admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-03-25T21:00:20.470830+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-03-25 21:03:50 +00:00
parent 10c2997c58
commit 6ad8458372
78 changed files with 2481 additions and 475 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
CVE-2019/CVE-2019-197xx/CVE-2019-19752.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-19752", "id": "CVE-2019-19752",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-04-30T18:15:19.380", "published": "2024-04-30T18:15:19.380",
"lastModified": "2024-11-21T04:35:19.193", "lastModified": "2025-03-25T19:15:38.880",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "nvOC hasta 3.2 se entrega con claves de host SSH incorporadas en la imagen de instalaci\u00f3n, lo que permite ataques de intermediario y hace que la identificaci\u00f3n de todos los nodos IPv4 p\u00fablicos sea trivial con Shodan.io. NOTA: a partir del 1 de diciembre de 2019, el proveedor indic\u00f3 planes para solucionar este problema en la siguiente compilaci\u00f3n de imagen." "value": "nvOC hasta 3.2 se entrega con claves de host SSH incorporadas en la imagen de instalaci\u00f3n, lo que permite ataques de intermediario y hace que la identificaci\u00f3n de todos los nodos IPv4 p\u00fablicos sea trivial con Shodan.io. NOTA: a partir del 1 de diciembre de 2019, el proveedor indic\u00f3 planes para solucionar este problema en la siguiente compilaci\u00f3n de imagen."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-321"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/papampi/nvOC_by_fullzero_Community_Release/commits/release", "url": "https://github.com/papampi/nvOC_by_fullzero_Community_Release/commits/release",

19
CVE-2022/CVE-2022-15xx/CVE-2022-1586.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-1586", "id": "CVE-2022-1586",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2022-05-16T21:15:07.793", "published": "2022-05-16T21:15:07.793",
"lastModified": "2025-03-06T09:15:22.620", "lastModified": "2025-03-25T19:39:30.433",
"vulnStatus": "Modified", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -95,8 +95,9 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:pcre:pcre2:10.40:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:pcre:pcre2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AD1906D-5175-47F3-89F4-D0C9CE34D631" "versionEndExcluding": "10.40",
"matchCriteriaId": "EB329299-E960-45F2-80BA-5B6B9CD346D2"
} }
] ]
} }
@ -391,7 +392,10 @@
}, },
{ {
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077976", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077976",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077976%2C", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077976%2C",
@ -403,7 +407,10 @@
}, },
{ {
"url": "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a", "url": "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a%2C", "url": "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a%2C",

12
CVE-2022/CVE-2022-258xx/CVE-2022-25853.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-25853", "id": "CVE-2022-25853",
"sourceIdentifier": "report@snyk.io", "sourceIdentifier": "report@snyk.io",
"published": "2023-02-06T05:15:11.857", "published": "2023-02-06T05:15:11.857",
"lastModified": "2024-11-21T06:53:07.103", "lastModified": "2025-03-25T19:15:39.550",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -75,6 +75,16 @@
"value": "NVD-CWE-Other" "value": "NVD-CWE-Other"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
} }
], ],
"configurations": [ "configurations": [

12
CVE-2022/CVE-2022-258xx/CVE-2022-25855.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-25855", "id": "CVE-2022-25855",
"sourceIdentifier": "report@snyk.io", "sourceIdentifier": "report@snyk.io",
"published": "2023-02-06T05:15:12.023", "published": "2023-02-06T05:15:12.023",
"lastModified": "2024-11-21T06:53:07.340", "lastModified": "2025-03-25T19:15:39.733",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -75,6 +75,16 @@
"value": "NVD-CWE-Other" "value": "NVD-CWE-Other"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-317xx/CVE-2022-31733.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-31733", "id": "CVE-2022-31733",
"sourceIdentifier": "security@vmware.com", "sourceIdentifier": "security@vmware.com",
"published": "2023-02-03T19:15:11.107", "published": "2023-02-03T19:15:11.107",
"lastModified": "2024-11-21T07:05:11.473", "lastModified": "2025-03-25T20:15:13.693",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.2 "impactScore": 5.2
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
} }
] ]
}, },
@ -45,6 +65,16 @@
"value": "CWE-295" "value": "CWE-295"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
} }
], ],
"configurations": [ "configurations": [

22
CVE-2022/CVE-2022-446xx/CVE-2022-44617.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44617", "id": "CVE-2022-44617",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2023-02-06T23:15:09.787", "published": "2023-02-06T23:15:09.787",
"lastModified": "2024-11-21T07:28:12.390", "lastModified": "2025-03-25T20:15:15.493",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },

24
CVE-2022/CVE-2022-453xx/CVE-2022-45320.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-45320", "id": "CVE-2022-45320",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-02-20T05:15:07.613", "published": "2024-02-20T05:15:07.613",
"lastModified": "2025-02-12T18:51:52.663", "lastModified": "2025-03-25T20:15:16.163",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 3.4 "impactScore": 3.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
} }
] ]
}, },

22
CVE-2022/CVE-2022-46xx/CVE-2022-4657.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4657", "id": "CVE-2022-4657",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-02-06T20:15:11.660", "published": "2023-02-06T20:15:11.660",
"lastModified": "2024-11-21T07:35:41.063", "lastModified": "2025-03-25T20:15:16.587",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },

22
CVE-2022/CVE-2022-46xx/CVE-2022-4670.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4670", "id": "CVE-2022-4670",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-02-06T20:15:11.797", "published": "2023-02-06T20:15:11.797",
"lastModified": "2024-11-21T07:35:42.307", "lastModified": "2025-03-25T20:15:16.760",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },

22
CVE-2022/CVE-2022-46xx/CVE-2022-4681.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4681", "id": "CVE-2022-4681",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-02-06T20:15:11.987", "published": "2023-02-06T20:15:11.987",
"lastModified": "2024-11-21T07:35:43.473", "lastModified": "2025-03-25T19:15:39.880",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
] ]
}, },

22
CVE-2022/CVE-2022-47xx/CVE-2022-4747.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4747", "id": "CVE-2022-4747",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-02-06T20:15:12.113", "published": "2023-02-06T20:15:12.113",
"lastModified": "2024-11-21T07:35:51.837", "lastModified": "2025-03-25T19:15:40.027",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },

22
CVE-2022/CVE-2022-47xx/CVE-2022-4762.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4762", "id": "CVE-2022-4762",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-02-06T20:15:12.240", "published": "2023-02-06T20:15:12.240",
"lastModified": "2024-11-21T07:35:53.507", "lastModified": "2025-03-25T19:15:40.173",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },

32
CVE-2022/CVE-2022-481xx/CVE-2022-48166.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-48166", "id": "CVE-2022-48166",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-02-06T22:15:09.553", "published": "2023-02-06T22:15:09.553",
"lastModified": "2024-11-21T07:32:54.883", "lastModified": "2025-03-25T20:15:16.370",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-862" "value": "CWE-862"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
} }
], ],
"configurations": [ "configurations": [

22
CVE-2023/CVE-2023-00xx/CVE-2023-0095.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0095", "id": "CVE-2023-0095",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-02-06T20:15:12.997", "published": "2023-02-06T20:15:12.997",
"lastModified": "2024-11-21T07:36:32.640", "lastModified": "2025-03-25T19:15:40.323",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },

22
CVE-2023/CVE-2023-01xx/CVE-2023-0147.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0147", "id": "CVE-2023-0147",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-02-06T20:15:13.310", "published": "2023-02-06T20:15:13.310",
"lastModified": "2024-11-21T07:36:38.643", "lastModified": "2025-03-25T20:15:16.930",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },

22
CVE-2023/CVE-2023-01xx/CVE-2023-0148.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0148", "id": "CVE-2023-0148",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-02-06T20:15:13.377", "published": "2023-02-06T20:15:13.377",
"lastModified": "2024-11-21T07:36:38.733", "lastModified": "2025-03-25T19:15:40.510",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },

22
CVE-2023/CVE-2023-01xx/CVE-2023-0153.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0153", "id": "CVE-2023-0153",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-02-06T20:15:13.567", "published": "2023-02-06T20:15:13.567",
"lastModified": "2024-11-21T07:36:39.207", "lastModified": "2025-03-25T20:15:17.120",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },

22
CVE-2023/CVE-2023-01xx/CVE-2023-0171.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0171", "id": "CVE-2023-0171",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-02-06T20:15:13.750", "published": "2023-02-06T20:15:13.750",
"lastModified": "2024-11-21T07:36:40.893", "lastModified": "2025-03-25T20:15:17.293",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },

22
CVE-2023/CVE-2023-01xx/CVE-2023-0173.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0173", "id": "CVE-2023-0173",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-02-06T20:15:13.813", "published": "2023-02-06T20:15:13.813",
"lastModified": "2024-11-21T07:36:41.090", "lastModified": "2025-03-25T19:15:40.657",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },

22
CVE-2023/CVE-2023-02xx/CVE-2023-0234.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0234", "id": "CVE-2023-0234",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-02-06T20:15:14.053", "published": "2023-02-06T20:15:14.053",
"lastModified": "2024-11-21T07:36:47.647", "lastModified": "2025-03-25T19:15:40.797",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
} }
] ]
}, },

22
CVE-2023/CVE-2023-02xx/CVE-2023-0236.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0236", "id": "CVE-2023-0236",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-02-06T20:15:14.117", "published": "2023-02-06T20:15:14.117",
"lastModified": "2024-11-21T07:36:47.770", "lastModified": "2025-03-25T19:15:40.947",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
} }
] ]
}, },

22
CVE-2023/CVE-2023-06xx/CVE-2023-0615.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0615", "id": "CVE-2023-0615",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2023-02-06T23:15:09.933", "published": "2023-02-06T23:15:09.933",
"lastModified": "2024-11-21T07:37:29.450", "lastModified": "2025-03-25T20:15:17.977",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
} }
] ]
}, },

32
CVE-2023/CVE-2023-206xx/CVE-2023-20607.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-20607", "id": "CVE-2023-20607",
"sourceIdentifier": "security@mediatek.com", "sourceIdentifier": "security@mediatek.com",
"published": "2023-02-06T20:15:14.627", "published": "2023-02-06T20:15:14.627",
"lastModified": "2024-11-21T07:41:12.963", "lastModified": "2025-03-25T19:15:41.100",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 0.5, "exploitabilityScore": 0.5,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.5,
"impactScore": 5.9
} }
] ]
}, },
@ -45,6 +65,16 @@
"value": "CWE-662" "value": "CWE-662"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-662"
}
]
} }
], ],
"configurations": [ "configurations": [

24
CVE-2023/CVE-2023-228xx/CVE-2023-22849.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-22849", "id": "CVE-2023-22849",
"sourceIdentifier": "security@apache.org", "sourceIdentifier": "security@apache.org",
"published": "2023-02-04T21:15:09.113", "published": "2023-02-04T21:15:09.113",
"lastModified": "2024-11-21T07:45:31.163", "lastModified": "2025-03-25T19:15:41.267",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,13 +32,33 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
} }
] ]
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "security@apache.org", "source": "security@apache.org",
"type": "Primary", "type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",

22
CVE-2023/CVE-2023-238xx/CVE-2023-23849.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-23849", "id": "CVE-2023-23849",
"sourceIdentifier": "disclosure@synopsys.com", "sourceIdentifier": "disclosure@synopsys.com",
"published": "2023-02-06T23:15:10.067", "published": "2023-02-06T23:15:10.067",
"lastModified": "2024-11-21T07:46:57.117", "lastModified": "2025-03-25T20:15:18.840",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
} }
] ]
}, },

32
CVE-2023/CVE-2023-242xx/CVE-2023-24276.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24276", "id": "CVE-2023-24276",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-02-06T15:15:11.267", "published": "2023-02-06T15:15:11.267",
"lastModified": "2024-11-21T07:47:38.850", "lastModified": "2025-03-25T19:15:41.437",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
] ]
}, },
@ -45,6 +65,16 @@
"value": "CWE-77" "value": "CWE-77"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2023/CVE-2023-250xx/CVE-2023-25016.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25016", "id": "CVE-2023-25016",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-02-06T21:15:09.900", "published": "2023-02-06T21:15:09.900",
"lastModified": "2024-11-21T07:48:56.310", "lastModified": "2025-03-25T19:15:41.623",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-319" "value": "CWE-319"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-319"
}
]
} }
], ],
"configurations": [ "configurations": [

6
CVE-2023/CVE-2023-428xx/CVE-2023-42818.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-42818", "id": "CVE-2023-42818",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-27T21:15:10.173", "published": "2023-09-27T21:15:10.173",
"lastModified": "2024-11-21T08:23:16.650", "lastModified": "2025-03-25T20:15:19.063",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -115,6 +115,10 @@
"Vendor Advisory" "Vendor Advisory"
] ]
}, },
{
"url": "https://www.sonarsource.com/blog/diving-into-jumpserver-attackers-gateway-to-internal-networks-1-2",
"source": "security-advisories@github.com"
},
{ {
"url": "https://github.com/jumpserver/jumpserver/security/advisories/GHSA-jv3c-27cv-w8jv", "url": "https://github.com/jumpserver/jumpserver/security/advisories/GHSA-jv3c-27cv-w8jv",
"source": "af854a3a-2127-422b-91ae-364da2661108", "source": "af854a3a-2127-422b-91ae-364da2661108",

8
CVE-2023/CVE-2023-436xx/CVE-2023-43650.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-43650", "id": "CVE-2023-43650",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-27T19:15:11.927", "published": "2023-09-27T19:15:11.927",
"lastModified": "2024-11-21T08:24:32.740", "lastModified": "2025-03-25T20:15:19.257",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -62,7 +62,7 @@
"weaknesses": [ "weaknesses": [
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Primary", "type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -106,6 +106,10 @@
"Vendor Advisory" "Vendor Advisory"
] ]
}, },
{
"url": "https://www.sonarsource.com/blog/diving-into-jumpserver-attackers-gateway-to-internal-networks-1-2",
"source": "security-advisories@github.com"
},
{ {
"url": "https://github.com/jumpserver/jumpserver/security/advisories/GHSA-mwx4-8fwc-2xvw", "url": "https://github.com/jumpserver/jumpserver/security/advisories/GHSA-mwx4-8fwc-2xvw",
"source": "af854a3a-2127-422b-91ae-364da2661108", "source": "af854a3a-2127-422b-91ae-364da2661108",

6
CVE-2023/CVE-2023-436xx/CVE-2023-43651.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-43651", "id": "CVE-2023-43651",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-27T21:15:10.347", "published": "2023-09-27T21:15:10.347",
"lastModified": "2024-11-21T08:24:32.873", "lastModified": "2025-03-25T20:15:19.423",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -116,6 +116,10 @@
"Vendor Advisory" "Vendor Advisory"
] ]
}, },
{
"url": "https://www.sonarsource.com/blog/diving-into-jumpserver-attackers-gateway-to-internal-networks-2-2",
"source": "security-advisories@github.com"
},
{ {
"url": "https://github.com/jumpserver/jumpserver/security/advisories/GHSA-4r5x-x283-wm96", "url": "https://github.com/jumpserver/jumpserver/security/advisories/GHSA-4r5x-x283-wm96",
"source": "af854a3a-2127-422b-91ae-364da2661108", "source": "af854a3a-2127-422b-91ae-364da2661108",

8
CVE-2023/CVE-2023-436xx/CVE-2023-43652.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-43652", "id": "CVE-2023-43652",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-27T19:15:12.133", "published": "2023-09-27T19:15:12.133",
"lastModified": "2024-11-21T08:24:33.017", "lastModified": "2025-03-25T20:15:20.390",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -62,7 +62,7 @@
"weaknesses": [ "weaknesses": [
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Primary", "type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -106,6 +106,10 @@
"Vendor Advisory" "Vendor Advisory"
] ]
}, },
{
"url": "https://www.sonarsource.com/blog/diving-into-jumpserver-attackers-gateway-to-internal-networks-1-2",
"source": "security-advisories@github.com"
},
{ {
"url": "https://github.com/jumpserver/jumpserver/security/advisories/GHSA-fr8h-xh5x-r8g9", "url": "https://github.com/jumpserver/jumpserver/security/advisories/GHSA-fr8h-xh5x-r8g9",
"source": "af854a3a-2127-422b-91ae-364da2661108", "source": "af854a3a-2127-422b-91ae-364da2661108",

