admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-04-22T20:00:19.847748+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-04-22 20:03:52 +00:00
parent 54782a1525
commit 5b75f14c24
82 changed files with 3502 additions and 398 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
CVE-2020/CVE-2020-182xx/CVE-2020-18243.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-18243",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-15T16:15:17.777",
"lastModified": "2025-04-15T20:15:29.707",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-22T18:43:07.550",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:enricozab:cms:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A1DF61F2-3112-421E-B07E-120C82CBFB8D"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/enricozab/CMS/issues/1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"Issue Tracking"
]
}
]
}

32
CVE-2022/CVE-2022-204xx/CVE-2022-20476.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-20476",
"sourceIdentifier": "security@android.com",
"published": "2022-12-13T16:15:16.157",
"lastModified": "2024-11-21T06:42:53.110",
"lastModified": "2025-04-22T18:15:44.853",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-835"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-835"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-204xx/CVE-2022-20477.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-20477",
"sourceIdentifier": "security@android.com",
"published": "2022-12-13T16:15:16.207",
"lastModified": "2024-11-21T06:42:53.230",
"lastModified": "2025-04-22T18:15:45.910",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-783"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-204xx/CVE-2022-20478.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-20478",
"sourceIdentifier": "security@android.com",
"published": "2022-12-13T16:15:16.260",
"lastModified": "2024-11-21T06:42:53.350",
"lastModified": "2025-04-22T18:15:46.100",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-770"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-204xx/CVE-2022-20479.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-20479",
"sourceIdentifier": "security@android.com",
"published": "2022-12-13T16:15:16.317",
"lastModified": "2024-11-21T06:42:53.457",
"lastModified": "2025-04-22T18:15:46.267",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-770"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-205xx/CVE-2022-20501.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-20501",
"sourceIdentifier": "security@android.com",
"published": "2022-12-13T16:15:17.253",
"lastModified": "2024-11-21T06:42:56.087",
"lastModified": "2025-04-22T18:15:46.427",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-1021"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1021"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-205xx/CVE-2022-20502.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-20502",
"sourceIdentifier": "security@android.com",
"published": "2022-12-13T16:15:17.310",
"lastModified": "2024-11-21T06:42:56.193",
"lastModified": "2025-04-22T18:15:46.600",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-206xx/CVE-2022-20611.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-20611",
"sourceIdentifier": "security@android.com",
"published": "2022-12-13T16:15:17.370",
"lastModified": "2024-11-21T06:43:09.317",
"lastModified": "2025-04-22T18:15:46.770",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-276"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-29xx/CVE-2022-2993.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-2993",
"sourceIdentifier": "vulnerabilities@zephyrproject.org",
"published": "2022-12-09T20:15:10.177",
"lastModified": "2024-11-21T07:02:03.107",
"lastModified": "2025-04-22T18:15:49.893",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-670"
}
]
}
],
"configurations": [

22
CVE-2022/CVE-2022-315xx/CVE-2022-31596.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-31596",
"sourceIdentifier": "cna@sap.com",
"published": "2022-12-12T04:15:09.713",
"lastModified": "2024-11-21T07:04:48.920",
"lastModified": "2025-04-22T18:15:52.577",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 4.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.2,
"impactScore": 4.7
}
]
},

22
CVE-2022/CVE-2022-39xx/CVE-2022-3930.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-3930",
"sourceIdentifier": "contact@wpscan.com",
"published": "2022-12-12T18:15:12.103",
"lastModified": "2024-11-21T07:20:33.430",
"lastModified": "2025-04-22T18:15:57.287",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},

22
CVE-2022/CVE-2022-40xx/CVE-2022-4010.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4010",
"sourceIdentifier": "contact@wpscan.com",
"published": "2022-12-12T18:15:13.097",
"lastModified": "2024-11-21T07:34:26.520",
"lastModified": "2025-04-22T18:15:57.803",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},

32
CVE-2022/CVE-2022-459xx/CVE-2022-45970.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45970",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-12-12T14:15:10.557",
"lastModified": "2024-11-21T07:30:01.947",
"lastModified": "2025-04-22T19:15:50.057",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-459xx/CVE-2022-45977.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45977",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-12-12T15:15:10.757",
"lastModified": "2024-11-21T07:30:02.103",
"lastModified": "2025-04-22T19:15:50.247",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-78"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-459xx/CVE-2022-45979.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45979",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-12-12T15:15:10.807",
"lastModified": "2024-11-21T07:30:02.283",
"lastModified": "2025-04-22T19:15:50.423",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-459xx/CVE-2022-45980.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45980",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-12-12T15:15:10.857",
"lastModified": "2024-11-21T07:30:02.440",
"lastModified": "2025-04-22T19:15:50.603",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-352"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-459xx/CVE-2022-45996.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45996",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-12-12T16:15:10.050",
"lastModified": "2024-11-21T07:30:03.290",
"lastModified": "2025-04-22T19:15:50.783",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-78"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-459xx/CVE-2022-45997.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45997",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-12-12T16:15:10.117",
"lastModified": "2024-11-21T07:30:03.440",
"lastModified": "2025-04-22T19:15:50.967",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-120"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-469xx/CVE-2022-46903.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-46903",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-12-12T21:15:10.433",
"lastModified": "2024-11-21T07:31:17.053",
"lastModified": "2025-04-22T19:15:51.200",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-469xx/CVE-2022-46904.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-46904",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-12-12T21:15:10.493",
"lastModified": "2024-11-21T07:31:17.210",
"lastModified": "2025-04-22T19:15:51.387",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-469xx/CVE-2022-46905.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-46905",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-12-12T21:15:10.543",
"lastModified": "2024-11-21T07:31:17.367",
"lastModified": "2025-04-22T18:15:57.613",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

21
CVE-2023/CVE-2023-433xx/CVE-2023-43378.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2023-43378",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-22T18:15:57.970",
"lastModified": "2025-04-22T18:15:57.970",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in Hoteldruid v3.0.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the commento1_1 parameter."
}
],
"metrics": {},
"references": [
{
"url": "https://flashy-lemonade-192.notion.site/Cross-site-scripting-in-hoteldruid-version-3-0-5-via-commento1_1-post-parameter-44ff18cb61cd4a80bbba75d5e4360ee4",
"source": "cve@mitre.org"
}
]
}

25
CVE-2023/CVE-2023-439xx/CVE-2023-43958.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2023-43958",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-22T18:15:58.107",
"lastModified": "2025-04-22T18:15:58.107",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An arbitrary file upload vulnerability in the component /jquery-file-upload/server/php/index.php of Hospital Management System v4.0 allows an unauthenticated attacker to upload any file to the server and execute arbitrary code."
}
],
"metrics": {},
"references": [
{
"url": "https://flashy-lemonade-192.notion.site/Unauthenticated-arbitrary-file-upload-via-jQuery-File-Upload-in-Hospital-Management-System-3c02c1e8ef65432686321fcbad78bb1e",
"source": "cve@mitre.org"
},
{
"url": "https://flashy-lemonade-192.notion.site/Unauthenticated-arbitrary-file-upload-via-jQuery-File-Upload-in-Hospital-Management-System-3c02c1e8ef65432686321fcbad78bb1e?pvs=4",
"source": "cve@mitre.org"
}
]
}

