diff --git a/CVE-2024/CVE-2024-90xx/CVE-2024-9082.json b/CVE-2024/CVE-2024-90xx/CVE-2024-9082.json index d0d4cab03fa..81136e9181d 100644 --- a/CVE-2024/CVE-2024-90xx/CVE-2024-9082.json +++ b/CVE-2024/CVE-2024-90xx/CVE-2024-9082.json @@ -2,13 +2,13 @@ "id": "CVE-2024-9082", "sourceIdentifier": "cna@vuldb.com", "published": "2024-09-22T08:15:02.077", - "lastModified": "2024-09-27T16:18:55.797", - "vulnStatus": "Analyzed", + "lastModified": "2025-03-31T06:15:28.837", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /Users.phpf=save of the component User Creation Handler. The manipulation of the argument type with the input 1 leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." + "value": "A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /classes/Users.php?f=save of the component User Creation Handler. The manipulation of the argument Type with the input 1 leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." }, { "lang": "es", @@ -131,8 +131,12 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Secondary", + "type": "Primary", "description": [ + { + "lang": "en", + "value": "CWE-266" + }, { "lang": "en", "value": "CWE-285" @@ -141,7 +145,7 @@ }, { "source": "nvd@nist.gov", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2025/CVE-2025-06xx/CVE-2025-0613.json b/CVE-2025/CVE-2025-06xx/CVE-2025-0613.json new file mode 100644 index 00000000000..b6b59567acd --- /dev/null +++ b/CVE-2025/CVE-2025-06xx/CVE-2025-0613.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2025-0613", + "sourceIdentifier": "contact@wpscan.com", + "published": "2025-03-31T06:15:29.463", + "lastModified": "2025-03-31T06:15:29.463", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Photo Gallery by 10Web WordPress plugin before 1.8.34 does not sanitised and escaped comment added on images by unauthenticated users, leading to an Unauthenticated Stored-XSS attack when comments are displayed" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/22be2b44-cd42-4b02-8448-59dd2989dde1/", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-24xx/CVE-2025-2402.json b/CVE-2025/CVE-2025-24xx/CVE-2025-2402.json new file mode 100644 index 00000000000..302859b15dd --- /dev/null +++ b/CVE-2025/CVE-2025-24xx/CVE-2025-2402.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2025-2402", + "sourceIdentifier": "security@knime.com", + "published": "2025-03-31T07:15:18.280", + "lastModified": "2025-03-31T07:15:18.280", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A hard-coded, non-random password for the object store (minio) of KNIME Business Hub in all versions except the ones listed below allows an unauthenticated remote attacker in possession of the password to read and manipulate swapped jobs or read and manipulate in- and output data of active jobs. It is also possible to cause a denial-of-service of most functionality of KNIME Business Hub by writing large amounts of data to the object store directly. \n\n\n\nThere are no viable workarounds therefore we strongly recommend to update to one of the following versions of KNIME Business Hub: \n\n\n\n * 1.13.2 or later \n\n\n\n\n\n\n * 1.12.3 or later \n\n\n\n\n\n\n * 1.11.3 or later \n\n\n\n\n\n\n * 1.10.3 or later" + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security@knime.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:C/RE:M/U:Amber", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "LOW", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "HIGH", + "subConfidentialityImpact": "LOW", + "subIntegrityImpact": "LOW", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "YES", + "Recovery": "USER", + "valueDensity": "CONCENTRATED", + "vulnerabilityResponseEffort": "MODERATE", + "providerUrgency": "AMBER" + } + } + ] + }, + "weaknesses": [ + { + "source": "security@knime.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-259" + } + ] + } + ], + "references": [ + { + "url": "https://www.knime.com/security/advisories#CVE-2025-2402", + "source": "security@knime.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-27xx/CVE-2025-2787.json b/CVE-2025/CVE-2025-27xx/CVE-2025-2787.json index 88ad92b2a96..b84eb5f8ca7 100644 --- a/CVE-2025/CVE-2025-27xx/CVE-2025-2787.json +++ b/CVE-2025/CVE-2025-27xx/CVE-2025-2787.json @@ -2,7 +2,7 @@ "id": "CVE-2025-2787", "sourceIdentifier": "security@knime.com", "published": "2025-03-26T21:15:23.167", - "lastModified": "2025-03-27T16:45:27.850", + "lastModified": "2025-03-31T07:15:18.557", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -75,7 +75,7 @@ ], "references": [ { - "url": "https://www.knime.com/security/advisories", + "url": "https://www.knime.com/security-advisory-cve-2025-2787", "source": "security@knime.com" } ] diff --git a/CVE-2025/CVE-2025-29xx/CVE-2025-2978.json b/CVE-2025/CVE-2025-29xx/CVE-2025-2978.json new file mode 100644 index 00000000000..914a23f7ab1 --- /dev/null +++ b/CVE-2025/CVE-2025-29xx/CVE-2025-2978.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2025-2978", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-03-31T06:15:29.627", + "lastModified": "2025-03-31T06:15:29.627", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in WCMS 11. It has been rated as critical. Affected by this issue is some unknown functionality of the file /index.php?articleadmin/upload/?&CKEditor=container&CKEditorFuncNum=1 of the component Article Publishing Page. The manipulation of the argument Upload leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "LOW", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "LOW", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "baseScore": 6.