Auto-Update: 2025-07-05T04:00:11.159045+00:00

CVE-2024/CVE-2024-582xx/CVE-2024-58254.json

@@ -0,0 +1,64 @@
+{
+  "id": "CVE-2024-58254",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2025-07-05T02:15:21.127",
+  "lastModified": "2025-07-05T02:15:21.127",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The rustls crate 0.23.13 before 0.23.18 for Rust, when rustls::server::Acceptor::accept is used, allows a panic via a fragmented TLS ClientHello."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@mitre.org",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "LOW"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve@mitre.org",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-684"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://crates.io/crates/rustls",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/rustls/rustls/issues/2227",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://rustsec.org/advisories/RUSTSEC-2024-0399.html",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2025/CVE-2025-472xx/CVE-2025-47227.json

@@ -0,0 +1,64 @@
+{
+  "id": "CVE-2025-47227",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2025-07-05T03:15:30.470",
+  "lastModified": "2025-07-05T03:15:30.470",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In the Production Environment extension in Netmake ScriptCase through 9.12.006 (23), the Administrator password reset mechanism is mishandled. Making both a GET and a POST request to login.php.is sufficient. An unauthenticated attacker can then bypass authentication via administrator account takeover."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@mitre.org",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
+          "baseScore": 7.5,
+          "baseSeverity": "HIGH",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve@mitre.org",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-684"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/synacktiv/CVE-2025-47227_CVE-2025-47228",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://www.scriptcase.net/changelog/",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://www.synacktiv.com/advisories/scriptcase-pre-authenticated-remote-command-execution",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2025/CVE-2025-472xx/CVE-2025-47228.json

@@ -0,0 +1,64 @@
+{
+  "id": "CVE-2025-47228",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2025-07-05T03:15:30.637",
+  "lastModified": "2025-07-05T03:15:30.637",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In the Production Environment extension in Netmake ScriptCase through 9.12.006 (23), shell injection in the SSH connection settings allows authenticated attackers to execute system commands via crafted HTTP requests."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@mitre.org",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
+          "baseScore": 6.7,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "LOW"
+        },
+        "exploitabilityScore": 1.2,
+        "impactScore": 5.5
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve@mitre.org",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-78"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/synacktiv/CVE-2025-47227_CVE-2025-47228",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://www.scriptcase.net/changelog/",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://www.synacktiv.com/advisories/scriptcase-pre-authenticated-remote-command-execution",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

