admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-09-17 18:45:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-03-19T11:00:20.471466+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-03-19 11:03:49 +00:00
parent fa12fde177
commit 6d2818943d
11 changed files with 621 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

106
CVE-2020/CVE-2020-367xx/CVE-2020-36780.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-36780",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-28T09:15:36.673",
"lastModified": "2024-11-21T05:30:17.597",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-19T10:38:49.887",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,46 +39,128 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.14",
"versionEndExcluding": "5.4.119",
"matchCriteriaId": "B4077C82-57A5-4D0B-9B8C-8958A0C66475"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.37",
"matchCriteriaId": "7A4CF5D6-ACBA-4980-ABFD-3D7A53B5BB4E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.11.21",
"matchCriteriaId": "8CBB94EC-EC33-4464-99C5-03E5542715F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.12",
"versionEndExcluding": "5.12.4",
"matchCriteriaId": "D8C7052F-1B7B-4327-9C2B-84EBF3243838"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/3a4f326463117cee3adcb72999ca34a9aaafda93",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7e1764312440c5df9dfe6b436035a03673b0c1b9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9223505e938ba3db5907e058f4209770cff2f2a7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d3406ab52097328a3bc4cbe124bfd8f6d51fb86f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e547640cee7981fd751d2c9cde3a61bdb678b755",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3a4f326463117cee3adcb72999ca34a9aaafda93",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7e1764312440c5df9dfe6b436035a03673b0c1b9",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9223505e938ba3db5907e058f4209770cff2f2a7",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d3406ab52097328a3bc4cbe124bfd8f6d51fb86f",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e547640cee7981fd751d2c9cde3a61bdb678b755",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

157
CVE-2021/CVE-2021-470xx/CVE-2021-47006.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47006",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-28T09:15:38.453",
"lastModified": "2024-11-21T06:35:10.380",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-19T10:49:05.493",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,70 +39,191 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.7",
"versionEndExcluding": "4.9.269",
"matchCriteriaId": "BE2A530A-768D-4D74-B4DB-C76E09C2042F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.233",
"matchCriteriaId": "4836AF17-022D-49D0-9A8A-AF66FE8DCEB8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.191",
"matchCriteriaId": "5B6E6817-19A8-4C0A-8807-71DA48CF9191"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.120",
"matchCriteriaId": "2BDC71CF-4451-4D53-93E9-61DE7C4E25B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.38",
"matchCriteriaId": "2BB4E5E8-4AAD-475A-A1B9-F287254C7D72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.11.22",
"matchCriteriaId": "83B53E9A-F426-4C03-9A5F-A931FF79827E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.12",
"versionEndExcluding": "5.12.5",
"matchCriteriaId": "0274929A-B36C-4F4C-AB22-30A0DD6B995B"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/3ed8832aeaa9a37b0fc386bb72ff604352567c80",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/555a70f7fff03bd669123487905c47ae27dbdaac",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/630146203108bf6b8934eec0dfdb3e46dcb917de",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7eeacc6728c5478e3c01bc82a1f08958eaa12366",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a506bd5756290821a4314f502b4bafc2afcf5260",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a9938d6d78a238d6ab8de57a4d3dcf77adceb9bb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dabe299425b1a53a69461fed7ac8922ea6733a25",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ed1f67465327cec4457bb988775245b199da86e6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3ed8832aeaa9a37b0fc386bb72ff604352567c80",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/555a70f7fff03bd669123487905c47ae27dbdaac",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/630146203108bf6b8934eec0dfdb3e46dcb917de",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7eeacc6728c5478e3c01bc82a1f08958eaa12366",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a506bd5756290821a4314f502b4bafc2afcf5260",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a9938d6d78a238d6ab8de57a4d3dcf77adceb9bb",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dabe299425b1a53a69461fed7ac8922ea6733a25",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ed1f67465327cec4457bb988775245b199da86e6",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

