From 8b0cc44e4266d4ab5a7d655fb6920d6869cf3885 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Fri, 28 Mar 2025 09:03:55 +0000 Subject: [PATCH] Auto-Update: 2025-03-28T09:00:20.020052+00:00 --- CVE-2023/CVE-2023-530xx/CVE-2023-53027.json | 17 +---- CVE-2024/CVE-2024-218xx/CVE-2024-21865.json | 16 +++- CVE-2024/CVE-2024-280xx/CVE-2024-28041.json | 4 +- CVE-2024/CVE-2024-290xx/CVE-2024-29071.json | 16 +++- CVE-2024/CVE-2024-578xx/CVE-2024-57894.json | 29 +------ CVE-2025/CVE-2025-20xx/CVE-2025-2074.json | 84 +++++++++++++++++++++ CVE-2025/CVE-2025-23xx/CVE-2025-2328.json | 64 ++++++++++++++++ CVE-2025/CVE-2025-24xx/CVE-2025-2485.json | 68 +++++++++++++++++ CVE-2025/CVE-2025-25xx/CVE-2025-2578.json | 68 +++++++++++++++++ README.md | 26 ++++--- _state.csv | 28 ++++--- 11 files changed, 350 insertions(+), 70 deletions(-) create mode 100644 CVE-2025/CVE-2025-20xx/CVE-2025-2074.json create mode 100644 CVE-2025/CVE-2025-23xx/CVE-2025-2328.json create mode 100644 CVE-2025/CVE-2025-24xx/CVE-2025-2485.json create mode 100644 CVE-2025/CVE-2025-25xx/CVE-2025-2578.json diff --git a/CVE-2023/CVE-2023-530xx/CVE-2023-53027.json b/CVE-2023/CVE-2023-530xx/CVE-2023-53027.json index 376a2ec8573..a67af9702d8 100644 --- a/CVE-2023/CVE-2023-530xx/CVE-2023-53027.json +++ b/CVE-2023/CVE-2023-530xx/CVE-2023-53027.json @@ -2,24 +2,15 @@ "id": "CVE-2023-53027", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2025-03-27T17:15:52.387", - "lastModified": "2025-03-27T17:15:52.387", - "vulnStatus": "Received", + "lastModified": "2025-03-28T07:15:37.860", + "vulnStatus": "Rejected", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nerofs: fix kvcalloc() misuse with __GFP_NOFAIL\n\nAs reported by syzbot [1], kvcalloc() cannot work with __GFP_NOFAIL.\nLet's use kcalloc() instead.\n\n[1] https://lore.kernel.org/r/0000000000007796bd05f1852ec2@google.com" + "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ], "metrics": {}, - "references": [ - { - "url": "https://git.kernel.org/stable/c/12724ba38992bd045e92a9a88a868a530f89d13e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/7b28a8920844042ca9f44934d8f15d210ef42c75", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - } - ] + "references": [] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-218xx/CVE-2024-21865.json b/CVE-2024/CVE-2024-218xx/CVE-2024-21865.json index 14d2a9dcdf3..9dd5b8d0d8b 100644 --- a/CVE-2024/CVE-2024-218xx/CVE-2024-21865.json +++ b/CVE-2024/CVE-2024-218xx/CVE-2024-21865.json @@ -2,7 +2,7 @@ "id": "CVE-2024-21865", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-03-25T05:15:50.863", - "lastModified": "2024-11-21T08:55:08.667", + "lastModified": "2025-03-28T08:15:13.337", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -40,9 +40,19 @@ ] }, "weaknesses": [ + { + "source": "vultures@jpcert.or.jp", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-1391" + } + ] + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", + "type": "Primary", "description": [ { "lang": "en", @@ -57,7 +67,7 @@ "source": "vultures@jpcert.or.jp" }, { - "url": "https://www.au.com/support/service/internet/guide/modem/bl1500hm/firmware/", + "url": "https://kddi-tech.com/contents/appendix_L2_06.html#20304f4c-af1b-49fd-c3b5-8d1f55fd8b4f", "source": "vultures@jpcert.or.jp" }, { diff --git a/CVE-2024/CVE-2024-280xx/CVE-2024-28041.json b/CVE-2024/CVE-2024-280xx/CVE-2024-28041.json index 6ed47158141..84c8a162f30 100644 --- a/CVE-2024/CVE-2024-280xx/CVE-2024-28041.json +++ b/CVE-2024/CVE-2024-280xx/CVE-2024-28041.json @@ -2,7 +2,7 @@ "id": "CVE-2024-28041", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-03-25T04:15:08.880", - "lastModified": "2024-11-21T09:05:41.223", + "lastModified": "2025-03-28T08:15:14.160", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -57,7 +57,7 @@ "source": "vultures@jpcert.or.jp" }, { - "url": "https://www.au.com/support/service/internet/guide/modem/bl1500hm/firmware/", + "url": "https://kddi-tech.com/contents/appendix_L2_06.html#20304f4c-af1b-49fd-c3b5-8d1f55fd8b4f", "source": "vultures@jpcert.or.jp" }, { diff --git a/CVE-2024/CVE-2024-290xx/CVE-2024-29071.json b/CVE-2024/CVE-2024-290xx/CVE-2024-29071.json index ac814b68cd9..e2aeb20bec4 100644 --- a/CVE-2024/CVE-2024-290xx/CVE-2024-29071.json +++ b/CVE-2024/CVE-2024-290xx/CVE-2024-29071.json @@ -2,7 +2,7 @@ "id": "CVE-2024-29071", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-03-25T04:15:09.017", - "lastModified": "2024-11-21T09:07:29.693", + "lastModified": "2025-03-28T08:15:14.327", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -40,9 +40,19 @@ ] }, "weaknesses": [ + { + "source": "vultures@jpcert.or.jp", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-1391" + } + ] + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", + "type": "Primary", "description": [ { "lang": "en", @@ -57,7 +67,7 @@ "source": "vultures@jpcert.or.jp" }, { - "url": "https://www.au.com/support/service/internet/guide/modem/bl1500hm/firmware/", + "url": "https://kddi-tech.com/contents/appendix_L2_06.html#20304f4c-af1b-49fd-c3b5-8d1f55fd8b4f", "source": "vultures@jpcert.or.jp" }, { diff --git a/CVE-2024/CVE-2024-578xx/CVE-2024-57894.json b/CVE-2024/CVE-2024-578xx/CVE-2024-57894.json index 6068187edc1..6ce58abaaa1 100644 --- a/CVE-2024/CVE-2024-578xx/CVE-2024-57894.json +++ b/CVE-2024/CVE-2024-578xx/CVE-2024-57894.json @@ -2,36 +2,15 @@ "id": "CVE-2024-57894", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2025-01-15T13:15:13.943", - "lastModified": "2025-01-15T13:15:13.943", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-03-28T07:15:38.510", + "vulnStatus": "Rejected", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_core: Fix sleeping function called from invalid context\n\nThis reworks hci_cb_list to not use mutex hci_cb_list_lock to avoid bugs\nlike the bellow:\n\nBUG: sleeping function called from invalid context at kernel/locking/mutex.c:585\nin_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 5070, name: kworker/u9:2\npreempt_count: 0, expected: 0\nRCU nest depth: 1, expected: 0\n4 locks held by kworker/u9:2/5070:\n #0: ffff888015be3948 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3229 [inline]\n #0: ffff888015be3948 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_scheduled_works+0x8e0/0x1770 kernel/workqueue.c:3335\n #1: ffffc90003b6fd00 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3230 [inline]\n #1: ffffc90003b6fd00 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x91b/0x1770 kernel/workqueue.c:3335\n #2: ffff8880665d0078 (&hdev->lock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0xcf/0xae0 net/bluetooth/hci_event.c:6914\n #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:298 [inline]\n #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:750 [inline]\n #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: hci_le_create_big_complete_evt+0xdb/0xae0 net/bluetooth/hci_event.c:6915\nCPU: 0 PID: 5070 Comm: kworker/u9:2 Not tainted 6.8.0-syzkaller-08073-g480e035fc4c7 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\nWorkqueue: hci0 hci_rx_work\nCall Trace:\n \n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114\n __might_resched+0x5d4/0x780 kernel/sched/core.c:10187\n __mutex_lock_common kernel/locking/mutex.c:585 [inline]\n __mutex_lock+0xc1/0xd70 kernel/locking/mutex.c:752\n hci_connect_cfm include/net/bluetooth/hci_core.h:2004 [inline]\n hci_le_create_big_complete_evt+0x3d9/0xae0 net/bluetooth/hci_event.c:6939\n hci_event_func net/bluetooth/hci_event.c:7514 [inline]\n hci_event_packet+0xa53/0x1540 net/bluetooth/hci_event.c:7569\n hci_rx_work+0x3e8/0xca0 net/bluetooth/hci_core.c:4171\n process_one_work