admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-04-09T20:00:20.918230+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-04-09 20:03:53 +00:00
parent 51fb79d148
commit 6ca762c881
98 changed files with 3626 additions and 609 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
CVE-1999/CVE-1999-00xx/CVE-1999-0011.json
View File

@ -2,7 +2,7 @@
"id": "CVE-1999-0011", "id": "CVE-1999-0011",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "1998-04-08T04:00:00.000", "published": "1998-04-08T04:00:00.000",
"lastModified": "2025-04-03T01:03:51.193", "lastModified": "2025-04-09T19:15:42.567",
"vulnStatus": "Deferred", "vulnStatus": "Deferred",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -12,6 +12,28 @@
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
],
"cvssMetricV2": [ "cvssMetricV2": [
{ {
"source": "nvd@nist.gov", "source": "nvd@nist.gov",
@ -48,6 +70,16 @@
"value": "NVD-CWE-Other" "value": "NVD-CWE-Other"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1067"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-1999/CVE-1999-00xx/CVE-1999-0012.json
View File

@ -2,7 +2,7 @@
"id": "CVE-1999-0012", "id": "CVE-1999-0012",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "1998-02-06T05:00:00.000", "published": "1998-02-06T05:00:00.000",
"lastModified": "2025-04-03T01:03:51.193", "lastModified": "2025-04-09T19:15:43.647",
"vulnStatus": "Deferred", "vulnStatus": "Deferred",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -12,6 +12,28 @@
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.2,
"impactScore": 4.7
}
],
"cvssMetricV2": [ "cvssMetricV2": [
{ {
"source": "nvd@nist.gov", "source": "nvd@nist.gov",
@ -48,6 +70,16 @@
"value": "NVD-CWE-Other" "value": "NVD-CWE-Other"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-290"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2017/CVE-2017-201xx/CVE-2017-20166.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2017-20166", "id": "CVE-2017-20166",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-01-10T06:15:09.610", "published": "2023-01-10T06:15:09.610",
"lastModified": "2024-11-21T03:22:47.370", "lastModified": "2025-04-09T18:15:42.910",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "NVD-CWE-Other" "value": "NVD-CWE-Other"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-754"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2021/CVE-2021-468xx/CVE-2021-46871.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-46871", "id": "CVE-2021-46871",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-01-10T06:15:09.870", "published": "2023-01-10T06:15:09.870",
"lastModified": "2024-11-21T06:34:49.383", "lastModified": "2025-04-09T18:15:44.107",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
} }
], ],
"configurations": [ "configurations": [

22
CVE-2022/CVE-2022-36xx/CVE-2022-3679.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-3679", "id": "CVE-2022-3679",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-09T23:15:26.843", "published": "2023-01-09T23:15:26.843",
"lastModified": "2024-11-21T07:20:01.050", "lastModified": "2025-04-09T19:15:43.980",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
} }
] ]
}, },

22
CVE-2022/CVE-2022-38xx/CVE-2022-3855.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-3855", "id": "CVE-2022-3855",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-09T23:15:26.920", "published": "2023-01-09T23:15:26.920",
"lastModified": "2024-11-21T07:20:22.440", "lastModified": "2025-04-09T19:15:44.167",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.7, "exploitabilityScore": 1.7,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
} }
] ]
}, },

22
CVE-2022/CVE-2022-39xx/CVE-2022-3923.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-3923", "id": "CVE-2022-3923",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-09T23:15:26.997", "published": "2023-01-09T23:15:26.997",
"lastModified": "2024-11-21T07:20:32.490", "lastModified": "2025-04-09T19:15:44.330",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
} }
] ]
}, },

32
CVE-2022/CVE-2022-408xx/CVE-2022-40827.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-40827", "id": "CVE-2022-40827",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2022-10-07T11:15:11.173", "published": "2022-10-07T11:15:11.173",
"lastModified": "2024-11-21T07:22:05.970", "lastModified": "2025-04-09T19:15:44.507",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [ "cveTags": [
{ {
@ -43,6 +43,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
] ]
}, },
@ -56,6 +76,16 @@
"value": "CWE-89" "value": "CWE-89"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-408xx/CVE-2022-40828.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-40828", "id": "CVE-2022-40828",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2022-10-07T11:15:11.273", "published": "2022-10-07T11:15:11.273",
"lastModified": "2024-11-21T07:22:06.123", "lastModified": "2025-04-09T19:15:44.717",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [ "cveTags": [
{ {
@ -43,6 +43,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
] ]
}, },
@ -56,6 +76,16 @@
"value": "CWE-89" "value": "CWE-89"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-412xx/CVE-2022-41220.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-41220", "id": "CVE-2022-41220",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2022-09-21T07:15:08.750", "published": "2022-09-21T07:15:08.750",
"lastModified": "2024-11-21T07:22:51.447", "lastModified": "2025-04-09T19:15:44.890",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [ "cveTags": [
{ {
@ -43,6 +43,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
] ]
}, },
@ -56,6 +76,16 @@
"value": "CWE-787" "value": "CWE-787"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
} }
], ],
"configurations": [ "configurations": [

22
CVE-2022/CVE-2022-41xx/CVE-2022-4102.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4102", "id": "CVE-2022-4102",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-09T23:15:27.247", "published": "2023-01-09T23:15:27.247",
"lastModified": "2024-11-21T07:34:35.257", "lastModified": "2025-04-09T19:15:45.093",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.6, "exploitabilityScore": 1.6,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 3.1,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4
} }
] ]
}, },

22
CVE-2022/CVE-2022-43xx/CVE-2022-4325.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4325", "id": "CVE-2022-4325",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-09T23:15:27.647", "published": "2023-01-09T23:15:27.647",
"lastModified": "2024-11-21T07:35:02.700", "lastModified": "2025-04-09T18:15:44.297",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
} }
] ]
}, },

22
CVE-2022/CVE-2022-43xx/CVE-2022-4368.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4368", "id": "CVE-2022-4368",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-09T23:15:27.720", "published": "2023-01-09T23:15:27.720",
"lastModified": "2024-11-21T07:35:08.710", "lastModified": "2025-04-09T19:15:45.260",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
} }
] ]
}, },

22
CVE-2022/CVE-2022-43xx/CVE-2022-4391.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4391", "id": "CVE-2022-4391",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-09T23:15:27.877", "published": "2023-01-09T23:15:27.877",
"lastModified": "2024-11-21T07:35:10.963", "lastModified": "2025-04-09T19:15:45.423",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },

22
CVE-2022/CVE-2022-43xx/CVE-2022-4394.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4394", "id": "CVE-2022-4394",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-09T23:15:28.107", "published": "2023-01-09T23:15:28.107",
"lastModified": "2024-11-21T07:35:11.333", "lastModified": "2025-04-09T19:15:45.590",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },

22
CVE-2022/CVE-2022-44xx/CVE-2022-4426.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4426", "id": "CVE-2022-4426",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-09T23:15:28.190", "published": "2023-01-09T23:15:28.190",
"lastModified": "2024-11-21T07:35:14.403", "lastModified": "2025-04-09T19:15:45.747",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
} }
] ]
}, },

22
CVE-2022/CVE-2022-44xx/CVE-2022-4468.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4468", "id": "CVE-2022-4468",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-09T23:15:28.267", "published": "2023-01-09T23:15:28.267",
"lastModified": "2024-11-21T07:35:19.400", "lastModified": "2025-04-09T19:15:45.917",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },

22
CVE-2022/CVE-2022-44xx/CVE-2022-4479.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4479", "id": "CVE-2022-4479",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-09T23:15:28.340", "published": "2023-01-09T23:15:28.340",
"lastModified": "2024-11-21T07:35:20.770", "lastModified": "2025-04-09T19:15:46.080",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },

22
CVE-2022/CVE-2022-44xx/CVE-2022-4491.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4491", "id": "CVE-2022-4491",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-09T23:15:28.427", "published": "2023-01-09T23:15:28.427",
"lastModified": "2024-11-21T07:35:22.090", "lastModified": "2025-04-09T19:15:46.247",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },

24
CVE-2022/CVE-2022-46xx/CVE-2022-4662.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4662", "id": "CVE-2022-4662",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2022-12-22T22:15:16.940", "published": "2022-12-22T22:15:16.940",
"lastModified": "2024-11-21T07:35:41.410", "lastModified": "2025-04-09T19:15:46.523",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,13 +36,33 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
} }
] ]
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "secalert@redhat.com", "source": "secalert@redhat.com",
"type": "Primary", "type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",

12
CVE-2022/CVE-2022-47xx/CVE-2022-4778.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4778", "id": "CVE-2022-4778",
"sourceIdentifier": "vulnerability@ncsc.ch", "sourceIdentifier": "vulnerability@ncsc.ch",
"published": "2022-12-29T00:15:08.980", "published": "2022-12-29T00:15:08.980",
"lastModified": "2024-11-21T07:35:55.453", "lastModified": "2025-04-09T19:15:46.857",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-22" "value": "CWE-22"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
} }
], ],
"configurations": [ "configurations": [

55
CVE-2024/CVE-2024-137xx/CVE-2024-13744.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13744", "id": "CVE-2024-13744",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2025-04-04T05:15:44.350", "published": "2025-04-04T05:15:44.350",
"lastModified": "2025-04-07T14:18:15.560", "lastModified": "2025-04-09T18:09:50.180",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -19,7 +19,7 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "security@wordfence.com", "source": "security@wordfence.com",
"type": "Primary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.2, "exploitabilityScore": 2.2,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
] ]
}, },
@ -51,14 +71,39 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:booster:booster_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionStartIncluding": "4.0.1",
"versionEndExcluding": "7.2.5",
"matchCriteriaId": "853906FB-A6A4-459D-B9DD-F0A99E3C66AE"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/changeset/3262569/woocommerce-jetpack/trunk/includes/input-fields/class-wcj-product-input-fields-core.php", "url": "https://plugins.trac.wordpress.org/changeset/3262569/woocommerce-jetpack/trunk/includes/input-fields/class-wcj-product-input-fields-core.php",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f8e1aca8-3d82-4b1a-98c8-29501a377846?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f8e1aca8-3d82-4b1a-98c8-29501a377846?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

52
CVE-2024/CVE-2024-23xx/CVE-2024-2348.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2348", "id": "CVE-2024-2348",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:33.523", "published": "2024-04-09T19:15:33.523",
"lastModified": "2025-02-26T19:15:21.303", "lastModified": "2025-04-09T18:13:48.787",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -71,30 +71,66 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:celomitan:gum_elementor_addon:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3.3",
"matchCriteriaId": "88886DFB-9EF4-4D6A-8F8B-CF5702592FCF"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/browser/gum-elementor-addon/trunk/widgets/blog_post_meta.php#L1171", "url": "https://plugins.trac.wordpress.org/browser/gum-elementor-addon/trunk/widgets/blog_post_meta.php#L1171",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3051383%40gum-elementor-addon&new=3051383%40gum-elementor-addon&sfp_email=&sfph_mail=", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3051383%40gum-elementor-addon&new=3051383%40gum-elementor-addon&sfp_email=&sfph_mail=",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ade1eddf-cfcc-4956-8015-8d9a592cc252?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ade1eddf-cfcc-4956-8015-8d9a592cc252?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/browser/gum-elementor-addon/trunk/widgets/blog_post_meta.php#L1171", "url": "https://plugins.trac.wordpress.org/browser/gum-elementor-addon/trunk/widgets/blog_post_meta.php#L1171",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3051383%40gum-elementor-addon&new=3051383%40gum-elementor-addon&sfp_email=&sfph_mail=", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3051383%40gum-elementor-addon&new=3051383%40gum-elementor-addon&sfp_email=&sfph_mail=",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ade1eddf-cfcc-4956-8015-8d9a592cc252?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ade1eddf-cfcc-4956-8015-8d9a592cc252?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

