Auto-Update: 2025-06-16T10:00:20.163144+00:00

2025-06-19 17:31:42 +00:00 · 2025-06-16 10:03:56 +00:00 · 2025-06-16 10:03:56 +00:00 · 6107668da8
commit 6107668da8
parent 9121a4e13c
15 changed files with 1217 additions and 18 deletions
--- a/CVE-2025/CVE-2025-12xx/CVE-2025-1268.json
+++ b/CVE-2025/CVE-2025-12xx/CVE-2025-1268.json
@ -2,13 +2,13 @@
  "id": "CVE-2025-1268",
  "sourceIdentifier": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
  "published": "2025-03-31T02:15:17.097",
-  "lastModified": "2025-05-09T01:15:49.557",
+  "lastModified": "2025-06-16T09:15:18.870",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
-      "value": "Out-of-bounds vulnerability in EMF Recode processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver / Generic FAX Printer Driver / UFRII LT Printer Driver / CARPS2 Printer Driver"
+      "value": "Out-of-bounds vulnerability in EMF Recode processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver / Generic FAX Printer Driver / UFRII LT Printer Driver / CARPS2 Printer Driver / PDF Driver"
    },
    {
      "lang": "es",
--- a/CVE-2025/CVE-2025-20xx/CVE-2025-2091.json
+++ b/CVE-2025/CVE-2025-20xx/CVE-2025-2091.json
@ -0,0 +1,78 @@
 {
  "id": "CVE-2025-2091",
  "sourceIdentifier": "security@m-files.com",
  "published": "2025-06-16T09:15:19.067",
  "lastModified": "2025-06-16T09:15:19.067",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An open redirection vulnerability in M-Files mobile applications for Android and iOS prior to version 25.6.0 allows attackers to use maliciously crafted PDF files to trick other users into making requests to untrusted URLs."
    }
  ],
  "metrics": {
    "cvssMetricV40": [
      {
        "source": "security@m-files.com",
        "type": "Secondary",
        "cvssData": {
          "version": "4.0",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:M/U:Green",
          "baseScore": 4.8,
          "baseSeverity": "MEDIUM",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "privilegesRequired": "LOW",
          "userInteraction": "ACTIVE",
          "vulnConfidentialityImpact": "LOW",
          "vulnIntegrityImpact": "NONE",
          "vulnAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "subAvailabilityImpact": "NONE",
          "exploitMaturity": "NOT_DEFINED",
          "confidentialityRequirement": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "availabilityRequirement": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "valueDensity": "NOT_DEFINED",
          "vulnerabilityResponseEffort": "MODERATE",
          "providerUrgency": "GREEN"
        }
      }
    ]
  },
  "weaknesses": [
    {
      "source": "security@m-files.com",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-601"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://product.m-files.com/security-advisories/cve-2025-2091",
      "source": "security@m-files.com"
    }
  ]
 }
--- a/CVE-2025/CVE-2025-34xx/CVE-2025-3464.json
+++ b/CVE-2025/CVE-2025-34xx/CVE-2025-3464.json
@ -0,0 +1,82 @@
 {
  "id": "CVE-2025-3464",
  "sourceIdentifier": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1",
  "published": "2025-06-16T09:15:19.233",
  "lastModified": "2025-06-16T09:15:19.233",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A race condition vulnerability exists in Armoury Crate. This vulnerability arises from a Time-of-check Time-of-use issue, potentially leading to authentication bypass.\nRefer to the 'Security Update for Armoury Crate App' section on the ASUS Security Advisory for more information."
    }
  ],
  "metrics": {
    "cvssMetricV40": [
      {
        "source": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1",
        "type": "Secondary",
        "cvssData": {
          "version": "4.0",
          "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:L/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "baseScore": 8.4,
          "baseSeverity": "HIGH",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "vulnConfidentialityImpact": "LOW",
          "vulnIntegrityImpact": "HIGH",
          "vulnAvailabilityImpact": "HIGH",
          "subConfidentialityImpact": "LOW",
          "subIntegrityImpact": "HIGH",
          "subAvailabilityImpact": "HIGH",
          "exploitMaturity": "NOT_DEFINED",
          "confidentialityRequirement": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "availabilityRequirement": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "valueDensity": "NOT_DEFINED",
          "vulnerabilityResponseEffort": "NOT_DEFINED",
          "providerUrgency": "NOT_DEFINED"
        }
      }
    ]
  },
  "weaknesses": [
    {
      "source": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-367"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-2150",
      "source": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1"
    },
    {
      "url": "https://www.asus.com/content/asus-product-security-advisory/",
      "source": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1"
    }
  ]
 }
--- a/CVE-2025/CVE-2025-407xx/CVE-2025-40726.json
+++ b/CVE-2025/CVE-2025-407xx/CVE-2025-40726.json
@ -0,0 +1,78 @@
 {
  "id": "CVE-2025-40726",
  "sourceIdentifier": "cve-coordination@incibe.es",
  "published": "2025-06-16T09:15:19.427",
  "lastModified": "2025-06-16T09:15:19.427",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Reflected Cross-Site Scripting (XSS) vulnerability in /pages/search-results-page in Nosto, which allows remote attackers to execute arbitrary code via the q GET request parameter."
