diff --git a/CVE-2023/CVE-2023-338xx/CVE-2023-33838.json b/CVE-2023/CVE-2023-338xx/CVE-2023-33838.json new file mode 100644 index 00000000000..35aa3a97144 --- /dev/null +++ b/CVE-2023/CVE-2023-338xx/CVE-2023-33838.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-33838", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2025-01-29T02:15:26.640", + "lastModified": "2025-01-29T02:15:26.640", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "IBM Security Verify Governance 10.0.2 Identity Manager \n\nuses a one-way cryptographic hash against an input that should not be reversible, such as a password, but the product does not also use a salt as part of the input." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 4.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 0.7, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-759" + } + ] + } + ], + "references": [ + { + "url": "https://www.ibm.com/support/pages/node/7172200", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-350xx/CVE-2023-35017.json b/CVE-2023/CVE-2023-350xx/CVE-2023-35017.json index 5fd26fd79df..046144e8bd6 100644 --- a/CVE-2023/CVE-2023-350xx/CVE-2023-35017.json +++ b/CVE-2023/CVE-2023-350xx/CVE-2023-35017.json @@ -2,20 +2,20 @@ "id": "CVE-2023-35017", "sourceIdentifier": "psirt@us.ibm.com", "published": "2025-01-29T00:15:07.333", - "lastModified": "2025-01-29T00:15:07.333", + "lastModified": "2025-01-29T01:15:07.667", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "IBM Security Verify Governance 10.0.2\u00a0Identity Manager can transmit user credentials in clear text that could be obtained by an attacker using man in the middle techniques." + "value": "IBM Security Verify Governance 10.0.2 Identity Manager can transmit user credentials in clear text that could be obtained by an attacker using man in the middle techniques." } ], "metrics": { "cvssMetricV31": [ { "source": "psirt@us.ibm.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", @@ -38,7 +38,7 @@ "weaknesses": [ { "source": "psirt@us.ibm.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2025/CVE-2025-07xx/CVE-2025-0793.json b/CVE-2025/CVE-2025-07xx/CVE-2025-0793.json new file mode 100644 index 00000000000..dbf9eafcb25 --- /dev/null +++ b/CVE-2025/CVE-2025-07xx/CVE-2025-0793.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2025-0793", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-01-29T01:15:07.780", + "lastModified": "2025-01-29T01:15:07.780", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been found in ESAFENET CDG V5 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /todoDetail.jsp. The manipulation of the argument flowId leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "baseScore": 6.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/Rain1er/report/blob/main/CDG/todoDetail.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.293917", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.293917", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.483346", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-07xx/CVE-2025-0794.json b/CVE-2025/CVE-2025-07xx/CVE-2025-0794.json new file mode 100644 index 00000000000..19196fb6804 --- /dev/null +++ b/CVE-2025/CVE-2025-07xx/CVE-2025-0794.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2025-0794", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-01-29T01:15:07.943", + "lastModified": "2025-01-29T01:15:07.943", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in ESAFENET CDG V5 and classified as problematic. Affected by this issue is some unknown functionality of the file /todoDetail.jsp. The manipulation of the argument curpage leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 3.5, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", + "baseScore": 4.0, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + }, + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/Rain1er/report/blob/main/CDG/todoDetail_1.