8
CVE-2023/CVE-2023-461xx/CVE-2023-46123.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2023-46123", "id": "CVE-2023-46123",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-25T18:17:36.330", "published": "2023-10-25T18:17:36.330",
"lastModified": "2024-11-21T08:27:55.647", "lastModified": "2025-03-25T20:15:20.513",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "jumpserver is an open source bastion machine, professional operation and maintenance security audit system that complies with 4A specifications. A flaw in the Core API allows attackers to bypass password brute-force protections by spoofing arbitrary IP addresses. By exploiting this vulnerability, attackers can effectively make unlimited password attempts by altering their apparent IP address for each request. This vulnerability has been patched in version 3.8.0.\n\n" "value": "jumpserver is an open source bastion machine, professional operation and maintenance security audit system that complies with 4A specifications. A flaw in the Core API allows attackers to bypass password brute-force protections by spoofing arbitrary IP addresses. By exploiting this vulnerability, attackers can effectively make unlimited password attempts by altering their apparent IP address for each request. This vulnerability has been patched in version 3.8.0."
}, },
{ {
"lang": "es", "lang": "es",
@ -115,6 +115,10 @@
"Vendor Advisory" "Vendor Advisory"
] ]
}, },
{
"url": "https://www.sonarsource.com/blog/diving-into-jumpserver-attackers-gateway-to-internal-networks-1-2",
"source": "security-advisories@github.com"
},
{ {
"url": "https://github.com/jumpserver/jumpserver/releases/tag/v3.8.0", "url": "https://github.com/jumpserver/jumpserver/releases/tag/v3.8.0",
"source": "af854a3a-2127-422b-91ae-364da2661108", "source": "af854a3a-2127-422b-91ae-364da2661108",

34
CVE-2023/CVE-2023-523xx/CVE-2023-52369.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-52369", "id": "CVE-2023-52369",
"sourceIdentifier": "psirt@huawei.com", "sourceIdentifier": "psirt@huawei.com",
"published": "2024-02-18T04:15:07.760", "published": "2024-02-18T04:15:07.760",
"lastModified": "2024-12-09T17:33:32.693", "lastModified": "2025-03-25T19:15:41.850",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.2 "impactScore": 5.2
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-787" "value": "CWE-787"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
} }
], ],
"configurations": [ "configurations": [

22
CVE-2023/CVE-2023-56xx/CVE-2023-5601.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-5601", "id": "CVE-2023-5601",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-11-06T21:15:10.063", "published": "2023-11-06T21:15:10.063",
"lastModified": "2024-11-21T08:42:06.237", "lastModified": "2025-03-25T20:15:20.667",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
] ]
}, },

27
CVE-2024/CVE-2024-06xx/CVE-2024-0677.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-0677", "id": "CVE-2024-0677",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2024-03-28T05:15:49.870", "published": "2024-03-28T05:15:49.870",
"lastModified": "2024-11-21T08:47:07.893", "lastModified": "2025-03-25T19:15:42.040",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,30 @@
"value": "El complemento Pz-LinkCard de WordPress hasta la versi\u00f3n 2.5.1 no impide que los usuarios hagan ping a hosts arbitrarios a trav\u00e9s de algunos de sus c\u00f3digos cortos, lo que podr\u00eda permitir a usuarios con altos privilegios, como los contribuyentes, realizar ataques SSRF." "value": "El complemento Pz-LinkCard de WordPress hasta la versi\u00f3n 2.5.1 no impide que los usuarios hagan ping a hosts arbitrarios a trav\u00e9s de algunos de sus c\u00f3digos cortos, lo que podr\u00eda permitir a usuarios con altos privilegios, como los contribuyentes, realizar ataques SSRF."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.8,
"impactScore": 4.2
}
]
},
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/0f7757c9-69fa-49db-90b0-40f0ff29bee7/", "url": "https://wpscan.com/vulnerability/0f7757c9-69fa-49db-90b0-40f0ff29bee7/",

27
CVE-2024/CVE-2024-10xx/CVE-2024-1076.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-1076", "id": "CVE-2024-1076",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2024-05-08T06:15:06.877", "published": "2024-05-08T06:15:06.877",
"lastModified": "2024-11-21T08:49:44.590", "lastModified": "2025-03-25T20:15:20.853",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,30 @@
"value": "El complemento SSL Zen WordPress anterior a 4.6.0 solo se basa en el uso de .htaccess para evitar que los visitantes accedan a las claves privadas generadas por el sitio, lo que permite a un atacante leerlas si el sitio se ejecuta en un servidor que no admite archivos .htaccess, como NGINX." "value": "El complemento SSL Zen WordPress anterior a 4.6.0 solo se basa en el uso de .htaccess para evitar que los visitantes accedan a las claves privadas generadas por el sitio, lo que permite a un atacante leerlas si el sitio se ejecuta en un servidor que no admite archivos .htaccess, como NGINX."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/9c3e9c72-3d6c-4e2c-bb8a-f4efce1371d5/", "url": "https://wpscan.com/vulnerability/9c3e9c72-3d6c-4e2c-bb8a-f4efce1371d5/",

16
CVE-2024/CVE-2024-210xx/CVE-2024-21008.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21008", "id": "CVE-2024-21008",
"sourceIdentifier": "secalert_us@oracle.com", "sourceIdentifier": "secalert_us@oracle.com",
"published": "2024-04-16T22:15:14.920", "published": "2024-04-16T22:15:14.920",
"lastModified": "2024-11-27T16:35:56.737", "lastModified": "2025-03-25T20:15:20.990",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -19,7 +19,7 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "secalert_us@oracle.com", "source": "secalert_us@oracle.com",
"type": "Primary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-263xx/CVE-2024-26318.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26318", "id": "CVE-2024-26318",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-02-19T04:15:07.400", "published": "2024-02-19T04:15:07.400",
"lastModified": "2025-02-13T17:13:39.187", "lastModified": "2025-03-25T19:15:42.250",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-264xx/CVE-2024-26462.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26462", "id": "CVE-2024-26462",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-02-29T01:44:18.857", "published": "2024-02-29T01:44:18.857",
"lastModified": "2025-02-14T17:29:03.303", "lastModified": "2025-03-25T20:15:21.143",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-401" "value": "CWE-401"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-272xx/CVE-2024-27237.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27237", "id": "CVE-2024-27237",
"sourceIdentifier": "dsap-vuln-management@google.com", "sourceIdentifier": "dsap-vuln-management@google.com",
"published": "2024-03-11T19:15:49.143", "published": "2024-03-11T19:15:49.143",
"lastModified": "2025-02-18T13:41:56.553", "lastModified": "2025-03-25T20:15:21.343",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-131" "value": "CWE-131"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-131"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-278xx/CVE-2024-27803.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27803", "id": "CVE-2024-27803",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2024-05-14T15:13:03.823", "published": "2024-05-14T15:13:03.823",
"lastModified": "2024-12-09T19:19:52.583", "lastModified": "2025-03-25T19:15:42.470",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 0.9, "exploitabilityScore": 0.9,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 2.4,
"baseSeverity": "LOW",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
} }
], ],
"configurations": [ "configurations": [

38
CVE-2024/CVE-2024-291xx/CVE-2024-29156.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-29156", "id": "CVE-2024-29156",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-03-18T07:15:05.880", "published": "2024-03-18T07:15:05.880",
"lastModified": "2025-02-27T14:07:08.527", "lastModified": "2025-03-25T20:15:21.533",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-116"
}
]
} }
], ],
"configurations": [ "configurations": [
@ -80,7 +110,8 @@
"url": "https://launchpad.net/bugs/2048114", "url": "https://launchpad.net/bugs/2048114",
"source": "cve@mitre.org", "source": "cve@mitre.org",
"tags": [ "tags": [
"Issue Tracking" "Issue Tracking",
"Third Party Advisory"
] ]
}, },
{ {
@ -108,6 +139,7 @@
"url": "https://launchpad.net/bugs/2048114", "url": "https://launchpad.net/bugs/2048114",
"source": "af854a3a-2127-422b-91ae-364da2661108", "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [ "tags": [
"Issue Tracking",
"Third Party Advisory" "Third Party Advisory"
] ]
}, },