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + }, + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/caigo8/CVE-md/blob/main/wcms11/%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0RCE.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.302030", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.302030", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.523093", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-29xx/CVE-2025-2979.json b/CVE-2025/CVE-2025-29xx/CVE-2025-2979.json new file mode 100644 index 00000000000..acdb3526ab9 --- /dev/null +++ b/CVE-2025/CVE-2025-29xx/CVE-2025-2979.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2025-2979", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-03-31T06:15:29.857", + "lastModified": "2025-03-31T06:15:29.857", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability classified as problematic has been found in WCMS 11. This affects an unknown part of the file /index.php?anonymous/setregister of the component Registration. The manipulation of the argument Username leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 4.8, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "HIGH", + "userInteraction": "PASSIVE", + "vulnConfidentialityImpact": "NONE", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "NONE", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 2.4, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 0.9, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N", + "baseScore": 3.3, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "MULTIPLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE" + }, + "baseSeverity": "LOW", + "exploitabilityScore": 6.4, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + }, + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/caigo8/CVE-md/blob/main/wcms11/%E5%AD%98%E5%82%A8%E5%9E%8BXSS.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.302031", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.302031", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.523896", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-29xx/CVE-2025-2980.json b/CVE-2025/CVE-2025-29xx/CVE-2025-2980.json new file mode 100644 index 00000000000..a0e10773841 --- /dev/null +++ b/CVE-2025/CVE-2025-29xx/CVE-2025-2980.json @@ -0,0 +1,133 @@ +{ + "id": "CVE-2025-2980", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-03-31T07:15:18.710", + "lastModified": "2025-03-31T07:15:18.710", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability classified as problematic was found in Legrand SMS PowerView 1.x. This vulnerability affects unknown code. The manipulation of the argument redirect leads to open redirect. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "PASSIVE", + "vulnConfidentialityImpact": "NONE", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "NONE", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 3.5, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", + "baseScore": 4.0, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-601" + } + ] + } + ], + "references": [ + { + "url": "https://vuldb.com/?ctiid.302032", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.302032", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.523212", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-29xx/CVE-2025-2981.json b/CVE-2025/CVE-2025-29xx/CVE-2025-2981.json new file mode 100644 index 00000000000..7140d6e9172 --- /dev/null +++ b/CVE-2025/CVE-2025-29xx/CVE-2025-2981.json @@ -0,0 +1,133 @@ +{ + "id": "CVE-2025-2981", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-03-31T07:15:18.937", + "lastModified": "2025-03-31T07:15:18.937", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as problematic, has been found in Legrand SMS PowerView 1.x. This issue affects some unknown processing. The manipulation of the argument redirect leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "PASSIVE", + "vulnConfidentialityImpact": "NONE", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "NONE", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 3.5, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", + "baseScore": 4.0, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + }, + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://vuldb.com/?ctiid.302033", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.302033", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-308xx/CVE-2025-30835.json b/CVE-2025/CVE-2025-308xx/CVE-2025-30835.json new file mode 100644 index 00000000000..cfb696898cf --- /dev/null +++ b/CVE-2025/CVE-2025-308xx/CVE-2025-30835.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-30835", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-31T06:15:30.123", + "lastModified": "2025-03-31T06:15:30.123", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Bastien Ho Accounting for WooCommerce allows PHP Local File Inclusion. This issue affects Accounting for WooCommerce: from n/a through 1.6.8." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-98" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/accounting-for-woocommerce/vulnerability/wordpress-accounting-for-woocommerce-plugin-1-6-8-local-file-inclusion-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-308xx/CVE-2025-30855.json b/CVE-2025/CVE-2025-308xx/CVE-2025-30855.json new file mode 100644 index 00000000000..4a859606cd1 --- /dev/null +++ b/CVE-2025/CVE-2025-308xx/CVE-2025-30855.