admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-07-07T20:00:12.175603+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-07-07 20:03:49 +00:00
parent ebab2b305f
commit 5bc8a22b49
111 changed files with 4024 additions and 590 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
CVE-2014/CVE-2014-39xx/CVE-2014-3931.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2014-3931",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-03-31T16:59:00.237",
"lastModified": "2025-04-20T01:37:25.860",
"lastModified": "2025-07-07T18:15:22.823",
"vulnStatus": "Deferred",
"cveTags": [],
"descriptions": [
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
@ -74,6 +96,16 @@
"value": "CWE-119"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"configurations": [

32
CVE-2016/CVE-2016-100xx/CVE-2016-10033.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2016-10033",
"sourceIdentifier": "cve@mitre.org",
"published": "2016-12-30T19:59:00.137",
"lastModified": "2025-04-12T10:46:40.837",
"lastModified": "2025-07-07T19:15:22.037",
"vulnStatus": "Deferred",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -74,6 +94,16 @@
"value": "CWE-88"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-88"
}
]
}
],
"configurations": [

6
CVE-2019/CVE-2019-08xx/CVE-2019-0887.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-0887",
"sourceIdentifier": "secure@microsoft.com",
"published": "2019-07-15T19:15:15.797",
"lastModified": "2024-11-21T04:17:26.777",
"lastModified": "2025-07-07T18:15:34.883",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -85,9 +85,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:remote_desktop:*:*:*:*:*:windows:*:*",
"criteria": "cpe:2.3:a:microsoft:remote_desktop_client:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "1.2.2691",
"matchCriteriaId": "89716FA4-E235-44B7-BE04-1CF26E6912AB"
"matchCriteriaId": "B3841E12-6BBD-4608-AFFF-1B54927E757F"
},
{
"vulnerable": true,

26
CVE-2019/CVE-2019-54xx/CVE-2019-5418.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-5418",
"sourceIdentifier": "support@hackerone.com",
"published": "2019-03-27T14:29:01.533",
"lastModified": "2024-11-21T04:44:53.877",
"lastModified": "2025-07-07T18:15:24.157",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [
@ -382,6 +402,10 @@
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://web.archive.org/web/20190313201629/https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

34
CVE-2019/CVE-2019-96xx/CVE-2019-9621.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-9621",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-04-30T18:29:08.633",
"lastModified": "2024-11-21T04:51:59.057",
"lastModified": "2025-07-07T18:15:24.450",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
@ -74,6 +96,16 @@
"value": "CWE-918"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"configurations": [

6
CVE-2021/CVE-2021-16xx/CVE-2021-1669.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-1669",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-01-12T20:15:32.040",
"lastModified": "2024-11-21T05:44:51.370",
"lastModified": "2025-07-07T18:15:34.883",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -115,8 +115,8 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:windows:*:*",
"matchCriteriaId": "533409E1-2132-4156-BA25-13EE618D84F5"
"criteria": "cpe:2.3:a:microsoft:remote_desktop_client:-:*:*:*:*:windows:*:*",
"matchCriteriaId": "05B5E1F9-B1CF-443F-8687-9DEA82C71613"
},
{
"vulnerable": true,

6
CVE-2021/CVE-2021-345xx/CVE-2021-34535.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-34535",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-08-12T18:15:09.447",
"lastModified": "2024-11-21T06:10:37.393",
"lastModified": "2025-07-07T18:15:34.883",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -105,8 +105,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:windows:*:*",
"matchCriteriaId": "533409E1-2132-4156-BA25-13EE618D84F5"
"criteria": "cpe:2.3:a:microsoft:remote_desktop_client:-:*:*:*:*:windows:*:*",
"matchCriteriaId": "05B5E1F9-B1CF-443F-8687-9DEA82C71613"
},
{
"vulnerable": true,

6
CVE-2021/CVE-2021-386xx/CVE-2021-38665.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-38665",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-11-10T01:18:35.180",
"lastModified": "2024-11-21T06:17:51.323",
"lastModified": "2025-07-07T18:15:34.883",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -105,10 +105,10 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:remote_desktop:*:*:*:*:*:windows:*:*",
"criteria": "cpe:2.3:a:microsoft:remote_desktop_client:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "1.2.1672",
"versionEndExcluding": "1.2.2677",
"matchCriteriaId": "278636B0-8595-4D75-985B-330BF46EFB64"
"matchCriteriaId": "20CD6EC4-A51E-421C-A3E4-4E70E7C1BD32"
},
{
"vulnerable": true,

6
CVE-2022/CVE-2022-220xx/CVE-2022-22015.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-22015",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-05-10T21:15:09.580",
"lastModified": "2025-01-02T19:15:33.490",
"lastModified": "2025-07-07T18:15:34.883",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -85,8 +85,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:windows:*:*",
"matchCriteriaId": "533409E1-2132-4156-BA25-13EE618D84F5"
"criteria": "cpe:2.3:a:microsoft:remote_desktop_client:-:*:*:*:*:windows:*:*",
"matchCriteriaId": "05B5E1F9-B1CF-443F-8687-9DEA82C71613"
},
{
"vulnerable": true,

6
CVE-2022/CVE-2022-220xx/CVE-2022-22017.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-22017",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-05-10T21:15:09.690",
"lastModified": "2025-01-02T19:15:33.777",
"lastModified": "2025-07-07T18:15:34.883",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -85,8 +85,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:windows:*:*",
"matchCriteriaId": "533409E1-2132-4156-BA25-13EE618D84F5"
"criteria": "cpe:2.3:a:microsoft:remote_desktop_client:-:*:*:*:*:windows:*:*",
"matchCriteriaId": "05B5E1F9-B1CF-443F-8687-9DEA82C71613"
},
{
"vulnerable": true,

10
CVE-2022/CVE-2022-233xx/CVE-2022-23302.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-23302",
"sourceIdentifier": "security@apache.org",
"published": "2022-01-18T16:15:08.300",
"lastModified": "2024-11-21T06:48:21.983",
"lastModified": "2025-07-07T18:15:24.713",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -440,6 +440,14 @@
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://www.vicarius.io/vsociety/posts/cve-2022-23302-detect-log4j-1217-vulnerability",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.vicarius.io/vsociety/posts/cve-2022-23302-mitigate-log4j-1217-vulnerability",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}

6
CVE-2022/CVE-2022-245xx/CVE-2022-24503.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-24503",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:15.043",
"lastModified": "2024-11-21T06:50:33.453",
"lastModified": "2025-07-07T18:15:34.883",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -105,9 +105,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:remote_desktop:*:*:*:*:*:windows:*:*",
"criteria": "cpe:2.3:a:microsoft:remote_desktop_client:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "1.2.2925",
"matchCriteriaId": "FC11E139-F474-4100-8D19-FDFB4FA85FD7"
"matchCriteriaId": "38A0532D-C931-45EE-A29B-5FF67301360E"
},
{
"vulnerable": true,

6
CVE-2022/CVE-2022-269xx/CVE-2022-26940.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-26940",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-05-10T21:15:10.953",
"lastModified": "2025-01-02T19:16:07.083",
"lastModified": "2025-07-07T18:15:34.883",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -85,8 +85,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:windows:*:*",
"matchCriteriaId": "533409E1-2132-4156-BA25-13EE618D84F5"
"criteria": "cpe:2.3:a:microsoft:remote_desktop_client:-:*:*:*:*:windows:*:*",
"matchCriteriaId": "05B5E1F9-B1CF-443F-8687-9DEA82C71613"
},
{
"vulnerable": true,

8
CVE-2022/CVE-2022-408xx/CVE-2022-40843.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-40843",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-15T02:15:09.093",
"lastModified": "2024-11-21T07:22:08.140",
"vulnStatus": "Modified",
"lastModified": "2025-07-07T18:20:33.157",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -72,8 +72,8 @@
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac1200_v-w15ev2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D3ADECB-FC43-49E5-8C52-39673CE61B7B"
"criteria": "cpe:2.3:h:tenda:w15e:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4EF5F7DF-4B18-4AE3-B8BD-B051761291CE"
}
]
}