8
CVE-2024/CVE-2024-292xx/CVE-2024-29201.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-29201", "id": "CVE-2024-29201",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-29T15:15:11.963", "published": "2024-03-29T15:15:11.963",
"lastModified": "2025-01-09T17:27:57.507", "lastModified": "2025-03-25T20:15:21.760",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -109,6 +109,10 @@
"Vendor Advisory" "Vendor Advisory"
] ]
}, },
{
"url": "https://www.sonarsource.com/blog/diving-into-jumpserver-attackers-gateway-to-internal-networks-2-2",
"source": "security-advisories@github.com"
},
{ {
"url": "https://github.com/jumpserver/jumpserver/security/advisories/GHSA-pjpp-cm9x-6rwj", "url": "https://github.com/jumpserver/jumpserver/security/advisories/GHSA-pjpp-cm9x-6rwj",
"source": "af854a3a-2127-422b-91ae-364da2661108", "source": "af854a3a-2127-422b-91ae-364da2661108",

10
CVE-2024/CVE-2024-292xx/CVE-2024-29202.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-29202", "id": "CVE-2024-29202",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-29T15:15:12.223", "published": "2024-03-29T15:15:12.223",
"lastModified": "2025-01-09T17:25:13.830", "lastModified": "2025-03-25T20:15:21.880",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "JumpServer is an open source bastion host and an operation and maintenance security audit system. Attackers can exploit a Jinja2 template injection vulnerability in JumpServer's Ansible to execute arbitrary code within the Celery container. Since the Celery container runs with root privileges and has database access, attackers could steal sensitive information from all hosts or manipulate the database. This vulnerability is fixed in v3.10.7.\n\n" "value": "JumpServer is an open source bastion host and an operation and maintenance security audit system. Attackers can exploit a Jinja2 template injection vulnerability in JumpServer's Ansible to execute arbitrary code within the Celery container. Since the Celery container runs with root privileges and has database access, attackers could steal sensitive information from all hosts or manipulate the database. This vulnerability is fixed in v3.10.7."
}, },
{ {
"lang": "es", "lang": "es",
@ -109,6 +109,10 @@
"Vendor Advisory" "Vendor Advisory"
] ]
}, },
{
"url": "https://www.sonarsource.com/blog/diving-into-jumpserver-attackers-gateway-to-internal-networks-2-2",
"source": "security-advisories@github.com"
},
{ {
"url": "https://github.com/jumpserver/jumpserver/security/advisories/GHSA-2vvr-vmvx-73ch", "url": "https://github.com/jumpserver/jumpserver/security/advisories/GHSA-2vvr-vmvx-73ch",
"source": "af854a3a-2127-422b-91ae-364da2661108", "source": "af854a3a-2127-422b-91ae-364da2661108",

24
CVE-2024/CVE-2024-318xx/CVE-2024-31863.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-31863", "id": "CVE-2024-31863",
"sourceIdentifier": "security@apache.org", "sourceIdentifier": "security@apache.org",
"published": "2024-04-09T11:15:31.713", "published": "2024-04-09T11:15:31.713",
"lastModified": "2025-02-13T18:18:00.383", "lastModified": "2025-03-25T19:15:42.637",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,13 +36,33 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
} }
] ]
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "security@apache.org", "source": "security@apache.org",
"type": "Primary", "type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",

56
CVE-2024/CVE-2024-318xx/CVE-2024-31896.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31896",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-03-25T19:15:42.830",
"lastModified": "2025-03-25T19:15:42.830",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM SPSS Statistics\u00a026.0, 27.0.1, 28.0.1, and 29.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-327"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7228971",
"source": "psirt@us.ibm.com"
}
]
}

14
CVE-2024/CVE-2024-327xx/CVE-2024-32736.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-32736", "id": "CVE-2024-32736",
"sourceIdentifier": "vulnreport@tenable.com", "sourceIdentifier": "vulnreport@tenable.com",
"published": "2024-05-14T15:37:03.870", "published": "2024-05-14T15:37:03.870",
"lastModified": "2024-11-21T09:15:35.723", "lastModified": "2025-03-25T19:15:42.990",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -39,6 +39,18 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.cyberpower.com/global/en/File/GetFileSampleByType?fileId=SU-18070002-07&fileSubType=FileReleaseNote", "url": "https://www.cyberpower.com/global/en/File/GetFileSampleByType?fileId=SU-18070002-07&fileSubType=FileReleaseNote",

27
CVE-2024/CVE-2024-334xx/CVE-2024-33401.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-33401", "id": "CVE-2024-33401",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-04-29T22:15:06.943", "published": "2024-04-29T22:15:06.943",
"lastModified": "2024-11-21T09:16:53.310", "lastModified": "2025-03-25T19:15:43.120",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,30 @@
"value": "Vulnerabilidad de Cross Site Scripting en DedeCMS v.5.7.113 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s del par\u00e1metro mnum." "value": "Vulnerabilidad de Cross Site Scripting en DedeCMS v.5.7.113 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s del par\u00e1metro mnum."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 2.5
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",

27
CVE-2024/CVE-2024-34xx/CVE-2024-3478.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-3478", "id": "CVE-2024-3478",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2024-05-02T06:15:51.033", "published": "2024-05-02T06:15:51.033",
"lastModified": "2024-11-21T09:29:41.373", "lastModified": "2025-03-25T19:15:43.823",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,30 @@
"value": "El complemento Herd Effects de WordPress anterior a 5.2.7 no tiene comprobaciones CSRF en algunas acciones masivas, lo que podr\u00eda permitir a los atacantes hacer que los administradores que han iniciado sesi\u00f3n realicen acciones no deseadas, como eliminar efectos mediante ataques CSRF." "value": "El complemento Herd Effects de WordPress anterior a 5.2.7 no tiene comprobaciones CSRF en algunas acciones masivas, lo que podr\u00eda permitir a los atacantes hacer que los administradores que han iniciado sesi\u00f3n realicen acciones no deseadas, como eliminar efectos mediante ataques CSRF."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 0.6,
"impactScore": 5.5
}
]
},
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/09f1a696-86ee-47cc-99de-57cfd2a3219d/", "url": "https://wpscan.com/vulnerability/09f1a696-86ee-47cc-99de-57cfd2a3219d/",

12
CVE-2024/CVE-2024-363xx/CVE-2024-36303.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-36303", "id": "CVE-2024-36303",
"sourceIdentifier": "security@trendmicro.com", "sourceIdentifier": "security@trendmicro.com",
"published": "2024-06-10T22:15:10.290", "published": "2024-06-10T22:15:10.290",
"lastModified": "2024-11-21T09:22:00.237", "lastModified": "2025-03-25T19:15:43.273",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-346" "value": "CWE-346"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-346"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2024/CVE-2024-368xx/CVE-2024-36823.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-36823", "id": "CVE-2024-36823",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-06-06T22:15:10.853", "published": "2024-06-06T22:15:10.853",
"lastModified": "2024-11-21T09:22:40.653", "lastModified": "2025-03-25T19:15:43.420",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-326" "value": "CWE-326"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-327"
}
]
} }
], ],
"configurations": [ "configurations": [

27
CVE-2024/CVE-2024-36xx/CVE-2024-3631.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-3631", "id": "CVE-2024-3631",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2024-05-15T06:15:13.170", "published": "2024-05-15T06:15:13.170",
"lastModified": "2024-11-21T09:30:02.020", "lastModified": "2025-03-25T19:15:43.967",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,30 @@
"value": "El complemento HL Twitter WordPress hasta 2014.1.18 no tiene verificaci\u00f3n CSRF al desvincular cuentas de Twitter, lo que podr\u00eda permitir a los atacantes hacer que los administradores registrados realicen tales acciones a trav\u00e9s de un ataque CSRF." "value": "El complemento HL Twitter WordPress hasta 2014.1.18 no tiene verificaci\u00f3n CSRF al desvincular cuentas de Twitter, lo que podr\u00eda permitir a los atacantes hacer que los administradores registrados realicen tales acciones a trav\u00e9s de un ataque CSRF."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/c59a8b49-6f3e-452b-ba9b-50b80c522ee9/", "url": "https://wpscan.com/vulnerability/c59a8b49-6f3e-452b-ba9b-50b80c522ee9/",

