From 593ef8f801f0b4394d8b1ef1eecf1f319f57056d Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Sun, 8 Jun 2025 22:03:57 +0000 Subject: [PATCH] Auto-Update: 2025-06-08T22:00:20.066505+00:00 --- CVE-2025/CVE-2025-324xx/CVE-2025-32455.json | 60 ++++++++++++++++++ CVE-2025/CVE-2025-324xx/CVE-2025-32456.json | 60 ++++++++++++++++++ CVE-2025/CVE-2025-324xx/CVE-2025-32457.json | 60 ++++++++++++++++++ CVE-2025/CVE-2025-324xx/CVE-2025-32458.json | 60 ++++++++++++++++++ CVE-2025/CVE-2025-324xx/CVE-2025-32459.json | 60 ++++++++++++++++++ CVE-2025/CVE-2025-34xx/CVE-2025-3459.json | 60 ++++++++++++++++++ CVE-2025/CVE-2025-34xx/CVE-2025-3460.json | 60 ++++++++++++++++++ CVE-2025/CVE-2025-34xx/CVE-2025-3461.json | 60 ++++++++++++++++++ CVE-2025/CVE-2025-350xx/CVE-2025-35004.json | 68 +++++++++++++++++++++ CVE-2025/CVE-2025-350xx/CVE-2025-35005.json | 68 +++++++++++++++++++++ CVE-2025/CVE-2025-350xx/CVE-2025-35006.json | 68 +++++++++++++++++++++ CVE-2025/CVE-2025-350xx/CVE-2025-35007.json | 68 +++++++++++++++++++++ CVE-2025/CVE-2025-350xx/CVE-2025-35008.json | 68 +++++++++++++++++++++ CVE-2025/CVE-2025-350xx/CVE-2025-35009.json | 68 +++++++++++++++++++++ CVE-2025/CVE-2025-350xx/CVE-2025-35010.json | 68 +++++++++++++++++++++ README.md | 24 ++++++-- _state.csv | 17 +++++- 17 files changed, 991 insertions(+), 6 deletions(-) create mode 100644 CVE-2025/CVE-2025-324xx/CVE-2025-32455.json create mode 100644 CVE-2025/CVE-2025-324xx/CVE-2025-32456.json create mode 100644 CVE-2025/CVE-2025-324xx/CVE-2025-32457.json create mode 100644 CVE-2025/CVE-2025-324xx/CVE-2025-32458.json create mode 100644 CVE-2025/CVE-2025-324xx/CVE-2025-32459.json create mode 100644 CVE-2025/CVE-2025-34xx/CVE-2025-3459.json create mode 100644 CVE-2025/CVE-2025-34xx/CVE-2025-3460.json create mode 100644 CVE-2025/CVE-2025-34xx/CVE-2025-3461.json create mode 100644 CVE-2025/CVE-2025-350xx/CVE-2025-35004.json create mode 100644 CVE-2025/CVE-2025-350xx/CVE-2025-35005.json create mode 100644 CVE-2025/CVE-2025-350xx/CVE-2025-35006.json create mode 100644 CVE-2025/CVE-2025-350xx/CVE-2025-35007.json create mode 100644 CVE-2025/CVE-2025-350xx/CVE-2025-35008.json create mode 100644 CVE-2025/CVE-2025-350xx/CVE-2025-35009.json create mode 100644 CVE-2025/CVE-2025-350xx/CVE-2025-35010.json diff --git a/CVE-2025/CVE-2025-324xx/CVE-2025-32455.json b/CVE-2025/CVE-2025-324xx/CVE-2025-32455.json new file mode 100644 index 00000000000..176ee8ed322 --- /dev/null +++ b/CVE-2025/CVE-2025-324xx/CVE-2025-32455.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-32455", + "sourceIdentifier": "cve@takeonme.org", + "published": "2025-06-08T21:15:30.993", + "lastModified": "2025-06-08T21:15:30.993", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Quantenna Wi-Fi chipset ships with a local control script, router_command.sh (in the run_cmd argument), that is vulnerable to command injection. This is an instance of CWE-88, \"Improper Neutralization of Argument Delimiters in a Command ('Argument Injection'),\" and is estimated as a CVSS 7.7 ( CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) .\nThis issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record's first publishing, though the vendor has released a best practices guide for implementors of this chipset." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@takeonme.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", + "baseScore": 7.7, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.5, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "cve@takeonme.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-88" + } + ] + } + ], + "references": [ + { + "url": "https://community.onsemi.com/s/article/QCS-Quantenna-Wi-Fi-product-support-and-security-best-practices", + "source": "cve@takeonme.org" + }, + { + "url": "https://takeonme.org/cves/cve-2025-3460", + "source": "cve@takeonme.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-324xx/CVE-2025-32456.json b/CVE-2025/CVE-2025-324xx/CVE-2025-32456.json new file mode 100644 index 00000000000..68c4a5a0d67 --- /dev/null +++ b/CVE-2025/CVE-2025-324xx/CVE-2025-32456.