Auto-Update: 2025-03-28T05:00:20.315341+00:00

2025-06-19 17:31:42 +00:00 · 2025-03-28 05:03:52 +00:00 · 2025-03-28 05:03:52 +00:00 · 7f7d72751d
commit 7f7d72751d
parent 4753dabb1c
14 changed files with 654 additions and 36 deletions
--- a/CVE-2024/CVE-2024-139xx/CVE-2024-13939.json
+++ b/CVE-2024/CVE-2024-139xx/CVE-2024-13939.json
@ -0,0 +1,33 @@
 {
  "id": "CVE-2024-13939",
  "sourceIdentifier": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
  "published": "2025-03-28T03:15:15.720",
  "lastModified": "2025-03-28T03:15:15.720",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow an attacker to guess the length of a secret string.\n\nAs stated in the documentation: \"If the lengths of the strings are different, because equals returns false right away the size of the secret string may be leaked (but not its contents).\"\n\nThis is similar to\u00a0CVE-2020-36829"
    }
  ],
  "metrics": {},
  "weaknesses": [
    {
      "source": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-208"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://metacpan.org/release/FRACTAL/String-Compare-ConstantTime-0.321/view/lib/String/Compare/ConstantTime.pm#TIMING-SIDE-CHANNEL",
      "source": "9b29abf9-4ab0-4765-b253-1875cd9b441e"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-496xx/CVE-2024-49601.json
+++ b/CVE-2024/CVE-2024-496xx/CVE-2024-49601.json
@ -0,0 +1,56 @@
 {
  "id": "CVE-2024-49601",
  "sourceIdentifier": "security_alert@emc.com",
  "published": "2025-03-28T03:15:16.650",
  "lastModified": "2025-03-28T03:15:16.650",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Command execution."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "security_alert@emc.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
          "baseScore": 7.3,
          "baseSeverity": "HIGH",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "availabilityImpact": "LOW"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.4
      }
    ]
  },
  "weaknesses": [
    {
      "source": "security_alert@emc.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.dell.com/support/kbdoc/en-us/000300090/dsa-2025-116-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities",
      "source": "security_alert@emc.com"
    }
  ]
 }
--- a/CVE-2025/CVE-2025-233xx/CVE-2025-23383.json
+++ b/CVE-2025/CVE-2025-233xx/CVE-2025-23383.json
@ -0,0 +1,56 @@
 {
  "id": "CVE-2025-23383",
  "sourceIdentifier": "security_alert@emc.com",
  "published": "2025-03-28T03:15:17.297",
  "lastModified": "2025-03-28T03:15:17.297",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "security_alert@emc.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9
      }
    ]
  },
  "weaknesses": [
    {
      "source": "security_alert@emc.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.dell.com/support/kbdoc/en-us/000300090/dsa-2025-116-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities",
      "source": "security_alert@emc.com"
    }
  ]
 }
--- a/CVE-2025/CVE-2025-243xx/CVE-2025-24377.json
+++ b/CVE-2025/CVE-2025-243xx/CVE-2025-24377.json
@ -0,0 +1,56 @@
 {
  "id": "CVE-2025-24377",
  "sourceIdentifier": "security_alert@emc.com",
  "published": "2025-03-28T03:15:17.460",
  "lastModified": "2025-03-28T03:15:17.460",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution and Elevation of privileges."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "security_alert@emc.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9
      }
    ]
  },
  "weaknesses": [
    {
      "source": "security_alert@emc.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.dell.com/support/kbdoc/en-us/000300090/dsa-2025-116-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities",
      "source": "security_alert@emc.com"
    }
  ]
 }
--- a/CVE-2025/CVE-2025-243xx/CVE-2025-24378.json
+++ b/CVE-2025/CVE-2025-243xx/CVE-2025-24378.json
@ -0,0 +1,56 @@
 {
  "id": "CVE-2025-24378",
  "sourceIdentifier": "security_alert@emc.com",
  "published": "2025-03-28T03:15:17.617",
