From 8753f5027a71b3931d8a595d716f2547681ee206 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Sat, 1 Feb 2025 13:03:46 +0000 Subject: [PATCH] Auto-Update: 2025-02-01T13:00:20.131651+00:00 --- CVE-2025/CVE-2025-09xx/CVE-2025-0943.json | 145 ++++++++++++++++++++++ README.md | 19 +-- _state.csv | 21 ++-- 3 files changed, 161 insertions(+), 24 deletions(-) create mode 100644 CVE-2025/CVE-2025-09xx/CVE-2025-0943.json diff --git a/CVE-2025/CVE-2025-09xx/CVE-2025-0943.json b/CVE-2025/CVE-2025-09xx/CVE-2025-0943.json new file mode 100644 index 00000000000..617e6d17ce3 --- /dev/null +++ b/CVE-2025/CVE-2025-09xx/CVE-2025-0943.json @@ -0,0 +1,145 @@ +{ + "id": "CVE-2025-0943", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-02-01T11:15:08.457", + "lastModified": "2025-02-01T11:15:08.457", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in itsourcecode Tailoring Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file deldoc.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "baseScore": 6.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/magic2353112890/cve/issues/7", + "source": "cna@vuldb.com" + }, + { + "url": "https://itsourcecode.com/", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.294298", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.294298", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.488498", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 311574902f3..625575fb9d6 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-02-01T09:00:20.615481+00:00 +2025-02-01T13:00:20.131651+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-02-01T08:15:10.340000+00:00 +2025-02-01T11:15:08.457000+00:00 ``` ### Last Data Feed Release @@ -33,23 +33,14 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -279748 +279749 ``` ### CVEs added in the last Commit -Recently added CVEs: `10` +Recently added CVEs: `1` -- [CVE-2024-11829](CVE-2024/CVE-2024-118xx/CVE-2024-11829.json) (`2025-02-01T07:15:06.940`) -- [CVE-2024-12825](CVE-2024/CVE-2024-128xx/CVE-2024-12825.json) (`2025-02-01T08:15:07.337`) -- [CVE-2024-13341](CVE-2024/CVE-2024-133xx/CVE-2024-13341.json) (`2025-02-01T07:15:07.900`) -- [CVE-2024-13371](CVE-2024/CVE-2024-133xx/CVE-2024-13371.json) (`2025-02-01T08:15:08.567`) -- [CVE-2024-13372](CVE-2024/CVE-2024-133xx/CVE-2024-13372.json) (`2025-02-01T08:15:09.020`) -- [CVE-2024-13425](CVE-2024/CVE-2024-134xx/CVE-2024-13425.json) (`2025-02-01T08:15:09.483`) -- [CVE-2024-13428](CVE-2024/CVE-2024-134xx/CVE-2024-13428.json) (`2025-02-01T08:15:09.910`) -- [CVE-2024-13429](CVE-2024/CVE-2024-134xx/CVE-2024-13429.json) (`2025-02-01T08:15:10.340`) -- [CVE-2025-0939](CVE-2025/CVE-2025-09xx/CVE-2025-0939.json) (`2025-02-01T07:15:08.097`) -- [CVE-2025-23091](CVE-2025/CVE-2025-230xx/CVE-2025-23091.json) (`2025-02-01T07:15:08.277`) +- [CVE-2025-0943](CVE-2025/CVE-2025-09xx/CVE-2025-0943.json) (`2025-02-01T11:15:08.457`) ### CVEs