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-32456", + "sourceIdentifier": "cve@takeonme.org", + "published": "2025-06-08T21:15:31.267", + "lastModified": "2025-06-08T21:15:31.267", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Quantenna Wi-Fi chipset ships with a local control script, router_command.sh (in the put_file_to_qtn argument), that is vulnerable to command injection. This is an instance of CWE-88, \"Improper Neutralization of Argument Delimiters in a Command ('Argument Injection'),\" and is estimated as a CVSS 7.7 ( CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) .\nThis issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record's first publishing, though the vendor has released a best practices guide for implementors of this chipset." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@takeonme.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", + "baseScore": 7.7, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.5, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "cve@takeonme.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-88" + } + ] + } + ], + "references": [ + { + "url": "https://community.onsemi.com/s/article/QCS-Quantenna-Wi-Fi-product-support-and-security-best-practices", + "source": "cve@takeonme.org" + }, + { + "url": "https://takeonme.org/cves/cve-2025-3460", + "source": "cve@takeonme.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-324xx/CVE-2025-32457.json b/CVE-2025/CVE-2025-324xx/CVE-2025-32457.json new file mode 100644 index 00000000000..e918bc4d718 --- /dev/null +++ b/CVE-2025/CVE-2025-324xx/CVE-2025-32457.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-32457", + "sourceIdentifier": "cve@takeonme.org", + "published": "2025-06-08T21:15:31.403", + "lastModified": "2025-06-08T21:15:31.403", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Quantenna Wi-Fi chipset ships with a local control script, router_command.sh (in the get_file_from_qtn argument), that is vulnerable to command injection. This is an instance of CWE-88, \"Improper Neutralization of Argument Delimiters in a Command ('Argument Injection'),\" and is estimated as a CVSS 7.7 ( CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) .\nThis issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record's first publishing, though the vendor has released a best practices guide for implementors of this chipset." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@takeonme.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", + "baseScore": 7.7, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.5, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "cve@takeonme.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-88" + } + ] + } + ], + "references": [ + { + "url": "https://community.onsemi.com/s/article/QCS-Quantenna-Wi-Fi-product-support-and-security-best-practices", + "source": "cve@takeonme.org" + }, + { + "url": "https://takeonme.org/cves/cve-2025-3460", + "source": "cve@takeonme.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-324xx/CVE-2025-32458.json b/CVE-2025/CVE-2025-324xx/CVE-2025-32458.json new file mode 100644 index 00000000000..454a343018a --- /dev/null +++ b/CVE-2025/CVE-2025-324xx/CVE-2025-32458.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-32458", + "sourceIdentifier": "cve@takeonme.org", + "published": "2025-06-08T21:15:31.537", + "lastModified": "2025-06-08T21:15:31.537", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Quantenna Wi-Fi chipset ships with a local control script, router_command.sh (in the get_syslog_from_qtn argument), that is vulnerable to command injection. This is an instance of CWE-88, \"Improper Neutralization of Argument Delimiters in a Command ('Argument Injection'),\" and is estimated as a CVSS 7.7 ( CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) .\nThis issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record's first publishing, though the vendor has released a best practices guide for implementors of this chipset." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@takeonme.