diff --git a/CVE-2024/CVE-2024-135xx/CVE-2024-13569.json b/CVE-2024/CVE-2024-135xx/CVE-2024-13569.json new file mode 100644 index 00000000000..00331018b38 --- /dev/null +++ b/CVE-2024/CVE-2024-135xx/CVE-2024-13569.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-13569", + "sourceIdentifier": "contact@wpscan.com", + "published": "2025-04-22T06:15:44.120", + "lastModified": "2025-04-22T06:15:44.120", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Front End Users WordPress plugin through 3.2.32 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/b9742440-0e36-4900-b58e-41c9854a62b2/", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-220xx/CVE-2025-22077.json b/CVE-2025/CVE-2025-220xx/CVE-2025-22077.json index 2ec61ceddef..4d00c5cfc8e 100644 --- a/CVE-2025/CVE-2025-220xx/CVE-2025-22077.json +++ b/CVE-2025/CVE-2025-220xx/CVE-2025-22077.json @@ -2,35 +2,23 @@ "id": "CVE-2025-22077", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2025-04-16T15:16:01.907", - "lastModified": "2025-04-17T20:22:16.240", + "lastModified": "2025-04-22T06:15:44.683", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Fix netns refcount imbalance causing leaks and use-after-free\n\nCommit ef7134c7fc48 (\"smb: client: Fix use-after-free of network\nnamespace.\") attempted to fix a netns use-after-free issue by manually\nadjusting reference counts via sk->sk_net_refcnt and sock_inuse_add().\n\nHowever, a later commit e9f2517a3e18 (\"smb: client: fix TCP timers deadlock\nafter rmmod\") pointed out that the approach of manually setting\nsk->sk_net_refcnt in the first commit was technically incorrect, as\nsk->sk_net_refcnt should only be set for user sockets. It led to issues\nlike TCP timers not being cleared properly on close. The second commit\nmoved to a model of just holding an extra netns reference for\nserver->ssocket using get_net(), and dropping it when the server is torn\ndown.\n\nBut there remain some gaps in the get_net()/put_net() balancing added by\nthese commits. The incomplete reference handling in these fixes results\nin two issues:\n\n1. Netns refcount leaks[1]\n\nThe problem process is as follows:\n\n```\nmount.cifs cifsd\n\ncifs_do_mount\n cifs_mount\n cifs_mount_get_session\n cifs_get_tcp_session\n get_net() /* First get net. */\n ip_connect\n generic_ip_connect /* Try port 445 */\n get_net()\n ->connect() /* Failed */\n put_net()\n generic_ip_connect /* Try port 139 */\n get_net() /* Missing matching put_net() for this get_net().*/\n cifs_get_smb_ses\n cifs_negotiate_protocol\n smb2_negotiate\n SMB2_negotiate\n cifs_send_recv\n wait_for_response\n cifs_demultiplex_thread\n cifs_read_from_socket\n cifs_readv_from_socket\n cifs_reconnect\n cifs_abort_connection\n sock_release();\n server->ssocket = NULL;\n /* Missing put_net() here. */\n generic_ip_connect\n get_net()\n ->connect() /* Failed */\n put_net()\n sock_release();\n server->ssocket = NULL;\n free_rsp_buf\n ...\n clean_demultiplex_info\n /* It's only called once here. */\n put_net()\n```\n\nWhen cifs_reconnect() is triggered, the server->ssocket is released\nwithout a corresponding put_net() for the reference acquired in\ngeneric_ip_connect() before. it ends up calling generic_ip_connect()\nagain to retry get_net(). After that, server->ssocket is set to NULL\nin the error path of generic_ip_connect(), and the net count cannot be\nreleased in the final clean_demultiplex_info() function.\n\n2. Potential use-after-free\n\nThe current refcounting scheme can lead to a potential use-after-free issue\nin the following scenario:\n\n```\n cifs_do_mount\n cifs_mount\n cifs_mount_get_session\n cifs_get_tcp_session\n get_net() /* First get net */\n ip_connect\n generic_ip_connect\n get_net()\n bind_socket\n\t kernel_bind /* failed */\n put_net()\n /* after out_err_crypto_release label */\n put_net()\n /* after out_err label */\n put_net()\n```\n\nIn the exception handling process where binding the socket fails, the\nget_net() and put_net() calls are unbalanced, which may cause the\nserver->net reference count to drop to zero and be prematurely released.