62
CVE-2022/CVE-2022-445xx/CVE-2022-44595.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-44595",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-03-21T17:15:07.600",
"lastModified": "2024-11-21T07:28:11.370",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-19T10:16:58.517",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -49,16 +69,50 @@
"value": "CWE-287"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:melapress:wp_2fa:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.2.0",
"matchCriteriaId": "7F62E2E8-D055-427D-BF32-3CCAFF2FF583"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-2fa/wordpress-wp2fa-plugin-2-2-0-broken-authentication-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://patchstack.com/database/vulnerability/wp-2fa/wordpress-wp2fa-plugin-2-2-0-broken-authentication-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

60
CVE-2024/CVE-2024-121xx/CVE-2024-12136.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-12136",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2025-03-19T09:15:12.710",
"lastModified": "2025-03-19T09:15:12.710",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Critical Step in Authentication vulnerability in Elfatek Elektronics ANKA JPD-00028 allows Authentication Bypass.This issue affects ANKA JPD-00028: through 19.03.2025.\n\nNOTE: The vendor did not inform about the completion of the fixing process within the specified time. The CVE will be updated when new information becomes available."
},
{
"lang": "es",
"value": "La vulnerabilidad \"Paso cr\u00edtico faltante en la autenticaci\u00f3n\" en Elfatek Elektronics ANKA JPD-00028 permite la omisi\u00f3n de la autenticaci\u00f3n. Este problema afecta a ANKA JPD-00028 hasta el 19/03/2025. NOTA: El proveedor no inform\u00f3 sobre la finalizaci\u00f3n del proceso de correcci\u00f3n dentro del plazo especificado. El CVE se actualizar\u00e1 cuando haya nueva informaci\u00f3n disponible."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "PHYSICAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.3,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-304"
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-25-0071",
"source": "iletisim@usom.gov.tr"
}
]
}

60
CVE-2024/CVE-2024-121xx/CVE-2024-12137.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-12137",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2025-03-19T09:15:14.090",
"lastModified": "2025-03-19T09:15:14.090",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Authentication Bypass by Capture-replay vulnerability in Elfatek Elektronics ANKA JPD-00028 allows Session Hijacking.This issue affects ANKA JPD-00028: through 19.03.2025.\n\n\nNOTE: The vendor did not inform about the completion of the fixing process within the specified time. The CVE will be updated when new information becomes available."
},
{
"lang": "es",
"value": "La vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n por captura y repetici\u00f3n en Elfatek Elektronics ANKA JPD-00028 permite el secuestro de sesi\u00f3n. Este problema afecta a ANKA JPD-00028 hasta el 19/03/2025. NOTA: El proveedor no inform\u00f3 sobre la finalizaci\u00f3n del proceso de correcci\u00f3n dentro del plazo especificado. El CVE se actualizar\u00e1 cuando haya nueva informaci\u00f3n disponible."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.5
}
]
},
"weaknesses": [
{
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-294"
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-25-0071",
"source": "iletisim@usom.gov.tr"
}
]
}

68
CVE-2024/CVE-2024-137xx/CVE-2024-13790.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2024-13790",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-03-19T09:15:14.250",
"lastModified": "2025-03-19T09:15:14.250",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The MinimogWP \u2013 The High Converting eCommerce WordPress Theme theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.7.0 via the 'template' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other \u201csafe\u201d file types can be uploaded and included."
},
{
"lang": "es",
"value": "El tema MinimogWP \u2013 The High Converting eCommerce WordPress Theme para WordPress, es vulnerable a la inclusi\u00f3n local de archivos en todas las versiones hasta la 3.7.0 incluida, a trav\u00e9s del par\u00e1metro 'template'. Esto permite a atacantes no autenticados incluir y ejecutar archivos arbitrarios en el servidor, permitiendo la ejecuci\u00f3n de cualquier c\u00f3digo PHP en dichos archivos. Esto puede utilizarse para eludir los controles de acceso, obtener datos confidenciales o ejecutar c\u00f3digo cuando se pueden subir e incluir im\u00e1genes y otros tipos de archivos \"seguros\"."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-98"
}
]
}
],
"references": [
{
"url": "https://changelog.thememove.com/minimog-wp/",
"source": "security@wordfence.com"
},
{
"url": "https://themeforest.net/item/minimog-the-high-converting-ecommerce-wordpress-theme/36947163",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b3ae0e08-5cdc-47ff-b094-3920d56a50f7?source=cve",
"source": "security@wordfence.com"
}
]
}