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", + "baseScore": 7.7, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.5, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "cve@takeonme.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-88" + } + ] + } + ], + "references": [ + { + "url": "https://community.onsemi.com/s/article/QCS-Quantenna-Wi-Fi-product-support-and-security-best-practices", + "source": "cve@takeonme.org" + }, + { + "url": "https://takeonme.org/cves/cve-2025-3460", + "source": "cve@takeonme.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-324xx/CVE-2025-32459.json b/CVE-2025/CVE-2025-324xx/CVE-2025-32459.json new file mode 100644 index 00000000000..5197d71dd21 --- /dev/null +++ b/CVE-2025/CVE-2025-324xx/CVE-2025-32459.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-32459", + "sourceIdentifier": "cve@takeonme.org", + "published": "2025-06-08T21:15:31.673", + "lastModified": "2025-06-08T21:15:31.673", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Quantenna Wi-Fi chipset ships with a local control script, router_command.sh (in the sync_time argument), that is vulnerable to command injection. This is an instance of CWE-88, \"Improper Neutralization of Argument Delimiters in a Command ('Argument Injection'),\" and is estimated as a CVSS 7.7 ( CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) .\nThis issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record's first publishing, though the vendor has released a best practices guide for implementors of this chipset." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@takeonme.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", + "baseScore": 7.7, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.5, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "cve@takeonme.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-88" + } + ] + } + ], + "references": [ + { + "url": "https://community.onsemi.com/s/article/QCS-Quantenna-Wi-Fi-product-support-and-security-best-practices", + "source": "cve@takeonme.org" + }, + { + "url": "https://takeonme.org/cves/cve-2025-3460", + "source": "cve@takeonme.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-34xx/CVE-2025-3459.json b/CVE-2025/CVE-2025-34xx/CVE-2025-3459.json new file mode 100644 index 00000000000..74bdd0cb1fc --- /dev/null +++ b/CVE-2025/CVE-2025-34xx/CVE-2025-3459.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-3459", + "sourceIdentifier": "cve@takeonme.org", + "published": "2025-06-08T21:15:32.770", + "lastModified": "2025-06-08T21:15:32.770", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Quantenna Wi-Fi chipset ships with a local control script, transmit_file, that is vulnerable to command injection. This is an instance of CWE-88, \"Improper Neutralization of Argument Delimiters in a Command ('Argument Injection'),\" and is estimated as a CVSS 7.7 ( CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) .\nThis issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record's first publishing, though the vendor has released a best practices guide for implementors of this chipset." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@takeonme.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", + "baseScore": 7.7, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.5, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "cve@takeonme.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-88" + } + ] + } + ], + "references": [ + { + "url": "https://community.onsemi.com/s/article/QCS-Quantenna-Wi-Fi-product-support-and-security-best-practices", + "source": "cve@takeonme.org" + }, + { + "url": "https://takeonme.org/cves/cve-2025-3459", + "source": "cve@takeonme.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-34xx/CVE-2025-3460.json b/CVE-2025/CVE-2025-34xx/CVE-2025-3460.json new file mode 100644 index 00000000000..6b2e814935d --- /dev/null +++ b/CVE-2025/CVE-2025-34xx/CVE-2025-3460.