33
CVE-2024/CVE-2024-355xx/CVE-2024-35550.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35550", "id": "CVE-2024-35550",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-05-22T14:15:08.947", "published": "2024-05-22T14:15:08.947",
"lastModified": "2025-03-25T16:15:21.600", "lastModified": "2025-04-09T18:21:16.130",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,14 +51,39 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:idccms:idccms:1.35:*:*:*:*:*:*:*",
"matchCriteriaId": "0790E0F4-51A6-479C-9321-8E42F139EDC7"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/bearman113/1.md/blob/main/17/csrf.md", "url": "https://github.com/bearman113/1.md/blob/main/17/csrf.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/bearman113/1.md/blob/main/17/csrf.md", "url": "https://github.com/bearman113/1.md/blob/main/17/csrf.md",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

33
CVE-2024/CVE-2024-355xx/CVE-2024-35551.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35551", "id": "CVE-2024-35551",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-05-22T14:15:09.040", "published": "2024-05-22T14:15:09.040",
"lastModified": "2025-03-25T16:15:22.753", "lastModified": "2025-04-09T18:21:07.650",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,14 +51,39 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:idccms:idccms:1.35:*:*:*:*:*:*:*",
"matchCriteriaId": "0790E0F4-51A6-479C-9321-8E42F139EDC7"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/bearman113/1.md/blob/main/16/csrf.md", "url": "https://github.com/bearman113/1.md/blob/main/16/csrf.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/bearman113/1.md/blob/main/16/csrf.md", "url": "https://github.com/bearman113/1.md/blob/main/16/csrf.md",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

33
CVE-2024/CVE-2024-355xx/CVE-2024-35552.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35552", "id": "CVE-2024-35552",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-05-22T14:15:09.133", "published": "2024-05-22T14:15:09.133",
"lastModified": "2024-11-21T09:20:25.787", "lastModified": "2025-04-09T18:20:58.440",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,14 +51,39 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:idccms:idccms:1.35:*:*:*:*:*:*:*",
"matchCriteriaId": "0790E0F4-51A6-479C-9321-8E42F139EDC7"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/bearman113/1.md/blob/main/20/csrf.md", "url": "https://github.com/bearman113/1.md/blob/main/20/csrf.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/bearman113/1.md/blob/main/20/csrf.md", "url": "https://github.com/bearman113/1.md/blob/main/20/csrf.md",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

33
CVE-2024/CVE-2024-355xx/CVE-2024-35553.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35553", "id": "CVE-2024-35553",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-05-22T14:15:09.223", "published": "2024-05-22T14:15:09.223",
"lastModified": "2024-11-21T09:20:26.017", "lastModified": "2025-04-09T18:20:47.847",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,14 +51,39 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:idccms:idccms:1.35:*:*:*:*:*:*:*",
"matchCriteriaId": "0790E0F4-51A6-479C-9321-8E42F139EDC7"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/bearman113/1.md/blob/main/21/csrf.md", "url": "https://github.com/bearman113/1.md/blob/main/21/csrf.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/bearman113/1.md/blob/main/21/csrf.md", "url": "https://github.com/bearman113/1.md/blob/main/21/csrf.md",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

33
CVE-2024/CVE-2024-355xx/CVE-2024-35554.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35554", "id": "CVE-2024-35554",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-05-22T14:15:09.307", "published": "2024-05-22T14:15:09.307",
"lastModified": "2025-03-26T16:15:19.830", "lastModified": "2025-04-09T18:20:34.677",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,14 +51,39 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:idccms:idccms:1.35:*:*:*:*:*:*:*",
"matchCriteriaId": "0790E0F4-51A6-479C-9321-8E42F139EDC7"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/bearman113/1.md/blob/main/19/csrf.md", "url": "https://github.com/bearman113/1.md/blob/main/19/csrf.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/bearman113/1.md/blob/main/19/csrf.md", "url": "https://github.com/bearman113/1.md/blob/main/19/csrf.md",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

33
CVE-2024/CVE-2024-355xx/CVE-2024-35555.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35555", "id": "CVE-2024-35555",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-05-22T14:15:09.390", "published": "2024-05-22T14:15:09.390",
"lastModified": "2024-11-21T09:20:26.400", "lastModified": "2025-04-09T18:20:21.197",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,14 +51,39 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:idccms:idccms:1.35:*:*:*:*:*:*:*",
"matchCriteriaId": "0790E0F4-51A6-479C-9321-8E42F139EDC7"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/bearman113/1.md/blob/main/18/csrf.md", "url": "https://github.com/bearman113/1.md/blob/main/18/csrf.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/bearman113/1.md/blob/main/18/csrf.md", "url": "https://github.com/bearman113/1.md/blob/main/18/csrf.md",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

33
CVE-2024/CVE-2024-355xx/CVE-2024-35556.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35556", "id": "CVE-2024-35556",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-05-22T14:15:09.467", "published": "2024-05-22T14:15:09.467",
"lastModified": "2024-11-21T09:20:26.620", "lastModified": "2025-04-09T18:20:08.663",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,14 +51,39 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:idccms:idccms:1.35:*:*:*:*:*:*:*",
"matchCriteriaId": "0790E0F4-51A6-479C-9321-8E42F139EDC7"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/bearman113/1.md/blob/main/26/csrf.md", "url": "https://github.com/bearman113/1.md/blob/main/26/csrf.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/bearman113/1.md/blob/main/26/csrf.md", "url": "https://github.com/bearman113/1.md/blob/main/26/csrf.md",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

33
CVE-2024/CVE-2024-355xx/CVE-2024-35557.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35557", "id": "CVE-2024-35557",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-05-22T14:15:09.563", "published": "2024-05-22T14:15:09.563",
"lastModified": "2024-11-21T09:20:26.837", "lastModified": "2025-04-09T18:19:53.267",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,14 +51,39 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:idccms:idccms:1.35:*:*:*:*:*:*:*",
"matchCriteriaId": "0790E0F4-51A6-479C-9321-8E42F139EDC7"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/bearman113/1.md/blob/main/27/csrf.md", "url": "https://github.com/bearman113/1.md/blob/main/27/csrf.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/bearman113/1.md/blob/main/27/csrf.md", "url": "https://github.com/bearman113/1.md/blob/main/27/csrf.md",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

33
CVE-2024/CVE-2024-355xx/CVE-2024-35558.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35558", "id": "CVE-2024-35558",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-05-22T14:15:09.653", "published": "2024-05-22T14:15:09.653",
"lastModified": "2025-03-25T14:15:24.853", "lastModified": "2025-04-09T18:19:40.080",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,14 +51,39 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:idccms:idccms:1.35:*:*:*:*:*:*:*",
"matchCriteriaId": "0790E0F4-51A6-479C-9321-8E42F139EDC7"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/bearman113/1.md/blob/main/24/csrf.md", "url": "https://github.com/bearman113/1.md/blob/main/24/csrf.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/bearman113/1.md/blob/main/24/csrf.md", "url": "https://github.com/bearman113/1.md/blob/main/24/csrf.md",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

33
CVE-2024/CVE-2024-355xx/CVE-2024-35559.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35559", "id": "CVE-2024-35559",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-05-22T14:15:09.750", "published": "2024-05-22T14:15:09.750",
"lastModified": "2024-11-21T09:20:27.287", "lastModified": "2025-04-09T18:19:26.117",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,14 +51,39 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:idccms:idccms:1.35:*:*:*:*:*:*:*",
"matchCriteriaId": "0790E0F4-51A6-479C-9321-8E42F139EDC7"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/bearman113/1.md/blob/main/22/csrf.md", "url": "https://github.com/bearman113/1.md/blob/main/22/csrf.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/bearman113/1.md/blob/main/22/csrf.md", "url": "https://github.com/bearman113/1.md/blob/main/22/csrf.md",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

33
CVE-2024/CVE-2024-355xx/CVE-2024-35560.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35560", "id": "CVE-2024-35560",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-05-22T14:15:09.833", "published": "2024-05-22T14:15:09.833",
"lastModified": "2025-03-25T16:15:22.893", "lastModified": "2025-04-09T18:19:15.387",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,14 +51,39 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:idccms:idccms:1.35:*:*:*:*:*:*:*",
"matchCriteriaId": "0790E0F4-51A6-479C-9321-8E42F139EDC7"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/bearman113/1.md/blob/main/25/csrf.md", "url": "https://github.com/bearman113/1.md/blob/main/25/csrf.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/bearman113/1.md/blob/main/25/csrf.md", "url": "https://github.com/bearman113/1.md/blob/main/25/csrf.md",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

33
CVE-2024/CVE-2024-355xx/CVE-2024-35561.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35561", "id": "CVE-2024-35561",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-05-22T14:15:09.917", "published": "2024-05-22T14:15:09.917",
"lastModified": "2024-11-21T09:20:27.673", "lastModified": "2025-04-09T18:19:02.790",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,14 +51,39 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:idccms:idccms:1.35:*:*:*:*:*:*:*",
"matchCriteriaId": "0790E0F4-51A6-479C-9321-8E42F139EDC7"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/bearman113/1.md/blob/main/23/csrf.md", "url": "https://github.com/bearman113/1.md/blob/main/23/csrf.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/bearman113/1.md/blob/main/23/csrf.md", "url": "https://github.com/bearman113/1.md/blob/main/23/csrf.md",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

38
CVE-2024/CVE-2024-366xx/CVE-2024-36612.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-36612", "id": "CVE-2024-36612",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-11-29T20:15:20.340", "published": "2024-11-29T20:15:20.340",
"lastModified": "2024-12-02T17:15:11.420", "lastModified": "2025-04-09T18:54:42.280",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,18 +51,46 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zulip:zulip_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0",
"versionEndIncluding": "8.3",
"matchCriteriaId": "79C1AA50-573D-4D51-B7C7-C8566004DFEE"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://gist.github.com/1047524396/f7ff51d24ebbb29e21dfb70a0c97302b", "url": "https://gist.github.com/1047524396/f7ff51d24ebbb29e21dfb70a0c97302b",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/zulip/zulip/blob/8.3/web/src/click_handlers.js", "url": "https://github.com/zulip/zulip/blob/8.3/web/src/click_handlers.js",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
}, },
{ {
"url": "https://github.com/zulip/zulip/commit/0a90a13becbf0338a8fc1ad37946e51c2c25b0a5", "url": "https://github.com/zulip/zulip/commit/0a90a13becbf0338a8fc1ad37946e51c2c25b0a5",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Patch"
]
} }
] ]
} }

39
CVE-2024/CVE-2024-448xx/CVE-2024-44859.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44859", "id": "CVE-2024-44859",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-09-04T16:15:07.400", "published": "2024-09-04T16:15:07.400",
"lastModified": "2024-09-05T12:53:21.110", "lastModified": "2025-04-09T18:46:56.230",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,10 +51,43 @@
] ]
} }
], ],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:fh1201_firmware:1.2.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "342C439A-1DF1-4D28-BE88-87490F47B70C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:fh1201:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67A1C59D-AE12-4410-9173-B9B9A72B3AE4"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/Ha0-Y/IoT/blob/main/tenda-F1201/WrlExtraGet.md", "url": "https://github.com/Ha0-Y/IoT/blob/main/tenda-F1201/WrlExtraGet.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

39
CVE-2024/CVE-2024-511xx/CVE-2024-51116.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-51116", "id": "CVE-2024-51116",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-11-05T22:15:21.477", "published": "2024-11-05T22:15:21.477",
"lastModified": "2024-11-06T18:17:17.287", "lastModified": "2025-04-09T18:47:22.867",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,10 +51,43 @@
] ]
} }
], ],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac6_firmware:15.03.06.50:*:*:*:*:*:*:*",
"matchCriteriaId": "ED890D2E-3860-4E6E-A1D4-FC0031430884"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac6:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E382AD7E-1450-40FC-AE9D-698B491805F0"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/CLan-nad/CVE/blob/main/tenda/formSetPPTPServer/readme.md", "url": "https://github.com/CLan-nad/CVE/blob/main/tenda/formSetPPTPServer/readme.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