25
CVE-2023/CVE-2023-447xx/CVE-2023-44752.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2023-44752",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-22T18:15:58.240",
"lastModified": "2025-04-22T18:15:58.240",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in Student Study Center Desk Management System v1.0 allows attackers to bypass authentication via a crafted GET request to /php-sscdms/admin/login.php."
}
],
"metrics": {},
"references": [
{
"url": "https://flashy-lemonade-192.notion.site/Login-Bypass-in-Student-Study-Center-Desk-Management-System-v1-0-fe410cff4fc3441ea4c5aa663225e445",
"source": "cve@mitre.org"
},
{
"url": "https://flashy-lemonade-192.notion.site/Login-Bypass-in-Student-Study-Center-Desk-Management-System-v1-0-fe410cff4fc3441ea4c5aa663225e445?pvs=4",
"source": "cve@mitre.org"
}
]
}

25
CVE-2023/CVE-2023-447xx/CVE-2023-44753.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2023-44753",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-22T18:15:58.357",
"lastModified": "2025-04-22T18:15:58.357",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stored cross-site scripting (XSS) vulnerability fin Student Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email parameter on the profile.php page."
}
],
"metrics": {},
"references": [
{
"url": "https://flashy-lemonade-192.notion.site/Multiple-Cross-site-scripting-in-Edu-Authorities-Student-Management-System-f55752a1027f43eb91a5a489785e6d45",
"source": "cve@mitre.org"
},
{
"url": "https://flashy-lemonade-192.notion.site/Multiple-Cross-site-scripting-in-Edu-Authorities-Student-Management-System-f55752a1027f43eb91a5a489785e6d45?pvs=4",
"source": "cve@mitre.org"
}
]
}

25
CVE-2023/CVE-2023-447xx/CVE-2023-44755.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2023-44755",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-22T18:15:58.483",
"lastModified": "2025-04-22T18:15:58.483",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sacco Management system v1.0 was discovered to contain a SQL injection vulnerability via the password parameter at /sacco/ajax.php."
}
],
"metrics": {},
"references": [
{
"url": "https://flashy-lemonade-192.notion.site/SQL-injection-in-Sacco-Management-system-via-password-and-id-parameter-1d85fc432de24db896446002f91acfd1",
"source": "cve@mitre.org"
},
{
"url": "https://flashy-lemonade-192.notion.site/SQL-injection-in-Sacco-Management-system-via-password-and-id-parameter-1d85fc432de24db896446002f91acfd1?pvs=4",
"source": "cve@mitre.org"
}
]
}

33
CVE-2023/CVE-2023-512xx/CVE-2023-51299.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51299",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-19T20:15:35.040",
"lastModified": "2025-02-20T15:15:10.633",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-04-22T19:59:50.427",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpjabbers:hotel_booking_system:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E7AC4C90-B643-4B17-89A3-DBE8B1338D4E"
}
]
}
]
}
],
"references": [
{
"url": "https://packetstorm.news/files/id/176488",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"VDB Entry",
"Third Party Advisory"
]
},
{
"url": "https://www.phpjabbers.com/hotel-booking-system/#sectionDemo",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

33
CVE-2023/CVE-2023-513xx/CVE-2023-51300.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51300",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-19T21:15:14.727",
"lastModified": "2025-02-20T15:15:10.820",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-04-22T19:57:43.537",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpjabbers:hotel_booking_system:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E7AC4C90-B643-4B17-89A3-DBE8B1338D4E"
}
]
}
]
}
],
"references": [
{
"url": "https://packetstorm.news/files/id/176488",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"VDB Entry",
"Third Party Advisory"
]
},
{
"url": "https://www.phpjabbers.com/hotel-booking-system/#sectionDemo",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

63
CVE-2024/CVE-2024-200xx/CVE-2024-20029.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20029",
"sourceIdentifier": "security@mediatek.com",
"published": "2024-03-04T03:15:07.453",
"lastModified": "2024-11-21T08:51:50.770",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-22T19:53:12.210",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,69 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7DE6B2-66D9-4A3E-B15F-D56505559255"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152A5F3D-8004-4649-BDB1-E6F0798AF1CB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt8796:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE933AD9-3A6F-421B-8AB3-C45F8DEA9548"
}
]
}
]
}
],
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/March-2024",
"source": "security@mediatek.com"
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://corp.mediatek.com/product-security-bulletin/March-2024",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

155
CVE-2024/CVE-2024-200xx/CVE-2024-20030.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20030",
"sourceIdentifier": "security@mediatek.com",
"published": "2024-03-04T03:15:07.500",
"lastModified": "2024-11-21T08:51:50.973",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-22T19:54:09.547",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,14 +39,161 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt8512:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E51B721-CBDD-4223-ACD1-509E82D1B4A2"
}
]
}
]
}
],
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/March-2024",
"source": "security@mediatek.com"
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://corp.mediatek.com/product-security-bulletin/March-2024",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

27
CVE-2024/CVE-2024-507xx/CVE-2024-50766.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50766",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-07T22:15:21.403",
"lastModified": "2024-11-08T19:01:03.880",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-04-22T19:30:32.917",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oretnom23:survey_application_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BC838E1E-FAEC-4100-8364-41B7D342A010"
}
]
}
]
}
],
"references": [
{
"url": "https://medium.com/%40luisgerardomoret_69654/sql-injection-in-survey-application-system-cve-2024-50766-8ed81426ca6e",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

135
CVE-2024/CVE-2024-509xx/CVE-2024-50960.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50960",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-15T18:15:45.263",
"lastModified": "2025-04-18T14:15:20.650",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-04-22T18:00:52.937",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,18 +51,143 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:extron:smp_111_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.01",
"matchCriteriaId": "2A3EFEEB-A1E7-40C8-B923-7DD9BB53A9F1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:extron:smp_111:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8CB4B84D-997E-4A65-91F2-2CD51AE452EF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:extron:smp_351_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.16",
"matchCriteriaId": "A1CDC2F2-2ADB-413C-B98F-D17B93177770"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:extron:smp_351:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7B77F2-362E-4F75-95B4-72924C0A53A6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:extron:smp_352_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.16",
"matchCriteriaId": "A458A6B0-A677-48D4-8492-CA8CA920EB72"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:extron:smp_352:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F96E66E9-8483-4792-B020-8FD4B7A0ED6D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:extron:smp_211_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.02",
"matchCriteriaId": "4DD03796-3C6B-4BC6-BE40-49E84F48B798"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:extron:smp_211:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC13812F-5573-49EE-BA54-244950DA6C25"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/layer8secure/extron-smp-inject/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://ryanmroth.com/articles/exploiting-extron-smp-command-injection",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.extron.com/article/smp",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

43
CVE-2024/CVE-2024-509xx/CVE-2024-50993.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50993",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-05T15:15:23.447",
"lastModified": "2024-11-05T17:35:19.567",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-22T18:09:32.990",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,49 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netgear:r8500_firmware:1.0.2.160:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D9B3EF-5A5F-4EA3-AE90-583119B1B916"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/wudipjq/my_vuln/blob/main/Netgear4/vuln_39/39.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://www.netgear.com/about/security/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

43
CVE-2024/CVE-2024-509xx/CVE-2024-50994.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50994",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-05T15:15:23.533",
"lastModified": "2024-11-05T17:35:20.363",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-22T18:11:27.543",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,49 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netgear:r8500_firmware:1.0.2.160:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D9B3EF-5A5F-4EA3-AE90-583119B1B916"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/wudipjq/my_vuln/blob/main/Netgear4/vuln_36/36.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://www.netgear.com/about/security/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