8
CVE-2022/CVE-2022-408xx/CVE-2022-40844.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-40844",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-15T03:15:14.193",
"lastModified": "2025-05-14T21:15:54.873",
"vulnStatus": "Modified",
"lastModified": "2025-07-07T18:19:55.613",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -102,8 +102,8 @@
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac1200_v-w15ev2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D3ADECB-FC43-49E5-8C52-39673CE61B7B"
"criteria": "cpe:2.3:h:tenda:w15e:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4EF5F7DF-4B18-4AE3-B8BD-B051761291CE"
}
]
}

8
CVE-2022/CVE-2022-408xx/CVE-2022-40845.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-40845",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-15T02:15:11.037",
"lastModified": "2025-05-13T20:15:22.830",
"vulnStatus": "Modified",
"lastModified": "2025-07-07T18:20:43.733",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -102,8 +102,8 @@
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac1200_v-w15ev2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D3ADECB-FC43-49E5-8C52-39673CE61B7B"
"criteria": "cpe:2.3:h:tenda:w15e:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4EF5F7DF-4B18-4AE3-B8BD-B051761291CE"
}
]
}

8
CVE-2022/CVE-2022-408xx/CVE-2022-40846.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-40846",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-15T03:15:14.713",
"lastModified": "2025-04-30T15:15:54.480",
"vulnStatus": "Modified",
"lastModified": "2025-07-07T18:20:08.440",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -102,8 +102,8 @@
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac1200_v-w15ev2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D3ADECB-FC43-49E5-8C52-39673CE61B7B"
"criteria": "cpe:2.3:h:tenda:w15e:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4EF5F7DF-4B18-4AE3-B8BD-B051761291CE"
}
]
}

8
CVE-2022/CVE-2022-408xx/CVE-2022-40847.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-40847",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-15T02:15:11.270",
"lastModified": "2025-04-30T15:15:54.687",
"vulnStatus": "Modified",
"lastModified": "2025-07-07T18:20:52.457",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -102,8 +102,8 @@
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac1200_v-w15ev2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D3ADECB-FC43-49E5-8C52-39673CE61B7B"
"criteria": "cpe:2.3:h:tenda:w15e:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4EF5F7DF-4B18-4AE3-B8BD-B051761291CE"
}
]
}

6
CVE-2022/CVE-2022-411xx/CVE-2022-41121.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-41121",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-12-13T19:15:12.277",
"lastModified": "2025-01-02T22:15:27.007",
"lastModified": "2025-07-07T18:15:34.883",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -90,8 +90,8 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:windows:*:*",
"matchCriteriaId": "533409E1-2132-4156-BA25-13EE618D84F5"
"criteria": "cpe:2.3:a:microsoft:remote_desktop_client:-:*:*:*:*:windows:*:*",
"matchCriteriaId": "05B5E1F9-B1CF-443F-8687-9DEA82C71613"
},
{
"vulnerable": true,

8
CVE-2022/CVE-2022-420xx/CVE-2022-42053.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-42053",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-15T03:15:15.187",
"lastModified": "2025-04-30T15:15:55.243",
"vulnStatus": "Modified",
"lastModified": "2025-07-07T18:20:20.603",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -102,8 +102,8 @@
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac1200_v-w15ev2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D3ADECB-FC43-49E5-8C52-39673CE61B7B"
"criteria": "cpe:2.3:h:tenda:w15e:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4EF5F7DF-4B18-4AE3-B8BD-B051761291CE"
}
]
}

20
CVE-2023/CVE-2023-282xx/CVE-2023-28267.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28267",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-04-11T21:15:25.777",
"lastModified": "2024-11-21T07:54:43.547",
"vulnStatus": "Modified",
"lastModified": "2025-07-07T18:48:35.783",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -45,16 +45,6 @@
"value": "CWE-126"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
@ -66,9 +56,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:remote_desktop:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "1.2.4157.0",
"matchCriteriaId": "F3A174EB-B872-469F-B90A-A589D83A83F2"
"criteria": "cpe:2.3:a:microsoft:remote_desktop_client:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "1.2.4157",
"matchCriteriaId": "D0516855-3209-4E71-8F4A-5AEC5B8C220C"
},
{
"vulnerable": true,

12
CVE-2023/CVE-2023-282xx/CVE-2023-28290.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28290",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-05-09T18:15:13.547",
"lastModified": "2024-11-21T07:54:46.100",
"vulnStatus": "Modified",
"lastModified": "2025-07-07T18:47:08.610",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -56,9 +56,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:remote_desktop:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.2.3006.0",
"matchCriteriaId": "A967D3CD-57A5-404B-91EF-5AE2F24A6370"
"criteria": "cpe:2.3:a:microsoft:remote_desktop_app:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "10.2.3006",
"matchCriteriaId": "8ABEC3C5-095F-4856-A3C3-6105402A9069"
}
]
}
@ -70,7 +70,6 @@
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28290",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
@ -78,7 +77,6 @@
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28290",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
]
}

10
CVE-2023/CVE-2023-293xx/CVE-2023-29352.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-29352",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-06-14T00:15:09.733",
"lastModified": "2025-04-08T14:12:48.513",
"lastModified": "2025-07-07T18:48:03.020",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -56,9 +56,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:remote_desktop:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "1.2.4337.0",
"matchCriteriaId": "7DC7E27B-4261-4DD2-87A0-E2944758233A"
"criteria": "cpe:2.3:a:microsoft:remote_desktop_client:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "1.2.4337",
"matchCriteriaId": "350930E0-71AA-4988-B831-8D59EBA209A0"
},
{
"vulnerable": true,
@ -112,7 +112,6 @@
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29352",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
@ -120,7 +119,6 @@
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29352",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
]
}

20
CVE-2023/CVE-2023-293xx/CVE-2023-29362.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-29362",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-06-14T00:15:10.187",
"lastModified": "2025-04-08T14:02:08.773",
"lastModified": "2025-07-07T18:48:20.413",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -45,16 +45,6 @@
"value": "CWE-122"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
@ -66,9 +56,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:remote_desktop:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "1.2.4337.0",
"matchCriteriaId": "7DC7E27B-4261-4DD2-87A0-E2944758233A"
"criteria": "cpe:2.3:a:microsoft:remote_desktop_client:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "1.2.4337",
"matchCriteriaId": "350930E0-71AA-4988-B831-8D59EBA209A0"
},
{
"vulnerable": true,
@ -155,7 +145,6 @@
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29362",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
@ -163,7 +152,6 @@
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29362",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
]
}

13
CVE-2023/CVE-2023-472xx/CVE-2023-47253.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47253",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-06T06:15:40.957",
"lastModified": "2025-06-12T17:15:27.357",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:50:25.087",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -90,9 +90,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qualitor:qalitor:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:qualitor:qualitor:*:*:*:*:*:*:*:*",
"versionEndIncluding": "8.20",
"matchCriteriaId": "F7187BD0-ECEA-4590-B986-B44F42067F20"
"matchCriteriaId": "9A379699-C3DA-4A71-9683-7255148B3D7B"
}
]
}
@ -124,7 +124,10 @@
},
{
"url": "https://www.qualitor.com.br/official-security-advisory-cve-2023-47253",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.qualitor.com.br/qualitor-8-20",

12
CVE-2023/CVE-2023-507xx/CVE-2023-50786.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2023-50786",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-07-05T04:15:24.373",
"lastModified": "2025-07-05T04:15:24.373",
"lastModified": "2025-07-07T19:15:22.473",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dradis through 4.16.0 allows referencing external images (resources) over HTTPS, instead of forcing the use of embedded (uploaded) images. This can be leveraged by an authorized author to attempt to steal the Net-NTLM hashes of other authors on a Windows domain network."
},
{
"lang": "es",
"value": "Dradis, hasta la versi\u00f3n 4.16.0, permite referenciar im\u00e1genes externas (recursos) mediante HTTPS, en lugar de forzar el uso de im\u00e1genes incrustadas (subidas). Esto puede ser aprovechado por un autor autorizado para intentar robar los hashes Net-NTLM de otros autores en una red de dominio Windows."
}
],
"metrics": {
@ -38,7 +42,7 @@
"weaknesses": [
{
"source": "cve@mitre.org",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -59,6 +63,10 @@
{
"url": "https://securiteam.io/2025/07/04/cve-2023-50786-dradis-ntlm-theft-vulnerability/",
"source": "cve@mitre.org"
},
{
"url": "https://securiteam.io/2025/07/04/cve-2023-50786-dradis-ntlm-theft-vulnerability/",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

