admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-12-16 04:43:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-03-24T17:00:20.049320+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-03-24 17:03:52 +00:00
parent dc40901ab7
commit 656147d57a
76 changed files with 3150 additions and 495 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
CVE-2018/CVE-2018-79xx/CVE-2018-7935.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-7935",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-02-10T12:15:11.437",
"lastModified": "2024-11-21T04:12:59.130",
"lastModified": "2025-03-24T15:15:14.490",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},

26
CVE-2018/CVE-2018-91xx/CVE-2018-9193.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2018-9193",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2019-05-30T17:29:00.340",
"lastModified": "2024-11-21T04:15:09.067",
"lastModified": "2025-03-24T16:15:15.103",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A local privilege escalation in Fortinet FortiClient for Windows 6.0.4 and earlier allows attacker to execute unauthorized code or commands via the parsing of the file."
"value": "A researcher has disclosed several vulnerabilities against FortiClient for Windows version 6.0.5 and below, version 5.6.6, the combination of these vulnerabilities can turn into an exploit chain, which allows a user to gain system privileges on Microsoft Windows."
},
{
"lang": "es",
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "nvd@nist.gov",

39
CVE-2018/CVE-2018-94xx/CVE-2018-9434.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-9434",
"sourceIdentifier": "security@android.com",
"published": "2025-01-17T23:15:12.230",
"lastModified": "2025-02-18T21:15:13.280",
"lastModified": "2025-03-24T16:15:16.220",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "En multiple functions de Parcel.cpp, existe una forma posible de evitar la aleatorizaci\u00f3n del dise\u00f1o del espacio de direcciones. Esto podr\u00eda generar una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2018-07-01",

56
CVE-2021/CVE-2021-260xx/CVE-2021-26091.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2021-26091",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-03-24T16:15:16.450",
"lastModified": "2025-03-24T16:15:16.450",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A use of a cryptographically weak pseudo-random number generator vulnerability in the authenticator of the Identity Based Encryption service of FortiMail 6.4.0 through 6.4.4, and 6.2.0 through 6.2.7 may allow an unauthenticated attacker to infer parts of users authentication tokens and reset their credentials."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-338"
}
]
}
],
"references": [
{
"url": "https://fortiguard.com/advisory/FG-IR-21-031",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2021/CVE-2021-261xx/CVE-2021-26105.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2021-26105",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-03-24T16:15:16.610",
"lastModified": "2025-03-24T16:15:16.610",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow vulnerability (CWE-121) in the profile parser of FortiSandbox version 3.2.2 and below, version 3.1.4 and below may allow an authenticated attacker to potentially execute unauthorized code or commands via specifically crafted HTTP requests."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-358"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-20-234",
"source": "psirt@fortinet.com"
}
]
}

70
CVE-2022/CVE-2022-434xx/CVE-2022-43454.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-43454",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-03-10T20:15:13.593",
"lastModified": "2025-03-11T03:15:36.353",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-24T15:07:24.540",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,22 +51,80 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.2",
"matchCriteriaId": "89495791-675B-413C-A86D-ECBADF4EDC4E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.2",
"matchCriteriaId": "6B1B6657-43F5-4F0E-BE5C-5D828DEE066F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.1",
"matchCriteriaId": "D7457023-5C4E-4935-826D-A411B0324092"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.2",
"matchCriteriaId": "400AD564-BDEC-4C81-B650-56357BEBF0C7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.2",
"matchCriteriaId": "7A9F3F63-6BF8-4DD5-97FD-D9C90A62ECB0"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/102741",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory",
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/102807",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory",
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/102808",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory",
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/102836",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory",
"Release Notes"
]
}
]
}

22
CVE-2022/CVE-2022-466xx/CVE-2022-46649.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-46649",
"sourceIdentifier": "security@sierrawireless.com",
"published": "2023-02-10T18:15:13.247",
"lastModified": "2024-11-21T07:30:51.337",
"lastModified": "2025-03-24T16:15:16.837",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},

58
CVE-2022/CVE-2022-486xx/CVE-2022-48610.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48610",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-03-10T20:15:13.713",
"lastModified": "2025-03-11T03:15:36.600",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-24T15:07:44.290",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,18 +51,66 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.2",
"matchCriteriaId": "89495791-675B-413C-A86D-ECBADF4EDC4E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.2",
"matchCriteriaId": "6B1B6657-43F5-4F0E-BE5C-5D828DEE066F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.1",
"matchCriteriaId": "D7457023-5C4E-4935-826D-A411B0324092"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.2",
"matchCriteriaId": "7A9F3F63-6BF8-4DD5-97FD-D9C90A62ECB0"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/102741",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory",
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/102807",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory",
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/102808",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory",
"Release Notes"
]
}
]
}

32
CVE-2023/CVE-2023-01xx/CVE-2023-0127.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0127",
"sourceIdentifier": "vulnreport@tenable.com",
"published": "2023-02-11T18:15:11.327",
"lastModified": "2024-11-21T07:36:36.437",
"lastModified": "2025-03-24T15:15:14.803",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-77"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-243xx/CVE-2023-24352.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24352",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-10T15:15:12.367",
"lastModified": "2024-11-21T07:47:43.383",
"lastModified": "2025-03-24T16:15:17.040",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

56
CVE-2023/CVE-2023-256xx/CVE-2023-25610.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2023-25610",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-03-24T16:15:17.273",
"lastModified": "2025-03-24T16:15:17.273",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A buffer underwrite ('buffer underflow') vulnerability in the administrative interface of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.6, version 6.4.0 through 6.4.11 and version 6.2.12 and below, FortiProxy version 7.2.0 through 7.2.2, version 7.0.0 through 7.0.8, version 2.0.12 and below and FortiOS-6K7K version 7.0.5, version 6.4.0 through 6.4.10 and version 6.2.0 through 6.2.10 and below allows a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-124"
}
]
}
],
"references": [
{
"url": "https://fortiguard.com/psirt/FG-IR-23-001",
"source": "psirt@fortinet.com"
}
]
}

66
CVE-2023/CVE-2023-282xx/CVE-2023-28207.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28207",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-03-21T01:15:12.240",
"lastModified": "2025-03-21T16:15:17.053",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-24T15:09:20.773",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,18 +39,74 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.7.5",
"matchCriteriaId": "4895F6FE-9045-4243-BECA-D63037F63516"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0",
"versionEndExcluding": "12.6.4",
"matchCriteriaId": "3C93428C-C9B4-464F-8A4A-0CE8D7BB2BAA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.3",
"matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/102784",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/102833",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/120945",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

22
CVE-2023/CVE-2023-42xx/CVE-2023-4295.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-4295",
"sourceIdentifier": "arm-security@arm.com",
"published": "2023-11-07T16:15:29.340",
"lastModified": "2025-02-13T17:17:17.540",
"lastModified": "2025-03-24T16:15:17.463",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},

