Auto-Update: 2025-04-05T23:55:33.560375+00:00

This commit is contained in:
cad-safe-bot 2025-04-05 23:59:07 +00:00
parent e6cd0b4e1b
commit 6cf3b54f7b
7 changed files with 449 additions and 13 deletions

View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-32364",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-05T22:15:18.337",
"lastModified": "2025-04-05T22:15:18.337",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A floating-point exception in the PSStack::roll function of Poppler before 25.04.0 can cause an application to crash when handling malformed inputs associated with INT_MIN."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.5,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"references": [
{
"url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/d87bc726c7cc98f8c26b60ece5f20236e9de1bc3",
"source": "cve@mitre.org"
},
{
"url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1574",
"source": "cve@mitre.org"
}
]
}

View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-32365",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-05T22:15:19.010",
"lastModified": "2025-04-05T22:15:19.010",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.5,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1577",
"source": "cve@mitre.org"
},
{
"url": "https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1792",
"source": "cve@mitre.org"
}
]
}

View File

@ -0,0 +1,25 @@
{
"id": "CVE-2025-32366",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-05T23:15:40.910",
"lastModified": "2025-04-05T23:15:40.910",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In ConnMan through 1.44, parse_rr in dnsproxy.c has a memcpy length that depends on an RR RDLENGTH value, i.e., *rdlen=ntohs(rr->rdlen) and memcpy(response+offset,*end,*rdlen)."
}
],
"metrics": {},
"references": [
{
"url": "https://web.git.kernel.org/pub/scm/network/connman/connman.git/tree/src/dnsproxy.c?h=1.44#n1001",
"source": "cve@mitre.org"
},
{
"url": "https://web.git.kernel.org/pub/scm/network/connman/connman.git/tree/src/dnsproxy.c?h=1.44#n988",
"source": "cve@mitre.org"
}
]
}

View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-3304",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-05T22:15:19.203",
"lastModified": "2025-04-05T22:15:19.203",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in code-projects Patient Record Management System 1.0. This affects an unknown part of the file /dental_not.php. The manipulation of the argument itr_no leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 6.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://code-projects.org/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/hyx123123/cve/blob/main/cve2.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.303501",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.303501",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.549645",
"source": "cna@vuldb.com"
}
]
}

View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-3305",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-05T23:15:41.780",
"lastModified": "2025-04-05T23:15:41.780",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in 1902756969/code-projects IKUN_Library 1.0 and classified as problematic. This vulnerability affects the function addInterceptors of the file MvcConfig.java of the component Borrow Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseScore": 4.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-266"
},
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://github.com/buluorifu/Vulnerability-recurrence/blob/main/Refer/IKUN_Library-authority.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.303502",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.303502",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.550186",
"source": "cna@vuldb.com"
}
]
}

View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-04-05T22:00:26.251361+00:00
2025-04-05T23:55:33.560375+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-04-05T21:15:40.990000+00:00
2025-04-05T23:15:41.780000+00:00
```
### Last Data Feed Release
@ -33,18 +33,18 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
288699
288704
```
### CVEs added in the last Commit
Recently added CVEs: `5`
- [CVE-2025-32357](CVE-2025/CVE-2025-323xx/CVE-2025-32357.json) (`2025-04-05T21:15:39.450`)
- [CVE-2025-32358](CVE-2025/CVE-2025-323xx/CVE-2025-32358.json) (`2025-04-05T21:15:40.487`)
- [CVE-2025-32359](CVE-2025/CVE-2025-323xx/CVE-2025-32359.json) (`2025-04-05T21:15:40.657`)
- [CVE-2025-32360](CVE-2025/CVE-2025-323xx/CVE-2025-32360.json) (`2025-04-05T21:15:40.820`)
- [CVE-2025-3303](CVE-2025/CVE-2025-33xx/CVE-2025-3303.json) (`2025-04-05T21:15:40.990`)
- [CVE-2025-32364](CVE-2025/CVE-2025-323xx/CVE-2025-32364.json) (`2025-04-05T22:15:18.337`)
- [CVE-2025-32365](CVE-2025/CVE-2025-323xx/CVE-2025-32365.json) (`2025-04-05T22:15:19.010`)
- [CVE-2025-32366](CVE-2025/CVE-2025-323xx/CVE-2025-32366.json) (`2025-04-05T23:15:40.910`)
- [CVE-2025-3304](CVE-2025/CVE-2025-33xx/CVE-2025-3304.json) (`2025-04-05T22:15:19.203`)
- [CVE-2025-3305](CVE-2025/CVE-2025-33xx/CVE-2025-3305.json) (`2025-04-05T23:15:41.780`)
### CVEs modified in the last Commit