\n\nTo address both issues, this patch ties the netns reference counti\n---truncated---" + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"smb: client: fix TCP timers deadlock after rmmod\"\n\nThis reverts commit e9f2517a3e18a54a3943c098d2226b245d488801.\n\nCommit e9f2517a3e18 (\"smb: client: fix TCP timers deadlock after\nrmmod\") is intended to fix a null-ptr-deref in LOCKDEP, which is\nmentioned as CVE-2024-54680, but is actually did not fix anything;\nThe issue can be reproduced on top of it. [0]\n\nAlso, it reverted the change by commit ef7134c7fc48 (\"smb: client:\nFix use-after-free of network namespace.\") and introduced a real\nissue by reviving the kernel TCP socket.\n\nWhen a reconnect happens for a CIFS connection, the socket state\ntransitions to FIN_WAIT_1. Then, inet_csk_clear_xmit_timers_sync()\nin tcp_close() stops all timers for the socket.\n\nIf an incoming FIN packet is lost, the socket will stay at FIN_WAIT_1\nforever, and such sockets could be leaked up to net.ipv4.tcp_max_orphans.\n\nUsually, FIN can be retransmitted by the peer, but if the peer aborts\nthe connection, the issue comes into reality.\n\nI warned about this privately by pointing out the exact report [1],\nbut the bogus fix was finally merged.\n\nSo, we should not stop the timers to finally kill the connection on\nour side in that case, meaning we must not use a kernel socket for\nTCP whose sk->sk_net_refcnt is 0.\n\nThe kernel socket does not have a reference to its netns to make it\npossible to tear down netns without cleaning up every resource in it.\n\nFor example, tunnel devices use a UDP socket internally, but we can\ndestroy netns without removing such devices and let it complete\nduring exit. Otherwise, netns would be leaked when the last application\ndied.\n\nHowever, this is problematic for TCP sockets because TCP has timers to\nclose the connection gracefully even after the socket is close()d. The\nlifetime of the socket and its netns is different from the lifetime of\nthe underlying connection.\n\nIf the socket user does not maintain the netns lifetime, the timer could\nbe fired after the socket is close()d and its netns is freed up, resulting\nin use-after-free.\n\nActually, we have seen so many similar issues and converted such sockets\nto have a reference to netns.\n\nThat's why I converted the CIFS client socket to have a reference to\nnetns (sk->sk_net_refcnt == 1), which is somehow mentioned as out-of-scope\nof CIFS and technically wrong in e9f2517a3e18, but **is in-scope and right\nfix**.\n\nRegarding the LOCKDEP issue, we can prevent the module unload by\nbumping the module refcount when switching the LOCKDDEP key in\nsock_lock_init_class_and_name(). [2]\n\nFor a while, let's revert the bogus fix.\n\nNote that now we can use sk_net_refcnt_upgrade() for the socket\nconversion, but I'll do so later separately to make backport easy." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: cliente: Corregir el desequilibrio en el recuento de referencias de netns que causa fugas y use-after-free. el commit ef7134c7fc48 (\"smb: cliente: Corregir el use-after-free del espacio de nombres de red\") intent\u00f3 corregir un problema de use-after-free de netns ajustando manualmente los recuentos de referencias mediante sk->sk_net_refcnt y sock_inuse_add(). Sin embargo, una confirmaci\u00f3n posterior e9f2517a3e18 (\"smb: cliente: Corregir el bloqueo de los temporizadores TCP despu\u00e9s de rmmod\") indic\u00f3 que la configuraci\u00f3n