12
CVE-2024/CVE-2024-134xx/CVE-2024-13496.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-13496",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-22T11:15:08.373",
"lastModified": "2025-01-24T20:45:57.463",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-24T16:15:17.677",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The GamiPress \u2013 Gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is vulnerable to time-based SQL Injection via the \u2018orderby\u2019 parameter in all versions up to, and including, 7.2.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
"value": "The GamiPress \u2013 Gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is vulnerable to time-based SQL Injection via the \u2018orderby\u2019 parameter in all versions up to, and including, 7.3.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. NOTE: This vulnerability was previously published as being fixed in version 7.2.2 which was incorrect. The correct fixed version is 7.3.2."
},
{
"lang": "es",
@ -62,7 +62,7 @@
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -90,6 +90,10 @@
}
],
"references": [
{
"url": "https://abrahack.com/posts/gamipress-sqli/",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/gamipress/trunk/includes/ajax-functions.php#L39",
"source": "security@wordfence.com",

51
CVE-2024/CVE-2024-24xx/CVE-2024-2495.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2495",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-15T13:15:09.500",
"lastModified": "2024-11-21T09:09:52.873",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-24T15:20:18.623",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.0,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 2.5
}
]
},
@ -51,14 +71,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:friendlyelec:friendlywrt:2022-11-16:*:*:*:*:*:*:*",
"matchCriteriaId": "4CFBB066-9F30-4907-86F9-C4B9CC418709"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/cryptographic-key-plain-text-vulnerability-friendlyelecs-friendlywrt",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/cryptographic-key-plain-text-vulnerability-friendlyelecs-friendlywrt",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

14
CVE-2024/CVE-2024-273xx/CVE-2024-27356.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-27356",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-27T01:15:07.197",
"lastModified": "2024-11-21T09:04:25.040",
"lastModified": "2025-03-24T16:15:17.823",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Download_file_vulnerability.md",

6
CVE-2024/CVE-2024-273xx/CVE-2024-27397.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-27397",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-14T15:12:28.240",
"lastModified": "2024-11-21T09:04:31.830",
"lastModified": "2025-03-24T16:15:18.030",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -33,6 +33,10 @@
"url": "https://git.kernel.org/stable/c/7b17de2a71e56c10335b565cc7ad238e6d984379",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7fa2e2960fff8322ce2ded57b5f8e9cbc450b967",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b45176b869673417ace338b87cf9cdb66e2eeb01",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"

14
CVE-2024/CVE-2024-296xx/CVE-2024-29644.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-29644",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-26T12:15:50.353",
"lastModified": "2024-11-21T09:08:07.980",
"lastModified": "2025-03-24T16:15:18.193",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "http://dcat-admin.com",

62
CVE-2024/CVE-2024-304xx/CVE-2024-30469.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-30469",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-03-29T16:15:09.387",
"lastModified": "2024-11-21T09:11:59.310",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-24T16:47:33.813",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -49,16 +69,50 @@
"value": "CWE-200"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpexperts:wholesale_for_woocommerce:*:*:*:*:pro:wordpress:*:*",
"versionEndExcluding": "2.3.1",
"matchCriteriaId": "8D3A02A6-00D3-4605-ACD0-7354109268E4"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woocommerce-wholesale-pricing/wordpress-wholesale-for-woocommerce-plugin-2-3-0-unauthenticated-sensitive-data-exposure-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://patchstack.com/database/vulnerability/woocommerce-wholesale-pricing/wordpress-wholesale-for-woocommerce-plugin-2-3-0-unauthenticated-sensitive-data-exposure-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

29
CVE-2024/CVE-2024-354xx/CVE-2024-35425.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35425",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-08T22:15:16.430",
"lastModified": "2024-11-12T16:35:16.757",
"lastModified": "2025-03-24T16:15:18.390",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "Se descubri\u00f3 que vmir e8117 conten\u00eda una violaci\u00f3n de segmentaci\u00f3n a trav\u00e9s de la funci\u00f3n function_prepare_parse en /src/vmir_function.c."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
@ -23,7 +46,7 @@
"description": [
{
"lang": "en",
"value": "CWE-754"
"value": "CWE-653"
}
]
}

47
CVE-2024/CVE-2024-387xx/CVE-2024-38707.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-38707",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:31.597",
"lastModified": "2024-11-01T20:24:53.730",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-24T15:21:02.917",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -51,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpdeveloper:embedpress:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.0.5",
"matchCriteriaId": "0F70D65F-626D-4A08-B228-E0C92C267043"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/embedpress/wordpress-embedpress-plugin-4-0-4-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

39
CVE-2024/CVE-2024-405xx/CVE-2024-40530.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-40530",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-05T16:15:36.750",
"lastModified": "2025-01-09T20:15:37.910",
"lastModified": "2025-03-24T16:15:18.583",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Vulnerabilidad de permisos inseguros en UAB Lexita PanteraCRM CMS v.401.152 y Patera CRM CMS v.402.072 permite a un atacante remoto ejecutar c\u00f3digo arbitrario mediante la modificaci\u00f3n del componente de encabezado X-Forwarded-For."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [
{
"url": "https://critical.lt/blog/authorization-bypass-and-mass-assignment-in-pantera-crm/",

8
CVE-2024/CVE-2024-422xx/CVE-2024-42254.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-42254",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-08T09:15:08.290",
"lastModified": "2024-09-06T13:40:04.737",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-24T16:15:18.770",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -111,6 +111,10 @@
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/78aefac7efdffddf7889405b7c08e6e0f030fa35",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/bcc87d978b834c298bbdd9c52454c5d0a946e97e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",

22
CVE-2024/CVE-2024-42xx/CVE-2024-4270.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-4270",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-06-14T06:15:12.827",
"lastModified": "2024-11-21T09:42:31.040",
"lastModified": "2025-03-24T16:15:19.240",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},

47
CVE-2024/CVE-2024-440xx/CVE-2024-44026.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44026",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-06T13:15:12.623",
"lastModified": "2024-10-07T17:47:48.410",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-24T15:02:25.013",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -51,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nicheaddons:charity_addon_for_elementor:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3.2",
"matchCriteriaId": "29C629F2-CA7B-4B82-8FDA-079A8A04FB45"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/charity-addon-for-elementor/wordpress-charity-addon-for-elementor-plugin-1-3-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2024/CVE-2024-440xx/CVE-2024-44032.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44032",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-06T13:15:13.540",
"lastModified": "2024-10-07T17:47:48.410",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-24T15:04:37.220",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -51,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nicheaddons:restaurant_\\&_cafe_addon_for_elementor:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.5.6",
"matchCriteriaId": "AB1FC220-1F64-40DC-9CCE-F4CBAB5AAEE3"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/restaurant-cafe-addon-for-elementor/wordpress-restaurant-cafe-addon-for-elementor-plugin-1-5-5-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2024/CVE-2024-440xx/CVE-2024-44033.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44033",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-06T13:15:13.743",
"lastModified": "2024-10-07T17:47:48.410",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-24T15:09:08.917",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -51,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nicheaddons:primary_addon_for_elementor:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.5.8",
"matchCriteriaId": "9A1E756C-07B6-4480-976C-0320367BE7D2"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/primary-addon-for-elementor/wordpress-primary-addon-for-elementor-plugin-1-5-7-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

28
CVE-2024/CVE-2024-441xx/CVE-2024-44199.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44199",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-03-21T00:15:17.577",
"lastModified": "2025-03-21T17:15:37.840",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-24T15:10:53.813",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.6",
"matchCriteriaId": "687902EF-637F-4537-B419-15A1695370B9"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/120911",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

28
CVE-2024/CVE-2024-443xx/CVE-2024-44305.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44305",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-03-21T00:15:18.430",
"lastModified": "2025-03-21T17:15:38.240",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-24T15:10:35.387",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.6",
"matchCriteriaId": "687902EF-637F-4537-B419-15A1695370B9"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/120911",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

