admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-02-14T19:00:20.699668+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-02-14 19:03:49 +00:00
parent 0f51e9fcb0
commit 64df5a0a18
94 changed files with 5026 additions and 500 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
CVE-2020/CVE-2020-205xx/CVE-2020-20522.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-20522",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-04T15:15:07.967",
"lastModified": "2024-11-21T05:12:07.843",
"lastModified": "2025-02-14T17:15:09.990",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2020/CVE-2020-209xx/CVE-2020-20915.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-20915",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-04T15:15:08.077",
"lastModified": "2024-11-21T05:12:18.663",
"lastModified": "2025-02-14T17:15:11.087",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2020/CVE-2020-232xx/CVE-2020-23260.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-23260",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-04T15:15:08.373",
"lastModified": "2024-11-21T05:13:41.360",
"lastModified": "2025-02-14T18:15:18.170",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2020/CVE-2020-233xx/CVE-2020-23327.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-23327",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-04T15:15:08.413",
"lastModified": "2024-11-21T05:13:45.137",
"lastModified": "2025-02-14T18:15:19.153",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2020/CVE-2020-293xx/CVE-2020-29312.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-29312",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-04T15:15:08.457",
"lastModified": "2024-11-21T05:23:53.797",
"lastModified": "2025-02-14T18:15:19.360",
"vulnStatus": "Modified",
"cveTags": [
{
@ -39,6 +39,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -52,6 +72,16 @@
"value": "CWE-502"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-282xx/CVE-2021-28235.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-28235",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-04T15:15:08.507",
"lastModified": "2024-11-21T05:59:22.957",
"lastModified": "2025-02-14T18:15:19.620",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-287"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-317xx/CVE-2021-31707.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-31707",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-04T15:15:08.547",
"lastModified": "2024-11-21T06:06:08.610",
"lastModified": "2025-02-14T18:15:19.870",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-434"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-32xx/CVE-2021-3267.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-3267",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-04T15:15:08.587",
"lastModified": "2024-11-21T06:21:11.180",
"lastModified": "2025-02-14T18:15:21.857",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-434"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [

24
CVE-2021/CVE-2021-393xx/CVE-2021-39350.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-39350",
"sourceIdentifier": "security@wordfence.com",
"published": "2021-10-06T16:15:07.427",
"lastModified": "2024-11-21T06:19:22.673",
"lastModified": "2025-02-14T18:15:21.170",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2
}
],
"cvssMetricV2": [
@ -67,7 +87,7 @@
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

32
CVE-2022/CVE-2022-482xx/CVE-2022-48223.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-48223",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-04T16:15:07.187",
"lastModified": "2024-11-21T07:32:59.567",
"lastModified": "2025-02-14T18:15:22.503",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-427"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-482xx/CVE-2022-48224.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-48224",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-04T16:15:07.230",
"lastModified": "2024-11-21T07:32:59.707",
"lastModified": "2025-02-14T18:15:22.703",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-427"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-482xx/CVE-2022-48225.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-48225",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-04T15:15:08.757",
"lastModified": "2024-11-21T07:32:59.857",
"lastModified": "2025-02-14T18:15:22.903",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-427"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-482xx/CVE-2022-48228.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-48228",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-04T15:15:08.830",
"lastModified": "2024-11-21T07:33:00.293",
"lastModified": "2025-02-14T17:15:12.873",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-532"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-08xx/CVE-2023-0820.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0820",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-04-03T15:15:18.920",
"lastModified": "2024-11-21T07:37:54.033",
"lastModified": "2025-02-14T17:15:13.047",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,9 +32,41 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [

32
CVE-2023/CVE-2023-11xx/CVE-2023-1124.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-1124",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-04-03T15:15:18.970",
"lastModified": "2024-11-21T07:38:30.237",
"lastModified": "2025-02-14T17:15:13.237",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-552"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-13xx/CVE-2023-1330.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-1330",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-04-03T15:15:19.023",
"lastModified": "2024-11-21T07:38:58.333",
"lastModified": "2025-02-14T17:15:13.420",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,9 +32,41 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [

32
CVE-2023/CVE-2023-270xx/CVE-2023-27089.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-27089",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-04T18:15:07.000",
"lastModified": "2024-11-21T07:52:18.070",
"lastModified": "2025-02-14T17:15:13.770",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 5.3
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:H",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.3,
"impactScore": 5.3
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-270xx/CVE-2023-27091.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-27091",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-04T18:15:07.043",
"lastModified": "2024-11-21T07:52:18.373",
"lastModified": "2025-02-14T18:15:23.107",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-287"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-277xx/CVE-2023-27734.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-27734",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-04T15:15:09.223",
"lastModified": "2024-11-21T07:53:24.310",
"lastModified": "2025-02-14T17:15:14.047",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-277xx/CVE-2023-27759.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-27759",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-04T15:15:09.260",
"lastModified": "2024-11-21T07:53:26.090",
"lastModified": "2025-02-14T17:15:14.240",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-426"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-426"
}
]
}
],
"configurations": [

43
CVE-2023/CVE-2023-343xx/CVE-2023-34397.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2023-34397",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-13T22:15:10.470",
"lastModified": "2025-02-13T22:15:10.470",
"lastModified": "2025-02-14T17:15:14.477",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Mercedes Benz head-unit NTG 6 contains functions to import or export profile settings over USB. During parsing you can trigger that the service will be crashed."
},
{
"lang": "es",
"value": "La unidad principal Mercedes Benz NTG 6 contiene funciones para importar o exportar configuraciones de perfil a trav\u00e9s de USB. Durante el an\u00e1lisis, puede provocar que el servicio se bloquee."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://securelist.com/mercedes-benz-head-unit-security-research/115218/",

43
CVE-2023/CVE-2023-343xx/CVE-2023-34398.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2023-34398",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-13T22:15:10.603",
"lastModified": "2025-02-13T22:15:10.603",
"lastModified": "2025-02-14T17:15:14.640",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Some values of this table are serialized archive according boost library. The boost library contains a vulnerability/null pointer dereference."
},
{
"lang": "es",
"value": "La unidad principal Mercedes-Benz NTG6 contiene funciones para importar o exportar configuraciones de perfil a trav\u00e9s de USB. Algunos valores de esta tabla son archivos serializados seg\u00fan la librer\u00eda Boost. La librer\u00eda Boost contiene una vulnerabilidad/desreferencia de puntero nulo."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://securelist.com/mercedes-benz-head-unit-security-research/115218/",

43
CVE-2023/CVE-2023-343xx/CVE-2023-34399.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2023-34399",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-13T22:15:10.730",
"lastModified": "2025-02-13T22:15:10.730",
"lastModified": "2025-02-14T17:15:14.790",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Some values of this table are serialized archive according boost library. The version of boost library contains vulnerability integer overflow."
},
{
"lang": "es",
"value": "La unidad principal Mercedes-Benz NTG6 contiene funciones para importar o exportar configuraciones de perfil a trav\u00e9s de USB. Algunos valores de esta tabla se archivan en serie seg\u00fan la librer\u00eda Boost. La versi\u00f3n de la librer\u00eda Boost contiene una vulnerabilidad de desbordamiento de enteros."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://securelist.com/mercedes-benz-head-unit-security-research/115218/",

43
CVE-2023/CVE-2023-344xx/CVE-2023-34400.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2023-34400",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-13T22:15:10.847",
"lastModified": "2025-02-13T22:15:10.847",
"lastModified": "2025-02-14T17:15:14.933",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. In case of parsing file, service try to define header inside the file and convert it to null-terminated string. If character is missed, will return null pointer."
},
{
"lang": "es",
"value": "La unidad principal Mercedes-Benz NTG6 contiene funciones para importar o exportar configuraciones de perfil a trav\u00e9s de USB. En caso de analizar un archivo, el servicio intenta definir el encabezado dentro del archivo y lo convierte en una cadena con terminaci\u00f3n nula. Si falta alg\u00fan car\u00e1cter, devolver\u00e1 un puntero nulo."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://securelist.com/mercedes-benz-head-unit-security-research/115218/",

39
CVE-2023/CVE-2023-344xx/CVE-2023-34402.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-34402",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-13T23:15:09.337",
"lastModified": "2025-02-13T23:15:09.337",
"lastModified": "2025-02-14T17:15:15.087",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -11,7 +11,42 @@
"value": "Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Inside file is encapsulate another file, which service will drop during processing. Due to missed checks, attacker can achieve Arbitrary File Write with service speech rights."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://securelist.com/mercedes-benz-head-unit-security-research/115218/",

100
CVE-2023/CVE-2023-476xx/CVE-2023-47634.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47634",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-29T01:41:28.370",
"lastModified": "2024-11-21T08:30:34.400",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-14T17:29:55.400",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.6,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 3.1,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4
}
]
},
@ -49,40 +69,100 @@
"value": "CWE-362"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:decidim:decidim:*:*:*:*:*:ruby:*:*",
"versionStartIncluding": "0.10.0",
"versionEndExcluding": "0.26.9",
"matchCriteriaId": "C8A5D343-1E37-498D-B248-667017D2600D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:decidim:decidim:*:*:*:*:*:ruby:*:*",
"versionStartIncluding": "0.27.0",
"versionEndExcluding": "0.27.5",
"matchCriteriaId": "38FDE900-4C89-45E3-821E-BF6F2A69C587"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/decidim/decidim/releases/tag/v0.26.9",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/decidim/decidim/releases/tag/v0.27.5",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/decidim/decidim/releases/tag/v0.28.0",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/decidim/decidim/security/advisories/GHSA-r275-j57c-7mf2",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/decidim/decidim/releases/tag/v0.26.9",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/decidim/decidim/releases/tag/v0.27.5",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/decidim/decidim/releases/tag/v0.28.0",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/decidim/decidim/security/advisories/GHSA-r275-j57c-7mf2",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

