diff --git a/CVE-2025/CVE-2025-214xx/CVE-2025-21479.json b/CVE-2025/CVE-2025-214xx/CVE-2025-21479.json index 65b95799bf6..a99c1b4fc95 100644 --- a/CVE-2025/CVE-2025-214xx/CVE-2025-21479.json +++ b/CVE-2025/CVE-2025-214xx/CVE-2025-21479.json @@ -2,13 +2,17 @@ "id": "CVE-2025-21479", "sourceIdentifier": "product-security@qualcomm.com", "published": "2025-06-03T07:15:20.933", - "lastModified": "2025-06-03T07:15:20.933", + "lastModified": "2025-06-04T01:00:02.020", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands." + }, + { + "lang": "es", + "value": "Corrupci\u00f3n de memoria debido a la ejecuci\u00f3n de comandos no autorizados en el micronodo de la GPU mientras se ejecuta una secuencia espec\u00edfica de comandos." } ], "metrics": { @@ -35,6 +39,10 @@ } ] }, + "cisaExploitAdd": "2025-06-03", + "cisaActionDue": "2025-06-24", + "cisaRequiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability", "weaknesses": [ { "source": "product-security@qualcomm.com", diff --git a/CVE-2025/CVE-2025-214xx/CVE-2025-21480.json b/CVE-2025/CVE-2025-214xx/CVE-2025-21480.json index bd6dbcc5e7c..61877fd3efb 100644 --- a/CVE-2025/CVE-2025-214xx/CVE-2025-21480.json +++ b/CVE-2025/CVE-2025-214xx/CVE-2025-21480.json @@ -2,13 +2,17 @@ "id": "CVE-2025-21480", "sourceIdentifier": "product-security@qualcomm.com", "published": "2025-06-03T06:15:26.190", - "lastModified": "2025-06-03T06:15:26.190", + "lastModified": "2025-06-04T01:00:02.020", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands." + }, + { + "lang": "es", + "value": "Corrupci\u00f3n de memoria debido a la ejecuci\u00f3n de comandos no autorizados en el micronodo de la GPU mientras se ejecuta una secuencia espec\u00edfica de comandos." } ], "metrics": { @@ -35,6 +39,10 @@ } ] }, + "cisaExploitAdd": "2025-06-03", + "cisaActionDue": "2025-06-24", + "cisaRequiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability", "weaknesses": [ { "source": "product-security@qualcomm.com", diff --git a/CVE-2025/CVE-2025-270xx/CVE-2025-27038.json b/CVE-2025/CVE-2025-270xx/CVE-2025-27038.json index 8fbf73a948b..c294061395d 100644 --- a/CVE-2025/CVE-2025-270xx/CVE-2025-27038.json +++ b/CVE-2025/CVE-2025-270xx/CVE-2025-27038.json @@ -2,13 +2,17 @@ "id": "CVE-2025-27038", "sourceIdentifier": "product-security@qualcomm.com", "published": "2025-06-03T06:15:27.133", - "lastModified": "2025-06-03T06:15:27.133", + "lastModified": "2025-06-04T01:00:02.020", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Memory corruption while rendering graphics using Adreno GPU drivers in Chrome." + }, + { + "lang": "es", + "value": "Corrupci\u00f3n de memoria al renderizar gr\u00e1ficos usando controladores de GPU Adreno en Chrome." } ], "metrics": { @@ -35,6 +39,10 @@ } ] }, + "cisaExploitAdd": "2025-06-03", + "cisaActionDue": "2025-06-24", + "cisaRequiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Qualcomm Multiple Chipsets Use-After-Free Vulnerability", "weaknesses": [ { "source": "product-security@qualcomm.com", diff --git a/CVE-2025/CVE-2025-55xx/CVE-2025-5545.json b/CVE-2025/CVE-2025-55xx/CVE-2025-5545.json new file mode 100644 index 00000000000..0e6f7ec9ea0 --- /dev/null +++ b/CVE-2025/CVE-2025-55xx/CVE-2025-5545.