24
CVE-2024/CVE-2024-384xx/CVE-2024-38474.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-38474", "id": "CVE-2024-38474",
"sourceIdentifier": "security@apache.org", "sourceIdentifier": "security@apache.org",
"published": "2024-07-01T19:15:04.760", "published": "2024-07-01T19:15:04.760",
"lastModified": "2024-11-21T09:26:02.947", "lastModified": "2025-03-25T19:15:43.623",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,13 +36,33 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
} }
] ]
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "security@apache.org", "source": "security@apache.org",
"type": "Primary", "type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",

6
CVE-2024/CVE-2024-406xx/CVE-2024-40628.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-40628", "id": "CVE-2024-40628",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2024-07-18T17:15:04.370", "published": "2024-07-18T17:15:04.370",
"lastModified": "2024-11-21T09:31:23.503", "lastModified": "2025-03-25T20:15:22.063",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -108,6 +108,10 @@
"Vendor Advisory" "Vendor Advisory"
] ]
}, },
{
"url": "https://www.sonarsource.com/blog/diving-into-jumpserver-attackers-gateway-to-internal-networks-2-2",
"source": "security-advisories@github.com"
},
{ {
"url": "https://github.com/jumpserver/jumpserver/security/advisories/GHSA-rpf7-g4xh-84v9", "url": "https://github.com/jumpserver/jumpserver/security/advisories/GHSA-rpf7-g4xh-84v9",
"source": "af854a3a-2127-422b-91ae-364da2661108", "source": "af854a3a-2127-422b-91ae-364da2661108",

6
CVE-2024/CVE-2024-406xx/CVE-2024-40629.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-40629", "id": "CVE-2024-40629",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2024-07-18T17:15:04.613", "published": "2024-07-18T17:15:04.613",
"lastModified": "2024-11-21T09:31:23.640", "lastModified": "2025-03-25T20:15:22.197",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -108,6 +108,10 @@
"Vendor Advisory" "Vendor Advisory"
] ]
}, },
{
"url": "https://www.sonarsource.com/blog/diving-into-jumpserver-attackers-gateway-to-internal-networks-2-2",
"source": "security-advisories@github.com"
},
{ {
"url": "https://github.com/jumpserver/jumpserver/security/advisories/GHSA-3wgp-q8m7-v33v", "url": "https://github.com/jumpserver/jumpserver/security/advisories/GHSA-3wgp-q8m7-v33v",
"source": "af854a3a-2127-422b-91ae-364da2661108", "source": "af854a3a-2127-422b-91ae-364da2661108",

34
CVE-2024/CVE-2024-425xx/CVE-2024-42584.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-42584", "id": "CVE-2024-42584",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-08-20T13:15:09.173", "published": "2024-08-20T13:15:09.173",
"lastModified": "2024-08-21T13:37:57.767", "lastModified": "2025-03-25T19:15:44.113",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-352" "value": "CWE-352"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
} }
], ],
"configurations": [ "configurations": [

39
CVE-2024/CVE-2024-443xx/CVE-2024-44313.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-44313", "id": "CVE-2024-44313",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-03-18T15:15:53.720", "published": "2025-03-18T15:15:53.720",
"lastModified": "2025-03-18T15:15:53.720", "lastModified": "2025-03-25T19:15:44.317",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "TastyIgniter 3.7.6 contiene una vulnerabilidad de control de acceso incorrecto en la funci\u00f3n factura() dentro de Orders.php que permite a usuarios no autorizados acceder y generar facturas debido a la falta de controles de permisos." "value": "TastyIgniter 3.7.6 contiene una vulnerabilidad de control de acceso incorrecto en la funci\u00f3n factura() dentro de Orders.php que permite a usuarios no autorizados acceder y generar facturas debido a la falta de controles de permisos."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/tastyigniter/TastyIgniter/blob/3.x/app/admin/controllers/Orders.php", "url": "https://github.com/tastyigniter/TastyIgniter/blob/3.x/app/admin/controllers/Orders.php",

27
CVE-2024/CVE-2024-44xx/CVE-2024-4480.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-4480", "id": "CVE-2024-4480",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2024-06-14T06:15:13.220", "published": "2024-06-14T06:15:13.220",
"lastModified": "2024-11-21T09:42:54.690", "lastModified": "2025-03-25T19:15:45.413",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,30 @@
"value": "El complemento WP Prayer II de WordPress hasta la versi\u00f3n 2.4.7 no tiene activada la verificaci\u00f3n CSRF al actualizar su configuraci\u00f3n de correo electr\u00f3nico, lo que podr\u00eda permitir a los atacantes hacer que un administrador que haya iniciado sesi\u00f3n los cambie mediante un ataque CSRF." "value": "El complemento WP Prayer II de WordPress hasta la versi\u00f3n 2.4.7 no tiene activada la verificaci\u00f3n CSRF al actualizar su configuraci\u00f3n de correo electr\u00f3nico, lo que podr\u00eda permitir a los atacantes hacer que un administrador que haya iniciado sesi\u00f3n los cambie mediante un ataque CSRF."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 0.6,
"impactScore": 5.5
}
]
},
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/c1e5dee9-c540-4cc1-8b94-c6d1650b52d3/", "url": "https://wpscan.com/vulnerability/c1e5dee9-c540-4cc1-8b94-c6d1650b52d3/",

34
CVE-2024/CVE-2024-452xx/CVE-2024-45234.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45234", "id": "CVE-2024-45234",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-08-24T23:15:04.037", "published": "2024-08-24T23:15:04.037",
"lastModified": "2024-08-27T15:45:44.560", "lastModified": "2025-03-25T19:15:45.247",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
} }
], ],
"configurations": [ "configurations": [

27
CVE-2024/CVE-2024-45xx/CVE-2024-4533.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-4533", "id": "CVE-2024-4533",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2024-05-27T06:15:10.283", "published": "2024-05-27T06:15:10.283",
"lastModified": "2024-11-21T09:43:03.177", "lastModified": "2025-03-25T19:15:45.553",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,30 @@
"value": "El complemento The KKProgressbar2 Free de WordPress hasta la versi\u00f3n 1.1.4.2 no desinfecta ni escapa un par\u00e1metro antes de usarlo en una declaraci\u00f3n SQL, lo que permite a los usuarios administradores realizar ataques de inyecci\u00f3n SQL." "value": "El complemento The KKProgressbar2 Free de WordPress hasta la versi\u00f3n 1.1.4.2 no desinfecta ni escapa un par\u00e1metro antes de usarlo en una declaraci\u00f3n SQL, lo que permite a los usuarios administradores realizar ataques de inyecci\u00f3n SQL."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2
}
]
},
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/c3406236-aaee-480a-8931-79c867252f11/", "url": "https://wpscan.com/vulnerability/c3406236-aaee-480a-8931-79c867252f11/",

21
CVE-2024/CVE-2024-488xx/CVE-2024-48818.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-48818",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-25T20:15:22.320",
"lastModified": "2025-03-25T20:15:22.320",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in IIT Bombay, Mumbai, India Bodhitree of cs101 version allows a remote attacker to execute arbitrary code."
}
],
"metrics": {},
"references": [
{
"url": "https://packetstorm.news/files/id/183309",
"source": "cve@mitre.org"
}
]
}

14
CVE-2024/CVE-2024-581xx/CVE-2024-58104.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-58104", "id": "CVE-2024-58104",
"sourceIdentifier": "security@trendmicro.com", "sourceIdentifier": "security@trendmicro.com",
"published": "2025-03-25T18:15:34.190", "published": "2025-03-25T18:15:34.190",
"lastModified": "2025-03-25T18:15:34.190", "lastModified": "2025-03-25T19:15:45.713",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -35,6 +35,18 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://success.trendmicro.com/en-US/solution/KA-0018217", "url": "https://success.trendmicro.com/en-US/solution/KA-0018217",