43
CVE-2024/CVE-2024-509xx/CVE-2024-50995.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50995",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-05T15:15:23.620",
"lastModified": "2024-11-05T17:35:21.167",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-22T18:11:51.507",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,49 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netgear:r8500_firmware:1.0.2.160:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D9B3EF-5A5F-4EA3-AE90-583119B1B916"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/wudipjq/my_vuln/blob/main/Netgear4/vuln_40/40.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://www.netgear.com/about/security/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

43
CVE-2024/CVE-2024-509xx/CVE-2024-50998.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50998",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-05T15:15:23.873",
"lastModified": "2024-11-05T17:35:23.530",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-22T18:12:56.867",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,49 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netgear:r8500_firmware:1.0.2.160:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D9B3EF-5A5F-4EA3-AE90-583119B1B916"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/wudipjq/my_vuln/blob/main/Netgear4/vuln_44/44.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://www.netgear.com/about/security/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

43
CVE-2024/CVE-2024-509xx/CVE-2024-50999.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50999",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-05T15:15:23.960",
"lastModified": "2024-11-05T17:35:24.530",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-22T18:13:30.633",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,49 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netgear:r8500_firmware:1.0.2.160:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D9B3EF-5A5F-4EA3-AE90-583119B1B916"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/wudipjq/my_vuln/blob/main/Netgear4/vuln_38/38.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://www.netgear.com/about/security/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

43
CVE-2024/CVE-2024-510xx/CVE-2024-51000.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-51000",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-05T15:15:24.043",
"lastModified": "2024-11-05T17:35:25.467",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-22T18:13:56.557",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,49 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netgear:r8500_firmware:1.0.2.160:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D9B3EF-5A5F-4EA3-AE90-583119B1B916"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/wudipjq/my_vuln/blob/main/Netgear4/vuln_35/35.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://www.netgear.com/about/security/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

43
CVE-2024/CVE-2024-510xx/CVE-2024-51001.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-51001",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-05T15:15:24.127",
"lastModified": "2024-11-05T17:35:26.337",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-22T18:14:23.380",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,49 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netgear:r8500_firmware:1.0.2.160:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D9B3EF-5A5F-4EA3-AE90-583119B1B916"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/wudipjq/my_vuln/blob/main/Netgear4/vuln_41/41.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://www.netgear.com/about/security/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

43
CVE-2024/CVE-2024-510xx/CVE-2024-51006.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-51006",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-05T15:15:24.560",
"lastModified": "2024-11-05T16:35:21.467",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-22T18:16:00.370",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,49 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netgear:r8500_firmware:1.0.2.160:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D9B3EF-5A5F-4EA3-AE90-583119B1B916"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/wudipjq/my_vuln/blob/main/Netgear4/vuln_46/46.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://www.netgear.com/about/security/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

25
CVE-2024/CVE-2024-535xx/CVE-2024-53568.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-53568",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-22T19:15:51.583",
"lastModified": "2025-04-22T19:15:51.583",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stored cross-site scripting (XSS) vulnerability in the Image Upload section of Volmarg Personal Management System v1.4.65 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the tag parameter."
}
],
"metrics": {},
"references": [
{
"url": "https://medium.com/@rudranshsinghrajpurohit/cve-2024-53568-stored-cross-site-scripting-xss-vulnerability-in-volmarg-personal-management-cfbaec55046f",
"source": "cve@mitre.org"
},
{
"url": "https://www.getastra.com/blog/vulnerability/cve-2024-53568stored-cross-site-scripting-xss-vulnerability-in-volmarg-personal-management-system/",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-535xx/CVE-2024-53569.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-53569",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-22T19:15:51.703",
"lastModified": "2025-04-22T19:15:51.703",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stored cross-site scripting (XSS) vulnerability in the New Goal Creation section of Volmarg Personal Management System v1.4.65 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the description parameter."
}
],
"metrics": {},
"references": [
{
"url": "https://medium.com/@rudranshsinghrajpurohit/cve-2024-53569-stored-cross-site-scripting-xss-in-volmarg-personal-management-system-6cb0b9d6fe88",
"source": "cve@mitre.org"
},
{
"url": "https://www.getastra.com/blog/vulnerability/cve-2024-53569stored-cross-site-scripting-xss-in-volmarg-personal-management-system/",
"source": "cve@mitre.org"
}
]
}

39
CVE-2024/CVE-2024-548xx/CVE-2024-54802.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-54802",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-31T21:15:47.203",
"lastModified": "2025-04-02T15:15:57.200",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-04-22T18:17:11.743",
"vulnStatus": "Analyzed",
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
@ -58,10 +58,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netgear:wnr854t_firmware:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "04160B4A-2291-4BA4-8438-7269576CE238"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netgear:wnr854t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE71A95C-8A0E-4939-BAD7-B06DBA21961E"
}
]
}
]
}
],
"references": [
{
"url": "https://faultpoint.com/post/2025-03-25-8-cves-on-the-wnr854t-junkyard/#802",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

39
CVE-2024/CVE-2024-548xx/CVE-2024-54803.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-54803",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-31T21:15:47.377",
"lastModified": "2025-04-02T15:15:57.400",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-04-22T18:16:52.410",
"vulnStatus": "Analyzed",
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
@ -58,10 +58,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netgear:wnr854t_firmware:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "04160B4A-2291-4BA4-8438-7269576CE238"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netgear:wnr854t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE71A95C-8A0E-4939-BAD7-B06DBA21961E"
}
]
}
]
}
],
"references": [
{
"url": "https://faultpoint.com/post/2025-03-25-8-cves-on-the-wnr854t-junkyard/#803",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

32
CVE-2024/CVE-2024-572xx/CVE-2024-57252.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-57252",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-17T21:15:10.217",
"lastModified": "2025-01-17T22:15:28.817",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-04-22T19:38:49.933",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:otcms:otcms:*:*:*:*:*:*:*:*",
"versionEndIncluding": "7.46",
"matchCriteriaId": "82D235B5-50D3-4875-A489-B0A460C680DD"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/J-0k3r/CVE-2024-57252",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://github.com/J-0k3r/some/blob/main/ssrf.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
}
]
}

83
CVE-2025/CVE-2025-05xx/CVE-2025-0532.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-0532",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-01-17T18:15:31.237",
"lastModified": "2025-01-21T16:15:14.560",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-04-22T19:53:47.040",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -80,6 +80,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -122,28 +142,77 @@
"value": "CWE-89"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codezips:gym_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8609E306-3171-4B5D-AD7A-5E95C463E015"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/TIANN0/CVE/issues/1",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory",
"Issue Tracking"
]
},
{
"url": "https://vuldb.com/?ctiid.292416",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.292416",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.479100",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://github.com/TIANN0/CVE/issues/1",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory",
"Issue Tracking"
]
}
]
}

81
CVE-2025/CVE-2025-05xx/CVE-2025-0535.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-0535",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-01-17T19:15:28.990",
"lastModified": "2025-01-21T17:15:16.677",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-04-22T19:45:10.037",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -80,6 +80,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -122,28 +142,75 @@
"value": "CWE-89"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codezips:gym_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8609E306-3171-4B5D-AD7A-5E95C463E015"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/lan041221/cve/blob/main/SQL_Injection_in_Gym_Management_System.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.292419",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.292419",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.479159",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://github.com/lan041221/cve/blob/main/SQL_Injection_in_Gym_Management_System.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