43
CVE-2024/CVE-2024-534xx/CVE-2024-53470.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-53470", "id": "CVE-2024-53470",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-12-05T16:15:25.743", "published": "2024-12-05T16:15:25.743",
"lastModified": "2024-12-10T22:15:25.010", "lastModified": "2025-04-09T18:30:08.277",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,22 +51,53 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wegia:wegia:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0071E4AD-1CE5-4E69-ABB0-94C615FDC583"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/nilsonmori/WeGIA", "url": "https://github.com/nilsonmori/WeGIA",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
}, },
{ {
"url": "https://github.com/nmmorette/vulnerability-research/blob/main/CVE-2024-53470/README.md", "url": "https://github.com/nmmorette/vulnerability-research/blob/main/CVE-2024-53470/README.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.wegia.org", "url": "https://www.wegia.org",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
}, },
{ {
"url": "https://github.com/nmmorette/vulnerability-research/blob/main/CVE-2024-53470/README.md", "url": "https://github.com/nmmorette/vulnerability-research/blob/main/CVE-2024-53470/README.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

38
CVE-2024/CVE-2024-534xx/CVE-2024-53471.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-53471", "id": "CVE-2024-53471",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-12-05T16:15:25.867", "published": "2024-12-05T16:15:25.867",
"lastModified": "2024-12-10T22:15:25.277", "lastModified": "2025-04-09T18:29:58.013",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,18 +51,46 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wegia:wegia:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0071E4AD-1CE5-4E69-ABB0-94C615FDC583"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/nilsonmori/WeGIA", "url": "https://github.com/nilsonmori/WeGIA",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
}, },
{ {
"url": "https://github.com/nmmorette/vulnerability-research/blob/main/CVE-2024-53471/README.md", "url": "https://github.com/nmmorette/vulnerability-research/blob/main/CVE-2024-53471/README.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/nmmorette/vulnerability-research/blob/main/CVE-2024-53471/README.md", "url": "https://github.com/nmmorette/vulnerability-research/blob/main/CVE-2024-53471/README.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

43
CVE-2024/CVE-2024-534xx/CVE-2024-53472.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-53472", "id": "CVE-2024-53472",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-12-05T16:15:25.977", "published": "2024-12-05T16:15:25.977",
"lastModified": "2024-12-11T17:15:19.720", "lastModified": "2025-04-09T18:29:44.127",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,22 +51,53 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wegia:wegia:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0071E4AD-1CE5-4E69-ABB0-94C615FDC583"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/nilsonLazarin/WeGIA/", "url": "https://github.com/nilsonLazarin/WeGIA/",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
}, },
{ {
"url": "https://github.com/nmmorette/vulnerability-research/tree/main/CVE-2024-53472", "url": "https://github.com/nmmorette/vulnerability-research/tree/main/CVE-2024-53472",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.wegia.org", "url": "https://www.wegia.org",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
}, },
{ {
"url": "https://github.com/nmmorette/vulnerability-research/tree/main/CVE-2024-53472", "url": "https://github.com/nmmorette/vulnerability-research/tree/main/CVE-2024-53472",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

49
CVE-2024/CVE-2024-534xx/CVE-2024-53473.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-53473", "id": "CVE-2024-53473",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-12-07T23:15:34.137", "published": "2024-12-07T23:15:34.137",
"lastModified": "2025-01-03T17:15:08.243", "lastModified": "2025-04-09T18:29:29.920",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,26 +51,61 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wegia:wegia:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0071E4AD-1CE5-4E69-ABB0-94C615FDC583"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/nilsonLazarin/WeGIA/commit/3998672f1b86db58eab2808a640903d73b37bd2d", "url": "https://github.com/nilsonLazarin/WeGIA/commit/3998672f1b86db58eab2808a640903d73b37bd2d",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://github.com/nilsonLazarin/WeGIA/issues/791", "url": "https://github.com/nilsonLazarin/WeGIA/issues/791",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
]
}, },
{ {
"url": "https://github.com/nmmorette/vulnerability-research/blob/main/CVE-2024-53473/README.md", "url": "https://github.com/nmmorette/vulnerability-research/blob/main/CVE-2024-53473/README.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/nmmorette/vulnerability-research/tree/main/CVE-2024-53473", "url": "https://github.com/nmmorette/vulnerability-research/tree/main/CVE-2024-53473",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.wegia.org", "url": "https://www.wegia.org",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
} }
] ]
} }

39
CVE-2024/CVE-2024-549xx/CVE-2024-54907.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-54907", "id": "CVE-2024-54907",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-12-26T19:15:08.153", "published": "2024-12-26T19:15:08.153",
"lastModified": "2024-12-26T20:15:21.800", "lastModified": "2025-04-09T18:36:22.210",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,10 +51,43 @@
] ]
} }
], ],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:totolink:a3002r_firmware:4.0.0-b20230531.1404:*:*:*:*:*:*:*",
"matchCriteriaId": "E86B079B-AD4D-46EF-9E45-31EE15729291"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:totolink:a3002r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CBBBC48-8918-4D59-8059-285404AE7716"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/MnrikSrins/totolink_A3002R_RCE", "url": "https://github.com/MnrikSrins/totolink_A3002R_RCE",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

27
CVE-2024/CVE-2024-569xx/CVE-2024-56990.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56990", "id": "CVE-2024-56990",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-01-21T16:15:13.947", "published": "2025-01-21T16:15:13.947",
"lastModified": "2025-02-04T16:15:39.010", "lastModified": "2025-04-09T18:33:54.980",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,10 +51,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpgurukul:hospital_management_system:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DA36E354-4DBF-4BE4-9BC4-CB00C6771BAF"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/kirito999/HMS_stored_XSS/blob/main/stored%20XSS1%20%20in%20HMS4.0/stored%20XSS%20%20in%20HMS.md", "url": "https://github.com/kirito999/HMS_stored_XSS/blob/main/stored%20XSS1%20%20in%20HMS4.0/stored%20XSS%20%20in%20HMS.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

33
CVE-2024/CVE-2024-569xx/CVE-2024-56997.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56997", "id": "CVE-2024-56997",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-01-21T15:15:13.343", "published": "2025-01-21T15:15:13.343",
"lastModified": "2025-01-21T20:15:35.757", "lastModified": "2025-04-09T18:34:09.567",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,14 +51,39 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpgurukul:hospital_management_system:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DA36E354-4DBF-4BE4-9BC4-CB00C6771BAF"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/kirito999/HMS_stored_XSS/blob/main/stored%20XSS5%20in%20HMS4.0/stored%20XSS5%20in%20HMS.md", "url": "https://github.com/kirito999/HMS_stored_XSS/blob/main/stored%20XSS5%20in%20HMS4.0/stored%20XSS5%20in%20HMS.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/kirito999/HMS_stored_XSS/blob/main/stored%20XSS5%20in%20HMS4.0/stored%20XSS5%20in%20HMS.md", "url": "https://github.com/kirito999/HMS_stored_XSS/blob/main/stored%20XSS5%20in%20HMS4.0/stored%20XSS5%20in%20HMS.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

33
CVE-2024/CVE-2024-569xx/CVE-2024-56998.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56998", "id": "CVE-2024-56998",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-01-21T15:15:13.467", "published": "2025-01-21T15:15:13.467",
"lastModified": "2025-01-21T20:15:35.937", "lastModified": "2025-04-09T18:34:18.130",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,14 +51,39 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpgurukul:hospital_management_system:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DA36E354-4DBF-4BE4-9BC4-CB00C6771BAF"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/kirito999/HMS_stored_XSS/blob/main/stored%20XSS2%20in%20HMS4.0/stored%20XSS2%20in%20HMS.md", "url": "https://github.com/kirito999/HMS_stored_XSS/blob/main/stored%20XSS2%20in%20HMS4.0/stored%20XSS2%20in%20HMS.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/kirito999/HMS_stored_XSS/blob/main/stored%20XSS2%20in%20HMS4.0/stored%20XSS2%20in%20HMS.md", "url": "https://github.com/kirito999/HMS_stored_XSS/blob/main/stored%20XSS2%20in%20HMS4.0/stored%20XSS2%20in%20HMS.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

33
CVE-2024/CVE-2024-570xx/CVE-2024-57030.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-57030", "id": "CVE-2024-57030",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-01-17T20:15:28.667", "published": "2025-01-17T20:15:28.667",
"lastModified": "2025-01-17T21:15:09.823", "lastModified": "2025-04-09T18:24:20.647",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,14 +51,39 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wegia:wegia:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.0",
"matchCriteriaId": "F250BE2A-E47B-44B6-B352-13F0BA6C44DB"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/nmmorette/vulnerability-research/tree/main/CVE-2024-57030", "url": "https://github.com/nmmorette/vulnerability-research/tree/main/CVE-2024-57030",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.wegia.org/", "url": "https://www.wegia.org/",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
} }
] ]
} }

33
CVE-2024/CVE-2024-570xx/CVE-2024-57033.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-57033", "id": "CVE-2024-57033",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-01-17T21:15:09.980", "published": "2025-01-17T21:15:09.980",
"lastModified": "2025-01-23T17:15:16.950", "lastModified": "2025-04-09T18:30:54.083",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,14 +51,39 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wegia:wegia:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.0",
"matchCriteriaId": "F250BE2A-E47B-44B6-B352-13F0BA6C44DB"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/nmmorette/vulnerability-research/tree/main/CVE-2024-57033", "url": "https://github.com/nmmorette/vulnerability-research/tree/main/CVE-2024-57033",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.wegia.org/", "url": "https://www.wegia.org/",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
} }
] ]
} }

43
CVE-2024/CVE-2024-574xx/CVE-2024-57483.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-57483", "id": "CVE-2024-57483",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-01-14T23:15:09.060", "published": "2025-01-14T23:15:09.060",
"lastModified": "2025-03-20T14:15:21.193", "lastModified": "2025-04-09T18:32:38.667",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,14 +51,49 @@
] ]
} }
], ],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:i24_firmware:2.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3A27A494-68F4-4EDD-B4EA-6E49569E817A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:i24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "734CD236-AD9B-4232-96F6-07A324472B1E"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "http://tenda.com", "url": "http://tenda.com",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
}, },
{ {
"url": "https://gist.github.com/XiaoCurry/7dd5c6ab5af9df49883535b997cef7a4", "url": "https://gist.github.com/XiaoCurry/7dd5c6ab5af9df49883535b997cef7a4",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Broken Link"
]
} }
] ]
} }

31
CVE-2024/CVE-2024-82xx/CVE-2024-8243.json
View File

@ -2,16 +2,43 @@
"id": "CVE-2024-8243", "id": "CVE-2024-8243",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2025-04-09T06:15:41.360", "published": "2025-04-09T06:15:41.360",
"lastModified": "2025-04-09T06:15:41.360", "lastModified": "2025-04-09T19:15:47.270",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "The WordPress/Plugin Upgrade Time Out Plugin WordPress plugin through 1.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack." "value": "The WordPress/Plugin Upgrade Time Out Plugin WordPress plugin through 1.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack."
},
{
"lang": "es",
"value": "El complemento WordPress/Plugin Upgrade Time Out Plugin de WordPress hasta la versi\u00f3n 1.0 no tiene verificaci\u00f3n CSRF en algunos lugares y le falta saneamiento y escape, lo que podr\u00eda permitir a los atacantes hacer que el administrador que haya iniciado sesi\u00f3n agregue payloads XSS almacenado a trav\u00e9s de un ataque CSRF."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
]
},
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/8e1e2d8d-41aa-49bc-95d5-dae75be788d5/", "url": "https://wpscan.com/vulnerability/8e1e2d8d-41aa-49bc-95d5-dae75be788d5/",