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2025-5545", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-06-04T00:15:25.333", + "lastModified": "2025-06-04T00:15:25.333", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability classified as problematic has been found in aaluoxiang oa_system up to 5b445a6227b51cee287bd0c7c33ed94b801a82a5. This affects the function image of the file src/main/java/cn/gson/oasys/controller/process/ProcedureController.java. The manipulation leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "LOW", + "vulnIntegrityImpact": "NONE", + "vulnAvailabilityImpact": "NONE", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", + "baseScore": 4.0, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/honorseclab/vulns/blob/main/aaluoxiang_oasystem/ArbitaryFileRead02.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.310995", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.310995", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.585885", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-55xx/CVE-2025-5546.json b/CVE-2025/CVE-2025-55xx/CVE-2025-5546.json new file mode 100644 index 00000000000..da9e564d2cd --- /dev/null +++ b/CVE-2025/CVE-2025-55xx/CVE-2025-5546.json @@ -0,0 +1,145 @@ +{ + "id": "CVE-2025-5546", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-06-04T00:15:25.540", + "lastModified": "2025-06-04T00:15:25.540", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability classified as critical was found in PHPGurukul Daily Expense Tracker System 1.1. This vulnerability affects unknown code of the file /expense-reports-detailed.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "LOW", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "LOW", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "baseScore": 6.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/f1rstb100d/myCVE/issues/26", + "source": "cna@vuldb.com" + }, + { + "url": "https://phpgurukul.com/", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.310996", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.310996", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.586916", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-55xx/CVE-2025-5547.json b/CVE-2025/CVE-2025-55xx/CVE-2025-5547.json new file mode 100644 index 00000000000..c283e6b51b5 --- /dev/null +++ b/CVE-2025/CVE-2025-55xx/CVE-2025-5547.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2025-5547", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-06-04T00:15:25.713", + "lastModified": "2025-06-04T00:15:25.713", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0. This issue affects some unknown processing of the component CDUP Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "LOW", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "LOW", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "baseScore": 7.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + }, + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "references": [ + { + "url": "https://fitoxs.com/exploit/exploit-a9c9f7b4f50efc4b4be32e7ec4d3f7dfd7390e9be4ff168d9ab7a0eb911f8f3a1.txt", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.310997", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.310997", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.586981", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-55xx/CVE-2025-5548.json b/CVE-2025/CVE-2025-55xx/CVE-2025-5548.json new file mode 100644 index 00000000000..03575c8863a --- /dev/null +++ b/CVE-2025/CVE-2025-55xx/CVE-2025-5548.