32
CVE-2024/CVE-2024-126xx/CVE-2024-12607.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-12607",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-03-07T09:15:14.700",
"lastModified": "2025-03-07T09:15:14.700",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:19:26.810",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dasinfomedia:school_management_system:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "93.0.0",
"matchCriteriaId": "8E36B504-E85B-445B-8983-2C9F5DED3D3B"
}
]
}
]
}
],
"references": [
{
"url": "https://codecanyon.net/item/school-management-system-for-wordpress/11470032",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/175fe7f4-ac92-4c52-9889-47635c21cd9b?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

32
CVE-2024/CVE-2024-126xx/CVE-2024-12609.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-12609",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-03-07T09:15:14.860",
"lastModified": "2025-03-07T09:15:14.860",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:19:17.110",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dasinfomedia:school_management_system:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "93.0.0",
"matchCriteriaId": "8E36B504-E85B-445B-8983-2C9F5DED3D3B"
}
]
}
]
}
],
"references": [
{
"url": "https://codecanyon.net/item/school-management-system-for-wordpress/11470032",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a8790df5-7228-4854-870c-1e6d3d0cfbaa?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

32
CVE-2024/CVE-2024-126xx/CVE-2024-12610.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-12610",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-03-07T09:15:15.017",
"lastModified": "2025-03-07T09:15:15.017",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:17:03.907",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dasinfomedia:school_management_system:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "93.0.0",
"matchCriteriaId": "915C5AD7-1FB6-4393-BE7C-024C2416E81B"
}
]
}
]
}
],
"references": [
{
"url": "https://codecanyon.net/item/school-management-system-for-wordpress/11470032",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9c3a7ca0-9325-4b50-a844-8eeb4047de1a?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

32
CVE-2024/CVE-2024-126xx/CVE-2024-12611.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-12611",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-03-07T09:15:15.177",
"lastModified": "2025-03-07T09:15:15.177",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:16:49.047",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dasinfomedia:school_management_system:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "93.0.0",
"matchCriteriaId": "915C5AD7-1FB6-4393-BE7C-024C2416E81B"
}
]
}
]
}
],
"references": [
{
"url": "https://codecanyon.net/item/school-management-system-for-wordpress/11470032",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/45ada7a4-466b-4e73-8869-e1178e4fc67a?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

21
CVE-2024/CVE-2024-376xx/CVE-2024-37656.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-37656",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-07-07T18:15:25.120",
"lastModified": "2025-07-07T18:15:25.120",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An open redirect vulnerability in gnuboard5 v.5.5.16 allows a remote attacker to obtain sensitive information via the insufficient URL parameter verification in bbs/logout.php."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/gnuboard/gnuboard5/issues/318",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-376xx/CVE-2024-37657.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-37657",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-07-07T18:15:25.233",
"lastModified": "2025-07-07T18:15:25.233",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An open redirect vulnerability in gnuboard5 v.5.5.16 allows a remote attacker to obtain sensitive information via thebbs/login.php component."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/gnuboard/gnuboard5/issues/320",
"source": "cve@mitre.org"
},
{
"url": "https://sir.kr/g5_pds/7205",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-376xx/CVE-2024-37658.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-37658",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-07-07T18:15:25.340",
"lastModified": "2025-07-07T18:15:25.340",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An open redirect vulnerability in gnuboard5 v.5.5.16 allows a remote attacker to obtain sensitive information via the bbs/member_confirm.php."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/gnuboard/gnuboard5/issues/319",
"source": "cve@mitre.org"
},
{
"url": "https://sir.kr/g5_pds/7205",
"source": "cve@mitre.org"
}
]
}

6
CVE-2024/CVE-2024-381xx/CVE-2024-38131.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-38131",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-08-13T18:15:15.833",
"lastModified": "2024-08-16T15:32:31.797",
"lastModified": "2025-07-07T18:15:34.883",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -70,9 +70,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:remote_desktop:*:*:*:*:*:windows:*:*",
"criteria": "cpe:2.3:a:microsoft:remote_desktop_client:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "1.2.5560.0",
"matchCriteriaId": "918587AD-F5C4-4295-A72B-6F2316EA7907"
"matchCriteriaId": "C70F9F5B-B3D1-432A-9DFC-1565318F3D98"
},
{
"vulnerable": true,

56
CVE-2024/CVE-2024-431xx/CVE-2024-43190.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-43190",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-07-07T18:15:25.440",
"lastModified": "2025-07-07T18:15:25.440",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Engineering Requirements Management DOORS 9.7.2.9, under certain configurations, could allow a remote attacker to obtain password reset instructions of a legitimate user using man in the middle techniques."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-640"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7238992",
"source": "psirt@us.ibm.com"
}
]
}

6
CVE-2024/CVE-2024-491xx/CVE-2024-49105.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-49105",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-12-12T02:04:36.417",
"lastModified": "2025-01-08T12:35:17.657",
"lastModified": "2025-07-07T18:15:34.883",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -70,9 +70,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:remote_desktop:*:*:*:*:*:windows:*:*",
"criteria": "cpe:2.3:a:microsoft:remote_desktop_client:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "1.2.5716.0",
"matchCriteriaId": "32CD7328-F224-4DA8-81BB-DF4A97229598"
"matchCriteriaId": "E729F5BA-3233-4EEA-B817-265F33ECA3F9"
},
{
"vulnerable": true,

28
CVE-2024/CVE-2024-527xx/CVE-2024-52702.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-52702",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-20T21:15:08.667",
"lastModified": "2024-11-21T13:57:24.187",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:07:18.730",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mybb:mybb:1.8.38:*:*:*:*:*:*:*",
"matchCriteriaId": "07E2BC41-5325-4F85-9235-61FF5CA894D1"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/mybb/mybb/issues/4859",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

31
CVE-2024/CVE-2024-527xx/CVE-2024-52726.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-52726",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-22T19:15:07.297",
"lastModified": "2024-11-27T17:15:13.463",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:06:25.797",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:crmeb:crmeb:5.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C49D0219-6D6E-4EAF-9ED5-D640899D5CB3"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/sec-Kode/bb71138619b22de28c6b0ba986ad58e5",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/sec-Kode/cve3/blob/main/cve3.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
}
]
}

45
CVE-2024/CVE-2024-528xx/CVE-2024-52871.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-52871",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-17T04:15:03.973",
"lastModified": "2024-11-18T18:35:09.027",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:01:02.550",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,14 +39,51 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:flagsmith:flagsmith:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.134.1",
"matchCriteriaId": "2867667E-9B13-4D92-8DB8-18EEECB277EF"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Flagsmith/flagsmith/compare/v2.134.0...v2.134.1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/Flagsmith/flagsmith/pull/4454",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch",
"Issue Tracking"
]
}
]
}

34
CVE-2024/CVE-2024-52xx/CVE-2024-5285.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5285",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-07-29T06:15:02.463",
"lastModified": "2024-11-21T09:47:21.403",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:05:35.573",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tipsandtricks-hq:wp_affiliate_platform:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "6.5.2",
"matchCriteriaId": "E20A992D-A534-4A06-8295-7F137FCA40CB"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/792f3904-88bd-47d1-9049-afccdd74853a/",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://wpscan.com/vulnerability/792f3904-88bd-47d1-9049-afccdd74853a/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

43
CVE-2024/CVE-2024-564xx/CVE-2024-56467.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56467",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-02-06T21:15:21.600",
"lastModified": "2025-02-06T21:15:21.600",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:26:35.707",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,47 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:entirex:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "371F5AF5-0001-42F2-9279-ED83FBE2C4C9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7182693",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

43
CVE-2024/CVE-2024-564xx/CVE-2024-56493.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56493",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-02-27T15:15:39.377",
"lastModified": "2025-02-27T15:15:39.377",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:25:51.340",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,47 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:entirex:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "371F5AF5-0001-42F2-9279-ED83FBE2C4C9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7184194",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