90
CVE-2023/CVE-2023-499xx/CVE-2023-49930.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-49930",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-29T01:41:40.070",
"lastModified": "2024-11-21T08:34:01.560",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-14T17:22:40.723",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,103 @@
"value": "Se descubri\u00f3 un problema en Couchbase Server antes de la versi\u00f3n 7.2.4. Las llamadas cURL a /diag/eval no est\u00e1n suficientemente restringidas."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:couchbase:couchbase_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.1.5",
"versionEndExcluding": "7.2.4",
"matchCriteriaId": "E41023F0-1568-478D-B3F2-1360493BDF52"
}
]
}
]
}
],
"references": [
{
"url": "https://docs.couchbase.com/server/current/release-notes/relnotes.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://forums.couchbase.com/tags/security",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://www.couchbase.com/alerts/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://docs.couchbase.com/server/current/release-notes/relnotes.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://forums.couchbase.com/tags/security",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://www.couchbase.com/alerts/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

79
CVE-2023/CVE-2023-506xx/CVE-2023-50658.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50658",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-29T01:42:01.123",
"lastModified": "2024-11-21T08:37:07.667",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-14T17:23:19.307",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,88 @@
"value": "El componente jose2go anterior a 1.6.0 para Go permite a los atacantes provocar una denegaci\u00f3n de servicio (consumo de CPU) a trav\u00e9s de un valor grande de p2c (tambi\u00e9n conocido como PBES2 Count)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dvsekhvalnov:jose2go:*:*:*:*:*:go:*:*",
"versionEndExcluding": "1.6.0",
"matchCriteriaId": "D9A0EDCB-6B6C-4778-B480-9234DC9CDDB9"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/dvsekhvalnov/jose2go/commit/a4584e9dd7128608fedbc67892eba9697f0d5317",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/dvsekhvalnov/jose2go/compare/v1.5.0...v1.6.0",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/dvsekhvalnov/jose2go/commit/a4584e9dd7128608fedbc67892eba9697f0d5317",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/dvsekhvalnov/jose2go/compare/v1.5.0...v1.6.0",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

27
CVE-2024/CVE-2024-134xx/CVE-2024-13493.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-13493",
"sourceIdentifier": "contact@wpscan.com",
"published": "2025-02-14T06:15:19.740",
"lastModified": "2025-02-14T06:15:19.740",
"lastModified": "2025-02-14T17:15:15.230",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -11,7 +11,30 @@
"value": "The Sensly Online Presence WordPress plugin through 0.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://wpscan.com/vulnerability/dfbdd474-92e5-422b-a185-e441a6014557/",

61
CVE-2024/CVE-2024-14xx/CVE-2024-1470.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1470",
"sourceIdentifier": "security@opentext.com",
"published": "2024-02-29T01:43:51.340",
"lastModified": "2024-11-21T08:50:39.117",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-14T17:24:17.347",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 4.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,16 +69,49 @@
"value": "CWE-639"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-639"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netiq:client_login_extension:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AA557833-E2CA-4A2F-8BE7-6DDECFB75E78"
}
]
}
]
}
],
"references": [
{
"url": "https://portal.microfocus.com/s/article/KM000026667?language=en_US",
"source": "security@opentext.com"
"source": "security@opentext.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://portal.microfocus.com/s/article/KM000026667?language=en_US",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

71
CVE-2024/CVE-2024-17xx/CVE-2024-1722.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1722",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-02-29T01:43:54.010",
"lastModified": "2024-11-21T08:51:09.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-14T17:24:40.253",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.2,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -49,24 +69,63 @@
"value": "CWE-645"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:keycloak:23.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C704B9AC-0A6C-4EF1-AA3E-48A2295E9B14"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2024-1722",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265389",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-1722",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265389",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
]
}
]
}

69
CVE-2024/CVE-2024-18xx/CVE-2024-1898.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1898",
"sourceIdentifier": "security@devolutions.net",
"published": "2024-03-05T22:15:47.020",
"lastModified": "2024-11-21T08:51:33.203",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-14T17:27:43.750",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,74 @@
"value": "El control de acceso inadecuado en la funci\u00f3n de notificaci\u00f3n en Devolutions Server 2023.3.14.0 y versiones anteriores permite que un usuario con pocos privilegios cambie la configuraci\u00f3n de notificaciones configurada por un administrador."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:devolutions:devolutions_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2024.1.0",
"matchCriteriaId": "0144432E-807A-489D-BD21-7EF4E5AF163F"
}
]
}
]
}
],
"references": [
{
"url": "https://devolutions.net/security/advisories/DEVO-2024-0002",
"source": "security@devolutions.net"
"source": "security@devolutions.net",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://devolutions.net/security/advisories/DEVO-2024-0002",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

63
CVE-2024/CVE-2024-208xx/CVE-2024-20829.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20829",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2024-03-05T05:15:08.703",
"lastModified": "2024-11-21T08:53:14.077",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-14T17:27:10.980",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,17 +36,72 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samsung:internet:24.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4BBA3BAB-572B-4A0E-9678-C727BFEA040F"
}
]
}
]
}
],
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=03",
"source": "mobile.security@samsung.com"
"source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=03",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

109
CVE-2024/CVE-2024-208xx/CVE-2024-20840.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20840",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2024-03-05T05:15:12.363",
"lastModified": "2024-11-21T08:53:15.390",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-14T17:27:27.583",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,17 +36,118 @@
},
"exploitabilityScore": 0.5,
"impactScore": 5.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 2.4,
"baseSeverity": "LOW",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samsung:voice_recorder:*:*:*:*:*:*:*:*",
"versionEndExcluding": "21.5.16.01",
"matchCriteriaId": "E0E061AA-A319-428F-A9B7-8D492BC35968"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samsung:voice_recorder:*:*:*:*:*:*:*:*",
"versionEndExcluding": "21.4.51.02",
"matchCriteriaId": "702AF91C-B029-406C-B4B3-2B9649D293BA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D"
}
]
}
]
}
],
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=03",
"source": "mobile.security@samsung.com"
"source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=03",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

64
CVE-2024/CVE-2024-208xx/CVE-2024-20841.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20841",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2024-03-05T05:15:12.717",
"lastModified": "2024-11-21T08:53:15.503",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-14T17:27:35.187",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,17 +36,73 @@
},
"exploitabilityScore": 2.5,
"impactScore": 2.5
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samsung:account:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.8.00.3",
"matchCriteriaId": "D3C0E7F2-1223-4F14-96EE-2494022A1D76"
}
]
}
]
}
],
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=03",
"source": "mobile.security@samsung.com"
"source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=03",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

82
CVE-2024/CVE-2024-217xx/CVE-2024-21724.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21724",
"sourceIdentifier": "security@joomla.org",
"published": "2024-02-29T01:44:03.773",
"lastModified": "2024-11-21T08:54:52.573",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-14T17:24:52.837",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,7 +15,30 @@
"value": "La validaci\u00f3n de entrada inadecuada para los campos de selecci\u00f3n de medios genera vulnerabilidades XSS en varias extensiones."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@joomla.org",
@ -26,16 +49,65 @@
"value": "CWE-79"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.6.0",
"versionEndExcluding": "3.10.15",
"matchCriteriaId": "7FE0CA04-2613-48B3-8CB3-E114E549F81D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.0",
"versionEndExcluding": "4.4.3",
"matchCriteriaId": "4CE95A6B-EFBA-4A53-839A-E13864511CEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0.0",
"versionEndExcluding": "5.0.3",
"matchCriteriaId": "448756BA-E10C-4587-A54B-AD8B81EEF150"
}
]
}
]
}
],
"references": [
{
"url": "https://developer.joomla.org/security-centre/927-20240203-core-xss-in-media-selection-fields.html",
"source": "security@joomla.org"
"source": "security@joomla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://developer.joomla.org/security-centre/927-20240203-core-xss-in-media-selection-fields.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-21xx/CVE-2024-2127.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2127",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-07T20:15:50.913",
"lastModified": "2024-11-21T09:09:05.233",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-14T17:28:36.937",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,25 +36,87 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pagelayer:pagelayer:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.8.4",
"matchCriteriaId": "EAA02C4F-7135-406C-8B21-6DDDAF3AB1C8"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3045444%40pagelayer&new=3045444%40pagelayer&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/98bff131-dee2-4549-9167-69dc3f8d6b9d?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3045444%40pagelayer&new=3045444%40pagelayer&sfp_email=&sfph_mail=",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/98bff131-dee2-4549-9167-69dc3f8d6b9d?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

71
CVE-2024/CVE-2024-25xx/CVE-2024-2517.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2517",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-03-16T12:15:15.630",
"lastModified": "2024-11-21T09:09:55.400",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-14T17:00:42.847",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -76,30 +96,65 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:magesh-k21:online-college-event-hall-reservation-system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "02B406BB-6ED0-4CC0-B1A1-AE670E825BF1"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Blind%20SQL%20Injection%20-%20book_history.php.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://vuldb.com/?ctiid.256954",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.256954",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Blind%20SQL%20Injection%20-%20book_history.php.md",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
},
{
"url": "https://vuldb.com/?ctiid.256954",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.256954",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

