Auto-Update: 2025-02-16T23:00:19.200620+00:00

CVE-2025/CVE-2025-10xx/CVE-2025-1094.json

@@ -2,7 +2,7 @@
   "id": "CVE-2025-1094",
   "sourceIdentifier": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007",
   "published": "2025-02-13T13:15:09.130",
-  "lastModified": "2025-02-13T22:15:11.300",
+  "lastModified": "2025-02-16T21:15:09.343",
   "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
@@ -56,6 +56,10 @@
       "url": "https://www.postgresql.org/support/security/CVE-2025-1094/",
       "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007"
     },
+    {
+      "url": "http://www.openwall.com/lists/oss-security/2025/02/16/3",
+      "source": "af854a3a-2127-422b-91ae-364da2661108"
+    },
     {
       "url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00015.html",
       "source": "af854a3a-2127-422b-91ae-364da2661108"

CVE-2025/CVE-2025-13xx/CVE-2025-1360.json

@@ -0,0 +1,137 @@
+{
+  "id": "CVE-2025-1360",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2025-02-16T21:15:09.970",
+  "lastModified": "2025-02-16T21:15:09.970",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability, which was classified as problematic, was found in Internet Web Solutions Sublime CRM up to 20250207. Affected is an unknown function of the file /crm/inicio.php of the component HTTP POST Request Handler. The manipulation of the argument msg_to leads to cross site scripting. It is possible to launch the attack remotely. Other parameters might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 5.1,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "LOW",
+          "userInteraction": "PASSIVE",
+          "vulnerableSystemConfidentiality": "NONE",
+          "vulnerableSystemIntegrity": "LOW",
+          "vulnerableSystemAvailability": "NONE",
+          "subsequentSystemConfidentiality": "NONE",
+          "subsequentSystemIntegrity": "NONE",
+          "subsequentSystemAvailability": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirements": "NOT_DEFINED",
+          "integrityRequirements": "NOT_DEFINED",
+          "availabilityRequirements": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
+          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
+          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
+          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
+          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
+          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
+          "safety": "NOT_DEFINED",
+          "automatable": "NOT_DEFINED",
+          "recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
+          "baseScore": 3.5,
+          "baseSeverity": "LOW",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 2.1,
+        "impactScore": 1.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
+          "baseScore": 4.0,
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "NONE"
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 2.9,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        },
+        {
+          "lang": "en",
+          "value": "CWE-94"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://vuldb.com/?ctiid.295968",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.295968",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.496469",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}