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-30855", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-31T06:15:30.310", + "lastModified": "2025-03-31T06:15:30.310", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Ads by WPQuads Ads by WPQuads allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Ads by WPQuads: from n/a through 2.0.87.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/quick-adsense-reloaded/vulnerability/wordpress-ads-by-wpquads-plugin-2-0-87-1-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-309xx/CVE-2025-30987.json b/CVE-2025/CVE-2025-309xx/CVE-2025-30987.json new file mode 100644 index 00000000000..389b097e18d --- /dev/null +++ b/CVE-2025/CVE-2025-309xx/CVE-2025-30987.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-30987", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-31T06:15:30.487", + "lastModified": "2025-03-31T06:15:30.487", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound JetBlocks For Elementor allows Stored XSS. This issue affects JetBlocks For Elementor: from n/a through 1.3.16." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/jet-blocks/vulnerability/wordpress-jetblocks-for-elementor-plugin-1-3-16-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-30xx/CVE-2025-3019.json b/CVE-2025/CVE-2025-30xx/CVE-2025-3019.json new file mode 100644 index 00000000000..29a3d2a077c --- /dev/null +++ b/CVE-2025/CVE-2025-30xx/CVE-2025-3019.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2025-3019", + "sourceIdentifier": "security@knime.com", + "published": "2025-03-31T07:15:19.133", + "lastModified": "2025-03-31T07:15:19.133", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "KNIME Business Hub is affected by several cross-site scripting vulnerabilities in its web pages. If a user clicks on a malicious link or opens a malicious web page, arbitrary Java Script may be executed with this user's permissions. This can lead to information loss and/or modification of existing data.\nThe issues are caused by a bug https://github.com/Baroshem/nuxt-security/issues/610 in the widely used nuxt-security module.\n\n\n\n\n\nThere are no viable workarounds therefore we strongly recommend to update to one of the following versions of KNIME Business Hub:\n\n\n\n\n\n * 1.13.3 or later\n\n\n\n\n\n\n * 1.12.4 or later" + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security@knime.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:D/RE:M/U:Amber", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "PASSIVE", + "vulnConfidentialityImpact": "LOW", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "NONE", + "subConfidentialityImpact": "LOW", + "subIntegrityImpact": "LOW", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "YES", + "Recovery": "USER", + "valueDensity": "DIFFUSE", + "vulnerabilityResponseEffort": "MODERATE", + "providerUrgency": "AMBER" + } + } + ] + }, + "weaknesses": [ + { + "source": "security@knime.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://www.knime.com/security/advisories#CVE-2025-3019", + "source": "security@knime.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-310xx/CVE-2025-31016.json b/CVE-2025/CVE-2025-310xx/CVE-2025-31016.json new file mode 100644 index 00000000000..b511162b821 --- /dev/null +++ b/CVE-2025/CVE-2025-310xx/CVE-2025-31016.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-31016", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-31T06:15:30.650", + "lastModified": "2025-03-31T06:15:30.650", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NotFound JetWooBuilder allows PHP Local File Inclusion. This issue affects JetWooBuilder: from n/a through 2.1.18." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-98" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/jet-woo-builder/vulnerability/wordpress-jetwoobuilder-plugin-2-1-18-local-file-inclusion-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-310xx/CVE-2025-31043.json b/CVE-2025/CVE-2025-310xx/CVE-2025-31043.json new file mode 100644 index 00000000000..1c3e51a34be --- /dev/null +++ b/CVE-2025/CVE-2025-310xx/CVE-2025-31043.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-31043", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-31T06:15:30.827", + "lastModified": "2025-03-31T06:15:30.827", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound JetSearch allows DOM-Based XSS. This issue affects JetSearch: from n/a through 3.5.7." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/jet-search/vulnerability/wordpress-jetsearch-plugin-3-5-7-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-313xx/CVE-2025-31387.json b/CVE-2025/CVE-2025-313xx/CVE-2025-31387.json new file mode 100644 index 00000000000..917b56eda9d --- /dev/null +++ b/CVE-2025/CVE-2025-313xx/CVE-2025-31387.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-31387", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-31T06:15:30.990", + "lastModified": "2025-03-31T06:15:30.990", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in InstaWP InstaWP Connect allows PHP Local File Inclusion. This issue affects InstaWP Connect: from n/a through 0.1.0.82." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-98" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/instawp-connect/vulnerability/wordpress-instawp-connect-plugin-0-1-0-82-local-file-inclusion-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-314xx/CVE-2025-31412.json b/CVE-2025/CVE-2025-314xx/CVE-2025-31412.json new file mode 100644 index 00000000000..2cea979b782 --- /dev/null +++ b/CVE-2025/CVE-2025-314xx/CVE-2025-31412.