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2025-5548", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-06-04T01:15:19.873", + "lastModified": "2025-06-04T01:15:19.873", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. Affected is an unknown function of the component NOOP Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "LOW", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "LOW", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "baseScore": 7.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + }, + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "references": [ + { + "url": "https://fitoxs.com/exploit/exploit-181bb9e57fbeedb99be8435f014d23b3d936df3ff95db127e57d6832dc48df8f.txt", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.310998", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.310998", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.586982", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-55xx/CVE-2025-5549.json b/CVE-2025/CVE-2025-55xx/CVE-2025-5549.json new file mode 100644 index 00000000000..8925fbf5073 --- /dev/null +++ b/CVE-2025/CVE-2025-55xx/CVE-2025-5549.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2025-5549", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-06-04T01:15:20.083", + "lastModified": "2025-06-04T01:15:20.083", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been found in FreeFloat FTP Server 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the component PASV Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "LOW", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "LOW", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "baseScore": 7.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + }, + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "references": [ + { + "url": "https://fitoxs.com/exploit/exploit-db8a685cdd982cfdfd1844a3f6cb0c497843e401fb1b1cc33f6c1c3190b973ad.txt", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.310999", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.310999", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.586983", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-55xx/CVE-2025-5550.json b/CVE-2025/CVE-2025-55xx/CVE-2025-5550.json new file mode 100644 index 00000000000..4e9d43572af --- /dev/null +++ b/CVE-2025/CVE-2025-55xx/CVE-2025-5550.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2025-5550", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-06-04T01:15:20.250", + "lastModified": "2025-06-04T01:15:20.250", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in FreeFloat FTP Server 1.0 and classified as critical. Affected by this issue is some unknown functionality of the component PBSZ Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "LOW", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "LOW", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "baseScore": 7.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + }, + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "references": [ + { + "url": "https://fitoxs.com/exploit/exploit-5cb1629d7f69e110d08b8a5f6dfe9b69928f5e4f681dbbc1e35cb317aa4d7126.txt", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.311000", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.311000", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.586987", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 157effe9f43..9b4873680b4 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-06-03T23:55:18.826589+00:00 +2025-06-04T02:00:18.888491+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-06-03T23:15:21.147000+00:00 +2025-06-04T01:15:20.250000+00:00 ``` ### Last Data Feed Release @@ -27,29 +27,34 @@ Repository synchronizes with the NVD every 2 hours. Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest) ```plain -2025-06-03T00:00:10.039748+00:00 +2025-06-04T00:00:04.320392+00:00 ``` ### Total Number of included CVEs ```plain -296377 +296383 ``` ### CVEs added in the last Commit -Recently added CVEs: `4` +Recently added CVEs: `6` -- [CVE-2025-24015](CVE-2025/CVE-2025-240xx/CVE-2025-24015.json) (`2025-06-03T23:15:20.633`) -- [CVE-2025-5542](CVE-2025/CVE-2025-55xx/CVE-2025-5542.json) (`2025-06-03T22:15:21.807`) -- [CVE-2025-5543](CVE-2025/CVE-2025-55xx/CVE-2025-5543.json) (`2025-06-03T23:15:20.953`) -- [CVE-2025-5544](CVE-2025/CVE-2025-55xx/CVE-2025-5544.json) (`2025-06-03T23:15:21.147`) +- [CVE-2025-5545](CVE-2025/CVE-2025-55xx/CVE-2025-5545.json) (`2025-06-04T00:15:25.333`) +- [CVE-2025-5546](CVE-2025/CVE-2025-55xx/CVE-2025-5546.json) (`2025-06-04T00:15:25.540`) +- [CVE-2025-5547](CVE-2025/CVE-2025-55xx/CVE-2025-5547.json) (`2025-06-04T00:15:25.713`) +- [CVE-2025-5548](CVE-2025/CVE-2025-55xx/CVE-2025-5548.json) (`2025-06-04T01:15:19.873`) +- [CVE-2025-5549](CVE-2025/CVE-2025-55xx/CVE-2025-5549.json) (`2025-06-04T01:15:20.083`) +- [CVE-2025-5550](CVE-2025/CVE-2025-55xx/CVE-2025-5550.json) (`2025-06-04T01:15:20.250`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `3` +- [CVE-2025-21479](CVE-2025/CVE-2025-214xx/CVE-2025-21479.json) (`2025-06-04T01:00:02.020`) +- [CVE-2025-21480](CVE-2025/CVE-2025-214xx/CVE-2025-21480.json) (`2025-06-04T01:00:02.020`) +- [CVE-2025-27038](CVE-2025/CVE-2025-270xx/CVE-2025-27038.json) (`2025-06-04T01:00:02.020`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 9b0760c23ae..3a6a6247528 100644 --- a/_state.csv +++ b/_state.csv @@ -284719,9 +284719,9 @@ CVE-2025-21469,0,0,44a98d2c7da1387889249fd5539f1241bba1748830f946c1d60c946e176d6 CVE-2025-2147,0,0,74883129637bc3238403c8977cb3f6a890ade1afe4467a882851a126f0eb8edc,2025-03-24T14:30:40.943000 CVE-2025-21470,0,0,302140affced5624b7926ec75d432b3f98e7a2f5e5c1d9590233b858d4c47845,2025-05-09T19:08:42.713000 CVE-2025-21475,0,0,f2f32195890d4a050cc8c69ec5f14e2e026ddc3e3e1c08b511c44a38ddd17bc2,2025-05-09T19:08:32.710000 -CVE-2025-21479,0,0,329822e0d479abb3de013ec719b36bba16b84e0a5c2b4e1558a8ede6d57e9970,2025-06-03T07:15:20.933000 +CVE-2025-21479,0,1,b383d399249a8b696425c45d434b27a11bbfd89b3535464396b5e4472d8ccc0e,2025-06-04T01:00:02.020000 CVE-2025-2148,0,0,d4190a3f054e2420a8d60bda0390077417613c29dc75da593352ca97816f8b9e,2025-03-10T14:15:26.130000 -CVE-2025-21480,0,0,2bc172d5c108adf01d1e3618c85fbd4950b8129dd6af06d0bf58a8093737dba7,2025-06-03T06:15:26.190000 +CVE-2025-21480,0,1,3d6c12ebd4174700c7e8b93422e4107901bd25746dda5636897f4eb0a80c4d61,2025-06-04T01:00:02.020000 CVE-2025-21485,0,0,73010e18ec621a1a17167f907048fc66beee8b9c3599de3cddf72f09ee8387e1,2025-06-03T06:15:26.423000 CVE-2025-21486,0,0,c5e16de3bcadc7d595ee20023571b8c6f4699e27d552dea8d1e8a4a8eed6c72d,2025-06-03T06:15:26.590000 CVE-2025-21489,0,0,5d30c3b0acc3ddba1057df1a4f29e61d74be0ae611271efb1a2a3c05a60a8cda,2025-01-23T20:15:31.630000 @@ -287020,7 +287020,7 @@ CVE-2025-24011,0,0,4997002c63d87a94e8865776add6314e721049c559bd5f674a539776486b7 CVE-2025-24012,0,0,d7756088832c18500532400fd59d99bc70c3afd7fc4835be1603f2f4ad48aacf,2025-02-20T16:45:15.377000 CVE-2025-24013,0,0,7b40cfb2c3b6c4eade342d9fc55e4330f563cbcf759855be6657139e406290d2,2025-01-20T16:15:28.877000 