View File

@ -288664,11 +288664,14 @@ CVE-2025-3229,0,0,09347180a6a7f828e0747f2ed45b00fdd7a1f719f9ab350e19aecf2c1c123a
CVE-2025-3231,0,0,de2ff2a8c76e38c6b06f54c3981a381c63043cd187dc0f869ed608d2e9e7696c,2025-04-04T09:15:17.677000
CVE-2025-3235,0,0,d022d5157edbac8fbfeb9141a3748050787bdf76ed78cf441cd594af050e5131,2025-04-04T10:15:16.900000
CVE-2025-32352,0,0,9ba6350b6807916f69f8382d7df9501c6c2329ac3a6a0d75e0f3016720f7409b,2025-04-05T06:15:39.653000
CVE-2025-32357,1,1,27abd7042cea71911e380a30cf2ee5e0c91d9ec3620cbbf72dd4615bb1fb5596,2025-04-05T21:15:39.450000
CVE-2025-32358,1,1,67f5b1d9deade3a8e2f00fa4d4b975cbdf610a67d2a521e969fe3583fb55c4c4,2025-04-05T21:15:40.487000
CVE-2025-32359,1,1,6187ae8290a450bd8a82a6b72c5b30b3aadac60db493fd3c72b75d8db5408564,2025-04-05T21:15:40.657000
CVE-2025-32357,0,0,27abd7042cea71911e380a30cf2ee5e0c91d9ec3620cbbf72dd4615bb1fb5596,2025-04-05T21:15:39.450000
CVE-2025-32358,0,0,67f5b1d9deade3a8e2f00fa4d4b975cbdf610a67d2a521e969fe3583fb55c4c4,2025-04-05T21:15:40.487000
CVE-2025-32359,0,0,6187ae8290a450bd8a82a6b72c5b30b3aadac60db493fd3c72b75d8db5408564,2025-04-05T21:15:40.657000
CVE-2025-3236,0,0,5d4e067380b83b38fff7db048531cbbf8dd6b43b2fc6d26b5d090f351b090b28,2025-04-04T10:15:17.177000
CVE-2025-32360,1,1,0e74289220e4b285c0e8748f3e1650706d339f80b6d12512f31f5c70a948d5d7,2025-04-05T21:15:40.820000
CVE-2025-32360,0,0,0e74289220e4b285c0e8748f3e1650706d339f80b6d12512f31f5c70a948d5d7,2025-04-05T21:15:40.820000
CVE-2025-32364,1,1,cfb2ebfabb62fc4b801fb2bf95fe1940970bfddc2ea9963730d3ab7bd79a8124,2025-04-05T22:15:18.337000
CVE-2025-32365,1,1,26d24ab60b153da5a84d5f59bd2fd2acbadd4a9a5ca08171ad2b1fd85144179a,2025-04-05T22:15:19.010000
CVE-2025-32366,1,1,7214d5101cd1a18f739f2f17b01915998422c7d40bdd6025a46a4b262374c696,2025-04-05T23:15:40.910000
CVE-2025-3237,0,0,2b0634913d301c0209a0690fb90ddcaa8b200550805a1d4ec2db149b30fd4af2,2025-04-04T10:15:17.383000
CVE-2025-3238,0,0,49b7638c423114327b5e6867f71919ab552663d9bb2b5517ae05eef59b2968e0,2025-04-04T10:15:17.577000
CVE-2025-3239,0,0,a890b57275ecd0351eb57a0ff486b7b7ddc21d7a21c77a8b45094fdc21902b92,2025-04-04T11:15:40.393000
@ -288697,4 +288700,6 @@ CVE-2025-3296,0,0,5278e4507cd14730bc804831f53bf0aedaa27d34c9989bac9ff3f425fd80e6
CVE-2025-3297,0,0,9d657205cb1e1fa121cd9d46f1e89f67c4e384343683d67c9067920e028e61b5,2025-04-05T09:15:15.237000
CVE-2025-3298,0,0,f489b37e862b9985c9c03fe106e95e8b15c160be3e8c5296a92578b4574edfe4,2025-04-05T11:15:40.917000
CVE-2025-3299,0,0,bddd729a6927cb255675ce738cd015969a7cc6b02a8cfe6feb6b634f6ef818b7,2025-04-05T11:15:41.180000
CVE-2025-3303,1,1,6221e6ee3090234e52eafd095ff7bb4444c418778b5f3445b7a8782971faacf3,2025-04-05T21:15:40.990000
CVE-2025-3303,0,0,6221e6ee3090234e52eafd095ff7bb4444c418778b5f3445b7a8782971faacf3,2025-04-05T21:15:40.990000
CVE-2025-3304,1,1,29a38ac7df74814842edc977ed145111a95ed8ef942f514c967d6026c5a64b93,2025-04-05T22:15:19.203000
CVE-2025-3305,1,1,b2c90129fe183fd0375eb40e77713311a1f1af30e665ffd707316b1c76fdc5b4,2025-04-05T23:15:41.780000

Can't render this file because it is too large.