admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-05 18:30:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-04-07T22:00:20.115922+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-04-07 22:04:17 +00:00
parent 773c0f95fb
commit 8949de64ce
62 changed files with 2373 additions and 555 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
CVE-2010/CVE-2010-25xx/CVE-2010-2568.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2010-2568",
"sourceIdentifier": "secure@microsoft.com",
"published": "2010-07-22T05:43:49.703",
"lastModified": "2025-02-04T20:15:31.390",
"vulnStatus": "Modified",
"lastModified": "2025-04-07T20:33:20.543",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,26 +17,6 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -167,14 +147,15 @@
"url": "http://isc.sans.edu/diary.html?storyid=9181",
"source": "secure@microsoft.com",
"tags": [
"Broken Link"
"Exploit",
"Issue Tracking"
]
},
{
"url": "http://isc.sans.edu/diary.html?storyid=9190",
"source": "secure@microsoft.com",
"tags": [
"Broken Link"
"Issue Tracking"
]
},
{
@ -188,7 +169,6 @@
"url": "http://secunia.com/advisories/40647",
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Vendor Advisory"
]
},
@ -229,7 +209,8 @@
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
"Vendor Advisory",
"Broken Link"
]
},
{
@ -276,14 +257,15 @@
"url": "http://isc.sans.edu/diary.html?storyid=9181",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
"Exploit",
"Issue Tracking"
]
},
{
"url": "http://isc.sans.edu/diary.html?storyid=9190",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
"Issue Tracking"
]
},
{
@ -297,7 +279,6 @@
"url": "http://secunia.com/advisories/40647",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
]
},
@ -338,7 +319,8 @@
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
"Vendor Advisory",
"Broken Link"
]
},
{

24
CVE-2014/CVE-2014-17xx/CVE-2014-1761.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2014-1761",
"sourceIdentifier": "secure@microsoft.com",
"published": "2014-03-25T13:24:01.067",
"lastModified": "2025-02-10T20:15:35.730",
"vulnStatus": "Modified",
"lastModified": "2025-04-07T20:34:47.867",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,26 +17,6 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",

4
CVE-2014/CVE-2014-18xx/CVE-2014-1812.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2014-1812",
"sourceIdentifier": "secure@microsoft.com",
"published": "2014-05-14T11:13:06.630",
"lastModified": "2025-02-10T21:15:11.147",
"vulnStatus": "Modified",
"lastModified": "2025-04-07T20:17:06.420",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

24
CVE-2014/CVE-2014-41xx/CVE-2014-4113.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2014-4113",
"sourceIdentifier": "secure@microsoft.com",
"published": "2014-10-15T10:55:07.473",
"lastModified": "2025-02-10T19:15:33.243",
"vulnStatus": "Modified",
"lastModified": "2025-04-07T20:17:54.333",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,26 +17,6 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",

24
CVE-2014/CVE-2014-41xx/CVE-2014-4114.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2014-4114",
"sourceIdentifier": "secure@microsoft.com",
"published": "2014-10-15T10:55:07.817",
"lastModified": "2025-02-10T20:15:36.220",
"vulnStatus": "Modified",
"lastModified": "2025-04-07T20:26:35.107",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,26 +17,6 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",

24
CVE-2014/CVE-2014-63xx/CVE-2014-6324.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2014-6324",
"sourceIdentifier": "secure@microsoft.com",
"published": "2014-11-18T23:59:02.503",
"lastModified": "2025-02-10T20:15:36.630",
"vulnStatus": "Modified",
"lastModified": "2025-04-07T20:27:07.627",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,26 +17,6 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",

4
CVE-2014/CVE-2014-63xx/CVE-2014-6332.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2014-6332",
"sourceIdentifier": "secure@microsoft.com",
"published": "2014-11-11T22:55:05.200",
"lastModified": "2025-02-10T21:15:11.510",
"vulnStatus": "Modified",
"lastModified": "2025-04-07T20:26:53.360",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2015/CVE-2015-16xx/CVE-2015-1635.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2015-1635",
"sourceIdentifier": "secure@microsoft.com",
"published": "2015-04-14T20:59:01.263",
"lastModified": "2025-02-10T22:15:30.040",
"vulnStatus": "Modified",
"lastModified": "2025-04-07T20:27:26.897",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

24
CVE-2015/CVE-2015-16xx/CVE-2015-1671.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2015-1671",
"sourceIdentifier": "secure@microsoft.com",
"published": "2015-05-13T10:59:03.910",
"lastModified": "2025-02-10T18:15:21.813",
"vulnStatus": "Modified",
"lastModified": "2025-04-07T20:28:02.790",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,26 +17,6 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",

4
CVE-2015/CVE-2015-17xx/CVE-2015-1769.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2015-1769",
"sourceIdentifier": "secure@microsoft.com",
"published": "2015-08-15T00:59:01.467",
"lastModified": "2025-02-10T21:15:12.377",
"vulnStatus": "Modified",
"lastModified": "2025-04-07T20:29:17.100",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2015/CVE-2015-23xx/CVE-2015-2360.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2015-2360",
"sourceIdentifier": "secure@microsoft.com",
"published": "2015-06-10T01:59:38.890",
"lastModified": "2025-02-10T21:15:12.540",
"vulnStatus": "Modified",
"lastModified": "2025-04-07T20:28:31.007",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

24
CVE-2015/CVE-2015-24xx/CVE-2015-2424.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2015-2424",
"sourceIdentifier": "secure@microsoft.com",
"published": "2015-07-14T21:59:35.987",
"lastModified": "2025-02-10T20:15:38.210",
"vulnStatus": "Modified",
"lastModified": "2025-04-07T20:28:46.377",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,26 +17,6 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",