CVE-2025-24014,0,0,d437dd0957e63e3c162ac9164e717ef0adc1c3484b51bbf8b0a74d7b98c6cf06,2025-03-14T10:15:16.240000 -CVE-2025-24015,1,1,bc4e9d1cfa4b068baa98dec265391270676970b3c926ef8dd39e1e0aa1616e09,2025-06-03T23:15:20.633000 +CVE-2025-24015,0,0,bc4e9d1cfa4b068baa98dec265391270676970b3c926ef8dd39e1e0aa1616e09,2025-06-03T23:15:20.633000 CVE-2025-24016,0,0,c090754f26d92875e7dde6ca613307138b21fce6005c542e3bd734afb516a0ac,2025-02-10T20:15:42.540000 CVE-2025-24017,0,0,dc52ecd4171e7929f65e0a4836da3afeb723a34df858befdd8eddd836222dac3,2025-05-09T14:05:15.500000 CVE-2025-24018,0,0,8bc6fec409107a40272cc09bd4cd4f020e3f477d554cda09bae3fbb5bf512a3d,2025-05-09T14:02:53.547000 @@ -289012,7 +289012,7 @@ CVE-2025-2702,0,0,7ef0bfa66e07c4fb7c181b57cab1217f373873ecf500d50de0d874610b0745 CVE-2025-27029,0,0,52ac68a9cdf6220cc18c5e7cbb583d98e66fa0a9fab7cdc377fda1e06ea9860c,2025-06-03T06:15:26.777000 CVE-2025-2703,0,0,1cd2ec1071e8a854a09aaa20f8e960bae5b0d0c1a938baebd649e294b60810d4,2025-04-23T14:08:13.383000 CVE-2025-27031,0,0,f69e1e0dba9ba78d4c6190b5ed5e711fd3643a9a1a5a7fd6ecc0a1e4b91fc55c,2025-06-03T06:15:26.960000 -CVE-2025-27038,0,0,88d4feb7f16c77fd7c2e580cd25cd9480717c650a4769b561f8c00bbba264178,2025-06-03T06:15:27.133000 +CVE-2025-27038,0,1,515cf89db010c9346d0344253e5f834db6cf025152fe7353fbd6fefeac2af6b0,2025-06-04T01:00:02.020000 CVE-2025-2704,0,0,2cd2fdcb7bf078b49adccb5ec3568934eab2cf5655946edca476f7cde559986a,2025-05-24T01:38:01.433000 CVE-2025-2705,0,0,d7cf085971e80ff2f3017b9a76ca7e7c021414ba6b4da520921b330deccd7930,2025-03-27T16:45:46.410000 CVE-2025-2706,0,0,b7301874e71862c2693f8002ec404483a315cca246767eff2f97ca78b31281f9,2025-03-27T16:45:46.410000 @@ -296373,6 +296373,12 @@ CVE-2025-5522,0,0,7750795c8473f462f7d0c216fdd89fd656b7793ab7a2bb8064fe6761bf7a01 CVE-2025-5523,0,0,92b0a33ee71f18494904416bb8418f559a13b8c17cd5063077b1e15b45993897,2025-06-03T21:15:23.223000 CVE-2025-5525,0,0,2adf3342879b296c020ea6ce4786c659af3d0d3875afd52a67f40e5bf57ac7d6,2025-06-03T21:15:23.360000 CVE-2025-5527,0,0,03310183d2aef227c6a1af19d90fe9ac6ecad6dbe77245588bea99fb6d9c40ba,2025-06-03T21:15:23.483000 -CVE-2025-5542,1,1,1e6e744ebb0a2c1a2692d13778fb88132ad850afa28e615541ce79006c169f6d,2025-06-03T22:15:21.807000 -CVE-2025-5543,1,1,447d1d07ab39d91499ca8cf0d5888f436ad1047d9c468269401dd8672a2b072b,2025-06-03T23:15:20.953000 -CVE-2025-5544,1,1,a6bf184be32d4b28dc6ea6c64cedded3fff4ed129d6ee7e61f93554efced2c94,2025-06-03T23:15:21.147000 +CVE-2025-5542,0,0,1e6e744ebb0a2c1a2692d13778fb88132ad850afa28e615541ce79006c169f6d,2025-06-03T22:15:21.807000 +CVE-2025-5543,0,0,447d1d07ab39d91499ca8cf0d5888f436ad1047d9c468269401dd8672a2b072b,2025-06-03T23:15:20.953000 +CVE-2025-5544,0,0,a6bf184be32d4b28dc6ea6c64cedded3fff4ed129d6ee7e61f93554efced2c94,2025-06-03T23:15:21.147000 +CVE-2025-5545,1,1,2143597ebf76758a3c993bdf21d2076788d638aac22e98c1edba0a47936bae63,2025-06-04T00:15:25.333000 +CVE-2025-5546,1,1,8522740ba16e189a9b8302801828de4e6a88153386f6a0dc2b34f04f8972a43b,2025-06-04T00:15:25.540000 +CVE-2025-5547,1,1,869bd95cc8c8080c32873649b0b0dbeeb0275508ee1dc6fca87be38c63f264ba,2025-06-04T00:15:25.713000 +CVE-2025-5548,1,1,68d81ff412ea6615da97f34eec34fe154734e5acc046c6e66ad4317c007099a1,2025-06-04T01:15:19.873000 +CVE-2025-5549,1,1,05a6d069b1057abc17dc8cdb1a793e8a4efc6ecd5f1e563fdff29c4c6ea9477c,2025-06-04T01:15:20.083000 +CVE-2025-5550,1,1,ea3b4aeb88c500fd695ad65233d523362f997aec35c79c8018c66ace218a9ae9,2025-06-04T01:15:20.250000