admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-02-16T17:00:19.445534+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-02-16 17:03:48 +00:00
parent acd5b40a41
commit 8293743cf3
6 changed files with 440 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CVE-2025/CVE-2025-11xx/CVE-2025-1196.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2025-1196",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-02-12T12:15:29.640",
"lastModified": "2025-02-16T09:15:09.073",
"lastModified": "2025-02-16T15:15:08.200",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, was found in code-projects Real Estate Property Management System 1.0. Affected is an unknown function of the file /search.php. The manipulation of the argument PropertyName/StateName leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well."
"value": "A vulnerability, which was classified as problematic, was found in code-projects Real Estate Property Management System 1.0. Affected is an unknown function of the file /search.php. The manipulation of the argument PropertyName leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well."
},
{
"lang": "es",

149
CVE-2025/CVE-2025-13xx/CVE-2025-1352.json Normal file
View File

@ -0,0 +1,149 @@
{
"id": "CVE-2025-1352",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-02-16T15:15:09.133",
"lastModified": "2025-02-16T15:15:09.133",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in GNU elfutils 0.192 and classified as critical. This vulnerability affects the function __libdw_thread_tail in the library libdw_alloc.c of the component eu-readelf. The manipulation of the argument w leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is 2636426a091bd6c6f7f02e49ab20d4cdc6bfc753. It is recommended to apply a patch to fix this issue."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 2.3,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "PASSIVE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.6,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"baseScore": 5.1,
"accessVector": "NETWORK",
"accessComplexity": "HIGH",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"references": [
{
"url": "https://sourceware.org/bugzilla/attachment.cgi?id=15923",
"source": "cna@vuldb.com"
},
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=32650",
"source": "cna@vuldb.com"
},
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=32650#c2",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.295960",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.295960",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.495965",
"source": "cna@vuldb.com"
},
{
"url": "https://www.gnu.org/",
"source": "cna@vuldb.com"
}
]
}

133
CVE-2025/CVE-2025-13xx/CVE-2025-1353.json Normal file
View File

@ -0,0 +1,133 @@
{
"id": "CVE-2025-1353",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-02-16T15:15:09.320",
"lastModified": "2025-02-16T15:15:09.320",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Kong Insomnia up to 10.3.0 and classified as critical. This issue affects some unknown processing in the library profapi.dll. The manipulation leads to untrusted search path. An attack has to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:H/Au:S/C:C/I:C/A:C",
"baseScore": 6.0,
"accessVector": "LOCAL",
"accessComplexity": "HIGH",
"authentication": "SINGLE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 1.5,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-426"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.295961",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.295961",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.496010",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2025/CVE-2025-13xx/CVE-2025-1354.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-1354",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-02-16T16:15:19.253",
"lastModified": "2025-02-16T16:15:19.253",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Asus RT-N12E 2.0.0.19. It has been classified as problematic. Affected is an unknown function of the file sysinfo.asp. The manipulation of the argument SSID leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "HIGH",
"userInteraction": "PASSIVE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 2.4,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N",
"baseScore": 3.3,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.4,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
},
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.295962",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.295962",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.496013",
"source": "cna@vuldb.com"
},
{
"url": "https://www.asus.com/",
"source": "cna@vuldb.com"
}
]
}

16
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-02-16T15:00:14.042788+00:00
2025-02-16T17:00:19.445534+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-02-16T14:15:21.893000+00:00
2025-02-16T16:15:19.253000+00:00
```
### Last Data Feed Release
@ -33,21 +33,23 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
281482
281485
```
### CVEs added in the last Commit
Recently added CVEs: `2`
Recently added CVEs: `3`
- [CVE-2025-1340](CVE-2025/CVE-2025-13xx/CVE-2025-1340.json) (`2025-02-16T14:15:21.130`)
- [CVE-2025-1341](CVE-2025/CVE-2025-13xx/CVE-2025-1341.json) (`2025-02-16T14:15:21.893`)
- [CVE-2025-1352](CVE-2025/CVE-2025-13xx/CVE-2025-1352.json) (`2025-02-16T15:15:09.133`)
- [CVE-2025-1353](CVE-2025/CVE-2025-13xx/CVE-2025-1353.json) (`2025-02-16T15:15:09.320`)
- [CVE-2025-1354](CVE-2025/CVE-2025-13xx/CVE-2025-1354.json) (`2025-02-16T16:15:19.253`)
### CVEs modified in the last Commit
Recently modified CVEs: `0`
Recently modified CVEs: `1`
- [CVE-2025-1196](CVE-2025/CVE-2025-11xx/CVE-2025-1196.json) (`2025-02-16T15:15:08.200`)
## Download and Usage