27
CVE-2025/CVE-2025-206xx/CVE-2025-20657.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-20657", "id": "CVE-2025-20657",
"sourceIdentifier": "security@mediatek.com", "sourceIdentifier": "security@mediatek.com",
"published": "2025-04-07T04:15:19.577", "published": "2025-04-07T04:15:19.577",
"lastModified": "2025-04-07T14:17:50.220", "lastModified": "2025-04-09T19:15:47.410",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,30 @@
"value": "En vdec, existe una posible omisi\u00f3n de permisos debido a una validaci\u00f3n de entrada incorrecta. Esto podr\u00eda provocar una escalada local de privilegios si un actor malicioso ya ha obtenido el privilegio de System. No se requiere la interacci\u00f3n del usuario para la explotaci\u00f3n. ID de parche: ALPS09486425; ID de problema: MSV-2609." "value": "En vdec, existe una posible omisi\u00f3n de permisos debido a una validaci\u00f3n de entrada incorrecta. Esto podr\u00eda provocar una escalada local de privilegios si un actor malicioso ya ha obtenido el privilegio de System. No se requiere la interacci\u00f3n del usuario para la explotaci\u00f3n. ID de parche: ALPS09486425; ID de problema: MSV-2609."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "security@mediatek.com", "source": "security@mediatek.com",

27
CVE-2025/CVE-2025-206xx/CVE-2025-20660.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-20660", "id": "CVE-2025-20660",
"sourceIdentifier": "security@mediatek.com", "sourceIdentifier": "security@mediatek.com",
"published": "2025-04-07T04:15:19.940", "published": "2025-04-07T04:15:19.940",
"lastModified": "2025-04-07T14:17:50.220", "lastModified": "2025-04-09T19:15:47.560",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,30 @@
"value": "En PlayReady TA, existe una posible lectura fuera de los l\u00edmites debido a la falta de una comprobaci\u00f3n de los l\u00edmites. Esto podr\u00eda provocar una escalada local de privilegios si un actor malicioso ya ha obtenido el privilegio de System. No se requiere la interacci\u00f3n del usuario para la explotaci\u00f3n. ID de parche: DTV04436357; ID de problema: MSV-3186." "value": "En PlayReady TA, existe una posible lectura fuera de los l\u00edmites debido a la falta de una comprobaci\u00f3n de los l\u00edmites. Esto podr\u00eda provocar una escalada local de privilegios si un actor malicioso ya ha obtenido el privilegio de System. No se requiere la interacci\u00f3n del usuario para la explotaci\u00f3n. ID de parche: DTV04436357; ID de problema: MSV-3186."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "security@mediatek.com", "source": "security@mediatek.com",

59
CVE-2025/CVE-2025-221xx/CVE-2025-22133.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-22133", "id": "CVE-2025-22133",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2025-01-07T22:15:31.740", "published": "2025-01-07T22:15:31.740",
"lastModified": "2025-01-08T15:15:21.727", "lastModified": "2025-04-09T18:29:07.040",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.1, "exploitabilityScore": 3.1,
"impactScore": 6.0 "impactScore": 6.0
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
} }
] ]
}, },
@ -55,18 +75,47 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wegia:wegia:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.8",
"matchCriteriaId": "5DDD2AC7-FB66-4368-821D-B4BA30BD83D6"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/nilsonLazarin/WeGIA/commit/a08f04de96d3caec85496d7a89a5b82d1960d9dd", "url": "https://github.com/nilsonLazarin/WeGIA/commit/a08f04de96d3caec85496d7a89a5b82d1960d9dd",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://github.com/nilsonLazarin/WeGIA/security/advisories/GHSA-mjgr-2jxv-v8qf", "url": "https://github.com/nilsonLazarin/WeGIA/security/advisories/GHSA-mjgr-2jxv-v8qf",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/nilsonLazarin/WeGIA/security/advisories/GHSA-mjgr-2jxv-v8qf", "url": "https://github.com/nilsonLazarin/WeGIA/security/advisories/GHSA-mjgr-2jxv-v8qf",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

56
CVE-2025/CVE-2025-221xx/CVE-2025-22139.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-22139", "id": "CVE-2025-22139",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2025-01-08T19:15:38.717", "published": "2025-01-08T19:15:38.717",
"lastModified": "2025-01-08T20:15:29.693", "lastModified": "2025-04-09T18:28:51.577",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -59,6 +59,28 @@
"providerUrgency": "NOT_DEFINED" "providerUrgency": "NOT_DEFINED"
} }
} }
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
] ]
}, },
"weaknesses": [ "weaknesses": [
@ -73,14 +95,40 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wegia:wegia:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.8",
"matchCriteriaId": "5DDD2AC7-FB66-4368-821D-B4BA30BD83D6"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/nilsonLazarin/WeGIA/security/advisories/GHSA-xrjq-57mq-4hf8", "url": "https://github.com/nilsonLazarin/WeGIA/security/advisories/GHSA-xrjq-57mq-4hf8",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}, },
{ {
"url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-xrjq-57mq-4hf8", "url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-xrjq-57mq-4hf8",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Vendor Advisory"
]
} }
] ]
} }

56
CVE-2025/CVE-2025-221xx/CVE-2025-22140.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-22140", "id": "CVE-2025-22140",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2025-01-08T19:15:38.863", "published": "2025-01-08T19:15:38.863",
"lastModified": "2025-01-08T20:15:29.800", "lastModified": "2025-04-09T18:28:25.310",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -59,6 +59,28 @@
"providerUrgency": "NOT_DEFINED" "providerUrgency": "NOT_DEFINED"
} }
} }
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
] ]
}, },
"weaknesses": [ "weaknesses": [
@ -73,14 +95,40 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wegia:wegia:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.8",
"matchCriteriaId": "5DDD2AC7-FB66-4368-821D-B4BA30BD83D6"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/nilsonLazarin/WeGIA/security/advisories/GHSA-mrhp-wfp2-59h5", "url": "https://github.com/nilsonLazarin/WeGIA/security/advisories/GHSA-mrhp-wfp2-59h5",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}, },
{ {
"url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-mrhp-wfp2-59h5", "url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-mrhp-wfp2-59h5",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Vendor Advisory"
]
} }
] ]
} }

56
CVE-2025/CVE-2025-221xx/CVE-2025-22141.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-22141", "id": "CVE-2025-22141",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2025-01-08T19:15:39.017", "published": "2025-01-08T19:15:39.017",
"lastModified": "2025-01-08T20:15:29.897", "lastModified": "2025-04-09T18:28:02.700",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -59,6 +59,28 @@
"providerUrgency": "NOT_DEFINED" "providerUrgency": "NOT_DEFINED"
} }
} }
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
] ]
}, },
"weaknesses": [ "weaknesses": [
@ -73,14 +95,40 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wegia:wegia:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.8",
"matchCriteriaId": "5DDD2AC7-FB66-4368-821D-B4BA30BD83D6"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/nilsonLazarin/WeGIA/security/advisories/GHSA-w7hp-2w2c-p636", "url": "https://github.com/nilsonLazarin/WeGIA/security/advisories/GHSA-w7hp-2w2c-p636",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}, },
{ {
"url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-w7hp-2w2c-p636", "url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-w7hp-2w2c-p636",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Vendor Advisory"
]
} }
] ]
} }

28
CVE-2025/CVE-2025-225xx/CVE-2025-22596.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-22596", "id": "CVE-2025-22596",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2025-01-10T16:15:30.143", "published": "2025-01-10T16:15:30.143",
"lastModified": "2025-01-10T16:15:30.143", "lastModified": "2025-04-09T18:27:39.513",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -105,10 +105,32 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wegia:wegia:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.8",
"matchCriteriaId": "5DDD2AC7-FB66-4368-821D-B4BA30BD83D6"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-jcj3-gqj3-rrvm", "url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-jcj3-gqj3-rrvm",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
} }
] ]
} }

28
CVE-2025/CVE-2025-225xx/CVE-2025-22597.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-22597", "id": "CVE-2025-22597",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2025-01-10T16:15:30.343", "published": "2025-01-10T16:15:30.343",
"lastModified": "2025-01-10T16:15:30.343", "lastModified": "2025-04-09T18:27:30.550",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -81,10 +81,32 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wegia:wegia:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.8",
"matchCriteriaId": "5DDD2AC7-FB66-4368-821D-B4BA30BD83D6"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-mgj3-g922-2r9v", "url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-mgj3-g922-2r9v",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
} }
] ]
} }

28
CVE-2025/CVE-2025-225xx/CVE-2025-22598.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-22598", "id": "CVE-2025-22598",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2025-01-10T16:15:30.540", "published": "2025-01-10T16:15:30.540",
"lastModified": "2025-01-10T16:15:30.540", "lastModified": "2025-04-09T18:27:19.160",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -81,10 +81,32 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wegia:wegia:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.8",
"matchCriteriaId": "5DDD2AC7-FB66-4368-821D-B4BA30BD83D6"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-9x2j-pw3h-p53f", "url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-9x2j-pw3h-p53f",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
} }
] ]
} }

28
CVE-2025/CVE-2025-225xx/CVE-2025-22599.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-22599", "id": "CVE-2025-22599",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2025-01-10T16:15:30.737", "published": "2025-01-10T16:15:30.737",
"lastModified": "2025-01-10T16:15:30.737", "lastModified": "2025-04-09T18:27:07.707",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -105,10 +105,32 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wegia:wegia:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.8",
"matchCriteriaId": "5DDD2AC7-FB66-4368-821D-B4BA30BD83D6"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-8354-6cxw-7g8c", "url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-8354-6cxw-7g8c",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
} }
] ]
} }

28
CVE-2025/CVE-2025-226xx/CVE-2025-22600.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-22600", "id": "CVE-2025-22600",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2025-01-10T16:15:30.940", "published": "2025-01-10T16:15:30.940",
"lastModified": "2025-01-10T16:15:30.940", "lastModified": "2025-04-09T18:26:47.750",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -105,10 +105,32 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wegia:wegia:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.8",
"matchCriteriaId": "5DDD2AC7-FB66-4368-821D-B4BA30BD83D6"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-v856-wjh3-4rhg", "url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-v856-wjh3-4rhg",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
} }
] ]
} }

61
CVE-2025/CVE-2025-226xx/CVE-2025-22613.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-22613", "id": "CVE-2025-22613",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2025-01-13T21:15:14.837", "published": "2025-01-13T21:15:14.837",
"lastModified": "2025-01-14T01:15:17.580", "lastModified": "2025-04-09T18:26:24.233",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -59,6 +59,28 @@
"providerUrgency": "NOT_DEFINED" "providerUrgency": "NOT_DEFINED"
} }
} }
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
] ]
}, },
"weaknesses": [ "weaknesses": [
@ -73,18 +95,47 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wegia:wegia:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.6",
"matchCriteriaId": "012F4E07-98D6-4D1B-98C4-5EC959079F12"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/LabRedesCefetRJ/WeGIA/commit/d47412372d94dc3ca26e6416b8315895c61224fa", "url": "https://github.com/LabRedesCefetRJ/WeGIA/commit/d47412372d94dc3ca26e6416b8315895c61224fa",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-fhpx-54ch-ccxh", "url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-fhpx-54ch-ccxh",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}, },
{ {
"url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-fhpx-54ch-ccxh", "url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-fhpx-54ch-ccxh",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Vendor Advisory"
]
} }
] ]
} }