29
CVE-2024/CVE-2024-475xx/CVE-2024-47552.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-47552",
"sourceIdentifier": "security@apache.org",
"published": "2025-03-20T09:15:12.803",
"lastModified": "2025-03-20T09:15:12.803",
"lastModified": "2025-03-24T15:15:15.180",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,11 +15,34 @@
"value": "Vulnerabilidad de deserializaci\u00f3n de datos no confiables en Apache Seata (en desarrollo). Este problema afecta a Apache Seata (en desarrollo): versiones 2.0.0 y anteriores a la 2.2.0. Se recomienda actualizar a la versi\u00f3n 2.2.0, que soluciona el problema."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@apache.org",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

39
CVE-2024/CVE-2024-485xx/CVE-2024-48590.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-48590",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-20T14:15:20.830",
"lastModified": "2025-03-20T14:15:20.830",
"lastModified": "2025-03-24T15:15:15.467",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Inflectra SpiraTeam 7.2.00 es vulnerable a Server-Side Request Forgery (SSRF) a trav\u00e9s de NewsReaderService. Esto permite a un atacante escalar privilegios y obtener informaci\u00f3n confidencial."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://github.com/GCatt-AS/CVE-2024-48590/blob/main/README.md",

47
CVE-2024/CVE-2024-492xx/CVE-2024-49259.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-49259",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-17T20:15:06.020",
"lastModified": "2024-10-18T12:52:33.507",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-24T15:10:36.800",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -51,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nicheaddons:primary_addon_for_elementor:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.5.9",
"matchCriteriaId": "DE11EC13-7EE6-4710-8F38-D79200DF9F6F"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/primary-addon-for-elementor/wordpress-primary-addon-for-elementor-plugin-1-5-8-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2024/CVE-2024-492xx/CVE-2024-49264.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-49264",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-17T20:15:08.290",
"lastModified": "2024-10-18T12:52:33.507",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-24T15:14:25.817",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -51,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nicheaddons:events_addon_for_elementor:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.2.1",
"matchCriteriaId": "67867DD4-DC08-4E3F-8CD3-AD26D6B9A635"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/events-addon-for-elementor/wordpress-events-addon-for-elementor-plugin-2-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

39
CVE-2024/CVE-2024-497xx/CVE-2024-49736.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-49736",
"sourceIdentifier": "security@android.com",
"published": "2025-01-21T23:15:14.490",
"lastModified": "2025-02-18T20:15:20.373",
"lastModified": "2025-03-24T16:15:19.087",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "En onClick de MainClear.java, existe una forma posible de activar el restablecimiento de f\u00e1brica sin el consentimiento expl\u00edcito del usuario debido a un error l\u00f3gico en el c\u00f3digo. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local sin necesidad de privilegios de ejecuci\u00f3n adicionales. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-783"
}
]
}
],
"references": [
{
"url": "https://source.android.com/security/bulletin/2025-01-01",

8
CVE-2024/CVE-2024-501xx/CVE-2024-50138.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50138",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-05T18:15:16.337",
"lastModified": "2024-11-08T14:27:41.160",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-24T16:15:19.417",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -113,6 +113,10 @@
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f9543375d9b150b2bcf16bb182e6b62309db0888",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

8
CVE-2024/CVE-2024-532xx/CVE-2024-53222.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-53222",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-27T14:15:30.327",
"lastModified": "2025-01-08T21:25:39.027",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-24T16:15:19.853",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -78,6 +78,10 @@
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c7ee791e538537b281f60945298796f0a3971bbd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f364cdeb38938f9d03061682b8ff3779dd1730e5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",

45
CVE-2024/CVE-2024-533xx/CVE-2024-53351.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-53351",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-21T17:15:38.673",
"lastModified": "2025-03-21T17:15:38.673",
"vulnStatus": "Received",
"lastModified": "2025-03-24T15:15:15.680",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Insecure permissions in pipecd v0.49 allow attackers to gain access to the service account's token, leading to escalation of privileges."
},
{
"lang": "es",
"value": "Los permisos inseguros en pipecd v0.49 permiten a los atacantes obtener acceso al token de la cuenta de servicio, lo que lleva a una escalada de privilegios."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/HouqiyuA/948a808b8bd48b17b37a4d5e0b6fb005",

82
CVE-2024/CVE-2024-545xx/CVE-2024-54525.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-54525",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-03-17T20:15:13.430",
"lastModified": "2025-03-21T15:15:41.717",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-24T15:06:12.167",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,26 +51,94 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.2",
"matchCriteriaId": "61B67D76-E2DA-46D7-9E43-4E18D542AA57"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.2",
"matchCriteriaId": "02BF92BD-305C-46CA-8A77-C247AF8B1BC0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.2",
"matchCriteriaId": "3750AD63-B023-44CE-B44D-A90F98E3A8C0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.2",
"matchCriteriaId": "3B719BB6-424F-4612-8809-0DF25022C29C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "16F83EAF-2879-4515-BC44-6AE5006D35EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.2",
"matchCriteriaId": "8C446885-2BC5-454D-88A1-146B17C051C3"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121837",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121839",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121843",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121844",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121845",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

94
CVE-2024/CVE-2024-545xx/CVE-2024-54551.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-54551",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-03-21T00:15:18.523",
"lastModified": "2025-03-21T17:15:38.813",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-24T15:10:00.670",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,30 +51,108 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.6",
"matchCriteriaId": "A7AF9041-5C4F-42CB-99E5-5276DB6AC07C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.6",
"matchCriteriaId": "A8A1B228-89B1-470E-9B6E-8553E561E062"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.6",
"matchCriteriaId": "1E393815-B3B5-4FF9-9D1D-AA3EA9C5D352"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.6",
"matchCriteriaId": "687902EF-637F-4537-B419-15A1695370B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.6",
"matchCriteriaId": "9FB1D28B-EF0E-4CA0-90F7-073A85D001E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.3",
"matchCriteriaId": "CDBCE187-329C-4B1C-89B7-7D45A7946AF4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.6",
"matchCriteriaId": "035D8460-BD6F-4696-9D7B-BA571A994FD0"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/120909",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/120911",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/120913",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/120914",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/120915",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/120916",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

46
CVE-2024/CVE-2024-545xx/CVE-2024-54558.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-54558",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-03-10T19:15:38.790",
"lastModified": "2025-03-11T03:15:37.937",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-24T15:08:16.257",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,52 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.0",
"matchCriteriaId": "ACD3B3B0-329C-413B-BDF7-6B1C6298846E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.0",
"matchCriteriaId": "2222A2EE-00FA-4019-8779-13B82A4F9DD0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0",
"matchCriteriaId": "E8017C16-A17E-4AE7-9A0B-1295200A3A45"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121238",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory",
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/121250",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory",
"Release Notes"
]
}
]
}

33
CVE-2024/CVE-2024-545xx/CVE-2024-54559.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-54559",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-03-17T20:15:13.540",
"lastModified": "2025-03-21T15:15:41.873",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-24T15:06:55.983",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.2",
"matchCriteriaId": "3750AD63-B023-44CE-B44D-A90F98E3A8C0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121839",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