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.293918", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.293918", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.483347", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-07xx/CVE-2025-0795.json b/CVE-2025/CVE-2025-07xx/CVE-2025-0795.json new file mode 100644 index 00000000000..965d9e0e79c --- /dev/null +++ b/CVE-2025/CVE-2025-07xx/CVE-2025-0795.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2025-0795", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-01-29T02:15:26.830", + "lastModified": "2025-01-29T02:15:26.830", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in ESAFENET CDG V5. It has been classified as problematic. This affects an unknown part of the file /todolistjump.jsp. The manipulation of the argument flowId leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 3.5, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", + "baseScore": 4.0, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + }, + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/Rain1er/report/blob/main/CDG/todolistjump.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.293919", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.293919", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.483349", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-07xx/CVE-2025-0797.json b/CVE-2025/CVE-2025-07xx/CVE-2025-0797.json new file mode 100644 index 00000000000..d3546630822 --- /dev/null +++ b/CVE-2025/CVE-2025-07xx/CVE-2025-0797.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2025-0797", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-01-29T02:15:27.010", + "lastModified": "2025-01-29T02:15:27.010", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. It has been declared as problematic. This vulnerability affects unknown code of the file /var/Microworld/ of the component Quarantine Handler. The manipulation leads to incorrect default permissions. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 4.8, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 3.3, + "baseSeverity": "LOW", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:L/AC:L/Au:S/C:N/I:P/A:N", + "baseScore": 1.7, + "accessVector": "LOCAL", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE" + }, + "baseSeverity": "LOW", + "exploitabilityScore": 3.1, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-266" + }, + { + "lang": "en", + "value": "CWE-276" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/dmknght/FIS_RnD/blob/main/escan_av_incorrect_default_perms_leads_to_malware_evasion.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.293920", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.293920", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.484329", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-07xx/CVE-2025-0798.json b/CVE-2025/CVE-2025-07xx/CVE-2025-0798.json new file mode 100644 index 00000000000..bab6ffa2aeb --- /dev/null +++ b/CVE-2025/CVE-2025-07xx/CVE-2025-0798.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2025-0798", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-01-29T02:15:27.190", + "lastModified": "2025-01-29T02:15:27.190", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. It has been rated as critical. This issue affects some unknown processing of the file rtscanner of the component Quarantine Handler. The manipulation leads to os command injection. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 9.2, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.9 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", + "baseScore": 7.6, + "accessVector": "NETWORK", + "accessComplexity": "HIGH", + "authentication": "NONE", + "confidentialityImpact": "COMPLETE", + "integrityImpact": "COMPLETE", + "availabilityImpact": "COMPLETE" + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 4.9, + "impactScore": 10.0, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + }, + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/dmknght/FIS_RnD/blob/main/escan_rtscanner_rce.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.293921", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.293921", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.484718", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-08xx/CVE-2025-0800.json b/CVE-2025/CVE-2025-08xx/CVE-2025-0800.json new file mode 100644 index 00000000000..a29d32394fd --- /dev/null +++ b/CVE-2025/CVE-2025-08xx/CVE-2025-0800.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2025-0800", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-01-29T02:15:27.373", + "lastModified": "2025-01-29T02:15:27.373", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability classified as problematic has been found in SourceCodester Online Courseware 1.0. Affected is an unknown function of the file /pcci/admin/saveeditt.php of the component Edit Teacher. The manipulation of the argument fname leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 2.4, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 0.9, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N", + "baseScore": 3.3, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "MULTIPLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE" + }, + "baseSeverity": "LOW", + "exploitabilityScore": 6.4, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + }, + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://vuldb.com/?ctiid.293922", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.293922", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.484935", + "source": "cna@vuldb.com" + }, + { + "url": "https://www.sourcecodester.com/", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-08xx/CVE-2025-0802.json b/CVE-2025/CVE-2025-08xx/CVE-2025-0802.json new file mode 100644 index 00000000000..9ccb5d14ea8 --- /dev/null +++ b/CVE-2025/CVE-2025-08xx/CVE-2025-0802.json @@ -0,0 +1,145 @@ +{ + "id": "CVE-2025-0802", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-01-29T02:15:27.550", + "lastModified": "2025-01-29T02:15:27.550", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability classified as critical was found in SourceCodester Best Employee Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/View_user.php of the component Administrative Endpoint. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "baseScore": 7.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-266" + }, + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/theanm0l/VulnDB/blob/main/Improper%20Authorization.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.293923", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.293923", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.485005", + "source": "cna@vuldb.com" + }, + { + "url": "https://www.sourcecodester.com/", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-08xx/CVE-2025-0803.json b/CVE-2025/CVE-2025-08xx/CVE-2025-0803.json new file mode 100644 index 00000000000..4b6b1f56927 --- /dev/null +++ b/CVE-2025/CVE-2025-08xx/CVE-2025-0803.