78
CVE-2025/CVE-2025-05xx/CVE-2025-0565.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-0565",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-01-19T06:15:06.820",
"lastModified": "2025-01-19T06:15:06.820",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-22T19:37:16.983",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -63,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -80,6 +80,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -122,24 +142,68 @@
"value": "CWE-89"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zzcms:zzcms:2023:*:*:*:*:*:*:*",
"matchCriteriaId": "654D0493-9784-4B2B-BC05-69B4BB6F86F4"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/En0t5/vul/blob/main/zzcms/zzcsm-sql-inject.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Broken Link",
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.292526",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.292526",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.484333",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

56
CVE-2025/CVE-2025-232xx/CVE-2025-23253.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-23253",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2025-04-22T19:15:51.827",
"lastModified": "2025-04-22T19:15:51.827",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA NvContainer service for Windows contains a vulnerability in its usage of OpenSSL, where an attacker could exploit a hard-coded constant issue by copying a malicious DLL in a hard-coded path. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@nvidia.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
"baseScore": 2.5,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.0,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@nvidia.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-547"
}
]
}
],
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5644",
"source": "psirt@nvidia.com"
}
]
}

26
CVE-2025/CVE-2025-249xx/CVE-2025-24948.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-24948",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-15T16:16:05.830",
"lastModified": "2025-04-15T20:15:38.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-22T18:41:34.110",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:joturl:joturl:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C3256F67-1D41-475A-94BB-AFBCDDD775A2"
}
]
}
]
}
],
"references": [
{
"url": "https://www.gruppotim.it/it/footer/red-team.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

26
CVE-2025/CVE-2025-249xx/CVE-2025-24949.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-24949",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-15T16:16:05.927",
"lastModified": "2025-04-15T20:15:38.690",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-22T18:39:42.840",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:joturl:joturl:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C3256F67-1D41-475A-94BB-AFBCDDD775A2"
}
]
}
]
}
],
"references": [
{
"url": "https://www.gruppotim.it/it/footer/red-team.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

12
CVE-2025/CVE-2025-262xx/CVE-2025-26269.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-26269",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-17T18:15:49.073",
"lastModified": "2025-04-17T20:21:05.203",
"lastModified": "2025-04-22T18:15:58.627",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "DragonflyDB Dragonfly through 1.28.2 allows authenticated users to cause a denial of service (daemon crash) via a Lua library command that references a large negative integer."
"value": "DragonflyDB Dragonfly through 1.28.2 (fixed in 1.29.0) allows authenticated users to cause a denial of service (daemon crash) via a Lua library command that references a large negative integer."
},
{
"lang": "es",
"value": "DragonflyDB Dragonfly hasta la versi\u00f3n 1.28.2 permite a los usuarios autenticados provocar una denegaci\u00f3n de servicio (falla del daemon) a trav\u00e9s de un comando de la librer\u00eda Lua que hace referencia a un entero negativo grande."
}
],
"metrics": {
@ -48,6 +52,10 @@
}
],
"references": [
{
"url": "https://gist.github.com/ankki-zsyang/d8215cf6e868d07546eaa5346a884ebd",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/dragonflydb/dragonfly/commit/4612aec9a78e3f604e6fb19bee51acde89723308",
"source": "cve@mitre.org"

21
CVE-2025/CVE-2025-280xx/CVE-2025-28026.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2025-28026",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-22T18:15:58.803",
"lastModified": "2025-04-22T18:15:58.803",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a buffer overflow vulnerability in downloadFile.cgi."
}
],
"metrics": {},
"references": [
{
"url": "https://locrian-lightning-dc7.notion.site/BufferOverflow3-19e8e5e2b1a28048b8ddd4afdbe18d55",
"source": "cve@mitre.org"
}
]
}

21
CVE-2025/CVE-2025-280xx/CVE-2025-28027.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2025-28027",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-22T18:15:58.910",
"lastModified": "2025-04-22T18:15:58.910",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 was found to contain a buffer overflow vulnerability in downloadFile.cgi."
}
],
"metrics": {},
"references": [
{
"url": "https://locrian-lightning-dc7.notion.site/BufferOverflow2-19e8e5e2b1a2806db38bea19abb4630a?pvs=73",
"source": "cve@mitre.org"
}
]
}

21
CVE-2025/CVE-2025-280xx/CVE-2025-28029.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2025-28029",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-22T18:15:59.037",
"lastModified": "2025-04-22T18:15:59.037",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a buffer overflow vulnerability in cstecgi.cgi"
}
],
"metrics": {},
"references": [
{
"url": "https://locrian-lightning-dc7.notion.site/BufferOverflow5-1978e5e2b1a28043af78e5ccfc0203a0",
"source": "cve@mitre.org"
}
]
}

21
CVE-2025/CVE-2025-280xx/CVE-2025-28035.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2025-28035",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-22T18:15:59.160",
"lastModified": "2025-04-22T18:15:59.160",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TOTOLINK A830R V4.1.2cu.5182_B20201102 was found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter."
}
],
"metrics": {},
"references": [
{
"url": "https://locrian-lightning-dc7.notion.site/RCE1-1a98e5e2b1a28081880dd817104b3af4?pvs=73",
"source": "cve@mitre.org"
}
]
}

21
CVE-2025/CVE-2025-280xx/CVE-2025-28036.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2025-28036",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-22T18:15:59.260",
"lastModified": "2025-04-22T18:15:59.260",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TOTOLINK A950RG V4.1.2cu.5161_B20200903 was found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter."
}
],
"metrics": {},
"references": [
{
"url": "https://locrian-lightning-dc7.notion.site/RCE1-1a98e5e2b1a28081880dd817104b3af4",
"source": "cve@mitre.org"
}
]
}

60
CVE-2025/CVE-2025-280xx/CVE-2025-28038.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-28038",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-22T18:15:59.377",
"lastModified": "2025-04-22T19:15:51.977",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TOTOLINK EX1200T V4.1.2cu.5232_B20210713 was found to contain a pre-auth remote command execution vulnerability in the setWebWlanIdx function through the webWlanIdx parameter."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://locrian-lightning-dc7.notion.site/RCE1-1ad8e5e2b1a28030a1c8febac89935a0",
"source": "cve@mitre.org"
},
{
"url": "https://locrian-lightning-dc7.notion.site/RCE1-1ad8e5e2b1a28030a1c8febac89935a0",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

60
CVE-2025/CVE-2025-280xx/CVE-2025-28039.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-28039",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-22T18:15:59.500",
"lastModified": "2025-04-22T19:15:52.143",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TOTOLINK EX1200T V4.1.2cu.5232_B20210713 was found to contain a pre-auth remote command execution vulnerability in the setUpgradeFW function through the FileName parameter."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://locrian-lightning-dc7.notion.site/RCE2-1ad8e5e2b1a280fbb0cacc7e758e7299",
"source": "cve@mitre.org"
},
{
"url": "https://locrian-lightning-dc7.notion.site/RCE2-1ad8e5e2b1a280fbb0cacc7e758e7299",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

27
CVE-2025/CVE-2025-281xx/CVE-2025-28198.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-28198",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-15T16:16:06.137",
"lastModified": "2025-04-15T20:15:38.833",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-04-22T18:24:06.670",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hitstiresoftware:hitout_car_sale:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "59EA86DF-EA80-4D5A-848C-8332FAC47DF8"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Hitout/carsale/issues/24",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