43
CVE-2024/CVE-2024-564xx/CVE-2024-56494.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56494",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-02-27T15:15:39.517",
"lastModified": "2025-02-27T15:15:39.517",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:23:15.690",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,47 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:entirex:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "371F5AF5-0001-42F2-9279-ED83FBE2C4C9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7184194",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

43
CVE-2024/CVE-2024-564xx/CVE-2024-56495.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56495",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-02-27T15:15:39.657",
"lastModified": "2025-02-27T15:15:39.657",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:22:24.773",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,47 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:entirex:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "371F5AF5-0001-42F2-9279-ED83FBE2C4C9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7184194",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

43
CVE-2024/CVE-2024-564xx/CVE-2024-56496.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56496",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-02-27T15:15:39.793",
"lastModified": "2025-02-27T15:15:39.793",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:21:37.967",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,47 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:entirex:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "371F5AF5-0001-42F2-9279-ED83FBE2C4C9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7184194",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

32
CVE-2024/CVE-2024-565xx/CVE-2024-56518.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56518",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-17T16:15:27.900",
"lastModified": "2025-04-22T15:16:10.023",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:18:01.627",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hazelcast:management_center:*:*:*:*:-:*:*:*",
"versionEndIncluding": "6.0",
"matchCriteriaId": "1399DB27-D4CA-4966-B205-A9A898086E10"
}
]
}
]
}
],
"references": [
{
"url": "https://docs.hazelcast.com/management-center/6.0-snapshot/getting-started/install",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://gist.github.com/azraelxuemo/c3d42739aa3306a41111ef603dc65b4c",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

43
CVE-2024/CVE-2024-568xx/CVE-2024-56810.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56810",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-02-27T15:15:39.930",
"lastModified": "2025-02-27T15:15:39.930",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:15:21.667",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,47 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:entirex:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "371F5AF5-0001-42F2-9279-ED83FBE2C4C9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7184194",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

43
CVE-2024/CVE-2024-568xx/CVE-2024-56811.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56811",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-02-27T15:15:40.067",
"lastModified": "2025-02-27T15:15:40.067",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:14:28.847",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,47 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:entirex:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "371F5AF5-0001-42F2-9279-ED83FBE2C4C9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7184194",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

65
CVE-2024/CVE-2024-568xx/CVE-2024-56812.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56812",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-02-27T15:15:40.200",
"lastModified": "2025-02-27T15:15:40.200",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:13:11.237",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -51,10 +71,47 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:entirex:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "371F5AF5-0001-42F2-9279-ED83FBE2C4C9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7184194",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

45
CVE-2024/CVE-2024-570xx/CVE-2024-57046.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-57046",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-18T15:15:16.783",
"lastModified": "2025-02-19T22:15:23.207",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:11:18.437",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,51 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netgear:dgn2200_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.0.0.46",
"matchCriteriaId": "241797F8-D31C-4264-8E86-414D888E8AB6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netgear:dgn2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37C89394-ED7D-4C5F-9573-47A0378E22C8"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Shuanunio/CVE_Requests/blob/main/Netgear/DGN2200/ACL%20bypass%20Vulnerability%20in%20Netgear%20DGN2200.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.netgear.com/about/security/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

49
CVE-2024/CVE-2024-60xx/CVE-2024-6040.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6040",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-08-01T16:15:06.750",
"lastModified": "2024-08-01T16:45:25.400",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:45:37.597",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -51,10 +73,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lollms:lollms_web_ui:9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D9177E7C-9C27-4C3C-AC97-7F277FEEC725"
}
]
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/ac0bbb1d-89aa-42ba-bc48-1b59bd16acc7",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

36
CVE-2025/CVE-2025-09xx/CVE-2025-0900.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-0900",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2025-03-11T21:15:41.887",
"lastModified": "2025-03-11T21:15:41.887",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:23:40.633",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.4.0.388:*:*:*:*:*:*:*",
"matchCriteriaId": "39D01963-6E64-4495-A77E-CE9288AD9A97"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.4.0.388:*:*:*:*:*:*:*",
"matchCriteriaId": "C7D9BBD2-F1FE-4FCE-A564-9388954369FC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_pro:10.4.0.388:*:*:*:*:*:*:*",
"matchCriteriaId": "80BD1A0A-2B97-485C-B366-ABB7A3869C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-086/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
}
]
}

56
CVE-2025/CVE-2025-203xx/CVE-2025-20300.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-20300",
"sourceIdentifier": "psirt@cisco.com",
"published": "2025-07-07T18:15:25.660",
"lastModified": "2025-07-07T18:15:25.660",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Splunk Enterprise versions below 9.4.2, 9.3.5, 9.2.6, and 9.1.9 and Splunk Cloud Platform versions below 9.3.2411.103, 9.3.2408.112, and 9.2.2406.119, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles, and has read-only access to a specific alert, could suppress that alert when it triggers. See [Define alert suppression groups to throttle sets of similar alerts](https://help.splunk.com/en/splunk-enterprise/alert-and-respond/alerting-manual/9.4/manage-alert-trigger-conditions-and-throttling/define-alert-suppression-groups-to-throttle-sets-of-similar-alerts)."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@cisco.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2025-0708",
"source": "psirt@cisco.com"
}
]
}

56
CVE-2025/CVE-2025-203xx/CVE-2025-20319.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-20319",
"sourceIdentifier": "psirt@cisco.com",
"published": "2025-07-07T18:15:25.830",
"lastModified": "2025-07-07T18:15:25.830",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, a user who holds a role that contains the high-privilege capability `edit_scripted` and `list_inputs` capability , could perform a remote command execution due to improper user input sanitization on the scripted input files.<br><br>See [Define roles on the Splunk platform with capabilities](https://docs.splunk.com/Documentation/Splunk/latest/Security/Rolesandcapabilities) and [Setting up a scripted input ](https://docs.splunk.com/Documentation/Splunk/9.4.2/AdvancedDev/ScriptSetup)for more information."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@cisco.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2025-0702",
"source": "psirt@cisco.com"
}
]
}

56
CVE-2025/CVE-2025-203xx/CVE-2025-20320.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-20320",
"sourceIdentifier": "psirt@cisco.com",
"published": "2025-07-07T18:15:25.987",
"lastModified": "2025-07-07T18:15:25.987",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7 and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.107, 9.3.2408.117, and 9.2.2406.121, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could craft a malicious payload through the `User Interface - Views` configuration page that could potentially lead to a denial of service (DoS).The user could cause the DoS by exploiting a path traversal vulnerability that allows for deletion of arbitrary files within a Splunk directory. The vulnerability requires the low-privileged user to phish the administrator-level victim by tricking them into initiating a request within their browser. The low-privileged user should not be able to exploit the vulnerability at will."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@cisco.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "psirt@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-35"
}
]
}
],
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2025-0703",
"source": "psirt@cisco.com"
}
]
}

56
CVE-2025/CVE-2025-203xx/CVE-2025-20321.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-20321",
"sourceIdentifier": "psirt@cisco.com",
"published": "2025-07-07T18:15:26.143",
"lastModified": "2025-07-07T18:15:26.143",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7 and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.2408.114, and 9.2.2406.119, an unauthenticated attacker can send a specially-crafted SPL search that could change the membership state in a Splunk Search Head Cluster (SHC) through a Cross-Site Request Forgery (CSRF), potentially leading to the removal of the captain or a member of the SHC.<br><br>The vulnerability requires the attacker to phish the administrator-level victim by tricking them into initiating a request within their browser. The attacker should not be able to exploit the vulnerability at will."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@cisco.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2025-0704",
"source": "psirt@cisco.com"
}
]
}

