diff --git a/CVE-2019/CVE-2019-65xx/CVE-2019-6535.json b/CVE-2019/CVE-2019-65xx/CVE-2019-6535.json index 687e1463697..a3674257c6c 100644 --- a/CVE-2019/CVE-2019-65xx/CVE-2019-6535.json +++ b/CVE-2019/CVE-2019-65xx/CVE-2019-6535.json @@ -2,13 +2,13 @@ "id": "CVE-2019-6535", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2019-02-05T19:29:00.243", - "lastModified": "2025-06-26T17:15:29.873", + "lastModified": "2025-06-26T18:15:21.017", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Mitsubishi Electric Q03/04/06/13/26UDVCPU: serial number 20081 and prior, Q04/06/13/26UDPVCPU: serial number 20081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 20101 and prior. A remote attacker can send specific bytes over Port 5007 that will result in an Ethernet stack crash." + "value": "Mitsubishi Electric Q03/04/06/13/26UDVCPU: serial number 20081 and prior, Q04/06/13/26UDPVCPU: serial number 20081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 20101 and prior. A remote attacker can send specific bytes over Port 5007 that will result in an Ethernet stack crash and disruption to USB communication." }, { "lang": "es", diff --git a/CVE-2019/CVE-2019-66xx/CVE-2019-6693.json b/CVE-2019/CVE-2019-66xx/CVE-2019-6693.json index 4c9e273a897..e92020aaba9 100644 --- a/CVE-2019/CVE-2019-66xx/CVE-2019-6693.json +++ b/CVE-2019/CVE-2019-66xx/CVE-2019-6693.json @@ -2,8 +2,8 @@ "id": "CVE-2019-6693", "sourceIdentifier": "psirt@fortinet.com", "published": "2019-11-21T16:15:13.173", - "lastModified": "2025-06-26T01:00:02.147", - "vulnStatus": "Modified", + "lastModified": "2025-06-26T19:31:29.797", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { diff --git a/CVE-2021/CVE-2021-416xx/CVE-2021-41691.json b/CVE-2021/CVE-2021-416xx/CVE-2021-41691.json index 9ad7cc33ded..62dd74ba366 100644 --- a/CVE-2021/CVE-2021-416xx/CVE-2021-41691.json +++ b/CVE-2021/CVE-2021-416xx/CVE-2021-41691.json @@ -2,8 +2,8 @@ "id": "CVE-2021-41691", "sourceIdentifier": "cve@mitre.org", "published": "2025-06-24T16:15:22.797", - "lastModified": "2025-06-25T15:15:20.810", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2021/CVE-2021-44xx/CVE-2021-4457.json b/CVE-2021/CVE-2021-44xx/CVE-2021-4457.json index f67f08eec6a..15f6cc41cc1 100644 --- a/CVE-2021/CVE-2021-44xx/CVE-2021-4457.json +++ b/CVE-2021/CVE-2021-44xx/CVE-2021-4457.json @@ -2,13 +2,17 @@ "id": "CVE-2021-4457", "sourceIdentifier": "contact@wpscan.com", "published": "2025-06-25T15:15:21.100", - "lastModified": "2025-06-25T15:15:21.100", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The ZoomSounds plugin before 6.05 contains a PHP file allowing unauthenticated users to upload an arbitrary file anywhere on the web server." + }, + { + "lang": "es", + "value": "El complemento ZoomSounds anterior a la versi\u00f3n 6.05 contiene un archivo PHP que permite a los usuarios no autenticados cargar un archivo arbitrario en cualquier lugar del servidor web." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-449xx/CVE-2023-44915.json b/CVE-2023/CVE-2023-449xx/CVE-2023-44915.json index 24c1c4a5999..e6f12c30aa8 100644 --- a/CVE-2023/CVE-2023-449xx/CVE-2023-44915.json +++ b/CVE-2023/CVE-2023-449xx/CVE-2023-44915.json @@ -2,13 +2,17 @@ "id": "CVE-2023-44915", "sourceIdentifier": "cve@mitre.org", "published": "2025-06-25T17:15:36.323", - "lastModified": "2025-06-25T18:15:21.283", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A cross-site scripting (XSS) vulnerability in the component /Login.php of c3crm up to v3.0.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the login_error parameter." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de cross site scripting (XSS) en el componente /Login.php de c3crm hasta v3.0.4 permite a los atacantes ejecutar scripts web o HTML arbitrarios a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro login_error." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-07xx/CVE-2024-0769.json b/CVE-2024/CVE-2024-07xx/CVE-2024-0769.json index 4e580095a3f..2ad23b37578 100644 --- a/CVE-2024/CVE-2024-07xx/CVE-2024-0769.json +++ b/CVE-2024/CVE-2024-07xx/CVE-2024-0769.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0769", "sourceIdentifier": "cna@vuldb.com", "published": "2024-01-21T08:15:07.550", - "lastModified": "2025-06-26T01:00:02.147", - "vulnStatus": "Modified", + "lastModified": "2025-06-26T19:29:56.650", + "vulnStatus": "Analyzed", "cveTags": [ { "sourceIdentifier": "cna@vuldb.com", @@ -201,7 +201,10 @@ }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0769", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "tags": [ + "US Government Resource" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-115xx/CVE-2024-11584.json b/CVE-2024/CVE-2024-115xx/CVE-2024-11584.json index 88b7b027699..cef94f27441 100644 --- a/CVE-2024/CVE-2024-115xx/CVE-2024-11584.json +++ b/CVE-2024/CVE-2024-115xx/CVE-2024-11584.json @@ -2,8 +2,8 @@ "id": "CVE-2024-11584", "sourceIdentifier": "security@ubuntu.com", "published": "2025-06-26T10:15:24.703", - "lastModified": "2025-06-26T13:15:28.650", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-276xx/CVE-2024-27685.json b/CVE-2024/CVE-2024-276xx/CVE-2024-27685.json index 803d2c86db4..73c6ff24dd0 100644 --- a/CVE-2024/CVE-2024-276xx/CVE-2024-27685.json +++ b/CVE-2024/CVE-2024-276xx/CVE-2024-27685.json @@ -2,13 +2,17 @@ "id": "CVE-2024-27685", "sourceIdentifier": "cve@mitre.org", "published": "2025-06-25T15:15:21.960", - "lastModified": "2025-06-25T16:15:25.390", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "SQL Injection vulnerability in Student Record system Using PHP and MySQL v.3.20 allows a remote attacker to obtain sensitive information via a crafted payload to the $cshortname, $cfullname, and $cdate variables." + }, + { + "lang": "es", + "value": "Vulnerabilidad de inyecci\u00f3n SQL en Student Record system Using PHP y MySQL v.3.20 permite a un atacante remoto obtener informaci\u00f3n confidencial a trav\u00e9s de un payload manipulado para las variables $cshortname, $cfullname y $cdate." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-377xx/CVE-2024-37743.json b/CVE-2024/CVE-2024-377xx/CVE-2024-37743.json index 5923ee2758c..f407e664574 100644 --- a/CVE-2024/CVE-2024-377xx/CVE-2024-37743.json +++ b/CVE-2024/CVE-2024-377xx/CVE-2024-37743.json @@ -2,13 +2,17 @@ "id": "CVE-2024-37743", "sourceIdentifier": "cve@mitre.org", "published": "2025-06-24T20:15:23.767", - "lastModified": "2025-06-24T20:15:23.767", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in mmzdev KnowledgeGPT V.0.0.5 allows a remote attacker to execute arbitrary code via the Document Display Component." + }, + { + "lang": "es", + "value": "Un problema en mmzdev KnowledgeGPT V.0.0.5 permite que un atacante remoto ejecute c\u00f3digo arbitrario a trav\u00e9s del componente de visualizaci\u00f3n de documentos." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-519xx/CVE-2024-51977.json b/CVE-2024/CVE-2024-519xx/CVE-2024-51977.json index 284b595959f..8be915889da 100644 --- a/CVE-2024/CVE-2024-519xx/CVE-2024-51977.json +++ b/CVE-2024/CVE-2024-519xx/CVE-2024-51977.json @@ -2,8 +2,8 @@ "id": "CVE-2024-51977", "sourceIdentifier": "cve@rapid7.com", "published": "2025-06-25T08:15:30.053", - "lastModified": "2025-06-26T15:15:22.167", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-519xx/CVE-2024-51978.json b/CVE-2024/CVE-2024-519xx/CVE-2024-51978.json index d92cb7688e1..d2d3c2f79e0 100644 --- a/CVE-2024/CVE-2024-519xx/CVE-2024-51978.json +++ b/CVE-2024/CVE-2024-519xx/CVE-2024-51978.json @@ -2,13 +2,17 @@ "id": "CVE-2024-51978", "sourceIdentifier": "cve@rapid7.com", "published": "2025-06-25T08:15:31.223", - "lastModified": "2025-06-25T14:15:22.823", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An unauthenticated attacker who knows the target device's serial number, can generate the default administrator password for the device. An unauthenticated attacker can first discover the target device's serial number via CVE-2024-51977 over HTTP/HTTPS/IPP, or via a PJL request, or via an SNMP request." + }, + { + "lang": "es", + "value": "Un atacante no autenticado que conozca el n\u00famero de serie del dispositivo objetivo puede generar la contrase\u00f1a de administrador predeterminada. Un atacante no autenticado puede descubrir primero el n\u00famero de serie del dispositivo objetivo mediante CVE-2024-51977 a trav\u00e9s de HTTP/HTTPS/IPP, una solicitud PJL o una solicitud SNMP. " } ], "metrics": { diff --git a/CVE-2024/CVE-2024-519xx/CVE-2024-51979.json b/CVE-2024/CVE-2024-519xx/CVE-2024-51979.json index 228b50d2678..3d2c3f9d592 100644 --- a/CVE-2024/CVE-2024-519xx/CVE-2024-51979.json +++ b/CVE-2024/CVE-2024-519xx/CVE-2024-51979.json @@ -2,13 +2,17 @@ "id": "CVE-2024-51979", "sourceIdentifier": "cve@rapid7.com", "published": "2025-06-25T08:15:31.590", - "lastModified": "2025-06-25T14:15:23.313", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An authenticated attacker may trigger a stack based buffer overflow by performing a malformed request to either the HTTP service (TCP port 80), the HTTPS service (TCP port 443), or the IPP service (TCP port 631). The malformed request will contain an empty Origin header value and a malformed Referer header value. The Referer header value will trigger a stack based buffer overflow when the host value in the Referer header is processed and is greater than 64 bytes in length." + }, + { + "lang": "es", + "value": "Un atacante autenticado puede provocar un desbordamiento de b\u00fafer basado en la pila mediante una solicitud malformada al servicio HTTP (puerto TCP 80), al servicio HTTPS (puerto TCP 443) o al servicio IPP (puerto TCP 631). La solicitud malformada contendr\u00e1 un valor de encabezado \"Origin\" vac\u00edo y un valor de encabezado \"Referer\" malformado. El valor de encabezado \"Referer\" provocar\u00e1 un desbordamiento de b\u00fafer basado en la pila cuando se procese el valor del host en el encabezado \"Referer\" y tenga una longitud superior a 64 bytes." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-519xx/CVE-2024-51980.json b/CVE-2024/CVE-2024-519xx/CVE-2024-51980.json index 1192681b997..bb0efbe0314 100644 --- a/CVE-2024/CVE-2024-519xx/CVE-2024-51980.json +++ b/CVE-2024/CVE-2024-519xx/CVE-2024-51980.json @@ -2,13 +2,17 @@ "id": "CVE-2024-51980", "sourceIdentifier": "cve@rapid7.com", "published": "2025-06-25T08:15:31.930", - "lastModified": "2025-06-25T15:15:22.187", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An unauthenticated attacker may perform a limited server side request forgery (SSRF), forcing the target device to open a TCP connection to an arbitrary port number on an arbitrary IP address. This SSRF leverages the WS-Addressing ReplyTo element in a Web service (HTTP TCP port 80) SOAP request. The attacker can not control the data sent in the SSRF connection, nor can the attacker receive any data back. This SSRF is suitable for TCP port scanning of an internal network when the Web service (HTTP TCP port 80) is exposed across a network segment." + }, + { + "lang": "es", + "value": "Un atacante no autenticado puede realizar server side request forgery (SSRF) limitada, forzando al dispositivo objetivo a abrir una conexi\u00f3n TCP a un n\u00famero de puerto arbitrario en una direcci\u00f3n IP arbitraria. Esta SSRF aprovecha el elemento ReplyTo de WS-Addressing en una solicitud SOAP de servicio web (puerto TCP HTTP 80). El atacante no puede controlar los datos enviados en la conexi\u00f3n SSRF ni recibirlos a cambio. Esta SSRF es adecuada para el escaneo de puertos TCP de una red interna cuando el servicio web (puerto TCP HTTP 80) est\u00e1 expuesto en un segmento de red." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-519xx/CVE-2024-51981.json b/CVE-2024/CVE-2024-519xx/CVE-2024-51981.json index 83982bf9393..8255f9245df 100644 --- a/CVE-2024/CVE-2024-519xx/CVE-2024-51981.json +++ b/CVE-2024/CVE-2024-519xx/CVE-2024-51981.json @@ -2,13 +2,17 @@ "id": "CVE-2024-51981", "sourceIdentifier": "cve@rapid7.com", "published": "2025-06-25T08:15:32.293", - "lastModified": "2025-06-25T15:15:22.713", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An unauthenticated attacker may perform a blind server side request forgery (SSRF), due to a CLRF injection issue that can be leveraged to perform HTTP request smuggling. This SSRF leverages the WS-Addressing feature used during a WS-Eventing subscription SOAP operation. The attacker can control all the HTTP data sent in the SSRF connection, but the attacker can not receive any data back from this connection." + }, + { + "lang": "es", + "value": "Un atacante no autenticado podr\u00eda realizar server-side request forgery (SSRF) ciega debido a un problema de inyecci\u00f3n de CLRF que puede aprovecharse para el contrabando de solicitudes HTTP. Esta SSRF utiliza la funci\u00f3n WS-Addressing utilizada durante una operaci\u00f3n SOAP de suscripci\u00f3n WS-Eventing. El atacante puede controlar todos los datos HTTP enviados en la conexi\u00f3n SSRF, pero no puede recibirlos de vuelta." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-519xx/CVE-2024-51982.json b/CVE-2024/CVE-2024-519xx/CVE-2024-51982.json index 7beaae1cf65..573b3165bd9 100644 --- a/CVE-2024/CVE-2024-519xx/CVE-2024-51982.json +++ b/CVE-2024/CVE-2024-519xx/CVE-2024-51982.json @@ -2,13 +2,17 @@ "id": "CVE-2024-51982", "sourceIdentifier": "cve@rapid7.com", "published": "2025-06-25T08:15:32.650", - "lastModified": "2025-06-25T15:15:23.170", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An unauthenticated attacker who can connect to TCP port 9100 can issue a Printer Job Language (PJL) command that will crash the target device. The device will reboot, after which the attacker can reissue the command to repeatedly crash the device. A malformed PJL variable FORMLINES is set to a non number value causing the target to crash." + }, + { + "lang": "es", + "value": "Un atacante no autenticado que se conecte al puerto TCP 9100 puede ejecutar un comando de lenguaje de trabajo de impresora (PJL) que bloquear\u00e1 el dispositivo objetivo. Este se reiniciar\u00e1, tras lo cual el atacante puede volver a ejecutar el comando para bloquearlo repetidamente. Una variable PJL mal formada, FORMLINES, se establece en un valor distinto de un n\u00famero, lo que provoca el bloqueo del dispositivo objetivo." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-519xx/CVE-2024-51983.json b/CVE-2024/CVE-2024-519xx/CVE-2024-51983.json index 690c1eb8e9e..82651252850 100644 --- a/CVE-2024/CVE-2024-519xx/CVE-2024-51983.json +++ b/CVE-2024/CVE-2024-519xx/CVE-2024-51983.json @@ -2,13 +2,17 @@ "id": "CVE-2024-51983", "sourceIdentifier": "cve@rapid7.com", "published": "2025-06-25T08:15:32.873", - "lastModified": "2025-06-25T15:15:23.390", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An unauthenticated attacker who can connect to the Web Services feature (HTTP TCP port 80) can issue a WS-Scan SOAP request containing an unexpected JobToken value which will crash the target device. The device will reboot, after which the attacker can reissue the command to repeatedly crash the device." + }, + { + "lang": "es", + "value": "Un atacante no autenticado que pueda conectarse a la funci\u00f3n de Servicios Web (puerto HTTP TCP 80) puede emitir una solicitud SOAP WS-Scan con un valor JobToken inesperado que bloquear\u00e1 el dispositivo objetivo. El dispositivo se reiniciar\u00e1, tras lo cual el atacante puede volver a ejecutar el comando para bloquearlo repetidamente." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-519xx/CVE-2024-51984.json b/CVE-2024/CVE-2024-519xx/CVE-2024-51984.json index b1efcb2fe5d..5fa74ce783b 100644 --- a/CVE-2024/CVE-2024-519xx/CVE-2024-51984.json +++ b/CVE-2024/CVE-2024-519xx/CVE-2024-51984.json @@ -2,13 +2,17 @@ "id": "CVE-2024-51984", "sourceIdentifier": "cve@rapid7.com", "published": "2025-06-25T08:15:33.220", - "lastModified": "2025-06-25T15:15:23.853", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An authenticated attacker can reconfigure the target device to use an external service (such as LDAP or FTP) controlled by the attacker. If an existing password is present for an external service, the attacker can force the target device to authenticate to an attacker controlled device using the existing credentials for that external service. In the case of an external LDAP or FTP service, this will disclose the plaintext password for that external service to the attacker." + }, + { + "lang": "es", + "value": "Un atacante autenticado puede reconfigurar el dispositivo objetivo para que use un servicio externo (como LDAP o FTP) controlado por \u00e9l. Si existe una contrase\u00f1a para un servicio externo, el atacante puede forzar al dispositivo objetivo a autenticarse en un dispositivo controlado por \u00e9l utilizando las credenciales existentes para ese servicio externo. En el caso de un servicio LDAP o FTP externo, esto revelar\u00e1 la contrase\u00f1a en texto plano de ese servicio externo al atacante." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52928.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52928.json index 27bee25e998..be4e1a35ec3 100644 --- a/CVE-2024/CVE-2024-529xx/CVE-2024-52928.json +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52928.json @@ -2,8 +2,8 @@ "id": "CVE-2024-52928", "sourceIdentifier": "cve@mitre.org", "published": "2025-06-26T17:15:30.287", - "lastModified": "2025-06-26T17:15:30.287", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-540xx/CVE-2024-54085.json b/CVE-2024/CVE-2024-540xx/CVE-2024-54085.json index 749908fd5bc..10885be1c06 100644 --- a/CVE-2024/CVE-2024-540xx/CVE-2024-54085.json +++ b/CVE-2024/CVE-2024-540xx/CVE-2024-54085.json @@ -2,8 +2,8 @@ "id": "CVE-2024-54085", "sourceIdentifier": "biossecurity@ami.com", "published": "2025-03-11T14:15:22.893", - "lastModified": "2025-06-26T01:00:02.147", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-06-26T19:29:28.430", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -59,6 +59,28 @@ "providerUrgency": "NOT_DEFINED" } } + ], + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } ] }, "cisaExploitAdd": "2025-06-25", @@ -77,22 +99,303 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:ami:megarac_sp-x:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12", + "versionEndExcluding": "12.7", + "matchCriteriaId": "402A5B6D-465C-4CC8-B75C-F96F0DE0A67C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:ami:megarac_sp-x:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13", + "versionEndExcluding": "13.5", + "matchCriteriaId": "CC09C9C4-F549-4EB7-9EE3-64C4C6E8633D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netapp:sg6160_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "503414B6-66ED-4280-BBA7-8CE250F1049A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netapp:sg6160:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F84B8A44-FC01-4211-B5B3-A0931F9E82CC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netapp:sgf6112_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "12BD7C95-1574-4414-80F3-F17BD75DFEFE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netapp:sgf6112:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5B1323E5-8C23-42D3-94FB-D06D5EADF278" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netapp:sg110_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1AC09386-D8C1-4EEF-8E21-AFCAE3891510" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netapp:sg110:-:*:*:*:*:*:*:*", + "matchCriteriaId": "083478BA-3640-4A85-8114-07BC1FE083D7" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netapp:sg1100_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "81305B7C-0070-4B4D-8B0C-34AD60E58994" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netapp:sg1100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "379CF2E2-D43B-4DD1-AABA-885397BB7D64" + } + ] + } + ] + } + ], "references": [ { "url": "https://go.ami.com/hubfs/Security%20Advisories/2025/AMI-SA-2025003.pdf", - "source": "biossecurity@ami.com" + "source": "biossecurity@ami.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://security.netapp.com/advisory/ntap-20250328-0003/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-54085", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "tags": [ + "US Government Resource" + ] }, { "url": "https://security.netapp.com/advisory/ntap-20250328-0003/", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-567xx/CVE-2024-56731.json b/CVE-2024/CVE-2024-567xx/CVE-2024-56731.json index 1e93ea47086..248315e2474 100644 --- a/CVE-2024/CVE-2024-567xx/CVE-2024-56731.json +++ b/CVE-2024/CVE-2024-567xx/CVE-2024-56731.json @@ -2,13 +2,17 @@ "id": "CVE-2024-56731", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-24T04:15:45.813", - "lastModified": "2025-06-24T04:15:45.813", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Gogs is an open source self-hosted Git service. Prior to version 0.13.3, it's still possible to delete files under the .git directory and achieve remote command execution due to an insufficient patch for CVE-2024-39931. Unprivileged user accounts can execute arbitrary commands on the Gogs instance with the privileges of the account specified by RUN_USER in the configuration. Allowing attackers to access and alter any users' code hosted on the same instance. This issue has been patched in version 0.13.3." + }, + { + "lang": "es", + "value": "Gogs es un servicio Git autoalojado de c\u00f3digo abierto. Antes de la versi\u00f3n 0.13.3, a\u00fan era posible eliminar archivos del directorio .git y ejecutar comandos de forma remota debido a un parche insuficiente para CVE-2024-39931. Las cuentas de usuario sin privilegios pueden ejecutar comandos arbitrarios en la instancia de Gogs con los privilegios de la cuenta especificada por RUN_USER en la configuraci\u00f3n. Esto permite a los atacantes acceder y modificar el c\u00f3digo de cualquier usuario alojado en la misma instancia. Este problema se ha corregido en la versi\u00f3n 0.13.3." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-569xx/CVE-2024-56915.json b/CVE-2024/CVE-2024-569xx/CVE-2024-56915.json index af82a50e250..4415aa87702 100644 --- a/CVE-2024/CVE-2024-569xx/CVE-2024-56915.json +++ b/CVE-2024/CVE-2024-569xx/CVE-2024-56915.json @@ -2,8 +2,8 @@ "id": "CVE-2024-56915", "sourceIdentifier": "cve@mitre.org", "published": "2025-06-26T15:15:22.570", - "lastModified": "2025-06-26T16:15:25.910", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-569xx/CVE-2024-56916.json b/CVE-2024/CVE-2024-569xx/CVE-2024-56916.json index e7e5e12fa3a..bdb53c516f1 100644 --- a/CVE-2024/CVE-2024-569xx/CVE-2024-56916.json +++ b/CVE-2024/CVE-2024-569xx/CVE-2024-56916.json @@ -2,13 +2,17 @@ "id": "CVE-2024-56916", "sourceIdentifier": "cve@mitre.org", "published": "2025-06-24T18:15:24.240", - "lastModified": "2025-06-24T20:15:24.643", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Netbox Community 4.1.7, once authenticated, Configuration History > Add`is vulnerable to cross-site scripting (XSS) due to the `current value` field rendering user supplied html. An authenticated attacker can leverage this to add malicious JavaScript to the any banner field. Once a victim edits a Configuration History version or attempts to Add a new version, the XSS payload will trigger." + }, + { + "lang": "es", + "value": "En Netbox Community 4.1.7, una vez autenticado, la opci\u00f3n \"Historial de Configuraci\u00f3n > Agregar\" es vulnerable a ataques de Cross-Site Scripting (XSS) debido a que el campo \"valor actual\" representa el HTML proporcionado por el usuario. Un atacante autenticado puede aprovechar esto para agregar JavaScript malicioso al campo \"Cualquier banner\". Al editar una versi\u00f3n del Historial de Configuraci\u00f3n o intentar agregar una nueva versi\u00f3n, se activa el payload XSS." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-569xx/CVE-2024-56917.json b/CVE-2024/CVE-2024-569xx/CVE-2024-56917.json index 52ef267cb69..1c84b9867f0 100644 --- a/CVE-2024/CVE-2024-569xx/CVE-2024-56917.json +++ b/CVE-2024/CVE-2024-569xx/CVE-2024-56917.json @@ -2,13 +2,17 @@ "id": "CVE-2024-56917", "sourceIdentifier": "cve@mitre.org", "published": "2025-06-24T20:15:24.790", - "lastModified": "2025-06-24T20:15:24.790", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Netbox Community 4.1.7 is vulnerable to Cross Site Scripting (XSS) via the maintenance banner` in maintenance mode." + }, + { + "lang": "es", + "value": "Netbox Community 4.1.7 es vulnerable a Cross Site Scripting (XSS) a trav\u00e9s del banner de mantenimiento en modo de mantenimiento." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-569xx/CVE-2024-56918.json b/CVE-2024/CVE-2024-569xx/CVE-2024-56918.json index 7707de3287c..e9f877b82df 100644 --- a/CVE-2024/CVE-2024-569xx/CVE-2024-56918.json +++ b/CVE-2024/CVE-2024-569xx/CVE-2024-56918.json @@ -2,13 +2,17 @@ "id": "CVE-2024-56918", "sourceIdentifier": "cve@mitre.org", "published": "2025-06-24T17:15:29.333", - "lastModified": "2025-06-24T20:15:24.953", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Netbox Community 4.1.7, the login page is vulnerable to cross-site scripting (XSS), which allows a privileged, authenticated attacker to exfiltrate user input from the login form." + }, + { + "lang": "es", + "value": "En Netbox Community 4.1.7, la p\u00e1gina de inicio de sesi\u00f3n es vulnerable a Cross-Site Scripting (XSS), lo que permite que un atacante autenticado y privilegiado filtre la entrada del usuario del formulario de inicio de sesi\u00f3n." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-577xx/CVE-2024-57708.json b/CVE-2024/CVE-2024-577xx/CVE-2024-57708.json index 7a8786cb605..3ea1ef4252c 100644 --- a/CVE-2024/CVE-2024-577xx/CVE-2024-57708.json +++ b/CVE-2024/CVE-2024-577xx/CVE-2024-57708.json @@ -2,8 +2,8 @@ "id": "CVE-2024-57708", "sourceIdentifier": "cve@mitre.org", "published": "2025-06-25T16:15:25.590", - "lastModified": "2025-06-26T05:15:23.387", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [ { "sourceIdentifier": "cve@mitre.org", @@ -16,6 +16,10 @@ { "lang": "en", "value": "An issue in OneTrust SDK v.6.33.0 allows a local attacker to cause a denial of service via the Object.setPrototypeOf, __proto__, and Object.assign components. NOTE: this is disputed by the Supplier who does not agree it is a prototype pollution vulnerability." + }, + { + "lang": "es", + "value": "Un problema en el SDK de OneTrust v.6.33.0 permite que un atacante local provoque una denegaci\u00f3n de servicio mediante los componentes Object.setPrototypeOf, __proto__ y Object.assign. NOTA: El proveedor lo niega y no acepta que se trate de una vulnerabilidad de contaminaci\u00f3n del prototipo." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-61xx/CVE-2024-6174.json b/CVE-2024/CVE-2024-61xx/CVE-2024-6174.json index 1f1f10a1e0d..e9eaee75045 100644 --- a/CVE-2024/CVE-2024-61xx/CVE-2024-6174.json +++ b/CVE-2024/CVE-2024-61xx/CVE-2024-6174.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6174", "sourceIdentifier": "security@ubuntu.com", "published": "2025-06-26T10:15:25.133", - "lastModified": "2025-06-26T10:15:25.133", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { @@ -35,6 +35,18 @@ } ] }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] + } + ], "references": [ { "url": "https://github.com/canonical/cloud-init/releases/tag/25.1.3", diff --git a/CVE-2025/CVE-2025-09xx/CVE-2025-0966.json b/CVE-2025/CVE-2025-09xx/CVE-2025-0966.json index 8dae4db8bab..4126a12d73a 100644 --- a/CVE-2025/CVE-2025-09xx/CVE-2025-0966.json +++ b/CVE-2025/CVE-2025-09xx/CVE-2025-0966.json @@ -2,13 +2,17 @@ "id": "CVE-2025-0966", "sourceIdentifier": "psirt@us.ibm.com", "published": "2025-06-25T03:15:26.580", - "lastModified": "2025-06-25T03:15:26.580", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM InfoSphere Information Server 11.7 vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database." + }, + { + "lang": "es", + "value": "IBM InfoSphere Information Server 11.7 es vulnerable a la inyecci\u00f3n SQL. Un atacante remoto podr\u00eda enviar sentencias SQL especialmente manipuladas, lo que le permitir\u00eda ver, a\u00f1adir, modificar o eliminar informaci\u00f3n en la base de datos backend." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-17xx/CVE-2025-1718.json b/CVE-2025/CVE-2025-17xx/CVE-2025-1718.json index a0163206736..3aff778bc04 100644 --- a/CVE-2025/CVE-2025-17xx/CVE-2025-1718.json +++ b/CVE-2025/CVE-2025-17xx/CVE-2025-1718.json @@ -2,13 +2,17 @@ "id": "CVE-2025-1718", "sourceIdentifier": "cybersecurity@hitachienergy.com", "published": "2025-06-24T12:15:20.033", - "lastModified": "2025-06-24T14:15:27.847", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An authenticated user with file access privilege via FTP access can cause the Relion 670/650 and SAM600-IO series device to reboot due to improper disk space management." + }, + { + "lang": "es", + "value": "Un usuario autenticado con privilegio de acceso a archivos a trav\u00e9s de acceso FTP puede provocar que el dispositivo de la serie Relion 670/650 y SAM600-IO se reinicie debido a una administraci\u00f3n incorrecta del espacio en disco." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-17xx/CVE-2025-1754.json b/CVE-2025/CVE-2025-17xx/CVE-2025-1754.json index ca4ceaefd8e..202df01a214 100644 --- a/CVE-2025/CVE-2025-17xx/CVE-2025-1754.json +++ b/CVE-2025/CVE-2025-17xx/CVE-2025-1754.json @@ -2,13 +2,17 @@ "id": "CVE-2025-1754", "sourceIdentifier": "cve@gitlab.com", "published": "2025-06-26T06:15:22.570", - "lastModified": "2025-06-26T06:15:22.570", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed unauthenticated attackers to upload arbitrary files to public projects by sending crafted API requests, potentially leading to resource abuse and unauthorized content storage." + }, + { + "lang": "es", + "value": "Se ha descubierto un problema en GitLab CE/EE que afecta a todas las versiones desde la 17.2 hasta la 17.11.5, la 18.0 hasta la 18.0.3 y la 18.1 hasta la 18.1.1 que podr\u00eda haber permitido a atacantes no autenticados cargar archivos arbitrarios en proyectos p\u00fablicos mediante el env\u00edo de solicitudes de API manipuladas, lo que podr\u00eda provocar un abuso de recursos y un almacenamiento de contenido no autorizado." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-202xx/CVE-2025-20264.json b/CVE-2025/CVE-2025-202xx/CVE-2025-20264.json index 1f6db449ebd..432422c7598 100644 --- a/CVE-2025/CVE-2025-202xx/CVE-2025-20264.json +++ b/CVE-2025/CVE-2025-202xx/CVE-2025-20264.json @@ -2,13 +2,17 @@ "id": "CVE-2025-20264", "sourceIdentifier": "psirt@cisco.com", "published": "2025-06-25T16:15:25.833", - "lastModified": "2025-06-25T16:15:25.833", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to bypass the authorization mechanisms for specific administrative functions.\r\n\r\nThis vulnerability is due to insufficient authorization enforcement mechanisms for users created by SAML SSO integration with an external identity provider. An attacker could exploit this vulnerability by submitting a series of specific commands to an affected device. A successful exploit could allow the attacker to modify a limited number of system settings, including some that would result in a system restart. In single-node Cisco ISE deployments, devices that are not authenticated to the network will not be able to authenticate until the Cisco ISE system comes back online. " + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n web de Cisco Identity Services Engine (ISE) podr\u00eda permitir que un atacante remoto autenticado eluda los mecanismos de autorizaci\u00f3n para funciones administrativas espec\u00edficas. Esta vulnerabilidad se debe a la insuficiencia de los mecanismos de aplicaci\u00f3n de la autorizaci\u00f3n para los usuarios creados por la integraci\u00f3n de SSO SAML con un proveedor de identidad externo. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una serie de comandos espec\u00edficos a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitirle modificar un n\u00famero limitado de configuraciones del sistema, incluyendo algunas que provocar\u00edan el reinicio del sistema. En implementaciones de Cisco ISE de un solo nodo, los dispositivos que no est\u00e9n autenticados en la red no podr\u00e1n autenticarse hasta que el sistema Cisco ISE vuelva a estar en l\u00ednea." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-202xx/CVE-2025-20281.json b/CVE-2025/CVE-2025-202xx/CVE-2025-20281.json index c51f8633c62..b496ae65835 100644 --- a/CVE-2025/CVE-2025-202xx/CVE-2025-20281.json +++ b/CVE-2025/CVE-2025-202xx/CVE-2025-20281.json @@ -2,13 +2,17 @@ "id": "CVE-2025-20281", "sourceIdentifier": "psirt@cisco.com", "published": "2025-06-25T16:15:26.017", - "lastModified": "2025-06-25T16:15:26.017", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. The attacker does not require any valid credentials to exploit this vulnerability.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to obtain root privileges on an affected device." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en una API espec\u00edfica de Cisco ISE y Cisco ISE-PIC podr\u00eda permitir que un atacante remoto no autenticado ejecute c\u00f3digo arbitrario en el sistema operativo subyacente como root. El atacante no necesita credenciales v\u00e1lidas para explotar esta vulnerabilidad. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la informaci\u00f3n proporcionada por el usuario. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una solicitud de API manipulada. Una explotaci\u00f3n exitosa podr\u00eda permitirle obtener privilegios de root en un dispositivo afectado." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-202xx/CVE-2025-20282.json b/CVE-2025/CVE-2025-202xx/CVE-2025-20282.json index 4742821560c..3d3143d54f2 100644 --- a/CVE-2025/CVE-2025-202xx/CVE-2025-20282.json +++ b/CVE-2025/CVE-2025-202xx/CVE-2025-20282.json @@ -2,13 +2,17 @@ "id": "CVE-2025-20282", "sourceIdentifier": "psirt@cisco.com", "published": "2025-06-25T17:15:37.490", - "lastModified": "2025-06-25T17:15:37.490", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device and then execute those files on the underlying operating system as root.\r\n\r\nThis vulnerability is due a lack of file validation checks that would prevent uploaded files from being placed in privileged directories on an affected system. An attacker could exploit this vulnerability by uploading a crafted file to the affected device. A successful exploit could allow the attacker to store malicious files on the affected system and then execute arbitrary code or obtain root privileges on the system." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en una API interna de Cisco ISE y Cisco ISE-PIC podr\u00eda permitir que un atacante remoto no autenticado cargue archivos arbitrarios en un dispositivo afectado y los ejecute en el sistema operativo subyacente como root. Esta vulnerabilidad se debe a la falta de comprobaciones de validaci\u00f3n de archivos que impedir\u00edan que los archivos cargados se colocaran en directorios privilegiados en un sistema afectado. Un atacante podr\u00eda explotar esta vulnerabilidad subiendo un archivo manipulado al dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitirle almacenar archivos maliciosos en el sistema afectado y luego ejecutar c\u00f3digo arbitrario u obtener privilegios de root." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-230xx/CVE-2025-23092.json b/CVE-2025/CVE-2025-230xx/CVE-2025-23092.json index d6322d22e5d..7fade9d029e 100644 --- a/CVE-2025/CVE-2025-230xx/CVE-2025-23092.json +++ b/CVE-2025/CVE-2025-230xx/CVE-2025-23092.json @@ -2,8 +2,8 @@ "id": "CVE-2025-23092", "sourceIdentifier": "cve@mitre.org", "published": "2025-06-23T21:15:24.460", - "lastModified": "2025-06-24T18:15:24.360", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-232xx/CVE-2025-23260.json b/CVE-2025/CVE-2025-232xx/CVE-2025-23260.json index 053c9930bc2..642d8b618ee 100644 --- a/CVE-2025/CVE-2025-232xx/CVE-2025-23260.json +++ b/CVE-2025/CVE-2025-232xx/CVE-2025-23260.json @@ -2,13 +2,17 @@ "id": "CVE-2025-23260", "sourceIdentifier": "psirt@nvidia.com", "published": "2025-06-24T18:15:24.533", - "lastModified": "2025-06-24T18:15:24.533", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "NVIDIA AIStore contains a vulnerability in the AIS Operator where a user may gain elevated k8s cluster access by using the ServiceAccount attached to the ClusterRole. A successful exploit of this vulnerability may lead to information disclosure." + }, + { + "lang": "es", + "value": "NVIDIA AIStore contiene una vulnerabilidad en el operador AIS que permite a un usuario obtener acceso elevado al cl\u00faster k8s mediante la cuenta de servicio asociada al rol de cl\u00faster. Explotar esta vulnerabilidad podr\u00eda provocar la divulgaci\u00f3n de informaci\u00f3n." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-232xx/CVE-2025-23264.json b/CVE-2025/CVE-2025-232xx/CVE-2025-23264.json index 38d9f593721..32ec5a939e6 100644 --- a/CVE-2025/CVE-2025-232xx/CVE-2025-23264.json +++ b/CVE-2025/CVE-2025-232xx/CVE-2025-23264.json @@ -2,13 +2,17 @@ "id": "CVE-2025-23264", "sourceIdentifier": "psirt@nvidia.com", "published": "2025-06-24T16:15:25.990", - "lastModified": "2025-06-24T16:15:25.990", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "NVIDIA Megatron-LM for all platforms contains a vulnerability in a python component where an attacker may cause a code injection issue by providing a malicious file. A successful exploit of this vulnerability may lead to Code Execution, Escalation of Privileges, Information Disclosure and Data Tampering." + }, + { + "lang": "es", + "value": "NVIDIA Megatron-LM para todas las plataformas contiene una vulnerabilidad en un componente de Python que permite a un atacante causar un problema de inyecci\u00f3n de c\u00f3digo al proporcionar un archivo malicioso. Explotar esta vulnerabilidad puede provocar ejecuci\u00f3n de c\u00f3digo, escalada de privilegios, divulgaci\u00f3n de informaci\u00f3n y manipulaci\u00f3n de datos." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-232xx/CVE-2025-23265.json b/CVE-2025/CVE-2025-232xx/CVE-2025-23265.json index 8fe1a5c7c2b..4a3a0966851 100644 --- a/CVE-2025/CVE-2025-232xx/CVE-2025-23265.json +++ b/CVE-2025/CVE-2025-232xx/CVE-2025-23265.json @@ -2,13 +2,17 @@ "id": "CVE-2025-23265", "sourceIdentifier": "psirt@nvidia.com", "published": "2025-06-24T16:15:26.183", - "lastModified": "2025-06-24T16:15:26.183", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "NVIDIA Megatron-LM for all platforms contains a vulnerability in a python component where an attacker may cause a code injection issue by providing a malicious file. A successful exploit of this vulnerability may lead to Code Execution, Escalation of Privileges, Information Disclosure and Data Tampering." + }, + { + "lang": "es", + "value": "NVIDIA Megatron-LM para todas las plataformas contiene una vulnerabilidad en un componente de Python que permite a un atacante causar un problema de inyecci\u00f3n de c\u00f3digo al proporcionar un archivo malicioso. Explotar esta vulnerabilidad puede provocar ejecuci\u00f3n de c\u00f3digo, escalada de privilegios, divulgaci\u00f3n de informaci\u00f3n y manipulaci\u00f3n de datos." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-24xx/CVE-2025-2403.json b/CVE-2025/CVE-2025-24xx/CVE-2025-2403.json index ef6c481e025..6734216614c 100644 --- a/CVE-2025/CVE-2025-24xx/CVE-2025-2403.json +++ b/CVE-2025/CVE-2025-24xx/CVE-2025-2403.json @@ -2,13 +2,17 @@ "id": "CVE-2025-2403", "sourceIdentifier": "cybersecurity@hitachienergy.com", "published": "2025-06-24T12:15:20.863", - "lastModified": "2025-06-24T14:15:28.330", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A denial-of-service vulnerability due to improper prioritization of network traffic over protection mechanism exists in Relion 670/650 and SAM600-IO series device that if exploited could potentially cause critical functions like LDCM (Line Distance Communication Module) to malfunction." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de denegaci\u00f3n de servicio debido a una priorizaci\u00f3n incorrecta del tr\u00e1fico de red sobre el mecanismo de protecci\u00f3n en los dispositivos de las series Relion 670/650 y SAM600-IO que, si se explota, podr\u00eda provocar que funciones cr\u00edticas como LDCM (m\u00f3dulo de comunicaci\u00f3n de distancia de l\u00ednea) funcionen mal." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-250xx/CVE-2025-25012.json b/CVE-2025/CVE-2025-250xx/CVE-2025-25012.json index 60cc838a231..42c334df80a 100644 --- a/CVE-2025/CVE-2025-250xx/CVE-2025-25012.json +++ b/CVE-2025/CVE-2025-250xx/CVE-2025-25012.json @@ -2,13 +2,17 @@ "id": "CVE-2025-25012", "sourceIdentifier": "bressers@elastic.co", "published": "2025-06-25T12:15:19.920", - "lastModified": "2025-06-25T12:15:19.920", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "URL redirection to an untrusted site ('Open Redirect') in Kibana can lead to sending a user to an arbitrary site and server-side request forgery via a specially crafted URL." + }, + { + "lang": "es", + "value": "La redirecci\u00f3n de URL a un sitio no confiable (\"Redirecci\u00f3n abierta\") en Kibana puede llevar al env\u00edo de un usuario a un sitio arbitrario y a server-side request forgery a trav\u00e9s de una URL especialmente manipulada." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-259xx/CVE-2025-25905.json b/CVE-2025/CVE-2025-259xx/CVE-2025-25905.json index 0664e2f0e4e..7841acf0b5c 100644 --- a/CVE-2025/CVE-2025-259xx/CVE-2025-25905.json +++ b/CVE-2025/CVE-2025-259xx/CVE-2025-25905.json @@ -2,13 +2,17 @@ "id": "CVE-2025-25905", "sourceIdentifier": "cve@mitre.org", "published": "2025-06-25T16:15:26.173", - "lastModified": "2025-06-25T16:15:26.173", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cross-Site Scripting (XSS) vulnerability in CADClick v1.13.0 and before allows remote attackers to inject arbitrary web script or HTML via the \"tree\" parameter." + }, + { + "lang": "es", + "value": "La vulnerabilidad de cross site scripting (XSS) en CADClick v1.13.0 y anteriores permite a atacantes remotos inyectar script web o HTML arbitrarios a trav\u00e9s del par\u00e1metro \"\u00e1rbol\". " } ], "metrics": { diff --git a/CVE-2025/CVE-2025-25xx/CVE-2025-2566.json b/CVE-2025/CVE-2025-25xx/CVE-2025-2566.json index 37998a69beb..81d612bd2b3 100644 --- a/CVE-2025/CVE-2025-25xx/CVE-2025-2566.json +++ b/CVE-2025/CVE-2025-25xx/CVE-2025-2566.json @@ -2,13 +2,17 @@ "id": "CVE-2025-2566", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2025-06-24T19:15:23.520", - "lastModified": "2025-06-24T19:15:23.520", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Kaleris NAVIS N4 ULC (Ultra Light Client) contains an unsafe Java deserialization vulnerability. An unauthenticated attacker can make specially crafted requests to execute arbitrary code on the server." + }, + { + "lang": "es", + "value": "Kaleris NAVIS N4 ULC (Cliente Ultraligero) contiene una vulnerabilidad de deserializaci\u00f3n de Java insegura. Un atacante no autenticado puede realizar solicitudes especialmente manipuladas para ejecutar c\u00f3digo arbitrario en el servidor." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-278xx/CVE-2025-27827.json b/CVE-2025/CVE-2025-278xx/CVE-2025-27827.json index 6dc04a4e32a..2c6ff5a8e9b 100644 --- a/CVE-2025/CVE-2025-278xx/CVE-2025-27827.json +++ b/CVE-2025/CVE-2025-278xx/CVE-2025-27827.json @@ -2,13 +2,17 @@ "id": "CVE-2025-27827", "sourceIdentifier": "cve@mitre.org", "published": "2025-06-24T14:15:28.050", - "lastModified": "2025-06-24T15:15:23.000", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.2.0.3 could allow an unauthenticated attacker to conduct an information disclosure attack due to improper handling of session data. A successful exploit requires user interaction and could allow an attacker to access sensitive information, leading to unauthorized access to active chat rooms, reading chat data, and sending messages during an active chat session." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en el componente de chat heredado de Mitel MiContact Center Business (versi\u00f3n 10.2.0.3) podr\u00eda permitir que un atacante no autenticado realice un ataque de divulgaci\u00f3n de informaci\u00f3n mediante el manejo inadecuado de los datos de la sesi\u00f3n. Una explotaci\u00f3n exitosa requiere la interacci\u00f3n del usuario y podr\u00eda permitir que un atacante acceda a informaci\u00f3n confidencial, lo que conlleva el acceso no autorizado a salas de chat activas, la lectura de datos de chat y el env\u00edo de mensajes durante una sesi\u00f3n de chat activa." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-278xx/CVE-2025-27828.json b/CVE-2025/CVE-2025-278xx/CVE-2025-27828.json index a7e1cc36570..006a2a3db14 100644 --- a/CVE-2025/CVE-2025-278xx/CVE-2025-27828.json +++ b/CVE-2025/CVE-2025-278xx/CVE-2025-27828.json @@ -2,13 +2,17 @@ "id": "CVE-2025-27828", "sourceIdentifier": "cve@mitre.org", "published": "2025-06-24T14:15:28.200", - "lastModified": "2025-06-24T15:15:23.267", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4, 10.1.0.0 through 10.1.0.5, and 10.2.0.0 through 10.2.0.4 could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due to insufficient input validation. A successful exploit requires user interaction and could allow an attacker to execute arbitrary scripts with a limited impact on the confidentiality and the integrity." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en el componente de chat heredado de Mitel MiContact Center Business (versiones 10.0.0.4, 10.1.0.0 a 10.1.0.5 y 10.2.0.0 a 10.2.0.4) podr\u00eda permitir que un atacante no autenticado realice un ataque de cross-site scripting (XSS) reflejado debido a una validaci\u00f3n de entrada insuficiente. Una explotaci\u00f3n exitosa requiere la interacci\u00f3n del usuario y podr\u00eda permitir que un atacante ejecute secuencias de comandos arbitrarias con un impacto limitado en la confidencialidad y la integridad." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-28xx/CVE-2025-2828.json b/CVE-2025/CVE-2025-28xx/CVE-2025-2828.json index e9039d66bb9..24bc74ea008 100644 --- a/CVE-2025/CVE-2025-28xx/CVE-2025-2828.json +++ b/CVE-2025/CVE-2025-28xx/CVE-2025-2828.json @@ -2,13 +2,17 @@ "id": "CVE-2025-2828", "sourceIdentifier": "security@huntr.dev", "published": "2025-06-23T21:15:25.210", - "lastModified": "2025-06-24T14:15:28.490", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A Server-Side Request Forgery (SSRF) vulnerability exists in the RequestsToolkit component of the langchain-community package (specifically, langchain_community.agent_toolkits.openapi.toolkit.RequestsToolkit) in langchain-ai/langchain version 0.0.27. This vulnerability occurs because the toolkit does not enforce restrictions on requests to remote internet addresses, allowing it to also access local addresses. As a result, an attacker could exploit this flaw to perform port scans, access local services, retrieve instance metadata from cloud environments (e.g., Azure, AWS), and interact with servers on the local network. This issue has been fixed in version 0.0.28." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de Server-Side Request Forgery (SSRF) en el componente RequestsToolkit del paquete langchain-community (en concreto, langchain_community.agent_toolkits.openapi.toolkit.RequestsToolkit) en la versi\u00f3n 0.0.27 de langchain-ai/langchain. Esta vulnerabilidad se debe a que el kit de herramientas no impone restricciones a las solicitudes a direcciones de internet remotas, lo que le permite acceder tambi\u00e9n a direcciones locales. Por lo tanto, un atacante podr\u00eda explotar esta vulnerabilidad para realizar escaneos de puertos, acceder a servicios locales, recuperar metadatos de instancias de entornos en la nube (p. ej., Azure, AWS) e interactuar con servidores de la red local. Este problema se ha corregido en la versi\u00f3n 0.0.28." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-293xx/CVE-2025-29331.json b/CVE-2025/CVE-2025-293xx/CVE-2025-29331.json index aee99c75069..0a1d7ab6adf 100644 --- a/CVE-2025/CVE-2025-293xx/CVE-2025-29331.json +++ b/CVE-2025/CVE-2025-293xx/CVE-2025-29331.json @@ -2,8 +2,8 @@ "id": "CVE-2025-29331", "sourceIdentifier": "cve@mitre.org", "published": "2025-06-26T15:15:22.690", - "lastModified": "2025-06-26T16:15:26.300", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-29xx/CVE-2025-2938.json b/CVE-2025/CVE-2025-29xx/CVE-2025-2938.json index dabe8e8442e..618a16bb366 100644 --- a/CVE-2025/CVE-2025-29xx/CVE-2025-2938.json +++ b/CVE-2025/CVE-2025-29xx/CVE-2025-2938.json @@ -2,13 +2,17 @@ "id": "CVE-2025-2938", "sourceIdentifier": "cve@gitlab.com", "published": "2025-06-26T06:15:22.980", - "lastModified": "2025-06-26T06:15:22.980", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue has been discovered in GitLab CE/EE affecting all versions from 17.3 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users to gain elevated project privileges by requesting access to projects where role modifications during the approval process resulted in unintended permission grants." + }, + { + "lang": "es", + "value": "Se ha descubierto un problema en GitLab CE/EE que afecta a todas las versiones desde la 17.3 hasta la 17.11.5, la 18.0 hasta la 18.0.3 y la 18.1 hasta la 18.1.1 que podr\u00eda haber permitido que usuarios autenticados obtuvieran privilegios elevados de proyecto al solicitar acceso a proyectos en los que las modificaciones de roles durante el proceso de aprobaci\u00f3n dieron como resultado concesiones de permisos no deseadas." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-29xx/CVE-2025-2962.json b/CVE-2025/CVE-2025-29xx/CVE-2025-2962.json index 867a060d00f..349c22b28b1 100644 --- a/CVE-2025/CVE-2025-29xx/CVE-2025-2962.json +++ b/CVE-2025/CVE-2025-29xx/CVE-2025-2962.json @@ -2,13 +2,17 @@ "id": "CVE-2025-2962", "sourceIdentifier": "vulnerabilities@zephyrproject.org", "published": "2025-06-24T06:15:21.343", - "lastModified": "2025-06-24T06:15:21.343", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A denial-of-service issue in the dns implemenation could cause an infinite loop." + }, + { + "lang": "es", + "value": "Un problema de denegaci\u00f3n de servicio en la implementaci\u00f3n de DNS podr\u00eda provocar un bucle infinito." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-301xx/CVE-2025-30131.json b/CVE-2025/CVE-2025-301xx/CVE-2025-30131.json index e94b78f890e..6cf51a44e07 100644 --- a/CVE-2025/CVE-2025-301xx/CVE-2025-30131.json +++ b/CVE-2025/CVE-2025-301xx/CVE-2025-30131.json @@ -2,8 +2,8 @@ "id": "CVE-2025-30131", "sourceIdentifier": "cve@mitre.org", "published": "2025-06-26T17:15:30.743", - "lastModified": "2025-06-26T17:15:30.743", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-307xx/CVE-2025-30702.json b/CVE-2025/CVE-2025-307xx/CVE-2025-30702.json index c293fbb0c10..7035c4a0598 100644 --- a/CVE-2025/CVE-2025-307xx/CVE-2025-30702.json +++ b/CVE-2025/CVE-2025-307xx/CVE-2025-30702.json @@ -2,8 +2,8 @@ "id": "CVE-2025-30702", "sourceIdentifier": "secalert_us@oracle.com", "published": "2025-04-15T21:15:59.580", - "lastModified": "2025-04-17T18:15:50.330", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-06-26T19:14:33.750", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,10 +51,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:fleet_patching_and_provisioning:*:*:*:*:*:*:*:*", + "versionStartIncluding": "19.3", + "versionEndIncluding": "19.26", + "matchCriteriaId": "B3089FB7-357B-48CC-9ED0-951759B50A57" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.oracle.com/security-alerts/cpuapr2025.html", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-307xx/CVE-2025-30708.json b/CVE-2025/CVE-2025-307xx/CVE-2025-30708.json index 18c40ed0d93..484409f6a8f 100644 --- a/CVE-2025/CVE-2025-307xx/CVE-2025-30708.json +++ b/CVE-2025/CVE-2025-307xx/CVE-2025-30708.json @@ -2,8 +2,8 @@ "id": "CVE-2025-30708", "sourceIdentifier": "secalert_us@oracle.com", "published": "2025-04-15T21:16:00.290", - "lastModified": "2025-04-17T18:15:50.460", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-06-26T18:57:46.120", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,10 +51,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:user_management:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.2.4", + "versionEndIncluding": "12.2.14", + "matchCriteriaId": "2F73E832-8633-4852-B4AD-59A17644AEC9" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.oracle.com/security-alerts/cpuapr2025.html", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-30xx/CVE-2025-3090.json b/CVE-2025/CVE-2025-30xx/CVE-2025-3090.json index 960f9a12ca3..6e711d66790 100644 --- a/CVE-2025/CVE-2025-30xx/CVE-2025-3090.json +++ b/CVE-2025/CVE-2025-30xx/CVE-2025-3090.json @@ -2,13 +2,17 @@ "id": "CVE-2025-3090", "sourceIdentifier": "info@cert.vde.com", "published": "2025-06-24T08:15:23.110", - "lastModified": "2025-06-24T08:15:23.110", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An unauthenticated remote attacker can obtain limited sensitive information and/or DoS the device due to missing authentication for critical function." + }, + { + "lang": "es", + "value": "Un atacante remoto no autenticado puede obtener informaci\u00f3n confidencial limitada y/o atacar el dispositivo debido a la falta de autenticaci\u00f3n para una funci\u00f3n cr\u00edtica." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-30xx/CVE-2025-3091.json b/CVE-2025/CVE-2025-30xx/CVE-2025-3091.json index e0ede589fdb..b5500151c9f 100644 --- a/CVE-2025/CVE-2025-30xx/CVE-2025-3091.json +++ b/CVE-2025/CVE-2025-30xx/CVE-2025-3091.json @@ -2,13 +2,17 @@ "id": "CVE-2025-3091", "sourceIdentifier": "info@cert.vde.com", "published": "2025-06-24T09:15:25.190", - "lastModified": "2025-06-24T09:15:25.190", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An low privileged remote attacker in possession of the second factor for another user can login as that user without knowledge of the other user`s password." + }, + { + "lang": "es", + "value": "Un atacante remoto con pocos privilegios en posesi\u00f3n del segundo factor de otro usuario puede iniciar sesi\u00f3n como ese usuario sin conocer la contrase\u00f1a del otro usuario." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-30xx/CVE-2025-3092.json b/CVE-2025/CVE-2025-30xx/CVE-2025-3092.json index 1120c84d5f5..40d50a7dfef 100644 --- a/CVE-2025/CVE-2025-30xx/CVE-2025-3092.json +++ b/CVE-2025/CVE-2025-30xx/CVE-2025-3092.json @@ -2,13 +2,17 @@ "id": "CVE-2025-3092", "sourceIdentifier": "info@cert.vde.com", "published": "2025-06-24T09:15:25.407", - "lastModified": "2025-06-24T09:15:25.407", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An unauthenticated remote attacker can enumerate valid user names from an unprotected endpoint." + }, + { + "lang": "es", + "value": "Un atacante remoto no autenticado puede enumerar nombres de usuarios v\u00e1lidos desde un endpoint desprotegido." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-329xx/CVE-2025-32975.json b/CVE-2025/CVE-2025-329xx/CVE-2025-32975.json index 282876a0e5d..ec10d5de560 100644 --- a/CVE-2025/CVE-2025-329xx/CVE-2025-32975.json +++ b/CVE-2025/CVE-2025-329xx/CVE-2025-32975.json @@ -2,13 +2,17 @@ "id": "CVE-2025-32975", "sourceIdentifier": "cve@mitre.org", "published": "2025-06-24T15:15:23.710", - "lastModified": "2025-06-24T15:15:23.710", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 (Patch 5), and 14.1.x before 14.1.101 (Patch 4) contains an authentication bypass vulnerability that allows attackers to impersonate legitimate users without valid credentials. The vulnerability exists in the SSO authentication handling mechanism and can lead to complete administrative takeover." + }, + { + "lang": "es", + "value": "Quest KACE Systems Management Appliance (SMA) 13.0.x (anterior a la 13.0.385), 13.1.x (anterior a la 13.1.81), 13.2.x (anterior a la 13.2.183), 14.0.x (anterior a la 14.0.341 [Parche 5]) y 14.1.x (anterior a la 14.1.101 [Parche 4]) contienen una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n que permite a los atacantes suplantar la identidad de usuarios leg\u00edtimos sin credenciales v\u00e1lidas. Esta vulnerabilidad se encuentra en el mecanismo de gesti\u00f3n de la autenticaci\u00f3n SSO y puede provocar la toma de control administrativo completo." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-329xx/CVE-2025-32976.json b/CVE-2025/CVE-2025-329xx/CVE-2025-32976.json index 9ff1963a946..b0aa6a6a374 100644 --- a/CVE-2025/CVE-2025-329xx/CVE-2025-32976.json +++ b/CVE-2025/CVE-2025-329xx/CVE-2025-32976.json @@ -2,13 +2,17 @@ "id": "CVE-2025-32976", "sourceIdentifier": "cve@mitre.org", "published": "2025-06-24T15:15:23.930", - "lastModified": "2025-06-24T16:15:26.930", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 (Patch 5), and 14.1.x before 14.1.101 (Patch 4) contains a logic flaw in its two-factor authentication implementation that allows authenticated users to bypass TOTP-based 2FA requirements. The vulnerability exists in the 2FA validation process and can be exploited to gain elevated access." + }, + { + "lang": "es", + "value": "Quest KACE Systems Management Appliance (SMA) 13.0.x (anterior a la versi\u00f3n 13.0.385), 13.1.x (anterior a la versi\u00f3n 13.1.81), 13.2.x (anterior a la versi\u00f3n 13.2.183), 14.0.x (anterior a la versi\u00f3n 14.0.341 [Parche 5]) y 14.1.x (anterior a la versi\u00f3n 14.1.101 [Parche 4]) contiene una falla l\u00f3gica en su implementaci\u00f3n de autenticaci\u00f3n de dos factores que permite a los usuarios autenticados eludir los requisitos de autenticaci\u00f3n de dos factores basada en TOTP. La vulnerabilidad existe en el proceso de validaci\u00f3n de dos factores y puede explotarse para obtener acceso elevado." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-329xx/CVE-2025-32977.json b/CVE-2025/CVE-2025-329xx/CVE-2025-32977.json index c18bf5763e9..9102252b1c3 100644 --- a/CVE-2025/CVE-2025-329xx/CVE-2025-32977.json +++ b/CVE-2025/CVE-2025-329xx/CVE-2025-32977.json @@ -2,13 +2,17 @@ "id": "CVE-2025-32977", "sourceIdentifier": "cve@mitre.org", "published": "2025-06-24T15:15:24.063", - "lastModified": "2025-06-24T15:15:24.063", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 (Patch 5), and 14.1.x before 14.1.101 (Patch 4) allows unauthenticated users to upload backup files to the system. While signature validation is implemented, weaknesses in the validation process can be exploited to upload malicious backup content that could compromise system integrity." + }, + { + "lang": "es", + "value": "Quest KACE Systems Management Appliance (SMA) 13.0.x (anterior a la 13.0.385), 13.1.x (anterior a la 13.1.81), 13.2.x (anterior a la 13.2.183), 14.0.x (anterior a la 14.0.341 [Parche 5]) y 14.1.x (anterior a la 14.1.101 [Parche 4]) permiten a usuarios no autenticados cargar archivos de copia de seguridad al sistema. Aunque se implementa la validaci\u00f3n de firmas, las vulnerabilidades en el proceso de validaci\u00f3n pueden explotarse para cargar contenido de copia de seguridad malicioso que podr\u00eda comprometer la integridad del sistema." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-329xx/CVE-2025-32978.json b/CVE-2025/CVE-2025-329xx/CVE-2025-32978.json index 3a34de8a1a8..75bfa94d4e7 100644 --- a/CVE-2025/CVE-2025-329xx/CVE-2025-32978.json +++ b/CVE-2025/CVE-2025-329xx/CVE-2025-32978.json @@ -2,13 +2,17 @@ "id": "CVE-2025-32978", "sourceIdentifier": "cve@mitre.org", "published": "2025-06-24T15:15:24.260", - "lastModified": "2025-06-24T15:15:24.260", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 (Patch 5), and 14.1.x before 14.1.101 (Patch 4) allows unauthenticated users to replace system licenses through a web interface intended for license renewal. Attackers can exploit this to replace valid licenses with expired or trial licenses, causing denial of service." + }, + { + "lang": "es", + "value": "Quest KACE Systems Management Appliance (SMA) 13.0.x (anterior a la 13.0.385), 13.1.x (anterior a la 13.1.81), 13.2.x (anterior a la 13.2.183), 14.0.x (anterior a la 14.0.341 [Parche 5]) y 14.1.x (anterior a la 14.1.101 [Parche 4]) permite a usuarios no autenticados reemplazar licencias del sistema a trav\u00e9s de una interfaz web dise\u00f1ada para la renovaci\u00f3n de licencias. Los atacantes pueden aprovechar esta vulnerabilidad para reemplazar licencias v\u00e1lidas por licencias caducadas o de prueba, lo que provoca una denegaci\u00f3n de servicio." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-32xx/CVE-2025-3279.json b/CVE-2025/CVE-2025-32xx/CVE-2025-3279.json index 19aae890633..d631c151588 100644 --- a/CVE-2025/CVE-2025-32xx/CVE-2025-3279.json +++ b/CVE-2025/CVE-2025-32xx/CVE-2025-3279.json @@ -2,13 +2,17 @@ "id": "CVE-2025-3279", "sourceIdentifier": "cve@gitlab.com", "published": "2025-06-26T06:15:23.307", - "lastModified": "2025-06-26T06:15:23.307", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue has been discovered in GitLab CE/EE affecting all versions from 10.7 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated attackers to create a DoS condition by sending crafted GraphQL requests." + }, + { + "lang": "es", + "value": "Se ha descubierto un problema en GitLab CE/EE que afecta a todas las versiones desde la 10.7 hasta la 17.11.5, la 18.0 hasta la 18.0.3 y la 18.1 hasta la 18.1.1 que podr\u00eda haber permitido a atacantes autenticados crear una condici\u00f3n de denegaci\u00f3n de servicio mediante el env\u00edo de solicitudes GraphQL manipuladas." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-340xx/CVE-2025-34031.json b/CVE-2025/CVE-2025-340xx/CVE-2025-34031.json index eb27c34bce9..c2a10b33bba 100644 --- a/CVE-2025/CVE-2025-340xx/CVE-2025-34031.json +++ b/CVE-2025/CVE-2025-340xx/CVE-2025-34031.json @@ -2,8 +2,8 @@ "id": "CVE-2025-34031", "sourceIdentifier": "disclosure@vulncheck.com", "published": "2025-06-24T01:15:23.340", - "lastModified": "2025-06-25T13:15:25.270", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-340xx/CVE-2025-34032.json b/CVE-2025/CVE-2025-340xx/CVE-2025-34032.json index f4f6b72a5ef..8dca2fecb6c 100644 --- a/CVE-2025/CVE-2025-340xx/CVE-2025-34032.json +++ b/CVE-2025/CVE-2025-340xx/CVE-2025-34032.json @@ -2,8 +2,8 @@ "id": "CVE-2025-34032", "sourceIdentifier": "disclosure@vulncheck.com", "published": "2025-06-24T01:15:24.350", - "lastModified": "2025-06-25T13:15:25.400", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-340xx/CVE-2025-34033.json b/CVE-2025/CVE-2025-340xx/CVE-2025-34033.json index d3ca6a2eb0e..a22987d525c 100644 --- a/CVE-2025/CVE-2025-340xx/CVE-2025-34033.json +++ b/CVE-2025/CVE-2025-340xx/CVE-2025-34033.json @@ -2,13 +2,17 @@ "id": "CVE-2025-34033", "sourceIdentifier": "disclosure@vulncheck.com", "published": "2025-06-24T01:15:24.493", - "lastModified": "2025-06-24T22:15:21.157", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An OS command injection vulnerability exists in the Blue Angel Software Suite running on embedded Linux devices via the ping_addr parameter in the webctrl.cgi script. The application fails to properly sanitize input before passing it to the system-level ping command. An authenticated attacker can inject arbitrary commands by appending shell metacharacters to the ping_addr parameter in a crafted GET request to /cgi-bin/webctrl.cgi?action=pingtest_update. The command's output is reflected in the application's web interface, enabling attackers to view results directly. Default and backdoor credentials can be used to access the interface and exploit the issue. Successful exploitation results in arbitrary command execution as the root user." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo en Blue Angel Software Suite, que se ejecuta en dispositivos Linux integrados, mediante el par\u00e1metro ping_addr del script webctrl.cgi. La aplicaci\u00f3n no depura correctamente la entrada antes de pasarla al comando ping a nivel de sistema. Un atacante autenticado puede inyectar comandos arbitrarios a\u00f1adiendo metacaracteres de shell al par\u00e1metro ping_addr en una solicitud GET manipulada a /cgi-bin/webctrl.cgi?action=pingtest_update. La salida del comando se refleja en la interfaz web de la aplicaci\u00f3n, lo que permite a los atacantes ver los resultados directamente. Se pueden usar credenciales predeterminadas y de puerta trasera para acceder a la interfaz y explotar el problema. Una explotaci\u00f3n exitosa resulta en la ejecuci\u00f3n de comandos arbitrarios como usuario root. " } ], "metrics": { diff --git a/CVE-2025/CVE-2025-340xx/CVE-2025-34034.json b/CVE-2025/CVE-2025-340xx/CVE-2025-34034.json index 6baff3b2342..8e77d0b00a7 100644 --- a/CVE-2025/CVE-2025-340xx/CVE-2025-34034.json +++ b/CVE-2025/CVE-2025-340xx/CVE-2025-34034.json @@ -2,13 +2,17 @@ "id": "CVE-2025-34034", "sourceIdentifier": "disclosure@vulncheck.com", "published": "2025-06-24T01:15:24.630", - "lastModified": "2025-06-24T22:15:22.230", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A hardcoded credential vulnerability exists in the Blue Angel Software Suite deployed on embedded Linux systems. The application contains multiple known default and hardcoded user accounts that are not disclosed in public documentation. These accounts allow unauthenticated or low-privilege attackers to gain administrative access to the device\u2019s web interface." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de credenciales codificada en Blue Angel Software Suite, implementada en sistemas Linux incorporados. La aplicaci\u00f3n contiene varias cuentas de usuario predeterminadas y codificadas que no se divulgan en la documentaci\u00f3n p\u00fablica. Estas cuentas permiten a atacantes no autenticados o con pocos privilegios obtener acceso administrativo a la interfaz web del dispositivo. " } ], "metrics": { diff --git a/CVE-2025/CVE-2025-340xx/CVE-2025-34035.json b/CVE-2025/CVE-2025-340xx/CVE-2025-34035.json index c02969e4018..252d078248f 100644 --- a/CVE-2025/CVE-2025-340xx/CVE-2025-34035.json +++ b/CVE-2025/CVE-2025-340xx/CVE-2025-34035.json @@ -2,13 +2,17 @@ "id": "CVE-2025-34035", "sourceIdentifier": "disclosure@vulncheck.com", "published": "2025-06-24T01:15:24.763", - "lastModified": "2025-06-24T14:15:28.820", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected commands are executed with root privileges, leading to full system compromise." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo en EnGenius EnShare Cloud Service versi\u00f3n 1.4.11 y anteriores. El script usbinteract.cgi no depura correctamente la entrada del usuario enviada al par\u00e1metro path, lo que permite a atacantes remotos no autenticados inyectar comandos de shell arbitrarios. Los comandos inyectados se ejecutan con privilegios de root, lo que compromete por completo el sistema." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-340xx/CVE-2025-34036.json b/CVE-2025/CVE-2025-340xx/CVE-2025-34036.json index 1333476b8a2..2958bace2a5 100644 --- a/CVE-2025/CVE-2025-340xx/CVE-2025-34036.json +++ b/CVE-2025/CVE-2025-340xx/CVE-2025-34036.json @@ -2,13 +2,17 @@ "id": "CVE-2025-34036", "sourceIdentifier": "disclosure@vulncheck.com", "published": "2025-06-24T01:15:24.903", - "lastModified": "2025-06-24T14:15:28.953", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An OS command injection vulnerability exists in white-labeled DVRs manufactured by TVT, affecting a custom HTTP service called \"Cross Web Server\" that listens on TCP ports 81 and 82. The web interface fails to sanitize input in the URI path passed to the language extraction functionality. When the server processes a request to /language/[lang]/index.html, it uses the [lang] input unsafely in a tar extraction command without proper escaping. This allows an unauthenticated remote attacker to inject shell commands and achieve arbitrary command execution as root." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo en los DVR de marca blanca fabricados por TVT, que afecta a un servicio HTTP personalizado llamado \"Cross Web Server\" que escucha en los puertos TCP 81 y 82. La interfaz web no depura la entrada en la ruta URI enviada a la funci\u00f3n de extracci\u00f3n de idioma. Cuando el servidor procesa una solicitud a /language/[lang]/index.html, utiliza la entrada [lang] de forma insegura en un comando de extracci\u00f3n de tar sin el escape adecuado. Esto permite que un atacante remoto no autenticado inyecte comandos de shell y ejecute comandos arbitrarios como root." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-340xx/CVE-2025-34037.json b/CVE-2025/CVE-2025-340xx/CVE-2025-34037.json index 1a37e6d1f1f..0a24fda3387 100644 --- a/CVE-2025/CVE-2025-340xx/CVE-2025-34037.json +++ b/CVE-2025/CVE-2025-340xx/CVE-2025-34037.json @@ -2,13 +2,17 @@ "id": "CVE-2025-34037", "sourceIdentifier": "disclosure@vulncheck.com", "published": "2025-06-24T01:15:25.037", - "lastModified": "2025-06-24T03:15:33.400", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An OS command injection vulnerability exists in various models of E-Series Linksys\u00a0routers via the /tmUnblock.cgi and /hndUnblock.cgi endpoints over HTTP on port 8080. The CGI scripts improperly process user-supplied input passed to the ttcp_ip parameter without sanitization, allowing unauthenticated attackers to inject shell commands. This vulnerability is exploited in the wild by the \"TheMoon\" worm to deploy a MIPS ELF payload, enabling arbitrary code execution on the router. This vulnerability may affect other Linksys products to include, but not limited to, WAG/WAP/WES/WET/WRT-series router models and Wireless-N access points and routers." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo en varios modelos de routers E-Series Linksys a trav\u00e9s de los endpoints /tmUnblock.cgi y /hndUnblock.cgi a trav\u00e9s de HTTP en el puerto 8080. Los scripts CGI procesan incorrectamente la entrada proporcionada por el usuario al par\u00e1metro ttcp_ip sin sanitizarla, lo que permite a atacantes no autenticados inyectar comandos de shell. Esta vulnerabilidad es explotada por el gusano \"TheMoon\" para desplegar un payload MIPS ELF, lo que permite la ejecuci\u00f3n de c\u00f3digo arbitrario en el router. Esta vulnerabilidad puede afectar a otros productos Linksys, incluyendo, entre otros, los modelos de routers de las series WAG/WAP/WES/WET/WRT y los puntos de acceso y routers Wireless-N." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-340xx/CVE-2025-34038.json b/CVE-2025/CVE-2025-340xx/CVE-2025-34038.json index 19d14ba658e..78440467afa 100644 --- a/CVE-2025/CVE-2025-340xx/CVE-2025-34038.json +++ b/CVE-2025/CVE-2025-340xx/CVE-2025-34038.json @@ -2,13 +2,17 @@ "id": "CVE-2025-34038", "sourceIdentifier": "disclosure@vulncheck.com", "published": "2025-06-24T02:15:21.667", - "lastModified": "2025-06-24T03:15:33.507", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A SQL injection vulnerability exists in Fanwei e-cology 8.0 via the getdata.jsp endpoint. The application directly passes unsanitized user input from the sql parameter into a database query within the getSelectAllIds(sql, type) method, reachable through the cmd=getSelectAllId workflow in the AjaxManager. This allows unauthenticated attackers to execute arbitrary SQL queries, potentially exposing sensitive data such as administrator password hashes." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de inyecci\u00f3n SQL en Fanwei e-cology 8.0 a trav\u00e9s del endpoint getdata.jsp. La aplicaci\u00f3n pasa directamente la entrada de usuario no saneada del par\u00e1metro sql a una consulta de base de datos dentro del m\u00e9todo getSelectAllIds(sql, type), accesible mediante el flujo de trabajo cmd=getSelectAllId en AjaxManager. Esto permite a atacantes no autenticados ejecutar consultas SQL arbitrarias, lo que podr\u00eda exponer datos confidenciales, como hashes de contrase\u00f1as de administrador." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-340xx/CVE-2025-34039.json b/CVE-2025/CVE-2025-340xx/CVE-2025-34039.json index 5778265bd76..5b5c2442f93 100644 --- a/CVE-2025/CVE-2025-340xx/CVE-2025-34039.json +++ b/CVE-2025/CVE-2025-340xx/CVE-2025-34039.json @@ -2,13 +2,17 @@ "id": "CVE-2025-34039", "sourceIdentifier": "disclosure@vulncheck.com", "published": "2025-06-24T02:15:22.540", - "lastModified": "2025-06-24T02:15:22.540", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A code injection vulnerability exists in Yonyou UFIDA NC v6.5 and prior due to the exposure of the BeanShell testing servlet (bsh.servlet.BshServlet) without proper access controls. The servlet allows unauthenticated remote attackers to execute arbitrary Java code via the bsh.script parameter. This can be exploited to run system commands and ultimately gain full control over the target server. The issue is rooted in a third-party JAR component bundled with the application, and the servlet is accessible without authentication on vulnerable installations." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de inyecci\u00f3n de c\u00f3digo en Yonyou UFIDA NC v6.5 y versiones anteriores debido a la exposici\u00f3n del servlet de pruebas BeanShell (bsh.servlet.BshServlet) sin los controles de acceso adecuados. El servlet permite a atacantes remotos no autenticados ejecutar c\u00f3digo Java arbitrario mediante el par\u00e1metro bsh.script. Esto puede explotarse para ejecutar comandos del sistema y, en \u00faltima instancia, obtener el control total del servidor objetivo. El problema se origina en un componente JAR de terceros incluido en la aplicaci\u00f3n, y el servlet es accesible sin autenticaci\u00f3n en instalaciones vulnerables." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-340xx/CVE-2025-34040.json b/CVE-2025/CVE-2025-340xx/CVE-2025-34040.json index 2d884002c0c..838686fd675 100644 --- a/CVE-2025/CVE-2025-340xx/CVE-2025-34040.json +++ b/CVE-2025/CVE-2025-340xx/CVE-2025-34040.json @@ -2,13 +2,17 @@ "id": "CVE-2025-34040", "sourceIdentifier": "disclosure@vulncheck.com", "published": "2025-06-24T02:15:22.673", - "lastModified": "2025-06-24T02:15:22.673", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An arbitrary file upload vulnerability exists in the Zhiyuan OA platform 5.0, 5.1 - 5.6sp1, 6.0 - 6.1sp2, 7.0, 7.0sp1 - 7.1, 7.1sp1, and 8.0 - 8.0sp2 via the wpsAssistServlet interface. The realFileType and fileId parameters are improperly validated during multipart file uploads, allowing unauthenticated attackers to upload crafted JSP files outside of intended directories using path traversal. Successful exploitation enables remote code execution as the uploaded file can be accessed and executed through the web server." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de carga arbitraria de archivos en la plataforma Zhiyuan OA 5.0, 5.1 - 5.6sp1, 6.0 - 6.1sp2, 7.0, 7.0sp1 - 7.1, 7.1sp1 y 8.0 - 8.0sp2 a trav\u00e9s de la interfaz wpsAssistServlet. Los par\u00e1metros realFileType y fileId se validan incorrectamente durante la carga de archivos multiparte, lo que permite a atacantes no autenticados cargar archivos JSP manipulados fuera de los directorios previstos mediante el path traversal Una explotaci\u00f3n exitosa permite la ejecuci\u00f3n remota de c\u00f3digo, ya que se puede acceder y ejecutar el archivo cargado a trav\u00e9s del servidor web." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-340xx/CVE-2025-34041.json b/CVE-2025/CVE-2025-340xx/CVE-2025-34041.json index b8d71edec3e..6c019a949b8 100644 --- a/CVE-2025/CVE-2025-340xx/CVE-2025-34041.json +++ b/CVE-2025/CVE-2025-340xx/CVE-2025-34041.json @@ -2,13 +2,17 @@ "id": "CVE-2025-34041", "sourceIdentifier": "disclosure@vulncheck.com", "published": "2025-06-24T02:15:22.820", - "lastModified": "2025-06-24T02:15:22.820", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An OS command injection vulnerability exists in the Chinese versions of Sangfor Endpoint Detection and Response (EDR) management platform versions 3.2.16, 3.2.17, and 3.2.19. The vulnerability allows unauthenticated attackers to construct and send malicious HTTP requests to the EDR Manager interface, leading to arbitrary command execution with elevated privileges. This flaw only affects the Chinese-language EDR builds." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo en las versiones en chino de la plataforma de gesti\u00f3n Sangfor Endpoint Detection and Response (EDR) 3.2.16, 3.2.17 y 3.2.19. Esta vulnerabilidad permite a atacantes no autenticados crear y enviar solicitudes HTTP maliciosas a la interfaz del Administrador de EDR, lo que provoca la ejecuci\u00f3n de comandos arbitrarios con privilegios elevados. Esta falla solo afecta a las compilaciones de EDR en chino." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-340xx/CVE-2025-34042.json b/CVE-2025/CVE-2025-340xx/CVE-2025-34042.json index 36f7c2a07f6..ceb80ae0948 100644 --- a/CVE-2025/CVE-2025-340xx/CVE-2025-34042.json +++ b/CVE-2025/CVE-2025-340xx/CVE-2025-34042.json @@ -2,8 +2,8 @@ "id": "CVE-2025-34042", "sourceIdentifier": "disclosure@vulncheck.com", "published": "2025-06-26T16:15:27.197", - "lastModified": "2025-06-26T16:15:27.197", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-340xx/CVE-2025-34043.json b/CVE-2025/CVE-2025-340xx/CVE-2025-34043.json index d8dde36afb1..8eb4ba281b9 100644 --- a/CVE-2025/CVE-2025-340xx/CVE-2025-34043.json +++ b/CVE-2025/CVE-2025-340xx/CVE-2025-34043.json @@ -2,8 +2,8 @@ "id": "CVE-2025-34043", "sourceIdentifier": "disclosure@vulncheck.com", "published": "2025-06-26T16:15:27.490", - "lastModified": "2025-06-26T16:15:27.490", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-340xx/CVE-2025-34044.json b/CVE-2025/CVE-2025-340xx/CVE-2025-34044.json index 36838685135..1d1e52dd3c9 100644 --- a/CVE-2025/CVE-2025-340xx/CVE-2025-34044.json +++ b/CVE-2025/CVE-2025-340xx/CVE-2025-34044.json @@ -2,8 +2,8 @@ "id": "CVE-2025-34044", "sourceIdentifier": "disclosure@vulncheck.com", "published": "2025-06-26T16:15:27.670", - "lastModified": "2025-06-26T16:15:27.670", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-340xx/CVE-2025-34045.json b/CVE-2025/CVE-2025-340xx/CVE-2025-34045.json index 29957cb8246..dee610c544c 100644 --- a/CVE-2025/CVE-2025-340xx/CVE-2025-34045.json +++ b/CVE-2025/CVE-2025-340xx/CVE-2025-34045.json @@ -2,8 +2,8 @@ "id": "CVE-2025-34045", "sourceIdentifier": "disclosure@vulncheck.com", "published": "2025-06-26T16:15:27.830", - "lastModified": "2025-06-26T16:15:27.830", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-340xx/CVE-2025-34046.json b/CVE-2025/CVE-2025-340xx/CVE-2025-34046.json index 509f95e1f2b..5bdc9c14248 100644 --- a/CVE-2025/CVE-2025-340xx/CVE-2025-34046.json +++ b/CVE-2025/CVE-2025-340xx/CVE-2025-34046.json @@ -2,8 +2,8 @@ "id": "CVE-2025-34046", "sourceIdentifier": "disclosure@vulncheck.com", "published": "2025-06-26T16:15:27.987", - "lastModified": "2025-06-26T16:15:27.987", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-340xx/CVE-2025-34047.json b/CVE-2025/CVE-2025-340xx/CVE-2025-34047.json index dc00b345524..b013cc4ab71 100644 --- a/CVE-2025/CVE-2025-340xx/CVE-2025-34047.json +++ b/CVE-2025/CVE-2025-340xx/CVE-2025-34047.json @@ -2,8 +2,8 @@ "id": "CVE-2025-34047", "sourceIdentifier": "disclosure@vulncheck.com", "published": "2025-06-26T16:15:28.140", - "lastModified": "2025-06-26T16:15:28.140", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-340xx/CVE-2025-34048.json b/CVE-2025/CVE-2025-340xx/CVE-2025-34048.json index daa062d80e8..d635482a898 100644 --- a/CVE-2025/CVE-2025-340xx/CVE-2025-34048.json +++ b/CVE-2025/CVE-2025-340xx/CVE-2025-34048.json @@ -2,8 +2,8 @@ "id": "CVE-2025-34048", "sourceIdentifier": "disclosure@vulncheck.com", "published": "2025-06-26T16:15:28.273", - "lastModified": "2025-06-26T16:15:28.273", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-340xx/CVE-2025-34049.json b/CVE-2025/CVE-2025-340xx/CVE-2025-34049.json index 87e94065007..b7e83585a2f 100644 --- a/CVE-2025/CVE-2025-340xx/CVE-2025-34049.json +++ b/CVE-2025/CVE-2025-340xx/CVE-2025-34049.json @@ -2,8 +2,8 @@ "id": "CVE-2025-34049", "sourceIdentifier": "disclosure@vulncheck.com", "published": "2025-06-26T16:15:28.413", - "lastModified": "2025-06-26T16:15:28.413", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-35xx/CVE-2025-3568.json b/CVE-2025/CVE-2025-35xx/CVE-2025-3568.json index 179fca6c85d..54dedc3aa5b 100644 --- a/CVE-2025/CVE-2025-35xx/CVE-2025-3568.json +++ b/CVE-2025/CVE-2025-35xx/CVE-2025-3568.json @@ -2,8 +2,8 @@ "id": "CVE-2025-3568", "sourceIdentifier": "cna@vuldb.com", "published": "2025-04-14T14:15:25.630", - "lastModified": "2025-04-15T18:39:27.967", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-06-26T19:21:05.930", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -63,7 +63,7 @@ "cvssMetricV31": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", @@ -80,6 +80,26 @@ }, "exploitabilityScore": 2.1, "impactScore": 1.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 } ], "cvssMetricV2": [ @@ -122,28 +142,79 @@ "value": "CWE-94" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:webkul:krayin_crm:2.0.0:*:*:*:*:*:*:*", + "matchCriteriaId": "FF19D6B3-C3A2-4C2E-9661-36A9F1B62246" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:webkul:krayin_crm:2.1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "411B1AF0-FD00-4BD0-9196-7A8C98DDA09F" + } + ] + } + ] } ], "references": [ { "url": "https://drive.google.com/file/d/1LMzZyCgloWquJRWzJAV2bpWMTuiMs6Xa/view?usp=sharing", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://gist.github.com/shellkraft/a8b1f35d5c3ba313605065889563fb00", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.304609", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.304609", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.549591", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-35xx/CVE-2025-3570.json b/CVE-2025/CVE-2025-35xx/CVE-2025-3570.json index 1f64c777f72..4728259c6d1 100644 --- a/CVE-2025/CVE-2025-35xx/CVE-2025-3570.json +++ b/CVE-2025/CVE-2025-35xx/CVE-2025-3570.json @@ -2,8 +2,8 @@ "id": "CVE-2025-3570", "sourceIdentifier": "cna@vuldb.com", "published": "2025-04-14T15:15:26.333", - "lastModified": "2025-04-15T18:39:27.967", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-06-26T19:13:15.840", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -63,7 +63,7 @@ "cvssMetricV31": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", @@ -80,6 +80,26 @@ }, "exploitabilityScore": 2.1, "impactScore": 1.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 } ], "cvssMetricV2": [ @@ -122,28 +142,75 @@ "value": "CWE-94" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:jameszbl:db-hospital-drug:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "BA80EE60-5263-47FC-A7D9-6245FB81525E" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/buluorifu/Vulnerability-recurrence/blob/main/Refer/db-hospital-drug-xss.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.304611", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.304611", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.549923", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://github.com/buluorifu/Vulnerability-recurrence/blob/main/Refer/db-hospital-drug-xss.md", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-360xx/CVE-2025-36004.json b/CVE-2025/CVE-2025-360xx/CVE-2025-36004.json index 5d2a9d66585..c5c18a24c74 100644 --- a/CVE-2025/CVE-2025-360xx/CVE-2025-36004.json +++ b/CVE-2025/CVE-2025-360xx/CVE-2025-36004.json @@ -2,13 +2,17 @@ "id": "CVE-2025-36004", "sourceIdentifier": "psirt@us.ibm.com", "published": "2025-06-25T03:15:27.687", - "lastModified": "2025-06-25T03:15:27.687", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM i 7.2, 7.3, 7.4, and 7.5 could allow a user to gain elevated privileges due to an unqualified library call in IBM Facsimile Support for i. A malicious actor could cause user-controlled code to run with administrator privilege." + }, + { + "lang": "es", + "value": "IBM i 7.2, 7.3, 7.4 y 7.5 podr\u00eda permitir que un usuario obtuviera privilegios elevados debido a una llamada de librer\u00eda no cualificada en IBM Facsimile Support for i. Un agente malicioso podr\u00eda provocar que c\u00f3digo controlado por el usuario se ejecute con privilegios de administrador." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-360xx/CVE-2025-36034.json b/CVE-2025/CVE-2025-360xx/CVE-2025-36034.json index d7d686616d4..a6c51a1eaee 100644 --- a/CVE-2025/CVE-2025-360xx/CVE-2025-36034.json +++ b/CVE-2025/CVE-2025-360xx/CVE-2025-36034.json @@ -2,8 +2,8 @@ "id": "CVE-2025-36034", "sourceIdentifier": "psirt@us.ibm.com", "published": "2025-06-26T16:15:28.567", - "lastModified": "2025-06-26T16:15:28.567", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-360xx/CVE-2025-36038.json b/CVE-2025/CVE-2025-360xx/CVE-2025-36038.json index c10c00d978c..adc9a59a3a7 100644 --- a/CVE-2025/CVE-2025-360xx/CVE-2025-36038.json +++ b/CVE-2025/CVE-2025-360xx/CVE-2025-36038.json @@ -2,13 +2,17 @@ "id": "CVE-2025-36038", "sourceIdentifier": "psirt@us.ibm.com", "published": "2025-06-25T21:15:20.447", - "lastModified": "2025-06-25T21:15:20.447", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially crafted sequence of serialized objects." + }, + { + "lang": "es", + "value": "IBM WebSphere Application Server 8.5 y 9.0 podr\u00eda permitir que un atacante remoto ejecute c\u00f3digo arbitrario en el sistema con una secuencia especialmente manipulada de objetos serializados." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-365xx/CVE-2025-36519.json b/CVE-2025/CVE-2025-365xx/CVE-2025-36519.json index 602882ba2a1..72c98d30da1 100644 --- a/CVE-2025/CVE-2025-365xx/CVE-2025-36519.json +++ b/CVE-2025/CVE-2025-365xx/CVE-2025-36519.json @@ -2,13 +2,17 @@ "id": "CVE-2025-36519", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2025-06-24T05:15:23.030", - "lastModified": "2025-06-24T05:15:23.030", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unrestricted upload of file with dangerous type issue exists in WRC-2533GST2 and WRC-1167GST2. If a specially crafted file is uploaded by a remote authenticated attacker, arbitrary code may be executed on the product." + }, + { + "lang": "es", + "value": "Existe un problema de carga sin restricciones de archivos con tipos peligrosos en WRC-2533GST2 y WRC-1167GST2. Si un atacante remoto autenticado carga un archivo especialmente manipulado, podr\u00eda ejecutarse c\u00f3digo arbitrario en el producto." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-365xx/CVE-2025-36537.json b/CVE-2025/CVE-2025-365xx/CVE-2025-36537.json index 9e3b0c25453..1772b2af154 100644 --- a/CVE-2025/CVE-2025-365xx/CVE-2025-36537.json +++ b/CVE-2025/CVE-2025-365xx/CVE-2025-36537.json @@ -2,13 +2,17 @@ "id": "CVE-2025-36537", "sourceIdentifier": "psirt@teamviewer.com", "published": "2025-06-24T15:15:24.453", - "lastModified": "2025-06-24T16:15:27.383", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Incorrect Permission Assignment for Critical Resource in the TeamViewer Client (Full and Host) of TeamViewer Remote and Tensor prior Version 15.67 on Windows allows a local unprivileged user to trigger arbitrary file deletion with SYSTEM privileges via leveraging the MSI rollback mechanism. The vulnerability only applies to the Remote Management features: Backup, Monitoring, and Patch Management." + }, + { + "lang": "es", + "value": "La asignaci\u00f3n incorrecta de permisos para recursos cr\u00edticos en TeamViewer Client (Full y Host) de TeamViewer Remote y Tensor (versi\u00f3n anterior a la 15.67) en Windows permite que un usuario local sin privilegios active la eliminaci\u00f3n arbitraria de archivos con privilegios de SYSTEM mediante el mecanismo de reversi\u00f3n de MSI. La vulnerabilidad solo afecta a las funciones de administraci\u00f3n remota: copia de seguridad, monitorizaci\u00f3n y administraci\u00f3n de parches." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-371xx/CVE-2025-37101.json b/CVE-2025/CVE-2025-371xx/CVE-2025-37101.json index 1e06a8bda96..aae70db1501 100644 --- a/CVE-2025/CVE-2025-371xx/CVE-2025-37101.json +++ b/CVE-2025/CVE-2025-371xx/CVE-2025-37101.json @@ -2,13 +2,17 @@ "id": "CVE-2025-37101", "sourceIdentifier": "security-alert@hpe.com", "published": "2025-06-26T06:15:23.130", - "lastModified": "2025-06-26T06:15:23.130", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A potential security vulnerability has been identified in HPE OneView for VMware vCenter (OV4VC). This vulnerability could be exploited allowing an attacker with read only privilege to cause Vertical Privilege Escalation (operator can perform admin actions)." + }, + { + "lang": "es", + "value": "Se ha identificado una posible vulnerabilidad de seguridad en HPE OneView para VMware vCenter (OV4VC). Esta vulnerabilidad podr\u00eda explotarse para permitir que un atacante con privilegios de solo lectura provoque una escalada vertical de privilegios (el operador puede realizar acciones de administrador)." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-37xx/CVE-2025-3722.json b/CVE-2025/CVE-2025-37xx/CVE-2025-3722.json index e9b42fff405..3887be87682 100644 --- a/CVE-2025/CVE-2025-37xx/CVE-2025-3722.json +++ b/CVE-2025/CVE-2025-37xx/CVE-2025-3722.json @@ -2,8 +2,8 @@ "id": "CVE-2025-3722", "sourceIdentifier": "trellixpsirt@trellix.com", "published": "2025-06-26T11:15:26.427", - "lastModified": "2025-06-26T11:15:26.427", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-37xx/CVE-2025-3771.json b/CVE-2025/CVE-2025-37xx/CVE-2025-3771.json index bd2163e2c5f..394f3927b84 100644 --- a/CVE-2025/CVE-2025-37xx/CVE-2025-3771.json +++ b/CVE-2025/CVE-2025-37xx/CVE-2025-3771.json @@ -2,8 +2,8 @@ "id": "CVE-2025-3771", "sourceIdentifier": "trellixpsirt@trellix.com", "published": "2025-06-26T11:15:29.030", - "lastModified": "2025-06-26T12:15:20.883", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-37xx/CVE-2025-3773.json b/CVE-2025/CVE-2025-37xx/CVE-2025-3773.json index 32e05a95757..88b2f5eafc6 100644 --- a/CVE-2025/CVE-2025-37xx/CVE-2025-3773.json +++ b/CVE-2025/CVE-2025-37xx/CVE-2025-3773.json @@ -2,8 +2,8 @@ "id": "CVE-2025-3773", "sourceIdentifier": "trellixpsirt@trellix.com", "published": "2025-06-26T12:15:21.713", - "lastModified": "2025-06-26T12:15:21.713", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-38xx/CVE-2025-3863.json b/CVE-2025/CVE-2025-38xx/CVE-2025-3863.json index f911ebf339a..144b1f4337f 100644 --- a/CVE-2025/CVE-2025-38xx/CVE-2025-3863.json +++ b/CVE-2025/CVE-2025-38xx/CVE-2025-3863.json @@ -2,13 +2,17 @@ "id": "CVE-2025-3863", "sourceIdentifier": "security@wordfence.com", "published": "2025-06-26T02:15:20.200", - "lastModified": "2025-06-26T02:15:20.200", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Post Carousel Slider for Elementor plugin for WordPress is vulnerable to improper authorization due to a missing capability check on the process_wbelps_promo_form() function in all versions up to, and including, 1.6.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to trigger the plugin\u2019s support\u2010form handler to send arbitrary emails to the site\u2019s support address." + }, + { + "lang": "es", + "value": "El complemento Post Carousel Slider para Elementor de WordPress es vulnerable a una autorizaci\u00f3n incorrecta debido a la falta de una comprobaci\u00f3n de capacidad en la funci\u00f3n process_wbelps_promo_form() en todas las versiones hasta la 1.6.0 incluida. Esto permite que atacantes autenticados, con acceso de suscriptor o superior, activen el gestor del formulario de soporte del complemento para enviar correos electr\u00f3nicos arbitrarios a la direcci\u00f3n de soporte del sitio." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-392xx/CVE-2025-39201.json b/CVE-2025/CVE-2025-392xx/CVE-2025-39201.json index bc4dc1f50ec..f57ffc131a8 100644 --- a/CVE-2025/CVE-2025-392xx/CVE-2025-39201.json +++ b/CVE-2025/CVE-2025-392xx/CVE-2025-39201.json @@ -2,13 +2,17 @@ "id": "CVE-2025-39201", "sourceIdentifier": "cybersecurity@hitachienergy.com", "published": "2025-06-24T12:15:21.050", - "lastModified": "2025-06-24T14:15:29.090", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability exists in MicroSCADA X SYS600 product. If exploited this could allow a local unauthenticated attacker to tamper a system file, making denial of Notify service." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad en el producto MicroSCADA X SYS600. Si se explota, podr\u00eda permitir que un atacante local no autenticado altere un archivo del sistema, lo que provocar\u00eda la denegaci\u00f3n del servicio de notificaci\u00f3n." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-392xx/CVE-2025-39202.json b/CVE-2025/CVE-2025-392xx/CVE-2025-39202.json index 130f9c6a854..daf17ff8df4 100644 --- a/CVE-2025/CVE-2025-392xx/CVE-2025-39202.json +++ b/CVE-2025/CVE-2025-392xx/CVE-2025-39202.json @@ -2,13 +2,17 @@ "id": "CVE-2025-39202", "sourceIdentifier": "cybersecurity@hitachienergy.com", "published": "2025-06-24T12:15:21.200", - "lastModified": "2025-06-24T14:15:29.253", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability exists in in the Monitor Pro interface of the MicroSCADA X SYS600 product. An authenticated user with low privileges can see and overwrite files causing information leak and data corruption." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad en la interfaz Monitor Pro del producto MicroSCADA X SYS600. Un usuario autenticado con privilegios bajos puede ver y sobrescribir archivos, lo que provoca fugas de informaci\u00f3n y corrupci\u00f3n de datos." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-392xx/CVE-2025-39203.json b/CVE-2025/CVE-2025-392xx/CVE-2025-39203.json index 2e8b199ab54..5fd623caed8 100644 --- a/CVE-2025/CVE-2025-392xx/CVE-2025-39203.json +++ b/CVE-2025/CVE-2025-392xx/CVE-2025-39203.json @@ -2,13 +2,17 @@ "id": "CVE-2025-39203", "sourceIdentifier": "cybersecurity@hitachienergy.com", "published": "2025-06-24T12:15:21.380", - "lastModified": "2025-06-24T14:15:29.410", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability exists in the IEC 61850 of the MicroSCADA X SYS600 product. An IEC 61850-8 crafted message content from IED or remote system can cause a denial of service resulting in disconnection loop." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad en la norma IEC 61850 del producto MicroSCADA X SYS600. Un mensaje IEC 61850-8 manipulado desde un dispositivo electr\u00f3nico (IED) o un sistema remoto puede causar una denegaci\u00f3n de servicio que genere un bucle de desconexi\u00f3n." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-392xx/CVE-2025-39204.json b/CVE-2025/CVE-2025-392xx/CVE-2025-39204.json index 7f382865f23..7ae96d8dfe0 100644 --- a/CVE-2025/CVE-2025-392xx/CVE-2025-39204.json +++ b/CVE-2025/CVE-2025-392xx/CVE-2025-39204.json @@ -2,13 +2,17 @@ "id": "CVE-2025-39204", "sourceIdentifier": "cybersecurity@hitachienergy.com", "published": "2025-06-24T12:15:21.523", - "lastModified": "2025-06-24T14:15:29.553", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability exists in the Web interface of the MicroSCADA X SYS600 product. The filtering query in the Web interface can be malformed, so returning data can leak unauthorized information to the user." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad en la interfaz web del producto MicroSCADA X SYS600. La consulta de filtrado en la interfaz web puede estar malformada, por lo que los datos devueltos pueden filtrar informaci\u00f3n no autorizada al usuario." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-392xx/CVE-2025-39205.json b/CVE-2025/CVE-2025-392xx/CVE-2025-39205.json index 78a70b3a33d..9849b3cdfe3 100644 --- a/CVE-2025/CVE-2025-392xx/CVE-2025-39205.json +++ b/CVE-2025/CVE-2025-392xx/CVE-2025-39205.json @@ -2,13 +2,17 @@ "id": "CVE-2025-39205", "sourceIdentifier": "cybersecurity@hitachienergy.com", "published": "2025-06-24T13:15:22.470", - "lastModified": "2025-06-24T14:15:29.707", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability exists in the IEC 61850 in MicroSCADA X SYS600 product. The certificate validation of the TLS protocol allows remote Man-in-the-Middle attack due to missing proper validation." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad en la norma IEC 61850 del producto MicroSCADA X SYS600. La validaci\u00f3n del certificado del protocolo TLS permite un ataque remoto de intermediario (Man-in-the-Middle) debido a la falta de una validaci\u00f3n adecuada." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-412xx/CVE-2025-41255.json b/CVE-2025/CVE-2025-412xx/CVE-2025-41255.json index d7452dc7dd3..1c03925a71c 100644 --- a/CVE-2025/CVE-2025-412xx/CVE-2025-41255.json +++ b/CVE-2025/CVE-2025-412xx/CVE-2025-41255.json @@ -2,13 +2,17 @@ "id": "CVE-2025-41255", "sourceIdentifier": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a", "published": "2025-06-25T10:15:21.783", - "lastModified": "2025-06-25T14:15:23.713", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cyberduck and Mountain Duck improperly handle TLS certificate pinning for untrusted certificates (e.g., self-signed), unnecessarily installing it to the Windows Certificate Store of the current user without any restrictions.\n\n\n\n\n\n\n\n\n\n\n\nThis issue affects Cyberduck through 9.1.6 and Mountain Duck through\u00a04.17.5." + }, + { + "lang": "es", + "value": "Cyberduck y Mountain Duck gestionan incorrectamente la fijaci\u00f3n de certificados TLS para certificados no confiables (p. ej., autofirmados), instal\u00e1ndolos innecesariamente en el almac\u00e9n de certificados de Windows del usuario actual sin ninguna restricci\u00f3n. Este problema afecta a Cyberduck hasta la versi\u00f3n 9.1.6 y a Mountain Duck hasta la versi\u00f3n 4.17.5." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-412xx/CVE-2025-41256.json b/CVE-2025/CVE-2025-412xx/CVE-2025-41256.json index dc484eeb2e5..c89dfff71f9 100644 --- a/CVE-2025/CVE-2025-412xx/CVE-2025-41256.json +++ b/CVE-2025/CVE-2025-412xx/CVE-2025-41256.json @@ -2,13 +2,17 @@ "id": "CVE-2025-41256", "sourceIdentifier": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a", "published": "2025-06-25T10:15:22.610", - "lastModified": "2025-06-25T14:15:23.823", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cyberduck and Mountain Duck improper handle TLS certificate pinning for untrusted certificates (e.g., self-signed), since the certificate fingerprint is stored as SHA-1, although SHA-1 is considered weak.\n\n\n\n\n\n\n\nThis issue affects Cyberduck: through 9.1.6; Mountain Duck: through 4.17.5." + }, + { + "lang": "es", + "value": "Cyberduck y Mountain Duck gestionan incorrectamente la fijaci\u00f3n de certificados TLS para certificados no confiables (p. ej., autofirmados), ya que la huella digital del certificado se almacena como SHA-1, aunque SHA-1 se considera d\u00e9bil. Este problema afecta a Cyberduck: hasta la versi\u00f3n 9.1.6; Mountain Duck: hasta la versi\u00f3n 4.17.5." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-414xx/CVE-2025-41404.json b/CVE-2025/CVE-2025-414xx/CVE-2025-41404.json index d71b33df497..6b155a9ea05 100644 --- a/CVE-2025/CVE-2025-414xx/CVE-2025-41404.json +++ b/CVE-2025/CVE-2025-414xx/CVE-2025-41404.json @@ -2,13 +2,17 @@ "id": "CVE-2025-41404", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2025-06-26T06:15:23.497", - "lastModified": "2025-06-26T06:15:23.497", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Direct request ('Forced Browsing') issue exists in iroha Board versions v0.10.12 and earlier. If this vulnerability is exploited, non-public contents may be viewed by an attacker who can log in to the affected product." + }, + { + "lang": "es", + "value": "Existe un problema de solicitud directa (navegaci\u00f3n forzada) en las versiones 0.10.12 y anteriores de iroha Board. Si se explota esta vulnerabilidad, un atacante que inicie sesi\u00f3n en el producto afectado podr\u00eda acceder a contenido no p\u00fablico." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-414xx/CVE-2025-41427.json b/CVE-2025/CVE-2025-414xx/CVE-2025-41427.json index 4b1fd53db5f..c32bef15248 100644 --- a/CVE-2025/CVE-2025-414xx/CVE-2025-41427.json +++ b/CVE-2025/CVE-2025-414xx/CVE-2025-41427.json @@ -2,13 +2,17 @@ "id": "CVE-2025-41427", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2025-06-24T05:15:24.243", - "lastModified": "2025-06-24T05:15:24.243", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "WRC-X3000GS, WRC-X3000GSA, and WRC-X3000GSN contain an improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in Connection Diagnostics page. If a remote authenticated attacker sends a specially crafted request to the affected product, an arbitrary OS command may be executed." + }, + { + "lang": "es", + "value": "WRC-X3000GS, WRC-X3000GSA y WRC-X3000GSN presentan una vulnerabilidad de neutralizaci\u00f3n incorrecta de elementos especiales utilizados en un comando del sistema operativo ('Inyecci\u00f3n de comandos del sistema operativo') en la p\u00e1gina Connection Diagnostics. Si un atacante remoto autenticado env\u00eda una solicitud especialmente manipulada al producto afectado, podr\u00eda ejecutarse un comando arbitrario del sistema operativo." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-416xx/CVE-2025-41647.json b/CVE-2025/CVE-2025-416xx/CVE-2025-41647.json index 1ce6a18c02e..fa1d2288466 100644 --- a/CVE-2025/CVE-2025-416xx/CVE-2025-41647.json +++ b/CVE-2025/CVE-2025-416xx/CVE-2025-41647.json @@ -2,13 +2,17 @@ "id": "CVE-2025-41647", "sourceIdentifier": "info@cert.vde.com", "published": "2025-06-25T10:15:22.747", - "lastModified": "2025-06-25T10:15:22.747", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A local, low-privileged attacker can learn the password of the connected controller in PLC Designer V4 due to an incorrect implementation that results in the password being displayed in plain text under special conditions." + }, + { + "lang": "es", + "value": "Un atacante local con pocos privilegios puede conocer la contrase\u00f1a del controlador conectado en PLC Designer V4 debido a una implementaci\u00f3n incorrecta que hace que la contrase\u00f1a se muestre en texto simple en condiciones especiales." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-438xx/CVE-2025-43877.json b/CVE-2025/CVE-2025-438xx/CVE-2025-43877.json index b28567da7b4..1cdbe79b228 100644 --- a/CVE-2025/CVE-2025-438xx/CVE-2025-43877.json +++ b/CVE-2025/CVE-2025-438xx/CVE-2025-43877.json @@ -2,13 +2,17 @@ "id": "CVE-2025-43877", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2025-06-24T05:15:24.403", - "lastModified": "2025-06-24T05:15:24.403", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "WRC-1167GHBK2-S contains a stored cross-site scripting vulnerability in WebGUI. If exploited, an arbitrary script may be executed on the web browser of the user who accessed WebGUI of the product." + }, + { + "lang": "es", + "value": "WRC-1167GHBK2-S contiene una vulnerabilidad de cross-site scripting almacenado en WebGUI. Si se explota, se podr\u00eda ejecutar un script arbitrario en el navegador web del usuario que accedi\u00f3 a WebGUI del producto." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-438xx/CVE-2025-43879.json b/CVE-2025/CVE-2025-438xx/CVE-2025-43879.json index 6cf9cf39284..fa01d1f9989 100644 --- a/CVE-2025/CVE-2025-438xx/CVE-2025-43879.json +++ b/CVE-2025/CVE-2025-438xx/CVE-2025-43879.json @@ -2,13 +2,17 @@ "id": "CVE-2025-43879", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2025-06-24T05:15:24.567", - "lastModified": "2025-06-24T05:15:24.567", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "WRH-733GBK and WRH-733GWH contain an improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in the telnet function. If a remote unauthenticated attacker sends a specially crafted request to the affected product, an arbitrary OS command may be executed." + }, + { + "lang": "es", + "value": "WRH-733GBK y WRH-733GWH contienen una vulnerabilidad de neutralizaci\u00f3n incorrecta de elementos especiales utilizados en un comando del sistema operativo ('Inyecci\u00f3n de comandos del sistema operativo') en la funci\u00f3n Telnet. Si un atacante remoto no autenticado env\u00eda una solicitud especialmente manipulada al producto afectado, podr\u00eda ejecutarse un comando arbitrario del sistema operativo." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-438xx/CVE-2025-43880.json b/CVE-2025/CVE-2025-438xx/CVE-2025-43880.json index aac62230a91..652622f4f32 100644 --- a/CVE-2025/CVE-2025-438xx/CVE-2025-43880.json +++ b/CVE-2025/CVE-2025-438xx/CVE-2025-43880.json @@ -2,13 +2,17 @@ "id": "CVE-2025-43880", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2025-06-25T06:15:20.250", - "lastModified": "2025-06-25T06:15:20.250", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Inefficient regular expression complexity issue exists in GROWI prior to v7.1.6. If exploited, a logged-in user may cause a denial of service (DoS) condition." + }, + { + "lang": "es", + "value": "Existe un problema de complejidad de expresiones regulares ineficientes en GROWI anterior a la v7.1.6. Si se explota, un usuario conectado puede causar una denegaci\u00f3n de servicio (DoS)." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-43xx/CVE-2025-4334.json b/CVE-2025/CVE-2025-43xx/CVE-2025-4334.json index 7c51f0932f2..1d4f8609e94 100644 --- a/CVE-2025/CVE-2025-43xx/CVE-2025-4334.json +++ b/CVE-2025/CVE-2025-43xx/CVE-2025-4334.json @@ -2,13 +2,17 @@ "id": "CVE-2025-4334", "sourceIdentifier": "security@wordfence.com", "published": "2025-06-26T02:15:21.173", - "lastModified": "2025-06-26T02:15:21.173", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Simple User Registration plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.3. This is due to insufficient restrictions on user meta values that can be supplied during registration. This makes it possible for unauthenticated attackers to register as an administrator." + }, + { + "lang": "es", + "value": "El complemento Simple User Registration para WordPress es vulnerable a la Escalada de Privilegios en todas las versiones hasta la 6.3 incluida. Esto se debe a restricciones insuficientes en los metavalores de usuario que se pueden proporcionar durante el registro. Esto permite que atacantes no autenticados se registren como administradores." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-43xx/CVE-2025-4378.json b/CVE-2025/CVE-2025-43xx/CVE-2025-4378.json index 042933982a5..83c4f8fe5f2 100644 --- a/CVE-2025/CVE-2025-43xx/CVE-2025-4378.json +++ b/CVE-2025/CVE-2025-43xx/CVE-2025-4378.json @@ -2,13 +2,17 @@ "id": "CVE-2025-4378", "sourceIdentifier": "iletisim@usom.gov.tr", "published": "2025-06-24T17:15:35.320", - "lastModified": "2025-06-24T17:15:35.320", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cleartext Transmission of Sensitive Information, Use of Hard-coded Credentials vulnerability in Ataturk University ATA-AOF Mobile Application allows Authentication Abuse, Authentication Bypass.This issue affects ATA-AOF Mobile Application: before 20.06.2025." + }, + { + "lang": "es", + "value": "La vulnerabilidad de transmisi\u00f3n de informaci\u00f3n confidencial en texto claro y uso de credenciales codificadas en Ataturk University ATA-AOF Mobile Application permite el abuso y la omisi\u00f3n de la autenticaci\u00f3n. Este problema afecta a la aplicaci\u00f3n m\u00f3vil ATA-AOF: antes del 20.06.2025." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-43xx/CVE-2025-4383.json b/CVE-2025/CVE-2025-43xx/CVE-2025-4383.json index de2dd5e07a9..cba02d8d756 100644 --- a/CVE-2025/CVE-2025-43xx/CVE-2025-4383.json +++ b/CVE-2025/CVE-2025-43xx/CVE-2025-4383.json @@ -2,13 +2,17 @@ "id": "CVE-2025-4383", "sourceIdentifier": "iletisim@usom.gov.tr", "published": "2025-06-24T16:15:29.220", - "lastModified": "2025-06-24T16:15:29.220", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Restriction of Excessive Authentication Attempts vulnerability in Art-in Bili\u015fim Teknolojileri ve Yaz\u0131l\u0131m Hizm. Tic. Ltd. \u015eti. Wi-Fi Cloud Hotspot allows Authentication Abuse, Authentication Bypass.This issue affects Wi-Fi Cloud Hotspot: before 30.05.2025." + }, + { + "lang": "es", + "value": "Vulnerabilidad de restricci\u00f3n inadecuada de intentos excesivos de autenticaci\u00f3n en Art-in Bili?im Teknolojileri ve Yaz?l?m Hizm. Tic. Ltd. ?ti. Wi-Fi Cloud Hotspot permite el abuso y la omisi\u00f3n de la autenticaci\u00f3n. Este problema afecta a Wi-Fi Cloud Hotspot: anteriores al 30/05/2025." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-441xx/CVE-2025-44141.json b/CVE-2025/CVE-2025-441xx/CVE-2025-44141.json index 1e96c0d4122..e77132380c3 100644 --- a/CVE-2025/CVE-2025-441xx/CVE-2025-44141.json +++ b/CVE-2025/CVE-2025-441xx/CVE-2025-44141.json @@ -2,8 +2,8 @@ "id": "CVE-2025-44141", "sourceIdentifier": "cve@mitre.org", "published": "2025-06-26T16:15:28.753", - "lastModified": "2025-06-26T16:15:28.753", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { @@ -11,7 +11,42 @@ "value": "A Cross-Site Scripting (XSS) vulnerability exists in the node creation form of Backdrop CMS 1.30." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], "references": [ { "url": "http://backdrop.com", diff --git a/CVE-2025/CVE-2025-442xx/CVE-2025-44206.json b/CVE-2025/CVE-2025-442xx/CVE-2025-44206.json index a311e32052e..e83bc3fee48 100644 --- a/CVE-2025/CVE-2025-442xx/CVE-2025-44206.json +++ b/CVE-2025/CVE-2025-442xx/CVE-2025-44206.json @@ -2,13 +2,17 @@ "id": "CVE-2025-44206", "sourceIdentifier": "cve@mitre.org", "published": "2025-06-25T16:15:26.367", - "lastModified": "2025-06-25T17:15:37.740", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Hexagon HxGN OnCall Dispatch Advantage (Web) v10.2309.03.00264 and Hexagon HxGN OnCall Dispatch Advantage (Mobile) v10.2402 are vulnerable to Cross Site Scripting (XSS) which allows a remote authenticated attacker with access to the Broadcast (Person) functionality to execute arbitrary code." + }, + { + "lang": "es", + "value": "Hexagon HxGN OnCall Dispatch Advantage (Web) v10.2309.03.00264 y Hexagon HxGN OnCall Dispatch Advantage (Mobile) v10.2402 son vulnerables a Cross Site Scripting (XSS), lo que permite que un atacante remoto autenticado con acceso a la funcionalidad Broadcast (Persona) ejecute c\u00f3digo arbitrario." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-445xx/CVE-2025-44531.json b/CVE-2025/CVE-2025-445xx/CVE-2025-44531.json index 871df3a8915..e95557e40e1 100644 --- a/CVE-2025/CVE-2025-445xx/CVE-2025-44531.json +++ b/CVE-2025/CVE-2025-445xx/CVE-2025-44531.json @@ -2,13 +2,17 @@ "id": "CVE-2025-44531", "sourceIdentifier": "cve@mitre.org", "published": "2025-06-24T16:15:27.703", - "lastModified": "2025-06-24T20:15:25.100", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in Realtek RTL8762EKF-EVB RTL8762E SDK v1.4.0 allows attackers to cause a Denial of Service (DoS) via sending a crafted before a pairing public key is received during a Bluetooth connection attempt." + }, + { + "lang": "es", + "value": "Un problema en Realtek RTL8762EKF-EVB RTL8762E SDK v1.4.0 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) mediante el env\u00edo de una clave manipulada antes de que se reciba una clave p\u00fablica de emparejamiento durante un intento de conexi\u00f3n Bluetooth." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-453xx/CVE-2025-45332.json b/CVE-2025/CVE-2025-453xx/CVE-2025-45332.json index 114e90babc4..f06a8b2edf2 100644 --- a/CVE-2025/CVE-2025-453xx/CVE-2025-45332.json +++ b/CVE-2025/CVE-2025-453xx/CVE-2025-45332.json @@ -2,13 +2,17 @@ "id": "CVE-2025-45332", "sourceIdentifier": "cve@mitre.org", "published": "2025-06-25T18:15:22.040", - "lastModified": "2025-06-25T19:15:23.110", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "vkoskiv c-ray 1.1 contains a Null Pointer Dereference (NPD) vulnerability in the parse_mtllib function of its data processing module, leading to unpredictable program behavior, causing segmentation faults, and program crashes." + }, + { + "lang": "es", + "value": "vkoskiv c-ray 1.1 contiene una vulnerabilidad de desreferencia de puntero nulo (NPD) en la funci\u00f3n parse_mtllib de su m\u00f3dulo de procesamiento de datos, lo que genera un comportamiento impredecible del programa, causando fallas de segmentaci\u00f3n y fallas del programa." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-453xx/CVE-2025-45333.json b/CVE-2025/CVE-2025-453xx/CVE-2025-45333.json index 9ce26062faa..fdfc6bdd34f 100644 --- a/CVE-2025/CVE-2025-453xx/CVE-2025-45333.json +++ b/CVE-2025/CVE-2025-453xx/CVE-2025-45333.json @@ -2,13 +2,17 @@ "id": "CVE-2025-45333", "sourceIdentifier": "cve@mitre.org", "published": "2025-06-25T20:15:23.927", - "lastModified": "2025-06-25T20:15:23.927", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "berkeley-abc abc 1.1 contains a Null Pointer Dereference (NPD) vulnerability in the Abc_NtkCecFraigPart function of its data processing module, leading to unpredictable program behavior, causing segmentation faults, and program crashes." + }, + { + "lang": "es", + "value": "berkeley-abc abc 1.1 contiene una vulnerabilidad de desreferencia de puntero nulo (NPD) en la funci\u00f3n Abc_NtkCecFraigPart de su m\u00f3dulo de procesamiento de datos, lo que genera un comportamiento impredecible del programa, causando fallas de segmentaci\u00f3n y fallas del programa." } ], "metrics": {}, diff --git a/CVE-2025/CVE-2025-46xx/CVE-2025-4656.json b/CVE-2025/CVE-2025-46xx/CVE-2025-4656.json index 7f707a3d2c9..033bca395e2 100644 --- a/CVE-2025/CVE-2025-46xx/CVE-2025-4656.json +++ b/CVE-2025/CVE-2025-46xx/CVE-2025-4656.json @@ -2,13 +2,17 @@ "id": "CVE-2025-4656", "sourceIdentifier": "security@hashicorp.com", "published": "2025-06-25T17:15:38.440", - "lastModified": "2025-06-25T17:15:38.440", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Vault Community and Vault Enterprise rekey and recovery key operations can lead to a denial of service due to uncontrolled cancellation by a Vault operator. This vulnerability (CVE-2025-4656) has been remediated in Vault Community Edition 1.20.0 and Vault Enterprise 1.20.0, 1.19.6, 1.18.11, 1.17.17, and 1.16.22." + }, + { + "lang": "es", + "value": "Las operaciones de regeneraci\u00f3n y recuperaci\u00f3n de claves en Vault Community y Vault Enterprise pueden provocar una denegaci\u00f3n de servicio debido a una cancelaci\u00f3n incontrolada por parte del operador de Vault. Esta vulnerabilidad (CVE-2025-4656) se ha corregido en Vault Community Edition 1.20.0 y Vault Enterprise 1.20.0, 1.19.6, 1.18.11, 1.17.17 y 1.16.22." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-479xx/CVE-2025-47943.json b/CVE-2025/CVE-2025-479xx/CVE-2025-47943.json index 11580a2c813..0e74daee284 100644 --- a/CVE-2025/CVE-2025-479xx/CVE-2025-47943.json +++ b/CVE-2025/CVE-2025-479xx/CVE-2025-47943.json @@ -2,13 +2,17 @@ "id": "CVE-2025-47943", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-24T04:15:46.743", - "lastModified": "2025-06-24T22:15:22.353", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Gogs is an open source self-hosted Git service. In application version 0.14.0+dev and prior, there is a stored cross-site scripting (XSS) vulnerability present in Gogs, which allows client-side Javascript code execution. The vulnerability is caused by the usage of a vulnerable and outdated component: pdfjs-1.4.20 under public/plugins/. This issue has been fixed for gogs.io/gogs in version 0.13.3." + }, + { + "lang": "es", + "value": "Gogs es un servicio Git autoalojado de c\u00f3digo abierto. En la versi\u00f3n 0.14.0+dev y anteriores de la aplicaci\u00f3n, existe una vulnerabilidad de cross-site scripting (XSS) almacenado en Gogs, que permite la ejecuci\u00f3n de c\u00f3digo Javascript del lado del cliente. La vulnerabilidad se debe al uso de un componente vulnerable y obsoleto: pdfjs-1.4.20, ubicado en public/plugins/. Este problema se ha corregido para gogs.io/gogs en la versi\u00f3n 0.13.3." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-484xx/CVE-2025-48461.json b/CVE-2025/CVE-2025-484xx/CVE-2025-48461.json index cdd5589540c..cc2ae4d1739 100644 --- a/CVE-2025/CVE-2025-484xx/CVE-2025-48461.json +++ b/CVE-2025/CVE-2025-484xx/CVE-2025-48461.json @@ -2,13 +2,17 @@ "id": "CVE-2025-48461", "sourceIdentifier": "5f57b9bf-260d-4433-bf07-b6a79e9bb7d4", "published": "2025-06-24T03:15:33.613", - "lastModified": "2025-06-25T14:15:23.997", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Successful exploitation of the vulnerability could allow an unauthenticated attacker to conduct brute force guessing and account takeover as the session cookies are predictable, potentially allowing the attackers to gain root, admin or user access and reset passwords." + }, + { + "lang": "es", + "value": "La explotaci\u00f3n exitosa de la vulnerabilidad podr\u00eda permitir a un atacante no autenticado realizar conjeturas por fuerza bruta y tomar el control de la cuenta, ya que las cookies de sesi\u00f3n son predecibles, lo que potencialmente permite a los atacantes obtener acceso de root, administrador o usuario y restablecer contrase\u00f1as." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-484xx/CVE-2025-48462.json b/CVE-2025/CVE-2025-484xx/CVE-2025-48462.json index 423b860bf95..1f7472007ba 100644 --- a/CVE-2025/CVE-2025-484xx/CVE-2025-48462.json +++ b/CVE-2025/CVE-2025-484xx/CVE-2025-48462.json @@ -2,13 +2,17 @@ "id": "CVE-2025-48462", "sourceIdentifier": "5f57b9bf-260d-4433-bf07-b6a79e9bb7d4", "published": "2025-06-24T03:15:33.753", - "lastModified": "2025-06-25T14:15:24.130", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Successful exploitation of the vulnerability could allow an attacker to consume all available session slots and block other users from logging in, thereby preventing legitimate users from gaining access to the product." + }, + { + "lang": "es", + "value": "La explotaci\u00f3n exitosa de esta vulnerabilidad podr\u00eda permitir a un atacante consumir todos los espacios de sesi\u00f3n disponibles y bloquear el inicio de sesi\u00f3n de otros usuarios, impidiendo as\u00ed que los usuarios leg\u00edtimos obtengan acceso al producto." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-484xx/CVE-2025-48463.json b/CVE-2025/CVE-2025-484xx/CVE-2025-48463.json index a27e15db862..b2711760d46 100644 --- a/CVE-2025/CVE-2025-484xx/CVE-2025-48463.json +++ b/CVE-2025/CVE-2025-484xx/CVE-2025-48463.json @@ -2,13 +2,17 @@ "id": "CVE-2025-48463", "sourceIdentifier": "5f57b9bf-260d-4433-bf07-b6a79e9bb7d4", "published": "2025-06-24T03:15:33.870", - "lastModified": "2025-06-25T14:15:24.267", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Successful exploitation of the vulnerability could allow an attacker to intercept data and conduct session hijacking on the exposed data as the vulnerable product uses unencrypted HTTP communication, potentially leading to unauthorised access or data tampering." + }, + { + "lang": "es", + "value": "La explotaci\u00f3n exitosa de la vulnerabilidad podr\u00eda permitir a un atacante interceptar datos y realizar un secuestro de sesi\u00f3n en los datos expuestos, ya que el producto vulnerable utiliza una comunicaci\u00f3n HTTP no cifrada, lo que potencialmente conduce a un acceso no autorizado o a la manipulaci\u00f3n de datos." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-484xx/CVE-2025-48466.json b/CVE-2025/CVE-2025-484xx/CVE-2025-48466.json index 4826aea055d..fda2b2eac73 100644 --- a/CVE-2025/CVE-2025-484xx/CVE-2025-48466.json +++ b/CVE-2025/CVE-2025-484xx/CVE-2025-48466.json @@ -2,8 +2,8 @@ "id": "CVE-2025-48466", "sourceIdentifier": "5f57b9bf-260d-4433-bf07-b6a79e9bb7d4", "published": "2025-06-24T03:15:34.013", - "lastModified": "2025-06-25T13:15:26.133", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-484xx/CVE-2025-48467.json b/CVE-2025/CVE-2025-484xx/CVE-2025-48467.json index 040fd86265e..0b56f7c7fd4 100644 --- a/CVE-2025/CVE-2025-484xx/CVE-2025-48467.json +++ b/CVE-2025/CVE-2025-484xx/CVE-2025-48467.json @@ -2,8 +2,8 @@ "id": "CVE-2025-48467", "sourceIdentifier": "5f57b9bf-260d-4433-bf07-b6a79e9bb7d4", "published": "2025-06-24T03:15:34.140", - "lastModified": "2025-06-25T14:15:24.390", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-484xx/CVE-2025-48468.json b/CVE-2025/CVE-2025-484xx/CVE-2025-48468.json index a345608cdf8..42aabfad172 100644 --- a/CVE-2025/CVE-2025-484xx/CVE-2025-48468.json +++ b/CVE-2025/CVE-2025-484xx/CVE-2025-48468.json @@ -2,8 +2,8 @@ "id": "CVE-2025-48468", "sourceIdentifier": "5f57b9bf-260d-4433-bf07-b6a79e9bb7d4", "published": "2025-06-24T03:15:34.267", - "lastModified": "2025-06-25T14:15:24.523", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-484xx/CVE-2025-48469.json b/CVE-2025/CVE-2025-484xx/CVE-2025-48469.json index 05fbf7e6fdc..ed537aac96e 100644 --- a/CVE-2025/CVE-2025-484xx/CVE-2025-48469.json +++ b/CVE-2025/CVE-2025-484xx/CVE-2025-48469.json @@ -2,8 +2,8 @@ "id": "CVE-2025-48469", "sourceIdentifier": "5f57b9bf-260d-4433-bf07-b6a79e9bb7d4", "published": "2025-06-24T03:15:34.390", - "lastModified": "2025-06-25T13:15:26.273", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-484xx/CVE-2025-48470.json b/CVE-2025/CVE-2025-484xx/CVE-2025-48470.json index 28f01e6e017..6a83e5890fd 100644 --- a/CVE-2025/CVE-2025-484xx/CVE-2025-48470.json +++ b/CVE-2025/CVE-2025-484xx/CVE-2025-48470.json @@ -2,8 +2,8 @@ "id": "CVE-2025-48470", "sourceIdentifier": "5f57b9bf-260d-4433-bf07-b6a79e9bb7d4", "published": "2025-06-24T03:15:34.523", - "lastModified": "2025-06-25T13:15:26.410", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-484xx/CVE-2025-48497.json b/CVE-2025/CVE-2025-484xx/CVE-2025-48497.json index 3d06f3a3211..e502daf98ec 100644 --- a/CVE-2025/CVE-2025-484xx/CVE-2025-48497.json +++ b/CVE-2025/CVE-2025-484xx/CVE-2025-48497.json @@ -2,13 +2,17 @@ "id": "CVE-2025-48497", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2025-06-26T06:15:23.697", - "lastModified": "2025-06-26T06:15:23.697", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cross-site request forgery vulnerability exists in iroha Board versions v0.10.12 and earlier. If a user accesses a specially crafted URL while being logged in to the affected product, arbitrary learning histories may be registered." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de cross-site request forgery en las versiones 0.10.12 y anteriores de iroha Board. Si un usuario accede a una URL especialmente manipulada mientras tiene la sesi\u00f3n iniciada en el producto afectado, podr\u00edan registrarse historiales de aprendizaje arbitrarios." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-488xx/CVE-2025-48890.json b/CVE-2025/CVE-2025-488xx/CVE-2025-48890.json index cb8d82c6daf..4cf63365ef8 100644 --- a/CVE-2025/CVE-2025-488xx/CVE-2025-48890.json +++ b/CVE-2025/CVE-2025-488xx/CVE-2025-48890.json @@ -2,13 +2,17 @@ "id": "CVE-2025-48890", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2025-06-24T05:15:24.727", - "lastModified": "2025-06-24T05:15:24.727", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "WRH-733GBK and WRH-733GWH contain an improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in miniigd SOAP service. If a remote unauthenticated attacker sends a specially crafted request to the affected product, an arbitrary OS command may be executed." + }, + { + "lang": "es", + "value": "WRH-733GBK y WRH-733GWH contienen una vulnerabilidad de neutralizaci\u00f3n incorrecta de elementos especiales utilizados en un comando del sistema operativo ('Inyecci\u00f3n de comandos del sistema operativo') en el servicio SOAP miniigd. Si un atacante remoto no autenticado env\u00eda una solicitud especialmente manipulada al producto afectado, podr\u00eda ejecutarse un comando arbitrario del sistema operativo." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-489xx/CVE-2025-48921.json b/CVE-2025/CVE-2025-489xx/CVE-2025-48921.json index c925ce031a1..99d163e4a7b 100644 --- a/CVE-2025/CVE-2025-489xx/CVE-2025-48921.json +++ b/CVE-2025/CVE-2025-489xx/CVE-2025-48921.json @@ -2,8 +2,8 @@ "id": "CVE-2025-48921", "sourceIdentifier": "mlhess@drupal.org", "published": "2025-06-26T14:15:30.043", - "lastModified": "2025-06-26T14:15:30.043", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { @@ -11,7 +11,30 @@ "value": "Cross-Site Request Forgery (CSRF) vulnerability in Drupal Open Social allows Cross Site Request Forgery.This issue affects Open Social: from 0.0.0 before 12.3.14, from 12.4.0 before 12.4.13." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, "weaknesses": [ { "source": "mlhess@drupal.org", diff --git a/CVE-2025/CVE-2025-489xx/CVE-2025-48922.json b/CVE-2025/CVE-2025-489xx/CVE-2025-48922.json index 92d8c87dd30..d346ce6cf8f 100644 --- a/CVE-2025/CVE-2025-489xx/CVE-2025-48922.json +++ b/CVE-2025/CVE-2025-489xx/CVE-2025-48922.json @@ -2,8 +2,8 @@ "id": "CVE-2025-48922", "sourceIdentifier": "mlhess@drupal.org", "published": "2025-06-26T14:15:30.180", - "lastModified": "2025-06-26T14:15:30.180", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { @@ -11,7 +11,30 @@ "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal GLightbox allows Cross-Site Scripting (XSS).This issue affects GLightbox: from 0.0.0 before 1.0.16." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, "weaknesses": [ { "source": "mlhess@drupal.org", diff --git a/CVE-2025/CVE-2025-489xx/CVE-2025-48923.json b/CVE-2025/CVE-2025-489xx/CVE-2025-48923.json index fcd29ec81a2..14260eda805 100644 --- a/CVE-2025/CVE-2025-489xx/CVE-2025-48923.json +++ b/CVE-2025/CVE-2025-489xx/CVE-2025-48923.json @@ -2,8 +2,8 @@ "id": "CVE-2025-48923", "sourceIdentifier": "mlhess@drupal.org", "published": "2025-06-26T14:15:30.300", - "lastModified": "2025-06-26T14:15:30.300", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { @@ -11,7 +11,30 @@ "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Toc.Js allows Cross-Site Scripting (XSS).This issue affects Toc.Js: from 0.0.0 before 3.2.1." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, "weaknesses": [ { "source": "mlhess@drupal.org", diff --git a/CVE-2025/CVE-2025-489xx/CVE-2025-48954.json b/CVE-2025/CVE-2025-489xx/CVE-2025-48954.json index a9c9c7a9cd4..9e22a0102a5 100644 --- a/CVE-2025/CVE-2025-489xx/CVE-2025-48954.json +++ b/CVE-2025/CVE-2025-489xx/CVE-2025-48954.json @@ -2,13 +2,17 @@ "id": "CVE-2025-48954", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-25T14:15:24.777", - "lastModified": "2025-06-25T14:15:24.777", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Discourse is an open-source discussion platform. Versions prior to 3.5.0.beta6 are vulnerable to cross-site scripting when the content security policy isn't enabled when using social logins. Version 3.5.0.beta6 patches the issue. As a workaround, have the content security policy enabled." + }, + { + "lang": "es", + "value": "Discourse es una plataforma de discusi\u00f3n de c\u00f3digo abierto. Las versiones anteriores a la 3.5.0.beta6 son vulnerables a ataques de cross-site scripting cuando la pol\u00edtica de seguridad de contenido no est\u00e1 habilitada al usar inicios de sesi\u00f3n con redes sociales. La versi\u00f3n 3.5.0.beta6 soluciona el problema. Como soluci\u00f3n alternativa, active la pol\u00edtica de seguridad de contenido." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-489xx/CVE-2025-48991.json b/CVE-2025/CVE-2025-489xx/CVE-2025-48991.json index 5adf1913fb8..dbadeb50fe3 100644 --- a/CVE-2025/CVE-2025-489xx/CVE-2025-48991.json +++ b/CVE-2025/CVE-2025-489xx/CVE-2025-48991.json @@ -2,13 +2,17 @@ "id": "CVE-2025-48991", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-25T14:15:24.943", - "lastModified": "2025-06-25T14:15:24.943", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Tuleap is an Open Source Suite to improve management of software developments and collaboration. An attacker could use a vulnerability present in Tuleap Community Edition prior to version 16.8.99.1748845907 and Tuleap Enterprise Edition prior to versions 16.8-3 and 16.7-5 to trick victims into changing the canned responses. Tuleap Community Edition 16.8.99.1748845907, Tuleap Enterprise Edition 16.8-3, and Tuleap Enterprise Edition 16.7-5 contain a fix for the vulnerability." + }, + { + "lang": "es", + "value": "Tuleap es una suite de c\u00f3digo abierto que mejora la gesti\u00f3n del desarrollo de software y la colaboraci\u00f3n. Un atacante podr\u00eda aprovechar una vulnerabilidad presente en Tuleap Community Edition anterior a la versi\u00f3n 16.8.99.1748845907 y en Tuleap Enterprise Edition anterior a las versiones 16.8-3 y 16.7-5 para enga\u00f1ar a las v\u00edctimas y lograr que modifiquen las respuestas predefinidas. Tuleap Community Edition 16.8.99.1748845907, Tuleap Enterprise Edition 16.8-3 y Tuleap Enterprise Edition 16.7-5 contienen una correcci\u00f3n para esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-490xx/CVE-2025-49003.json b/CVE-2025/CVE-2025-490xx/CVE-2025-49003.json index 3074e022121..ee9d14181b1 100644 --- a/CVE-2025/CVE-2025-490xx/CVE-2025-49003.json +++ b/CVE-2025/CVE-2025-490xx/CVE-2025-49003.json @@ -2,8 +2,8 @@ "id": "CVE-2025-49003", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-26T14:15:30.433", - "lastModified": "2025-06-26T15:15:22.963", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-491xx/CVE-2025-49135.json b/CVE-2025/CVE-2025-491xx/CVE-2025-49135.json index 9ee324a4b4b..19aed25b1a5 100644 --- a/CVE-2025/CVE-2025-491xx/CVE-2025-49135.json +++ b/CVE-2025/CVE-2025-491xx/CVE-2025-49135.json @@ -2,13 +2,17 @@ "id": "CVE-2025-49135", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-25T15:15:24.990", - "lastModified": "2025-06-25T15:15:24.990", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "CVAT is an open source interactive video and image annotation tool for computer vision. Versions 2.2.0 through 2.39.0 have no validation during the import process of a project or task backup to check that the filename specified in the query parameter refers to a TUS-uploaded file belonging to the same user. As a result, if an attacker with a CVAT account and a `user` role knows the filenames of other users' uploads, they could potentially access and steal data by creating projects or tasks using those files. This issue does not affect annotation or dataset TUS uploads, since in this case object-specific temporary directories are used. Users should upgrade to CVAT 2.40.0 or a later version to receive a patch. No known workarounds are available." + }, + { + "lang": "es", + "value": "CVAT es una herramienta interactiva de c\u00f3digo abierto para la anotaci\u00f3n de im\u00e1genes y videos para visi\u00f3n artificial. Las versiones 2.2.0 a 2.39.0 no incluyen validaci\u00f3n durante la importaci\u00f3n de copias de seguridad de proyectos o tareas para verificar que el nombre de archivo especificado en el par\u00e1metro de consulta se refiera a un archivo subido a TUS que pertenezca al mismo usuario. Por lo tanto, si un atacante con una cuenta CVAT y rol de usuario conoce los nombres de archivo de las cargas de otros usuarios, podr\u00eda acceder y robar datos creando proyectos o tareas con esos archivos. Este problema no afecta las cargas de TUS de anotaciones ni de conjuntos de datos, ya que en este caso se utilizan directorios temporales espec\u00edficos del objeto. Los usuarios deben actualizar a CVAT 2.40.0 o una versi\u00f3n posterior para recibir una actualizaci\u00f3n. No se conocen soluciones alternativas." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-491xx/CVE-2025-49147.json b/CVE-2025/CVE-2025-491xx/CVE-2025-49147.json index 98a3201b86f..592f4bf31e7 100644 --- a/CVE-2025/CVE-2025-491xx/CVE-2025-49147.json +++ b/CVE-2025/CVE-2025-491xx/CVE-2025-49147.json @@ -2,13 +2,17 @@ "id": "CVE-2025-49147", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-24T18:15:25.247", - "lastModified": "2025-06-24T18:15:25.247", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Umbraco, a free and open source .NET content management system, has a vulnerability in versions 10.0.0 through 10.8.10 and 13.0.0 through 13.9.1. Via a request to an anonymously authenticated endpoint it's possible to retrieve information about the configured password requirements. The information available is limited but would perhaps give some additional detail useful for someone attempting to brute force derive a user's password. This information was not exposed in Umbraco 7 or 8, nor in 14 or higher versions. The vulnerability is patched in versions 10.8.11 and 13.9.2." + }, + { + "lang": "es", + "value": "Umbraco, un sistema de gesti\u00f3n de contenido .NET gratuito y de c\u00f3digo abierto, presenta una vulnerabilidad en las versiones 10.0.0 a 10.8.10 y 13.0.0 a 13.9.1. Mediante una solicitud a un endpoint autenticado an\u00f3nimamente, es posible obtener informaci\u00f3n sobre los requisitos de contrase\u00f1a configurados. La informaci\u00f3n disponible es limitada, pero podr\u00eda proporcionar informaci\u00f3n adicional \u00fatil para quienes intenten obtener la contrase\u00f1a de un usuario mediante fuerza bruta. Esta informaci\u00f3n no se expuso en Umbraco 7 ni 8, ni en la versi\u00f3n 14 o posteriores. La vulnerabilidad est\u00e1 corregida en las versiones 10.8.11 y 13.9.2." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-491xx/CVE-2025-49151.json b/CVE-2025/CVE-2025-491xx/CVE-2025-49151.json index 97fda264255..e23b4faace7 100644 --- a/CVE-2025/CVE-2025-491xx/CVE-2025-49151.json +++ b/CVE-2025/CVE-2025-491xx/CVE-2025-49151.json @@ -2,13 +2,17 @@ "id": "CVE-2025-49151", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2025-06-25T17:15:37.897", - "lastModified": "2025-06-25T17:15:37.897", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "MICROSENS NMP Web+\u00a0could allow an unauthenticated attacker to generate forged JSON Web Tokens (JWT) to bypass authentication." + }, + { + "lang": "es", + "value": "MICROSENS NMP Web+ podr\u00eda permitir que un atacante no autenticado genere tokens web JSON (JWT) falsificados para eludir la autenticaci\u00f3n." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-491xx/CVE-2025-49152.json b/CVE-2025/CVE-2025-491xx/CVE-2025-49152.json index d2f55bbcb0b..5db58ce5f25 100644 --- a/CVE-2025/CVE-2025-491xx/CVE-2025-49152.json +++ b/CVE-2025/CVE-2025-491xx/CVE-2025-49152.json @@ -2,13 +2,17 @@ "id": "CVE-2025-49152", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2025-06-25T17:15:38.100", - "lastModified": "2025-06-25T17:15:38.100", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "MICROSENS NMP Web+\u00a0contain JSON Web Tokens (JWT) that do not expire, which could allow an attacker to gain access to the system." + }, + { + "lang": "es", + "value": "MICROSENS NMP Web+ contiene JSON Web Tokens (JWT) que no caducan, lo que podr\u00eda permitir que un atacante obtenga acceso al sistema." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-491xx/CVE-2025-49153.json b/CVE-2025/CVE-2025-491xx/CVE-2025-49153.json index 83397cef061..e055bb50efb 100644 --- a/CVE-2025/CVE-2025-491xx/CVE-2025-49153.json +++ b/CVE-2025/CVE-2025-491xx/CVE-2025-49153.json @@ -2,13 +2,17 @@ "id": "CVE-2025-49153", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2025-06-25T17:15:38.263", - "lastModified": "2025-06-25T17:15:38.263", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "MICROSENS NMP Web+\n\ncould allow an unauthenticated attacker to overwrite files and execute arbitrary code." + }, + { + "lang": "es", + "value": "MICROSENS NMP Web+ podr\u00eda permitir que un atacante no autenticado sobrescriba archivos y ejecute c\u00f3digo arbitrario." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-495xx/CVE-2025-49549.json b/CVE-2025/CVE-2025-495xx/CVE-2025-49549.json index e31c82de6b8..7b22cf03de1 100644 --- a/CVE-2025/CVE-2025-495xx/CVE-2025-49549.json +++ b/CVE-2025/CVE-2025-495xx/CVE-2025-49549.json @@ -2,13 +2,17 @@ "id": "CVE-2025-49549", "sourceIdentifier": "psirt@adobe.com", "published": "2025-06-25T18:15:22.163", - "lastModified": "2025-06-25T18:15:22.163", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security measures and gain limited unauthorized access. Exploitation of this issue does not require user interaction." + }, + { + "lang": "es", + "value": "Las versiones 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 y anteriores de Adobe Commerce se ven afectadas por una vulnerabilidad de autorizaci\u00f3n incorrecta que podr\u00eda provocar la omisi\u00f3n de una funci\u00f3n de seguridad. Un atacante con privilegios elevados podr\u00eda aprovechar esta vulnerabilidad para eludir las medidas de seguridad y obtener acceso no autorizado limitado. Para explotar este problema no se requiere la interacci\u00f3n del usuario." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-495xx/CVE-2025-49550.json b/CVE-2025/CVE-2025-495xx/CVE-2025-49550.json index ff1428f4593..26397df388c 100644 --- a/CVE-2025/CVE-2025-495xx/CVE-2025-49550.json +++ b/CVE-2025/CVE-2025-495xx/CVE-2025-49550.json @@ -2,13 +2,17 @@ "id": "CVE-2025-49550", "sourceIdentifier": "psirt@adobe.com", "published": "2025-06-25T18:15:22.323", - "lastModified": "2025-06-25T18:15:22.323", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain limited unauthorized access. Exploitation of this issue requires user interaction." + }, + { + "lang": "es", + "value": "Las versiones 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 y anteriores de Adobe Commerce se ven afectadas por una vulnerabilidad de autorizaci\u00f3n incorrecta que podr\u00eda provocar la omisi\u00f3n de una funci\u00f3n de seguridad. Un atacante podr\u00eda aprovechar esta vulnerabilidad para eludir las medidas de seguridad y obtener acceso no autorizado limitado. Para explotar este problema se requiere la interacci\u00f3n del usuario." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-496xx/CVE-2025-49603.json b/CVE-2025/CVE-2025-496xx/CVE-2025-49603.json new file mode 100644 index 00000000000..19d1eb06ab4 --- /dev/null +++ b/CVE-2025/CVE-2025-496xx/CVE-2025-49603.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2025-49603", + "sourceIdentifier": "cve@mitre.org", + "published": "2025-06-26T18:15:22.710", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Northern.tech Mender Server before 3.7.11 and 4.x before 4.0.1 has Incorrect Access Control." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://mender.io/blog/cve-2025-49603-improper-access-control-of-device-groups-in-mender-server", + "source": "cve@mitre.org" + }, + { + "url": "https://northern.tech", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-497xx/CVE-2025-49797.json b/CVE-2025/CVE-2025-497xx/CVE-2025-49797.json index b1e6a87cc22..31855f535f5 100644 --- a/CVE-2025/CVE-2025-497xx/CVE-2025-49797.json +++ b/CVE-2025/CVE-2025-497xx/CVE-2025-49797.json @@ -2,13 +2,17 @@ "id": "CVE-2025-49797", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2025-06-25T10:15:22.910", - "lastModified": "2025-06-25T10:15:22.910", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple Brother driver installers for Windows contain a privilege escalation vulnerability. If exploited, an arbitrary program may be executed with the administrative privilege. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References]." + }, + { + "lang": "es", + "value": "Varios instaladores de controladores de Brother para Windows contienen una vulnerabilidad de escalada de privilegios. Si se explota, se puede ejecutar un programa arbitrario con privilegios de administrador. Para obtener informaci\u00f3n sobre los nombres, n\u00fameros de modelo y versiones de los productos afectados, consulte la informaci\u00f3n proporcionada por los respectivos proveedores en [Referencias]." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-498xx/CVE-2025-49845.json b/CVE-2025/CVE-2025-498xx/CVE-2025-49845.json index cbd62cf74fc..f1a0be72b5b 100644 --- a/CVE-2025/CVE-2025-498xx/CVE-2025-49845.json +++ b/CVE-2025/CVE-2025-498xx/CVE-2025-49845.json @@ -2,13 +2,17 @@ "id": "CVE-2025-49845", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-25T16:15:26.533", - "lastModified": "2025-06-25T16:15:26.533", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Discourse is an open-source discussion platform. The visibility of posts typed `whisper` is controlled via the `whispers_allowed_groups` site setting. Only users that belong to groups specified in the site setting are allowed to view posts typed `whisper`. However, it has been discovered that users of versions prior to 3.4.6 on the `stable` branch and prior to 3.5.0.beta8-dev on the `tests-passed` branch can continue to see their own whispers even after losing visibility of posts typed `whisper`. This issue is patched in versions 3.4.6 and 3.5.0.beta8-dev. No known workarounds are available." + }, + { + "lang": "es", + "value": "Discourse es una plataforma de discusi\u00f3n de c\u00f3digo abierto. La visibilidad de las publicaciones con el tipo \"whisper\" se controla mediante la configuraci\u00f3n del sitio \"whispers_allowed_groups\". Solo los usuarios que pertenecen a los grupos especificados en la configuraci\u00f3n del sitio pueden ver las publicaciones con este tipo. Sin embargo, se ha descubierto que los usuarios de versiones anteriores a la 3.4.6 en la rama \"stable\" y anteriores a la 3.5.0.beta8-dev en la rama \"tests-passed\" pueden seguir viendo sus propios \"whisper\" incluso despu\u00e9s de perder la visibilidad de las publicaciones con este tipo. Este problema se ha corregido en las versiones 3.4.6 y 3.5.0.beta8-dev. No se conocen soluciones alternativas." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-498xx/CVE-2025-49851.json b/CVE-2025/CVE-2025-498xx/CVE-2025-49851.json index 9e4b8fd8429..14aa2655f0e 100644 --- a/CVE-2025/CVE-2025-498xx/CVE-2025-49851.json +++ b/CVE-2025/CVE-2025-498xx/CVE-2025-49851.json @@ -2,13 +2,17 @@ "id": "CVE-2025-49851", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2025-06-24T20:15:25.560", - "lastModified": "2025-06-24T20:15:25.560", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnerable to an Improper Authentication vulnerability which could allow an attacker to bypass authentication and gain permissions in the product." + }, + { + "lang": "es", + "value": "Las versiones 4.7.48.0 y anteriores de ControlID iDSecure On-premises son afectados por una vulnerabilidad de autenticaci\u00f3n incorrecta que podr\u00eda permitir que un atacante eluda la autenticaci\u00f3n y obtenga permisos en el producto." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-498xx/CVE-2025-49852.json b/CVE-2025/CVE-2025-498xx/CVE-2025-49852.json index 63bb4b2ec79..ff76186701b 100644 --- a/CVE-2025/CVE-2025-498xx/CVE-2025-49852.json +++ b/CVE-2025/CVE-2025-498xx/CVE-2025-49852.json @@ -2,13 +2,17 @@ "id": "CVE-2025-49852", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2025-06-24T20:15:25.727", - "lastModified": "2025-06-24T20:15:25.727", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnerable to a Server-Side Request Forgery vulnerability which could allow an unauthenticated attacker to retrieve information from other servers." + }, + { + "lang": "es", + "value": "Las versiones 4.7.48.0 y anteriores de ControlID iDSecure On-premises son afectadas por una vulnerabilidad de server-side request forgery que podr\u00eda permitir que un atacante no autenticado recupere informaci\u00f3n de otros servidores." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-498xx/CVE-2025-49853.json b/CVE-2025/CVE-2025-498xx/CVE-2025-49853.json index ff60371744f..4672704c486 100644 --- a/CVE-2025/CVE-2025-498xx/CVE-2025-49853.json +++ b/CVE-2025/CVE-2025-498xx/CVE-2025-49853.json @@ -2,13 +2,17 @@ "id": "CVE-2025-49853", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2025-06-24T20:15:25.873", - "lastModified": "2025-06-24T20:15:25.873", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnerable to SQL injections which could allow an attacker to leak arbitrary information and insert arbitrary SQL syntax into SQL queries." + }, + { + "lang": "es", + "value": "Las versiones 4.7.48.0 y anteriores de ControlID iDSecure On-premises son vulnerables a inyecciones de SQL que podr\u00edan permitir a un atacante filtrar informaci\u00f3n arbitraria e insertar sintaxis SQL arbitraria en consultas SQL." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-501xx/CVE-2025-50178.json b/CVE-2025/CVE-2025-501xx/CVE-2025-50178.json index 1b8a45b4801..0b1fa28741a 100644 --- a/CVE-2025/CVE-2025-501xx/CVE-2025-50178.json +++ b/CVE-2025/CVE-2025-501xx/CVE-2025-50178.json @@ -2,13 +2,17 @@ "id": "CVE-2025-50178", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-25T16:15:26.693", - "lastModified": "2025-06-25T16:15:26.693", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "GitForge.jl is a unified interface for interacting with Git \"forges.