modified in the last Commit diff --git a/_state.csv b/_state.csv index 20e4ed59d95..e8ac225d9d5 100644 --- a/_state.csv +++ b/_state.csv @@ -244994,7 +244994,7 @@ CVE-2024-11825,0,0,96c5070e436ca13c0f485f1de873107f18b277abea2e3dfbe2f45da01b02a CVE-2024-11826,0,0,714757b0f1ee90efb73e13391b9bb62ff3eaf1b93791e1acd0225d6c5a53499e,2025-01-27T18:15:36.540000 CVE-2024-11827,0,0,56fd4585b95b5b001b477bafaf482165d34a68f8e4c23484879244ef8898da04,2024-12-13T12:15:19.050000 CVE-2024-11828,0,0,2182fcc94d5c2924b387611eabcc64629aff0d6ea201e85bc92b19a7228cc503,2024-12-12T21:07:04.270000 -CVE-2024-11829,1,1,11ca589965256825956df9e25749ca56582e92b92b4e747980c6eb592b0f7df4,2025-02-01T07:15:06.940000 +CVE-2024-11829,0,0,11ca589965256825956df9e25749ca56582e92b92b4e747980c6eb592b0f7df4,2025-02-01T07:15:06.940000 CVE-2024-1183,0,0,65ecfa5c3d2b221c19281f6b798c6cc7087d171223e10f3dd191314d09620aec,2024-11-21T08:49:58.950000 CVE-2024-11830,0,0,2b9bcbcc6b8510fbe3715609ebd917cba06af0eebf5118baa1afa85039e0b1f0,2025-01-08T11:15:06.443000 CVE-2024-11832,0,0,7a6414b8a97e02ea73c05598b642d3e1c0cc9c0557b16b568dca85c729ab2498,2025-01-07T18:12:54.040000 @@ -245803,7 +245803,7 @@ CVE-2024-12819,0,0,d67b85742967f9e166e23a2e5c4440d086b3b3988f6b73108d4bee255219b CVE-2024-1282,0,0,e6b07825f0f3597687613e3a6164d0e157f6f527c33c61eb8d90ec07193bdec2,2024-11-21T08:50:13.520000 CVE-2024-12821,0,0,e588fd0d09947b07d09c8d3f282b63ea0e1f492dc00ee4435ee9c9b82132788c,2025-01-30T14:15:32.843000 CVE-2024-12822,0,0,192c28e8527adecfccce851b33e27323e02d5b46aeeffff5461062f4314ed85b,2025-01-30T14:15:33.017000 -CVE-2024-12825,1,1,02e36af40cd57a1d522669892e7084adc2801df76d70186253d0f50df9fc4568,2025-02-01T08:15:07.337000 +CVE-2024-12825,0,0,02e36af40cd57a1d522669892e7084adc2801df76d70186253d0f50df9fc4568,2025-02-01T08:15:07.337000 CVE-2024-12826,0,0,c720c0675605f102a13449f7c719465cad74869404c1c6afa4c9516f512ea0ef,2025-01-25T08:15:08.463000 CVE-2024-12828,0,0,a29f7d175d08af9e9a3e3b2d9a239843d4c47c7b84f9529c7b9ddf19ae5c7fea,2024-12-30T17:15:07.717000 CVE-2024-12829,0,0,b6def8373fb939ecec35d929ec57c311d0480519af7a0919a5038b5b832e9ed5,2025-01-03T17:46:48.507000 @@ -246243,7 +246243,7 @@ CVE-2024-13334,0,0,892c3ce546b2f6a66e9e4dfd761dd08aaefb851a17185548e40c2e88d5655 CVE-2024-13335,0,0,2fcef25251bb68a715e890eb0cf4e30f6ed93385a9d1ce3a44dbe1289f4c0426,2025-01-24T11:15:07.973000 CVE-2024-1334,0,0,5cd8113de272a8c461c68981cf2d6addc6166d9cf4d9dbad0d56a2a1ca671349,2024-12-31T16:48:40.290000 CVE-2024-13340,0,0,410a07bb948a432c6c68e7813dd264dbb94d6d7c0c36b44969bc437f75da1ae8,2025-01-31T16:02:16.553000 -CVE-2024-13341,1,1,16acded92547be67b8d1319a2af71c7cc4dd793d079329b45b0485cf9f1e2a5f,2025-02-01T07:15:07.900000 +CVE-2024-13341,0,0,16acded92547be67b8d1319a2af71c7cc4dd793d079329b45b0485cf9f1e2a5f,2025-02-01T07:15:07.900000 CVE-2024-13343,0,0,f82a6052ccce2ed181e863ae61f345a91ef7738bcd705b7c57eb9cd26a33b700,2025-02-01T04:15:30.717000 CVE-2024-13348,0,0,e7356b4b7de40bfcab5dcbdec8635d94ba57c9cc43546ece560a6873afe1ba28,2025-01-30T15:15:16.223000 CVE-2024-13349,0,0,1a00cf757b3ec26bd50ea0e563207e24798d3893002c58755b8b9af1d412744e,2025-01-31T17:58:59.027000 @@ -246259,8 +246259,8 @@ CVE-2024-13367,0,0,28bc518effbeac20d5854322c01ceb858440caae6a5bae49591369a0a18ef CVE-2024-13368,0,0,0cebd01114688a38654235872525dd94dee4e6b9d8c0c778f5ec6dd70bab5851,2025-01-25T08:15:08.830000 CVE-2024-1337,0,0,ecd9569d803b0ad7e93765437336dbe54b6bca900bd0d8d6a4265ae95a2bd0fa,2024-11-21T08:50:21.857000 CVE-2024-13370,0,0,4534ec8ffe42544d561bfc608813f027b638b469843d2bcdc0a7c27144b929ed,2025-01-25T08:15:08.990000 -CVE-2024-13371,1,1,490b85009fe81e5b4c3836eea1e092d9e78e9bad7ef014d0cc98908cb014dda9,2025-02-01T08:15:08.567000 -CVE-2024-13372,1,1,368b8d99dc354725c9f573ade34340d0dcd2dc4dc4f3200dde76728a3c7dd40d,2025-02-01T08:15:09.020000 +CVE-2024-13371,0,0,490b85009fe81e5b4c3836eea1e092d9e78e9bad7ef014d0cc98908cb014dda9,2025-02-01T08:15:08.567000 +CVE-2024-13372,0,0,368b8d99dc354725c9f573ade34340d0dcd2dc4dc4f3200dde76728a3c7dd40d,2025-02-01T08:15:09.020000 CVE-2024-13375,0,0,509bfd3a7c3f76e008f9bf54ba53750a8708a5d8eaf24ea17a33be3c80dc44d0,2025-01-18T09:15:07.120000 CVE-2024-13377,0,0,a25050bd2bbff023d447f5d602b24decf0d9fe3f99412e4f96b0e55aac73332f,2025-01-17T10:15:07.240000 CVE-2024-13378,0,0,7ea1d4cbb0f87859cae348c2da93d49f3902e773337fd492c684caf29392972d,2025-01-17T10:15:07.457000 @@ -246291,10 +246291,10 @@ CVE-2024-13415,0,0,078aa9b6eeb5af1c8634c02c595bbb40a0a7ec1b15e21674b1397103dd29c CVE-2024-1342,0,0,2f41e6eac1e33a309fc72543d371a67df7cdf22eae12449849cd3aab8e438d93,2024-10-14T22:15:03.180000 CVE-2024-13422,0,0,3d45f2466e53dfac69ec8dd343775dbe7473e4817099b26926d3d7b297be7b01,2025-01-23T12:15:28.163000 CVE-2024-13424,0,0,60791b2caef2c4384bda44bc4634febeec12d84f3bded4fd1a0d6202fd13ad5f,2025-01-31T06:15:29.443000 -CVE-2024-13425,1,1,08ef4f1b081737910f392244ba05da58d4cda2f63c81c6691bdd52d5b3c0e694,2025-02-01T08:15:09.483000 +CVE-2024-13425,0,0,08ef4f1b081737910f392244ba05da58d4cda2f63c81c6691bdd52d5b3c0e694,2025-02-01T08:15:09.483000 CVE-2024-13426,0,0,86fab2a47173ecbfa78b3dbc75ac72da294fc64d34b2b04366fafee0f3e9a13d,2025-01-24T18:37:38.503000 -CVE-2024-13428,1,1,8128bc8b864438479b00e90c4cc602c03e67236b9553061e120ac9d6a6f9ca30,2025-02-01T08:15:09.910000 -CVE-2024-13429,1,1,6fab7f0dc417bb40b2289985607f1c34c9972fc20bfbe830ca4813e83f198897,2025-02-01T08:15:10.340000 +CVE-2024-13428,0,0,8128bc8b864438479b00e90c4cc602c03e67236b9553061e120ac9d6a6f9ca30,2025-02-01T08:15:09.910000 +CVE-2024-13429,0,0,6fab7f0dc417bb40b2289985607f1c34c9972fc20bfbe830ca4813e83f198897,2025-02-01T08:15:10.340000 CVE-2024-1343,0,0,7c2447499342d3573955d9e9545316db90429adf3b266826e2ed2754189f075e,2024-11-21T08:50:22.433000 CVE-2024-13432,0,0,2420e31f27384cf3a3b972e6593316283200b18cb659242a854ce1e6ee4aeb4a,2025-01-18T07:15:08.983000 CVE-2024-13433,0,0,2a9d89514e9ca62330f67417cbd4f0a14554f70d781af736185219d7398dc564,2025-01-18T07:15:09.160000 @@ -278249,7 +278249,8 @@ CVE-2025-0929,0,0,ffaf780d1ad9f6bd5b422a6baa5a3c033dab993db1633cc62dfab8ec5e22c8 CVE-2025-0930,0,0,3208fbfb04878de0bb664bbdbe3c44e4e3f7a92268295009077cc2402da021f1,2025-01-31T14:15:34.293000 CVE-2025-0934,0,0,e3663ee9a4c4fab98de0a308775cdf9833b791256f04cc964b86e7e2758a3bc1,2025-01-31T20:15:32.893000 CVE-2025-0938,0,0,f483a985147355beda1ac5ec6a46732d1e38a3e469c32fde2fdbbf0317921d33,2025-01-31T20:15:33.083000 -CVE-2025-0939,1,1,4fee9d9bf91b5fba4fb21bcf1da5a530cf0306cb5ecc2eae58c32ef5efdc8b24,2025-02-01T07:15:08.097000 +CVE-2025-0939,0,0,4fee9d9bf91b5fba4fb21bcf1da5a530cf0306cb5ecc2eae58c32ef5efdc8b24,2025-02-01T07:15:08.097000 +CVE-2025-0943,1,1,d4beefef9f033db94e741551c1c44f80d0a15c5f160db1305b65e51b448ddcf2,2025-02-01T11:15:08.457000 CVE-2025-20014,0,0,708b5660539e4ab2830a732991daead462d3c8df88b4205953edf58b017cb8b0,2025-01-29T20:15:35.207000 CVE-2025-20016,0,0,6fccb84eb01c2cd66b422e82777f9738bfe5004121e1b551d0ae454724543c0e,2025-01-14T10:15:07.500000 CVE-2025-20033,0,0,6c60c85e451f1d6db70378d678ddf83dacc7c823ecfb493748ed6d94114eff49,2025-01-09T07:15:28.450000 @@ -279027,7 +279028,7 @@ CVE-2025-23087,0,0,ff3ef66bbdfadd92f4bceb83f017cee238f01afd217540d38de3c3bc4241e CVE-2025-23088,0,0,351c4fc9ce77a4e8c7f582485a4c81d867817a4e67e2a7d92df2d5afd4de1eba,2025-01-23T22:15:16.370000 CVE-2025-23089,0,0,53211e365cb35c1ca6468f83d4cfd887f23da2be04794ebbf5b6bdd46246c6fa,2025-01-23T22:15:16.460000 CVE-2025-23090,0,0,1fa9642da31f6a1f285e901b43018a8c7dae722f8fb49437e281ea29c270fa57,2025-01-22T02:15:34.443000 -CVE-2025-23091,1,1,b0cc14c8e209fbe6063fb24eff4314bed321c702e3c91518f97b3035bbea10ee,2025-02-01T07:15:08.277000 +CVE-2025-23091,0,0,b0cc14c8e209fbe6063fb24eff4314bed321c702e3c91518f97b3035bbea10ee,2025-02-01T07:15:08.277000 CVE-2025-23108,0,0,0867ae52bf9537919e00df206497183b5abf45a3a43e56579f476cc3d26e8d6c,2025-01-13T18:15:22.680000 CVE-2025-23109,0,0,4d519c5c41161d21ebd8f814ea3659acc2224a598528dd7d3e4c7b87a5ad8cc0,2025-01-13T18:15:22.903000 CVE-2025-23110,0,0,b9e32d20d7e6cf23b28c590dc2ad7f239b5186f27517cd303db97f7275b077fa,2025-01-10T22:15:27.550000