    }
  ],
  "metrics": {
    "cvssMetricV40": [
      {
        "source": "cve-coordination@incibe.es",
        "type": "Secondary",
        "cvssData": {
          "version": "4.0",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "baseScore": 5.1,
          "baseSeverity": "MEDIUM",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "privilegesRequired": "NONE",
          "userInteraction": "ACTIVE",
          "vulnConfidentialityImpact": "NONE",
          "vulnIntegrityImpact": "NONE",
          "vulnAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "LOW",
          "subIntegrityImpact": "LOW",
          "subAvailabilityImpact": "NONE",
          "exploitMaturity": "NOT_DEFINED",
          "confidentialityRequirement": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "availabilityRequirement": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "valueDensity": "NOT_DEFINED",
          "vulnerabilityResponseEffort": "NOT_DEFINED",
          "providerUrgency": "NOT_DEFINED"
        }
      }
    ]
  },
  "weaknesses": [
    {
      "source": "cve-coordination@incibe.es",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/cross-site-scripting-xss-reflected-nosto",
      "source": "cve-coordination@incibe.es"
    }
  ]
 }
--- a/CVE-2025/CVE-2025-407xx/CVE-2025-40727.json
+++ b/CVE-2025/CVE-2025-407xx/CVE-2025-40727.json
@ -0,0 +1,78 @@
 {
  "id": "CVE-2025-40727",
  "sourceIdentifier": "cve-coordination@incibe.es",
  "published": "2025-06-16T09:15:19.587",
  "lastModified": "2025-06-16T09:15:19.587",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A Reflected Cross Site Scripting (XSS) vulnerability was found in '/search'\u00a0in Phoenix Site CMS from Phoenix, which allows remote attackers to execute arbitrary code via 's'\u00a0GET parameter."
    }
  ],
  "metrics": {
    "cvssMetricV40": [
      {
        "source": "cve-coordination@incibe.es",
        "type": "Secondary",
        "cvssData": {
          "version": "4.0",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "baseScore": 5.1,
          "baseSeverity": "MEDIUM",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "privilegesRequired": "NONE",
          "userInteraction": "ACTIVE",
          "vulnConfidentialityImpact": "NONE",
          "vulnIntegrityImpact": "NONE",
          "vulnAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "LOW",
          "subIntegrityImpact": "LOW",
          "subAvailabilityImpact": "NONE",
          "exploitMaturity": "NOT_DEFINED",
          "confidentialityRequirement": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "availabilityRequirement": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "valueDensity": "NOT_DEFINED",
          "vulnerabilityResponseEffort": "NOT_DEFINED",
          "providerUrgency": "NOT_DEFINED"
        }
      }
    ]
  },
  "weaknesses": [
    {
      "source": "cve-coordination@incibe.es",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/reflected-cross-site-scripting-xss-phoenix-cms",
      "source": "cve-coordination@incibe.es"
    }
  ]
 }
--- a/CVE-2025/CVE-2025-407xx/CVE-2025-40728.json
+++ b/CVE-2025/CVE-2025-407xx/CVE-2025-40728.json
@ -0,0 +1,78 @@
 {
  "id": "CVE-2025-40728",
  "sourceIdentifier": "cve-coordination@incibe.es",
  "published": "2025-06-16T09:15:19.733",
  "lastModified": "2025-06-16T09:15:19.733",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "SQL injection vulnerability in Customer Support System v1.0. This vulnerability allows an authenticated attacker to retrieve, create, update and delete databases via the id parameter in the /customer_support/manage_user.php endpoint."
