admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-05-03T12:00:23.835271+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-05-03 12:03:59 +00:00
parent 62d04e3f1f
commit 7f33d23501
4 changed files with 211 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
CVE-2024/CVE-2024-581xx/CVE-2024-58135.json Normal file
View File

@ -0,0 +1,57 @@
{
"id": "CVE-2024-58135",
"sourceIdentifier": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"published": "2025-05-03T11:15:48.037",
"lastModified": "2025-05-03T11:15:48.037",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Mojolicious versions from 7.28 through 9.39 for Perl may generate weak HMAC session secrets.\n\nWhen creating a default app with the \"mojo generate app\" tool, a weak secret is written to the application's configuration file using the insecure rand() function, and used for authenticating and protecting the integrity of the application's sessions. This may allow an attacker to brute force the application's session keys."
}
],
"metrics": {},
"weaknesses": [
{
"source": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-338"
}
]
}
],
"references": [
{
"url": "https://github.com/hashcat/hashcat/pull/4090",
"source": "9b29abf9-4ab0-4765-b253-1875cd9b441e"
},
{
"url": "https://github.com/mojolicious/mojo/pull/2200",
"source": "9b29abf9-4ab0-4765-b253-1875cd9b441e"
},
{
"url": "https://metacpan.org/release/SRI/Mojolicious-7.28/source/lib/Mojolicious/Command/generate/app.pm#L220",
"source": "9b29abf9-4ab0-4765-b253-1875cd9b441e"
},
{
"url": "https://metacpan.org/release/SRI/Mojolicious-9.38/source/lib/Mojolicious/Command/Author/generate/app.pm#L202",
"source": "9b29abf9-4ab0-4765-b253-1875cd9b441e"
},
{
"url": "https://metacpan.org/release/SRI/Mojolicious-9.39/source/lib/Mojo/Util.pm#L181",
"source": "9b29abf9-4ab0-4765-b253-1875cd9b441e"
},
{
"url": "https://perldoc.perl.org/functions/rand",
"source": "9b29abf9-4ab0-4765-b253-1875cd9b441e"
},
{
"url": "https://security.metacpan.org/docs/guides/random-data-for-security.html",
"source": "9b29abf9-4ab0-4765-b253-1875cd9b441e"
}
]
}

145
CVE-2025/CVE-2025-42xx/CVE-2025-4226.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-4226",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-05-03T11:15:49.283",
"lastModified": "2025-05-03T11:15:49.283",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in PHPGurukul Cyber Cafe Management System 1.0. This affects an unknown part of the file /add-computer.php. The manipulation of the argument compname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/diyuzhishen/mycve/issues/2",
"source": "cna@vuldb.com"
},
{
"url": "https://phpgurukul.com/",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.307323",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.307323",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.562409",
"source": "cna@vuldb.com"
}
]
}

11
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-05-03T10:00:19.651807+00:00
2025-05-03T12:00:23.835271+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-05-03T08:15:31.040000+00:00
2025-05-03T11:15:49.283000+00:00
```
### Last Data Feed Release
@ -33,14 +33,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
292439
292441
```
### CVEs added in the last Commit
Recently added CVEs: `1`
Recently added CVEs: `2`
- [CVE-2025-3815](CVE-2025/CVE-2025-38xx/CVE-2025-3815.json) (`2025-05-03T08:15:31.040`)
- [CVE-2024-58135](CVE-2024/CVE-2024-581xx/CVE-2024-58135.json) (`2025-05-03T11:15:48.037`)
- [CVE-2025-4226](CVE-2025/CVE-2025-42xx/CVE-2025-4226.json) (`2025-05-03T11:15:49.283`)
### CVEs modified in the last Commit