50
CVE-2025/CVE-2025-229xx/CVE-2025-22904.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-22904", "id": "CVE-2025-22904",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-01-16T03:15:06.313", "published": "2025-01-16T03:15:06.313",
"lastModified": "2025-03-20T14:15:23.117", "lastModified": "2025-04-09T18:44:38.387",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,18 +51,58 @@
] ]
} }
], ],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:edimax:re11s_firmware:1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "55071BFE-B230-4BBE-8B16-900DF2F343D4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:edimax:re11s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DC5A217-9957-47EE-80EA-8A4AB0D890D9"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "http://re11s.com", "url": "http://re11s.com",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Broken Link",
"Not Applicable"
]
}, },
{ {
"url": "https://github.com/xyqer1/RE11S_1.11-setWAN-3-StackOverflow", "url": "https://github.com/xyqer1/RE11S_1.11-setWAN-3-StackOverflow",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.edimax.com/edimax/global/", "url": "https://www.edimax.com/edimax/global/",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
} }
] ]
} }

50
CVE-2025/CVE-2025-229xx/CVE-2025-22905.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-22905", "id": "CVE-2025-22905",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-01-16T03:15:06.430", "published": "2025-01-16T03:15:06.430",
"lastModified": "2025-03-20T16:15:15.713", "lastModified": "2025-04-09T18:44:26.190",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,18 +51,58 @@
] ]
} }
], ],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:edimax:re11s_firmware:1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "55071BFE-B230-4BBE-8B16-900DF2F343D4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:edimax:re11s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DC5A217-9957-47EE-80EA-8A4AB0D890D9"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "http://re11s.com", "url": "http://re11s.com",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Broken Link",
"Not Applicable"
]
}, },
{ {
"url": "https://github.com/xyqer1/RE11S_1.11-mp-CommandInjection", "url": "https://github.com/xyqer1/RE11S_1.11-mp-CommandInjection",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.edimax.com/edimax/global/", "url": "https://www.edimax.com/edimax/global/",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
} }
] ]
} }

50
CVE-2025/CVE-2025-229xx/CVE-2025-22906.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-22906", "id": "CVE-2025-22906",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-01-16T03:15:06.530", "published": "2025-01-16T03:15:06.530",
"lastModified": "2025-03-24T18:15:22.813", "lastModified": "2025-04-09T18:44:12.040",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,18 +51,58 @@
] ]
} }
], ],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:edimax:re11s_firmware:1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "55071BFE-B230-4BBE-8B16-900DF2F343D4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:edimax:re11s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DC5A217-9957-47EE-80EA-8A4AB0D890D9"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "http://re11s.com", "url": "http://re11s.com",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Broken Link",
"Not Applicable"
]
}, },
{ {
"url": "https://github.com/xyqer1/RE11S_1.11-setWAN-CommandInjection", "url": "https://github.com/xyqer1/RE11S_1.11-setWAN-CommandInjection",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.edimax.com/edimax/global/", "url": "https://www.edimax.com/edimax/global/",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
} }
] ]
} }

50
CVE-2025/CVE-2025-229xx/CVE-2025-22907.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-22907", "id": "CVE-2025-22907",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-01-16T03:15:06.630", "published": "2025-01-16T03:15:06.630",
"lastModified": "2025-03-19T19:15:44.263", "lastModified": "2025-04-09T18:43:51.870",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,18 +51,58 @@
] ]
} }
], ],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:edimax:re11s_firmware:1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "55071BFE-B230-4BBE-8B16-900DF2F343D4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:edimax:re11s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DC5A217-9957-47EE-80EA-8A4AB0D890D9"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "http://re11s.com", "url": "http://re11s.com",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Broken Link",
"Not Applicable"
]
}, },
{ {
"url": "https://github.com/xyqer1/RE11S_1.11-formWlSiteSurvey-StackOverflow", "url": "https://github.com/xyqer1/RE11S_1.11-formWlSiteSurvey-StackOverflow",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.edimax.com/edimax/global/", "url": "https://www.edimax.com/edimax/global/",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
} }
] ]
} }

50
CVE-2025/CVE-2025-229xx/CVE-2025-22912.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-22912", "id": "CVE-2025-22912",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-01-16T03:15:06.723", "published": "2025-01-16T03:15:06.723",
"lastModified": "2025-03-20T14:15:23.270", "lastModified": "2025-04-09T18:43:27.353",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,18 +51,58 @@
] ]
} }
], ],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:edimax:re11s_firmware:1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "55071BFE-B230-4BBE-8B16-900DF2F343D4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:edimax:re11s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DC5A217-9957-47EE-80EA-8A4AB0D890D9"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "http://re11s.com", "url": "http://re11s.com",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Broken Link",
"Not Applicable"
]
}, },
{ {
"url": "https://github.com/xyqer1/RE11S_1.11-formAccept-CommandInjection", "url": "https://github.com/xyqer1/RE11S_1.11-formAccept-CommandInjection",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.edimax.com/edimax/global/", "url": "https://www.edimax.com/edimax/global/",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
} }
] ]
} }

44
CVE-2025/CVE-2025-229xx/CVE-2025-22913.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-22913", "id": "CVE-2025-22913",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-01-16T03:15:06.850", "published": "2025-01-16T03:15:06.850",
"lastModified": "2025-03-20T14:15:23.423", "lastModified": "2025-04-09T18:43:02.980",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,14 +51,50 @@
] ]
} }
], ],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:edimax:re11s_firmware:1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "55071BFE-B230-4BBE-8B16-900DF2F343D4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:edimax:re11s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DC5A217-9957-47EE-80EA-8A4AB0D890D9"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/xyqer1/RE11S_1.11-formStaDrvSetup-StackOverflow", "url": "https://github.com/xyqer1/RE11S_1.11-formStaDrvSetup-StackOverflow",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.edimax.com/edimax/global/", "url": "https://www.edimax.com/edimax/global/",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
} }
] ]
} }

50
CVE-2025/CVE-2025-229xx/CVE-2025-22916.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-22916", "id": "CVE-2025-22916",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-01-16T03:15:06.970", "published": "2025-01-16T03:15:06.970",
"lastModified": "2025-03-19T15:15:53.807", "lastModified": "2025-04-09T18:42:47.473",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,18 +51,58 @@
] ]
} }
], ],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:edimax:re11s_firmware:1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "55071BFE-B230-4BBE-8B16-900DF2F343D4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:edimax:re11s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DC5A217-9957-47EE-80EA-8A4AB0D890D9"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "http://re11s.com", "url": "http://re11s.com",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Broken Link",
"Not Applicable"
]
}, },
{ {
"url": "https://github.com/xyqer1/RE11S_1.11-formPPPoESetup-StackOverflow", "url": "https://github.com/xyqer1/RE11S_1.11-formPPPoESetup-StackOverflow",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.edimax.com/edimax/global/", "url": "https://www.edimax.com/edimax/global/",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
} }
] ]
} }

39
CVE-2025/CVE-2025-229xx/CVE-2025-22946.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-22946", "id": "CVE-2025-22946",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-01-10T15:15:16.710", "published": "2025-01-10T15:15:16.710",
"lastModified": "2025-01-14T15:15:28.480", "lastModified": "2025-04-09T18:35:44.810",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,10 +51,43 @@
] ]
} }
], ],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac9_firmware:15.03.05.19:*:*:*:*:*:*:*",
"matchCriteriaId": "C5731D5E-C98A-4AE8-B3AC-4703335628C1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac9:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "566DA530-18FC-4A46-95B4-2A7D343A96A7"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://noisy-caravel-a9a.notion.site/Tenda_AC9V1-0_V15-03-05-19_formSetDeviceName_sprintf_bof-16f898c94eac8057afcbceb63fda7d24", "url": "https://noisy-caravel-a9a.notion.site/Tenda_AC9V1-0_V15-03-05-19_formSetDeviceName_sprintf_bof-16f898c94eac8057afcbceb63fda7d24",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

39
CVE-2025/CVE-2025-229xx/CVE-2025-22949.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-22949", "id": "CVE-2025-22949",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-01-10T16:15:31.137", "published": "2025-01-10T16:15:31.137",
"lastModified": "2025-01-14T15:15:28.637", "lastModified": "2025-04-09T18:36:01.027",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,10 +51,43 @@
] ]
} }
], ],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac9_firmware:15.03.05.19:*:*:*:*:*:*:*",
"matchCriteriaId": "C5731D5E-C98A-4AE8-B3AC-4703335628C1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac9:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "566DA530-18FC-4A46-95B4-2A7D343A96A7"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://noisy-caravel-a9a.notion.site/Tenda_AC9V1-0_V15-03-05-19_formSetSambaConf_doSystemCmd_CI-16f898c94eac80d5801bdaf777ac2b27", "url": "https://noisy-caravel-a9a.notion.site/Tenda_AC9V1-0_V15-03-05-19_formSetSambaConf_doSystemCmd_CI-16f898c94eac80d5801bdaf777ac2b27",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

61
CVE-2025/CVE-2025-230xx/CVE-2025-23036.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-23036", "id": "CVE-2025-23036",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2025-01-14T01:15:18.563", "published": "2025-01-14T01:15:18.563",
"lastModified": "2025-01-14T01:15:18.563", "lastModified": "2025-04-09T18:25:56.037",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -59,6 +59,28 @@
"providerUrgency": "NOT_DEFINED" "providerUrgency": "NOT_DEFINED"
} }
} }
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
] ]
}, },
"weaknesses": [ "weaknesses": [
@ -73,18 +95,47 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wegia:wegia:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.7",
"matchCriteriaId": "A1799A63-34A1-43B1-9A2D-71586E88E771"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/LabRedesCefetRJ/WeGIA/commit/8369b75f88e64916151e5413a8b7d517d438d7a9", "url": "https://github.com/LabRedesCefetRJ/WeGIA/commit/8369b75f88e64916151e5413a8b7d517d438d7a9",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-2vpg-j5jh-j22x", "url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-2vpg-j5jh-j22x",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}, },
{ {
"url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-2vpg-j5jh-j22x", "url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-2vpg-j5jh-j22x",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Vendor Advisory"
]
} }
] ]
} }

61
CVE-2025/CVE-2025-230xx/CVE-2025-23037.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-23037", "id": "CVE-2025-23037",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2025-01-14T01:15:18.717", "published": "2025-01-14T01:15:18.717",
"lastModified": "2025-01-14T01:15:18.717", "lastModified": "2025-04-09T18:25:13.337",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -59,6 +59,28 @@
"providerUrgency": "NOT_DEFINED" "providerUrgency": "NOT_DEFINED"
} }
} }
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
] ]
}, },
"weaknesses": [ "weaknesses": [
@ -73,18 +95,47 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wegia:wegia:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.6",
"matchCriteriaId": "012F4E07-98D6-4D1B-98C4-5EC959079F12"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/LabRedesCefetRJ/WeGIA/commit/3e4d5a3302164617314edfd6dfdef063dc255cbd", "url": "https://github.com/LabRedesCefetRJ/WeGIA/commit/3e4d5a3302164617314edfd6dfdef063dc255cbd",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-rjjp-w2wm-7f9j", "url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-rjjp-w2wm-7f9j",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}, },
{ {
"url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-rjjp-w2wm-7f9j", "url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-rjjp-w2wm-7f9j",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Vendor Advisory"
]
} }
] ]
} }