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-3460", + "sourceIdentifier": "cve@takeonme.org", + "published": "2025-06-08T21:15:32.900", + "lastModified": "2025-06-08T21:15:32.900", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Quantenna Wi-Fi chipset ships with a local control script, set_tx_pow, that is vulnerable to command injection. This is an instance of CWE-88, \"Improper Neutralization of Argument Delimiters in a Command ('Argument Injection'),\" and is estimated as a CVSS 7.7 ( CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) .\nThis issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record's first publishing, though the vendor has released a best practices guide for implementors of this chipset." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@takeonme.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", + "baseScore": 7.7, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.5, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "cve@takeonme.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-88" + } + ] + } + ], + "references": [ + { + "url": "https://community.onsemi.com/s/article/QCS-Quantenna-Wi-Fi-product-support-and-security-best-practices", + "source": "cve@takeonme.org" + }, + { + "url": "https://takeonme.org/cves/cve-2025-3460", + "source": "cve@takeonme.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-34xx/CVE-2025-3461.json b/CVE-2025/CVE-2025-34xx/CVE-2025-3461.json new file mode 100644 index 00000000000..c5c7361cbfd --- /dev/null +++ b/CVE-2025/CVE-2025-34xx/CVE-2025-3461.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-3461", + "sourceIdentifier": "cve@takeonme.org", + "published": "2025-06-08T21:15:33.030", + "lastModified": "2025-06-08T21:15:33.030", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Quantenna Wi-Fi chips ship with an unauthenticated telnet interface by default. This is an instance of CWE-306, \"Missing Authentication for Critical Function,\" and is estimated as a CVSS 9.1 ( CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) .\nThis issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record's first publishing, though the vendor has released a best practices guide for implementors of this chipset." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@takeonme.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", + "baseScore": 9.1, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "cve@takeonme.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-306" + } + ] + } + ], + "references": [ + { + "url": "https://community.onsemi.com/s/article/QCS-Quantenna-Wi-Fi-product-support-and-security-best-practices", + "source": "cve@takeonme.org" + }, + { + "url": "https://takeonme.org/cves/cve-2025-3461/", + "source": "cve@takeonme.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-350xx/CVE-2025-35004.json b/CVE-2025/CVE-2025-350xx/CVE-2025-35004.json new file mode 100644 index 00000000000..ae80608b50d --- /dev/null +++ b/CVE-2025/CVE-2025-350xx/CVE-2025-35004.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2025-35004", + "sourceIdentifier": "cve@takeonme.org", + "published": "2025-06-08T21:15:31.807", + "lastModified": "2025-06-08T21:15:31.807", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulnerable to a post-authentication command injection issue in the AT+MFIP command that can lead to privilege escalation. This is an instance of CWE-88,\u00a0\"Improper Neutralization of Argument Delimiters in a Command ('Argument Injection'),\" and is estimated as a CVSS 7.1 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N). This issue has not been generally fixed at the time of this CVE record's first publishing." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@takeonme.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "cve@takeonme.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-88" + } + ] + } + ], + "references": [ + { + "url": "https://support.microhardcorp.com/portal/en/kb/articles/ipn4gii-bullet-lte-firmware", + "source": "cve@takeonme.org" + }, + { + "url": "https://takeonme.org/cves/cve-2025-35004/", + "source": "cve@takeonme.org" + }, + { + "url": "https://www.microhardcorp.com/BulletLTE-NA2.php", + "source": "cve@takeonme.org" + }, + { + "url": "https://www.microhardcorp.com/IPn4Gii-NA2.php", + "source": "cve@takeonme.