73
CVE-2025/CVE-2025-264xx/CVE-2025-26473.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-26473",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2025-02-13T22:15:13.417",
"lastModified": "2025-02-13T22:15:13.417",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-19T10:34:55.550",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -80,6 +80,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -93,16 +113,61 @@
"value": "CWE-598"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:outbackpower:mojave_inverter_oghi8048a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC23DE7E-9B4B-4897-A62B-EDF8D05CD060"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:outbackpower:mojave_inverter_oghi8048a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E2A2D63-B4BD-40EE-8963-904DAC28A861"
}
]
}
]
}
],
"references": [
{
"url": "https://old.outbackpower.com/about-outback/contact/contact-us",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Product"
]
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-17",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"US Government Resource"
]
}
]
}

45
CVE-2025/CVE-2025-270xx/CVE-2025-27018.json Normal file
View File

@ -0,0 +1,45 @@
{
"id": "CVE-2025-27018",
"sourceIdentifier": "security@apache.org",
"published": "2025-03-19T09:15:14.457",
"lastModified": "2025-03-19T09:15:14.457",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Airflow MySQL Provider.\n\nWhen user triggered a DAG with dump_sql or load_sql functions they could pass a table parameter from a UI, that could cause SQL injection by running SQL that was not intended.\nIt could lead to data corruption, modification and others.\nThis issue affects Apache Airflow MySQL Provider: before 6.2.0.\n\nUsers are recommended to upgrade to version 6.2.0, which fixes the issue."
},
{
"lang": "es",
"value": "Vulnerabilidad de neutralizaci\u00f3n incorrecta de elementos especiales utilizados en una instrucci\u00f3n SQL ('Inyecci\u00f3n SQL') en Apache Airflow MySQL Provider. Al activar un DAG con las funciones dump_sql o load_sql, el usuario pod\u00eda pasar un par\u00e1metro de tabla desde una interfaz de usuario, lo que pod\u00eda causar una inyecci\u00f3n SQL al ejecutar SQL no previsto. Esto pod\u00eda provocar corrupci\u00f3n y modificaci\u00f3n de datos, entre otros problemas. Este problema afecta a Apache Airflow MySQL Provider anterior a la versi\u00f3n 6.2.0. Se recomienda actualizar a la versi\u00f3n 6.2.0, que soluciona el problema."
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@apache.org",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/apache/airflow/pull/47254",
"source": "security@apache.org"
},
{
"url": "https://github.com/apache/airflow/pull/47255",
"source": "security@apache.org"
},
{
"url": "https://lists.apache.org/thread/m8ohgkwz4mq9njohf66sjwqjdy28gvzf",
"source": "security@apache.org"
}
]
}

4
CVE-2025/CVE-2025-302xx/CVE-2025-30236.json
View File

@ -9,6 +9,10 @@
{
"lang": "en",
"value": "Shearwater SecurEnvoy SecurAccess Enrol before 9.4.515 allows authentication through only a six-digit TOTP code (skipping a password check) if an HTTP POST request contains a SESSION parameter."
},
{
"lang": "es",
"value": "La inscripci\u00f3n a Shearwater SecurEnvoy SecurAccess anterior a la versi\u00f3n 9.4.515 permite la autenticaci\u00f3n \u00fanicamente a trav\u00e9s de un c\u00f3digo TOTP de seis d\u00edgitos (omitiendo la verificaci\u00f3n de contrase\u00f1a) si una solicitud HTTP POST contiene un par\u00e1metro SESSION."
}
],
"metrics": {