39
CVE-2025/CVE-2025-260xx/CVE-2025-26091.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-26091", "id": "CVE-2025-26091",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-03-04T17:15:18.243", "published": "2025-03-04T17:15:18.243",
"lastModified": "2025-03-04T17:15:18.243", "lastModified": "2025-04-09T19:15:47.703",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "Vulnerabilidad de Cross Site Scripting (XSS) en TeamPasswordManager v12.162.284 y anteriores podr\u00eda permitir a un atacante remoto ejecutar JavaScript arbitrario en el navegador del usuario, incluyendo un payload malicioso en el par\u00e1metro 'name' al crear una nueva contrase\u00f1a en la p\u00e1gina \"Mis contrase\u00f1as\" (\"My Passwords\")." "value": "Vulnerabilidad de Cross Site Scripting (XSS) en TeamPasswordManager v12.162.284 y anteriores podr\u00eda permitir a un atacante remoto ejecutar JavaScript arbitrario en el navegador del usuario, incluyendo un payload malicioso en el par\u00e1metro 'name' al crear una nueva contrase\u00f1a en la p\u00e1gina \"Mis contrase\u00f1as\" (\"My Passwords\")."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.1,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://brunocaseiro.github.io/CVE-2025-26091/", "url": "https://brunocaseiro.github.io/CVE-2025-26091/",

100
CVE-2025/CVE-2025-26xx/CVE-2025-2629.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2025-2629",
"sourceIdentifier": "security@ni.com",
"published": "2025-04-09T19:15:48.320",
"lastModified": "2025-04-09T19:15:48.320",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a DLL hijacking vulnerability due to an uncontrolled search path that exists in NI LabVIEW when loading NI Error Reporting. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to insert a malicious DLL into the uncontrolled search path. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security@ni.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "security@ni.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@ni.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"references": [
{
"url": "https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/dll-hijacking-vulnerability-in-ni-labview-when-loading-ni-error-reporting.html",
"source": "security@ni.com"
}
]
}

100
CVE-2025/CVE-2025-26xx/CVE-2025-2630.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2025-2630",
"sourceIdentifier": "security@ni.com",
"published": "2025-04-09T19:15:48.490",
"lastModified": "2025-04-09T19:15:48.490",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a DLL hijacking vulnerability due to an uncontrolled search path that exists in NI LabVIEW. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to insert a malicious DLL into the uncontrolled search path. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security@ni.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "security@ni.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@ni.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"references": [
{
"url": "https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/dll-hijacking-vulnerability-in-ni-labview.html",
"source": "security@ni.com"
}
]
}

18
CVE-2025/CVE-2025-270xx/CVE-2025-27083.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-27083", "id": "CVE-2025-27083",
"sourceIdentifier": "security-alert@hpe.com", "sourceIdentifier": "security-alert@hpe.com",
"published": "2025-04-08T17:15:36.500", "published": "2025-04-08T17:15:36.500",
"lastModified": "2025-04-08T18:13:53.347", "lastModified": "2025-04-09T18:15:44.707",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Authenticated command injection vulnerabilities exist in the AOS-10 GW and AOS-8 Controller/Mobility Conductor web-based management interface. Successful exploitation of these vulnerabilities allows an Authenticated attacker to execute arbitrary commands as a privileged user on the underlying operating system." "value": "Authenticated command injection vulnerabilities exist in the AOS-10 GW and AOS-8 Controller/Mobility Conductor web-based management interface. Successful exploitation of these vulnerabilities allows an Authenticated attacker to execute arbitrary commands as a privileged user on the underlying operating system."
},
{
"lang": "es",
"value": "Existen vulnerabilidades de inyecci\u00f3n de comandos autenticados en la interfaz de gesti\u00f3n web de AOS-10 GW y AOS-8 Controller/Mobility Conductor. La explotaci\u00f3n exitosa de estas vulnerabilidades permite a un atacante autenticado ejecutar comandos arbitrarios como usuario privilegiado en el sistema operativo subyacente."
} }
], ],
"metrics": { "metrics": {
@ -35,6 +39,18 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04845en_us&docLocale=en_US", "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04845en_us&docLocale=en_US",

18
CVE-2025/CVE-2025-270xx/CVE-2025-27084.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-27084", "id": "CVE-2025-27084",
"sourceIdentifier": "security-alert@hpe.com", "sourceIdentifier": "security-alert@hpe.com",
"published": "2025-04-08T17:15:36.700", "published": "2025-04-08T17:15:36.700",
"lastModified": "2025-04-08T18:13:53.347", "lastModified": "2025-04-09T18:15:44.847",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A vulnerability in the Captive Portal of an AOS-10 GW and AOS-8 Controller/Mobility Conductor could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack. Successful exploitation could enable the attacker to execute arbitrary script code in the victim's browser within the context of the affected interface." "value": "A vulnerability in the Captive Portal of an AOS-10 GW and AOS-8 Controller/Mobility Conductor could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack. Successful exploitation could enable the attacker to execute arbitrary script code in the victim's browser within the context of the affected interface."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el portal cautivo de un controlador/conductor de movilidad AOS-10 GW y AOS-8 podr\u00eda permitir a un atacante remoto realizar un ataque de cross-site scripting (XSS) reflejado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de script arbitrario en el navegador de la v\u00edctima dentro del contexto de la interfaz afectada."
} }
], ],
"metrics": { "metrics": {
@ -35,6 +39,18 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04845en_us&docLocale=en_US", "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04845en_us&docLocale=en_US",

18
CVE-2025/CVE-2025-270xx/CVE-2025-27085.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-27085", "id": "CVE-2025-27085",
"sourceIdentifier": "security-alert@hpe.com", "sourceIdentifier": "security-alert@hpe.com",
"published": "2025-04-08T17:15:36.887", "published": "2025-04-08T17:15:36.887",
"lastModified": "2025-04-08T18:13:53.347", "lastModified": "2025-04-09T18:15:44.980",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Multiple vulnerabilities exist in the web-based management interface of AOS-10 GW and AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated, remote attacker to download arbitrary files from the filesystem of an affected device." "value": "Multiple vulnerabilities exist in the web-based management interface of AOS-10 GW and AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated, remote attacker to download arbitrary files from the filesystem of an affected device."
},
{
"lang": "es",
"value": "Existen m\u00faltiples vulnerabilidades en la interfaz de gesti\u00f3n web de AOS-10 GW y AOS-8 Controller/Mobility Conductor. La explotaci\u00f3n exitosa de estas vulnerabilidades podr\u00eda permitir que un atacante remoto autenticado descargue archivos arbitrarios del sistema de archivos de un dispositivo afectado."
} }
], ],
"metrics": { "metrics": {
@ -35,6 +39,18 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04845en_us&docLocale=en_US", "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04845en_us&docLocale=en_US",

38
CVE-2025/CVE-2025-284xx/CVE-2025-28407.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-28407", "id": "CVE-2025-28407",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-04-07T16:15:24.827", "published": "2025-04-07T16:15:24.827",
"lastModified": "2025-04-08T20:15:24.137", "lastModified": "2025-04-09T19:00:44.523",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,18 +51,46 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ruoyi:ruoyi:4.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1248589F-5F63-4535-B2C9-EBBA85EA6D83"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/20210607/cve_public/blob/main/ruoyi_case/CVE-2025-28407.md", "url": "https://github.com/20210607/cve_public/blob/main/ruoyi_case/CVE-2025-28407.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/yangzongzhuan/RuoYi", "url": "https://github.com/yangzongzhuan/RuoYi",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
}, },
{ {
"url": "https://github.com/20210607/cve_public/blob/main/ruoyi_case/CVE-2025-28407.md", "url": "https://github.com/20210607/cve_public/blob/main/ruoyi_case/CVE-2025-28407.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

38
CVE-2025/CVE-2025-284xx/CVE-2025-28408.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-28408", "id": "CVE-2025-28408",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-04-07T16:15:24.947", "published": "2025-04-07T16:15:24.947",
"lastModified": "2025-04-08T20:15:24.320", "lastModified": "2025-04-09T19:00:22.650",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,18 +51,46 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ruoyi:ruoyi:4.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1248589F-5F63-4535-B2C9-EBBA85EA6D83"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/20210607/cve_public/blob/main/ruoyi_case/CVE-2025-28408.md", "url": "https://github.com/20210607/cve_public/blob/main/ruoyi_case/CVE-2025-28408.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/yangzongzhuan/RuoYi", "url": "https://github.com/yangzongzhuan/RuoYi",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
}, },
{ {
"url": "https://github.com/20210607/cve_public/blob/main/ruoyi_case/CVE-2025-28408.md", "url": "https://github.com/20210607/cve_public/blob/main/ruoyi_case/CVE-2025-28408.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

38
CVE-2025/CVE-2025-284xx/CVE-2025-28409.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-28409", "id": "CVE-2025-28409",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-04-07T16:15:25.057", "published": "2025-04-07T16:15:25.057",
"lastModified": "2025-04-08T20:15:24.500", "lastModified": "2025-04-09T18:59:55.370",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,18 +51,46 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ruoyi:ruoyi:4.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1248589F-5F63-4535-B2C9-EBBA85EA6D83"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/20210607/cve_public/blob/main/ruoyi_case/CVE-2025-28408.md", "url": "https://github.com/20210607/cve_public/blob/main/ruoyi_case/CVE-2025-28408.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/yangzongzhuan/RuoYi", "url": "https://github.com/yangzongzhuan/RuoYi",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
}, },
{ {
"url": "https://github.com/20210607/cve_public/blob/main/ruoyi_case/CVE-2025-28408.md", "url": "https://github.com/20210607/cve_public/blob/main/ruoyi_case/CVE-2025-28408.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

38
CVE-2025/CVE-2025-284xx/CVE-2025-28410.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-28410", "id": "CVE-2025-28410",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-04-07T16:15:25.170", "published": "2025-04-07T16:15:25.170",
"lastModified": "2025-04-08T20:15:24.680", "lastModified": "2025-04-09T18:53:55.197",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,18 +51,46 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ruoyi:ruoyi:4.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1248589F-5F63-4535-B2C9-EBBA85EA6D83"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/20210607/cve_public/blob/main/ruoyi_case/CVE-2025-28409.md", "url": "https://github.com/20210607/cve_public/blob/main/ruoyi_case/CVE-2025-28409.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/yangzongzhuan/RuoYi", "url": "https://github.com/yangzongzhuan/RuoYi",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
}, },
{ {
"url": "https://github.com/20210607/cve_public/blob/main/ruoyi_case/CVE-2025-28409.md", "url": "https://github.com/20210607/cve_public/blob/main/ruoyi_case/CVE-2025-28409.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

38
CVE-2025/CVE-2025-284xx/CVE-2025-28411.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-28411", "id": "CVE-2025-28411",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-04-07T16:15:25.300", "published": "2025-04-07T16:15:25.300",
"lastModified": "2025-04-08T20:15:24.857", "lastModified": "2025-04-09T18:45:40.463",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,18 +51,46 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ruoyi:ruoyi:4.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1248589F-5F63-4535-B2C9-EBBA85EA6D83"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/20210607/cve_public/blob/main/ruoyi_case/CVE-2025-28411.md", "url": "https://github.com/20210607/cve_public/blob/main/ruoyi_case/CVE-2025-28411.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/yangzongzhuan/RuoYi", "url": "https://github.com/yangzongzhuan/RuoYi",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
}, },
{ {
"url": "https://github.com/20210607/cve_public/blob/main/ruoyi_case/CVE-2025-28411.md", "url": "https://github.com/20210607/cve_public/blob/main/ruoyi_case/CVE-2025-28411.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

38
CVE-2025/CVE-2025-284xx/CVE-2025-28412.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-28412", "id": "CVE-2025-28412",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-04-07T16:15:25.433", "published": "2025-04-07T16:15:25.433",
"lastModified": "2025-04-08T20:15:25.023", "lastModified": "2025-04-09T18:41:48.533",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,18 +51,46 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ruoyi:ruoyi:4.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1248589F-5F63-4535-B2C9-EBBA85EA6D83"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/20210607/cve_public/blob/main/ruoyi_case/CVE-2025-28412.md", "url": "https://github.com/20210607/cve_public/blob/main/ruoyi_case/CVE-2025-28412.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/yangzongzhuan/RuoYi", "url": "https://github.com/yangzongzhuan/RuoYi",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
}, },
{ {
"url": "https://github.com/20210607/cve_public/blob/main/ruoyi_case/CVE-2025-28412.md", "url": "https://github.com/20210607/cve_public/blob/main/ruoyi_case/CVE-2025-28412.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