    }
  ],
  "metrics": {
    "cvssMetricV40": [
      {
        "source": "cve-coordination@incibe.es",
        "type": "Secondary",
        "cvssData": {
          "version": "4.0",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "baseScore": 8.7,
          "baseSeverity": "HIGH",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "HIGH",
          "vulnAvailabilityImpact": "HIGH",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "subAvailabilityImpact": "NONE",
          "exploitMaturity": "NOT_DEFINED",
          "confidentialityRequirement": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "availabilityRequirement": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "valueDensity": "NOT_DEFINED",
          "vulnerabilityResponseEffort": "NOT_DEFINED",
          "providerUrgency": "NOT_DEFINED"
        }
      }
    ]
  },
  "weaknesses": [
    {
      "source": "cve-coordination@incibe.es",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-89"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-customer-support-system",
      "source": "cve-coordination@incibe.es"
    }
  ]
 }
--- a/CVE-2025/CVE-2025-407xx/CVE-2025-40729.json
+++ b/CVE-2025/CVE-2025-407xx/CVE-2025-40729.json
@ -0,0 +1,78 @@
 {
  "id": "CVE-2025-40729",
  "sourceIdentifier": "cve-coordination@incibe.es",
  "published": "2025-06-16T09:15:19.873",
  "lastModified": "2025-06-16T09:15:19.873",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Reflected Cross-Site Scripting (XSS) in /customer_support/index.php in Customer Support System v1.0, which allows remote attackers to execute arbitrary code via the page parameter."
    }
  ],
  "metrics": {
    "cvssMetricV40": [
      {
        "source": "cve-coordination@incibe.es",
        "type": "Secondary",
        "cvssData": {
          "version": "4.0",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "baseScore": 4.8,
          "baseSeverity": "MEDIUM",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "privilegesRequired": "LOW",
          "userInteraction": "ACTIVE",
          "vulnConfidentialityImpact": "NONE",
          "vulnIntegrityImpact": "NONE",
          "vulnAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "LOW",
          "subIntegrityImpact": "LOW",
          "subAvailabilityImpact": "NONE",
          "exploitMaturity": "NOT_DEFINED",
          "confidentialityRequirement": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "availabilityRequirement": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "valueDensity": "NOT_DEFINED",
          "vulnerabilityResponseEffort": "NOT_DEFINED",
          "providerUrgency": "NOT_DEFINED"
        }
      }
    ]
  },
  "weaknesses": [
    {
      "source": "cve-coordination@incibe.es",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-customer-support-system",
      "source": "cve-coordination@incibe.es"
    }
  ]
 }
--- a/CVE-2025/CVE-2025-49xx/CVE-2025-4987.json
+++ b/CVE-2025/CVE-2025-49xx/CVE-2025-4987.json
@ -0,0 +1,60 @@
 {
  "id": "CVE-2025-4987",
  "sourceIdentifier": "3DS.Information-Security@3ds.com",
  "published": "2025-06-16T08:15:18.787",
  "lastModified": "2025-06-16T08:15:18.787",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A stored Cross-site Scripting (XSS) vulnerability affecting Opportunity Management in Project Portfolio Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de Cross-site Scripting (XSS) almacenado que afecta a Opportunity Management en Project Portfolio Manager desde la versi\u00f3n 3DEXPERIENCE R2023x hasta la versi\u00f3n 3DEXPERIENCE R2025x permite que un atacante ejecute c\u00f3digo de script arbitrario en la sesi\u00f3n del navegador del usuario."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "3DS.Information-Security@3ds.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
          "baseScore": 8.7,
          "baseSeverity": "HIGH",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "REQUIRED",
          "scope": "CHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "NONE"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 5.8
      }
    ]
  },
  "weaknesses": [
    {
      "source": "3DS.Information-Security@3ds.com",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.3ds.com/vulnerability/advisories",
      "source": "3DS.Information-Security@3ds.com"
    }
  ]
 }
--- a/CVE-2025/CVE-2025-61xx/CVE-2025-6112.json
+++ b/CVE-2025/CVE-2025-61xx/CVE-2025-6112.json
@ -0,0 +1,149 @@
 {
  "id": "CVE-2025-6112",
  "sourceIdentifier": "cna@vuldb.com",
  "published": "2025-06-16T08:15:20.010",
  "lastModified": "2025-06-16T08:15:20.010",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability, which was classified as critical, has been found in Tenda FH1205 2.0.0.7. This issue affects the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
    },
    {
      "lang": "es",
      "value": "Se ha detectado una vulnerabilidad clasificada como cr\u00edtica en Tenda FH1205 2.0.0.7. Este problema afecta a la funci\u00f3n fromadvsetlanip del archivo /goform/AdvSetLanip. La manipulaci\u00f3n del argumento lanMask provoca un desbordamiento del b\u00fafer. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado."