manual de sk->sk_net_refcnt en la primera confirmaci\u00f3n era t\u00e9cnicamente incorrecta, ya que sk->sk_net_refcnt solo debe configurarse para sockets de usuario. Esto provoc\u00f3 problemas como que los temporizadores TCP no se borraran correctamente al cerrar. La segunda confirmaci\u00f3n se adapt\u00f3 a un modelo que simplemente almacena una referencia netns adicional para server->ssocket mediante get_net() y la elimina al desmantelar el servidor. Sin embargo, persisten algunas deficiencias en el equilibrio entre get_net() y put_net(), a\u00f1adidas por estas confirmaciones. El manejo incompleto de las referencias en estas correcciones genera dos problemas: 1. Fugas de recuento de referencias de netns[1]. El proceso del problema es el siguiente: ``` mount.cifs cifsd cifs_do_mount cifs_mount cifs_mount_get_session cifs_get_tcp_session get_net() /* Primero, obtener net. */ ip_connect generic_ip_connect /* Intentar el puerto 445 */ get_net() ->connect() /* Error */ put_net() generic_ip_connect /* Intentar el puerto 139 */ get_net() /* Falta put_net() coincidente para este get_net().*/ cifs_get_smb_ses cifs_negotiate_protocol smb2_negotiate SMB2_negotiate cifs_send_recv wait_for_response cifs_demultiplex_thread cifs_read_from_socket cifs_readv_from_socket cifs_reconnect cifs_abort_connection sock_release(); server->ssocket = NULL; /* Falta put_net() aqu\u00ed. */ generic_ip_connect get_net() ->connect() /* Error */ put_net() sock_release(); server->ssocket = NULL; free_rsp_buf ... clean_demultiplex_info /* Solo se llama una vez aqu\u00ed. */ put_net() ``` Cuando se activa cifs_reconnect(), el servidor->ssocket se libera sin un put_net() correspondiente para la referencia obtenida previamente en generic_ip_connect(). Termina llamando a generic_ip_connect() de nuevo para reintentar get_net(). Despu\u00e9s, el servidor->ssocket se establece en NULL en la ruta de error de generic_ip_connect(), y el recuento neto no se puede liberar en la funci\u00f3n clean_demultiplex_info() final. 2. Posible use-after-free. El esquema actual de recuento de referencias puede generar un posible problema de use-after-free en el siguiente escenario: ``` cifs_do_mount cifs_mount cifs_mount_get_session cifs_get_tcp_session get_net() /* First get net */ ip_connect generic_ip_connect get_net() bind_socket kernel_bind /* failed */ put_net() /* after out_err_crypto_release label */ put_net() /* after out_err label */ put_net() ``` En el proceso de gesti\u00f3n de excepciones donde falla la vinculaci\u00f3n del socket, las llamadas get_net() y put_net() est\u00e1n desequilibradas, lo que puede provocar que el recuento de referencias server->net baje a cero y se libere prematuramente. Para solucionar ambos problemas, este parche vincula el recuento de referencias netns ---truncated---" } ], "metrics": {}, "references": [ { - "url": "https://git.kernel.org/stable/c/476617a4ca0123f0df677d547a82a110c27c8c74", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/4e7f1644f2ac6d01dc584f6301c3b1d5aac4eaef", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/7d8dfc27d90d41627c0d6ada97ed0ab57b3dae25", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/961755d0055e0e96d1849cc0425da966c8a64e53", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/c6b6b8dcef4adf8ee4e439bb97e74106096c71b8", + "url": "https://git.kernel.org/stable/c/95d2b9f693ff2a1180a23d7d59acc0c4e72f4c41", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" } ] diff --git a/CVE-2025/CVE-2025-25xx/CVE-2025-2594.json b/CVE-2025/CVE-2025-25xx/CVE-2025-2594.json new file mode 100644 index 00000000000..70b79e76852 --- /dev/null +++ b/CVE-2025/CVE-2025-25xx/CVE-2025-2594.