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-31412", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-31T06:15:31.147", + "lastModified": "2025-03-31T06:15:31.147", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound JetProductGallery allows DOM-Based XSS. This issue affects JetProductGallery: from n/a through 2.1.22." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/jet-woo-product-gallery/vulnerability/wordpress-jetproductgallery-plugin-2-1-22-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-314xx/CVE-2025-31414.json b/CVE-2025/CVE-2025-314xx/CVE-2025-31414.json new file mode 100644 index 00000000000..7a90618dd77 --- /dev/null +++ b/CVE-2025/CVE-2025-314xx/CVE-2025-31414.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-31414", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-31T06:15:31.317", + "lastModified": "2025-03-31T06:15:31.317", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stylemix Cost Calculator Builder allows Stored XSS. This issue affects Cost Calculator Builder: from n/a through 3.2.65." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/cost-calculator-builder/vulnerability/wordpress-cost-calculator-builder-plugin-3-2-65-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-314xx/CVE-2025-31417.json b/CVE-2025/CVE-2025-314xx/CVE-2025-31417.json new file mode 100644 index 00000000000..e7a51b9eef1 --- /dev/null +++ b/CVE-2025/CVE-2025-314xx/CVE-2025-31417.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-31417", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-31T06:15:31.480", + "lastModified": "2025-03-31T06:15:31.480", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Fahad Mahmood WP Docs allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Docs: from n/a through n/a." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-docs/vulnerability/wordpress-wp-docs-plugin-2-2-7-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index b1bf0482cc2..665e0b20c8b 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-03-31T06:00:20.944207+00:00 +2025-03-31T08:00:20.714554+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-03-31T05:15:16.500000+00:00 +2025-03-31T07:15:19.133000+00:00 ``` ### Last Data Feed Release @@ -33,32 +33,37 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -287361 +287377 ``` ### CVEs added in the last Commit -Recently added CVEs: `12` +Recently added CVEs: `16` -- [CVE-2025-24517](CVE-2025/CVE-2025-245xx/CVE-2025-24517.json) (`2025-03-31T05:15:15.420`) -- [CVE-2025-24852](CVE-2025/CVE-2025-248xx/CVE-2025-24852.json) (`2025-03-31T05:15:15.620`) -- [CVE-2025-25211](CVE-2025/CVE-2025-252xx/CVE-2025-25211.json) (`2025-03-31T05:15:15.773`) -- [CVE-2025-26689](CVE-2025/CVE-2025-266xx/CVE-2025-26689.json) (`2025-03-31T05:15:15.933`) -- [CVE-2025-2974](CVE-2025/CVE-2025-29xx/CVE-2025-2974.json) (`2025-03-31T04:15:17.633`) -- [CVE-2025-2975](CVE-2025/CVE-2025-29xx/CVE-2025-2975.json) (`2025-03-31T04:15:17.927`) -- [CVE-2025-2976](CVE-2025/CVE-2025-29xx/CVE-2025-2976.json) (`2025-03-31T05:15:16.090`) -- [CVE-2025-2977](CVE-2025/CVE-2025-29xx/CVE-2025-2977.json) (`2025-03-31T05:15:16.310`) -- [CVE-2025-3011](CVE-2025/CVE-2025-30xx/CVE-2025-3011.json) (`2025-03-31T04:15:19.037`) -- [CVE-2025-3013](CVE-2025/CVE-2025-30xx/CVE-2025-3013.json) (`2025-03-31T04:15:21.297`) -- [CVE-2025-3014](CVE-2025/CVE-2025-30xx/CVE-2025-3014.json) (`2025-03-31T04:15:33.730`) -- [CVE-2025-31103](CVE-2025/CVE-2025-311xx/CVE-2025-31103.json) (`2025-03-31T05:15:16.500`) +- [CVE-2025-0613](CVE-2025/CVE-2025-06xx/CVE-2025-0613.json) (`2025-03-31T06:15:29.463`) +- [CVE-2025-2402](CVE-2025/CVE-2025-24xx/CVE-2025-2402.json) (`2025-03-31T07:15:18.280`) +- [CVE-2025-2978](CVE-2025/CVE-2025-29xx/CVE-2025-2978.json) (`2025-03-31T06:15:29.627`) +- [CVE-2025-2979](CVE-2025/CVE-2025-29xx/CVE-2025-2979.json) (`2025-03-31T06:15:29.857`) +- [CVE-2025-2980](CVE-2025/CVE-2025-29xx/CVE-2025-2980.json) (`2025-03-31T07:15:18.710`) +- [CVE-2025-2981](CVE-2025/CVE-2025-29xx/CVE-2025-2981.json) (`2025-03-31T07:15:18.937`) +- [CVE-2025-3019](CVE-2025/CVE-2025-30xx/CVE-2025-3019.json) (`2025-03-31T07:15:19.133`) +- [CVE-2025-30835](CVE-2025/CVE-2025-308xx/CVE-2025-30835.json) (`2025-03-31T06:15:30.123`) +- [CVE-2025-30855](CVE-2025/CVE-2025-308xx/CVE-2025-30855.json) (`2025-03-31T06:15:30.310`) +- [CVE-2025-30987](CVE-2025/CVE-2025-309xx/CVE-2025-30987.json) (`2025-03-31T06:15:30.487`) +- [CVE-2025-31016](CVE-2025/CVE-2025-310xx/CVE-2025-31016.json) (`2025-03-31T06:15:30.650`) +- [CVE-2025-31043](CVE-2025/CVE-2025-310xx/CVE-2025-31043.json) (`2025-03-31T06:15:30.827`) +- [CVE-2025-31387](CVE-2025/CVE-2025-313xx/CVE-2025-31387.json) (`2025-03-31T06:15:30.990`) +- [CVE-2025-31412](CVE-2025/CVE-2025-314xx/CVE-2025-31412.json) (`2025-03-31T06:15:31.147`) +- [CVE-2025-31414](CVE-2025/CVE-2025-314xx/CVE-2025-31414.json) (`2025-03-31T06:15:31.317`) +- [CVE-2025-31417](CVE-2025/CVE-2025-314xx/CVE-2025-31417.json) (`2025-03-31T06:15:31.480`) ### CVEs modified in the last Commit -Recently modified CVEs: `1` +Recently modified CVEs: `2` -- [CVE-2025-0624](CVE-2025/CVE-2025-06xx/CVE-2025-0624.json) (`2025-03-31T04:15:15.547`) +- [CVE-2024-9082](CVE-2024/CVE-2024-90xx/CVE-2024-9082.json) (`2025-03-31T06:15:28.837`) +- [CVE-2025-2787](CVE-2025/CVE-2025-27xx/CVE-2025-2787.json) (`2025-03-31T07:15:18.557`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 