  "lastModified": "2025-03-28T03:15:17.617",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "security_alert@emc.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9
      }
    ]
  },
  "weaknesses": [
    {
      "source": "security_alert@emc.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.dell.com/support/kbdoc/en-us/000300090/dsa-2025-116-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities",
      "source": "security_alert@emc.com"
    }
  ]
 }
--- a/CVE-2025/CVE-2025-243xx/CVE-2025-24379.json
+++ b/CVE-2025/CVE-2025-243xx/CVE-2025-24379.json
@ -0,0 +1,56 @@
 {
  "id": "CVE-2025-24379",
  "sourceIdentifier": "security_alert@emc.com",
  "published": "2025-03-28T03:15:17.783",
  "lastModified": "2025-03-28T03:15:17.783",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "security_alert@emc.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9
      }
    ]
  },
  "weaknesses": [
    {
      "source": "security_alert@emc.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.dell.com/support/kbdoc/en-us/000300090/dsa-2025-116-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities",
      "source": "security_alert@emc.com"
    }
  ]
 }
--- a/CVE-2025/CVE-2025-243xx/CVE-2025-24380.json
+++ b/CVE-2025/CVE-2025-243xx/CVE-2025-24380.json
@ -0,0 +1,56 @@
 {
  "id": "CVE-2025-24380",
  "sourceIdentifier": "security_alert@emc.com",
  "published": "2025-03-28T03:15:17.953",
  "lastModified": "2025-03-28T03:15:17.953",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "security_alert@emc.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9
      }
    ]
  },
  "weaknesses": [
    {
      "source": "security_alert@emc.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.dell.com/support/kbdoc/en-us/000300090/dsa-2025-116-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities",
      "source": "security_alert@emc.com"
    }
  ]
 }
--- a/CVE-2025/CVE-2025-243xx/CVE-2025-24381.json
+++ b/CVE-2025/CVE-2025-243xx/CVE-2025-24381.json
@ -0,0 +1,56 @@
 {
  "id": "CVE-2025-24381",
  "sourceIdentifier": "security_alert@emc.com",
  "published": "2025-03-28T03:15:18.120",
  "lastModified": "2025-03-28T03:15:18.120",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Dell Unity, version(s) 5.4 and prior, contain(s) an URL Redirection to Untrusted Site ('Open Redirect') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to a targeted application user being redirected to arbitrary web URLs. The vulnerability could be leveraged by attackers to conduct phishing attacks that cause users to divulge sensitive information. Exploitation may allow for session theft."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "security_alert@emc.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "REQUIRED",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9
      }
    ]
  },
  "weaknesses": [
    {
      "source": "security_alert@emc.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-601"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.dell.com/support/kbdoc/en-us/000300090/dsa-2025-116-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities",
      "source": "security_alert@emc.com"
    }
  ]
 }
--- a/CVE-2025/CVE-2025-243xx/CVE-2025-24383.json
+++ b/CVE-2025/CVE-2025-243xx/CVE-2025-24383.json
@ -2,13 +2,13 @@
  "id": "CVE-2025-24383",
  "sourceIdentifier": "security_alert@emc.com",
  "published": "2025-03-28T02:15:14.367",
-  "lastModified": "2025-03-28T02:15:14.367",
+  "lastModified": "2025-03-28T03:15:18.290",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
-      "value": "Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command Vulnerability. A low-privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges"
+      "value": "Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to delete arbitrary files. This vulnerability is considered critical as it can be leveraged to delete critical system files as root. Dell recommends customers to upgrade at the earliest opportunity."