70
CVE-2024/CVE-2024-545xx/CVE-2024-54564.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-54564",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-03-21T00:15:18.613",
"lastModified": "2025-03-21T17:15:39.033",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-24T15:09:35.767",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,18 +39,78 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.6",
"matchCriteriaId": "A8A1B228-89B1-470E-9B6E-8553E561E062"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.6",
"matchCriteriaId": "1E393815-B3B5-4FF9-9D1D-AA3EA9C5D352"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.6",
"matchCriteriaId": "687902EF-637F-4537-B419-15A1695370B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.3",
"matchCriteriaId": "CDBCE187-329C-4B1C-89B7-7D45A7946AF4"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/120909",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/120911",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/120915",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

28
CVE-2024/CVE-2024-545xx/CVE-2024-54565.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-54565",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-03-17T20:15:13.637",
"lastModified": "2025-03-21T14:15:14.957",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-24T15:05:07.310",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.2",
"matchCriteriaId": "3750AD63-B023-44CE-B44D-A90F98E3A8C0"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121839",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

25
CVE-2024/CVE-2024-552xx/CVE-2024-55279.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-55279",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-24T15:15:15.913",
"lastModified": "2025-03-24T15:15:15.913",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Uguu through 1.8.9 allows Cross Site Scripting (XSS) via JavaScript in XML files."
}
],
"metrics": {},
"references": [
{
"url": "https://codeberg.org/zypressen/CVE-2024-55279",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/nokonoko/Uguu/",
"source": "cve@mitre.org"
}
]
}

39
CVE-2024/CVE-2024-564xx/CVE-2024-56431.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-56431",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-12-25T17:15:05.510",
"lastModified": "2025-02-18T22:15:13.040",
"lastModified": "2025-03-24T16:15:20.283",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "oc_huff_tree_unpack en huffdec.c en libtheora en Theora hasta 1.0 7180717 tiene un desplazamiento negativo a la izquierda no v\u00e1lido."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [
{
"url": "https://github.com/UnionTech-Software/libtheora-CVE-2024-56431-PoC",

34
CVE-2024/CVE-2024-570xx/CVE-2024-57016.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-57016",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-15T17:15:17.500",
"lastModified": "2025-03-10T17:23:48.830",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-24T16:15:20.467",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-78"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [

39
CVE-2024/CVE-2024-570xx/CVE-2024-57077.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-57077",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-05T22:15:31.997",
"lastModified": "2025-02-18T19:15:20.913",
"lastModified": "2025-03-24T16:15:20.663",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "La \u00faltima versi\u00f3n de utils-extend (1.0.8) es vulnerable a la contaminaci\u00f3n de prototipos a trav\u00e9s de las funciones de entrada lib.extend. Un atacante puede proporcionar un payload con el definidor Object.prototype para introducir o modificar propiedades dentro de la cadena de prototipos global, lo que provoca una denegaci\u00f3n de servicio (DoS) como consecuencia m\u00ednima."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1321"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/tariqhawis/64bac50f8c2706e6880e45d50a507114",

39
CVE-2024/CVE-2024-576xx/CVE-2024-57653.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-57653",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-14T01:15:14.100",
"lastModified": "2025-02-18T22:15:15.247",
"lastModified": "2025-03-24T16:15:20.860",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": " Un problema en el componente qst_vec_set_copy de openlink virtuoso-opensource v7.2.11 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de declaraciones SQL manipuladas."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/openlink/virtuoso-opensource/issues/1208",

39
CVE-2024/CVE-2024-576xx/CVE-2024-57658.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-57658",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-14T01:15:14.650",
"lastModified": "2025-02-18T22:15:15.713",
"lastModified": "2025-03-24T16:15:21.047",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": " Un problema en el componente sql_tree_hash_1 de openlink virtuoso-opensource v7.2.11 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de declaraciones SQL manipuladas."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/openlink/virtuoso-opensource/issues/1209",

56
CVE-2024/CVE-2024-91xx/CVE-2024-9103.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-9103",
"sourceIdentifier": "psirt@forcepoint.com",
"published": "2025-03-24T16:15:32.950",
"lastModified": "2025-03-24T16:15:32.950",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Script in Attributes in a Web Page vulnerability in Forcepoint Email Security (Blocked Messages module) allows Stored XSS.\nThis issue affects Email Security through 8.5.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@forcepoint.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "psirt@forcepoint.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-83"
}
]
}
],
"references": [
{
"url": "https://support.forcepoint.com/s/article/Security-Advisory-Email-Security-Gateway-Persistent-XSS-in-Blocked-Messages",
"source": "psirt@forcepoint.com"
}
]
}

62
CVE-2024/CVE-2024-93xx/CVE-2024-9388.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-9388",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-30T11:15:16.297",
"lastModified": "2024-11-01T12:57:03.417",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-24T15:18:47.287",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -51,22 +71,52 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:modernaweb:black_widgets_for_elementor:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3.8",
"matchCriteriaId": "2AB7E2B6-0ACF-40A7-9730-F6464963EC8D"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/black-widgets/trunk/includes/class-bw.php#L95",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3178366/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://wordpress.org/plugins/black-widgets/#developers",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/618c72b1-363b-41ad-939d-ab2a3b4d579c?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

56
CVE-2025/CVE-2025-02xx/CVE-2025-0256.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-0256",
"sourceIdentifier": "psirt@hcl.com",
"published": "2025-03-24T16:15:33.120",
"lastModified": "2025-03-24T16:15:33.120",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HCL DevOps Deploy / HCL Launch could allow an authenticated user to obtain sensitive information about other users on the system due to missing authorization for a function."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@hcl.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@hcl.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"references": [
{
"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0119059",
"source": "psirt@hcl.com"
}
]
}

39
CVE-2025/CVE-2025-03xx/CVE-2025-0343.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-0343",
"sourceIdentifier": "cve@forums.swift.org",
"published": "2025-01-15T01:15:13.673",
"lastModified": "2025-02-18T22:15:16.350",
"lastModified": "2025-03-24T16:15:33.270",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Swift ASN.1 puede bloquearse al analizar ciertas construcciones BER/DER. Este bloqueo se debe a una confusi\u00f3n en la propia librer\u00eda ASN.1, que supone que ciertos objetos solo se pueden proporcionar en formas construidas o primitivas, y activar\u00e1 un error de condici\u00f3n previa si no se cumple esa restricci\u00f3n. Es importante destacar que, en realidad, se requiere que estas restricciones sean verdaderas en DER, pero esa correcci\u00f3n no se aplic\u00f3 en el lado del analizador del nodo inicial, por lo que fue incorrecto confiar en ella m\u00e1s adelante en la decodificaci\u00f3n, que es lo que hizo la librer\u00eda. Estos bloqueos se pueden activar al analizar cualquier objeto con formato DER/BER. No hay ning\u00fan problema de seguridad de la memoria aqu\u00ed: el bloqueo es elegante desde el entorno de ejecuci\u00f3n de Swift. El impacto de esto es que se puede usar como un vector de denegaci\u00f3n de servicio al analizar datos BER/DER de fuentes desconocidas, por ejemplo, al analizar certificados TLS."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-228"
}
]
}
],
"references": [
{
"url": "https://github.com/apple/swift-asn1/security/advisories/GHSA-w8xv-rwgf-4fwh",