4
CVE-2015/CVE-2015-24xx/CVE-2015-2426.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2015-2426",
"sourceIdentifier": "secure@microsoft.com",
"published": "2015-07-20T18:59:01.210",
"lastModified": "2025-02-10T21:15:12.760",
"vulnStatus": "Modified",
"lastModified": "2025-04-07T20:29:03.730",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

8
CVE-2015/CVE-2015-25xx/CVE-2015-2546.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2015-2546",
"sourceIdentifier": "secure@microsoft.com",
"published": "2015-09-09T00:59:53.207",
"lastModified": "2025-02-10T21:15:12.980",
"vulnStatus": "Modified",
"lastModified": "2025-04-07T20:30:13.950",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -99,8 +99,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0"
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:*:*",
"matchCriteriaId": "542DAEEC-73CC-46C6-A630-BF474A3446AC"
},
{
"vulnerable": true,

4
CVE-2016/CVE-2016-01xx/CVE-2016-0151.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-0151",
"sourceIdentifier": "secure@microsoft.com",
"published": "2016-04-12T23:59:15.890",
"lastModified": "2025-02-10T17:15:10.453",
"vulnStatus": "Modified",
"lastModified": "2025-04-07T20:30:50.683",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

12
CVE-2016/CVE-2016-01xx/CVE-2016-0165.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-0165",
"sourceIdentifier": "secure@microsoft.com",
"published": "2016-04-12T23:59:28.303",
"lastModified": "2025-02-10T17:15:10.867",
"vulnStatus": "Modified",
"lastModified": "2025-04-07T20:31:55.850",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -109,13 +109,13 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0"
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:*:*",
"matchCriteriaId": "542DAEEC-73CC-46C6-A630-BF474A3446AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*",
"matchCriteriaId": "232581CC-130A-4C62-A7E9-2EC9A9364D53"
"criteria": "cpe:2.3:o:microsoft:windows_10_1511:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E43B1A3-8DAF-4FB5-9549-190E1F2AD9E6"
},
{
"vulnerable": true,

4
CVE-2016/CVE-2016-71xx/CVE-2016-7193.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-7193",
"sourceIdentifier": "secure@microsoft.com",
"published": "2016-10-14T02:59:38.013",
"lastModified": "2025-02-04T14:15:28.307",
"vulnStatus": "Modified",
"lastModified": "2025-04-07T20:35:36.113",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2016/CVE-2016-72xx/CVE-2016-7256.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-7256",
"sourceIdentifier": "secure@microsoft.com",
"published": "2016-11-10T07:00:10.537",
"lastModified": "2025-02-10T17:15:13.110",
"vulnStatus": "Modified",
"lastModified": "2025-04-07T20:35:59.847",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2017/CVE-2017-118xx/CVE-2017-11882.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-11882",
"sourceIdentifier": "secure@microsoft.com",
"published": "2017-11-15T03:29:01.890",
"lastModified": "2025-02-10T20:15:39.360",
"vulnStatus": "Modified",
"lastModified": "2025-04-07T20:38:31.667",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2017/CVE-2017-85xx/CVE-2017-8540.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-8540",
"sourceIdentifier": "secure@microsoft.com",
"published": "2017-05-26T20:29:00.427",
"lastModified": "2025-02-10T20:15:39.783",
"vulnStatus": "Modified",
"lastModified": "2025-04-07T20:36:38.880",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

55
CVE-2018/CVE-2018-86xx/CVE-2018-8653.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-8653",
"sourceIdentifier": "secure@microsoft.com",
"published": "2018-12-20T13:29:00.327",
"lastModified": "2025-02-07T17:15:14.413",
"vulnStatus": "Modified",
"lastModified": "2025-04-07T20:45:06.967",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -18,8 +18,8 @@
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
@ -36,15 +36,13 @@
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
}
],
"cvssMetricV30": [
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
@ -187,33 +185,33 @@
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0"
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:*:*",
"matchCriteriaId": "542DAEEC-73CC-46C6-A630-BF474A3446AC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
"matchCriteriaId": "E01A4CCA-4C43-46E0-90E6-3E4DBFBACD64"
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A637D6-78D0-400D-82A4-FDEFCED069B1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*",
"matchCriteriaId": "AEE2E768-0F45-46E1-B6D7-087917109D98"
"criteria": "cpe:2.3:o:microsoft:windows_10_1703:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17A026A3-F59C-48F5-9834-5FB054642136"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*",
"matchCriteriaId": "83B14968-3985-43C3-ACE5-8307196EFAE3"
"criteria": "cpe:2.3:o:microsoft:windows_10_1709:*:*:*:*:*:*:*:*",
"matchCriteriaId": "180EBE38-18CF-4298-8F9B-9457A31E2FF3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*",
"matchCriteriaId": "7CB85C75-4D35-480E-843D-60579EC75FCB"
"criteria": "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:*:*",
"matchCriteriaId": "102319F6-1C4B-4359-8FFD-D104FF5B1C51"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*",
"matchCriteriaId": "6B8F3DD2-A145-4AF1-8545-CC42892DA3D1"
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E2A7014-8078-4C40-91E3-ACA60A98AC68"
},
{
"vulnerable": false,
@ -230,6 +228,11 @@
"criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
@ -256,7 +259,8 @@
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
"VDB Entry",
"Broken Link"
]
},
{
@ -272,7 +276,8 @@
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
"VDB Entry",
"Broken Link"
]
},
{

4
CVE-2020/CVE-2020-10xx/CVE-2020-1040.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-1040",
"sourceIdentifier": "secure@microsoft.com",
"published": "2020-07-14T23:15:11.683",
"lastModified": "2025-02-04T22:15:38.107",
"vulnStatus": "Modified",
"lastModified": "2025-04-07T20:09:18.170",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