    }
  ],
  "metrics": {
@ -18,27 +18,27 @@
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
-          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
-          "baseScore": 7.8,
+          "baseScore": 9.1,
-          "baseSeverity": "HIGH",
+          "baseSeverity": "CRITICAL",
-          "attackVector": "LOCAL",
+          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
-          "privilegesRequired": "LOW",
+          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
-          "confidentialityImpact": "HIGH",
+          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH"
        },
-        "exploitabilityScore": 1.8,
+        "exploitabilityScore": 3.9,
-        "impactScore": 5.9
+        "impactScore": 5.2
      }
    ]
  },
  "weaknesses": [
    {
      "source": "security_alert@emc.com",
-      "type": "Primary",
+      "type": "Secondary",
      "description": [
        {
          "lang": "en",
--- a/CVE-2025/CVE-2025-243xx/CVE-2025-24385.json
+++ b/CVE-2025/CVE-2025-243xx/CVE-2025-24385.json
@ -0,0 +1,56 @@
 {
  "id": "CVE-2025-24385",
  "sourceIdentifier": "security_alert@emc.com",
  "published": "2025-03-28T03:15:18.453",
  "lastModified": "2025-03-28T03:15:18.453",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution and Elevation of privileges."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "security_alert@emc.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9
      }
    ]
  },
  "weaknesses": [
    {
      "source": "security_alert@emc.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.dell.com/support/kbdoc/en-us/000300090/dsa-2025-116-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities",
      "source": "security_alert@emc.com"
    }
  ]
 }
--- a/CVE-2025/CVE-2025-243xx/CVE-2025-24386.json
+++ b/CVE-2025/CVE-2025-243xx/CVE-2025-24386.json
@ -0,0 +1,56 @@
 {
  "id": "CVE-2025-24386",
  "sourceIdentifier": "security_alert@emc.com",
  "published": "2025-03-28T03:15:18.620",
  "lastModified": "2025-03-28T03:15:18.620",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "security_alert@emc.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9
      }
    ]
  },
  "weaknesses": [
    {
      "source": "security_alert@emc.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.dell.com/support/kbdoc/en-us/000300090/dsa-2025-116-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities",
      "source": "security_alert@emc.com"
    }
  ]
 }
--- a/CVE-2025/CVE-2025-28xx/CVE-2025-2894.json
+++ b/CVE-2025/CVE-2025-28xx/CVE-2025-2894.json
@ -0,0 +1,68 @@
 {
  "id": "CVE-2025-2894",
  "sourceIdentifier": "cve@takeonme.org",
  "published": "2025-03-28T03:15:18.780",
  "lastModified": "2025-03-28T03:15:18.780",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Go1\u00a0also known as \"The World's First Intelligence Bionic Quadruped Robot Companion of Consumer Level,\" contains an undocumented backdoor that can enable the manufacturer, and anyone in possession of the correct API key, complete remote control over the affected robotic device using the CloudSail remote access service."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "cve@takeonme.org",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "baseScore": 6.6,