56
CVE-2025/CVE-2025-203xx/CVE-2025-20322.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-20322",
"sourceIdentifier": "psirt@cisco.com",
"published": "2025-07-07T18:15:26.307",
"lastModified": "2025-07-07T18:15:26.307",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.2408.113, and 9.2.2406.119, an unauthenticated attacker could send a specially-crafted SPL search command that could trigger a rolling restart in the Search Head Cluster through a Cross-Site Request Forgery (CSRF), potentially leading to a denial of service (DoS).<br><br>The vulnerability requires the attacker to phish the administrator-level victim by tricking them into initiating a request within their browser. The attacker should not be able to exploit the vulnerability at will.<br><br>See [How rolling restart works](https://docs.splunk.com/Documentation/Splunk/9.4.2/DistSearch/RestartSHC) for more information."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@cisco.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2025-0705",
"source": "psirt@cisco.com"
}
]
}

56
CVE-2025/CVE-2025-203xx/CVE-2025-20323.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-20323",
"sourceIdentifier": "psirt@cisco.com",
"published": "2025-07-07T18:15:26.470",
"lastModified": "2025-07-07T18:15:26.470",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could turn off the scheduled search `Bucket Copy Trigger` within the Splunk Archiver application. This is because of missing access controls in the saved searches for this app."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@cisco.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2025-0706",
"source": "psirt@cisco.com"
}
]
}

56
CVE-2025/CVE-2025-203xx/CVE-2025-20324.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-20324",
"sourceIdentifier": "psirt@cisco.com",
"published": "2025-07-07T18:15:26.633",
"lastModified": "2025-07-07T18:15:26.633",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Splunk Enterprise versions below 9.4.2, 9.3.5, 9.2.7, and 9.1.10 and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.2408.113, and 9.2.2406.119, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could create or overwrite [system source type](https://help.splunk.com/en/splunk-enterprise/get-started/get-data-in/9.2/configure-source-types/create-source-types) configurations by sending a specially-crafted payload to the `/servicesNS/nobody/search/admin/sourcetypes/` REST endpoint on the Splunk management port."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@cisco.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "psirt@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2025-0707",
"source": "psirt@cisco.com"
}
]
}

56
CVE-2025/CVE-2025-203xx/CVE-2025-20325.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-20325",
"sourceIdentifier": "psirt@cisco.com",
"published": "2025-07-07T18:15:26.793",
"lastModified": "2025-07-07T18:15:26.793",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.103, 9.3.2408.113, and 9.2.2406.119, the software potentially exposes the search head cluster [splunk.secret](https://help.splunk.com/en/splunk-enterprise/administer/manage-users-and-security/9.4/install-splunk-enterprise-securely/deploy-secure-passwords-across-multiple-servers) key. This exposure could happen if you have a Search Head cluster and you configure the Splunk Enterprise\u00a0`SHCConfig`\u00a0log channel at the DEBUG logging level in the clustered deployment. <br><br>The vulnerability would require either local access to the log files or administrative access to internal indexes, which by default only the admin role receives. Review roles and capabilities on your instance and restrict internal index access to administrator-level roles. <br><br>See [Define roles on the Splunk platform with capabilities](https://docs.splunk.com/Documentation/Splunk/latest/Security/Rolesandcapabilities), [Deploy a search head cluster](https://help.splunk.com/en/splunk-enterprise/administer/distributed-search/9.4/deploy-search-head-clustering/deploy-a-search-head-cluster), [Deploy secure passwords across multiple servers](https://help.splunk.com/en/splunk-enterprise/administer/manage-users-and-security/9.4/install-splunk-enterprise-securely/deploy-secure-passwords-across-multiple-servers) and [Set a security key for the search head cluster](https://help.splunk.com/splunk-enterprise/administer/distributed-search/9.4/configure-search-head-clustering/set-a-security-key-for-the-search-head-cluster#id_2c54937a_736c_47b5_9485_67e9e390acfa__Set_a_security_key_for_the_search_head_cluster) for more information."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@cisco.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 3.1,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2025-0709",
"source": "psirt@cisco.com"
}
]
}

26
CVE-2025/CVE-2025-20xx/CVE-2025-2012.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2012",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2025-03-11T21:15:52.333",
"lastModified": "2025-03-11T21:15:52.333",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:07:42.763",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ashlar:cobalt:1204.91:*:*:*:*:*:*:*",
"matchCriteriaId": "47708251-9E70-456F-97CB-B2C56139A2E8"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-119/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
}
]
}

26
CVE-2025/CVE-2025-20xx/CVE-2025-2013.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2013",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2025-03-11T21:15:52.473",
"lastModified": "2025-03-11T21:15:52.473",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:07:29.557",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ashlar:cobalt:1204.91:*:*:*:*:*:*:*",
"matchCriteriaId": "47708251-9E70-456F-97CB-B2C56139A2E8"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-120/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
}
]
}

26
CVE-2025/CVE-2025-20xx/CVE-2025-2014.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2014",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2025-03-11T21:15:52.613",
"lastModified": "2025-03-11T21:15:52.613",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:07:22.490",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ashlar:cobalt:1204.91:*:*:*:*:*:*:*",
"matchCriteriaId": "47708251-9E70-456F-97CB-B2C56139A2E8"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-115/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
}
]
}

26
CVE-2025/CVE-2025-20xx/CVE-2025-2015.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2015",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2025-03-11T21:15:52.763",
"lastModified": "2025-03-11T21:15:52.763",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:07:15.140",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ashlar:cobalt:1204.91:*:*:*:*:*:*:*",
"matchCriteriaId": "47708251-9E70-456F-97CB-B2C56139A2E8"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-116/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
}
]
}

26
CVE-2025/CVE-2025-20xx/CVE-2025-2016.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2016",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2025-03-11T21:15:52.903",
"lastModified": "2025-03-11T21:15:52.903",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:07:07.803",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ashlar:cobalt:1204.91:*:*:*:*:*:*:*",
"matchCriteriaId": "47708251-9E70-456F-97CB-B2C56139A2E8"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-117/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
}
]
}

26
CVE-2025/CVE-2025-20xx/CVE-2025-2017.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2017",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2025-03-11T21:15:53.050",
"lastModified": "2025-03-11T21:15:53.050",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:06:51.850",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ashlar:cobalt:1204.91:*:*:*:*:*:*:*",
"matchCriteriaId": "47708251-9E70-456F-97CB-B2C56139A2E8"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-121/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
}
]
}

26
CVE-2025/CVE-2025-20xx/CVE-2025-2018.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2018",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2025-03-11T21:15:53.197",
"lastModified": "2025-03-11T21:15:53.197",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:07:00.470",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ashlar:cobalt:1204.91:*:*:*:*:*:*:*",
"matchCriteriaId": "47708251-9E70-456F-97CB-B2C56139A2E8"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-118/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
}
]
}

26
CVE-2025/CVE-2025-20xx/CVE-2025-2019.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2019",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2025-03-11T21:15:53.337",
"lastModified": "2025-03-11T21:15:53.337",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:06:43.540",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ashlar:cobalt:1204.91:*:*:*:*:*:*:*",
"matchCriteriaId": "47708251-9E70-456F-97CB-B2C56139A2E8"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-123/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
}
]
}

26
CVE-2025/CVE-2025-20xx/CVE-2025-2020.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2020",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2025-03-11T21:15:53.477",
"lastModified": "2025-03-11T21:15:53.477",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:06:35.070",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ashlar:cobalt:1204.91:*:*:*:*:*:*:*",
"matchCriteriaId": "47708251-9E70-456F-97CB-B2C56139A2E8"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-124/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
}
]
}

26
CVE-2025/CVE-2025-20xx/CVE-2025-2021.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2021",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2025-03-11T21:15:53.613",
"lastModified": "2025-03-11T21:15:53.613",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:06:26.740",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ashlar:cobalt:1204.91:*:*:*:*:*:*:*",
"matchCriteriaId": "47708251-9E70-456F-97CB-B2C56139A2E8"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-125/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
}
]
}

26
CVE-2025/CVE-2025-20xx/CVE-2025-2022.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2022",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2025-03-11T21:15:53.750",
"lastModified": "2025-03-11T21:15:53.750",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:06:20.173",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ashlar:cobalt:1204.91:*:*:*:*:*:*:*",
"matchCriteriaId": "47708251-9E70-456F-97CB-B2C56139A2E8"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-126/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
}
]
}