49a312172ab..73c7a756554 100644 --- a/_state.csv +++ b/_state.csv @@ -280213,7 +280213,7 @@ CVE-2024-9078,0,0,81a374b0a617d1c1d04a271a83fca8a9a84c1cb0aa91153b2cace27ca93cce CVE-2024-9079,0,0,3c561095a7492d9bfbdb158d38276d6f952fb2819b364823efb7d31212fc06f8,2024-09-26T16:32:12.103000 CVE-2024-9080,0,0,2a53ffa27565f869916874cadf9591dbaaa064863c002bd56f7d4cbe126e5cd0,2024-09-26T16:32:24.083000 CVE-2024-9081,0,0,e7cd715a4638c51d16d179c81b391f40d520f5dbe15c5ad9fdceba550d98e9e3,2024-09-27T16:17:51.300000 -CVE-2024-9082,0,0,4a7197f2beebc268196b480906d2e1daa3d07175a90fc4ed6e8f4f79fe16d7b7,2024-09-27T16:18:55.797000 +CVE-2024-9082,0,1,0f108c09a03ac94a0d4210bb305a4815b5c302b07c2435a58fcaaa7206973590,2025-03-31T06:15:28.837000 CVE-2024-9083,0,0,a70a2d9dc9badfa2f7b59b247bb7acb076d4de3f78e2a0f4bf7d24f9758f3607,2024-09-27T16:20:11.190000 CVE-2024-9084,0,0,a32787e9403b19d010b6f14498f26ac9e7b9d19fe9a7595fdd67964fd25bfc46,2024-09-26T15:29:16.667000 CVE-2024-9085,0,0,ae175fea58f2fbd7f234e7cf7c585a499114bc9bb9d7e1c3e39b996613a3cb55,2024-09-27T16:19:21.317000 @@ -281427,13 +281427,14 @@ CVE-2025-0601,0,0,32c2522dac0fc3c40980f77ac0d53c361d341012ea228c0ef5d2b020b8f8c4 CVE-2025-0604,0,0,11b5fa64e0c44fc853249fe566d1ae9520d7be28da05402f93563e9d23c37605,2025-03-10T19:15:39.487000 CVE-2025-0611,0,0,d5c9360fc3080a3bf40a56d9e6161f43213715b53cd2c1f914a2626e9581bcd4,2025-02-06T22:15:40.053000 CVE-2025-0612,0,0,7ea4d4aa25f622741c89c8921e9bef8da99d00f4284523c951843203c8182c72,2025-02-04T19:15:32.720000 +CVE-2025-0613,1,1,b1d0f97020f3f53e4c85bcfd7c543e1db922c21f64b36bbb5f024be91c956053,2025-03-31T06:15:29.463000 CVE-2025-0614,0,0,35aebd2508e8a73e5890659bb27b5833c263157a992866f88cfa4a06211488f5,2025-01-21T12:15:27.580000 CVE-2025-0615,0,0,ebbe675921592ae8cbe2172db6e2765a464d273fff841eec1146e0ddf51f2dff,2025-01-21T12:15:27.737000 CVE-2025-0617,0,0,f628b1ad73170d04122e24ddb3e888ab06e1591d9b8c499515e522c90868af4e,2025-01-29T11:15:09.330000 CVE-2025-0619,0,0,d6798daeef3d7924598dddc8037e69d4ae3bc1784ffc6b426878fbbb52aa2ee9,2025-01-23T11:15:10.700000 CVE-2025-0622,0,0,e47fbbd3a3a716f89e6a5dc5e99d39a7414dccef8758c28db6b0464c5f5b2e87,2025-02-18T20:15:23.570000 CVE-2025-0623,0,0,341d910d0f0f4575e107592c92f38288f68e01fe716af21df488a6d82193e481,2025-01-21T17:15:16.817000 -CVE-2025-0624,0,1,7f95551d5b3aec04a4161f91b434f3e493d374e52187df0ff272f61641d37829,2025-03-31T04:15:15.547000 +CVE-2025-0624,0,0,7f95551d5b3aec04a4161f91b434f3e493d374e52187df0ff272f61641d37829,2025-03-31T04:15:15.547000 CVE-2025-0625,0,0,328c89607f451b43b59c7441ff870515136d8dcd178527014c9e23beca2d6c94,2025-03-28T19:14:20.063000 CVE-2025-0626,0,0,16ee263c85f3aad6f9b7c5ed60390a064032d53adec3f9f8437b4c73151fb8c7,2025-03-01T18:15:34.140000 CVE-2025-0628,0,0,570695b374c4ed87e2ed44b4722d7e35e02627e97784a5b85708accd345030c2,2025-03-20T10:15:53.407000 @@ -284704,6 +284705,7 @@ CVE-2025-24016,0,0,c090754f26d92875e7dde6ca613307138b21fce6005c542e3bd734afb516a CVE-2025-24017,0,0,4127b8a7fb48204ccdedd278270e1a824a4426e6472255b67fd4d2229bebbdd7,2025-01-21T18:15:17.683000 CVE-2025-24018,0,0,e4baea09df10b36d105667a7249c05293515d725374ccb74ed2a1fb48a8a06d4,2025-01-21T18:15:17.803000 CVE-2025-24019,0,0,2a3a6a9851c247290336c704932309ffb09f759a478660ebcaeee5a66d59a10f,2025-01-21T18:15:17.933000 +CVE-2025-2402,1,1,18b9a2564f8d466d4460c91cdad974986328d27857c6009f588e5f1b07454834,2025-03-31T07:15:18.280000 CVE-2025-24020,0,0,285e20714349f7ac830f6a14f1541e73cc305a3a9f896b0ecc137956f3014986,2025-02-13T19:01:51.927000 CVE-2025-24023,0,0,5804610dbc6510deb543cff5835e882094a01f7412f58c2aa22d0e854e84bef1,2025-03-07T21:44:56.620000 CVE-2025-24024,0,0,2eed754b499c2c804003117f998e15abebe8d400a886c780cd3d285697b11dd6,2025-01-21T20:15:46.617000 @@ -284947,7 +284949,7 @@ CVE-2025-24506,0,0,6d0f2b92aeb54c0239442b80d645c7de8b9983e714f18d96e40f89a3734ac CVE-2025-24507,0,0,422b270ad7f0d60cc805efaa577ee203a8a40781b3fc9ddd5b1e3464f7401c91,2025-02-05T06:15:31.860000 CVE-2025-24513,0,0,5c5908095b7b8f59692c97894f2bc39950e9c619c5cca524158b823c48174aeb,2025-03-27T16:45:46.410000 CVE-2025-24514,0,0,1a64291b9861e3b81420eacf402909141500e0f7a383b259826850512f786e18,2025-03-27T16:45:46.410000 -CVE-2025-24517,1,1,27031a7d6b1035c296c3097f6b88783f4229ef3b2a6d080f9822793569cf3f7a,2025-03-31T05:15:15.420000 +CVE-2025-24517,0,0,27031a7d6b1035c296c3097f6b88783f4229ef3b2a6d080f9822793569cf3f7a,2025-03-31T05:15:15.420000 CVE-2025-24521,0,0,8d587ccd83944db33992c871adfb713baf82b8ebec6fcce78327a7080ffb5677,2025-03-05T16:15:39.093000 CVE-2025-24526,0,0,1e18d1f5ae98abeeaf7d844b3f89d785c7636c11b538120dbb867fa27b9c5f64,2025-02-24T08:15:10.427000 CVE-2025-24527,0,0,64c5f15d3a36426dd086cf6753a3bcfcae0a9e70014bff12440c7ea401e9bd26,2025-02-24T16:15:14.683000 @@ -285212,7 +285214,7 @@ CVE-2025-24845,0,0,b01e6a569b8cc3a4584487bdfb3da2fbed952ffc0174ca89c61a3e20ee1bf CVE-2025-24846,0,0,395a1c47127c2c7ef37d1800a5094c8ea72456277181e4a623939a06fd6c82a4,2025-03-03T09:15:39.817000 CVE-2025-24849,0,0,8e5985d51102085b2b29506fc161cb28ee1a0b2a33328ea438367fccd6fa114a,2025-02-28T17:15:17.253000 CVE-2025-2485,0,0,bec0bc87ef80d5681ca0207b35a807ec5b25f8aa9955a26545915324703deba5,2025-03-28T18:11:40.180000 -CVE-2025-24852,1,1,0741a80d503b3c05c8efde4e802d5ec526f94ffaeefc23e9b1ce3ff2884d0477,2025-03-31T05:15:15.620000 +CVE-2025-24852,0,0,0741a80d503b3c05c8efde4e802d5ec526f94ffaeefc23e9b1ce3ff2884d0477,2025-03-31T05:15:15.620000 