README.md

@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2025-07-05T02:00:11.266622+00:00
+2025-07-05T04:00:11.159045+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2025-07-05T01:15:28.523000+00:00
+2025-07-05T03:15:30.637000+00:00
 ```
 
 ### Last Data Feed Release
@@ -33,18 +33,16 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-300441
+300444
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `5`
+Recently added CVEs: `3`
 
-- [CVE-2025-26850](CVE-2025/CVE-2025-268xx/CVE-2025-26850.json) (`2025-07-05T00:15:22.670`)
-- [CVE-2025-43711](CVE-2025/CVE-2025-437xx/CVE-2025-43711.json) (`2025-07-05T00:15:23.733`)
-- [CVE-2025-53603](CVE-2025/CVE-2025-536xx/CVE-2025-53603.json) (`2025-07-05T01:15:27.360`)
-- [CVE-2025-53604](CVE-2025/CVE-2025-536xx/CVE-2025-53604.json) (`2025-07-05T01:15:28.340`)
-- [CVE-2025-53605](CVE-2025/CVE-2025-536xx/CVE-2025-53605.json) (`2025-07-05T01:15:28.523`)
+- [CVE-2024-58254](CVE-2024/CVE-2024-582xx/CVE-2024-58254.json) (`2025-07-05T02:15:21.127`)
+- [CVE-2025-47227](CVE-2025/CVE-2025-472xx/CVE-2025-47227.json) (`2025-07-05T03:15:30.470`)
+- [CVE-2025-47228](CVE-2025/CVE-2025-472xx/CVE-2025-47228.json) (`2025-07-05T03:15:30.637`)
 
 
 ### CVEs modified in the last Commit

_state.csv

@@ -278891,6 +278891,7 @@ CVE-2024-58250,0,0,0cee348f53514c8f66fdd102bc185afc75a5fff72792af4fd24660f96ce22
 CVE-2024-58251,0,0,3d7ad675c8c4ca6bbb888df41dfca6de49cf5c8949b93c3f966477ed760827bf,2025-04-29T13:52:47.470000
 CVE-2024-58252,0,0,2a2069468d2daa333bfc730a8a2bb50390b1a419e092aa9769a9c36c719c1e7b,2025-05-09T19:27:43.937000
 CVE-2024-58253,0,0,da49c0596ff21f0dcbb928a2ca6fee65885d12875648098fb736cb7c8162f298,2025-05-05T20:54:19.760000
+CVE-2024-58254,1,1,92a77921345bd0bcddf55e41a6c8d9f8debc1eb72e19200ec17b3537e7d21687,2025-07-05T02:15:21.127000
 CVE-2024-5826,0,0,676ce5cec2202232492aeb7a31cb471cd0485dd44f0bad4d2271201c9d98c0de,2024-11-21T09:48:24.490000
 CVE-2024-5827,0,0,12cdd01c3634b5f2da13128a187bc2d1c8d9fa87429a9aed8ec50812f82df183,2024-11-21T09:48:24.607000
 CVE-2024-5828,0,0,73069a2f9dbd005f637a8c432d288f4c861c4d147da919c5c71f3de2432e48cd,2025-01-08T21:25:28.967000
@@ -289537,7 +289538,7 @@ CVE-2025-26846,0,0,2164767227730b28c4b4868da96f4f5c7bb49b369c35864b07c2710ae6186
 CVE-2025-26847,0,0,3d233c816c39dc38d8668bdd12825abe7f5cae8144b9287d9334a3289625d929,2025-05-16T15:39:00.600000
 CVE-2025-26849,0,0,b01e97de5d13c5e322817bb01db0ae13a4e34f402b7f75a8f8b8da54efb28ebd,2025-03-05T04:15:12.367000
 CVE-2025-2685,0,0,e47390d79e6358f0707017a49a80b868500d2e61df885503f5f07ed00adc5d2f,2025-03-27T16:45:27.850000
-CVE-2025-26850,1,1,01a03d0b12a942aa835d04a5d8dbdf01ed542e65767299680a56d58e3097c5d5,2025-07-05T00:15:22.670000
+CVE-2025-26850,0,0,01a03d0b12a942aa835d04a5d8dbdf01ed542e65767299680a56d58e3097c5d5,2025-07-05T00:15:22.670000
 CVE-2025-26852,0,0,d2fbc16260605a1399a1a51f29d4909881f6e74e5303f79849970f70fec18739,2025-04-23T18:59:47.253000
 CVE-2025-26853,0,0,b4d501221b958b69b8680b27722da7876f60455a590dcd68bb308199eb3f564e,2025-04-23T19:13:36.757000
 CVE-2025-26856,0,0,7824298cfc11aa81d23219a23487dd842dd5c11d44f90723ef1786188c90cd64,2025-02-20T06:15:21.673000
@@ -295868,7 +295869,7 @@ CVE-2025-43701,0,0,cdb9e5c0513ac4fc64d1742761490b6e885c34f05f46ce897491703334c8a