32
CVE-2021/CVE-2021-468xx/CVE-2021-46872.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-46872",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-01-13T06:15:10.940",
"lastModified": "2024-11-21T06:34:49.547",
"lastModified": "2025-04-07T20:15:17.223",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-452xx/CVE-2022-45299.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45299",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-01-13T21:15:15.600",
"lastModified": "2024-11-21T07:29:01.777",
"lastModified": "2025-04-07T20:15:18.080",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-22"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-460xx/CVE-2022-46093.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-46093",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-01-13T22:15:14.540",
"lastModified": "2024-11-21T07:30:07.500",
"lastModified": "2025-04-07T20:15:18.297",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 4.2
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-469xx/CVE-2022-46950.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-46950",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-01-13T20:15:10.923",
"lastModified": "2024-11-21T07:31:19.237",
"lastModified": "2025-04-07T20:15:18.540",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-469xx/CVE-2022-46953.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-46953",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-01-13T20:15:11.443",
"lastModified": "2024-11-21T07:31:19.770",
"lastModified": "2025-04-07T20:15:18.730",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-469xx/CVE-2022-46955.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-46955",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-01-13T20:15:11.700",
"lastModified": "2024-11-21T07:31:20.147",
"lastModified": "2025-04-07T20:15:18.910",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-469xx/CVE-2022-46956.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-46956",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-01-13T20:15:11.923",
"lastModified": "2024-11-21T07:31:20.333",
"lastModified": "2025-04-07T20:15:19.120",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-480xx/CVE-2022-48090.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-48090",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-01-13T19:15:11.193",
"lastModified": "2024-11-21T07:32:49.380",
"lastModified": "2025-04-07T20:15:19.360",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

21
CVE-2024/CVE-2024-464xx/CVE-2024-46494.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-46494",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-07T20:15:19.950",
"lastModified": "2025-04-07T20:15:19.950",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in Typecho v1.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into Name parameter under a comment for an Article."
}
],
"metrics": {},
"references": [
{
"url": "https://h40vv3n.github.io/2024/09/05/typecho-xss/",
"source": "cve@mitre.org"
}
]
}

39
CVE-2024/CVE-2024-527xx/CVE-2024-52788.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-52788",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-19T17:15:56.267",
"lastModified": "2024-11-22T17:15:10.490",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-07T20:03:00.323",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:w9_firmware:1.0.0.7\\(4456\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2C2E04EE-4493-4CCB-9EB6-7E0D033920A1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:w9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D015C5A3-DF6D-45B7-B669-9CCD50C5E704"
}
]
}
]
}
],
"references": [
{
"url": "https://colorful-meadow-5b9.notion.site/W9_HardCode_vuln-13dc216a1c30800fb31bdcdca7345ec3",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"Exploit"
]
}
]
}

6
CVE-2025/CVE-2025-15xx/CVE-2025-1534.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-1534",
"sourceIdentifier": "769c9ae7-73c3-4e47-ae19-903170fc3eb8",
"published": "2025-04-01T04:15:44.170",
"lastModified": "2025-04-03T18:15:44.637",
"lastModified": "2025-04-07T21:15:41.667",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -81,6 +81,10 @@
{
"url": "https://docs.payara.fish/enterprise/docs/Release%20Notes/Release%20Notes%206.24.0.html",
"source": "769c9ae7-73c3-4e47-ae19-903170fc3eb8"
},
{
"url": "https://www.gruppotim.it/it/footer/red-team.html",
"source": "769c9ae7-73c3-4e47-ae19-903170fc3eb8"
}
]
}

64
CVE-2025/CVE-2025-20xx/CVE-2025-2076.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2076",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-03-12T04:15:18.800",
"lastModified": "2025-03-12T04:15:18.800",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-04-07T20:51:08.497",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.3,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
@ -49,16 +69,50 @@
"value": "CWE-79"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gnarf:binlayerpress:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.1",
"matchCriteriaId": "19367E17-9CF8-4DB0-9642-77C180880029"
}
]
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/binlayerpress/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4af920a9-15fb-44c9-be31-7c9ed5bc2031?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

95
CVE-2025/CVE-2025-23xx/CVE-2025-2369.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2369",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-17T09:15:12.653",
"lastModified": "2025-03-17T09:15:12.653",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-07T20:47:37.110",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -63,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
@ -80,6 +80,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -122,28 +142,87 @@
"value": "CWE-121"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:totolink:ex1800t_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.1.0cu.2112_b20220316",
"matchCriteriaId": "B2C00CB5-7010-460C-9C8C-A207C929D53C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:totolink:ex1800t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4ECDCF8F-01EE-4B54-AE5F-8793D54BB5A2"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/kn0sky/cve/blob/main/TOTOLINK%20EX1800T/Stack-based%20Buffer%20Overflow%2002%20setPasswordCfg-_admpass.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.299868",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.299868",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.515328",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.totolink.net/",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Product"
]
}
]
}

95
CVE-2025/CVE-2025-23xx/CVE-2025-2370.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2370",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-17T09:15:13.510",
"lastModified": "2025-03-17T09:15:13.510",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-07T20:43:25.040",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -63,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
@ -80,6 +80,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -122,28 +142,87 @@
"value": "CWE-121"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:totolink:ex1800t_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.1.0cu.2112_b20220316",
"matchCriteriaId": "B2C00CB5-7010-460C-9C8C-A207C929D53C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:totolink:ex1800t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4ECDCF8F-01EE-4B54-AE5F-8793D54BB5A2"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/kn0sky/cve/blob/main/TOTOLINK%20EX1800T/Stack-based%20Buffer%20Overflow%2003%20setWiFiExtenderConfig-_apcliSsid.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.299869",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.299869",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.515329",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.totolink.net/",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Product"
]
}
]
}