    }
  ],
  "metrics": {
    "cvssMetricV40": [
      {
        "source": "cna@vuldb.com",
        "type": "Secondary",
        "cvssData": {
          "version": "4.0",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "HIGH",
          "vulnAvailabilityImpact": "HIGH",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "subAvailabilityImpact": "NONE",
          "exploitMaturity": "PROOF_OF_CONCEPT",
          "confidentialityRequirement": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "availabilityRequirement": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "valueDensity": "NOT_DEFINED",
          "vulnerabilityResponseEffort": "NOT_DEFINED",
          "providerUrgency": "NOT_DEFINED"
        }
      }
    ],
    "cvssMetricV31": [
      {
        "source": "cna@vuldb.com",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9
      }
    ],
    "cvssMetricV2": [
      {
        "source": "cna@vuldb.com",
        "type": "Secondary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "baseScore": 9.0,
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "SINGLE",
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "availabilityImpact": "COMPLETE"
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "cna@vuldb.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        },
        {
          "lang": "en",
          "value": "CWE-120"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://lavender-bicycle-a5a.notion.site/Tenda-FH1205-fromadvsetlanip-20b53a41781f80bf850ff39f88ad7f2b?source=copy_link",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://vuldb.com/?ctiid.312581",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://vuldb.com/?id.312581",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://vuldb.com/?submit.592472",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://www.tenda.com.cn/",
      "source": "cna@vuldb.com"
    }
  ]
 }
--- a/CVE-2025/CVE-2025-61xx/CVE-2025-6113.json
+++ b/CVE-2025/CVE-2025-61xx/CVE-2025-6113.json
@ -0,0 +1,149 @@
 {
  "id": "CVE-2025-6113",
  "sourceIdentifier": "cna@vuldb.com",
  "published": "2025-06-16T08:15:20.227",
  "lastModified": "2025-06-16T08:15:20.227",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability, which was classified as critical, was found in Tenda FH1203 2.0.1.6. Affected is the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
    },
    {
      "lang": "es",
      "value": "Se encontr\u00f3 una vulnerabilidad clasificada como cr\u00edtica en Tenda FH1203 2.0.1.6. La funci\u00f3n fromadvsetlanip del archivo /goform/AdvSetLanip se ve afectada. La manipulaci\u00f3n del argumento lanMask provoca un desbordamiento del b\u00fafer. Es posible ejecutar el ataque de forma remota. Se ha hecho p\u00fablico el exploit y puede que sea utilizado."
    }
  ],
  "metrics": {
    "cvssMetricV40": [
      {
        "source": "cna@vuldb.com",
        "type": "Secondary",
        "cvssData": {
          "version": "4.0",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "HIGH",
          "vulnAvailabilityImpact": "HIGH",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "subAvailabilityImpact": "NONE",
          "exploitMaturity": "PROOF_OF_CONCEPT",
          "confidentialityRequirement": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "availabilityRequirement": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "valueDensity": "NOT_DEFINED",
          "vulnerabilityResponseEffort": "NOT_DEFINED",
          "providerUrgency": "NOT_DEFINED"
        }
      }
    ],
    "cvssMetricV31": [
      {
        "source": "cna@vuldb.com",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9
      }
    ],
    "cvssMetricV2": [
      {
        "source": "cna@vuldb.com",
        "type": "Secondary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "baseScore": 9.0,
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "SINGLE",
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "availabilityImpact": "COMPLETE"
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "cna@vuldb.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        },
        {
          "lang": "en",
          "value": "CWE-120"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://lavender-bicycle-a5a.notion.site/Tenda-FH1203-fromadvsetlanip-20b53a41781f8070bc65ffadd1ed6bf1?source=copy_link",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://vuldb.com/?ctiid.312582",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://vuldb.com/?id.312582",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://vuldb.com/?submit.592478",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://www.tenda.com.cn/",
      "source": "cna@vuldb.com"
    }
  ]
 }
--- a/CVE-2025/CVE-2025-61xx/CVE-2025-6114.json
+++ b/CVE-2025/CVE-2025-61xx/CVE-2025-6114.json
@ -0,0 +1,156 @@
 {
  "id": "CVE-2025-6114",
  "sourceIdentifier": "cna@vuldb.com",
  "published": "2025-06-16T09:15:20.013",
  "lastModified": "2025-06-16T09:15:20.013",
  "vulnStatus": "Received",
  "cveTags": [
    {
      "sourceIdentifier": "cna@vuldb.com",
      "tags": [
        "unsupported-when-assigned"
      ]
    }
  ],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been found in D-Link DIR-619L 2.06B01 and classified as critical. Affected by this vulnerability is the function form_portforwarding of the file /goform/form_portforwarding. The manipulation of the argument ingress_name_%d/sched_name_%d/name_%d leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer."