          "baseSeverity": "MEDIUM",
          "attackVector": "NETWORK",
          "attackComplexity": "HIGH",
          "privilegesRequired": "HIGH",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 0.7,
        "impactScore": 5.9
      }
    ]
  },
  "weaknesses": [
    {
      "source": "cve@takeonme.org",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-912"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://github.com/MAVProxyUser/YushuTechUnitreeGo1/blob/main/Unitree_report.pdf",
      "source": "cve@takeonme.org"
    },
    {
      "url": "https://github.com/unitreerobotics/unitree_ros/issues/120",
      "source": "cve@takeonme.org"
    },
    {
      "url": "https://takeonme.org/cves/cve-2025-2894/",
      "source": "cve@takeonme.org"
    },
    {
      "url": "https://x.com/d0tslash/status/1730989109332607208",
      "source": "cve@takeonme.org"
    }
  ]
 }
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 ```plain
-2025-03-28T03:00:19.504657+00:00
+2025-03-28T05:00:20.315341+00:00
 ```
 ### Most recent CVE Modification Timestamp synchronized with NVD
 ```plain
-2025-03-28T02:15:14.367000+00:00
+2025-03-28T03:15:18.780000+00:00
 ```
 ### Last Data Feed Release
@ -33,29 +33,31 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 ```plain
-287137
+287148
 ```
 ### CVEs added in the last Commit
-Recently added CVEs: `7`
+Recently added CVEs: `11`
- [CVE-2024-49563](CVE-2024/CVE-2024-495xx/CVE-2024-49563.json) (`2025-03-28T02:15:13.510`)
+- [CVE-2024-13939](CVE-2024/CVE-2024-139xx/CVE-2024-13939.json) (`2025-03-28T03:15:15.720`)
- [CVE-2024-49564](CVE-2024/CVE-2024-495xx/CVE-2024-49564.json) (`2025-03-28T02:15:13.670`)
+- [CVE-2024-49601](CVE-2024/CVE-2024-496xx/CVE-2024-49601.json) (`2025-03-28T03:15:16.650`)
- [CVE-2024-49565](CVE-2024/CVE-2024-495xx/CVE-2024-49565.json) (`2025-03-28T02:15:13.810`)
+- [CVE-2025-23383](CVE-2025/CVE-2025-233xx/CVE-2025-23383.json) (`2025-03-28T03:15:17.297`)
- [CVE-2025-1860](CVE-2025/CVE-2025-18xx/CVE-2025-1860.json) (`2025-03-28T01:15:16.063`)
+- [CVE-2025-24377](CVE-2025/CVE-2025-243xx/CVE-2025-24377.json) (`2025-03-28T03:15:17.460`)
- [CVE-2025-22398](CVE-2025/CVE-2025-223xx/CVE-2025-22398.json) (`2025-03-28T02:15:14.063`)
+- [CVE-2025-24378](CVE-2025/CVE-2025-243xx/CVE-2025-24378.json) (`2025-03-28T03:15:17.617`)
- [CVE-2025-24382](CVE-2025/CVE-2025-243xx/CVE-2025-24382.json) (`2025-03-28T02:15:14.217`)
+- [CVE-2025-24379](CVE-2025/CVE-2025-243xx/CVE-2025-24379.json) (`2025-03-28T03:15:17.783`)
- [CVE-2025-24383](CVE-2025/CVE-2025-243xx/CVE-2025-24383.json) (`2025-03-28T02:15:14.367`)
+- [CVE-2025-24380](CVE-2025/CVE-2025-243xx/CVE-2025-24380.json) (`2025-03-28T03:15:17.953`)
 - [CVE-2025-24381](CVE-2025/CVE-2025-243xx/CVE-2025-24381.json) (`2025-03-28T03:15:18.120`)
 - [CVE-2025-24385](CVE-2025/CVE-2025-243xx/CVE-2025-24385.json) (`2025-03-28T03:15:18.453`)
 - [CVE-2025-24386](CVE-2025/CVE-2025-243xx/CVE-2025-24386.json) (`2025-03-28T03:15:18.620`)
 - [CVE-2025-2894](CVE-2025/CVE-2025-28xx/CVE-2025-2894.json) (`2025-03-28T03:15:18.780`)