\" Versions prior to 0.4.3 lack input validation for user provided values in certain functions. In the `GitForge.get_repo` function for GitHub, the user can provide any string for the owner and repo fields. These inputs are not validated or safely encoded and are sent directly to the server. This means a user can add path traversal patterns like `../` in the input to access any other endpoints on api.github.com that were not intended. Version 0.4.3 contains a patch for the issue. No known workarounds are available." + }, + { + "lang": "es", + "value": "GitForge.jl es una interfaz unificada para interactuar con las forjas de Git. Las versiones anteriores a la 0.4.3 carecen de validaci\u00f3n de entrada para los valores proporcionados por el usuario en ciertas funciones. En la funci\u00f3n `GitForge.get_repo` de GitHub, el usuario puede proporcionar cualquier cadena para los campos \"propietario\" y \"repositorio\". Estas entradas no se validan ni codifican de forma segura y se env\u00edan directamente al servidor. Esto significa que un usuario puede a\u00f1adir patrones de path traversal como `../` en la entrada para acceder a cualquier otro endpoint en api.github.com que no estuviera previsto. La versi\u00f3n 0.4.3 incluye un parche para este problema. No se conocen soluciones alternativas." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-501xx/CVE-2025-50179.json b/CVE-2025/CVE-2025-501xx/CVE-2025-50179.json index 622848cc072..322a018fdbe 100644 --- a/CVE-2025/CVE-2025-501xx/CVE-2025-50179.json +++ b/CVE-2025/CVE-2025-501xx/CVE-2025-50179.json @@ -2,13 +2,17 @@ "id": "CVE-2025-50179", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-25T16:15:26.843", - "lastModified": "2025-06-25T16:15:26.843", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Tuleap is an Open Source Suite to improve management of software developments and collaboration. An attacker could use a cross-site request forgery vulnerability in Tuleap Community Edition prior to version 16.8.99.1749830289 and Tuleap Enterprise Edition prior to version 16.9-1 to trick victims into changing the canned responses. Tuleap Community Edition 16.8.99.1749830289 and Tuleap Enterprise Edition 16.9-1 contain a patch for the issue." + }, + { + "lang": "es", + "value": "Tuleap es una suite de c\u00f3digo abierto que mejora la gesti\u00f3n del desarrollo de software y la colaboraci\u00f3n. Un atacante podr\u00eda aprovechar una vulnerabilidad de cross-site request forgery en Tuleap Community Edition (versi\u00f3n anterior a la 16.8.99.1749830289) y Tuleap Enterprise Edition (versi\u00f3n anterior a la 16.9-1) para enga\u00f1ar a las v\u00edctimas y lograr que modifiquen las respuestas predefinidas. Tuleap Community Edition (versi\u00f3n anterior a la 16.8.99.1749830289) y Tuleap Enterprise Edition (versi\u00f3n anterior a la 16.9-1) incluyen un parche para este problema." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-502xx/CVE-2025-50213.json b/CVE-2025/CVE-2025-502xx/CVE-2025-50213.json index 83c37d008ea..327542f0c79 100644 --- a/CVE-2025/CVE-2025-502xx/CVE-2025-50213.json +++ b/CVE-2025/CVE-2025-502xx/CVE-2025-50213.json @@ -2,13 +2,17 @@ "id": "CVE-2025-50213", "sourceIdentifier": "security@apache.org", "published": "2025-06-24T08:15:24.253", - "lastModified": "2025-06-24T18:15:25.427", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) vulnerability in Apache Airflow Providers Snowflake.\n\nThis issue affects Apache Airflow Providers Snowflake: before 6.4.0.\n\nSanitation of table and stage parameters were added in\u00a0CopyFromExternalStageToSnowflakeOperator\u00a0to prevent\u00a0SQL injection\nUsers are recommended to upgrade to version 6.4.0, which fixes the issue." + }, + { + "lang": "es", + "value": "Vulnerabilidad por fallo en la depuraci\u00f3n de elementos especiales en un plano diferente (inyecci\u00f3n de elementos especiales) en Apache Airflow Providers Snowflake. Este problema afecta a Apache Airflow Providers Snowflake: versiones anteriores a la 6.4.0. Se a\u00f1adi\u00f3 la depuraci\u00f3n de los par\u00e1metros de tabla y etapa en CopyFromExternalStageToSnowflakeOperator para evitar la inyecci\u00f3n de SQL. Se recomienda a los usuarios actualizar a la versi\u00f3n 6.4.0, que soluciona el problema." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-503xx/CVE-2025-50350.json b/CVE-2025/CVE-2025-503xx/CVE-2025-50350.json index 0d3dae85f84..2c49d7076fa 100644 --- a/CVE-2025/CVE-2025-503xx/CVE-2025-50350.json +++ b/CVE-2025/CVE-2025-503xx/CVE-2025-50350.json @@ -2,8 +2,8 @@ "id": "CVE-2025-50350", "sourceIdentifier": "cve@mitre.org", "published": "2025-06-26T16:15:30.980", - "lastModified": "2025-06-26T16:15:30.980", - "vulnStatus": "Received", + "lastModified": "2025-06-26T19:15:20.960", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { @@ -11,7 +11,42 @@ "value": "PHPGurukul Pre-School Enrollment System Project v1.0 is vulnerable to Directory Traversal in manage-classes.php." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], "references": [ { "url": "https://github.com/baixiaobi/Pre-School-/blob/main/directory%20traversal%20vulnerability-2.md", diff --git a/CVE-2025/CVE-2025-506xx/CVE-2025-50693.json b/CVE-2025/CVE-2025-506xx/CVE-2025-50693.json index 900cdea7e79..74ba7bae3d9 100644 --- a/CVE-2025/CVE-2025-506xx/CVE-2025-50693.json +++ b/CVE-2025/CVE-2025-506xx/CVE-2025-50693.json @@ -2,13 +2,17 @@ "id": "CVE-2025-50693", "sourceIdentifier": "cve@mitre.org", "published": "2025-06-24T16:15:29.410", - "lastModified": "2025-06-24T18:15:26.080", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "PHPGurukul Online DJ Booking Management System 2.0 is vulnerable to Insecure Direct Object Reference (IDOR) in odms/request-details.php." + }, + { + "lang": "es", + "value": "PHPGurukul Online DJ Booking Management System 2.0 es vulnerable a una referencia directa de objeto insegura (IDOR) en odms/request-details.php." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-506xx/CVE-2025-50695.json b/CVE-2025/CVE-2025-506xx/CVE-2025-50695.json index 312087bbe89..441dcd3cc4a 100644 --- a/CVE-2025/CVE-2025-506xx/CVE-2025-50695.json +++ b/CVE-2025/CVE-2025-506xx/CVE-2025-50695.json @@ -2,13 +2,17 @@ "id": "CVE-2025-50695", "sourceIdentifier": "cve@mitre.org", "published": "2025-06-24T16:15:29.530", - "lastModified": "2025-06-24T18:15:26.250", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "PHPGurukul Online DJ Booking Management System 2.0 is vulnerable to Cross Site Scripting (XSS) in /admin/view-booking-detail.php and /admin/invoice-generating.php." + }, + { + "lang": "es", + "value": "PHPGurukul Online DJ Booking Management System 2.0 es vulnerable a Cross-Site Scripting (XSS) en /admin/view-booking-detail.php y /admin/invoice-generating.php." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-506xx/CVE-2025-50699.json b/CVE-2025/CVE-2025-506xx/CVE-2025-50699.json index 6c2276ebe0d..59d874901bb 100644 --- a/CVE-2025/CVE-2025-506xx/CVE-2025-50699.json +++ b/CVE-2025/CVE-2025-506xx/CVE-2025-50699.json @@ -2,13 +2,17 @@ "id": "CVE-2025-50699", "sourceIdentifier": "cve@mitre.org", "published": "2025-06-24T16:15:29.657", - "lastModified": "2025-06-24T18:15:26.433", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "PHPGurukul Online DJ Booking Management System 2.0 is vulnerable to Cross Site Scripting (XSS) in odms/admin/view-user-queries.php." + }, + { + "lang": "es", + "value": "PHPGurukul Online DJ Booking Management System 2.0 es vulnerable a Cross-Site Scripting (XSS) en odms/admin/view-user-queries.php." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-50xx/CVE-2025-5015.json b/CVE-2025/CVE-2025-50xx/CVE-2025-5015.json index 334ea301326..ebffc002cea 100644 --- a/CVE-2025/CVE-2025-50xx/CVE-2025-5015.json +++ b/CVE-2025/CVE-2025-50xx/CVE-2025-5015.json @@ -2,13 +2,17 @@ "id": "CVE-2025-5015", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2025-06-25T17:15:39.970", - "lastModified": "2025-06-25T17:15:39.970", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A cross-site scripting vulnerability exists in the AccuWeather and Custom RSS widget that allows an unauthenticated user to replace the RSS feed URL with a malicious one." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de cross site scripting en el widget AccuWeather y Custom RSS que permite que un usuario no autenticado reemplace la URL de la fuente RSS por una maliciosa." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-50xx/CVE-2025-5087.json b/CVE-2025/CVE-2025-50xx/CVE-2025-5087.json index 9076993715b..dc2c716664e 100644 --- a/CVE-2025/CVE-2025-50xx/CVE-2025-5087.json +++ b/CVE-2025/CVE-2025-50xx/CVE-2025-5087.json @@ -2,13 +2,17 @@ "id": "CVE-2025-5087", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2025-06-24T19:15:23.757", - "lastModified": "2025-06-24T19:15:23.757", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Kaleris NAVIS N4 ULC (Ultra Light Client) communicates insecurely using zlib-compressed data over HTTP. An attacker capable of observing network traffic between Ultra Light Clients and N4 servers can extract sensitive information, including plaintext credentials." + }, + { + "lang": "es", + "value": "Kaleris NAVIS N4 ULC (Cliente Ultraligero) se comunica de forma insegura mediante datos comprimidos con zlib a trav\u00e9s de HTTP. Un atacante capaz de observar el tr\u00e1fico de red entre los Clientes Ultraligeros y los servidores N4 podr\u00eda extraer informaci\u00f3n confidencial, incluidas credenciales en texto plano." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-516xx/CVE-2025-51671.json b/CVE-2025/CVE-2025-516xx/CVE-2025-51671.json index eea23d99185..b88d9e31d46 100644 --- a/CVE-2025/CVE-2025-516xx/CVE-2025-51671.json +++ b/CVE-2025/CVE-2025-516xx/CVE-2025-51671.json @@ -2,8 +2,8 @@ "id": "CVE-2025-51671", "sourceIdentifier": "cve@mitre.org", "published": "2025-06-26T16:15:31.147", - "lastModified": "2025-06-26T16:15:31.147", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-516xx/CVE-2025-51672.json b/CVE-2025/CVE-2025-516xx/CVE-2025-51672.json index 77f234eb51c..88923fccd54 100644 --- a/CVE-2025/CVE-2025-516xx/CVE-2025-51672.json +++ b/CVE-2025/CVE-2025-516xx/CVE-2025-51672.json @@ -2,8 +2,8 @@ "id": "CVE-2025-51672", "sourceIdentifier": "cve@mitre.org", "published": "2025-06-26T15:15:23.140", - "lastModified": "2025-06-26T16:15:31.347", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-524xx/CVE-2025-52471.json b/CVE-2025/CVE-2025-524xx/CVE-2025-52471.json index 755d37a5877..e6e5b08f794 100644 --- a/CVE-2025/CVE-2025-524xx/CVE-2025-52471.json +++ b/CVE-2025/CVE-2025-524xx/CVE-2025-52471.json @@ -2,13 +2,17 @@ "id": "CVE-2025-52471", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-24T20:15:26.033", - "lastModified": "2025-06-24T20:15:26.033", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. An integer underflow vulnerability has been identified in the ESP-NOW protocol implementation within the ESP Wi-Fi component of versions 5.4.1, 5.3.3, 5.2.5, and 5.1.6 of the ESP-IDF framework. This issue stems from insufficient validation of user-supplied data length in the packet receive function. Under certain conditions, this may lead to out-of-bounds memory access and may allow arbitrary memory write operations. On systems without a memory protection scheme, this behavior could potentially be used to achieve remote code execution (RCE) on the target device. In versions 5.4.2, 5.3.4, 5.2.6, and 5.1.6, ESP-NOW has added more comprehensive validation logic on user-supplied data length during packet reception to prevent integer underflow caused by negative value calculations. For ESP-IDF v5.3 and earlier, a workaround can be applied by validating that the `data_len` parameter received in the RX callback (registered via `esp_now_register_recv_cb()`) is a positive value before further processing. For ESP-IDF v5.4 and later, no application-level workaround is available. Users are advised to upgrade to a patched version of ESP-IDF to take advantage of the built-in mitigation." + }, + { + "lang": "es", + "value": "ESF-IDF es el framework de desarrollo de Espressif para el Internet de las Cosas (IoT). Se ha identificado una vulnerabilidad de subdesbordamiento de enteros en la implementaci\u00f3n del protocolo ESP-NOW dentro del componente Wi-Fi ESP de las versiones 5.4.1, 5.3.3, 5.2.5 y 5.1.6 del marco ESP-IDF. Este problema se debe a una validaci\u00f3n insuficiente de la longitud de los datos proporcionados por el usuario en la funci\u00f3n de recepci\u00f3n de paquetes. En determinadas circunstancias, esto puede provocar accesos a memoria fuera de los l\u00edmites y permitir operaciones de escritura arbitrarias. En sistemas sin un esquema de protecci\u00f3n de memoria, este comportamiento podr\u00eda utilizarse para lograr la ejecuci\u00f3n remota de c\u00f3digo (RCE) en el dispositivo de destino. En las versiones 5.4.2, 5.3.4, 5.2.6 y 5.1.6, ESP-NOW ha a\u00f1adido una l\u00f3gica de validaci\u00f3n m\u00e1s completa sobre la longitud de los datos proporcionados por el usuario durante la recepci\u00f3n de paquetes para evitar el subdesbordamiento de enteros causado por c\u00e1lculos de valores negativos. Para ESP-IDF v5.3 y versiones anteriores, se puede aplicar una soluci\u00f3n alternativa validando que el par\u00e1metro `data_len` recibido en la devoluci\u00f3n de llamada RX (registrado mediante `esp_now_register_recv_cb()`) sea un valor positivo antes de continuar con el procesamiento. Para ESP-IDF v5.4 y versiones posteriores, no hay ninguna soluci\u00f3n alternativa a nivel de aplicaci\u00f3n. Se recomienda a los usuarios actualizar a una versi\u00f3n parcheada de ESP-IDF para aprovechar la mitigaci\u00f3n integrada." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-524xx/CVE-2025-52477.json b/CVE-2025/CVE-2025-524xx/CVE-2025-52477.json index 36687835422..11ede02c31f 100644 --- a/CVE-2025/CVE-2025-524xx/CVE-2025-52477.json +++ b/CVE-2025/CVE-2025-524xx/CVE-2025-52477.json @@ -2,8 +2,8 @@ "id": "CVE-2025-52477", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-26T17:15:30.897", - "lastModified": "2025-06-26T17:15:30.897", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-524xx/CVE-2025-52479.json b/CVE-2025/CVE-2025-524xx/CVE-2025-52479.json index 8c4ed621c3c..53adf790d2d 100644 --- a/CVE-2025/CVE-2025-524xx/CVE-2025-52479.json +++ b/CVE-2025/CVE-2025-524xx/CVE-2025-52479.json @@ -2,13 +2,17 @@ "id": "CVE-2025-52479", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-25T16:15:27.017", - "lastModified": "2025-06-25T16:15:27.017", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "HTTP.jl provides HTTP client and server functionality for Julia, and URIs.jl parses and works with Uniform Resource Identifiers (URIs). URIs.jl prior to version 1.6.0 and HTTP.jl prior to version 1.10.17 allows the construction of URIs containing CR/LF characters. If user input was not otherwise escaped or protected, this can lead to a CRLF injection attack. Users of HTTP.jl should upgrade immediately to HTTP.jl v1.10.17, and users of URIs.jl should upgrade immediately to URIs.jl v1.6.0. The check for valid URIs is now in the URI.jl package, and the latest version of HTTP.jl incorporates that fix. As a workaround, manually validate any URIs before passing them on to functions in this package." + }, + { + "lang": "es", + "value": "HTTP.jl proporciona funcionalidad de cliente y servidor HTTP para Julia, y URIs.jl analiza y trabaja con Identificadores Uniformes de Recursos (URI). Las versiones anteriores a URIs.jl 1.6.0 y 1.10.17 de HTTP.jl permiten la construcci\u00f3n de URIs con caracteres CR/LF. Si la entrada del usuario no se escapa ni se protege de otra forma, puede provocar un ataque de inyecci\u00f3n CRLF. Los usuarios de HTTP.jl deben actualizar inmediatamente a HTTP.jl v1.10.17 y URIs.jl v1.6.0. La comprobaci\u00f3n de URIs v\u00e1lidos ahora se encuentra en el paquete URI.jl, y la \u00faltima versi\u00f3n de HTTP.jl incorpora esta correcci\u00f3n. Como soluci\u00f3n alternativa, valide manualmente cualquier URI antes de pasarlo a las funciones de este paquete." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-524xx/CVE-2025-52480.json b/CVE-2025/CVE-2025-524xx/CVE-2025-52480.json index 8ad688a3bc9..b851b66d647 100644 --- a/CVE-2025/CVE-2025-524xx/CVE-2025-52480.json +++ b/CVE-2025/CVE-2025-524xx/CVE-2025-52480.json @@ -2,13 +2,17 @@ "id": "CVE-2025-52480", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-25T17:15:38.590", - "lastModified": "2025-06-25T17:15:38.590", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Registrator is a GitHub app that automates creation of registration pull requests for julia packages to the General registry. Prior to version 1.9.5, if the clone URL returned by GitHub is malicious (or can be injected using upstream vulnerabilities), an argument injection is possible in the `gettreesha()` function. This can then lead to a potential remote code execution. Users should upgrade immediately to v1.9.5 to receive a patch. All prior versions are vulnerable. No known workarounds are available." + }, + { + "lang": "es", + "value": "Registrator es una aplicaci\u00f3n de GitHub que automatiza la creaci\u00f3n de solicitudes de extracci\u00f3n de registro para paquetes de Julia en el registro general. Antes de la versi\u00f3n 1.9.5, si la URL del clon devuelta por GitHub era maliciosa (o pod\u00eda inyectarse mediante vulnerabilidades de origen), era posible inyectar argumentos en la funci\u00f3n `gettreesha()`. Esto podr\u00eda provocar una posible ejecuci\u00f3n remota de c\u00f3digo. Los usuarios deben actualizar inmediatamente a la versi\u00f3n 1.9.5 para recibir un parche. Todas las versiones anteriores son vulnerables. No se conocen soluciones alternativas." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-524xx/CVE-2025-52483.json b/CVE-2025/CVE-2025-524xx/CVE-2025-52483.json index 08278a3537c..101256e11e0 100644 --- a/CVE-2025/CVE-2025-524xx/CVE-2025-52483.json +++ b/CVE-2025/CVE-2025-524xx/CVE-2025-52483.json @@ -2,13 +2,17 @@ "id": "CVE-2025-52483", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-25T17:15:38.740", - "lastModified": "2025-06-25T17:15:38.740", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Registrator is a GitHub app that automates creation of registration pull requests for julia packages to the General registry. Prior to version 1.9.5, if the clone URL returned by GitHub is malicious (or can be injected using upstream vulnerabilities) a shell script injection can occur within the `withpasswd` function. Alternatively, an argument injection is possible in the `gettreesha `function. either of these can then lead to a potential RCE. Users should upgrade immediately to v1.9.5 to receive a fix. All prior versions are vulnerable. No known workarounds are available." + }, + { + "lang": "es", + "value": "Registrator es una aplicaci\u00f3n de GitHub que automatiza la creaci\u00f3n de solicitudes de extracci\u00f3n de registro para paquetes de Julia en el registro general. Antes de la versi\u00f3n 1.9.5, si la URL de clonaci\u00f3n devuelta por GitHub era maliciosa (o pod\u00eda inyectarse mediante vulnerabilidades de origen), se pod\u00eda inyectar un script de shell en la funci\u00f3n `withpasswd`. Alternativamente, se puede inyectar un argumento en la funci\u00f3n `gettreesha`. Cualquiera de estas opciones puede provocar una posible RCE. Los usuarios deben actualizar inmediatamente a la versi\u00f3n 1.9.5 para obtener una soluci\u00f3n. Todas las versiones anteriores son vulnerables. No se conocen soluciones alternativas." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-525xx/CVE-2025-52558.json b/CVE-2025/CVE-2025-525xx/CVE-2025-52558.json index 3b570abb083..e3cd7a83b79 100644 --- a/CVE-2025/CVE-2025-525xx/CVE-2025-52558.json +++ b/CVE-2025/CVE-2025-525xx/CVE-2025-52558.json @@ -2,13 +2,17 @@ "id": "CVE-2025-52558", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-23T21:15:26.423", - "lastModified": "2025-06-23T21:15:26.423", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "changedetection.io is a free open source web page change detection, website watcher, restock monitor and notification service. Prior to version 0.50.4, errors in filters from website page change detection watches were not being filtered resulting in a cross-site scripting (XSS) vulnerability. This issue has been patched in version 0.50.4" + }, + { + "lang": "es", + "value": "changedetection.io es un servicio gratuito de c\u00f3digo abierto que detecta cambios en p\u00e1ginas web, vigila sitios web, monitoriza reabastecimiento y notifica. Antes de la versi\u00f3n 0.50.4, los errores en los filtros de los vigilantes de detecci\u00f3n de cambios en p\u00e1ginas web no se filtraban, lo que provocaba una vulnerabilidad de cross-site scripting (XSS). Este problema se ha corregido en la versi\u00f3n 0.50.4." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-525xx/CVE-2025-52560.json b/CVE-2025/CVE-2025-525xx/CVE-2025-52560.json index 1ef50eaa3af..e799b06e7b5 100644 --- a/CVE-2025/CVE-2025-525xx/CVE-2025-52560.json +++ b/CVE-2025/CVE-2025-525xx/CVE-2025-52560.json @@ -2,13 +2,17 @@ "id": "CVE-2025-52560", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-24T03:15:34.653", - "lastModified": "2025-06-24T03:15:34.653", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.46, Kanboard allows password reset emails to be sent with URLs derived from the unvalidated Host header when the application_url configuration is unset (default behavior). This allows an attacker to craft a malicious password reset link that leaks the token to an attacker-controlled domain. If a victim (including an administrator) clicks the poisoned link, their account can be taken over. This affects all users who initiate a password reset while application_url is not set. This issue has been patched in version 1.2.46." + }, + { + "lang": "es", + "value": "Kanboard es un software de gesti\u00f3n de proyectos basado en la metodolog\u00eda Kanban. Antes de la versi\u00f3n 1.2.46, Kanboard permit\u00eda el env\u00edo de correos electr\u00f3nicos de restablecimiento de contrase\u00f1a con URL derivadas del encabezado Host no validado cuando la configuraci\u00f3n application_url no estaba configurada (comportamiento predeterminado). Esto permite a un atacante manipular un enlace malicioso de restablecimiento de contrase\u00f1a que filtra el token a un dominio controlado por el atacante. Si una v\u00edctima (incluido un administrador) hace clic en el enlace envenenado, su cuenta puede ser interceptada. Esto afecta a todos los usuarios que inicien un restablecimiento de contrase\u00f1a sin que la configuraci\u00f3n application_url est\u00e9 configurada. Este problema se ha corregido en la versi\u00f3n 1.2.46." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-525xx/CVE-2025-52561.json b/CVE-2025/CVE-2025-525xx/CVE-2025-52561.json index 7e131435880..b246b8d45ba 100644 --- a/CVE-2025/CVE-2025-525xx/CVE-2025-52561.json +++ b/CVE-2025/CVE-2025-525xx/CVE-2025-52561.json @@ -2,13 +2,17 @@ "id": "CVE-2025-52561", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-23T21:15:26.570", - "lastModified": "2025-06-23T21:15:26.570", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "HTMLSanitizer.jl is a Whitelist-based HTML sanitizer. Prior to version 0.2.1, when adding the style tag to the whitelist, content inside the tag is incorrectly unescaped, and closing tags injected as content are interpreted as real HTML, enabling tag injection and JavaScript execution. This could result in possible cross-site scripting (XSS) in any HTML that is sanitized with this library. This issue has been patched in version 0.2.1. A workaround involves adding the math and svg elements to the whitelist manually." + }, + { + "lang": "es", + "value": "HTMLSanitizer.jl es un depurador de HTML basado en listas blancas. Antes de la versi\u00f3n 0.2.1, al a\u00f1adir la etiqueta de estilo a la lista blanca, el contenido dentro de la etiqueta se eliminaba incorrectamente del escape, y las etiquetas de cierre inyectadas como contenido se interpretaban como HTML real, lo que permit\u00eda la inyecci\u00f3n de etiquetas y la ejecuci\u00f3n de JavaScript. Esto pod\u00eda provocar cross-site scripting (XSS) en cualquier HTML depurado con esta librer\u00eda. Este problema se ha corregido en la versi\u00f3n 0.2.1. Una soluci\u00f3n alternativa consiste en a\u00f1adir manualmente los elementos math y SVG a la lista blanca." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-525xx/CVE-2025-52562.json b/CVE-2025/CVE-2025-525xx/CVE-2025-52562.json index f376aca092f..9470087df15 100644 --- a/CVE-2025/CVE-2025-525xx/CVE-2025-52562.json +++ b/CVE-2025/CVE-2025-525xx/CVE-2025-52562.json @@ -2,13 +2,17 @@ "id": "CVE-2025-52562", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-23T21:15:26.710", - "lastModified": "2025-06-23T21:15:26.710", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Convoy is a KVM server management panel for hosting businesses. In versions 3.9.0-rc3 to before 4.4.1, there is a directory traversal vulnerability in the LocaleController component of Performave Convoy. An unauthenticated remote attacker can exploit this vulnerability by sending a specially crafted HTTP request with malicious locale and namespace parameters. This allows the attacker to include and execute arbitrary PHP files on the server. This issue has been patched in version 4.4.1. A temporary workaround involves implementing strict Web Application Firewall (WAF) rules to incoming requests targeting the vulnerable endpoints." + }, + { + "lang": "es", + "value": "Convoy es un panel de administraci\u00f3n de servidores KVM para empresas de hosting. En las versiones 3.9.0-rc3 y anteriores a la 4.4.1, existe una vulnerabilidad de navegaci\u00f3n de directorios en el componente LocaleController de Performave Convoy. Un atacante remoto no autenticado puede explotar esta vulnerabilidad enviando una solicitud HTTP especialmente manipulada con par\u00e1metros de configuraci\u00f3n regional y de espacio de nombres maliciosos. Esto permite al atacante incluir y ejecutar archivos PHP arbitrarios en el servidor. Este problema se ha corregido en la versi\u00f3n 4.4.1. Una soluci\u00f3n temporal consiste en implementar reglas estrictas de firewall de aplicaciones web (WAF) para las solicitudes entrantes dirigidas a los endpoints vulnerables." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-525xx/CVE-2025-52566.json b/CVE-2025/CVE-2025-525xx/CVE-2025-52566.json index 6d2680eca9f..bc841406119 100644 --- a/CVE-2025/CVE-2025-525xx/CVE-2025-52566.json +++ b/CVE-2025/CVE-2025-525xx/CVE-2025-52566.json @@ -2,13 +2,17 @@ "id": "CVE-2025-52566", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-24T04:15:46.967", - "lastModified": "2025-06-24T22:15:22.490", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "llama.cpp is an inference of several LLM models in C/C++. Prior to version b5721, there is a signed vs. unsigned integer overflow in llama.cpp's tokenizer implementation (llama_vocab::tokenize) (src/llama-vocab.cpp:3036) resulting in unintended behavior in tokens copying size comparison. Allowing heap-overflowing llama.cpp inferencing engine with carefully manipulated text input during tokenization process. This issue has been patched in version b5721." + }, + { + "lang": "es", + "value": "llama.cpp es una inferencia de varios modelos LLM en C/C++. Antes de la versi\u00f3n b5721, se produc\u00eda un desbordamiento de enteros con signo y sin signo en la implementaci\u00f3n del tokenizador de llama.cpp (llama_vocab::tokenize) (src/llama-vocab.cpp:3036), lo que provocaba un comportamiento no deseado al comparar el tama\u00f1o de copia de tokens. Esto permit\u00eda el desbordamiento del mont\u00f3n del motor de inferencia de llama.cpp con una entrada de texto cuidadosamente manipulada durante el proceso de tokenizaci\u00f3n. Este problema se ha corregido en la versi\u00f3n b5721." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-525xx/CVE-2025-52568.json b/CVE-2025/CVE-2025-525xx/CVE-2025-52568.json index 0a9dfe5e1c4..2397cf2ad36 100644 --- a/CVE-2025/CVE-2025-525xx/CVE-2025-52568.json +++ b/CVE-2025/CVE-2025-525xx/CVE-2025-52568.json @@ -2,13 +2,17 @@ "id": "CVE-2025-52568", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-24T04:15:49.693", - "lastModified": "2025-06-24T04:15:49.693", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "NeKernal is a free and open-source operating system stack. Prior to version 0.0.3, there are several memory safety issues that can lead to memory corruption, disk image corruption, denial of service, and potential code execution. These issues stem from unchecked memory operations, unsafe typecasting, and improper input validation. This issue has been patched in version 0.0.3." + }, + { + "lang": "es", + "value": "NeKernal es un sistema operativo gratuito y de c\u00f3digo abierto. Antes de la versi\u00f3n 0.0.3, exist\u00edan varios problemas de seguridad de memoria que pod\u00edan provocar corrupci\u00f3n de memoria, corrupci\u00f3n de im\u00e1genes de disco, denegaci\u00f3n de servicio y posible ejecuci\u00f3n de c\u00f3digo. Estos problemas se deben a operaciones de memoria sin control, conversi\u00f3n de tipos insegura y validaci\u00f3n de entrada incorrecta. Este problema se ha corregido en la versi\u00f3n 0.0.3." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-525xx/CVE-2025-52569.json b/CVE-2025/CVE-2025-525xx/CVE-2025-52569.json index 1810f118263..faee188db54 100644 --- a/CVE-2025/CVE-2025-525xx/CVE-2025-52569.json +++ b/CVE-2025/CVE-2025-525xx/CVE-2025-52569.json @@ -2,13 +2,17 @@ "id": "CVE-2025-52569", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-25T17:15:38.883", - "lastModified": "2025-06-25T17:15:38.883", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "GitForge.jl is a unified interface for interacting with Git \"forges.\" Versions prior to 5.9.1 lack input validation of input validation for user-provided values in certain functions. In the `GitHub.repo()` function, the user can provide any string for the `repo_name` field. These inputs are not validated or safely encoded and are sent directly to the server. This means a user can add path traversal patterns like `../` in the input to access any other endpoints on `api.github.com` that were not intended. Users should upgrade immediately to v5.9.1 or later to receive a patch. All prior versions are vulnerable. No known workarounds are available." + }, + { + "lang": "es", + "value": "GitForge.jl es una interfaz unificada para interactuar con las forjas de Git. Las versiones anteriores a la 5.9.1 carecen de validaci\u00f3n de entrada para los valores proporcionados por el usuario en ciertas funciones. En la funci\u00f3n `GitHub.repo()`, el usuario puede proporcionar cualquier cadena para el campo `repo_name`. Estas entradas no se validan ni codifican de forma segura y se env\u00edan directamente al servidor. Esto significa que un usuario puede a\u00f1adir patrones de path traversal como `../` en la entrada para acceder a cualquier otro endpoint en `api.github.com` que no estaba previsto. Los usuarios deben actualizar inmediatamente a la versi\u00f3n 5.9.1 o posterior para recibir un parche. Todas las versiones anteriores son vulnerables. No se conocen soluciones alternativas." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-525xx/CVE-2025-52570.json b/CVE-2025/CVE-2025-525xx/CVE-2025-52570.json index 0c2fe532c10..bfad09861b3 100644 --- a/CVE-2025/CVE-2025-525xx/CVE-2025-52570.json +++ b/CVE-2025/CVE-2025-525xx/CVE-2025-52570.json @@ -2,13 +2,17 @@ "id": "CVE-2025-52570", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-24T04:15:50.360", - "lastModified": "2025-06-24T04:15:50.360", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Letmein is an authenticating port knocker. Prior to version 10.2.1, The connection limiter is implemented incorrectly. It allows an arbitrary amount of simultaneously incoming connections (TCP, UDP and Unix socket) for the services letmeind and letmeinfwd. Therefore, the command line option num-connections is not effective and does not limit the number of simultaneously incoming connections. This issue has been patched in version 10.2.1." + }, + { + "lang": "es", + "value": "Letmein es un bloqueador de puertos de autenticaci\u00f3n. Antes de la versi\u00f3n 10.2.1, el limitador de conexiones estaba implementado incorrectamente. Permit\u00eda un n\u00famero arbitrario de conexiones entrantes simult\u00e1neas (TCP, UDP y socket Unix) para los servicios letmeind y letmeinfwd. Por lo tanto, la opci\u00f3n de l\u00ednea de comandos num-connections no es efectiva y no limita el n\u00famero de conexiones entrantes simult\u00e1neas. Este problema se ha corregido en la versi\u00f3n 10.2.1." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-525xx/CVE-2025-52571.json b/CVE-2025/CVE-2025-525xx/CVE-2025-52571.json index 328e01c81ff..44b58216b21 100644 --- a/CVE-2025/CVE-2025-525xx/CVE-2025-52571.json +++ b/CVE-2025/CVE-2025-525xx/CVE-2025-52571.json @@ -2,13 +2,17 @@ "id": "CVE-2025-52571", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-24T20:15:26.213", - "lastModified": "2025-06-24T20:15:26.213", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Hikka is a Telegram userbot. A vulnerability affects all users of versions below 1.6.2, including most of the forks. It allows an unauthenticated attacker to gain access to Telegram account of a victim, as well as full access to the server. The issue is patched in version 1.6.2. No known workarounds are available." + }, + { + "lang": "es", + "value": "Hikka es un bot de usuario de Telegram. Una vulnerabilidad afecta a todos los usuarios de versiones anteriores a la 1.6.2, incluyendo la mayor\u00eda de las bifurcaciones. Permite a un atacante no autenticado acceder a la cuenta de Telegram de la v\u00edctima, as\u00ed como a todo el servidor. El problema est\u00e1 corregido en la versi\u00f3n 1.6.2. No se conocen soluciones alternativas." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-525xx/CVE-2025-52572.json b/CVE-2025/CVE-2025-525xx/CVE-2025-52572.json index 922cb9bb1a9..d4e5136d284 100644 --- a/CVE-2025/CVE-2025-525xx/CVE-2025-52572.json +++ b/CVE-2025/CVE-2025-525xx/CVE-2025-52572.json @@ -2,13 +2,17 @@ "id": "CVE-2025-52572", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-24T21:15:25.463", - "lastModified": "2025-06-24T21:15:25.463", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Hikka, a Telegram userbot, has vulnerability affects all users on all versions of Hikka. Two scenarios are possible. 1. Web interface does not have an authenticated session: attacker can use his own Telegram account to gain RCE to the server by authorizing in the dangling web interface. 2. Web interface does have an authenticated session: due to insufficient warning in the authentication message, users were tempted to click \"Allow\" in the \"Allow web application ops\" menu. This gave an attacker access not only to remote code execution, but also to Telegram accounts of owners. Scenario number 2 is known to have been exploited in the wild. No known patches are available, but some workarounds are available. Use `--no-web` flag and do not start userbot without it; after authorizing in the web interface, close the port on the server and/or start the userbot with `--no-web` flag; and do not click \"Allow\" in your helper bot unless it is your explicit action that needs to be allowed." + }, + { + "lang": "es", + "value": "Hikka, un bot de usuario de Telegram, presenta una vulnerabilidad que afecta a todos los usuarios en todas las versiones de Hikka. Existen dos escenarios posibles: 1. La interfaz web no tiene una sesi\u00f3n autenticada: el atacante puede usar su propia cuenta de Telegram para acceder al servidor mediante la autorizaci\u00f3n en la interfaz web inactiva. 2. La interfaz web s\u00ed tiene una sesi\u00f3n autenticada: debido a una advertencia insuficiente en el mensaje de autenticaci\u00f3n, los usuarios se vieron tentados a hacer clic en \"Permitir\" en el men\u00fa \"Permitir operaciones de aplicaciones web\". Esto permiti\u00f3 al atacante acceder no solo a la ejecuci\u00f3n remota de c\u00f3digo, sino tambi\u00e9n a las cuentas de Telegram de los propietarios. Se sabe que el escenario n\u00famero 2 ha sido explotado in situ. No existen parches conocidos, pero existen algunas soluciones alternativas. Use el indicador `--no-web` y no inicie el bot de usuario sin \u00e9l; despu\u00e9s de autorizar en la interfaz web, cierre el puerto en el servidor o inicie el bot de usuario con el indicador `--no-web`; y no haga clic en \"Permitir\" en su bot auxiliar a menos que sea su acci\u00f3n expl\u00edcita la que deba permitirse." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-525xx/CVE-2025-52573.json b/CVE-2025/CVE-2025-525xx/CVE-2025-52573.json index 7b3dfb4b830..c13aee30912 100644 --- a/CVE-2025/CVE-2025-525xx/CVE-2025-52573.json +++ b/CVE-2025/CVE-2025-525xx/CVE-2025-52573.json @@ -2,8 +2,8 @@ "id": "CVE-2025-52573", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-26T14:15:30.577", - "lastModified": "2025-06-26T14:15:30.577", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-525xx/CVE-2025-52574.json b/CVE-2025/CVE-2025-525xx/CVE-2025-52574.json index 701cc577fa6..ca0112a2fd2 100644 --- a/CVE-2025/CVE-2025-525xx/CVE-2025-52574.json +++ b/CVE-2025/CVE-2025-525xx/CVE-2025-52574.json @@ -2,8 +2,8 @@ "id": "CVE-2025-52574", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-24T03:15:34.797", - "lastModified": "2025-06-24T03:15:34.797", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-525xx/CVE-2025-52576.json b/CVE-2025/CVE-2025-525xx/CVE-2025-52576.json index f5e3803afdc..9f664954168 100644 --- a/CVE-2025/CVE-2025-525xx/CVE-2025-52576.json +++ b/CVE-2025/CVE-2025-525xx/CVE-2025-52576.json @@ -2,13 +2,17 @@ "id": "CVE-2025-52576", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-25T17:15:39.023", - "lastModified": "2025-06-25T18:15:22.537", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.46, Kanboard is vulnerable to username enumeration and IP spoofing-based brute-force protection bypass. By analyzing login behavior and abusing trusted HTTP headers, an attacker can determine valid usernames and circumvent rate-limiting or blocking mechanisms. Any organization running a publicly accessible Kanboard instance is affected, especially if relying on IP-based protections like Fail2Ban or CAPTCHA for login rate-limiting. Attackers with access to the login page can exploit this flaw to enumerate valid usernames and bypass IP-based blocking mechanisms, putting all user accounts at higher risk of brute-force or credential stuffing attacks. Version 1.2.46 contains a patch for the issue." + }, + { + "lang": "es", + "value": "Kanboard es un software de gesti\u00f3n de proyectos centrado en la metodolog\u00eda Kanban. Antes de la versi\u00f3n 1.2.46, Kanboard era vulnerable a la enumeraci\u00f3n de nombres de usuario y a la elusi\u00f3n de la protecci\u00f3n por fuerza bruta basada en suplantaci\u00f3n de IP. Al analizar el comportamiento de inicio de sesi\u00f3n y abusar de los encabezados HTTP de confianza, un atacante puede determinar nombres de usuario v\u00e1lidos y eludir los mecanismos de limitaci\u00f3n o bloqueo. Cualquier organizaci\u00f3n que ejecute una instancia de Kanboard de acceso p\u00fablico se ve afectada, especialmente si utiliza protecciones basadas en IP como Fail2Ban o CAPTCHA para la limitaci\u00f3n de la tasa de inicio de sesi\u00f3n. Los atacantes con acceso a la p\u00e1gina de inicio de sesi\u00f3n pueden explotar esta vulnerabilidad para enumerar nombres de usuario v\u00e1lidos y eludir los mecanismos de bloqueo basados en IP, lo que aumenta el riesgo de ataques de fuerza bruta o robo de credenciales. La versi\u00f3n 1.2.46 incluye un parche para solucionar este problema." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-528xx/CVE-2025-52880.json b/CVE-2025/CVE-2025-528xx/CVE-2025-52880.json index 13c7b6f61fb..485fb7ab707 100644 --- a/CVE-2025/CVE-2025-528xx/CVE-2025-52880.json +++ b/CVE-2025/CVE-2025-528xx/CVE-2025-52880.json @@ -2,13 +2,17 @@ "id": "CVE-2025-52880", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-24T20:15:26.373", - "lastModified": "2025-06-24T20:15:26.373", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Komga is a media server for comics, mangas, BDs, magazines and eBooks. A Cross-Site Scripting (XSS) vulnerability has been discovered in versions 1.8.0 through 1.21.3 when serving EPUB resources, either directly from the API, or when reading using the epub reader. The vulnerability lets an attacker perform actions on the victim's behalf. When targeting an admin user, this can be combined with controlling a server-side command to achieve arbitrary code execution. For this vulnerability to be exploited, a malicious EPUB file has to be present in a Komga library, and subsequently accessed in the Epub reader by an admin user. Version 1.22.0 contains a patch for the issue." + }, + { + "lang": "es", + "value": "Komga es un servidor multimedia para c\u00f3mics, mangas, BD, revistas y eBooks. Se ha descubierto una vulnerabilidad de Cross-Site Scripting (XSS) en las versiones 1.8.0 a 1.21.3 al servir recursos EPUB, ya sea directamente desde la API o al leerlos con el lector de EPUB. Esta vulnerabilidad permite a un atacante realizar acciones en nombre de la v\u00edctima. Al atacar a un usuario administrador, esto puede combinarse con el control de un comando del servidor para ejecutar c\u00f3digo arbitrario. Para explotar esta vulnerabilidad, es necesario que un archivo EPUB malicioso est\u00e9 presente en una librer\u00eda de Komga y que un usuario administrador acceda a \u00e9l en el lector de EPUB. La versi\u00f3n 1.22.0 contiene un parche para este problema." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-528xx/CVE-2025-52882.json b/CVE-2025/CVE-2025-528xx/CVE-2025-52882.json index dc28bbf2521..e1239d9b0ac 100644 --- a/CVE-2025/CVE-2025-528xx/CVE-2025-52882.json +++ b/CVE-2025/CVE-2025-528xx/CVE-2025-52882.json @@ -2,13 +2,17 @@ "id": "CVE-2025-52882", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-24T20:15:26.543", - "lastModified": "2025-06-24T20:15:26.543", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Claude Code is an agentic coding tool. Claude Code extensions in VSCode and forks (e.g., Cursor, Windsurf, and VSCodium) and JetBrains IDEs (e.g., IntelliJ, Pycharm, and Android Studio) are vulnerable to unauthorized websocket connections from an attacker when visiting attacker-controlled webpages. Claude Code for VSCode IDE extensions versions 0.2.116 through 1.0.23 are vulnerable. For Jetbrains IDE plugins, Claude Code [beta] versions 0.1.1 through 0.1.8 are vulnerable. In VSCode (and forks), exploitation would allow an attacker to read arbitrary files, see the list of files open in the IDE, get selection and diagnostics events from the IDE, or execute code in limited situations where a user has an open Jupyter Notebook and accepts a malicious prompt. In JetBrains IDEs, an attacker could get selection events, a list of open files, and a list of syntax errors. Claude released a patch for this issue on June 13th, 2025. Although Claude Code auto-updates when a user launch it and auto-updates the extensions, users should take the following steps, though the exact steps depend on one's integrated development environment (IDE). For VSCode, Cursor, Windsurf, VSCodium, and other VSCode forks, check the extension Claude Code for VSCode. Open the list of Extensions (View->Extensions), look for Claude Code for VSCode among installed extensions, update or uninstall any version prior to 1.0.24, and restart the IDE. For JetBrains IDEs including IntelliJ, PyCharm, and Android Studio, check the plugin Claude Code [Beta]. Open the Plugins list, look for Claude Code [Beta] among installed extensions, update or uninstall any version prior to 0.1.9, and restart the IDE." + }, + { + "lang": "es", + "value": "Claude Code es una herramienta de codificaci\u00f3n agentica. Las extensiones de Claude Code en VSCode y sus bifurcaciones (p. ej., Cursor, Windsurf y VSCodium) y los IDE de JetBrains (p. ej., IntelliJ, Pycharm y Android Studio) son vulnerables a conexiones websocket no autorizadas de un atacante al visitar p\u00e1ginas web controladas por el atacante. Las extensiones de Claude Code para VSCode IDE, versiones 0.2.116 a 1.0.23, son vulnerables. Para los complementos de Jetbrains IDE, las versiones 0.1.1 a 0.1.8 de Claude Code [beta] son vulnerables. En VSCode (y sus bifurcaciones), la explotaci\u00f3n permitir\u00eda a un atacante leer archivos arbitrarios, ver la lista de archivos abiertos en el IDE, obtener eventos de selecci\u00f3n y diagn\u00f3stico del IDE, o ejecutar c\u00f3digo en situaciones limitadas donde un usuario tiene un Jupyter Notebook abierto y acepta un mensaje malicioso. En los IDE de JetBrains, un atacante podr\u00eda obtener eventos de selecci\u00f3n, una lista de archivos abiertos y una lista de errores de sintaxis. Claude public\u00f3 un parche para este problema el 13 de junio de 2025. Aunque Claude Code se actualiza autom\u00e1ticamente al iniciarlo y tambi\u00e9n actualiza las extensiones, se recomienda seguir los pasos que se indican a continuaci\u00f3n, aunque los pasos exactos dependen del entorno de desarrollo integrado (IDE) de cada usuario. Para VSCode, Cursor, Windsurf, VSCodium y otras bifurcaciones de VSCode, consulte la extensi\u00f3n Claude Code para VSCode. Abra la lista de extensiones (Ver->Extensiones), busque Claude Code para VSCode entre las extensiones instaladas, actualice o desinstale cualquier versi\u00f3n anterior a la 1.0.24 y reinicie el IDE. Para los IDE de JetBrains, como IntelliJ, PyCharm y Android Studio, consulte el complemento Claude Code [Beta]. Abra la lista de complementos, busque Claude Code [Beta] entre las extensiones instaladas, actualice o desinstale cualquier versi\u00f3n anterior a la 0.1.9 y reinicie el IDE." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-528xx/CVE-2025-52883.json b/CVE-2025/CVE-2025-528xx/CVE-2025-52883.json index b181f239909..31067ddcfca 100644 --- a/CVE-2025/CVE-2025-528xx/CVE-2025-52883.json +++ b/CVE-2025/CVE-2025-528xx/CVE-2025-52883.json @@ -2,13 +2,17 @@ "id": "CVE-2025-52883", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-24T21:15:26.030", - "lastModified": "2025-06-24T21:15:26.030", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Meshtastic-Android is an Android application for the mesh radio software Meshtastic. Prior to version 2.5.21, an attacker is able to send an unencrypted direct message to a victim impersonating any other node of the mesh. This message will be displayed in the same chat that the victim normally communicates with the other node and it will appear as using PKC, while it is not. This means that the victim will be provided with a false sense of security due to the green padlock displayed when using PKC and they'll read the attacker's message as legitimate. Version 2.5.21 contains a patch for the issue. It is suggested to implement a stricter control on whether a message has been received using PKC or using the shared Meshtastic channel key. Moreover, instead of showing no green padlock icon in the chat with no PKC, consider using an explicit indicator like, for example, the yellow half-open padlock displayed when in HAM mode. This remediation, however, applies to the client applications rather than the Meshtastic firmware." + }, + { + "lang": "es", + "value": "Meshtastic-Android es una aplicaci\u00f3n Android para el software de radio en malla Meshtastic. Antes de la versi\u00f3n 2.5.21, un atacante pod\u00eda enviar un mensaje directo sin cifrar a una v\u00edctima haci\u00e9ndose pasar por cualquier otro nodo de la malla. Este mensaje se mostraba en el mismo chat en el que la v\u00edctima se comunicaba normalmente con el otro nodo y aparentaba usar PKC, aunque no lo era. Esto significa que la v\u00edctima se sentir\u00eda insegura debido al candado verde que se muestra al usar PKC y que interpretar\u00eda el mensaje del atacante como leg\u00edtimo. La versi\u00f3n 2.5.21 incluye una soluci\u00f3n para este problema. Se recomienda implementar un control m\u00e1s estricto sobre si un mensaje se recibi\u00f3 usando PKC o la clave de canal compartida de Meshtastic. Adem\u00e1s, en lugar de no mostrar el icono del candado verde en el chat sin PKC, considere usar un indicador expl\u00edcito como, por ejemplo, el candado amarillo entreabierto que se muestra en modo HAM. Sin embargo, esta soluci\u00f3n se aplica a las aplicaciones cliente, no al firmware de Meshtastic. " } ], "metrics": { diff --git a/CVE-2025/CVE-2025-528xx/CVE-2025-52884.json b/CVE-2025/CVE-2025-528xx/CVE-2025-52884.json index eee0a534c34..81a0f38dea8 100644 --- a/CVE-2025/CVE-2025-528xx/CVE-2025-52884.json +++ b/CVE-2025/CVE-2025-528xx/CVE-2025-52884.json @@ -2,13 +2,17 @@ "id": "CVE-2025-52884", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-24T21:15:26.207", - "lastModified": "2025-06-24T21:15:26.207", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "RISC Zero is a zero-knowledge verifiable general computing platform, with Ethereum integration. The risc0-ethereum repository contains Solidity verifier contracts, Steel EVM view call library, and supporting code. Prior to versions 2.1.1 and 2.2.0, the `Steel.validateCommitment` Solidity library function will return `true` for a crafted commitment with a digest value of zero. This violates the semantics of `validateCommitment`, as this does not commitment to a block that is in the current chain. Because the digest is zero, it does not correspond to any block and there exist no known openings. As a result, this commitment will never be produced by a correct zkVM guest using Steel and leveraging this bug to compromise the soundness of a program using Steel would require a separate bug or misuse of the Steel library, which is expected to be used to validate the root of state opening proofs. A fix has been released as part of `risc0-ethereum` 2.1.1 and 2.2.0. Users for the `Steel` Solidity library versions 2.1.0 or earlier should ensure they are using `Steel.validateCommitment` in tandem with zkVM proof verification of a Steel program, as shown in the ERC-20 counter example, and documentation. This is the correct usage of Steel, and users following this pattern are not at risk, and do not need to take action. Users not verifying a zkVM proof of a Steel program should update their application to do so, as this is incorrect usage of Steel." + }, + { + "lang": "es", + "value": "RISC Zero es una plataforma inform\u00e1tica general verificable de conocimiento cero, con integraci\u00f3n con Ethereum. El repositorio risc0-ethereum contiene los contratos del verificador de Solidity, la librer\u00eda de llamadas de vista Steel EVM y c\u00f3digo de soporte. En versiones anteriores a la 2.1.1 y la 2.2.0, la funci\u00f3n de la librer\u00eda de Solidity `Steel.validateCommitment` devolv\u00eda `true` para un compromiso manipulado con un valor de resumen de cero. Esto viola la sem\u00e1ntica de `validateCommitment`, ya que no se compromete con un bloque que est\u00e9 en la cadena actual. Dado que el resumen es cero, no corresponde a ning\u00fan bloque y no existen aperturas conocidas. Como resultado, este compromiso nunca ser\u00e1 producido por un invitado zkVM correcto que utilice Steel, y aprovechar este error para comprometer la solidez de un programa que utilice Steel requerir\u00eda un error separado o un mal uso de la librer\u00eda Steel, que se espera que se utilice para validar la ra\u00edz de las pruebas de apertura de estado. Se ha publicado una correcci\u00f3n como parte de `risc0-ethereum` 2.1.1 y 2.2.0. Los usuarios de la librer\u00eda `Steel` de Solidity, versiones 2.1.0 o anteriores, deben asegurarse de usar `Steel.validateCommitment` junto con la verificaci\u00f3n de pruebas de zkVM de un programa Steel, como se muestra en el contraejemplo ERC-20 y la documentaci\u00f3n. Este es el uso correcto de Steel, y los usuarios que siguen este patr\u00f3n no corren ning\u00fan riesgo y no necesitan tomar medidas. Los usuarios que no verifiquen una prueba de zkVM de un programa Steel deben actualizar su aplicaci\u00f3n para hacerlo, ya que este es un uso incorrecto de Steel." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-528xx/CVE-2025-52887.json b/CVE-2025/CVE-2025-528xx/CVE-2025-52887.json index 854aa096d7b..8a04b820bde 100644 --- a/CVE-2025/CVE-2025-528xx/CVE-2025-52887.json +++ b/CVE-2025/CVE-2025-528xx/CVE-2025-52887.json @@ -2,8 +2,8 @@ "id": "CVE-2025-52887", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-26T15:15:23.350", - "lastModified": "2025-06-26T15:15:23.350", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-528xx/CVE-2025-52888.json b/CVE-2025/CVE-2025-528xx/CVE-2025-52888.json index 2f5245421c5..fc615a2e84d 100644 --- a/CVE-2025/CVE-2025-528xx/CVE-2025-52888.json +++ b/CVE-2025/CVE-2025-528xx/CVE-2025-52888.json @@ -2,13 +2,17 @@ "id": "CVE-2025-52888", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-24T20:15:26.700", - "lastModified": "2025-06-24T20:15:26.700", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Allure 2 is the version 2.x branch of Allure Report, a multi-language test reporting tool. A critical XML External Entity (XXE) vulnerability exists in the xunit-xml-plugin used by Allure 2 prior to version 2.34.1. The plugin fails to securely configure the XML parser (`DocumentBuilderFactory`) and allows external entity expansion when processing test result .xml files. This allows attackers to read arbitrary files from the file system and potentially trigger server-side request forgery (SSRF). Version 2.34.1 contains a patch for the issue." + }, + { + "lang": "es", + "value": "Allure 2 es la versi\u00f3n 2.x de Allure Report, una herramienta multiling\u00fce para la generaci\u00f3n de informes de pruebas. Existe una vulnerabilidad cr\u00edtica de Entidad Externa XML (XXE) en el complemento xunit-xml utilizado por Allure 2 en versiones anteriores a la 2.34.1. El complemento no configura de forma segura el analizador XML (`DocumentBuilderFactory`) y permite la expansi\u00f3n de entidades externas al procesar archivos .xml de resultados de pruebas. Esto permite a los atacantes leer archivos arbitrarios del sistema de archivos y, potencialmente, activar server-side request forgery (SSRF). La versi\u00f3n 2.34.1 incluye un parche para este problema." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-528xx/CVE-2025-52889.json b/CVE-2025/CVE-2025-528xx/CVE-2025-52889.json index 4fc76f16f66..b2ad2cf7674 100644 --- a/CVE-2025/CVE-2025-528xx/CVE-2025-52889.json +++ b/CVE-2025/CVE-2025-528xx/CVE-2025-52889.json @@ -2,13 +2,17 @@ "id": "CVE-2025-52889", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-25T17:15:39.200", - "lastModified": "2025-06-25T18:15:22.653", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus version 6.12 and 6.13 generates nftables rules for local services (DHCP, DNS...) that partially bypass security options `security.mac_filtering`, `security.ipv4_filtering` and `security.ipv6_filtering`. This can lead to DHCP pool exhaustion and opens the door for other attacks. A patch is available at commit 2516fb19ad8428454cb4edfe70c0a5f0dc1da214." + }, + { + "lang": "es", + "value": "Incus es un contenedor de sistema y administrador de m\u00e1quinas virtuales. Al usar una ACL en un dispositivo conectado a un puente, las versiones 6.12 y 6.13 de Incus generan reglas de nftables para servicios locales (DHCP, DNS, etc.) que omiten parcialmente las opciones de seguridad `security.mac_filtering`, `security.ipv4_filtering` y `security.ipv6_filtering`. Esto puede provocar el agotamiento del pool de DHCP y abrir la puerta a otros ataques. Hay un parche disponible en el commit 2516fb19ad8428454cb4edfe70c0a5f0dc1da214." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-528xx/CVE-2025-52890.json b/CVE-2025/CVE-2025-528xx/CVE-2025-52890.json index 1d602ae7bf4..d14e740110f 100644 --- a/CVE-2025/CVE-2025-528xx/CVE-2025-52890.json +++ b/CVE-2025/CVE-2025-528xx/CVE-2025-52890.json @@ -2,13 +2,17 @@ "id": "CVE-2025-52890", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-25T17:15:39.370", - "lastModified": "2025-06-25T18:15:22.753", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus versions 6.12 and 6.13generates nftables rules that partially bypass security options `security.mac_filtering`, `security.ipv4_filtering` and `security.ipv6_filtering`. This can lead to ARP spoofing on the bridge and to fully spoof another VM/container on the same bridge. Commit 254dfd2483ab8de39b47c2258b7f1cf0759231c8 contains a patch for the issue." + }, + { + "lang": "es", + "value": "Incus es un administrador de contenedores de sistema y m\u00e1quinas virtuales. Al usar una ACL en un dispositivo conectado a un puente, las versiones 6.12 y 6.13 de Incus generan reglas de nftables que omiten parcialmente las opciones de seguridad `security.mac_filtering`, `security.ipv4_filtering` y `security.ipv6_filtering`. Esto puede provocar suplantaci\u00f3n de ARP en el puente y suplantaci\u00f3n completa de otra m\u00e1quina virtual/contenedor en el mismo puente. El commit 254dfd2483ab8de39b47c2258b7f1cf0759231c8 contiene un parche para este problema." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-528xx/CVE-2025-52893.json b/CVE-2025/CVE-2025-528xx/CVE-2025-52893.json index 1496b3df800..71a3e0ca9f2 100644 --- a/CVE-2025/CVE-2025-528xx/CVE-2025-52893.json +++ b/CVE-2025/CVE-2025-528xx/CVE-2025-52893.json @@ -2,13 +2,17 @@ "id": "CVE-2025-52893", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-25T17:15:39.523", - "lastModified": "2025-06-25T17:15:39.523", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. OpenBao before v2.3.0 may leak sensitive information in logs when processing malformed data. This is separate from the earlier HCSEC-2025-09 / CVE-2025-4166. This issue has been fixed in OpenBao v2.3.0 and later. Like with HCSEC-2025-09, there is no known workaround except to ensure properly formatted requests from all clients." + }, + { + "lang": "es", + "value": "OpenBao existe para proporcionar una soluci\u00f3n de software que permite gestionar, almacenar y distribuir datos confidenciales, como secretos, certificados y claves. Las versiones anteriores de OpenBao v2.3.0 pueden filtrar informaci\u00f3n confidencial en los registros al procesar datos malformados. Esto es independiente de la anterior HCSEC-2025-09 / CVE-2025-4166. Este problema se ha corregido en OpenBao v2.3.0 y posteriores. Al igual que con HCSEC-2025-09, no existe una soluci\u00f3n alternativa conocida, salvo garantizar que las solicitudes de todos los clientes tengan el formato correcto." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-528xx/CVE-2025-52894.json b/CVE-2025/CVE-2025-528xx/CVE-2025-52894.json index a107aeeb9c5..a052e501511 100644 --- a/CVE-2025/CVE-2025-528xx/CVE-2025-52894.json +++ b/CVE-2025/CVE-2025-528xx/CVE-2025-52894.json @@ -2,13 +2,17 @@ "id": "CVE-2025-52894", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-25T17:15:39.677", - "lastModified": "2025-06-25T17:15:39.677", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. OpenBao before v2.3.0 allowed an attacker to perform unauthenticated, unaudited cancellation of root rekey and recovery rekey operations, effecting a denial of service. In OpenBao v2.2.0 and later, manually setting the configuration option `disable_unauthed_rekey_endpoints=true` allows an operator to deny these rarely-used endpoints on global listeners. A patch is available at commit fe75468822a22a88318c6079425357a02ae5b77b. In a future OpenBao release communicated on OpenBao's website, the maintainers will set this to `true` for all users and provide an authenticated alternative. As a workaround, if an active proxy or load balancer sits in front of OpenBao, an operator can deny requests to these endpoints from unauthorized IP ranges." + }, + { + "lang": "es", + "value": "OpenBao existe para proporcionar una soluci\u00f3n de software que permite gestionar, almacenar y distribuir datos confidenciales, como secretos, certificados y claves. En versiones anteriores a la v2.3.0, OpenBao permit\u00eda a un atacante realizar cancelaciones no autenticadas ni auditadas de operaciones de regeneraci\u00f3n de claves de ra\u00edz y de recuperaci\u00f3n, lo que provocaba una denegaci\u00f3n de servicio. En OpenBao v2.2.0 y posteriores, la configuraci\u00f3n manual de la opci\u00f3n `disable_unauthed_rekey_endpoints=true` permite a un operador denegar el acceso a estos endpoints poco utilizados en escuchas globales. Hay un parche disponible en el commit fe75468822a22a88318c6079425357a02ae5b77b. En una futura versi\u00f3n de OpenBao, anunciada en su sitio web, los fabricantees la configurar\u00e1n como `true` para todos los usuarios y ofrecer\u00e1n una alternativa autenticada. Como soluci\u00f3n alternativa, si un proxy activo o un balanceador de carga se encuentra frente a OpenBao, un operador puede rechazar solicitudes a estos endpoints desde rangos de IP no autorizados." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-529xx/CVE-2025-52900.json b/CVE-2025/CVE-2025-529xx/CVE-2025-52900.json index 0ed74be5e53..b5a900c3b7f 100644 --- a/CVE-2025/CVE-2025-529xx/CVE-2025-52900.json +++ b/CVE-2025/CVE-2025-529xx/CVE-2025-52900.json @@ -2,8 +2,8 @@ "id": "CVE-2025-52900", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-26T15:15:23.520", - "lastModified": "2025-06-26T15:15:23.520", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-529xx/CVE-2025-52902.json b/CVE-2025/CVE-2025-529xx/CVE-2025-52902.json index 76e47ece187..3271d684413 100644 --- a/CVE-2025/CVE-2025-529xx/CVE-2025-52902.json +++ b/CVE-2025/CVE-2025-529xx/CVE-2025-52902.json @@ -2,8 +2,8 @@ "id": "CVE-2025-52902", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-26T15:15:23.687", - "lastModified": "2025-06-26T15:15:23.687", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-529xx/CVE-2025-52903.json b/CVE-2025/CVE-2025-529xx/CVE-2025-52903.json new file mode 100644 index 00000000000..3848e573f9a --- /dev/null +++ b/CVE-2025/CVE-2025-529xx/CVE-2025-52903.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2025-52903", + "sourceIdentifier": "security-advisories@github.com", + "published": "2025-06-26T19:15:21.587", + "lastModified": "2025-06-26T19:15:21.587", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. In version 2.32.0, the Command Execution feature of File Browser only allows the execution of shell command which have been predefined on a user-specific allowlist. Many tools allow the execution of arbitrary different commands, rendering this limitation void. The concrete impact depends on the commands being granted to the attacker, but the large number of standard commands allowing the execution of subcommands makes it likely that every user having the `Execute commands` permissions can exploit this vulnerability. Everyone who can exploit it will have full code execution rights with the uid of the server process. Until this issue is fixed, the maintainers recommend to completely disable `Execute commands` for all accounts. Since the command execution is an inherently dangerous feature that is not used by all deployments, it should be possible to completely disable it in the application's configuration. As a defense-in-depth measure, organizations not requiring command execution should operate the Filebrowser from a distroless container image. A patch version has been pushed to disable the feature for all existent installations, and making it opt-in. A warning has been added to the documentation and is printed on the console if the feature is enabled. Due to the project being in maintenance-only mode, the bug has not been fixed. The fix is tracked on pull request 5199." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", + "baseScore": 8.0, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.3, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/GoogleContainerTools/distroless", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/filebrowser/filebrowser/issues/5199", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/filebrowser/filebrowser/security/advisories/GHSA-3q2w-42mv-cph4", + "source": "security-advisories@github.com" + }, + { + "url": "https://manpages.debian.org/bookworm/util-linux/prlimit.1.en.html", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-529xx/CVE-2025-52904.json b/CVE-2025/CVE-2025-529xx/CVE-2025-52904.json new file mode 100644 index 00000000000..12490ab8af6 --- /dev/null +++ b/CVE-2025/CVE-2025-529xx/CVE-2025-52904.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2025-52904", + "sourceIdentifier": "security-advisories@github.com", + "published": "2025-06-26T19:15:21.743", + "lastModified": "2025-06-26T19:15:21.743", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. In version 2.32.0 of the web application, all users have a scope assigned, and they only have access to the files within that scope. The Command Execution feature of Filebrowser allows the execution of shell commands which are not restricted to the scope, potentially giving an attacker read and write access to all files managed by the server. Until this issue is fixed, the maintainers recommend to completely disable `Execute commands` for all accounts. Since the command execution is an inherently dangerous feature that is not used by all deployments, it should be possible to completely disable it in the application's configuration. As a defense-in-depth measure, organizations not requiring command execution should operate the Filebrowser from a distroless container image. A patch version has been pushed to disable the feature for all existent installations, and making it opt-in. A warning has been added to the documentation and is printed on the console if the feature is enabled. Due to the project being in maintenance-only mode, the bug has not been fixed. Fix is tracked on pull request 5199." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", + "baseScore": 8.0, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.3, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/GoogleContainerTools/distroless", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/filebrowser/filebrowser/issues/5199", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/filebrowser/filebrowser/security/advisories/GHSA-hc8f-m8g5-8362", + "source": "security-advisories@github.com" + }, + { + "url": "https://sloonz.github.io/posts/sandboxing-1", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-529xx/CVE-2025-52999.json b/CVE-2025/CVE-2025-529xx/CVE-2025-52999.json index b83eb98f3ae..6b903603f42 100644 --- a/CVE-2025/CVE-2025-529xx/CVE-2025-52999.json +++ b/CVE-2025/CVE-2025-529xx/CVE-2025-52999.json @@ -2,13 +2,17 @@ "id": "CVE-2025-52999", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-25T17:15:39.820", - "lastModified": "2025-06-25T17:15:39.820", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "jackson-core contains core low-level incremental (\"streaming\") parser and generator abstractions used by Jackson Data Processor. In versions prior to 2.15.0, if a user parses an input file and it has deeply nested data, Jackson could end up throwing a StackoverflowError if the depth is particularly large. jackson-core 2.15.0 contains a configurable limit for how deep Jackson will traverse in an input document, defaulting to an allowable depth of 1000. jackson-core will throw a StreamConstraintsException if the limit is reached. jackson-databind also benefits from this change because it uses jackson-core to parse JSON inputs. As a workaround, users should avoid parsing input files from untrusted sources." + }, + { + "lang": "es", + "value": "jackson-core contiene las abstracciones principales del analizador incremental (\"streaming\") de bajo nivel y del generador utilizadas por Jackson Data Processor. En versiones anteriores a la 2.15.0, si un usuario analiza un archivo de entrada con datos profundamente anidados, Jackson pod\u00eda generar un error de Stackoverflow si la profundidad era excesiva. jackson-core 2.15.0 incluye un l\u00edmite configurable para la profundidad que Jackson recorrer\u00e1 en un documento de entrada, con una profundidad predeterminada de 1000. jackson-core generar\u00e1 una excepci\u00f3n StreamConstraintsException si se alcanza el l\u00edmite. jackson-databind tambi\u00e9n se beneficia de este cambio, ya que utiliza jackson-core para analizar las entradas JSON. Como soluci\u00f3n alternativa, se recomienda a los usuarios evitar analizar archivos de entrada de fuentes no confiables." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-52xx/CVE-2025-5258.json b/CVE-2025/CVE-2025-52xx/CVE-2025-5258.json index 4b85773debf..33e5bd5b8b3 100644 --- a/CVE-2025/CVE-2025-52xx/CVE-2025-5258.json +++ b/CVE-2025/CVE-2025-52xx/CVE-2025-5258.json @@ -2,13 +2,17 @@ "id": "CVE-2025-5258", "sourceIdentifier": "security@wordfence.com", "published": "2025-06-24T08:15:24.397", - "lastModified": "2025-06-24T08:15:24.397", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Conference Scheduler plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018className\u2019 parameter in all versions up to, and including, 2.5.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento Conference Scheduler para WordPress es vulnerable a Cross-Site Scripting almacenado a trav\u00e9s del par\u00e1metro 'className' en todas las versiones hasta la 2.5.1 incluida, debido a una depuraci\u00f3n de entrada y un escape de salida insuficientes. Esto permite a atacantes autenticados, con acceso de colaborador o superior, inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n al acceder un usuario a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-52xx/CVE-2025-5275.json b/CVE-2025/CVE-2025-52xx/CVE-2025-5275.json index 4f04fcc8f99..6526faafd7c 100644 --- a/CVE-2025/CVE-2025-52xx/CVE-2025-5275.json +++ b/CVE-2025/CVE-2025-52xx/CVE-2025-5275.json @@ -2,13 +2,17 @@ "id": "CVE-2025-5275", "sourceIdentifier": "security@wordfence.com", "published": "2025-06-26T03:15:23.860", - "lastModified": "2025-06-26T03:15:23.860", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Charitable \u2013 Donation Plugin for WordPress \u2013 Fundraising with Recurring Donations & More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the privacy settings fields in all versions up to, and including, 1.8.6.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.\r\nThis issue was partially fixed in version 1.8.6.1 and fully fixed in version 1.8.6.2." + }, + { + "lang": "es", + "value": "El complemento Charitable \u2013 Donation Plugin para WordPress \u2013 Fundraising with Recurring Donations & More para WordPress es vulnerable a cross site scripting almacenado a trav\u00e9s de los campos de configuraci\u00f3n de privacidad en todas las versiones hasta la 1.8.6.1 incluida, debido a una depuraci\u00f3n de entrada y un escape de salida insuficientes. Esto permite a atacantes autenticados, con acceso de administrador, inyectar scripts web arbitrarios en las p\u00e1ginas que se ejecutar\u00e1n al acceder un usuario a una p\u00e1gina inyectada. Esto solo afecta a instalaciones multisitio y a instalaciones donde se ha deshabilitado unfiltered_html. Este problema se solucion\u00f3 parcialmente en la versi\u00f3n 1.8.6.1 y completamente en la 1.8.6.2." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-530xx/CVE-2025-53002.json b/CVE-2025/CVE-2025-530xx/CVE-2025-53002.json index 612595ea8e0..175a36a73f0 100644 --- a/CVE-2025/CVE-2025-530xx/CVE-2025-53002.json +++ b/CVE-2025/CVE-2025-530xx/CVE-2025-53002.json @@ -2,8 +2,8 @@ "id": "CVE-2025-53002", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-26T15:15:23.873", - "lastModified": "2025-06-26T15:15:23.873", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-530xx/CVE-2025-53007.json b/CVE-2025/CVE-2025-530xx/CVE-2025-53007.json index 3ac3fd48727..f22c4e32333 100644 --- a/CVE-2025/CVE-2025-530xx/CVE-2025-53007.json +++ b/CVE-2025/CVE-2025-530xx/CVE-2025-53007.json @@ -2,8 +2,8 @@ "id": "CVE-2025-53007", "sourceIdentifier": "security-advisories@github.com", "published": "2025-06-26T15:15:24.043", - "lastModified": "2025-06-26T15:15:24.043", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-530xx/CVE-2025-53013.json b/CVE-2025/CVE-2025-530xx/CVE-2025-53013.json new file mode 100644 index 00000000000..71759be69a7 --- /dev/null +++ b/CVE-2025/CVE-2025-530xx/CVE-2025-53013.