Auto-Update: 2025-02-16T23:00:19.200620+00:00

This commit is contained in:
cad-safe-bot 2025-02-16 23:03:48 +00:00
parent 1ec27fc412
commit 867513e347
4 changed files with 154 additions and 13 deletions

View File

@ -2,7 +2,7 @@
"id": "CVE-2025-1094",
"sourceIdentifier": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007",
"published": "2025-02-13T13:15:09.130",
"lastModified": "2025-02-13T22:15:11.300",
"lastModified": "2025-02-16T21:15:09.343",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -56,6 +56,10 @@
"url": "https://www.postgresql.org/support/security/CVE-2025-1094/",
"source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/02/16/3",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00015.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"

View File

@ -0,0 +1,137 @@
{
"id": "CVE-2025-1360",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-02-16T21:15:09.970",
"lastModified": "2025-02-16T21:15:09.970",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, was found in Internet Web Solutions Sublime CRM up to 20250207. Affected is an unknown function of the file /crm/inicio.php of the component HTTP POST Request Handler. The manipulation of the argument msg_to leads to cross site scripting. It is possible to launch the attack remotely. Other parameters might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "PASSIVE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 3.5,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseScore": 4.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
},
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.295968",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.295968",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.496469",
"source": "cna@vuldb.com"
}
]
}

View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-02-16T21:00:19.774605+00:00
2025-02-16T23:00:19.200620+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-02-16T20:15:08.817000+00:00
2025-02-16T21:15:09.970000+00:00
```
### Last Data Feed Release
@ -33,22 +33,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
281490
281491
```
### CVEs added in the last Commit
Recently added CVEs: `3`
Recently added CVEs: `1`
- [CVE-2025-1357](CVE-2025/CVE-2025-13xx/CVE-2025-1357.json) (`2025-02-16T19:15:09.500`)
- [CVE-2025-1358](CVE-2025/CVE-2025-13xx/CVE-2025-1358.json) (`2025-02-16T20:15:07.990`)
- [CVE-2025-1359](CVE-2025/CVE-2025-13xx/CVE-2025-1359.json) (`2025-02-16T20:15:08.817`)
- [CVE-2025-1360](CVE-2025/CVE-2025-13xx/CVE-2025-1360.json) (`2025-02-16T21:15:09.970`)
### CVEs modified in the last Commit
Recently modified CVEs: `0`
Recently modified CVEs: `1`
- [CVE-2025-1094](CVE-2025/CVE-2025-10xx/CVE-2025-1094.json) (`2025-02-16T21:15:09.343`)
## Download and Usage

View File

@ -279167,7 +279167,7 @@ CVE-2025-1083,0,0,16064cc59146b17006d53d67046a65a9c0b364257a94b2b373fa99c27da341
CVE-2025-1084,0,0,93fee3949ec546a58cb9da1c1619fb657dbde041632da87d4ac6e93d0d865098,2025-02-07T00:15:28.180000
CVE-2025-1085,0,0,1ad67fc3dcecff349f45b0918fd96e4db08dcd56b6d0ad12a44043dc90d21f08,2025-02-07T01:15:07.930000
CVE-2025-1086,0,0,224643d9b2f43f102432df09cca95386bdc4432ae24da6e421d85411b67c24c6,2025-02-07T02:15:30.523000
CVE-2025-1094,0,0,9683dfd46989464f0232d36ebebd9a02d27fe6142df4d24d670676374bdb19a7,2025-02-13T22:15:11.300000
CVE-2025-1094,0,1,b07fd7d687c4d4f9d8c1ba5d39ae50400f09d18869483cbd7610c5bc9b8a854d,2025-02-16T21:15:09.343000
CVE-2025-1096,0,0,f369ee58dbaa6e142f3d975d8711cac15a0a303facd75e898c558f3e454cc535,2025-02-08T01:15:07.947000
CVE-2025-1099,0,0,866ea005495998eedc94be57a64f094566d9af9b611a4dc7ae3f41bc7a1f4d42,2025-02-14T12:15:29.460000
CVE-2025-1100,0,0,006211606093ec28f1ff8daf942d69911ef4c534c65359a0897a00ee27f87cf6,2025-02-12T14:15:31.647000
@ -279286,9 +279286,10 @@ CVE-2025-1353,0,0,a316f11e73501222d7275028224ec2135788f80ecfa55a4dc98afa0b590b3f
CVE-2025-1354,0,0,3d7667bfcb2c0b251ddb0a6e2cd2d09c76acedbca3edf8c1b754b38382240774,2025-02-16T16:15:19.253000
CVE-2025-1355,0,0,2b32faeae86cf10a841d554d3f1028e038f2f84a86d16604e50e5f2d459277b4,2025-02-16T17:15:07.973000
CVE-2025-1356,0,0,ad47206c360f81c88d742a140cb46365165054af6533ecf378500f5e98562fa1,2025-02-16T18:15:07.383000
CVE-2025-1357,1,1,4433e1005a5e4201fdc796c40c8e7b39186d5a371766813fcd3008d782d857bd,2025-02-16T19:15:09.500000
CVE-2025-1358,1,1,9ec04afb65270064953f92f1f98c94b6c7f923699eb2bc5c685de93fafaa422a,2025-02-16T20:15:07.990000
CVE-2025-1359,1,1,a74490df0bf9cd453b684197a6da2b817f973233464d2e18244cbcb76e58d0cd,2025-02-16T20:15:08.817000
CVE-2025-1357,0,0,4433e1005a5e4201fdc796c40c8e7b39186d5a371766813fcd3008d782d857bd,2025-02-16T19:15:09.500000
CVE-2025-1358,0,0,9ec04afb65270064953f92f1f98c94b6c7f923699eb2bc5c685de93fafaa422a,2025-02-16T20:15:07.990000
CVE-2025-1359,0,0,a74490df0bf9cd453b684197a6da2b817f973233464d2e18244cbcb76e58d0cd,2025-02-16T20:15:08.817000
CVE-2025-1360,1,1,fb0d3aa81a9aae261cf8bbfc32f9a1a37cc5f63f6b37722c4b26a02ea0975887,2025-02-16T21:15:09.970000
CVE-2025-20014,0,0,9692e5cd581a413def58e50a6734c5a89401a76673de37fc6a41ad824a4429cc,2025-01-29T20:15:35.207000
CVE-2025-20016,0,0,6fccb84eb01c2cd66b422e82777f9738bfe5004121e1b551d0ae454724543c0e,2025-01-14T10:15:07.500000
CVE-2025-20029,0,0,9b8781ac9a16d1f4940e1c86f8d87c8f1f8e66cb5b362950b6fdcd60c25126c4,2025-02-05T18:15:29.573000

Can't render this file because it is too large.