56
CVE-2025/CVE-2025-15xx/CVE-2025-1558.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-1558",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2025-03-24T15:15:16.060",
"lastModified": "2025-03-24T15:15:16.060",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Mattermost Mobile Apps versions <=2.25.0 fail to properly validate GIF images prior to rendering which allows a malicious user to cause the Android application to crash via message containing a maliciously crafted GIF."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1287"
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com"
}
]
}

68
CVE-2025/CVE-2025-232xx/CVE-2025-23204.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2025-23204",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-03-24T16:15:56.040",
"lastModified": "2025-03-24T16:15:56.040",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "API Platform Core is a system to create hypermedia-driven REST and GraphQL APIs. Starting in version 3.3.8, a security check that gets called after GraphQl resolvers is always replaced by another one as there's no break in a clause. As this falls back to `security`, the impact is there only when there's only a security after resolver and none inside security. The test in version 3.3.8 is probably broken. As of time of publication, a fixed version is not available."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://github.com/api-platform/core/pull/6444",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/api-platform/core/pull/6444/files#diff-09e3c2cfe12a2ce65bd6c983c7ca6bfcf783f852b8d0554bb938e8ebf5e5fa65R56",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/api-platform/core/security/advisories/GHSA-7mxx-3cgm-xxv3",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/soyuka/core/blob/7e2e8f9ff322ac5f6eb5f65baf432bffdca0fd51/src/Symfony/Security/State/AccessCheckerProvider.php#L49-L57",
"source": "security-advisories@github.com"
}
]
}

16
CVE-2025/CVE-2025-23xx/CVE-2025-2326.json Normal file
View File

@ -0,0 +1,16 @@
{
"id": "CVE-2025-2326",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-03-24T15:15:16.830",
"lastModified": "2025-03-24T15:15:16.830",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage."
}
],
"metrics": {},
"references": []
}

54
CVE-2025/CVE-2025-241xx/CVE-2025-24121.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-24121",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:17.230",
"lastModified": "2025-01-28T15:15:13.600",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-24T15:03:21.043",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,18 +51,62 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.7.3",
"matchCriteriaId": "A12642CB-69CC-4C6E-A2C2-CA8AE736EE88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.7.3",
"matchCriteriaId": "9C523C7E-B1CF-454B-8AFD-B462C5120D9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0",
"versionEndExcluding": "15.3",
"matchCriteriaId": "33FE4A81-3E35-4934-ABBB-4531E8E249AF"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/122068",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory",
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/122069",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory",
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/122070",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory",
"Release Notes"
]
}
]
}

108
CVE-2025/CVE-2025-241xx/CVE-2025-24137.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-24137",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:18.433",
"lastModified": "2025-01-28T20:15:56.410",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-24T15:02:51.760",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,34 +51,124 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.7.4",
"matchCriteriaId": "27995710-C1F5-4919-8168-E2B59D7F698C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.3",
"matchCriteriaId": "AD29C5E9-9427-4C41-873F-C29493B892E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.3",
"matchCriteriaId": "71A94ACA-8143-475F-8A89-8020B86CE80B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.7.3",
"matchCriteriaId": "6049E692-EB64-4E7D-A1AC-CEBA288B7A55"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0",
"versionEndExcluding": "15.3",
"matchCriteriaId": "33FE4A81-3E35-4934-ABBB-4531E8E249AF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.3",
"matchCriteriaId": "60C0BA29-0969-4181-B6F1-4606986B18E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.3",
"matchCriteriaId": "F91BF3D5-D8E5-437C-8301-C9F22AAFB8BD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.3",
"matchCriteriaId": "7A128237-004C-49D7-A559-5BBC38362361"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/122066",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory",
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/122067",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory",
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/122068",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory",
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/122069",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory",
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/122071",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory",
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/122072",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory",
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/122073",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory",
"Release Notes"
]
}
]
}

54
CVE-2025/CVE-2025-241xx/CVE-2025-24146.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-24146",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:19.077",
"lastModified": "2025-03-18T19:15:48.683",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-24T15:01:34.487",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,18 +51,62 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.7.3",
"matchCriteriaId": "A12642CB-69CC-4C6E-A2C2-CA8AE736EE88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.7.3",
"matchCriteriaId": "9C523C7E-B1CF-454B-8AFD-B462C5120D9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0",
"versionEndExcluding": "15.3",
"matchCriteriaId": "33FE4A81-3E35-4934-ABBB-4531E8E249AF"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/122068",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/122069",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/122070",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

108
CVE-2025/CVE-2025-241xx/CVE-2025-24160.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-24160",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:19.987",
"lastModified": "2025-01-28T16:15:44.003",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-24T15:01:07.757",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,34 +51,124 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.7.4",
"matchCriteriaId": "27995710-C1F5-4919-8168-E2B59D7F698C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.3",
"matchCriteriaId": "AD29C5E9-9427-4C41-873F-C29493B892E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.3",
"matchCriteriaId": "71A94ACA-8143-475F-8A89-8020B86CE80B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.7.3",
"matchCriteriaId": "6049E692-EB64-4E7D-A1AC-CEBA288B7A55"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0",
"versionEndExcluding": "15.3",
"matchCriteriaId": "33FE4A81-3E35-4934-ABBB-4531E8E249AF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.3",
"matchCriteriaId": "60C0BA29-0969-4181-B6F1-4606986B18E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.3",
"matchCriteriaId": "F91BF3D5-D8E5-437C-8301-C9F22AAFB8BD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.3",
"matchCriteriaId": "7A128237-004C-49D7-A559-5BBC38362361"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/122066",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory",
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/122067",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory",
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/122068",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory",
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/122069",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory",
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/122071",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory",
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/122072",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory",
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/122073",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory",
"Release Notes"
]
}
]
}

54
CVE-2025/CVE-2025-241xx/CVE-2025-24185.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-24185",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-03-17T20:15:13.907",
"lastModified": "2025-03-21T16:15:18.463",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-24T15:11:13.660",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,18 +51,62 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.7.3",
"matchCriteriaId": "A12642CB-69CC-4C6E-A2C2-CA8AE736EE88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.7.3",
"matchCriteriaId": "9C523C7E-B1CF-454B-8AFD-B462C5120D9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0",
"versionEndExcluding": "15.3",
"matchCriteriaId": "33FE4A81-3E35-4934-ABBB-4531E8E249AF"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/122068",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/122069",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/122070",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

39
CVE-2025/CVE-2025-24xx/CVE-2025-2476.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2476",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2025-03-19T19:15:50.447",
"lastModified": "2025-03-19T19:15:50.447",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-24T15:15:16.927",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
@ -15,7 +15,30 @@
"value": "El uso posterior a la liberaci\u00f3n en Lens en Google Chrome anterior a la versi\u00f3n 134.0.6998.117 permit\u00eda a un atacante remoto explotar la corrupci\u00f3n del mont\u00f3n mediante una p\u00e1gina HTML manipulada. (Gravedad de seguridad de Chromium: Cr\u00edtica)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "chrome-cve-admin@google.com",
@ -26,6 +49,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [

47
CVE-2025/CVE-2025-257xx/CVE-2025-25758.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-25758",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-20T21:15:23.180",
"lastModified": "2025-03-20T21:15:23.180",
"lastModified": "2025-03-24T16:15:56.283",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,19 +15,50 @@
"value": "Un problema en KukuFM Android v1.12.7 (11207) permite a los atacantes acceder a datos confidenciales de texto plano a trav\u00e9s de android:allowBackup=\"true\" en ANdroidManifest.xml"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-312"
}
]
}
],
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16835",
"source": "cve@mitre.org"
},
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46918",
"url": "https://pastebin.com/0cb0KsGS",
"source": "cve@mitre.org"
},
{
"url": "https://pastebin.com/0cb0KsGS",
"source": "cve@mitre.org"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

16
CVE-2025/CVE-2025-26xx/CVE-2025-2607.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-2607",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-21T21:15:37.430",
"lastModified": "2025-03-21T21:15:37.430",
"vulnStatus": "Received",
"lastModified": "2025-03-24T15:15:17.137",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in phplaozhang LzCMS-LaoZhangBoKeXiTong up to 1.1.4. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/upload/upimage.html of the component HTTP POST Request Handler. The manipulation of the argument File leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en phplaozhang LzCMS-LaoZhangBoKeXiTong hasta la versi\u00f3n 1.1.4. Se ha clasificado como cr\u00edtica. Este problema afecta a una funcionalidad desconocida del archivo /admin/upload/upimage.html del componente HTTP POST Request Handler. La manipulaci\u00f3n del argumento \"File\" permite la carga sin restricciones. El ataque puede ejecutarse remotamente. Se ha hecho p\u00fablico el exploit y puede que sea utilizado."
}
],
"metrics": {
@ -59,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +111,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -136,6 +140,10 @@
{
"url": "https://vuldb.com/?submit.518021",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/Jingyi-u/lzcms/tree/main",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

16
CVE-2025/CVE-2025-26xx/CVE-2025-2623.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-2623",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-22T18:15:12.497",
"lastModified": "2025-03-22T18:15:12.497",
"vulnStatus": "Received",
"lastModified": "2025-03-24T15:15:17.380",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in westboy CicadasCMS 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /system/cms/content/save. The manipulation of the argument title/content/laiyuan leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en Westboy CicadasCMS 1.0. Se ha declarado problem\u00e1tica. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo /system/cms/content/save. La manipulaci\u00f3n del argumento title/content/laiyuan provoca ataques de cross site scripting. El ataque puede ejecutarse remotamente. Se ha hecho p\u00fablico el exploit y puede que sea utilizado."
}
],
"metrics": {
@ -59,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
@ -107,7 +111,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -136,6 +140,10 @@
{
"url": "https://vuldb.com/?submit.519294",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/IceFoxH/VULN/issues/10",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

16
CVE-2025/CVE-2025-26xx/CVE-2025-2627.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-2627",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-22T21:15:36.997",
"lastModified": "2025-03-22T21:15:36.997",
"vulnStatus": "Received",
"lastModified": "2025-03-24T15:15:17.530",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in PHPGurukul Art Gallery Management System 1.0. This issue affects some unknown processing of the file /admin/contactus.php. The manipulation of the argument pagetitle leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha detectado una vulnerabilidad clasificada como cr\u00edtica en PHPGurukul Art Gallery Management System 1.0. Este problema afecta a un procesamiento desconocido del archivo /admin/contactus.php. La manipulaci\u00f3n del argumento pagetitle provoca una inyecci\u00f3n SQL. El ataque puede iniciarse remotamente. Se ha hecho p\u00fablico el exploit y puede que sea utilizado."
}
],
"metrics": {
@ -59,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +111,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -140,6 +144,10 @@
{
"url": "https://vuldb.com/?submit.519335",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/liuhao2638/cve/issues/1",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

12
CVE-2025/CVE-2025-26xx/CVE-2025-2639.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2639",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-23T03:15:11.807",
"lastModified": "2025-03-23T03:15:11.807",
"vulnStatus": "Received",
"lastModified": "2025-03-24T15:15:17.670",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -59,7 +59,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
@ -107,7 +107,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -136,6 +136,10 @@
{
"url": "https://vuldb.com/?submit.519634",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/H3rmesk1t/vulnerability-paper/blob/main/jizhiCMS-1.7.0-Incorrect%20Access%20Control3.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

12
CVE-2025/CVE-2025-26xx/CVE-2025-2640.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2640",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-23T04:15:14.120",
"lastModified": "2025-03-23T04:15:14.120",
"vulnStatus": "Received",
"lastModified": "2025-03-24T15:15:17.810",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -59,7 +59,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +107,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -140,6 +140,10 @@
{
"url": "https://vuldb.com/?submit.519644",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/AiENG07/CVE/issues/1",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

12
CVE-2025/CVE-2025-26xx/CVE-2025-2649.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2649",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-23T12:15:13.083",
"lastModified": "2025-03-23T12:15:13.083",
"vulnStatus": "Received",
"lastModified": "2025-03-24T15:15:17.953",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -59,7 +59,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +107,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -140,6 +140,10 @@
{
"url": "https://vuldb.com/?submit.519780",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/liuhao2638/cve/issues/12",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

78
CVE-2025/CVE-2025-26xx/CVE-2025-2699.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2699",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-24T08:15:12.967",
"lastModified": "2025-03-24T08:15:12.967",
"vulnStatus": "Received",
"lastModified": "2025-03-24T16:54:23.013",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -59,7 +59,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
@ -76,6 +76,26 @@
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
],
"cvssMetricV2": [
@ -118,24 +138,68 @@
"value": "CWE-94"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:npmjs:contenttools:*:*:*:*:*:nodejs:*:*",
"versionEndIncluding": "1.6.16",
"matchCriteriaId": "9DF1DE9D-CCDD-4560-9A8A-6754788A33CB"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/Masamuneee/657f2e2b0eb5bf9b0d4dbb79f00dac37",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.300716",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.300716",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.515864",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"VDB Entry",
"Third Party Advisory"
]
}
]
}

145
CVE-2025/CVE-2025-27xx/CVE-2025-2705.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-2705",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-24T16:15:57.350",
"lastModified": "2025-03-24T16:15:57.350",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in Digiwin ERP 5.1. Affected is the function DoUpload/DoWebUpload of the file /Api/FileUploadApi.ashx. The manipulation of the argument File leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
},
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://github.com/Rain1er/report/blob/main/THNlcnBf/RCE_3.md",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/Rain1er/report/blob/main/THNlcnBf/RCE_4.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.300726",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.300726",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.516291",
"source": "cna@vuldb.com"
}
]
}

25
CVE-2025/CVE-2025-292xx/CVE-2025-29294.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2025-29294",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-24T16:15:56.460",
"lastModified": "2025-03-24T16:15:56.460",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in H3C R3000 V100R009 and NX600 V100R0011 and NX15000 V100R005 and NX30 V100R0011 and NX54 V100R011 and BX54 V100R004 and BX54-E V100R0010 and NX18 Plus V100R006 allows a remote attacker to execute arbitrary code via the set_ipv6_static function and the clear_ipv6_info function"
}
],
"metrics": {},
"references": [
{
"url": "http://h3c.com",
"source": "cve@mitre.org"
},
{
"url": "http://r3000.com",
"source": "cve@mitre.org"
}
]
}

16
CVE-2025/CVE-2025-294xx/CVE-2025-29405.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-29405",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-19T18:15:25.023",
"lastModified": "2025-03-19T19:15:49.567",
"lastModified": "2025-03-24T15:15:16.377",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -22,20 +22,20 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:L",
"baseScore": 5.7,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 0.9,
"impactScore": 4.7
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
]
},