CVE-2025-24855,0,0,3b83ed2e42d12574419e7a5d93b58d3d4fa5393073d22ec518ba075ff8bdfcf5,2025-03-14T02:15:15.717000 CVE-2025-24856,0,0,de81d5fa3871c8fea36d9f92d65c776b1ac74e3aaeeb12190f8f5c33a73c1a6a,2025-03-16T04:15:14.517000 CVE-2025-24858,0,0,80a2e3e27ced5551413d1f52e03f6696ce40853726c2f8318cd2bd73891576ca,2025-01-26T07:15:09.237000 @@ -285454,7 +285456,7 @@ CVE-2025-25203,0,0,040b03b28fff3f91466e7eaa5a2d6143cc21f99e3d967437d45c81f30cd9c CVE-2025-25204,0,0,119932f98cc8b58871d029f6ccd9a89a806462d1c2b6c06ee7f6d1cb510c31af,2025-02-14T17:15:19.140000 CVE-2025-25205,0,0,53d346539ec5bb58856ce63a9d1fdca5438e2c859c2047a9cb707ece5a8bcbe8,2025-02-12T19:15:21.717000 CVE-2025-25206,0,0,9f668b067e3e448579721524d9498db32e90e7d300d6cfeef5961eac800c1c31,2025-02-14T17:15:19.327000 -CVE-2025-25211,1,1,0ac8994d607ffd78b8d70123f36572d81f001a4c84ab5ba1d6cf7618b60b6e65,2025-03-31T05:15:15.773000 +CVE-2025-25211,0,0,0ac8994d607ffd78b8d70123f36572d81f001a4c84ab5ba1d6cf7618b60b6e65,2025-03-31T05:15:15.773000 CVE-2025-25220,0,0,3e48240fbed17896ea7da609293ff3c7512ec69524229da5c9de3065be015d34,2025-03-18T09:15:13.750000 CVE-2025-25221,0,0,da7f39219236daa10c6a9a322f77562859face44f96d9c55ab9ddbe74ace6d9f,2025-02-18T01:15:09.070000 CVE-2025-25222,0,0,c2ca7e3dc29f3574e03139c7399b4994d988797dae7ad6db23b85350baa3dcf1,2025-02-18T01:15:09.210000 @@ -286054,7 +286056,7 @@ CVE-2025-26658,0,0,aedc4d0eb67f4f5f0b6a3ffda635a52c1b05624552df9e00a6801f2a11a2a CVE-2025-26659,0,0,e49bb37eae4d802d08529be287a8ee45c0a41d1e6476deffc54020440698032b,2025-03-11T01:15:35.683000 CVE-2025-26660,0,0,b711a00f5dfa32959fd3c766aaf7ba4ea22e4bae0e839f8f050152da069fcd60,2025-03-11T01:15:35.837000 CVE-2025-26661,0,0,6b07aa7e41ed32b21c57e51684aeb9e36856ccd243be242f1a25b61ed08c5995,2025-03-11T01:15:35.993000 -CVE-2025-26689,1,1,c9beae4491e6d4b4de9a3b92de4ea1d9cde8d8da4d43e4c144c949a3dc97594e,2025-03-31T05:15:15.933000 +CVE-2025-26689,0,0,c9beae4491e6d4b4de9a3b92de4ea1d9cde8d8da4d43e4c144c949a3dc97594e,2025-03-31T05:15:15.933000 CVE-2025-26695,0,0,e239201bb929150b03ad07ffb8d312f400377d1f1cfc7d0e42902c7137896acf,2025-03-12T19:15:40.450000 CVE-2025-26696,0,0,c788dec0a12ae5bdd6b81aed962f6239947be4d264a5b176d5302dfebc47d49c,2025-03-11T20:15:17.523000 CVE-2025-26698,0,0,02e1c85350f9590f950db8be3fe5f72c9485333903c0f224a4be86e1fd66bec5,2025-02-26T13:15:41.983000 @@ -286659,7 +286661,7 @@ CVE-2025-27837,0,0,d1de81c92d39130dad06cdf0171d24fbc0b9043933eeeec948883b2f81493 CVE-2025-27839,0,0,2897e6016e5e328d150ac9e956e1e3698f33d754fabb81cbdb31c6766dbfb22d,2025-03-08T00:15:38.340000 CVE-2025-27840,0,0,4f077c11cd42874f9ea8d03fc4b2dba1a597eef072d62ce316763a23259bd33d,2025-03-12T14:58:54.130000 CVE-2025-27867,0,0,706ccc11683336c438698de97765a7b785ce156810f1f1b352bcbe344a4419e0,2025-03-21T21:15:36.910000 -CVE-2025-2787,0,0,f2546c4d9d5f06240ee628ade91f2113d7aba585c0f8b385539f3a8b9792cd5f,2025-03-27T16:45:27.850000 +CVE-2025-2787,0,1,4aa889cfcc070b06e1753e76a9737fc448b22e64e5347c5b1fb406395a105243,2025-03-31T07:15:18.557000 CVE-2025-27888,0,0,8a8aa5b91d5bfb492ad148fbb9efc0a6effab4f3d802fb1b2e446246bda2ee28,2025-03-20T12:15:14.563000 CVE-2025-27893,0,0,e84577b5fcdd778bbc1f7429e59a23dbdaffc7f181556a9020c20ce55649162f,2025-03-11T14:15:26.033000 CVE-2025-27910,0,0,0bb94e3f7527c14f76129f12ea1086d3e9a5c32bf0c93521589ebefce719530f,2025-03-12T16:15:24.253000 @@ -286931,11 +286933,11 @@ CVE-2025-2970,0,0,63e0c65c94f9ed1dfbde9c28eea9f132666a924c7d81b099292abb9f72f8d7 CVE-2025-2971,0,0,69fd4b42e8f58c8fbd2dfcef525eae7e76e6fc9f29f2f2d64eb54b30a09f6bde,2025-03-31T02:15:21.767000 CVE-2025-2972,0,0,dceb9a04e1e98273fe83442e3ae3073b787e6734cb403569022a42bca35d9c48,2025-03-31T03:15:14.013000 CVE-2025-2973,0,0,71c0d39615a793b2507e0b77d00354b96a970ee32139f59d9ed67f22f4be28ba,2025-03-31T03:15:14.267000 -CVE-2025-2974,1,1,03c9d6549803ce2a83a8b5cb8e5bf9f28782a7d478987a9b985678a72c54e7cd,2025-03-31T04:15:17.633000 -CVE-2025-2975,1,1,54e4db29e6cd8e0854e5ae29ed995f3031619b872dddf128886ac54be5b16384,2025-03-31T04:15:17.927000 -CVE-2025-2976,1,1,b7586ea3a689e9721adedc5d4021b4eeab053eda769dec92478da646b4214af8,2025-03-31T05:15:16.090000 +CVE-2025-2974,0,0,03c9d6549803ce2a83a8b5cb8e5bf9f28782a7d478987a9b985678a72c54e7cd,2025-03-31T04:15:17.633000 +CVE-2025-2975,0,0,54e4db29e6cd8e0854e5ae29ed995f3031619b872dddf128886ac54be5b16384,2025-03-31T04:15:17.927000 +CVE-2025-2976,0,0,b7586ea3a689e9721adedc5d4021b4eeab053eda769dec92478da646b4214af8,2025-03-31T05:15:16.090000 CVE-2025-29768,0,0,492de4cf9bc586f0c097ff358f0d6522edec16b3a3700b1c85d835d10d900b1f,2025-03-13T17:15:37.623000 -CVE-2025-2977,1,1,016b99a65b42725cfd4a2d138d7bd1a9f4b5c5a184a0d45b000c90090c56cf70,2025-03-31T05:15:16.310000 +CVE-2025-2977,0,0,016b99a65b42725cfd4a2d138d7bd1a9f4b5c5a184a0d45b000c90090c56cf70,2025-03-31T05:15:16.310000 CVE-2025-29770,0,0,64a7761b4081159cba0465c32543c25f86c7bc3fdca10868943a613198ef8db7,2025-03-19T16:15:31.977000 CVE-2025-29771,0,0,40341ca82018118ee52a3bd3891794f5bfb5824a75c694db796b525153dba5da,2025-03-14T19:15:48.847000 CVE-2025-29773,0,0,a0c99e5f4c0b4eb6eb4d5e0663a9bd84830dc80c9b3c22b7d3ef4fb28b96c270,2025-03-13T19:15:52.257000 @@ -286944,6 +286946,7 @@ CVE-2025-29775,0,0,f8aff533c0e84344979e5487ebc0d33112cc14196a6b0362233e681fd1ef3 CVE-2025-29776,0,0,77eb5b12cb182f64e88569428bb92fb2cd15d9b8c6bd26dadd9900993d909e7d,2025-03-14T14:15:18.847000 CVE-2025-29778,0,0,44c56d9108a07e5b9498585ed522cb9b0d3edfc5edc580b42e68d563a595c335,2025-03-27T16:45:46.410000 