20
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-03-19T09:00:20.472870+00:00
2025-03-19T11:00:20.471466+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-03-19T07:15:34.313000+00:00
2025-03-19T10:49:05.493000+00:00
```
### Last Data Feed Release
@ -33,21 +33,27 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
285657
285661
```
### CVEs added in the last Commit
Recently added CVEs: `2`
Recently added CVEs: `4`
- [CVE-2024-13410](CVE-2024/CVE-2024-134xx/CVE-2024-13410.json) (`2025-03-19T07:15:33.233`)
- [CVE-2024-13412](CVE-2024/CVE-2024-134xx/CVE-2024-13412.json) (`2025-03-19T07:15:33.980`)
- [CVE-2024-12136](CVE-2024/CVE-2024-121xx/CVE-2024-12136.json) (`2025-03-19T09:15:12.710`)
- [CVE-2024-12137](CVE-2024/CVE-2024-121xx/CVE-2024-12137.json) (`2025-03-19T09:15:14.090`)
- [CVE-2024-13790](CVE-2024/CVE-2024-137xx/CVE-2024-13790.json) (`2025-03-19T09:15:14.250`)
- [CVE-2025-27018](CVE-2025/CVE-2025-270xx/CVE-2025-27018.json) (`2025-03-19T09:15:14.457`)
### CVEs modified in the last Commit
Recently modified CVEs: `1`
Recently modified CVEs: `5`
- [CVE-2020-36780](CVE-2020/CVE-2020-367xx/CVE-2020-36780.json) (`2025-03-19T10:38:49.887`)
- [CVE-2021-47006](CVE-2021/CVE-2021-470xx/CVE-2021-47006.json) (`2025-03-19T10:49:05.493`)
- [CVE-2022-44595](CVE-2022/CVE-2022-445xx/CVE-2022-44595.json) (`2025-03-19T10:16:58.517`)
- [CVE-2025-26473](CVE-2025/CVE-2025-264xx/CVE-2025-26473.json) (`2025-03-19T10:34:55.550`)
- [CVE-2025-30236](CVE-2025/CVE-2025-302xx/CVE-2025-30236.json) (`2025-03-19T07:15:34.313`)