 ### CVEs modified in the last Commit
-Recently modified CVEs: `3`
+Recently modified CVEs: `1`
- [CVE-2025-2783](CVE-2025/CVE-2025-27xx/CVE-2025-2783.json) (`2025-03-28T01:00:02.260`)
+- [CVE-2025-24383](CVE-2025/CVE-2025-243xx/CVE-2025-24383.json) (`2025-03-28T03:15:18.290`)
 - [CVE-2025-30232](CVE-2025/CVE-2025-302xx/CVE-2025-30232.json) (`2025-03-28T01:15:16.200`)
 - [CVE-2025-30349](CVE-2025/CVE-2025-303xx/CVE-2025-30349.json) (`2025-03-28T01:15:16.323`)
 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -248321,6 +248321,7 @@ CVE-2024-13923,0,0,a528ee5b51622639984378ce5c82c5f3996bc4ee38135a9723b678cb2485b
 CVE-2024-13924,0,0,6771f2a575eb9b234ba437c9c60a2d5807f8aded376287df6e1ca4c3782207e4,2025-03-12T16:23:39.567000
 CVE-2024-1393,0,0,807d9a3a72d3c227cf073d19ae4d043ce29012d9a81f19ad09766963a4531e84,2025-01-17T19:54:07.350000
 CVE-2024-13933,0,0,6c1d1592227807572b59c7607e13d58cd1b568936f1ec0b9bb42956c7610a4b0,2025-03-19T12:15:14.003000
 CVE-2024-13939,1,1,9095ab11c8403140c63d606d75e5bbd0f4652ec635cba4d1445fca7f23b40b58,2025-03-28T03:15:15.720000
 CVE-2024-1394,0,0,3bfb4bdf7cbd2e83903d52b6ed8359606dbe1ee24d71dfdae11060be7f14efdb,2024-11-21T08:50:29.120000
 CVE-2024-1395,0,0,ed536711b27a260dcabc83b13b40c152f8095e7ae0057538c9212759790c4e88,2025-03-27T17:07:28.860000
 CVE-2024-1396,0,0,99c867002ef97abbaaafea27abb6c91c61f510e73a2f0816bc88ba650d70c41c,2024-11-21T08:50:29.700000
@ -271431,9 +271432,9 @@ CVE-2024-49559,0,0,f90e99fcfcd847f672ab154a15c60ecc3ca296cb460994670eb3d57ca173c
 CVE-2024-4956,0,0,b59f0fa653d583ff50139b3494916619d3242eed1a7ae59aab01da9b6e8c6c91,2024-11-21T09:43:56.520000
 CVE-2024-49560,0,0,3f26500c4dded44eae4dc46589e64362e416f55913f19fef12f4ea5a50ab24a4,2024-11-15T17:35:25.407000
 CVE-2024-49561,0,0,1b32846a009c403b581ef70cd7919967c62d38ba68386993b5ed55b52ed1e315,2025-03-17T18:15:20.270000
-CVE-2024-49563,1,1,f59d5636cfb4ee5a62a211ae4e14694de5f037f6538422bf48fbe607f59e2b15,2025-03-28T02:15:13.510000
+CVE-2024-49563,0,0,f59d5636cfb4ee5a62a211ae4e14694de5f037f6538422bf48fbe607f59e2b15,2025-03-28T02:15:13.510000
-CVE-2024-49564,1,1,494647b6e6aea9b023672f0f6c0c877fb2a87cce22053173fd6c3e452783cc8b,2025-03-28T02:15:13.670000
+CVE-2024-49564,0,0,494647b6e6aea9b023672f0f6c0c877fb2a87cce22053173fd6c3e452783cc8b,2025-03-28T02:15:13.670000
-CVE-2024-49565,1,1,430719355bd9def2646512541f8e870c24f0c17785979077f8ea3d405bb5054c,2025-03-28T02:15:13.810000
+CVE-2024-49565,0,0,430719355bd9def2646512541f8e870c24f0c17785979077f8ea3d405bb5054c,2025-03-28T02:15:13.810000
 CVE-2024-49568,0,0,2424937b6c632a3bb8bbe23f1d59070173b0b27451c699774823ff5adcd561d7,2025-01-11T13:15:23.637000
 CVE-2024-49569,0,0,b1379fd025e32fab88c21975ab9b6f766098726076e1ee1ddc484d172b3d093a,2025-01-11T13:15:23.840000
 CVE-2024-4957,0,0,faf1bb90e1dc631958a9f6c5494539e38e22b9c3203a1f9393f289eefc9d7e39,2024-11-21T09:43:56.650000
@ -271456,6 +271457,7 @@ CVE-2024-49596,0,0,b7966d34c19feea70dac540d15635d0013692b6eb03f14dffb223315ddbf0
 CVE-2024-49597,0,0,0f43b6a26ef992927181ec924f91412689184ed4ddb965d5c97b9a85a48751d8,2025-02-04T18:08:57.110000