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2025-0803", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-01-29T02:15:27.723", + "lastModified": "2025-01-29T02:15:27.723", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as critical, has been found in Codezips Gym Management System 1.0. Affected by this issue is some unknown functionality of the file /dashboard/admin/submit_plan_new.php. The manipulation of the argument planid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "baseScore": 7.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/alc9700jmo/CVE/issues/8", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.293924", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.293924", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.485218", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-233xx/CVE-2025-23362.json b/CVE-2025/CVE-2025-233xx/CVE-2025-23362.json new file mode 100644 index 00000000000..f6604b85736 --- /dev/null +++ b/CVE-2025/CVE-2025-233xx/CVE-2025-23362.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2025-23362", + "sourceIdentifier": "vultures@jpcert.or.jp", + "published": "2025-01-29T02:15:27.910", + "lastModified": "2025-01-29T02:15:27.910", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The old versions of EXIF Viewer Classic contain a cross-site scripting vulnerability caused by improper handling of EXIF meta data. When an image is rendered and crafted EXIF meta data is processed, an arbitrary script may be executed on the web browser. Versions 2.3.2 and 2.4.0 were reported as vulnerable. According to the vendor, the product has been refactored after those old versions and the version 3.0.1 is not vulnerable." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "vultures@jpcert.or.jp", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "vultures@jpcert.or.jp", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://chromewebstore.google.com/detail/exif-viewer-classic/nafpfdcmppffipmhcpkbplhkoiekndck", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://exifviewers.com/", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://jvn.jp/en/jp/JVN05508012/", + "source": "vultures@jpcert.or.jp" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 7679e5a9162..6151e00077d 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-01-29T00:55:30.039546+00:00 +2025-01-29T03:00:32.977721+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-01-29T00:15:08.653000+00:00 +2025-01-29T02:15:27.910000+00:00 ``` ### Last Data Feed Release @@ -27,38 +27,36 @@ Repository synchronizes with the NVD every 2 hours. Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest) ```plain -2025-01-28T01:00:04.354248+00:00 +2025-01-29T01:00:04.365090+00:00 ``` ### Total Number of included CVEs ```plain -279345 +279355 ``` ### CVEs added in the last Commit -Recently added CVEs: `9` +Recently added CVEs: `10` -- [CVE-2023-35017](CVE-2023/CVE-2023-350xx/CVE-2023-35017.json) (`2025-01-29T00:15:07.333`) -- [CVE-2024-48310](CVE-2024/CVE-2024-483xx/CVE-2024-48310.json) (`2025-01-28T23:15:07.677`) -- [CVE-2024-56529](CVE-2024/CVE-2024-565xx/CVE-2024-56529.json) (`2025-01-28T23:15:07.947`) -- [CVE-2024-57519](CVE-2024/CVE-2024-575xx/CVE-2024-57519.json) (`2025-01-28T23:15:08.230`) -- [CVE-2025-0788](CVE-2025/CVE-2025-07xx/CVE-2025-0788.json) (`2025-01-28T23:15:08.427`) -- [CVE-2025-0789](CVE-2025/CVE-2025-07xx/CVE-2025-0789.json) (`2025-01-28T23:15:08.610