diff --git a/CVE-2025/CVE-2025-18xx/CVE-2025-1804.json b/CVE-2025/CVE-2025-18xx/CVE-2025-1804.json new file mode 100644 index 00000000000..4ad0c886516 --- /dev/null +++ b/CVE-2025/CVE-2025-18xx/CVE-2025-1804.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2025-1804", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-03-01T19:15:10.660", + "lastModified": "2025-03-01T19:15:10.660", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in Blizzard Battle.Net up to 2.39.0.15212 on Windows and classified as critical. Affected by this issue is some unknown functionality in the library profapi.dll. The manipulation leads to uncontrolled search path. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "HIGH", + "vulnIntegrityImpact": "HIGH", + "vulnAvailabilityImpact": "HIGH", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.0, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.0, + "impactScore": 5.9 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:L/AC:H/Au:S/C:C/I:C/A:C", + "baseScore": 6.0, + "accessVector": "LOCAL", + "accessComplexity": "HIGH", + "authentication": "SINGLE", + "confidentialityImpact": "COMPLETE", + "integrityImpact": "COMPLETE", + "availabilityImpact": "COMPLETE" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 1.5, + "impactScore": 10.0, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-426" + }, + { + "lang": "en", + "value": "CWE-427" + } + ] + } + ], + "references": [ + { + "url": "https://vuldb.com/?ctiid.298040", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.298040", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.485034", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index c3c447a068d..6bf208d4f92 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-03-01T19:00:19.526743+00:00 +2025-03-01T21:00:18.744760+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-03-01T18:15:34.983000+00:00 +2025-03-01T19:15:10.660000+00:00 ``` ### Last Data Feed Release @@ -33,22 +33,20 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -283596 +283597 ``` ### CVEs added in the last Commit -Recently added CVEs: `2` +Recently added CVEs: `1` -- [CVE-2025-1799](CVE-2025/CVE-2025-17xx/CVE-2025-1799.json) (`2025-03-01T18:15:34.803`) -- [CVE-2025-1800](CVE-2025/CVE-2025-18xx/CVE-2025-1800.json) (`2025-03-01T18:15:34.983`) +- [CVE-2025-1804](CVE-2025/CVE-2025-18xx/CVE-2025-1804.json) (`2025-03-01T19:15:10.660`) ### CVEs modified in the last Commit -Recently modified CVEs: `1` +Recently modified CVEs: `0` -- [CVE-2025-0626](CVE-2025/CVE-2025-06xx/CVE-2025-0626.json) (`2025-03-01T18:15:34.140`) ## Download and Usage diff --git a/_state.csv b/_state.csv index ab80a4dc47d..f19258a90ae 100644 --- a/_state.csv +++ b/_state.csv @@ -280229,7 +280229,7 @@ CVE-2025-0622,0,0,a6a193274731f6c7dfaba57b90f3e73d71577adcaea95e1ee069d69beb79d1 CVE-2025-0623,0,0,341d910d0f0f4575e107592c92f38288f68e01fe716af21df488a6d82193e481,2025-01-21T17:15:16.817000 CVE-2025-0624,0,0,e574dbadcedb62d6ec5fc83ee445f795570d6b514ffea1920d6ad509cbc9be05,2025-02-19T19:15:15.120000 CVE-2025-0625,0,0,7f36541620787f4bb57811d2ab5017a08dd72bab5c190081458ac3e7009d06f3,2025-01-22T19:15:10.397000 -CVE-2025-0626,0,1,16ee263c85f3aad6f9b7c5ed60390a064032d53adec3f9f8437b4c73151fb8c7,2025-03-01T18:15:34.140000 +CVE-2025-0626,0,0,16ee263c85f3aad6f9b7c5ed60390a064032d53adec3f9f8437b4c73151fb8c7,2025-03-01T18:15:34.140000 CVE-2025-0630,0,0,a203846e431374935835f3b6e314fad6940377ee142abf426ce77275aa7cba26,2025-02-04T20:15:49.940000 CVE-2025-0631,0,0,a91b2711b77974f80919f9c5b372be80fd124e74c35c8b96965898a857e3e98a,2025-01-28T19:15:14.270000 CVE-2025-0633,0,0,99b5597a4d6745e0fdc49c871283cdb64a4adc9d1a5288ea05a1df36fe7875e0,2025-02-19T07:15:33.537000 @@ -280804,9 +280804,10 @@ CVE-2025-1788,0,0,dc9426cea6e825feaf5cae707f07c928b26b8e2baca0aa20ccec4c0a8b2fce CVE-2025-1791,0,0,34ee8cd2f104eaa7419273fe9af644f5f1d57bbad701730a9dfc317b74b5d810,2025-03-01T14:15:34.520000 CVE-2025-1795,0,0,70fd77cb540d3bda179678e58a7ef81c271cc3e16d5d4d855b724aa1245ec66f,2025-02-28T21:15:27.570000 CVE-2025-1797,0,0,300dd40b9ba65144edab2a795cb46e891c141669ea3cc5dd5e27c94a6c5ec09e,2025-03-01T15:15:11.573000 -CVE-2025-1799,1,1,43816068956cdf14dad20a4e5e4d1fc47001df714eea26349dd91115ab4dac95,2025-03-01T18:15:34.803000 -CVE-2025-1800,1,1,322e2f3c3e826d546073227fc29a2546415ead7a627628aa90cb68e7eca6995b,2025-03-01T18:15:34.983000 +CVE-2025-1799,0,0,43816068956cdf14dad20a4e5e4d1fc47001df714eea26349dd91115ab4dac95,2025-03-01T18:15:34.803000 +CVE-2025-1800,0,0,322e2f3c3e826d546073227fc29a2546415ead7a627628aa90cb68e7eca6995b,2025-03-01T18:15:34.983000 CVE-2025-1803,0,0,61b8ea959516cf458cfa0ea204219ee983e8adc2cba473f893652a1e07a05d40,2025-03-01T01:15:28.077000 +CVE-2025-1804,1,1,4efbbb5111b547eb1b7feeda8daec896151cbee844f359a595f3a1d604d85292,2025-03-01T19:15:10.660000 CVE-2025-20014,0,0,9692e5cd581a413def58e50a6734c5a89401a76673de37fc6a41ad824a4429cc,2025-01-29T20:15:35.207000 CVE-2025-20016,0,0,6fccb84eb01c2cd66b422e82777f9738bfe5004121e1b551d0ae454724543c0e,2025-01-14T10:15:07.500000 CVE-2025-20029,0,0,9b8781ac9a16d1f4940e1c86f8d87c8f1f8e66cb5b362950b6fdcd60c25126c4,2025-02-05T18:15:29.573000