18
_state.csv
View File

@ -159569,7 +159569,7 @@ CVE-2020-36777,0,0,3e77b01802dc8c702924469ec2c343d257a461f9541fff65f5353927271f9
CVE-2020-36778,0,0,14964463b56c3f46cf0d7e1681e081ed056ba6255f767b3c58eee346e18635d2,2024-12-06T17:56:05.877000
CVE-2020-36779,0,0,b340ce85ed5e7b477f5fb274c0fd8555d5b7508db3f0bf7a88d4f3d3c6028939,2024-12-06T16:14:26.157000
CVE-2020-3678,0,0,f190c04766926ca91c70904eb559acd3c59e7fe8642b7bee0d398ac215f41720,2024-11-21T05:31:33.650000
CVE-2020-36780,0,0,1a274713103df30ad811a30a8739e992cdac1891873bd4910c4f9c50584975df,2024-11-21T05:30:17.597000
CVE-2020-36780,0,1,2b6beff0e1ba039223eda294a7df717d0d4761917e922d1dc63968ca25fb1064,2025-03-19T10:38:49.887000
CVE-2020-36781,0,0,002d82cc7803a268ecca16f3d91e0bf2d619360efb63b1688924453870cba627,2024-12-06T16:19:35.777000
CVE-2020-36782,0,0,7cfa043aa5ddbfe9fc75b67a2d014bf83a9b10b337589bf1682cc032ffbd860c,2024-12-06T18:02:53.493000
CVE-2020-36783,0,0,e286124c61448f7fd51b57f763b347528856a4a1ca56c75478cf046c0bba56c6,2024-12-06T17:37:43.990000
@ -187296,7 +187296,7 @@ CVE-2021-47002,0,0,8e2e69dd823954645422556b82a8f561e637a960eb547819ec3f275f452f3
CVE-2021-47003,0,0,d04fc40119c75046b1674e0b1232d9883e95a4b2b8d484d76d0bd053931c6730,2024-12-09T18:25:35.537000
CVE-2021-47004,0,0,18a085cc6c26085c72758be28fd43705328b7a300fb84b0333d9916289e05638,2025-01-08T17:43:50.870000
CVE-2021-47005,0,0,3fbd5c5ade061cd7cb91f258c837f64317568fee512c60e0acf3a8e8df4b123d,2024-12-09T18:23:57.377000
CVE-2021-47006,0,0,f918923c1438f63323d78c01b1632043cbbf07a22c40bb73d1f03f7b42828875,2024-11-21T06:35:10.380000
CVE-2021-47006,0,1,8b7923e8bfbeebc4a8acffb359bf14711b8cdd28c2b363546d9328b954c8a1a8,2025-03-19T10:49:05.493000
CVE-2021-47007,0,0,49fb8d6dc96a504a0d60085eaad9189d435cf6c6248575e653fa2c523ed518c4,2025-01-08T17:58:51.337000
CVE-2021-47008,0,0,424b2b46b9ee1112b21b12d194f2ab759ab5ded3180361e3ca8f70ab9520ff7b,2024-12-09T18:24:06.900000
CVE-2021-47009,0,0,5d51ef0833cdc3833bbaef02872b579b5eeb6431b56ac636d07b9c088ca5b5ca,2024-12-09T18:24:16.137000
@ -210037,7 +210037,7 @@ CVE-2022-44590,0,0,8419b28e3a0fb49ed6ee057d9814f15968322a8d49125a15e7831fc76db33
CVE-2022-44591,0,0,c847c79694e4ea0add459ff62a58817005ae0ba77ef3c55979619aef08bd2f9a,2024-11-21T07:28:11
CVE-2022-44593,0,0,90f8ad45672b1e43741913eaec2f22fe4107cda8646e72a10d74cce24b42f4d1,2024-11-21T07:28:11.120000
CVE-2022-44594,0,0,3797627f5d9a7951679266893bd3b9e56dfea89d1537aef29a76d6259b20dd89,2024-11-21T07:28:11.253000
CVE-2022-44595,0,0,337b57e6ab76e58ad8ac9202ff39c14b5034c49baa51f6e887a51986c146af6b,2024-11-21T07:28:11.370000
CVE-2022-44595,0,1,f6edec7b746eadd6b80ddc08b85bd3174a58e64c71edc46fa6aa704293243982,2025-03-19T10:16:58.517000
CVE-2022-4460,0,0,5d416431f18d1983565581f213317edee4176c1705777f42be098b34a9819d28,2024-11-21T07:35:18.607000
CVE-2022-44606,0,0,2ccd26fd5b50f4804b17f1c50f3dc9bbf076fa560859eebce0d574433978d320,2024-11-21T07:28:11.490000