25
CVE-2025/CVE-2025-296xx/CVE-2025-29621.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2025-29621",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-22T19:15:52.300",
"lastModified": "2025-04-22T19:15:52.300",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Francois Jacquet RosarioSIS v12.0.0 was discovered to contain a content spoofing vulnerability in the Theme configuration under the My Preferences module. This vulnerability allows attackers to manipulate application settings."
}
],
"metrics": {},
"references": [
{
"url": "https://medium.com/@rudranshsinghrajpurohit/content-spoofing-vulnerability-in-rosariosis-student-information-system-f6101e1ff84d",
"source": "cve@mitre.org"
},
{
"url": "https://www.getastra.com/blog/vulnerability/content-spoofing-vulnerability-in-rosariosis-student-information-system/",
"source": "cve@mitre.org"
}
]
}

60
CVE-2025/CVE-2025-313xx/CVE-2025-31327.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-31327",
"sourceIdentifier": "cna@sap.com",
"published": "2025-04-22T19:15:52.420",
"lastModified": "2025-04-22T19:15:52.420",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP Field Logistics Manage Logistics application OData meta-data property is vulnerable to data tampering, due to which certain fields could be externally modified by an attacker causing low impact on integrity of the application. Confidentiality and availability are not impacted."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@sap.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-472"
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3359825",
"source": "cna@sap.com"
},
{
"url": "https://url.sap/sapsecuritypatchday",
"source": "cna@sap.com"
}
]
}

60
CVE-2025/CVE-2025-313xx/CVE-2025-31328.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-31328",
"sourceIdentifier": "cna@sap.com",
"published": "2025-04-22T19:15:52.570",
"lastModified": "2025-04-22T19:15:52.570",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP Learning Solution is vulnerable to Cross-Site Request Forgery (CSRF), allowing an attacker to trick authenticated user into sending unintended requests to the server. GET-based OData function is named in a way that it violates the expected behaviour. This issue could impact both the confidentiality and integrity of the application without affecting the availability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@sap.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.1,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3446649",
"source": "cna@sap.com"
},
{
"url": "https://url.sap/sapsecuritypatchday",
"source": "cna@sap.com"
}
]
}

60
CVE-2025/CVE-2025-327xx/CVE-2025-32788.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-32788",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-04-22T18:15:59.630",
"lastModified": "2025-04-22T18:15:59.630",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "OctoPrint provides a web interface for controlling consumer 3D printers. In versions up to and including 1.10.3, OctoPrint has a vulnerability that allows an attacker to bypass the login redirect and directly access the rendered HTML of certain frontend pages. The primary risk lies in potential future modifications to the codebase that might incorrectly rely on the vulnerable internal functions for authentication checks, leading to security vulnerabilities. This issue has been patched in version 1.11.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-290"
}
]
}
],
"references": [
{
"url": "https://github.com/OctoPrint/OctoPrint/commit/41ff431014edfa18ca1a01897b10463934dc7fc2",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/OctoPrint/OctoPrint/security/advisories/GHSA-qw93-h6pf-226x",
"source": "security-advisories@github.com"
}
]
}

68
CVE-2025/CVE-2025-329xx/CVE-2025-32950.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2025-32950",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-04-22T18:15:59.793",
"lastModified": "2025-04-22T18:15:59.793",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Jmix is a set of libraries and tools to speed up Spring Boot data-centric application development. In versions 1.0.0 to 1.6.1 and 2.0.0 to 2.3.4, attackers could manipulate the FileRef parameter to access files on the system where the Jmix application is deployed, provided the application server has the necessary permissions. This can be accomplished either by modifying the FileRef directly in the database or by supplying a harmful value in the fileRef parameter of the `/files` endpoint of the generic REST API. This issue has been patched in versions 1.6.2 and 2.4.0. A workaround is provided on the Jmix documentation website."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
},
{
"lang": "en",
"value": "CWE-35"
}
]
}
],
"references": [
{
"url": "https://docs.jmix.io/jmix/files-vulnerabilities.html",
"source": "security-advisories@github.com"
},
{
"url": "https://docs.jmix.io/jmix/files-vulnerabilities.html#fix-path-traversal-in-jmix-application",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/jmix-framework/jmix/security/advisories/GHSA-jx4g-3xqm-62vh",
"source": "security-advisories@github.com"
}
]
}

64
CVE-2025/CVE-2025-329xx/CVE-2025-32951.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2025-32951",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-04-22T18:15:59.940",
"lastModified": "2025-04-22T18:15:59.940",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Jmix is a set of libraries and tools to speed up Spring Boot data-centric application development. In versions 1.0.0 to 1.6.1 and 2.0.0 to 2.3.4, the input parameter, which consists of a file path and name, can be manipulated to return the Content-Type header with text/html if the name part ends with .html. This could allow malicious JavaScript code to be executed in the browser. For a successful attack, a malicious file needs to be uploaded beforehand. This issue has been patched in versions 1.6.2 and 2.4.0. A workaround is provided on the Jmix documentation website."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://docs.jmix.io/jmix/files-vulnerabilities.html",
"source": "security-advisories@github.com"
},
{
"url": "https://docs.jmix.io/jmix/files-vulnerabilities.html#disable-files-endpoint-in-jmix-application",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/jmix-framework/jmix/security/advisories/GHSA-x27v-f838-jh93",
"source": "security-advisories@github.com"
}
]
}

64
CVE-2025/CVE-2025-329xx/CVE-2025-32952.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2025-32952",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-04-22T18:16:00.097",
"lastModified": "2025-04-22T18:16:00.097",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Jmix is a set of libraries and tools to speed up Spring Boot data-centric application development. In versions 1.0.0 to 1.6.1 and 2.0.0 to 2.3.4, the local file storage implementation does not restrict the size of uploaded files. An attacker could exploit this by uploading excessively large files, potentially causing the server to run out of space and return HTTP 500 error, resulting in a denial of service. This issue has been patched in versions 1.6.2 and 2.4.0. A workaround is provided on the Jmix documentation website."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"references": [
{
"url": "https://docs.jmix.io/jmix/files-vulnerabilities.html",
"source": "security-advisories@github.com"
},
{
"url": "https://docs.jmix.io/jmix/files-vulnerabilities.html#disable-files-endpoint-in-jmix-application",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/jmix-framework/jmix/security/advisories/GHSA-f3gv-cwwh-758m",
"source": "security-advisories@github.com"
}
]
}

72
CVE-2025/CVE-2025-329xx/CVE-2025-32959.json Normal file
View File

@ -0,0 +1,72 @@
{
"id": "CVE-2025-32959",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-04-22T18:16:00.233",
"lastModified": "2025-04-22T18:16:00.233",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CUBA Platform is a high level framework for enterprise applications development. Prior to version 7.2.23, the local file storage implementation does not restrict the size of uploaded files. An attacker could exploit this by uploading excessively large files, potentially causing the server to run out of space and return HTTP 500 error, resulting in a denial of service. This issue has been patched in version 7.2.23. A workaround is provided on the Jmix documentation website."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"references": [
{
"url": "https://docs.jmix.io/jmix/files-vulnerabilities.html",
"source": "security-advisories@github.com"
},
{
"url": "https://docs.jmix.io/jmix/files-vulnerabilities.html#disable-files-endpoint-in-cuba-application",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/cuba-platform/cuba/commit/42b6c00fd0572b8e52ae31afd1babc827a3161a1",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/cuba-platform/cuba/security/advisories/GHSA-w3mp-6vrj-875g",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/jmix-framework/jmix/security/advisories/GHSA-f3gv-cwwh-758m",
"source": "security-advisories@github.com"
}
]
}