    }
  ],
  "metrics": {
    "cvssMetricV40": [
      {
        "source": "cna@vuldb.com",
        "type": "Secondary",
        "cvssData": {
          "version": "4.0",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "HIGH",
          "vulnAvailabilityImpact": "HIGH",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "subAvailabilityImpact": "NONE",
          "exploitMaturity": "PROOF_OF_CONCEPT",
          "confidentialityRequirement": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "availabilityRequirement": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "valueDensity": "NOT_DEFINED",
          "vulnerabilityResponseEffort": "NOT_DEFINED",
          "providerUrgency": "NOT_DEFINED"
        }
      }
    ],
    "cvssMetricV31": [
      {
        "source": "cna@vuldb.com",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9
      }
    ],
    "cvssMetricV2": [
      {
        "source": "cna@vuldb.com",
        "type": "Secondary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "baseScore": 9.0,
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "SINGLE",
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "availabilityImpact": "COMPLETE"
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "cna@vuldb.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        },
        {
          "lang": "en",
          "value": "CWE-121"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link6/vuln_60/60.md",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link6/vuln_60/60.md#poc",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://vuldb.com/?ctiid.312583",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://vuldb.com/?id.312583",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://vuldb.com/?submit.592568",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://www.dlink.com/",
      "source": "cna@vuldb.com"
    }
  ]
 }
--- a/CVE-2025/CVE-2025-61xx/CVE-2025-6115.json
+++ b/CVE-2025/CVE-2025-61xx/CVE-2025-6115.json
@ -0,0 +1,156 @@
 {
  "id": "CVE-2025-6115",
  "sourceIdentifier": "cna@vuldb.com",
  "published": "2025-06-16T09:15:20.300",
  "lastModified": "2025-06-16T09:15:20.300",
  "vulnStatus": "Received",
  "cveTags": [
    {
      "sourceIdentifier": "cna@vuldb.com",
      "tags": [
        "unsupported-when-assigned"
      ]
    }
  ],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability was found in D-Link DIR-619L 2.06B01 and classified as critical. Affected by this issue is the function form_macfilter. The manipulation of the argument mac_hostname_%d/sched_name_%d leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer."
    }
  ],
  "metrics": {
    "cvssMetricV40": [
      {
        "source": "cna@vuldb.com",
        "type": "Secondary",
        "cvssData": {
          "version": "4.0",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "HIGH",
          "vulnAvailabilityImpact": "HIGH",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "subAvailabilityImpact": "NONE",
          "exploitMaturity": "PROOF_OF_CONCEPT",
          "confidentialityRequirement": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "availabilityRequirement": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "valueDensity": "NOT_DEFINED",
          "vulnerabilityResponseEffort": "NOT_DEFINED",
          "providerUrgency": "NOT_DEFINED"
        }
      }
    ],
    "cvssMetricV31": [
      {
        "source": "cna@vuldb.com",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9
      }
    ],
    "cvssMetricV2": [
      {
        "source": "cna@vuldb.com",
        "type": "Secondary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "baseScore": 9.0,
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "SINGLE",
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "availabilityImpact": "COMPLETE"
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "cna@vuldb.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        },
        {
          "lang": "en",
          "value": "CWE-121"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link6/vuln_62/62.md",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link6/vuln_62/62.md#poc",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://vuldb.com/?ctiid.312584",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://vuldb.com/?id.312584",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://vuldb.com/?submit.592570",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://www.dlink.com/",
      "source": "cna@vuldb.com"
    }
  ]
 }
--- a/CVE-2025/CVE-2025-61xx/CVE-2025-6172.json
+++ b/CVE-2025/CVE-2025-61xx/CVE-2025-6172.json
@ -0,0 +1,37 @@
 {
  "id": "CVE-2025-6172",
  "sourceIdentifier": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea",
  "published": "2025-06-16T09:15:20.493",
  "lastModified": "2025-06-16T09:15:20.493",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Permission vulnerability in the mobile application (com.afmobi.boomplayer) may lead to the risk of unauthorized operation."