95
CVE-2024/CVE-2024-261xx/CVE-2024-26131.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26131",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-29T01:44:17.740",
"lastModified": "2024-11-21T09:01:59.880",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-14T17:25:08.840",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.5,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -53,40 +73,95 @@
"value": "CWE-940"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:element:element:*:*:*:*:*:android:*:*",
"versionStartIncluding": "1.4.3",
"versionEndExcluding": "1.6.12",
"matchCriteriaId": "AD8D6757-CCAD-4C76-B321-68892E7CE2A2"
}
]
}
]
}
],
"references": [
{
"url": "https://element.io/blog/security-release-element-android-1-6-12",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/element-hq/element-android/commit/53734255ec270b0814946350787393dfcaa2a5a9",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/element-hq/element-android/security/advisories/GHSA-j6pr-fpc8-q9vm",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://support.google.com/faqs/answer/9267555?hl=en",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Technical Description"
]
},
{
"url": "https://element.io/blog/security-release-element-android-1-6-12",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/element-hq/element-android/commit/53734255ec270b0814946350787393dfcaa2a5a9",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/element-hq/element-android/security/advisories/GHSA-j6pr-fpc8-q9vm",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://support.google.com/faqs/answer/9267555?hl=en",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description"
]
}
]
}

85
CVE-2024/CVE-2024-261xx/CVE-2024-26132.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26132",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-29T01:44:17.917",
"lastModified": "2024-11-21T09:02:00.017",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-14T17:25:32.967",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.5,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
@ -49,32 +69,81 @@
"value": "CWE-200"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:element:element:*:*:*:*:*:android:*:*",
"versionStartIncluding": "0.91.0",
"versionEndExcluding": "1.6.12",
"matchCriteriaId": "9117F4CD-15B9-43F8-B15C-465C20F0C849"
}
]
}
]
}
],
"references": [
{
"url": "https://element.io/blog/security-release-element-android-1-6-12",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/element-hq/element-android/commit/8f9695a9a8d944cb9b92568cbd76578c51d32e07",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/element-hq/element-android/security/advisories/GHSA-8wj9-cx7h-pvm4",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://element.io/blog/security-release-element-android-1-6-12",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Release Notes"
]
},
{
"url": "https://github.com/element-hq/element-android/commit/8f9695a9a8d944cb9b92568cbd76578c51d32e07",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/element-hq/element-android/security/advisories/GHSA-8wj9-cx7h-pvm4",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

189
CVE-2024/CVE-2024-264xx/CVE-2024-26462.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26462",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-29T01:44:18.857",
"lastModified": "2024-11-21T09:02:27.010",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-14T17:29:03.303",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,198 @@
"value": "Kerberos 5 (tambi\u00e9n conocido como krb5) 1.21.2 contiene una vulnerabilidad de p\u00e9rdida de memoria en /krb5/src/kdc/ndr.c."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mit:kerberos_5:1.21.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F95920FF-DDA8-4D74-9CFE-81FCD071031D"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:cloud_volumes_ontap_mediator:-:*:*:*:*:*:*:*",
"matchCriteriaId": "280AA828-6FA9-4260-8EC1-019423B966E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:management_services_for_element_software_and_netapp_hci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDAC85F0-93AF-4BE3-AE1A-8ADAF1CDF9AB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7CF3019-975D-40BB-A8A4-894E62BD3797"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:h610c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89612649-BACF-4FAC-9BA4-324724FD93A6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netapp:h610c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D9B255-C1AF-42D1-BF9B-13642FBDC080"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD7CFE0E-9D1E-4495-B302-89C3096FC0DF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F63A3FA7-AAED-4A9D-9FDE-6195302DA0F6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:h615c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5921A877-18BF-43FE-915C-D226E140ACFC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netapp:h615c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7296A1F2-D315-4FD5-8A73-65C480C855BE"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_3.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20240415-0012/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_3.md",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20240415-0012/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

78
CVE-2024/CVE-2024-32xx/CVE-2024-3220.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2024-3220",
"sourceIdentifier": "cna@python.org",
"published": "2025-02-14T17:15:15.567",
"lastModified": "2025-02-14T17:15:15.567",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a defect in the CPython standard library module \u201cmimetypes\u201d where on Windows the default list of known file locations are writable meaning other users can create invalid files to cause MemoryError to be raised on Python runtime startup or have file extensions be interpreted as the incorrect file type.\n\nThis defect is caused by the default locations of Linux and macOS platforms (such as \u201c/etc/mime.types\u201d) also being used on Windows, where they are user-writable locations (\u201cC:\\etc\\mime.types\u201d).\n\nTo work-around this issue a user can call mimetypes.init() with an empty list (\u201c[]\u201d) on Windows platforms to avoid using the default list of known file locations."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@python.org",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 2.3,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "cna@python.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-426"
}
]
}
],
"references": [
{
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/CDXW34ND2LSAOYAR5N6UNONP4ZBX4D6R/",
"source": "cna@python.org"
}
]
}

14
CVE-2024/CVE-2024-376xx/CVE-2024-37602.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-37602",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-13T23:15:10.197",
"lastModified": "2025-02-13T23:15:10.197",
"lastModified": "2025-02-14T17:15:15.447",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -35,6 +35,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [
{
"url": "https://securelist.com/mercedes-benz-head-unit-security-research/115218/",

45
CVE-2024/CVE-2024-469xx/CVE-2024-46922.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-46922",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-12T22:15:39.230",
"lastModified": "2025-02-12T22:15:39.230",
"vulnStatus": "Received",
"lastModified": "2025-02-14T18:15:23.333",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The absence of a null check leads to a Denial of Service at amdgpu_cs_parser_bos in the Xclipse Driver."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en Samsung Mobile Processor Exynos 1480 y 2400. La ausencia de una verificaci\u00f3n nula conduce a una denegaci\u00f3n de servicio en amdgpu_cs_parser_bos en Xclipse Driver."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/",

45
CVE-2024/CVE-2024-469xx/CVE-2024-46923.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-46923",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-12T22:15:39.347",
"lastModified": "2025-02-12T22:15:39.347",
"vulnStatus": "Received",
"lastModified": "2025-02-14T18:15:23.530",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400. The absence of a null check leads to a Denial of Service at amdgpu_cs_ib_fill in the Xclipse Driver."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en Samsung Mobile Processor Exynos 2200, 1480 y 2400. La ausencia de una verificaci\u00f3n nula genera una denegaci\u00f3n de servicio en amdgpu_cs_ib_fill en Xclipse Driver."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/",

45
CVE-2024/CVE-2024-511xx/CVE-2024-51122.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-51122",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-12T22:15:39.603",
"lastModified": "2025-02-12T22:15:39.603",
"vulnStatus": "Received",
"lastModified": "2025-02-14T17:15:15.717",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability in Zertificon Z1 SecureMail Z1 CertServer v.3.16.4-2516-debian12 alllows a remote attacker to execute arbitrary code via the ST, L, O, OU, CN parameters."
},
{
"lang": "es",
"value": "La vulnerabilidad de Cross Site Scripting en Zertificon Z1 SecureMail Z1 CertServer v.3.16.4-2516-debian12 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de los par\u00e1metros ST, L, O, OU, CN."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/MVRC-ITSEC/CVEs/blob/main/CVE-2024-51122",

45
CVE-2024/CVE-2024-511xx/CVE-2024-51123.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-51123",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-12T22:15:39.717",
"lastModified": "2025-02-12T22:15:39.717",
"vulnStatus": "Received",
"lastModified": "2025-02-14T17:15:15.880",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in Zertificon Z1 SecureMail Z1 SecureMail Gateway 4.44.2-7240-debian12 allows a remote attacker to obtain sensitive information via the /compose-pdf.xhtml?convid=[id] component."
},
{
"lang": "es",
"value": "Un problema en Zertificon Z1 SecureMail Z1 SecureMail Gateway 4.44.2-7240-debian12 permite que un atacante remoto obtenga informaci\u00f3n confidencial a trav\u00e9s del componente /compose-pdf.xhtml?convid=[id]."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/MVRC-ITSEC/CVEs/blob/main/CVE-2024-51123",

45
CVE-2024/CVE-2024-514xx/CVE-2024-51440.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-51440",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-12T22:15:39.990",
"lastModified": "2025-02-12T22:15:39.990",
"vulnStatus": "Received",
"lastModified": "2025-02-14T17:15:16.040",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in Nothing Tech Nothing OS v.2.6 allows a local attacker to escalate privileges via the NtBpfService component."
},
{
"lang": "es",
"value": "Un problema en Nothing Tech Nothing OS v.2.6 permite que un atacante local escale privilegios a trav\u00e9s del componente NtBpfService."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://sharedobject.blog/posts/nothing-bpf/",

8
CVE-2024/CVE-2024-525xx/CVE-2024-52577.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-52577",
"sourceIdentifier": "security@apache.org",
"published": "2025-02-14T10:15:09.557",
"lastModified": "2025-02-14T10:15:09.557",
"lastModified": "2025-02-14T17:15:16.200",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -60,7 +60,7 @@
"weaknesses": [
{
"source": "security@apache.org",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -73,6 +73,10 @@
{
"url": "https://lists.apache.org/thread/1bst0n27m9kb3b6f6hvlghn182vqb2hh",
"source": "security@apache.org"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/02/14/2",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}

8
CVE-2024/CVE-2024-561xx/CVE-2024-56180.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-56180",
"sourceIdentifier": "security@apache.org",
"published": "2025-02-14T14:15:32.267",
"lastModified": "2025-02-14T14:15:32.267",
"lastModified": "2025-02-14T17:15:16.317",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -15,7 +15,7 @@
"weaknesses": [
{
"source": "security@apache.org",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -28,6 +28,10 @@
{
"url": "https://lists.apache.org/thread/k9fw0t5r7t1vbx53gs8d1r8c54rhx0wd",
"source": "security@apache.org"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/02/14/7",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}

56
CVE-2024/CVE-2024-564xx/CVE-2024-56463.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-56463",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-02-14T17:15:16.420",
"lastModified": "2025-02-14T17:15:16.420",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM QRadar SIEM 7.5 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7183251",
"source": "psirt@us.ibm.com"
}
]
}