43
CVE-2025/CVE-2025-294xx/CVE-2025-29411.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-29411",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-20T15:15:46.050",
"lastModified": "2025-03-20T15:15:46.050",
"lastModified": "2025-03-24T16:15:56.583",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Una vulnerabilidad de carga de archivos arbitrarios en la secci\u00f3n actualizaci\u00f3n de perfil de cliente de Mart Developers iBanking v2.0.0 permite a los atacantes ejecutar c\u00f3digo arbitrario mediante la carga de un archivo PHP manipulado."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://github.com/MartMbithi/iBanking/issues/12",
@ -24,6 +59,10 @@
{
"url": "https://www.simonjuguna.com/cve-2025-29411-authenticated-remote-code-execution-rce-via-arbitrary-file-upload/",
"source": "cve@mitre.org"
},
{
"url": "https://www.simonjuguna.com/cve-2025-29411-authenticated-remote-code-execution-rce-via-arbitrary-file-upload/",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

96
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-03-24T15:00:22.415164+00:00
2025-03-24T17:00:20.049320+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-03-24T14:59:58.437000+00:00
2025-03-24T16:54:23.013000+00:00
```
### Last Data Feed Release
@ -33,69 +33,55 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
286377
286388
```
### CVEs added in the last Commit
Recently added CVEs: `83`
Recently added CVEs: `11`
- [CVE-2025-30590](CVE-2025/CVE-2025-305xx/CVE-2025-30590.json) (`2025-03-24T14:15:31.197`)
- [CVE-2025-30591](CVE-2025/CVE-2025-305xx/CVE-2025-30591.json) (`2025-03-24T14:15:31.333`)
- [CVE-2025-30592](CVE-2025/CVE-2025-305xx/CVE-2025-30592.json) (`2025-03-24T14:15:31.477`)
- [CVE-2025-30593](CVE-2025/CVE-2025-305xx/CVE-2025-30593.json) (`2025-03-24T14:15:31.620`)
- [CVE-2025-30595](CVE-2025/CVE-2025-305xx/CVE-2025-30595.json) (`2025-03-24T14:15:31.770`)
- [CVE-2025-30597](CVE-2025/CVE-2025-305xx/CVE-2025-30597.json) (`2025-03-24T14:15:31.910`)
- [CVE-2025-30598](CVE-2025/CVE-2025-305xx/CVE-2025-30598.json) (`2025-03-24T14:15:32.067`)
- [CVE-2025-30599](CVE-2025/CVE-2025-305xx/CVE-2025-30599.json) (`2025-03-24T14:15:32.227`)
- [CVE-2025-30600](CVE-2025/CVE-2025-306xx/CVE-2025-30600.json) (`2025-03-24T14:15:32.370`)
- [CVE-2025-30601](CVE-2025/CVE-2025-306xx/CVE-2025-30601.json) (`2025-03-24T14:15:32.520`)
- [CVE-2025-30602](CVE-2025/CVE-2025-306xx/CVE-2025-30602.json) (`2025-03-24T14:15:32.667`)
- [CVE-2025-30603](CVE-2025/CVE-2025-306xx/CVE-2025-30603.json) (`2025-03-24T14:15:32.810`)
- [CVE-2025-30604](CVE-2025/CVE-2025-306xx/CVE-2025-30604.json) (`2025-03-24T14:15:32.953`)
- [CVE-2025-30605](CVE-2025/CVE-2025-306xx/CVE-2025-30605.json) (`2025-03-24T14:15:33.103`)
- [CVE-2025-30606](CVE-2025/CVE-2025-306xx/CVE-2025-30606.json) (`2025-03-24T14:15:33.247`)
- [CVE-2025-30608](CVE-2025/CVE-2025-306xx/CVE-2025-30608.json) (`2025-03-24T14:15:33.383`)
- [CVE-2025-30609](CVE-2025/CVE-2025-306xx/CVE-2025-30609.json) (`2025-03-24T14:15:33.533`)
- [CVE-2025-30610](CVE-2025/CVE-2025-306xx/CVE-2025-30610.json) (`2025-03-24T14:15:33.680`)
- [CVE-2025-30612](CVE-2025/CVE-2025-306xx/CVE-2025-30612.json) (`2025-03-24T14:15:33.823`)
- [CVE-2025-30615](CVE-2025/CVE-2025-306xx/CVE-2025-30615.json) (`2025-03-24T14:15:34.040`)
- [CVE-2025-30617](CVE-2025/CVE-2025-306xx/CVE-2025-30617.json) (`2025-03-24T14:15:34.223`)
- [CVE-2025-30619](CVE-2025/CVE-2025-306xx/CVE-2025-30619.json) (`2025-03-24T14:15:34.370`)
- [CVE-2025-30620](CVE-2025/CVE-2025-306xx/CVE-2025-30620.json) (`2025-03-24T14:15:34.520`)
- [CVE-2025-30621](CVE-2025/CVE-2025-306xx/CVE-2025-30621.json) (`2025-03-24T14:15:34.660`)
- [CVE-2025-30623](CVE-2025/CVE-2025-306xx/CVE-2025-30623.json) (`2025-03-24T14:15:34.797`)
- [CVE-2021-26091](CVE-2021/CVE-2021-260xx/CVE-2021-26091.json) (`2025-03-24T16:15:16.450`)
- [CVE-2021-26105](CVE-2021/CVE-2021-261xx/CVE-2021-26105.json) (`2025-03-24T16:15:16.610`)
- [CVE-2023-25610](CVE-2023/CVE-2023-256xx/CVE-2023-25610.json) (`2025-03-24T16:15:17.273`)
- [CVE-2024-55279](CVE-2024/CVE-2024-552xx/CVE-2024-55279.json) (`2025-03-24T15:15:15.913`)
- [CVE-2024-9103](CVE-2024/CVE-2024-91xx/CVE-2024-9103.json) (`2025-03-24T16:15:32.950`)
- [CVE-2025-0256](CVE-2025/CVE-2025-02xx/CVE-2025-0256.json) (`2025-03-24T16:15:33.120`)
- [CVE-2025-1558](CVE-2025/CVE-2025-15xx/CVE-2025-1558.json) (`2025-03-24T15:15:16.060`)
- [CVE-2025-23204](CVE-2025/CVE-2025-232xx/CVE-2025-23204.json) (`2025-03-24T16:15:56.040`)
- [CVE-2025-2326](CVE-2025/CVE-2025-23xx/CVE-2025-2326.json) (`2025-03-24T15:15:16.830`)
- [CVE-2025-2705](CVE-2025/CVE-2025-27xx/CVE-2025-2705.json) (`2025-03-24T16:15:57.350`)
- [CVE-2025-29294](CVE-2025/CVE-2025-292xx/CVE-2025-29294.json) (`2025-03-24T16:15:56.460`)