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2025-2594", + "sourceIdentifier": "contact@wpscan.com", + "published": "2025-04-22T06:15:44.860", + "lastModified": "2025-04-22T06:15:44.860", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The User Registration & Membership WordPress plugin before 4.1.3 does not properly validate data in an AJAX action when the Membership Addon is enabled, allowing attackers to authenticate as any user, including administrators, by simply using the target account's user ID." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/1c1be47a-d5c0-4ac1-b9fd-475b382a7d8f/", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-28xx/CVE-2025-2839.json b/CVE-2025/CVE-2025-28xx/CVE-2025-2839.json new file mode 100644 index 00000000000..e3ff2743297 --- /dev/null +++ b/CVE-2025/CVE-2025-28xx/CVE-2025-2839.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2025-2839", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-04-22T06:15:44.973", + "lastModified": "2025-04-22T06:15:44.973", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The WP Import Export Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018wpiePreviewData\u2019 function in all versions up to, and including, 3.9.27 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/wp-import-export-lite/trunk/assets/js/wpie-export-admin.min.js", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3274100/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a8ca1ead-1bc5-4ccc-9034-559db27f5e82?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-38xx/CVE-2025-3814.json b/CVE-2025/CVE-2025-38xx/CVE-2025-3814.json new file mode 100644 index 00000000000..5d5760bace8 --- /dev/null +++ b/CVE-2025/CVE-2025-38xx/CVE-2025-3814.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2025-3814", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-04-22T06:15:45.210", + "lastModified": "2025-04-22T06:15:45.210", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Tax Switch for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018class-name\u2019 parameter in all versions up to, and including, 1.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/tax-switch-for-woocommerce/tags/1.4.0/includes/class-wdevs-tax-switch-block.php#L112", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3277044/", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/tax-switch-for-woocommerce/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e290f1aa-d20a-4e76-b77b-3e5b79e9d379?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 3aa5ae407b8..6187410190c 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-04-22T06:00:19.529651+00:00 +2025-04-22T08:00:20.246034+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-04-22T05:15:30.780000+00:00 +2025-04-22T06:15:45.210000+00:00 ``` ### Last Data Feed Release @@ -33,29 +33,24 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -291018 +291022 ``` ### CVEs added in the last Commit -Recently added CVEs: `3` +Recently added CVEs: `4` -- [CVE-2024-46899](CVE-2024/CVE-2024-468xx/CVE-2024-46899.json) (`2025-04-22T05:15:30.293`) -- [CVE-2025-2300](CVE-2025/CVE-2025-23xx/CVE-2025-2300.json) (`2025-04-22T05:15:30.623`) -- [CVE-2025-3616](CVE-2025/CVE-2025-36xx/CVE-2025-3616.json) (`2025-04-22T05:15:30.780`) +- [CVE-2024-13569](CVE-2024/CVE-2024-135xx/CVE-2024-13569.json) (`2025-04-22T06:15:44.120`) +- [CVE-2025-2594](CVE-2025/CVE-2025-25xx/CVE-2025-2594.json) (`2025-04-22T06:15:44.860`) +- [CVE-2025-2839](CVE-2025/CVE-2025-28xx/CVE-2025-2839.json) (`2025-04-22T06:15:44.973`) +- [CVE-2025-3814](CVE-2025/CVE-2025-38xx/CVE-2025-3814.json) (`2025-04-22T06:15:45.210`) ### CVEs modified in the last Commit -Recently modified CVEs: `7` +Recently modified CVEs: `1` -- [CVE-2022-31698](CVE-2022/CVE-2022-316xx/CVE-2022-31698.json) (`2025-04-22T04:15:20.490`) -- [CVE-2022-44575](CVE-2022/CVE-2022-445xx/CVE-2022-44575.json) (`2025-04-22T04:15:22.093`) -- [CVE-2022-44636](CVE-2022/CVE-2022-446xx/CVE-2022-44636.json) (`2025-04-22T04:15:22.493`) -- [CVE-2022-44874](CVE-2022/CVE-2022-448xx/CVE-2022-44874.json) (`2025-04-22T04:15:22.763`) -- [CVE-2022-45005](CVE-2022/CVE-2022-450xx/CVE-2022-45005.json) (`2025-04-22T04:15:23.160`) -- [CVE-2022-45028](CVE-2022/CVE-2022-450xx/CVE-2022-45028.json) (`2025-04-22T04:15:23.380`) -- [CVE-2022-45685](CVE-2022/CVE-2022-456xx/CVE-2022-45685.json) (`2025-04-22T04:15:23.807`) +- [CVE-2025-22077](CVE-2025/CVE-2025-220xx/CVE-2025-22077.json) (`2025-04-22T06:15:44.683`) ## Download and Usage diff --git a/_state.csv b/_state.csv index cf0c65e8953..354a2b560e6 100644 --- a/_state.csv +++ b/_state.csv @@ -200071,7 +200071,7 @@ CVE-2022-31693,0,0,e4d138fa62c4c452e71649c73d8be4ef766536579305d019b090fc4196f69 CVE-2022-31694,0,0,194725518dc2ef64a6274415ae39d17011132b1437b4d05c26e866d1d6e9daf2,2024-11-21T07:05:08.950000 CVE-2022-31696,0,0,92cbb5e5a327dcecef36027d6dcb58b0740a71db367cb95598e8d9df016a7b53,2024-11-21T07:05:09.130000 CVE-2022-31697,0,0,3d3c9f801ea26de28bbd2057e79472dcab870b29249bdf1400f36cc7da8ce9a1,2024-11-21T07:05:09.370000 -CVE-2022-31698,0,1,ba7d962af91f3d31a213a2dd2e03cbf215ad1e6faaeed6103e622df87fe9a7cf,2025-04-22T04:15:20.490000 +CVE-2022-31698,0,0,ba7d962af91f3d31a213a2dd2e03cbf215ad1e6faaeed6103e622df87fe9a7cf,2025-04-22T04:15:20.490000 CVE-2022-31699,0,0,aeafb4e5c5a4b985c7ed4527df44d6659626819a17b0770f4cb525cd07406516,2024-11-21T07:05:09.690000 CVE-2022-3170,0,0,0cfe3e11d78a54f3d9b8927f4a123a99f9bf32cd44405a25cba2b35b04387913,2024-11-21T07:18:58.143000 CVE-2022-31700,0,0,297ea82b64bd8b56fff84dc928d4d52d5f744f3110445b4d7ea0a0b012687757,2024-11-21T07:05:09.880000 @@ -210048,7 +210048,7 @@ CVE-2022-44570,0,0,2e1f4c6a3e32ab4d95af22abbceed286d4956f89e715c7a200fccfca33b54 CVE-2022-44571,0,0,f792fe00925d8be6d5cbf7dc00f882fa2edae58eb43a8da981c1a09f859cd8eb,2025-02-13T15:37:40.953000 CVE-2022-44572,0,0,2e947895aa4560611e65fe74203c14741d79e1db2383da30ef7ed36dc58629d3,2025-02-13T15:37:40.953000 CVE-2022-44574,0,0,a175eb8258a6bf38b31ca4013bcbd2926799f5ce592f9f6a10ae015fefe5d74e,2024-11-21T07:28:09.293000 -CVE-2022-44575,0,1,749263d5865bfd43c4ebde69a689ce19f7349a3b10a83344c435bcf23cc74021,2025-04-22T04:15:22.093000 +CVE-2022-44575,0,0,749263d5865bfd43c4ebde69a689ce19f7349a3b10a83344c435bcf23cc74021,2025-04-22T04:15:22.093000 CVE-2022-44576,0,0,c0d43c3b5ae1e286ac188117f1c79b47f94c826ce1616991316f95513ab952d6,2024-11-21T07:28:09.523000 CVE-2022-44577,0,0,2253b7182de879dcd27ea57e1b4f32cd38a9ea997dbe86bb6ddaf2758af15842,2023-11-07T03:54:19.927000 CVE-2022-44578,0,0,f85909bc9f25861cd6a016b2bdbc1cac189594c64c4ddb9de6ee6d51c266b0eb,2024-12-13T15:15:07.797000 @@ -210094,7 +210094,7 @@ CVE-2022-44632,0,0,2189346ebe03fd6a8a3377bf04091ee79ee7a7b61743753d2b08063c09ad7 CVE-2022-44633,0,0,0bfaac3c672191c188b3f4444616f3b5b039dbdbbe7f7dea28d72fe5e677910a,2024-11-21T07:28:14.150000 CVE-2022-44634,0,0,4e993b4b2d7eb3f52420143b74ffe66d7781b97d58c7e36ac1f9cf5ae2377e02,2025-02-20T20:15:43.653000 CVE-2022-44635,0,0,1d4e9827860f1d893d17ced644b360aca4a9f601c13d078d5690c46725557645,2024-11-21T07:28:14.380000 -CVE-2022-44636,0,1,e665458aad0f0d22671191865ac84b2be1559efb5003d90593cf542d7bfcf6de,2025-04-22T04:15:22.493000 +CVE-2022-44636,0,0,e665458aad0f0d22671191865ac84b2be1559efb5003d90593cf542d7bfcf6de,2025-04-22T04:15:22.493000 CVE-2022-44637,0,0,bdf30cffa44b7f2c62d61bdd2380eee3d5b9bc7d10080ebf748e3450f221aab9,2024-11-21T07:28:14.647000 CVE-2022-44638,0,0,cd4dfe11fbb405feccdca7af9c78159d06c16ecbe89ded61e0cc6f9a854d2a6b,2024-11-21T07:28:14.783000 CVE-2022-4464,0,0,259a9f4962efef21c077a96a1ba131ab972940338700bdf9187b508a3513d6c1,2025-04-08T20:15:18.080000 @@ -210242,7 +210242,7 @@ CVE-2022-4486,0,0,fac441dba9a0ed0c5ed5a32072617b1043ec09d6dbefb8d7c0daf0a0cabc48 