45
CVE-2024/CVE-2024-569xx/CVE-2024-56940.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-56940",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-12T22:15:40.643",
"lastModified": "2025-02-12T22:15:40.643",
"vulnStatus": "Received",
"lastModified": "2025-02-14T17:15:16.590",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in the profile image upload function of LearnDash v6.7.1 allows attackers to cause a Denial of Service (DoS) via excessive file uploads."
},
{
"lang": "es",
"value": "Un problema en la funci\u00f3n de carga de im\u00e1genes de perfil de LearnDash v6.7.1 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) mediante cargas excesivas de archivos."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/nikolas-ch/CVEs/tree/main/LearnDash_v6.7.1",

50
CVE-2024/CVE-2024-570xx/CVE-2024-57000.json
View File

@ -2,55 +2,15 @@
"id": "CVE-2024-57000",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-11T23:15:09.337",
"lastModified": "2025-02-12T16:15:42.317",
"vulnStatus": "Received",
"lastModified": "2025-02-14T18:15:23.743",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in Anyscale Inc Ray between v.2.9.3 and v.2.40.0 allows a remote attacker to execute arbitrary code via a crafted script."
"value": "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-48022. Reason: This candidate is a duplicate of CVE-2023-48022. Notes: All CVE users should reference CVE-2023-48022 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://github.com/honysyang/Ray.git",
"source": "cve@mitre.org"
}
]
"metrics": {},
"references": []
}

45
CVE-2024/CVE-2024-576xx/CVE-2024-57601.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-57601",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-12T22:15:40.747",
"lastModified": "2025-02-12T22:15:40.747",
"vulnStatus": "Received",
"lastModified": "2025-02-14T17:15:16.787",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability in Alex Tselegidis EasyAppointments v.1.5.0 allows a remote attacker to execute arbitrary code via the legal_settings parameter."
},
{
"lang": "es",
"value": "La vulnerabilidad de Cross Site Scripting en Alex Tselegidis EasyAppointments v.1.5.0 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s del par\u00e1metro legal_settings."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://hkohi.ca/vulnerability/13",

45
CVE-2024/CVE-2024-576xx/CVE-2024-57604.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-57604",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-12T22:15:41.100",
"lastModified": "2025-02-12T22:15:41.100",
"vulnStatus": "Received",
"lastModified": "2025-02-14T17:15:17.003",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component."
},
{
"lang": "es",
"value": "Un problema en MaysWind ezBookkeeping 0.7.0 permite que un atacante remoto escale privilegios a trav\u00e9s del componente token."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/mayswind/ezbookkeeping/issues/33",

45
CVE-2024/CVE-2024-576xx/CVE-2024-57605.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-57605",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-12T22:15:41.210",
"lastModified": "2025-02-12T22:15:41.210",
"vulnStatus": "Received",
"lastModified": "2025-02-14T17:15:17.230",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability in Daylight Studio Fuel CMS v.1.5.2 allows an attacker to escalate privileges via the /fuel/blocks/ and /fuel/pages components."
},
{
"lang": "es",
"value": "La vulnerabilidad de Cross Site Scripting en Daylight Studio Fuel CMS v.1.5.2 permite a un atacante escalar privilegios a trav\u00e9s de los componentes /fuel/blocks/ y /fuel/pages."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://hkohi.ca/vulnerability/3",

21
CVE-2024/CVE-2024-577xx/CVE-2024-57790.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-57790",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-14T17:15:18.343",
"lastModified": "2025-02-14T17:15:18.343",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IXON B.V. IXrouter IX2400 (Industrial Edge Gateway) v3.0 was discovered to contain hardcoded root credentials stored in the non-volatile flash memory. This vulnerability allows physically proximate attackers to gain root access via UART or SSH."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/rick-cen/vulnerability-research/tree/main/CVE-2024-57790",
"source": "cve@mitre.org"
}
]
}

27
CVE-2024/CVE-2024-70xx/CVE-2024-7052.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-7052",
"sourceIdentifier": "contact@wpscan.com",
"published": "2025-02-14T06:15:20.350",
"lastModified": "2025-02-14T06:15:20.350",
"lastModified": "2025-02-14T17:15:18.480",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -11,7 +11,30 @@
"value": "The Forminator Forms WordPress plugin before 1.38.3 does not sanitise and escape some of its settings, which could allow high privilege users such as Admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://wpscan.com/vulnerability/4e52cab5-821c-4ca8-9024-67f716cf78fe/",

56
CVE-2024/CVE-2024-88xx/CVE-2024-8893.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-8893",
"sourceIdentifier": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158",
"published": "2025-02-14T17:15:18.690",
"lastModified": "2025-02-14T17:15:18.690",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use of Hard-coded Credentials vulnerability in GoodWe Technologies Co., Ltd. GW1500\u2011XS allows anyone in physical proximity to the device to fully access the web interface of the inverter via Wi\u2011Fi.This issue affects GW1500\u2011XS: 1.1.2.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-798"
}
]
}
],
"references": [
{
"url": "https://os-s.net/publications/advisories/CVE-2024-8893.pdf",
"source": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158"
}
]
}

56
CVE-2025/CVE-2025-05xx/CVE-2025-0503.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-0503",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2025-02-14T18:15:23.870",
"lastModified": "2025-02-14T18:15:23.870",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Mattermost versions 9.11.x <= 9.11.6 fail to filter out DMs from the deleted channels endpoint which allows an attacker to infer user IDs and other metadata from deleted DMs if someone had manually marked DMs as deleted in the database."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 3.1,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-754"
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com"
}
]
}

159
CVE-2025/CVE-2025-213xx/CVE-2025-21377.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-21377",
"sourceIdentifier": "secure@microsoft.com",
"published": "2025-02-11T18:15:36.387",
"lastModified": "2025-02-11T18:15:36.387",
"vulnStatus": "Received",
"lastModified": "2025-02-14T17:40:52.127",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NTLM Hash Disclosure Spoofing Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de suplantaci\u00f3n de identidad en la divulgaci\u00f3n de hash NTLM"
}
],
"metrics": {
@ -38,19 +42,166 @@
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-73"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20915",
"matchCriteriaId": "8B692D57-D1F5-440E-AC28-C7633740ED6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20915",
"matchCriteriaId": "44723F8C-6B56-4A27-B213-E822ADC16078"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.7785",
"matchCriteriaId": "C91C224C-5CC9-42EF-8053-AC80EE2CC2B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.7785",
"matchCriteriaId": "07421D08-3F88-4532-B652-36825784EFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.17763.6893",
"matchCriteriaId": "B5BC47F5-150E-4D18-8CC4-356F22171D81"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.6893",
"matchCriteriaId": "E448ECB4-CE46-4A29-A092-5A4D334E5535"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19044.5487",
"matchCriteriaId": "A932CBA3-651F-4BBA-968A-2D6CA7DF8506"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.5487",
"matchCriteriaId": "810C8ECB-619F-447C-B352-E66F7EF5216E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.4890",
"matchCriteriaId": "30AF7170-5722-4C9C-A8AD-7A9F0C5952EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"versionEndIncluding": "10.0.22631.4890",
"matchCriteriaId": "9FF62164-3C0C-4E7D-A8E3-F4095EBD35FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.26100.3194",
"matchCriteriaId": "B9C5B9BC-F08B-49F8-82D3-7CC6BDB68995"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.7785",
"matchCriteriaId": "208FA80F-F742-473E-81D5-003DC2BFFC6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.6893",
"matchCriteriaId": "273EE4B9-8B53-4387-98C8-EC5D2558DB82"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.3207",
"matchCriteriaId": "1711CDE0-4C93-40D3-91B7-DE507143A45F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.25398.1425",
"matchCriteriaId": "FB476271-F7D2-40F9-BAFC-2DCD597BFE27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.26100.3194",
"matchCriteriaId": "C5C38103-E0F4-4302-98CE-BD8B20460004"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21377",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

56
CVE-2025/CVE-2025-213xx/CVE-2025-21379.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-21379",
"sourceIdentifier": "secure@microsoft.com",
"published": "2025-02-11T18:15:36.590",
"lastModified": "2025-02-11T18:15:36.590",
"vulnStatus": "Received",
"lastModified": "2025-02-14T17:39:51.510",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "DHCP Client Service Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en el servicio de cliente DHCP"
}
],
"metrics": {
@ -38,19 +42,63 @@
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.26100.3194",
"matchCriteriaId": "A03B8A6C-7F7D-4134-B222-7AFF82ED1B34"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.26100.3194",
"matchCriteriaId": "9FAAE0D6-5155-40CB-861D-E6D1EEF8122D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.26100.3194",
"matchCriteriaId": "C5C38103-E0F4-4302-98CE-BD8B20460004"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21379",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

53
CVE-2025/CVE-2025-213xx/CVE-2025-21397.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-21397",
"sourceIdentifier": "secure@microsoft.com",
"published": "2025-02-11T18:15:38.293",
"lastModified": "2025-02-11T18:15:38.293",
"vulnStatus": "Received",
"lastModified": "2025-02-14T17:38:29.007",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Office Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Microsoft Office"
}
],
"metrics": {
@ -38,19 +42,60 @@
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "40C15EDD-98D4-4D06-BA06-21AE0F33C72D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:2021:*:*:*:ltsc:*:*:*",
"matchCriteriaId": "25D63F31-2978-4C24-B7CA-6A0398012700"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:2024:*:*:*:ltsc:*:*:*",
"matchCriteriaId": "6ECEAB03-35FD-4E92-9F4F-5079580FE853"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21397",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