88
CVE-2025/CVE-2025-23xx/CVE-2025-2385.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2385",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-17T17:15:41.287",
"lastModified": "2025-03-17T18:15:22.493",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-07T20:34:51.867",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -80,6 +80,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -122,32 +142,84 @@
"value": "CWE-89"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:code-projects:modern_bag:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "110DBD1C-815F-434C-93E3-DF3663C9BB1F"
}
]
}
]
}
],
"references": [
{
"url": "https://code-projects.org/",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/MiniSweetBeen/src/issues/2",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory",
"Issue Tracking"
]
},
{
"url": "https://vuldb.com/?ctiid.299884",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.299884",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.516544",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://github.com/MiniSweetBeen/src/issues/2",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory",
"Issue Tracking"
]
}
]
}

86
CVE-2025/CVE-2025-24xx/CVE-2025-2419.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2419",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-17T22:15:15.450",
"lastModified": "2025-03-18T14:15:45.067",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-07T20:07:48.273",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -80,6 +80,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [
@ -122,32 +142,82 @@
"value": "CWE-89"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fabianros:real_estate_property_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8974B5B-08CE-4EDC-8B76-7074DD336CE2"
}
]
}
]
}
],
"references": [
{
"url": "https://code-projects.org/",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/heiheiworld/cve/blob/main/cve-h.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.299916",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"VDB Entry",
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.299916",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.516999",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://github.com/heiheiworld/cve/blob/main/cve-h.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

27
CVE-2025/CVE-2025-259xx/CVE-2025-25914.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-25914",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-17T20:15:14.013",
"lastModified": "2025-03-18T16:15:27.773",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-07T20:31:44.523",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:carmelogarcia:online_exam_mastering_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CBE0D98A-8407-4C1B-9A52-8C571F31DF8A"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/872323857/CVE/blob/main/online-exam-mastering-system_sqlinject.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

50
CVE-2025/CVE-2025-282xx/CVE-2025-28253.json
View File

@ -2,55 +2,15 @@
"id": "CVE-2025-28253",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-27T23:15:34.867",
"lastModified": "2025-03-28T18:11:40.180",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-07T20:15:20.173",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Scripting (XSS) vulnerability in MainWP MainWP Dashboard v5.3.4 exists in class/class-mainwp-post-handler.php, where unsanitized user input from $_POST['sites'], $_POST['clients'], and $_POST['search'] is passed into the MainWP_User::render_table function. Despite using sanitize_text_field and wp_unslash, the values are not adequately protected against HTML or script injection. This flaw could allow an attacker to inject malicious scripts."
"value": "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/edwin-0990/CVE_ID/tree/main/CVE-2025-28253",
"source": "cve@mitre.org"
}
]
"metrics": {},
"references": []
}

21
CVE-2025/CVE-2025-290xx/CVE-2025-29087.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2025-29087",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-07T20:15:20.253",
"lastModified": "2025-04-07T20:15:20.253",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sqlite 3.49.0 is susceptible to integer overflow through the concat function."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/ylwango613/a44a29f1ef074fa783e29f04a0afd62a",
"source": "cve@mitre.org"
}
]
}

21
CVE-2025/CVE-2025-294xx/CVE-2025-29478.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2025-29478",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-07T20:15:20.373",
"lastModified": "2025-04-07T20:15:20.373",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the cfl_list_size in cfl_list.h:165."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/lmarch2/poc/blob/main/fluent-bit/fluent-bit.md",
"source": "cve@mitre.org"
}
]
}

21
CVE-2025/CVE-2025-294xx/CVE-2025-29479.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2025-29479",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-07T20:15:20.490",
"lastModified": "2025-04-07T20:15:20.490",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow in hiredis 1.2.0 allows a local attacker to cause a denial of service via the sdscatlen function."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/lmarch2/poc/blob/main/hiredis/hiredis.md",
"source": "cve@mitre.org"
}
]
}

21
CVE-2025/CVE-2025-294xx/CVE-2025-29480.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2025-29480",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-07T20:15:20.607",
"lastModified": "2025-04-07T20:15:20.607",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability in gdal 3.10.2 allows a local attacker to cause a denial of service via the OGRSpatialReference::Release function."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/lmarch2/poc/blob/main/gdal/gdal.md",
"source": "cve@mitre.org"
}
]
}

21
CVE-2025/CVE-2025-294xx/CVE-2025-29481.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2025-29481",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-07T20:15:20.720",
"lastModified": "2025-04-07T20:15:20.720",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability in libbpf 1.5.0 allows a local attacker to execute arbitrary code via the bpf_object__init_prog` function of libbpf."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/lmarch2/poc/blob/main/libbpf/libbpf.md",
"source": "cve@mitre.org"
}
]
}

21
CVE-2025/CVE-2025-294xx/CVE-2025-29482.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2025-29482",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-07T20:15:20.847",
"lastModified": "2025-04-07T20:15:20.847",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability in libheif 1.19.7 allows a local attacker to execute arbitrary code via the SAO (Sample Adaptive Offset) processing of libde265."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/lmarch2/poc/blob/main/libheif/libheif.md",
"source": "cve@mitre.org"
}
]
}

25
CVE-2025/CVE-2025-295xx/CVE-2025-29594.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2025-29594",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-07T20:15:20.963",
"lastModified": "2025-04-07T20:15:20.963",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability exists in the errorpage.php file of the CS2-WeaponPaints-Website v2.1.7 where user-controlled input is not adequately validated before being processed. Specifically, the $_GET['errorcode'] parameter can be manipulated to access unauthorized error codes, leading to Cross-Site Scripting (XSS) attacks and information disclosure."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/J4cky1028/vulnerability-research/tree/main/CVE-2025-29594",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/LielXD/CS2-WeaponPaints-Website/blob/b1d8364c1cbcab6981a564d8abe43b1cc26a2503/errorpage.php#L41",
"source": "cve@mitre.org"
}
]
}