README.md

@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2025-02-16T21:00:19.774605+00:00
+2025-02-16T23:00:19.200620+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2025-02-16T20:15:08.817000+00:00
+2025-02-16T21:15:09.970000+00:00
 ```
 
 ### Last Data Feed Release
@@ -33,22 +33,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-281490
+281491
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `3`
+Recently added CVEs: `1`
 
-- [CVE-2025-1357](CVE-2025/CVE-2025-13xx/CVE-2025-1357.json) (`2025-02-16T19:15:09.500`)
-- [CVE-2025-1358](CVE-2025/CVE-2025-13xx/CVE-2025-1358.json) (`2025-02-16T20:15:07.990`)
-- [CVE-2025-1359](CVE-2025/CVE-2025-13xx/CVE-2025-1359.json) (`2025-02-16T20:15:08.817`)
+- [CVE-2025-1360](CVE-2025/CVE-2025-13xx/CVE-2025-1360.json) (`2025-02-16T21:15:09.970`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `0`
+Recently modified CVEs: `1`
 
+- [CVE-2025-1094](CVE-2025/CVE-2025-10xx/CVE-2025-1094.json) (`2025-02-16T21:15:09.343`)
 
 
 ## Download and Usage

_state.csv

@@ -279167,7 +279167,7 @@ CVE-2025-1083,0,0,16064cc59146b17006d53d67046a65a9c0b364257a94b2b373fa99c27da341
 CVE-2025-1084,0,0,93fee3949ec546a58cb9da1c1619fb657dbde041632da87d4ac6e93d0d865098,2025-02-07T00:15:28.180000
 CVE-2025-1085,0,0,1ad67fc3dcecff349f45b0918fd96e4db08dcd56b6d0ad12a44043dc90d21f08,2025-02-07T01:15:07.930000
 CVE-2025-1086,0,0,224643d9b2f43f102432df09cca95386bdc4432ae24da6e421d85411b67c24c6,2025-02-07T02:15:30.523000
-CVE-2025-1094,0,0,9683dfd46989464f0232d36ebebd9a02d27fe6142df4d24d670676374bdb19a7,2025-02-13T22:15:11.300000
+CVE-2025-1094,0,1,b07fd7d687c4d4f9d8c1ba5d39ae50400f09d18869483cbd7610c5bc9b8a854d,2025-02-16T21:15:09.343000
 CVE-2025-1096,0,0,f369ee58dbaa6e142f3d975d8711cac15a0a303facd75e898c558f3e454cc535,2025-02-08T01:15:07.947000
 CVE-2025-1099,0,0,866ea005495998eedc94be57a64f094566d9af9b611a4dc7ae3f41bc7a1f4d42,2025-02-14T12:15:29.460000
 CVE-2025-1100,0,0,006211606093ec28f1ff8daf942d69911ef4c534c65359a0897a00ee27f87cf6,2025-02-12T14:15:31.647000
@@ -279286,9 +279286,10 @@ CVE-2025-1353,0,0,a316f11e73501222d7275028224ec2135788f80ecfa55a4dc98afa0b590b3f
 CVE-2025-1354,0,0,3d7667bfcb2c0b251ddb0a6e2cd2d09c76acedbca3edf8c1b754b38382240774,2025-02-16T16:15:19.253000
 CVE-2025-1355,0,0,2b32faeae86cf10a841d554d3f1028e038f2f84a86d16604e50e5f2d459277b4,2025-02-16T17:15:07.973000
 CVE-2025-1356,0,0,ad47206c360f81c88d742a140cb46365165054af6533ecf378500f5e98562fa1,2025-02-16T18:15:07.383000
-CVE-2025-1357,1,1,4433e1005a5e4201fdc796c40c8e7b39186d5a371766813fcd3008d782d857bd,2025-02-16T19:15:09.500000
-CVE-2025-1358,1,1,9ec04afb65270064953f92f1f98c94b6c7f923699eb2bc5c685de93fafaa422a,2025-02-16T20:15:07.990000
-CVE-2025-1359,1,1,a74490df0bf9cd453b684197a6da2b817f973233464d2e18244cbcb76e58d0cd,2025-02-16T20:15:08.817000
+CVE-2025-1357,0,0,4433e1005a5e4201fdc796c40c8e7b39186d5a371766813fcd3008d782d857bd,2025-02-16T19:15:09.500000
+CVE-2025-1358,0,0,9ec04afb65270064953f92f1f98c94b6c7f923699eb2bc5c685de93fafaa422a,2025-02-16T20:15:07.990000
+CVE-2025-1359,0,0,a74490df0bf9cd453b684197a6da2b817f973233464d2e18244cbcb76e58d0cd,2025-02-16T20:15:08.817000
+CVE-2025-1360,1,1,fb0d3aa81a9aae261cf8bbfc32f9a1a37cc5f63f6b37722c4b26a02ea0975887,2025-02-16T21:15:09.970000
 CVE-2025-20014,0,0,9692e5cd581a413def58e50a6734c5a89401a76673de37fc6a41ad824a4429cc,2025-01-29T20:15:35.207000
 CVE-2025-20016,0,0,6fccb84eb01c2cd66b422e82777f9738bfe5004121e1b551d0ae454724543c0e,2025-01-14T10:15:07.500000
 CVE-2025-20029,0,0,9b8781ac9a16d1f4940e1c86f8d87c8f1f8e66cb5b362950b6fdcd60c25126c4,2025-02-05T18:15:29.573000