 CVE-2024-4960,0,0,ab992808fb9ee8848a3377965f63c287d94fe1a52846232bceac2f30716952e0,2024-11-21T09:43:57.130000
 CVE-2024-49600,0,0,e76167604d13f2ebffa0b3a871c9ce4a992612d959351091d21477e455c1050e,2025-02-04T16:10:48.620000
 CVE-2024-49601,1,1,1f1454e7848e3f0897adfb876cd78727dab27f170295c07cfad2c9a871941589,2025-03-28T03:15:16.650000
 CVE-2024-49602,0,0,ce2881877ef434cea49676d9552515f35e1e7fab160d8c28c4447d4378779323,2025-01-09T15:43:39.177000
 CVE-2024-49603,0,0,a4bfea8d6205a36c6ccbfdcc6517bedb6fb1c64a34415f1f1c91481a5593a5b2,2025-01-09T15:46:25.277000
 CVE-2024-49604,0,0,52d4bcd33cef053b3c621fc8feb1ba701ad78ff56ae956fe76566248ea674eb4,2024-10-23T15:49:25.567000
@ -282215,7 +282217,7 @@ CVE-2025-1856,0,0,b1ac28470f3f43f9bc8e0058382bf2f5bdf4a3a8af762c9efcf71661baee04
 CVE-2025-1857,0,0,818488625417d8af4a65dda3d70be6b5611a94debd81aafcadaaa8f15a86f4fe,2025-03-03T08:15:16.823000
 CVE-2025-1858,0,0,988ce388e9a6bf83d2134feab05ec9557f8d5d059b2c6f3b50e9e023160ee37a,2025-03-03T09:15:38.857000
 CVE-2025-1859,0,0,70eed6aa2ae7042bee5e2f20f0d8c842e42ef5f3e1a1b3da126361521cdde159,2025-03-07T14:13:19.170000
-CVE-2025-1860,1,1,b11f2f3bea6ec65a49d6d878f3fa3680cefa9dc020006d586e2c7c1df0fa95aa,2025-03-28T01:15:16.063000
+CVE-2025-1860,0,0,b11f2f3bea6ec65a49d6d878f3fa3680cefa9dc020006d586e2c7c1df0fa95aa,2025-03-28T01:15:16.063000
 CVE-2025-1864,0,0,c92fc87cd84b99acae49e648c1289b46612421f948d2c6533ab7724af225a718,2025-03-03T09:15:39.210000
 CVE-2025-1866,0,0,6d645070e86ae70b91e6d45d95a260c1e9eb1ae7937ef173d0ea19de235adb52,2025-03-03T09:15:39.370000
 CVE-2025-1867,0,0,a65a0cea20f97468944d29f6ba9795de8029e0ca08dd1a9572fb100876a713fb,2025-03-03T09:15:39.520000
@ -283453,7 +283455,7 @@ CVE-2025-2239,0,0,9d2e9828cc688e239d6efe000df62673f2e02977b1a02588fbeac8a08d0d24
 CVE-2025-22390,0,0,7d4cd529983da112f2a19a24b746418738cb2927e6e8de52b7de278b35e6ad14,2025-01-06T17:15:48.170000
 CVE-2025-22394,0,0,74bb5d327b5fabc5afe5722acba49dd35fe0c1d26a691784f120eb1e4f911ff7,2025-02-04T15:51:11.187000
 CVE-2025-22395,0,0,57c4b1d051c16506745f86a05c2206d0865c29f77486f620f2a0dfc5c8b5dd11,2025-02-04T15:49:52.617000
-CVE-2025-22398,1,1,484cb96be1aa0d526122645cb015da87244b20799983476ba0551a1e3e85b9bb,2025-03-28T02:15:14.063000
+CVE-2025-22398,0,0,484cb96be1aa0d526122645cb015da87244b20799983476ba0551a1e3e85b9bb,2025-03-28T02:15:14.063000
 CVE-2025-22399,0,0,c37486f8439a24e18965df381b1fbd8facfe56e4e036c4d759697286660e2568,2025-02-11T17:15:34.453000
 CVE-2025-2240,0,0,25e3541b07a27ea8194c3a7ce5044ea5a9c60778f5708b73346d363dc4edcd65,2025-03-13T20:15:26.857000
 CVE-2025-22402,0,0,6f8fff7283a94f5896b11ef84f302b0565ff570b2cada8e73fd3faea43645321,2025-03-04T16:24:09.313000
@ -284010,6 +284012,7 @@ CVE-2025-2337,0,0,7d9e5607ad2b02dfc242a3305f849e66226e5392d822e3a7a605b0e9bacb54
 CVE-2025-23374,0,0,dc7fc0938dfddbb9f9d96945d0cf484d16ace6397f0b6d455113dea4502470b2,2025-02-07T20:09:28.717000
 CVE-2025-2338,0,0,d6a145ee9d99f0b331d4e327057f954207c4362f81df3d1dbf4d76a1b480aa57,2025-03-17T15:15:45.113000
 CVE-2025-23382,0,0,607dd91845211bbafd299e41a03d19f4efc365f4aee35f49c34ca976065bd66b,2025-03-19T16:15:30.787000
 CVE-2025-23383,1,1,88b9fab182efc1dee54c4f66d27054b813800ab55b4d838a9fe8e2c0068847e6,2025-03-28T03:15:17.297000