54
CVE-2025/CVE-2025-214xx/CVE-2025-21400.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-21400",
"sourceIdentifier": "secure@microsoft.com",
"published": "2025-02-11T18:15:38.483",
"lastModified": "2025-02-11T18:15:38.483",
"vulnStatus": "Received",
"lastModified": "2025-02-14T17:37:31.690",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft SharePoint Server Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Microsoft SharePoint Server"
}
],
"metrics": {
@ -38,19 +42,61 @@
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-285"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:*",
"versionEndExcluding": "16.0.17928.20396",
"matchCriteriaId": "71150396-07B2-4D48-A1E9-3EA5E5168B15"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "F815EF1D-7B60-47BE-9AC2-2548F99F10E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "6122D014-5BF1-4AF4-8B4D-80205ED7785E"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21400",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

159
CVE-2025/CVE-2025-214xx/CVE-2025-21406.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-21406",
"sourceIdentifier": "secure@microsoft.com",
"published": "2025-02-11T18:15:38.907",
"lastModified": "2025-02-11T18:15:38.907",
"vulnStatus": "Received",
"lastModified": "2025-02-14T17:37:19.737",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Windows Telephony Service Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en el servicio de telefon\u00eda de Windows"
}
],
"metrics": {
@ -38,19 +42,166 @@
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20915",
"matchCriteriaId": "8B692D57-D1F5-440E-AC28-C7633740ED6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20915",
"matchCriteriaId": "44723F8C-6B56-4A27-B213-E822ADC16078"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.7785",
"matchCriteriaId": "C91C224C-5CC9-42EF-8053-AC80EE2CC2B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.7785",
"matchCriteriaId": "07421D08-3F88-4532-B652-36825784EFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.17763.6893",
"matchCriteriaId": "B5BC47F5-150E-4D18-8CC4-356F22171D81"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.6893",
"matchCriteriaId": "E448ECB4-CE46-4A29-A092-5A4D334E5535"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19044.5487",
"matchCriteriaId": "A932CBA3-651F-4BBA-968A-2D6CA7DF8506"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.5487",
"matchCriteriaId": "810C8ECB-619F-447C-B352-E66F7EF5216E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.4890",
"matchCriteriaId": "30AF7170-5722-4C9C-A8AD-7A9F0C5952EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22631.4890",
"matchCriteriaId": "62FFD367-FB8B-48CA-813F-760E4F393555"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.26100.3194",
"matchCriteriaId": "B9C5B9BC-F08B-49F8-82D3-7CC6BDB68995"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.7785",
"matchCriteriaId": "208FA80F-F742-473E-81D5-003DC2BFFC6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.6893",
"matchCriteriaId": "273EE4B9-8B53-4387-98C8-EC5D2558DB82"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.3207",
"matchCriteriaId": "1711CDE0-4C93-40D3-91B7-DE507143A45F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.25398.1425",
"matchCriteriaId": "FB476271-F7D2-40F9-BAFC-2DCD597BFE27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.26100.3194",
"matchCriteriaId": "C5C38103-E0F4-4302-98CE-BD8B20460004"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21406",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

159
CVE-2025/CVE-2025-214xx/CVE-2025-21407.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-21407",
"sourceIdentifier": "secure@microsoft.com",
"published": "2025-02-11T18:15:39.157",
"lastModified": "2025-02-11T18:15:39.157",
"vulnStatus": "Received",
"lastModified": "2025-02-14T17:36:43.997",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Windows Telephony Service Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en el servicio de telefon\u00eda de Windows"
}
],
"metrics": {
@ -38,19 +42,166 @@
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20915",
"matchCriteriaId": "8B692D57-D1F5-440E-AC28-C7633740ED6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20915",
"matchCriteriaId": "44723F8C-6B56-4A27-B213-E822ADC16078"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.7785",
"matchCriteriaId": "C91C224C-5CC9-42EF-8053-AC80EE2CC2B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.7785",
"matchCriteriaId": "07421D08-3F88-4532-B652-36825784EFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.17763.6893",
"matchCriteriaId": "B5BC47F5-150E-4D18-8CC4-356F22171D81"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.6893",
"matchCriteriaId": "E448ECB4-CE46-4A29-A092-5A4D334E5535"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19044.5487",
"matchCriteriaId": "A932CBA3-651F-4BBA-968A-2D6CA7DF8506"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.5487",
"matchCriteriaId": "810C8ECB-619F-447C-B352-E66F7EF5216E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.4890",
"matchCriteriaId": "30AF7170-5722-4C9C-A8AD-7A9F0C5952EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22631.4890",
"matchCriteriaId": "62FFD367-FB8B-48CA-813F-760E4F393555"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.26100.3194",
"matchCriteriaId": "B9C5B9BC-F08B-49F8-82D3-7CC6BDB68995"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.7785",
"matchCriteriaId": "208FA80F-F742-473E-81D5-003DC2BFFC6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.6893",
"matchCriteriaId": "273EE4B9-8B53-4387-98C8-EC5D2558DB82"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.3207",
"matchCriteriaId": "1711CDE0-4C93-40D3-91B7-DE507143A45F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.25398.1425",
"matchCriteriaId": "FB476271-F7D2-40F9-BAFC-2DCD597BFE27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.26100.3194",
"matchCriteriaId": "C5C38103-E0F4-4302-98CE-BD8B20460004"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21407",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

93
CVE-2025/CVE-2025-214xx/CVE-2025-21410.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-21410",
"sourceIdentifier": "secure@microsoft.com",
"published": "2025-02-11T18:15:39.593",
"lastModified": "2025-02-11T18:15:39.593",
"vulnStatus": "Received",
"lastModified": "2025-02-14T17:35:15.613",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en el Servicio de enrutamiento y acceso remoto de Windows (RRAS)"
}
],
"metrics": {
@ -38,19 +42,100 @@
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.7785",
"matchCriteriaId": "208FA80F-F742-473E-81D5-003DC2BFFC6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.6893",
"matchCriteriaId": "273EE4B9-8B53-4387-98C8-EC5D2558DB82"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.3207",
"matchCriteriaId": "1711CDE0-4C93-40D3-91B7-DE507143A45F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.25398.1425",
"matchCriteriaId": "FB476271-F7D2-40F9-BAFC-2DCD597BFE27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.26100.3194",
"matchCriteriaId": "C5C38103-E0F4-4302-98CE-BD8B20460004"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21410",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

146
CVE-2025/CVE-2025-214xx/CVE-2025-21414.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-21414",
"sourceIdentifier": "secure@microsoft.com",
"published": "2025-02-11T18:15:39.787",
"lastModified": "2025-02-11T18:15:39.787",
"vulnStatus": "Received",
"lastModified": "2025-02-14T17:33:40.003",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Windows Core Messaging Elevation of Privileges Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de elevaci\u00f3n de privilegios en Windows Core Messaging"
}
],
"metrics": {
@ -38,19 +42,153 @@
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20915",
"matchCriteriaId": "8B692D57-D1F5-440E-AC28-C7633740ED6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20915",
"matchCriteriaId": "44723F8C-6B56-4A27-B213-E822ADC16078"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.7785",
"matchCriteriaId": "C91C224C-5CC9-42EF-8053-AC80EE2CC2B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.7785",
"matchCriteriaId": "07421D08-3F88-4532-B652-36825784EFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.17763.6893",
"matchCriteriaId": "B5BC47F5-150E-4D18-8CC4-356F22171D81"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.6893",
"matchCriteriaId": "E448ECB4-CE46-4A29-A092-5A4D334E5535"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.19044.5487",
"matchCriteriaId": "073C5577-43D4-43BA-9E6F-7E28109C5709"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19044.5487",
"matchCriteriaId": "49F1BB9C-CE46-45D4-AC89-37A84B5FA25A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19044.5487",
"matchCriteriaId": "4E992952-39E4-4CD5-A811-6E95ED5776FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.5487",
"matchCriteriaId": "810C8ECB-619F-447C-B352-E66F7EF5216E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.4890",
"matchCriteriaId": "30AF7170-5722-4C9C-A8AD-7A9F0C5952EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22631.4890",
"matchCriteriaId": "62FFD367-FB8B-48CA-813F-760E4F393555"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.26100.3194",
"matchCriteriaId": "B9C5B9BC-F08B-49F8-82D3-7CC6BDB68995"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.7785",
"matchCriteriaId": "208FA80F-F742-473E-81D5-003DC2BFFC6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.6893",
"matchCriteriaId": "273EE4B9-8B53-4387-98C8-EC5D2558DB82"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.3207",
"matchCriteriaId": "1711CDE0-4C93-40D3-91B7-DE507143A45F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.25398.1425",
"matchCriteriaId": "FB476271-F7D2-40F9-BAFC-2DCD597BFE27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.26100.3194",
"matchCriteriaId": "C5C38103-E0F4-4302-98CE-BD8B20460004"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21414",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