94
CVE-2025/CVE-2025-297xx/CVE-2025-29769.json Normal file
View File

@ -0,0 +1,94 @@
{
"id": "CVE-2025-29769",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-04-07T20:15:21.090",
"lastModified": "2025-04-07T20:15:21.090",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "libvips is a demand-driven, horizontally threaded image processing library. The heifsave operation could incorrectly determine the presence of an alpha channel in an input when it was not possible to determine the colour interpretation, known internally within libvips as \"multiband\". There aren't many ways to create a \"multiband\" input, but it is possible with a well-crafted TIFF image. If a \"multiband\" TIFF input image had 4 channels and HEIF-based output was requested, this led to libvips creating a 3 channel HEIF image without an alpha channel but then attempting to write 4 channels of data. This caused a heap buffer overflow, which could crash the process. This vulnerability is fixed in 8.16.1."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://github.com/libvips/libvips/commit/9ab6784f693de50b00fa535b9efbbe9d2cbf71f2",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/libvips/libvips/pull/4392",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/libvips/libvips/pull/4394",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/libvips/libvips/security/advisories/GHSA-f8r8-43hh-rghm",
"source": "security-advisories@github.com"
},
{
"url": "https://issues.oss-fuzz.com/issues/396460413",
"source": "security-advisories@github.com"
}
]
}

60
CVE-2025/CVE-2025-314xx/CVE-2025-31496.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-31496",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-04-07T21:15:42.720",
"lastModified": "2025-04-07T21:15:42.720",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "apollo-compiler is a query-based compiler for the GraphQL query language. Prior to 1.27.0, a vulnerability in Apollo Compiler allowed queries with deeply nested and reused named fragments to be prohibitively expensive to validate. Named fragments were being processed once per fragment spread in some cases during query validation, leading to exponential resource usage when deeply nested and reused fragments were involved. This could lead to excessive resource consumption and denial of service in applications. This vulnerability is fixed in 1.27.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"references": [
{
"url": "https://github.com/apollographql/apollo-rs/pull/952",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/apollographql/apollo-rs/security/advisories/GHSA-7mpv-9xg6-5r79",
"source": "security-advisories@github.com"
}
]
}

86
CVE-2025/CVE-2025-320xx/CVE-2025-32029.json Normal file
View File

@ -0,0 +1,86 @@
{
"id": "CVE-2025-32029",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-04-07T21:15:42.880",
"lastModified": "2025-04-07T21:15:42.880",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ts-asn1-der is a collection of utility classes to encode ASN.1 data following DER rule. Incorrect number DER encoding can lead to denial on service for absolute values in the range 2**31 -- 2**32 - 1. The arithmetic in the numBitLen didn't take into account that values in this range could result in a negative result upon applying the >> operator, leading to an infinite loop. The issue is patched in version 1.0.4. If upgrading is not an option, the issue can be mitigated by validating inputs to Asn1Integer to ensure that they are not smaller than -2**31 + 1 and no larger than 2**31 - 1."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-835"
},
{
"lang": "en",
"value": "CWE-1335"
}
]
}
],
"references": [
{
"url": "https://github.com/ApelegHQ/ts-asn1-der/commit/b2bc9032cbe19755d234a27d79e47a7e52993af8",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/ApelegHQ/ts-asn1-der/security/advisories/GHSA-p4qw-7j9g-5h53",
"source": "security-advisories@github.com"
}
]
}

64
CVE-2025/CVE-2025-320xx/CVE-2025-32030.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2025-32030",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-04-07T21:15:43.037",
"lastModified": "2025-04-07T21:15:43.037",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Apollo Gateway provides utilities for combining multiple GraphQL microservices into a single GraphQL endpoint. Prior to 2.10.1, a vulnerability in Apollo Gateway allowed queries with deeply nested and reused named fragments to be prohibitively expensive to query plan, specifically during named fragment expansion. Named fragments were being expanded once per fragment spread during query planning, leading to exponential resource usage when deeply nested and reused fragments were involved. This could lead to excessive resource consumption and denial of service. This has been remediated in @apollo/gateway version 2.10.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"references": [
{
"url": "https://github.com/apollographql/federation/pull/3236",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/apollographql/federation/releases/tag/%40apollo%2Fgateway%402.10.1",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/apollographql/federation/security/advisories/GHSA-q2f9-x4p4-7xmh",
"source": "security-advisories@github.com"
}
]
}

64
CVE-2025/CVE-2025-320xx/CVE-2025-32031.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2025-32031",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-04-07T21:15:43.220",
"lastModified": "2025-04-07T21:15:43.220",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Apollo Gateway provides utilities for combining multiple GraphQL microservices into a single GraphQL endpoint. Prior to 2.10.1, a vulnerability in Apollo Gateway allowed queries with deeply nested and reused named fragments to be prohibitively expensive to query plan, specifically due to internal optimizations being frequently bypassed. The query planner includes an optimization that significantly speeds up planning for applicable GraphQL selections. However, queries with deeply nested and reused named fragments can generate many selections where this optimization does not apply, leading to significantly longer planning times. Because the query planner does not enforce a timeout, a small number of such queries can render gateway inoperable. This could lead to excessive resource consumption and denial of service. This has been remediated in @apollo/gateway version 2.10.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"references": [
{
"url": "https://github.com/apollographql/federation/pull/3236",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/apollographql/federation/releases/tag/%40apollo%2Fgateway%402.10.1",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/apollographql/federation/security/advisories/GHSA-p2q6-pwh5-m6jr",
"source": "security-advisories@github.com"
}
]
}