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-350xx/CVE-2025-35005.json b/CVE-2025/CVE-2025-350xx/CVE-2025-35005.json new file mode 100644 index 00000000000..bedc63a5314 --- /dev/null +++ b/CVE-2025/CVE-2025-350xx/CVE-2025-35005.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2025-35005", + "sourceIdentifier": "cve@takeonme.org", + "published": "2025-06-08T21:15:31.947", + "lastModified": "2025-06-08T21:15:31.947", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulnerable to a post-authentication command injection issue in the AT+MFMAC command that can lead to privilege escalation. This is an instance of CWE-88,\u00a0\"Improper Neutralization of Argument Delimiters in a Command ('Argument Injection'),\" and is estimated as a CVSS 7.1 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N). This issue has not been generally fixed at the time of this CVE record's first publishing." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@takeonme.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "cve@takeonme.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-88" + } + ] + } + ], + "references": [ + { + "url": "https://support.microhardcorp.com/portal/en/kb/articles/ipn4gii-bullet-lte-firmware", + "source": "cve@takeonme.org" + }, + { + "url": "https://takeonme.org/cves/cve-2025-35005/", + "source": "cve@takeonme.org" + }, + { + "url": "https://www.microhardcorp.com/BulletLTE-NA2.php", + "source": "cve@takeonme.org" + }, + { + "url": "https://www.microhardcorp.com/IPn4Gii-NA2.php", + "source": "cve@takeonme.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-350xx/CVE-2025-35006.json b/CVE-2025/CVE-2025-350xx/CVE-2025-35006.json new file mode 100644 index 00000000000..e60f70ec214 --- /dev/null +++ b/CVE-2025/CVE-2025-350xx/CVE-2025-35006.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2025-35006", + "sourceIdentifier": "cve@takeonme.org", + "published": "2025-06-08T21:15:32.087", + "lastModified": "2025-06-08T21:15:32.087", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulnerable to a post-authentication command injection issue in the AT+MFPORTFWD command that can lead to privilege escalation. This is an instance of CWE-88,\u00a0\"Improper Neutralization of Argument Delimiters in a Command ('Argument Injection'),\" and is estimated as a CVSS 7.1 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N). This issue has not been generally fixed at the time of this CVE record's first publishing." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@takeonme.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "cve@takeonme.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-88" + } + ] + } + ], + "references": [ + { + "url": "https://support.microhardcorp.com/portal/en/kb/articles/ipn4gii-bullet-lte-firmware", + "source": "cve@takeonme.org" + }, + { + "url": "https://takeonme.org/cves/cve-2025-35006/", + "source": "cve@takeonme.org" + }, + { + "url": "https://www.microhardcorp.com/BulletLTE-NA2.php", + "source": "cve@takeonme.org" + }, + { + "url": "https://www.microhardcorp.com/IPn4Gii-NA2.php", + "source": "cve@takeonme.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-350xx/CVE-2025-35007.json b/CVE-2025/CVE-2025-350xx/CVE-2025-35007.json new file mode 100644 index 00000000000..15135752f50 --- /dev/null +++ b/CVE-2025/CVE-2025-350xx/CVE-2025-35007.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2025-35007", + "sourceIdentifier": "cve@takeonme.org", + "published": "2025-06-08T21:15:32.227", + "lastModified": "2025-06-08T21:15:32.227", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulnerable to a post-authentication command injection issue in the AT+MFRULE command that can lead to privilege escalation. This is an instance of CWE-88,\u00a0\"Improper Neutralization of Argument Delimiters in a Command ('Argument Injection'),\" and is estimated as a CVSS 7.1 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N). This issue has not been generally fixed at the time of this CVE record's first publishing." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@takeonme.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "cve@takeonme.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-88" + } + ] + } + ], + "references": [ + { + "url": "https://support.microhardcorp.com/portal/en/kb/articles/ipn4gii-bullet-lte-firmware", + "source": "cve@takeonme.org" + }, + { + "url": "https://takeonme.org/cves/cve-2025-35007/", + "source": "cve@takeonme.org" + }, + { + "url": "https://www.microhardcorp.com/BulletLTE-NA2.php", + "source": "cve@takeonme.org" + }, + { + "url": "https://www.microhardcorp.com/IPn4Gii-NA2.php", + "source": "cve@takeonme.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-350xx/CVE-2025-35008.json b/CVE-2025/CVE-2025-350xx/CVE-2025-35008.json new file mode 100644 index 00000000000..b2a9512e3a6 --- /dev/null +++ b/CVE-2025/CVE-2025-350xx/CVE-2025-35008.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2025-35008", + "sourceIdentifier": "cve@takeonme.org", + "published": "2025-06-08T21:15:32.363", + "lastModified": "2025-06-08T21:15:32.363", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulnerable to a post-authentication command injection issue in the AT+MMNAME command that can lead to privilege escalation. This is an instance of CWE-88,\u00a0\"Improper Neutralization of Argument Delimiters in a Command ('Argument Injection'),\" and is estimated as a CVSS 7.1 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N). This issue has not been generally fixed at the time of this CVE record's first publishing." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@takeonme.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "cve@takeonme.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-88" + } + ] + } + ], + "references": [ + { + "url": "https://support.microhardcorp.com/portal/en/kb/articles/ipn4gii-bullet-lte-firmware", + "source": "cve@takeonme.org" + }, + { + "url": "https://takeonme.org/cves/cve-2025-35008/", + "source": "cve@takeonme.org" + }, + { + "url": "https://www.microhardcorp.com/BulletLTE-NA2.php", + "source": "cve@takeonme.org" + }, + { + "url": "https://www.microhardcorp.com/IPn4Gii-NA2.php", + "source": "cve@takeonme.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-350xx/CVE-2025-35009.json b/CVE-2025/CVE-2025-350xx/CVE-2025-35009.json new file mode 100644 index 00000000000..f8820db690d --- /dev/null +++ b/CVE-2025/CVE-2025-350xx/CVE-2025-35009.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2025-35009", + "sourceIdentifier": "cve@takeonme.org", + "published": "2025-06-08T21:15:32.500", + "lastModified": "2025-06-08T21:15:32.500", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulnerable to a post-authentication command injection issue in the AT+MNNETSP command that can lead to privilege escalation. This is an instance of CWE-88,\u00a0\"Improper Neutralization of Argument Delimiters in a Command ('Argument Injection'),\" and is estimated as a CVSS 7.1 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N). This issue has not been generally fixed at the time of this CVE record's first publishing." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@takeonme.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "cve@takeonme.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-88" + } + ] + } + ], + "references": [ + { + "url": "https://support.microhardcorp.com/portal/en/kb/articles/ipn4gii-bullet-lte-firmware", + "source": "cve@takeonme.org" + }, + { + "url": "https://takeonme.org/cves/cve-2025-35009/", + "source": "cve@takeonme.org" + }, + { + "url": "https://www.microhardcorp.com/BulletLTE-NA2.php", + "source": "cve@takeonme.org" + }, + { + "url": "https://www.microhardcorp.com/IPn4Gii-NA2.php", + "source": "cve@takeonme.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-350xx/CVE-2025-35010.json b/CVE-2025/CVE-2025-350xx/CVE-2025-35010.json new file mode 100644 index 00000000000..25294e15e56 --- /dev/null +++ b/CVE-2025/CVE-2025-350xx/CVE-2025-35010.