 CVE-2025-43703,0,0,d6625a868be77b8d7893d215165a3a98f3361eec5aed450c8d69ce3a9dfaf391,2025-04-17T20:21:48.243000
 CVE-2025-43704,0,0,e4a4f68c1c515be2555ad90b5dc0fde58f5ff1d76445660f48da718ee733becf,2025-04-17T20:21:48.243000
 CVE-2025-43708,0,0,d38c003beeae09584e47fb48659652128bc4a5d2c5ae13da147de319358e0588,2025-04-17T20:21:48.243000
-CVE-2025-43711,1,1,41ec2e168dee2a12ef3e8b130af5b1288ee1d1434f1cc9b3bcb199c9f8b3412b,2025-07-05T00:15:23.733000
+CVE-2025-43711,0,0,41ec2e168dee2a12ef3e8b130af5b1288ee1d1434f1cc9b3bcb199c9f8b3412b,2025-07-05T00:15:23.733000
 CVE-2025-43713,0,0,c9e23d81a895e248042f74cdcb8eff35537bd8bc75ccec0bd91d3702849f3977,2025-07-03T15:13:53.147000
 CVE-2025-43714,0,0,cb1496a71eb67171c1556f15fdd8377c3f3c264e0a77af928be602b0d89248f5,2025-06-12T16:24:24.810000
 CVE-2025-43715,0,0,16cf4954d648fd87012f5a88d33c7f63ff2347a1f446f7ec65261364d5ff03d8,2025-04-17T20:21:48.243000
@@ -297118,6 +297119,8 @@ CVE-2025-47204,0,0,1087581499a2135246bfaa4b4dda36ede5f4134f69e3bfd8a83443409525f
 CVE-2025-4721,0,0,5b12152a812ee0a8141ca92ad1ce07fe54f58122d1a25434c4f23dc9f9b473ec,2025-05-27T14:13:32.497000
 CVE-2025-4722,0,0,7a9f4792d9d2d1bd9669bfc9ead090bdeb53cca7dd5e461fb6c113463a0e9c32,2025-05-27T14:14:15.353000
 CVE-2025-47226,0,0,9e9ee9e6a0d1290ebfec3cf4efbf332e325ff8173805761710078650f408fa82,2025-06-03T14:44:17.277000
+CVE-2025-47227,1,1,bb0ff691cd494e74d3519976db44bf1ea47049f396eaa3b68556da2fec7f8adb,2025-07-05T03:15:30.470000
+CVE-2025-47228,1,1,880784ee453c8bb3b790480ff0692e31008a1bc3bdaccd46d617c101650d667b,2025-07-05T03:15:30.637000
 CVE-2025-47229,0,0,ce628b1ca08883508604ad35fbd46640a7a9f93ddbaf98a26f657b9032cc95b5,2025-05-05T20:54:19.760000
 CVE-2025-4723,0,0,0415daa35bafd9e63de1b551374da44563d1be8395330dcde3975fc4eef0ad28,2025-05-27T14:14:25.467000
 CVE-2025-4724,0,0,22ef6d583945f18353bdb4e3bec008d3a4110d3da2137080faced1b57a1b5a5d,2025-05-27T14:14:38.270000
@@ -299275,9 +299278,9 @@ CVE-2025-53599,0,0,111b60ab172be48052b423c979314dcd8f917153e5cc0bf41e87ee1416b2b
 CVE-2025-5360,0,0,f6f6f0a68bcc88f729faa5e7b6e62c265dbe0f87de895580450e0ebfdb395bd6,2025-06-03T15:35:19.237000
 CVE-2025-53600,0,0,45e4b949bc6405088d1f4c8d66b4b394a5ccae231bce59e0ab096930b3dbdb3b,2025-07-04T08:15:25.823000
 CVE-2025-53602,0,0,4fbb0da67d943a966608913bc985271718ea508f9069cf69ef43d7e44a315671,2025-07-04T21:15:23.560000
-CVE-2025-53603,1,1,0ef57944661b4a8c37178144fe0bcd4e8f50c238641c089e241bfcc769261b09,2025-07-05T01:15:27.360000
-CVE-2025-53604,1,1,1bab9e277cfa892c064c40bbba3b5c77ef51c31c8d81c51bf21cb4ac9451d9e9,2025-07-05T01:15:28.340000
-CVE-2025-53605,1,1,e1850a90bbd00208fdd0f92f6be0091829f3c2d4f97e87d63797a52d65dc4d4d,2025-07-05T01:15:28.523000
+CVE-2025-53603,0,0,0ef57944661b4a8c37178144fe0bcd4e8f50c238641c089e241bfcc769261b09,2025-07-05T01:15:27.360000
+CVE-2025-53604,0,0,1bab9e277cfa892c064c40bbba3b5c77ef51c31c8d81c51bf21cb4ac9451d9e9,2025-07-05T01:15:28.340000
+CVE-2025-53605,0,0,e1850a90bbd00208fdd0f92f6be0091829f3c2d4f97e87d63797a52d65dc4d4d,2025-07-05T01:15:28.523000
 CVE-2025-5361,0,0,63ed55da0a8819c3072e9ae5cbf20f6ad96bd8fa3415071144a15d946aef0cb0,2025-06-03T15:35:09.950000
 CVE-2025-5362,0,0,33b74730f9e7ac14985e93de797c2da60e582983293fbae692e330f50a44162c,2025-06-03T15:34:57.473000
 CVE-2025-5363,0,0,d48d3a878cc2187658148b214cb6829e36972108c01dfa0cb86b9cac54da6616,2025-06-03T15:34:39.567000