    }
  ],
  "metrics": {},
  "weaknesses": [
    {
      "source": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://security.tecno.com/SRC/blogdetail/424?lang=en_US",
      "source": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea"
    },
    {
      "url": "https://security.tecno.com/SRC/securityUpdates",
      "source": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea"
    }
  ]
 }
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 ```plain
-2025-06-16T08:00:20.611770+00:00
+2025-06-16T10:00:20.163144+00:00
 ```
 ### Most recent CVE Modification Timestamp synchronized with NVD
 ```plain
-2025-06-16T07:15:20.077000+00:00
+2025-06-16T09:15:20.493000+00:00
 ```
 ### Last Data Feed Release
@ -33,24 +33,32 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 ```plain
-297985
+297997
 ```
 ### CVEs added in the last Commit
-Recently added CVEs: `5`
+Recently added CVEs: `12`
- [CVE-2025-6108](CVE-2025/CVE-2025-61xx/CVE-2025-6108.json) (`2025-06-16T06:15:18.307`)
+- [CVE-2025-2091](CVE-2025/CVE-2025-20xx/CVE-2025-2091.json) (`2025-06-16T09:15:19.067`)
- [CVE-2025-6109](CVE-2025/CVE-2025-61xx/CVE-2025-6109.json) (`2025-06-16T06:15:20.213`)
+- [CVE-2025-3464](CVE-2025/CVE-2025-34xx/CVE-2025-3464.json) (`2025-06-16T09:15:19.233`)
- [CVE-2025-6110](CVE-2025/CVE-2025-61xx/CVE-2025-6110.json) (`2025-06-16T07:15:18.373`)
+- [CVE-2025-40726](CVE-2025/CVE-2025-407xx/CVE-2025-40726.json) (`2025-06-16T09:15:19.427`)
- [CVE-2025-6111](CVE-2025/CVE-2025-61xx/CVE-2025-6111.json) (`2025-06-16T07:15:19.870`)
+- [CVE-2025-40727](CVE-2025/CVE-2025-407xx/CVE-2025-40727.json) (`2025-06-16T09:15:19.587`)
- [CVE-2025-6169](CVE-2025/CVE-2025-61xx/CVE-2025-6169.json) (`2025-06-16T07:15:20.077`)
+- [CVE-2025-40728](CVE-2025/CVE-2025-407xx/CVE-2025-40728.json) (`2025-06-16T09:15:19.733`)
 - [CVE-2025-40729](CVE-2025/CVE-2025-407xx/CVE-2025-40729.json) (`2025-06-16T09:15:19.873`)
 - [CVE-2025-4987](CVE-2025/CVE-2025-49xx/CVE-2025-4987.json) (`2025-06-16T08:15:18.787`)
 - [CVE-2025-6112](CVE-2025/CVE-2025-61xx/CVE-2025-6112.json) (`2025-06-16T08:15:20.010`)
 - [CVE-2025-6113](CVE-2025/CVE-2025-61xx/CVE-2025-6113.json) (`2025-06-16T08:15:20.227`)
 - [CVE-2025-6114](CVE-2025/CVE-2025-61xx/CVE-2025-6114.json) (`2025-06-16T09:15:20.013`)
 - [CVE-2025-6115](CVE-2025/CVE-2025-61xx/CVE-2025-6115.json) (`2025-06-16T09:15:20.300`)
 - [CVE-2025-6172](CVE-2025/CVE-2025-61xx/CVE-2025-6172.json) (`2025-06-16T09:15:20.493`)
 ### CVEs modified in the last Commit
-Recently modified CVEs: `0`
+Recently modified CVEs: `1`
 - [CVE-2025-1268](CVE-2025/CVE-2025-12xx/CVE-2025-1268.json) (`2025-06-16T09:15:18.870`)
 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -283418,7 +283418,7 @@ CVE-2025-1264,0,0,28c40552206eb9f5a0b03a9cca8beeb7d7df89ca0a5becb5749e460941f9fd
 CVE-2025-1265,0,0,bc018ef071fadf7e153cbb8aa96a03eb4bac560d27730ea77e8eae7baedae9e8,2025-02-20T20:15:46.537000
 CVE-2025-1266,0,0,4994c9c1e87b7dedc2dce4e0a436027ae116cf2eed8bcb3d9cc4ca13f9be4407,2025-03-13T22:15:14.907000
 CVE-2025-1267,0,0,8185c9604ff0d1aa86b9cea920d82bd8037570ce9b9b7776f5513234b5775eda,2025-04-01T20:26:11.547000
-CVE-2025-1268,0,0,24b31e8e7b6c23a12032a9eed037cd3c1ba639197e51a5064cf5bd995e47ac18,2025-05-09T01:15:49.557000