CVE-2022-44608,0,0,ad65aee2635b2f9ff93e46fb7d8cb8cacaf9b74447958429b04124cd4700ade4,2024-11-21T07:28:11.590000
@ -246341,6 +246341,8 @@ CVE-2024-12130,0,0,f13cb67c00f6dcc27d0c31ba4dea31c8dabc6f66eb953b7214a560c5a851f
CVE-2024-12131,0,0,dbf0aa17931777a7d2a18f8d74d983fb90b7cc72d860577b6997f11baa1caf8d,2025-02-05T19:34:09.820000
CVE-2024-12132,0,0,b06e93c25499732ca815413e2d46627c97d1199e136eda86bfe61d37a4878c0b,2025-02-05T19:37:43.237000
CVE-2024-12133,0,0,6bf377b889cff4de6171d2a9027b1a17bce7f2dd91b7456e427087f02e89773b,2025-02-21T13:15:10.430000
CVE-2024-12136,1,1,1af49f9e3f90e9a8c9c087c1b3f62a2482bb6ae8bfc2d32c91441524251d5782,2025-03-19T09:15:12.710000
CVE-2024-12137,1,1,5eaf2bfba6f7164186bceacf974a7436d1572763ae1b2a7de8f61242544a1846,2025-03-19T09:15:14.090000
CVE-2024-12138,0,0,da6ee7fbee0e9075f414529b46a16ebad54f1168ad899da7c1771d5519a5d924,2024-12-04T14:15:19.413000
CVE-2024-1214,0,0,de1b224b633b4f15934a6c113718a0fee219da295a9b4587f21a72c198d9d833,2025-01-29T16:26:04.440000
CVE-2024-12140,0,0,c2add199266b1c986c32a034700db286963405079b6f69910eeedd64a6ce0f35,2025-01-07T05:15:14.730000
@ -247529,8 +247531,8 @@ CVE-2024-13407,0,0,1f436b9636d1a2e9852705669ce277b78519c04199eda73ea4f0162025e28
CVE-2024-13408,0,0,e396f32e4dcbb651814f9215fd3a09eb2577d8842a6e7054a1c2694b62332fd0,2025-02-05T01:37:13.827000
CVE-2024-13409,0,0,16195c232130678b474ab73526a536d491d9fdbf657fb8a2a79faa0112e2d1e0,2025-02-05T01:36:36.047000
CVE-2024-1341,0,0,18a405c4f3b1670bb4682ce0d2bacf1a2f13ce190629c8c1f1c6d07cc16f0c27,2025-02-27T03:18:02.077000
CVE-2024-13410,1,1,5d5ce15de77c9194923c67d32a93cabd6fa5b5e5a9f99c1d76be035b55aee771,2025-03-19T07:15:33.233000
CVE-2024-13412,1,1,244d8c0c5a923eb8c145fd38652c7e10de2957cfe239ada5c7f672899d55edde,2025-03-19T07:15:33.980000
CVE-2024-13410,0,0,5d5ce15de77c9194923c67d32a93cabd6fa5b5e5a9f99c1d76be035b55aee771,2025-03-19T07:15:33.233000
CVE-2024-13412,0,0,244d8c0c5a923eb8c145fd38652c7e10de2957cfe239ada5c7f672899d55edde,2025-03-19T07:15:33.980000
CVE-2024-13413,0,0,b43ed4643dabc8868dcfa53910d76ce2221751b062cab18595b77b8d890794e4,2025-03-11T05:15:37.083000
CVE-2024-13415,0,0,20f4b651b70587580f805a97274e0650f9bb61a3067aa9a0bda1ff129a051ce4,2025-01-31T06:15:29.287000
CVE-2024-13416,0,0,d71120210a80712a2c247daf0d2ae5cb04d95a19fc86e36a7c69ffa25a62e7ae,2025-02-21T12:15:29.193000
@ -247882,6 +247884,7 @@ CVE-2024-13783,0,0,4d1adc087edd34d52079e199658ef345cbd94c9c74350c99493fda1d34bf2
CVE-2024-13787,0,0,0eff21fc23493e01651531789dedbb01e9f9791c6b2318877412ee79834420bc,2025-03-05T10:15:16.810000
CVE-2024-13789,0,0,2b0af9ac1cf71402f1bdf617ac72ff1dc3e5b91a3734626a9c4e88889f4b7dad,2025-02-25T20:56:25.757000
CVE-2024-1379,0,0,80ef94f14b81af8686333ad09c1ad2f5017c23d1adeba6105930342040ebce86,2024-11-21T08:50:27.157000
CVE-2024-13790,1,1,cd675d4c0ca7b04b91c02c99109a1d8f6e0c7940419d662d1d919c9461a478e2,2025-03-19T09:15:14.250000