26
CVE-2025/CVE-2025-20xx/CVE-2025-2023.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2023",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2025-03-11T21:15:53.890",
"lastModified": "2025-03-11T21:15:53.890",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:06:12.043",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ashlar:cobalt:1204.91:*:*:*:*:*:*:*",
"matchCriteriaId": "47708251-9E70-456F-97CB-B2C56139A2E8"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-122/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
}
]
}

45
CVE-2025/CVE-2025-20xx/CVE-2025-2040.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2040",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-06T20:15:38.920",
"lastModified": "2025-03-06T20:15:38.920",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:29:28.303",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -124,22 +124,55 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:iocoder:ruoyi-vue-pro:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB46FEB-B911-4BC0-A4CF-12093B6D44A3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/uglory-gll/javasec/blob/main/ruoyi-vue-pro.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.298783",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.298783",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.512574",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

142
CVE-2025/CVE-2025-211xx/CVE-2025-21191.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-21191",
"sourceIdentifier": "secure@microsoft.com",
"published": "2025-04-08T18:15:44.857",
"lastModified": "2025-04-09T20:03:01.577",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:57:42.343",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,146 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20978",
"matchCriteriaId": "575117BF-9A1E-4B90-85D8-4172A58B3B72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20978",
"matchCriteriaId": "B3B4804C-685B-4F37-92DE-CE73D1B106B4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.7969",
"matchCriteriaId": "474622F8-06D4-4AD1-8D72-A674909A7634"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.7969",
"matchCriteriaId": "559D55D4-2BF2-4B8F-90CA-C6B885334A3E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.17763.7136",
"matchCriteriaId": "13A4A79D-8D45-48FA-84F5-CE1A78E8E424"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.7136",
"matchCriteriaId": "03AB53EC-354E-4F30-A278-2835CA341503"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19044.5737",
"matchCriteriaId": "2ACCA6F4-C140-4B2E-93FF-1B9DC093E831"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.5737",
"matchCriteriaId": "09E0970D-79B9-40D9-BFFF-25EE5A686B04"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.5189",
"matchCriteriaId": "640C45C8-83C3-4BBC-9176-705BEAA80E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22631.5189",
"matchCriteriaId": "4CE9402D-6417-4F82-909A-D89C06C98794"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.26100.3775",
"matchCriteriaId": "ED4B5FB3-A574-4DA6-9A43-0950B121CC92"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.7969",
"matchCriteriaId": "6A232AB6-1EC5-44E7-AB75-0EB9A5A63259"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.7136",
"matchCriteriaId": "D2941A94-927C-4393-B2A0-4630F03B8B3A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.3453",
"matchCriteriaId": "52706BEC-E3D6-4188-BB88-7078FE4AF970"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.25398.1551",
"matchCriteriaId": "0DA8E1E4-0C78-4ADC-9490-4A608D8601FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.26100.3775",
"matchCriteriaId": "99601356-2DEE-482F-BCBC-A5C7D92D2D74"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21191",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
}
]
}

14
CVE-2025/CVE-2025-245xx/CVE-2025-24508.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-24508",
"sourceIdentifier": "secure@symantec.com",
"published": "2025-07-07T05:15:41.547",
"lastModified": "2025-07-07T05:15:41.547",
"lastModified": "2025-07-07T18:15:26.950",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -35,6 +35,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-522"
}
]
}
],
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35904",

43
CVE-2025/CVE-2025-256xx/CVE-2025-25680.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-25680",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-11T16:15:17.413",
"lastModified": "2025-03-21T21:15:36.390",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:16:05.933",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,49 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lsc:ptz_dual_band_camera_firmware:7.6.32:*:*:*:*:*:*:*",
"matchCriteriaId": "C153E8CC-264A-43A9-BAA9-657CE3478A05"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lsc:ptz_dual_band_camera:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A092D3D-3880-4188-9460-D05EEBA44BDF"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Yasha-ops/LSC_Indoor_PTZ_Camera-RCE",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://github.com/Yasha-ops/vulnerability-research/tree/master/CVE-2025-25680",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

31
CVE-2025/CVE-2025-257xx/CVE-2025-25763.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-25763",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-06T21:15:15.020",
"lastModified": "2025-03-07T20:15:38.180",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:20:03.030",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:crmeb:crmeb:5.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C49D0219-6D6E-4EAF-9ED5-D640899D5CB3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/J-0k3r/CVE-2025-25763",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://github.com/J-0k3r/sql/blob/main/sql.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
}
]
}

31
CVE-2025/CVE-2025-259xx/CVE-2025-25928.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-25928",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-11T20:15:17.247",
"lastModified": "2025-03-17T19:15:26.397",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:14:16.003",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openmrs:openmrs:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A56041E6-B05D-4867-82CD-880E51904EF7"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/johnchd/CVEs/blob/main/OpenMRS/CVE-2025-25928%20-%20CSRF%20PrivEsc.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "https://github.com/johnchd/CVEs/blob/main/OpenMRS/CVE-2025-25928%20-%20CSRF%20PrivEsc.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

31
CVE-2025/CVE-2025-259xx/CVE-2025-25929.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-25929",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-11T20:15:17.377",
"lastModified": "2025-03-12T16:15:23.767",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:16:37.203",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openmrs:openmrs:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A56041E6-B05D-4867-82CD-880E51904EF7"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/johnchd/CVEs/blob/main/OpenMRS/CVE-2025-25929%20-%20R-XSS.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "https://github.com/johnchd/CVEs/blob/main/OpenMRS/CVE-2025-25929%20-%20R-XSS.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

31
CVE-2025/CVE-2025-262xx/CVE-2025-26206.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-26206",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-03T19:15:35.507",
"lastModified": "2025-03-04T17:15:18.487",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:28:22.110",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:selldone:storefront:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "82FC2ECF-9DE2-4EF5-A8B8-818F1FA2B24B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/selldone/storefront/blob/main/index.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "https://github.com/xibhi/CVE-2025-26206",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

37
CVE-2025/CVE-2025-263xx/CVE-2025-26320.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-26320",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-04T16:15:40.240",
"lastModified": "2025-03-05T19:15:39.173",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:27:03.617",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,18 +51,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:t0mer:broadlinkmanager:*:*:*:*:*:*:*:*",
"versionEndIncluding": "5.9.1",
"matchCriteriaId": "670A48A2-69EA-4981-9830-C5BCD7411013"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/BaranTeyin1/vulnerability-research/tree/main/CVE-2025-26320",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/t0mer/broadlinkmanager-docker",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/t0mer/broadlinkmanager-docker/blob/master/broadlinkmanager/broadlinkmanager.py#L639-L657",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

8
CVE-2025/CVE-2025-266xx/CVE-2025-26645.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-26645",
"sourceIdentifier": "secure@microsoft.com",
"published": "2025-03-11T17:16:44.200",
"lastModified": "2025-07-07T17:48:56.897",
"lastModified": "2025-07-07T18:47:48.037",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -192,9 +192,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:remote_desktop:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "1.2.6017.0",
"matchCriteriaId": "F39323C4-C48F-4CAA-9E6B-31041B347686"
"criteria": "cpe:2.3:a:microsoft:remote_desktop_client:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "1.2.6017",
"matchCriteriaId": "98243CED-D25B-4F36-A101-A151A8B4D822"
},
{
"vulnerable": true,

39
CVE-2025/CVE-2025-268xx/CVE-2025-26849.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-26849",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-04T09:15:10.917",
"lastModified": "2025-03-05T04:15:12.367",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:27:52.807",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,18 +51,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:docusnap:docusnap:*:*:*:*:*:*:*:*",
"versionEndIncluding": "13.0.1440.24261",
"matchCriteriaId": "FE2C3471-D450-4C32-AE8A-B9F802D48D9D"
}
]
}
]
}
],
"references": [
{
"url": "https://docs.docusnap.com/en/release-notes/changelog/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.redteam-pentesting.de/en/advisories/rt-sa-2024-012/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.redteam-pentesting.de/en/advisories/rt-sa-2024-012/",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