 CVE-2025-23384,0,0,d7685224b7a10743fe5eae6a1ebefcafcac773ad88bd00cac8b6407ed3adf454,2025-03-11T10:15:16.330000
 CVE-2025-23385,0,0,44f68c3210fdb2f588e2b733b3276d4f924d74ac5df4660c1e28e1d2bd89eca2,2025-01-28T16:15:41.377000
 CVE-2025-2339,0,0,fb243958e2daa877ca1a322ef09207ff301ba4f92634dddb833183fd13861e60,2025-03-17T15:15:45.253000
@ -284796,8 +284799,15 @@ CVE-2025-24372,0,0,d67365bd89db4c3751e20f68485685bbddaa30222f766a46b2792537e2dc9
 CVE-2025-24373,0,0,828a96e86ff08b742aa150355f229fc88d281347208da05d776aed19719723da,2025-02-19T15:45:13.197000
 CVE-2025-24374,0,0,9d28476f7b9e0a721c68d8f61a3e330d2e4b6e221dde61867e43ef2d95c1b3bb,2025-01-29T16:15:44.090000
 CVE-2025-24376,0,0,7e46d4cd45c80d06e2794dedbb8a5a694e79dc599f98b5860f6d746c41079abd,2025-01-30T16:15:31.630000
-CVE-2025-24382,1,1,ad9beb3d6f3bfddeec4028505b160493ecb127c5109036591d9870afc7c367a3,2025-03-28T02:15:14.217000
+CVE-2025-24377,1,1,fc7f0bd7e605f75e9f09e09221904bbe10bb3f94c80faaff57660f4fc6d52e6b,2025-03-28T03:15:17.460000
-CVE-2025-24383,1,1,aa2f64b1ff90ee0b7272b2d2c8066d89d58cbf2b9a016c3554fbca659ef0974f,2025-03-28T02:15:14.367000
+CVE-2025-24378,1,1,5c720cad589c679876db550c41bc823eeb88d8ff16cc6e352a8a706eb0369af0,2025-03-28T03:15:17.617000
 CVE-2025-24379,1,1,d2dd380b28e29b7a382528b75c9a73b8289ead00c3aabd73bd0c2a65f0e7d4c6,2025-03-28T03:15:17.783000
 CVE-2025-24380,1,1,3f74528472c6122c42051ff48812561c1147b9c8e7b352c2bd961b512837645f,2025-03-28T03:15:17.953000
 CVE-2025-24381,1,1,0c9282046362dbb491615f0b2fc60f0011f287be872d505f0db074b3ea71ad27,2025-03-28T03:15:18.120000
 CVE-2025-24382,0,0,ad9beb3d6f3bfddeec4028505b160493ecb127c5109036591d9870afc7c367a3,2025-03-28T02:15:14.217000
 CVE-2025-24383,0,1,88e7a3e1cac8d98f98f145cb02bf44533ec9c6b67c10e9b9b7073f3d26543fb3,2025-03-28T03:15:18.290000
 CVE-2025-24385,1,1,cc7110219edfee615797f33711e4ae311c7304f54b5dc20e50446abc68c069fc,2025-03-28T03:15:18.453000
 CVE-2025-24386,1,1,9a00a06b79aee4b0e3c664f31c3552809612b8df60f065e22a813c23575a7617,2025-03-28T03:15:18.620000
 CVE-2025-24387,0,0,a1fdb446384ec34d7bd22f11041c6c4796cab0ef1e55e8ba9e452979dedd7e7f,2025-03-24T14:11:20.387000
 CVE-2025-24389,0,0,1f2059cf3f125eed1b0425e33b29a7475638e7301a1298ff7d6746702fae8f56,2025-01-27T06:15:24.170000
 CVE-2025-24390,0,0,53fee9e5767117124ab0c247372dae1e808caf6f2871cdd5b9d8bb2222404390,2025-01-27T06:15:24.313000
@ -286567,7 +286577,7 @@ CVE-2025-27823,0,0,ae3d83d8b696c6651ddc09be1ef36d15fa5d89a5eeb42b0a2ba26ad0db25f
 CVE-2025-27824,0,0,2d002361cc885b5990daf4c3973db9ef130ec1a7bfde36407db01c4a68cfa628,2025-03-07T22:15:38.220000
 CVE-2025-27825,0,0,204298b7de8459d92cd5ca573fe552fd0eb50c7361c94c6261df8c437005a654,2025-03-07T22:15:38.380000
 CVE-2025-27826,0,0,1af8c747c5098697d6723ab302d54ea95cbfca134be905c245ce43480244837e,2025-03-07T22:15:38.527000
-CVE-2025-2783,0,1,cac125e06bdfcf5101179da397d83671a8e22970d5207dd362f2ac73d6465a33,2025-03-28T01:00:02.260000
+CVE-2025-2783,0,0,cac125e06bdfcf5101179da397d83671a8e22970d5207dd362f2ac73d6465a33,2025-03-28T01:00:02.260000
 CVE-2025-27830,0,0,8a4a6147874317421de1212645b57f402d62a41cd8c99399f45c939382d77c71,2025-03-27T16:45:46.410000