`) -- [CVE-2025-0790](CVE-2025/CVE-2025-07xx/CVE-2025-0790.json) (`2025-01-29T00:15:08.280`) -- [CVE-2025-0791](CVE-2025/CVE-2025-07xx/CVE-2025-0791.json) (`2025-01-29T00:15:08.480`) -- [CVE-2025-0792](CVE-2025/CVE-2025-07xx/CVE-2025-0792.json) (`2025-01-29T00:15:08.653`) +- [CVE-2023-33838](CVE-2023/CVE-2023-338xx/CVE-2023-33838.json) (`2025-01-29T02:15:26.640`) +- [CVE-2025-0793](CVE-2025/CVE-2025-07xx/CVE-2025-0793.json) (`2025-01-29T01:15:07.780`) +- [CVE-2025-0794](CVE-2025/CVE-2025-07xx/CVE-2025-0794.json) (`2025-01-29T01:15:07.943`) +- [CVE-2025-0795](CVE-2025/CVE-2025-07xx/CVE-2025-0795.json) (`2025-01-29T02:15:26.830`) +- [CVE-2025-0797](CVE-2025/CVE-2025-07xx/CVE-2025-0797.json) (`2025-01-29T02:15:27.010`) +- [CVE-2025-0798](CVE-2025/CVE-2025-07xx/CVE-2025-0798.json) (`2025-01-29T02:15:27.190`) +- [CVE-2025-0800](CVE-2025/CVE-2025-08xx/CVE-2025-0800.json) (`2025-01-29T02:15:27.373`) +- [CVE-2025-0802](CVE-2025/CVE-2025-08xx/CVE-2025-0802.json) (`2025-01-29T02:15:27.550`) +- [CVE-2025-0803](CVE-2025/CVE-2025-08xx/CVE-2025-0803.json) (`2025-01-29T02:15:27.723`) +- [CVE-2025-23362](CVE-2025/CVE-2025-233xx/CVE-2025-23362.json) (`2025-01-29T02:15:27.910`) ### CVEs modified in the last Commit -Recently modified CVEs: `4` +Recently modified CVEs: `1` -- [CVE-2024-29869](CVE-2024/CVE-2024-298xx/CVE-2024-29869.json) (`2025-01-28T23:15:07.370`) -- [CVE-2024-46340](CVE-2024/CVE-2024-463xx/CVE-2024-46340.json) (`2025-01-28T23:15:07.487`) -- [CVE-2024-55511](CVE-2024/CVE-2024-555xx/CVE-2024-55511.json) (`2025-01-28T23:15:07.820`) -- [CVE-2024-56923](CVE-2024/CVE-2024-569xx/CVE-2024-56923.json) (`2025-01-28T23:15:08.067`) +- [CVE-2023-35017](CVE-2023/CVE-2023-350xx/CVE-2023-35017.json) (`2025-01-29T01:15:07.667`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 3cfbe342d13..283b446cd4f 100644 --- a/_state.csv +++ b/_state.csv @@ -226327,6 +226327,7 @@ CVE-2023-33834,0,0,338462881466f026d06fb0a898a81c64748a20178a06738e4a164f6a84447 CVE-2023-33835,0,0,432bdcbfe47f544f7e44c279aa8783e94976046ffda41560fd11ed4500d9a992,2024-11-21T08:06:03.170000 CVE-2023-33836,0,0,8e6bae324546cbe4044fe7403966767062ff69440e841f8fdf3251d5b7aff7cf,2024-11-21T08:06:03.297000 CVE-2023-33837,0,0,3e72af0b5778583b8a5be70ca04b487c7ba841372620c26c1dd17212a1bc0b68,2024-11-21T08:06:03.417000 +CVE-2023-33838,1,1,2baa9d3ced8dbd9c7ca4bb3dfe6faae745faa450ed59e3ce9eaefbc0c332c60e,2025-01-29T02:15:26.640000 CVE-2023-33839,0,0,55118ac57814892c7a86cc7191590c87f7473353289e127fe908a59566e253fb,2024-11-21T08:06:03.540000 CVE-2023-3384,0,0,43976c80ef1dd4016470fbdde9d42c2f2727e9da019d45b7389b90b07d63defc,2024-11-21T08:17:09.093000 CVE-2023-33840,0,0,24c35b3cfd8bae5bbdb3a25483622775cad57e6faaeebf192f416134d4238003,2024-11-21T08:06:03.657000 @@ -227205,7 +227206,7 @@ CVE-2023-35011,0,0,595611a84f9ba8a89ca02487067584cc7500bae92cad139dfc4bf7e0af400 CVE-2023-35012,0,0,be4d3ebe65d22f0da5142f18515ee073275ab0ff192c73473ba47b80d829de5c,2024-11-21T08:07:49.463000 CVE-2023-35013,0,0,3c60a648d2b0bc01d2542f4e2a303e707c86c7b8e21e66a227569ec81a62646b,2024-11-21T08:07:49.620000 CVE-2023-35016,0,0,7d3b091b2dd76f99668f6df38b8be61e97d884e5c88c73d95ac35cad3586a7c5,2024-11-21T08:07:49.753000 -CVE-2023-35017,1,1,045609109d2701478979eb49bb66499bc75cd70326a5e9227235a45e533cb71f,2025-01-29T00:15:07.333000 +CVE-2023-35017,0,1,758d59fa32224557a60f22eec5cf9a796a4e93ba040a680d247828a786d2e956,2025-01-29T01:15:07.667000 CVE-2023-35018,0,0,0316c36a9fe4f0d9da4560d3103a2672e6aa994f14ca6f76a90253e57ae24d01,2024-11-21T08:07:49.880000 CVE-2023-35019,0,0,c4da68ced56941d8f8f54680af70cc154d4ac5d54e9158020c5a33b32fce9f82,2024-11-21T08:07:50.013000 