### CVEs modified in the last Commit
Recently modified CVEs: `75`
Recently modified CVEs: `63`
- [CVE-2025-2625](CVE-2025/CVE-2025-26xx/CVE-2025-2625.json) (`2025-03-24T13:15:26.507`)
- [CVE-2025-2626](CVE-2025/CVE-2025-26xx/CVE-2025-2626.json) (`2025-03-24T13:15:26.627`)
- [CVE-2025-2628](CVE-2025/CVE-2025-26xx/CVE-2025-2628.json) (`2025-03-24T14:15:19.187`)
- [CVE-2025-2637](CVE-2025/CVE-2025-26xx/CVE-2025-2637.json) (`2025-03-24T14:15:19.310`)
- [CVE-2025-2638](CVE-2025/CVE-2025-26xx/CVE-2025-2638.json) (`2025-03-24T14:15:19.430`)
- [CVE-2025-2641](CVE-2025/CVE-2025-26xx/CVE-2025-2641.json) (`2025-03-24T13:15:26.757`)
- [CVE-2025-2642](CVE-2025/CVE-2025-26xx/CVE-2025-2642.json) (`2025-03-24T13:15:26.883`)
- [CVE-2025-2643](CVE-2025/CVE-2025-26xx/CVE-2025-2643.json) (`2025-03-24T13:15:27.007`)
- [CVE-2025-2644](CVE-2025/CVE-2025-26xx/CVE-2025-2644.json) (`2025-03-24T13:15:27.143`)
- [CVE-2025-2645](CVE-2025/CVE-2025-26xx/CVE-2025-2645.json) (`2025-03-24T13:15:27.263`)
- [CVE-2025-2646](CVE-2025/CVE-2025-26xx/CVE-2025-2646.json) (`2025-03-24T13:15:27.390`)
- [CVE-2025-2647](CVE-2025/CVE-2025-26xx/CVE-2025-2647.json) (`2025-03-24T13:15:27.513`)
- [CVE-2025-2648](CVE-2025/CVE-2025-26xx/CVE-2025-2648.json) (`2025-03-24T13:15:27.633`)
- [CVE-2025-2650](CVE-2025/CVE-2025-26xx/CVE-2025-2650.json) (`2025-03-24T14:15:19.550`)
- [CVE-2025-2652](CVE-2025/CVE-2025-26xx/CVE-2025-2652.json) (`2025-03-24T13:15:27.757`)
- [CVE-2025-2654](CVE-2025/CVE-2025-26xx/CVE-2025-2654.json) (`2025-03-24T13:15:27.943`)
- [CVE-2025-26796](CVE-2025/CVE-2025-267xx/CVE-2025-26796.json) (`2025-03-24T14:15:18.500`)
- [CVE-2025-2691](CVE-2025/CVE-2025-26xx/CVE-2025-2691.json) (`2025-03-24T13:15:28.787`)
- [CVE-2025-27553](CVE-2025/CVE-2025-275xx/CVE-2025-27553.json) (`2025-03-24T14:15:18.687`)
- [CVE-2025-29101](CVE-2025/CVE-2025-291xx/CVE-2025-29101.json) (`2025-03-24T14:15:18.843`)
- [CVE-2025-29806](CVE-2025/CVE-2025-298xx/CVE-2025-29806.json) (`2025-03-24T13:15:26.083`)
- [CVE-2025-30092](CVE-2025/CVE-2025-300xx/CVE-2025-30092.json) (`2025-03-24T14:15:20.007`)
- [CVE-2025-30346](CVE-2025/CVE-2025-303xx/CVE-2025-30346.json) (`2025-03-24T14:47:51.437`)
- [CVE-2025-30347](CVE-2025/CVE-2025-303xx/CVE-2025-30347.json) (`2025-03-24T14:19:23.963`)
- [CVE-2025-30348](CVE-2025/CVE-2025-303xx/CVE-2025-30348.json) (`2025-03-24T14:08:36.513`)
- [CVE-2024-54564](CVE-2024/CVE-2024-545xx/CVE-2024-54564.json) (`2025-03-24T15:09:35.767`)
- [CVE-2024-54565](CVE-2024/CVE-2024-545xx/CVE-2024-54565.json) (`2025-03-24T15:05:07.310`)
- [CVE-2024-56431](CVE-2024/CVE-2024-564xx/CVE-2024-56431.json) (`2025-03-24T16:15:20.283`)
- [CVE-2024-57016](CVE-2024/CVE-2024-570xx/CVE-2024-57016.json) (`2025-03-24T16:15:20.467`)
- [CVE-2024-57077](CVE-2024/CVE-2024-570xx/CVE-2024-57077.json) (`2025-03-24T16:15:20.663`)
- [CVE-2024-57653](CVE-2024/CVE-2024-576xx/CVE-2024-57653.json) (`2025-03-24T16:15:20.860`)
- [CVE-2024-57658](CVE-2024/CVE-2024-576xx/CVE-2024-57658.json) (`2025-03-24T16:15:21.047`)
- [CVE-2024-9388](CVE-2024/CVE-2024-93xx/CVE-2024-9388.json) (`2025-03-24T15:18:47.287`)
- [CVE-2025-0343](CVE-2025/CVE-2025-03xx/CVE-2025-0343.json) (`2025-03-24T16:15:33.270`)
- [CVE-2025-24121](CVE-2025/CVE-2025-241xx/CVE-2025-24121.json) (`2025-03-24T15:03:21.043`)
- [CVE-2025-24137](CVE-2025/CVE-2025-241xx/CVE-2025-24137.json) (`2025-03-24T15:02:51.760`)
- [CVE-2025-24146](CVE-2025/CVE-2025-241xx/CVE-2025-24146.json) (`2025-03-24T15:01:34.487`)
- [CVE-2025-24160](CVE-2025/CVE-2025-241xx/CVE-2025-24160.json) (`2025-03-24T15:01:07.757`)
- [CVE-2025-24185](CVE-2025/CVE-2025-241xx/CVE-2025-24185.json) (`2025-03-24T15:11:13.660`)
- [CVE-2025-2476](CVE-2025/CVE-2025-24xx/CVE-2025-2476.json) (`2025-03-24T15:15:16.927`)
- [CVE-2025-25758](CVE-2025/CVE-2025-257xx/CVE-2025-25758.json) (`2025-03-24T16:15:56.283`)
- [CVE-2025-2607](CVE-2025/CVE-2025-26xx/CVE-2025-2607.json) (`2025-03-24T15:15:17.137`)
- [CVE-2025-2623](CVE-2025/CVE-2025-26xx/CVE-2025-2623.json) (`2025-03-24T15:15:17.380`)
- [CVE-2025-2627](CVE-2025/CVE-2025-26xx/CVE-2025-2627.json) (`2025-03-24T15:15:17.530`)
- [CVE-2025-2639](CVE-2025/CVE-2025-26xx/CVE-2025-2639.json) (`2025-03-24T15:15:17.670`)
- [CVE-2025-2640](CVE-2025/CVE-2025-26xx/CVE-2025-2640.json) (`2025-03-24T15:15:17.810`)
- [CVE-2025-2649](CVE-2025/CVE-2025-26xx/CVE-2025-2649.json) (`2025-03-24T15:15:17.953`)
- [CVE-2025-2699](CVE-2025/CVE-2025-26xx/CVE-2025-2699.json) (`2025-03-24T16:54:23.013`)
- [CVE-2025-29405](CVE-2025/CVE-2025-294xx/CVE-2025-29405.json) (`2025-03-24T15:15:16.377`)
- [CVE-2025-29411](CVE-2025/CVE-2025-294xx/CVE-2025-29411.json) (`2025-03-24T16:15:56.583`)
## Download and Usage

453
_state.csv
View File

File diff suppressed because it is too large Load Diff