CVE-2022-44860,0,0,1a19cbab9099840b3620f05539b837739716dd3684d4222c0bcfb2211a4a8360,2024-11-21T07:28:30.677000 CVE-2022-4487,0,0,de5f6cb980849d29563e31efca9b2ddc8a25fb3efe3c2c837680ea053fd306a3,2025-04-08T20:15:18.607000 CVE-2022-44870,0,0,85309107ec6ef372d187411e83e19cd9ce9d0875a02aabefceaf00dbe48747cf,2025-04-09T21:15:42.323000 -CVE-2022-44874,0,1,f233ca85d2870b99dd17c8fc9a7aa6819d67a625a4ab69d16965434942250774,2025-04-22T04:15:22.763000 +CVE-2022-44874,0,0,f233ca85d2870b99dd17c8fc9a7aa6819d67a625a4ab69d16965434942250774,2025-04-22T04:15:22.763000 CVE-2022-44875,0,0,fa99ed7ed2c3b217cd1ea1fedb68670bda50c91d0f8db696b625484bb5b1794a,2025-03-06T21:15:12.760000 CVE-2022-44877,0,0,167abc48a2718fbfa505946198c84dfdbf826f76a0d0d30de7dfaf553c886f73,2025-03-14T20:00:50.947000 CVE-2022-4488,0,0,ed51282757cc08b2ef8e1fc16c7fd96328eb1436aad4d8e25872a241809bd756,2025-03-21T20:15:13.943000 @@ -210290,7 +210290,7 @@ CVE-2022-4498,0,0,6923ad259e8f939f5c7cad8834e7a5982f6388272c37d3d6fc1afdaca4b242 CVE-2022-4499,0,0,ca8064d5a004cfb0f6d5489c89811780a555f4ef3649931dcbd05c31ae1f52b7,2025-04-09T14:15:26.527000 CVE-2022-45003,0,0,d1e7f705ddf829dbd640ecd7a5626782308566ef0664ccefac98b79b5e718702,2025-02-25T22:15:11.043000 CVE-2022-45004,0,0,bfcae60beaf5f207e320642ea45b72fdd7b6c4d0251b3b594311d84c381c4305,2025-02-26T17:15:13.280000 -CVE-2022-45005,0,1,29624e996b0267ce0ef2a51cb5f7fca7f4cf26262bb7262184a7c5862f9537b4,2025-04-22T04:15:23.160000 +CVE-2022-45005,0,0,29624e996b0267ce0ef2a51cb5f7fca7f4cf26262bb7262184a7c5862f9537b4,2025-04-22T04:15:23.160000 CVE-2022-45008,0,0,e07b5e281b874d670badcb48ccf98d87ed91029925af0fd8b74da67d4f10c58e,2024-11-21T07:28:36.580000 CVE-2022-45009,0,0,a7b7e291df3d61ed6a06839df315a82e3756426a5bbd63b3f857d6ee60507ecb,2024-11-21T07:28:36.713000 CVE-2022-4501,0,0,8184c5973d6127d321966758a3efd011d2896eda25e506425d4fafdaea3d09cf,2024-11-21T07:35:23.293000 @@ -210307,7 +210307,7 @@ CVE-2022-45020,0,0,ff3e2b35ddfc869ab39892b522317cc0a21c0c348d93662f7022b13b84c71 CVE-2022-45025,0,0,c627309999d15135e44fde1e3138230ca5259903153c6eb6f7dd0ad351fbe214,2024-11-21T07:28:38.120000 CVE-2022-45026,0,0,9e6ec22705c1f25a17deac599e7c88381c1dbb50e4719e953601f50a0814dd31,2024-11-21T07:28:38.260000 CVE-2022-45027,0,0,db75a9d0b2484090ac8684007e91379b796ac11cd43b73fa0402d4db368ae2e2,2025-04-11T14:15:21.877000 -CVE-2022-45028,0,1,d814072f6c33d8be67405a81b4e24ef66053fbd190c9a8f9271040d00a69806d,2025-04-22T04:15:23.380000 +CVE-2022-45028,0,0,d814072f6c33d8be67405a81b4e24ef66053fbd190c9a8f9271040d00a69806d,2025-04-22T04:15:23.380000 CVE-2022-4503,0,0,a1d4f0b44c03b0f88ef9ef27b9999b83018fd405199eb7f07b094fc94c2e266b,2024-11-21T07:35:23.577000 CVE-2022-45030,0,0,3ced0aca532ea345080d9de2a404334c178b6c669d4225d75b21820be03fea6a,2025-02-06T16:15:30.977000 CVE-2022-45033,0,0,8100f1fcbc9b050372d8631b5de95b6938ba1bebe276e28eb50403b48954bc77,2025-04-21T15:15:54.913000 @@ -210789,7 +210789,7 @@ CVE-2022-45673,0,0,afc92d054d79d72a087ecf07f6b36da4053cc02bbe4384db14d23cdb29ae3 CVE-2022-45674,0,0,580031b9954cf940fff84360cd66195abd3dcb8e388dfd965c100f8ba07404fb,2024-11-21T07:29:35.047000 CVE-2022-45677,0,0,43919b690ca911b467815606707b1186a37bc08bcec4c57689a4e4e1708d83c1,2025-03-14T19:15:39.943000 CVE-2022-4568,0,0,ee6ffc57bf7a69ab5e6be1a916004699612e2373f90b2f7d4925230d76802177,2025-01-30T16:15:28.620000 -CVE-2022-45685,0,1,df0f53d28103ac6a23f08aa6415a74ad54ee3f1117f84c062447701fdadad32a,2025-04-22T04:15:23.807000 +CVE-2022-45685,0,0,df0f53d28103ac6a23f08aa6415a74ad54ee3f1117f84c062447701fdadad32a,2025-04-22T04:15:23.807000 CVE-2022-45688,0,0,f7a87c81feb967e52f819d86ab276782335eae8e157e1b7ca1ca0a3e74c8939e,2025-04-22T03:15:18.457000 CVE-2022-45689,0,0,d279eb426897f1a5c4c640557c1d2cd4d189cd451fee6c89666245857dc180d2,2024-11-21T07:29:35.707000 