149
CVE-2025/CVE-2025-214xx/CVE-2025-21419.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-21419",
"sourceIdentifier": "secure@microsoft.com",
"published": "2025-02-11T18:15:40.227",
"lastModified": "2025-02-11T18:15:40.227",
"vulnStatus": "Received",
"lastModified": "2025-02-14T17:32:53.087",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Windows Setup Files Cleanup Elevation of Privilege Vulnerability"
},
{
"lang": "es",
"value": "Limpieza de archivos de instalaci\u00f3n de Windows Vulnerabilidad de elevaci\u00f3n de privilegios"
}
],
"metrics": {
@ -38,19 +42,156 @@
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-59"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20915",
"matchCriteriaId": "8B692D57-D1F5-440E-AC28-C7633740ED6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20915",
"matchCriteriaId": "44723F8C-6B56-4A27-B213-E822ADC16078"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.7785",
"matchCriteriaId": "C91C224C-5CC9-42EF-8053-AC80EE2CC2B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.7785",
"matchCriteriaId": "07421D08-3F88-4532-B652-36825784EFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.17763.6893",
"matchCriteriaId": "B5BC47F5-150E-4D18-8CC4-356F22171D81"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.6893",
"matchCriteriaId": "E448ECB4-CE46-4A29-A092-5A4D334E5535"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19044.5487",
"matchCriteriaId": "A932CBA3-651F-4BBA-968A-2D6CA7DF8506"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.5487",
"matchCriteriaId": "810C8ECB-619F-447C-B352-E66F7EF5216E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.4890",
"matchCriteriaId": "30AF7170-5722-4C9C-A8AD-7A9F0C5952EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22631.4890",
"matchCriteriaId": "62FFD367-FB8B-48CA-813F-760E4F393555"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.26100.3194",
"matchCriteriaId": "B9C5B9BC-F08B-49F8-82D3-7CC6BDB68995"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.7785",
"matchCriteriaId": "208FA80F-F742-473E-81D5-003DC2BFFC6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.6893",
"matchCriteriaId": "273EE4B9-8B53-4387-98C8-EC5D2558DB82"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.3207",
"matchCriteriaId": "1711CDE0-4C93-40D3-91B7-DE507143A45F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.25398.1425",
"matchCriteriaId": "FB476271-F7D2-40F9-BAFC-2DCD597BFE27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.26100.3194",
"matchCriteriaId": "C5C38103-E0F4-4302-98CE-BD8B20460004"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21419",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

144
CVE-2025/CVE-2025-214xx/CVE-2025-21420.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-21420",
"sourceIdentifier": "secure@microsoft.com",
"published": "2025-02-11T18:15:40.427",
"lastModified": "2025-02-11T18:15:40.427",
"vulnStatus": "Received",
"lastModified": "2025-02-14T17:36:09.683",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Windows Disk Cleanup Tool Elevation of Privilege Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de elevaci\u00f3n de privilegios en la herramienta Liberador de espacio en disco de Windows"
}
],
"metrics": {
@ -38,19 +42,151 @@
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-59"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20915",
"matchCriteriaId": "8B692D57-D1F5-440E-AC28-C7633740ED6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20915",
"matchCriteriaId": "44723F8C-6B56-4A27-B213-E822ADC16078"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.7785",
"matchCriteriaId": "C91C224C-5CC9-42EF-8053-AC80EE2CC2B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.7785",
"matchCriteriaId": "07421D08-3F88-4532-B652-36825784EFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.17763.6893",
"matchCriteriaId": "B5BC47F5-150E-4D18-8CC4-356F22171D81"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.6893",
"matchCriteriaId": "E448ECB4-CE46-4A29-A092-5A4D334E5535"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19044.5487",
"matchCriteriaId": "A932CBA3-651F-4BBA-968A-2D6CA7DF8506"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.5487",
"matchCriteriaId": "810C8ECB-619F-447C-B352-E66F7EF5216E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.4890",
"matchCriteriaId": "30AF7170-5722-4C9C-A8AD-7A9F0C5952EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"versionEndIncluding": "10.0.22631.4890",
"matchCriteriaId": "9FF62164-3C0C-4E7D-A8E3-F4095EBD35FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.26100.3194",
"matchCriteriaId": "B9C5B9BC-F08B-49F8-82D3-7CC6BDB68995"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.7785",
"matchCriteriaId": "208FA80F-F742-473E-81D5-003DC2BFFC6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.6893",
"matchCriteriaId": "273EE4B9-8B53-4387-98C8-EC5D2558DB82"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.3207",
"matchCriteriaId": "1711CDE0-4C93-40D3-91B7-DE507143A45F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.25398.1425",
"matchCriteriaId": "FB476271-F7D2-40F9-BAFC-2DCD597BFE27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.26100.3194",
"matchCriteriaId": "C5C38103-E0F4-4302-98CE-BD8B20460004"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21420",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

44
CVE-2025/CVE-2025-240xx/CVE-2025-24036.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-24036",
"sourceIdentifier": "secure@microsoft.com",
"published": "2025-02-11T18:15:40.643",
"lastModified": "2025-02-11T18:15:40.643",
"vulnStatus": "Received",
"lastModified": "2025-02-14T17:31:47.153",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de elevaci\u00f3n de privilegios en Microsoft AutoUpdate (MAU)"
}
],
"metrics": {
@ -38,19 +42,51 @@
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-367"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:autoupdate:*:*:*:*:*:macos:*:*",
"versionEndExcluding": "4.77.24121924",
"matchCriteriaId": "3AE35ACB-FD1D-4D88-B86A-ABA6F3C4E52F"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24036",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

64
CVE-2025/CVE-2025-252xx/CVE-2025-25204.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2025-25204",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-02-14T17:15:19.140",
"lastModified": "2025-02-14T17:15:19.140",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "`gh` is GitHub\u2019s official command line tool. Starting in version 2.49.0 and prior to version 2.67.0, under certain conditions, a bug in GitHub's Artifact Attestation cli tool `gh attestation verify` causes it to return a zero exit status when no attestations are present. This behavior is incorrect: When no attestations are present, `gh attestation verify` should return a non-zero exit status code, thereby signaling verification failure. An attacker can abuse this flaw to, for example, deploy malicious artifacts in any system that uses `gh attestation verify`'s exit codes to gatekeep deployments. Users are advised to update `gh` to patched version `v2.67.0` as soon as possible."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:N",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-390"
}
]
}
],
"references": [
{
"url": "https://github.com/cli/cli/issues/10418",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/cli/cli/pull/10421",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/cli/cli/security/advisories/GHSA-fgw4-v983-mgp8",
"source": "security-advisories@github.com"
}
]
}

60
CVE-2025/CVE-2025-252xx/CVE-2025-25206.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-25206",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-02-14T17:15:19.327",
"lastModified": "2025-02-14T17:15:19.327",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "eLabFTW is an open source electronic lab notebook for research labs. Prior to version 5.1.15, an incorrect input validation could allow an authenticated user to read sensitive information, including login token or other content stored in the database. This could lead to privilege escalation if cookies are enabled (default setting). Users must upgrade to eLabFTW version 5.1.15 to receive a fix. No known workarounds are available."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 5.5
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/elabftw/elabftw/releases/tag/5.1.15",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/elabftw/elabftw/security/advisories/GHSA-qffc-rfjh-77gg",
"source": "security-advisories@github.com"
}
]
}

86
CVE-2025/CVE-2025-252xx/CVE-2025-25295.json Normal file
View File

@ -0,0 +1,86 @@
{
"id": "CVE-2025-25295",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-02-14T17:15:20.230",
"lastModified": "2025-02-14T17:15:20.230",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Label Studio is an open source data labeling tool. A path traversal vulnerability in Label Studio SDK versions prior to 1.0.10 allows unauthorized file access outside the intended directory structure. The flaw exists in the VOC, COCO and YOLO export functionalities. These functions invoke a `download` function on the `label-studio-sdk` python package, which fails to validate file paths when processing image references during task exports. By creating tasks with path traversal sequences in the image field, an attacker can force the application to read files from arbitrary server filesystem locations when exporting projects in any of the mentioned formats. This is authentication-required vulnerability allowing arbitrary file reads from the server filesystem. It may lead to potential exposure of sensitive information like configuration files, credentials, and confidential data. Label Studio versions before 1.16.0 specified SDK versions prior to 1.0.10 as dependencies, and the issue was confirmed in Label Studio version 1.13.2.dev0; therefore, Label Studio users should upgrade to 1.16.0 or newer to mitigate it."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "NONE",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
},
{
"lang": "en",
"value": "CWE-26"
}
]
}
],
"references": [
{
"url": "https://github.com/HumanSignal/label-studio-sdk/commit/4a9715c6b0b619371e89c09ea8d1c86ce5c880df",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-rgv9-w7jp-m23g",
"source": "security-advisories@github.com"
}
]
}

49
CVE-2025/CVE-2025-253xx/CVE-2025-25357.json
View File

@ -2,20 +2,63 @@
"id": "CVE-2025-25357",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-13T16:16:49.700",
"lastModified": "2025-02-13T16:16:49.700",
"vulnStatus": "Received",
"lastModified": "2025-02-14T18:15:24.203",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A SQL Injection vulnerability was found in /admin/contactus.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the email POST request parameter."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad de inyecci\u00f3n SQL en /admin/contactus.php en PHPGurukul Land Record System v1.0, que permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s del par\u00e1metro de solicitud POST del correo electr\u00f3nico."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Santoshcyber1/CVE-wirteup/blob/main/Phpgurukul/Land%20record/SQL%20Injection%20Emails.pdf",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/Santoshcyber1/CVE-wirteup/blob/main/Phpgurukul/Land%20record/SQL%20Injection%20Emails.pdf",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

47
CVE-2025/CVE-2025-253xx/CVE-2025-25387.json
View File

@ -2,20 +2,63 @@
"id": "CVE-2025-25387",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-13T17:17:20.247",
"lastModified": "2025-02-13T17:17:20.247",
"lastModified": "2025-02-14T17:15:20.393",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A SQL Injection vulnerability was found in /admin/manage-propertytype.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the propertytype POST request parameter."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad de inyecci\u00f3n SQL en /admin/manage-propertytype.php en PHPGurukul Land Record System v1.0, que permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s del par\u00e1metro de solicitud POST propertytype."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Santoshcyber1/CVE-wirteup/blob/main/Phpgurukul/Land%20record/SQL%20Injection%20edited.pdf",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/Santoshcyber1/CVE-wirteup/blob/main/Phpgurukul/Land%20record/SQL%20Injection%20edited.pdf",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