CVE-2025-29779,0,0,2361210c87aea68a061209bb7c5182c2d3e935d41cf70eb515101cd965c3fb14,2025-03-19T16:15:32.157000 +CVE-2025-2978,1,1,5d1918311e35d246766198cac365ca2f66ca30d6dbabd860975a6fb848ec5313,2025-03-31T06:15:29.627000 CVE-2025-29780,0,0,3f4344500d740252b7365e0690ae4abe59605b1a5689a12595ae0031d06c80ce,2025-03-19T16:15:32.320000 CVE-2025-29781,0,0,9602edcc5b5c6ecdfd105a84695ee56cace470c55953ae06faefbf1153141afd,2025-03-18T15:16:00.747000 CVE-2025-29782,0,0,642561341fd441d3b75649151bd8fd2cc9789f9959ceab4d0a40abb896c0a19e,2025-03-25T20:12:23.047000 @@ -286952,10 +286955,13 @@ CVE-2025-29786,0,0,451b93240c4543f3def3ea2c9521ecc2be3354f0b552d41bf2a019283f00a CVE-2025-29787,0,0,2fd3435cc0f680f18716d607bc13a6c7a954d55969aae7d30fd344637489ec1d,2025-03-17T14:15:22.447000 CVE-2025-29788,0,0,864c3c65f52e851c38fc6d391e926f348d1c70745c997c79fa8abde39ce5bc67,2025-03-17T14:15:22.653000 CVE-2025-29789,0,0,55e4fc65897de45b10ba90aa15c5781d247cfaecd047ac1420d07ded7251482a,2025-03-27T16:45:46.410000 +CVE-2025-2979,1,1,786b86f28337fbf7bf9155583b8f2e51b1c8d20d023cdb39470af5c1ed747c96,2025-03-31T06:15:29.857000 CVE-2025-29790,0,0,a917e7f845d5526a877724b56a3ae7cbb2c47c308a32a65b6f3b54e65b4f8c98,2025-03-18T19:15:50.813000 CVE-2025-29795,0,0,6628c110a8ddfa1ddc624b3c8e04a9da92178a53d5d396807fa8edc11e306135,2025-03-23T17:15:28.920000 +CVE-2025-2980,1,1,ca18e70dfe716f1209467bb827741bdcc846e5056946687e6d93a85c9427fb34,2025-03-31T07:15:18.710000 CVE-2025-29806,0,0,a0731b88c2dc4e18b008ec219ba55467523f3caa42666518a3bc46a169274d95,2025-03-26T14:50:45.523000 CVE-2025-29807,0,0,530d9f651149a8b635edd48694d649666884c8d7e97fd101d5bd23cb34763719,2025-03-21T01:15:17.070000 +CVE-2025-2981,1,1,e887bac4930fae2303912c3cb2f1ec8d169076561dd398d8b185c85b0306e6a6,2025-03-31T07:15:18.937000 CVE-2025-29814,0,0,435e9e17285030a77811f9738adb8ece14bf52c5a294fba746e389024996a262,2025-03-21T01:15:17.253000 CVE-2025-29891,0,0,6f656b5325e6e317e0701bf37e32b1fd845a6f162de74687e113855da8de633f,2025-03-19T14:15:39.573000 CVE-2025-29903,0,0,10c68e7ddaac62cfaf56fa2d0c36952343de94dcaf74d7de9700d239804e47d3,2025-03-12T13:15:37.823000 @@ -286997,7 +287003,7 @@ CVE-2025-30093,0,0,655931c237d66508239faf3d38e961694a438293c2ddfd8c753f3093a3e9d CVE-2025-30106,0,0,d0ec2fed531a791fcdb7e275c6cc676f11c96b4c23a970884370a41e87a3b6a0,2025-03-21T17:15:40.227000 CVE-2025-30107,0,0,7ae7d3e2db9a3bcfc7100b14968701083bbe2237ed720df55c99fa3bf4e70491,2025-03-24T22:15:14.450000 CVE-2025-30109,0,0,c697d3ced89db3fb240ff33efe8653842b736020e748d3eead592e6135cb99ac,2025-03-21T17:15:40.447000 -CVE-2025-3011,1,1,b4673d4bb3c6b6dd74def09fba0ba773e7a47fa61349dfcac14acdff0fbfea11,2025-03-31T04:15:19.037000 +CVE-2025-3011,0,0,b4673d4bb3c6b6dd74def09fba0ba773e7a47fa61349dfcac14acdff0fbfea11,2025-03-31T04:15:19.037000 CVE-2025-30110,0,0,f846e38b869cd6ea0f6cbe74784129a846c49031188f9bef75c8d86a69a1a7c2,2025-03-21T17:15:40.657000 CVE-2025-30111,0,0,022a112bd538be311c9cdaaab39fc2ba1c3d75e68ed7094f343c00ba2f79f7ae,2025-03-24T22:15:14.610000 CVE-2025-30112,0,0,f5f2d0f2ef96c31117a42f2d7c2087bd7dc34164abd0725a29f6c02790bcfa24,2025-03-27T16:45:46.410000 @@ -287009,12 +287015,12 @@ CVE-2025-30117,0,0,f2848c723174ae6913274a313c525a3160dfb0080d5f9ad1ceea829a51c7e CVE-2025-30118,0,0,63bb6fe6df661494db5327da07bd867838234c34a82e4f268cbe5bdf2fffb41d,2025-03-27T16:45:46.410000 CVE-2025-30122,0,0,c1d95302660e92c024ec5fc6b6a580530031934f019c4b2b9b52ef0f1377e16a,2025-03-21T14:15:17.523000 CVE-2025-30123,0,0,2971729320ad92fd03f998696461ed7cc92e08495aa1f702cd91222eaa49f43d,2025-03-21T18:15:39.737000 -CVE-2025-3013,1,1,8df09899bbb51247745cb5a1422fe94cb0e59e3c551d4f6578f2cab06ea2b46c,2025-03-31T04:15:21.297000 +CVE-2025-3013,0,0,8df09899bbb51247745cb5a1422fe94cb0e59e3c551d4f6578f2cab06ea2b46c,2025-03-31T04:15:21.297000 CVE-2025-30132,0,0,6dd8c4b2ac9edac69820a35ebc388d786aab74afcd8113c3b2124d47b6d5313e,2025-03-21T14:15:17.687000 CVE-2025-30137,0,0,a3d82e5392a7ae9bb6e2b55e909849c73823035f2bbd28f1fff1c4aabebfc1e6,2025-03-25T17:16:24.817000 CVE-2025-30138,0,0,bf5f227b0c2a0f863e4324d085b375acb0c6ca2ad33a79fc1cc381e277aa2d5f,2025-03-25T17:16:25.520000 CVE-2025-30139,0,0,d294017f68c6a76a70a7f43c006bdc1e561faff86521c13bc4f4cadccb328ce9,2025-03-25T16:15:26.627000 -CVE-2025-3014,1,1,cbdc448c6b7bd93925dcacf3b6fe1ab0cd323401dc284d599f3e921fa877d746,2025-03-31T04:15:33.730000 +CVE-2025-3014,0,0,cbdc448c6b7bd93925dcacf3b6fe1ab0cd323401dc284d599f3e921fa877d746,2025-03-31T04:15:33.730000 CVE-2025-30140,0,0,27c42b89efbaaf1c6c2587fb58094673d3d04747335077901d13fd99670ae8bb,2025-03-25T16:15:26.790000 CVE-2025-30141,0,0,4828215ddc551f721f9119cc66fd0b6301157a9edecaa8b1bbaf43bada37f987,2025-03-25T16:15:26.960000 CVE-2025-30142,0,0,e6345e1b8b1602cf6baee1bb466c15695f398722ed692cc5b3b87414578f99b0,2025-03-25T16:15:27.130000 @@ -287030,6 +287036,7 @@ CVE-2025-30163,0,0,655322787d885aa61d50ea5e7ecff74dc9237e2c1710cc57eaf106a5eadfb CVE-2025-30164,0,0,c838231ddadd650538b91334381739f0e5f84496049f4ab61b98fedaf2408f7b,2025-03-27T16:45:27.850000 CVE-2025-30168,0,0,650d771cf97916a28afc5f172eb3b832385c1c5e1b844b714aca8ef5a55b9cbc,2025-03-21T15:15:43.440000 CVE-2025-30179,0,0,e6188b5cfe41efd4be24afd0a9be97fe3cad7c2aaaf7dc5206b7ef410f616059,2025-03-27T14:45:47.520000 +CVE-2025-3019,1,1,9b9c69522dd584e9fa82131200a6442717b6558a8bb9867e6a05476c0b32a39e,2025-03-31T07:15:19.133000 CVE-2025-30196,0,0,fe87e1ebefbcfeb53c0f502cc8d045248065acd7de3485e4d3812fc7fa420ce6,2025-03-19T19:15:50.980000 CVE-2025-30197,0,0,2d4109cd57eb04a1dbf5d412cbfee8b568c6ea58cd4671c7483e548e96f39bba,2025-03-21T14:15:17.837000 