72
CVE-2025/CVE-2025-329xx/CVE-2025-32960.json Normal file
View File

@ -0,0 +1,72 @@
{
"id": "CVE-2025-32960",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-04-22T18:16:00.380",
"lastModified": "2025-04-22T18:16:00.380",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The CUBA REST API add-on performs operations on data and entities. Prior to version 7.2.7, the input parameter, which consists of a file path and name, can be manipulated to return the Content-Type header with text/html if the name part ends with .html. This could allow malicious JavaScript code to be executed in the browser. For a successful attack, a malicious file needs to be uploaded beforehand. This issue has been patched in version 7.2.7. A workaround is provided on the Jmix documentation website."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://docs.jmix.io/jmix/files-vulnerabilities.html",
"source": "security-advisories@github.com"
},
{
"url": "https://docs.jmix.io/jmix/files-vulnerabilities.html#disable-files-endpoint-in-cuba-application",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/cuba-platform/restapi/commit/b3d599f6657d7e212fdb134a61ab5e0888669eb1",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/cuba-platform/restapi/security/advisories/GHSA-88h5-34xw-2q56",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/jmix-framework/jmix/security/advisories/GHSA-x27v-f838-jh93",
"source": "security-advisories@github.com"
}
]
}

68
CVE-2025/CVE-2025-329xx/CVE-2025-32961.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2025-32961",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-04-22T18:16:00.557",
"lastModified": "2025-04-22T18:16:00.557",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Cuba JPA web API enables loading and saving any entities defined in the application data model by sending simple HTTP requests. Prior to version 1.1.1, the input parameter, which consists of a file path and name, can be manipulated to return the Content-Type header with text/html if the name part ends with .html. This could allow malicious JavaScript code to be executed in the browser. For a successful attack, a malicious file needs to be uploaded beforehand. This issue has been patched in version 1.1.1. A workaround is provided on the Jmix documentation website."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://docs.jmix.io/jmix/files-vulnerabilities.html",
"source": "security-advisories@github.com"
},
{
"url": "https://docs.jmix.io/jmix/files-vulnerabilities.html#disable-files-endpoint-in-cuba-application",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/cuba-platform/jpawebapi/commit/78b837d7e2b12d0df69cef1bc6042ebf3bdaf22c",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/cuba-platform/jpawebapi/security/advisories/GHSA-hg25-w3vg-7279",
"source": "security-advisories@github.com"
}
]
}

82
CVE-2025/CVE-2025-329xx/CVE-2025-32963.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2025-32963",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-04-22T18:16:00.710",
"lastModified": "2025-04-22T18:16:00.710",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "MinIO Operator STS is a native IAM Authentication for Kubernetes. Prior to version 7.1.0, if no audiences are provided for the `spec.audiences` field, the default will be of the Kubernetes apiserver. Without scoping, it can be replayed to other internal systems, which may unintentionally trust it. This issue has been patched in version 7.1.0."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-522"
}
]
}
],
"references": [
{
"url": "https://github.com/minio/operator/releases/tag/v7.1.0",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/minio/operator/security/advisories/GHSA-7m6v-q233-q9j9",
"source": "security-advisories@github.com"
}
]
}

60
CVE-2025/CVE-2025-329xx/CVE-2025-32964.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-32964",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-04-22T18:16:00.847",
"lastModified": "2025-04-22T18:16:00.847",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ManageWiki is a MediaWiki extension allowing users to manage wikis. Prior to commit 00bebea, when enabling a conflicting extension, a restricted extension would be automatically disabled even if the user did not hold the ManageWiki-restricted right. This issue has been patched in commit 00bebea. A workaround involves ensuring that any extensions requiring specific permissions in `$wgManageWikiExtensions` also require the same permissions for managing any conflicting extensions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-285"
}
]
}
],
"references": [
{
"url": "https://github.com/miraheze/ManageWiki/commit/00bebea43a3e3ff0157b5f04df17c1d1e88a9acd",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/miraheze/ManageWiki/security/advisories/GHSA-ccrf-x5rp-gppr",
"source": "security-advisories@github.com"
}
]
}

81
CVE-2025/CVE-2025-34xx/CVE-2025-3402.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-3402",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-08T03:15:16.463",
"lastModified": "2025-04-08T19:15:53.267",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-04-22T19:17:48.387",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -80,6 +80,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [
@ -122,28 +142,75 @@
"value": "CWE-89"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:seeyon:fe_collaborative_office_platform:5.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4F5B21D0-FA1C-4BD7-A111-94600D5EEFD4"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Angel12345623/CVE/blob/main/CVE_1.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.303647",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.303647",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.542343",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://github.com/Angel12345623/CVE/blob/main/CVE_1.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

25
CVE-2025/CVE-2025-439xx/CVE-2025-43946.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2025-43946",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-22T18:16:01.047",
"lastModified": "2025-04-22T18:16:01.047",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TCPWave DDI 11.34P1C2 allows Remote Code Execution via Unrestricted File Upload (combined with Path Traversal)."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Henkel-CyberVM/CVEs/tree/main/CVE-2025-43946",
"source": "cve@mitre.org"
},
{
"url": "https://tcpwave.com/ddi-dns-dhcp-ipam",
"source": "cve@mitre.org"
}
]
}

25
CVE-2025/CVE-2025-439xx/CVE-2025-43947.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2025-43947",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-22T18:16:01.170",
"lastModified": "2025-04-22T18:16:01.170",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Codemers KLIMS 1.6.DEV lacks a proper access control mechanism, allowing a normal KLIMS user to perform all the actions that an admin can perform, such as modifying the configuration, creating a user, uploading files, etc."
}
],
"metrics": {},
"references": [
{
"url": "https://de.linkedin.com/company/codemers",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/Henkel-CyberVM/CVEs/tree/main/CVE-2025-43947",
"source": "cve@mitre.org"
}
]
}

25
CVE-2025/CVE-2025-439xx/CVE-2025-43948.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2025-43948",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-22T18:16:01.277",
"lastModified": "2025-04-22T18:16:01.277",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Codemers KLIMS 1.6.DEV allows Python code injection. A user can provide Python code as an input value for a parameter or qualifier (such as for sorting), which will get executed on the server side."
}
],
"metrics": {},
"references": [
{
"url": "https://de.linkedin.com/company/codemers",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/Henkel-CyberVM/CVEs/tree/main/CVE-2025-43948",
"source": "cve@mitre.org"
}
]
}

25
CVE-2025/CVE-2025-439xx/CVE-2025-43949.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2025-43949",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-22T18:16:01.410",
"lastModified": "2025-04-22T18:16:01.410",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "MuM (aka Mensch und Maschine) MapEdit (aka mapedit-web) 24.2.3 is vulnerable to SQL Injection that allows an attacker to execute malicious SQL statements that control a web application's database server."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Henkel-CyberVM/CVEs/tree/main/CVE-2025-43949",
"source": "cve@mitre.org"
},
{
"url": "https://www.mum.de/produkte/mum-mapedit",
"source": "cve@mitre.org"
}
]
}

25
CVE-2025/CVE-2025-439xx/CVE-2025-43950.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2025-43950",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-22T18:16:01.517",
"lastModified": "2025-04-22T18:16:01.517",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "DPMAdirektPro 4.1.5 is vulnerable to DLL Hijacking. It happens by placing a malicious DLL in a directory (in the absence of a legitimate DLL), which is then loaded by the application instead of the legitimate DLL. This causes the malicious DLL to load with the same privileges as the application, thus causing a privilege escalation."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Henkel-CyberVM/CVEs/tree/main/CVE-2025-43950",
"source": "cve@mitre.org"
},
{
"url": "https://www.dpma.de/english/services/efiling/dpmadirekt/downloads/index.html",
"source": "cve@mitre.org"
}
]
}