43
CVE-2025/CVE-2025-253xx/CVE-2025-25389.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2025-25389",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-13T17:17:20.427",
"lastModified": "2025-02-13T17:17:20.427",
"lastModified": "2025-02-14T17:15:20.663",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A SQL Injection vulnerability was found in /admin/forgot-password.php in Phpgurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the contactno POST request parameter."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad de inyecci\u00f3n SQL en /admin/forgot-password.php en Phpgurukul Land Record System v1.0, que permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s del par\u00e1metro de solicitud POST contactno."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Santoshcyber1/CVE-wirteup/blob/main/Phpgurukul/Land%20record/SQL%20Injection%20forget.pdf",

45
CVE-2025/CVE-2025-258xx/CVE-2025-25898.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2025-25898",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-13T16:16:49.867",
"lastModified": "2025-02-13T16:16:49.867",
"vulnStatus": "Received",
"lastModified": "2025-02-14T17:15:20.917",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11 via the pskSecret parameter at /userRpm/WlanSecurityRpm.htm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet."
},
{
"lang": "es",
"value": "Se descubri\u00f3 una vulnerabilidad de desbordamiento de b\u00fafer en TP-Link TL-WR841ND V11 a trav\u00e9s del par\u00e1metro pskSecret en /userRpm/WlanSecurityRpm.htm. Esta vulnerabilidad permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de un paquete manipulado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/2664521593/mycve/blob/main/TP-Link/BOF_in_TP-Link_TL-WR841ND-V11_1.pdf",

21
CVE-2025/CVE-2025-259xx/CVE-2025-25988.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2025-25988",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-14T17:15:21.157",
"lastModified": "2025-02-14T17:15:21.157",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability in hooskcms v.1.8 allows a remote attacker to cause a denial of service via the custom Link title parameter and the Title parameter."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/havok89/Hoosk/issues/67",
"source": "cve@mitre.org"
}
]
}

21
CVE-2025/CVE-2025-259xx/CVE-2025-25990.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2025-25990",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-14T17:15:21.320",
"lastModified": "2025-02-14T17:15:21.320",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability in hooskcms v.1.7.1 allows a remote attacker to obtain sensitive information via the /install/index.php component."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/havok89/Hoosk/issues/69",
"source": "cve@mitre.org"
}
]
}

21
CVE-2025/CVE-2025-259xx/CVE-2025-25991.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2025-25991",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-14T17:15:21.477",
"lastModified": "2025-02-14T17:15:21.477",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL Injection vulnerability in hooskcms v.1.7.1 allows a remote attacker to obtain sensitive information via the /install/index.php component."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/havok89/Hoosk/issues/68",
"source": "cve@mitre.org"
}
]
}

21
CVE-2025/CVE-2025-259xx/CVE-2025-25992.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2025-25992",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-14T17:15:21.640",
"lastModified": "2025-02-14T17:15:21.640",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL Injection vulnerability in FeMiner wms 1.0 allows a remote attacker to obtain sensitive information via the inquire_inout_item.php component."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/FeMiner/wms/issues/19",
"source": "cve@mitre.org"
}
]
}

21
CVE-2025/CVE-2025-259xx/CVE-2025-25993.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2025-25993",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-14T17:15:21.793",
"lastModified": "2025-02-14T17:15:21.793",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL Injection vulnerability in FeMiner wms wms 1.0 allows a remote attacker to obtain sensitive information via the parameter \"itemid.\""
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/FeMiner/wms/issues/21",
"source": "cve@mitre.org"
}
]
}

21
CVE-2025/CVE-2025-259xx/CVE-2025-25994.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2025-25994",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-14T17:15:21.953",
"lastModified": "2025-02-14T17:15:21.953",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL Injection vulnerability in FeMiner wms wms 1.0 allows a remote attacker to obtain sensitive information via the parameters date1, date2, id."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/FeMiner/wms/issues/20",
"source": "cve@mitre.org"
}
]
}

21
CVE-2025/CVE-2025-259xx/CVE-2025-25997.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2025-25997",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-14T17:15:22.117",
"lastModified": "2025-02-14T17:15:22.117",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory Traversal vulnerability in FeMiner wms v.1.0 allows a remote attacker to obtain sensitive information via the databak.php component."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/FeMiner/wms/issues/22",
"source": "cve@mitre.org"
}
]
}

21
CVE-2025/CVE-2025-261xx/CVE-2025-26156.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2025-26156",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-14T17:15:22.273",
"lastModified": "2025-02-14T17:15:22.273",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A SQL Injection vulnerability was found in /shopping/track-orders.php in PHPGurukul Online Shopping Portal v2.1, which allows remote attackers to execute arbitrary code via orderid POST request parameter."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/rtnthakur/CVE/blob/main/PHPGurukul/README.md",
"source": "cve@mitre.org"
}
]
}

21
CVE-2025/CVE-2025-261xx/CVE-2025-26157.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2025-26157",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-14T17:15:22.437",
"lastModified": "2025-02-14T17:15:22.437",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A SQL Injection vulnerability was found in /bpms/index.php in Source Code and Project Beauty Parlour Management System V1.1, which allows remote attackers to execute arbitrary code via the name POST request parameter."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/rtnthakur/CVE/blob/main/others/README.md",
"source": "cve@mitre.org"
}
]
}

21
CVE-2025/CVE-2025-261xx/CVE-2025-26158.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2025-26158",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-14T17:15:22.590",
"lastModified": "2025-02-14T17:15:22.590",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the manage-employee.php page of Kashipara Online Attendance Management System V1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the department parameter."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/rtnthakur/CVE/blob/main/Kashipara/README.md",
"source": "cve@mitre.org"
}
]
}

78
CVE-2025/CVE-2025-265xx/CVE-2025-26506.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2025-26506",
"sourceIdentifier": "hp-security-alert@hp.com",
"published": "2025-02-14T17:15:22.747",
"lastModified": "2025-02-14T17:15:22.747",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "hp-security-alert@hp.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "hp-security-alert@hp.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_11953771-11953793-16/hpsbpi04007",
"source": "hp-security-alert@hp.com"
}
]
}

78
CVE-2025/CVE-2025-265xx/CVE-2025-26507.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2025-26507",
"sourceIdentifier": "hp-security-alert@hp.com",
"published": "2025-02-14T17:15:22.863",
"lastModified": "2025-02-14T17:15:22.863",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "hp-security-alert@hp.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "NONE",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "hp-security-alert@hp.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_11953771-11953793-16/hpsbpi04007",
"source": "hp-security-alert@hp.com"
}
]
}

78
CVE-2025/CVE-2025-265xx/CVE-2025-26508.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2025-26508",
"sourceIdentifier": "hp-security-alert@hp.com",
"published": "2025-02-14T17:15:22.983",
"lastModified": "2025-02-14T17:15:22.983",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "hp-security-alert@hp.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "hp-security-alert@hp.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_11953771-11953793-16/hpsbpi04007",
"source": "hp-security-alert@hp.com"
}
]
}

10
CVE-2025/CVE-2025-265xx/CVE-2025-26519.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-26519",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-14T04:15:09.050",
"lastModified": "2025-02-14T04:15:09.050",
"lastModified": "2025-02-14T17:15:23.090",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -75,6 +75,14 @@
{
"url": "http://www.openwall.com/lists/oss-security/2025/02/13/5",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/02/14/5",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/02/14/6",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}