CVE-2023-3502,0,0,79a130f0fcdd8a169bdb9aef276575323be3ab9e99f90f043f6135ec6e5d2b45,2024-11-21T08:17:24.263000 @@ -254396,7 +254397,7 @@ CVE-2024-29864,0,0,500db002acb5f8444110c04fdf6c1755d974238286749d97d2f574426dd00 CVE-2024-29865,0,0,9ff88181cc09011dacc69644a77d36e95923b0be430e91548467a246755f07e0,2024-11-21T09:08:30.040000 CVE-2024-29866,0,0,8fc166448f3fbecaecd8b7ed9d6aa230d3bb984af892d0077240e75b9b6f7a9a,2024-11-21T09:08:30.190000 CVE-2024-29868,0,0,654a536670a62fb45b5203eb432335632fdfc103e225c6be2f801ded9b3b1341,2024-11-21T09:08:30.413000 -CVE-2024-29869,0,1,87c948ae2b1ca479133713452286fe3fae7d76cc7fd831bfd967c01c8d9aa86c,2025-01-28T23:15:07.370000 +CVE-2024-29869,0,0,87c948ae2b1ca479133713452286fe3fae7d76cc7fd831bfd967c01c8d9aa86c,2025-01-28T23:15:07.370000 CVE-2024-2987,0,0,e4d4968f2ab326fc6f93467dbe0c42753ad32258cee7fd3257881b95a825941e,2025-01-14T15:10:15.733000 CVE-2024-29870,0,0,b73bbe674034b941cb1de42af16181f829d1cbe733c707402192e9d9f2c3eec7,2025-01-24T18:18:36.670000 CVE-2024-29871,0,0,61f4b4d6f5a977f77b612c4fe0dcdf35eb10ba2cd3db813456ced514fcadbcf3,2025-01-24T18:18:34.350000 @@ -266730,7 +266731,7 @@ CVE-2024-46330,0,0,fb0912248c72cdb890e148fb8d15fc4a24d9dfffc5c218fc836550de7cd4e CVE-2024-46331,0,0,6291a6cdf65b126a104c517cdbb8a547242f83239cadbf67a03f4d15648664f1,2024-09-30T12:45:57.823000 CVE-2024-46333,0,0,c870313be8293ae808f6f74cc79ece6e4d82dedcd46cf642a068e85f3720b28d,2024-09-30T12:45:57.823000 CVE-2024-4634,0,0,5b054bd144b9176362ee5c6f20d9184237b3f1751e5cc99bd16dbf550697f8a4,2024-11-21T09:43:15.343000 -CVE-2024-46340,0,1,509c04c6b928f13979254f73eb53c9343eb60f2e6a3bd03e83c81e5d4021163a,2025-01-28T23:15:07.487000 +CVE-2024-46340,0,0,509c04c6b928f13979254f73eb53c9343eb60f2e6a3bd03e83c81e5d4021163a,2025-01-28T23:15:07.487000 CVE-2024-46341,0,0,0b54e207dfc51f9d880626aceceecaf4c92e14fd4888ec8d3b9add5932056882,2024-12-11T15:15:10.090000 CVE-2024-4635,0,0,87f43db3808bf2002a7413b8e77f45922cac81f6b6e7149135bfc36fd2d70fdd,2024-11-21T09:43:15.457000 CVE-2024-4636,0,0,8496ac08c742f16db29c83aed5f523dca16873775dbf14d9aa4b48fa10b23c93,2024-11-21T09:43:15.583000 @@ -268233,7 +268234,7 @@ CVE-2024-48292,0,0,7f8838e82390766bc039b0ef3c145c9a3b0d547a1c16ba215a4c6efa9a2b1 CVE-2024-48293,0,0,8a90ee64d8e0a4016d250a132997b503f4e4629ba1cda5993d263cd1dc28000c,2024-11-19T21:57:56.293000 CVE-2024-48294,0,0,b81e296c829bb2fe4de4a0412fb8c7880c02529a65b2eb4833c50f9d6d79d02e,2024-11-19T21:57:56.293000 CVE-2024-48307,0,0,c22be44a58172dc5d3cbbd2ec37d65d406965554da3ca5be5d01278c103946f3,2024-11-01T12:57:03.417000 -CVE-2024-48310,1,1,c68088f1c34146fc422a4c415b9e44e616eb3f0bf963e2b6f700d8545623dcf2,2025-01-28T23:15:07.677000 +CVE-2024-48310,0,0,c68088f1c34146fc422a4c415b9e44e616eb3f0bf963e2b6f700d8545623dcf2,2025-01-28T23:15:07.677000 CVE-2024-48311,0,0,7adcb6c5854b4d19d1b383e2c788236df358780ce416fa6f2145bfd33d1d4bbc,2024-11-01T12:57:03.417000 CVE-2024-48312,0,0,16be675ed6d7db1e9ea949b11ad7528da4ef74c3da828eaa8f911e1d7178e590,2024-11-06T18:17:17.287000 CVE-2024-48322,0,0,453a8d1cb35ea3f4b3a13e3127e90b37ffabae51ef64174d60c5422cdab445d0,2024-11-12T17:35:10.953000 @@ -272793,7 +272794,7 @@ CVE-2024-55506,0,0,d4e1bef5832aef9ebf8db3056c7ea2e3da4b2a2de7821b1387a5fe03b9167 CVE-2024-55507,0,0,e090c8e2ae47f2afd9c837e2f8b0be6d662da9c654c585f5e405c25baac19616,2025-01-03T21:15:13.340000 CVE-2024-55509,0,0,4a5021013466b75dc19dd985fac6f59929ccb3fafbd7ec75f16f4601bde3282f,2024-12-26T20:15:23.067000 CVE-2024-5551,0,0,7ca1b2f3592d8c197217d4f6bb2a217c73a396396bc14275921b16391f97198d,2024-11-21T09:47:54.770000 -CVE-2024-55511,0,1,e5cf972c53b714b1212e415e5e59dd0789d0dabf8efab478f610d722a110428e,2025-01-28T23:15:07.820000 +CVE-2024-55511,0,0,e5cf972c53b714b1212e415e5e59dd0789d0dabf8efab478f610d722a110428e,2025-01-28T23:15:07.820000 CVE-2024-55513,0,0,fedcaafc6e85e6bd74dcc7a40ecdf11b2568dda1579c04082d671c5acf74ed00,2024-12-18T16:15:14.720000 CVE-2024-55514,0,0,1ab6d03dbd59f8b12772670ec93c7ec4ae46219483a32dbdb16b58811fc912d3,2024-12-18T16:15:14.900000 CVE-2024-55515,0,0,aa63dd224a4ced8fb9deb1eadd4b58815859b25e0d9ddafab8ac8045b9bd13ff,2024-12-18T16:15:15.090000 @@ -273336,7 +273337,7 @@ CVE-2024-56520,0,0,ff4fb3d2adb6c71c503d044fa0b3b3389f24638650ec092efa0e72e1ef66d CVE-2024-56521,0,0,5d4a5d0ca5e3c3bf7d88ebb212d4979e0d67251982c8b0fd19fb2eec1058ca1b,2024-12-31T19:15:48.020000 CVE-2024-56522,0,0,c0719b044dbc0fcdc0d4eaed012a8c95725e84ecda329fba60f601478e6101fc,2024-12-30T16:15:11.920000 CVE-2024-56527,0,0,bc553a98c63c830a826f605f9380ce4cabbc6f74db77f93c30b7ece0efc5737f,2024-12-28T19:15:07.800000 -CVE-2024-56529,1,1,a3e15c0fddaf36b62d3d191c831d72a07bdb5068a16f9c71521613a315ff5df4,2025-01-28T23:15:07.947000 +CVE-2024-56529,0,0,a3e15c0fddaf36b62d3d191c831d72a07bdb5068a16f9c71521613a315ff5df4,2025-01-28T23:15:07.947000 CVE-2024-5653,0,0,6a43b27cee3d2293652e8e6e2ccb4fc0236822263be85c5365c247a4f0b2a7b5,2024-11-21T09:48:05.873000 CVE-2024-56531,0,0,9232cb3a908777655dbde1aa267550e5ea5aa16a08b8557030526152c4ddd82e,2024-12-27T14:15:32.503000 CVE-2024-56532,0,0,5bcb2cd4e9965371ef2a861ddd25ad6f994e367edbb9b2eec6976a7bc0fb3478,2024-12-27T14:15:32.640000 @@ -273643,7 +273644,7 @@ CVE-2024-5690,0,0,d4d62df1fcd0a6ab34cd7e4b18e0510e69dc46e6ad88d84635741631f871b2 CVE-2024-5691,0,0,0824a888e7eb71279259f37f9283a4aa7c8605aa9b71698472cf4ea15ee83b3c,2024-11-21T09:48:10.503000 CVE-2024-56914,0,0,95e298a677768b080be148b9e2017d66f118cadb3a3b9b4d382dc3557b876a42,2025-01-23T17:15:16.230000 CVE-2024-5692,0,0,4b8f65097356fd8a548c2da4761bef878e098b44587a5b9b21bc347f46db95a8,2024-11-21T09:48:10.633000 -CVE-2024-56923,0,1,e2647403e0cf85e5fccf746b53a51e00d5aac61312608ca59ffcd83f3ff65dd9,2025-01-28T23:15:08.067000 +CVE-2024-56923,0,0,e2647403e0cf85e5fccf746b53a51e00d5aac61312608ca59ffcd83f3ff65dd9,2025-01-28T23:15:08.067000 CVE-2024-56924,0,0,2dfd0f4cb2cee49ddeeea2a79bc2fa0288c3fc810897b51482d81940308871b9,2025-01-23T17:15:16.710000 CVE-2024-5693,0,0,21ec44ee8ed5f9de3ae93fab02d376513f10f0c9f8c82a8733146d6a99b0ff3a,2024-11-21T09:48:10.807000 CVE-2024-5694,0,0,96312914234d61d70e9f2b2f2db102c559d8f68a0c34e1673db920a9b13837b6,2024-11-21T09:48:10.990000 @@ -273786,7 +273787,7 @@ CVE-2024-5749,0,0,36203d1040051e343d9d050a3c2e3f863a807627eb7d14e1470ca394531f47 CVE-2024-5750,0,0,476ad6c00a3180d456740d0beb63c2959ea56c746a3fc254c90c1eef52867b01,2024-06-18T14:15:11.383000 CVE-2024-5751,0,0,a075ba1bce0283dcf2eb1909116e18ed1aeef6c0cfd6415ef5931a3fb6320c2f,2024-11-21T09:48:16.813000 CVE-2024-57514,0,0,e99a7b2deac18e183210e68fabf07af7499306a8f2837163a590f976255e8484,2025-01-28T22:15:16.103000 -CVE-2024-57519,1,1,1cf7e65b02c95b5a1c944f6695dbb497fb4fe776b01de2fe0546b59548206eec,2025-01-28T23:15:08.230000 +CVE-2024-57519,0,0,1cf7e65b02c95b5a1c944f6695dbb497fb4fe776b01de2fe0546b59548206eec,2025-01-28T23:15:08.230000 CVE-2024-5753,0,0,35e5857965ec4fb8ff4da87da0ad57743fc77f757356d105b68f8e07a9b9291a,2024-11-21T09:48:16.923000 CVE-2024-57536,0,0,02e8c7373d9548e0be6ef2dd6f50d54d1dae50f3849a42bda8fca1e700f8b5b0,2025-01-22T21:15:10.100000 CVE-2024-57537,0,0,7a57264ee99ea2cf07d8beff99c09ac577ded2e5e2c43aa0cae71e5949ab6ad2,2025-01-22T21:15:10.287000 @@ -277948,11 +277949,19 @@ CVE-2025-0784,0,0,a8c3e506115e968bf468e598a7692b89d7da0f46aee3c8c8a5b369bef734be CVE-2025-0785,0,0,2992afab5cf313550498ef84714c1e7ce64ba998bb955708bf5bf24ca107c2be,2025-01-28T22:15:16.227000 CVE-2025-0786,0,0,6f511fdf24b161499607ed1af7269b33bd8c799131441e982437a286b62ed574,2025-01-28T22:15:16.423000 CVE-2025-0787,0,0,b94bbfdae5956ccc142cc8bf5ad249ec2a3929865330e7b7c9d5f46a6f438eec,2025-01-28T22:15:16.600000 -CVE-2025-0788,1,1,6ee2b2656e0ed314a1722426c15e72635c020b217f286cb8b74c4adb80abf0e9,2025-01-28T23:15:08.427000 -CVE-2025-0789,1,1,bd903a889483adb380bb808dbce778486f383f1cfb17d2838c4a03598cc21687,2025-01-28T23:15:08.610000 -CVE-2025-0790,1,1,c14128cc9e24a47d8babd06f25eb1611e28c9340a3b3f145587a737244cba0ec,2025-01-29T00:15:08.280000 -CVE-2025-0791,1,1,2bbc6307e0f949be30edfe62afe2de9fdf14f404295fb30e640461e7d00d928a,2025-01-29T00:15:08.480000 -CVE-2025-0792,1,1,1317824d356cc27e333471ace805125208890f40e815bdbb46c306e8148950f3,2025-01-29T00:15:08.653000 +CVE-2025-0788,0,0,6ee2b2656e0ed314a1722426c15e72635c020b217f286cb8b74c4adb80abf0e9,2025-01-28T23:15:08.427000 +CVE-2025-0789,0,0,bd903a889483adb380bb808dbce778486f383f1cfb17d2838c4a03598cc21687,2025-01-28T23:15:08.610000 +CVE-2025-0790,0,0,c14128cc9e24a47d8babd06f25eb1611e28c9340a3b3f145587a737244cba0ec,2025-01-29T00:15:08.280000 +CVE-2025-0791,0,0,2bbc6307e0f949be30edfe62afe2de9fdf14f404295fb30e640461e7d00d928a,2025-01-29T00:15:08.480000 +CVE-2025-0792,0,0,1317824d356cc27e333471ace805125208890f40e815bdbb46c306e8148950f3,2025-01-29T00:15:08.653000 +CVE-2025-0793,1,1,b5ac5bc8e323482f6e25a6fa4171c38bb3ee29e38894262dcb75ecc9f414025a,2025-01-29T01:15:07.780000 +CVE-2025-0794,1,1,62eac179b1207c092b14c56be4fee9bac1d0a64f815b5f23dbc8e78e583b81c9,2025-01-29T01:15:07.943000 +CVE-2025-0795,1,1,792684233106145fcc3a4a3e9d586076fcf6ffb98483870be7df9ed626e1e557,2025-01-29T02:15:26.830000 +CVE-2025-0797,1,1,6ba325226959359fde4bd11f46a76270adf519a9d5227bfda784b96037740daf,2025-01-29T02:15:27.010000 +CVE-2025-0798,1,1,ac5ccc80aa04e250f78b496cbf2d0ea352dfe7f11cd79bf98f3234a8835ee94f,2025-01-29T02:15:27.190000 +CVE-2025-0800,1,1,9c995873642a1e0e9228230945886c3b257c4538e7d6c7d1f0e8e4fa9827147d,2025-01-29T02:15:27.373000 +CVE-2025-0802,1,1,25d4724a5f59ec41d081db9fe30f350340de9808525e7ebdb2de0977ada2112d,2025-01-29T02:15:27.550000 +CVE-2025-0803,1,1,3f62b1106b9b241043cd75bd2f1af692daaa38b2e387b0f59bc1dafe03d8bba2,2025-01-29T02:15:27.723000 CVE-2025-20016,0,0,6fccb84eb01c2cd66b422e82777f9738bfe5004121e1b551d0ae454724543c0e,2025-01-14T10:15:07.500000 CVE-2025-20033,0,0,6c60c85e451f1d6db70378d678ddf83dacc7c823ecfb493748ed6d94114eff49,2025-01-09T07:15:28.450000 CVE-2025-20036,0,0,a1d7639f0e568c5953a2962f5a2be630b5737d729f8c4f565a3eec7e4bf19549,2025-01-15T17:15:18.950000 @@ -278726,6 +278735,7 @@ CVE-2025-23221,0,0,66ab94f1e6d3ea457770d55c62f0e0360d1ef2f8abc298fcd5936362cd0cc CVE-2025-23222,0,0,6e6cf8752e018e416c67330a2d8c338b5d549b55c5c98add2ee5e3a6cab2ac5a,2025-01-24T17:15:15.730000 CVE-2025-23227,0,0,f9f92843c2672f819b4e02923b915715941f2a484ada128843c5fed7ba6fe29c,2025-01-23T18:15:33.440000 CVE-2025-23237,0,0,c0ce202263a02631ffe1db2dee5ed008b2b4991928cf61026697f648aec08853,2025-01-22T06:15:14.480000 +CVE-2025-23362,1,1,1b94e2fb0c40adc071aa869f9b4973eb9cf09ca0af55a23699e64fa6aa0684ff,2025-01-29T02:15:27.910000 CVE-2025-23366,0,0,3312897ce94f2285a7d2a9ec8c23b065acb503e3b2f9a747e3e7ca809adbfbea,2025-01-14T18:16:06.290000 CVE-2025-23369,0,0,66187faf123cd1b620a69cca574fbe971b43952983c5e4f566d4fb3bc1049429,2025-01-21T19:15:12.147000 CVE-2025-23385,0,0,1cca13617e43c9bbbebf0fb602e4964d98053328c9c544d2017c39482fdeda55,2025-01-28T16:15:41.377000