39
CVE-2025/CVE-2025-293xx/CVE-2025-29389.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-29389", "id": "CVE-2025-29389",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-04-09T15:16:02.593", "published": "2025-04-09T15:16:02.593",
"lastModified": "2025-04-09T15:16:02.593", "lastModified": "2025-04-09T19:15:47.870",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -11,7 +11,42 @@
"value": "PbootCMS v3.2.9 contains a XSS vulnerability in admin.php?p=/Content/index/mcode/2#tab=t2." "value": "PbootCMS v3.2.9 contains a XSS vulnerability in admin.php?p=/Content/index/mcode/2#tab=t2."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://gist.github.com/jaylan545/0540db17daca2bf42fe5a3ce864300c9", "url": "https://gist.github.com/jaylan545/0540db17daca2bf42fe5a3ce864300c9",

39
CVE-2025/CVE-2025-293xx/CVE-2025-29390.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-29390", "id": "CVE-2025-29390",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-04-09T16:15:24.260", "published": "2025-04-09T16:15:24.260",
"lastModified": "2025-04-09T16:15:24.260", "lastModified": "2025-04-09T19:15:48.013",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -11,7 +11,42 @@
"value": "jerryhanjj ERP 1.0 is vulnerable to SQL Injection in the set_password function in application/controllers/home.php." "value": "jerryhanjj ERP 1.0 is vulnerable to SQL Injection in the set_password function in application/controllers/home.php."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://gist.github.com/jaylan545/dbe989f09c73e311ccbfe5336435638c", "url": "https://gist.github.com/jaylan545/dbe989f09c73e311ccbfe5336435638c",

39
CVE-2025/CVE-2025-293xx/CVE-2025-29391.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-29391", "id": "CVE-2025-29391",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-04-09T16:15:24.390", "published": "2025-04-09T16:15:24.390",
"lastModified": "2025-04-09T16:15:24.390", "lastModified": "2025-04-09T19:15:48.160",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -11,7 +11,42 @@
"value": "horvey Library-Manager v1.0 is vulnerable to SQL Injection in Admin/Controller/BookController.class.php." "value": "horvey Library-Manager v1.0 is vulnerable to SQL Injection in Admin/Controller/BookController.class.php."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://gist.github.com/jaylan545/73dee34609ac492b9009625fb985cde4", "url": "https://gist.github.com/jaylan545/73dee34609ac492b9009625fb985cde4",

10
CVE-2025/CVE-2025-304xx/CVE-2025-30401.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2025-30401", "id": "CVE-2025-30401",
"sourceIdentifier": "cve-assign@fb.com", "sourceIdentifier": "cve-assign@fb.com",
"published": "2025-04-05T12:15:14.540", "published": "2025-04-05T12:15:14.540",
"lastModified": "2025-04-08T16:48:26.703", "lastModified": "2025-04-09T18:15:45.107",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A spoofing issue in WhatsApp for Windows prior to version 2.2450.6 displayed attachments according to their MIME type but selected the file opening handler based on the attachment\u2019s filename extension. A maliciously crafted mismatch could have caused the recipient to inadvertently execute arbitrary code rather than view the attachment when manually opening the attachment inside WhatsApp." "value": "A spoofing issue in WhatsApp for Windows prior to version 2.2450.6 displayed attachments according to their MIME type but selected the file opening handler based on the attachment\u2019s filename extension. A maliciously crafted mismatch could have caused the recipient to inadvertently execute arbitrary code rather than view the attachment when manually opening the attachment inside WhatsApp. We have not seen evidence of exploitation in the wild."
}, },
{ {
"lang": "es", "lang": "es",
@ -76,6 +76,10 @@
"tags": [ "tags": [
"Third Party Advisory" "Third Party Advisory"
] ]
},
{
"url": "https://www.whatsapp.com/security/advisories/2025/",
"source": "cve-assign@fb.com"
} }
] ]
} }

66
CVE-2025/CVE-2025-31xx/CVE-2025-3114.json Normal file
View File

@ -0,0 +1,66 @@
{
"id": "CVE-2025-3114",
"sourceIdentifier": "security@tibco.com",
"published": "2025-04-09T18:15:50.643",
"lastModified": "2025-04-09T18:15:50.643",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Code Execution via Malicious Files:\u00a0Attackers can create specially crafted files with embedded code that may execute without adequate security validation, potentially leading to system compromise.\n\nSandbox Bypass Vulnerability:\u00a0A flaw in the TERR security mechanism allows attackers to bypass sandbox restrictions, enabling the execution of untrusted code without appropriate controls."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security@tibco.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"subAvailabilityImpact": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"references": [
{
"url": "https://community.spotfire.com/articles/spotfire/spotfire-security-advisory-april-08-2025-spotfire-cve-2025-3114-r3484/",
"source": "security@tibco.com"
}
]
}

78
CVE-2025/CVE-2025-31xx/CVE-2025-3115.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2025-3115",
"sourceIdentifier": "security@tibco.com",
"published": "2025-04-09T18:15:50.813",
"lastModified": "2025-04-09T19:15:49.843",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Injection Vulnerabilities: Attackers can inject malicious code, potentially gaining control over the system executing these functions.\nAdditionally, insufficient validation of filenames during file uploads can enable attackers to upload and execute malicious files, leading to arbitrary code execution"
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security@tibco.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"subAvailabilityImpact": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://community.spotfire.com/articles/spotfire/spotfire-security-advisory-april-08-2025-spotfire-cve-2025-3114-r3484/",
"source": "security@tibco.com"
}
]
}

56
CVE-2025/CVE-2025-31xx/CVE-2025-3131.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-3131",
"sourceIdentifier": "mlhess@drupal.org",
"published": "2025-04-09T18:15:50.950",
"lastModified": "2025-04-09T19:15:50.027",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Drupal ECA: Event - Condition - Action allows Cross Site Request Forgery.This issue affects ECA: Event - Condition - Action: from 0.0.0 before 1.1.12, from 2.0.0 before 2.0.16, from 2.1.0 before 2.1.7, from 0.0.0 before 1.2.*."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "mlhess@drupal.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://www.drupal.org/sa-contrib-2025-031",
"source": "mlhess@drupal.org"
}
]
}

22
CVE-2025/CVE-2025-320xx/CVE-2025-32017.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-32017", "id": "CVE-2025-32017",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2025-04-08T16:15:27.320", "published": "2025-04-08T16:15:27.320",
"lastModified": "2025-04-08T18:13:53.347", "lastModified": "2025-04-09T18:15:47.233",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Umbraco is a free and open source .NET content management system. Authenticated users to the Umbraco backoffice are able to craft management API request that exploit a path traversal vulnerability to upload files into a incorrect location. The issue affects Umbraco 14+ and is patched in 14.3.4 and 15.3.1." "value": "Umbraco is a free and open source .NET content management system. Authenticated users to the Umbraco backoffice are able to craft management API request that exploit a path traversal vulnerability to upload files into a incorrect location. The issue affects Umbraco 14+ and is patched in 14.3.4 and 15.3.1."
},
{
"lang": "es",
"value": "Umbraco es un sistema de gesti\u00f3n de contenido .NET gratuito y de c\u00f3digo abierto. Los usuarios autenticados en el backoffice de Umbraco pueden crear solicitudes a la API de gesti\u00f3n que explotan una vulnerabilidad de path traversal para subir archivos a una ubicaci\u00f3n incorrecta. El problema afecta a Umbraco 14+ y est\u00e1 parcheado en las versiones 14.3.4 y 15.3.1."
} }
], ],
"metrics": { "metrics": {
@ -18,27 +22,27 @@
"type": "Secondary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 4.3, "baseScore": 8.8,
"baseSeverity": "MEDIUM", "baseSeverity": "HIGH",
"attackVector": "NETWORK", "attackVector": "NETWORK",
"attackComplexity": "LOW", "attackComplexity": "LOW",
"privilegesRequired": "LOW", "privilegesRequired": "LOW",
"userInteraction": "NONE", "userInteraction": "NONE",
"scope": "UNCHANGED", "scope": "UNCHANGED",
"confidentialityImpact": "NONE", "confidentialityImpact": "HIGH",
"integrityImpact": "NONE", "integrityImpact": "HIGH",
"availabilityImpact": "LOW" "availabilityImpact": "HIGH"
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 1.4 "impactScore": 5.9
} }
] ]
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Primary", "type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",

6
CVE-2025/CVE-2025-32xx/CVE-2025-3248.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-3248", "id": "CVE-2025-3248",
"sourceIdentifier": "disclosure@vulncheck.com", "sourceIdentifier": "disclosure@vulncheck.com",
"published": "2025-04-07T15:15:44.897", "published": "2025-04-07T15:15:44.897",
"lastModified": "2025-04-08T18:14:17.307", "lastModified": "2025-04-09T19:15:50.270",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -59,6 +59,10 @@
{ {
"url": "https://github.com/langflow-ai/langflow/releases/tag/1.3.0", "url": "https://github.com/langflow-ai/langflow/releases/tag/1.3.0",
"source": "disclosure@vulncheck.com" "source": "disclosure@vulncheck.com"
},
{
"url": "https://www.horizon3.ai/attack-research/disclosures/unsafe-at-any-speed-abusing-python-exec-for-unauth-rce-in-langflow-ai/",
"source": "disclosure@vulncheck.com"
} }
] ]
} }

56
CVE-2025/CVE-2025-34xx/CVE-2025-3474.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-3474",
"sourceIdentifier": "mlhess@drupal.org",
"published": "2025-04-09T18:15:51.060",
"lastModified": "2025-04-09T19:15:50.547",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authentication for Critical Function vulnerability in Drupal Panels allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Panels: from 0.0.0 before 4.9.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "mlhess@drupal.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"references": [
{
"url": "https://www.drupal.org/sa-contrib-2025-033",
"source": "mlhess@drupal.org"
}
]
}

60
CVE-2025/CVE-2025-34xx/CVE-2025-3475.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-3475",
"sourceIdentifier": "mlhess@drupal.org",
"published": "2025-04-09T18:15:51.170",
"lastModified": "2025-04-09T19:15:50.710",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Allocation of Resources Without Limits or Throttling, Incorrect Authorization vulnerability in Drupal WEB-T allows Excessive Allocation, Content Spoofing.This issue affects WEB-T: from 0.0.0 before 1.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "mlhess@drupal.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-770"
},
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [
{
"url": "https://www.drupal.org/sa-contrib-2025-030",
"source": "mlhess@drupal.org"
}
]
}