4
_state.csv
View File

@ -277851,6 +277851,7 @@ CVE-2024-58130,0,0,b1da61426890522f6374bed5d854c2d8adfdac7556fa6282fde3bf2122dc7
CVE-2024-58131,0,0,bc4908e979254be0dc1e1176cc36e7e2691904c3630b2abae16ce8f2a4516d81,2025-04-08T16:45:17.107000
CVE-2024-58132,0,0,87fc99e96492ae47f7ae88aebc39cca10a37119d96d5c66e6cef7cf588ab7762,2025-04-07T14:17:50.220000
CVE-2024-58133,0,0,4511afb6f4930bee53375abc516811f9928c158d8decf5ac029097e07f67929b,2025-04-07T14:17:50.220000
CVE-2024-58135,1,1,8af43e07194e980e3ea0f7075113ea9e4ee30e7cada80bfaad49d2081f4bd709,2025-05-03T11:15:48.037000
CVE-2024-58136,0,0,7d42d622ee4e18724ac12c03124fafd081de4815b0d827e3b883d9598d043c28,2025-05-03T01:00:02.097000
CVE-2024-5814,0,0,409f119643711fe465e9fd028af3caf838fd31e85495ee2ac73938edab3d7b3e,2024-08-28T12:57:39.090000
CVE-2024-5815,0,0,aa6c60bd870ff05880c843bf9053a612a42ac0af7385b9bf8cbbf1b2da2f2182,2024-11-21T09:48:23.203000
@ -291640,7 +291641,7 @@ CVE-2025-3808,0,0,c9d9b38c3b98d0e004f3d362b1c7affeec1437a2f1dff864304e4ff67e8ee1
CVE-2025-3809,0,0,b0f7ce143ffe6fc36f9bbc17873d1316b0e5d9337b65e2cd57e88fbec5f74a76,2025-04-21T14:23:45.950000
CVE-2025-38104,0,0,95fa066b9b297f0f71658bda9667ee4683e7719a8295e0ac6102597f6b2d67e5,2025-04-21T14:23:45.950000
CVE-2025-3814,0,0,11c279efbeec4fa23a54b22cf013841136b5f0f0ea6d94e898bb584de2240f97,2025-04-23T14:08:13.383000
CVE-2025-3815,1,1,9adf16c4646ef2bf71ebf5665df071b14aed69121d3df64d5e1c011d1dac400f,2025-05-03T08:15:31.040000
CVE-2025-3815,0,0,9adf16c4646ef2bf71ebf5665df071b14aed69121d3df64d5e1c011d1dac400f,2025-05-03T08:15:31.040000
CVE-2025-38152,0,0,6554c7473f6b6179493ded078859c0bfbf9661e041b4dcbfff31e86520619528,2025-04-29T14:39:46.800000
CVE-2025-3816,0,0,0d7063f065ed7a583101904f11408aabc0c0a375b6165150fa6a6202e87955da,2025-04-21T14:23:45.950000
CVE-2025-3817,0,0,d1d339a8b4a2a60b670dda015ec9ad8a209b25a85de9a75f6a155ea200a65ca1,2025-04-21T14:23:45.950000
@ -292076,6 +292077,7 @@ CVE-2025-4214,0,0,8cee5e2c191dc5f7c39625764e80f36dacfe3615ac2ff5e798d6d9dcab815a
CVE-2025-4215,0,0,5fd7a49b2f2c9f1e10a1eaa6aaf7951ee590f9e0aaf9c857c08ce31bb1852fbe,2025-05-02T21:15:23.893000
CVE-2025-4218,0,0,a58de78c748f0c970b32963cfb0c0c4b002aa8f4aa47c3e31af6ad119f6d5528,2025-05-02T21:15:24.057000
CVE-2025-4222,0,0,d7e55c8bdf6a556e71c00ab53da641e383f5a7392abda11a90f9dd5f2800bf1c,2025-05-03T03:15:29.217000
CVE-2025-4226,1,1,256c886690389ae0541e1d1ea7f71899d0ed236ec6dc6f7c15cfa0dac8da60a3,2025-05-03T11:15:49.283000
CVE-2025-42598,0,0,4c400d87dc34a2b74819c41bbdd48bd1c3da0af3c35841d82c2177d30b1cb5f5,2025-04-29T13:52:10.697000
CVE-2025-42599,0,0,d39e065342929b05f2b0a2b6fd7615d0e3f6e7c2f605fdbeb3b3bb9e83f12d93,2025-04-29T19:46:44.310000
CVE-2025-42600,0,0,a98a7820b508b5a8b0c7d0f0dd6cbaa5b07d1e37b05a983a49eb79024a0cd435,2025-04-23T14:08:13.383000

Can't render this file because it is too large.