9
_state.csv
View File

@ -279237,7 +279237,7 @@ CVE-2025-1191,0,0,a9443451c80e7e8f60c9625659585c30e981d1cf45549b4cb91185c07237bb
CVE-2025-1192,0,0,d1f7e39b32f8c53dde42a30e4b900bd146d3192392e3efbb1e9aa57fb4c397d2,2025-02-12T11:15:10.727000
CVE-2025-1193,0,0,27e75799b537e2de7edb54e06b6e2c56ad7e3022fd1313c3a37564f7ef341b08,2025-02-10T18:15:34.273000
CVE-2025-1195,0,0,8173ee044f7a44d277ecd5bcf18ea26c61474b7fa54bcdb4ba1d679169d475f8,2025-02-12T12:15:29.397000
CVE-2025-1196,0,0,435397c42d4554b8303fe9acd648ea47598aadff4112f5ba7c2a02d4e91fe3eb,2025-02-16T09:15:09.073000
CVE-2025-1196,0,1,a341521c6ec36a359ca3a6997d6fc06dbecfef1b545e90026b0a9f15d85e65d3,2025-02-16T15:15:08.200000
CVE-2025-1197,0,0,a51ead443f214c0f6ef96f804505332b87f10dc50ce1367c994773610f655dcd,2025-02-12T15:15:17.670000
CVE-2025-1198,0,0,f6207b50eb6e80b33d6cce685120110cd12848ecf71b1003965e650eb121e529,2025-02-13T02:15:29.627000
CVE-2025-1199,0,0,0b2d000c300f1d87e0ba30963c3bee998d11347294a6daefb6410adbf670161a,2025-02-12T13:15:09.537000
@ -279279,8 +279279,11 @@ CVE-2025-1336,0,0,1d4332a43e181efb84f487de4a15195bff051d66dfbf23e944c2a28a29d70a
CVE-2025-1337,0,0,3fb4fd92ce9eb4ab893d657cf4e65cb90f24441679bce73cf357765516690d6d,2025-02-16T11:15:08.203000
CVE-2025-1338,0,0,e4858627d5b15f5a42c72ef7bfb61ece178b4c7bf6a8e3bbd9b24bc2581c61f6,2025-02-16T11:15:09.530000
CVE-2025-1339,0,0,d4e323ee96c3c4bba4a59429c645443db325cf6db89704cebcea62b9c5f4107d,2025-02-16T12:15:08.173000
CVE-2025-1340,1,1,78afdb04c2b4919abb81cb49f3fd474851adb52959b9ac1cfa9fca0a042c1fa8,2025-02-16T14:15:21.130000
CVE-2025-1341,1,1,7838ddb01ef868fbd34dbd01f3687bed0ca3d9c8221cff3a4fd8381a764860e9,2025-02-16T14:15:21.893000
CVE-2025-1340,0,0,78afdb04c2b4919abb81cb49f3fd474851adb52959b9ac1cfa9fca0a042c1fa8,2025-02-16T14:15:21.130000
CVE-2025-1341,0,0,7838ddb01ef868fbd34dbd01f3687bed0ca3d9c8221cff3a4fd8381a764860e9,2025-02-16T14:15:21.893000
CVE-2025-1352,1,1,ab1cb0fadb1cda3a606d58709a21380ec7be19d2291c2f10fb161a98095b1c75,2025-02-16T15:15:09.133000
CVE-2025-1353,1,1,a316f11e73501222d7275028224ec2135788f80ecfa55a4dc98afa0b590b3f15,2025-02-16T15:15:09.320000
CVE-2025-1354,1,1,3d7667bfcb2c0b251ddb0a6e2cd2d09c76acedbca3edf8c1b754b38382240774,2025-02-16T16:15:19.253000
CVE-2025-20014,0,0,9692e5cd581a413def58e50a6734c5a89401a76673de37fc6a41ad824a4429cc,2025-01-29T20:15:35.207000
CVE-2025-20016,0,0,6fccb84eb01c2cd66b422e82777f9738bfe5004121e1b551d0ae454724543c0e,2025-01-14T10:15:07.500000
CVE-2025-20029,0,0,9b8781ac9a16d1f4940e1c86f8d87c8f1f8e66cb5b362950b6fdcd60c25126c4,2025-02-05T18:15:29.573000

Can't render this file because it is too large.