92
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2025-04-09T18:00:19.866723+00:00 2025-04-09T20:00:20.918230+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2025-04-09T17:55:11.413000+00:00 2025-04-09T19:15:50.710000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -33,69 +33,51 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
289410 289417
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `124` Recently added CVEs: `7`
- [CVE-2025-32641](CVE-2025/CVE-2025-326xx/CVE-2025-32641.json) (`2025-04-09T17:15:49.540`) - [CVE-2025-2629](CVE-2025/CVE-2025-26xx/CVE-2025-2629.json) (`2025-04-09T19:15:48.320`)
- [CVE-2025-32642](CVE-2025/CVE-2025-326xx/CVE-2025-32642.json) (`2025-04-09T17:15:49.727`) - [CVE-2025-2630](CVE-2025/CVE-2025-26xx/CVE-2025-2630.json) (`2025-04-09T19:15:48.490`)
- [CVE-2025-32644](CVE-2025/CVE-2025-326xx/CVE-2025-32644.json) (`2025-04-09T17:15:49.917`) - [CVE-2025-3114](CVE-2025/CVE-2025-31xx/CVE-2025-3114.json) (`2025-04-09T18:15:50.643`)
- [CVE-2025-32645](CVE-2025/CVE-2025-326xx/CVE-2025-32645.json) (`2025-04-09T17:15:50.120`) - [CVE-2025-3115](CVE-2025/CVE-2025-31xx/CVE-2025-3115.json) (`2025-04-09T18:15:50.813`)
- [CVE-2025-32659](CVE-2025/CVE-2025-326xx/CVE-2025-32659.json) (`2025-04-09T17:15:50.317`) - [CVE-2025-3131](CVE-2025/CVE-2025-31xx/CVE-2025-3131.json) (`2025-04-09T18:15:50.950`)
- [CVE-2025-32661](CVE-2025/CVE-2025-326xx/CVE-2025-32661.json) (`2025-04-09T17:15:50.493`) - [CVE-2025-3474](CVE-2025/CVE-2025-34xx/CVE-2025-3474.json) (`2025-04-09T18:15:51.060`)
- [CVE-2025-32664](CVE-2025/CVE-2025-326xx/CVE-2025-32664.json) (`2025-04-09T17:15:50.660`) - [CVE-2025-3475](CVE-2025/CVE-2025-34xx/CVE-2025-3475.json) (`2025-04-09T18:15:51.170`)
- [CVE-2025-32667](CVE-2025/CVE-2025-326xx/CVE-2025-32667.json) (`2025-04-09T17:15:50.843`)
- [CVE-2025-32669](CVE-2025/CVE-2025-326xx/CVE-2025-32669.json) (`2025-04-09T17:15:51.023`)
- [CVE-2025-32673](CVE-2025/CVE-2025-326xx/CVE-2025-32673.json) (`2025-04-09T17:15:51.200`)
- [CVE-2025-32675](CVE-2025/CVE-2025-326xx/CVE-2025-32675.json) (`2025-04-09T17:15:51.383`)
- [CVE-2025-32676](CVE-2025/CVE-2025-326xx/CVE-2025-32676.json) (`2025-04-09T17:15:51.560`)
- [CVE-2025-32677](CVE-2025/CVE-2025-326xx/CVE-2025-32677.json) (`2025-04-09T17:15:51.730`)
- [CVE-2025-32678](CVE-2025/CVE-2025-326xx/CVE-2025-32678.json) (`2025-04-09T17:15:51.913`)
- [CVE-2025-32679](CVE-2025/CVE-2025-326xx/CVE-2025-32679.json) (`2025-04-09T17:15:52.090`)
- [CVE-2025-32680](CVE-2025/CVE-2025-326xx/CVE-2025-32680.json) (`2025-04-09T17:15:52.283`)
- [CVE-2025-32683](CVE-2025/CVE-2025-326xx/CVE-2025-32683.json) (`2025-04-09T17:15:52.467`)
- [CVE-2025-32684](CVE-2025/CVE-2025-326xx/CVE-2025-32684.json) (`2025-04-09T17:15:52.640`)
- [CVE-2025-32685](CVE-2025/CVE-2025-326xx/CVE-2025-32685.json) (`2025-04-09T17:15:52.817`)
- [CVE-2025-32690](CVE-2025/CVE-2025-326xx/CVE-2025-32690.json) (`2025-04-09T17:15:53.010`)
- [CVE-2025-32691](CVE-2025/CVE-2025-326xx/CVE-2025-32691.json) (`2025-04-09T17:15:53.190`)
- [CVE-2025-32692](CVE-2025/CVE-2025-326xx/CVE-2025-32692.json) (`2025-04-09T17:15:53.370`)
- [CVE-2025-32693](CVE-2025/CVE-2025-326xx/CVE-2025-32693.json) (`2025-04-09T17:15:53.540`)
- [CVE-2025-32694](CVE-2025/CVE-2025-326xx/CVE-2025-32694.json) (`2025-04-09T17:15:53.700`)
- [CVE-2025-32695](CVE-2025/CVE-2025-326xx/CVE-2025-32695.json) (`2025-04-09T17:15:53.877`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit
Recently modified CVEs: `52` Recently modified CVEs: `89`
- [CVE-2025-0113](CVE-2025/CVE-2025-01xx/CVE-2025-0113.json) (`2025-04-09T17:15:30.810`) - [CVE-2025-22906](CVE-2025/CVE-2025-229xx/CVE-2025-22906.json) (`2025-04-09T18:44:12.040`)
- [CVE-2025-21490](CVE-2025/CVE-2025-214xx/CVE-2025-21490.json) (`2025-04-09T16:06:52.400`) - [CVE-2025-22907](CVE-2025/CVE-2025-229xx/CVE-2025-22907.json) (`2025-04-09T18:43:51.870`)
- [CVE-2025-21491](CVE-2025/CVE-2025-214xx/CVE-2025-21491.json) (`2025-04-09T16:07:09.130`) - [CVE-2025-22912](CVE-2025/CVE-2025-229xx/CVE-2025-22912.json) (`2025-04-09T18:43:27.353`)
- [CVE-2025-21492](CVE-2025/CVE-2025-214xx/CVE-2025-21492.json) (`2025-04-09T16:07:30.587`) - [CVE-2025-22913](CVE-2025/CVE-2025-229xx/CVE-2025-22913.json) (`2025-04-09T18:43:02.980`)
- [CVE-2025-21493](CVE-2025/CVE-2025-214xx/CVE-2025-21493.json) (`2025-04-09T16:07:44.587`) - [CVE-2025-22916](CVE-2025/CVE-2025-229xx/CVE-2025-22916.json) (`2025-04-09T18:42:47.473`)
- [CVE-2025-21494](CVE-2025/CVE-2025-214xx/CVE-2025-21494.json) (`2025-04-09T16:04:56.913`) - [CVE-2025-22946](CVE-2025/CVE-2025-229xx/CVE-2025-22946.json) (`2025-04-09T18:35:44.810`)
- [CVE-2025-21497](CVE-2025/CVE-2025-214xx/CVE-2025-21497.json) (`2025-04-09T16:05:03.550`) - [CVE-2025-22949](CVE-2025/CVE-2025-229xx/CVE-2025-22949.json) (`2025-04-09T18:36:01.027`)
- [CVE-2025-21499](CVE-2025/CVE-2025-214xx/CVE-2025-21499.json) (`2025-04-09T16:05:16.867`) - [CVE-2025-23036](CVE-2025/CVE-2025-230xx/CVE-2025-23036.json) (`2025-04-09T18:25:56.037`)
- [CVE-2025-21500](CVE-2025/CVE-2025-215xx/CVE-2025-21500.json) (`2025-04-09T16:05:24.490`) - [CVE-2025-23037](CVE-2025/CVE-2025-230xx/CVE-2025-23037.json) (`2025-04-09T18:25:13.337`)
- [CVE-2025-21501](CVE-2025/CVE-2025-215xx/CVE-2025-21501.json) (`2025-04-09T16:05:31.257`) - [CVE-2025-26091](CVE-2025/CVE-2025-260xx/CVE-2025-26091.json) (`2025-04-09T19:15:47.703`)
- [CVE-2025-21503](CVE-2025/CVE-2025-215xx/CVE-2025-21503.json) (`2025-04-09T16:04:21.040`) - [CVE-2025-27083](CVE-2025/CVE-2025-270xx/CVE-2025-27083.json) (`2025-04-09T18:15:44.707`)
- [CVE-2025-21504](CVE-2025/CVE-2025-215xx/CVE-2025-21504.json) (`2025-04-09T16:02:55.010`) - [CVE-2025-27084](CVE-2025/CVE-2025-270xx/CVE-2025-27084.json) (`2025-04-09T18:15:44.847`)
- [CVE-2025-21505](CVE-2025/CVE-2025-215xx/CVE-2025-21505.json) (`2025-04-09T16:03:07.740`) - [CVE-2025-27085](CVE-2025/CVE-2025-270xx/CVE-2025-27085.json) (`2025-04-09T18:15:44.980`)
- [CVE-2025-21518](CVE-2025/CVE-2025-215xx/CVE-2025-21518.json) (`2025-04-09T16:03:17.900`) - [CVE-2025-28407](CVE-2025/CVE-2025-284xx/CVE-2025-28407.json) (`2025-04-09T19:00:44.523`)
- [CVE-2025-21519](CVE-2025/CVE-2025-215xx/CVE-2025-21519.json) (`2025-04-09T16:03:28.280`) - [CVE-2025-28408](CVE-2025/CVE-2025-284xx/CVE-2025-28408.json) (`2025-04-09T19:00:22.650`)
- [CVE-2025-27391](CVE-2025/CVE-2025-273xx/CVE-2025-27391.json) (`2025-04-09T17:15:32.473`) - [CVE-2025-28409](CVE-2025/CVE-2025-284xx/CVE-2025-28409.json) (`2025-04-09T18:59:55.370`)
- [CVE-2025-28400](CVE-2025/CVE-2025-284xx/CVE-2025-28400.json) (`2025-04-09T17:29:47.113`) - [CVE-2025-28410](CVE-2025/CVE-2025-284xx/CVE-2025-28410.json) (`2025-04-09T18:53:55.197`)
- [CVE-2025-28401](CVE-2025/CVE-2025-284xx/CVE-2025-28401.json) (`2025-04-09T17:19:47.947`) - [CVE-2025-28411](CVE-2025/CVE-2025-284xx/CVE-2025-28411.json) (`2025-04-09T18:45:40.463`)
- [CVE-2025-28402](CVE-2025/CVE-2025-284xx/CVE-2025-28402.json) (`2025-04-09T17:17:02.213`) - [CVE-2025-28412](CVE-2025/CVE-2025-284xx/CVE-2025-28412.json) (`2025-04-09T18:41:48.533`)
- [CVE-2025-28403](CVE-2025/CVE-2025-284xx/CVE-2025-28403.json) (`2025-04-09T16:48:22.640`) - [CVE-2025-29389](CVE-2025/CVE-2025-293xx/CVE-2025-29389.json) (`2025-04-09T19:15:47.870`)
- [CVE-2025-28405](CVE-2025/CVE-2025-284xx/CVE-2025-28405.json) (`2025-04-09T16:41:21.567`) - [CVE-2025-29390](CVE-2025/CVE-2025-293xx/CVE-2025-29390.json) (`2025-04-09T19:15:48.013`)
- [CVE-2025-28406](CVE-2025/CVE-2025-284xx/CVE-2025-28406.json) (`2025-04-09T16:32:43.710`) - [CVE-2025-29391](CVE-2025/CVE-2025-293xx/CVE-2025-29391.json) (`2025-04-09T19:15:48.160`)
- [CVE-2025-30677](CVE-2025/CVE-2025-306xx/CVE-2025-30677.json) (`2025-04-09T16:15:24.650`) - [CVE-2025-30401](CVE-2025/CVE-2025-304xx/CVE-2025-30401.json) (`2025-04-09T18:15:45.107`)
- [CVE-2025-3161](CVE-2025/CVE-2025-31xx/CVE-2025-3161.json) (`2025-04-09T16:27:24.187`) - [CVE-2025-32017](CVE-2025/CVE-2025-320xx/CVE-2025-32017.json) (`2025-04-09T18:15:47.233`)
- [CVE-2025-32280](CVE-2025/CVE-2025-322xx/CVE-2025-32280.json) (`2025-04-09T16:24:47.373`) - [CVE-2025-3248](CVE-2025/CVE-2025-32xx/CVE-2025-3248.json) (`2025-04-09T19:15:50.270`)
## Download and Usage ## Download and Usage

533
_state.csv
View File

File diff suppressed because it is too large Load Diff