154
CVE-2025/CVE-2025-274xx/CVE-2025-27487.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-27487",
"sourceIdentifier": "secure@microsoft.com",
"published": "2025-04-08T18:15:59.620",
"lastModified": "2025-04-09T20:03:01.577",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:25:39.683",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -49,12 +49,160 @@
"value": "CWE-122"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:remote_desktop_client:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "1.2.6081",
"matchCriteriaId": "3D6FA2B8-426F-49CB-A3D4-0F04FC454452"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:windows_app:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "2.0.379.0",
"matchCriteriaId": "99E478A3-9700-4B34-AC06-C17FEE2AB4BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20978",
"matchCriteriaId": "575117BF-9A1E-4B90-85D8-4172A58B3B72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20978",
"matchCriteriaId": "B3B4804C-685B-4F37-92DE-CE73D1B106B4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.7969",
"matchCriteriaId": "474622F8-06D4-4AD1-8D72-A674909A7634"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.7969",
"matchCriteriaId": "559D55D4-2BF2-4B8F-90CA-C6B885334A3E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.17763.7136",
"matchCriteriaId": "13A4A79D-8D45-48FA-84F5-CE1A78E8E424"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.7136",
"matchCriteriaId": "03AB53EC-354E-4F30-A278-2835CA341503"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19044.5737",
"matchCriteriaId": "2ACCA6F4-C140-4B2E-93FF-1B9DC093E831"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.5737",
"matchCriteriaId": "09E0970D-79B9-40D9-BFFF-25EE5A686B04"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.5189",
"matchCriteriaId": "640C45C8-83C3-4BBC-9176-705BEAA80E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22631.5189",
"matchCriteriaId": "4CE9402D-6417-4F82-909A-D89C06C98794"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.26100.3775",
"matchCriteriaId": "ED4B5FB3-A574-4DA6-9A43-0950B121CC92"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.7969",
"matchCriteriaId": "6A232AB6-1EC5-44E7-AB75-0EB9A5A63259"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.7136",
"matchCriteriaId": "D2941A94-927C-4393-B2A0-4630F03B8B3A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.3453",
"matchCriteriaId": "52706BEC-E3D6-4188-BB88-7078FE4AF970"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.25398.1551",
"matchCriteriaId": "0DA8E1E4-0C78-4ADC-9490-4A608D8601FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.26100.3775",
"matchCriteriaId": "99601356-2DEE-482F-BCBC-A5C7D92D2D74"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27487",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
}
]
}

144
CVE-2025/CVE-2025-327xx/CVE-2025-32715.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-32715",
"sourceIdentifier": "secure@microsoft.com",
"published": "2025-06-10T17:21:53.943",
"lastModified": "2025-06-12T16:06:39.330",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-07-07T18:26:25.580",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,148 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:remote_desktop_client:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "1.2.6278",
"matchCriteriaId": "4336E7CF-DF89-43BF-8826-9EB13D820596"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:windows_app:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "2.0.505.0",
"matchCriteriaId": "776C2E38-70AC-4B40-BE1A-25EB30ED7D0D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.21034",
"matchCriteriaId": "FCC2974E-F0F4-4F33-9CCE-2CEA45A3AD86"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.21034",
"matchCriteriaId": "A94EDBE2-AAFF-4E9A-A9E5-9B02ADB94471"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.8148",
"matchCriteriaId": "21CF85F1-CE6E-4AA2-B686-20766DB23D46"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.8148",
"matchCriteriaId": "10F0F3D2-00CD-4F52-B31E-DEA656DBD8B3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.17763.7434",
"matchCriteriaId": "F081F99C-6E6A-4AB2-8DE8-6457582D80D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.7434",
"matchCriteriaId": "7D9FCD92-0CED-43D3-87E0-630B80AC1A89"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19044.5965",
"matchCriteriaId": "A5667B11-7E10-4A08-89D2-253D682151C5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.5965",
"matchCriteriaId": "A8CB6E81-62E0-4B19-ADE9-5ADB260CB960"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.5472",
"matchCriteriaId": "FCDDDE2C-0235-4792-905A-DDDF5D346BDC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22631.5472",
"matchCriteriaId": "53835865-3135-4F16-9868-C96D8C5E2BED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.26100.4270",
"matchCriteriaId": "AA78F5F9-AEE3-423B-B82A-9ECEF2BDADF3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.8148",
"matchCriteriaId": "A9B7111D-5C1D-415B-8ED4-F891B4832B18"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.7434",
"matchCriteriaId": "4E77CCA1-2FF6-429B-85A6-81E2B7C6B08F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.3745",
"matchCriteriaId": "889A792E-8809-4A78-AABC-0567D025927A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.25398.1665",
"matchCriteriaId": "537E7AD5-0562-490B-AB16-0805F8865C74"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.26100.4270",
"matchCriteriaId": "BD4BB5C4-1318-4006-9C50-0AED4E0C8A3F"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32715",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
}
]
}

48
CVE-2025/CVE-2025-407xx/CVE-2025-40731.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-40731",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2025-06-30T09:15:24.450",
"lastModified": "2025-06-30T18:38:23.493",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T19:33:55.527",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -59,6 +59,28 @@
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
@ -73,10 +95,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:code-projects:daily_expense_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B4169467-2099-4CB8-A3BD-A9728316E930"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-daily-expense-manager",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

48
CVE-2025/CVE-2025-407xx/CVE-2025-40732.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-40732",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2025-06-30T09:15:25.567",
"lastModified": "2025-06-30T18:38:23.493",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T19:38:33.170",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -59,6 +59,28 @@
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
@ -73,10 +95,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:code-projects:daily_expense_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B4169467-2099-4CB8-A3BD-A9728316E930"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-daily-expense-manager",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

48
CVE-2025/CVE-2025-407xx/CVE-2025-40733.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-40733",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2025-06-30T09:15:25.760",
"lastModified": "2025-06-30T18:38:23.493",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:18:08.400",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -59,6 +59,28 @@
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
@ -73,10 +95,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:code-projects:daily_expense_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B4169467-2099-4CB8-A3BD-A9728316E930"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-daily-expense-manager",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

48
CVE-2025/CVE-2025-407xx/CVE-2025-40734.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-40734",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2025-06-30T09:15:25.947",
"lastModified": "2025-06-30T18:38:23.493",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T18:17:48.017",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -59,6 +59,28 @@
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
@ -73,10 +95,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:code-projects:daily_expense_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B4169467-2099-4CB8-A3BD-A9728316E930"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-daily-expense-manager",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

12
CVE-2025/CVE-2025-472xx/CVE-2025-47227.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-47227",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-07-05T03:15:30.470",
"lastModified": "2025-07-05T03:15:30.470",
"lastModified": "2025-07-07T19:15:22.940",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Production Environment extension in Netmake ScriptCase through 9.12.006 (23), the Administrator password reset mechanism is mishandled. Making both a GET and a POST request to login.php.is sufficient. An unauthenticated attacker can then bypass authentication via administrator account takeover."
},
{
"lang": "es",
"value": "En la extensi\u00f3n del entorno de producci\u00f3n de Netmake ScriptCase hasta la versi\u00f3n 9.12.006 (23), el mecanismo de restablecimiento de contrase\u00f1a de administrador se gestiona incorrectamente. Basta con realizar una solicitud GET y una POST a login.php. Un atacante no autenticado puede entonces eludir la autenticaci\u00f3n mediante la apropiaci\u00f3n de la cuenta de administrador."
}
],
"metrics": {
@ -38,7 +42,7 @@
"weaknesses": [
{
"source": "cve@mitre.org",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -59,6 +63,10 @@
{
"url": "https://www.synacktiv.com/advisories/scriptcase-pre-authenticated-remote-command-execution",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/synacktiv/CVE-2025-47227_CVE-2025-47228",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