CVE-2024-13791,0,0,87d34d666cc6abe64fd811a08f4df25c9dcd54e5f0bd075f781061adfbd26e98,2025-02-25T04:01:52.803000
CVE-2024-13792,0,0,95c136c58ffd0d86dab2da9aa86fa75170f9d7e438d0612c3363162ba0d1c0ed,2025-02-25T20:56:55.553000
CVE-2024-13794,0,0,deb22703f68657fb6f9904f289dd9bf5c49f5d408fc334842a7f50a56248c381,2025-02-25T19:38:05.950000
@ -284947,7 +284950,7 @@ CVE-2025-26410,0,0,e0a8c1ecc38adad5db47008cfe5d8287500ec3cbba2c1f9a4a60a8e1051c5
CVE-2025-26411,0,0,3c8f066d5451ad6ef36a27d64d17719d6f654697fa56337f49dfc83e42e73333,2025-03-14T18:15:31.947000
CVE-2025-26465,0,0,305122a43f3140c85a4b4c03468e2fae692c04863ed3f0f25da2f320b5defd84,2025-03-06T17:20:00.520000
CVE-2025-26466,0,0,8c14c9c0652d2827f2d6411d6d80e391b9271119d08a75423892f7601f9b2e74,2025-03-06T16:53:50.833000
CVE-2025-26473,0,0,52ccbccdb5f491f06d9908445755c27b74741ade2b49687a9637bc0d9ccdeabb,2025-02-13T22:15:13.417000
CVE-2025-26473,0,1,41b0bd46f32c6729eefb29a2666cce546dde395dd2362800539aebed7d4bc19a,2025-03-19T10:34:55.550000
CVE-2025-26490,0,0,b8bc76b2be7d18c514587d66cef4d0bee94c01d7b29c32dae10138139a41dc50,2025-02-14T20:15:37.847000
CVE-2025-26491,0,0,7c0d222179eba4a77c32c46173122e282947b63a6de5118491e2b730e6dd9271,2025-02-14T20:15:37.930000
CVE-2025-26492,0,0,10f610a7afe531efeeb1575e93a64c84a3a6f9453498a7cd0479c1add3e10654,2025-02-11T14:15:31.260000
@ -285196,6 +285199,7 @@ CVE-2025-27012,0,0,3a1893682864e642f849034c4092180dc7a4b18b7a6ad2f7375bac0e9841b
CVE-2025-27013,0,0,9b9378b18f13319340e1f24d5072a99db201f1036e2a63d2b47d9e89c2a36e2e,2025-02-18T20:15:33.880000
CVE-2025-27016,0,0,f2c7dbbbe198c036189ea7e0294285906759c96b4b4fc3925b1ca597f8d458ee,2025-02-18T20:15:34.013000
CVE-2025-27017,0,0,487799b83e349646c0969a6714868b1c6a1e0d2f10d5e6737c1115cacdd0bce5,2025-03-12T17:15:50.327000
CVE-2025-27018,1,1,d7627439ac8580cafcc1645cd89dec4f1a559b653f534e48b600c01afeaf0c77,2025-03-19T09:15:14.457000
CVE-2025-27080,0,0,dcd914ae09375ce77795feef8ad95fb4f30b82b0d28355bee32f7c0de8eb15be,2025-03-18T20:15:26.300000
CVE-2025-27088,0,0,fbdc36eed3cad3a0ad2022cbe7aca458560a9c5f707fbc00203d874cefc235d6,2025-02-21T22:15:13.673000
CVE-2025-27089,0,0,4c46df8a0eff7d16a653158eecc2014910418a0d0440d1d2334e56d23f56f25a,2025-02-27T20:31:27.267000
@ -285655,4 +285659,4 @@ CVE-2025-30142,0,0,1246264bea9c6b49f2b8a8ead65c653d20fb9d371284f26fdb2f1b190b75f
CVE-2025-30143,0,0,dfaeb3eef5e72894446a00bc252dd02d40d218e0a77cd9256d63da4e0a89e02b,2025-03-17T16:15:28.643000
CVE-2025-30234,0,0,2b5c58b261698db3654a8d87fafd123300be7c95ea66a06456456707d9ebfedd,2025-03-19T05:15:41.353000
CVE-2025-30235,0,0,67c8acffd5b66a75e16bf136f5ec71938e7a203b09767896d1c5918e4b7c4166,2025-03-19T06:15:16.043000
CVE-2025-30236,0,1,500fbc3c7ec451492034813c7922507bae02c1576110edeaf224735f8baf4630,2025-03-19T07:15:34.313000
CVE-2025-30236,0,1,f7e2d88c169654d0773448256afe181965f2a68264511db7f8bbd914eb958bf0,2025-03-19T07:15:34.313000

Can't render this file because it is too large.