25
CVE-2025/CVE-2025-439xx/CVE-2025-43951.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2025-43951",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-22T18:16:01.650",
"lastModified": "2025-04-22T18:16:01.650",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LabVantage before LV 8.8.0.13 HF6 allows local file inclusion. Authenticated users can retrieve arbitrary files from the environment via the objectname request parameter."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Henkel-CyberVM/CVEs/tree/main/CVE-2025-43951",
"source": "cve@mitre.org"
},
{
"url": "https://www.labvantage.com/informatics/lims/",
"source": "cve@mitre.org"
}
]
}

25
CVE-2025/CVE-2025-439xx/CVE-2025-43952.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2025-43952",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-22T18:16:01.773",
"lastModified": "2025-04-22T18:16:01.773",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (reflected XSS) vulnerability was found in Mettler Toledo FreeWeight.Net Web Reports Viewer 8.4.0 (440). It allows an attacker to inject malicious scripts via the IW_SessionID_ parameter."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Henkel-CyberVM/CVEs/tree/main/CVE-2025-43952",
"source": "cve@mitre.org"
},
{
"url": "https://www.mt.com/FreeWeighNet",
"source": "cve@mitre.org"
}
]
}

97
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-04-22T18:00:20.818874+00:00
2025-04-22T20:00:19.847748+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-04-22T17:54:47.210000+00:00
2025-04-22T19:59:50.427000+00:00
```
### Last Data Feed Release
@ -33,56 +33,69 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
291080
291114
```
### CVEs added in the last Commit
Recently added CVEs: `12`
Recently added CVEs: `34`
- [CVE-2024-33452](CVE-2024/CVE-2024-334xx/CVE-2024-33452.json) (`2025-04-22T16:15:44.200`)
- [CVE-2025-23249](CVE-2025/CVE-2025-232xx/CVE-2025-23249.json) (`2025-04-22T16:15:44.587`)
- [CVE-2025-23250](CVE-2025/CVE-2025-232xx/CVE-2025-23250.json) (`2025-04-22T16:15:44.740`)
- [CVE-2025-23251](CVE-2025/CVE-2025-232xx/CVE-2025-23251.json) (`2025-04-22T16:15:44.870`)
- [CVE-2025-27907](CVE-2025/CVE-2025-279xx/CVE-2025-27907.json) (`2025-04-22T17:16:45.033`)
- [CVE-2025-28024](CVE-2025/CVE-2025-280xx/CVE-2025-28024.json) (`2025-04-22T16:15:44.997`)
- [CVE-2025-28030](CVE-2025/CVE-2025-280xx/CVE-2025-28030.json) (`2025-04-22T16:15:45.123`)
- [CVE-2025-28031](CVE-2025/CVE-2025-280xx/CVE-2025-28031.json) (`2025-04-22T16:15:45.250`)
- [CVE-2025-28037](CVE-2025/CVE-2025-280xx/CVE-2025-28037.json) (`2025-04-22T16:15:45.370`)
- [CVE-2025-29339](CVE-2025/CVE-2025-293xx/CVE-2025-29339.json) (`2025-04-22T17:16:46.827`)
- [CVE-2025-34028](CVE-2025/CVE-2025-340xx/CVE-2025-34028.json) (`2025-04-22T17:16:48.027`)
- [CVE-2025-3767](CVE-2025/CVE-2025-37xx/CVE-2025-3767.json) (`2025-04-22T16:15:45.487`)
- [CVE-2025-28027](CVE-2025/CVE-2025-280xx/CVE-2025-28027.json) (`2025-04-22T18:15:58.910`)
- [CVE-2025-28029](CVE-2025/CVE-2025-280xx/CVE-2025-28029.json) (`2025-04-22T18:15:59.037`)
- [CVE-2025-28035](CVE-2025/CVE-2025-280xx/CVE-2025-28035.json) (`2025-04-22T18:15:59.160`)
- [CVE-2025-28036](CVE-2025/CVE-2025-280xx/CVE-2025-28036.json) (`2025-04-22T18:15:59.260`)
- [CVE-2025-28038](CVE-2025/CVE-2025-280xx/CVE-2025-28038.json) (`2025-04-22T18:15:59.377`)
- [CVE-2025-28039](CVE-2025/CVE-2025-280xx/CVE-2025-28039.json) (`2025-04-22T18:15:59.500`)
- [CVE-2025-29621](CVE-2025/CVE-2025-296xx/CVE-2025-29621.json) (`2025-04-22T19:15:52.300`)
- [CVE-2025-31327](CVE-2025/CVE-2025-313xx/CVE-2025-31327.json) (`2025-04-22T19:15:52.420`)
- [CVE-2025-31328](CVE-2025/CVE-2025-313xx/CVE-2025-31328.json) (`2025-04-22T19:15:52.570`)
- [CVE-2025-32788](CVE-2025/CVE-2025-327xx/CVE-2025-32788.json) (`2025-04-22T18:15:59.630`)
- [CVE-2025-32950](CVE-2025/CVE-2025-329xx/CVE-2025-32950.json) (`2025-04-22T18:15:59.793`)
- [CVE-2025-32951](CVE-2025/CVE-2025-329xx/CVE-2025-32951.json) (`2025-04-22T18:15:59.940`)
- [CVE-2025-32952](CVE-2025/CVE-2025-329xx/CVE-2025-32952.json) (`2025-04-22T18:16:00.097`)
- [CVE-2025-32959](CVE-2025/CVE-2025-329xx/CVE-2025-32959.json) (`2025-04-22T18:16:00.233`)
- [CVE-2025-32960](CVE-2025/CVE-2025-329xx/CVE-2025-32960.json) (`2025-04-22T18:16:00.380`)
- [CVE-2025-32961](CVE-2025/CVE-2025-329xx/CVE-2025-32961.json) (`2025-04-22T18:16:00.557`)
- [CVE-2025-32963](CVE-2025/CVE-2025-329xx/CVE-2025-32963.json) (`2025-04-22T18:16:00.710`)
- [CVE-2025-32964](CVE-2025/CVE-2025-329xx/CVE-2025-32964.json) (`2025-04-22T18:16:00.847`)
- [CVE-2025-43946](CVE-2025/CVE-2025-439xx/CVE-2025-43946.json) (`2025-04-22T18:16:01.047`)
- [CVE-2025-43947](CVE-2025/CVE-2025-439xx/CVE-2025-43947.json) (`2025-04-22T18:16:01.170`)
- [CVE-2025-43948](CVE-2025/CVE-2025-439xx/CVE-2025-43948.json) (`2025-04-22T18:16:01.277`)
- [CVE-2025-43949](CVE-2025/CVE-2025-439xx/CVE-2025-43949.json) (`2025-04-22T18:16:01.410`)
- [CVE-2025-43950](CVE-2025/CVE-2025-439xx/CVE-2025-43950.json) (`2025-04-22T18:16:01.517`)