12
CVE-2025/CVE-2025-472xx/CVE-2025-47228.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-47228",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-07-05T03:15:30.637",
"lastModified": "2025-07-05T03:15:30.637",
"lastModified": "2025-07-07T19:15:23.100",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Production Environment extension in Netmake ScriptCase through 9.12.006 (23), shell injection in the SSH connection settings allows authenticated attackers to execute system commands via crafted HTTP requests."
},
{
"lang": "es",
"value": "En la extensi\u00f3n del entorno de producci\u00f3n en Netmake ScriptCase hasta la versi\u00f3n 9.12.006 (23), la inyecci\u00f3n de shell en la configuraci\u00f3n de la conexi\u00f3n SSH permite a atacantes autenticados ejecutar comandos del sistema a trav\u00e9s de solicitudes HTTP manipuladas."
}
],
"metrics": {
@ -38,7 +42,7 @@
"weaknesses": [
{
"source": "cve@mitre.org",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -59,6 +63,10 @@
{
"url": "https://www.synacktiv.com/advisories/scriptcase-pre-authenticated-remote-command-execution",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/synacktiv/CVE-2025-47227_CVE-2025-47228",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

37
CVE-2025/CVE-2025-534xx/CVE-2025-53478.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2025-53478",
"sourceIdentifier": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"published": "2025-07-07T19:15:23.290",
"lastModified": "2025-07-07T19:15:23.290",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The CheckUser extension\u2019s Special:Investigate interface is vulnerable to reflected XSS due to improper escaping of certain internationalized system messages rendered on the \u201cIPs and User agents\u201d tab.\n\n\n\n\nThis issue affects Mediawiki - CheckUser extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2."
}
],
"metrics": {},
"weaknesses": [
{
"source": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://gerrit.wikimedia.org/r/q/I3a1e21b6800ff4d813a33ee9fe9b7ccf070b6b2e",
"source": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc"
},
{
"url": "https://phabricator.wikimedia.org/T394692",
"source": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc"
}
]
}

37
CVE-2025/CVE-2025-534xx/CVE-2025-53488.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2025-53488",
"sourceIdentifier": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"published": "2025-07-07T19:15:23.413",
"lastModified": "2025-07-07T19:15:23.413",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - WikiHiero Extension allows Stored XSS.This issue affects Mediawiki - WikiHiero Extension: from 1.43.X before 1.43.2."
}
],
"metrics": {},
"weaknesses": [
{
"source": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/wikihiero/+/1166018",
"source": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc"
},
{
"url": "https://phabricator.wikimedia.org/T396524",
"source": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc"
}
]
}

37
CVE-2025/CVE-2025-534xx/CVE-2025-53495.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2025-53495",
"sourceIdentifier": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"published": "2025-07-07T19:15:23.540",
"lastModified": "2025-07-07T19:15:23.540",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Wikimedia Foundation Mediawiki - AbuseFilter Extension allows Unauthorized Access.This issue affects Mediawiki - AbuseFilter Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2."
}
],
"metrics": {},
"weaknesses": [
{
"source": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/AbuseFilter/+/1166040",
"source": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc"
},
{
"url": "https://phabricator.wikimedia.org/T396750",
"source": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc"
}
]
}

37
CVE-2025/CVE-2025-534xx/CVE-2025-53498.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2025-53498",
"sourceIdentifier": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"published": "2025-07-07T19:15:23.667",
"lastModified": "2025-07-07T19:15:23.667",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": ": Insufficient Logging vulnerability in Wikimedia Foundation Mediawiki - AbuseFilter Extension allows Data Leakage Attacks.This issue affects Mediawiki - AbuseFilter Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2."
}
],
"metrics": {},
"weaknesses": [
{
"source": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-778"
}
]
}
],
"references": [
{
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/AbuseFilter/+/1166844",
"source": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc"
},
{
"url": "https://phabricator.wikimedia.org/T397221",
"source": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc"
}
]
}

37
CVE-2025/CVE-2025-534xx/CVE-2025-53499.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2025-53499",
"sourceIdentifier": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"published": "2025-07-07T19:15:23.787",
"lastModified": "2025-07-07T19:15:23.787",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": ": Missing Authorization vulnerability in Wikimedia Foundation Mediawiki - AbuseFilter Extension allows Unauthorized Access.This issue affects Mediawiki - AbuseFilter Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2."
}
],
"metrics": {},
"weaknesses": [
{
"source": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/AbuseFilter/+/1166045",
"source": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc"
},
{
"url": "https://phabricator.wikimedia.org/T397196",
"source": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc"
}
]
}

78
CVE-2025/CVE-2025-535xx/CVE-2025-53535.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2025-53535",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-07-07T18:15:28.810",
"lastModified": "2025-07-07T18:15:28.810",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Better Auth is an authentication and authorization library for TypeScript. An open redirect has been found in the originCheck middleware function, which affects the following routes: /verify-email, /reset-password/:token, /delete-user/callback, /magic-link/verify, /oauth-proxy-callback. This vulnerability is fixed in 1.2.10."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 2.1,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "PROOF_OF_CONCEPT",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
],
"references": [
{
"url": "https://github.com/better-auth/better-auth/security/advisories/GHSA-36rg-gfq2-3h56",
"source": "security-advisories@github.com"
}
]
}

64
CVE-2025/CVE-2025-535xx/CVE-2025-53536.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2025-53536",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-07-07T18:15:28.980",
"lastModified": "2025-07-07T18:15:28.980",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Roo Code is an AI-powered autonomous coding agent. Prior to 3.22.6, if the victim had \"Write\" auto-approved, an attacker with the ability to submit prompts to the agent could write to VS Code settings files and trigger code execution. There were multiple ways to achieve that. One example is with the php.validate.executablePath setting which lets you set the path for the php executable for syntax validation. The attacker could have written the path to an arbitrary command there and then created a php file to trigger it. This vulnerability is fixed in 3.22.6."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-552"
}
]
}
],
"references": [
{
"url": "https://github.com/RooCodeInc/Roo-Code/commit/1be6fce1a6864ae63e8160b0666db2c647f2dbba",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/RooCodeInc/Roo-Code/commit/3993406ebdc0553a32ef391a799a4fb124930a1c",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/RooCodeInc/Roo-Code/security/advisories/GHSA-3765-5vjr-qjgm",
"source": "security-advisories@github.com"
}
]
}

25
CVE-2025/CVE-2025-60xx/CVE-2025-6044.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2025-6044",
"sourceIdentifier": "7f6e188d-c52a-4a19-8674-3c3fa7d1fc7f",
"published": "2025-07-07T19:15:23.920",
"lastModified": "2025-07-07T19:15:23.920",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Improper Access Control vulnerability in the Stylus Tools component of Google ChromeOS version 16238.64.0 on Lenovo devices allows a physical attacker to bypass the lock screen and access user files by removing the stylus while the device is closed and using the screen capture feature."
}
],
"metrics": {},
"references": [
{
"url": "https://issues.chromium.org/issues/b/421184743",
"source": "7f6e188d-c52a-4a19-8674-3c3fa7d1fc7f"
},
{
"url": "https://issuetracker.google.com/issues/421184743",
"source": "7f6e188d-c52a-4a19-8674-3c3fa7d1fc7f"
}
]
}

18
CVE-2025/CVE-2025-60xx/CVE-2025-6069.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-6069",
"sourceIdentifier": "cna@python.org",
"published": "2025-06-17T14:15:33.677",
"lastModified": "2025-06-17T20:50:23.507",
"lastModified": "2025-07-07T18:15:29.150",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -60,10 +60,26 @@
"url": "https://github.com/python/cpython/commit/6eb6c5dbfb528bd07d77b60fd71fd05d81d45c41",
"source": "cna@python.org"
},
{
"url": "https://github.com/python/cpython/commit/8d1b3dfa09135affbbf27fb8babcf3c11415df49",
"source": "cna@python.org"
},
{
"url": "https://github.com/python/cpython/commit/ab0893fd5c579d9cea30841680e6d35fc478afb5",
"source": "cna@python.org"
},
{
"url": "https://github.com/python/cpython/commit/d851f8e258c7328814943e923a7df81bca15df4b",
"source": "cna@python.org"
},
{
"url": "https://github.com/python/cpython/commit/f3c6f882cddc8dc30320d2e73edf019e201394fc",
"source": "cna@python.org"
},
{
"url": "https://github.com/python/cpython/commit/fdc9d214c01cb4588f540cfa03726bbf2a33fc15",
"source": "cna@python.org"
},
{
"url": "https://github.com/python/cpython/issues/135462",
"source": "cna@python.org"

Some files were not shown because too many files have changed in this diff Show More