82
CVE-2025/CVE-2025-15xx/CVE-2025-1530.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-1530", "id": "CVE-2025-1530",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2025-03-15T12:15:11.890", "published": "2025-03-15T12:15:11.890",
"lastModified": "2025-03-15T12:15:11.890", "lastModified": "2025-03-25T20:02:28.730",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -19,6 +19,26 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "security@wordfence.com", "source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
@ -49,32 +69,78 @@
"value": "CWE-352" "value": "CWE-352"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tripetto:tripetto:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "8.0.10",
"matchCriteriaId": "881B126F-8C5E-4D36-A358-9957A90BC27D"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/browser/tripetto/trunk/lib/capabilities.php", "url": "https://plugins.trac.wordpress.org/browser/tripetto/trunk/lib/capabilities.php",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset/3251202/", "url": "https://plugins.trac.wordpress.org/changeset/3251202/",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset/3251202/tripetto/trunk/admin/results/list.php", "url": "https://plugins.trac.wordpress.org/changeset/3251202/tripetto/trunk/admin/results/list.php",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset/3251202/tripetto/trunk/admin/results/results.php", "url": "https://plugins.trac.wordpress.org/changeset/3251202/tripetto/trunk/admin/results/results.php",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://wordpress.org/plugins/tripetto/#developers", "url": "https://wordpress.org/plugins/tripetto/#developers",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dd80abd9-3f41-414a-a781-9bff7d85ec4b?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dd80abd9-3f41-414a-a781-9bff7d85ec4b?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

74
CVE-2025/CVE-2025-20xx/CVE-2025-2025.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2025", "id": "CVE-2025-2025",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2025-03-15T12:15:12.207", "published": "2025-03-15T12:15:12.207",
"lastModified": "2025-03-15T12:15:12.207", "lastModified": "2025-03-25T19:48:15.730",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -19,7 +19,7 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "security@wordfence.com", "source": "security@wordfence.com",
"type": "Primary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -49,24 +69,64 @@
"value": "CWE-862" "value": "CWE-862"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:givewp:givewp:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.22.1",
"matchCriteriaId": "5A1816C4-2BDF-403C-B19E-B90DAF9FF151"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/browser/give/trunk/includes/admin/reports/reports.php#L304", "url": "https://plugins.trac.wordpress.org/browser/give/trunk/includes/admin/reports/reports.php#L304",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset/3252319/", "url": "https://plugins.trac.wordpress.org/changeset/3252319/",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://wordpress.org/plugins/give/#description", "url": "https://wordpress.org/plugins/give/#description",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/40595943-121d-4492-a0ed-f2de1bd99fda?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/40595943-121d-4492-a0ed-f2de1bd99fda?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

42
CVE-2025/CVE-2025-22xx/CVE-2025-2232.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2232", "id": "CVE-2025-2232",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2025-03-14T12:15:14.887", "published": "2025-03-14T12:15:14.887",
"lastModified": "2025-03-14T12:15:14.887", "lastModified": "2025-03-25T20:13:28.670",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -49,16 +49,50 @@
"value": "CWE-269" "value": "CWE-269"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:purethemes:realteo:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.2.9",
"matchCriteriaId": "65F80A73-B8EA-48BF-81FC-4F4A14E994A6"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://docs.purethemes.net/findeo/knowledge-base/changelog-findeo/", "url": "https://docs.purethemes.net/findeo/knowledge-base/changelog-findeo/",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/abe73ecd-1325-4d6d-8545-d27f6116ca43?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/abe73ecd-1325-4d6d-8545-d27f6116ca43?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

64
CVE-2025/CVE-2025-23xx/CVE-2025-2325.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2325", "id": "CVE-2025-2325",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2025-03-15T07:15:35.107", "published": "2025-03-15T07:15:35.107",
"lastModified": "2025-03-15T07:15:35.107", "lastModified": "2025-03-25T20:07:03.383",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -19,7 +19,7 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "security@wordfence.com", "source": "security@wordfence.com",
"type": "Primary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
} }
] ]
}, },
@ -49,16 +69,50 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:boopathirajan:wp_test_email:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.1.9",
"matchCriteriaId": "E9DF7889-CF9F-4C41-974F-295965D89CEE"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3251086%40wp-test-email&new=3251086%40wp-test-email&sfp_email=&sfph_mail=", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3251086%40wp-test-email&new=3251086%40wp-test-email&sfp_email=&sfph_mail=",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7a0a9ff8-ed93-4de9-ba49-730b2253c6a4?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7a0a9ff8-ed93-4de9-ba49-730b2253c6a4?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

88
CVE-2025/CVE-2025-23xx/CVE-2025-2383.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2383", "id": "CVE-2025-2383",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-17T16:15:27.600", "published": "2025-03-17T16:15:27.600",
"lastModified": "2025-03-17T19:15:27.283", "lastModified": "2025-03-25T19:30:47.563",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -80,6 +80,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.4 "impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
], ],
"cvssMetricV2": [ "cvssMetricV2": [
@ -122,32 +142,84 @@
"value": "CWE-89" "value": "CWE-89"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:anujkumar:doctor_appointment_management_system:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "45318DF2-D243-4B92-B59E-7F9FF6B99C73"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://github.com/aionman/cve/issues/6", "url": "https://github.com/aionman/cve/issues/6",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory",
"Issue Tracking"
]
}, },
{ {
"url": "https://phpgurukul.com/", "url": "https://phpgurukul.com/",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.299882", "url": "https://vuldb.com/?ctiid.299882",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?id.299882", "url": "https://vuldb.com/?id.299882",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"VDB Entry",
"Third Party Advisory"
]
}, },
{ {
"url": "https://vuldb.com/?submit.515913", "url": "https://vuldb.com/?submit.515913",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"VDB Entry",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/aionman/cve/issues/6", "url": "https://github.com/aionman/cve/issues/6",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory",
"Issue Tracking"
]
} }
] ]
} }

86
CVE-2025/CVE-2025-23xx/CVE-2025-2384.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2384", "id": "CVE-2025-2384",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-17T16:15:27.807", "published": "2025-03-17T16:15:27.807",
"lastModified": "2025-03-17T18:15:22.360", "lastModified": "2025-03-25T19:24:12.400",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -80,6 +80,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 3.4 "impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
], ],
"cvssMetricV2": [ "cvssMetricV2": [
@ -122,32 +142,82 @@
"value": "CWE-89" "value": "CWE-89"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fabianros:real_estate_property_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8974B5B-08CE-4EDC-8B76-7074DD336CE2"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://code-projects.org/", "url": "https://code-projects.org/",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://github.com/yiijiayan/cve/blob/main/sql-cve.md", "url": "https://github.com/yiijiayan/cve/blob/main/sql-cve.md",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.299883", "url": "https://vuldb.com/?ctiid.299883",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?id.299883", "url": "https://vuldb.com/?id.299883",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"VDB Entry",
"Third Party Advisory"
]
}, },
{ {
"url": "https://vuldb.com/?submit.516282", "url": "https://vuldb.com/?submit.516282",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"VDB Entry",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/yiijiayan/cve/blob/main/sql-cve.md", "url": "https://github.com/yiijiayan/cve/blob/main/sql-cve.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

86
CVE-2025/CVE-2025-23xx/CVE-2025-2386.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2386", "id": "CVE-2025-2386",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-17T17:15:41.577", "published": "2025-03-17T17:15:41.577",
"lastModified": "2025-03-17T19:15:27.437", "lastModified": "2025-03-25T19:07:30.627",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -80,6 +80,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.4 "impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
], ],
"cvssMetricV2": [ "cvssMetricV2": [
@ -122,32 +142,82 @@
"value": "CWE-89" "value": "CWE-89"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:anujkumar:local_services_search_engine_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "31C1581E-981F-4EEF-A573-A1C41FA1C287"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://github.com/aionman/cve/issues/7", "url": "https://github.com/aionman/cve/issues/7",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://phpgurukul.com/", "url": "https://phpgurukul.com/",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.299885", "url": "https://vuldb.com/?ctiid.299885",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"VDB Entry",
"Permissions Required"
]
}, },
{ {
"url": "https://vuldb.com/?id.299885", "url": "https://vuldb.com/?id.299885",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"VDB Entry",
"Third Party Advisory"
]
}, },
{ {
"url": "https://vuldb.com/?submit.516546", "url": "https://vuldb.com/?submit.516546",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"VDB Entry",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/aionman/cve/issues/7", "url": "https://github.com/aionman/cve/issues/7",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