64
CVE-2025/CVE-2025-320xx/CVE-2025-32032.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2025-32032",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-04-07T21:15:43.363",
"lastModified": "2025-04-07T21:15:43.363",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Apollo Router Core is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. A vulnerability in Apollo Router allowed queries with deeply nested and reused named fragments to be prohibitively expensive to query plan, specifically due to internal optimizations being frequently bypassed. The query planner includes an optimization that significantly speeds up planning for applicable GraphQL selections. However, queries with deeply nested and reused named fragments can generate many selections where this optimization does not apply, leading to significantly longer planning times. Because the query planner does not enforce a timeout, a small number of such queries can exhaust router's thread pool, rendering it inoperable. This could lead to excessive resource consumption and denial of service. This has been remediated in apollo-router versions 1.61.2 and 2.1.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"references": [
{
"url": "https://github.com/apollographql/router/commit/ab6675a63174715ea6ff50881fc957831d4e9564",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/apollographql/router/commit/bba032e183b861348a466d3123c7137a1ae18952",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/apollographql/router/security/advisories/GHSA-94hh-jmq8-2fgp",
"source": "security-advisories@github.com"
}
]
}

64
CVE-2025/CVE-2025-320xx/CVE-2025-32033.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2025-32033",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-04-07T21:15:43.527",
"lastModified": "2025-04-07T21:15:43.527",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Apollo Router Core is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. Prior to 1.61.2 and 2.1.1, the operation limits plugin uses unsigned 32-bit integers to track limit counters (e.g. for a query's height). If a counter exceeded the maximum value for this data type (4,294,967,295), it wrapped around to 0, unintentionally allowing queries to bypass configured thresholds. This could occur for large queries if the payload limit were sufficiently increased, but could also occur for small queries with deeply nested and reused named fragments. This has been remediated in apollo-router versions 1.61.2 and 2.1.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"references": [
{
"url": "https://github.com/apollographql/router/commit/ab6675a63174715ea6ff50881fc957831d4e9564",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/apollographql/router/commit/bba032e183b861348a466d3123c7137a1ae18952",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/apollographql/router/security/advisories/GHSA-84m6-5m72-45fp",
"source": "security-advisories@github.com"
}
]
}

64
CVE-2025/CVE-2025-320xx/CVE-2025-32034.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2025-32034",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-04-07T21:15:43.690",
"lastModified": "2025-04-07T21:15:43.690",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Apollo Router Core is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. Prior to 1.61.2 and 2.1.1, a vulnerability in Apollo Router allowed queries with deeply nested and reused named fragments to be prohibitively expensive to query plan, specifically during named fragment expansion. Named fragments were being expanded once per fragment spread during query planning, leading to exponential resource usage when deeply nested and reused fragments were involved. This could lead to excessive resource consumption and denial of service. This has been remediated in apollo-router versions 1.61.2 and 2.1.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"references": [
{
"url": "https://github.com/apollographql/router/commit/ab6675a63174715ea6ff50881fc957831d4e9564",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/apollographql/router/commit/bba032e183b861348a466d3123c7137a1ae18952",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/apollographql/router/security/advisories/GHSA-75m2-jhh5-j5g2",
"source": "security-advisories@github.com"
}
]
}

10
CVE-2025/CVE-2025-33xx/CVE-2025-3380.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-3380",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-07T19:15:57.747",
"lastModified": "2025-04-07T19:15:57.747",
"lastModified": "2025-04-07T20:15:21.640",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -59,7 +59,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +107,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -136,6 +136,10 @@
{
"url": "https://vuldb.com/?submit.552342",
"source": "cna@vuldb.com"
},
{
"url": "https://fitoxs.com/exploit/exploit-c926c69a41d2fce207cf3a3b789b7a79.txt",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

137
CVE-2025/CVE-2025-33xx/CVE-2025-3381.json Normal file
View File

@ -0,0 +1,137 @@
{
"id": "CVE-2025-3381",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-07T20:15:21.760",
"lastModified": "2025-04-07T20:15:21.760",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in zhangyanbo2007 youkefu 4.2.0. This affects an unknown part of the file WebIMController.java of the component File Upload. The manipulation of the argument ID leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 6.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://github.com/mapl3miss/uckefuVul/blob/main/uckefu-upload.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.303627",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.303627",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.552369",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2025/CVE-2025-33xx/CVE-2025-3382.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-3382",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-07T20:15:21.943",
"lastModified": "2025-04-07T20:15:21.943",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in joey-zhou xiaozhi-esp32-server-java up to a14fe8115842ee42ab5c7a51706b8a85db5200b7 and classified as critical. This vulnerability affects the function update of the file /api/user/update. The manipulation of the argument state leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 6.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/exp3n5ive/Vul/blob/main/xiaozhi-sqli/xiaozhi-sqli.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.303628",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.303628",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.552387",
"source": "cna@vuldb.com"
}
]
}

145
CVE-2025/CVE-2025-33xx/CVE-2025-3383.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-3383",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-07T21:15:43.850",
"lastModified": "2025-04-07T21:15:43.850",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in SourceCodester Web-based Pharmacy Product Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /search/search_sales.php. The manipulation of the argument Name leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/Colorado-all/cve/blob/main/Web-based%20Pharmacy%20Product%20Management%20System/SQL-1.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.303629",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.303629",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.552388",
"source": "cna@vuldb.com"
},
{
"url": "https://www.sourcecodester.com/",
"source": "cna@vuldb.com"
}
]
}

145
CVE-2025/CVE-2025-33xx/CVE-2025-3384.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-3384",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-07T21:15:44.053",
"lastModified": "2025-04-07T21:15:44.053",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in 1000 Projects Human Resource Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /controller/employee.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://1000projects.org/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/onupset/CVE/issues/7",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.303630",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.303630",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.552447",
"source": "cna@vuldb.com"
}
]
}