 CVE-2025-27831,0,0,418a80bb51c2ba93cb9891eaf5c3240551bedd472492f0c9aecbd9645df7eb58,2025-03-27T16:45:46.410000
 CVE-2025-27832,0,0,86d57d8ba5b0479df1b8238028bd69b5b902f9ee32097fd81a1ae4eb32e6dc9e,2025-03-27T16:45:46.410000
@ -286705,6 +286715,7 @@ CVE-2025-28936,0,0,e0748efe94f9e87f1a4ee118151d5c6a6ac1718d4970d7fec8dc0c697f190
 CVE-2025-28937,0,0,24b63620a96e95e9837654a27ce16db045c42f21433afde2a1f40204ef66676c,2025-03-11T21:15:51.587000
 CVE-2025-28938,0,0,d0b972cff3707558963cda7df0cb3176337d8e9d89978c6ecfdc3400da0cdb89,2025-03-11T21:15:51.737000
 CVE-2025-28939,0,0,81f6a36d35d2914723851959872f00a57ae4f87a33834db5e34ad5d5a0697040,2025-03-27T16:45:27.850000
 CVE-2025-2894,1,1,c1cf901b2cbd2d4bf6a6afc5abb9bc9d74b64471732ba27e68ea5aed3b093941,2025-03-28T03:15:18.780000
 CVE-2025-28940,0,0,04135ac8d9c1245669acb25f77e12e09d3c1430ccba901da70a0adf5146510b8,2025-03-11T21:15:51.887000
 CVE-2025-28941,0,0,d1dc35fbe2a033c04e261359b97e6eb5a7f518fa1842a2a100fc7c3dd1630b83,2025-03-11T21:15:52.030000
 CVE-2025-28942,0,0,13661206a69e4d0b8a31139510417b818a8d6f6daa40fe60ee4e3d972c089172,2025-03-27T16:45:27.850000
@ -286882,7 +286893,7 @@ CVE-2025-30219,0,0,326f919a01c3e200686e1e77066b4ecd3788d0deb365cd59968de4fd276ff
 CVE-2025-30221,0,0,6ae53bdf0345b96392a165c31ba84cf22b0d6efa70d330536507ae8f41f720cb,2025-03-27T16:45:12.210000
 CVE-2025-30222,0,0,8181bb8e50b5d5403e3aeeed651e80d360ebd306c6c001c9fd5d8239df2af092,2025-03-27T16:45:46.410000
 CVE-2025-30225,0,0,cc37e4f779c1e97cd26219457ed556549a6b6364424a050cb8b68a80d988d93c,2025-03-27T16:45:27.850000
-CVE-2025-30232,0,1,5c74644a1ef64199043f13e821224b82e2f1f55a45d7d7f04d05cf36316a3a09,2025-03-28T01:15:16.200000
+CVE-2025-30232,0,0,5c74644a1ef64199043f13e821224b82e2f1f55a45d7d7f04d05cf36316a3a09,2025-03-28T01:15:16.200000
 CVE-2025-30234,0,0,cf20660d6d37e637116a40ce9b3055465db9a1b9c87663c91728f3bae499e866,2025-03-19T05:15:41.353000
 CVE-2025-30235,0,0,9222f9a2278ce550ac692bab27bb8a819d1de8dee62df51cf264df3162d55e58,2025-03-19T06:15:16.043000
 CVE-2025-30236,0,0,3f73c2c498a83243d93d66190e1e818a0ccbcdd521592f269afac288686f067a,2025-03-19T07:15:34.313000
@ -286896,7 +286907,7 @@ CVE-2025-30345,0,0,c3f3d2079e86f560009e577dbbb7cf71db1e2d75b7b8e784dc39ddf33b7b5
 CVE-2025-30346,0,0,a5ab4f3d9ba1cce34693c27771a45fbf120b9b80a448e75dfe49bd2a7ac1a793,2025-03-24T14:47:51.437000
 CVE-2025-30347,0,0,ed9763d5b530026684262273e310ca4c964268ef0ffc4c726547353dbc6770db,2025-03-24T14:19:23.963000
 CVE-2025-30348,0,0,0fb0e9fd503e8730c9a3857e63ee0ac5611b8bb7632a64f763dd19e4ff36427c,2025-03-24T14:08:36.513000
-CVE-2025-30349,0,1,526c950cc64a333e84d55e644a88fdd602691a361484b453eb0de28202e3ad5c,2025-03-28T01:15:16.323000
+CVE-2025-30349,0,0,526c950cc64a333e84d55e644a88fdd602691a361484b453eb0de28202e3ad5c,2025-03-28T01:15:16.323000
 CVE-2025-30350,0,0,769aed62b7c52c7efff0910786b1540702d43c431a2629a37c544cf6ab27d2c0,2025-03-27T16:45:27.850000
 CVE-2025-30351,0,0,41323de04c59da9296c71c6a7df779e6c0c767b4bcb8b455ab5524ba6b0475be,2025-03-27T16:45:27.850000
 CVE-2025-30352,0,0,2de13b7ea6496a9753fe04c1b9f1d1f6040e23740e41cd04836f25b10e4f3884,2025-03-27T16:45:27.850000