56
CVE-2025/CVE-2025-289xx/CVE-2025-28904.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-28904",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-03-25T19:15:45.827",
"lastModified": "2025-03-25T19:15:45.827",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Shamalli Web Directory Free allows Blind SQL Injection. This issue affects Web Directory Free: from n/a through 1.7.6."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/web-directory-free/vulnerability/wordpress-web-directory-free-plugin-1-7-6-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2025/CVE-2025-297xx/CVE-2025-29782.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-29782", "id": "CVE-2025-29782",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2025-03-14T19:15:49.190", "published": "2025-03-14T19:15:49.190",
"lastModified": "2025-03-14T19:15:49.190", "lastModified": "2025-03-25T20:12:23.047",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -59,6 +59,28 @@
"providerUrgency": "NOT_DEFINED" "providerUrgency": "NOT_DEFINED"
} }
} }
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
] ]
}, },
"weaknesses": [ "weaknesses": [
@ -73,14 +95,39 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wegia:wegia:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.17",
"matchCriteriaId": "199FDB49-700A-49A0-A446-F11382724D42"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/LabRedesCefetRJ/WeGIA/releases/tag/v3.2.17", "url": "https://github.com/LabRedesCefetRJ/WeGIA/releases/tag/v3.2.17",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
}, },
{ {
"url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-5x5w-5c99-vr8h", "url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-5x5w-5c99-vr8h",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
} }
] ]
} }

39
CVE-2025/CVE-2025-301xx/CVE-2025-30116.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-30116", "id": "CVE-2025-30116",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-03-18T15:16:02.850", "published": "2025-03-18T15:16:02.850",
"lastModified": "2025-03-18T15:16:02.850", "lastModified": "2025-03-25T19:15:46.030",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "Se detect\u00f3 un problema en Forvia Hella HELLA Driving Recorder DR 820. Puede producirse un volcado remoto de las grabaciones de v\u00eddeo y la transmisi\u00f3n en directo. Esto permite a atacantes remotos acceder y descargar las grabaciones de v\u00eddeo de la tarjeta SD a trav\u00e9s del puerto 9091. Adem\u00e1s, los atacantes pueden conectarse al puerto 9092 para transmitir la se\u00f1al de v\u00eddeo en directo evadiendo el mecanismo de autenticaci\u00f3n de desaf\u00edo-respuesta. Esto expone datos confidenciales de ubicaci\u00f3n y personales." "value": "Se detect\u00f3 un problema en Forvia Hella HELLA Driving Recorder DR 820. Puede producirse un volcado remoto de las grabaciones de v\u00eddeo y la transmisi\u00f3n en directo. Esto permite a atacantes remotos acceder y descargar las grabaciones de v\u00eddeo de la tarjeta SD a trav\u00e9s del puerto 9091. Adem\u00e1s, los atacantes pueden conectarse al puerto 9092 para transmitir la se\u00f1al de v\u00eddeo en directo evadiendo el mecanismo de autenticaci\u00f3n de desaf\u00edo-respuesta. Esto expone datos confidenciales de ubicaci\u00f3n y personales."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/geo-chen/Hella", "url": "https://github.com/geo-chen/Hella",

39
CVE-2025/CVE-2025-301xx/CVE-2025-30117.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-30117", "id": "CVE-2025-30117",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-03-18T15:16:02.990", "published": "2025-03-18T15:16:02.990",
"lastModified": "2025-03-18T15:16:02.990", "lastModified": "2025-03-25T19:15:46.190",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "Se detect\u00f3 un problema en Forvia Hella HELLA Driving Recorder DR 820. La gesti\u00f3n de la configuraci\u00f3n, la obtenci\u00f3n de datos confidenciales y el sabotaje de la bater\u00eda del coche pueden ser realizados por personas no autorizadas. Tras eludir la sincronizaci\u00f3n del dispositivo, un atacante puede obtener informaci\u00f3n confidencial del usuario y del veh\u00edculo a trav\u00e9s de la interfaz de configuraci\u00f3n. Los atacantes remotos pueden modificar la configuraci\u00f3n de administraci\u00f3n de energ\u00eda, desactivar la grabaci\u00f3n, eliminar las grabaciones almacenadas y desactivar la protecci\u00f3n de la bater\u00eda, lo que puede provocar una denegaci\u00f3n de servicio y la descarga de la bater\u00eda del veh\u00edculo." "value": "Se detect\u00f3 un problema en Forvia Hella HELLA Driving Recorder DR 820. La gesti\u00f3n de la configuraci\u00f3n, la obtenci\u00f3n de datos confidenciales y el sabotaje de la bater\u00eda del coche pueden ser realizados por personas no autorizadas. Tras eludir la sincronizaci\u00f3n del dispositivo, un atacante puede obtener informaci\u00f3n confidencial del usuario y del veh\u00edculo a trav\u00e9s de la interfaz de configuraci\u00f3n. Los atacantes remotos pueden modificar la configuraci\u00f3n de administraci\u00f3n de energ\u00eda, desactivar la grabaci\u00f3n, eliminar las grabaciones almacenadas y desactivar la protecci\u00f3n de la bater\u00eda, lo que puede provocar una denegaci\u00f3n de servicio y la descarga de la bater\u00eda del veh\u00edculo."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-285"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/geo-chen/Hella", "url": "https://github.com/geo-chen/Hella",

21
CVE-2025/CVE-2025-301xx/CVE-2025-30118.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2025-30118",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-25T20:15:22.447",
"lastModified": "2025-03-25T20:15:22.447",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered on the Audi Universal Traffic Recorder 2.88. It has Susceptibility to denial of service. It uses the same default credentials for all devices and does not implement proper multi-device authentication, allowing attackers to deny the owner access by occupying the only available connection. The SSID remains broadcast at all times, increasing exposure to potential attacks."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/geo-chen/Audi/blob/main/README.md#finding-1---cve-2025-30118-audi-utr-susceptibility-to-dos",
"source": "cve@mitre.org"
}
]
}

64
CVE-2025/CVE-2025-302xx/CVE-2025-30216.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2025-30216",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-03-25T20:15:22.567",
"lastModified": "2025-03-25T20:15:22.567",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In versions 1.3.3 and prior, a Heap Overflow vulnerability occurs in the `Crypto_TM_ProcessSecurity` function (`crypto_tm.c:1735:8`). When processing the Secondary Header Length of a TM protocol packet, if the Secondary Header Length exceeds the packet's total length, a heap overflow is triggered during the memcpy operation that copies packet data into the dynamically allocated buffer `p_new_dec_frame`. This allows an attacker to overwrite adjacent heap memory, potentially leading to arbitrary code execution or system instability. A patch is available at commit 810fd66d592c883125272fef123c3240db2f170f."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.5
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://github.com/nasa/CryptoLib/commit/810fd66d592c883125272fef123c3240db2f170f",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/nasa/CryptoLib/security/advisories/GHSA-v3jc-5j74-hcjv",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/user-attachments/assets/d49cea04-ce84-4d60-bb3a-987e843f09c4",
"source": "security-advisories@github.com"
}
]
}

56
CVE-2025/CVE-2025-305xx/CVE-2025-30567.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-30567",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-03-25T19:15:46.350",
"lastModified": "2025-03-25T19:15:46.350",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in wp01ru WP01 allows Path Traversal. This issue affects WP01: from n/a through 2.6.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/wp01/vulnerability/wordpress-wp01-2-6-2-arbitrary-file-download-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