CVE-2022-4569,0,0,4a2599063fefb513ab23f360a9f2529d620d0c97fa1dc35085c7a5a3cf63116b,2024-11-21T07:35:30.753000 @@ -248079,6 +248079,7 @@ CVE-2024-13565,0,0,684f7f6c469aa690c31498d8006cc3528a7f9ba92e597c468d835d0a7ab8e CVE-2024-13566,0,0,4e1012bf67cdbac097d1c63a1c7fd79c8a8116508864b50fb7c66cdc833178a3,2025-01-31T09:15:06.847000 CVE-2024-13567,0,0,d123d65fa99071e0741ab501c15c4c7f9d688ac84bc56954eb217f3ce4092780,2025-04-01T20:26:11.547000 CVE-2024-13568,0,0,9e74afb56722f02929d754afa7c3b344f0fb3d262b0b29f693d93e682755b19b,2025-03-01T05:15:14.883000 +CVE-2024-13569,1,1,93e38ac3ad46507fa98f415da897dc4c3c83d13a1b96c6d608ea7ff38b467b16,2025-04-22T06:15:44.120000 CVE-2024-1357,0,0,25eaf5b978f8da82b4d3e5ed8aa890834adc21c061c9c9c169613a72fe6996b1,2024-11-21T08:50:24.283000 CVE-2024-13570,0,0,5f3f1655b91dc3bee949d16de77a481687b9936ecee52594dcd7e9a641c4eac8,2025-02-20T16:12:22.823000 CVE-2024-13571,0,0,ab309a8c78e09a2ce738fdc24b971e3cca9be1cecd7a9446e1d144bb91a81bc0,2025-02-26T16:15:15.210000 @@ -269699,7 +269700,7 @@ CVE-2024-46894,0,0,f86a76da485d6677cc76abdeb9165332258d55b6d4a07fe227c42c92f739f CVE-2024-46896,0,0,2d1cbdbce5fc917746dc94fab2a6ec6394bd49069ac2f3dd6d0e3ea0abb87e4d,2025-01-11T13:15:21.643000 CVE-2024-46897,0,0,9eec647173e555f13f51f2e584fda49a1d135ce40040a9da0ee91e1e29d63bf6,2024-10-22T14:09:46.913000 CVE-2024-46898,0,0,74a42c689ae857f92ce7afe6487c46863603ab1bd0de02bba2a7de3bdb05fd52,2024-10-17T17:52:00.700000 -CVE-2024-46899,1,1,14e0b314689c356e88f46d8db897726b3a6683cd15400935bd647881c8aec20a,2025-04-22T05:15:30.293000 +CVE-2024-46899,0,0,14e0b314689c356e88f46d8db897726b3a6683cd15400935bd647881c8aec20a,2025-04-22T05:15:30.293000 CVE-2024-4690,0,0,270579dd78326f8bdeb8ecb772eb396788f733fe690f1deb094303c0d81085d7,2024-10-21T15:51:10.467000 CVE-2024-46901,0,0,2a1a09c84432375cb66f94e43ba3f54db6428f4686268a7d0ac72837ca4afef8,2025-04-13T21:15:13.817000 CVE-2024-46902,0,0,0bdfa1eb869c55e45367b5082ce67aea2b425ced2b12b2f9b88a74fa27645d77,2024-10-25T14:50:23.897000 @@ -283977,7 +283978,7 @@ CVE-2025-22073,0,0,1011b1983c78355d02123f7c88dfc6182e9722c50b1fa6a835a8fbaf3084f CVE-2025-22074,0,0,c93b26d255a98622f3c64207f2f2068cdbbb7943477ed1bda9847c2aed7aca12,2025-04-17T20:22:16.240000 CVE-2025-22075,0,0,261a98e89208109572cff4ef6745cb89aaeaf045a6efabf16dc812a41d8ddf6b,2025-04-17T20:22:16.240000 CVE-2025-22076,0,0,d420dac94d6fe51cc4ff1a0eb9628b40a00756768d7df0795a7580a2fb35e174,2025-04-17T20:22:16.240000 -CVE-2025-22077,0,0,700e0aa90a3f566630726dc4755065c23b25d41296d9bb4cadf977dd64e24038,2025-04-17T20:22:16.240000 +CVE-2025-22077,0,1,c7a678e89d0b2f171bdad8743afc5df7cf0b68ca7d64da82ffcc8e05d2c128d2,2025-04-22T06:15:44.683000 CVE-2025-22078,0,0,26f7b68d0cdad5a890aa75dadfa17672e8c28f9f0bf4ecb4fdd0f808542f5350,2025-04-17T20:22:16.240000 CVE-2025-22079,0,0,364458579769c3e0f2ccd2c4af19c4b4e0f96f4d7196e9e43e8a4f54c705c689,2025-04-17T20:22:16.240000 CVE-2025-2208,0,0,99b9d91a36ada917eec10dfce1128ade8f30ac7ffcb2e43a5105e2922f45ad1f,2025-03-11T21:15:54.117000 @@ -284690,7 +284691,7 @@ CVE-2025-22992,0,0,9c2224e338558ccc5fdf942d723bafbe861c5e19d73a3269c58858cc57989 CVE-2025-22994,0,0,d9527179d5c850c6866754d31e77f1c2fd06d9e1a13bd3d3f0bd861c8c0f83ff,2025-03-19T15:15:53.990000 CVE-2025-22996,0,0,c50cf62284cf751584047e7a98111e31ae9d7e05423e0e28a6dfeca6772a6ab9,2025-01-15T17:15:21.837000 CVE-2025-22997,0,0,cbf89797792d4ad66a4f37050995306b66d6d3563ae5ce9db2b5b27779f4d42b,2025-01-15T17:15:22.193000 -CVE-2025-2300,1,1,b75e9de1e3fea75a82324a7009ab11557a232dec1d2d244ee38029b242f8237a,2025-04-22T05:15:30.623000 +CVE-2025-2300,0,0,b75e9de1e3fea75a82324a7009ab11557a232dec1d2d244ee38029b242f8237a,2025-04-22T05:15:30.623000 CVE-2025-23001,0,0,a661c9ff25c543dcf089dc4c4188fedb40f499aceeca183680e7eb66234e4f62,2025-02-21T17:15:14.103000 CVE-2025-23006,0,0,7a5bf6bad719976a640fb90f39e240f5ae9344d4363a556047b151d1633075a7,2025-04-02T20:32:48.097000 