85
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-04-07T20:00:20.637877+00:00
2025-04-07T22:00:20.115922+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-04-07T19:58:25.270000+00:00
2025-04-07T21:15:44.053000+00:00
```
### Last Data Feed Release
@ -33,49 +33,64 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
288880
288900
```
### CVEs added in the last Commit
Recently added CVEs: `5`
Recently added CVEs: `20`
- [CVE-2024-38797](CVE-2024/CVE-2024-387xx/CVE-2024-38797.json) (`2025-04-07T18:15:45.337`)
- [CVE-2025-3377](CVE-2025/CVE-2025-33xx/CVE-2025-3377.json) (`2025-04-07T18:15:45.733`)
- [CVE-2025-3378](CVE-2025/CVE-2025-33xx/CVE-2025-3378.json) (`2025-04-07T18:15:45.923`)
- [CVE-2025-3379](CVE-2025/CVE-2025-33xx/CVE-2025-3379.json) (`2025-04-07T19:15:57.533`)
- [CVE-2025-3380](CVE-2025/CVE-2025-33xx/CVE-2025-3380.json) (`2025-04-07T19:15:57.747`)
- [CVE-2024-46494](CVE-2024/CVE-2024-464xx/CVE-2024-46494.json) (`2025-04-07T20:15:19.950`)
- [CVE-2025-29087](CVE-2025/CVE-2025-290xx/CVE-2025-29087.json) (`2025-04-07T20:15:20.253`)
- [CVE-2025-29478](CVE-2025/CVE-2025-294xx/CVE-2025-29478.json) (`2025-04-07T20:15:20.373`)
- [CVE-2025-29479](CVE-2025/CVE-2025-294xx/CVE-2025-29479.json) (`2025-04-07T20:15:20.490`)
- [CVE-2025-29480](CVE-2025/CVE-2025-294xx/CVE-2025-29480.json) (`2025-04-07T20:15:20.607`)
- [CVE-2025-29481](CVE-2025/CVE-2025-294xx/CVE-2025-29481.json) (`2025-04-07T20:15:20.720`)
- [CVE-2025-29482](CVE-2025/CVE-2025-294xx/CVE-2025-29482.json) (`2025-04-07T20:15:20.847`)
- [CVE-2025-29594](CVE-2025/CVE-2025-295xx/CVE-2025-29594.json) (`2025-04-07T20:15:20.963`)
- [CVE-2025-29769](CVE-2025/CVE-2025-297xx/CVE-2025-29769.json) (`2025-04-07T20:15:21.090`)
- [CVE-2025-31496](CVE-2025/CVE-2025-314xx/CVE-2025-31496.json) (`2025-04-07T21:15:42.720`)
- [CVE-2025-32029](CVE-2025/CVE-2025-320xx/CVE-2025-32029.json) (`2025-04-07T21:15:42.880`)
- [CVE-2025-32030](CVE-2025/CVE-2025-320xx/CVE-2025-32030.json) (`2025-04-07T21:15:43.037`)
- [CVE-2025-32031](CVE-2025/CVE-2025-320xx/CVE-2025-32031.json) (`2025-04-07T21:15:43.220`)
- [CVE-2025-32032](CVE-2025/CVE-2025-320xx/CVE-2025-32032.json) (`2025-04-07T21:15:43.363`)
- [CVE-2025-32033](CVE-2025/CVE-2025-320xx/CVE-2025-32033.json) (`2025-04-07T21:15:43.527`)
- [CVE-2025-32034](CVE-2025/CVE-2025-320xx/CVE-2025-32034.json) (`2025-04-07T21:15:43.690`)
- [CVE-2025-3381](CVE-2025/CVE-2025-33xx/CVE-2025-3381.json) (`2025-04-07T20:15:21.760`)
- [CVE-2025-3382](CVE-2025/CVE-2025-33xx/CVE-2025-3382.json) (`2025-04-07T20:15:21.943`)
- [CVE-2025-3383](CVE-2025/CVE-2025-33xx/CVE-2025-3383.json) (`2025-04-07T21:15:43.850`)
- [CVE-2025-3384](CVE-2025/CVE-2025-33xx/CVE-2025-3384.json) (`2025-04-07T21:15:44.053`)
### CVEs modified in the last Commit
Recently modified CVEs: `155`
Recently modified CVEs: `40`
- [CVE-2025-25825](CVE-2025/CVE-2025-258xx/CVE-2025-25825.json) (`2025-04-07T18:52:38.387`)
- [CVE-2025-25827](CVE-2025/CVE-2025-258xx/CVE-2025-25827.json) (`2025-04-07T18:52:32.653`)
- [CVE-2025-2704](CVE-2025/CVE-2025-27xx/CVE-2025-2704.json) (`2025-04-07T18:15:45.560`)
- [CVE-2025-27154](CVE-2025/CVE-2025-271xx/CVE-2025-27154.json) (`2025-04-07T18:24:53.463`)
- [CVE-2025-28400](CVE-2025/CVE-2025-284xx/CVE-2025-28400.json) (`2025-04-07T19:15:55.330`)
- [CVE-2025-28401](CVE-2025/CVE-2025-284xx/CVE-2025-28401.json) (`2025-04-07T19:15:55.480`)
- [CVE-2025-29064](CVE-2025/CVE-2025-290xx/CVE-2025-29064.json) (`2025-04-07T19:15:55.633`)
- [CVE-2025-29476](CVE-2025/CVE-2025-294xx/CVE-2025-29476.json) (`2025-04-07T19:15:55.790`)
- [CVE-2025-29477](CVE-2025/CVE-2025-294xx/CVE-2025-29477.json) (`2025-04-07T19:15:55.950`)
- [CVE-2025-30401](CVE-2025/CVE-2025-304xx/CVE-2025-30401.json) (`2025-04-07T19:15:56.223`)