+CVE-2025-1268,0,1,b26cb2e3f9391aa1deea3c60085ffe6961c8fdb9f9fd34bf05939dcfc884b2c4,2025-06-16T09:15:18.870000
 CVE-2025-1269,0,0,3d8990f3f321bb84afc5ce31cc37206b4dfeae7b9639d4320eceb6f39d26cfbc,2025-02-18T14:15:28.513000
 CVE-2025-1270,0,0,a0fba4bca59afda304bf8335640266a3acf6a1624640bee675db51d94e9fc436,2025-02-13T13:15:09.273000
 CVE-2025-1271,0,0,0359319eae8a142a0720b34e58c3d3808902c47ddd06a524c0e8a18f2f2f366a,2025-02-13T13:15:09.433000
@ -284387,6 +284387,7 @@ CVE-2025-20906,0,0,227b94242ada97f5f1b38d2297103a593c8ae5078c64d6e33b6eecd693ed4
 CVE-2025-20907,0,0,379c340eb54b31b9cb5f71668b76a83cd25f313f0ca982b642024600b12637ce,2025-02-12T13:49:49.460000
 CVE-2025-20908,0,0,576d0c932c62fad7894b616fe95f3b3030f52a9c25cc8141c044406a0e0a7fc0,2025-03-06T05:15:17.150000
 CVE-2025-20909,0,0,661128f74b5e1570cc0c738206adeffe7913c3464aea431885d2b5b77ff6aec8,2025-03-06T05:15:17.307000
 CVE-2025-2091,1,1,1100ba577be997cc84f23a5d8de969b9672830c14158077dbaea0ab8a2fe46cb,2025-06-16T09:15:19.067000
 CVE-2025-20910,0,0,8eeef360bd8ee8e6ea808c95de07cab8422342433bb9ea5f3273d310585c156c,2025-03-06T05:15:17.480000
 CVE-2025-20911,0,0,48bf673220f74bc55aa347d4893646bb5408aef810bd43f32e472aa676cc2420,2025-03-06T05:15:17.653000
 CVE-2025-20912,0,0,f7767b1d03f69e82598a74f1eeca9546a2bd4c871a4556075c66e1b7bf13c7d1,2025-03-06T05:15:17.860000
@ -293303,6 +293304,7 @@ CVE-2025-3460,0,0,a6918e85be5e4f2f6bd8b4089f3f654f6c5d78ba27d378dcd7c473c63506e9
 CVE-2025-3461,0,0,b711842f3138044403b9c62c870e92a946a81dbd27b6e170abe8935ae6232ced,2025-06-09T19:15:24.923000
 CVE-2025-3462,0,0,96a08229937a9712440a065f7abf8858b2712ba35f45d182986e12e301979bf4,2025-05-12T17:32:52.810000
 CVE-2025-3463,0,0,b9c293fc915bcaaa130da553f49fb5680a86dfb762948cd4b867acf35ebae4a2,2025-05-12T17:32:52.810000
 CVE-2025-3464,1,1,f761b82c82eea0b93334397438eaaecbc92df6f30dac7cf49538babc36a751ec,2025-06-16T09:15:19.233000
 CVE-2025-3468,0,0,136950783d88ce0e5a3cbb5efc9cbb24284feffc83746ee503e38c1107465276,2025-06-04T22:54:54.960000
 CVE-2025-3469,0,0,4bca5426f9919f93dad9a4b1c330f34d47eacab0082cc9b29903729bbc139092,2025-04-11T15:39:52.920000
 CVE-2025-3470,0,0,19aa6171d68cb7df7c1f3be18d7bfe917a85b5b7f1d5f3673d31726045a39093,2025-04-15T18:39:27.967000
@ -294446,6 +294448,10 @@ CVE-2025-4069,0,0,72c3e148c8cf8c4d5070733c3b3e33573ee47e1d4dc46e158ed5117d25968f
 CVE-2025-4070,0,0,95239c8a358b05c88e31535f0df25ceb69331749309a950b338783db56336302,2025-05-09T13:50:22.543000
 CVE-2025-4071,0,0,68547b4133937980d039f29a0abcfa60e8d56aeeed72b73dfe6880158fc5f6a5,2025-05-09T13:51:10.523000
 CVE-2025-4072,0,0,d0cf8b7d2285b873c553b1cc40373ece79b00a96b5dd7782b5277899efb2c1fa,2025-05-09T13:51:19.130000
 CVE-2025-40726,1,1,1af41231384f6012aa660a6b373a378c828e9aa5b462b91f2ba4a3ed87c37abf,2025-06-16T09:15:19.427000
 CVE-2025-40727,1,1,667d0fac5d54ea5f12a9fe24fa479f6d4ec4f4b9185a88f1e1a0a20a286abf68,2025-06-16T09:15:19.587000
 CVE-2025-40728,1,1,29460beadecfc1574da29cb5197853ba6bce1dc9e59afa3f271b244b5bd94337,2025-06-16T09:15:19.733000
 CVE-2025-40729,1,1,528214f9324db9bf5c792911946cf1201b36e8ae55ed53e8fe291198902d9f87,2025-06-16T09:15:19.873000
 CVE-2025-4073,0,0,5b07f84aef869ff97a5846e761decacb25d1866933f52ae6973131cfce282ea0,2025-05-09T13:51:33.337000
