-1414,0,0,b6f2fa5b41b9076d018bd1d274a1717bfb4b17a7162b38316b8f5f46b587bbc9,2025-02-18T21:15:25.440000 CVE-2025-1426,0,0,b67c79264aa66cdef5e5d9ec5a4b31cb1b09b1607a3ca51cd7f8f759ad39f482,2025-02-19T20:15:36.467000 CVE-2025-1441,0,0,dea0748ac4805add0b5a620a8c550d3c2cb9f813ccabe70b3df2355bbf5d5eab,2025-02-19T05:15:12.050000 @@ -279639,10 +279645,12 @@ CVE-2025-1447,0,0,0171066f5cc38b75ed48310b7b051ba77753a7de710aef2fb49270a13c1b06 CVE-2025-1448,0,0,8646602fe654ea9c8b8dc30e88ebd580a07aa04ffb2e255dc4fb4a77857c3ea4,2025-02-19T02:15:08.833000 CVE-2025-1464,0,0,b14d16c6baac3507cd4582169a63151cc0fa9ea50d60b1fe8184ca7d2a79a3df,2025-02-19T14:15:30.337000 CVE-2025-1465,0,0,2910b362fc4eb01a626127c50d683f7ea305894f7d9657ebb7cc043987c8c3ee,2025-02-19T16:15:40.667000 -CVE-2025-1470,1,1,c431c34122bd455693ae857da134c11078dd424d889a110192af0d8789781c00,2025-02-21T10:15:11.243000 -CVE-2025-1471,1,1,5f2308ef243e2997d93c627b7cee213af79efe1fdd8602f268a3ff3acb063cf9,2025-02-21T10:15:11.413000 +CVE-2025-1470,0,0,c431c34122bd455693ae857da134c11078dd424d889a110192af0d8789781c00,2025-02-21T10:15:11.243000 +CVE-2025-1471,0,0,5f2308ef243e2997d93c627b7cee213af79efe1fdd8602f268a3ff3acb063cf9,2025-02-21T10:15:11.413000 CVE-2025-1483,0,0,76cafe28555a10dbbf45546d6f75e89aec9e95ad54aaa4bc0e47714c7e682b94,2025-02-20T10:15:12.537000 +CVE-2025-1489,1,1,33b499615f5a9d47836021ac5ca54335451238d68926a899e34dbf51c4c427a7,2025-02-21T12:15:30.740000 CVE-2025-1492,0,0,4cf0d4c2a3031b043d71ffc226830ce9ea797081b5a3ae5a1323a931931fb733,2025-02-20T02:15:38.553000 +CVE-2025-1535,1,1,c8067c833343598442009f0c070dbd08eddedc896cdd41576fc32acd051fac52,2025-02-21T12:15:30.877000 CVE-2025-20014,0,0,9692e5cd581a413def58e50a6734c5a89401a76673de37fc6a41ad824a4429cc,2025-01-29T20:15:35.207000 CVE-2025-20016,0,0,6fccb84eb01c2cd66b422e82777f9738bfe5004121e1b551d0ae454724543c0e,2025-01-14T10:15:07.500000 CVE-2025-20029,0,0,9b8781ac9a16d1f4940e1c86f8d87c8f1f8e66cb5b362950b6fdcd60c25126c4,2025-02-05T18:15:29.573000