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2025-53013", + "sourceIdentifier": "security-advisories@github.com", + "published": "2025-06-26T18:15:23.370", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. A vulnerability present in versions 0.9.10 through 0.9.16 allows a user to authenticate to a Linux host via Himmelblau using an *invalid* Linux Hello PIN, provided the host is offline. While the user gains access to the local system, Single Sign-On (SSO) fails due to the network being down and the inability to issue tokens (due to a failure to unlock the Hello key). The core issue lies in an incorrect assumption within the `acquire_token_by_hello_for_business_key` function: it was expected to return a `TPMFail` error for an invalid Hello key when offline, but instead, a preceding nonce request resulted in a `RequestFailed` error, leading the system to erroneously transition to an offline success state without validating the Hello key unlock. This impacts systems using Himmelblau for authentication when operating in an offline state with Hello PIN authentication enabled. Rocky Linux 8 (and variants) are not affected by this vulnerability. The problem is resolved in Himmelblau version 0.9.17. A workaround is available for users who cannot immediately upgrade. Disabling Hello PIN authentication by setting `enable_hello = false` in `/etc/himmelblau/himmelblau.conf` will mitigate the vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N", + "baseScore": 5.2, + "baseSeverity": "MEDIUM", + "attackVector": "PHYSICAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 0.9, + "impactScore": 4.2 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/himmelblau-idm/himmelblau/commit/64b03739f1d5ee472b1cff3ed20ed9af1c65a6f8", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/himmelblau-idm/himmelblau/commit/78477d684df710d57c10091c87b92665cfac98ae", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/himmelblau-idm/himmelblau/security/advisories/GHSA-j93j-pwm6-p97j", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-530xx/CVE-2025-53021.json b/CVE-2025/CVE-2025-530xx/CVE-2025-53021.json index 9001dee9256..e9199394940 100644 --- a/CVE-2025/CVE-2025-530xx/CVE-2025-53021.json +++ b/CVE-2025/CVE-2025-530xx/CVE-2025-53021.json @@ -2,8 +2,8 @@ "id": "CVE-2025-53021", "sourceIdentifier": "cve@mitre.org", "published": "2025-06-24T20:15:26.867", - "lastModified": "2025-06-24T20:15:26.867", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [ { "sourceIdentifier": "cve@mitre.org", @@ -16,6 +16,10 @@ { "lang": "en", "value": "A session fixation vulnerability in Moodle 3.x through 3.11.18 allows unauthenticated attackers to hijack user sessions via the sesskey parameter. The sesskey can be obtained without authentication and reused within the OAuth2 login flow, resulting in the victim's session being linked to the attacker's. Successful exploitation results in full account takeover. According to the Moodle Releases page, \"Bug fixes for security issues in 3.11.x ended 11 December 2023.\" NOTE: This vulnerability only affects products that are no longer supported by the maintainer." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de fijaci\u00f3n de sesi\u00f3n en Moodle 3.x a 3.11.18 permite a atacantes no autenticados secuestrar sesiones de usuario mediante el par\u00e1metro sesskey. Este par\u00e1metro se puede obtener sin autenticaci\u00f3n y reutilizar en el flujo de inicio de sesi\u00f3n de OAuth2, lo que vincula la sesi\u00f3n de la v\u00edctima a la del atacante. Una explotaci\u00f3n exitosa resulta en la apropiaci\u00f3n total de la cuenta. Seg\u00fan la p\u00e1gina de versiones de Moodle, \"Las correcciones de errores de seguridad en 3.11.x finalizaron el 11 de diciembre de 2023\". NOTA: Esta vulnerabilidad solo afecta a los productos que ya no reciben soporte del fabricante. " } ], "metrics": { diff --git a/CVE-2025/CVE-2025-530xx/CVE-2025-53073.json b/CVE-2025/CVE-2025-530xx/CVE-2025-53073.json index 4bd5f4789d0..fec2d9742f6 100644 --- a/CVE-2025/CVE-2025-530xx/CVE-2025-53073.json +++ b/CVE-2025/CVE-2025-530xx/CVE-2025-53073.json @@ -2,13 +2,17 @@ "id": "CVE-2025-53073", "sourceIdentifier": "cve@mitre.org", "published": "2025-06-24T18:15:26.813", - "lastModified": "2025-06-24T18:15:26.813", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Sentry 25.1.0 through 25.5.1, an authenticated attacker can access a project's issue endpoint and perform unauthorized actions (such as adding a comment) without being a member of the project's team. A seven-digit issue ID must be known (it is not treated as a secret and might be mentioned publicly, or it could be predicted)." + }, + { + "lang": "es", + "value": "En Sentry 25.1.0 a 25.5.1, un atacante autenticado puede acceder al endpoint de incidencia de un proyecto y realizar acciones no autorizadas (como a\u00f1adir un comentario) sin ser miembro del equipo del proyecto. Se debe conocer un ID de incidencia de siete d\u00edgitos (no se trata como secreto y puede mencionarse p\u00fablicamente o predecirse)." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-531xx/CVE-2025-53121.json b/CVE-2025/CVE-2025-531xx/CVE-2025-53121.json new file mode 100644 index 00000000000..9831d7f5566 --- /dev/null +++ b/CVE-2025/CVE-2025-531xx/CVE-2025-53121.json @@ -0,0 +1,82 @@ +{ + "id": "CVE-2025-53121", + "sourceIdentifier": "security@opennms.com", + "published": "2025-06-26T19:15:21.960", + "lastModified": "2025-06-26T19:15:21.960", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Multiple stored XSS were found on different nodes with unsanitized parameters in OpenMNS Horizon 33.0.8 and versions earlier than 33.1.6 on multiple platforms that allow an attacker to store on database and then inject HTML and/or Javascript on the page. The solution is to upgrade to Horizon 33.1.6, 33.1.7 or Meridian 2024.2.6, 2024.2.7 or newer. Meridian and Horizon installation instructions state that they are intended for installation within an organization's private networks and should not be directly accessible from the Internet. OpenNMS thanks\u00a0F\u00e1bio Tom\u00e9 for reporting this issue." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security@opennms.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "ADJACENT", + "attackComplexity": "LOW", + "attackRequirements": "PRESENT", + "privilegesRequired": "LOW", + "userInteraction": "ACTIVE", + "vulnConfidentialityImpact": "HIGH", + "vulnIntegrityImpact": "HIGH", + "vulnAvailabilityImpact": "NONE", + "subConfidentialityImpact": "HIGH", + "subIntegrityImpact": "HIGH", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "security@opennms.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/OpenNMS/opennms", + "source": "security@opennms.com" + }, + { + "url": "https://github.com/OpenNMS/opennms/pull/7708", + "source": "security@opennms.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-53xx/CVE-2025-5315.json b/CVE-2025/CVE-2025-53xx/CVE-2025-5315.json index 5fe001c0eda..b7c8cc334d5 100644 --- a/CVE-2025/CVE-2025-53xx/CVE-2025-5315.json +++ b/CVE-2025/CVE-2025-53xx/CVE-2025-5315.json @@ -2,13 +2,17 @@ "id": "CVE-2025-5315", "sourceIdentifier": "cve@gitlab.com", "published": "2025-06-26T06:15:23.873", - "lastModified": "2025-06-26T06:15:23.873", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users with Guest role permissions to add child items to incident work items by sending crafted API requests that bypassed UI-enforced role restrictions." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en GitLab CE/EE que afecta a todas las versiones desde la 17.2 hasta la 17.11.5, la 18.0 hasta la 18.0.3 y la 18.1 hasta la 18.1.1 que podr\u00eda haber permitido a los usuarios autenticados con permisos de rol de Invitado agregar elementos secundarios a los elementos de trabajo del incidente mediante el env\u00edo de solicitudes de API manipuladas que elud\u00edan las restricciones de rol impuestas por la interfaz de usuario." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-53xx/CVE-2025-5318.json b/CVE-2025/CVE-2025-53xx/CVE-2025-5318.json index 8c4061d0ec9..addcad26dd5 100644 --- a/CVE-2025/CVE-2025-53xx/CVE-2025-5318.json +++ b/CVE-2025/CVE-2025-53xx/CVE-2025-5318.json @@ -2,13 +2,17 @@ "id": "CVE-2025-5318", "sourceIdentifier": "secalert@redhat.com", "published": "2025-06-24T14:15:30.523", - "lastModified": "2025-06-24T14:15:30.523", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A flaw was found in the libssh library. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una falla en la librer\u00eda libssh. Una lectura fuera de los l\u00edmites puede activarse en la funci\u00f3n sftp_handle debido a una comprobaci\u00f3n de comparaci\u00f3n incorrecta que permite que la funci\u00f3n acceda a memoria m\u00e1s all\u00e1 de la lista de manejadores v\u00e1lidos y devuelva un puntero no v\u00e1lido, que se utiliza en el procesamiento posterior. Esta vulnerabilidad permite que un atacante remoto autenticado lea regiones de memoria no deseadas, exponiendo informaci\u00f3n confidencial o afectando el comportamiento del servicio." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-53xx/CVE-2025-5338.json b/CVE-2025/CVE-2025-53xx/CVE-2025-5338.json index d33f998b18f..00d767efea7 100644 --- a/CVE-2025/CVE-2025-53xx/CVE-2025-5338.json +++ b/CVE-2025/CVE-2025-53xx/CVE-2025-5338.json @@ -2,8 +2,8 @@ "id": "CVE-2025-5338", "sourceIdentifier": "security@wordfence.com", "published": "2025-06-26T10:15:25.307", - "lastModified": "2025-06-26T10:15:25.307", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-53xx/CVE-2025-5366.json b/CVE-2025/CVE-2025-53xx/CVE-2025-5366.json index 2de757b033f..b5f7426ee16 100644 --- a/CVE-2025/CVE-2025-53xx/CVE-2025-5366.json +++ b/CVE-2025/CVE-2025-53xx/CVE-2025-5366.json @@ -2,8 +2,8 @@ "id": "CVE-2025-5366", "sourceIdentifier": "0fc0942c-577d-436f-ae8e-945763c79b02", "published": "2025-06-26T13:15:28.970", - "lastModified": "2025-06-26T13:15:28.970", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-54xx/CVE-2025-5459.json b/CVE-2025/CVE-2025-54xx/CVE-2025-5459.json index b2d6ac680a6..54c5d983289 100644 --- a/CVE-2025/CVE-2025-54xx/CVE-2025-5459.json +++ b/CVE-2025/CVE-2025-54xx/CVE-2025-5459.json @@ -2,13 +2,17 @@ "id": "CVE-2025-5459", "sourceIdentifier": "security@puppet.com", "published": "2025-06-26T07:15:27.440", - "lastModified": "2025-06-26T07:15:27.440", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A user with specific node group editing permissions and a specially crafted class parameter could be used to execute commands as root on the primary host. It affects Puppet Enterprise versions 2018.1.8 through 2023.8.3 and 2025.3 and has been resolved in versions 2023.8.4 and 2025.4.0." + }, + { + "lang": "es", + "value": "Un usuario con permisos espec\u00edficos de edici\u00f3n de grupos de nodos y un par\u00e1metro de clase especialmente manipulado podr\u00eda ejecutar comandos como root en el host principal. Esto afecta a las versiones 2018.1.8 a 2023.8.3 y 2025.3 de Puppet Enterprise y se ha resuelto en las versiones 2023.8.4 y 2025.4.0." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-54xx/CVE-2025-5488.json b/CVE-2025/CVE-2025-54xx/CVE-2025-5488.json index 234abe7d889..9a18e2a75b8 100644 --- a/CVE-2025/CVE-2025-54xx/CVE-2025-5488.json +++ b/CVE-2025/CVE-2025-54xx/CVE-2025-5488.json @@ -2,13 +2,17 @@ "id": "CVE-2025-5488", "sourceIdentifier": "security@wordfence.com", "published": "2025-06-26T02:15:21.333", - "lastModified": "2025-06-26T02:15:21.333", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The WP Masonry & Infinite Scroll plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wmis' shortcode in all versions up to, and including, 2.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento WP Masonry & Infinite Scroll para WordPress es vulnerable a cross site scripting almacenado a trav\u00e9s del shortcode 'wmis' del plugin en todas las versiones hasta la 2.2 incluida, debido a una depuraci\u00f3n de entrada insuficiente y al escape de salida en los atributos proporcionados por el usuario. Esto permite a atacantes autenticados, con acceso de colaborador o superior, inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n al acceder un usuario a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-55xx/CVE-2025-5535.json b/CVE-2025/CVE-2025-55xx/CVE-2025-5535.json index bce9474f06d..a38dac81ed6 100644 --- a/CVE-2025/CVE-2025-55xx/CVE-2025-5535.json +++ b/CVE-2025/CVE-2025-55xx/CVE-2025-5535.json @@ -2,13 +2,17 @@ "id": "CVE-2025-5535", "sourceIdentifier": "security@wordfence.com", "published": "2025-06-26T02:15:21.493", - "lastModified": "2025-06-26T02:15:21.493", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The e.nigma buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'button' shortcode in all versions up to, and including, 1.1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento e.nigma buttons para WordPress es vulnerable a cross site scripting almacenado a trav\u00e9s del shortcode \"button\" del complemento en todas las versiones hasta la 1.1.3 incluida, debido a una depuraci\u00f3n de entrada insuficiente y al escape de salida en los atributos proporcionados por el usuario. Esto permite a atacantes autenticados, con acceso de colaborador o superior, inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n al acceder un usuario a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-55xx/CVE-2025-5540.json b/CVE-2025/CVE-2025-55xx/CVE-2025-5540.json index ede281eb6be..d1f2374d23d 100644 --- a/CVE-2025/CVE-2025-55xx/CVE-2025-5540.json +++ b/CVE-2025/CVE-2025-55xx/CVE-2025-5540.json @@ -2,13 +2,17 @@ "id": "CVE-2025-5540", "sourceIdentifier": "security@wordfence.com", "published": "2025-06-26T02:15:21.650", - "lastModified": "2025-06-26T02:15:21.650", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Event RSVP and Simple Event Management Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'emd_mb_meta' shortcode in all versions up to, and including, 4.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento Event RSVP y Simple Event Management para WordPress es vulnerable a cross site scripting almacenado a trav\u00e9s del shortcode 'emd_mb_meta' en todas las versiones hasta la 4.1.0 incluida, debido a una depuraci\u00f3n de entrada insuficiente y al escape de salida en los atributos proporcionados por el usuario. Esto permite a atacantes autenticados, con acceso de colaborador o superior, inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n al acceder un usuario a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-55xx/CVE-2025-5559.json b/CVE-2025/CVE-2025-55xx/CVE-2025-5559.json index c4abf239479..03e48a8e984 100644 --- a/CVE-2025/CVE-2025-55xx/CVE-2025-5559.json +++ b/CVE-2025/CVE-2025-55xx/CVE-2025-5559.json @@ -2,13 +2,17 @@ "id": "CVE-2025-5559", "sourceIdentifier": "security@wordfence.com", "published": "2025-06-26T02:15:21.807", - "lastModified": "2025-06-26T02:15:21.807", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The TimeZoneCalculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'timezonecalculator_output' shortcode in all versions up to, and including, 3.37 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento TimeZoneCalculator para WordPress es vulnerable a cross site scripting almacenado a trav\u00e9s del shortcode 'timezonecalculator_output' en todas las versiones hasta la 3.37 incluida, debido a una depuraci\u00f3n de entrada insuficiente y al escape de salida en los atributos proporcionados por el usuario. Esto permite a atacantes autenticados, con acceso de colaborador o superior, inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n al acceder un usuario a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-55xx/CVE-2025-5564.json b/CVE-2025/CVE-2025-55xx/CVE-2025-5564.json index 0a612c67657..89300e45975 100644 --- a/CVE-2025/CVE-2025-55xx/CVE-2025-5564.json +++ b/CVE-2025/CVE-2025-55xx/CVE-2025-5564.json @@ -2,13 +2,17 @@ "id": "CVE-2025-5564", "sourceIdentifier": "security@wordfence.com", "published": "2025-06-26T02:15:21.957", - "lastModified": "2025-06-26T02:15:21.957", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The GC Social Wall plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gc_social_wall' shortcode in all versions up to, and including, 1.15 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento GC Social Wall para WordPress es vulnerable a cross site scripting almacenado a trav\u00e9s del shortcode 'gc_social_wall' en todas las versiones hasta la 1.15 incluida, debido a una depuraci\u00f3n de entrada insuficiente y al escape de salida en los atributos proporcionados por el usuario. Esto permite a atacantes autenticados, con acceso de colaborador o superior, inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n al acceder un usuario a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-55xx/CVE-2025-5585.json b/CVE-2025/CVE-2025-55xx/CVE-2025-5585.json index 5ffc4bdc750..4430343a873 100644 --- a/CVE-2025/CVE-2025-55xx/CVE-2025-5585.json +++ b/CVE-2025/CVE-2025-55xx/CVE-2025-5585.json @@ -2,13 +2,17 @@ "id": "CVE-2025-5585", "sourceIdentifier": "security@wordfence.com", "published": "2025-06-25T03:15:27.853", - "lastModified": "2025-06-25T03:15:27.853", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `data-url` DOM Element Attribute in all versions up to, and including, 1.68.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento SiteOrigin Widgets Bundle para WordPress es vulnerable a Cross-Site Scripting almacenado a trav\u00e9s del atributo del elemento DOM `data-url` en todas las versiones hasta la 1.68.4 incluida, debido a una depuraci\u00f3n de entrada y un escape de salida insuficientes. Esto permite a atacantes autenticados, con acceso de colaborador o superior, inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n al acceder un usuario a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-55xx/CVE-2025-5588.json b/CVE-2025/CVE-2025-55xx/CVE-2025-5588.json index 8048fe95f9d..605ce0d4e02 100644 --- a/CVE-2025/CVE-2025-55xx/CVE-2025-5588.json +++ b/CVE-2025/CVE-2025-55xx/CVE-2025-5588.json @@ -2,13 +2,17 @@ "id": "CVE-2025-5588", "sourceIdentifier": "security@wordfence.com", "published": "2025-06-26T02:15:22.107", - "lastModified": "2025-06-26T02:15:22.107", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Image Editor by Pixo plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018download\u2019 parameter in all versions up to, and including, 2.3.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento Image Editor by Pixo para WordPress es vulnerable a cross site scripting almacenado a trav\u00e9s del par\u00e1metro \"download\" en todas las versiones hasta la 2.3.6 incluida, debido a una depuraci\u00f3n de entrada y un escape de salida insuficientes. Esto permite a atacantes autenticados, con acceso de colaborador o superior, inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n al acceder un usuario a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-55xx/CVE-2025-5590.json b/CVE-2025/CVE-2025-55xx/CVE-2025-5590.json index 327468e6513..645a2b237d3 100644 --- a/CVE-2025/CVE-2025-55xx/CVE-2025-5590.json +++ b/CVE-2025/CVE-2025-55xx/CVE-2025-5590.json @@ -2,13 +2,17 @@ "id": "CVE-2025-5590", "sourceIdentifier": "security@wordfence.com", "published": "2025-06-26T02:15:22.260", - "lastModified": "2025-06-26T02:15:22.260", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Owl carousel responsive plugin for WordPress is vulnerable to time-based SQL Injection via the \u2018id\u2019 parameter in all versions up to, and including, 1.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database." + }, + { + "lang": "es", + "value": "El complemento Owl carousel responsive para WordPress es vulnerable a la inyecci\u00f3n SQL basada en tiempo mediante el par\u00e1metro 'id' en todas las versiones hasta la 1.9 incluida, debido a un escape insuficiente del par\u00e1metro proporcionado por el usuario y a la falta de preparaci\u00f3n de la consulta SQL existente. Esto permite a atacantes autenticados, con acceso de colaborador o superior, a\u00f1adir consultas SQL adicionales a consultas ya existentes que pueden utilizarse para extraer informaci\u00f3n confidencial de la base de datos." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-56xx/CVE-2025-5682.json b/CVE-2025/CVE-2025-56xx/CVE-2025-5682.json index 3a0a6878fe0..686003d999b 100644 --- a/CVE-2025/CVE-2025-56xx/CVE-2025-5682.json +++ b/CVE-2025/CVE-2025-56xx/CVE-2025-5682.json @@ -2,8 +2,8 @@ "id": "CVE-2025-5682", "sourceIdentifier": "mlhess@drupal.org", "published": "2025-06-26T14:15:31.280", - "lastModified": "2025-06-26T14:15:31.280", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-58xx/CVE-2025-5812.json b/CVE-2025/CVE-2025-58xx/CVE-2025-5812.json index ea0a77c950b..9423634134d 100644 --- a/CVE-2025/CVE-2025-58xx/CVE-2025-5812.json +++ b/CVE-2025/CVE-2025-58xx/CVE-2025-5812.json @@ -2,13 +2,17 @@ "id": "CVE-2025-5812", "sourceIdentifier": "security@wordfence.com", "published": "2025-06-26T02:15:22.420", - "lastModified": "2025-06-26T02:15:22.420", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The VG WORT METIS plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the gutenberg_save_post() function in all versions up to, and including, 2.0.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update limited post settings." + }, + { + "lang": "es", + "value": "El complemento VG WORT METIS para WordPress es vulnerable a la modificaci\u00f3n no autorizada de datos debido a la falta de una comprobaci\u00f3n de capacidad en la funci\u00f3n gutenberg_save_post() en todas las versiones hasta la 2.0.0 incluida. Esto permite que atacantes autenticados, con acceso de suscriptor o superior, actualicen la configuraci\u00f3n limitada de las publicaciones." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-58xx/CVE-2025-5813.json b/CVE-2025/CVE-2025-58xx/CVE-2025-5813.json index 0041e426736..499f06ab91b 100644 --- a/CVE-2025/CVE-2025-58xx/CVE-2025-5813.json +++ b/CVE-2025/CVE-2025-58xx/CVE-2025-5813.json @@ -2,13 +2,17 @@ "id": "CVE-2025-5813", "sourceIdentifier": "security@wordfence.com", "published": "2025-06-26T03:15:24.800", - "lastModified": "2025-06-26T03:15:24.800", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Amazon Products to WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wcta2w_get_amazon_product_callback() function in all versions up to, and including, 1.2.7. This makes it possible for unauthenticated attackers to create new produces." + }, + { + "lang": "es", + "value": "El complemento Amazon Products to WooCommerce para WordPress es vulnerable a la modificaci\u00f3n no autorizada de datos debido a la falta de una comprobaci\u00f3n de capacidad en la funci\u00f3n wcta2w_get_amazon_product_callback() en todas las versiones hasta la 1.2.7 incluida. Esto permite que atacantes no autenticados creen nuevos productos." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-58xx/CVE-2025-5822.json b/CVE-2025/CVE-2025-58xx/CVE-2025-5822.json index d065c4fa2e9..bb1f3f83154 100644 --- a/CVE-2025/CVE-2025-58xx/CVE-2025-5822.json +++ b/CVE-2025/CVE-2025-58xx/CVE-2025-5822.json @@ -2,13 +2,17 @@ "id": "CVE-2025-5822", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T18:15:22.900", - "lastModified": "2025-06-25T18:15:22.900", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Autel MaxiCharger AC Wallbox Commercial Technician API Incorrect Authorization Privilege Escalation Vulnerability. This vulnerability allows remote attackers to escalate privileges on affected installations of Autel MaxiCharger AC Wallbox Commercial charging stations. An attacker must first obtain a low-privileged authorization token in order to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the Autel Technician API. The issue results from incorrect authorization. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user. Was ZDI-CAN-26325." + }, + { + "lang": "es", + "value": "Vulnerabilidad de escalada de privilegios de autorizaci\u00f3n incorrecta en la API de Autel MaxiCharger AC Wallbox Commercial Technician. Esta vulnerabilidad permite a atacantes remotos escalar privilegios en las instalaciones afectadas de las estaciones de carga Autel MaxiCharger AC Wallbox Commercial. Para explotar esta vulnerabilidad, un atacante debe obtener primero un token de autorizaci\u00f3n con privilegios bajos. La falla espec\u00edfica se encuentra en la implementaci\u00f3n de la API de Autel Technician. El problema se debe a una autorizaci\u00f3n incorrecta. Un atacante puede aprovechar esta vulnerabilidad para escalar privilegios a recursos que normalmente estar\u00edan protegidos del usuario. La vulnerabilidad era ZDI-CAN-26325." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-58xx/CVE-2025-5823.json b/CVE-2025/CVE-2025-58xx/CVE-2025-5823.json index 4ba2cc32214..68b0cfd830f 100644 --- a/CVE-2025/CVE-2025-58xx/CVE-2025-5823.json +++ b/CVE-2025/CVE-2025-58xx/CVE-2025-5823.json @@ -2,13 +2,17 @@ "id": "CVE-2025-5823", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T18:15:23.043", - "lastModified": "2025-06-25T18:15:23.043", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Autel MaxiCharger AC Wallbox Commercial Serial Number Exposed Dangerous Method Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the Autel Technician API. The issue results from an exposed dangerous method. An attacker can leverage this vulnerability to disclose credentials, leading to further compromise. Was ZDI-CAN-26351." + }, + { + "lang": "es", + "value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n por m\u00e9todo peligroso expuesta en el n\u00famero de serie del Autel MaxiCharger AC Wallbox Commercial. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial sobre las instalaciones afectadas de los cargadores para veh\u00edculos el\u00e9ctricos Autel MaxiCharger AC Wallbox Commercial. Se requiere autenticaci\u00f3n para explotar esta vulnerabilidad. La falla espec\u00edfica se encuentra en la implementaci\u00f3n de la API Autel Technician. El problema se debe a un m\u00e9todo peligroso expuesto. Un atacante puede aprovechar esta vulnerabilidad para divulgar credenciales, lo que conlleva una mayor vulnerabilidad. Se denomin\u00f3 ZDI-CAN-26351." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-58xx/CVE-2025-5824.json b/CVE-2025/CVE-2025-58xx/CVE-2025-5824.json index 9cae156c6dc..05c906ee81e 100644 --- a/CVE-2025/CVE-2025-58xx/CVE-2025-5824.json +++ b/CVE-2025/CVE-2025-58xx/CVE-2025-5824.json @@ -2,13 +2,17 @@ "id": "CVE-2025-5824", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T18:15:23.173", - "lastModified": "2025-06-25T18:15:23.173", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Autel MaxiCharger AC Wallbox Commercial Origin Validation Error Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Autel MaxiCharger AC Wallbox Commercial. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the handling of bluetooth pairing requests. The issue results from insufficient validation of the origin of commands. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-26353." + }, + { + "lang": "es", + "value": "Vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n por error de validaci\u00f3n de origen en Autel MaxiCharger AC Wallbox Commercial. Esta vulnerabilidad permite a atacantes adyacentes a la red omitir la autenticaci\u00f3n en las instalaciones afectadas de Autel MaxiCharger AC Wallbox Commercial. Para explotar esta vulnerabilidad, un atacante debe primero emparejar un dispositivo Bluetooth malicioso con el sistema objetivo. La falla espec\u00edfica se encuentra en la gesti\u00f3n de solicitudes de emparejamiento Bluetooth. El problema se debe a una validaci\u00f3n insuficiente del origen de los comandos. Un atacante puede aprovechar esta vulnerabilidad para omitir la autenticaci\u00f3n en el sistema. Anteriormente, se conoc\u00eda como ZDI-CAN-26353." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-58xx/CVE-2025-5825.json b/CVE-2025/CVE-2025-58xx/CVE-2025-5825.json index ac2f34e6265..08096bd89c0 100644 --- a/CVE-2025/CVE-2025-58xx/CVE-2025-5825.json +++ b/CVE-2025/CVE-2025-58xx/CVE-2025-5825.json @@ -2,13 +2,17 @@ "id": "CVE-2025-5825", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T18:15:23.303", - "lastModified": "2025-06-25T18:15:23.303", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Autel MaxiCharger AC Wallbox Commercial Firmware Downgrade Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Wallbox Commercial charging stations. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a firmware image before using it to perform an upgrade. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the device. Was ZDI-CAN-26354." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en la degradaci\u00f3n del firmware de Autel MaxiCharger AC Wallbox Commercial. Esta vulnerabilidad permite a atacantes adyacentes a la red ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de las estaciones de carga Autel MaxiCharger AC Wallbox Commercial. Para explotar esta vulnerabilidad, un atacante debe primero vincular un dispositivo Bluetooth malicioso con el sistema objetivo. La falla espec\u00edfica se encuentra en el proceso de actualizaci\u00f3n del firmware. El problema se debe a la falta de validaci\u00f3n adecuada de una imagen de firmware antes de usarla para realizar una actualizaci\u00f3n. Un atacante puede aprovechar esto, junto con otras vulnerabilidades, para ejecutar c\u00f3digo arbitrario en el dispositivo. Anteriormente, se denominaba ZDI-CAN-26354." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-58xx/CVE-2025-5826.json b/CVE-2025/CVE-2025-58xx/CVE-2025-5826.json index 6b65f54169b..60afac2bb02 100644 --- a/CVE-2025/CVE-2025-58xx/CVE-2025-5826.json +++ b/CVE-2025/CVE-2025-58xx/CVE-2025-5826.json @@ -2,13 +2,17 @@ "id": "CVE-2025-5826", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T18:15:23.433", - "lastModified": "2025-06-25T18:15:23.433", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Autel MaxiCharger AC Wallbox Commercial ble_process_esp32_msg Misinterpretation of Input Vulnerability. This vulnerability allows network-adjacent attackers to inject arbitrary AT commands on affected installations of Autel MaxiCharger AC Wallbox Commercial charging stations. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the ble_process_esp32_msg function. The issue results from misinterpretation of input data. An attacker can leverage this vulnerability to execute AT commands in the context of the device. Was ZDI-CAN-26368." + }, + { + "lang": "es", + "value": "Vulnerabilidad de interpretaci\u00f3n err\u00f3nea de datos de entrada en Autel MaxiCharger AC Wallbox Commercial ble_process_esp32_msg. Esta vulnerabilidad permite a atacantes adyacentes a la red inyectar comandos AT arbitrarios en las instalaciones afectadas de las estaciones de carga Autel MaxiCharger AC Wallbox Commercial. No se requiere autenticaci\u00f3n para explotar esta vulnerabilidad. La falla espec\u00edfica se encuentra en la funci\u00f3n ble_process_esp32_msg. El problema se debe a la interpretaci\u00f3n err\u00f3nea de los datos de entrada. Un atacante puede aprovechar esta vulnerabilidad para ejecutar comandos AT en el contexto del dispositivo. Anteriormente, se denomin\u00f3 ZDI-CAN-26368." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-58xx/CVE-2025-5827.json b/CVE-2025/CVE-2025-58xx/CVE-2025-5827.json index be226d84f7f..b9207e5bb97 100644 --- a/CVE-2025/CVE-2025-58xx/CVE-2025-5827.json +++ b/CVE-2025/CVE-2025-58xx/CVE-2025-5827.json @@ -2,13 +2,17 @@ "id": "CVE-2025-5827", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T18:15:23.563", - "lastModified": "2025-06-25T18:15:23.563", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Autel MaxiCharger AC Wallbox Commercial ble_process_esp32_msg Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the ble_process_esp32_msg function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-26369." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por desbordamiento de b\u00fafer basado en pila en Autel MaxiCharger AC Wallbox Commercial ble_process_esp32_msg. Esta vulnerabilidad permite a atacantes adyacentes a la red ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de cargadores de veh\u00edculos el\u00e9ctricos Autel MaxiCharger AC Wallbox Commercial. No se requiere autenticaci\u00f3n para explotar esta vulnerabilidad. La falla espec\u00edfica se encuentra en la funci\u00f3n ble_process_esp32_msg. El problema se debe a la falta de una validaci\u00f3n adecuada de la longitud de los datos proporcionados por el usuario antes de copiarlos a un b\u00fafer basado en pila de longitud fija. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del dispositivo. Anteriormente, se denomin\u00f3 ZDI-CAN-26369." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-58xx/CVE-2025-5828.json b/CVE-2025/CVE-2025-58xx/CVE-2025-5828.json index c94407ba44b..ba2e85a5320 100644 --- a/CVE-2025/CVE-2025-58xx/CVE-2025-5828.json +++ b/CVE-2025/CVE-2025-58xx/CVE-2025-5828.json @@ -2,13 +2,17 @@ "id": "CVE-2025-5828", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T18:15:23.683", - "lastModified": "2025-06-25T18:15:23.683", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Autel MaxiCharger AC Wallbox Commercial wLength Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of USB frame packets. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-26328." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por desbordamiento de b\u00fafer en Autel MaxiCharger AC Wallbox Commercial wLength. Esta vulnerabilidad permite a atacantes con presencia f\u00edsica ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de cargadores de veh\u00edculos el\u00e9ctricos Autel MaxiCharger AC Wallbox Commercial. No se requiere autenticaci\u00f3n para explotar esta vulnerabilidad. La falla espec\u00edfica se encuentra en el manejo de paquetes de trama USB. El problema se debe a la falta de una validaci\u00f3n adecuada de la longitud de los datos proporcionados por el usuario antes de copiarlos a un b\u00fafer de longitud fija. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del dispositivo. Era ZDI-CAN-26328." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-58xx/CVE-2025-5829.json b/CVE-2025/CVE-2025-58xx/CVE-2025-5829.json index 45f720c1305..29eda924e31 100644 --- a/CVE-2025/CVE-2025-58xx/CVE-2025-5829.json +++ b/CVE-2025/CVE-2025-58xx/CVE-2025-5829.json @@ -2,13 +2,17 @@ "id": "CVE-2025-5829", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T18:15:23.817", - "lastModified": "2025-06-25T18:15:23.817", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Autel MaxiCharger AC Wallbox Commercial autocharge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of JSON messages. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-26330." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por desbordamiento de b\u00fafer basado en pila en el cargador autom\u00e1tico Autel MaxiCharger AC Wallbox Commercial. Esta vulnerabilidad permite a atacantes con presencia f\u00edsica ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de cargadores de veh\u00edculos el\u00e9ctricos Autel MaxiCharger AC Wallbox Commercial. No se requiere autenticaci\u00f3n para explotar esta vulnerabilidad. La falla espec\u00edfica se encuentra en el manejo de mensajes JSON. El problema se debe a la falta de una validaci\u00f3n adecuada de la longitud de los datos proporcionados por el usuario antes de copiarlos a un b\u00fafer basado en pila de longitud fija. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del dispositivo. Era ZDI-CAN-26330." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-58xx/CVE-2025-5830.json b/CVE-2025/CVE-2025-58xx/CVE-2025-5830.json index 1cf5744102a..6c987678093 100644 --- a/CVE-2025/CVE-2025-58xx/CVE-2025-5830.json +++ b/CVE-2025/CVE-2025-58xx/CVE-2025-5830.json @@ -2,13 +2,17 @@ "id": "CVE-2025-5830", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T18:15:23.950", - "lastModified": "2025-06-25T18:15:23.950", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Autel MaxiCharger AC Wallbox Commercial DLB_SlaveRegister Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of DLB_SlaveRegister messages. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-26327." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por desbordamiento de b\u00fafer basado en el heap DLB_SlaveRegister en Autel MaxiCharger AC Wallbox Commercial. Esta vulnerabilidad permite a atacantes adyacentes a la red ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de cargadores de veh\u00edculos el\u00e9ctricos Autel MaxiCharger AC Wallbox Commercial. No se requiere autenticaci\u00f3n para explotar esta vulnerabilidad. La falla espec\u00edfica se encuentra en el manejo de los mensajes DLB_SlaveRegister. El problema se debe a la falta de una validaci\u00f3n adecuada de la longitud de los datos proporcionados por el usuario antes de copiarlos a un b\u00fafer basado en el heap de longitud fija. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del dispositivo. Era ZDI-CAN-26327." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-58xx/CVE-2025-5832.json b/CVE-2025/CVE-2025-58xx/CVE-2025-5832.json index f586f3fc82f..0e68cc48e85 100644 --- a/CVE-2025/CVE-2025-58xx/CVE-2025-5832.json +++ b/CVE-2025/CVE-2025-58xx/CVE-2025-5832.json @@ -2,13 +2,17 @@ "id": "CVE-2025-5832", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T18:15:24.077", - "lastModified": "2025-06-25T18:15:24.077", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Pioneer DMH-WT7600NEX Software Update Signing Insufficient Verification of Data Authenticity Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Pioneer DMH-WT7600NEX devices. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the software update verification process. The issue results from the lack of validating all the data in the software update. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-26079." + }, + { + "lang": "es", + "value": "Vulnerabilidad de verificaci\u00f3n insuficiente de la autenticidad de los datos en la firma de actualizaciones de software del Pioneer DMH-WT7600NEX. Esta vulnerabilidad permite a atacantes con presencia f\u00edsica ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de los dispositivos Pioneer DMH-WT7600NEX. No se requiere autenticaci\u00f3n para explotar esta vulnerabilidad. La falla espec\u00edfica se encuentra en el proceso de verificaci\u00f3n de actualizaciones de software. El problema se debe a la falta de validaci\u00f3n de todos los datos en la actualizaci\u00f3n de software. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del dispositivo. Era ZDI-CAN-26079." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-58xx/CVE-2025-5833.json b/CVE-2025/CVE-2025-58xx/CVE-2025-5833.json index e25fdfe4f0f..196880b9382 100644 --- a/CVE-2025/CVE-2025-58xx/CVE-2025-5833.json +++ b/CVE-2025/CVE-2025-58xx/CVE-2025-5833.json @@ -2,13 +2,17 @@ "id": "CVE-2025-5833", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T18:15:24.203", - "lastModified": "2025-06-25T18:15:24.203", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Pioneer DMH-WT7600NEX Root Filesystem Insufficient Verification of Data Authenticity Vulnerability. This vulnerability allows physically present attackers to bypass authentication on affected installations of Pioneer DMH-WT7600NEX devices. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the configuration of the operating system. The issue results from the lack of properly configured protection for the root file system. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-26077." + }, + { + "lang": "es", + "value": "Vulnerabilidad de verificaci\u00f3n insuficiente de la autenticidad de datos en el sistema de archivos ra\u00edz del Pioneer DMH-WT7600NEX. Esta vulnerabilidad permite a atacantes presentes f\u00edsicamente eludir la autenticaci\u00f3n en las instalaciones afectadas de los dispositivos Pioneer DMH-WT7600NEX. No se requiere autenticaci\u00f3n para explotar esta vulnerabilidad. La falla espec\u00edfica se encuentra en la configuraci\u00f3n del sistema operativo. El problema se debe a la falta de una protecci\u00f3n configurada correctamente para el sistema de archivos ra\u00edz. Un atacante puede aprovechar esta vulnerabilidad para eludir la autenticaci\u00f3n en el sistema. Anteriormente, se denominaba ZDI-CAN-26077." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-58xx/CVE-2025-5834.json b/CVE-2025/CVE-2025-58xx/CVE-2025-5834.json index 6067ac29bbf..66e38ecef73 100644 --- a/CVE-2025/CVE-2025-58xx/CVE-2025-5834.json +++ b/CVE-2025/CVE-2025-58xx/CVE-2025-5834.json @@ -2,13 +2,17 @@ "id": "CVE-2025-5834", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T18:15:24.337", - "lastModified": "2025-06-25T18:15:24.337", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Pioneer DMH-WT7600NEX Missing Immutable Root of Trust in Hardware Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to bypass authentication on affected installations of Pioneer DMH-WT7600NEX devices. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the configuration of the application system-on-chip (SoC). The issue results from the lack of a properly configured hardware root of trust. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the boot process. Was ZDI-CAN-26078." + }, + { + "lang": "es", + "value": "Vulnerabilidad de escalada de privilegios locales de hardware: falta de ra\u00edz de confianza inmutable en el dispositivo Pioneer DMH-WT7600NEX. Esta vulnerabilidad permite a atacantes locales eludir la autenticaci\u00f3n en las instalaciones afectadas de los dispositivos Pioneer DMH-WT7600NEX. Si bien se requiere autenticaci\u00f3n para explotar esta vulnerabilidad, el mecanismo de autenticaci\u00f3n existente puede eludirse. La falla espec\u00edfica se encuentra en la configuraci\u00f3n del sistema en chip (SoC) de la aplicaci\u00f3n. El problema se debe a la falta de una ra\u00edz de confianza de hardware correctamente configurada. Un atacante puede aprovechar esta vulnerabilidad para escalar privilegios y ejecutar c\u00f3digo arbitrario durante el arranque. Anteriormente, se denomin\u00f3 ZDI-CAN-26078." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-58xx/CVE-2025-5842.json b/CVE-2025/CVE-2025-58xx/CVE-2025-5842.json index 4735ece0d1a..292f95ecb5b 100644 --- a/CVE-2025/CVE-2025-58xx/CVE-2025-5842.json +++ b/CVE-2025/CVE-2025-58xx/CVE-2025-5842.json @@ -2,8 +2,8 @@ "id": "CVE-2025-5842", "sourceIdentifier": "security@wordfence.com", "published": "2025-06-26T10:15:25.537", - "lastModified": "2025-06-26T10:15:25.537", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-58xx/CVE-2025-5846.json b/CVE-2025/CVE-2025-58xx/CVE-2025-5846.json index 1eba77da190..8d7b5a7b5a0 100644 --- a/CVE-2025/CVE-2025-58xx/CVE-2025-5846.json +++ b/CVE-2025/CVE-2025-58xx/CVE-2025-5846.json @@ -2,13 +2,17 @@ "id": "CVE-2025-5846", "sourceIdentifier": "cve@gitlab.com", "published": "2025-06-26T06:15:24.030", - "lastModified": "2025-06-26T06:15:24.030", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue has been discovered in GitLab EE affecting all versions from 16.10 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users to assign unrelated compliance frameworks to projects by sending crafted GraphQL mutations that bypassed framework-specific permission checks." + }, + { + "lang": "es", + "value": "Se ha descubierto un problema en GitLab EE que afecta a todas las versiones desde la 16.10 hasta la 17.11.5, la 18.0 hasta la 18.0.3 y la 18.1 hasta la 18.1.1 que podr\u00eda haber permitido a los usuarios autenticados asignar frameworks de cumplimiento no relacionados a los proyectos mediante el env\u00edo de mutaciones GraphQL manipuladas que elud\u00edan los controles de permisos espec\u00edficos del framework." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-59xx/CVE-2025-5927.json b/CVE-2025/CVE-2025-59xx/CVE-2025-5927.json index c68306c59be..385d3ab3b87 100644 --- a/CVE-2025/CVE-2025-59xx/CVE-2025-5927.json +++ b/CVE-2025/CVE-2025-59xx/CVE-2025-5927.json @@ -2,13 +2,17 @@ "id": "CVE-2025-5927", "sourceIdentifier": "security@wordfence.com", "published": "2025-06-25T10:15:23.090", - "lastModified": "2025-06-25T10:15:23.090", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Everest Forms (Pro) plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_entry_files() function in all versions up to, and including, 1.9.4. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). The vulnerability requires an admin to trigger the deletion via deletion of a form entry and cannot be carried out by the attacker alone." + }, + { + "lang": "es", + "value": "El complemento Everest Forms (Pro) para WordPress es vulnerable a la eliminaci\u00f3n arbitraria de archivos debido a una validaci\u00f3n insuficiente de la ruta de archivo en la funci\u00f3n delete_entry_files() en todas las versiones hasta la 1.9.4 incluida. Esto permite a atacantes no autenticados eliminar archivos arbitrarios en el servidor, lo que puede provocar f\u00e1cilmente la ejecuci\u00f3n remota de c\u00f3digo al eliminar el archivo correcto (como wp-config.php). La vulnerabilidad requiere que un administrador active la eliminaci\u00f3n mediante la eliminaci\u00f3n de una entrada del formulario y no puede ser realizada por el atacante solo." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-59xx/CVE-2025-5929.json b/CVE-2025/CVE-2025-59xx/CVE-2025-5929.json index 2df0d51d4e7..c5907b0959e 100644 --- a/CVE-2025/CVE-2025-59xx/CVE-2025-5929.json +++ b/CVE-2025/CVE-2025-59xx/CVE-2025-5929.json @@ -2,13 +2,17 @@ "id": "CVE-2025-5929", "sourceIdentifier": "security@wordfence.com", "published": "2025-06-26T03:15:24.953", - "lastModified": "2025-06-26T03:15:24.953", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The The Countdown plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018clientId\u2019 parameter in all versions up to, and including, 2.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento The Countdown para WordPress es vulnerable a cross site scripting almacenado a trav\u00e9s del par\u00e1metro 'clientId' en todas las versiones hasta la 2.0.1 incluida, debido a una depuraci\u00f3n de entrada y un escape de salida insuficientes. Esto permite a atacantes autenticados, con acceso de colaborador o superior, inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n al acceder un usuario a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-59xx/CVE-2025-5932.json b/CVE-2025/CVE-2025-59xx/CVE-2025-5932.json index 002e2878a7d..a359d2372a2 100644 --- a/CVE-2025/CVE-2025-59xx/CVE-2025-5932.json +++ b/CVE-2025/CVE-2025-59xx/CVE-2025-5932.json @@ -2,13 +2,17 @@ "id": "CVE-2025-5932", "sourceIdentifier": "security@wordfence.com", "published": "2025-06-26T03:15:25.110", - "lastModified": "2025-06-26T03:15:25.110", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Homerunner plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.29. This is due to missing or incorrect nonce validation on the main_settings() function. This makes it possible for unauthenticated attackers to update plugin settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento Homerunner para WordPress es vulnerable a cross-site request forgery en todas las versiones hasta la 1.0.29 incluida. Esto se debe a la falta o la validaci\u00f3n incorrecta de nonce en la funci\u00f3n main_settings(). Esto permite que atacantes no autenticados actualicen la configuraci\u00f3n del complemento mediante una solicitud falsificada, ya que pueden enga\u00f1ar al administrador del sitio para que realice una acci\u00f3n como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-59xx/CVE-2025-5966.json b/CVE-2025/CVE-2025-59xx/CVE-2025-5966.json index 756a37beb84..c4817c5ebbe 100644 --- a/CVE-2025/CVE-2025-59xx/CVE-2025-5966.json +++ b/CVE-2025/CVE-2025-59xx/CVE-2025-5966.json @@ -2,8 +2,8 @@ "id": "CVE-2025-5966", "sourceIdentifier": "0fc0942c-577d-436f-ae8e-945763c79b02", "published": "2025-06-26T13:15:29.123", - "lastModified": "2025-06-26T13:15:29.123", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-60xx/CVE-2025-6032.json b/CVE-2025/CVE-2025-60xx/CVE-2025-6032.json index def6af1ceae..fee54ca32be 100644 --- a/CVE-2025/CVE-2025-60xx/CVE-2025-6032.json +++ b/CVE-2025/CVE-2025-60xx/CVE-2025-6032.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6032", "sourceIdentifier": "secalert@redhat.com", "published": "2025-06-24T14:15:30.703", - "lastModified": "2025-06-24T14:15:30.703", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack." + }, + { + "lang": "es", + "value": "Se detect\u00f3 una falla en Podman. El comando podman machine init no verifica el certificado TLS al descargar im\u00e1genes de m\u00e1quinas virtuales desde un registro OCI. Este problema provoca un ataque de intermediario (Man in the Middle)." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-62xx/CVE-2025-6206.json b/CVE-2025/CVE-2025-62xx/CVE-2025-6206.json index 3441e387624..3e202bd5a7a 100644 --- a/CVE-2025/CVE-2025-62xx/CVE-2025-6206.json +++ b/CVE-2025/CVE-2025-62xx/CVE-2025-6206.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6206", "sourceIdentifier": "security@wordfence.com", "published": "2025-06-24T09:15:25.653", - "lastModified": "2025-06-24T09:15:25.653", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'aiomatic_image_editor_ajax_submit' function in all versions up to, and including, 2.5.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. In order to exploit the vulnerability, there must be a value entered for the Stability.AI API key. The value can be arbitrary." + }, + { + "lang": "es", + "value": "El complemento Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkitpara WordPress es vulnerable a la carga de archivos arbitrarios debido a la falta de validaci\u00f3n del tipo de archivo en la funci\u00f3n 'aiomatic_image_editor_ajax_submit' en todas las versiones hasta la 2.5.0 incluida. Esto permite que atacantes autenticados, con acceso de suscriptor o superior, carguen archivos arbitrarios en el servidor del sitio afectado, lo que podr\u00eda posibilitar la ejecuci\u00f3n remota de c\u00f3digo. Para explotar esta vulnerabilidad, se debe introducir un valor para la clave API de Stability.AI. El valor puede ser arbitrario." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-62xx/CVE-2025-6212.json b/CVE-2025/CVE-2025-62xx/CVE-2025-6212.json index e1977837366..4b2a263bc0e 100644 --- a/CVE-2025/CVE-2025-62xx/CVE-2025-6212.json +++ b/CVE-2025/CVE-2025-62xx/CVE-2025-6212.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6212", "sourceIdentifier": "security@wordfence.com", "published": "2025-06-26T10:15:25.747", - "lastModified": "2025-06-26T10:15:25.747", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-62xx/CVE-2025-6258.json b/CVE-2025/CVE-2025-62xx/CVE-2025-6258.json index a4332c04258..64dd2314849 100644 --- a/CVE-2025/CVE-2025-62xx/CVE-2025-6258.json +++ b/CVE-2025/CVE-2025-62xx/CVE-2025-6258.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6258", "sourceIdentifier": "security@wordfence.com", "published": "2025-06-26T02:15:22.573", - "lastModified": "2025-06-26T02:15:22.573", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The WP SoundSystem plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpsstm-track shortcode in all versions up to, and including, 3.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento WP SoundSystem para WordPress es vulnerable a cross site scripting almacenado a trav\u00e9s del shortcode wpsstm-track en todas las versiones hasta la 3.4.2 incluida, debido a una depuraci\u00f3n de entrada insuficiente y al escape de salida en los atributos proporcionados por el usuario. Esto permite a atacantes autenticados, con acceso de colaborador o superior, inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n al acceder un usuario a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-62xx/CVE-2025-6290.json b/CVE-2025/CVE-2025-62xx/CVE-2025-6290.json index 5ba5c4b1c09..7b6ea42c5a3 100644 --- a/CVE-2025/CVE-2025-62xx/CVE-2025-6290.json +++ b/CVE-2025/CVE-2025-62xx/CVE-2025-6290.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6290", "sourceIdentifier": "security@wordfence.com", "published": "2025-06-26T02:15:22.733", - "lastModified": "2025-06-26T02:15:22.733", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Tournament Bracket Generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bracket' shortcode in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento Tournament Bracket Generator para WordPress es vulnerable a cross site scripting almacenado a trav\u00e9s del shortcode \"bracket\" del complemento en todas las versiones hasta la 1.0.0 incluida, debido a una depuraci\u00f3n de entrada insuficiente y al escape de salida en los atributos proporcionados por el usuario. Esto permite a atacantes autenticados, con acceso de colaborador o superior, inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n al acceder un usuario a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-63xx/CVE-2025-6323.json b/CVE-2025/CVE-2025-63xx/CVE-2025-6323.json index 79dd9070b8b..af12f7a8885 100644 --- a/CVE-2025/CVE-2025-63xx/CVE-2025-6323.json +++ b/CVE-2025/CVE-2025-63xx/CVE-2025-6323.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6323", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-20T09:15:23.687", - "lastModified": "2025-06-23T20:16:40.143", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-06-26T18:51:41.870", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -63,7 +63,7 @@ "cvssMetricV31": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", @@ -80,6 +80,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -122,28 +142,75 @@ "value": "CWE-89" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phpgurukul:pre-school_enrollment_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "7CA2ED32-BA35-4D09-A99F-13998D3C19CF" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/f1rstb100d/myCVE/issues/76", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] }, { "url": "https://phpgurukul.com/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] }, { "url": "https://vuldb.com/?ctiid.313323", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.313323", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.596383", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-63xx/CVE-2025-6330.json b/CVE-2025/CVE-2025-63xx/CVE-2025-6330.json index 5471b2a9f04..7088d375d1f 100644 --- a/CVE-2025/CVE-2025-63xx/CVE-2025-6330.json +++ b/CVE-2025/CVE-2025-63xx/CVE-2025-6330.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6330", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-20T10:15:23.030", - "lastModified": "2025-06-23T20:16:40.143", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-06-26T18:48:43.913", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -63,7 +63,7 @@ "cvssMetricV31": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", @@ -80,6 +80,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -122,28 +142,75 @@ "value": "CWE-89" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phpgurukul:directory_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "77986F29-8C0B-4B73-BD32-6A610A89C64B" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/f1rstb100d/myCVE/issues/77", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] }, { "url": "https://phpgurukul.com/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] }, { "url": "https://vuldb.com/?ctiid.313326", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.313326", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.596532", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-63xx/CVE-2025-6331.json b/CVE-2025/CVE-2025-63xx/CVE-2025-6331.json index a81fdceb462..f80e03737ca 100644 --- a/CVE-2025/CVE-2025-63xx/CVE-2025-6331.json +++ b/CVE-2025/CVE-2025-63xx/CVE-2025-6331.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6331", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-20T10:15:23.210", - "lastModified": "2025-06-23T20:16:40.143", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-06-26T18:46:13.133", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -63,7 +63,7 @@ "cvssMetricV31": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", @@ -80,6 +80,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 3.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -122,28 +142,75 @@ "value": "CWE-89" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phpgurukul:directory_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "77986F29-8C0B-4B73-BD32-6A610A89C64B" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/f1rstb100d/myCVE/issues/78", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] }, { "url": "https://phpgurukul.com/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] }, { "url": "https://vuldb.com/?ctiid.313327", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.313327", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.596533", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-63xx/CVE-2025-6332.json b/CVE-2025/CVE-2025-63xx/CVE-2025-6332.json index c3a3fbc6713..b2f0812cfa9 100644 --- a/CVE-2025/CVE-2025-63xx/CVE-2025-6332.json +++ b/CVE-2025/CVE-2025-63xx/CVE-2025-6332.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6332", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-20T11:15:21.693", - "lastModified": "2025-06-23T20:16:40.143", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-06-26T18:39:05.587", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -63,7 +63,7 @@ "cvssMetricV31": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", @@ -80,6 +80,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 3.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -122,28 +142,75 @@ "value": "CWE-89" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phpgurukul:directory_management_system:2.0:*:*:*:*:*:*:*", + "matchCriteriaId": "74DDACAC-2E4D-47F4-B42B-929AC4C1D74E" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/f1rstb100d/myCVE/issues/79", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] }, { "url": "https://phpgurukul.com/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] }, { "url": "https://vuldb.com/?ctiid.313328", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.313328", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.596534", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-63xx/CVE-2025-6333.json b/CVE-2025/CVE-2025-63xx/CVE-2025-6333.json index be2c56ea980..c4955103f62 100644 --- a/CVE-2025/CVE-2025-63xx/CVE-2025-6333.json +++ b/CVE-2025/CVE-2025-63xx/CVE-2025-6333.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6333", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-20T11:15:21.897", - "lastModified": "2025-06-23T20:16:40.143", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-06-26T18:35:06.553", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -63,7 +63,7 @@ "cvssMetricV31": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", @@ -80,6 +80,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 3.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -122,28 +142,75 @@ "value": "CWE-89" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phpgurukul:directory_management_system:2.0:*:*:*:*:*:*:*", + "matchCriteriaId": "74DDACAC-2E4D-47F4-B42B-929AC4C1D74E" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/f1rstb100d/myCVE/issues/80", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] }, { "url": "https://phpgurukul.com/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] }, { "url": "https://vuldb.com/?ctiid.313329", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.313329", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.596535", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-63xx/CVE-2025-6336.json b/CVE-2025/CVE-2025-63xx/CVE-2025-6336.json index cb866d0e989..b458fe10af2 100644 --- a/CVE-2025/CVE-2025-63xx/CVE-2025-6336.json +++ b/CVE-2025/CVE-2025-63xx/CVE-2025-6336.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6336", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-20T12:15:22.307", - "lastModified": "2025-06-23T20:16:40.143", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-06-26T18:28:59.800", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -63,7 +63,7 @@ "cvssMetricV31": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", @@ -80,6 +80,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 } ], "cvssMetricV2": [ @@ -122,32 +142,94 @@ "value": "CWE-120" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:totolink:ex1200t_firmware:4.1.2cu.5232_b20210713:*:*:*:*:*:*:*", + "matchCriteriaId": "1DD36F94-8646-4794-8878-6F4BF1BF1153" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:totolink:ex1200t:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F262644E-2558-423E-A19E-7C86A1756FBF" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/awindog/cve/blob/main/688/12.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://github.com/awindog/cve/blob/main/688/12.md#poc", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.313332", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.313332", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.596690", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://www.totolink.net/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-63xx/CVE-2025-6340.json b/CVE-2025/CVE-2025-63xx/CVE-2025-6340.json index ded0db9f240..2db23e70e52 100644 --- a/CVE-2025/CVE-2025-63xx/CVE-2025-6340.json +++ b/CVE-2025/CVE-2025-63xx/CVE-2025-6340.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6340", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-20T13:15:19.790", - "lastModified": "2025-06-23T20:16:40.143", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-06-26T18:16:01.950", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -63,7 +63,7 @@ "cvssMetricV31": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", @@ -80,6 +80,26 @@ }, "exploitabilityScore": 2.1, "impactScore": 1.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 } ], "cvssMetricV2": [ @@ -122,28 +142,75 @@ "value": "CWE-94" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fabian:school_fees_payment_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "7CA0F147-F254-4156-BAB0-6D889FEEEC1C" + } + ] + } + ] } ], "references": [ { "url": "https://code-projects.org/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] }, { "url": "https://github.com/tuooo/CVE/issues/14", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.313335", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.313335", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.596998", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-63xx/CVE-2025-6378.json b/CVE-2025/CVE-2025-63xx/CVE-2025-6378.json index a9c00894df9..1e5b8754cd0 100644 --- a/CVE-2025/CVE-2025-63xx/CVE-2025-6378.json +++ b/CVE-2025/CVE-2025-63xx/CVE-2025-6378.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6378", "sourceIdentifier": "security@wordfence.com", "published": "2025-06-26T02:15:22.887", - "lastModified": "2025-06-26T02:15:22.887", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Responsive Food and Drink Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's display_pdf_menus shortcode in all versions up to, and including, 2.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento Responsive Food and Drink Menu para WordPress es vulnerable a cross site scripting almacenado a trav\u00e9s del shortcode display_pdf_menus en todas las versiones hasta la 2.3 incluida, debido a una depuraci\u00f3n de entrada insuficiente y al escape de salida en los atributos proporcionados por el usuario. Esto permite a atacantes autenticados, con acceso de colaborador o superior, inyectar scripts web arbitrarios en las p\u00e1ginas que se ejecutar\u00e1n al acceder un usuario a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-63xx/CVE-2025-6383.json b/CVE-2025/CVE-2025-63xx/CVE-2025-6383.json index cb235caf9f0..e8974eda302 100644 --- a/CVE-2025/CVE-2025-63xx/CVE-2025-6383.json +++ b/CVE-2025/CVE-2025-63xx/CVE-2025-6383.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6383", "sourceIdentifier": "security@wordfence.com", "published": "2025-06-26T02:15:23.040", - "lastModified": "2025-06-26T02:15:23.040", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The WP-PhotoNav plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's photonav shortcode in all versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento WP-PhotoNav para WordPress es vulnerable a cross site scripting almacenado a trav\u00e9s del shortcode photonav del complemento en todas las versiones hasta la 1.2.2 incluida, debido a una depuraci\u00f3n de entrada insuficiente y al escape de salida en los atributos proporcionados por el usuario. Esto permite a atacantes autenticados, con acceso de colaborador o superior, inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n al acceder un usuario a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-64xx/CVE-2025-6424.json b/CVE-2025/CVE-2025-64xx/CVE-2025-6424.json index d9cac113271..1988646fb6a 100644 --- a/CVE-2025/CVE-2025-64xx/CVE-2025-6424.json +++ b/CVE-2025/CVE-2025-64xx/CVE-2025-6424.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6424", "sourceIdentifier": "security@mozilla.org", "published": "2025-06-24T13:15:23.273", - "lastModified": "2025-06-25T13:15:26.633", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-64xx/CVE-2025-6425.json b/CVE-2025/CVE-2025-64xx/CVE-2025-6425.json index cb671a74106..ea476faa476 100644 --- a/CVE-2025/CVE-2025-64xx/CVE-2025-6425.json +++ b/CVE-2025/CVE-2025-64xx/CVE-2025-6425.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6425", "sourceIdentifier": "security@mozilla.org", "published": "2025-06-24T13:15:23.403", - "lastModified": "2025-06-25T15:15:25.200", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-64xx/CVE-2025-6426.json b/CVE-2025/CVE-2025-64xx/CVE-2025-6426.json index 50bfdb8d818..88b302a2031 100644 --- a/CVE-2025/CVE-2025-64xx/CVE-2025-6426.json +++ b/CVE-2025/CVE-2025-64xx/CVE-2025-6426.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6426", "sourceIdentifier": "security@mozilla.org", "published": "2025-06-24T13:15:23.537", - "lastModified": "2025-06-25T15:15:25.350", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-64xx/CVE-2025-6427.json b/CVE-2025/CVE-2025-64xx/CVE-2025-6427.json index 29cef577868..9d9089a95dc 100644 --- a/CVE-2025/CVE-2025-64xx/CVE-2025-6427.json +++ b/CVE-2025/CVE-2025-64xx/CVE-2025-6427.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6427", "sourceIdentifier": "security@mozilla.org", "published": "2025-06-24T13:15:23.650", - "lastModified": "2025-06-25T15:15:25.497", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-64xx/CVE-2025-6428.json b/CVE-2025/CVE-2025-64xx/CVE-2025-6428.json index a3e3edb1701..fb3101068e0 100644 --- a/CVE-2025/CVE-2025-64xx/CVE-2025-6428.json +++ b/CVE-2025/CVE-2025-64xx/CVE-2025-6428.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6428", "sourceIdentifier": "security@mozilla.org", "published": "2025-06-24T13:15:23.770", - "lastModified": "2025-06-25T15:15:25.647", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-64xx/CVE-2025-6429.json b/CVE-2025/CVE-2025-64xx/CVE-2025-6429.json index 90a9ad9ef50..0efbdf91576 100644 --- a/CVE-2025/CVE-2025-64xx/CVE-2025-6429.json +++ b/CVE-2025/CVE-2025-64xx/CVE-2025-6429.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6429", "sourceIdentifier": "security@mozilla.org", "published": "2025-06-24T13:15:23.877", - "lastModified": "2025-06-25T15:15:25.797", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-64xx/CVE-2025-6430.json b/CVE-2025/CVE-2025-64xx/CVE-2025-6430.json index 973111bdbf9..30087bdacc6 100644 --- a/CVE-2025/CVE-2025-64xx/CVE-2025-6430.json +++ b/CVE-2025/CVE-2025-64xx/CVE-2025-6430.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6430", "sourceIdentifier": "security@mozilla.org", "published": "2025-06-24T13:15:23.993", - "lastModified": "2025-06-25T15:15:25.980", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-64xx/CVE-2025-6431.json b/CVE-2025/CVE-2025-64xx/CVE-2025-6431.json index 3926ec2cf20..ccf0719f0e4 100644 --- a/CVE-2025/CVE-2025-64xx/CVE-2025-6431.json +++ b/CVE-2025/CVE-2025-64xx/CVE-2025-6431.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6431", "sourceIdentifier": "security@mozilla.org", "published": "2025-06-24T13:15:24.103", - "lastModified": "2025-06-25T13:15:26.800", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-64xx/CVE-2025-6432.json b/CVE-2025/CVE-2025-64xx/CVE-2025-6432.json index a4916db8c52..e3da9dd325f 100644 --- a/CVE-2025/CVE-2025-64xx/CVE-2025-6432.json +++ b/CVE-2025/CVE-2025-64xx/CVE-2025-6432.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6432", "sourceIdentifier": "security@mozilla.org", "published": "2025-06-24T13:15:24.220", - "lastModified": "2025-06-25T15:15:26.150", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-64xx/CVE-2025-6433.json b/CVE-2025/CVE-2025-64xx/CVE-2025-6433.json index 5bb18f14f60..f16a9f071ca 100644 --- a/CVE-2025/CVE-2025-64xx/CVE-2025-6433.json +++ b/CVE-2025/CVE-2025-64xx/CVE-2025-6433.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6433", "sourceIdentifier": "security@mozilla.org", "published": "2025-06-24T13:15:24.327", - "lastModified": "2025-06-25T13:15:26.977", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-64xx/CVE-2025-6434.json b/CVE-2025/CVE-2025-64xx/CVE-2025-6434.json index e58bcc77e6e..efb3ccf32ea 100644 --- a/CVE-2025/CVE-2025-64xx/CVE-2025-6434.json +++ b/CVE-2025/CVE-2025-64xx/CVE-2025-6434.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6434", "sourceIdentifier": "security@mozilla.org", "published": "2025-06-24T13:15:24.447", - "lastModified": "2025-06-25T15:15:26.313", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-64xx/CVE-2025-6435.json b/CVE-2025/CVE-2025-64xx/CVE-2025-6435.json index d3df116f0b6..16d97654e64 100644 --- a/CVE-2025/CVE-2025-64xx/CVE-2025-6435.json +++ b/CVE-2025/CVE-2025-64xx/CVE-2025-6435.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6435", "sourceIdentifier": "security@mozilla.org", "published": "2025-06-24T13:15:24.560", - "lastModified": "2025-06-24T14:15:30.930", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "If a user saved a response from the Network tab in Devtools using the Save As context menu option, that file may not have been saved with the `.download` file extension. This could have led to the user inadvertently running a malicious executable. This vulnerability affects Firefox < 140." + }, + { + "lang": "es", + "value": "Si un usuario guard\u00f3 una respuesta desde la pesta\u00f1a Red en DevTools mediante la opci\u00f3n Guardar como del men\u00fa contextual, es posible que el archivo no se haya guardado con la extensi\u00f3n `.download`. Esto podr\u00eda haber provocado que el usuario ejecutara accidentalmente un archivo malicioso. Esta vulnerabilidad afecta a Firefox anterior a la versi\u00f3n 140." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-64xx/CVE-2025-6436.json b/CVE-2025/CVE-2025-64xx/CVE-2025-6436.json index 3f344dbc27a..649a3b72db9 100644 --- a/CVE-2025/CVE-2025-64xx/CVE-2025-6436.json +++ b/CVE-2025/CVE-2025-64xx/CVE-2025-6436.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6436", "sourceIdentifier": "security@mozilla.org", "published": "2025-06-24T13:15:24.677", - "lastModified": "2025-06-26T14:15:32.083", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-64xx/CVE-2025-6442.json b/CVE-2025/CVE-2025-64xx/CVE-2025-6442.json index a25c0aebb8f..d39de5c8bcc 100644 --- a/CVE-2025/CVE-2025-64xx/CVE-2025-6442.json +++ b/CVE-2025/CVE-2025-64xx/CVE-2025-6442.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6442", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T17:15:40.117", - "lastModified": "2025-06-25T17:15:40.117", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Ruby WEBrick read_header HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions.\n\nThe specific flaw exists within the read_headers method. The issue results from the inconsistent parsing of terminators of HTTP headers. An attacker can leverage this vulnerability to smuggle arbitrary HTTP requests. Was ZDI-CAN-21876." + }, + { + "lang": "es", + "value": "Vulnerabilidad de contrabando de solicitudes HTTP en Ruby WEBrick read_header. Esta vulnerabilidad permite a atacantes remotos contrabandear solicitudes HTTP arbitrarias en las instalaciones afectadas de Ruby WEBrick. Este problema se puede explotar cuando el producto se implementa tras un proxy HTTP que cumple condiciones espec\u00edficas. La falla espec\u00edfica se encuentra en el m\u00e9todo read_headers. El problema se debe al an\u00e1lisis inconsistente de los terminadores de las cabeceras HTTP. Un atacante puede aprovechar esta vulnerabilidad para contrabandear solicitudes HTTP arbitrarias. Anteriormente, se denomin\u00f3 ZDI-CAN-21876." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-64xx/CVE-2025-6443.json b/CVE-2025/CVE-2025-64xx/CVE-2025-6443.json index 88f7585f494..4cd6405d8e4 100644 --- a/CVE-2025/CVE-2025-64xx/CVE-2025-6443.json +++ b/CVE-2025/CVE-2025-64xx/CVE-2025-6443.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6443", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T22:15:20.960", - "lastModified": "2025-06-25T22:15:20.960", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Mikrotik RouterOS VXLAN Source IP Improper Access Control Vulnerability. This vulnerability allows remote attackers to bypass access restrictions on affected installations of Mikrotik RouterOS. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of remote IP addresses when processing VXLAN traffic. The issue results from the lack of validation of the remote IP address against configured values prior to allowing ingress traffic into the internal network. An attacker can leverage this vulnerability to gain access to internal network resources. Was ZDI-CAN-26415." + }, + { + "lang": "es", + "value": "Vulnerabilidad de control de acceso incorrecto a la IP de origen de VXLAN en Mikrotik RouterOS. Esta vulnerabilidad permite a atacantes remotos eludir las restricciones de acceso en las instalaciones afectadas de Mikrotik RouterOS. No se requiere autenticaci\u00f3n para explotar esta vulnerabilidad. La falla espec\u00edfica se encuentra en el manejo de direcciones IP remotas al procesar el tr\u00e1fico VXLAN. El problema se debe a la falta de validaci\u00f3n de la direcci\u00f3n IP remota con los valores configurados antes de permitir el acceso a la red interna. Un atacante puede aprovechar esta vulnerabilidad para acceder a los recursos de la red interna. Anteriormente, se denomin\u00f3 ZDI-CAN-26415." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-64xx/CVE-2025-6444.json b/CVE-2025/CVE-2025-64xx/CVE-2025-6444.json index 05ffa4e3e90..4502add97c6 100644 --- a/CVE-2025/CVE-2025-64xx/CVE-2025-6444.json +++ b/CVE-2025/CVE-2025-64xx/CVE-2025-6444.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6444", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T18:15:24.463", - "lastModified": "2025-06-25T18:15:24.463", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "ServiceStack GetErrorResponse Improper Input Validation NTLM Relay Vulnerability. This vulnerability allows remote attackers to relay NTLM credentials on affected installations of ServiceStack. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.\n\nThe specific flaw exists within the implementation of the GetErrorResponse method. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to relay NTLM credentials in the context of the current user. Was ZDI-CAN-25834." + }, + { + "lang": "es", + "value": "Vulnerabilidad de retransmisi\u00f3n NTLM por validaci\u00f3n de entrada incorrecta en ServiceStack GetErrorResponse. Esta vulnerabilidad permite a atacantes remotos retransmitir credenciales NTLM en las instalaciones afectadas de ServiceStack. Se requiere la interacci\u00f3n con esta librer\u00eda para explotar esta vulnerabilidad, pero los vectores de ataque pueden variar seg\u00fan la implementaci\u00f3n. La falla espec\u00edfica se encuentra en la implementaci\u00f3n del m\u00e9todo GetErrorResponse. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede generar una confusi\u00f3n de tipos. Un atacante puede aprovechar esta vulnerabilidad para retransmitir credenciales NTLM en el contexto del usuario actual. Anteriormente, se describi\u00f3 como ZDI-CAN-25834." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-64xx/CVE-2025-6445.json b/CVE-2025/CVE-2025-64xx/CVE-2025-6445.json index 5b72b382dab..293c000a882 100644 --- a/CVE-2025/CVE-2025-64xx/CVE-2025-6445.json +++ b/CVE-2025/CVE-2025-64xx/CVE-2025-6445.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6445", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T18:15:24.610", - "lastModified": "2025-06-25T18:15:24.610", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "ServiceStack FindType Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ServiceStack. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.\n\nThe specific flaw exists within the implementation of the FindType method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25837." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en ServiceStack FindType Directory Traversal. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de ServiceStack. Se requiere la interacci\u00f3n con esta librer\u00eda para explotar esta vulnerabilidad, pero los vectores de ataque pueden variar seg\u00fan la implementaci\u00f3n. La falla espec\u00edfica se encuentra en la implementaci\u00f3n del m\u00e9todo FindType. El problema se debe a la falta de validaci\u00f3n adecuada de una ruta proporcionada por el usuario antes de usarla en operaciones con archivos. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-25837." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6524.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6524.json index 958b6cb78f1..33cb9f09b23 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6524.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6524.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6524", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-23T21:15:27.970", - "lastModified": "2025-06-23T21:15:27.970", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as problematic has been found in 70mai 1S up to 20250611. This affects an unknown part of the component Video Services. The manipulation leads to improper authentication. Access to the local network is required for this attack to succeed. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Se ha detectado una vulnerabilidad clasificada como problem\u00e1tica en 70mai 1S hasta 20250611. Esta afecta a una parte desconocida del componente Servicios de V\u00eddeo. La manipulaci\u00f3n provoca una autenticaci\u00f3n incorrecta. Se requiere acceso a la red local para que este ataque tenga \u00e9xito. Es un ataque de complejidad bastante alta. Parece dif\u00edcil de explotar. Se ha hecho p\u00fablico el exploit y puede que sea utilizado. Se contact\u00f3 al proveedor con antelaci\u00f3n sobre esta divulgaci\u00f3n, pero no respondi\u00f3." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6525.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6525.json index 45b826a5afc..f6eb342672c 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6525.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6525.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6525", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-23T22:15:22.697", - "lastModified": "2025-06-23T22:15:22.697", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as problematic was found in 70mai 1S up to 20250611. This vulnerability affects unknown code of the file /cgi-bin/Config.cgi?action=set of the component Configuration Handler. The manipulation leads to improper authorization. The attack needs to be approached within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Se detect\u00f3 una vulnerabilidad clasificada como problem\u00e1tica en 70mai 1S hasta 20250611. Esta vulnerabilidad afecta al c\u00f3digo desconocido del archivo /cgi-bin/Config.cgi?action=set del componente Configuration Handler. La manipulaci\u00f3n provoca una autorizaci\u00f3n indebida. El ataque debe abordarse dentro de la red local. Se ha hecho p\u00fablico el exploit y puede que sea utilizado. Se contact\u00f3 al proveedor con antelaci\u00f3n sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6526.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6526.json index 7748053c662..528c6a79407 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6526.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6526.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6526", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-23T22:15:22.930", - "lastModified": "2025-06-23T22:15:22.930", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as problematic, has been found in 70mai M300 up to 20250611. This issue affects some unknown processing of the component HTTP Server. The manipulation leads to insufficiently protected credentials. The attack can only be done within the local network. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Se ha detectado una vulnerabilidad clasificada como problem\u00e1tica en 70mai M300 hasta el 20250611. Este problema afecta a un procesamiento desconocido del componente HTTP Server. La manipulaci\u00f3n da lugar a credenciales con protecci\u00f3n insuficiente. El ataque solo puede realizarse dentro de la red local. Es un ataque de complejidad bastante alta. Parece dif\u00edcil de explotar. Se ha hecho p\u00fablico el exploit y puede que sea utilizado. Se contact\u00f3 al proveedor con antelaci\u00f3n sobre esta divulgaci\u00f3n, pero no respondi\u00f3." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6527.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6527.json index e4cd92ac8f7..be32deca6c0 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6527.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6527.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6527", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-23T22:15:23.130", - "lastModified": "2025-06-23T22:15:23.130", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as problematic, was found in 70mai M300 up to 20250611. Affected is an unknown function of the component Web Server. The manipulation leads to improper access controls. The attack can only be initiated within the local network. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad clasificada como problem\u00e1tica en 70mai M300 hasta el 20250611. Se trata de una funci\u00f3n desconocida del componente Servidor Web. La manipulaci\u00f3n conlleva controles de acceso inadecuados. El ataque solo puede iniciarse dentro de la red local. Es un ataque de complejidad bastante alta. Parece dif\u00edcil de explotar. Se ha hecho p\u00fablico el exploit y puede que sea utilizado. Se contact\u00f3 al proveedor con antelaci\u00f3n sobre esta divulgaci\u00f3n, pero no respondi\u00f3." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6528.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6528.json index ae3da9f2fef..eec9f8cb662 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6528.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6528.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6528", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-23T23:15:23.783", - "lastModified": "2025-06-23T23:15:23.783", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability has been found in 70mai M300 up to 20250611 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /livestream/12 of the component RTSP Live Video Stream Endpoint. The manipulation leads to improper authentication. The attack needs to be done within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Se ha detectado una vulnerabilidad en 70mai M300 hasta el 20250611, clasificada como problem\u00e1tica. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo /livestream/12 del componente RTSP Live Video Stream Endpoint. La manipulaci\u00f3n provoca una autenticaci\u00f3n incorrecta. El ataque debe realizarse dentro de la red local. Se ha hecho p\u00fablico el exploit y puede que sea utilizado. Se contact\u00f3 al proveedor con antelaci\u00f3n para informarle sobre esta divulgaci\u00f3n, pero no respondi\u00f3." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6529.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6529.json index 49870665da8..55ec2b9e23e 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6529.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6529.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6529", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-23T23:15:23.980", - "lastModified": "2025-06-23T23:15:23.980", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in 70mai M300 up to 20250611 and classified as critical. Affected by this issue is some unknown functionality of the component Telnet Service. The manipulation leads to use of default credentials. The attack needs to be initiated within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en 70mai M300 hasta el 20250611, clasificada como cr\u00edtica. Este problema afecta a una funcionalidad desconocida del componente Telnet Service. La manipulaci\u00f3n implica el uso de credenciales predeterminadas. El ataque debe iniciarse dentro de la red local. Se ha hecho p\u00fablico el exploit y puede que sea utilizado. Se contact\u00f3 al proveedor con antelaci\u00f3n para informarle sobre esta divulgaci\u00f3n, pero no respondi\u00f3." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6530.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6530.json index af03d0d3399..61b3004a477 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6530.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6530.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6530", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-23T23:15:24.177", - "lastModified": "2025-06-23T23:15:24.177", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in 70mai M300 up to 20250611. It has been classified as problematic. This affects an unknown part of the file demo.sh of the component Telnet Service. The manipulation leads to denial of service. Access to the local network is required for this attack. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en 70mai M300 hasta el 20250611. Se ha clasificado como problem\u00e1tica. Afecta a una parte desconocida del archivo demo.sh del componente Telnet Service. La manipulaci\u00f3n provoca una denegaci\u00f3n de servicio. Se requiere acceso a la red local para este ataque. Es un ataque de complejidad bastante alta. Parece dif\u00edcil de explotar. Se ha hecho p\u00fablico el exploit y puede que sea utilizado. Se contact\u00f3 al proveedor con antelaci\u00f3n para informarle sobre esta divulgaci\u00f3n, pero no respondi\u00f3." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6531.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6531.json index 2a996ba4aa2..fa470533121 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6531.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6531.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6531", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-24T00:15:25.917", - "lastModified": "2025-06-26T15:15:24.250", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6532.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6532.json index abd39cd90d6..3dac12f7aba 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6532.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6532.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6532", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-24T00:15:26.213", - "lastModified": "2025-06-25T15:15:26.467", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6533.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6533.json index 58ae74be769..e29cc751049 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6533.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6533.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6533", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-24T00:15:26.397", - "lastModified": "2025-06-25T15:15:26.600", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6534.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6534.json index aced0ad4992..7de69319a23 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6534.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6534.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6534", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-24T01:15:25.303", - "lastModified": "2025-06-25T13:15:27.137", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6535.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6535.json index ac883ef9367..310ba09f295 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6535.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6535.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6535", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-24T01:15:25.513", - "lastModified": "2025-06-24T14:15:31.237", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability has been found in xxyopen/201206030 novel-plus up to 5.1.3 and classified as critical. This vulnerability affects the function list of the file novel-admin/src/main/resources/mybatis/system/UserMapper.xml of the component User Management Module. The manipulation of the argument sort/order leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Se ha detectado una vulnerabilidad en xxyopen/201206030 novel-plus hasta la versi\u00f3n 5.1.3, clasificada como cr\u00edtica. Esta vulnerabilidad afecta la lista de funciones del archivo novel-admin/src/main/resources/mybatis/system/UserMapper.xml del componente User Management Module. La manipulaci\u00f3n del argumento sort/order provoca una inyecci\u00f3n SQL. El ataque puede iniciarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado. Se contact\u00f3 al proveedor con antelaci\u00f3n para informarle sobre esta divulgaci\u00f3n, pero no respondi\u00f3." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6536.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6536.json index 1f9750a3273..75fa86db3b8 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6536.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6536.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6536", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-24T02:15:22.967", - "lastModified": "2025-06-24T02:15:22.967", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability has been found in Tarantool up to 3.3.1 and classified as problematic. Affected by this vulnerability is the function tm_to_datetime in the library src/lib/core/datetime.c. The manipulation leads to reachable assertion. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha detectado una vulnerabilidad en Tarantool hasta la versi\u00f3n 3.3.1, clasificada como problem\u00e1tica. Esta vulnerabilidad afecta a la funci\u00f3n tm_to_datetime de la librer\u00eda src/lib/core/datetime.c. La manipulaci\u00f3n genera una aserci\u00f3n accesible. Es necesario realizar ataques locales. Se ha hecho p\u00fablico el exploit y puede que sea utilizado." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6537.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6537.json index 7d99dd39728..fcefd4ccdcf 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6537.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6537.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6537", "sourceIdentifier": "security@wordfence.com", "published": "2025-06-26T03:15:25.277", - "lastModified": "2025-06-26T03:15:25.277", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Namasha By Mdesign plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018playicon_title\u2019 parameter in all versions up to, and including, 1.2.00 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento Namasha de Mdesign para WordPress es vulnerable a cross site scripting almacenado a trav\u00e9s del par\u00e1metro 'playicon_title' en todas las versiones hasta la 1.2.00 incluida, debido a una depuraci\u00f3n de entrada y un escape de salida insuficientes. Esto permite a atacantes autenticados, con acceso de colaborador o superior, inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n al acceder un usuario a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6538.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6538.json index 10e5e2d62f9..747724ed87e 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6538.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6538.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6538", "sourceIdentifier": "security@wordfence.com", "published": "2025-06-26T02:15:23.190", - "lastModified": "2025-06-26T02:15:23.190", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Post Rating and Review plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018class\u2019 parameter in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento Post Rating and Review para WordPress es vulnerable a cross site scripting almacenado a trav\u00e9s del par\u00e1metro 'class' en todas las versiones hasta la 1.3.4 incluida, debido a una depuraci\u00f3n de entrada y un escape de salida insuficientes. Esto permite a atacantes autenticados, con acceso de colaborador o superior, inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n al acceder un usuario a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6540.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6540.json index 0c31f6fcb39..aed121323b9 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6540.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6540.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6540", "sourceIdentifier": "security@wordfence.com", "published": "2025-06-26T03:15:25.430", - "lastModified": "2025-06-26T03:15:25.430", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The web-cam plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018slug\u2019 parameter in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento web-cam para WordPress es vulnerable a cross site scripting almacenado a trav\u00e9s del par\u00e1metro 'slug' en todas las versiones hasta la 1.0 incluida, debido a una depuraci\u00f3n de entrada y un escape de salida insuficientes. Esto permite a atacantes autenticados, con acceso de colaborador o superior, inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n al acceder un usuario a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6543.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6543.json index 42f7755a4b8..c83f0fd22f1 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6543.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6543.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6543", "sourceIdentifier": "secure@citrix.com", "published": "2025-06-25T13:15:27.293", - "lastModified": "2025-06-25T13:15:27.293", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when\u00a0configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server" + }, + { + "lang": "es", + "value": "Vulnerabilidad de desbordamiento de memoria que provoca un flujo de control no deseado y una denegaci\u00f3n de servicio en NetScaler ADC y NetScaler Gateway cuando se configuran como Gateway (servidor virtual VPN, proxy ICA, CVPN, proxy RDP) O servidor virtual AAA" } ], "metrics": { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6546.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6546.json index 23461f94a82..ff52922a2aa 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6546.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6546.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6546", "sourceIdentifier": "security@wordfence.com", "published": "2025-06-26T03:15:25.587", - "lastModified": "2025-06-26T03:15:25.587", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Drive Folder Embedder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018tablecssclass\u2019 parameter in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento Drive Folder Embedder para WordPress es vulnerable a cross site scripting almacenado a trav\u00e9s del par\u00e1metro 'tablecssclass' en todas las versiones hasta la 1.1.0 incluida, debido a una depuraci\u00f3n de entrada y un escape de salida insuficientes. Esto permite a atacantes autenticados, con acceso de colaborador o superior, inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n al acceder un usuario a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6551.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6551.json index 0a48d3d8c0a..7bf93a5e20d 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6551.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6551.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6551", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-24T02:15:23.170", - "lastModified": "2025-06-24T14:15:31.390", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in java-aodeng Hope-Boot 1.0.0 and classified as problematic. This issue affects the function Login of the file /src/main/java/com/hope/controller/WebController.java. The manipulation of the argument errorMsg leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en java-aodeng Hope-Boot 1.0.0 y se clasific\u00f3 como problem\u00e1tica. Este problema afecta a la funci\u00f3n \"Login\" del archivo /src/main/java/com/hope/controller/WebController.java. La manipulaci\u00f3n del argumento \"errorMsg\" provoca ataques de cross-site scripting. El ataque puede iniciarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado. Se contact\u00f3 al proveedor con antelaci\u00f3n para informarle sobre esta divulgaci\u00f3n, pero no respondi\u00f3." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6552.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6552.json index 3e7acca4c65..80d19c51f26 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6552.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6552.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6552", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-24T03:15:35.520", - "lastModified": "2025-06-24T03:15:35.520", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in java-aodeng Hope-Boot 1.0.0. It has been classified as problematic. Affected is the function doLogin of the file /src/main/java/com/hope/controller/WebController.java of the component Login. The manipulation of the argument redirect_url leads to open redirect. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en java-aodeng Hope-Boot 1.0.0. Se ha clasificado como problem\u00e1tica. La funci\u00f3n doLogin del archivo /src/main/java/com/hope/controller/WebController.java del componente Login est\u00e1 afectada. La manipulaci\u00f3n del argumento redirect_url provoca una redirecci\u00f3n abierta. Es posible ejecutar el ataque de forma remota. Se ha hecho p\u00fablico el exploit y puede que sea utilizado. Se contact\u00f3 al proveedor con antelaci\u00f3n sobre esta divulgaci\u00f3n, pero no respondi\u00f3." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6555.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6555.json index 971bdaf5e8e..6c15df478fb 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6555.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6555.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6555", "sourceIdentifier": "chrome-cve-admin@google.com", "published": "2025-06-24T20:15:27.100", - "lastModified": "2025-06-26T14:15:32.340", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6556.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6556.json index 3f4fcb2da1b..86c493eb0c3 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6556.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6556.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6556", "sourceIdentifier": "chrome-cve-admin@google.com", "published": "2025-06-24T20:15:27.227", - "lastModified": "2025-06-26T14:15:32.510", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6557.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6557.json index 56800a59f01..79d60b1977f 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6557.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6557.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6557", "sourceIdentifier": "chrome-cve-admin@google.com", "published": "2025-06-24T20:15:27.333", - "lastModified": "2025-06-24T21:15:26.697", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Insufficient data validation in DevTools in Google Chrome on Windows prior to 138.0.7204.49 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low)" + }, + { + "lang": "es", + "value": "Una validaci\u00f3n de datos insuficiente en DevTools de Google Chrome en Windows anterior a la versi\u00f3n 138.0.7204.49 permiti\u00f3 que un atacante remoto, tras convencer a un usuario para que realizara gestos espec\u00edficos de la interfaz de usuario, ejecutara c\u00f3digo arbitrario mediante una p\u00e1gina HTML manipulada. (Gravedad de seguridad de Chromium: Baja)" } ], "metrics": { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6559.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6559.json index 2ca444d3225..9785dc488e6 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6559.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6559.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6559", "sourceIdentifier": "twcert@cert.org.tw", "published": "2025-06-24T03:15:35.700", - "lastModified": "2025-06-24T03:15:35.700", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [ { "sourceIdentifier": "twcert@cert.org.tw", @@ -16,6 +16,10 @@ { "lang": "en", "value": "Multiple wireless router models from Sapido have an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server.\u00a0The affected models are out of support; replacing the device is recommended." + }, + { + "lang": "es", + "value": "Varios modelos de enrutadores inal\u00e1mbricos de Sapido presentan una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo, lo que permite a atacantes remotos no autenticados inyectar comandos arbitrarios del sistema operativo y ejecutarlos en el servidor. Los modelos afectados ya no reciben soporte; se recomienda reemplazar el dispositivo." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6560.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6560.json index f0179614d9f..96a75ac3e87 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6560.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6560.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6560", "sourceIdentifier": "twcert@cert.org.tw", "published": "2025-06-24T03:15:35.897", - "lastModified": "2025-06-24T03:15:35.897", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [ { "sourceIdentifier": "twcert@cert.org.tw", @@ -16,6 +16,10 @@ { "lang": "en", "value": "Multiple wireless router models from Sapido have an Exposure of Sensitive Information vulnerability, allowing unauthenticated remote attackers to directly access a system configuration file and obtain plaintext administrator credentials.\u00a0\n\nThe affected models are out of support; replacing the device is recommended." + }, + { + "lang": "es", + "value": "Varios modelos de enrutadores inal\u00e1mbricos de Sapido presentan una vulnerabilidad de exposici\u00f3n de informaci\u00f3n confidencial, lo que permite a atacantes remotos no autenticados acceder directamente a un archivo de configuraci\u00f3n del sistema y obtener credenciales de administrador en texto plano. Los modelos afectados ya no reciben soporte; se recomienda reemplazar el dispositivo. " } ], "metrics": { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6561.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6561.json index 3e76368e55d..0bcce5ea079 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6561.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6561.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6561", "sourceIdentifier": "twcert@cert.org.tw", "published": "2025-06-26T12:15:21.913", - "lastModified": "2025-06-26T12:15:21.913", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6562.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6562.json index 0770297981d..65fbc844ef0 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6562.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6562.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6562", "sourceIdentifier": "twcert@cert.org.tw", "published": "2025-06-26T13:15:29.417", - "lastModified": "2025-06-26T13:15:29.417", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6565.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6565.json index e38006697a0..cd5b34d6094 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6565.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6565.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6565", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-24T13:15:24.790", - "lastModified": "2025-06-24T13:15:24.790", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in Netgear WNCE3001 1.0.0.50. It has been classified as critical. This affects the function http_d of the component HTTP POST Request Handler. The manipulation of the argument Host leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en Netgear WNCE3001 1.0.0.50. Se ha clasificado como cr\u00edtica. Afecta la funci\u00f3n http_d del componente HTTP POST Request Handler. La manipulaci\u00f3n del argumento Host provoca un desbordamiento del b\u00fafer en la pila. Es posible iniciar el ataque en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6566.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6566.json index 06b3e8507f6..cb37b7e7596 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6566.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6566.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6566", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-24T13:15:25.057", - "lastModified": "2025-06-24T16:15:30.043", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in oatpp Oat++ up to 1.3.1. It has been declared as critical. This vulnerability affects the function deserializeArray of the file src/oatpp/json/Deserializer.cpp. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en oatpp Oat++ hasta la versi\u00f3n 1.3.1. Se ha declarado cr\u00edtica. Esta vulnerabilidad afecta a la funci\u00f3n deserializeArray del archivo src/oatpp/json/Deserializer.cpp. La manipulaci\u00f3n provoca un desbordamiento del b\u00fafer basado en la pila. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6567.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6567.json index ef995b7952d..7d8f46dfa89 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6567.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6567.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6567", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-24T15:15:25.623", - "lastModified": "2025-06-24T15:15:25.623", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in Campcodes Online Recruitment Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file Recruitment/admin/view_application.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en Campcodes Online Recruitment Management System 1.0. Se ha clasificado como cr\u00edtica. Este problema afecta a un procesamiento desconocido del archivo Recruitment/admin/view_application.php. La manipulaci\u00f3n del ID del argumento provoca una inyecci\u00f3n SQL. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6568.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6568.json index 44e25472443..bbc8a9eeb58 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6568.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6568.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6568", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-24T15:15:25.823", - "lastModified": "2025-06-24T15:15:25.823", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. Affected is an unknown function of the file /boafrm/formIpv6Setup of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha detectado una vulnerabilidad cr\u00edtica en TOTOLINK EX1200T 4.1.2cu.5232_B20210713. Se ve afectada una funci\u00f3n desconocida del archivo /boafrm/formIpv6Setup del componente HTTP POST Request Handler. La manipulaci\u00f3n del argumento submit-url provoca un desbordamiento del b\u00fafer. Es posible ejecutar el ataque en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6569.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6569.json index 01e153b1900..dfb74e7fc42 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6569.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6569.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6569", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-24T15:15:26.017", - "lastModified": "2025-06-24T15:15:26.017", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as problematic was found in code-projects School Fees Payment System 1.0. Affected by this vulnerability is an unknown functionality of the file /student.php. The manipulation of the argument sname/contact/about/emailid/transcation_remark leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad clasificada como problem\u00e1tica en code-projects School Fees Payment System 1.0. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo /student.php. La manipulaci\u00f3n del argumento sname/contact/about/emailid/transcation_remark provoca ataques de cross-site scripting. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6570.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6570.json index deb44ba2e0f..3e8512ce30a 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6570.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6570.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6570", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-24T16:15:30.253", - "lastModified": "2025-06-25T14:15:25.460", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6578.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6578.json index 67a2045b1d4..c9400ab9b62 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6578.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6578.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6578", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-24T20:15:27.433", - "lastModified": "2025-06-24T20:15:27.433", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/delete_account.php. The manipulation of the argument admin_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en code-projects Simple Online Hotel Reservation System 1.0. Se ha declarado cr\u00edtica. Esta vulnerabilidad afecta al c\u00f3digo desconocido del archivo /admin/delete_account.php. La manipulaci\u00f3n del argumento \"admin_id\" provoca una inyecci\u00f3n SQL. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado. " } ], "metrics": { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6579.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6579.json index aa9301a2d91..d0519a38e08 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6579.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6579.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6579", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-24T20:15:27.630", - "lastModified": "2025-06-24T20:15:27.630", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in code-projects Car Rental System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /message_admin.php. The manipulation of the argument Message leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en code-projects Car Rental System 1.0. Se ha clasificado como cr\u00edtica. Este problema afecta a un procesamiento desconocido del archivo /message_admin.php. La manipulaci\u00f3n del argumento \"Message\" provoca una inyecci\u00f3n SQL. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6580.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6580.json index e5fbf4544d9..9aad2e8ac1c 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6580.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6580.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6580", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-24T22:15:22.620", - "lastModified": "2025-06-25T15:15:26.733", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6581.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6581.json index f3387ca9539..7894a015626 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6581.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6581.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6581", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-24T23:15:21.087", - "lastModified": "2025-06-25T15:15:26.973", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6582.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6582.json index a1b2d9305e0..8378e87ab07 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6582.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6582.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6582", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-25T00:15:21.573", - "lastModified": "2025-06-25T15:15:27.107", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-65xx/CVE-2025-6583.json b/CVE-2025/CVE-2025-65xx/CVE-2025-6583.json index cf23113c8c8..e415f55b615 100644 --- a/CVE-2025/CVE-2025-65xx/CVE-2025-6583.json +++ b/CVE-2025/CVE-2025-65xx/CVE-2025-6583.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6583", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-25T00:15:22.763", - "lastModified": "2025-06-25T15:15:27.240", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:58:14.280", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6603.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6603.json index 600161234dd..1d0e6a9bd9a 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6603.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6603.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6603", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-25T11:15:22.193", - "lastModified": "2025-06-25T11:15:22.193", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in coldfunction qCUDA up to db0085400c2f2011eed46fbc04fdc0873141688e. It has been rated as problematic. Affected by this issue is the function qcow_make_empty of the file qCUDA/qcu-device/block/qcow.c. The manipulation of the argument s->l1_size leads to integer overflow. The attack needs to be approached locally. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en coldfunction qCUDA hasta db0085400c2f2011eed46fbc04fdc0873141688e. Se ha clasificado como problem\u00e1tica. Este problema afecta a la funci\u00f3n qcow_make_empty del archivo qCUDA/qcu-device/block/qcow.c. La manipulaci\u00f3n del argumento s->l1_size provoca un desbordamiento de enteros. El ataque debe abordarse localmente. Este producto utiliza una versi\u00f3n continua para garantizar una distribuci\u00f3n continua. Por lo tanto, no se dispone de detalles de las versiones afectadas ni de las actualizadas." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6604.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6604.json index 8d5976b4c55..df02aab7bc6 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6604.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6604.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6604", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-25T13:15:27.557", - "lastModified": "2025-06-25T15:15:27.377", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical has been found in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /panel/add-staff.php. The manipulation of the argument Name leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en SourceCodester Best Salon Management System 1.0. Esta afecta a una parte desconocida del archivo /panel/add-staff.php. La manipulaci\u00f3n del argumento \"Name\" provoca una inyecci\u00f3n SQL. Es posible iniciar el ataque en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6605.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6605.json index 48a84aa3371..2a54182a2ff 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6605.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6605.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6605", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-25T14:15:26.133", - "lastModified": "2025-06-25T15:15:27.510", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical was found in SourceCodester Best Salon Management System 1.0. This vulnerability affects unknown code of the file /panel/edit-staff.php. The manipulation of the argument editid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad clasificada como cr\u00edtica en SourceCodester Best Salon Management System 1.0. Esta vulnerabilidad afecta al c\u00f3digo desconocido del archivo /panel/edit-staff.php. La manipulaci\u00f3n del argumento editid provoca una inyecci\u00f3n SQL. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6606.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6606.json index 6b6fae046dc..4de71102cdd 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6606.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6606.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6606", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-25T14:15:26.387", - "lastModified": "2025-06-25T15:15:27.640", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as critical, has been found in SourceCodester Best Salon Management System 1.0. This issue affects some unknown processing of the file /panel/add-services.php. The manipulation of the argument Type leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha detectado una vulnerabilidad clasificada como cr\u00edtica en SourceCodester Best Salon Management System 1.0. Este problema afecta a un procesamiento desconocido del archivo /panel/add-services.php. La manipulaci\u00f3n del argumento \"Type\" provoca una inyecci\u00f3n SQL. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6607.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6607.json index 38ae52cc5f6..ae349f42f39 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6607.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6607.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6607", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-25T14:15:26.577", - "lastModified": "2025-06-25T15:15:27.777", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as critical, was found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/stock.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad clasificada como cr\u00edtica en SourceCodester Best Salon Management System 1.0. La vulnerabilidad afecta a una funci\u00f3n desconocida del archivo /panel/stock.php. La manipulaci\u00f3n del ID del argumento provoca una inyecci\u00f3n SQL. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6608.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6608.json index 22bfecd16a8..556bf9ca9e5 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6608.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6608.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6608", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-25T15:15:27.907", - "lastModified": "2025-06-25T15:15:27.907", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability has been found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /panel/edit-services.php. The manipulation of the argument editid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad en SourceCodester Best Salon Management System 1.0, clasificada como cr\u00edtica. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo /panel/edit-services.php. La manipulaci\u00f3n del argumento editid provoca una inyecci\u00f3n SQL. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6609.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6609.json index 9409dfc7432..ed1117e7e39 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6609.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6609.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6609", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-25T15:15:28.100", - "lastModified": "2025-06-25T15:15:28.100", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /panel/bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en SourceCodester Best Salon Management System 1.0, clasificada como cr\u00edtica. Este problema afecta a una funcionalidad desconocida del archivo /panel/bwdates-reports-details.php. La manipulaci\u00f3n del argumento fromdate/todate provoca una inyecci\u00f3n SQL. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6610.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6610.json index ed59ec3e832..f23a93c2396 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6610.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6610.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6610", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-25T15:15:28.297", - "lastModified": "2025-06-25T15:15:28.297", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in itsourcecode Employee Management System up to 1.0. It has been classified as critical. This affects an unknown part of the file /admin/editempprofile.php. The manipulation of the argument FirstName leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en itsourcecode Employee Management System hasta la versi\u00f3n 1.0. Se ha clasificado como cr\u00edtica. Afecta una parte desconocida del archivo /admin/editempprofile.php. La manipulaci\u00f3n del argumento FirstName provoca una inyecci\u00f3n SQL. Es posible iniciar el ataque en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6611.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6611.json index 4d41ff8a901..11451aca6e8 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6611.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6611.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6611", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-25T16:15:27.233", - "lastModified": "2025-06-25T16:15:27.233", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in code-projects Inventory Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /php_action/createBrand.php. The manipulation of the argument brandStatus leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en code-projects Inventory Management System 1.0. Se ha declarado cr\u00edtica. Esta vulnerabilidad afecta al c\u00f3digo desconocido del archivo /php_action/createBrand.php. La manipulaci\u00f3n del argumento brandStatus provoca una inyecci\u00f3n SQL. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6612.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6612.json index cd96fa16dbe..a6f5fc6204a 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6612.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6612.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6612", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-25T16:15:27.413", - "lastModified": "2025-06-25T16:15:27.413", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in code-projects Inventory Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /php_action/removeCategories.php. The manipulation of the argument categoriesId leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en code-projects Inventory Management System 1.0. Se ha clasificado como cr\u00edtica. Este problema afecta a un procesamiento desconocido del archivo /php_action/removeCategories.php. La manipulaci\u00f3n del argumento \"categoriesId\" provoca una inyecci\u00f3n SQL. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6613.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6613.json index 39f2412503f..b72d1b660c0 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6613.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6613.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6613", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-25T10:15:23.253", - "lastModified": "2025-06-25T10:15:23.253", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as problematic was found in PHPGurukul Hospital Management System 4.0. Affected by this vulnerability is an unknown functionality of the file /doctor/manage-patient.php. The manipulation of the argument Name leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad clasificada como problem\u00e1tica en PHPGurukul Hospital Management System 4.0. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo /doctor/manage-patient.php. La manipulaci\u00f3n del argumento \"Name\" provoca ataques de cross site scripting. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6614.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6614.json index 7f471116d7a..c8b447cfd5e 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6614.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6614.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6614", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-25T16:15:27.593", - "lastModified": "2025-06-25T16:15:27.593", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [ { "sourceIdentifier": "cna@vuldb.com", @@ -16,6 +16,10 @@ { "lang": "en", "value": "A vulnerability, which was classified as critical, has been found in D-Link DIR-619L 2.06B01. Affected by this issue is the function formSetWANType_Wizard5 of the file /goform/formSetWANType_Wizard5. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer." + }, + { + "lang": "es", + "value": "Se ha detectado una vulnerabilidad clasificada como cr\u00edtica en D-Link DIR-619L 2.06B01. Este problema afecta a la funci\u00f3n formSetWANType_Wizard5 del archivo /goform/formSetWANType_Wizard5. La manipulaci\u00f3n del argumento curTime provoca un desbordamiento del b\u00fafer en la pila. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado. Esta vulnerabilidad solo afecta a los productos que ya no reciben soporte del fabricante." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6615.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6615.json index b6e5d7f57e1..e740ac801ff 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6615.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6615.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6615", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-25T16:15:27.790", - "lastModified": "2025-06-25T16:15:27.790", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [ { "sourceIdentifier": "cna@vuldb.com", @@ -16,6 +16,10 @@ { "lang": "en", "value": "A vulnerability, which was classified as critical, was found in D-Link DIR-619L 2.06B01. This affects the function formAutoDetecWAN_wizard4 of the file /goform/formAutoDetecWAN_wizard4. The manipulation of the argument curTime leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad clasificada como cr\u00edtica en D-Link DIR-619L 2.06B01. Esta afecta a la funci\u00f3n formAutoDetecWAN_wizard4 del archivo /goform/formAutoDetecWAN_wizard4. La manipulaci\u00f3n del argumento curTime provoca un desbordamiento del b\u00fafer en la pila. Es posible iniciar el ataque en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado. Esta vulnerabilidad solo afecta a los productos que ya no reciben soporte del fabricante." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6616.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6616.json index d9be0f631f8..095cf189c7a 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6616.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6616.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6616", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-25T17:15:40.280", - "lastModified": "2025-06-25T17:15:40.280", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [ { "sourceIdentifier": "cna@vuldb.com", @@ -16,6 +16,10 @@ { "lang": "en", "value": "A vulnerability has been found in D-Link DIR-619L 2.06B01 and classified as critical. This vulnerability affects the function formSetWAN_Wizard51 of the file /goform/formSetWAN_Wizard51. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer." + }, + { + "lang": "es", + "value": "Se ha detectado una vulnerabilidad en D-Link DIR-619L 2.06B01, clasificada como cr\u00edtica. Esta vulnerabilidad afecta a la funci\u00f3n formSetWAN_Wizard51 del archivo /goform/formSetWAN_Wizard51. La manipulaci\u00f3n del argumento curTime provoca un desbordamiento del b\u00fafer en la pila. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado. Esta vulnerabilidad solo afecta a los productos que ya no reciben soporte del fabricante." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6617.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6617.json index 62d79d18acb..9d3257b876b 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6617.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6617.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6617", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-25T17:15:40.507", - "lastModified": "2025-06-25T17:15:40.507", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [ { "sourceIdentifier": "cna@vuldb.com", @@ -16,6 +16,10 @@ { "lang": "en", "value": "A vulnerability was found in D-Link DIR-619L 2.06B01 and classified as critical. This issue affects the function formAdvanceSetup of the file /goform/formAdvanceSetup. The manipulation of the argument webpage leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en D-Link DIR-619L 2.06B01, clasificada como cr\u00edtica. Este problema afecta a la funci\u00f3n formAdvanceSetup del archivo /goform/formAdvanceSetup. La manipulaci\u00f3n del argumento webpage provoca un desbordamiento del b\u00fafer en la pila. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado. Esta vulnerabilidad solo afecta a los productos que ya no reciben soporte del fabricante." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6618.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6618.json index 03a3889d562..d5f83b94008 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6618.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6618.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6618", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-25T18:15:24.757", - "lastModified": "2025-06-25T18:15:24.757", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been classified as critical. Affected is the function SetWLanApcliSettings of the file wps.so. The manipulation of the argument PIN leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en TOTOLINK CA300-PoE 6.2c.884. Se ha clasificado como cr\u00edtica. La funci\u00f3n SetWLanApcliSettings del archivo wps.so est\u00e1 afectada. La manipulaci\u00f3n del argumento PIN provoca la inyecci\u00f3n de comandos del sistema operativo. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6619.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6619.json index 8db82830e3a..511e6dd3918 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6619.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6619.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6619", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-25T18:15:24.950", - "lastModified": "2025-06-25T18:15:24.950", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been declared as critical. Affected by this vulnerability is the function setUpgradeFW of the file upgrade.so. The manipulation of the argument FileName leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en TOTOLINK CA300-PoE 6.2c.884. Se ha declarado cr\u00edtica. Esta vulnerabilidad afecta a la funci\u00f3n setUpgradeFW del archivo upgrade.so. La manipulaci\u00f3n del argumento FileName provoca la inyecci\u00f3n de comandos del sistema operativo. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6620.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6620.json index 20369b6f7ca..a02be5f429d 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6620.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6620.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6620", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-25T18:15:25.137", - "lastModified": "2025-06-26T14:15:32.737", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6621.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6621.json index 1252b1a7fa6..92e01fe6341 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6621.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6621.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6621", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-25T18:15:25.310", - "lastModified": "2025-06-26T14:15:32.933", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6624.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6624.json index d434cbb1dfb..68fc0c3272f 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6624.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6624.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6624", "sourceIdentifier": "report@snyk.io", "published": "2025-06-26T05:15:23.820", - "lastModified": "2025-06-26T14:15:33.070", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6627.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6627.json index acfdbef774d..00f210b7f9a 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6627.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6627.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6627", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-25T19:15:24.260", - "lastModified": "2025-06-25T19:15:24.260", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability has been found in TOTOLINK A702R 4.0.0-B20230721.1521 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formIpv6Setup of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha detectado una vulnerabilidad en TOTOLINK A702R 4.0.0-B20230721.1521, clasificada como cr\u00edtica. Esta vulnerabilidad afecta al c\u00f3digo desconocido del archivo /boafrm/formIpv6Setup del componente HTTP POST Request Handler. La manipulaci\u00f3n del argumento \"submit-url\" provoca un desbordamiento del b\u00fafer. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6640.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6640.json index 126106f2c77..8d88df31b83 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6640.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6640.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6640", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T22:15:21.107", - "lastModified": "2025-06-25T22:15:21.107", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26527." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en el an\u00e1lisis de archivos U3D del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos U3D. El problema se debe a que no se valida la existencia de un objeto antes de realizar operaciones en \u00e9l. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-26527." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6641.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6641.json index 3ea031851f7..434937a2de5 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6641.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6641.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6641", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T22:15:21.237", - "lastModified": "2025-06-25T22:15:21.237", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26528." + }, + { + "lang": "es", + "value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos U3D del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos U3D. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un objeto asignado. Un atacante puede aprovechar esto, junto con otras vulnerabilidades, para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Anteriormente, se denominaba ZDI-CAN-26528." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6642.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6642.json index 078a17d07bd..d6ba3c241fc 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6642.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6642.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6642", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T22:15:21.363", - "lastModified": "2025-06-25T22:15:21.363", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26530." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo al analizar archivos U3D fuera de los l\u00edmites en el editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos U3D. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un objeto asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Anteriormente, se denomin\u00f3 ZDI-CAN-26530." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6643.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6643.json index 8fef2f4a3ca..b89678b1f3b 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6643.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6643.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6643", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T22:15:21.487", - "lastModified": "2025-06-25T22:15:21.487", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26532." + }, + { + "lang": "es", + "value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos U3D del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial sobre las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos U3D. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un objeto asignado. Un atacante puede aprovechar esto, junto con otras vulnerabilidades, para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Anteriormente, se denominaba ZDI-CAN-26532." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6644.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6644.json index 585e21ac8d4..1b2b134ef21 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6644.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6644.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6644", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T22:15:21.617", - "lastModified": "2025-06-25T22:15:21.617", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26536." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en el an\u00e1lisis de archivos U3D del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos U3D. El problema se debe a que no se valida la existencia de un objeto antes de realizar operaciones en \u00e9l. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-26536." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6645.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6645.json index 3e2890a7ce7..25ec145d3ab 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6645.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6645.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6645", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T22:15:21.743", - "lastModified": "2025-06-25T22:15:21.743", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26642." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de uso despu\u00e9s de la liberaci\u00f3n en el an\u00e1lisis de archivos U3D del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos U3D. El problema se debe a que no se valida la existencia de un objeto antes de realizar operaciones en \u00e9l. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-26642." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6646.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6646.json index 18726af1958..aaa05d6225f 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6646.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6646.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6646", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T22:15:21.887", - "lastModified": "2025-06-25T22:15:21.887", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "PDF-XChange Editor U3D File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26643." + }, + { + "lang": "es", + "value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de uso tras liberaci\u00f3n en el an\u00e1lisis de archivos U3D del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial sobre las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos U3D. El problema se debe a que no se valida la existencia de un objeto antes de realizar operaciones en \u00e9l. Un atacante puede aprovechar esto, junto con otras vulnerabilidades, para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Era ZDI-CAN-26643." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6647.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6647.json index b65ecc3f583..52f087b762f 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6647.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6647.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6647", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T22:15:22.027", - "lastModified": "2025-06-25T22:15:22.027", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26644." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo al analizar archivos U3D fuera de los l\u00edmites en el editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos U3D. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una escritura posterior al final de un objeto asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Anteriormente, se denomin\u00f3 ZDI-CAN-26644." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6648.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6648.json index 348891e92c2..55aeea248c7 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6648.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6648.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6648", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T22:15:22.160", - "lastModified": "2025-06-25T22:15:22.160", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26671." + }, + { + "lang": "es", + "value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos U3D del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos U3D. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un objeto asignado. Un atacante puede aprovechar esto, junto con otras vulnerabilidades, para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Anteriormente, se denominaba ZDI-CAN-26671." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6649.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6649.json index 2f2f8cb9150..60970bfd4a0 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6649.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6649.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6649", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T22:15:22.307", - "lastModified": "2025-06-25T22:15:22.307", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26709." + }, + { + "lang": "es", + "value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos U3D del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos U3D. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del l\u00edmite del b\u00fafer asignado. Un atacante puede aprovechar esto, junto con otras vulnerabilidades, para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Anteriormente, se denominaba ZDI-CAN-26709." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6650.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6650.json index ac0f699411a..3796cf30ed1 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6650.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6650.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6650", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T22:15:22.443", - "lastModified": "2025-06-25T22:15:22.443", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26712." + }, + { + "lang": "es", + "value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos U3D del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial sobre las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos U3D. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un objeto asignado. Un atacante puede aprovechar esto, junto con otras vulnerabilidades, para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Anteriormente, se denominaba ZDI-CAN-26712." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6651.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6651.json index f5cd2ac59a2..6584c58225c 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6651.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6651.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6651", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T22:15:22.580", - "lastModified": "2025-06-25T22:15:22.580", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "PDF-XChange Editor JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26713." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo al analizar archivos JP2 en el editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos JP2. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una escritura m\u00e1s all\u00e1 del l\u00edmite del b\u00fafer asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Anteriormente, se denomin\u00f3 ZDI-CAN-26713." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6652.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6652.json index 689abe63f12..2e13ac66a30 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6652.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6652.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6652", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T22:15:22.720", - "lastModified": "2025-06-25T22:15:22.720", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26724." + }, + { + "lang": "es", + "value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos PRC del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos PRC. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un objeto asignado. Un atacante puede aprovechar esto, junto con otras vulnerabilidades, para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Anteriormente, se denominaba ZDI-CAN-26724." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6653.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6653.json index bfda8cbf6a8..285f56e743e 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6653.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6653.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6653", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T22:15:22.870", - "lastModified": "2025-06-25T22:15:22.870", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26726." + }, + { + "lang": "es", + "value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos PRC del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos PRC. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del l\u00edmite del b\u00fafer asignado. Un atacante puede aprovechar esto, junto con otras vulnerabilidades, para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Anteriormente, se denominaba ZDI-CAN-26726." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6654.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6654.json index 2848f711cd2..74bced5a0d3 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6654.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6654.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6654", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T22:15:23.047", - "lastModified": "2025-06-25T22:15:23.047", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "PDF-XChange Editor PRC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26729." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo al analizar archivos PRC en el editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos PRC. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una escritura m\u00e1s all\u00e1 del l\u00edmite del b\u00fafer asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Anteriormente, se denominaba ZDI-CAN-26729." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6655.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6655.json index 387e5daf484..9896f0aaeb4 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6655.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6655.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6655", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T22:15:23.187", - "lastModified": "2025-06-25T22:15:23.187", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26730." + }, + { + "lang": "es", + "value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos PRC del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos PRC. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un objeto asignado. Un atacante puede aprovechar esto, junto con otras vulnerabilidades, para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Anteriormente, se denominaba ZDI-CAN-26730." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6656.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6656.json index 4e8c8fd568a..5a478786589 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6656.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6656.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6656", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T22:15:23.330", - "lastModified": "2025-06-25T22:15:23.330", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26731." + }, + { + "lang": "es", + "value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos PRC del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos PRC. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un objeto asignado. Un atacante puede aprovechar esto, junto con otras vulnerabilidades, para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Anteriormente, se denominaba ZDI-CAN-26731." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6657.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6657.json index 8dd16cd0751..0e5279cbbf6 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6657.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6657.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6657", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T22:15:23.467", - "lastModified": "2025-06-25T22:15:23.467", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26732." + }, + { + "lang": "es", + "value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos PRC del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos PRC. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del l\u00edmite del b\u00fafer asignado. Un atacante puede aprovechar esto, junto con otras vulnerabilidades, para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Anteriormente, se denominaba ZDI-CAN-26732." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6658.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6658.json index 445c3bac7db..cac5eb3a630 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6658.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6658.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6658", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T22:15:23.597", - "lastModified": "2025-06-25T22:15:23.597", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26733." + }, + { + "lang": "es", + "value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos PRC del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos PRC. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del l\u00edmite del b\u00fafer asignado. Un atacante puede aprovechar esto, junto con otras vulnerabilidades, para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Anteriormente, se denominaba ZDI-CAN-26733." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6659.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6659.json index 6ef7949f940..c065555b4da 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6659.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6659.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6659", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T22:15:23.740", - "lastModified": "2025-06-25T22:15:23.740", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "PDF-XChange Editor PRC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26734." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo al analizar archivos PRC en el editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos PRC. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una escritura m\u00e1s all\u00e1 del l\u00edmite del b\u00fafer asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Anteriormente, se denomin\u00f3 ZDI-CAN-26734." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6660.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6660.json index 7e7af285855..1171b7a5603 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6660.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6660.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6660", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T22:15:23.863", - "lastModified": "2025-06-25T22:15:23.863", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "PDF-XChange Editor GIF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of GIF files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26763." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por desbordamiento de b\u00fafer basado en mont\u00f3n en el an\u00e1lisis de archivos GIF del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos GIF. El problema se debe a la falta de una validaci\u00f3n adecuada de la longitud de los datos proporcionados por el usuario antes de copiarlos a un b\u00fafer basado en mont\u00f3n de longitud fija. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-26763." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6661.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6661.json index 7ebc79ffa86..d34ea85f693 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6661.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6661.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6661", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T22:15:23.997", - "lastModified": "2025-06-25T22:15:23.997", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "PDF-XChange Editor App Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of App objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26823." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por Use-After-Free de objetos de la aplicaci\u00f3n PDF-XChange Editor. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de PDF-XChange Editor. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en la gesti\u00f3n de objetos de la aplicaci\u00f3n. El problema se debe a que no se valida la existencia de un objeto antes de realizar operaciones en \u00e9l. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-26823." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6662.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6662.json index 659713ac822..17c7f4aa1ab 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6662.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6662.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6662", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T22:15:24.127", - "lastModified": "2025-06-25T22:15:24.127", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26985." + }, + { + "lang": "es", + "value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos PRC del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos PRC. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un objeto asignado. Un atacante puede aprovechar esto, junto con otras vulnerabilidades, para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Anteriormente, se denominaba ZDI-CAN-26985." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6664.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6664.json index 42f00284499..db78a5e1db4 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6664.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6664.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6664", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-25T21:15:21.520", - "lastModified": "2025-06-25T21:15:21.520", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as problematic, was found in CodeAstro Patient Record Management System 1.0. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad clasificada como problem\u00e1tica en CodeAstro Patient Record Management System 1.0 Se trata de una funci\u00f3n desconocida. La manipulaci\u00f3n provoca cross-site request forgery. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6665.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6665.json index 65aec101548..3a179b14491 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6665.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6665.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6665", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-25T21:15:21.703", - "lastModified": "2025-06-25T21:15:21.703", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /php_action/editBrand.php. The manipulation of the argument editBrandStatus leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha detectado una vulnerabilidad en code-projects Inventory Management System 1.0, clasificada como cr\u00edtica. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo /php_action/editBrand.php. La manipulaci\u00f3n del argumento editBrandStatus provoca una inyecci\u00f3n SQL. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado ." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6667.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6667.json index 936e1070e88..5173353a73c 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6667.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6667.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6667", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-25T22:15:24.280", - "lastModified": "2025-06-25T22:15:24.280", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in code-projects Car Rental System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/add_cars.php. The manipulation of the argument image leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en code-projects Car Rental System 1.0, clasificada como cr\u00edtica. Este problema afecta a una funcionalidad desconocida del archivo /admin/add_cars.php. La manipulaci\u00f3n del argumento \"image\" permite la carga sin restricciones. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6668.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6668.json index 46bd4ddaf4e..d6dda8b8e1e 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6668.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6668.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6668", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-25T22:15:24.450", - "lastModified": "2025-06-25T22:15:24.450", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in code-projects Inventory Management System 1.0. It has been classified as critical. This affects an unknown part of the file /php_action/fetchSelectedBrand.php. The manipulation of the argument brandId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en code-projects Inventory Management System 1.0. Se ha clasificado como cr\u00edtica. Afecta una parte desconocida del archivo /php_action/fetchSelectedBrand.php. La manipulaci\u00f3n del argumento brandId provoca una inyecci\u00f3n SQL. Es posible iniciar el ataque en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6669.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6669.json index 6fdc6b26948..4547072d1f7 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6669.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6669.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6669", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-25T23:15:21.310", - "lastModified": "2025-06-25T23:15:21.310", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in gooaclok819 sublinkX up to 1.8. It has been declared as problematic. This vulnerability affects unknown code of the file middlewares/jwt.go. The manipulation with the input sublink leads to use of hard-coded cryptographic key\r . The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 1.9 is able to address this issue. The patch is identified as 778d26aef723daa58df98c8060c43f5bf5d1b10b. It is recommended to upgrade the affected component." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en gooaclok819 sublinkX hasta la versi\u00f3n 1.8. Se ha declarado problem\u00e1tica. Esta vulnerabilidad afecta al c\u00f3digo desconocido del archivo middlewares/jwt.go. La manipulaci\u00f3n del subenlace de entrada permite el uso de una clave criptogr\u00e1fica predefinida. El ataque puede ejecutarse en remoto. Es un ataque de complejidad bastante alta. Parece dif\u00edcil de explotar. Se ha hecho p\u00fablico el exploit y puede que sea utilizado. Actualizar a la versi\u00f3n 1.9 puede solucionar este problema. El parche se identifica como 778d26aef723daa58df98c8060c43f5bf5d1b10b. Se recomienda actualizar el componente afectado." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6674.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6674.json index 2bd0789ee9b..26cc98df83f 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6674.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6674.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6674", "sourceIdentifier": "mlhess@drupal.org", "published": "2025-06-26T14:15:34.047", - "lastModified": "2025-06-26T14:15:34.047", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { @@ -11,7 +11,30 @@ "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal CKEditor5 Youtube allows Cross-Site Scripting (XSS).This issue affects CKEditor5 Youtube: from 0.0.0 before 1.0.3." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, "weaknesses": [ { "source": "mlhess@drupal.org", diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6675.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6675.json index 7e9bcfd9940..346c788101e 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6675.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6675.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6675", "sourceIdentifier": "mlhess@drupal.org", "published": "2025-06-26T14:15:34.177", - "lastModified": "2025-06-26T14:15:34.177", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6676.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6676.json index d178786ac11..2e085e56751 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6676.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6676.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6676", "sourceIdentifier": "mlhess@drupal.org", "published": "2025-06-26T14:15:34.353", - "lastModified": "2025-06-26T14:15:34.353", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6677.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6677.json index 79614f5d482..33e743bf890 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6677.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6677.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6677", "sourceIdentifier": "mlhess@drupal.org", "published": "2025-06-26T14:15:34.540", - "lastModified": "2025-06-26T14:15:34.540", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6678.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6678.json index d459dfaf789..9a56d42cf73 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6678.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6678.json @@ -2,13 +2,17 @@ "id": "CVE-2025-6678", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2025-06-25T18:15:25.507", - "lastModified": "2025-06-25T18:15:25.507", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Autel MaxiCharger AC Wallbox Commercial PIN Missing Authentication Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Autel MaxiCharger AC Wallbox Commercial charging stations. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the Pile API. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to disclose credentials, leading to further compromise. Was ZDI-CAN-26352." + }, + { + "lang": "es", + "value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de autenticaci\u00f3n por falta de PIN en Autel MaxiCharger AC Wallbox Commercial. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial sobre las instalaciones afectadas de las estaciones de carga Autel MaxiCharger AC Wallbox Commercial. No se requiere autenticaci\u00f3n para explotar esta vulnerabilidad. La falla espec\u00edfica se encuentra en la API Pile. El problema se debe a la falta de autenticaci\u00f3n antes de permitir el acceso a la funcionalidad. Un atacante puede aprovechar esta vulnerabilidad para divulgar credenciales, lo que conlleva una mayor vulnerabilidad. Anteriormente, se conoc\u00eda como ZDI-CAN-26352." } ], "metrics": { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6693.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6693.json index 49c94982f65..856a4e07293 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6693.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6693.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6693", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-26T13:15:29.593", - "lastModified": "2025-06-26T13:15:29.593", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6694.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6694.json index c44b22e7d15..6f4416514f8 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6694.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6694.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6694", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-26T14:15:34.777", - "lastModified": "2025-06-26T14:15:34.777", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6695.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6695.json index 003a395b9be..9b094b7eab8 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6695.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6695.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6695", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-26T14:15:34.967", - "lastModified": "2025-06-26T14:15:34.967", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6696.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6696.json index 629deb52def..d295e8e079c 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6696.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6696.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6696", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-26T15:15:24.633", - "lastModified": "2025-06-26T15:15:24.633", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6697.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6697.json index 4c39382f6cc..d4f87f62e92 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6697.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6697.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6697", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-26T15:15:24.840", - "lastModified": "2025-06-26T16:15:32.560", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6698.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6698.json index d86ddd86d73..da0e5212123 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6698.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6698.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6698", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-26T15:15:25.023", - "lastModified": "2025-06-26T16:15:33.583", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-66xx/CVE-2025-6699.json b/CVE-2025/CVE-2025-66xx/CVE-2025-6699.json index ca246f37a9c..e3dafa1067a 100644 --- a/CVE-2025/CVE-2025-66xx/CVE-2025-6699.json +++ b/CVE-2025/CVE-2025-66xx/CVE-2025-6699.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6699", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-26T16:15:34.590", - "lastModified": "2025-06-26T16:15:34.590", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-67xx/CVE-2025-6700.json b/CVE-2025/CVE-2025-67xx/CVE-2025-6700.json index 9f95b5234e0..c5cc75f0a47 100644 --- a/CVE-2025/CVE-2025-67xx/CVE-2025-6700.json +++ b/CVE-2025/CVE-2025-67xx/CVE-2025-6700.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6700", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-26T16:15:35.740", - "lastModified": "2025-06-26T16:15:35.740", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-67xx/CVE-2025-6701.json b/CVE-2025/CVE-2025-67xx/CVE-2025-6701.json index e676b55dba6..3f925b43cd9 100644 --- a/CVE-2025/CVE-2025-67xx/CVE-2025-6701.json +++ b/CVE-2025/CVE-2025-67xx/CVE-2025-6701.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6701", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-26T16:15:36.930", - "lastModified": "2025-06-26T16:15:36.930", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-67xx/CVE-2025-6702.json b/CVE-2025/CVE-2025-67xx/CVE-2025-6702.json index fdfc6f08113..820e5dac310 100644 --- a/CVE-2025/CVE-2025-67xx/CVE-2025-6702.json +++ b/CVE-2025/CVE-2025-67xx/CVE-2025-6702.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6702", "sourceIdentifier": "cna@vuldb.com", "published": "2025-06-26T16:15:38.033", - "lastModified": "2025-06-26T16:15:38.033", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-67xx/CVE-2025-6703.json b/CVE-2025/CVE-2025-67xx/CVE-2025-6703.json index 6dfcecb7cc3..ea499bf603b 100644 --- a/CVE-2025/CVE-2025-67xx/CVE-2025-6703.json +++ b/CVE-2025/CVE-2025-67xx/CVE-2025-6703.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6703", "sourceIdentifier": "security@mozilla.org", "published": "2025-06-26T10:15:25.950", - "lastModified": "2025-06-26T10:15:25.950", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-67xx/CVE-2025-6706.json b/CVE-2025/CVE-2025-67xx/CVE-2025-6706.json index 0825f0fd2f6..db1609ba742 100644 --- a/CVE-2025/CVE-2025-67xx/CVE-2025-6706.json +++ b/CVE-2025/CVE-2025-67xx/CVE-2025-6706.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6706", "sourceIdentifier": "cna@mongodb.com", "published": "2025-06-26T14:15:35.157", - "lastModified": "2025-06-26T14:15:35.157", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-67xx/CVE-2025-6707.json b/CVE-2025/CVE-2025-67xx/CVE-2025-6707.json index da789c4160b..723cd8b1c33 100644 --- a/CVE-2025/CVE-2025-67xx/CVE-2025-6707.json +++ b/CVE-2025/CVE-2025-67xx/CVE-2025-6707.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6707", "sourceIdentifier": "cna@mongodb.com", "published": "2025-06-26T14:15:35.313", - "lastModified": "2025-06-26T14:15:35.313", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-67xx/CVE-2025-6709.json b/CVE-2025/CVE-2025-67xx/CVE-2025-6709.json index 933563c2a33..5da5482609b 100644 --- a/CVE-2025/CVE-2025-67xx/CVE-2025-6709.json +++ b/CVE-2025/CVE-2025-67xx/CVE-2025-6709.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6709", "sourceIdentifier": "cna@mongodb.com", "published": "2025-06-26T14:15:35.463", - "lastModified": "2025-06-26T14:15:35.463", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2025/CVE-2025-67xx/CVE-2025-6710.json b/CVE-2025/CVE-2025-67xx/CVE-2025-6710.json index c3b67b3c23f..60d8a1442ff 100644 --- a/CVE-2025/CVE-2025-67xx/CVE-2025-6710.json +++ b/CVE-2025/CVE-2025-67xx/CVE-2025-6710.json @@ -2,8 +2,8 @@ "id": "CVE-2025-6710", "sourceIdentifier": "cna@mongodb.com", "published": "2025-06-26T14:15:35.613", - "lastModified": "2025-06-26T14:15:35.613", - "vulnStatus": "Received", + "lastModified": "2025-06-26T18:57:43.670", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/README.md b/README.md index b9bc27ca2a4..bc39b44b197 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-06-26T18:00:18.817510+00:00 +2025-06-26T20:00:21.794550+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-06-26T17:31:18.840000+00:00 +2025-06-26T19:31:29.797000+00:00 ``` ### Last Data Feed Release @@ -33,63 +33,49 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -299471 +299476 ``` ### CVEs added in the last Commit -Recently added CVEs: `19` +Recently added CVEs: `5` -- [CVE-2024-52928](CVE-2024/CVE-2024-529xx/CVE-2024-52928.json) (`2025-06-26T17:15:30.287`) -- [CVE-2025-30131](CVE-2025/CVE-2025-301xx/CVE-2025-30131.json) (`2025-06-26T17:15:30.743`) -- [CVE-2025-34042](CVE-2025/CVE-2025-340xx/CVE-2025-34042.json) (`2025-06-26T16:15:27.197`) -- [CVE-2025-34043](CVE-2025/CVE-2025-340xx/CVE-2025-34043.json) (`2025-06-26T16:15:27.490`) -- [CVE-2025-34044](CVE-2025/CVE-2025-340xx/CVE-2025-34044.json) (`2025-06-26T16:15:27.670`) -- [CVE-2025-34045](CVE-2025/CVE-2025-340xx/CVE-2025-34045.json) (`2025-06-26T16:15:27.830`) -- [CVE-2025-34046](CVE-2025/CVE-2025-340xx/CVE-2025-34046.json) (`2025-06-26T16:15:27.987`) -- [CVE-2025-34047](CVE-2025/CVE-2025-340xx/CVE-2025-34047.json) (`2025-06-26T16:15:28.140`) -- [CVE-2025-34048](CVE-2025/CVE-2025-340xx/CVE-2025-34048.json) (`2025-06-26T16:15:28.273`) -- [CVE-2025-34049](CVE-2025/CVE-2025-340xx/CVE-2025-34049.json) (`2025-06-26T16:15:28.413`) -- [CVE-2025-36034](CVE-2025/CVE-2025-360xx/CVE-2025-36034.json) (`2025-06-26T16:15:28.567`) -- [CVE-2025-44141](CVE-2025/CVE-2025-441xx/CVE-2025-44141.json) (`2025-06-26T16:15:28.753`) -- [CVE-2025-50350](CVE-2025/CVE-2025-503xx/CVE-2025-50350.json) (`2025-06-26T16:15:30.980`) -- [CVE-2025-51671](CVE-2025/CVE-2025-516xx/CVE-2025-51671.json) (`2025-06-26T16:15:31.147`) -- [CVE-2025-52477](CVE-2025/CVE-2025-524xx/CVE-2025-52477.json) (`2025-06-26T17:15:30.897`) -- [CVE-2025-6699](CVE-2025/CVE-2025-66xx/CVE-2025-6699.json) (`2025-06-26T16:15:34.590`) -- [CVE-2025-6700](CVE-2025/CVE-2025-67xx/CVE-2025-6700.json) (`2025-06-26T16:15:35.740`) -- [CVE-2025-6701](CVE-2025/CVE-2025-67xx/CVE-2025-6701.json) (`2025-06-26T16:15:36.930`) -- [CVE-2025-6702](CVE-2025/CVE-2025-67xx/CVE-2025-6702.json) (`2025-06-26T16:15:38.033`) +- [CVE-2025-49603](CVE-2025/CVE-2025-496xx/CVE-2025-49603.json) (`2025-06-26T18:15:22.710`) +- [CVE-2025-52903](CVE-2025/CVE-2025-529xx/CVE-2025-52903.json) (`2025-06-26T19:15:21.587`) +- [CVE-2025-52904](CVE-2025/CVE-2025-529xx/CVE-2025-52904.json) (`2025-06-26T19:15:21.743`) +- [CVE-2025-53013](CVE-2025/CVE-2025-530xx/CVE-2025-53013.json) (`2025-06-26T18:15:23.370`) +- [CVE-2025-53121](CVE-2025/CVE-2025-531xx/CVE-2025-53121.json) (`2025-06-26T19:15:21.960`) ### CVEs modified in the last Commit -Recently modified CVEs: `37` +Recently modified CVEs: `360` -- [CVE-2025-46158](CVE-2025/CVE-2025-461xx/CVE-2025-46158.json) (`2025-06-26T16:15:30.733`) -- [CVE-2025-51672](CVE-2025/CVE-2025-516xx/CVE-2025-51672.json) (`2025-06-26T16:15:31.347`) -- [CVE-2025-5209](CVE-2025/CVE-2025-52xx/CVE-2025-5209.json) (`2025-06-26T16:01:40.640`) -- [CVE-2025-6134](CVE-2025/CVE-2025-61xx/CVE-2025-6134.json) (`2025-06-26T16:46:43.547`) -- [CVE-2025-6135](CVE-2025/CVE-2025-61xx/CVE-2025-6135.json) (`2025-06-26T16:44:08.650`) -- [CVE-2025-6136](CVE-2025/CVE-2025-61xx/CVE-2025-6136.json) (`2025-06-26T16:37:17.293`) -- [CVE-2025-6137](CVE-2025/CVE-2025-61xx/CVE-2025-6137.json) (`2025-06-26T16:33:18.123`) -- [CVE-2025-6139](CVE-2025/CVE-2025-61xx/CVE-2025-6139.json) (`2025-06-26T16:27:37.157`) -- [CVE-2025-6159](CVE-2025/CVE-2025-61xx/CVE-2025-6159.json) (`2025-06-26T16:21:06.720`) -- [CVE-2025-6160](CVE-2025/CVE-2025-61xx/CVE-2025-6160.json) (`2025-06-26T16:15:47.617`) -- [CVE-2025-6161](CVE-2025/CVE-2025-61xx/CVE-2025-6161.json) (`2025-06-26T16:04:27.483`) -- [CVE-2025-6173](CVE-2025/CVE-2025-61xx/CVE-2025-6173.json) (`2025-06-26T15:57:47.900`) -- [CVE-2025-6291](CVE-2025/CVE-2025-62xx/CVE-2025-6291.json) (`2025-06-26T17:00:25.153`) -- [CVE-2025-6292](CVE-2025/CVE-2025-62xx/CVE-2025-6292.json) (`2025-06-26T17:25:51.993`) -- [CVE-2025-6293](CVE-2025/CVE-2025-62xx/CVE-2025-6293.json) (`2025-06-26T17:22:14.003`) -- [CVE-2025-6294](CVE-2025/CVE-2025-62xx/CVE-2025-6294.json) (`2025-06-26T17:21:26.107`) -- [CVE-2025-6295](CVE-2025/CVE-2025-62xx/CVE-2025-6295.json) (`2025-06-26T17:19:48.817`) -- [CVE-2025-6300](CVE-2025/CVE-2025-63xx/CVE-2025-6300.json) (`2025-06-26T17:14:20.587`) -- [CVE-2025-6301](CVE-2025/CVE-2025-63xx/CVE-2025-6301.json) (`2025-06-26T17:09:26.040`) -- [CVE-2025-6341](CVE-2025/CVE-2025-63xx/CVE-2025-6341.json) (`2025-06-26T17:31:18.840`) -- [CVE-2025-6342](CVE-2025/CVE-2025-63xx/CVE-2025-6342.json) (`2025-06-26T15:43:29.243`) -- [CVE-2025-6343](CVE-2025/CVE-2025-63xx/CVE-2025-6343.json) (`2025-06-26T15:41:01.887`) -- [CVE-2025-6344](CVE-2025/CVE-2025-63xx/CVE-2025-6344.json) (`2025-06-26T15:38:17.790`) -- [CVE-2025-6697](CVE-2025/CVE-2025-66xx/CVE-2025-6697.json) (`2025-06-26T16:15:32.560`) -- [CVE-2025-6698](CVE-2025/CVE-2025-66xx/CVE-2025-6698.json) (`2025-06-26T16:15:33.583`) +- [CVE-2025-6664](CVE-2025/CVE-2025-66xx/CVE-2025-6664.json) (`2025-06-26T18:57:43.670`) +- [CVE-2025-6665](CVE-2025/CVE-2025-66xx/CVE-2025-6665.json) (`2025-06-26T18:57:43.670`) +- [CVE-2025-6667](CVE-2025/CVE-2025-66xx/CVE-2025-6667.json) (`2025-06-26T18:57:43.670`) +- [CVE-2025-6668](CVE-2025/CVE-2025-66xx/CVE-2025-6668.json) (`2025-06-26T18:57:43.670`) +- [CVE-2025-6669](CVE-2025/CVE-2025-66xx/CVE-2025-6669.json) (`2025-06-26T18:57:43.670`) +- [CVE-2025-6674](CVE-2025/CVE-2025-66xx/CVE-2025-6674.json) (`2025-06-26T18:57:43.670`) +- [CVE-2025-6675](CVE-2025/CVE-2025-66xx/CVE-2025-6675.json) (`2025-06-26T18:57:43.670`) +- [CVE-2025-6676](CVE-2025/CVE-2025-66xx/CVE-2025-6676.json) (`2025-06-26T18:57:43.670`) +- [CVE-2025-6677](CVE-2025/CVE-2025-66xx/CVE-2025-6677.json) (`2025-06-26T18:57:43.670`) +- [CVE-2025-6678](CVE-2025/CVE-2025-66xx/CVE-2025-6678.json) (`2025-06-26T18:57:43.670`) +- [CVE-2025-6693](CVE-2025/CVE-2025-66xx/CVE-2025-6693.json) (`2025-06-26T18:57:43.670`) +- [CVE-2025-6694](CVE-2025/CVE-2025-66xx/CVE-2025-6694.json) (`2025-06-26T18:57:43.670`) +- [CVE-2025-6695](CVE-2025/CVE-2025-66xx/CVE-2025-6695.json) (`2025-06-26T18:57:43.670`) +- [CVE-2025-6696](CVE-2025/CVE-2025-66xx/CVE-2025-6696.json) (`2025-06-26T18:57:43.670`) +- [CVE-2025-6697](CVE-2025/CVE-2025-66xx/CVE-2025-6697.json) (`2025-06-26T18:57:43.670`) +- [CVE-2025-6698](CVE-2025/CVE-2025-66xx/CVE-2025-6698.json) (`2025-06-26T18:57:43.670`) +- [CVE-2025-6699](CVE-2025/CVE-2025-66xx/CVE-2025-6699.json) (`2025-06-26T18:57:43.670`) +- [CVE-2025-6700](CVE-2025/CVE-2025-67xx/CVE-2025-6700.json) (`2025-06-26T18:57:43.670`) +- [CVE-2025-6701](CVE-2025/CVE-2025-67xx/CVE-2025-6701.json) (`2025-06-26T18:57:43.670`) +- [CVE-2025-6702](CVE-2025/CVE-2025-67xx/CVE-2025-6702.json) (`2025-06-26T18:57:43.670`) +- [CVE-2025-6703](CVE-2025/CVE-2025-67xx/CVE-2025-6703.json) (`2025-06-26T18:57:43.670`) +- [CVE-2025-6706](CVE-2025/CVE-2025-67xx/CVE-2025-6706.json) (`2025-06-26T18:57:43.670`) +- [CVE-2025-6707](CVE-2025/CVE-2025-67xx/CVE-2025-6707.json) (`2025-06-26T18:57:43.670`) +- [CVE-2025-6709](CVE-2025/CVE-2025-67xx/CVE-2025-6709.json) (`2025-06-26T18:57:43.670`) +- [CVE-2025-6710](CVE-2025/CVE-2025-67xx/CVE-2025-6710.json) (`2025-06-26T18:57:43.670`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 270aaab2c82..4bff4749cec 100644 --- a/_state.csv +++ b/_state.csv @@ -46920,7 +46920,7 @@ CVE-2010-5301,0,0,583f9fd1855b9ace664450510c74afa0308b2c32502d708f3d3f65ee639063 CVE-2010-5302,0,0,b62265de4c92e92a54d7af21e552ac20d2c2227e399750b58f8eff05f4537bed,2025-04-12T10:46:40.837000 CVE-2010-5303,0,0,919bf68db8b6d2c5950419ce6e7250d2013f50cfb20cc8a56a52d0fd01c71453,2025-04-12T10:46:40.837000 CVE-2010-5304,0,0,48036b1f373720fee56e102c186ef2e310b690ba81271d62a16d97190ca830d7,2024-11-21T01:22:59.840000 -CVE-2010-5305,0,1,499ea1bdb15df7a8d35ce20f05ad9120c34649ed8c4a690075475d3f0091e8be,2025-06-26T17:15:28.510000 +CVE-2010-5305,0,0,499ea1bdb15df7a8d35ce20f05ad9120c34649ed8c4a690075475d3f0091e8be,2025-06-26T17:15:28.510000 CVE-2010-5306,0,0,9f3ea0a94065bb5498fad05090ddf3c76e0c9df583a4b7bc215d0969343ab9d1,2025-04-12T10:46:40.837000 CVE-2010-5307,0,0,bc576dd47d7c761bc7f31868f952c0a795c38e45f0b3ab832ee30e5beaaf3737,2025-04-12T10:46:40.837000 CVE-2010-5308,0,0,6ef7cedc49106e184c9711ac6468d3345c3d283034bdc91feba0c63406f7004c,2025-04-12T10:46:40.837000 @@ -141501,7 +141501,7 @@ CVE-2019-6531,0,0,cb8e590b8dc2b819ec3417d9fe3c30485ca87bc7b47bfac77102001703d3c0 CVE-2019-6532,0,0,a7ab7164edd4c12d3debed5586db0a7c6623e927293f801349a342480742ae8b,2024-11-21T04:46:38.490000 CVE-2019-6533,0,0,49b6e28bf6c53111484228f93153f3996088f0421e9034f39c81529e61d45eb9,2024-11-21T04:46:38.613000 CVE-2019-6534,0,0,e5204fe70dc3ff28a7a3db42b94447f761369232b14976f03ea6e86d98ae3939,2024-11-21T04:46:38.723000 -CVE-2019-6535,0,1,72c9fe16487beb7a7661e33e88c3d3e4341292d280dffb3c091d5e8eb2300d14,2025-06-26T17:15:29.873000 +CVE-2019-6535,0,1,b57e15b614a64004c4cf80120531dd374de0c3dda74e83b1ad1284dbede68c7d,2025-06-26T18:15:21.017000 CVE-2019-6536,0,0,d8e992c6f2fce5b99ce1d72dcd26655f7c91fab051a2222d8b2b4f4bd0830b3e,2024-11-21T04:46:38.983000 CVE-2019-6537,0,0,6c45610650e5ad4f0b15376d8c75ca2fc178e09541e1961c96b819cd77466402,2024-11-21T04:46:39.100000 CVE-2019-6538,0,0,785d0cee55b648926c5eec7c7be1f61aba1bce6d66fce133fdb6b7975e33bf8e,2025-05-22T20:15:20.660000 @@ -141655,7 +141655,7 @@ CVE-2019-6689,0,0,33653f4885b2c487576adc6be2c41b0913486fec5c0f86a3fbfb189c1b52ff CVE-2019-6690,0,0,24841054c9c4d39a7f42c16ffeccfe4f602ed4cc12db97d5b9d3e695b6f796c6,2024-11-21T04:46:57.777000 CVE-2019-6691,0,0,9c1e2ddef2996e1f0fb57bdfa5ff34a0f4f4f8fc06c2750be580076bfe1cbc67,2024-11-21T04:46:57.947000 CVE-2019-6692,0,0,c83d1d50fe9e3ea13be08e666bbaabb816719df64e41ca182df3073131b01bfd,2024-11-21T04:46:58.077000 -CVE-2019-6693,0,0,d8c230d03d93c7c5f53c48b01992969c34ac30c28bd3be0d657bf8bcb057f1f9,2025-06-26T01:00:02.147000 +CVE-2019-6693,0,1,c7cfced889955edfcc6d5d6ecec4da9d1320e666d08a6b1ddb3dfaafdc9ed390,2025-06-26T19:31:29.797000 CVE-2019-6695,0,0,fc502f1b40596ca611edc216601ae543e662cbd59fe73e51f3b186e669ce96b1,2024-11-21T04:46:58.287000 CVE-2019-6696,0,0,69eed40a4a0cae512f578bd58c40d9921b883eb5441c5059e04af319e29f1622,2024-11-21T04:46:58.393000 CVE-2019-6697,0,0,79a8f4c2b14c846241f673482acf41dfdf355f1fa9f1b5c450606989c2c6a4bd,2025-03-17T14:15:16.567000 @@ -183667,7 +183667,7 @@ CVE-2021-41688,0,0,59ffa60a57dd7f8684a9172917a12a5ada875d022e65683717ad63015338a CVE-2021-41689,0,0,af46d9085ad3d19468c2b30dafb6abb567c763ea2882b7ed5df3d6b4a71e798e,2024-11-21T06:26:38.277000 CVE-2021-4169,0,0,d34dd4a12277ccea61b5fb59abd1e17e397f39c633236bb61c48063219e28de3,2024-11-21T06:37:03.470000 CVE-2021-41690,0,0,d07dae8981f002bee6ee4142a51ac9668b313de6a5005eb8484a5890a6890840,2024-11-21T06:26:38.497000 -CVE-2021-41691,0,0,1923a2b0a59b36e710fb48a574ae159a9ed742f6cee6a237645988c01e927dc3,2025-06-25T15:15:20.810000 +CVE-2021-41691,0,1,0a042cfaf3f84a91ee340fe692a99266c0df2113b8a44a04bcd66f5652d6fe91,2025-06-26T18:58:14.280000 CVE-2021-41694,0,0,e58a870260fbfab5108b944fb12787f67b340508d514a36c7f065ebaee568009,2024-11-21T06:26:38.650000 CVE-2021-41695,0,0,ad585e9217131cd5cffa3408792f8a85a627760c7f6e00d7fe5672284ccd79f1,2024-11-21T06:26:38.797000 CVE-2021-41696,0,0,a72b3fa1fc82df4e5795cf730ba2f96e5e0e618c209c9bbcaa52c0b52579cd4c,2024-11-21T06:26:38.930000 @@ -185773,7 +185773,7 @@ CVE-2021-44566,0,0,8367b8601e6ba473b69a3463f05e1f0d00870c5f430690333ddf7252f0ee3 CVE-2021-44567,0,0,e3ecdbb38c6b2dcaafd27b4ea0660802da283cb80c4285bcbc2d607b88b0773a,2024-11-21T06:31:13.780000 CVE-2021-44568,0,0,c0df78d6a8982481ca5bb6deed4e82b9ed36249a377cfdf3963ff2c437ca5c32,2024-11-21T06:31:13.933000 CVE-2021-44569,0,0,5af89ff864bb4ea2396f1b9fbccc8f3dbc30e4161ff1631d0eb49cab60a17bc4,2023-11-07T03:39:40.107000 -CVE-2021-4457,0,0,d7cec2bb543b476962c06d4b70038c2ddbadf20c3d969902e8fda0a6171d9a78,2025-06-25T15:15:21.100000 +CVE-2021-4457,0,1,64622f63466528da1a1b6d579fb41a8fee35b886878d8e59ab049430f3cf84dd,2025-06-26T18:57:43.670000 CVE-2021-44570,0,0,628a7cefa5280238f64a63a441934d48bbed27fbb89b3168a4f967d167830ccf,2023-11-07T03:39:40.140000 CVE-2021-44571,0,0,02553f355eea65b59ee6322e1012377660a064c58c7407d561f1e30eccd2cc53,2023-11-07T03:39:40.173000 CVE-2021-44573,0,0,3688f7261d965206d5d19fcffb1fec457a2c2d079c27113869c5db85541eb436,2023-11-07T03:39:40.217000 @@ -236302,7 +236302,7 @@ CVE-2023-4488,0,0,3f6368d9753580949bdea2af80cfcb860658191c03a10946f9a1d4399080da CVE-2023-4489,0,0,5dcc962b391acc3ca950745865927f0b5b93ff9e3c9d518d52179a09b0ccd62d,2024-11-21T08:35:16.427000 CVE-2023-4490,0,0,95278e9eeb741ba71ce165bf2bd71d963c897afa336f7e1107d3b246dec0ac69,2025-04-23T17:16:44.750000 CVE-2023-4491,0,0,e7fb463a66c8d27cbf05ed227829af780d33446074985ae7f01a0434a2022114,2024-11-21T08:35:16.687000 -CVE-2023-44915,0,0,f7ad8571b1b1e3d2910e03e8cbad3788e28332a505fae99d97ec267bc32cc5c7,2025-06-25T18:15:21.283000 +CVE-2023-44915,0,1,e3249592f9493341f0157fd97a419e60dfc5c5d14de1238e75e604ff167c3be3,2025-06-26T18:57:43.670000 CVE-2023-4492,0,0,605dd7244fb3ddc295ed0f891289d5ca2a770154238ac0992591f57a45424aac,2024-11-21T08:35:16.820000 CVE-2023-4493,0,0,2796b1478181a9eac538bc721b36ecb80fb9248916674ad472fdb837775724c4,2024-11-21T08:35:16.967000 CVE-2023-4494,0,0,8b90870ccf93985a0449b478b3d55d96464c6007cbe02b5109d8599d02441c66,2024-11-21T08:35:17.113000 @@ -237904,7 +237904,7 @@ CVE-2023-47020,0,0,77958b1e974ce3a0af29c7a34f0132e69536d415fc0c65e83c01b308bc43d CVE-2023-47022,0,0,73d82f89852a7fe6d598baa6e948b789fe12b29f69f371d14a570d87cb620bb5,2025-06-17T17:15:31.567000 CVE-2023-47024,0,0,c125fb103042924f5281e92be53a4da5c6431c794e2412cda8329c78f5f25120,2025-06-17T17:15:31.783000 CVE-2023-47025,0,0,66fd4d735d74f56390288fda0ceba4f40992fc464fda52a22d2276e16b06cc2e,2024-11-21T08:29:38.117000 -CVE-2023-47029,0,1,4a5e4f14db9e64a4730c819d67cb16af7f601e9fe9c282f515ffd92e0e6c576f,2025-06-26T16:15:24.467000 +CVE-2023-47029,0,0,4a5e4f14db9e64a4730c819d67cb16af7f601e9fe9c282f515ffd92e0e6c576f,2025-06-26T16:15:24.467000 CVE-2023-4703,0,0,a6d5e78e1192a3e0f4c01547c7f4ce3e0b04c7358d175d4096197c6b6119861c,2025-06-20T17:15:34.147000 CVE-2023-47030,0,0,93ccd1f7d36567d2d295f9d2eefa083e76664b4db1969b2faf0e950bfafbca21,2025-06-25T12:50:37.217000 CVE-2023-47031,0,0,a451f00aa91dc8a8504ff9338181d2c777cbbe9a238b568badcf58bf8e44beb3,2025-06-25T13:13:50.157000 @@ -238139,7 +238139,7 @@ CVE-2023-4728,0,0,c339ab5d87c7af4ab30b66d47f7562aee044b141169095045add07af35952c CVE-2023-47282,0,0,93bba9396c0f58046a2b076dfea038b721d5ee4b96d78dc125aa534f53adb836,2024-11-21T08:30:07.197000 CVE-2023-47283,0,0,6caec9eee746cdac4ea27e9ab2b0209b5ee8c2d3553a8d29b97a8533862b9ad7,2024-11-21T08:30:07.433000 CVE-2023-4729,0,0,f77231c363b30e96bfc2db8cebd3839401370fbb7b50252d996e4c9ee1c2023f,2025-01-15T16:31:19.903000 -CVE-2023-47294,0,1,298f059dd5123a102ff37a75adfdff11de59ed0a76d591fb6a7672a1acc54a2a,2025-06-26T16:15:25.483000 +CVE-2023-47294,0,0,298f059dd5123a102ff37a75adfdff11de59ed0a76d591fb6a7672a1acc54a2a,2025-06-26T16:15:25.483000 CVE-2023-47295,0,0,28a72d717c8a4fa3591c8aa3a96aa82e9fec7a018320bb6b31941ca440092c65,2025-06-25T13:30:08.523000 CVE-2023-47297,0,0,c14fd87e4e15a5f8e3c0ca94948127ff1c65a697a69ee20c14900dd6601ff3f3,2025-06-26T12:46:49.080000 CVE-2023-47298,0,0,4c4acd197c7d9d302a966e30e51e5a36b182be0dd23706e335a822f619b88bec,2025-06-26T12:44:00.433000 @@ -240480,7 +240480,7 @@ CVE-2023-50447,0,0,3b21483f93a61c36d17c54e0e41c9704319aa4bb30ed9f5f7c0bbdda96e01 CVE-2023-50448,0,0,1356900f30989b11a427d95591f2fc88232d31d851bd0fac96eb18865bdb0f57,2024-11-21T08:37:01.203000 CVE-2023-50449,0,0,ba270c267a15999c5436411e78a8d97ec1196d3bb1ec0bc251b111bb6e5f871a,2024-11-21T08:37:01.360000 CVE-2023-5045,0,0,79d8cf6ee5e9a4b50139a237bce749eaaf7a601766908d94e71febe8668c11b0,2024-11-21T08:40:57.920000 -CVE-2023-50450,0,1,1b6cd36b67fe27dd05ee97a39dba06431d3a62ba2619eb6715b633c7d7630ca3,2025-06-26T16:15:25.700000 +CVE-2023-50450,0,0,1b6cd36b67fe27dd05ee97a39dba06431d3a62ba2619eb6715b633c7d7630ca3,2025-06-26T16:15:25.700000 CVE-2023-50453,0,0,76d310904c175d9636c853af62d4f3f3ad8ffd78a8288d3d4c4903fddbeede50,2024-11-21T08:37:01.517000 CVE-2023-50454,0,0,bfaedf03326a6acc4075b380331bfd96efd576ce55b3819a4e641140e3d7172a,2024-11-21T08:37:01.673000 CVE-2023-50455,0,0,cf36f17a14a454b579fdc438155082da9fe3202a2d2238909649381efcfac5b3,2024-11-21T08:37:01.837000 @@ -245174,7 +245174,7 @@ CVE-2024-0765,0,0,147924df3c2a99e28ac84acf5407b5a7987726a2c64f3e2adccb459d5985f3 CVE-2024-0766,0,0,8d8b47eb35ac4fbeaf262a06f0eddbbba34c1a2755f916cda469cbece9f642de,2025-01-08T18:43:16.317000 CVE-2024-0767,0,0,a7ee481ab1c66b7c498da64ae1084c6748849512829a473ad9f194f786a0f5bb,2025-01-08T18:42:46.573000 CVE-2024-0768,0,0,91bcda62ea828832b073b37c60b407aec931c03659bedab78b2dbf7b33dc45cb,2025-01-08T18:42:05.587000 -CVE-2024-0769,0,0,c7297b06751c619100363f70be7c1ce52d1a3c64cbb68ebbc5e9f81d5b526fa4,2025-06-26T01:00:02.147000 +CVE-2024-0769,0,1,779dab0205f3e71bf9e72c1c5042262cd554070405c2a3686263270269be87e1,2025-06-26T19:29:56.650000 CVE-2024-0770,0,0,aa612333eb176e6028f7918ce18a4aa38bcb21688669aa13f59c2d5bff87865a,2024-11-21T08:47:20.020000 CVE-2024-0771,0,0,787c709b50080c9e3e387feda8598650487f948af1881a094925b288f94ee3c4,2024-11-21T08:47:20.167000 CVE-2024-0772,0,0,11c44bbc7d313553d3abc0d43a5d3567962f2383088d45c3a3c23d148c3e5d5b,2024-11-21T08:47:20.320000 @@ -247008,7 +247008,7 @@ CVE-2024-11580,0,0,2902a2896d70a09162eab174719b1f937a00063abe723be1bb8861e8aaeb5 CVE-2024-11581,0,0,54519437e00f96c23a8c70641ca6b3fe6fa4bcc79e1443a9a5c2a0ca7b114449,2024-12-20T17:32:03.967000 CVE-2024-11582,0,0,5e500d72782f3c6c9cfe57a8b04f3c73a0d08c89d5d781f1ea62d59a2f770b01,2025-02-19T04:15:10.200000 CVE-2024-11583,0,0,0b07441a5ea7c52db00cfe826d700b0c0eb6984d5bc925e0a246fd9c511bc36e,2025-01-31T20:03:24.500000 -CVE-2024-11584,0,0,d5b21ea3a74104cd82bfa6055287081c06e5979b5c001b6c1587b381301ead06,2025-06-26T13:15:28.650000 +CVE-2024-11584,0,1,6ec40cf4cdd517a62c78737ec927ae3ca51f6a5736fd2ae26f9b71610212f116,2025-06-26T18:57:43.670000 CVE-2024-11585,0,0,d73bc146050e187d4f7b957a4961cb8470ba9ebdf69a5843cdfa9e686c284b8e,2024-12-06T06:15:22.723000 CVE-2024-11586,0,0,acbb89c7a73edeb9af616fbe1a7bbf2dff72a4d1c23f19e17196df7c7df36053,2024-11-25T18:15:10.123000 CVE-2024-11587,0,0,0c53e214732460d3ba9182e7aecf740be5ad9acf89e1672faca46af72ab29a76,2024-11-22T21:15:27.747000 @@ -256177,7 +256177,7 @@ CVE-2024-2768,0,0,73606e2fcaa404aa5195b229503329bf796940cee0d4ef224671a9d1016ab4 CVE-2024-27680,0,0,045ae7f21a76d8b5dcbb31c4b83eae90c185f080a0865122dfcb71911a8e3350,2025-03-26T11:41:33.737000 CVE-2024-27683,0,0,824499003be0e229ade8933c0b741f1dc8e2bc3aa3a921d6f00eb69a58776df0,2025-06-17T20:55:49.377000 CVE-2024-27684,0,0,79e38996586f3cc6fd159df489b72d549130b6d544560593ad012e414a54b9f6,2025-05-02T19:32:50.587000 -CVE-2024-27685,0,0,c3870e025f6a56196e6fcb187a934588355f51c5595d83d62714ed58ba85fa08,2025-06-25T16:15:25.390000 +CVE-2024-27685,0,1,8b72d2edb615409e71258d3cc5c9c016f5fc0b415e771a10009f8d82b8eb68a0,2025-06-26T18:57:43.670000 CVE-2024-27689,0,0,8a82051a1b625705a6ee303980dd7e966cd157a680599291139b4a2e7a1c6fba,2025-03-28T14:25:42.963000 CVE-2024-2769,0,0,f5fed59b7bca296011d1da69594ac44436bea25a4aa43870a75a391217b8bea1,2025-02-21T17:14:54.783000 CVE-2024-27692,0,0,482b2ba8b1ff0d0cb0360c392cb51ab93e1109f90456f6b1fac8e0ba94bfdc36,2024-03-01T17:15:07.617000 @@ -263940,7 +263940,7 @@ CVE-2024-37734,0,0,942d71720aad180ed2fca0dd3a14d392234ecbc7fd118327494f9ee9c137b CVE-2024-3774,0,0,7a7a597b589690c12f919940345595f31743063972f70d8b4f9ea657d33a59e6,2024-11-21T09:30:22.263000 CVE-2024-37741,0,0,cdea71c096b6020452f86c61c722c71d411c4901d61352f541581e27bedfb10b,2024-11-21T09:24:16.130000 CVE-2024-37742,0,0,7c57418640c4a372993ae3363ea2c4e93948b308f1c699d6cb68e3e245b5578a,2024-11-21T09:24:16.373000 -CVE-2024-37743,0,0,a4a5d908c1e5f23438af2420972a727c7b7b33e800b7231e1c263a7ff6eb4825,2025-06-24T20:15:23.767000 +CVE-2024-37743,0,1,9a6ef332272fad062c4ba9aa6fda758319986f2854f54dd3e796734fe87c164d,2025-06-26T18:58:14.280000 CVE-2024-3775,0,0,527f7d608f8da6f09f241b673d5077f6d9275917117f8ac6d0ce1a26efac2c10,2025-04-08T16:30:51.500000 CVE-2024-37758,0,0,6aad1ab20925aeaf835ed115698dffcd6067c2af6f08e49e2fb33789c105b9ec,2024-12-20T20:15:22.937000 CVE-2024-37759,0,0,606805366b9f9646e3d660f6895299941a599eeb90c9b36368cb920769a669bf,2025-06-13T15:00:19.157000 @@ -274832,15 +274832,15 @@ CVE-2024-51962,0,0,aa5b86386886c09d6f7775b329f01551003fe6d3a5aeafe034e2c76e33a39 CVE-2024-51963,0,0,65d15561511f4792024c62d0c3dbbe1a84656f415b27a24cc7fcb099d4df16a8,2025-04-10T20:15:21.723000 CVE-2024-51966,0,0,69a0d46bcaa28466534ecd74cb2be650273566964ba1c75d7e0cb22b97d45b63,2025-04-10T20:15:21.850000 CVE-2024-5197,0,0,3ceed42f5112dd9bd5fe7184078d9498cb21faff4758f60f424f81f723a4d1f0,2024-11-21T09:47:10.363000 -CVE-2024-51977,0,0,ae0abc3896aa34da58408d57a73670d1ca04bb80f1162d8b9aa7bfda81885d8d,2025-06-26T15:15:22.167000 -CVE-2024-51978,0,0,080238c493ca5141a0b64da3bf5cefc734cbe73438596d0d624c9190d618c4c1,2025-06-25T14:15:22.823000 -CVE-2024-51979,0,0,ea92e40117ad8fa111fa4480baeb19d3876eb6d36a7c15795f6000e48a841626,2025-06-25T14:15:23.313000 +CVE-2024-51977,0,1,4f761c661b42c5f2ea392c2e78f80ddcfd980ce62a703a58f98178b982585c9e,2025-06-26T18:58:14.280000 +CVE-2024-51978,0,1,2e5488c8fcc87d31fbd78a7a4d6c0122173f65ce5d71abf3aa37e260f6a0ff6f,2025-06-26T18:58:14.280000 +CVE-2024-51979,0,1,66ea3af85b0be3e586bae0e0d9a1e50639e1aa59ecca4df614263a85bca7d862,2025-06-26T18:58:14.280000 CVE-2024-5198,0,0,3fa9ec394e1888d66e83812554066b455d9458d73cda1ea9275cc8bdd128d3dc,2025-06-10T16:12:09.340000 -CVE-2024-51980,0,0,1306f0350daae6787dd355fc9db9092745e85dd2ce382848868ff17d6916a473,2025-06-25T15:15:22.187000 -CVE-2024-51981,0,0,e53f25039692457798a6bd9e32c2679834031736b058082d64c2ce92f6c6e429,2025-06-25T15:15:22.713000 -CVE-2024-51982,0,0,eb53c3dd9c6551d67d41e6e91203bf5bbc7f39baec713291c5fd13cd0a27945b,2025-06-25T15:15:23.170000 -CVE-2024-51983,0,0,51d39bcea6fa9eea3060b50a34099b4777b3e2d59c4551dbe3c557b7157946c1,2025-06-25T15:15:23.390000 -CVE-2024-51984,0,0,be58c9efc5889e15c383739a7c3fe40d13806c3776e7454f8a26a25199c82c36,2025-06-25T15:15:23.853000 +CVE-2024-51980,0,1,572f544401e25328be329256d6ac93c2ee2db5ef54d12c1aa92544388b677094,2025-06-26T18:58:14.280000 +CVE-2024-51981,0,1,e4f21b8358a36a1a6552381e142c37996a5b5d2ef13ae14040236e292096ca2c,2025-06-26T18:58:14.280000 +CVE-2024-51982,0,1,4fda23a16bd67a5acc98fbc1b6611c81fd7cd42c6f492ae3bfac70787484932e,2025-06-26T18:58:14.280000 +CVE-2024-51983,0,1,011b9896839b6086ad21e199e79ae5a384eed5f46664177902aa16b5efb862c8,2025-06-26T18:58:14.280000 +CVE-2024-51984,0,1,a15cc2511549e5cc4e353e396e4c5456ca5c8a996388789d5d085d0ea03fe2f3,2025-06-26T18:58:14.280000 CVE-2024-51987,0,0,de42f826ffc8f667098d9b9c812cdb24c061b4d91dd2f98cf12cb5febe98a72f,2024-11-08T19:01:03.880000 CVE-2024-51988,0,0,a45b9470dfa3fc9b3b82cb1bacb88f01f17e4e8292b3ec9c884e93e16e6b15ff,2024-11-08T19:01:25.633000 CVE-2024-51989,0,0,a62aa77319eb44e1ae15c0a171eaaf0800894194bc1d4e92f5debdb86b23946b,2024-11-08T19:01:03.880000 @@ -275470,7 +275470,7 @@ CVE-2024-52923,0,0,1238a4879a0bc2d925f8ecf6f96b3d1c816c52f29e36df61c25ed1ce84892 CVE-2024-52924,0,0,8b254b4a26863de18a0a4930d1f91105918cf608ca8edf047ba4e3990b61fb38,2025-03-07T20:15:37.240000 CVE-2024-52925,0,0,4d21065ff66a1748231e5c3543316979502c5f13302562a708f4fc89ea5a4eb2,2025-02-26T15:15:23.867000 CVE-2024-52926,0,0,5021ba3f217b734483a326034e850572aad7fe69e34251b753d7998240a26e61,2024-12-24T19:15:06.940000 -CVE-2024-52928,1,1,61501d64bda944c41887cd192eae26bb5ef6d9f05584bccd2c3019f70d252de6,2025-06-26T17:15:30.287000 +CVE-2024-52928,0,1,524f3676b2351f38748a169242bb2dc8bb9060b38616ec1508a2eda18e9c55ab,2025-06-26T18:57:43.670000 CVE-2024-5293,0,0,f489071fddfba63fc047e3d21a5cfec46b34b73b22b63f08d456cdba6a84add5,2024-11-21T09:47:22.487000 CVE-2024-52935,0,0,da218bbcf32aa8ee196d0cc84ac3289085c87dcfe3a543f2e97a81e0e8e7c479,2025-01-13T19:15:10.993000 CVE-2024-52936,0,0,fc5419fb37a8a058b0ac6dbc1882fd48de1fcccd6ca5038c660a45c78f704b96,2025-01-31T17:15:15.567000 @@ -276343,7 +276343,7 @@ CVE-2024-5408,0,0,fa6b3cfb5fa0c30106c5ac3ea6add5195e2bf0919853555e00f52962c2a69b CVE-2024-54082,0,0,65aa9ae45e1268a98d7772f17453032df41f59a165b23f820cdeaede4b477a68,2024-12-23T01:15:07.840000 CVE-2024-54083,0,0,5fd9cfa9d541ec1d140263f1195469b624b1e1b6173ea5643199f37a0fe69372,2024-12-16T08:15:05.317000 CVE-2024-54084,0,0,c1aee3e143998bbdc982177558f44486e207fe61fab43f3469a59c234690bf0a,2025-03-11T14:15:22.730000 -CVE-2024-54085,0,0,8b13a638f704c8dce87a036d48dd0f5160f3ecf9111ea4536d9d68c5ba5b9e77,2025-06-26T01:00:02.147000 +CVE-2024-54085,0,1,b596a98d45d5788b4bb9f8c50f83954a17bbb2d6fc42081dba30be070a5e7786,2025-06-26T19:29:28.430000 CVE-2024-54089,0,0,efd2198ce361ea992eb01ea5caf6a93dad81fb83e8cf416236617bce8d42af11,2025-02-11T11:15:15.423000 CVE-2024-5409,0,0,e57e1ade9406d6824e9de4b5fb59a028c0cc0d3b407f2e5791339282678e1347,2025-06-05T15:31:08.950000 CVE-2024-54090,0,0,66ce7fba27ae90aef333be57d6145501dc74f76ec68d084b34f2e2ffb0d19de5,2025-02-11T11:15:15.647000 @@ -277973,7 +277973,7 @@ CVE-2024-56728,0,0,9876b31ab8f2f62b05d07e7b6cd6963d4d5c3e44378c964e0a90a0aa79c2c CVE-2024-56729,0,0,2c6c814be3178fdefbbd68f1fd2794002dcc90cc7683b20479607fb1bf1edf8f,2025-01-07T21:53:02.797000 CVE-2024-5673,0,0,f8b3774ce465f722b68e8727929e95d8d546e4b203a41a4244c7e4dffeee7a73,2024-11-21T09:48:08.057000 CVE-2024-56730,0,0,c59cea0a90fbb10c7538383a1832b8ca0fc27e087a27113d6586256c0bdb2474,2025-01-07T21:23:52.260000 -CVE-2024-56731,0,0,24c486328b2189f7ca0a39205bfb188493eadffd26e8e0d5956bce935a2dd2ab,2025-06-24T04:15:45.813000 +CVE-2024-56731,0,1,b7b4281a1bb02cf0ed5902430ca81a411c57347b3a2b0dde87fbaa7ff54cff2e,2025-06-26T18:58:14.280000 CVE-2024-56732,0,0,b8afa550e07ced01fe4bc3771dd4e27eb321ef6d140ae1b0e0a8b01eb97cd67b,2024-12-28T17:15:08.190000 CVE-2024-56733,0,0,c2474ef73dd56102a08444876977f4dc5534d1c12671d5b5a9d94af958afe92a,2024-12-30T17:15:09.990000 CVE-2024-56734,0,0,127527bdaefb81c9eb3e5f3c9aeb8fcd2a7203002690791775ac4a054e77c7cf,2024-12-30T17:15:10.133000 @@ -278073,10 +278073,10 @@ CVE-2024-56903,0,0,b897be5c821ce23ff62ebbc786466003154e6577f97fa83d87efcf2c721a7 CVE-2024-56908,0,0,bbe0040508ad69151e90ab47c62a14618486e1b0815c01e094680be9e1e713d0,2025-03-17T19:15:24.050000 CVE-2024-5691,0,0,9505e4d65453e2558c96eeea1a67c071cea95e3c90b63f8d9e952db5959b044b,2025-03-19T21:15:37.710000 CVE-2024-56914,0,0,064f87427a8016e13b3b895075549080817f6e33abdd6a0f7fbfa426e2cf3bd7,2025-05-21T16:11:27.750000 -CVE-2024-56915,0,1,d1dc048e1760bdf298c6c4a68351a2e047dc4225796624a31f6d3918062444d3,2025-06-26T16:15:25.910000 -CVE-2024-56916,0,0,8d791153df4968d3eeeb69a9c48a710c5c1054b60793c3fffc13c78de96c4f0f,2025-06-24T20:15:24.643000 -CVE-2024-56917,0,0,22eee042f4d8b258955468fa7b726ed4840860e6e36c91120f332296bae2e2f7,2025-06-24T20:15:24.790000 -CVE-2024-56918,0,0,52ee2653b76f15ba0701a308965e0214f9660afd1f602bc274c062083d531183,2025-06-24T20:15:24.953000 +CVE-2024-56915,0,1,d8173456d344098b22a75a2e02b37206a45f8c92928962510f8649ef655b139d,2025-06-26T18:57:43.670000 +CVE-2024-56916,0,1,1149fd211087d85a318b511ca9b03e86e78c294bf7a379ee7f080a03243aa2ac,2025-06-26T18:58:14.280000 +CVE-2024-56917,0,1,35b68b56acb4ef851f62dcce08e7049f3f145c8bf0ee8052af36e74efca6a164,2025-06-26T18:58:14.280000 +CVE-2024-56918,0,1,1383b146b909c8e519d91b8742ed0dac68c31bc0f2ade4e0f82fb7d912e8e0a9,2025-06-26T18:58:14.280000 CVE-2024-5692,0,0,7a0e93b4132c5556301f236baef387bd61eb187dcc76da3b0d3022ff1bfb1690,2025-03-27T20:07:17.167000 CVE-2024-56921,0,0,65e4ee21eb8e6911078997661eaf48bf52901c948266f74aa9bcc9e4df1037c6,2025-04-22T14:58:46.420000 CVE-2024-56923,0,0,604a6006dae0a3ab9d362a51dab025175b10dba2548343a30a9a7501ead66a17,2025-05-28T20:41:45.083000 @@ -278480,7 +278480,7 @@ CVE-2024-5770,0,0,918380eecb24f860d41c083e6e9a778682d01ec1efa0eb8b0287a3dccfe91d CVE-2024-57703,0,0,821fb847a6deac1e43851cd3ab1eea58d6954af60eadb9972d53f3a457a3248d,2025-03-17T14:59:32.307000 CVE-2024-57704,0,0,a9645cdb100870e11a8ca5752cec5d028eb030155daed4240595658dfba990b2,2025-03-17T15:04:57.907000 CVE-2024-57707,0,0,dbc16e213ebc523407e7f3bbaba186d6eb3d9b00db06275beeefc35eaef53a76,2025-03-28T17:24:50.600000 -CVE-2024-57708,0,0,c3815901aca3e09ee3e1e34ec793bdc079a273c3694e51a56b60de8891ef9a48,2025-06-26T05:15:23.387000 +CVE-2024-57708,0,1,e1a86d8b388532f6633c4a88b5f3d0c8020cd819f7fa3bf287b629ec57752028,2025-06-26T18:57:43.670000 CVE-2024-5771,0,0,e471b000ba82873f846a0f0e75b0efdd4d37cb6fabf417a41ddc70ef105f4163,2024-11-21T09:48:18.863000 CVE-2024-57716,0,0,79da6b902a2967abf048782629438cae155ee0d179ea2083ddc6c325108a1865,2025-02-21T16:15:32.453000 CVE-2024-57719,0,0,8a3bc05ba873cf5217ecae9b479d35ef558d2e1821c8bcad96c73a12f31a18c4,2025-04-15T17:13:26.693000 @@ -279180,7 +279180,7 @@ CVE-2024-6170,0,0,4f4feaa051cf526bf9bfbbaa3bec84ff456fdf5126d8574d1136d86b9b9157 CVE-2024-6171,0,0,4346ab3f7b14d6380848f6593d4fb20ee4785e9f959985312273f695426c45f9,2024-11-21T09:49:06.920000 CVE-2024-6172,0,0,9dc6aaa43f42439daad697184574bc02a04b5894b5b2724df2c821e07b19be8e,2024-11-21T09:49:07.047000 CVE-2024-6173,0,0,1cddb9debbb5fdfd0cf79297d2f2924b6dcb127b463f053c35bed2e7c56d0027,2024-11-29T06:15:07.503000 -CVE-2024-6174,0,0,6863f4d68f1bef354c414e6e5100228e095e83d7d402b684e0d83a47be5273a0,2025-06-26T10:15:25.133000 +CVE-2024-6174,0,1,518940b79455b896157c1fb14b33c035e8bac9cb6263a3abdc4b320946ab8296,2025-06-26T18:57:43.670000 CVE-2024-6175,0,0,383dab664f87e85a026415f2c3e224ae5fa1dd4ed7e1268ce66f7b926c48a731,2024-11-21T09:49:07.253000 CVE-2024-6176,0,0,21f9ff18133f6ec4699eaf4acac05a3a991a9eb6a5269b5794afff3ac818b1d9,2024-11-21T09:49:07.357000 CVE-2024-6177,0,0,fa162b485f99f68812e2fb99c0e89ed20ad30eb8f2dc55d4b95a1db0a4b76f7a,2024-11-21T09:49:07.480000 @@ -283525,7 +283525,7 @@ CVE-2025-0958,0,0,8e934c42a8ae7048365dcc09aa09f32a5218f596be70202f3292fa3b9e1add CVE-2025-0959,0,0,2ef0e74d37106a9147ba132a96f3962a471250250ebc475b9bdb4c0c141acc13,2025-03-13T14:59:44.297000 CVE-2025-0960,0,0,499907aaf0daa1209acd23a8382909ccee8a784758e88e7f103cadb30772d3d2,2025-02-04T20:15:50.103000 CVE-2025-0961,0,0,346daf6e4766249f748146548eba00ad58cef7728e5a80d5d79af93be768a67d,2025-05-28T17:17:22.983000 -CVE-2025-0966,0,0,d87ca3e7a274acde1b865c5c0919cc28cf819680ee7ef4441fa2900e9b6ce630,2025-06-25T03:15:26.580000 +CVE-2025-0966,0,1,674a09fa711ef02165f970e56c018d986889b8f53ace10270e46d45db7cdfbea,2025-06-26T18:58:14.280000 CVE-2025-0967,0,0,d8c64e0386338d50f41e26d5ea4b324d68ccfa9e57d63544f495e90b3a5b315a,2025-02-25T19:05:40.627000 CVE-2025-0968,0,0,a4e9e6689859f7c2eea936619747aa6ea0cae6f7cc09990c02ad9c83b9675838,2025-02-25T20:21:17.287000 CVE-2025-0970,0,0,dbb9a878c26220e6c6fcf04d86cb830c57c2ed2708896797c1f2c042f5dde1ff,2025-02-02T23:15:19.027000 @@ -284146,7 +284146,7 @@ CVE-2025-1712,0,0,b94d0190ebdb3831769a5867dbc038d4d7585fa2490152c1e878c7d5a70443 CVE-2025-1714,0,0,6e67e5fe1ad7d1f8ea60e413f9fa7e7e2f63bd8d4c4369040436660c144fa80c,2025-03-07T05:15:16.233000 CVE-2025-1716,0,0,7b54faf04c0c346ecfa632bdb4185fc3c19aff41bf7399ecadc1ddfb775e6d41,2025-03-03T16:15:39.520000 CVE-2025-1717,0,0,3d4f0d449e7852a9bab717d0d55b537c9dc57d522d200e81bab92be20a7c833d,2025-03-11T16:12:42.783000 -CVE-2025-1718,0,0,6d0a145d557996297ca811dce1e9777bace02acfc8140401301ce1a24f26950e,2025-06-24T14:15:27.847000 +CVE-2025-1718,0,1,4a632b6f57737fd70dee3aed2a4446da98188f4b590775b1a851dc1d51d01e2c,2025-06-26T18:58:14.280000 CVE-2025-1723,0,0,c7576768b3fcdf2c172cabd995356c9a4e187202d556f18e62eeaf91cbbf52b2,2025-03-03T08:15:15.717000 CVE-2025-1724,0,0,b8e86d6fa70198b5cc9fe6224a04663cb9564b5f8c33fbf347cdad07f13847ed,2025-03-17T07:15:33.467000 CVE-2025-1725,0,0,c49b8d1c27e2c6728ab571d7d9ee0274a46175f957660be0c5aa759fde493bd7,2025-06-04T14:54:33.783000 @@ -284172,7 +284172,7 @@ CVE-2025-1750,0,0,f2b02c8ab47b127d99b9eebedd1676eb9a59c6b92f91a9280a5eb3beed62fe CVE-2025-1751,0,0,abfc84328e2199f31a54a26b50388e665ca54aab7fd0cce8bda2194b6d823604,2025-02-27T12:15:35.030000 CVE-2025-1752,0,0,67bdd52861cadb9ec44fc5e063c3f2c1275aef4202dd498970e70f4ea7d1426e,2025-05-12T18:15:43.960000 CVE-2025-1753,0,0,3593b6ba50ede630959d5ea37be4b1eda351a397f05e35b03d360630d3f61397,2025-05-28T15:01:30.720000 -CVE-2025-1754,0,0,f7f18cdd47d80ececa2ba79ef75238a9166dd1477cfcee0118cb26fb7bbf7d79,2025-06-26T06:15:22.570000 +CVE-2025-1754,0,1,5d135e9de392eef97d40a5602d0b595485b37eeb1ec0d630b4152c14d1902d22,2025-06-26T18:57:43.670000 CVE-2025-1755,0,0,b8116dcd9eafe8c21e606cf4d169f84c9b48a368fd9a8a9ed4d47dfc5171839d,2025-04-09T14:07:43.140000 CVE-2025-1756,0,0,469a2e36bf9b0a53fa5f2a58ce7fdccfdf577f34edea6c0bcffa665f76adda9e,2025-04-09T14:07:26.960000 CVE-2025-1757,0,0,c25e39602a825b6394df945ad4b24df4019eaaa8085cc7f11e82831fb6895cb4,2025-03-10T16:48:47.823000 @@ -284588,7 +284588,7 @@ CVE-2025-20258,0,0,587485bc224e7800bf99678fb698cd6c8d3d28eeeb847ba45799c39e0a8ca CVE-2025-20259,0,0,2b6c28972e4d4c813f43be486ba2790654f4b624edfb74676837346be40ee996,2025-06-05T20:12:23.777000 CVE-2025-20260,0,0,9226ca48b92e45380c6214530240c76c3fb395160abf195de5b0390b25ddf3b6,2025-06-23T20:16:59.783000 CVE-2025-20261,0,0,cc4f4ebcc501f9646a2caa18052811251321f685cdbad4bbf81f06b9a1734a58,2025-06-05T20:12:23.777000 -CVE-2025-20264,0,0,82bb289178a1819b730dd0e950e7920186f06e533c32141a8a402c552da2acd8,2025-06-25T16:15:25.833000 +CVE-2025-20264,0,1,ba489018597049e82e2e0757342f34292ae99ebd7833bba4f6b02efaa14fe5a4,2025-06-26T18:57:43.670000 CVE-2025-20267,0,0,9f1a8869becd21960978de51d3d70c583f40a6a9b638c69857e8709afa0ac105,2025-05-21T20:24:58.133000 CVE-2025-2027,0,0,f4e787944fa975229e7ea27488af4d7a233e07940cd5bde5046deccbe6a0e23d,2025-03-28T18:11:40.180000 CVE-2025-20271,0,0,041d554cd9531899ccde50e1767895c0866fbdeefe230e358c4aa41b7baed66d,2025-06-23T20:16:59.783000 @@ -284598,8 +284598,8 @@ CVE-2025-20276,0,0,3ad655a776b884d16534791fc8b8166700a12ab633ba6b9360b6b8d626f56 CVE-2025-20277,0,0,a6caa835cd4bd714d00a035d3a0ba5eb2ff0771a85b71bbf06391308275c3c62,2025-06-05T20:12:23.777000 CVE-2025-20278,0,0,ffff167b2cd4793f0110d3a8f165d0e9b2fe4c1c1c871bf75446f31d3d040bcb,2025-06-05T20:12:23.777000 CVE-2025-20279,0,0,d5049ae803f9b11db1def0d83c15ac1f8857a6b4477662dfe080d7b3f1c3c618,2025-06-05T20:12:23.777000 -CVE-2025-20281,0,0,786a77cc7476d6b6af1ab5f77b780b08699081dd23891288df0c9e73f84c939b,2025-06-25T16:15:26.017000 -CVE-2025-20282,0,0,288b922cfcadf2d4a63f1e0194d37fa7823f298c113073757d2c9e6dd3c96670,2025-06-25T17:15:37.490000 +CVE-2025-20281,0,1,0bfd7882af55144a3cc7b7e3a0ded9fbbc8d392aa8afdaadc6a603136ac87d41,2025-06-26T18:57:43.670000 +CVE-2025-20282,0,1,44ec0892beaca84b6bb0f81251ba55f7052c9741020062cfc4a7487c36dc86f1,2025-06-26T18:57:43.670000 CVE-2025-20286,0,0,23b7719b06d4bbe5498d25b92ee8826f7a22edaa40a9c95c06d7d21180e27a9a,2025-06-05T20:12:23.777000 CVE-2025-2029,0,0,d542afcc372a129fd7977f37fa3c5e3e2b220f9ceca1025a42b23e0691f5c316,2025-03-06T15:15:17.943000 CVE-2025-20297,0,0,fd036aef2926b86f71d7b735e8eace20d04567625f017b30a40eab31b1a018ed,2025-06-04T14:54:53.980000 @@ -286703,7 +286703,7 @@ CVE-2025-23089,0,0,8538abc6f83acab58bdcb6440f1e22c462d137c99186166b0dcb3a7a24523 CVE-2025-2309,0,0,a6ed30f6db928700252c14d866d4f1b24100fd592c5a071eddc42a141ff853da,2025-05-28T18:13:22.980000 CVE-2025-23090,0,0,db1a04b33215738ef9ff89e7dd3243ce6839535b0728d9bb0d1927af1170accb,2025-02-11T00:15:29.570000 CVE-2025-23091,0,0,52be052e818e282e438c6b1d873e178494e11252bb26056a7aa314d364167b02,2025-03-13T13:15:57.990000 -CVE-2025-23092,0,0,0c045677b8dbc244389820c8601bdf99d62a4994ef2b5a6938a477c021d5857a,2025-06-24T18:15:24.360000 +CVE-2025-23092,0,1,f614a9f9e8d17fef85d9b075f1dad3e7b39812a9fdc41616c3a5debec2065698,2025-06-26T18:58:14.280000 CVE-2025-23093,0,0,7320826aecf4e98ab5895586ea1e6e8575244a0f095c3e1b8e12bb0d362e3614,2025-02-12T15:15:18.597000 CVE-2025-23094,0,0,7cea7e6e51afc006925b4e48de2308fe64516f9177080ff30f9a60f654ae9082,2025-02-11T22:15:30.597000 CVE-2025-23095,0,0,0618822b2ded21e46ba3e1edbcfb4291064bcf636b99986ad46a652a3e8a3349,2025-06-11T19:07:40.863000 @@ -286868,9 +286868,9 @@ CVE-2025-23252,0,0,e12066f57f061e1c4b5e4699b8ee1a8a5a3daff9b46ccac2c27af7cd070a9 CVE-2025-23253,0,0,f9de68ed984cf5e5c99edc68b635f242d07cc929f5185cb27e2c9dcd5ffcaea9,2025-04-23T14:08:13.383000 CVE-2025-23254,0,0,8be2e21d58ec3fd7d92ec8e896dd51db7ae8bc6c069a21e838d199f9a2844aa9,2025-05-02T13:53:20.943000 CVE-2025-2326,0,0,0ec0c28e6b995dc182a44a080592df606d562ca954869d7753960c79a6ff321c,2025-03-24T15:15:16.830000 -CVE-2025-23260,0,0,a5d9d0489a70d6468c825ab162de62afb168ba49891e415dfbb7364cd02af78f,2025-06-24T18:15:24.533000 -CVE-2025-23264,0,0,f9f55c6ab3f856021f3d59a62b68073d28f2e99a6865786c21bf57a825095213,2025-06-24T16:15:25.990000 -CVE-2025-23265,0,0,ead97c0f7d6d0ce35eef7c683ba86fe6d811e1fbadeed68b63d73fe74acfd606,2025-06-24T16:15:26.183000 +CVE-2025-23260,0,1,1735c2ebaea56f447f0db9460752c39a92cf3cffe46d7a1fdd9033e31c799c56,2025-06-26T18:58:14.280000 +CVE-2025-23264,0,1,ba7052c322742e18943487d96360c38685d626e4abe6330a73d1efd7de0e7064,2025-06-26T18:58:14.280000 +CVE-2025-23265,0,1,9e9a26c0a7fcbce2bc7e047a32e64dced1170ca6aff74acc4a139cc356639f9e,2025-06-26T18:58:14.280000 CVE-2025-2327,0,0,623acf4a26d9d0a627c39d6e7bd3767484bbbf51b695c128c65dda426894e878,2025-06-17T20:50:23.507000 CVE-2025-2328,0,0,432be9c7b77876c37841232148e3f6774268d50f769033c9c60a49c79bb54e41,2025-03-28T18:11:40.180000 CVE-2025-2331,0,0,ba6a506c04c459bf4d4f1d883b767008a848176622abe4526fa84600ec186015,2025-03-22T12:15:26.833000 @@ -287579,7 +287579,7 @@ CVE-2025-24026,0,0,851a3bf68c954484658a3468537933c8ee28750382a531089af82c153a4aa CVE-2025-24027,0,0,7aafd16a9bde691788eff3c983eb76660cc50c899ff68b8c3f8ccfb1cc458ed4,2025-01-22T15:15:27.090000 CVE-2025-24028,0,0,545c071838c816be977c3520d8d21408e612d6f5f92969ce1c4368203cb04b22,2025-04-18T01:57:17.133000 CVE-2025-24029,0,0,78ccc702bd5d12fe713f342eb01497f1004c6f35d754359834f77e673529d847,2025-02-03T22:15:28.320000 -CVE-2025-2403,0,0,922dc374a649eb9a1795e8b830be58e7133f61414894da64a4c520128e51690d,2025-06-24T14:15:28.330000 +CVE-2025-2403,0,1,b5cb4cc5a4caaec298b38f5cf04bf1d285b2c4b89a56c26791ad1582cc36203c,2025-06-26T18:58:14.280000 CVE-2025-24030,0,0,53ed9f8c2f1606c3ac2d0893d8b45d45add03d54f0c0cb325356c13a37ba8b27,2025-01-23T04:15:07.100000 CVE-2025-24031,0,0,f001af7155fa77b1de37ced441ee4e39c1454b911ef9ca1ee83e5bda55f8dc14,2025-02-10T16:15:38.990000 CVE-2025-24032,0,0,1178a4dc66e28f37c78bc3ebc36c9a48c540f3ad31de8ebddc9029a3c39156bd,2025-05-21T16:15:30.827000 @@ -288404,7 +288404,7 @@ CVE-2025-25002,0,0,12f8033c4f78f1fc2a11a22d65139dde5cad0f892f0f27858d617011f4499 CVE-2025-25003,0,0,81c7aaa0459bff03b421e5d180256f499147e53c41ab2bff8ad40b62fee74ec9,2025-03-11T17:16:38.043000 CVE-2025-25008,0,0,dd0d6b1d65c4bc3e0a08b5500a49fa40b10c2ed4de56e853cd146dcf325a2884,2025-03-11T17:16:38.483000 CVE-2025-2501,0,0,b88e6d23c5ab944162eb989f85baa8515946f4b0b4bb397d5de06dbaddedba6c,2025-06-02T17:32:17.397000 -CVE-2025-25012,0,0,a51f1a1a9e75f415cdf948a6f1f68fac77a619f4250be562c8dd2ea30c64da57,2025-06-25T12:15:19.920000 +CVE-2025-25012,0,1,0d23512206a0d3ecfc062ff5e916756c8a8e50239fbd6a69099c1591d9b4748f,2025-06-26T18:57:43.670000 CVE-2025-25013,0,0,8b0fcb6890b87ced02ed7f1e0ef615815bf6fcf1ec3fd1005c85d59a010589fb,2025-04-09T20:02:41.860000 CVE-2025-25014,0,0,647104a2327be5f1c7c985c2226368a66da33abeea590fea277f963925352e87,2025-05-07T14:13:20.483000 CVE-2025-25015,0,0,e7d4452314aabe852480668c29806de032c9b7af4ea611fa50a64f67c7b33f75,2025-04-02T17:15:45.240000 @@ -288804,7 +288804,7 @@ CVE-2025-25635,0,0,beaccf1b133ae432bcedfcf1b43f20544c4e5ac5d5d33afd3d44ae08bcd87 CVE-2025-2564,0,0,72f0725dc11f6141f688de953b6cd7fe92ceff4353be89860d243a851bc3375f,2025-04-17T20:22:16.240000 CVE-2025-2565,0,0,d818b817202e54e9a5012e130505725e396db90172452c9fc8295f5a728db99c,2025-03-20T17:15:39.450000 CVE-2025-25650,0,0,70ecf06880b4929e5c513a2918fa826b8f349cb5d8c6a838be654946b1198891,2025-03-19T19:15:45.910000 -CVE-2025-2566,0,0,3f576bf2a5e2a0c6696cdf65fe8ba15286831cea3bff17d831a264321aa21ca1,2025-06-24T19:15:23.520000 +CVE-2025-2566,0,1,2dba0a7dea6cc3bbf9a00dada1421118462f4b7bea6af87f238126a0779f9351,2025-06-26T18:58:14.280000 CVE-2025-25662,0,0,c96e7c4ce4828b127cfecbe8c3b1c592fd63fab7f23366d035bb178815dbdd25,2025-05-07T17:56:07.840000 CVE-2025-25663,0,0,5a746eea3634250332bacc9c924ac5e785f1cc29be7fb51e65232a0170bb6bbb,2025-03-17T15:10:12.850000 CVE-2025-25664,0,0,1da9718d556db2a8964602e6e91c5c694bfb0281423a38648b821b59368a1401,2025-03-17T15:19:50.133000 @@ -288916,7 +288916,7 @@ CVE-2025-25899,0,0,49509dab92a7490493f015c3a421f3df20422695bc16604a21e744cd92c09 CVE-2025-2590,0,0,70d163597c6b54a9b221dbceb999e3dbfd19e4684bda0b9f31a9a118c1978471,2025-04-01T20:23:46.903000 CVE-2025-25900,0,0,197edac334969a36528e38515d8f1495b86f020e3a948095f19453a08a5759d8,2025-06-20T17:25:56.670000 CVE-2025-25901,0,0,dbbaa66456410cc814c13398a9419347a95d4c008549889e82c9e08064439afb,2025-02-20T15:15:14.380000 -CVE-2025-25905,0,0,912d5d44caa86fa12aa8ea1fb79d1e893253ea069130177527d7e0997ba1376c,2025-06-25T16:15:26.173000 +CVE-2025-25905,0,1,2f0bb46bc8c681b87e63ee3d665b557d87946c8298bb657cbbfc40421f53ddb4,2025-06-26T18:57:43.670000 CVE-2025-25907,0,0,681ab7723c80b1301377aa811feba7528ababa2c1485001b8f2409e876bfceb2,2025-05-21T18:13:13.207000 CVE-2025-25908,0,0,a81766b666c2964fee0c02555ee0c938dc13151d974c9b24e038826f4a0a2e05,2025-06-23T20:13:31.600000 CVE-2025-2591,0,0,ee87141e12ee943e529b8bb384fb8bdb2408b45f9dddbdaf93fe6f79882786ad,2025-03-21T14:15:16.853000 @@ -290030,7 +290030,7 @@ CVE-2025-27581,0,0,010725d7ecbfe0dd212b958a3a5bd2c7e9f3630c39f4e0964f9540d000321 CVE-2025-27583,0,0,0323a5ab9427edc3fc5fcf52b07bbd68cd541b31029bf0b1077e85dabad17762,2025-03-05T17:15:16.693000 CVE-2025-27584,0,0,f03e6726bedccad19322a88f13d717b29a57c1713f548b043d4f11c0c134f427,2025-03-04T17:15:20.527000 CVE-2025-27585,0,0,720b68d2eda984711942f08d1f5d1c3e9ff08ec0907ec239e78ca92044ae9f6a,2025-03-04T17:15:20.690000 -CVE-2025-27587,0,1,c6b99f6544f7fddd6a84845f540214401821374f565d374449096dc905b663ad,2025-06-26T17:15:30.497000 +CVE-2025-27587,0,0,c6b99f6544f7fddd6a84845f540214401821374f565d374449096dc905b663ad,2025-06-26T17:15:30.497000 CVE-2025-2759,0,0,6df40746bca0a076cfdd89fceb7edae074243de43f4b4548050e4f6a4f49b153,2025-05-23T15:55:02.040000 CVE-2025-27590,0,0,967f795bd4c85a7326c3accbc97af4e437c14d446f9275cd756d84bf07c7deb5,2025-03-10T14:01:33.053000 CVE-2025-27591,0,0,bde746d629d3275aa4bd9bd60b4521aac06adacde1e58fa17d924514d9ced6d1,2025-03-21T21:15:36.737000 @@ -290235,8 +290235,8 @@ CVE-2025-27823,0,0,ae3d83d8b696c6651ddc09be1ef36d15fa5d89a5eeb42b0a2ba26ad0db25f CVE-2025-27824,0,0,2d002361cc885b5990daf4c3973db9ef130ec1a7bfde36407db01c4a68cfa628,2025-03-07T22:15:38.220000 CVE-2025-27825,0,0,204298b7de8459d92cd5ca573fe552fd0eb50c7361c94c6261df8c437005a654,2025-03-07T22:15:38.380000 CVE-2025-27826,0,0,1af8c747c5098697d6723ab302d54ea95cbfca134be905c245ce43480244837e,2025-03-07T22:15:38.527000 -CVE-2025-27827,0,0,5b3ba326fa4303e1f16d5e10eab4ee203d2f4b406490542503a551359ca434e6,2025-06-24T15:15:23 -CVE-2025-27828,0,0,dba5fd6802450b24a8c6dc40028328c85e74ec93354031d5ad5d4eefc139c69a,2025-06-24T15:15:23.267000 +CVE-2025-27827,0,1,017dfc867367f5ce78c47195f8b810cf9588ea1a55e4fc71a5639adf358b3609,2025-06-26T18:58:14.280000 +CVE-2025-27828,0,1,ab98f8882f22e6087f0fdb45fe6d50146a5dc189aadcec0e72eed22f34bfd0c0,2025-06-26T18:58:14.280000 CVE-2025-27829,0,0,9ae86cabd1b5a8793e47645f5ed6e4bec7bf508d33296df63c4497b12aa63bd8,2025-04-14T18:15:28.697000 CVE-2025-2783,0,0,cac125e06bdfcf5101179da397d83671a8e22970d5207dd362f2ac73d6465a33,2025-03-28T01:00:02.260000 CVE-2025-27830,0,0,da10ce085c8af9893377a339d8c2cf0db7181ab295e76a10e0b8a5e6254179ce,2025-04-01T16:44:47.883000 @@ -290398,7 +290398,7 @@ CVE-2025-28253,0,0,0f48ac5a4456a4d9cddb64e8619772b132895c7269a2c8d0b95ac55f00e8e CVE-2025-28254,0,0,c097372640e42ad56d3f680e0895f3984d33f75010de2acc8d7dea3b37a08a9e,2025-04-07T14:42:18 CVE-2025-28256,0,0,c16943b644cdad0f362ff940632bf3b431153c240410202f1016e53c5c3bd875,2025-04-14T17:06:52.373000 CVE-2025-2826,0,0,73d45c19b2e4c3bc4d80772bd5509ff4acb0a98a2510975df320963b1c203a94,2025-05-28T15:01:30.720000 -CVE-2025-2828,0,0,5dcd8fb6602d0a5a28886880344c032e2bbe46511d3d7578cfc919bbf94a1b7a,2025-06-24T14:15:28.490000 +CVE-2025-2828,0,1,7a1e0b9fa1d49b88ef9c091c576dad9127c3b06f0c12c9b72668f212f8f56a4b,2025-06-26T18:58:14.280000 CVE-2025-2829,0,0,059a0cf4c937544428f8f9992f350ccef1c580a6c89e3bad6c17d91e38c4aa72,2025-04-08T18:13:53.347000 CVE-2025-2830,0,0,44fbd6035d3d2cc03539fdc4859074e0483d9335c2d68a4a16795d3b39b2fa35,2025-06-18T13:37:00.120000 CVE-2025-2831,0,0,b84154d9a7200c34454fa9b25d7562fdd5779d7106c4ee6e9588212eed85834a,2025-04-11T17:00:07.067000 @@ -290706,7 +290706,7 @@ CVE-2025-29315,0,0,f907f053863754eafc89ac11a469f54443f6b549eee8182288b1596f75ccb CVE-2025-29316,0,0,edbfef5d2b6ba20f5ddacf4404f4ebf4c89ebe5fca32750f4069bf616e710afc,2025-05-05T18:15:41.723000 CVE-2025-29322,0,0,2d154ec4512c8c4d705799afa2ea73c17ca8f22a9dcc44f2fe16f737f7f4c5a2,2025-04-08T19:15:48.650000 CVE-2025-2933,0,0,d2bf8266af3293189f2fc83d9c7224df7d9162ddc33d6ffbeb12c1b55081638f,2025-04-07T14:17:50.220000 -CVE-2025-29331,0,1,f0dcafb3ed78607ac3045ba7d382bd813392e80d643543a468e881da18e7a32b,2025-06-26T16:15:26.300000 +CVE-2025-29331,0,1,ff4bf30af6256a3d3fc44e51c91da0db8b95fba45c76b4cf71ca3b325283f387,2025-06-26T18:57:43.670000 CVE-2025-29339,0,0,3c8767e6fc1c7537f5abbed85f26508361863e04ceb6434ef3e14faf20c7a82c,2025-06-19T00:23:24.013000 CVE-2025-2935,0,0,7b37cfe809822a560bb0e6dbeb565e9e50c614feb77ac7a6501335760c490b55,2025-06-06T14:07:28.330000 CVE-2025-29357,0,0,eb014a723aa009227f0255b17dfaab32ae69c018e0a2e5c6777057d80a0cac3f,2025-04-02T20:33:45.110000 @@ -290717,7 +290717,7 @@ CVE-2025-29361,0,0,322d7e70dc3e8f2579651f6679eed85d5f370c246041794c07b65fd900fbc CVE-2025-29362,0,0,bfa31cd4a124a26307870a9d9d6babd629424e91f3b6053b6d28204c0f159dc2,2025-04-02T20:32:43.517000 CVE-2025-29363,0,0,e4ec5828630e799155852bea28251ca1beffb9188dcb723ce7aa88f673368bc6,2025-04-02T20:32:36.053000 CVE-2025-29369,0,0,a98d3392b40832da04fc0e1b68fdd18273f24fb7f63efeafb19e7b1083ec0464,2025-04-22T15:20:07.247000 -CVE-2025-2938,0,0,c69e3b007ecc795bca6d7adc14691ed1def4b88083852bbfa34dd3b18d536f93,2025-06-26T06:15:22.980000 +CVE-2025-2938,0,1,c7d0a2ad75339eab122f9248056408670dda7f4d299f1d51aabc7f08c62e64ab,2025-06-26T18:57:43.670000 CVE-2025-29384,0,0,14456271181d2a6b38eac63454e7d903bdeae2563e5fc51ec6c8692dd53ec951,2025-03-19T19:15:49.133000 CVE-2025-29385,0,0,f60ee6091bef3db2d6081e2edd6e0a4a37d7ecd5c70fcec7c258e2d44478f256,2025-03-19T19:15:49.280000 CVE-2025-29386,0,0,f142ce16dea374d9a9926fc7db0f8c42e7cb63baff73e2c1cd84f28fd5ff529e,2025-03-19T19:15:49.423000 @@ -290805,7 +290805,7 @@ CVE-2025-29594,0,0,2f622bba8fdc6dc52fbb1c6d9cffd703149b20ba0389fb0df41fe5a0ef1ab CVE-2025-2960,0,0,e6638852c7dc5cb172f70523a23341e1d731eae62801514a81456c069a22e1b8,2025-04-15T18:28:01.283000 CVE-2025-29602,0,0,4fd178ff4781bafd4969f1e7b75fa655e8706b4619b3c93d994d5a9dda7b0878,2025-06-16T19:38:20.027000 CVE-2025-2961,0,0,99a9282acf76e32af58efa1bac54403a0a08178dfa00cc28168e32b8a53d8a08,2025-04-01T20:26:30.593000 -CVE-2025-2962,0,0,ff2e47e7c969c4a58132f6606e8d8acd71e955fef27f5a87dc0a3c3dd6c0f969,2025-06-24T06:15:21.343000 +CVE-2025-2962,0,1,ef009ed6caf7e9d6fcca54cf5bb32c9f47ea707f85f0d1ab3baddfb09f969191,2025-06-26T18:58:14.280000 