69
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2025-03-25T19:00:20.558284+00:00 2025-03-25T21:00:20.470830+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2025-03-25T18:55:58.707000+00:00 2025-03-25T20:15:22.567000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -33,47 +33,50 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
286540 286546
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `3` Recently added CVEs: `6`
- [CVE-2024-58104](CVE-2024/CVE-2024-581xx/CVE-2024-58104.json) (`2025-03-25T18:15:34.190`) - [CVE-2024-31896](CVE-2024/CVE-2024-318xx/CVE-2024-31896.json) (`2025-03-25T19:15:42.830`)
- [CVE-2024-58105](CVE-2024/CVE-2024-581xx/CVE-2024-58105.json) (`2025-03-25T18:15:34.327`) - [CVE-2024-48818](CVE-2024/CVE-2024-488xx/CVE-2024-48818.json) (`2025-03-25T20:15:22.320`)
- [CVE-2025-2312](CVE-2025/CVE-2025-23xx/CVE-2025-2312.json) (`2025-03-25T18:15:34.987`) - [CVE-2025-28904](CVE-2025/CVE-2025-289xx/CVE-2025-28904.json) (`2025-03-25T19:15:45.827`)
- [CVE-2025-30118](CVE-2025/CVE-2025-301xx/CVE-2025-30118.json) (`2025-03-25T20:15:22.447`)
- [CVE-2025-30216](CVE-2025/CVE-2025-302xx/CVE-2025-30216.json) (`2025-03-25T20:15:22.567`)
- [CVE-2025-30567](CVE-2025/CVE-2025-305xx/CVE-2025-30567.json) (`2025-03-25T19:15:46.350`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit
Recently modified CVEs: `219` Recently modified CVEs: `70`
- [CVE-2024-9964](CVE-2024/CVE-2024-99xx/CVE-2024-9964.json) (`2025-03-25T17:16:18.983`) - [CVE-2024-32736](CVE-2024/CVE-2024-327xx/CVE-2024-32736.json) (`2025-03-25T19:15:42.990`)
- [CVE-2024-9966](CVE-2024/CVE-2024-99xx/CVE-2024-9966.json) (`2025-03-25T17:16:19.633`) - [CVE-2024-33401](CVE-2024/CVE-2024-334xx/CVE-2024-33401.json) (`2025-03-25T19:15:43.120`)
- [CVE-2025-1936](CVE-2025/CVE-2025-19xx/CVE-2025-1936.json) (`2025-03-25T18:15:34.550`) - [CVE-2024-3478](CVE-2024/CVE-2024-34xx/CVE-2024-3478.json) (`2025-03-25T19:15:43.823`)
- [CVE-2025-2216](CVE-2025/CVE-2025-22xx/CVE-2025-2216.json) (`2025-03-25T17:24:09.643`) - [CVE-2024-36303](CVE-2024/CVE-2024-363xx/CVE-2024-36303.json) (`2025-03-25T19:15:43.273`)
- [CVE-2025-2217](CVE-2025/CVE-2025-22xx/CVE-2025-2217.json) (`2025-03-25T17:22:56.167`) - [CVE-2024-3631](CVE-2024/CVE-2024-36xx/CVE-2024-3631.json) (`2025-03-25T19:15:43.967`)
- [CVE-2025-2218](CVE-2025/CVE-2025-22xx/CVE-2025-2218.json) (`2025-03-25T17:21:14.350`) - [CVE-2024-36823](CVE-2024/CVE-2024-368xx/CVE-2024-36823.json) (`2025-03-25T19:15:43.420`)
- [CVE-2025-2219](CVE-2025/CVE-2025-22xx/CVE-2025-2219.json) (`2025-03-25T17:19:48.137`) - [CVE-2024-38474](CVE-2024/CVE-2024-384xx/CVE-2024-38474.json) (`2025-03-25T19:15:43.623`)
- [CVE-2025-2220](CVE-2025/CVE-2025-22xx/CVE-2025-2220.json) (`2025-03-25T17:15:07.350`) - [CVE-2024-40628](CVE-2024/CVE-2024-406xx/CVE-2024-40628.json) (`2025-03-25T20:15:22.063`)
- [CVE-2025-25595](CVE-2025/CVE-2025-255xx/CVE-2025-25595.json) (`2025-03-25T17:16:20.660`) - [CVE-2024-40629](CVE-2024/CVE-2024-406xx/CVE-2024-40629.json) (`2025-03-25T20:15:22.197`)
- [CVE-2025-26137](CVE-2025/CVE-2025-261xx/CVE-2025-26137.json) (`2025-03-25T17:16:21.547`) - [CVE-2024-42584](CVE-2024/CVE-2024-425xx/CVE-2024-42584.json) (`2025-03-25T19:15:44.113`)
- [CVE-2025-26138](CVE-2025/CVE-2025-261xx/CVE-2025-26138.json) (`2025-03-25T17:16:22.840`) - [CVE-2024-44313](CVE-2024/CVE-2024-443xx/CVE-2024-44313.json) (`2025-03-25T19:15:44.317`)
- [CVE-2025-27018](CVE-2025/CVE-2025-270xx/CVE-2025-27018.json) (`2025-03-25T18:15:34.683`) - [CVE-2024-4480](CVE-2024/CVE-2024-44xx/CVE-2024-4480.json) (`2025-03-25T19:15:45.413`)
- [CVE-2025-27809](CVE-2025/CVE-2025-278xx/CVE-2025-27809.json) (`2025-03-25T17:16:24.043`) - [CVE-2024-45234](CVE-2024/CVE-2024-452xx/CVE-2024-45234.json) (`2025-03-25T19:15:45.247`)
- [CVE-2025-29101](CVE-2025/CVE-2025-291xx/CVE-2025-29101.json) (`2025-03-25T17:37:22.543`) - [CVE-2024-4533](CVE-2024/CVE-2024-45xx/CVE-2024-4533.json) (`2025-03-25T19:15:45.553`)
- [CVE-2025-29149](CVE-2025/CVE-2025-291xx/CVE-2025-29149.json) (`2025-03-25T17:38:10.577`) - [CVE-2024-58104](CVE-2024/CVE-2024-581xx/CVE-2024-58104.json) (`2025-03-25T19:15:45.713`)
- [CVE-2025-29214](CVE-2025/CVE-2025-292xx/CVE-2025-29214.json) (`2025-03-25T17:37:42.507`) - [CVE-2025-1530](CVE-2025/CVE-2025-15xx/CVE-2025-1530.json) (`2025-03-25T20:02:28.730`)
- [CVE-2025-29215](CVE-2025/CVE-2025-292xx/CVE-2025-29215.json) (`2025-03-25T17:38:20.710`) - [CVE-2025-2025](CVE-2025/CVE-2025-20xx/CVE-2025-2025.json) (`2025-03-25T19:48:15.730`)
- [CVE-2025-29217](CVE-2025/CVE-2025-292xx/CVE-2025-29217.json) (`2025-03-25T17:38:28.670`) - [CVE-2025-2232](CVE-2025/CVE-2025-22xx/CVE-2025-2232.json) (`2025-03-25T20:13:28.670`)
- [CVE-2025-29313](CVE-2025/CVE-2025-293xx/CVE-2025-29313.json) (`2025-03-25T18:15:34.843`) - [CVE-2025-2325](CVE-2025/CVE-2025-23xx/CVE-2025-2325.json) (`2025-03-25T20:07:03.383`)
- [CVE-2025-29425](CVE-2025/CVE-2025-294xx/CVE-2025-29425.json) (`2025-03-25T18:41:49.120`) - [CVE-2025-2383](CVE-2025/CVE-2025-23xx/CVE-2025-2383.json) (`2025-03-25T19:30:47.563`)
- [CVE-2025-29429](CVE-2025/CVE-2025-294xx/CVE-2025-29429.json) (`2025-03-25T18:46:50.230`) - [CVE-2025-2384](CVE-2025/CVE-2025-23xx/CVE-2025-2384.json) (`2025-03-25T19:24:12.400`)
- [CVE-2025-29430](CVE-2025/CVE-2025-294xx/CVE-2025-29430.json) (`2025-03-25T18:44:43.817`) - [CVE-2025-2386](CVE-2025/CVE-2025-23xx/CVE-2025-2386.json) (`2025-03-25T19:07:30.627`)
- [CVE-2025-30137](CVE-2025/CVE-2025-301xx/CVE-2025-30137.json) (`2025-03-25T17:16:24.817`) - [CVE-2025-29782](CVE-2025/CVE-2025-297xx/CVE-2025-29782.json) (`2025-03-25T20:12:23.047`)
- [CVE-2025-30138](CVE-2025/CVE-2025-301xx/CVE-2025-30138.json) (`2025-03-25T17:16:25.520`) - [CVE-2025-30116](CVE-2025/CVE-2025-301xx/CVE-2025-30116.json) (`2025-03-25T19:15:46.030`)
- [CVE-2025-30154](CVE-2025/CVE-2025-301xx/CVE-2025-30154.json) (`2025-03-25T18:52:34.987`) - [CVE-2025-30117](CVE-2025/CVE-2025-301xx/CVE-2025-30117.json) (`2025-03-25T19:15:46.190`)
## Download and Usage ## Download and Usage

588
_state.csv
View File

File diff suppressed because it is too large Load Diff