- [CVE-2025-31184](CVE-2025/CVE-2025-311xx/CVE-2025-31184.json) (`2025-04-07T19:15:56.553`)
- [CVE-2025-31188](CVE-2025/CVE-2025-311xx/CVE-2025-31188.json) (`2025-04-07T19:15:56.760`)
- [CVE-2025-3178](CVE-2025/CVE-2025-31xx/CVE-2025-3178.json) (`2025-04-07T19:15:57.020`)
- [CVE-2025-3179](CVE-2025/CVE-2025-31xx/CVE-2025-3179.json) (`2025-04-07T19:15:57.153`)
- [CVE-2025-3180](CVE-2025/CVE-2025-31xx/CVE-2025-3180.json) (`2025-04-07T19:15:57.290`)
- [CVE-2025-3259](CVE-2025/CVE-2025-32xx/CVE-2025-3259.json) (`2025-04-07T18:19:20.090`)
- [CVE-2025-3265](CVE-2025/CVE-2025-32xx/CVE-2025-3265.json) (`2025-04-07T18:19:07.777`)
- [CVE-2025-3266](CVE-2025/CVE-2025-32xx/CVE-2025-3266.json) (`2025-04-07T18:18:56.247`)
- [CVE-2025-3267](CVE-2025/CVE-2025-32xx/CVE-2025-3267.json) (`2025-04-07T18:18:41.523`)
- [CVE-2025-3323](CVE-2025/CVE-2025-33xx/CVE-2025-3323.json) (`2025-04-07T18:18:28.467`)
- [CVE-2025-3324](CVE-2025/CVE-2025-33xx/CVE-2025-3324.json) (`2025-04-07T18:18:32.793`)
- [CVE-2025-3328](CVE-2025/CVE-2025-33xx/CVE-2025-3328.json) (`2025-04-07T18:17:37.687`)
- [CVE-2025-3330](CVE-2025/CVE-2025-33xx/CVE-2025-3330.json) (`2025-04-07T18:17:30.230`)
- [CVE-2025-3331](CVE-2025/CVE-2025-33xx/CVE-2025-3331.json) (`2025-04-07T18:17:01.327`)
- [CVE-2025-3332](CVE-2025/CVE-2025-33xx/CVE-2025-3332.json) (`2025-04-07T18:16:40.283`)
- [CVE-2016-0165](CVE-2016/CVE-2016-01xx/CVE-2016-0165.json) (`2025-04-07T20:31:55.850`)
- [CVE-2016-7193](CVE-2016/CVE-2016-71xx/CVE-2016-7193.json) (`2025-04-07T20:35:36.113`)
- [CVE-2016-7256](CVE-2016/CVE-2016-72xx/CVE-2016-7256.json) (`2025-04-07T20:35:59.847`)
- [CVE-2017-11882](CVE-2017/CVE-2017-118xx/CVE-2017-11882.json) (`2025-04-07T20:38:31.667`)
- [CVE-2017-8540](CVE-2017/CVE-2017-85xx/CVE-2017-8540.json) (`2025-04-07T20:36:38.880`)
- [CVE-2018-8653](CVE-2018/CVE-2018-86xx/CVE-2018-8653.json) (`2025-04-07T20:45:06.967`)
- [CVE-2020-1040](CVE-2020/CVE-2020-10xx/CVE-2020-1040.json) (`2025-04-07T20:09:18.170`)
- [CVE-2021-46872](CVE-2021/CVE-2021-468xx/CVE-2021-46872.json) (`2025-04-07T20:15:17.223`)
- [CVE-2022-45299](CVE-2022/CVE-2022-452xx/CVE-2022-45299.json) (`2025-04-07T20:15:18.080`)
- [CVE-2022-46093](CVE-2022/CVE-2022-460xx/CVE-2022-46093.json) (`2025-04-07T20:15:18.297`)
- [CVE-2022-46950](CVE-2022/CVE-2022-469xx/CVE-2022-46950.json) (`2025-04-07T20:15:18.540`)
- [CVE-2022-46953](CVE-2022/CVE-2022-469xx/CVE-2022-46953.json) (`2025-04-07T20:15:18.730`)
- [CVE-2022-46955](CVE-2022/CVE-2022-469xx/CVE-2022-46955.json) (`2025-04-07T20:15:18.910`)
- [CVE-2022-46956](CVE-2022/CVE-2022-469xx/CVE-2022-46956.json) (`2025-04-07T20:15:19.120`)
- [CVE-2022-48090](CVE-2022/CVE-2022-480xx/CVE-2022-48090.json) (`2025-04-07T20:15:19.360`)
- [CVE-2024-52788](CVE-2024/CVE-2024-527xx/CVE-2024-52788.json) (`2025-04-07T20:03:00.323`)
- [CVE-2025-1534](CVE-2025/CVE-2025-15xx/CVE-2025-1534.json) (`2025-04-07T21:15:41.667`)
- [CVE-2025-2076](CVE-2025/CVE-2025-20xx/CVE-2025-2076.json) (`2025-04-07T20:51:08.497`)
- [CVE-2025-2369](CVE-2025/CVE-2025-23xx/CVE-2025-2369.json) (`2025-04-07T20:47:37.110`)
- [CVE-2025-2370](CVE-2025/CVE-2025-23xx/CVE-2025-2370.json) (`2025-04-07T20:43:25.040`)
- [CVE-2025-2385](CVE-2025/CVE-2025-23xx/CVE-2025-2385.json) (`2025-04-07T20:34:51.867`)
- [CVE-2025-2419](CVE-2025/CVE-2025-24xx/CVE-2025-2419.json) (`2025-04-07T20:07:48.273`)
- [CVE-2025-25914](CVE-2025/CVE-2025-259xx/CVE-2025-25914.json) (`2025-04-07T20:31:44.523`)
- [CVE-2025-28253](CVE-2025/CVE-2025-282xx/CVE-2025-28253.json) (`2025-04-07T20:15:20.173`)
- [CVE-2025-3380](CVE-2025/CVE-2025-33xx/CVE-2025-3380.json) (`2025-04-07T20:15:21.640`)
## Download and Usage

418
_state.csv
View File

File diff suppressed because it is too large Load Diff