CVE-2025-23007,0,0,b858739c0629c57e2ce2431efc2bf426967345a22234bf6ec786c1aa91b1ae0f,2025-04-17T16:15:29.720000 @@ -286749,6 +286750,7 @@ CVE-2025-25928,0,0,4d0126a70ece07e33b30b79d6fb0071d9ae75a48eb252843c096446d3c2cb CVE-2025-25929,0,0,6bf2d742d037270fd862a805d51ec3ddd6ef1eaaac8534caa6d76c7b5e4ebb4d,2025-03-12T16:15:23.767000 CVE-2025-2593,0,0,1b6e06a0ab7f9f28a3291450afbbc8dc96810beccd94ade76b2912bb384868f8,2025-04-01T20:23:07.257000 CVE-2025-25939,0,0,b8c954bd00c1572438e1260084236f900e4329b0f9362ba172af96a5853d2ee9,2025-03-06T12:25:31.947000 +CVE-2025-2594,1,1,d06536a3c9f86cb707b40fdb7ea96e2ddf9927fa049feedfd08971fc778e6032,2025-04-22T06:15:44.860000 CVE-2025-25940,0,0,0c729de242bc4ae51f81d332fedc09616e9f113b2b488846046c92f3a5ddefa6,2025-03-12T19:15:39.967000 CVE-2025-25942,0,0,abb06ac2462106029cbb8bb08119f5129d89323ab66d1de7f80d7b48f0130201,2025-02-20T15:15:14.587000 CVE-2025-25943,0,0,ddbf4f2120cdf8c0c6ec76a602b8a3405d44d5883b4cc9347335166be4d0cf63,2025-02-20T15:15:14.743000 @@ -288031,6 +288033,7 @@ CVE-2025-28361,0,0,012842a41606e730430b254a67bbb658386b3833897674145b51c035a4841 CVE-2025-28367,0,0,f4622890a6e2177cbcbd53f4213304d59b6c0d2acdfc9dc1a0a7bf5c7a4c62c3,2025-04-21T16:15:54.373000 CVE-2025-2837,0,0,b89aeb2a53f8a50fdc7d1cb971618f78d6548d3dfb914df0b41cb0d9a2a5f82a,2025-03-27T16:45:27.850000 CVE-2025-2838,0,0,ad5519332c14610c417f2ebe0957fac238c08deca06808872c71584919e4dfa3,2025-03-27T16:45:27.850000 +CVE-2025-2839,1,1,82cb65b96fd519741554a8160952fd9740fba6f399df7b365f83333b41842206,2025-04-22T06:15:44.973000 CVE-2025-28395,0,0,e2a008eff6d871d94e498e18fdcd7ec1a8104377f0bfd0c36d8d69a8cfbea062,2025-04-15T12:52:46.433000 CVE-2025-28398,0,0,a80aa3350f7ebc843f0b185d49e6b66d7edf0d8201a54a2ee3a02548dd1b1270,2025-04-15T12:51:12.750000 CVE-2025-28399,0,0,d8ae7f3e952903ea28f89076fdcb864bb2d9ad71c7e0bfc36d4140c72a7df9d9,2025-04-16T15:16:09.757000 @@ -290713,7 +290716,7 @@ CVE-2025-3608,0,0,39b182f4ebb2561066bac4e2df270fac3ea79c341f6f5d3809c1d21f023dee CVE-2025-3612,0,0,b3e7e1fd46c9147c27f3feb15d1a5ba8eabce3f8bab41f1f78e6d74dff7b1b50,2025-04-15T18:39:27.967000 CVE-2025-3613,0,0,9c314abbc6473987a4462c7f86d0ede7026d1a1d89f3e10127913343b31eedd8,2025-04-15T18:39:27.967000 CVE-2025-3615,0,0,2db41b8d63395d6d9b6ba61cd5680a6d043a25e9feb8e95c34902cde20aa80eb,2025-04-17T20:21:48.243000 -CVE-2025-3616,1,1,e623a5950c349500c4b32d080ade8cc7ece5c6940dfd2bb29cfbe22a16449bc9,2025-04-22T05:15:30.780000 +CVE-2025-3616,0,0,e623a5950c349500c4b32d080ade8cc7ece5c6940dfd2bb29cfbe22a16449bc9,2025-04-22T05:15:30.780000 CVE-2025-3617,0,0,da316bca2370a69e5382c1d8c4d9d79973059140808592dfb217f8d77be55e50,2025-04-17T18:15:51.653000 CVE-2025-3618,0,0,304b127c053921d914e116b0c3d51c4ee5b2fd33efb8ce7a0d299de12188b505,2025-04-17T18:15:51.763000 CVE-2025-3619,0,0,293c2369eeb799ada0ad11425c8ed32f87c6c646f1c3261326f845aaabedeeb8,2025-04-17T20:21:48.243000 @@ -290803,6 +290806,7 @@ CVE-2025-3807,0,0,af5b149b4d9b3a1ad51711ad822d2a4577361ac3493f47accf76f1d1ca2b61 CVE-2025-3808,0,0,e24cd26de1a0798c7deb0307b5d30a0d75bc7706a966e2ceb72ebe92e3982a45,2025-04-21T14:23:45.950000 CVE-2025-3809,0,0,9bf22538349ba13c47b1891d7b2996c2fd3db61524a4966f3cb78c7876eca705,2025-04-21T14:23:45.950000 CVE-2025-38104,0,0,aa4d841712d0c5b7862f9376f02a6295924e0da9d4fe57dd0330ac232dc5656d,2025-04-21T14:23:45.950000 +CVE-2025-3814,1,1,40609f02da5b858ba92c008a135200ab4261328e7ad8a112901de176096798dd,2025-04-22T06:15:45.210000 CVE-2025-38152,0,0,f393aa46be24a56633e7c209d76b084191cc2a700ba37622928e6b051d7db37c,2025-04-21T14:23:45.950000 CVE-2025-3816,0,0,2c7118896e88e7a78374a795d0f070a862b67eda49b16df7b5267133d9f38e1d,2025-04-21T14:23:45.950000 CVE-2025-3817,0,0,99700d87b77ea68ecf153af4a97af5eaea6c941a8ac06da569f9d2a75d0aa917,2025-04-21T14:23:45.950000