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2025-35010", + "sourceIdentifier": "cve@takeonme.org", + "published": "2025-06-08T21:15:32.633", + "lastModified": "2025-06-08T21:15:32.633", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulnerable to a post-authentication command injection issue in the AT+MNPINGTM command that can lead to privilege escalation. This is an instance of CWE-88,\u00a0\"Improper Neutralization of Argument Delimiters in a Command ('Argument Injection'),\" and is estimated as a CVSS 7.1 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N). This issue has not been generally fixed at the time of this CVE record's first publishing." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@takeonme.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "cve@takeonme.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-88" + } + ] + } + ], + "references": [ + { + "url": "https://support.microhardcorp.com/portal/en/kb/articles/ipn4gii-bullet-lte-firmware", + "source": "cve@takeonme.org" + }, + { + "url": "https://takeonme.org/cves/cve-2025-35010/", + "source": "cve@takeonme.org" + }, + { + "url": "https://www.microhardcorp.com/BulletLTE-NA2.php", + "source": "cve@takeonme.org" + }, + { + "url": "https://www.microhardcorp.com/IPn4Gii-NA2.php", + "source": "cve@takeonme.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index f47cb171b4b..14c3c0826fa 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-06-08T16:00:19.666218+00:00 +2025-06-08T22:00:20.066505+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-06-08T14:15:21.097000+00:00 +2025-06-08T21:15:33.030000+00:00 ``` ### Last Data Feed Release @@ -33,14 +33,28 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -296991 +297006 ``` ### CVEs added in the last Commit -Recently added CVEs: `1` +Recently added CVEs: `15` -- [CVE-2025-5847](CVE-2025/CVE-2025-58xx/CVE-2025-5847.json) (`2025-06-08T14:15:21.097`) +- [CVE-2025-32455](CVE-2025/CVE-2025-324xx/CVE-2025-32455.json) (`2025-06-08T21:15:30.993`) +- [CVE-2025-32456](CVE-2025/CVE-2025-324xx/CVE-2025-32456.json) (`2025-06-08T21:15:31.267`) +- [CVE-2025-32457](CVE-2025/CVE-2025-324xx/CVE-2025-32457.json) (`2025-06-08T21:15:31.403`) +- [CVE-2025-32458](CVE-2025/CVE-2025-324xx/CVE-2025-32458.json) (`2025-06-08T21:15:31.537`) +- [CVE-2025-32459](CVE-2025/CVE-2025-324xx/CVE-2025-32459.json) (`2025-06-08T21:15:31.673`) +- [CVE-2025-3459](CVE-2025/CVE-2025-34xx/CVE-2025-3459.json) (`2025-06-08T21:15:32.770`) +- [CVE-2025-3460](CVE-2025/CVE-2025-34xx/CVE-2025-3460.json) (`2025-06-08T21:15:32.900`) +- [CVE-2025-3461](CVE-2025/CVE-2025-34xx/CVE-2025-3461.json) (`2025-06-08T21:15:33.030`) +- [CVE-2025-35004](CVE-2025/CVE-2025-350xx/CVE-2025-35004.json) (`2025-06-08T21:15:31.807`) +- [CVE-2025-35005](CVE-2025/CVE-2025-350xx/CVE-2025-35005.json) (`2025-06-08T21:15:31.947`) +- [CVE-2025-35006](CVE-2025/CVE-2025-350xx/CVE-2025-35006.json) (`2025-06-08T21:15:32.087`) +- [CVE-2025-35007](CVE-2025/CVE-2025-350xx/CVE-2025-35007.json) (`2025-06-08T21:15:32.227`) +- [CVE-2025-35008](CVE-2025/CVE-2025-350xx/CVE-2025-35008.json) (`2025-06-08T21:15:32.363`) +- [CVE-2025-35009](CVE-2025/CVE-2025-350xx/CVE-2025-35009.json) (`2025-06-08T21:15:32.500`) +- [CVE-2025-35010](CVE-2025/CVE-2025-350xx/CVE-2025-35010.json) (`2025-06-08T21:15:32.633`) ### CVEs modified in the last Commit diff --git a/_state.csv b/_state.csv index fbd3db25755..c93304cd3a8 100644 --- a/_state.csv +++ b/_state.csv @@ -292432,6 +292432,11 @@ CVE-2025-32444,0,0,288296e03a307a0b00958513c50a8127cb3324308366d3af8facb6f4548c8 CVE-2025-32445,0,0,1b5ba881d2838c8e1a17201ae0d99d597a5e3f65b98d8fa06e156c1abb87955d,2025-04-16T13:25:59.640000 CVE-2025-3245,0,0,34513d96925346b7609d27ec32e42dfc8926b8b7247f00b351b24b6c6848fab4,2025-04-23T14:51:07.013000 CVE-2025-32454,0,0,d112044e8ac2aa2106f1b31f5429f300a7ae216ee8a2c99529918a4b88fc6446,2025-05-13T19:35:18.080000 +CVE-2025-32455,1,1,bbd9ee7abf40b6a9dccd709e5166dd796cbf8871a831e20efc6c94212d75e777,2025-06-08T21:15:30.993000 +CVE-2025-32456,1,1,d284ee679a768c67f842611d5c59a6768d9c189a7ebe9c37c6e1062e8a06747a,2025-06-08T21:15:31.267000 +CVE-2025-32457,1,1,910ccefc90cb2d13a730c03221bedc28d87ecb750c712cd54ffa90f1b9a92bd9,2025-06-08T21:15:31.403000 +CVE-2025-32458,1,1,ed1b705f41f96a6ee909150c688ae38f4b9351f40212178441d1a8c4862086ff,2025-06-08T21:15:31.537000 +CVE-2025-32459,1,1,aaa4a129c48104f431de5e03da57d6d29997a8f105b3c31e87f984e68da64c95,2025-06-08T21:15:31.673000 CVE-2025-3246,0,0,d943818b43557c9519758b844725afa009508b574d2bbdf1c927d75056c761a3,2025-04-21T14:23:45.950000 CVE-2025-32460,0,0,16cc364f1c655bf6f21d50384a646311718edc25ee850ac035bf3b1975d34030,2025-04-09T20:02:41.860000 CVE-2025-32461,0,0,8bce56f6863b74eaac27069424b18b802ee4aeb8905aa3153fdbbd924c0604dc,2025-04-09T20:02:41.860000 @@ -293068,6 +293073,9 @@ CVE-2025-3454,0,0,4237309546c7f67c43ed4306317e4be2d74b3a324e1d901b3aa918c9e80660 CVE-2025-3455,0,0,27fc2bff0afea6de93406ff695251ef67a3d625051a2b866cd1a3908c7fd4f8e,2025-05-12T17:32:32.760000 CVE-2025-3457,0,0,1ce8b706c7f27acea549531081740896317ac6a97554394545c243bd2df931ba,2025-04-30T14:07:52.490000 CVE-2025-3458,0,0,f4c08c655e5360e2158789a545b6b552e0aff82df287be3ab4de5c3123f29f32,2025-04-30T14:05:12.373000 +CVE-2025-3459,1,1,d6c1106b70aa5cfae6feacd38449dbf3a310c9d0ee2b1fe6311c1cbd7996f5ba,2025-06-08T21:15:32.770000 +CVE-2025-3460,1,1,febf8323410ea68877ee89a7f789617931d3037b404c524b1e2cb91fedf7c836,2025-06-08T21:15:32.900000 +CVE-2025-3461,1,1,ad004bc388076ed434c1e9184e494c466490c4ca2f3a04538ead681fc0228995,2025-06-08T21:15:33.030000 CVE-2025-3462,0,0,96a08229937a9712440a065f7abf8858b2712ba35f45d182986e12e301979bf4,2025-05-12T17:32:52.810000 CVE-2025-3463,0,0,b9c293fc915bcaaa130da553f49fb5680a86dfb762948cd4b867acf35ebae4a2,2025-05-12T17:32:52.810000 CVE-2025-3468,0,0,136950783d88ce0e5a3cbb5efc9cbb24284feffc83746ee503e38c1107465276,2025-06-04T22:54:54.960000 @@ -293093,7 +293101,14 @@ CVE-2025-3491,0,0,764070d57369c52ed17db36acb0e46c080442745adab2da0d65d4052df55b4 CVE-2025-3495,0,0,fe640c81a3ed6a86c53f35442fa10e181d645418d808dffc6fff69a3880ca71e,2025-04-16T13:25:37.340000 CVE-2025-3496,0,0,eeeb25234db4b5411b18647e6b883fd7c97d2c7df03da24267ee3dd146e4a70c,2025-05-12T17:32:32.760000 CVE-2025-35003,0,0,21587c625dab7683038a5bdc307498878657bea1128b3a4ea6c83622b9ed0b8f,2025-05-28T15:01:30.720000 +CVE-2025-35004,1,1,447749e5f1b0eeac431a6fb6856d9e948a7ac885a2abf514f9bcf5b5c8092a98,2025-06-08T21:15:31.807000 +CVE-2025-35005,1,1,18cf31cde4de8eb18affbeccdc38209c1e192cff1e5424dfafebde7dad73809d,2025-06-08T21:15:31.947000 +CVE-2025-35006,1,1,ee6d0ae4ce9d090e00224c991975358873b1d3612721159c8066554651ad976c,2025-06-08T21:15:32.087000 +CVE-2025-35007,1,1,d4d8bee293276b125296b3e9aff03c89dd0f8f7947991715e73320a8b1b09e65,2025-06-08T21:15:32.227000 +CVE-2025-35008,1,1,353dfbae967aee2dcca1327124a428244cc82b3301fcd256fafcd44fba206bdc,2025-06-08T21:15:32.363000 +CVE-2025-35009,1,1,df7f9b7486a3b396ddf5855c8f54dc471a364cd8eb32d9dd87f8eec6e2e1608e,2025-06-08T21:15:32.500000 CVE-2025-3501,0,0,b44a31b094864acab1ff386cddcad3fda5c65db85ee8c99ed4dbb344cd7aad09,2025-05-02T13:53:40.163000 +CVE-2025-35010,1,1,c5b3875219955a1bd44b22a7cb7938ccd85e9e7159a7e4d39174a62544915425,2025-06-08T21:15:32.633000 CVE-2025-3502,0,0,7c73723b0d4b00e6da894445c57c5ec7f552a238ff16d874e6183139bc542d93,2025-05-07T16:30:24.910000 CVE-2025-3503,0,0,8d73ed34ec38f7a3fa46caf6863bc942845955658d4c73ee2f17e6ea13b905f5,2025-05-07T16:30:33.803000 CVE-2025-35036,0,0,8999fc2e6f0f347716ac95ecda1fad4f0e119637eb3d3b6b7486b65b8a53ad62,2025-06-04T14:54:33.783000 @@ -296989,4 +297004,4 @@ CVE-2025-5837,0,0,be29c5c9b02bd53536929c7a116921036f05804cf354e43b53d617bbaab362 CVE-2025-5838,0,0,ba5038c5e4544342301fefd65f16f3eb1945ebf96b386c6cbebecd735cfeddff,2025-06-07T16:15:23.440000 CVE-2025-5839,0,0,4efb9e7f992ec0cf0b490a41765d64fdc79638a0fc7c7b695bd87786fa84522d,2025-06-07T18:15:25.080000 CVE-2025-5840,0,0,6060b28c44367562648dda64a70c474fb07a81415250a659e2cb863608a79fe9,2025-06-07T18:15:25.320000 -CVE-2025-5847,1,1,c2f0ef1d6191ae5a982ebbcf96b0aeccb9a9e804d684fffe50b5e080d1b4793b,2025-06-08T14:15:21.097000 +CVE-2025-5847,0,0,c2f0ef1d6191ae5a982ebbcf96b0aeccb9a9e804d684fffe50b5e080d1b4793b,2025-06-08T14:15:21.097000