 CVE-2025-4074,0,0,67c949a36ba05d695588494a1af59c90dcd6f218e799b578e62cc10508e92154,2025-05-09T13:49:25.337000
 CVE-2025-4075,0,0,980439803ac2a564a1211ca7907d1f8cd24fb9992986c85d77b9d15e9738b3a9,2025-05-02T13:53:40.163000
@ -297224,6 +297230,7 @@ CVE-2025-4983,0,0,8b53f9fcac717498609c6596ba194e3872474340efe5891a55ff7cfbe70e31
 CVE-2025-4984,0,0,8011ca13e469a81f6afb4511e42cccafc7f5c3edf7ae8617debc1cb5fd406589,2025-05-30T16:31:03.107000
 CVE-2025-4985,0,0,88151f8f37213547b95261cc34f75717fde2a8ef982c36b2d93a8904176e3178,2025-05-30T16:31:03.107000
 CVE-2025-4986,0,0,0d635bfcd5ea7157ed48c7c5f6511d7b519fc07571e2245e906f4237ec28c07f,2025-05-30T16:31:03.107000
 CVE-2025-4987,1,1,5b8d996ac86b68ca9a947df5c0b2ea6fdecb4a2fdee697d3645bfd8856c947f8,2025-06-16T08:15:18.787000
 CVE-2025-4988,0,0,a7c799add205e04161903a2f90e2fafc16c75a5a4daac88e051c1af2ef20204f,2025-05-30T16:31:03.107000
 CVE-2025-4989,0,0,74686f3d4372e905fa27c624734660eade1cfc1a7c1d6b7d7fe07ac62f07c46a,2025-05-30T16:31:03.107000
 CVE-2025-4990,0,0,11128ad236ff0bbb6407ba12ca704aae39e79d15ca91d8e93c05e36bda39beb6,2025-05-30T16:31:03.107000
@ -297979,8 +297986,13 @@ CVE-2025-6104,0,0,0cb7244bf5516eff0aeb918019c1c01c252e2c8f9668748e11e4f5949a28ce
 CVE-2025-6105,0,0,95455d7ad96d623493f9a04af561f7163ab23de7bcc3da8e2d0c194f7ccdffe7,2025-06-16T05:15:26.567000
 CVE-2025-6106,0,0,f589e4d7b42d39ac74b1bc16b1d178d36ca8a28013e2d2cd9d2d4c7dbe82b409,2025-06-16T05:15:26.920000
 CVE-2025-6107,0,0,8b1b32c2f9a6580d0fc229f7e78ec0090e13aa7e7b3db84c16c06e8dd928ca71,2025-06-16T05:15:27.160000
-CVE-2025-6108,1,1,052486f7c1a2ef350fec9a9a6b4942ddfdbdfaeab96c5024acc201259a6d80d7,2025-06-16T06:15:18.307000
+CVE-2025-6108,0,0,052486f7c1a2ef350fec9a9a6b4942ddfdbdfaeab96c5024acc201259a6d80d7,2025-06-16T06:15:18.307000
-CVE-2025-6109,1,1,456d88ea582e7752c5f08127d0fea44abd14ec99dc45815323479e72f75d3e52,2025-06-16T06:15:20.213000
+CVE-2025-6109,0,0,456d88ea582e7752c5f08127d0fea44abd14ec99dc45815323479e72f75d3e52,2025-06-16T06:15:20.213000
-CVE-2025-6110,1,1,2868c073105f9241d86db7e941b5f58d3804a06756b846893d91e77093b6acde,2025-06-16T07:15:18.373000
+CVE-2025-6110,0,0,2868c073105f9241d86db7e941b5f58d3804a06756b846893d91e77093b6acde,2025-06-16T07:15:18.373000
-CVE-2025-6111,1,1,828492d35f46af5f4bd617fbf9695a7354eeabafa01bcbe1aecb08dbc8200b6d,2025-06-16T07:15:19.870000
+CVE-2025-6111,0,0,828492d35f46af5f4bd617fbf9695a7354eeabafa01bcbe1aecb08dbc8200b6d,2025-06-16T07:15:19.870000
-CVE-2025-6169,1,1,ac06daff660839c238a07ac6aebf260af42d84f3956ac01d7a286965b2162754,2025-06-16T07:15:20.077000
+CVE-2025-6112,1,1,03192921fcb3ce4b573c976cde60b3298c837468da8da701519d4ad029a6e0e6,2025-06-16T08:15:20.010000
 CVE-2025-6113,1,1,c228ada00f832720a15995e7d0fadbc924d7d4afc603f57e382f08aa1623a1a9,2025-06-16T08:15:20.227000
 CVE-2025-6114,1,1,227f4fe7537286c6d9a129b77082eb62e5e9bd47bc0aabd1a43e8f1f3aaa38da,2025-06-16T09:15:20.013000
 CVE-2025-6115,1,1,32bbc5cdf3c9f9122ab43d4c3b5bb801120d95e215918d847e6d845ba16a808c,2025-06-16T09:15:20.300000
 CVE-2025-6169,0,0,ac06daff660839c238a07ac6aebf260af42d84f3956ac01d7a286965b2162754,2025-06-16T07:15:20.077000
 CVE-2025-6172,1,1,342c6cc2700d8cffe114ebae7fb0f638875c5b55bb4327392295802843114037,2025-06-16T09:15:20.493000