- [CVE-2025-43951](CVE-2025/CVE-2025-439xx/CVE-2025-43951.json) (`2025-04-22T18:16:01.650`)
- [CVE-2025-43952](CVE-2025/CVE-2025-439xx/CVE-2025-43952.json) (`2025-04-22T18:16:01.773`)
### CVEs modified in the last Commit
Recently modified CVEs: `170`
Recently modified CVEs: `46`
- [CVE-2025-22903](CVE-2025/CVE-2025-229xx/CVE-2025-22903.json) (`2025-04-22T16:55:56.553`)
- [CVE-2025-25453](CVE-2025/CVE-2025-254xx/CVE-2025-25453.json) (`2025-04-22T16:43:13.973`)
- [CVE-2025-25454](CVE-2025/CVE-2025-254xx/CVE-2025-25454.json) (`2025-04-22T16:41:20.843`)
- [CVE-2025-25455](CVE-2025/CVE-2025-254xx/CVE-2025-25455.json) (`2025-04-22T16:41:14.233`)
- [CVE-2025-25456](CVE-2025/CVE-2025-254xx/CVE-2025-25456.json) (`2025-04-22T16:43:06.293`)
- [CVE-2025-25457](CVE-2025/CVE-2025-254xx/CVE-2025-25457.json) (`2025-04-22T16:43:17.263`)
- [CVE-2025-25458](CVE-2025/CVE-2025-254xx/CVE-2025-25458.json) (`2025-04-22T16:43:09.690`)
- [CVE-2025-28100](CVE-2025/CVE-2025-281xx/CVE-2025-28100.json) (`2025-04-22T17:54:47.210`)
- [CVE-2025-29189](CVE-2025/CVE-2025-291xx/CVE-2025-29189.json) (`2025-04-22T17:11:10.127`)
- [CVE-2025-29390](CVE-2025/CVE-2025-293xx/CVE-2025-29390.json) (`2025-04-22T17:06:50.490`)
- [CVE-2025-29391](CVE-2025/CVE-2025-293xx/CVE-2025-29391.json) (`2025-04-22T17:02:50.427`)
- [CVE-2025-29453](CVE-2025/CVE-2025-294xx/CVE-2025-29453.json) (`2025-04-22T16:27:39.750`)
- [CVE-2025-29454](CVE-2025/CVE-2025-294xx/CVE-2025-29454.json) (`2025-04-22T16:27:32.467`)
- [CVE-2025-29455](CVE-2025/CVE-2025-294xx/CVE-2025-29455.json) (`2025-04-22T16:27:18.980`)
- [CVE-2025-29456](CVE-2025/CVE-2025-294xx/CVE-2025-29456.json) (`2025-04-22T16:27:12.397`)
- [CVE-2025-29462](CVE-2025/CVE-2025-294xx/CVE-2025-29462.json) (`2025-04-22T16:33:41.237`)
- [CVE-2025-29705](CVE-2025/CVE-2025-297xx/CVE-2025-29705.json) (`2025-04-22T17:46:31.730`)
- [CVE-2025-3115](CVE-2025/CVE-2025-31xx/CVE-2025-3115.json) (`2025-04-22T16:46:51.650`)
- [CVE-2025-3131](CVE-2025/CVE-2025-31xx/CVE-2025-3131.json) (`2025-04-22T16:16:30.543`)
- [CVE-2025-32375](CVE-2025/CVE-2025-323xx/CVE-2025-32375.json) (`2025-04-22T16:52:36.937`)
- [CVE-2025-33026](CVE-2025/CVE-2025-330xx/CVE-2025-33026.json) (`2025-04-22T17:37:37.900`)
- [CVE-2025-3664](CVE-2025/CVE-2025-36xx/CVE-2025-3664.json) (`2025-04-22T16:53:30.190`)
- [CVE-2025-3665](CVE-2025/CVE-2025-36xx/CVE-2025-3665.json) (`2025-04-22T16:54:19.520`)
- [CVE-2025-3674](CVE-2025/CVE-2025-36xx/CVE-2025-3674.json) (`2025-04-22T16:52:45.317`)
- [CVE-2025-3786](CVE-2025/CVE-2025-37xx/CVE-2025-3786.json) (`2025-04-22T16:35:33.920`)
- [CVE-2023-51299](CVE-2023/CVE-2023-512xx/CVE-2023-51299.json) (`2025-04-22T19:59:50.427`)
- [CVE-2023-51300](CVE-2023/CVE-2023-513xx/CVE-2023-51300.json) (`2025-04-22T19:57:43.537`)
- [CVE-2024-20029](CVE-2024/CVE-2024-200xx/CVE-2024-20029.json) (`2025-04-22T19:53:12.210`)
- [CVE-2024-20030](CVE-2024/CVE-2024-200xx/CVE-2024-20030.json) (`2025-04-22T19:54:09.547`)
- [CVE-2024-50766](CVE-2024/CVE-2024-507xx/CVE-2024-50766.json) (`2025-04-22T19:30:32.917`)
- [CVE-2024-50960](CVE-2024/CVE-2024-509xx/CVE-2024-50960.json) (`2025-04-22T18:00:52.937`)
- [CVE-2024-50993](CVE-2024/CVE-2024-509xx/CVE-2024-50993.json) (`2025-04-22T18:09:32.990`)
- [CVE-2024-50994](CVE-2024/CVE-2024-509xx/CVE-2024-50994.json) (`2025-04-22T18:11:27.543`)
- [CVE-2024-50995](CVE-2024/CVE-2024-509xx/CVE-2024-50995.json) (`2025-04-22T18:11:51.507`)
- [CVE-2024-50998](CVE-2024/CVE-2024-509xx/CVE-2024-50998.json) (`2025-04-22T18:12:56.867`)
- [CVE-2024-50999](CVE-2024/CVE-2024-509xx/CVE-2024-50999.json) (`2025-04-22T18:13:30.633`)
- [CVE-2024-51000](CVE-2024/CVE-2024-510xx/CVE-2024-51000.json) (`2025-04-22T18:13:56.557`)
- [CVE-2024-51001](CVE-2024/CVE-2024-510xx/CVE-2024-51001.json) (`2025-04-22T18:14:23.380`)
- [CVE-2024-51006](CVE-2024/CVE-2024-510xx/CVE-2024-51006.json) (`2025-04-22T18:16:00.370`)
- [CVE-2024-54802](CVE-2024/CVE-2024-548xx/CVE-2024-54802.json) (`2025-04-22T18:17:11.743`)
- [CVE-2024-54803](CVE-2024/CVE-2024-548xx/CVE-2024-54803.json) (`2025-04-22T18:16:52.410`)
- [CVE-2024-57252](CVE-2024/CVE-2024-572xx/CVE-2024-57252.json) (`2025-04-22T19:38:49.933`)
- [CVE-2025-0532](CVE-2025/CVE-2025-05xx/CVE-2025-0532.json) (`2025-04-22T19:53:47.040`)
- [CVE-2025-0535](CVE-2025/CVE-2025-05xx/CVE-2025-0535.json) (`2025-04-22T19:45:10.037`)
- [CVE-2025-0565](CVE-2025/CVE-2025-05xx/CVE-2025-0565.json) (`2025-04-22T19:37:16.983`)
- [CVE-2025-24948](CVE-2025/CVE-2025-249xx/CVE-2025-24948.json) (`2025-04-22T18:41:34.110`)
- [CVE-2025-24949](CVE-2025/CVE-2025-249xx/CVE-2025-24949.json) (`2025-04-22T18:39:42.840`)
- [CVE-2025-26269](CVE-2025/CVE-2025-262xx/CVE-2025-26269.json) (`2025-04-22T18:15:58.627`)
- [CVE-2025-28198](CVE-2025/CVE-2025-281xx/CVE-2025-28198.json) (`2025-04-22T18:24:06.670`)
- [CVE-2025-3402](CVE-2025/CVE-2025-34xx/CVE-2025-3402.json) (`2025-04-22T19:17:48.387`)
## Download and Usage

490
_state.csv
View File

File diff suppressed because it is too large Load Diff