CVE-2025-30204,0,0,b1fa78b55f063476d0284edd7879b33da275b35192b8e844de9525f5d85299bd,2025-03-21T22:15:26.420000 @@ -287221,6 +287228,7 @@ CVE-2025-30830,0,0,757146686939893abbafce7567881d6582c1c8891bb29b2eb8a3e312165ff CVE-2025-30831,0,0,58d6659c79961b1bd4ecff4586ae2944853bee5fcbb0265f99091764205fbfcf,2025-03-27T16:45:12.210000 CVE-2025-30832,0,0,872225febe12961ed121a80db974e1743a077eecf1159ceea59c5ee8994e141c,2025-03-27T16:45:12.210000 CVE-2025-30833,0,0,a2a29ba40c749d9154bd543506d967eeecf9a87f52c05ad20c854b71f3aa0186,2025-03-27T16:45:12.210000 +CVE-2025-30835,1,1,48d8d832af8c15658f2f8f62a131b1031e85c9ad84d5be855094a6508ff12953,2025-03-31T06:15:30.123000 CVE-2025-30836,0,0,6504eb324a1ec096686c876af4abf58ae341b41fb408f47abc7dd4fc1ed7b258,2025-03-27T16:45:12.210000 CVE-2025-30838,0,0,c8224637914836764520188e48d3be333661d703c0aec303d3408c4a2082d067,2025-03-27T16:45:12.210000 CVE-2025-30839,0,0,7f84e9cce6914ca3519aebb5888dab9272dcac0726c7c6911a57af687fe3a8b5,2025-03-27T16:45:12.210000 @@ -287232,6 +287240,7 @@ CVE-2025-30847,0,0,fc961a502cdbb5e3e70606a6f8d637679f8552339c8080ad8895748b86165 CVE-2025-30850,0,0,760a1d8de33f40d499c33ff5bcfd7dc023a854aa3c9dd3ed4b3e1e844b1c5114,2025-03-27T16:45:12.210000 CVE-2025-30851,0,0,f31de6d06feb28cbb6d2ae0384a043c45d36984af50b98b70a1d34611d3389bf,2025-03-27T16:45:12.210000 CVE-2025-30854,0,0,49883421d6e5d7495d5181f7f5d3f9d094e10890825ab2510b96e7c898c09b58,2025-03-27T16:45:12.210000 +CVE-2025-30855,1,1,a54ec34d0ad24bce89c0a39f40b4c87c11d8ce8aff4486535cacfdefd19a2791,2025-03-31T06:15:30.310000 CVE-2025-30856,0,0,ccb96c8af7c196f023c8879d78b299b4b08ce7c7817b7565fc16363eb58e000f,2025-03-27T16:45:12.210000 CVE-2025-30857,0,0,b5ba2e57e180b100f5d4d19d911d2db57f8452762f300ab7a96ab93aa7007fbb,2025-03-27T16:45:12.210000 CVE-2025-30859,0,0,9fb4cb315d361c1ff2b1e74e39cf8c9d8e9ce4142f3dc5275511d19208d18ac5,2025-03-27T16:45:12.210000 @@ -287279,8 +287288,11 @@ CVE-2025-30921,0,0,0f49c6a76231945cfa45ff97ac30f85385ce79f7b853b4f89aa238944aeb0 CVE-2025-30922,0,0,9ff4dd0946f44b4c7c54a61d5993f66f06f3cb56f15e96b4e5bc278cdcc10d45,2025-03-27T16:45:12.210000 CVE-2025-30923,0,0,4337439665787ddec21f95bc117262f2db948b09c40c497dd22aee51e7ef404f,2025-03-27T16:45:12.210000 CVE-2025-30925,0,0,303059a0519907d0c47140322e242ea05b7024546a805d0c164e0f0e362aa4c3,2025-03-27T16:45:12.210000 +CVE-2025-30987,1,1,3bde9e0d79f9c6020c82a1c733bd9b0d1dd5668f8e538b99aaaefea8d1d120d2,2025-03-31T06:15:30.487000 CVE-2025-31010,0,0,2eedda8f330a9beae819a4cd9d50315b7c3705aef34f39a70e86c91cbd492554,2025-03-28T18:11:40.180000 +CVE-2025-31016,1,1,c5ca3e6f6448b93a667cabe48f971f3295c8cd6e2251fba8657daf3454f44eaa,2025-03-31T06:15:30.650000 CVE-2025-31031,0,0,168f44010a9f1d1f02e128d4aa188c4843365dadbda135ce003254626d8a07a2,2025-03-28T18:11:40.180000 +CVE-2025-31043,1,1,7ed22472ebfb0104e63d4a934c175fbcc77c0a046c8a9e838054b761868cecfb,2025-03-31T06:15:30.827000 CVE-2025-31073,0,0,e055d10b35c7f1d19592c754caac0fe0b296e12dee12b2987368c5a10e4343d1,2025-03-28T18:11:40.180000 CVE-2025-31075,0,0,534ea9726b86c919ee098a11b6850ee9f4de6cb2ed29ae3ffb397856198274b7,2025-03-28T18:11:40.180000 CVE-2025-31076,0,0,3c681763194ea5b2cf5d10661c575d0ca0bca725a50d656f4c1debe2fdcddb87,2025-03-28T18:11:40.180000 @@ -287296,7 +287308,7 @@ CVE-2025-31096,0,0,8ca3a285f269aad50201bec6c5b5176c2aa3543ce31a05030bca7554320f0 CVE-2025-31099,0,0,4c86dd21b4f050e9ca4bfab4f784a4375f6ca35560b038f877abe5e3229cb539,2025-03-28T18:11:40.180000 CVE-2025-31101,0,0,2cf8e74c917f5eb2b3dea3e0d7d8600ede97a2ef0d0ab55822bb3d149c95f86d,2025-03-28T18:11:40.180000 CVE-2025-31102,0,0,4ae39b1d21bf9a7659387386638726b4f9a10b166abb1ef9aceb0d97fc5360a2,2025-03-28T18:11:40.180000 -CVE-2025-31103,1,1,8675e6b85da98cba4a671d28083cbb77e457649c5dad292cd6fe06e762850fb3,2025-03-31T05:15:16.500000 +CVE-2025-31103,0,0,8675e6b85da98cba4a671d28083cbb77e457649c5dad292cd6fe06e762850fb3,2025-03-31T05:15:16.500000 CVE-2025-31105,0,0,3ea420eb0f78514b1d8574d41cb07f9b0316bbcde24f1aa0f802339e7a9adf19,2025-03-27T04:15:27.447000 CVE-2025-31106,0,0,9cd943c74a3d3aeb9d7fce7b86609160c2b3b46f9adb8d4161fa966b85a9a529,2025-03-27T04:15:28.007000 CVE-2025-31107,0,0,8505daa1494574bd4bf6fc3a5ca5fa621c0917e37c7c10d9dd14774eec62a678,2025-03-27T04:15:28.073000 @@ -287328,6 +287340,10 @@ CVE-2025-31371,0,0,cd370f88c92ee402d4c5aaef8baeb9e083693b4c18cd5565fe7e097d1b422 CVE-2025-31372,0,0,7a7a683873bc962dfe6aa91ab7aa77a42948f5cb58f2a30db9c2fe953aee9559,2025-03-29T04:15:38.950000 CVE-2025-31373,0,0,f9071278a14d544e1d638810d17e35e9b3cf783fa438c6415cfa720de050a0f8,2025-03-29T04:15:39.090000 CVE-2025-31374,0,0,a0063074d97edd2d0b6a359f9337f2fbc025fc83f5ab0917de6d943a4c010e45,2025-03-29T04:15:39.340000 +CVE-2025-31387,1,1,3841e4b5f54acc054c2ceaf19088553e0ecb932d7404adff78288f7d2e95e424,2025-03-31T06:15:30.990000 +CVE-2025-31412,1,1,68905eddf189835df947aca9eb7e8ddc2513cb1fb1efc35f69ef4b2ecd8c238e,2025-03-31T06:15:31.147000 +CVE-2025-31414,1,1,54a0b881200583b0d38c799e215fb4f3727326b548bbfef154d9b14fdffc4e2c,2025-03-31T06:15:31.317000 +CVE-2025-31417,1,1,05b6e7784ddb7b5a74a5471d9909ac7d3af8f82a3f69eb3903d55349a06c558b,2025-03-31T06:15:31.480000 CVE-2025-31432,0,0,66cb912d57f88bc72b111a0fcfbe419506a386c0afd760e3d30a46c5880e1d8f,2025-03-28T18:11:40.180000 CVE-2025-31433,0,0,29229c0e5e364d182f865fd66896e72801948e3d4a178c39c73725ee177d1d9c,2025-03-28T18:11:40.180000 CVE-2025-31434,0,0,fd6e557d5be9414ff58efa72871b7225ebc3d16a5ed03bd3604c8da6239c3911,2025-03-28T18:11:40.180000