88
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-02-14T17:00:30.770662+00:00
2025-02-14T19:00:20.699668+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-02-14T16:59:49.713000+00:00
2025-02-14T18:15:24.203000+00:00
```
### Last Data Feed Release
@ -33,51 +33,65 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
281408
281429
```
### CVEs added in the last Commit
Recently added CVEs: `7`
Recently added CVEs: `21`
- [CVE-2024-52895](CVE-2024/CVE-2024-528xx/CVE-2024-52895.json) (`2025-02-14T15:15:09.210`)
- [CVE-2024-56477](CVE-2024/CVE-2024-564xx/CVE-2024-56477.json) (`2025-02-14T15:15:11.887`)
- [CVE-2024-56973](CVE-2024/CVE-2024-569xx/CVE-2024-56973.json) (`2025-02-14T16:15:34.273`)
- [CVE-2024-57725](CVE-2024/CVE-2024-577xx/CVE-2024-57725.json) (`2025-02-14T16:15:34.360`)
- [CVE-2024-57778](CVE-2024/CVE-2024-577xx/CVE-2024-57778.json) (`2025-02-14T16:15:34.453`)
- [CVE-2025-25740](CVE-2025/CVE-2025-257xx/CVE-2025-25740.json) (`2025-02-14T15:15:13.190`)
- [CVE-2025-25745](CVE-2025/CVE-2025-257xx/CVE-2025-25745.json) (`2025-02-14T16:15:37.010`)
- [CVE-2024-3220](CVE-2024/CVE-2024-32xx/CVE-2024-3220.json) (`2025-02-14T17:15:15.567`)
- [CVE-2024-56463](CVE-2024/CVE-2024-564xx/CVE-2024-56463.json) (`2025-02-14T17:15:16.420`)
- [CVE-2024-57790](CVE-2024/CVE-2024-577xx/CVE-2024-57790.json) (`2025-02-14T17:15:18.343`)
- [CVE-2024-8893](CVE-2024/CVE-2024-88xx/CVE-2024-8893.json) (`2025-02-14T17:15:18.690`)
- [CVE-2025-0503](CVE-2025/CVE-2025-05xx/CVE-2025-0503.json) (`2025-02-14T18:15:23.870`)
- [CVE-2025-25204](CVE-2025/CVE-2025-252xx/CVE-2025-25204.json) (`2025-02-14T17:15:19.140`)
- [CVE-2025-25206](CVE-2025/CVE-2025-252xx/CVE-2025-25206.json) (`2025-02-14T17:15:19.327`)
- [CVE-2025-25295](CVE-2025/CVE-2025-252xx/CVE-2025-25295.json) (`2025-02-14T17:15:20.230`)
- [CVE-2025-25988](CVE-2025/CVE-2025-259xx/CVE-2025-25988.json) (`2025-02-14T17:15:21.157`)
- [CVE-2025-25990](CVE-2025/CVE-2025-259xx/CVE-2025-25990.json) (`2025-02-14T17:15:21.320`)
- [CVE-2025-25991](CVE-2025/CVE-2025-259xx/CVE-2025-25991.json) (`2025-02-14T17:15:21.477`)
- [CVE-2025-25992](CVE-2025/CVE-2025-259xx/CVE-2025-25992.json) (`2025-02-14T17:15:21.640`)
- [CVE-2025-25993](CVE-2025/CVE-2025-259xx/CVE-2025-25993.json) (`2025-02-14T17:15:21.793`)
- [CVE-2025-25994](CVE-2025/CVE-2025-259xx/CVE-2025-25994.json) (`2025-02-14T17:15:21.953`)
- [CVE-2025-25997](CVE-2025/CVE-2025-259xx/CVE-2025-25997.json) (`2025-02-14T17:15:22.117`)
- [CVE-2025-26156](CVE-2025/CVE-2025-261xx/CVE-2025-26156.json) (`2025-02-14T17:15:22.273`)
- [CVE-2025-26157](CVE-2025/CVE-2025-261xx/CVE-2025-26157.json) (`2025-02-14T17:15:22.437`)
- [CVE-2025-26158](CVE-2025/CVE-2025-261xx/CVE-2025-26158.json) (`2025-02-14T17:15:22.590`)
- [CVE-2025-26506](CVE-2025/CVE-2025-265xx/CVE-2025-26506.json) (`2025-02-14T17:15:22.747`)
- [CVE-2025-26507](CVE-2025/CVE-2025-265xx/CVE-2025-26507.json) (`2025-02-14T17:15:22.863`)
- [CVE-2025-26508](CVE-2025/CVE-2025-265xx/CVE-2025-26508.json) (`2025-02-14T17:15:22.983`)
### CVEs modified in the last Commit
Recently modified CVEs: `121`
Recently modified CVEs: `71`
- [CVE-2024-26142](CVE-2024/CVE-2024-261xx/CVE-2024-26142.json) (`2025-02-14T16:22:23.763`)
- [CVE-2024-26144](CVE-2024/CVE-2024-261xx/CVE-2024-26144.json) (`2025-02-14T15:26:42.917`)
- [CVE-2024-26146](CVE-2024/CVE-2024-261xx/CVE-2024-26146.json) (`2025-02-14T15:51:42.200`)
- [CVE-2024-26489](CVE-2024/CVE-2024-264xx/CVE-2024-26489.json) (`2025-02-14T16:21:23.480`)
- [CVE-2024-26618](CVE-2024/CVE-2024-266xx/CVE-2024-26618.json) (`2025-02-14T16:39:08.240`)
- [CVE-2024-26620](CVE-2024/CVE-2024-266xx/CVE-2024-26620.json) (`2025-02-14T16:39:02.277`)
- [CVE-2024-26623](CVE-2024/CVE-2024-266xx/CVE-2024-26623.json) (`2025-02-14T16:40:51.387`)
- [CVE-2024-27099](CVE-2024/CVE-2024-270xx/CVE-2024-27099.json) (`2025-02-14T15:27:49.010`)
- [CVE-2024-27190](CVE-2024/CVE-2024-271xx/CVE-2024-27190.json) (`2025-02-14T15:54:14.630`)
- [CVE-2024-27277](CVE-2024/CVE-2024-272xx/CVE-2024-27277.json) (`2025-02-14T15:54:30.470`)
- [CVE-2024-27285](CVE-2024/CVE-2024-272xx/CVE-2024-27285.json) (`2025-02-14T15:31:24.213`)
- [CVE-2024-27948](CVE-2024/CVE-2024-279xx/CVE-2024-27948.json) (`2025-02-14T15:29:28.163`)
- [CVE-2024-27956](CVE-2024/CVE-2024-279xx/CVE-2024-27956.json) (`2025-02-14T15:54:46.810`)
- [CVE-2024-27962](CVE-2024/CVE-2024-279xx/CVE-2024-27962.json) (`2025-02-14T15:55:32.917`)
- [CVE-2024-27963](CVE-2024/CVE-2024-279xx/CVE-2024-27963.json) (`2025-02-14T15:56:42.770`)
- [CVE-2024-27964](CVE-2024/CVE-2024-279xx/CVE-2024-27964.json) (`2025-02-14T16:09:20.020`)
- [CVE-2024-27965](CVE-2024/CVE-2024-279xx/CVE-2024-27965.json) (`2025-02-14T16:11:37.770`)
- [CVE-2024-54951](CVE-2024/CVE-2024-549xx/CVE-2024-54951.json) (`2025-02-14T16:15:34.060`)
- [CVE-2024-57951](CVE-2024/CVE-2024-579xx/CVE-2024-57951.json) (`2025-02-14T15:57:18.047`)
- [CVE-2024-57952](CVE-2024/CVE-2024-579xx/CVE-2024-57952.json) (`2025-02-14T15:52:04.957`)
- [CVE-2025-21694](CVE-2025/CVE-2025-216xx/CVE-2025-21694.json) (`2025-02-14T15:46:40.857`)
- [CVE-2025-21695](CVE-2025/CVE-2025-216xx/CVE-2025-21695.json) (`2025-02-14T15:44:28.450`)
- [CVE-2025-21696](CVE-2025/CVE-2025-216xx/CVE-2025-21696.json) (`2025-02-14T15:42:55.663`)
- [CVE-2025-22962](CVE-2025/CVE-2025-229xx/CVE-2025-22962.json) (`2025-02-14T16:15:34.803`)
- [CVE-2025-26791](CVE-2025/CVE-2025-267xx/CVE-2025-26791.json) (`2025-02-14T16:15:37.350`)
- [CVE-2024-51440](CVE-2024/CVE-2024-514xx/CVE-2024-51440.json) (`2025-02-14T17:15:16.040`)
- [CVE-2024-52577](CVE-2024/CVE-2024-525xx/CVE-2024-52577.json) (`2025-02-14T17:15:16.200`)
- [CVE-2024-56180](CVE-2024/CVE-2024-561xx/CVE-2024-56180.json) (`2025-02-14T17:15:16.317`)
- [CVE-2024-56940](CVE-2024/CVE-2024-569xx/CVE-2024-56940.json) (`2025-02-14T17:15:16.590`)
- [CVE-2024-57000](CVE-2024/CVE-2024-570xx/CVE-2024-57000.json) (`2025-02-14T18:15:23.743`)
- [CVE-2024-57601](CVE-2024/CVE-2024-576xx/CVE-2024-57601.json) (`2025-02-14T17:15:16.787`)
- [CVE-2024-57604](CVE-2024/CVE-2024-576xx/CVE-2024-57604.json) (`2025-02-14T17:15:17.003`)
- [CVE-2024-57605](CVE-2024/CVE-2024-576xx/CVE-2024-57605.json) (`2025-02-14T17:15:17.230`)
- [CVE-2024-7052](CVE-2024/CVE-2024-70xx/CVE-2024-7052.json) (`2025-02-14T17:15:18.480`)
- [CVE-2025-21377](CVE-2025/CVE-2025-213xx/CVE-2025-21377.json) (`2025-02-14T17:40:52.127`)
- [CVE-2025-21379](CVE-2025/CVE-2025-213xx/CVE-2025-21379.json) (`2025-02-14T17:39:51.510`)
- [CVE-2025-21397](CVE-2025/CVE-2025-213xx/CVE-2025-21397.json) (`2025-02-14T17:38:29.007`)
- [CVE-2025-21400](CVE-2025/CVE-2025-214xx/CVE-2025-21400.json) (`2025-02-14T17:37:31.690`)
- [CVE-2025-21406](CVE-2025/CVE-2025-214xx/CVE-2025-21406.json) (`2025-02-14T17:37:19.737`)
- [CVE-2025-21407](CVE-2025/CVE-2025-214xx/CVE-2025-21407.json) (`2025-02-14T17:36:43.997`)
- [CVE-2025-21410](CVE-2025/CVE-2025-214xx/CVE-2025-21410.json) (`2025-02-14T17:35:15.613`)
- [CVE-2025-21414](CVE-2025/CVE-2025-214xx/CVE-2025-21414.json) (`2025-02-14T17:33:40.003`)
- [CVE-2025-21419](CVE-2025/CVE-2025-214xx/CVE-2025-21419.json) (`2025-02-14T17:32:53.087`)
- [CVE-2025-21420](CVE-2025/CVE-2025-214xx/CVE-2025-21420.json) (`2025-02-14T17:36:09.683`)
- [CVE-2025-24036](CVE-2025/CVE-2025-240xx/CVE-2025-24036.json) (`2025-02-14T17:31:47.153`)
- [CVE-2025-25357](CVE-2025/CVE-2025-253xx/CVE-2025-25357.json) (`2025-02-14T18:15:24.203`)
- [CVE-2025-25387](CVE-2025/CVE-2025-253xx/CVE-2025-25387.json) (`2025-02-14T17:15:20.393`)
- [CVE-2025-25389](CVE-2025/CVE-2025-253xx/CVE-2025-25389.json) (`2025-02-14T17:15:20.663`)
- [CVE-2025-25898](CVE-2025/CVE-2025-258xx/CVE-2025-25898.json) (`2025-02-14T17:15:20.917`)
- [CVE-2025-26519](CVE-2025/CVE-2025-265xx/CVE-2025-26519.json) (`2025-02-14T17:15:23.090`)
## Download and Usage

419
_state.csv
View File

File diff suppressed because it is too large Load Diff