CVE-2025-29621,0,0,ec760c23d2fabb446e49014ccdde725978a4daf486cfc90bdb12f94c16193f54,2025-04-23T14:08:13.383000 CVE-2025-29625,0,0,73b26f97a6b8558decaf6eed0f9b13ba9f48d01d2b9e64d5af7431112d3efd8e,2025-04-21T14:23:45.950000 CVE-2025-29627,0,0,f969e8270b331deaebee568722d538ad4623491af011f70293514741db585825,2025-06-12T16:06:47.857000 @@ -291101,7 +291101,7 @@ CVE-2025-30118,0,0,63bb6fe6df661494db5327da07bd867838234c34a82e4f268cbe5bdf2fffb CVE-2025-30122,0,0,c1d95302660e92c024ec5fc6b6a580530031934f019c4b2b9b52ef0f1377e16a,2025-03-21T14:15:17.523000 CVE-2025-30123,0,0,2971729320ad92fd03f998696461ed7cc92e08495aa1f702cd91222eaa49f43d,2025-03-21T18:15:39.737000 CVE-2025-3013,0,0,2510a4bfa4128f19ce6014fbf27f574c71d4567996b6fa0082d5c4fc5dc4cae3,2025-04-01T20:26:30.593000 -CVE-2025-30131,1,1,b1d711e5bc5a7f8880f2541968e1014cbf97c89343c6d4d34427146d26bf6218,2025-06-26T17:15:30.743000 +CVE-2025-30131,0,1,31bde7cb930be1a41afa258aeb1cc7cd9e954e3698678cb1bc4190306a440df6,2025-06-26T18:57:43.670000 CVE-2025-30132,0,0,6dd8c4b2ac9edac69820a35ebc388d786aab74afcd8113c3b2124d47b6d5313e,2025-03-21T14:15:17.687000 CVE-2025-30137,0,0,098aef1c3a2b56ae0bd3f7cd4c3ba2daa5151c1c497ad5404ed49f32de8e9e0d,2025-03-25T17:16:24.817000 CVE-2025-30138,0,0,83aa1d57612a741bf6f8d83571e5eab154debd0cec6fc852bdac2ca81686a43b,2025-03-25T17:16:25.520000 @@ -291576,13 +291576,13 @@ CVE-2025-30699,0,0,f030dd8270b9fc3dfc06c32b248acf4c2faa464f98425825af3c08a0c0e96 CVE-2025-3070,0,0,a7956d0e93eb599b6cd73f2cfc24da6544c999271b27f11675990b198ceb0374,2025-04-07T13:28:06.423000 CVE-2025-30700,0,0,a01d95f946748263f1548eadad23a59477d1bc30091626eb0c6e321690ea0f6e,2025-04-21T19:26:03.440000 CVE-2025-30701,0,0,db0d4fd74bfb65cd860977cae172590df88e266119503530ad547a0793d58b38,2025-04-21T19:26:34.843000 -CVE-2025-30702,0,0,fbbb3529125ee7f480b561c7f625e65fd79b1b002116c7b940e7a2947e594f97,2025-04-17T18:15:50.330000 +CVE-2025-30702,0,1,ede9e29fc67f3e0fdbfd3c8c0588f646e4645d5badc2ad068cac12d45ef04f35,2025-06-26T19:14:33.750000 CVE-2025-30703,0,0,966af9b24f767bf817a33345dd6e9146b41980ca6375ae05f2dfbaf1486bb655,2025-04-21T20:17:32.960000 CVE-2025-30704,0,0,2a8f16db7a5f6aa54bbeaf2cc9137c8a854fb907cd69d234620a2641ce4ce6c3,2025-04-21T20:17:37.910000 CVE-2025-30705,0,0,f215bc8892fc3a1d1806fda2babb71e88620a652c8cd97b6b5e1798fbbd48ac8,2025-04-21T20:05:18.383000 CVE-2025-30706,0,0,f2e4ec2ab282a2f8d4a2da03ca431fea767de2536a022b3fab101834893a1755,2025-04-21T19:27:55.310000 CVE-2025-30707,0,0,44ed5b4bee6965a595e44734a933c5964b64daa04e92e2e26a26018a27b3410b,2025-04-21T19:28:08.797000 -CVE-2025-30708,0,0,05c8b5119bf9fc974d02e87362473439de332bab90aaa49cca7d98085127a277,2025-04-17T18:15:50.460000 +CVE-2025-30708,0,1,080b203f32265ec599641675e14b10fe959c8487bc259e88fd30996b387ddb98,2025-06-26T18:57:46.120000 CVE-2025-30709,0,0,f3c40483fac072901ca97ad029535e702497499fd8805422e6c7fd89991415c6,2025-04-21T20:04:56.517000 CVE-2025-3071,0,0,d39f67730c425b5f5b99adfbc6951a4e62f1e8ef78cc995b7e84ea38ca372723,2025-04-21T20:48:25.733000 CVE-2025-30710,0,0,dbdaef19e8e80425d058f5d23e62a904064b2000f56669985af86199f266cb69,2025-04-21T20:08:35.023000 @@ -291764,7 +291764,7 @@ CVE-2025-30896,0,0,8728a6521ef1a0c795e9da38f41a255c324d53449cb01c259dde3c916bf20 CVE-2025-30897,0,0,a17fa70fd152eac513bca9016d952476b5a5b72feb533d74a657916c7ba00fd4,2025-06-09T19:18:55.140000 CVE-2025-30898,0,0,322d192cedb82806acd3a2f77289969ccd2c366bf8e398c0df801a2354305a4c,2025-03-27T16:45:12.210000 CVE-2025-30899,0,0,73016cbbda013097d3b01f02dcd2534e5ebb1bc3ba59e10ee481e1fcf5abed17,2025-03-27T16:45:12.210000 -CVE-2025-3090,0,0,538ef362447932803f81095557aa2ed9316fcecfcd55987c29c07d85bfdb1a69,2025-06-24T08:15:23.110000 +CVE-2025-3090,0,1,9c89229b8ec050b56ed47e75700efdc66e467122152d552cc3489dc5aa638910,2025-06-26T18:58:14.280000 CVE-2025-30900,0,0,a614192b4026cc4688874a3842501877f3bd90326aa62e5e1a319d29a474d4c5,2025-03-27T16:45:12.210000 CVE-2025-30901,0,0,d44b1676d3b3f75f6fec17a87a777e7bf68e628cfdbffdece1d18c8686fa84cd,2025-04-01T20:26:11.547000 CVE-2025-30902,0,0,9d4f561ef5e842a66a009ee1ebea03b01bcb47a9c6a614d5ab4fc5ac573b2117,2025-04-01T20:26:11.547000 @@ -291775,7 +291775,7 @@ CVE-2025-30906,0,0,bfedb627274aa8b9f0732f272cd39734251b3e80595c032124d1d75f755bd CVE-2025-30907,0,0,ab215138d6596b15037ec7b716f7a04cccd3c1fc43ceabe8e846d9a3644b806f,2025-03-27T16:45:12.210000 CVE-2025-30908,0,0,9b276b0c034acb2fea666f449773804545d4ecbec8d488d820b5f5566b3d4b5e,2025-04-07T14:18:34.453000 CVE-2025-30909,0,0,d25dbbefda6b252a2ba0c68cef8dd6e47d4e0e87574e1cf430b007aa59f10888,2025-03-27T16:45:12.210000 -CVE-2025-3091,0,0,928dacca376f82aed3e64276649bfde88dd40245f8c9f936dfffc0f16d1c254e,2025-06-24T09:15:25.190000 +CVE-2025-3091,0,1,736d9e4485b718335290be43f5b2609defd1a3c2aecca700e04a2becc432281b,2025-06-26T18:58:14.280000 CVE-2025-30910,0,0,16c1c60d3eeaf5436df2566d15920eed1ae357bbb4888adeb3690958a4783218,2025-04-01T20:26:11.547000 CVE-2025-30911,0,0,fd1209080c16944fadf23cbbe36a25662222585c121fccd1af2f9ba2c8c9d124,2025-04-01T20:26:11.547000 CVE-2025-30912,0,0,fca46532d8975bb3997b3b5ef36e67af4b3247382151c6e6da33c3bcd4495c5a,2025-03-27T16:45:12.210000 @@ -291786,7 +291786,7 @@ CVE-2025-30916,0,0,67962284e46acdf1fc92cd89be3f0f0a6e58e129d24a7def6ba505045ebf3 CVE-2025-30917,0,0,21d9c643ac11015461a07dc23f3a237b94855c30cb31324e3a617b89431047e6,2025-04-01T20:26:11.547000 CVE-2025-30918,0,0,957a7a0a1c0b4cffefaca20fa9b9595ccfd2697210a0fab47da603b7cb716787,2025-03-27T16:45:12.210000 CVE-2025-30919,0,0,6f14544f37a1764de5c28c68ff26f4c3193600030d68c49cbbb4ef867f1a1d6a,2025-03-27T16:45:12.210000 -CVE-2025-3092,0,0,4620b04d256ca5582aca31d5bab2d08f5a15f259698a7080cb658c7e2e8590dc,2025-06-24T09:15:25.407000 +CVE-2025-3092,0,1,3e9cdfad16ef9c248898ee445ba130f6e609a09d2d57906b3b1d437f9dc05372,2025-06-26T18:58:14.280000 CVE-2025-30920,0,0,67b52e8625e5f13c5e3105ca98f049b13c07f1eaf4ace7c6d45af6672ce9ddae,2025-03-27T16:45:12.210000 CVE-2025-30921,0,0,0f49c6a76231945cfa45ff97ac30f85385ce79f7b853b4f89aa238944aeb0521,2025-03-27T16:45:12.210000 CVE-2025-30922,0,0,9ff4dd0946f44b4c7c54a61d5993f66f06f3cb56f15e96b4e5bc278cdcc10d45,2025-03-27T16:45:12.210000 @@ -293371,7 +293371,7 @@ CVE-2025-32784,0,0,f07e1bae891c8076c2e74beba24dfa0a792bdc8c6b542f23984d9697f06bd CVE-2025-32787,0,0,8a246667f42b8c93bdf6ea46fc5b0e98103cc9f313dbb1cf2d73b44e0183e974,2025-04-17T20:21:48.243000 CVE-2025-32788,0,0,cebc5cd0039e46d666bc72b974aa2129ecda5527e4c21f72222322773942a165,2025-04-23T14:08:13.383000 CVE-2025-32789,0,0,15497d5966ffa6957462c2b50b8826e589c0a55241d8772e97d18438454b376f,2025-06-18T13:08:03.067000 -CVE-2025-3279,0,0,dcf47f9138f5709c9a43ce647dce4d46cbf8033f3c15219f39c5ad576bd53517,2025-06-26T06:15:23.307000 +CVE-2025-3279,0,1,063460257446f5b0ff36e5be44afcbd793b5428938d25a5f43c92f30677ae5f9,2025-06-26T18:57:43.670000 CVE-2025-32790,0,0,ad704aba084f587745e00b79fe34454c0424370ee4217d2aeeeb26c85bddfc96,2025-06-19T00:36:04.717000 CVE-2025-32791,0,0,7bfb43a10b9eb50667be3773a3b4fe4844fac126ca4c8485005211a087def8c1,2025-04-17T20:21:48.243000 CVE-2025-32792,0,0,5617465372754753e6f838bd9a5e8e1789ad8b344ec076ba7e3dadb68ae93bcb,2025-04-21T14:23:45.950000 @@ -293543,10 +293543,10 @@ CVE-2025-32971,0,0,5487e79975fb0abb9378187756241a4603127b98b0de118af3bf155fc0457 CVE-2025-32972,0,0,f920511713bca3379924622d60cbe669c2136f54d45d25f9a06a402b14d9c31a,2025-05-13T15:05:07.237000 CVE-2025-32973,0,0,f240c0c82a1f9443b1a09de6c7f01c454aa45175be7a1efc3f550e2af9ed0e46,2025-05-13T14:58:48.890000 CVE-2025-32974,0,0,212ebce768fe1e6e3809501bd5b1c16e6076b1bd5655a4578512b867f7767f49,2025-05-13T14:55:03.707000 -CVE-2025-32975,0,0,d407c389f501a62ed1abc8ff0569ea2244d7e6c665fd13048e07cb0b7ab5ca77,2025-06-24T15:15:23.710000 -CVE-2025-32976,0,0,5db90f5126cf90069bf57fa265fcacb3dac0bdcb0e066f04a980a6af89b04ac1,2025-06-24T16:15:26.930000 -CVE-2025-32977,0,0,636e65234014fe9ce99deefc49b4066edbec4880a58263af1e963d32340e786f,2025-06-24T15:15:24.063000 -CVE-2025-32978,0,0,77a786818286aff3233be916932d06ae584781a8e48fdca955b071b9bf67c519,2025-06-24T15:15:24.260000 +CVE-2025-32975,0,1,96f89e5156db2af4a9b04e5eec073f27dad8d3c963175f2829f7a546868193ae,2025-06-26T18:58:14.280000 +CVE-2025-32976,0,1,62a871ed922904f08a3b5242c07f806aa7815842c71f4df0d54d62fb676bf5bc,2025-06-26T18:58:14.280000 +CVE-2025-32977,0,1,46b0152574462200c5195c74646309a6ac82c1e7d44bb61638eff161d9b538bf,2025-06-26T18:58:14.280000 +CVE-2025-32978,0,1,4cb3d24542c3c7c4886c8d2867b8a1ff9373c5c088db7cfcaecad8fb9f7962ab,2025-06-26T18:58:14.280000 CVE-2025-32979,0,0,64a29053417365e3bc807f310a7262b7a642ecb58a326e442c57ce048a184d74,2025-05-27T16:58:18.660000 CVE-2025-3298,0,0,42b3c11a03b3e330acf149137409814de4838d8396b46617a725d88596b9ad1f,2025-04-08T16:49:00.290000 CVE-2025-32980,0,0,ecd87f951455efbd2f051fc9c63fa88d716a4beefc941d871df4d77e37aa2f94,2025-05-09T17:15:51.220000 @@ -293714,26 +293714,26 @@ CVE-2025-34028,0,0,5921097810a177c4353bfac19f550e88ddb782dc2bdfd50f1c119b90d9521 CVE-2025-34029,0,0,fce8cf00dbe90f2e2f66f959940597018af6c7d9b991eb3c7e5416bdc6367309,2025-06-23T20:16:21.633000 CVE-2025-3403,0,0,5499ba1d1841e737df5ef1f2a2d32505df727eeda279da8a9f0ff20d660ca6b7,2025-04-08T19:15:53.387000 CVE-2025-34030,0,0,f524795d494d41af1abb43d588204e0e445079de2112dc398bcbfb7219de5267,2025-06-23T20:16:21.633000 -CVE-2025-34031,0,0,a70b5aedc0e75dc07fbfcf927e0e2e646dcc463d3cc18aab8a00fbe9c96636cd,2025-06-25T13:15:25.270000 -CVE-2025-34032,0,0,54f585644bc2d51f1157260f719a9ce5b0b0b0896326102d01601023e62f0c22,2025-06-25T13:15:25.400000 -CVE-2025-34033,0,0,50da276360d9ac4942dc1b6769de57a8ae85ead868e492e6b65f0fba53e99f21,2025-06-24T22:15:21.157000 -CVE-2025-34034,0,0,ff7757f528c677e8f5c6a1f05e94cc315c3dfd0881d802972ab4b91369b66bf5,2025-06-24T22:15:22.230000 -CVE-2025-34035,0,0,875b7d990fc0620b461d78bcd5eb0a7cc37310985a6cc30d439b019a31ebffaa,2025-06-24T14:15:28.820000 -CVE-2025-34036,0,0,bf1ed7abf4ceff89d0043a51f6a47cfdcefc55033dd2180ec67b70376832b568,2025-06-24T14:15:28.953000 -CVE-2025-34037,0,0,57a7e6a6846827b91b7736feffed008814a2f3414dc595a6f1c81aa1a94cc3f7,2025-06-24T03:15:33.400000 -CVE-2025-34038,0,0,d6d8009e58294a673d7d0c556296273a5a5d83087c8fbf680e06184934d5f96d,2025-06-24T03:15:33.507000 -CVE-2025-34039,0,0,33065581e59fb510332e7c56f1b2c71b818ba8cafc063bc369ac3087f87d0806,2025-06-24T02:15:22.540000 +CVE-2025-34031,0,1,42eae276d28f6e8cdb3e1c074c195ff0382b999b379fe2ef380f2aabab925be6,2025-06-26T18:58:14.280000 +CVE-2025-34032,0,1,c2cc08f6abe0d2664e41581b6ebc91c5a40d2f8bc7bf2fab4f68a8732bfd7071,2025-06-26T18:58:14.280000 +CVE-2025-34033,0,1,58b889054868ed60fa5edf69120f1e3c7dc3437cddacdf2fb4292f63083f78b5,2025-06-26T18:58:14.280000 +CVE-2025-34034,0,1,044207644358bdff3bed9b0d2fec7385a7efe132c3ffa7f2b98b94c3fcaa7936,2025-06-26T18:58:14.280000 +CVE-2025-34035,0,1,f29eb7cfcae17b096be5c9c475cf2a8599efc93e6023bac869c68aa47c9d6818,2025-06-26T18:58:14.280000 +CVE-2025-34036,0,1,ee546b58e934e794133f5fcbd1b343bfc1edbd531ab2b40b87de1db87e28652a,2025-06-26T18:58:14.280000 +CVE-2025-34037,0,1,ba68cbd0aaaa816a85f95a6db57b79917bf8b30a35763adfdecd132d5fc803a6,2025-06-26T18:58:14.280000 +CVE-2025-34038,0,1,1fec02d8b2b2ce991798b4e6db11272f33a4ae80ea51f315e1450036dfe2049d,2025-06-26T18:58:14.280000 +CVE-2025-34039,0,1,d7e3b0c53712864b737d929e2e2a4fccbda173de54bc50f6e6f1931f3e90535d,2025-06-26T18:58:14.280000 CVE-2025-3404,0,0,3995b7b57c7d03bbf3188d8b6d9621100ea7b4d3b13f0d6dea5824ed5e0cab26,2025-04-21T14:23:45.950000 -CVE-2025-34040,0,0,ab246a583bbce961c122b7ec2fd5e7d841d24372c199b5859888943ef451ba8c,2025-06-24T02:15:22.673000 -CVE-2025-34041,0,0,e333513a767b39341f0e963179ee4f68eb159feea05cdd92f7bde27fcf9c7f8e,2025-06-24T02:15:22.820000 -CVE-2025-34042,1,1,d20727cc5b2bb0c6eafe3acf0e9b3010f1e115ce6353a40e1b67ca9e0345f947,2025-06-26T16:15:27.197000 -CVE-2025-34043,1,1,2d52dc77b648f719e27a78df4526fabfd1605635b55d1e414e3a580581822b47,2025-06-26T16:15:27.490000 -CVE-2025-34044,1,1,61b0d8cbede6c09108fbcf061fbd9b1e1b1033a09b76a5ddb42e6f0c6ebb1cbf,2025-06-26T16:15:27.670000 -CVE-2025-34045,1,1,bdffae3e20819f31c6479e777ee416fa283252727997eafa39503deb0035979c,2025-06-26T16:15:27.830000 -CVE-2025-34046,1,1,a89bf47e439d8bac18bdb4fc3ea0a63a7d36ebf35b34b383c0d58e384233425a,2025-06-26T16:15:27.987000 -CVE-2025-34047,1,1,61599c27ad1cedde5912fc00280e94b8abdd593a18efcdf70850d91f3531b35b,2025-06-26T16:15:28.140000 -CVE-2025-34048,1,1,a99314b47e1847b71167564fe1b15301e09472e3491da33d720fb72f3599e9b1,2025-06-26T16:15:28.273000 -CVE-2025-34049,1,1,695487e5839753bec655c0e5b29d345d03fbf9083f010851dd27893be026d554,2025-06-26T16:15:28.413000 +CVE-2025-34040,0,1,867edbbe497de16f64e37536d7d53315853763630fcc5de61bebf9e8390b65aa,2025-06-26T18:58:14.280000 +CVE-2025-34041,0,1,13647f03a6aec7f27c804209341c968e99df282f6a2a483efcd33d8b19d000a1,2025-06-26T18:58:14.280000 +CVE-2025-34042,0,1,58cbfdcead119dc56f8eb6bf9112a062cb93440ba668162a3aef1507d6609d4c,2025-06-26T18:57:43.670000 +CVE-2025-34043,0,1,64f83e4a057efd34c491d1469d1cff369af1fffa4099ecc0d948cedd6cb93793,2025-06-26T18:57:43.670000 +CVE-2025-34044,0,1,3889d58fc010a364759a07d5ad46dd89139171d2ac3e6d615c00108d8a0c3626,2025-06-26T18:57:43.670000 +CVE-2025-34045,0,1,1f0e98fad93513f03e53017a801103966c0aed750f00d2e198858dba735a4629,2025-06-26T18:57:43.670000 +CVE-2025-34046,0,1,027819da898f115550fb72405816c67364ecc1b0a2bf2731de873fbeba531cee,2025-06-26T18:57:43.670000 +CVE-2025-34047,0,1,b035599c3e3f8c26828de7feaeda006ed3c693905a42ae22d6006687d9e418da,2025-06-26T18:57:43.670000 +CVE-2025-34048,0,1,9374c82e47ceeb42bb1b256a5a3e9760ec20fce6b7fdab9d6c2f6d4e4eaef708,2025-06-26T18:57:43.670000 +CVE-2025-34049,0,1,9c2cb55030e88f288bd29c55c5e1c06b33c656f7ff356b27125671803f3ed8dd,2025-06-26T18:57:43.670000 CVE-2025-3405,0,0,a31287bf487edd9888ccf3a2cc660111ad412bcd7d306362616791fdc35de9e0,2025-04-08T18:13:53.347000 CVE-2025-3406,0,0,7ba1ebe9a4174ed6e20c2f4fe1e75a4864d330055141a3dcb596eb92ec7fbc3a,2025-04-08T18:13:53.347000 CVE-2025-3407,0,0,e5cceac7b7d945db6bab90635fdc2ec04fc23eea7f5eaa5ff6a3dce8910502a2,2025-04-08T18:13:53.347000 @@ -293888,9 +293888,9 @@ CVE-2025-3564,0,0,7a5c0cec7bb52465514d32d748ca1edf7cd44f783fc866a939fe016c3a988a CVE-2025-3565,0,0,55fbc04d69a554618d974fc58b3c79764980a4038814c5d2c0344c66f7acaa80,2025-05-21T19:58:28.663000 CVE-2025-3566,0,0,cc368f59c733d76a6e106315b1595a006aad2387d4d9b77c16ff665725d4bf23,2025-04-15T18:39:27.967000 CVE-2025-3567,0,0,8bda0f27cf43920e306156a22ceda2d1c37b4dd6c395b917f7bbbe189c540c69,2025-04-15T18:39:27.967000 -CVE-2025-3568,0,0,0692d692ca353a4d199fa640e653711195fe20c6d7c31e94f5e95b3c5dc66993,2025-04-15T18:39:27.967000 +CVE-2025-3568,0,1,0c874f1085b12fcd1e65e32be9a1d7fccbb1fced5d69119f1bf387c1e50655bf,2025-06-26T19:21:05.930000 CVE-2025-3569,0,0,eaea60455688a211ea5baaf831058cdaef50cf74a085fcd92236b44f65f7120b,2025-04-15T18:39:27.967000 -CVE-2025-3570,0,0,c274186b312732bd74b85c0d90497b94d51408512cdbdb77e83278dcaf75b590,2025-04-15T18:39:27.967000 +CVE-2025-3570,0,1,3da237cf082fec0c427e03745e80b895f39eaf36b9c4018d63b9640c1ae67de4,2025-06-26T19:13:15.840000 CVE-2025-3571,0,0,cb1fc9eedbcf14c05e5b2cbf0d0a1b12b61f076a383ed1d43c1c47b3366d13fd,2025-04-15T18:39:27.967000 CVE-2025-3572,0,0,85452ae8a7fdcd086072bc1a78d977cf0bc1d5dd6fa9f5553989fa8c8fb7fdfb,2025-04-15T18:39:27.967000 CVE-2025-3573,0,0,095399568374006bc1e93d539eebcb743d7cc965cdc4a121e4480938fddae558,2025-04-15T18:39:27.967000 @@ -293926,12 +293926,12 @@ CVE-2025-3599,0,0,50511407f557708506d42c82ca157e4b27ffcaf91e7ac0f0029a3b3d58f00d CVE-2025-35995,0,0,a590f4d82a5b6a6ddf49e3e9ff3fcb9f7ad4db6e56f789349ace8583f960ea2e,2025-05-08T14:39:09.683000 CVE-2025-35996,0,0,a68f8bf3039aca0fabffa5365ae47dde1016d171f7f66e0132baceb8c4b864b9,2025-05-02T13:52:51.693000 CVE-2025-3600,0,0,7cb206206065fd210a153f067dfc260287fb233b025f8a59e4c30ab1efc7f613,2025-05-16T14:43:56.797000 -CVE-2025-36004,0,0,9607d479475c4db7f6c6570a9fe36d71d16713a1fc60b5c59ba5c3e48b0a3bb4,2025-06-25T03:15:27.687000 +CVE-2025-36004,0,1,0a01f92ec8ed981f105aaa2da46bf8f144b50e5b88bce227ac7752c1ea333d5a,2025-06-26T18:58:14.280000 CVE-2025-36016,0,0,af37919821fdd574b942ee9d20d1ecfb430b58097892e9a643523ecf7010f2dd,2025-06-23T20:16:21.633000 CVE-2025-3602,0,0,9dae34871a5aa21ddbebfa01b8417ba4c26394066febdada550c394e6505596c,2025-06-17T20:50:23.507000 CVE-2025-3603,0,0,8fc219493265409dea0354ed582a157fa1e4783601045e446f4ea74d7c8f20d5,2025-04-29T13:52:47.470000 -CVE-2025-36034,1,1,8ee05398fa6f54dc6754d1c9d8d0e677baeba0ca01e3ed805653c53e6b9b6357,2025-06-26T16:15:28.567000 -CVE-2025-36038,0,0,e4c8aeae6367e00384d7c03d87fbf7b5baef8a8ffd1e7742fe5bb589d5599466,2025-06-25T21:15:20.447000 +CVE-2025-36034,0,1,5f80e07bb6b6aa33326dfbddb0719aec9c1bd787d83fbe31e1057c24f1dca868,2025-06-26T18:57:43.670000 +CVE-2025-36038,0,1,69f5fd3e4201273cba0430f9128c4aa6d52d10299a08efd70de0ef7f659c2821,2025-06-26T18:57:43.670000 CVE-2025-3604,0,0,07d89cc421108391d0d00a1dbe62611cc85596ef2f0a6ad665200edb2fc067bb,2025-04-29T13:52:47.470000 CVE-2025-36041,0,0,11b57158081d8cfc9ecc1117a15361007f166439f866b0246174b70d871a2d46,2025-06-16T12:32:18.840000 CVE-2025-36048,0,0,48d28565b5a5dac8864125e4e10278da8c90f89c017b04d11826768d7560018f,2025-06-23T20:16:59.783000 @@ -293977,13 +293977,13 @@ CVE-2025-36504,0,0,30afeffa7b8ef5e478f29856811f9be90f1ece9e22dbe373c856a36c84249 CVE-2025-36506,0,0,8e1d82c4693df84b708505ea767f870e37a12974d36fbc872c838daf3feb81a6,2025-06-16T12:32:18.840000 CVE-2025-3651,0,0,30e087cb1671b81c1bf0c1d2a4d51e77f706a32948b7aa67dbe7688506dce698,2025-04-17T20:21:48.243000 CVE-2025-36513,0,0,40997ded6ccfa9f42a498c7fa3aba63677e185863eb779042a0e6b33a18b51a9,2025-06-06T14:07:28.330000 -CVE-2025-36519,0,0,e5e85c39c3e76c38e3db2ccd462df49e447043b099ed62159f99070f02ea7fd3,2025-06-24T05:15:23.030000 +CVE-2025-36519,0,1,3a4d6f4137f15e2668d747832a5e9059e9f4241d7c90d7835bd0ba19f6e7da32,2025-06-26T18:58:14.280000 CVE-2025-36521,0,0,76dbe5c9e005eebc45d03f4e270884a68d88e62c1e707e433be80dfc20224dd6,2025-05-02T13:52:51.693000 CVE-2025-36525,0,0,304058dc6057ec0d8f22d43f92f7c943e71e5e18bc158b199ea34013a3ed45ac,2025-05-08T14:39:09.683000 CVE-2025-36527,0,0,760bc907999d36f8a046dc03eb19c07cc3891fbdfc35cb8c53858aa720a6ac60,2025-06-16T15:15:28.320000 CVE-2025-36528,0,0,8cc5e94db4f898b6df57b60f4eabfb85cbf2d0b38d981f1163ef01852ec4f727,2025-06-16T15:14:39.797000 CVE-2025-36535,0,0,c9bb02422d586f784be4fd92873208eebb00e7be6f50c78d2e7b7d5656e18b71,2025-05-21T20:24:58.133000 -CVE-2025-36537,0,0,c478e0543e8a1d411078790b4368a99c718b87d66303edcf7e0e987edce8611f,2025-06-24T16:15:27.383000 +CVE-2025-36537,0,1,fc5a08fdfa77d0aeb87f05a014617c8ee5a221c302cbc25a3d0850b6d16caa92,2025-06-26T18:58:14.280000 CVE-2025-36539,0,0,c0894e36c5a4bf5ae06107887e6e7bc4869da6fc581815f366cc900be9ce130c,2025-06-16T12:32:18.840000 CVE-2025-36546,0,0,a3d190116ff33d28a9568351832ce70c70aecf8ab001cfb216ed0ea5695cb9ef,2025-05-08T14:39:09.683000 CVE-2025-36557,0,0,10d4b26bd4092d9203a2e113b056bea851721ed63eca24b2006dce264ace1ecf,2025-05-08T14:39:09.683000 @@ -294055,13 +294055,13 @@ CVE-2025-37095,0,0,548306b50795731dc5b60cc61287457cda97af8c1838c1288092ea043e398 CVE-2025-37096,0,0,78aa33aa6c14b79fab9fdbbfe82eac38fd3ab2a2406b66867916373e1f7d70de,2025-06-02T17:32:17.397000 CVE-2025-3710,0,0,0a7778bd78e4f22f022c252525488d49274bac6d5b6fae8773984217c6dc6eab,2025-05-28T03:15:21.150000 CVE-2025-37100,0,0,88b9ad7c7695f3a4670adb22647dcc8cbf099c03d5439646676dc63333e683a5,2025-06-12T16:06:39.330000 -CVE-2025-37101,0,0,5190415416a1d812a5125e53db8f2296977cf886cd7be9ba919bba453912ccbd,2025-06-26T06:15:23.130000 +CVE-2025-37101,0,1,611db152f3bf6fbbe88c02a9c7c1f7f719963d9f48f127e010121dc26484aa06,2025-06-26T18:57:43.670000 CVE-2025-3711,0,0,4fd34b3efb29d679fc862ba489bdc27881bacd2c43f3c49bf4be0e93fc622083,2025-05-28T03:15:22.193000 CVE-2025-3712,0,0,ea56365e47ceb44e31dafb8f72bb0d4f1a8a74a514b3fc339176f713c23eafa1,2025-05-28T03:15:22.310000 CVE-2025-3713,0,0,7e67304534c06f2079db65e532178b0781d2814a48010fdc27d2a08fd7f43f29,2025-05-28T03:15:22.430000 CVE-2025-3714,0,0,3fcd28d3a7b81c31d305f49be6e84a00b4570b4ee1caa0904bee1851b94e6d66,2025-05-28T04:15:45.850000 CVE-2025-3715,0,0,2d1d9dba7f9eff4431b265f83f4af3c259cac9ce8ddae0a96ec092e646ca8d2a,2025-05-19T13:35:20.460000 -CVE-2025-3722,0,0,02a724da708495f386d56d774a7fff7fad2857fabf6eeb6f40bb7a171eae374e,2025-06-26T11:15:26.427000 +CVE-2025-3722,0,1,6c5ee3c223e16dfc3c04eafc5be0ac04a3d8a586bbb9a23bc7a4db0291dc098e,2025-06-26T18:57:43.670000 CVE-2025-3723,0,0,477418a320dfd53a6e935f7e337452b515033da0e585c9ca76a1582be0b01b2c,2025-05-12T20:40:10.330000 CVE-2025-3724,0,0,18e69c1094bab55d0abc5efd07a77f5bb56c4db0cf848fa0037b08e463c287e2,2025-05-12T20:40:24.853000 CVE-2025-3725,0,0,1e309d1f74fab356e2cc6c357ddf51ae0df3b4f4658fe92471e09a3c56b4252c,2025-05-12T20:40:40.500000 @@ -294100,8 +294100,8 @@ CVE-2025-3766,0,0,4ab1f8c3347dd4d857f6ed47618688e65322f18fd502bb56163206717ca51a CVE-2025-3767,0,0,292444054f64728a26421e1d4abd19f40fd20bae5ef25e71c0fda7db865359ae,2025-04-23T14:08:13.383000 CVE-2025-3768,0,0,bc353dd6d519bf091c1975f4b269d3c3a4ac208a15aea53b50d1ffe54ed1e121,2025-06-05T20:12:23.777000 CVE-2025-3769,0,0,3f7372036ea22709a172464e7fa400f2a2b90380b5ac20ab94f3bbb2664582da,2025-05-16T14:43:56.797000 -CVE-2025-3771,0,0,95e82f6b128d53093aae58dd73d4b225a063cb021907ccc430643fd2956ab4e5,2025-06-26T12:15:20.883000 -CVE-2025-3773,0,0,0b163a3734810c86d51eb09801914989c0d2b228e813620cc9f21b3979a86d13,2025-06-26T12:15:21.713000 +CVE-2025-3771,0,1,f125f3c265bb87f8b9acc5b9c5fb4b804ce3529ddad5ccb15dfcccfcfce35b55,2025-06-26T18:57:43.670000 +CVE-2025-3773,0,1,466f689b34cf55a2d5d7184d05edc236830584216865fd7ef52c26ad6194e1e2,2025-06-26T18:57:43.670000 CVE-2025-37730,0,0,67e6e3825da3f11311501c243f4ff0e5cfb6a91fd935a3fdef62ae25a64429d2,2025-05-07T14:13:20.483000 CVE-2025-37738,0,0,ba1e253afea970e2d6cbcac0df377f410e996b34b809210266fb935a59d8f3ae,2025-05-02T13:53:20.943000 CVE-2025-37739,0,0,d93f652e6f780625188bc3e58a094ab90f62616b233dc5bfe99eda3073ee8767,2025-05-02T13:53:20.943000 @@ -294536,7 +294536,7 @@ CVE-2025-3859,0,0,a29a57ac270a67a8a80d7a27d65d1908e1a6341184cc826f13ca8a179d89bf CVE-2025-3860,0,0,fca8c022ec9b8f06256fbd6a7ef809d716eebdf10997075b00d5c8b65a08bd5e,2025-05-07T14:13:20.483000 CVE-2025-3861,0,0,814eb53ad48b43f5db92e3f7ea50ed6f51b228179421c817444bf02a986a6f31,2025-04-29T13:52:28.490000 CVE-2025-3862,0,0,d676afb0370748c9bc07d4c1748785041cfa500a37f539792fa3e468cbee2ce9,2025-06-04T22:57:04.867000 -CVE-2025-3863,0,0,051743fb7901f678ad274e5cad844d9f6ab749cf33ee2244323514fab760867d,2025-06-26T02:15:20.200000 +CVE-2025-3863,0,1,0f15952a520d919c54d7a8f854d70cf8da581f7ad6d9db8648077f32542ce005,2025-06-26T18:57:43.670000 CVE-2025-38637,0,0,8e0b7e01cf5cda931d029a9556a083a2937b1ed905193fce11df065c9e8763f0,2025-04-21T14:23:45.950000 CVE-2025-3864,0,0,444a554174f3a166bd8cf43652805e71b133026b842d6829548d5a78647f68f0,2025-05-28T15:01:30.720000 CVE-2025-3866,0,0,0e2c2da6f7c5d300ded32bf87bd65ab48909f1dbdb45bd4cb4a0436c226bf428,2025-04-29T13:52:28.490000 @@ -294589,11 +294589,11 @@ CVE-2025-3916,0,0,045ece3601bd5ccbedc31ea0240de6aa0afd0b9d1478dcdfa2e80b8a58fde7 CVE-2025-3917,0,0,c5171151eebd44803f90dc57bca3ca581e3f3a3b4495aa64f3e44a3933917ede,2025-05-16T14:43:26.160000 CVE-2025-3918,0,0,63b01e62f8046021d2f78807719fa3fd3623a650f7755e4a8a67c57ed80094c1,2025-05-05T20:54:19.760000 CVE-2025-3919,0,0,a87264f5c964c1b9f0e2df5faae10e0481d418f0fb1502b0ee9da33cc507ee91,2025-06-04T14:54:33.783000 -CVE-2025-39201,0,0,2a2b705d59d2db641dc13896dc38ae8450e764fe971fa82649b4efcaee535293,2025-06-24T14:15:29.090000 -CVE-2025-39202,0,0,378620856d3c2a1e2dda8cb9c122f4cdb4c98bfce82101c988da7af28b6db22c,2025-06-24T14:15:29.253000 -CVE-2025-39203,0,0,8a03c141ca6cca748bcd6d5053974606d53be79d7d4fff4e1c4a8a5351c52e71,2025-06-24T14:15:29.410000 -CVE-2025-39204,0,0,9a86a2eece1fba5610daf326fe4a9156f29d653dff3ac1a91dcf7b585fae1fb8,2025-06-24T14:15:29.553000 -CVE-2025-39205,0,0,bc324f59e73cfbf570b8d138ca8e0069cd4c714e1af6749bc77c49f6ec85acc0,2025-06-24T14:15:29.707000 +CVE-2025-39201,0,1,ac494421fef95e7246be675844d0567c84bbd09125124991a997be6495bbeb5a,2025-06-26T18:58:14.280000 +CVE-2025-39202,0,1,e4a1b79ce1102dbd814273d9c11f72b989b247a4b565087c308a3675cabe0e1b,2025-06-26T18:58:14.280000 +CVE-2025-39203,0,1,c8c71b1662e8236b6c8f7605df9f1ed02dd5c9c88a46d156bc91dee5c5d83d9f,2025-06-26T18:58:14.280000 +CVE-2025-39204,0,1,ee82c8b08b269edcfad691c33f8bc2ff88284c51181652da0eee3dab41deb541,2025-06-26T18:58:14.280000 +CVE-2025-39205,0,1,6392d3114b3e538d2c1c26e691db264015fa1245f7b5ef63a9a43d951726e0d1,2025-06-26T18:58:14.280000 CVE-2025-3921,0,0,9797fba579692252283cd90745f54a1a6a5a7131fc66f684fa524a93339f9b2c,2025-05-07T14:13:20.483000 CVE-2025-3923,0,0,ee152c7f1a42d63e1ca21cb1c49adcbe2fb8c27f05521d2bf1672c2da0c26904,2025-04-29T13:52:28.490000 CVE-2025-3924,0,0,7b87f51ca3c311667e1b7a4df04e30967e599dbb013055d4845862729654e283,2025-05-07T14:13:20.483000 @@ -295122,8 +295122,8 @@ CVE-2025-41234,0,0,bb572dbce1b43c89d5def5eaa839991a1c2f9f88699e8591ac93b3ce7a270 CVE-2025-41235,0,0,d4d8945eb1b378e0ed66f8c1428c86eda4f61188221c7cba9d8ecf68b09b94fa,2025-05-30T16:31:03.107000 CVE-2025-4124,0,0,2116d33601d18584d8ff86788e21befdf79ee067b30d9afca370ae97d0f6cb63,2025-05-16T16:56:49.807000 CVE-2025-4125,0,0,9ce360e53c445df2b459e99f4cc1a32fbf05cb06f761d7887ca2ad1edf5cdba7,2025-05-16T16:56:47.173000 -CVE-2025-41255,0,0,fd3af9508a1847c6ce241701c7f114f5ff4bcc52db094c39859a330ff2734473,2025-06-25T14:15:23.713000 -CVE-2025-41256,0,0,bcd5762fbb69bfa9af4f572169a0eaf30425bea8c3c4b31a131528cfaf946e66,2025-06-25T14:15:23.823000 +CVE-2025-41255,0,1,32ed652e78f1b50c30737507672b44a5804935019958dd77944563d6a216e9d6,2025-06-26T18:58:14.280000 +CVE-2025-41256,0,1,cedb6f0c088b2c2fff6de32054121c264c1356c72e5a09444dc9d179ee8d5242,2025-06-26T18:57:43.670000 CVE-2025-4126,0,0,c504eb8f9e35e66ea3a2e9e649e0b3ff59910e9bf49695680cf85ff18119f2ac,2025-05-16T14:43:26.160000 CVE-2025-4127,0,0,440aeef33b0470c9ce2f9d93f454f227b230a85f1c418afc74834471a41511d6,2025-06-04T22:46:00.467000 CVE-2025-4128,0,0,cbfbd23f8b9189f9d5c05298486216afcf6102f02c1375e93bdcb03aa0f43ccd,2025-06-12T16:06:20.180000 @@ -295154,7 +295154,7 @@ CVE-2025-41395,0,0,65b9e3526569f587eb1cd97410ac7325e217f46717fe2bbf0abfe0a9511ea CVE-2025-41399,0,0,7a1373417457a02ea13a0bd88541383fb57eb0536c4c4f5c68760eae861e0e0e,2025-05-08T14:39:09.683000 CVE-2025-4140,0,0,43b9abcaea3d23db237dc7c72d0e6c00daf795b98a418a742be6b246e74f9a83,2025-05-12T19:40:10.773000 CVE-2025-41403,0,0,0c92f0e4df80dec72dbfe2a9e8f380911ffb5102975f4870d6354147cda645c2,2025-06-16T15:15:41.110000 -CVE-2025-41404,0,0,3b36bb84f7c0194c1aa431087a98895443d53be445f1ce2822aa08df3ec343d4,2025-06-26T06:15:23.497000 +CVE-2025-41404,0,1,635152bf6e0d88064e398d1e2106277e52e0e4337d8694694d7d26ad425c2c2d,2025-06-26T18:57:43.670000 CVE-2025-41406,0,0,d3e792a6ddcbe90721f4c3865312628ac205b7d8af6253d32ac9dc57cc53c7d6,2025-06-04T19:58:30.113000 CVE-2025-41407,0,0,6247b950f0c0166f2230d6a124266ea3a874057920a3c3768debb417b2132b5a,2025-06-16T15:15:15.260000 CVE-2025-4141,0,0,7b2e3326ccaf27d38d41c324ef2e3f6ee1e91c0da08a23e7b4e578c8215ac150,2025-05-12T19:40:05.830000 @@ -295163,7 +295163,7 @@ CVE-2025-41414,0,0,e15bca7d4059421d15d5cb35dc483cbefc52e8d9cd9f55b31b9d84f79a125 CVE-2025-4142,0,0,78a1ea715ae46e4bda0a693a8542472224c3dca467cf3911b9ec4f409b46b000,2025-05-12T19:39:50.053000 CVE-2025-41423,0,0,3ae1e637900a2dfc5b6bacaa494e26a0b5d8e1e48accef6073153be61f7a9347,2025-04-29T13:52:47.470000 CVE-2025-41426,0,0,43242131e19ec18f330497e91493c38832fad38a58a843ab859c1d5a86371244,2025-05-21T20:24:58.133000 -CVE-2025-41427,0,0,89ed8ff7e3943d403a01dda0b7552315e41395ee1272109ace025cc64ff0ad6f,2025-06-24T05:15:24.243000 +CVE-2025-41427,0,1,f6dc5b56f7a527de5954a67cc362ea794afb6ef7e9f67a39753755324f37df91,2025-06-26T18:58:14.280000 CVE-2025-41428,0,0,fc08f7ea35799ab3606cd46f1d07e20352e815aa53e1342e37daae2258efbd39,2025-06-04T14:54:33.783000 CVE-2025-41429,0,0,785edbb9428ab75f9ce49605baef089838a4f7d9c3a250c30dec518c67c17fbc,2025-05-19T13:35:20.460000 CVE-2025-4143,0,0,3a393d8ebe58f1f33890c3bd1fbf19f7d13ee6d06509ac73d2c28267c5f302ad,2025-05-12T19:39:43.820000 @@ -295197,7 +295197,7 @@ CVE-2025-4163,0,0,90b94328ec1d78c2c92fb5347be0835a81d1ecb778d277713df60a936155c1 CVE-2025-4164,0,0,c409a415056cfc60d19356dab298bdf2afe4926171d33ff65db9098cfdafae24,2025-05-16T17:45:46.460000 CVE-2025-41645,0,0,05dc7979d552d91b524b274c74c87b4d6526958474a345200f3e130228064f47,2025-05-13T19:35:18.080000 CVE-2025-41646,0,0,67ce20c1a9865425780a6906ee39e9288bbd25b638b5a3631cb1e54cf8c9584e,2025-06-10T19:29:22.893000 -CVE-2025-41647,0,0,85d297ffa6615dcc9a411ec6a53cc73525a368c42f7bac3676b14ff4cdbd6da4,2025-06-25T10:15:22.747000 +CVE-2025-41647,0,1,5696bfc663c0aa975622ee4248f52de6ec349aade18bbef9981e727fbbbe3bde,2025-06-26T18:57:43.670000 CVE-2025-41649,0,0,612914eeae0d0b80cff3d2f6bd08d474bd30dce7e9b2b85352e6df3c8ab3fb10,2025-05-28T15:01:30.720000 CVE-2025-41650,0,0,269c0d41f251c325a207de06d644a97e57e82f1a90edffb55ef7207165df0de3,2025-05-28T15:01:30.720000 CVE-2025-41651,0,0,38a22c1448767e102d555501f2b957b582c47bcd5ef6a6193da873a6e029276c,2025-05-28T15:01:30.720000 @@ -295398,7 +295398,7 @@ CVE-2025-4330,0,0,5d9f2f2e94c28a255aef99ed9b2622d78e58d1ab200918355adc9207ccd7a5 CVE-2025-4331,0,0,620e0da85354d81a367a41b7f2e39eeaeb31d846f9c0b35d1175b07ed628b224,2025-05-17T15:15:46.090000 CVE-2025-4332,0,0,f51566d2c2117f4ce873997a23ff694b3ee5f9b5aad203a2e1da6e04a305fea2,2025-06-05T06:15:26.503000 CVE-2025-4333,0,0,df346cc767abe9739cdcb38e3128deec2b82a2cef52e4ce255a43a7764d0a6a8,2025-05-07T14:13:20.483000 -CVE-2025-4334,0,0,a286c8ed1280bc37f7dfd503f06a37cb37637a6d6585bc7ed1d61715dab85cbe,2025-06-26T02:15:21.173000 +CVE-2025-4334,0,1,44997333c5971686b02f21a2fe24eab1c8bfd489740d4cdbe6a67ee05c5c4385,2025-06-26T18:57:43.670000 CVE-2025-4335,0,0,ab91d891d4885edde448eb60f8fb4e6853bc982358f87a0b04b64a0f12c1f76e,2025-05-07T14:13:20.483000 CVE-2025-4336,0,0,2e09e9c7f36f335133de8594c5c6fd52aee442ec37ac35149b98164c79dc716d,2025-05-28T14:58:52.920000 CVE-2025-4337,0,0,4522348444d62dbf38c10428a5add541d62bce2e026e5fb205cdcb7ae118d727,2025-05-07T14:13:35.980000 @@ -295493,10 +295493,10 @@ CVE-2025-4374,0,0,79d535d07a4046432cac6ccf29df351795ada13e20e135acd82417079a6bc7 CVE-2025-4375,0,0,b20f7ab0bc904a77bb54799caa478fe059549e18a1801d8a45b6880a04f0dc89,2025-05-12T17:32:52.810000 CVE-2025-4376,0,0,9420fe6cf88700687e51473e9a5bdfa5c55844808ec53c6470445953d8f65fa4,2025-05-12T17:32:52.810000 CVE-2025-4377,0,0,8e0530103ee880cb7f294e1c4c7e6cf387e9a1d9a6703ed3634515ee426ce352,2025-05-12T17:32:52.810000 -CVE-2025-4378,0,0,e3f650a0db288cd4a89ac897a14b4ee85a2f7816813dbe2e47966e315dd81dc5,2025-06-24T17:15:35.320000 +CVE-2025-4378,0,1,e1851322dcd3c6fe554fb52d15f994fca0f772009e69eabfd5d3b801ed1e800f,2025-06-26T18:58:14.280000 CVE-2025-4379,0,0,e139293cb2798c2cb2cb3f79d802fcb657bde9dc9fa4c7255ad0325e9262fbc1,2025-05-23T15:54:42.643000 CVE-2025-4382,0,0,8a1559ab8cc558a940530a080d0d085afab83e90e4673936d125191c010d9218,2025-05-12T17:32:32.760000 -CVE-2025-4383,0,0,790ce455930287eb9c4c8d30149f932b540252e29895e13c81ff558ca78f10f0,2025-06-24T16:15:29.220000 +CVE-2025-4383,0,1,d673ada83f93e5b93da8989794aa0e2df3902190f6c25e9a6c9aa4fbb9d3624a,2025-06-26T18:58:14.280000 CVE-2025-43832,0,0,513f95b74ed67840e16dbc4acf643166581497dbe2d1eae72a6cbab4e9aeeea0,2025-05-21T20:25:16.407000 CVE-2025-43833,0,0,3ebcf51424419785991ef323eb752f20e13fd4c6eee812e1cca2ed11789ffa45,2025-05-21T20:25:16.407000 CVE-2025-43834,0,0,3e2b45df59ceae0ff8acf8cce8c54f89613b0fdec32a0bd003e486c9e3f867ea,2025-05-21T20:25:16.407000 @@ -295533,11 +295533,11 @@ CVE-2025-43864,0,0,4a74404ae1412d4adedf36bca3c18b62d4e73dc491c1dfc2b32ce26efe001 CVE-2025-43865,0,0,c649a0f837f30d7ca72312925d2a9794983503f9ad275427cd38dd25847f7ed8,2025-04-29T13:52:28.490000 CVE-2025-43866,0,0,6792588ed0c68c54098e9b079ba8cad7ac57b1c21c789a29149941232d665928,2025-06-16T12:32:18.840000 CVE-2025-4387,0,0,da873d7541e8041438d0f9f1577bf8e7d71bdefdbc1e031dc470a87dd3a9066a,2025-06-12T16:06:39.330000 -CVE-2025-43877,0,0,5b7864d660b5acb06c5ca9c240c07b4edcbe1592d545ff6636f05b352d36f336,2025-06-24T05:15:24.403000 +CVE-2025-43877,0,1,f95fa175c96ade60c5fe20c58283cf7071d55a0d91147de372f8ae8467506602,2025-06-26T18:58:14.280000 CVE-2025-43878,0,0,35cf7c07b8b80c3378b7e206d0f6773b587f978a8b7a7526ac0a236c37d60b0d,2025-05-08T14:39:09.683000 -CVE-2025-43879,0,0,a8191614f6e5d432713b06b24ef6ee18cd89c8d92e486cbe24e75b79d72651dc,2025-06-24T05:15:24.567000 +CVE-2025-43879,0,1,9548afcc0f1c111dfe9fd785f330b6395fa6563b761ec9a69c865ca05bcdf75c,2025-06-26T18:58:14.280000 CVE-2025-4388,0,0,97a1b6eacb96a5a89fd1b724cb794d70ee55608bc796c2eb710dc788294d8025,2025-05-07T14:13:20.483000 -CVE-2025-43880,0,0,587d2984755846d708616914cb674a0ef4fc9828a8ae28200ffe8a53719fd8cd,2025-06-25T06:15:20.250000 +CVE-2025-43880,0,1,775915f4d03e858be7035ffd9993b2d11ec6096249c9511b658b819c0f7caacd,2025-06-26T18:58:14.280000 CVE-2025-4389,0,0,45c746d75c230b521e0d7fa0f7ed2e2bcf19d590062d4846efcc391c1f917c66,2025-05-19T13:35:20.460000 CVE-2025-43893,0,0,ce2184c9570a27f32b1c53e1a7eb084bc072ba61bfa0569a85000898bdc56f02,2025-04-19T03:15:14.017000 CVE-2025-43894,0,0,38ad6fd8c7d98bd63b2db2d688fe0af16a117e87d6d33ebfcd5ac8fe03cfe13b,2025-04-19T03:15:14.087000 @@ -295612,7 +295612,7 @@ CVE-2025-4412,0,0,8c8c59397117a84a167d36fb79f68c5cd99b79261327a1fb082cf24faee6cc CVE-2025-4413,0,0,61cf4ae74dd1877b470f2b4f5c2f8b7d6825e0d478eed1e554284b17cfa549ed,2025-06-18T13:46:52.973000 CVE-2025-44134,0,0,45b85d904dd860695476948041d246707a0696d9dc7fe9b405a5e27a85d44980,2025-05-14T13:05:17.200000 CVE-2025-44135,0,0,e8d32c865e9ccdb8b63503c21fad4c48843876d5709a3df063410109f034ccc9,2025-05-14T13:04:58.830000 -CVE-2025-44141,1,1,ca0cd04b4ca59a878409a8ee6c555ba0b1691a170664d5f0e68e827cddde592d,2025-06-26T16:15:28.753000 +CVE-2025-44141,0,1,249db5369f10926efe8571f5a16b1df4b578c5f1df1c148fe408742bc5e29646,2025-06-26T18:57:43.670000 CVE-2025-44148,0,0,440749a71814d76edeed70dd30fc58f3e0b75eaee931968ee8c88b7d1e24e11d,2025-06-09T18:04:33.580000 CVE-2025-4415,0,0,14ae76cc14cb7c5f3c4c963406f20e07ac9834ebdb3d6a3c4d84f73bfd11e915,2025-05-21T20:24:58.133000 CVE-2025-4416,0,0,a5c38ae8bb1fb36b46a6d4b035c3955bb8e9a586409097b52f155ce641ec588f,2025-05-21T20:24:58.133000 @@ -295634,7 +295634,7 @@ CVE-2025-44193,0,0,7a2f77bbf3da9e372539ce2d9568faa612514d106c676666f4f9e9bb49dd4 CVE-2025-44194,0,0,16480af03700c5c401cb85fd0d61e2e08efda510d573cd95f20458628d42434d,2025-05-12T19:41:14.840000 CVE-2025-4420,0,0,482e6cb0127b5cd1381f571129f0abb13f48f8e0b486724260c2eec90487cec8,2025-06-04T14:54:33.783000 CVE-2025-44203,0,0,986e2440b0483edc0c039355181e2e90648cd0645cc8cf4d5602b1543eba4d43,2025-06-20T16:15:28.700000 -CVE-2025-44206,0,0,bcf8c43764d9f23abe08370a8241183b1c8b3a14693e972a7012ad0743e79f9c,2025-06-25T17:15:37.740000 +CVE-2025-44206,0,1,677010d315f41ff0c9feb237dca9d0e7ed98b3f09d07fb7da120f248fc6e41ff,2025-06-26T18:57:43.670000 CVE-2025-4427,0,0,a2f798eeedafecbd9cb912f610af162690a80cf4bdd1bef66f3124ee4670723f,2025-05-21T18:45:49.493000 CVE-2025-4428,0,0,9005850fdd231a6f5e460fd5ca5842b016cbe5e1aed7fc3fa752cdd9cc20f3cb,2025-05-21T18:45:24.800000 CVE-2025-4429,0,0,223e012c1a27f7a458a5e6c8ec2a74e0aaf4b880fb51252379cf02d8237e0f40,2025-06-09T20:30:46.543000 @@ -295659,7 +295659,7 @@ CVE-2025-4451,0,0,eb5e97d618832a986e1251a65937eaefe5aeac1b9186d7c4d7161ef8e37a07 CVE-2025-4452,0,0,a8fae799b613cae7d9f6b10e972c55aeeb7cd837573978501121983f7c8e677a,2025-05-13T18:27:48.207000 CVE-2025-44528,0,0,ea0c1c5551ac38728cf8cd8f73269c888541cf6b10a2720199171ccb78f13119,2025-06-24T18:15:24.873000 CVE-2025-4453,0,0,17e7f2032ab18ade514049189b71ae429256843d9863fdf6f0e71917f98a2587,2025-05-13T18:27:42.267000 -CVE-2025-44531,0,0,1d4bca660c9e3a33023ad4a769fdfad7e0245a0495c8c3fd6da7d6d1884c016c,2025-06-24T20:15:25.100000 +CVE-2025-44531,0,1,c991a9c5361374117866dd32c254839ede6351cc9253e1833b0f71853e2e9afb,2025-06-26T18:58:14.280000 CVE-2025-4454,0,0,0824340d2335f0221b12fbeabb29b5c209c67a1c502e8896c89c5f037561d2e0,2025-05-13T18:27:36.160000 CVE-2025-4455,0,0,05a1a98b2065f53be9218ed1130540464e36b521788d55ad2e6b4dc77e4298ca,2025-05-12T17:32:52.810000 CVE-2025-4456,0,0,e7ef7ea8d16290e794f525db2ea37bc8abc1615ee5fb21b539df1843139a93b5,2025-05-12T17:32:52.810000 @@ -295819,8 +295819,8 @@ CVE-2025-45321,0,0,9227564f6386651a6df0923ea8fb2c1e9f2a2f4487dcf05f9020b166648d7 CVE-2025-45322,0,0,bd98baac9032c4924e89f536321099d3c4e9b0a26b0e91693b82dcae0f7fc3be,2025-05-07T16:40:08.760000 CVE-2025-4533,0,0,958714e8219e4b36bf6a5171f1844fbafd960204dc55ae1eaffcf3377f047967,2025-05-12T17:32:32.760000 CVE-2025-45331,0,0,1a763087f3a9266aa4ad598d9cc797aba7ebe6d738e262c7bb0a83be881654a7,2025-06-24T16:15:28.007000 -CVE-2025-45332,0,0,dad5ffe999fc406a7d4a0195ad5397b0fdf97a2b911d2dd9b5e5157c4c9992c1,2025-06-25T19:15:23.110000 -CVE-2025-45333,0,0,94585daa95f4f9cd37907277300dc534db5fb71804a842016cee692b102a8a53,2025-06-25T20:15:23.927000 +CVE-2025-45332,0,1,3e680282347d513ad76d880bfdd241726c33a42cd9243ea852e7ec50a8a70a04,2025-06-26T18:57:43.670000 +CVE-2025-45333,0,1,93d7d63ecb6836b15e2485a166af4368389bed5c642c5a2b98f44d30317836bc,2025-06-26T18:57:43.670000 CVE-2025-4534,0,0,d56048b96631b6a170c2f4a1ae209f80a8905f2c01c2315ddf151590a444fbdb,2025-05-12T17:32:32.760000 CVE-2025-45343,0,0,7615694706f3e006934d6364d7caac354737a6562145f3bc3ab74518e76c62f3,2025-06-03T15:36:32.347000 CVE-2025-4535,0,0,211c420ea7fc40b2c6369c81b50b72179abd6b1518746dfb87b4fb36af845bbb,2025-05-12T17:32:32.760000 @@ -295860,7 +295860,7 @@ CVE-2025-45513,0,0,75d2d23377bdf3eb34768546535e2634c77460ec9fb3e1dbc5e6d7c5335e2 CVE-2025-45514,0,0,a0097e631e2f67ebed1594ab343f4868011705c17a9a818d4cf23fb2040b09ab,2025-05-27T14:22:03.193000 CVE-2025-4552,0,0,78d43dd6fb452cd4c88c9ba8880aef53f1ef01b609cdfafec2c65ebbd9c2ca4a,2025-05-12T17:32:32.760000 CVE-2025-45525,0,0,d964bbfa3565b6e3c8c91f8b1ef6cff3eca96639573f7a1a53ee29de90662ea9,2025-06-20T12:15:21.780000 -CVE-2025-45526,0,1,7c332e0ac82e00dd31b05e654cf89202b648251ee9903ffd3830e5fdc6c807ef,2025-06-26T16:15:29.013000 +CVE-2025-45526,0,0,7c332e0ac82e00dd31b05e654cf89202b648251ee9903ffd3830e5fdc6c807ef,2025-06-26T16:15:29.013000 CVE-2025-45529,0,0,e167386bb5394c534585ea5a04f1a046eac90f4928a6eeb5d60ef274f5e67c1c,2025-05-28T15:01:30.720000 CVE-2025-4553,0,0,cc42244e3fcc3fa0e4735902b7107755da4e8cf945b2a43e81a0e7fb4c007005,2025-05-16T17:08:50.060000 CVE-2025-4554,0,0,689d20479ad000d274d22e94958c98af69dd587a0aebcdb180b3f5df25fbdcf6,2025-05-16T17:05:01.380000 @@ -295904,7 +295904,7 @@ CVE-2025-45755,0,0,6fe3262fee3e82261947590b30e342c111c5db410776b66947644241532cf CVE-2025-4577,0,0,599a2191d82490cb2917b4663991020a6f76d4cef5dcfc1bbad5bfcf594df4d0,2025-06-12T16:06:39.330000 CVE-2025-45779,0,0,7069f589f242601716458d7b26f08f6a87931010ba7c496f215f47c502ef806f,2025-06-13T13:40:52.883000 CVE-2025-4578,0,0,8451b1c03045c8ad3abf8c71774c6b63bc79023720225fdd15b30152793b6197,2025-06-04T20:07:45.857000 -CVE-2025-45784,0,1,1183046d89fba1b8e7cc428e6740142c348eab38c81fc9b0368caaa8610e4183,2025-06-26T15:54:43.523000 +CVE-2025-45784,0,0,1183046d89fba1b8e7cc428e6740142c348eab38c81fc9b0368caaa8610e4183,2025-06-26T15:54:43.523000 CVE-2025-45786,0,0,7a0ba9ce4206224a5dbcb3a3da9e1372f377164d0fd2610cb24fccae3b269758,2025-06-23T20:16:59.783000 CVE-2025-45787,0,0,839c7946d0f8e2e3f388e984cf0b3d259f804d96030c23335dfd861ac831e334,2025-05-16T15:38:25.723000 CVE-2025-45788,0,0,d9b27095f0d050912ccc839258566df73a65f9582f737413f53a8385c0736d6f,2025-05-16T15:38:16.100000 @@ -295983,12 +295983,12 @@ CVE-2025-46080,0,0,e77557f865cb8f0c8a7b01f1f6fbdee1ca66bad8ebda2925b71b207a25112 CVE-2025-46096,0,0,e46e913b0fe20a27c7a6297a3680c5637edd7add55053ff1310b775a32e2d62b,2025-06-23T14:08:37.750000 CVE-2025-4610,0,0,d61d953fe0fd6f0d2b21233839836df5133468380db75b47c2a05d78020b6b82,2025-05-19T13:35:20.460000 CVE-2025-46101,0,0,8eb61ce0bd76c46c5a0ea5520ca1a03eea4acd2a3190f70aab698ce7c6299593,2025-06-24T16:15:28.403000 -CVE-2025-46109,0,1,a81953cf13c139be94a1c266dfcc581a11077f2b3187b5b6aa057caceb5c0bbc,2025-06-26T15:51:06.490000 +CVE-2025-46109,0,0,a81953cf13c139be94a1c266dfcc581a11077f2b3187b5b6aa057caceb5c0bbc,2025-06-26T15:51:06.490000 CVE-2025-4611,0,0,551957ca30c77144066c2501102cbe8b5cc59e5d0e8959ef20d14b731299a950,2025-05-21T20:24:58.133000 CVE-2025-4613,0,0,f577ead831948daefe1272603bfaf0609f1e849af3f425f017bfac9ead135854,2025-06-12T16:06:20.180000 CVE-2025-46154,0,0,28136877062a9fbae66fc92d86286e5d62e1cd8a9e62fd05c5a06eb514bf383d,2025-06-09T18:06:28.423000 -CVE-2025-46157,0,1,15ef5f092148ce037ce48bb6f5f34f7194730ff07b7e1a3244e0e823362d2bc8,2025-06-26T15:53:12.230000 -CVE-2025-46158,0,1,496021feb7f909223ea58ad77cd1644e57cf02b0d8b0ef3c8c84068942351766,2025-06-26T16:15:30.733000 +CVE-2025-46157,0,0,15ef5f092148ce037ce48bb6f5f34f7194730ff07b7e1a3244e0e823362d2bc8,2025-06-26T15:53:12.230000 +CVE-2025-46158,0,0,496021feb7f909223ea58ad77cd1644e57cf02b0d8b0ef3c8c84068942351766,2025-06-26T16:15:30.733000 CVE-2025-46173,0,0,4405d31e0bbca77b9a85dba04df7d6cbed12d0763cfb8e942421606ded04a3cf,2025-06-10T15:12:53.720000 CVE-2025-46176,0,0,4ad29bbeee58de7eb7d271c0fb79c01a588d38da2dcbe15f5042a3054d2345a5,2025-06-03T15:47:26.543000 CVE-2025-46178,0,0,91c6404535de808aefa017d6b4ebfff23f380aedc9da42e3620cbfea00da5246,2025-06-12T16:06:47.857000 @@ -296240,7 +296240,7 @@ CVE-2025-46554,0,0,a7b89eea12b63e666a925ea1c3ab241ef8ea8e981646e1e96bcb6f05587df CVE-2025-46557,0,0,695475fbfc401718c197f3766204de189f65619ff7e66fe731891859004c2d14,2025-05-02T13:53:40.163000 CVE-2025-46558,0,0,46044112001a42c9e94971cbcc8641b730ce8831adfe756198a0c859c9d96131,2025-05-02T13:53:40.163000 CVE-2025-46559,0,0,6f9c7ce4b09e8d2873d9fa1c8ec5bc239aba3f166b5bb4136391a9939ada4ec7,2025-05-05T20:54:19.760000 -CVE-2025-4656,0,0,a8806aede8346b7e2fd2d5e5607a21ec471bbcd89b61bf060c386a101551c41b,2025-06-25T17:15:38.440000 +CVE-2025-4656,0,1,d223ed44d74727660b74028604a41bea2e0f02ca06866b12aac3da2fecd068c7,2025-06-26T18:57:43.670000 CVE-2025-46560,0,0,6a0b92fa9b29effaffc6e89d51a92fd2337a6f1c3f6c1149eb2801e9c0d0f8d6,2025-05-28T19:15:56.887000 CVE-2025-46565,0,0,c6310b0d16caffb5c4fca228b199569c838bec718e60758c1fab4e44d373407a,2025-05-02T18:15:27.060000 CVE-2025-46566,0,0,24d113192be0c68059a74a8b38378d8007a4303882cf168243cb6e7bc5606a7f,2025-05-28T16:02:36.163000 @@ -297163,7 +297163,7 @@ CVE-2025-4794,0,0,1c405daaf3d5fe49b91b465c5bc45162d39a8721f37d4e3e481eca779cf10b CVE-2025-47940,0,0,041b23d7fe6b85d81bc7e12896e6c239d30fa2ff6fd2920eb28aca61c02fe976,2025-05-21T20:25:16.407000 CVE-2025-47941,0,0,ccae7c3101a56671e4027a9ac1fc4d25c071f58e7060281653ad230449dde6b5,2025-05-21T20:25:16.407000 CVE-2025-47942,0,0,89669a9478df7875427b1ce81ed1c37d53f50384a3e98a50b2c381c0e1aa23d7,2025-05-23T15:55:02.040000 -CVE-2025-47943,0,0,5012c9e4a20711ea81d2ced410ac889692ab02df9794ddfad48d1ebdf0a05ec4,2025-06-24T22:15:22.353000 +CVE-2025-47943,0,1,07b5b34c246c702d84d3f98c0e04c45b3c05df5bbeebbacc492f76267948dc29,2025-06-26T18:58:14.280000 CVE-2025-47944,0,0,43f01036d58c7fc4ce68cbd36ac845bd2f2e9cbf043553eb4dd6eb8bb8c9e3b0,2025-05-21T20:25:16.407000 CVE-2025-47945,0,0,7c5a965f66aa180fc1f3cb799cf2ffb5e99cde67696e78bbc56ba87d94fd9577,2025-06-12T16:28:42.797000 CVE-2025-47946,0,0,fe373fbb28590de823dcf173d97336d97ccc740376cc7405209b8db39f076b6c,2025-05-21T20:25:16.407000 @@ -297431,15 +297431,15 @@ CVE-2025-48447,0,0,f1064a55c619ba121930a53f8ef33a80015883f6e69dc2f6e30ce6674f9bd CVE-2025-48448,0,0,d45e98596ff7c4bfe1172c4147c3bf90df1269483f2072c8e1e6cb8ccc1b62bf,2025-06-20T13:06:18.167000 CVE-2025-4845,0,0,5d1b81810c6ca4083e9e97cb1e8cb24890cd9aa68161fff1d9a41ed5b829a66e,2025-06-04T20:11:09.500000 CVE-2025-4846,0,0,567ea58beeefb674198c2f090a4debb893b74f8f25c0b605e548238fa1a18edc,2025-05-19T13:35:20.460000 -CVE-2025-48461,0,0,5cb60922611df1a9630ff9642542ac0322c4864ffc334d2b1a2681f2ec30a89e,2025-06-25T14:15:23.997000 -CVE-2025-48462,0,0,ed09fc98bb1468b70d1d6cf4678724540e037a16ff599ec54876aa117092a4ad,2025-06-25T14:15:24.130000 -CVE-2025-48463,0,0,b9b34b151192ab1f5dd8e9b81afea22b4bd9670a1a7752802bfbc3c777703af6,2025-06-25T14:15:24.267000 -CVE-2025-48466,0,0,2563b76b52fd1deb9f15d3145719989c77aa827ae95f94628fb0760eb7e72663,2025-06-25T13:15:26.133000 -CVE-2025-48467,0,0,546c50806aa094636c785f91731f186172f193876be57a2e611c719a66fffb94,2025-06-25T14:15:24.390000 -CVE-2025-48468,0,0,6bf0e764ffe2956b777d4d0a90eeedeaea02b4fa6c2f9123ab9f53b4df170942,2025-06-25T14:15:24.523000 -CVE-2025-48469,0,0,ee7a036457144c23ccd4e0a75a29af9e7ed71f0ef4e40fa2428819e7ce1abc4e,2025-06-25T13:15:26.273000 +CVE-2025-48461,0,1,5dc0135bc1c8645b2bb89ceec30bb5c293123dae8989e102698ca347eddd51d4,2025-06-26T18:58:14.280000 +CVE-2025-48462,0,1,8d72eb9dc6bf359b888051f186f1402565d65e4c2e36376ba078608888207631,2025-06-26T18:58:14.280000 +CVE-2025-48463,0,1,7cdf52f77eb3317901d4eb08dce823bf2609f8867f2c62c6faceb02f03ff2ffa,2025-06-26T18:58:14.280000 +CVE-2025-48466,0,1,172cdcce5d8e2ac3797d1d0ccdc4b4ce5dd23c8d1757497733143cd79bc4b168,2025-06-26T18:58:14.280000 +CVE-2025-48467,0,1,67e9644a532ae6b0f7ec0852084b0156b7e64097fe986a70501af02a30845917,2025-06-26T18:58:14.280000 +CVE-2025-48468,0,1,cf00d0c5ed9342f688e1574c46275c48c57327408c44396315a8234346e0f507,2025-06-26T18:58:14.280000 +CVE-2025-48469,0,1,50af1de554ccf560ab59f931c55ab9ae7b27a6ed870757380cdc5df9fa5e3ea7,2025-06-26T18:58:14.280000 CVE-2025-4847,0,0,6fb9786d7d0457ea8b5c8f209062b29242bda3291cd69f18d9d7b36a0b0e46d5,2025-06-04T20:11:01.580000 -CVE-2025-48470,0,0,2838398359d02ab95654539616fa46efd3e068ee075bd3027020a0928344ce00,2025-06-25T13:15:26.410000 +CVE-2025-48470,0,1,f890377764600dab71181a6f0ecbefe9ecd518b05e83fb7d5f3fd2c0ce3df25a,2025-06-26T18:58:14.280000 CVE-2025-48471,0,0,25591a47ceebc9413e1a4bcc266afa32d48e14080e918a48e442eef7eb535038,2025-06-10T15:13:08.177000 CVE-2025-48472,0,0,0c03c2da2260304575e0e5d7114e8a1cf6004a3b1aff992137a8bc3deefc4ba5,2025-06-10T15:13:16.167000 CVE-2025-48473,0,0,8f944e6ce99279110ffb70ec695a019f55fee49730724dd8b784bed7dcb47d31,2025-05-30T16:31:03.107000 @@ -297467,7 +297467,7 @@ CVE-2025-48492,0,0,403a5473251d0861ab7d826ccca3a9aee2288a4f6bf49b37e21ab18d8ee76 CVE-2025-48493,0,0,7c20ba456ec69ef1e70d2ecb4fd146dbaf6e95fff0c896df69b76de160cbc941,2025-06-05T20:12:23.777000 CVE-2025-48494,0,0,0329dcb313613e53f258f49f9571ad3f690e1a097f931b0aba423ffd216938fc,2025-06-02T17:32:17.397000 CVE-2025-48495,0,0,231a0a2df8efd4f811988b128f1772192e88580d1043466f8b361c6491441d56,2025-06-02T17:32:17.397000 -CVE-2025-48497,0,0,86c8859e21429939ae421f2f993754dfec451c81b4091273af9f27ad7ce5b8de,2025-06-26T06:15:23.697000 +CVE-2025-48497,0,1,87864234e61d762b45107c5a61a3b1913d445c275f7eb7f6e202fd8227edee1b,2025-06-26T18:57:43.670000 CVE-2025-4850,0,0,f4734de71688bb34b47f04cb41c5af0cc568cf46c9e6cb90745360a2b3c7693b,2025-05-24T00:57:35.620000 CVE-2025-4851,0,0,e5a9ac67f494616a05e2f84fff689d174d4a8c96dcdf95534865dd01a2cf2a1b,2025-05-24T01:03:29.400000 CVE-2025-4852,0,0,9fdc9f5e4228d0479c129fbe9c7f799e549cc0e36b5c79452a30c2f45481eb4e,2025-06-04T20:10:34.490000 @@ -297578,7 +297578,7 @@ CVE-2025-48887,0,0,d715c137954000dfa4d0fdb3ecdb8e16b928f4dac02dc271a6a5d4052e6a1 CVE-2025-48888,0,0,e337e94b85d7a08366e0c5a3cc16b222a86bb1703b8b9d4a80140797b44ccf65,2025-06-05T20:12:23.777000 CVE-2025-48889,0,0,10193c433a4bb6349663dd15365e40e7749e3028945374c079cc00a7a9212044,2025-05-30T16:31:03.107000 CVE-2025-4889,0,0,01c7a8037082d88b5ac656519933c8c5460517579f14e0273e6b2875f7942bab,2025-05-28T15:30:05.053000 -CVE-2025-48890,0,0,90f43142f7190a152648c265f6a9545478af2675ce4cb8912dc649a92933ca57,2025-06-24T05:15:24.727000 +CVE-2025-48890,0,1,035062986bcfd0f09ce3aa3234543e9e4b3abc3a773556c8e4def7eadec96629,2025-06-26T18:58:14.280000 CVE-2025-4890,0,0,81e619b8915c0f1194bf5df58e7b0a9363ea517d5998dc711619ba92ff360f3e,2025-05-21T19:37:54.033000 CVE-2025-48902,0,0,7153b168df5ca1545a7c32ae4e0be3377e9c5fef3f22b71de2c6ef4f227118c0,2025-06-06T14:07:28.330000 CVE-2025-48903,0,0,224c9128ba31db635f4665cb2f9d780a9613c07fbf5ecbef485d8ca41b36e4c7,2025-06-06T14:07:28.330000 @@ -297600,9 +297600,9 @@ CVE-2025-48918,0,0,96bed736df52792450e3608cc07a547f9c416534292e707cd90567bb1e330 CVE-2025-48919,0,0,b13f4700030161c8cea02111785c6dde091bc79546f3b93073b1eb28b1babf2b,2025-06-16T12:32:18.840000 CVE-2025-4892,0,0,002d5f2a93da7cbbf0db54aa5606cb91f8377f6151252d2e3edadf3dcfd06185,2025-05-28T15:32:12.643000 CVE-2025-48920,0,0,c443e19ac648bfe69c31e79bc1998d46349e50d790bd54c32a87884332343dbc,2025-06-16T12:32:18.840000 -CVE-2025-48921,0,0,60108674aa9da19d1b7091b595c8ed40f7a1d94323589c6d910996093bab2cc9,2025-06-26T14:15:30.043000 -CVE-2025-48922,0,0,7a5047668d334930881e2b457606985ec361c1d853d924c02455f87edd193b7e,2025-06-26T14:15:30.180000 -CVE-2025-48923,0,0,1fa4ea82497ce4c558f5cb0484eb2951b14a350e9b4f9f4f35aab01f62adb054,2025-06-26T14:15:30.300000 +CVE-2025-48921,0,1,288324bbf02fdb97195d5c523eff975adb11ef00705d79f26d5a8a226b6205dc,2025-06-26T18:57:43.670000 +CVE-2025-48922,0,1,80037b16cbfb1647591b87b400e6df0d05dffacf95ab56177fbb82d277199771,2025-06-26T18:57:43.670000 +CVE-2025-48923,0,1,d227fe942ceb5ba34d9f59b0ac69d1e774d48b86c94ce664b2bd06527eb271d9,2025-06-26T18:57:43.670000 CVE-2025-48925,0,0,21a2cb4f4a9620e34d454c14028a00f2b70dc9544a21aca3383488609c689c05,2025-05-29T14:29:50.247000 CVE-2025-48926,0,0,7c30f38d95fc987bd6e8852b968a55a7e51032b7c79b54853568428b8d32ecb1,2025-05-29T14:29:50.247000 CVE-2025-48927,0,0,709ff3b5cba6df23c4ebbabd98b2844e61f0bb8547f17efd794502cb0ceeec47,2025-05-29T14:29:50.247000 @@ -297631,7 +297631,7 @@ CVE-2025-4895,0,0,451159abdd179506166eda92c0cc3ecdcfca15d4a903bf6a2c0ccf029c1666 CVE-2025-48950,0,0,cc973f7c5355f4974e0729310c9855d4650934cbce88e929f2539748e53aae88,2025-06-04T14:54:33.783000 CVE-2025-48951,0,0,ede6a9271ef2c495a550496dbd581ce6ffb53f4b9f98c935ca8083cc1b4fd602,2025-06-04T21:15:40.580000 CVE-2025-48953,0,0,70684a4684db41347c8126e913d4ccc37a9d8250a7889d7b10445edb04853791,2025-06-04T14:54:33.783000 -CVE-2025-48954,0,0,be94716afcd7eec26cedcf292580287f8fec6815147609b02d7ecb570a044924,2025-06-25T14:15:24.777000 +CVE-2025-48954,0,1,9a5d9fdbff1bbd7ba308d1268f50bac1e3ed28dbf527070a93b616756ee29907,2025-06-26T18:57:43.670000 CVE-2025-48955,0,0,560b04619e43ec6eda07e48b947f9bc229ed274e024fa427eb478249da962f8f,2025-06-02T17:32:17.397000 CVE-2025-48957,0,0,2a3761a5801fd5ee703634fc43f87a21218d925d9f5bdb2e21bd6c0c9aad55ce,2025-06-02T17:32:17.397000 CVE-2025-48958,0,0,8c90d5f5b1a3b380eb0fd9a0eabccd26db118226ac52ddc9c94ec9a7d02c9ea7,2025-06-02T17:32:17.397000 @@ -297646,7 +297646,7 @@ CVE-2025-4898,0,0,088de021e18707e0dc4ec8499500601b39900fc456f0a7d4c0f7a0b50fbac2 CVE-2025-48988,0,0,89f3346fcc4cd557a41994a11d0d1a4d79127913ab475205777ebe370f1ad8d6,2025-06-24T19:49:04.033000 CVE-2025-4899,0,0,384aad67823f1c19c564c5975182391c80467536acba8235a635dfd93a5393e3,2025-05-21T19:37:31.280000 CVE-2025-48990,0,0,35250e6aeab8f33cddd6a2463ca29c89c0b5491c46e9371235f8d9552555aa3b,2025-06-02T17:32:17.397000 -CVE-2025-48991,0,0,13db40b75f05930b910613459bb665af7d383eddaaf687d07ec9e0951d9c7cbc,2025-06-25T14:15:24.943000 +CVE-2025-48991,0,1,323c8f412fffbf3c6814bb53730d0ab6ac8cd8daffd1f2a652d7c97a5a3aba11,2025-06-26T18:57:43.670000 CVE-2025-48992,0,0,6b15fffcdbf47d08f32eb69350dfd721fbd263466b12b44b59139ec83ba254ec,2025-06-17T20:50:23.507000 CVE-2025-48993,0,0,3b46c3e37f1fa24b316d79808ef25fd0981843dfecca422fceae570342cf7ba9,2025-06-17T20:50:23.507000 CVE-2025-48994,0,0,2347eea9d248ee0ef643957a0a53d1ea86b7f69fd6aea9013390675ac9969f47,2025-06-02T17:32:17.397000 @@ -297659,7 +297659,7 @@ CVE-2025-4900,0,0,a63cc638a24f84eec22901c973a40410ae17057cc7bae6578e39029782b2ee CVE-2025-49000,0,0,f8cce1a2bdee8bde170fefa186e3e45152457ed27acc2f9d05d9f849c91c807b,2025-06-04T14:54:33.783000 CVE-2025-49001,0,0,8dc4548fe390fc22a5faf69cde327e5fe5b96046e91fdc466cb08c1aca094302,2025-06-05T14:07:47.397000 CVE-2025-49002,0,0,216cade8987f40e7e1bae00fef99c6cc70caf989f13acf7e248d90eb2faa16c6,2025-06-05T14:07:36.847000 -CVE-2025-49003,0,0,6d872892fd4df39d0f411338678fc504959c64f83cc9150d4c7ae1cc0dc9727d,2025-06-26T15:15:22.963000 +CVE-2025-49003,0,1,fba2fa2a264a5c8271213cb9de26bd128e1b1ae572a3e285db1d3ea73352c4b7,2025-06-26T18:57:43.670000 CVE-2025-49004,0,0,89d47ac006a07f0278b924493f5a5a2553c688202c5da141c2c812c60b3a1cb1,2025-06-12T16:06:47.857000 CVE-2025-49006,0,0,69cfb489d390e5afe2e42023086b2832eeed6d765863e99bd3de00a5d46a4fa7,2025-06-12T16:06:47.857000 CVE-2025-49007,0,0,d1c6d78f4ed2af74dee6497de444888fe48e0c945fb3e3b2be2f74b557cd31b9,2025-06-05T20:12:23.777000 @@ -297708,7 +297708,7 @@ CVE-2025-49131,0,0,8a44c490c7fa295d5533f610dd64963399edc71879b888527baab1ab4d531 CVE-2025-49132,0,0,b30c6775be8a50ae880385154ce2e19a1c9343cd64209afe3987913ad194ab84,2025-06-23T20:16:21.633000 CVE-2025-49133,0,0,8088c6aaceb03a008d386616b846a037fdecedf4d2cd5516fa2cf3ebcd733d0a,2025-06-12T16:06:29.520000 CVE-2025-49134,0,0,93b87fb9436422dd238c8dd7883e82ad55a40642ecf25132edb1ae185794c3e8,2025-06-17T20:50:23.507000 -CVE-2025-49135,0,0,9c388d403b8d7dbfaaae6e3d83ebed67c827808bcb79b4ef19a7fd9a0138c192,2025-06-25T15:15:24.990000 +CVE-2025-49135,0,1,ae73d7003ce5135973e4cbcf91a548bd76a68b17ebc1f268e1d26e1b8e5d6e1e,2025-06-26T18:57:43.670000 CVE-2025-49136,0,0,c1d869d890c14268fd4f2fb480144530c7eab04eea9b543be4e0614ad0048264,2025-06-12T16:06:47.857000 CVE-2025-49137,0,0,00b24fd3f871d281b163e6d7bbfd273a0222ebb2d899dd7de538a91da893ac3b,2025-06-20T14:28:09.933000 CVE-2025-49138,0,0,8e04d81fc03f64af15aa1a0fdcf9746eed4f8896ddbcaf2793588ac3bce44ce0,2025-06-20T14:11:10.947000 @@ -297720,14 +297720,14 @@ CVE-2025-49142,0,0,41188906e2e357ed545217831b9fe6ff5a3bf2332267c22eb7e3625fae9f5 CVE-2025-49143,0,0,f4eeb95d1c1d44e21a5fc96f8952099f90b0864e5b98bced44a49fab091919bb,2025-06-12T16:06:39.330000 CVE-2025-49144,0,0,d6baaf8446ddc27e2900045d55963dde986363ee0e21198d87807207a0a091ed,2025-06-23T20:16:21.633000 CVE-2025-49146,0,0,a352cc011ba361436b876cbd0ba26f98777672335f155f665e464243f2d6320b,2025-06-12T16:06:20.180000 -CVE-2025-49147,0,0,a9684e104a7314ca6d799206a4c275f0f5247256f8b108f80b0d2067225733b1,2025-06-24T18:15:25.247000 +CVE-2025-49147,0,1,3efecc68c334513dc04816c419f6998de443a60077bb781c530001340a0675f7,2025-06-26T18:58:14.280000 CVE-2025-49148,0,0,c3b7fb08d13ff41d0698bee1d7c392e956316a8e5553d1877a2eed546fcf4c94,2025-06-12T16:06:20.180000 CVE-2025-49149,0,0,798bf70c7539e563311e2175a9634dcea6df9b43d0cf6e2ed916f772705b4b0f,2025-06-18T13:46:52.973000 CVE-2025-4915,0,0,46c7fa6aa65dcb339a70ae5c3381e0e409573ebed627552c1d75e88ea8911815,2025-05-19T17:37:39.277000 CVE-2025-49150,0,0,83cc8b08fd5b5a9872066bcee75026b50521e5c31e643b9fa688d6c170487f61,2025-06-12T16:06:20.180000 -CVE-2025-49151,0,0,ed678f667d2790aae167b274051e49b7b9f0b4d32fddafd8e4bb038ce01df9f3,2025-06-25T17:15:37.897000 -CVE-2025-49152,0,0,1eab955497e2468c87d03a757a6a4b7d7cc23da384b98f86486c1e46f0438fda,2025-06-25T17:15:38.100000 -CVE-2025-49153,0,0,20f902a50a6280926a075496e3dd1f94f40eed84a0d77c1c70adc91241687eab,2025-06-25T17:15:38.263000 +CVE-2025-49151,0,1,d8ecca72f15e06a94b2549a3234186de1f886007e17ac34f7f2146de79b4c3df,2025-06-26T18:57:43.670000 +CVE-2025-49152,0,1,10d2730974f010c3e9434c27b5ecab25330e7f23dab05494f6d708a2e1224410,2025-06-26T18:57:43.670000 +CVE-2025-49153,0,1,ec006b3fc3222babc1c4f53dc79f5b4d2d4d3d6bd5ce3e6dcba80af8929c199c,2025-06-26T18:57:43.670000 CVE-2025-49154,0,0,86ff37b581264b7df1b0bb3a86adcf993ea8d18f7e79c73b909f888d9f9790e5,2025-06-17T20:50:23.507000 CVE-2025-49155,0,0,4d0f00f02d2c0de9913540e76adc4815296ddadc8fb056613c64baf14f729730,2025-06-17T20:50:23.507000 CVE-2025-49156,0,0,ee61c7bc3d4439a31549df380a7527546fb87d317109fcfc4d58ebcdcdcbdd0d,2025-06-17T20:50:23.507000 @@ -297937,9 +297937,9 @@ CVE-2025-4951,0,0,8d2965f90ffa46a261e1b06cd533aeb358abbd5115dc1f57a5b34acf12ab58 CVE-2025-49510,0,0,3bb8122e36ad249db39449b81c1d9bb5005e0826a2addc079025211cebc0dc64,2025-06-12T16:06:39.330000 CVE-2025-49511,0,0,5857ce4f5934ac8d4eab419d1a69fa9027dcf280ff9a1fb08e4e3e1a5703ab2f,2025-06-12T16:06:39.330000 CVE-2025-4954,0,0,1ec01516c4567931b4ffc24e86d8b1eee9006bb52ce75acce1cd554027fb1f48,2025-06-12T16:06:39.330000 -CVE-2025-49549,0,0,3cdea74f2b27328d61ede02d1b883fc758dc512c5716b1bebb308782c81aa33f,2025-06-25T18:15:22.163000 +CVE-2025-49549,0,1,d51ae214ec023b9fbf2d300a776160828d2a71b7300d33bc04b291b25e1ecd5e,2025-06-26T18:57:43.670000 CVE-2025-4955,0,0,85a93e6cc9d76b6eb96cac66d66bf9a676c7375a6a733a4a5f80ea99e88eb438,2025-06-18T19:15:22.137000 -CVE-2025-49550,0,0,5a1a8d45833df3de3b7a8b671a92645e7d71893b7c7807340515dc53dd41f3f4,2025-06-25T18:15:22.323000 +CVE-2025-49550,0,1,81d29c0d656ad2b61bb825237b123272a33fd2799782f8797b7b40fb5e1f45eb,2025-06-26T18:57:43.670000 CVE-2025-49574,0,0,fb5e38666a9d5db5e2fea3eff17a1cec1849b841049d294374c0873eea7d745e,2025-06-23T20:16:21.633000 CVE-2025-49575,0,0,5239212f6088f8e9f5d72981748315013281ee63030d12ad53f604f56fb5ce0a,2025-06-16T12:32:18.840000 CVE-2025-49576,0,0,d91dc4671dcd271f2349061a8890351137f780e1115b96e716a0a31c8aba01ac,2025-06-16T12:32:18.840000 @@ -297962,6 +297962,7 @@ CVE-2025-49596,0,0,914f35572c3497727ef5bfdff2cd9e17d27812703e06d7a6c3496156238c7 CVE-2025-49597,0,0,31430be1a672877ef5712ae64cc63468a339d903aeb2a4d86bb312578783d5a4,2025-06-16T12:32:18.840000 CVE-2025-49598,0,0,388fe7ea425620c97395f0a980692153036c5ee134fd73303c8f32af7dfdea32,2025-06-16T12:32:18.840000 CVE-2025-49599,0,0,cd0748db942732a0e968c564ce05d560bd51611e52e8cb06dc26ca9e65d8d9b0,2025-06-09T16:15:46.830000 +CVE-2025-49603,1,1,67fbe5b309929b2cdb0309d33e701f609c41d09e9ad2b2988ff857dd8e2a3f19,2025-06-26T18:57:43.670000 CVE-2025-49619,0,0,34a674efa79bca2e7a9fcbbfc8a71e4ddf39896b0ede59561baed790959985f3,2025-06-17T21:15:40.087000 CVE-2025-4963,0,0,bcea30a5657c56e720740d0c1da3f6ecccc2ea27495c62c19f4e987237e46939,2025-05-28T15:01:30.720000 CVE-2025-4964,0,0,9a4175fc819c8903aae087508d79cb283240d351bb7e4f3f9bd0bc9b58a9f683,2025-06-06T14:07:28.330000 @@ -297994,7 +297995,7 @@ CVE-2025-49793,0,0,25d57e0b9df99cf6003be5aeef6975cbd58104035f2746b28b6910725b1e9 CVE-2025-49794,0,0,fb1efdcc8bcb343302868601f600bbbb7fce96a3ab5152faaf6b18dcb3cfc4a1,2025-06-17T20:50:23.507000 CVE-2025-49795,0,0,4c770467268ebf148fa0f28383caf66af5bf08e634296e0cb4c455afa6e9b153,2025-06-17T20:50:23.507000 CVE-2025-49796,0,0,c3ae5367828207e03498fac8ae67ddfb08b0af4ece3b2500316915ff59e84375,2025-06-17T20:50:23.507000 -CVE-2025-49797,0,0,8911e4990266860c5e54afa1a03e682c7ce88d8f1cefc5c19c72331d0770e16f,2025-06-25T10:15:22.910000 +CVE-2025-49797,0,1,13aa17d1b7e46eec0802f65578a147baeb08c4d0e59385ea616f044fa893e802,2025-06-26T18:57:43.670000 CVE-2025-4980,0,0,b34e85986066032f97fe34d8a927fed77ce8edee3293780d83eab3188141a736,2025-06-12T16:21:08.950000 CVE-2025-4981,0,0,f5c12859221db84c36da0cdc2f5b3b0d709a62c17786be42789bf52dcdf30cf8,2025-06-23T20:16:40.143000 CVE-2025-49814,0,0,cd4c594b4458e6b3d192baa2131b995abe59dca872f59a22339c83ab6246bc09,2025-06-12T03:15:25.863000 @@ -298013,15 +298014,15 @@ CVE-2025-4983,0,0,8b53f9fcac717498609c6596ba194e3872474340efe5891a55ff7cfbe70e31 CVE-2025-4984,0,0,8011ca13e469a81f6afb4511e42cccafc7f5c3edf7ae8617debc1cb5fd406589,2025-05-30T16:31:03.107000 CVE-2025-49842,0,0,25f68be05f1cee4c74ac248773f32070b2173a4b15896e09f4b989979b7acc44,2025-06-17T20:50:23.507000 CVE-2025-49843,0,0,3ce87e24261a9fdff34add493306129aedca185abd872f64a461b73d97b21a66,2025-06-18T13:46:52.973000 -CVE-2025-49845,0,0,f6724224f59f64215f43253ed55677e223b8082b09a909a1475714785dbf754f,2025-06-25T16:15:26.533000 +CVE-2025-49845,0,1,9566711797ff1e00f934b12660008aa6d34cdd5449ce4b1c35e5f0dbc8b99f9d,2025-06-26T18:57:43.670000 CVE-2025-49847,0,0,7d21c5c1860aa76487ad1bc7479f34d7fb9518eceaeea5666e76274273725a59,2025-06-17T20:50:23.507000 CVE-2025-49848,0,0,b95bb6de409da27e91c496fa7bcb82f15f67ace27f6d4466f1b54c31461703df,2025-06-17T20:50:23.507000 CVE-2025-49849,0,0,8297db97c7fc15aa30d3cd9f82603f74eb8025767596630d8a5943b91e5623f1,2025-06-17T20:50:23.507000 CVE-2025-4985,0,0,88151f8f37213547b95261cc34f75717fde2a8ef982c36b2d93a8904176e3178,2025-05-30T16:31:03.107000 CVE-2025-49850,0,0,12adad2ef0b8f2b8f84392dc49cc67ba3aaa7a82a61194bcc9f25e9e29ca770a,2025-06-17T20:50:23.507000 -CVE-2025-49851,0,0,cd1671e74734e9433d8d1c1a7dfdb2c05032c5b1c344b8327bef7bad6553931c,2025-06-24T20:15:25.560000 -CVE-2025-49852,0,0,d57906ef4976a1da27ed3d5ffc91464b0d583b4999c2b0d0db9e8587c3d7fee1,2025-06-24T20:15:25.727000 -CVE-2025-49853,0,0,f727bc26c0686bd0314d683130359aa6f9f19c5d43e7fa532349231debbe12d4,2025-06-24T20:15:25.873000 +CVE-2025-49851,0,1,46e12ff221505fea2aa5871e9a3935a19a21a0ef3ea224e3a7aa9a91439ad464,2025-06-26T18:58:14.280000 +CVE-2025-49852,0,1,4162a4ecfe87920b9bd9ae7dbed041ffe4a93a6a845e1d2c1b69dcb5edf314ae,2025-06-26T18:58:14.280000 +CVE-2025-49853,0,1,9bc8f0b1ea3738b8a497018d42a132e10ffab999b857082b3a66269394617c4e,2025-06-26T18:58:14.280000 CVE-2025-49854,0,0,f5d12af17846f0fca9e71d9d31730f998dce4ab78a93a5d3453eac74f8fffd56,2025-06-17T20:50:23.507000 CVE-2025-49855,0,0,12a30fead2c10e8a1f16941c2d9bd96761a3083b3c6087644c0beee9652251c1,2025-06-17T20:50:23.507000 CVE-2025-49856,0,0,65b96385792b64182569a68dca6312790744d597250b91f428a4357b1b5a6881,2025-06-17T20:50:23.507000 @@ -298148,11 +298149,11 @@ CVE-2025-50146,0,0,a29eb81652fbdbff4eb9784ecc310851d8a5f254fdaa43a44307e4565d66b CVE-2025-50147,0,0,06f423da68cad4a160f97a2e15cdb4717d8e0749fbf30e02ba8f93817ebea777,2025-06-14T03:15:22.033000 CVE-2025-50148,0,0,a579a7a614133c548ddf669439de5c9a80232a494034f718b4bdf4decd1a049f,2025-06-14T03:15:22.097000 CVE-2025-50149,0,0,e01be1ba294ecdeaf476ba9bb17e64b1284ce9362fb5da1703e5c224f2a8901e,2025-06-14T03:15:22.157000 -CVE-2025-5015,0,0,80eced45c29e4192bd6fddea197a34fe71b744a1a97d6f6c9b516281e557684d,2025-06-25T17:15:39.970000 +CVE-2025-5015,0,1,692fbf6e8886e21b609c887c192ea6987b590856406849cac9454221ff1a3a50,2025-06-26T18:57:43.670000 CVE-2025-50150,0,0,79eb21a64f645c369296b1d0b905e35268f567b5a96dfbfc58ef963e4e69507b,2025-06-14T03:15:22.220000 CVE-2025-5016,0,0,d907c2ff3d5c65fe44aee01e8b0e3594629d2dcb543e14c1a3c5bbcba44c8083,2025-06-02T17:32:17.397000 -CVE-2025-50178,0,0,c9f5439aa4895214439fcda293716b2de6eed159d807680fecc8ff6a13fdd238,2025-06-25T16:15:26.693000 -CVE-2025-50179,0,0,c37ed09aff9bcca1733ad563e45f75915e017d9f8430b020a2cfcb9ec5cae40a,2025-06-25T16:15:26.843000 +CVE-2025-50178,0,1,efc9feaa706fc8f05b7ff1f2f2f44555ca7af407b3073278b82568b26c66e859,2025-06-26T18:57:43.670000 +CVE-2025-50179,0,1,04a9131f6a11475d3f9ae35f9941207ca3227ae2db4258e7d0eab82e0d629c14,2025-06-26T18:57:43.670000 CVE-2025-5018,0,0,e6074d13c744f0bbc4fedce0adf645747389e40f5acdd13f0492e74df313cc90,2025-06-06T14:07:28.330000 CVE-2025-50181,0,0,4bdf1b0e87651e9af62532f1dffa4a7c36e3e1617fb3111bf59ec0dfb2494567,2025-06-23T20:16:59.783000 CVE-2025-50182,0,0,4dd8afd99e0ce6ea440c7ee9404999630bb6f82b61b026f37ab73c00c8dcbaaf,2025-06-23T20:16:59.783000 @@ -298162,7 +298163,7 @@ CVE-2025-5020,0,0,a009d51287904279a69fbc7b7d45e7044fc45e21284eb97bd084f038009245 CVE-2025-50200,0,0,b04b8a83061873d5a6a0dfbc2d26e36b23b8e421c71e6c73bb812e0e2b22ba3b,2025-06-23T20:16:59.783000 CVE-2025-50201,0,0,e397412bd6740556a32b6ef41171e688861c9a78331735a48e0e16a19730511a,2025-06-23T20:16:59.783000 CVE-2025-50202,0,0,c82284387579a4d5287081c79bce5f56bb74234016b730f3d53b62b5739eec46,2025-06-18T13:46:52.973000 -CVE-2025-50213,0,0,20bb0c394425212b43c09eb07cfa4df290f56fca6a1a1af3d022687454f82e45,2025-06-24T18:15:25.427000 +CVE-2025-50213,0,1,c5323703bbf7326a6340b0eb3f5fb04391afe081eef6d3bbddd434f9589ebc04,2025-06-26T18:58:14.280000 CVE-2025-5024,0,0,ccdd8a7db520a87487d39e567caff85e7e094c68165b88263d5456db37c53d13,2025-05-23T15:55:02.040000 CVE-2025-5025,0,0,d8851777e61365e1aa05e5e547ad31f1c257710ee925f9d10fb7d3665c7bb24a,2025-05-30T17:15:30.200000 CVE-2025-5026,0,0,d9b074ad09f171f2cc858535f05c167fb3f2b46a82934574183f725586b2f8f2,2025-06-07T23:15:21.897000 @@ -298174,7 +298175,7 @@ CVE-2025-5033,0,0,06c9afb9196a99dd4f0b3020a989f4b3254b2b9e05cd3f3304d140aa64b94a CVE-2025-5034,0,0,32c24ba6ccd75156344e37a326a475bfa55837c0e754ff953557111ff3de4bc2,2025-06-23T20:16:21.633000 CVE-2025-50348,0,0,5081ba7593ae8342ef6e03ff05001a5e9251f0737e546d04330fd65ae4fb2e2a,2025-06-25T13:08:13.867000 CVE-2025-50349,0,0,15e0e70949273fa56afdfb5bd13043f639cdede12bd48e56cc46a914f6d4ad3a,2025-06-25T13:01:11.240000 -CVE-2025-50350,1,1,5cd3d30f7068da80d0dc38eff27e468cefa8ec3f83bc60e37e01ddd3f4cbf5de,2025-06-26T16:15:30.980000 +CVE-2025-50350,0,1,ccfe1d064c3bcaf2010a62598cc4058bbf4e2c72518e4963462e401d7de4c922,2025-06-26T19:15:20.960000 CVE-2025-5036,0,0,c38e53ab36341883513f1bc0436ec7cb62abd108008baba46460fded702f863e,2025-06-02T18:15:24.783000 CVE-2025-5049,0,0,44cfcf3aff795ef24e83417940f428248f6dbe73d228a2445e4d18a251d64c21,2025-06-23T14:51:34.223000 CVE-2025-5050,0,0,18c722bc6b5f548b69eef0fffd3878fac15ddedca7de625378de12e31e056210,2025-06-23T14:51:31.630000 @@ -298194,9 +298195,9 @@ CVE-2025-5065,0,0,8fc53b66fe42da4959811ef54b22b91af2bd35c9f4f954731cade0848a818f CVE-2025-5066,0,0,c2e1df9fe6cae5990ac135a3976d91b02429d110b23d2797a3b2dababf03dd2d,2025-05-29T15:50:51.310000 CVE-2025-5067,0,0,cf2723dbc4b2f797991ebafc1c2cb069497cee2d74a6a84ebec9dcde1e0dd29e,2025-05-29T15:50:43.240000 CVE-2025-5068,0,0,743f6f8e9f7972849bbf135b58a69c40f5a6f921a1bb6da952423dea4534ee5a,2025-06-05T14:11:10.430000 -CVE-2025-50693,0,0,77d7a264f395ecd37be4362dfcef333ec41f63a55d0d036dd8ad801ed5481b00,2025-06-24T18:15:26.080000 -CVE-2025-50695,0,0,24255541539d4722d757b5efbae2f94dae559ed0d9e03dfa6a18bfccedc3bbac,2025-06-24T18:15:26.250000 -CVE-2025-50699,0,0,d03883afb531a0407dd93c6ae3cd8abd1203ef4972537744ebffd7bbc8a9a808,2025-06-24T18:15:26.433000 +CVE-2025-50693,0,1,ecd19eeb7351acfccc718aee62544f4a3cbab41f68c45dffef78ba7ef5139024,2025-06-26T18:58:14.280000 +CVE-2025-50695,0,1,19e05662dbd27d6ad4db26ecf29413c4911e0a9aa3e9743195b896b4b004e819,2025-06-26T18:58:14.280000 +CVE-2025-50699,0,1,4c0bde2fe08640f9876a0abd6c636cb9368d5a8798725bda59edf0ef6036f8a0,2025-06-26T18:58:14.280000 CVE-2025-5071,0,0,884ba5d773bfa631189c2fa39c9690b3ec846f53f569c43eb315d4166f9f7924,2025-06-23T20:16:59.783000 CVE-2025-5073,0,0,a1230535d583b5f466b5fe2615cca31afcba55333f600b324f190ec047a41d18,2025-06-05T20:13:49.707000 CVE-2025-5074,0,0,b32e6a163eb96eec8f69e51ca7a85c7da766b8b9d224e7b4f2f300a52a5b9bc3,2025-06-05T20:14:07.020000 @@ -298209,7 +298210,7 @@ CVE-2025-5080,0,0,5ca4d3a0576d52c7ccf6fb54daeff4d47265f015764c5af1447369359c7bc1 CVE-2025-5081,0,0,56e144a5135781dc7a75ef9199aeb5fe24273a7eabc4acb8988f02e0c511fd61,2025-05-28T01:49:27.430000 CVE-2025-5082,0,0,654b6f5ca85bdee04f191b4415361841f39b64a4d62ac7e373566ed9502c800a,2025-05-28T15:01:30.720000 CVE-2025-5086,0,0,a6cd7e037b880807c2087a0cc62e18cec32dfcc1b05281e63e13ff759a08d643,2025-06-04T14:54:53.980000 -CVE-2025-5087,0,0,07ad39aeba45900f8d7e9d1a34e5ab24787db24ec1c69e0683b71d0b11ef6f8f,2025-06-24T19:15:23.757000 +CVE-2025-5087,0,1,97a04c259a7da6b0eb13bd0d940d2df5ae422311799538d80f20cb07d97cb949,2025-06-26T18:58:14.280000 CVE-2025-5096,0,0,42fe716f1efce968dc8e29663c380993b2461be601464bb005e7e57e1c939443,2025-05-23T15:54:42.643000 CVE-2025-5097,0,0,56796bb8120929c8a6a0858cf0e395b320ecbafdfb6f27c42e47f8367c9df40c,2025-06-07T23:15:22 CVE-2025-5098,0,0,e792975c992e79d3f869380d6027059665b6a277fad36b72dc800d8cb0d75190,2025-05-23T16:15:27.730000 @@ -298277,8 +298278,8 @@ CVE-2025-5164,0,0,228da27fe94094da78c818ea5e2c1e5953ef9870e1a7763a1facd97f4dd57f CVE-2025-5165,0,0,b944072ac0091ca469e0b415fb7abdf162d341970b7082fcfaff9d04957c85a4,2025-06-03T15:40:01.863000 CVE-2025-5166,0,0,c51ae421fabf1219a3900c58419bdaa5117f65f9603b27137cff53c0e0d61b00,2025-06-03T15:40:15.497000 CVE-2025-5167,0,0,d0507ecf0b5b21e24f107649f2515c6afbb660790e07751f18cd594dd93f34bc,2025-06-03T15:40:34.607000 -CVE-2025-51671,1,1,3e71586572ea65b47e25c56ef10a036b0c05a5900a3ee3e329b1f54be8d8c9c1,2025-06-26T16:15:31.147000 -CVE-2025-51672,0,1,1bc0234a905d224e3d492d4ebb2a0117a74c9cce1645deaf0a5468c16d68de52,2025-06-26T16:15:31.347000 +CVE-2025-51671,0,1,80756d31c7d2ac5112f342790466b1754070d664965d547ab17d6189a2ec68c8,2025-06-26T18:57:43.670000 +CVE-2025-51672,0,1,1eaace4f2f18fca45aeac16a0a2d3e001c6e5d88aefb7a8b3217fb80d9de56a1,2025-06-26T18:57:43.670000 CVE-2025-5168,0,0,74f02a822faaa8b5a46a78e41282b22e771403dfc5a44608e54bea89178ff6fe,2025-06-03T15:40:48.337000 CVE-2025-5169,0,0,478bfc131e88e29d02dd1ccd61a9e6c142c0208ac4743abe27cdac119eac9f7b,2025-06-03T15:41:01.973000 CVE-2025-5170,0,0,2d3c44ad97f24506915e1ae8aa2894c6137b30f378f725193e8dabaa89f599c6,2025-06-03T15:41:52.177000 @@ -298312,7 +298313,7 @@ CVE-2025-5205,0,0,4e2cf941cdcf5c4895f1e6095123f642f58566d13011fecdf14fc65595d0e6 CVE-2025-5206,0,0,feed10da244a1180a12944193b9a34afaab380339e02b711b6b86c10a65dd729,2025-06-05T14:14:49.180000 CVE-2025-5207,0,0,e402cb7000c0d3ec5faf704526317d521bb7be7fab48c7474536b7fb38ce6981,2025-06-05T14:14:30.010000 CVE-2025-5208,0,0,9e9535cfb50c25096d995fee715ad33ab744750f67296c60cac7b3a386d28ef1,2025-06-05T14:14:06.397000 -CVE-2025-5209,0,1,1de988bb6fc9688228254af9049355449ffefba36f51df5a462735aed22ede34,2025-06-26T16:01:40.640000 +CVE-2025-5209,0,0,1de988bb6fc9688228254af9049355449ffefba36f51df5a462735aed22ede34,2025-06-26T16:01:40.640000 CVE-2025-5210,0,0,7f798974cbc440c4e4dd8009e513c3eb9007b33b9ead67a41eab0bd81192fbbf,2025-06-05T14:13:54.527000 CVE-2025-5211,0,0,8f4ed9a6be734738ba7e8af34dfd90276884a544fade7898e9f11540d4e9c7c6,2025-06-05T14:13:12.777000 CVE-2025-5212,0,0,09bde77c0a73fbc6c1f35bedb61d3c4c409f9d9416e30903b1d4777f1733a256,2025-06-05T14:12:55.247000 @@ -298359,13 +298360,13 @@ CVE-2025-5246,0,0,58006bd67e3ca573529b2f3e87b16b1c40180151481747e10351ab9236833e CVE-2025-52464,0,0,78f6019e85d48ab55c32d91e272573030421c73ef856e07219b800e33247830e,2025-06-23T20:16:59.783000 CVE-2025-52467,0,0,16105c9074c96ad94abfdf299814ac8afdc45b40f5844eda614417a0d3d4ca0b,2025-06-23T20:16:59.783000 CVE-2025-5247,0,0,54e3a381cfd9dfdb05827b9f71ff8bbd85014209bf716148a0d5df41e284d42b,2025-05-28T15:01:30.720000 -CVE-2025-52471,0,0,0c62d382ed0af363c08f042f130801cb12a4f00ca1898ecf3fe6d67ae2476ac6,2025-06-24T20:15:26.033000 +CVE-2025-52471,0,1,c9e136f4feaaf26b374408b413355b4aba8d0c951d69f7f105837900c0eff9b5,2025-06-26T18:58:14.280000 CVE-2025-52474,0,0,85659b730b44219986935e49453dd6cf44bae5c711fd564545190739032f0da6,2025-06-23T20:16:59.783000 -CVE-2025-52477,1,1,e07378f4d27997f6acd49a22f94ad2426dee743f2043ef8c0d7e90c5eb6640db,2025-06-26T17:15:30.897000 -CVE-2025-52479,0,0,c2fb883dab9af3bda17257faea1540c97a64f864f363f43f9aac347719c31a58,2025-06-25T16:15:27.017000 +CVE-2025-52477,0,1,9172fb963b1fb33db85894d2df296bb207c2529e6abbeb5685ce2a26668d8866,2025-06-26T18:57:43.670000 +CVE-2025-52479,0,1,a4a99985cb90a71f3c259c212a5293a578ef1b8d7dc0ef6923333261d1a729bc,2025-06-26T18:57:43.670000 CVE-2025-5248,0,0,cb74e13c3a661382a173d2171f53e905ac7962a17d411318369a81c1a4c9d649,2025-06-10T15:12:22.573000 -CVE-2025-52480,0,0,9058ad9c4f4d9cf4adc8bc18d88405dbdd03cfd1af621ce6c0bb86ccfe2ced26,2025-06-25T17:15:38.590000 -CVE-2025-52483,0,0,80af078f5b6a5390f5f8f1f84dc60a205799f090fc6088f33fda46e21788b176,2025-06-25T17:15:38.740000 +CVE-2025-52480,0,1,af4004494e1019ba969194589467b7911615d7e045320761b141dbacc6de5426,2025-06-26T18:57:43.670000 +CVE-2025-52483,0,1,322dc920dd801cdaed748fe4a7ab2e3bbc8166b52a0b27a654f930914482c867,2025-06-26T18:57:43.670000 CVE-2025-52484,0,0,ec9ef999d2f72c8ffe8c4f7a55a34b60e694dfe44a26c58275639cad0c1b5155,2025-06-23T20:16:21.633000 CVE-2025-52485,0,0,34b5109dabaf6ee325fa57f392ef3cb86ca76746a55539af15d1209f1b4df50b,2025-06-23T20:16:21.633000 CVE-2025-52486,0,0,141d3cdd89e3d8b09e19fb7d7dfc50e25ac40afc5c2dd413dd0730327594fdb3,2025-06-23T20:16:21.633000 @@ -298380,22 +298381,22 @@ CVE-2025-5255,0,0,b023caeeba2421cb86c7482514e264205e254122220d82c6bc67ef741a68d9 CVE-2025-52552,0,0,355ff6e466a39f4325662bbaa49db2816c79c0533f84f99cc3e34c03831df356,2025-06-23T20:16:21.633000 CVE-2025-52556,0,0,01d14cdcd651409b8ec6f2a117321e576266f60affdb5d61d3b6cf66da0be9ba,2025-06-23T20:16:21.633000 CVE-2025-52557,0,0,d6ac46828bdd4bd5689e0ed9e6db622a0cd2c5e50b4932c5603e932a5d57d26a,2025-06-23T20:16:21.633000 -CVE-2025-52558,0,0,312418a98262707982a793371eca0fa75acc6958423c04e8a653116a74214a69,2025-06-23T21:15:26.423000 +CVE-2025-52558,0,1,feddd9b17bf18205609fd5d4ab75e553c171fbe3defa5726e634521dfcb6dbbe,2025-06-26T18:58:14.280000 CVE-2025-5256,0,0,8e276989283383806f3abf5c20dbe67142f0dc8ca07046605c539922633ebc4a,2025-05-29T14:29:50.247000 -CVE-2025-52560,0,0,2816b0e31556b261f5ae164a073a7017e2fb8c2e87a00569de8e81436c2d8df6,2025-06-24T03:15:34.653000 -CVE-2025-52561,0,0,de14de6e04dddaa9a1477840b59ee04f631f59ec755018a4483ce3081c807b0a,2025-06-23T21:15:26.570000 -CVE-2025-52562,0,0,71dd25f3bc7ea4bcad36c0d751ccde968119f77e0cfe3d00439d8fcb91d44c5a,2025-06-23T21:15:26.710000 -CVE-2025-52566,0,0,5efb8ea62bd38ad614e3c01ce5a8ad7c0d7fc97c6a0fc9a74aa3191d55ca9d8b,2025-06-24T22:15:22.490000 -CVE-2025-52568,0,0,c5c4449512757bdbf87c08ff7aa03ea210585f8118654ad489df4eddb6c078e6,2025-06-24T04:15:49.693000 -CVE-2025-52569,0,0,deab68b0b8976f30252b10598a00e0bbf9baa4bebb8d7c05eef54f36d198c69d,2025-06-25T17:15:38.883000 +CVE-2025-52560,0,1,e5a785d0108feab8a82fba59c5f9cae135ba29f0ebde34364e03ae7ca5151c5a,2025-06-26T18:58:14.280000 +CVE-2025-52561,0,1,aabef282808932d733941a0236add55fa34255b30e526cf4822de55340d2d48f,2025-06-26T18:58:14.280000 +CVE-2025-52562,0,1,ac11ad34ccc08e33ace733a45dd95c46d00c385a37406569439512aba06ad0e8,2025-06-26T18:58:14.280000 +CVE-2025-52566,0,1,de7dce4263eb149f99ae344882113d7d11756087233bfd9b6cd5e5983df10894,2025-06-26T18:58:14.280000 +CVE-2025-52568,0,1,95176d1869763c135c06e27d3754b1a2f659c478ac87db187923894a3bc58361,2025-06-26T18:58:14.280000 +CVE-2025-52569,0,1,c07b50a949cdba2f696dd4cb678ef742ed29bd2f902d68551a4cfd3ac45a338f,2025-06-26T18:57:43.670000 CVE-2025-5257,0,0,75d358e3d2bbe3761b44e1bc4ce97e0b1726e1521e4fab98ee61ac2e91cdcfa1,2025-05-29T14:29:50.247000 -CVE-2025-52570,0,0,b69e7827dc71b47cbfc70d06c560ede1e01f1eed518d271e063fa0ddf9df6ff5,2025-06-24T04:15:50.360000 -CVE-2025-52571,0,0,93605af77865e4b4bbd8aa8df37b6227ed19cbe7c36e4563dfbf22f7ad6141df,2025-06-24T20:15:26.213000 -CVE-2025-52572,0,0,c9098d5ca2a634c2c4a58c403cfc6222ba614b823936e2401333651171589a19,2025-06-24T21:15:25.463000 -CVE-2025-52573,0,0,45796b9039d24b9a3eda334ce45b25e7e4892eb3f5a75cc205d2727ac54b744b,2025-06-26T14:15:30.577000 -CVE-2025-52574,0,0,b834c56f84ab539ad46a50792bcb4b20f0358336a46771bcdc0160c6c5c64451,2025-06-24T03:15:34.797000 -CVE-2025-52576,0,0,54ca2c256007cfab31d182d53578f909d2f84aab8167fde4bfa01ad557b852cc,2025-06-25T18:15:22.537000 -CVE-2025-5258,0,0,fb6007864f0f198afc07f9e5f2cd9992c3bc7deee34ac7dac8830ce62da80bc3,2025-06-24T08:15:24.397000 +CVE-2025-52570,0,1,5f77cd026ce1d949c78b37f414e9384213ef74304d3c5775fc1afa72f52ef0a7,2025-06-26T18:58:14.280000 +CVE-2025-52571,0,1,1f0c454df829e6f6435f272fdeb6f88291e39f2976b10cfc88996d263664e0d6,2025-06-26T18:58:14.280000 +CVE-2025-52572,0,1,ededdf716ad21b95fa1b0a76567ae25f781b900c759a6ecf5b267016f1e30ffe,2025-06-26T18:58:14.280000 +CVE-2025-52573,0,1,33cc562b2761061a25fcdf558fc3f24b1ea4a22785d348b60cf7222cab664574,2025-06-26T18:57:43.670000 +CVE-2025-52574,0,1,300ad49fda96b1146f72dc5e6b507b470eb066cc1482415523bd1c42dd4c145b,2025-06-26T18:58:14.280000 +CVE-2025-52576,0,1,9c9ac88fbbb89604ba09e59c25075690e4073dde6ddbecf549180177c762e003,2025-06-26T18:57:43.670000 +CVE-2025-5258,0,1,961e787ea8495793f20a4b5d2cd4db3da59a6342303b0688377f226aa5eb7686,2025-06-26T18:58:14.280000 CVE-2025-5259,0,0,762eb0e82b940f038c9de9747260da22e83abc89d044ade4d08f1060ed5d681a,2025-05-30T16:31:03.107000 CVE-2025-5262,0,0,8d158d6fd94524fd413794cf0b5bc75dd7b83edc10bc60eca4a90ef0afe5fb85,2025-05-27T18:15:31.980000 CVE-2025-5263,0,0,aa86671b7ea99b1d0dfc0c6352f8f2192817a359ea9bf4567f068ac38cd6af34,2025-06-11T12:15:27.183000 @@ -298417,7 +298418,7 @@ CVE-2025-52719,0,0,5255f49aee70f7be6419c1cdeb90569664f1a4ea7bb1bbf43ecce1b8104cc CVE-2025-5272,0,0,b1d0c7e19ac36597fb989e72bcee09751441797b45636fb052ca12e726df56d9,2025-06-11T12:15:28.840000 CVE-2025-5273,0,0,7a172885547dbfa68292354132d6eab77847bfdd0e0f37bfe0a33c637c28685a,2025-05-29T14:29:50.247000 CVE-2025-52733,0,0,7b459b7ccea847e17c1de3d7bfd534831df085ed8c830c3122c8262c5439f0d8,2025-06-23T20:16:40.143000 -CVE-2025-5275,0,0,04321eb09ec4e72dff93de1f0cf16bdbb1c823d01c136d823f8510035ed011ab,2025-06-26T03:15:23.860000 +CVE-2025-5275,0,1,733cc86e33c8fe8731b5db89b9256a8988a34b8294fb1ade1c57eb38b5716d43,2025-06-26T18:57:43.670000 CVE-2025-5276,0,0,39d67915dab7ad2300f3ccd3a288fcee1075e32b914c45ad140eb6b7725be52b,2025-05-29T14:29:50.247000 CVE-2025-5277,0,0,ba5aa3a145e9e2e34ac18c63e7fe60e94ac49ba4d7121cc0bc36eebe3309abbf,2025-05-28T15:01:30.720000 CVE-2025-52772,0,0,deb02b2d983c296f8b89a2559d4d4f189f1c6c676131c9feadcc246a08a5cc14,2025-06-23T20:16:40.143000 @@ -298452,20 +298453,22 @@ CVE-2025-52877,0,0,2ac53278d65eb7e21c25b07c01cbc1d7b2de22e8edc09c69cfec8cd39a1e3 CVE-2025-52878,0,0,fbfff86b93cfc3e760e930078ef07b0c286c0d1ac11c1a2c0806a69f8f7a68fe,2025-06-25T19:28:34.493000 CVE-2025-52879,0,0,fc5c35c3abe12a17a6329028b37aa300e4688c00b5339defe42f41204f2a72ae,2025-06-25T19:28:19.253000 CVE-2025-5288,0,0,5b20c7a865ed486d932e1f5165bbcfd30ae2f04bc0acfb20d9396799c2c655a3,2025-06-16T12:32:18.840000 -CVE-2025-52880,0,0,9cb07f316e3d88e0df580ddbed7ea9b43e79f625bd4ca243674ed28fb6c24809,2025-06-24T20:15:26.373000 -CVE-2025-52882,0,0,1202797e512191e9de7b995f3a96465f7bfc2ed3174a803e0c7dd48572c30229,2025-06-24T20:15:26.543000 -CVE-2025-52883,0,0,94a59b16d2725ff940e9d9c5d66af8696ae28208bd1cc6d6422de88432398bcc,2025-06-24T21:15:26.030000 -CVE-2025-52884,0,0,111efc59963d9cf24b8cfd776de05a966fe0af3c7a58d02e676305ff800577c2,2025-06-24T21:15:26.207000 -CVE-2025-52887,0,0,1b1934b1ff0f584f251ffd339ac8ae7cc59d8fb82a7344dfd94d51d04ab35793,2025-06-26T15:15:23.350000 -CVE-2025-52888,0,0,3d1af33939cf7d42fdad330956d26c92022bdd0439ccab86c4344f860a5a72bc,2025-06-24T20:15:26.700000 -CVE-2025-52889,0,0,9da61724b301758b81e861d135c2b4f87c1d9193c45f2d7ba9df9323c5b8a14a,2025-06-25T18:15:22.653000 +CVE-2025-52880,0,1,0be44818003de13826b212d0be5d489cc51121f55ca2d5dffb6d088dfa906163,2025-06-26T18:58:14.280000 +CVE-2025-52882,0,1,ba3a02a1e236091d26457cda44772ba68f98809b7aa4e247c629ca311caa4823,2025-06-26T18:58:14.280000 +CVE-2025-52883,0,1,520d20019919c644dba0fbc652459974de57808a59c7d496542bdc961767f429,2025-06-26T18:58:14.280000 +CVE-2025-52884,0,1,3d2697fc8349422122629193b6003c286d547995118a8d30350ba36fba6f17a1,2025-06-26T18:58:14.280000 +CVE-2025-52887,0,1,d42d60f09a16c0f5ceda8aa814e1efac5d0857af7365828862981b82eae318c7,2025-06-26T18:57:43.670000 +CVE-2025-52888,0,1,4ffde2ec55ba5defecde00bf8d47cf0f26a667923c6160612e241ccd981084f1,2025-06-26T18:58:14.280000 +CVE-2025-52889,0,1,5b4be2e1c8f8c3c00784c936e266ae63483a8928f6b92d1ed6e2987377c6a659,2025-06-26T18:57:43.670000 CVE-2025-5289,0,0,7c7a7fd94b9e27905a1cadcd118b0b2af6a175d504b657fe651e510f41cabc00,2025-06-23T20:16:21.633000 -CVE-2025-52890,0,0,21f05b9dc7685c75ed3a78bf53cc0622eed7e0158a3757e7d2757bba0471ef1b,2025-06-25T18:15:22.753000 -CVE-2025-52893,0,0,fde8c69e5dfb177b45c8843696effb13dc55e52e52a7f13d69ef2cf3a5264867,2025-06-25T17:15:39.523000 -CVE-2025-52894,0,0,86c1ea7749bd2ac6272c7b237f4f0745b29d5d1222611ddfdb5e5bdeb4764540,2025-06-25T17:15:39.677000 +CVE-2025-52890,0,1,2b79a750afc8ef6b48596dcf4f14c9b9204a9f39da31c3089f912837bcfd2a46,2025-06-26T18:57:43.670000 +CVE-2025-52893,0,1,fb290a699a0f7d13541e9b4fd9fa9a8968c62bbcfe99e98f9955877246abf6cc,2025-06-26T18:57:43.670000 +CVE-2025-52894,0,1,74a1c27cdfe3b4918c4901febbea0eb20e2fd7cd4e76ab656b0dd58ab073e67f,2025-06-26T18:57:43.670000 CVE-2025-5290,0,0,ad45f62f849dd27deb380b44d26b94809d4f0499166fbd95cf7b52d6d8099374,2025-06-02T17:32:17.397000 -CVE-2025-52900,0,0,c5c483edb4b5cd5d587284cd43f3e048c5fac4dcd7c164812dc6bcc063dba44c,2025-06-26T15:15:23.520000 -CVE-2025-52902,0,0,ba0957095b9b497f96459df71ff00fe93cee82677e7b9be6aedce9789f09da30,2025-06-26T15:15:23.687000 +CVE-2025-52900,0,1,af44f4dfef316e8ff7cd339f0dd8b1907013e95e6c4b530df54072f87fc13707,2025-06-26T18:57:43.670000 +CVE-2025-52902,0,1,b8d594698346e33c9857483268477e14dc09fa28d15e66d418ce57128530f231,2025-06-26T18:57:43.670000 +CVE-2025-52903,1,1,4f005f11e6905db4205427c2a9ab882d9192e15d78f431ad26b61bb8204cdddd,2025-06-26T19:15:21.587000 +CVE-2025-52904,1,1,e258a19fa02f1003a011199f9fa0e53c0cc9521625153b05c04a90fde605c056,2025-06-26T19:15:21.743000 CVE-2025-5291,0,0,30fc605f4380fb7e9cd3dc4c3c29792847dcfc90b0ea5fa3ca9a29d145a853dc,2025-06-17T20:50:23.507000 CVE-2025-52916,0,0,aaaed48e0f18bf7221f6e78c081756a27d5cc78db64cc6bd43ff354b6dcf72ac,2025-06-23T20:16:21.633000 CVE-2025-52917,0,0,2c681ba1c2eaadda0232ca155b7a07de3998b80dd04ae3c39bb2c896cba07a42,2025-06-23T20:16:21.633000 @@ -298499,17 +298502,19 @@ CVE-2025-52978,0,0,536489d1a428144098c443cda432c2d1561802f8cd5aef013e6017d271275 CVE-2025-52979,0,0,52505f03c11370107b014986dc0342ab4c8462260c5f831736e7ef7e18fd3712,2025-06-24T03:15:35.453000 CVE-2025-5298,0,0,db5fe80cdf57c0cc24fb51e7a48139d5b1b81a3a48561037cf1b32b8be34d74f,2025-05-28T20:37:48.440000 CVE-2025-5299,0,0,1f89fdfea84380ce22c226fdfd1b89a6ae1b920a9c80e662b58b6ab3dafee162,2025-06-10T15:46:55.753000 -CVE-2025-52999,0,0,8a6973aa5c242bcc72c2aa1d3ea8125d3c697581af3172eff6b5e1b688b524fb,2025-06-25T17:15:39.820000 -CVE-2025-53002,0,0,3d69344d128cf8e6eba45391a732f0f15c3f4b3fd0c2794df181a207042522e3,2025-06-26T15:15:23.873000 -CVE-2025-53007,0,0,2141606fce0283ce971232c003b310c482d4ee9ab26eb96012fd96c997a705a2,2025-06-26T15:15:24.043000 +CVE-2025-52999,0,1,8e3ffe270e9e0f4f311570c01291b88502def8da5bc3d26946c9776265012b0e,2025-06-26T18:57:43.670000 +CVE-2025-53002,0,1,88ca888237f37e4e624e68585cc923f4d5409fd291622a596533223ce1e1a8f6,2025-06-26T18:57:43.670000 +CVE-2025-53007,0,1,a4076fc87f8a0924938a60c1b4d21b89458fde7ab2bc0e9913efaa46d339ee87,2025-06-26T18:57:43.670000 CVE-2025-5301,0,0,172c3938c2a9928b9f8edd9f7241e7981b7b3a36108e0e0149558a51f65a1594,2025-06-18T05:15:50.287000 -CVE-2025-53021,0,0,f00c7a7e87b168adf26db9622068d05e126e48777cea689658514ba01dbc3fdf,2025-06-24T20:15:26.867000 +CVE-2025-53013,1,1,ee406bf23bf1a0f5f249e7eb22f810b8cfccae8c849cf03bf7e4a61df66a8caa,2025-06-26T18:57:43.670000 +CVE-2025-53021,0,1,925b6e742df67e2887bb94091affc674575865f87c7ccef0bf1c60e479640a66,2025-06-26T18:58:14.280000 CVE-2025-5303,0,0,546057fa156dd0bfd15529f37c8ab9dae75346583c1c67316386c3461de42474,2025-06-09T12:15:47.880000 CVE-2025-5307,0,0,7244ff154b85c92ca09019f8de869bb0541c220b74776be3851e4cfba38a0ca8,2025-05-30T16:31:03.107000 -CVE-2025-53073,0,0,40631a69d715def90dbb075cc363bdeeda8113b89f76a1f7b4efe8f3f1b90b63,2025-06-24T18:15:26.813000 +CVE-2025-53073,0,1,dc72ce506142801c8b0cea2579e988f3f6c38bb40bb41e7362bf91b362c4103c,2025-06-26T18:58:14.280000 CVE-2025-5309,0,0,4f40b16e57161a0b02ce9c3f4d7e0ba4cf08b0282b7954a09175078f67da41cb,2025-06-17T20:50:23.507000 -CVE-2025-5315,0,0,abc40ab2fc784671d9e9ffff375073757a5772344cedb07c9ccb59cc6292051c,2025-06-26T06:15:23.873000 -CVE-2025-5318,0,0,43978098e56851e5b415c4c8f175357a6aaaecebbdcfcfe803fcf95f094aa057,2025-06-24T14:15:30.523000 +CVE-2025-53121,1,1,4bb01fa6d772c96dfd1beb829866b6802c23c192c6c506d93270fd71dea8c9b4,2025-06-26T19:15:21.960000 +CVE-2025-5315,0,1,32a057a1d304031b7446b391c0140edb118b5446f79010fd8a4bb894c0637dd1,2025-06-26T18:57:43.670000 +CVE-2025-5318,0,1,d95c49f8bb6d9b056310845ea915af91d8a36448ea3684ee98fec4064c982b12,2025-06-26T18:58:14.280000 CVE-2025-5320,0,0,772070621ad15a70df6397a0142dc45fe5fca6b991b5410b5c6912332a34a15a,2025-06-01T05:15:19.883000 CVE-2025-5321,0,0,31d96e00ea1024b8084a7837ef9bf0b4fd55d789d529b1f4fae375684c451003,2025-06-01T05:15:20.947000 CVE-2025-5323,0,0,b0785ba87cd1215b18904af4ecc0dec4461f38599fcb91263ef5f63563e48a70,2025-05-30T16:31:03.107000 @@ -298525,7 +298530,7 @@ CVE-2025-5334,0,0,3b25ffa10fa68a37bf0e18657dc7cc96e971a33e8fade936cdd13017087298 CVE-2025-5335,0,0,5abfb5e74bc6ec2f8ed9b95f56ffcbd4f93dcd183997df85e24502ad95934637,2025-06-12T16:06:39.330000 CVE-2025-5336,0,0,51ebbfc8a6c001d043ad92fbb70974a3ccedacbc8290bd5643cc8faeb9732c02,2025-06-16T12:32:18.840000 CVE-2025-5337,0,0,f5b214301a56cadaeebc0b9a86ddeaf885fbd4e9b8e681558e7ccfb718bae2b0,2025-06-16T12:32:18.840000 -CVE-2025-5338,0,0,f006efd42d70264210fbd6141455221acbec012a03c0cae0348be72a8bb33532,2025-06-26T10:15:25.307000 +CVE-2025-5338,0,1,7d03b6675327abe3166794a3aea1334fe78b5ed9861d33098569022851345f63,2025-06-26T18:57:43.670000 CVE-2025-5340,0,0,9b48da383be5dfbe2bc488480a2be183877451ec75241964210e2e3aad9a2ceb,2025-06-04T14:54:33.783000 CVE-2025-5341,0,0,2f7555dddd47395f556aef803e272926d99b2be1a7b798f5f5a29577ec1f1191,2025-06-05T20:12:23.777000 CVE-2025-5349,0,0,c3dba6df59d2293dc5933fab4b44180a83c69961191d6e1c8668a3b028af5d72,2025-06-17T20:50:23.507000 @@ -298540,7 +298545,7 @@ CVE-2025-5362,0,0,33b74730f9e7ac14985e93de797c2da60e582983293fbae692e330f50a4416 CVE-2025-5363,0,0,d48d3a878cc2187658148b214cb6829e36972108c01dfa0cb86b9cac54da6616,2025-06-03T15:34:39.567000 CVE-2025-5364,0,0,95a5e56210a5d35c1ea6e33ff22c35248d45f8b8e37cb258e052523a9909bca6,2025-06-03T15:34:20.917000 CVE-2025-5365,0,0,0d1ce8893a30ec21d7e83dd6a06faaa956ad93af9fce8162c82d46544a42f85c,2025-06-03T15:34:08.383000 -CVE-2025-5366,0,0,630cd86295f16d8fe6ffafe6535dd3927b205c4abf53bcd9e4ccf5c4369e5e41,2025-06-26T13:15:28.970000 +CVE-2025-5366,0,1,adfe1bb60550ba93f461f90a7496366d4af42f9dd1d5ca39ba5f7f62b1b4c324,2025-06-26T18:57:43.670000 CVE-2025-5367,0,0,d74e7f7b5df4373a6cb4c4912d3e92ada0700cf6b4dd42f020dd71a2e6663e2f,2025-06-03T15:33:39.070000 CVE-2025-5368,0,0,9330ec771717069f27ceda5473a12198f97847c6ad28dab99e3c2364851c8dad,2025-06-03T15:32:13.583000 CVE-2025-5369,0,0,8c4e55fbb8d45d713061ee556ffa7273cbb4542497249daf924357fd6840ed9e,2025-06-09T18:59:49.330000 @@ -298610,7 +298615,7 @@ CVE-2025-5445,0,0,48ecb9ed962bffb0d51cf3a0f453cb2062332faabc3f4707bcde0f91fbc8a1 CVE-2025-5446,0,0,35d85a6b109786f1b24f687919ca0a0a29c0ef8c307735f4c4f3239f7042c652,2025-06-02T17:32:17.397000 CVE-2025-5447,0,0,3f0e18d04d97ed4b37df377d5a284b98bec607376a89ae1ee717f001b4c6401a,2025-06-02T17:32:17.397000 CVE-2025-5455,0,0,c1321d8b95e99a1a6b4bd58591f4d8f5ad84a8f09a18d929f7bc30e94a33953f,2025-06-02T17:32:17.397000 -CVE-2025-5459,0,0,34ece7380ccced6008a4e28f93079a34426093ef84790979bc7c79e5e304f701,2025-06-26T07:15:27.440000 +CVE-2025-5459,0,1,bfef67fb6bc5a0d62d15f9ee68a0d9240ec3720f0fb55d24a02c5d3644fba822,2025-06-26T18:57:43.670000 CVE-2025-5473,0,0,71e9a0d8879b30e10102aac4dbfd9c373861b74ea445d6f4d1c1466cb063c6e4,2025-06-09T12:15:47.880000 CVE-2025-5474,0,0,ff56ae6d33a817b3b5972773cb7c3e3407b0f73c6768464aca7201e3d55867a2,2025-06-09T12:15:47.880000 CVE-2025-5475,0,0,8479f023314d7da0562f391de8df5a12a5478810548465104be80aee726d8cd6,2025-06-23T20:16:21.633000 @@ -298625,7 +298630,7 @@ CVE-2025-5484,0,0,ff712dd03f32af2310b571323993d06900491354a9de82d92a7ba8f6cd5858 CVE-2025-5485,0,0,2e860e2d57c553742a7a4058b06e9ead83d36be7b50569039a067969f103feac,2025-06-16T12:32:18.840000 CVE-2025-5486,0,0,403a5f3fdf24114225af88123fd5df41b3fe4d4616779e15f6218229399593fb,2025-06-06T14:07:28.330000 CVE-2025-5487,0,0,a2325d70b19f1faa0bb78067f87ae57fb5952acc710d0b21151f32c03c4f828a,2025-06-16T12:32:18.840000 -CVE-2025-5488,0,0,7c6f4a8e66c3e6329b60c68d1d0c25842d0e742eb9b1087e52a93734e96da8de,2025-06-26T02:15:21.333000 +CVE-2025-5488,0,1,df3f59b2aba23fd0c5ab01d8d22791614052cace9dbfa32747a456a279b5a9d6,2025-06-26T18:57:43.670000 CVE-2025-5490,0,0,ae0db7563bfaffe8e884eaa92f842e80befdab4bd604a8d298dc725c53842b04,2025-06-23T20:16:59.783000 CVE-2025-5491,0,0,bde4a3997792f29e78b23bdff62128712428eb2913e7a1e844f896d042cfe900,2025-06-16T12:32:18.840000 CVE-2025-5492,0,0,5239a7cb50dec6b348e683d7a6c48897854a921e0d403f100d8eaef90a706bbd,2025-06-04T14:54:33.783000 @@ -298661,11 +298666,11 @@ CVE-2025-5531,0,0,6d27f31038761ad0a1ccad441f88039d5d4e8afb6e2422d32c208713130619 CVE-2025-5532,0,0,d307f7aa5ca0395a7c8a1bde45bdc53cca6e2426e0b9fc80212fdc7f65c5fbe7,2025-06-04T14:54:33.783000 CVE-2025-5533,0,0,2dfcccaae175c59c944126a99e8f6d8f65e21d5c385b8c2ddbbe92c2ba47ee00,2025-06-06T14:07:28.330000 CVE-2025-5534,0,0,d8177fc111cd48f21043a561bc59a4a7b9cde04803cd4201428282cfb06e0a32,2025-06-06T14:07:28.330000 -CVE-2025-5535,0,0,c0ab4ca7ccdb995a5bf18384d4a3ad00bdefc9d2a5cbb26b31d3545b146bcbe8,2025-06-26T02:15:21.493000 +CVE-2025-5535,0,1,a7818bef1709aa482ae74724baff1a67c45fa2916d5a65f27323a13d0490ed33,2025-06-26T18:57:43.670000 CVE-2025-5536,0,0,7df71d1dab0ddadc1cf40e48870e67453a2cbb15d8332fa14fab505e504c5a57,2025-06-06T14:07:28.330000 CVE-2025-5538,0,0,762f67a9ba2152c03c8ac60e588d19c417662c15009fd5c6802487e853ce4da9,2025-06-06T14:07:28.330000 CVE-2025-5539,0,0,298ac745dff309bfc9c32d271927b52132f95cd6835d223a8ca6e238897e44d1,2025-06-04T14:54:33.783000 -CVE-2025-5540,0,0,ddd9027c60ca8bddb793755da646b45d405b5d8e47b98a87d3eb0ff6244e3a54,2025-06-26T02:15:21.650000 +CVE-2025-5540,0,1,e49bd4a72fa7910724ed7b963345a8ee9fe8cb1a4e3ad1e04c066cb4335f7fd4,2025-06-26T18:57:43.670000 CVE-2025-5541,0,0,391135ebadea81125a316a68624bd1db152869e9dddfca42493d694df648dd89,2025-06-06T14:07:28.330000 CVE-2025-5542,0,0,3ecc2ef85a02a09c9be7e6dbf30040d86ff640f6ba754495a5d8dbf30a0806ed,2025-06-06T18:47:37.757000 CVE-2025-5543,0,0,1ff545b0787bdb2f415332be5f3786ca673df4cb409c2ec190778560a2d9b13a,2025-06-06T18:47:47.150000 @@ -298683,12 +298688,12 @@ CVE-2025-5554,0,0,bb973700fe34126bf117ec751e38d204eccbaefe0d39d643366a25cffb57f4 CVE-2025-5556,0,0,1f63a7f5a7a91cd0b5f15f9dd5246b4bb97c1dcec71534f8a57046e817922924,2025-06-10T15:16:25.960000 CVE-2025-5557,0,0,fd128465c0bc90cacbb5b3b2d601b7eb1c9da01523b98b89dfee1d497f1d2b1a,2025-06-10T15:16:34.460000 CVE-2025-5558,0,0,8898e8aec84c9da1e1a971bfb5f9893e56cc9688fb9183de0f88cf551a2dfd4a,2025-06-10T15:16:47.660000 -CVE-2025-5559,0,0,1d6e55650d5543f262e71745ca74dd8ecfca13df1ef1f8a91f86b2e0bc6749b6,2025-06-26T02:15:21.807000 +CVE-2025-5559,0,1,a09940b8282ab562dfb20c127aae967a31511cbc6d3cef2427c70243db7f3fb1,2025-06-26T18:57:43.670000 CVE-2025-5560,0,0,21018256a4a41226bbfdbee889a1ff65b3ac04e2a1b78f1fe7522235e9af56b5,2025-06-10T15:10:58.590000 CVE-2025-5561,0,0,37d583178eab41cfcaf572a9f55ac9ee56d529a81129a4bd0f0e52ba8e1b98bf,2025-06-10T15:10:51.040000 CVE-2025-5562,0,0,6240bc0a7dbaa1de6ee01e8085c281ab501398cc54d049e3ba52ef12d9151257,2025-06-10T15:10:36.680000 CVE-2025-5563,0,0,abd05332a66da82c0a84bbcebb55ce866c616ee358de4033b1bc944eee92c5bd,2025-06-06T14:07:28.330000 -CVE-2025-5564,0,0,5b1d77553cd5a1530739143ecb431d9f707863589140246dbf73bc8b7999e694,2025-06-26T02:15:21.957000 +CVE-2025-5564,0,1,7809e1fdf6de89ef637777fde783c5f5ed408a93fc9e8800ee881fa5f62b3fb1,2025-06-26T18:57:43.670000 CVE-2025-5565,0,0,69057d9fcda3a9d391a6fdd2d36028e43e46d962e75d2a96d0e0e06e8f6deb95,2025-06-06T14:07:28.330000 CVE-2025-5566,0,0,779c860a161eb64dc6f40dd7f0ca399f4546b6e4ee22bf38748c51ae144c439c,2025-06-10T15:10:27.370000 CVE-2025-5568,0,0,3985b2b3c56041cfacfc47ea29b5076a771839690445a0941918b66a37c31945,2025-06-09T12:15:47.880000 @@ -298707,11 +298712,11 @@ CVE-2025-5581,0,0,c54747d4f47de2d53a0450ac3d2803f6b1ce7f3a8f3dd0d32c7ea29ca0ea8b CVE-2025-5582,0,0,d2f1baa22f55fc38a8f865d0e99938121f7ce9bfb4e6584060e61c164943f9d6,2025-06-04T17:44:37.780000 CVE-2025-5583,0,0,b2ce656eeaab700a8a0873a3d565fbebe88a85c216d85c69e76524b9646991ad,2025-06-04T17:44:26.393000 CVE-2025-5584,0,0,554122312ccf631b36ad0ef789707a593ded0bc038e2cac6c090436b66fd53f2,2025-06-10T15:10:06.207000 -CVE-2025-5585,0,0,a4b85e7f335ebebadeca6227d4a2158131bdc84c9a2d7b4b046eba3dd8869dc4,2025-06-25T03:15:27.853000 +CVE-2025-5585,0,1,66434fc4624942b2f98ca7911f9fe45841ba6405a226731b2589d81e226c7266,2025-06-26T18:58:14.280000 CVE-2025-5586,0,0,b91049de82efb55ef679cf10931aa4f56290c24a8f2fbf45be0281fcede07341,2025-06-06T14:07:28.330000 -CVE-2025-5588,0,0,5626172a29251dee94f65d38cf4f1de29e07cc45a9d9c73780c7b106a578e27c,2025-06-26T02:15:22.107000 +CVE-2025-5588,0,1,f2de2123ce661e18a253375b07ab98eae21f0a928f6ef4ce36082985c7370c49,2025-06-26T18:57:43.670000 CVE-2025-5589,0,0,6c79a04993e971b42452f3a0ae16618b76eb63bb362b0f3291c861226ed4734d,2025-06-16T12:32:18.840000 -CVE-2025-5590,0,0,4c9a0f1f06abc99afa9b7dc22d1d5cfce989ab08cfe9ad3abfc9b5156b26643c,2025-06-26T02:15:22.260000 +CVE-2025-5590,0,1,6716e39e14dca75da7b001f861b33c9910a40bed8e3e64e8d834c073ec799a31,2025-06-26T18:57:43.670000 CVE-2025-5592,0,0,36c388f33c323490a93ebd79d5f124d5f4fdc10d946cc1144d6e587fb6694158,2025-06-09T15:02:45.030000 CVE-2025-5593,0,0,6df395e5fe3476beb67761792da6574eda83b6d9a337db7d77d384194417b8ee,2025-06-13T01:00:11.693000 CVE-2025-5594,0,0,83e7fdcfac2ba201d4fe551d7608819296af218dfeb5718bd91a2cdb5f7cbdd0,2025-06-13T00:58:21.617000 @@ -298798,7 +298803,7 @@ CVE-2025-5676,0,0,1ca2c49bb4d510b5740938a869bb2d11a6220d1957dff2d9f9653e2673322f CVE-2025-5677,0,0,364b4a61489a27818eacb60d1e1f6c17d4c2d09e9d81b672d48b3e04da11ebb6,2025-06-10T19:31:37.290000 CVE-2025-5679,0,0,39a76065dd3011f556df8ecc5c1607529488c249cbea269aa42dbb97296654d5,2025-06-05T20:12:23.777000 CVE-2025-5680,0,0,951e9727eb6f85cb1826e5addda531b5a3ed92e200dcd69a9572852fb51b7dd6,2025-06-06T14:07:28.330000 -CVE-2025-5682,0,0,4d46e61991b0a8d86404415b7a96b5fc7e62533e3aaf1ba49adc7537bb8ebbe3,2025-06-26T14:15:31.280000 +CVE-2025-5682,0,1,67b6a3216be3277cd38a8038e7a42b30fd3c0208e1c20e45cd5507ebf27151d8,2025-06-26T18:57:43.670000 CVE-2025-5683,0,0,1a3b3cb960b03a08fa5b7c4079149ff9fe6c9f4a5d5c8b0f22c43f750a1037ab,2025-06-05T20:12:23.777000 CVE-2025-5685,0,0,9300f7d7685cfc359ac44cb8501f97431249edd5f4608a9c2df4c4def6573138,2025-06-10T15:01:39.320000 CVE-2025-5686,0,0,ceecb4c8c9b6240c3c4cf6461703c0b505d1b9b8eeadd71aabaf7a72390230d4,2025-06-06T14:07:28.330000 @@ -298893,31 +298898,31 @@ CVE-2025-5797,0,0,ad9498e0c73f384fe58beb22ad071a4cb6570505f608f86f63afaab5c549b9 CVE-2025-5798,0,0,8b03aec99638c4fd5212301f04bb1a503506bf58d26bd5e5a5acb0c1110a52f9,2025-06-09T19:08:05.903000 CVE-2025-5799,0,0,50ad513413ffdd2c3157967aae0c57c4edcf2bbf0ff1ea794ba25c05cfcc425b,2025-06-09T19:07:59.197000 CVE-2025-5806,0,0,eced74af9a3bd847a96fe591b592713a189dcd85d66bd43936ab31bd4aa88aea,2025-06-09T12:15:47.880000 -CVE-2025-5812,0,0,397e5cb662e975a44c32b7c6b25044a893e71c9148bb71c73ada71636d8079cb,2025-06-26T02:15:22.420000 -CVE-2025-5813,0,0,589083b1e19960758d0640f940a9d3ef1fc847382ec343fb5d265702bb463fdc,2025-06-26T03:15:24.800000 +CVE-2025-5812,0,1,a8fa614eb185b909327a01b5dadc2a8b72103fb7810bcfabee505f3dccfda767,2025-06-26T18:57:43.670000 +CVE-2025-5813,0,1,94a68df007c9495e4b50b2eaeaf4ef7447d763547e58cdfd23ba994929395f8f,2025-06-26T18:57:43.670000 CVE-2025-5814,0,0,a167867f53c6fadb9d3db3d4ef4e109f1fea46d1abeb35216542db72110fa696,2025-06-09T12:15:47.880000 CVE-2025-5815,0,0,3c63e526b28352a674f2d0faaef2707920143cb75a4277d3e7f975593f6cf816,2025-06-16T12:32:18.840000 CVE-2025-5820,0,0,b9ca733f7fe3ed3e4755dc87c7962fd7e35b781d4f99707bb6e28495b55dd7d0,2025-06-23T20:16:21.633000 -CVE-2025-5822,0,0,a6e7691296db4206dce11d1d4373b526ee4137b730374a19419918c782849c2c,2025-06-25T18:15:22.900000 -CVE-2025-5823,0,0,25e51772ebfdedd9d5a4f2ae432423c7f2a3ee8faf0b512b277ea30c5e95e1b9,2025-06-25T18:15:23.043000 -CVE-2025-5824,0,0,d8f3987803ef074c18e732214b107c4634e2d28fc6412edbe8717cced2eef527,2025-06-25T18:15:23.173000 -CVE-2025-5825,0,0,cf89d825870f74aa7d542fb1e6c0bebd2a2a3155e1f63942a81ec55d25c1bd20,2025-06-25T18:15:23.303000 -CVE-2025-5826,0,0,83011e311b27ca4037b6bb38b32845feda7ccb398696aba7ba6dd4155f13d9c4,2025-06-25T18:15:23.433000 -CVE-2025-5827,0,0,584c2c9424411bded0549a4fa5777aba8ec227dbb316d1e7e0413298517fd6b2,2025-06-25T18:15:23.563000 -CVE-2025-5828,0,0,a00cd62db7d130cd815be25d450edea1722a06b13c35aa7250da18fa370bfdea,2025-06-25T18:15:23.683000 -CVE-2025-5829,0,0,34080de17461dae45b28f4f733d23ae3d5f12ad8f21bf2d608e3aa9191d624b7,2025-06-25T18:15:23.817000 -CVE-2025-5830,0,0,4628d406d603f6e1bf64b337b66f02ec3b5c03b1c213261e58222fd28cadf757,2025-06-25T18:15:23.950000 -CVE-2025-5832,0,0,07137da5eb6c1a7b02599d6b1d6fe8fd53e5c00e671b44cad00bf5012b7fd5e3,2025-06-25T18:15:24.077000 -CVE-2025-5833,0,0,a784ae45b2249dc4cb6d62ca1209fa997ae22d259fd7d11f09f16d9315e32d70,2025-06-25T18:15:24.203000 -CVE-2025-5834,0,0,12171deb212b62a3a6d092072f9b465d7cb7bdefa72ab660f5350558fb550acc,2025-06-25T18:15:24.337000 +CVE-2025-5822,0,1,2d52c9ef7f3da9b420a97ba779a5d173a8646b73b1293ad3cb4cc444ac55b60e,2025-06-26T18:57:43.670000 +CVE-2025-5823,0,1,18b34d2aa79ad8e9bc060291fec5d0b3f8830e1df880645505b2d47119000220,2025-06-26T18:57:43.670000 +CVE-2025-5824,0,1,4c56880f227f62e11acb61419c4555ae0867da6a656f259455cbbb057c98ded0,2025-06-26T18:57:43.670000 +CVE-2025-5825,0,1,4ebf7ee6d5667f35416d6068161d5ea2b44a9cb3617084c3b679c845d970935a,2025-06-26T18:57:43.670000 +CVE-2025-5826,0,1,1f334bac53186e335a4ae5dec65ee9ac9075497a457f53fef2503b1648965707,2025-06-26T18:57:43.670000 +CVE-2025-5827,0,1,f319ab09e017bd98300af6fcf8a417802e646ec75dec5f362e7bb2f977ab58dd,2025-06-26T18:57:43.670000 +CVE-2025-5828,0,1,aeab175399b429b474fbf74628c9c5345d3180d32a4e32973c96a1ca5fac5526,2025-06-26T18:57:43.670000 +CVE-2025-5829,0,1,804641730bf8366db413143c2d0c564d912e4b6814a9e8c125bc97bcf24ac376,2025-06-26T18:57:43.670000 +CVE-2025-5830,0,1,f3d68e628232b63f7c89590d2306918ef66cee448f93424c49476e14bac2b48f,2025-06-26T18:57:43.670000 +CVE-2025-5832,0,1,346c95b7672750e8fd13757d03389f08f7db39e67d0d05684da1850099a76f35,2025-06-26T18:57:43.670000 +CVE-2025-5833,0,1,457e68df50b9631158026ec14e95abdcdba9349cd3567f088ded821dbdf475d9,2025-06-26T18:57:43.670000 +CVE-2025-5834,0,1,0e87e35c0fedd571c27260beebf8afc0676dce8c5362850077b20fc5a5f65f03,2025-06-26T18:57:43.670000 CVE-2025-5836,0,0,d80bb6457241c6112de58f50d5f8d524854cb0ce4d9b0e26a6df5eac567f78ac,2025-06-09T19:07:49.417000 CVE-2025-5837,0,0,85c1936a3a1142d6d72d779afcb63f2a00a18b124b5cff42b89badcdc2313d9c,2025-06-09T19:07:41.590000 CVE-2025-5838,0,0,35626c7c8e1d04fa7bdba348c0108b2c123b4d5d313bbcf8d5dd0d6177716b08,2025-06-10T14:56:21.530000 CVE-2025-5839,0,0,af2c1c6da3fb5a22931f1ffebd67420dd5150792d38533d6eb8686e18f591276,2025-06-09T19:07:34.470000 CVE-2025-5840,0,0,a1906b279632ca933a71469d14d9b22734a373c8dc4ebaee1a55c4351d13760a,2025-06-10T15:45:31.043000 CVE-2025-5841,0,0,f400ea2f8b46ebb92066563e7d4eaccd25056b8981da67e57e016f89e1a31dc6,2025-06-16T12:32:18.840000 -CVE-2025-5842,0,0,7d2c79ed9cd89d676c12144f678969a69b95a2fa524c5effe8105f543604e1fd,2025-06-26T10:15:25.537000 -CVE-2025-5846,0,0,9f0922e59852557839f797b88c35f7182dbdb91a0671689ca165af3bce9b0b13,2025-06-26T06:15:24.030000 +CVE-2025-5842,0,1,b48db6edd359668fbff481765aa5f99833ccf2e70c19108d7572713e50893979,2025-06-26T18:57:43.670000 +CVE-2025-5846,0,1,b9dae5d78b058906eef82693476ed197d8158ba3f9251bdb3cbb82dffcfb1b46,2025-06-26T18:57:43.670000 CVE-2025-5847,0,0,72a670a977f930c072e82981d9be0647255328c3124df63dafd15061a72168a9,2025-06-09T19:04:55.580000 CVE-2025-5848,0,0,97a77699d44911bbc0f7dbb24d5b37ad7d0974431c5e2858413f0642987e5a7c,2025-06-09T19:04:50.113000 CVE-2025-5849,0,0,0056fe9cb36cc640911c965de99076fd3871906072eb39fce82181a9d0f80791,2025-06-09T19:04:44.777000 @@ -298990,11 +298995,11 @@ CVE-2025-5918,0,0,86b80ccf0910833edc22c6b7530445ae3be8c3d5eb7bba766fb3c183b6d35d CVE-2025-5923,0,0,bd32fa6b95a8f310c6b07918d04b1a4cdef7f962ecfa8c2518b68d11b4b0741e,2025-06-16T12:32:18.840000 CVE-2025-5925,0,0,74cb0f740f96269546a558716b8983e19baddafe2aff8e369ed86d426f629748,2025-06-12T16:06:39.330000 CVE-2025-5926,0,0,d101bf01d3fcfe0cdb9553376422f17ca8d863b6b3e856d7675080f3ca9408fd,2025-06-16T12:32:18.840000 -CVE-2025-5927,0,0,cf3c733b39e9f1a3d73cd1694eb8e5bdf0dfa3a9dc6dd79673163c714eb1c6a3,2025-06-25T10:15:23.090000 +CVE-2025-5927,0,1,0a0e7781a27f101005773f229ef6f5725a6a5e021dbbed62649398005b6b9ea0,2025-06-26T18:57:43.670000 CVE-2025-5928,0,0,bf8e560b30d16961d3816817e86769462398f4dfd1c11ce3fc0a5a6f046bebeb,2025-06-16T12:32:18.840000 -CVE-2025-5929,0,0,0846817d8701755360ffe4f201e55cce9ef8f0f3e797611fd6aeba6e25d75722,2025-06-26T03:15:24.953000 +CVE-2025-5929,0,1,ac3c429d58adea1d7dc59fa88fe445b6e7625f0820f062aef785b1d40af21800,2025-06-26T18:57:43.670000 CVE-2025-5930,0,0,f247db24f36bcbf2f7d81e18a82d068f64b444dc019b1b0b868d92f5ff3fa36b,2025-06-16T12:32:18.840000 -CVE-2025-5932,0,0,120fc767c01f8f83911c198a47ca09f06c1fa58f79b43ef6f616e0fde004cc06,2025-06-26T03:15:25.110000 +CVE-2025-5932,0,1,d1195345b3e2262847f1a971fa34210f177c9a6a4f5dfc87432b0985fe39715a,2025-06-26T18:57:43.670000 CVE-2025-5934,0,0,2b04aea49be1b2e817d664c8d52ff126b146b95757a60bd9875f5715a4755cac,2025-06-20T13:11:11.560000 CVE-2025-5935,0,0,c15a5d20553ffc7a7c30ae68f0e5f38be384091a8a588ccb546a6d6a87a9c526,2025-06-12T16:06:39.330000 CVE-2025-5938,0,0,de6ba49470711279279f27a904465957f8293ec15c3176c20b2597289d4c7b40,2025-06-16T12:32:18.840000 @@ -299007,7 +299012,7 @@ CVE-2025-5958,0,0,a36b78799dbbd1551f96c1bff1614591c13905c454c0b07d9b02e19316c76c CVE-2025-5959,0,0,a39e129e58512bcee45e4710589bda0209f85db251e85a57b71fd6de1e661083,2025-06-16T14:49:13.623000 CVE-2025-5963,0,0,fa08382550ea0c3ee30b8fad922b8d6a6c917f388130b237bfade6a185c04053,2025-06-23T20:16:40.143000 CVE-2025-5964,0,0,fdc2a55a5a19378f1914fbf75b6cbe370c921fe75e327e1cb5f217f1b15bf1ea,2025-06-16T12:32:18.840000 -CVE-2025-5966,0,0,a270fd57a6a367f8e92ab8f91c2a047ea92fc071fdaf3291b508bc16e002daa1,2025-06-26T13:15:29.123000 +CVE-2025-5966,0,1,5fef1f8d71467ec9a2d7c03ed5fd15a9a07208246d1389eb3712cac93ecf32f4,2025-06-26T18:57:43.670000 CVE-2025-5969,0,0,c1cc21e3e671c92cd4500d184398151db62163dec64f67d18a86b28ac5130697,2025-06-12T16:06:29.520000 CVE-2025-5970,0,0,c0dffa88245f943ccee6014f6c262b234873584bcf552256828e546681f676da,2025-06-17T20:35:26.663000 CVE-2025-5971,0,0,33a5707def1920d97a91033da89284cb10f24ad1290b87bb2c7f2d9d32708e58,2025-06-16T15:02:21.960000 @@ -299043,7 +299048,7 @@ CVE-2025-6021,0,0,4d6c316d6b2265feaa5a1f1976caab5acbb233a1583e3791720a0a82dcf439 CVE-2025-6029,0,0,e9108be7e98d0780991a9dbc9771d79381463de686ea76ad25b1212ca465841e,2025-06-16T12:32:18.840000 CVE-2025-6030,0,0,e2d083f85b4980fab673be25fe64ff6c58fe5f2e84e15893b8c80d92f1561a4f,2025-06-16T12:32:18.840000 CVE-2025-6031,0,0,8862006220262f75545734fb5f034c6db29d3c4cbd11030b12e4d70636f9f9cc,2025-06-16T12:32:18.840000 -CVE-2025-6032,0,0,d34db860f10fbaf4dc7b8227df55ccd2b29ad245beaf16847e29b7a4d47834c3,2025-06-24T14:15:30.703000 +CVE-2025-6032,0,1,0f517754c22a370cfa7c5b41208770f3083cc36154d65c09646b5c3116704717,2025-06-26T18:58:14.280000 CVE-2025-6035,0,0,b71b50bc0c235c19b2d078bb69ae3921b820489d58f8688dea7a7bdd7515f125,2025-06-16T12:32:18.840000 CVE-2025-6040,0,0,76a8c143b5834b0cf93cda3bf80ab595e40b144f2532ce0d72ddcf42d08934bb,2025-06-16T12:32:18.840000 CVE-2025-6050,0,0,67e03dde344620698f5a7773057ca524136abcdd721ce9bc82366b3da1039da8,2025-06-17T20:50:23.507000 @@ -299105,12 +299110,12 @@ CVE-2025-6130,0,0,cb569be39f5f1da076d06669e0896e22c8cd60dff8ebc57d155295bc5acb6c CVE-2025-6131,0,0,2866309ab3a411ed34af4bfc174dd80cc2f38df6ce0809f56ec34a44e1386fa4,2025-06-17T20:50:23.507000 CVE-2025-6132,0,0,4820b926dce549d59ace28c44f962f1b682b6ad27fe3050ad7fcb6e14d23357a,2025-06-17T20:50:23.507000 CVE-2025-6133,0,0,e8ce544a9effd7cb8b54da22c642c5245af611c0276c41dc8559e4d5a610718a,2025-06-24T19:44:40.803000 -CVE-2025-6134,0,1,8a23584764f618ffd2d4995a9b4d16e5d5cdabc35d0090302e1cb1d8481cb193,2025-06-26T16:46:43.547000 -CVE-2025-6135,0,1,506099148e534a57e74eec0360b5146bb6d16f5700b5c048c16b15d25659f5e9,2025-06-26T16:44:08.650000 -CVE-2025-6136,0,1,5f7e8be2da42633353469049b7512fa5d07106f6da9174f3722e62acbd430a92,2025-06-26T16:37:17.293000 -CVE-2025-6137,0,1,ddc67afa546c83e767dcbbc7b7e064e9742a4bea6b7f9760a6f55350f1985699,2025-06-26T16:33:18.123000 +CVE-2025-6134,0,0,8a23584764f618ffd2d4995a9b4d16e5d5cdabc35d0090302e1cb1d8481cb193,2025-06-26T16:46:43.547000 +CVE-2025-6135,0,0,506099148e534a57e74eec0360b5146bb6d16f5700b5c048c16b15d25659f5e9,2025-06-26T16:44:08.650000 +CVE-2025-6136,0,0,5f7e8be2da42633353469049b7512fa5d07106f6da9174f3722e62acbd430a92,2025-06-26T16:37:17.293000 +CVE-2025-6137,0,0,ddc67afa546c83e767dcbbc7b7e064e9742a4bea6b7f9760a6f55350f1985699,2025-06-26T16:33:18.123000 CVE-2025-6138,0,0,69c19eff97e06c34f5b8cfdfba9cb33f9498a49d64177b5418e8373bd3e2dbbf,2025-06-20T14:34:32.397000 -CVE-2025-6139,0,1,1e573675182fd2c70c93e9d60e690c79091588fc0dffcb1bdf91b56cec3b2b4c,2025-06-26T16:27:37.157000 +CVE-2025-6139,0,0,1e573675182fd2c70c93e9d60e690c79091588fc0dffcb1bdf91b56cec3b2b4c,2025-06-26T16:27:37.157000 CVE-2025-6140,0,0,90c8d7894599b8728f992434ba3431a19d89cc26541cb2e9752a70dfc43adc3f,2025-06-17T20:50:23.507000 CVE-2025-6141,0,0,da13bc3db5b6441ec02280dd31d41a049dec0de80cbb8316bf3d83796a9c0f04,2025-06-17T20:50:23.507000 CVE-2025-6142,0,0,e80f42b3df69bc7d34694aade5534d0147faa50d387373f1d151bcbe4aa458f3,2025-06-17T20:50:23.507000 @@ -299130,9 +299135,9 @@ CVE-2025-6155,0,0,3e8fc69cbf51a07d93c7df9f9e6e4b66e36cc96b90ecd10cbf6a0ab1b9592e CVE-2025-6156,0,0,50bad226a589479fea329c4b9ea16aa953872a48df791a98c47ba27f5989fe25,2025-06-24T15:52:28.587000 CVE-2025-6157,0,0,180c03ace223f2bdc4a4810f873bfe6ccf5f7edb279d8977a5782cbd3224fa72,2025-06-24T15:52:26.320000 CVE-2025-6158,0,0,2f36d74bb802a051d651546127c3dc725b5baddaf659643b5bacdd29188892d6,2025-06-17T20:50:23.507000 -CVE-2025-6159,0,1,b6654ae04ca00ebe3d5ed69f1af3600e83fc73919e57aba07df0f12e772f5196,2025-06-26T16:21:06.720000 -CVE-2025-6160,0,1,5ffd3a5dc242cfd1fecdd7fd3e437c972a4776d68b464499becd18bc1698dcb4,2025-06-26T16:15:47.617000 -CVE-2025-6161,0,1,0e873c05638bc7fdac845123aea4c5a97ffb7356cc08e5c74933eb0b81f079d0,2025-06-26T16:04:27.483000 +CVE-2025-6159,0,0,b6654ae04ca00ebe3d5ed69f1af3600e83fc73919e57aba07df0f12e772f5196,2025-06-26T16:21:06.720000 +CVE-2025-6160,0,0,5ffd3a5dc242cfd1fecdd7fd3e437c972a4776d68b464499becd18bc1698dcb4,2025-06-26T16:15:47.617000 +CVE-2025-6161,0,0,0e873c05638bc7fdac845123aea4c5a97ffb7356cc08e5c74933eb0b81f079d0,2025-06-26T16:04:27.483000 CVE-2025-6162,0,0,e84675b06fecb8413603d644d7dc1a9c194bceeff6262adb1f964a4383ba4305,2025-06-23T19:20:50.197000 CVE-2025-6163,0,0,6e13a9e163cb9e3184563f5c7b63b8596f5e63cf06bd837983ba5aafb4c041ca,2025-06-23T19:11:22.090000 CVE-2025-6164,0,0,c17ffe7ec702387ad5d177a5e91c7296a9ef4f80a11f6ea499b523afd7af1e02,2025-06-23T19:01:39.440000 @@ -299142,7 +299147,7 @@ CVE-2025-6167,0,0,e83c0c1ea86d6b605cd16c602292d01c1e3a7ce00c593e57ae080fcd8bf11e CVE-2025-6169,0,0,24b56c63dd5c2b9799043dae6dc3b75a3e06e9ee630be707f681a9bb09cd5b58,2025-06-16T12:32:18.840000 CVE-2025-6170,0,0,b78aff7a1c8e8db8ce7aabd9ccc1b29ff578e0357c573a194099cb12287faea6,2025-06-17T20:50:23.507000 CVE-2025-6172,0,0,df5b11377ae2bcb860baea092fdadde3351cf8aeca30edf92e0d7977024948be,2025-06-16T17:15:31.503000 -CVE-2025-6173,0,1,c070b1517acd95c5e869ebc2e1f1712fafd19138bea48c0324a49cddfc5a27e5,2025-06-26T15:57:47.900000 +CVE-2025-6173,0,0,c070b1517acd95c5e869ebc2e1f1712fafd19138bea48c0324a49cddfc5a27e5,2025-06-26T15:57:47.900000 CVE-2025-6177,0,0,f708d677d17f57d89176eeab0f542a182dcbda72661cc0eb13a3bc38d1575fd3,2025-06-17T20:50:23.507000 CVE-2025-6179,0,0,ef3e1c0f37267be4950d18366a27dfd0b0e58f054fc3240188e66ee490b59e39,2025-06-17T20:50:23.507000 CVE-2025-6191,0,0,f0f3b688b48f4f8183a91df95fa38ffe0dfc74cf3682559765b5451f2fa22fc1,2025-06-23T20:16:59.783000 @@ -299151,15 +299156,15 @@ CVE-2025-6193,0,0,8f7cbe3660433ebbbde46b01965a942eccd778d0ad783408ec78638602642a CVE-2025-6196,0,0,a443edb8dad0601e0cbd1385e8a473b74e22417d0a97c7514592b470b58b5b60,2025-06-17T20:50:23.507000 CVE-2025-6199,0,0,8b74f0ab0d170aa7cc558f1e79481a7093394c0368bbc35b907707db4c26f548,2025-06-17T20:50:23.507000 CVE-2025-6201,0,0,09953b11a7588a9edc2f3925b0cbb84add185ea803d7765dc4a2a786cd413a85,2025-06-23T20:16:59.783000 -CVE-2025-6206,0,0,f095e462b0f9c530be73de1fe9b71847681b1cb490797f58b1dc23dd20a548bf,2025-06-24T09:15:25.653000 -CVE-2025-6212,0,0,d68d2c7ec394e1765170c6fe8c8153b073484f550c4507decdf42f086d4b7303,2025-06-26T10:15:25.747000 +CVE-2025-6206,0,1,c66ee500876bc4abb021bb9d77aeda45e0e42d83e894cdd37485d8f28334b052,2025-06-26T18:58:14.280000 +CVE-2025-6212,0,1,4536e37cd10eb99991e44a4c67cb639fffaab6ed8b7d107935fa6b328b944d54,2025-06-26T18:57:43.670000 CVE-2025-6216,0,0,fa2fdcc5033cf3a1df6342a01f2acd273f87b99c1664b4ca0db573d99035212e,2025-06-23T20:16:21.633000 CVE-2025-6217,0,0,0d2c65c94d7cc4fabd9027df56e983345e1f33543f29c53f0c45cf319713d14d,2025-06-23T20:16:21.633000 CVE-2025-6218,0,0,0c57dc44b918f69aa41dfa2cd45995e68693308920cd967c81e00d12734bb127,2025-06-25T19:03:33.817000 CVE-2025-6220,0,0,5f7d83b19f9a74deb42015750f7b5335a45a31dba8653fadb3cf8eaf78a671be,2025-06-18T13:47:40.833000 CVE-2025-6240,0,0,ba4da5fd605eca3c919532cf0a8a1661ebda5a87c35d4010c4dddeaa23d93e9a,2025-06-23T20:16:59.783000 CVE-2025-6257,0,0,cc91b7557b526c88672e08add1b684bde89a65ab4dd7fa052a99a1c1c9c823b5,2025-06-23T20:16:40.143000 -CVE-2025-6258,0,0,c1d8edec7d468e92f3e9dc85f27e051734880f1782e660281dd3399a60a45c48,2025-06-26T02:15:22.573000 +CVE-2025-6258,0,1,a4b6be5935c4432c7a129304f469494da82c625050798afddedddfa563a7fe1e,2025-06-26T18:57:43.670000 CVE-2025-6264,0,0,f32dcf95c634dc2f1ab86702d3943727ebae8018b2fa6b536fe8be4f7c817392,2025-06-23T20:16:40.143000 CVE-2025-6266,0,0,83020883d3aae1b262b30700af6ace7e5c0118a4b262e735a3268c83525b299f,2025-06-23T20:16:59.783000 CVE-2025-6267,0,0,f67fce7007c3c00cf880637b4dba7c946432602560144eb3304995260da703c2,2025-06-23T20:16:59.783000 @@ -299184,16 +299189,16 @@ CVE-2025-6285,0,0,f8f105593a1c0a7dbe61c92b05ab2b4fa84eac49b6aca449cf8fcc6261594d CVE-2025-6286,0,0,0986e442b62971a42e733069c69f2b535595029d77fbaa4fa93e52b8d99f5a8f,2025-06-23T20:16:40.143000 CVE-2025-6287,0,0,1f0442e805994dfa210a8eb3aa304f70a76a3d031c0d44f5ffd1b0d3dde5756c,2025-06-23T20:16:40.143000 CVE-2025-6288,0,0,9ce149ad42505ec2b4ca64cb24a668e9a7b4bbe84cfa5abc98150f3205f4a2c1,2025-06-23T20:16:40.143000 -CVE-2025-6290,0,0,fd5137afaf81f121f32b5fb857c9bd0fbd66061602c501bf3307842726132473,2025-06-26T02:15:22.733000 -CVE-2025-6291,0,1,dc1a968051b9db85759355228419cc46165b7a6778eb4ff9ec8664745bc75db4,2025-06-26T17:00:25.153000 -CVE-2025-6292,0,1,950777517b48d376f4e9cfbb6475ca5763192a729885525f030e7df89973a74b,2025-06-26T17:25:51.993000 -CVE-2025-6293,0,1,30342ac281aebc0a30969c59d523a1a3a2cc7a536dbaaadfbb8317c27c072af8,2025-06-26T17:22:14.003000 -CVE-2025-6294,0,1,2f20bcf126712080bcfde5ea574f9107db7d0aaac3eeac826f2b5961068819f0,2025-06-26T17:21:26.107000 -CVE-2025-6295,0,1,c68657e703a32d8a27635af3bd0cbcf47590717c8db4b4d0b6e9b6fdea795c7c,2025-06-26T17:19:48.817000 +CVE-2025-6290,0,1,402b9c60560347a4e63f4f19ff6d1d7ca54e8015ec34f7c0349bccdde29c40d8,2025-06-26T18:57:43.670000 +CVE-2025-6291,0,0,dc1a968051b9db85759355228419cc46165b7a6778eb4ff9ec8664745bc75db4,2025-06-26T17:00:25.153000 +CVE-2025-6292,0,0,950777517b48d376f4e9cfbb6475ca5763192a729885525f030e7df89973a74b,2025-06-26T17:25:51.993000 +CVE-2025-6293,0,0,30342ac281aebc0a30969c59d523a1a3a2cc7a536dbaaadfbb8317c27c072af8,2025-06-26T17:22:14.003000 +CVE-2025-6294,0,0,2f20bcf126712080bcfde5ea574f9107db7d0aaac3eeac826f2b5961068819f0,2025-06-26T17:21:26.107000 +CVE-2025-6295,0,0,c68657e703a32d8a27635af3bd0cbcf47590717c8db4b4d0b6e9b6fdea795c7c,2025-06-26T17:19:48.817000 CVE-2025-6296,0,0,3199152674d281a8b0bfa9392ec2d741dc87f4294f9f5fd910f569a20facdf65,2025-06-23T20:16:40.143000 CVE-2025-6299,0,0,0c5467d80bc58e4cc48c65f2c08fc824bcbb0be1a5cdf91f595765a0183ebb54,2025-06-23T20:16:40.143000 -CVE-2025-6300,0,1,e2ec6cf8b98712d407f84e21f599347de059cbe66e2eb84a9fc4eb6c7fb27268,2025-06-26T17:14:20.587000 -CVE-2025-6301,0,1,1a6a37865c9ad16879d590be6f25642d0cfa9abb4a67fa3b3dc503342ed3c79d,2025-06-26T17:09:26.040000 +CVE-2025-6300,0,0,e2ec6cf8b98712d407f84e21f599347de059cbe66e2eb84a9fc4eb6c7fb27268,2025-06-26T17:14:20.587000 +CVE-2025-6301,0,0,1a6a37865c9ad16879d590be6f25642d0cfa9abb4a67fa3b3dc503342ed3c79d,2025-06-26T17:09:26.040000 CVE-2025-6302,0,0,e3539c9b5f9b261c59bd1f61e25234e8559a654a63f9c967a1007ae0f4a5c2be,2025-06-23T20:16:40.143000 CVE-2025-6303,0,0,001666194667549d93b9d4329658990f457777439e0228e9bd08f4416d371963,2025-06-23T20:16:40.143000 CVE-2025-6304,0,0,55c7409c08e8bc681802a6630bca19d5a26cc48af50cbcd82a055c7cc06a550e,2025-06-23T20:16:40.143000 @@ -299215,23 +299220,23 @@ CVE-2025-6319,0,0,f3afcf79a1c3f082f8faae8cde92b0880129f684a2b8f0a088d36e53845f57 CVE-2025-6320,0,0,34f82fe676c8e31a4926bc5fc71aa8a3aa8c48a9c5266782681c0afe0066bf19,2025-06-23T20:16:40.143000 CVE-2025-6321,0,0,2b3c022a25ca8fd95776333545b153c0556720c4c9d97b953096577aea6cb756,2025-06-23T20:16:40.143000 CVE-2025-6322,0,0,d4b8aeace6f081caaacbf64437d05f9acda60b5749baa526dd485748608ba40a,2025-06-23T20:16:40.143000 -CVE-2025-6323,0,0,a21c24a1e3ec7de7dec7bfb0a084680065d88873c288ee865d21819042362e2c,2025-06-23T20:16:40.143000 +CVE-2025-6323,0,1,f452bdf6c942e9aea72d0768dc1d57c62968228633f54da902893e80310f7431,2025-06-26T18:51:41.870000 CVE-2025-6328,0,0,7e98a839abeba2292149ca0b9c4a3d929a9d752f9b8a1de1be7dd65893db9beb,2025-06-23T20:16:40.143000 CVE-2025-6329,0,0,6a5a1d8b5ef0f368d3ecc9a6e036931641f4bb78610e1229a8f4b0739afcc7a2,2025-06-23T20:16:40.143000 -CVE-2025-6330,0,0,6fcde6b7cfeb596d07fc26d1ba6b4423d4bbb0ed9e420e5a700ebca6cf2aff88,2025-06-23T20:16:40.143000 -CVE-2025-6331,0,0,281d31cd723f61fea21e069b5584f70618910c8426b7a8dc5fda03e22f4ef8ba,2025-06-23T20:16:40.143000 -CVE-2025-6332,0,0,873be0404dddda2aebf229e28d19c47931f7c0c156a1dfa93fe0596169344154,2025-06-23T20:16:40.143000 -CVE-2025-6333,0,0,675cc44054cb4bc0ccdfb463231053803b3b9c0f08947a01ec222020a4eb23c6,2025-06-23T20:16:40.143000 +CVE-2025-6330,0,1,533f8688fa05d700cc76636e59e86bc0eb723f7b595a46351852e77368267ff9,2025-06-26T18:48:43.913000 +CVE-2025-6331,0,1,0a8994ea3249d7eae52872533d96e734a825872bdbb388afb306ca44b9867b0d,2025-06-26T18:46:13.133000 +CVE-2025-6332,0,1,2135c39d96f5f5f51610426459e1766e7e77a827bb39a5d88eeb3366dd1bf430,2025-06-26T18:39:05.587000 +CVE-2025-6333,0,1,26527bc36673d9e039362729b4406f5a98df04c44c68d06dd05f36e7caa8b426,2025-06-26T18:35:06.553000 CVE-2025-6334,0,0,038c81425bf1ec938035caedd01742df8fb43a5d20ede7ed0acdea2b079450fa,2025-06-23T20:16:40.143000 CVE-2025-6335,0,0,e42e7fe53f38bacba2127853739bb9e57582b840aac157040f64fd0585137645,2025-06-23T20:16:40.143000 -CVE-2025-6336,0,0,3d3db1672f06ec0712a78cc92696ede18c9e871cf673cd2a145a9a0172e32b1d,2025-06-23T20:16:40.143000 +CVE-2025-6336,0,1,c2ae3339f7f556d7f8479109d39981c789e75e2a76c15e57531c64e864f48049,2025-06-26T18:28:59.800000 CVE-2025-6337,0,0,161e6a8a3656b81227fce426686a6291bb2989b8708f75a64f2ebb684f913edf,2025-06-23T20:16:40.143000 CVE-2025-6339,0,0,39a93e9b819524c01a5f6335f7f0645f0590e6d2af3e1fa5bf2ca3254fef0d62,2025-06-23T20:16:40.143000 -CVE-2025-6340,0,0,bb34cef064dae7650a8fedfe9b945186839c51af4c5b089557f29d1c74de6290,2025-06-23T20:16:40.143000 -CVE-2025-6341,0,1,6eb97d536857f3ed3053b28a0b496ad883570be814c5c64c307e1ec4c95a4991,2025-06-26T17:31:18.840000 -CVE-2025-6342,0,1,6934fab8f5de2e37566c0bd37708ff4b41608b68048fce7936eae8dbc964dbfb,2025-06-26T15:43:29.243000 -CVE-2025-6343,0,1,486d933b030c79ce931ba483ff730af554d03b5f6333e6a7ea67c21e98e6807a,2025-06-26T15:41:01.887000 -CVE-2025-6344,0,1,d4ebe8546071c6f599337efb2154e70f6fbd03816d527c4e2779e3b0d262295d,2025-06-26T15:38:17.790000 +CVE-2025-6340,0,1,dacb53e17fd0fb578d899283d6d11eb80ece027ae37caccbd0442a6f52974b5a,2025-06-26T18:16:01.950000 +CVE-2025-6341,0,0,6eb97d536857f3ed3053b28a0b496ad883570be814c5c64c307e1ec4c95a4991,2025-06-26T17:31:18.840000 +CVE-2025-6342,0,0,6934fab8f5de2e37566c0bd37708ff4b41608b68048fce7936eae8dbc964dbfb,2025-06-26T15:43:29.243000 +CVE-2025-6343,0,0,486d933b030c79ce931ba483ff730af554d03b5f6333e6a7ea67c21e98e6807a,2025-06-26T15:41:01.887000 +CVE-2025-6344,0,0,d4ebe8546071c6f599337efb2154e70f6fbd03816d527c4e2779e3b0d262295d,2025-06-26T15:38:17.790000 CVE-2025-6345,0,0,b33f24903860f4767c24c3b23695242ccd8af4a1055fa40f0a8676c27b00f49a,2025-06-20T15:15:35.800000 CVE-2025-6346,0,0,011bc8a262555edab4b20ddcee756fa3b3eb6e2997e406cc2e1d1d0357f55b38,2025-06-20T15:15:35.983000 CVE-2025-6347,0,0,314d9452b387c10ac762b3b1128a41f845645f5c30e1ff2ca81e9f93cc334357,2025-06-23T20:16:21.633000 @@ -299259,8 +299264,8 @@ CVE-2025-6372,0,0,57bd725e58155b22002b2fe27e5ef880df740adaf81477b1018fce26c7c218 CVE-2025-6373,0,0,fc3916a56b7bebb7f4afd8db9623b0c0b7ca6d04a407f196c28a44bfa23b9548,2025-06-25T20:10:16.027000 CVE-2025-6374,0,0,52c2a3762c3febff3f7133c40521ec4205f6d9bad96026808a9cc8ac3a049376,2025-06-25T20:10:23.920000 CVE-2025-6375,0,0,c5c7694dc72a40d77b42ca7bdac2085f0219ee2826ef00eb4a9804c963c5103e,2025-06-23T20:16:21.633000 -CVE-2025-6378,0,0,4bae6533b266242fb807bc0a127cda222645f947c6a6165e762e08dab1c919bb,2025-06-26T02:15:22.887000 -CVE-2025-6383,0,0,923abd40d7defc44a064873e16bfacdd6b268663910f7e0a8f9021f4030b3033,2025-06-26T02:15:23.040000 +CVE-2025-6378,0,1,da81929627ca41dfedced9811023613c15a40b0d55e0bd556aab3cf407bd3f73,2025-06-26T18:57:43.670000 +CVE-2025-6383,0,1,35d6eb846a0e7ad29c61cf4ec7b91041c35953e0c591ccd388d602b918bec848,2025-06-26T18:57:43.670000 CVE-2025-6384,0,0,97aa0c1b3518730f2ff1ac0c6e40e6df53f12abb019ae8c41f191d17b86f6691,2025-06-23T20:16:40.143000 CVE-2025-6393,0,0,32247b5db96e134f65a8c77173062a4edd972dbb6c0ac396c8f0bf9ce435cde7,2025-06-23T20:16:21.633000 CVE-2025-6394,0,0,a6663654d9b1668d091d362eee2cdb7e6cb13133cb16bf86aada9168ce7b98ea,2025-06-25T20:12:10.560000 @@ -299288,23 +299293,23 @@ CVE-2025-6419,0,0,3035370a10769e2b2e73a65b80dc5ee8dff995026db0f171ea652406a466dc CVE-2025-6420,0,0,9da6d53d9af64779bc447f9508c903bdaaf225194f0f56a912ef73481b378df7,2025-06-25T20:16:33.910000 CVE-2025-6421,0,0,3169c91105fc051d7d3498fdef6562a4792481aab354e9c38ba63bbee575aace,2025-06-25T19:50:23.227000 CVE-2025-6422,0,0,b5bb87a55ad52736bcc24be8713e2086821b4454f2e12e2c901389f24f632355,2025-06-25T19:49:55.057000 -CVE-2025-6424,0,0,704a069dc96dca71fe354883645bea382ab0c9fd3bb7414fe9bdeeaec02801fa,2025-06-25T13:15:26.633000 -CVE-2025-6425,0,0,37554c1bb11125532c063480723f0967d059383384551013981c911f7964aa9b,2025-06-25T15:15:25.200000 -CVE-2025-6426,0,0,9631dea9d79fb8b8a8783d7c8f5964e231b5b4d02fe77d7c6cc807b1da948fcd,2025-06-25T15:15:25.350000 -CVE-2025-6427,0,0,0ab43ab36adaea6534cd71c655963fad8f6365c7438235498e484bfdb2e891d3,2025-06-25T15:15:25.497000 -CVE-2025-6428,0,0,30a11ea5901a3f6eb2c3e67a473a5bc6fe16e5795e6170afc7a2ae56528c9fef,2025-06-25T15:15:25.647000 -CVE-2025-6429,0,0,8cf954d9a16bea763d5291176375c4042ce71a664ea4203d5676c91351eb36f5,2025-06-25T15:15:25.797000 -CVE-2025-6430,0,0,39842dadba8487dd25c3a4c41f3e2143308fa46b8fe498a25f92de04bff6011f,2025-06-25T15:15:25.980000 -CVE-2025-6431,0,0,044ca2b501402907169f7fbba7ce2037be8fa78a7475c1b0366114cbb1ccd1a8,2025-06-25T13:15:26.800000 -CVE-2025-6432,0,0,709154992723f331a52a5ad0200366583cc8c17511eb731f8a67ceaf01c78055,2025-06-25T15:15:26.150000 -CVE-2025-6433,0,0,388a9e3c4ce770334337fb5b365eb81eea0a09dd37d26b543d992df75886bad1,2025-06-25T13:15:26.977000 -CVE-2025-6434,0,0,25d2270e780cca263d82591b90f92aabefeed0e60517c8b2fc08da412d22a7a5,2025-06-25T15:15:26.313000 -CVE-2025-6435,0,0,21617e43ba2f8a9a35a36e787e5dee004b288295c4b39f0eba8d335f07c49c0b,2025-06-24T14:15:30.930000 -CVE-2025-6436,0,0,64ee87009d3f405effe05016ce18b97f871de07171703adf5abee597ea8e22e5,2025-06-26T14:15:32.083000 -CVE-2025-6442,0,0,3e426283a1f1c4580aebeb63e3f6f56b690bd72b6d959535864f9b8a82143dc1,2025-06-25T17:15:40.117000 -CVE-2025-6443,0,0,d16bcbf7380cf8685ab0402330d7fcb780db92921035d764bb7de8978decb036,2025-06-25T22:15:20.960000 -CVE-2025-6444,0,0,001723fa0e5477753e66a94b40ca3050bd1b3c324935cd810fadea01384c5f5a,2025-06-25T18:15:24.463000 -CVE-2025-6445,0,0,c4d022822323925bc49f742249f5576d460d2c00c9d8f44065d3325e11103521,2025-06-25T18:15:24.610000 +CVE-2025-6424,0,1,09dddac4b46cc94d6d3f6d8e79741259ea3388ea116d926af0fa94a223e385e1,2025-06-26T18:58:14.280000 +CVE-2025-6425,0,1,4e6f88db6b79c26241a241a9d550f07188ec00afadd00edebbade3f226007ade,2025-06-26T18:58:14.280000 +CVE-2025-6426,0,1,130a7b245654ec700b52dd46d82662a731b3edeb808204b596d0afabe7d54c19,2025-06-26T18:58:14.280000 +CVE-2025-6427,0,1,4fd1993d0ac7db16c968bc0eb6d4c8ebb892c92134eaab56fa8b779c043e4819,2025-06-26T18:58:14.280000 +CVE-2025-6428,0,1,7e20fafdd0f36de7df3c59cde9ab6c32f568c3b0ee5af525470ee15553873cb8,2025-06-26T18:58:14.280000 +CVE-2025-6429,0,1,e29e5f9c3edb1b6b2561019cf3f2a747b5aad470840cfe30487e722e58f716ee,2025-06-26T18:58:14.280000 +CVE-2025-6430,0,1,b0dfe49badaa97cad3c4daf4daa0fdfa04551342da297985245070e77ab87c51,2025-06-26T18:58:14.280000 +CVE-2025-6431,0,1,7285e90452e8f4883b8a2b4686861679df20b3cb6c551c0335da2080423500a3,2025-06-26T18:58:14.280000 +CVE-2025-6432,0,1,2636350f6a652ff6584483841ee6a3780c6c5a73e88185374c3bc31fc1887a1e,2025-06-26T18:58:14.280000 +CVE-2025-6433,0,1,263b2d86ec5aa08e454cdf46d389ffc9eada0acdb6f9cdeac53c77b6930c7988,2025-06-26T18:58:14.280000 +CVE-2025-6434,0,1,47a7603f7cbe13a30f453787055a6b313fdfed4cf89826f7563879c028f58e32,2025-06-26T18:58:14.280000 +CVE-2025-6435,0,1,2a03b19d6b1480f0b19da1377ca34b6c860bf2589be5dc94ec13404245c60726,2025-06-26T18:58:14.280000 +CVE-2025-6436,0,1,f65fc58fd044d31977c47a350b8c82806cfb1e718ad3399c925734f89ccbfa28,2025-06-26T18:58:14.280000 +CVE-2025-6442,0,1,0c375e5c3a1bc0a69229d6c6f1f25c625ba6ba0948068e1aa74cee3a131b76ce,2025-06-26T18:57:43.670000 +CVE-2025-6443,0,1,234c9867f25d85d44fc506bbf75440155c7227dc8656924121bdfd34971fe1ce,2025-06-26T18:57:43.670000 +CVE-2025-6444,0,1,37705057457fe7179db85da84838ca3b56fe8ff63e8fcdb240ff0b993581938c,2025-06-26T18:57:43.670000 +CVE-2025-6445,0,1,f99b123e574fa4e59daea983acb9603622fc84af3252757bbdb2c3411966afec,2025-06-26T18:57:43.670000 CVE-2025-6446,0,0,3600b7ecc27e2374ecf53656a0787999f8467a509514c75f50c495fcd2cddda1,2025-06-23T20:16:21.633000 CVE-2025-6447,0,0,ccb7491a53a65edb2a46fa34f91bfc98d3e4b5a673ea57cbc2e7809ed2b6f681,2025-06-23T20:16:21.633000 CVE-2025-6448,0,0,8222bc4acb92d0f776e1d0bca83e07196c49a6462816bce44b6bf839e1dbed85,2025-06-23T20:16:21.633000 @@ -299360,113 +299365,113 @@ CVE-2025-6513,0,0,6fcda6ec8fe8d4d7a71ff944570d0aef3cd920458f304839d1b1f59be7ed3d CVE-2025-6516,0,0,ac0b558987c235b3e9cca99c9b3e31ea02676d4ebf55b1f2d4bc9503aa512a0c,2025-06-26T12:25:51.530000 CVE-2025-6517,0,0,ccb7b7977bc47f9b2f5f57f3b073cd6f70cdee9c4ad69519d93767dd6116a3b9,2025-06-24T14:15:31.093000 CVE-2025-6518,0,0,79913a6994b5a0cfc1a00cf4e1af2784faaece099aa53440c6a31b8bb0c63ace,2025-06-23T20:16:21.633000 -CVE-2025-6524,0,0,e49785f0fd827aecc01b85ae4e043e18698692ec26bc7ec337665a5554061752,2025-06-23T21:15:27.970000 -CVE-2025-6525,0,0,35605120f939d0314ffb4372828fc2819d48e220e02caf00b1c5333f290dc2d4,2025-06-23T22:15:22.697000 -CVE-2025-6526,0,0,456bafb9529e1b23d74b19ae6236c5bcf3c8bca34d59155b7069f65608e1b06e,2025-06-23T22:15:22.930000 -CVE-2025-6527,0,0,a9a66d6d6a8e0192016e66fcbc4b16654b5cc67da7f8d638e0a1029d3e911b37,2025-06-23T22:15:23.130000 -CVE-2025-6528,0,0,2d8652c6e064cbe08fda9e1243d2cdd94889748bd307dfeccdf2fd9f8f69ecd5,2025-06-23T23:15:23.783000 -CVE-2025-6529,0,0,5939d745bd3d487f857a2a174ee40a3eef3cd5f9ed4541420b1ccd8bcf150ec0,2025-06-23T23:15:23.980000 -CVE-2025-6530,0,0,639790b7cf36a394013b206f6f5ba1257ba639269bfaa5c6603b3f61857328ca,2025-06-23T23:15:24.177000 -CVE-2025-6531,0,0,7cbb8659e90d4ef287eaefdc968ecbc80a7b050e0fc89f77f70317cf36b2eee7,2025-06-26T15:15:24.250000 -CVE-2025-6532,0,0,86b97cc081ce799f93178d6ecc465a0c60d5e09731b91755b70d7769569024c8,2025-06-25T15:15:26.467000 -CVE-2025-6533,0,0,d492ee571eaee5df043f384c635c6ac246fddd4934afdb55035bafe65d55de49,2025-06-25T15:15:26.600000 -CVE-2025-6534,0,0,4aaa4dbea2d1e21bce858b4566e1e92b835724c6fd1a3385ad07ba3ba2aacaa6,2025-06-25T13:15:27.137000 -CVE-2025-6535,0,0,e42f1a6543dbf0ee5c229c993281b53636fa2406c8182d5b8ffaa7f8f3686b13,2025-06-24T14:15:31.237000 -CVE-2025-6536,0,0,d013adec60ee7bce984765f553f00621206bf7b36426e84a34c5c79dd02e790d,2025-06-24T02:15:22.967000 -CVE-2025-6537,0,0,ff1e02454492e3a3242fcb4e59ec3fce144f672e062069dfa5e9266f582eff4f,2025-06-26T03:15:25.277000 -CVE-2025-6538,0,0,7bba3c14c2785d52af24c99e60ac079f7a141c76f0aa69aa013a97a3ef69dc50,2025-06-26T02:15:23.190000 -CVE-2025-6540,0,0,1e3b9bfa4edc5c0ae6fbd9d997a22ec00f49bd813e7b42df33fb652634c81dea,2025-06-26T03:15:25.430000 -CVE-2025-6543,0,0,9aaa2725da776ce785d24f0dd5eecc89432fc6f7cf3f4439ec7f3a38a63ef19f,2025-06-25T13:15:27.293000 +CVE-2025-6524,0,1,a7275ea041ffa7e979afd064b5baf753a7b8d034996389a1d24dc2a4b9f0ab13,2025-06-26T18:58:14.280000 +CVE-2025-6525,0,1,f9a4484f271973188d980443d7c340a5c21c022439185d3e11e100f20a1e0b89,2025-06-26T18:58:14.280000 +CVE-2025-6526,0,1,237dd2b6b7317839645fc76c98f0a5fe755dfdbc15e5c734032a915e25f5fcf6,2025-06-26T18:58:14.280000 +CVE-2025-6527,0,1,5524c74cc8fdd5a9bd7179b64acd2fa434893fc7591aa031d83fde067cc1faaa,2025-06-26T18:58:14.280000 +CVE-2025-6528,0,1,69c63cc13a183ec734930cfe4b2f778eaea5f059d7041560af4b03ebf340a121,2025-06-26T18:58:14.280000 +CVE-2025-6529,0,1,5458f47f025d2afa13f090c2ebfa78e6f56c8ee4c42a061d8ad93d5b537c902c,2025-06-26T18:58:14.280000 +CVE-2025-6530,0,1,4637f673d99f29f22138fb0416a385c66fe9f5692c4000439ab73c38f52781ff,2025-06-26T18:58:14.280000 +CVE-2025-6531,0,1,f41bc70c0253d2c0631fedc0512de38c9c692b202aac90656b714474b63f3ebd,2025-06-26T18:58:14.280000 +CVE-2025-6532,0,1,dcf1ad3ea07d8d9012bb3f07016d80f5e6d1e4fcaa1dc73dd6649b53920c89ec,2025-06-26T18:58:14.280000 +CVE-2025-6533,0,1,492d887b9495cf568d73a9f91a4235f8d4b3302adbb98cd523caec1f71017fac,2025-06-26T18:58:14.280000 +CVE-2025-6534,0,1,27dbfbc1ad88a7b2b9a2381731f87a7e228a23f139d2c856c6c4ef9c8c4f00da,2025-06-26T18:58:14.280000 +CVE-2025-6535,0,1,3ec3c99c4450294264961f65a26d690a1af52c1d1f2140ee1766ea03af869a81,2025-06-26T18:58:14.280000 +CVE-2025-6536,0,1,bd4abefc70387d924c3e572721c1a2fa7652203fc239516c5a7622b44e3bfb00,2025-06-26T18:58:14.280000 +CVE-2025-6537,0,1,aba74773e54d847a6dcdd26b2482f0491c84acb0bd3df1fe9fb1f724c6b81a08,2025-06-26T18:57:43.670000 +CVE-2025-6538,0,1,f0fdc75553b1c22679341e253db1da8954bb632a20495521f7de1f6b92741db5,2025-06-26T18:57:43.670000 +CVE-2025-6540,0,1,152da5365eac22d0f26ca667fa5bb4d11854e502ffc4dd5d66492004a74f6967,2025-06-26T18:57:43.670000 +CVE-2025-6543,0,1,a55929b5c8b39038198e6dcb5f98881c83e134e5862da06680aadb605be267b5,2025-06-26T18:57:43.670000 CVE-2025-6545,0,0,4a2e9a49fc7908d94e6672d7a2b53a6f95fca2e09b0d849d624a1d4044dc33c8,2025-06-23T20:16:21.633000 -CVE-2025-6546,0,0,7f4fed601cdb578810dd1a5cedbed6eeb0f6925914143ccccd7f3f890dcfc6cb,2025-06-26T03:15:25.587000 +CVE-2025-6546,0,1,494de40d7df6c2443041022672d90acb8494a980877b137f48c23d5cab87487a,2025-06-26T18:57:43.670000 CVE-2025-6547,0,0,308fc321cf1c1a3e1d4bfaae0194d79b5c51460bd5056b984e695544d81bad19,2025-06-23T20:16:21.633000 -CVE-2025-6551,0,0,28b300bbd8c144f51c63879310dc12af5cc8cc1da1c90b362d6276ed1d7f06a4,2025-06-24T14:15:31.390000 -CVE-2025-6552,0,0,803ee4a1ec8be82f7a7266a0e0782f249d6c01547f2c273254ca519cada86f3d,2025-06-24T03:15:35.520000 -CVE-2025-6555,0,0,c8debe65f417be0e5f85471b847c080813527a23bda7bdf471c05f76c2540041,2025-06-26T14:15:32.340000 -CVE-2025-6556,0,0,8a19ef2e594f32189105a51bbaa17de7108727340812df93f9f06f6754c5fa04,2025-06-26T14:15:32.510000 -CVE-2025-6557,0,0,9c8d24f715ee56ef9d342378028aa791ae3be74b300c390b225046716ecd370d,2025-06-24T21:15:26.697000 -CVE-2025-6559,0,0,444ed8a45550b3671771862423149729d25531cb4fc98aee2a01e13a863dcde8,2025-06-24T03:15:35.700000 -CVE-2025-6560,0,0,49ff1f0a782ce228cea5686f0cb1a3280168d6abbcd267d809259241cd7f946f,2025-06-24T03:15:35.897000 -CVE-2025-6561,0,0,0d6a89f454bc38ec98378cc3f7750d62ec8593ae58bc0da68998685caf2c659d,2025-06-26T12:15:21.913000 -CVE-2025-6562,0,0,3a1e4390f77815ecc8fad76d91f983ff410d225fbb932692890dc21fb586d1a7,2025-06-26T13:15:29.417000 -CVE-2025-6565,0,0,7c02fe0d71d3ef34b32cfe8d9c10c27142ce892b4368d3b905ba19c7208bc8cf,2025-06-24T13:15:24.790000 -CVE-2025-6566,0,0,bdaa465f16578029333551d89bfb08b4b9c40aa1c89afab89956ac46f91689ea,2025-06-24T16:15:30.043000 -CVE-2025-6567,0,0,5d754149f93ad7069f2d6b06b39e9a8d3070555d19c5f3fd33d0f2fd359ea32d,2025-06-24T15:15:25.623000 -CVE-2025-6568,0,0,78c40c1dd546517356b970cf01de10a143e7aca6dbd9dbb56f6a07312247f2e6,2025-06-24T15:15:25.823000 -CVE-2025-6569,0,0,a9a253cca959ecf71ee669abff58d1659a78fe1070e8dc321456c5ad3c982f46,2025-06-24T15:15:26.017000 -CVE-2025-6570,0,0,50d7fb23d6a96245e9def59e9d4d07e8e395df3419a7c2817a133b7f444ca78f,2025-06-25T14:15:25.460000 -CVE-2025-6578,0,0,af2637c61ea16d05cecb01cac485eded383d41ec954985f1f245d4df176aee36,2025-06-24T20:15:27.433000 -CVE-2025-6579,0,0,fcfc4d99bfb161b15743945c897440f1876e453b66f81d9d6e2cf977514af419,2025-06-24T20:15:27.630000 -CVE-2025-6580,0,0,bff877127ac299b68d532a4d0891146ee69d116ef7e91c01323ff9dba0e06ad6,2025-06-25T15:15:26.733000 -CVE-2025-6581,0,0,50bfec8ee476a916ab8228d5efb7c88d74abe6cec26cdc5c80407cfb9fe6693a,2025-06-25T15:15:26.973000 -CVE-2025-6582,0,0,e4526a7ccb0431d253a03d153c8cac3501da0d00570b11131cc66f39a1c4a358,2025-06-25T15:15:27.107000 -CVE-2025-6583,0,0,4b480856299a04a585bde6afcb6efaa5f004bf743183c64d4fe8658af4148874,2025-06-25T15:15:27.240000 -CVE-2025-6603,0,0,d0492af04a91c27b19f0489a0c33921a6410468e308ce186bd03faaf3f47413c,2025-06-25T11:15:22.193000 -CVE-2025-6604,0,0,3c0ee8fc4e276bcc0ba26093456b5673f8631d9f08ec08f8b3d86f82d8623b5a,2025-06-25T15:15:27.377000 -CVE-2025-6605,0,0,0c7e0a2dcd60283b5040f54191d009b0511c7d21e068d3b5de86310ca6b7b82e,2025-06-25T15:15:27.510000 -CVE-2025-6606,0,0,cf06656ba8916d3e53a1842849cee42f6fc89225729613e6b6abbff9716019b9,2025-06-25T15:15:27.640000 -CVE-2025-6607,0,0,071f381785518009a18676f9af9bd7b4c2b9a573c6c5c874ad1d1316f11960aa,2025-06-25T15:15:27.777000 -CVE-2025-6608,0,0,0858fc7c00cdbc285bbe8079325f3a4b0970245a2843c57ccb766944542eaf3e,2025-06-25T15:15:27.907000 -CVE-2025-6609,0,0,84039b5dcbc2b7157233c59ff4ab97a30dcdb46f825a5ea7aa0dff139042bd2c,2025-06-25T15:15:28.100000 -CVE-2025-6610,0,0,80e7d7fe69fa52e2262fa8cac53bc563d69fe41cbef1a3bf59f9888a985aec0e,2025-06-25T15:15:28.297000 -CVE-2025-6611,0,0,1ad98d30a486a6dab1ae5e7fedb1bf38d56aaff036ac9a01e3d6742a9a3f7840,2025-06-25T16:15:27.233000 -CVE-2025-6612,0,0,056bd0a67196d47507d93cf7096ad81e5149c433bdf425eb50ffc2d6bcc8f1da,2025-06-25T16:15:27.413000 -CVE-2025-6613,0,0,8ae1b51e5fef4c67b5addca2893725bb67eb764eebc7fc2637e2d1a1b4322c09,2025-06-25T10:15:23.253000 -CVE-2025-6614,0,0,699f90622826178b52878c00830ce99df2740e016ef27e45d12e691a88445b84,2025-06-25T16:15:27.593000 -CVE-2025-6615,0,0,53ff9c5d44a8d339a501e11061ebcec50806e8b7c1667ec1e50d3bcda67bd7a3,2025-06-25T16:15:27.790000 -CVE-2025-6616,0,0,69e3d0b87c0a15bcc888ba109078758162c727a166b9e07eb51047379945f9a0,2025-06-25T17:15:40.280000 -CVE-2025-6617,0,0,69a437ef6870d59f3c2ba3c010071a735995948d72c1f0a5d65bea12dcb87390,2025-06-25T17:15:40.507000 -CVE-2025-6618,0,0,8f0f71c280554a7c818df3f61621fbe8f744cc190f41ed0b491a2c752a76b10a,2025-06-25T18:15:24.757000 -CVE-2025-6619,0,0,5c8159eab9352f8a3543f33ff16bfd3dc7f586f658a3ae25f3220f2ef1217cdb,2025-06-25T18:15:24.950000 -CVE-2025-6620,0,0,7bc5ee9a6c35175ea4c2d789f1d97faf66ba959a6ed15da7fcebe667d5d906ec,2025-06-26T14:15:32.737000 -CVE-2025-6621,0,0,92ee36f9955ed67d57c6c13f2d4643afe1425501effe00183fb5a52fccd6ca0b,2025-06-26T14:15:32.933000 -CVE-2025-6624,0,0,07a93b2e9ed3c8caae6323425b398f9c4fc0ffd70646adb166b429f500d00218,2025-06-26T14:15:33.070000 -CVE-2025-6627,0,0,eea8842b3eb9b3e1cf7456e6d24ea2786dc05d22ee014f3051caf23b6445a606,2025-06-25T19:15:24.260000 -CVE-2025-6640,0,0,d30e371b0ff3d000e15d9a7d1b5a3f5520079493ac68bf58604fe76ee6d72653,2025-06-25T22:15:21.107000 -CVE-2025-6641,0,0,e8ff4a93ccd27943e33ffe831881654d963aa2f5a55e6036214c79a67b984675,2025-06-25T22:15:21.237000 -CVE-2025-6642,0,0,717a0241bf1d920f5b89a90101388b8ab2b4edf41dfb87969fcb22ba6d6b5047,2025-06-25T22:15:21.363000 -CVE-2025-6643,0,0,b776494edb6c81037eeb408f4a3f277531847242367d6af89fbfc03e3d38fc01,2025-06-25T22:15:21.487000 -CVE-2025-6644,0,0,4cc34224360ba8c59ae16269062b56b49a1d063afe405b111c1685a0bb65fe60,2025-06-25T22:15:21.617000 -CVE-2025-6645,0,0,5006a229a973d0f34315661726fe83e23fae8d52eef70d2d0ea79c666600ed31,2025-06-25T22:15:21.743000 -CVE-2025-6646,0,0,58e1d29ed6c64c33307bfb638db99fd59758e966a5160d94db366cf77018f961,2025-06-25T22:15:21.887000 -CVE-2025-6647,0,0,50ae35b57509c8c3679a7e1a08ff11abdcb609114cacc39a3cc6a8592eaf9b8a,2025-06-25T22:15:22.027000 -CVE-2025-6648,0,0,f5e84824e248dde3c1c93045cd6d86b9b619cc5fb945ea652093fff19f5033ca,2025-06-25T22:15:22.160000 -CVE-2025-6649,0,0,8d7b735f3796ff1b247608aa43cf77ad22583ebe7f888e226cf191d92db737c1,2025-06-25T22:15:22.307000 -CVE-2025-6650,0,0,898b2147475bddd80ee3c7c408b332c02522cc1702658d1e04ac21ff3bd9a2ce,2025-06-25T22:15:22.443000 -CVE-2025-6651,0,0,65eb6accfde919dbafdfc048ca3b6e1e671586e583ab0702380eb6904d69639d,2025-06-25T22:15:22.580000 -CVE-2025-6652,0,0,6c94832d1ce4132b985e4e3f3eb763dd1ee660cf3fc06c40b0491b6fde9ad113,2025-06-25T22:15:22.720000 -CVE-2025-6653,0,0,09c0e63814f0fc8c8a66adefd65d89ae136874c0e5ac1ecf2f26cd3c0841b849,2025-06-25T22:15:22.870000 -CVE-2025-6654,0,0,5a370473940d96cfaa74c91fdc8ed24c1ca647a6d97f8ba6ed2e98a68a45a243,2025-06-25T22:15:23.047000 -CVE-2025-6655,0,0,af9e84d103f0b15ea567c3f8d6ed52853e353aa20e6750586c20c59aac0d431f,2025-06-25T22:15:23.187000 -CVE-2025-6656,0,0,d256e001ec36e6fe1a6c03ed6fba61176852ff1064dde6308fa787f297655840,2025-06-25T22:15:23.330000 -CVE-2025-6657,0,0,ae3bb21a11c0a7f776050f37d37b67f25f7d079e3c75753fd567041123b806c6,2025-06-25T22:15:23.467000 -CVE-2025-6658,0,0,f05f18d2ef2f67b0419e0ceae9d7aee189ce738409755f8fb69dac19113f2143,2025-06-25T22:15:23.597000 -CVE-2025-6659,0,0,e84b3aa084e1165a6508b21ce9ee4a9722ea9d66559623a4034b89322b4701be,2025-06-25T22:15:23.740000 -CVE-2025-6660,0,0,34e8adfbc8a5e3750638d82f451b12baf6d9c480a876dac97e45583d3597d1ab,2025-06-25T22:15:23.863000 -CVE-2025-6661,0,0,92323326ae62b092992f67dc7f8c5e245ab4cb21eeeb54ceaf45d371bcc897b6,2025-06-25T22:15:23.997000 -CVE-2025-6662,0,0,649299c04ecf045716b034e15ae6b5fc5964ae6f7a610b5854e439030e714d01,2025-06-25T22:15:24.127000 -CVE-2025-6664,0,0,4d53d5a9dd9178a2799cb6e12b8d187c7d972a90867842aa034f6c50660d8a2a,2025-06-25T21:15:21.520000 -CVE-2025-6665,0,0,2e96d759f6fe88af751c06cee18efb031205cc71a1fb09e794ff8cc45bfaf69e,2025-06-25T21:15:21.703000 -CVE-2025-6667,0,0,8d9ad53a3335c05cc0865d1435899d49a25a3ca653a61e0fdb6ad611b59d429a,2025-06-25T22:15:24.280000 -CVE-2025-6668,0,0,b7f7ce19d9ba8dfe1a594307d757f6e849bb60917444403b692842e09544abd4,2025-06-25T22:15:24.450000 -CVE-2025-6669,0,0,259554a4afe15a633cf6db3e0b294386f75a87b93f6e7e142528c6c7d99925a1,2025-06-25T23:15:21.310000 -CVE-2025-6674,0,0,330dc93de5a800b119559ce432f3e727a55b7663e61bb6a3f51e753d26da542e,2025-06-26T14:15:34.047000 -CVE-2025-6675,0,0,d0299463a864b2634b63a6b6631e1d2676a687384aa6c5c64b95b21049704091,2025-06-26T14:15:34.177000 -CVE-2025-6676,0,0,904b961e1617fc5b434f2a983c54e82fb2b97c2a706594be0f12c0b7f95a3275,2025-06-26T14:15:34.353000 -CVE-2025-6677,0,0,d64d334c8e0095958043e9bdfe68545d6daf525f06d22d3f20470fe56e37e7db,2025-06-26T14:15:34.540000 -CVE-2025-6678,0,0,3d8df884ccaa68204bde970fbc5a3e37b905ea9e2d3ab8e9d4e745c1411dc54e,2025-06-25T18:15:25.507000 -CVE-2025-6693,0,0,aed7eff55f11f001475fd2a272338716cf45f574b1a0b5d56772bf159d041cf8,2025-06-26T13:15:29.593000 -CVE-2025-6694,0,0,ee51f17d9ad75bdeb5c5974329bba1fdde90571ade9e0013b45f8ad9f704c57b,2025-06-26T14:15:34.777000 -CVE-2025-6695,0,0,e535137c3817be7c059c48f3c72b85d7d3d98b1b11478f02b3f20aa6ba18bbdf,2025-06-26T14:15:34.967000 -CVE-2025-6696,0,0,afc23a687905a86e72dc36166a80d4d75f1137dcb3f841be0fbe42b41be72f13,2025-06-26T15:15:24.633000 -CVE-2025-6697,0,1,85c38d785f5e8c32346e3c53b60a2f8abf1eced95890c1012623934462d0a59f,2025-06-26T16:15:32.560000 -CVE-2025-6698,0,1,bda5d1b33c6591d4482a182f4472541cfea1ab5eec2230108598768e0855b9c7,2025-06-26T16:15:33.583000 -CVE-2025-6699,1,1,ddd4793ac17c57a98ce3f46146e63ab05b772593f92021d9b85a82f069096cae,2025-06-26T16:15:34.590000 -CVE-2025-6700,1,1,d6dd6081fc4a3e628511320526388de82806fe3f1879558f59d2b6fa0bfaac74,2025-06-26T16:15:35.740000 -CVE-2025-6701,1,1,a3e0912d16ddbd7ead3dd8db87c5dd3a2a97ee56b844df89f0e0b9adfd5dd6e0,2025-06-26T16:15:36.930000 -CVE-2025-6702,1,1,3142fcdee56d459a72b1ae0d133a9a195a16dcf0120e56e151b74ceb6f8b3871,2025-06-26T16:15:38.033000 -CVE-2025-6703,0,0,09072c2cd4e411c0d5c8360ca7f6fdefccb20fabc17c8c1696e0829eab242c2a,2025-06-26T10:15:25.950000 -CVE-2025-6706,0,0,f62ce3759b16005649e600aaa9f5f382173758ca404574900daf66e4ff538bac,2025-06-26T14:15:35.157000 -CVE-2025-6707,0,0,ec1919161028fcb80da5ac4bad2fe42ce7a27924784bf7ae929f38032df9e6d2,2025-06-26T14:15:35.313000 -CVE-2025-6709,0,0,7544591fa0466921cddd7453ee0b219f2c7a2f572e56858afaa90ca58a141123,2025-06-26T14:15:35.463000 -CVE-2025-6710,0,0,1c08e8c79115ef953504d39d589598b5f33f4db72e950ece70cb5bd1de02f4b0,2025-06-26T14:15:35.613000 +CVE-2025-6551,0,1,9449985e7a9055bc84479e0b0f2b57fed721bbaf75a59a8d5b22bb237a895a0a,2025-06-26T18:58:14.280000 +CVE-2025-6552,0,1,8717beff1ed0b4c67a4a3bc77f60be53e5be3c4b231cbc45b02cbdea4703f774,2025-06-26T18:58:14.280000 +CVE-2025-6555,0,1,778b8348c64662c8e4459061cabbb632e36dc7c09a92710349fb4cd01cbc0fbb,2025-06-26T18:58:14.280000 +CVE-2025-6556,0,1,0cdb8a2b9e72a2754bb3a3954835fbf3d9af035032442306dedd19790d98994e,2025-06-26T18:58:14.280000 +CVE-2025-6557,0,1,8cc85c420253a381d54904e4cdc2ede3bb9bc6850688f1e7d13a25637f2c7124,2025-06-26T18:58:14.280000 +CVE-2025-6559,0,1,9cb71ac3711fb3b86b569e9a51eb156c4586cc1e2e8b0bcfb406579e47f4c3bd,2025-06-26T18:58:14.280000 +CVE-2025-6560,0,1,0fbeb242211a22ef947f1fcdbf6b0e2a9cc7c2add8384266780a00d3eb1ea522,2025-06-26T18:58:14.280000 +CVE-2025-6561,0,1,83d61226b99ac74707dce5abf1d8af5092a5760229e6f24fe4f0f3e682784967,2025-06-26T18:57:43.670000 +CVE-2025-6562,0,1,fcfea14579c71c21a6c3fc7d5a6452ec3f1bf58bce45fcf51ede3f433e3f3646,2025-06-26T18:57:43.670000 +CVE-2025-6565,0,1,edbd540d511b85519129c288260b1fc37f33ec2182d67f9f0be78d5a0f7f9423,2025-06-26T18:58:14.280000 +CVE-2025-6566,0,1,affe36b1d137bfbb12f982c13c1f5a07ceb2d195d5a802635829756c7ce109c5,2025-06-26T18:58:14.280000 +CVE-2025-6567,0,1,f1c5a742877d71455ab4c64eb3fa2011895cb0259527253ca16b63462404b0fc,2025-06-26T18:58:14.280000 +CVE-2025-6568,0,1,8d64944cd6368c30908cec4c45e5899ab1ce98e146261518ccd258b3c441246b,2025-06-26T18:58:14.280000 +CVE-2025-6569,0,1,b43ce3c7fe66b936da7e514a37487a1a6951013e9fe5039c6b5b6ecfa14d08be,2025-06-26T18:58:14.280000 +CVE-2025-6570,0,1,86fd6f220acf2e34b4511f55c74b16c6c32c529a6a8aa0a3aaf0a9c23a79e3c3,2025-06-26T18:58:14.280000 +CVE-2025-6578,0,1,a99a9e383f515c0ced0d32ac616ed9a1ed673d64f2ed9cf85426f8c304e13984,2025-06-26T18:58:14.280000 +CVE-2025-6579,0,1,3d6a7c5d0aad3e5c34ccac81738e70023b07954822764311505b50e140781b0c,2025-06-26T18:58:14.280000 +CVE-2025-6580,0,1,9c9c406eaf321411d26b21ebf3fe36bf57118d92fad0a7472590dcf43c6c9752,2025-06-26T18:58:14.280000 +CVE-2025-6581,0,1,024446554e8c7f8ceb68131338678b035b6b602a703f2c6df46795b745ec2e57,2025-06-26T18:58:14.280000 +CVE-2025-6582,0,1,1b21b74baac64cca879d3951a43e789d45f08ea5e0c350b20131f38a6c6ea69e,2025-06-26T18:58:14.280000 +CVE-2025-6583,0,1,5236e532d96d3e6c1210fcae751385a59030854a84ea2eef5ca44ba01158b99e,2025-06-26T18:58:14.280000 +CVE-2025-6603,0,1,94e8918af653fece9803c6dda129968de5b58a553aefbcdcb849847b69658ab4,2025-06-26T18:57:43.670000 +CVE-2025-6604,0,1,c397cd3e0e84af2ca44d1258256446886d0ad89aa336321e2a2f841c51f0ae86,2025-06-26T18:57:43.670000 +CVE-2025-6605,0,1,e839350b9ca50e3f3754128d2756b4989dc726435f3b952119e07fc0c0cf61bf,2025-06-26T18:57:43.670000 +CVE-2025-6606,0,1,4bb103e41956aa930eb53f8657c7fdbc80e99d235e9d6dd68700393352489ee9,2025-06-26T18:57:43.670000 +CVE-2025-6607,0,1,9e95f24a170c749bf60cc453874f0b4d7835c5a09a107c323fa38812702e1c5c,2025-06-26T18:57:43.670000 +CVE-2025-6608,0,1,967354f559996510bef491a0d05047fcdfac415b57714ddaaa11f3c04616ad99,2025-06-26T18:57:43.670000 +CVE-2025-6609,0,1,a406e575a5c2ffb8fc5198701ac5b2f3624407964d8ab958c4c0499fd3d5611f,2025-06-26T18:57:43.670000 +CVE-2025-6610,0,1,7ac0c5f8b62677e960fead6fef9bb9ea0a34318fbe0db1a558c946a0c869eea8,2025-06-26T18:57:43.670000 +CVE-2025-6611,0,1,bcf05ff0e6408f67ffcc63f5c13b52527db31ac2bf2a37d14ca1ace700e6fe6d,2025-06-26T18:57:43.670000 +CVE-2025-6612,0,1,3a88c61eb049430673d0675332c40719f5068505766a0c6f11643434ed2eec63,2025-06-26T18:57:43.670000 +CVE-2025-6613,0,1,2e7c43b82890b2054fa8481e396a7928fc15bd0ab3df4af72681d06c0d318e90,2025-06-26T18:57:43.670000 +CVE-2025-6614,0,1,a4b9447cf67084a28ef80ddd77c6e65b60c53838ca782ac41e50ad5065d7f351,2025-06-26T18:57:43.670000 +CVE-2025-6615,0,1,3651b75930c9681780e305958075806e7ca9142b41bab149e34353d8688a7da9,2025-06-26T18:57:43.670000 +CVE-2025-6616,0,1,3a04106cb0212a6b452c724425ed252c342e526d90d0ef8f1c016a8413a5888c,2025-06-26T18:57:43.670000 +CVE-2025-6617,0,1,456dd71a6327ab9987b88d431349a93d6eee2211c965d5f50eafe528689fd4ef,2025-06-26T18:57:43.670000 +CVE-2025-6618,0,1,39beaef839f14ed1701c3e424756460822808d135305d9f1314272038dc78181,2025-06-26T18:57:43.670000 +CVE-2025-6619,0,1,69f4d3d46e4ba4fc84b6efe21f4c025991d8e36ba80cebbae72419ad47d8a228,2025-06-26T18:57:43.670000 +CVE-2025-6620,0,1,70ad3f7f82c3b3404fa550124cfb9cf012311af9544c43d1051cc90b777c26fa,2025-06-26T18:57:43.670000 +CVE-2025-6621,0,1,c14570ee0be9830722abdb762c29f08b171c425cb2f54ec456e97f267bf1bfe4,2025-06-26T18:57:43.670000 +CVE-2025-6624,0,1,ad8986c87013536a274498ca793121da00adb88754b57afa396d119e431e868e,2025-06-26T18:57:43.670000 +CVE-2025-6627,0,1,c950ca730fdda26763ea49bcaeaa58a8e259e8625f1aa8961e7113f9a899f207,2025-06-26T18:57:43.670000 +CVE-2025-6640,0,1,471afa23fd9f677655ba3091d4561086fd25783236eff4b8e6ea16357a74d351,2025-06-26T18:57:43.670000 +CVE-2025-6641,0,1,76142efbdefeda095d8d1e59a76fc97fac86a7dcd0d3c4d33992ad7d2f0fc426,2025-06-26T18:57:43.670000 +CVE-2025-6642,0,1,f82824ad3f5224623a4af6c6098cd17a9781d8ac1c09153e1d7a02680d027197,2025-06-26T18:57:43.670000 +CVE-2025-6643,0,1,fbdc01b43c6e49628cbeb405531598c24eea5c180e845f8291946ac6cc799965,2025-06-26T18:57:43.670000 +CVE-2025-6644,0,1,079b141cb186643938b44da6f7a29af1315fa2b6fccdae42a9d1cf5d770a486c,2025-06-26T18:57:43.670000 +CVE-2025-6645,0,1,3c78214cf99619dc6596cfaef2ccc42655ce198970ce4c4db50ce68c989b5d87,2025-06-26T18:57:43.670000 +CVE-2025-6646,0,1,916d5509d3745bee0996669c2ae4d840bed448f1040509dd38b6445669029f96,2025-06-26T18:57:43.670000 +CVE-2025-6647,0,1,e31ef63b01e4873231cb3b146171897ce0c5b4edf8543ec4394110cc3191f2da,2025-06-26T18:57:43.670000 +CVE-2025-6648,0,1,0ea72007913186a402b383a692de823185a88dde2ae51338bcf6c5fcc9e78130,2025-06-26T18:57:43.670000 +CVE-2025-6649,0,1,2830c086d4ca300689b6efd7f04bcca9f95098b27fde0e12cd86c6bf0da062fe,2025-06-26T18:57:43.670000 +CVE-2025-6650,0,1,f0be3c4f0882db3c1e5d1f31dbdee75a6eb0ce95339353c02cdf4b26357cb756,2025-06-26T18:57:43.670000 +CVE-2025-6651,0,1,22aaf26801bd4a8c351dd53d5967c26ff6a2cebd05d11e9cb71bc742037e5571,2025-06-26T18:57:43.670000 +CVE-2025-6652,0,1,a8406c446612e0b0985fd9519e447c8daa5fec042994a328828c6dcc92c7a241,2025-06-26T18:57:43.670000 +CVE-2025-6653,0,1,bc5a643a487b5d1057611fc41ebf856ba92de8a5336e8d4bd0226dc5fdd157ec,2025-06-26T18:57:43.670000 +CVE-2025-6654,0,1,78057a20808ecc3e2150e7f0ed0d76d7a8013359f29b315ec30e57dd519ab376,2025-06-26T18:57:43.670000 +CVE-2025-6655,0,1,ca844cc6922ea2efa3defb23173f1ecb6840f224fdd39a0923995f6baf276a0f,2025-06-26T18:57:43.670000 +CVE-2025-6656,0,1,a328b548121a0024aa0ee9df8828061cafbab3828b578f792afc9bbcac88fe9a,2025-06-26T18:57:43.670000 +CVE-2025-6657,0,1,eed6ed8dcaa8c849870cccaab6123bea7282d56c33581641662e1bccc1aefbc9,2025-06-26T18:57:43.670000 +CVE-2025-6658,0,1,84824daa2046d2a583de19303a876a782ccb1d31d58a5b090cb49c6461691b1c,2025-06-26T18:57:43.670000 +CVE-2025-6659,0,1,f20d81e77d02663066b29d10e19c3f0d72db3ef3ee3efbe159692a82a1568da9,2025-06-26T18:57:43.670000 +CVE-2025-6660,0,1,b2c46ef9b749eb1a8739407c0aa2f1fa7c4800bbba340aa11fafd16fad30fdd5,2025-06-26T18:57:43.670000 +CVE-2025-6661,0,1,0a6fd1ca8bda3f42faed49a1521f09e40d46a36c8e217b4ea47710e8104723b6,2025-06-26T18:57:43.670000 +CVE-2025-6662,0,1,5c5166ff9346183b32a70db53aef827fb54827f9b31eed5d0663faf254f2a0be,2025-06-26T18:57:43.670000 +CVE-2025-6664,0,1,b59c5ac0ffd12f26f1667bb3b1f1d70586046e2737dd9c43ca73c0160fe59d9d,2025-06-26T18:57:43.670000 +CVE-2025-6665,0,1,cae6f38614e95a90e82f8e14bc52bf6444590cc7c1ea73a256bc3d9f6f237d0e,2025-06-26T18:57:43.670000 +CVE-2025-6667,0,1,e82ef3fbeea1dbd55ce0228b1929adbf6445027fc60dc89264a9f923a5f56596,2025-06-26T18:57:43.670000 +CVE-2025-6668,0,1,1831199a665c7e44444fabd551eda27ff15d58ffffcfa5bed9602759b1fd5c21,2025-06-26T18:57:43.670000 +CVE-2025-6669,0,1,6c280accb485f2bdac69ab15c960422951086f832fb2d91dff44be7e2db418d2,2025-06-26T18:57:43.670000 +CVE-2025-6674,0,1,2a96b77d18a3ed5a15d1217808f66635d48de16e05f22c39a4ae455ffcadc0f2,2025-06-26T18:57:43.670000 +CVE-2025-6675,0,1,da67a1c2004e5cc5e54b7c0644d8650536b661cde378d828659935fe26d9ab2b,2025-06-26T18:57:43.670000 +CVE-2025-6676,0,1,bd087b07cf4f670b55016364756fd99233a6c207f4660c77a1d02dfb21e7e185,2025-06-26T18:57:43.670000 +CVE-2025-6677,0,1,acebdee1bab1b9696bbe1cc2728cc921d110c8667bb322e4e70895d16ae25d3b,2025-06-26T18:57:43.670000 +CVE-2025-6678,0,1,015887ea893979c5601a9a5730f4adfb06aac901dd851eeda9fa3abff9762944,2025-06-26T18:57:43.670000 +CVE-2025-6693,0,1,c745d625a09de6a80b2525f9479d58ae097165e28dcd3ffee9a8c3e54ca98445,2025-06-26T18:57:43.670000 +CVE-2025-6694,0,1,5f5323fcc40d9fa4cc7d77fb9721c6f22d813f802bb1e02959014ac7ffa13287,2025-06-26T18:57:43.670000 +CVE-2025-6695,0,1,3b63ab5fa439fc8617ded8a85f65d7efe89651b3c92e95dcfdbaa2456877b964,2025-06-26T18:57:43.670000 +CVE-2025-6696,0,1,b7afaf8ae67b461e8b54336341add95bfa644030c5b4197ec5f852875fb85b7b,2025-06-26T18:57:43.670000 +CVE-2025-6697,0,1,c312aff8b3da9d8c40e639743d93939ff4620f442215f038fa5ff73f94267f90,2025-06-26T18:57:43.670000 +CVE-2025-6698,0,1,40cbdfa815fbc9a2c0a8b50b505d8d22b791fafd9e35bd7a3dabc9bfb902cd44,2025-06-26T18:57:43.670000 +CVE-2025-6699,0,1,aa672e3cdf7975f9a48fcafa883642a308d9755fcb3cd6d2bd41d7072ee7b07b,2025-06-26T18:57:43.670000 +CVE-2025-6700,0,1,ec5745583eb140cd6e26feee4053d027111d4002634d3b2809beb12abbf16312,2025-06-26T18:57:43.670000 +CVE-2025-6701,0,1,ba0c2c3999d3ff1b57f63dd06df7d9ef802800de260bc43bd881fe5ea929ec1b,2025-06-26T18:57:43.670000 +CVE-2025-6702,0,1,940f551a41ee91b1945b77159a65aab51f94a182ac33d1e10592b85ba816cd2a,2025-06-26T18:57:43.670000 +CVE-2025-6703,0,1,0d9be36ef80bdf06400d3f3c9d49c1e852425f26caf80a96158d35b6fe0baf1a,2025-06-26T18:57:43.670000 +CVE-2025-6706,0,1,e1ad2661eb0b2cc00595c80c51f437664f432617b81595d4eee5ef9e521b3ca6,2025-06-26T18:57:43.670000 +CVE-2025-6707,0,1,aef66556c55eec41bae463c7faf45c123c97efb1da15664a3018a0cfbb06ba4a,2025-06-26T18:57:43.670000 +CVE-2025-6709,0,1,90498322242e290afd27889d9cfd65fddf909a1cfa7b78d899a4f3639a3f1253,2025-06-26T18:57:43.670000 +CVE-2025-6710,0,1,97fb861af21f82df37e774a622e381a13202757cf11269e05074cb8b8b77bc3d,2025-06-26T18:57:43.670000