kernel/workqueue.c:3254 [inline]\n process_scheduled_works+0xa00/0x1770 kernel/workqueue.c:3335\n worker_thread+0x86d/0xd70 kernel/workqueue.c:3416\n kthread+0x2f0/0x390 kernel/kthread.c:388\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243\n " - }, - { - "lang": "es", - "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Bluetooth: hci_core: Se corrige la funci\u00f3n inactiva llamada desde un contexto no v\u00e1lido. Esto modifica hci_cb_list para que no use mutex hci_cb_list_lock para evitar errores como el siguiente: ERROR: funci\u00f3n inactiva llamada desde un contexto no v\u00e1lido en kernel/locking/mutex.c:585 in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 5070, name: kworker/u9:2 preempt_count: 0, expected: 0 RCU nest depth: 1, expected: 0 4 locks held by kworker/u9:2/5070: #0: ffff888015be3948 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3229 [inline] #0: ffff888015be3948 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_scheduled_works+0x8e0/0x1770 kernel/workqueue.c:3335 #1: ffffc90003b6fd00 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3230 [inline] #1: ffffc90003b6fd00 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x91b/0x1770 kernel/workqueue.c:3335 #2: ffff8880665d0078 (&hdev->lock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0xcf/0xae0 net/bluetooth/hci_event.c:6914 #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:298 [inline] #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:750 [inline] #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: hci_le_create_big_complete_evt+0xdb/0xae0 net/bluetooth/hci_event.c:6915 CPU: 0 PID: 5070 Comm: kworker/u9:2 Not tainted 6.8.0-syzkaller-08073-g480e035fc4c7 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 Workqueue: hci0 hci_rx_work Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114 __might_resched+0x5d4/0x780 kernel/sched/core.c:10187 __mutex_lock_common kernel/locking/mutex.c:585 [inline] __mutex_lock+0xc1/0xd70 kernel/locking/mutex.c:752 hci_connect_cfm include/net/bluetooth/hci_core.h:2004 [inline] hci_le_create_big_complete_evt+0x3d9/0xae0 net/bluetooth/hci_event.c:6939 hci_event_func net/bluetooth/hci_event.c:7514 [inline] hci_event_packet+0xa53/0x1540 net/bluetooth/hci_event.c:7569 hci_rx_work+0x3e8/0xca0 net/bluetooth/hci_core.c:4171 process_one_work kernel/workqueue.c:3254 [inline] process_scheduled_works+0xa00/0x1770 kernel/workqueue.c:3335 worker_thread+0x86d/0xd70 kernel/workqueue.c:3416 kthread+0x2f0/0x390 kernel/kthread.c:388 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243 " + "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ], "metrics": {}, - "references": [ - { - "url": "https://git.kernel.org/stable/c/028a68886ead0764f4b26adfcaebf9f1955e76ea", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/4a31c018bfe4de84c0741aadd2c913a2490b186d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/4d94f05558271654670d18c26c912da0c1c15549", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/bef333418368c58690b501894324c09124e4614f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - } - ] + "references": [] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-20xx/CVE-2025-2074.json b/CVE-2025/CVE-2025-20xx/CVE-2025-2074.json new file mode 100644 index 00000000000..376bc668619 --- /dev/null +++ b/CVE-2025/CVE-2025-20xx/CVE-2025-2074.json @@ -0,0 +1,84 @@ +{ + "id": "CVE-2025-2074", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-03-28T08:15:15.430", + "lastModified": "2025-03-28T08:15:15.430", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Advanced Google reCAPTCHA plugin for WordPress is vulnerable to generic SQL Injection via the \u2018sSearch\u2019 parameter in all versions up to, and including, 1.29 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries, particularly when the plugin\u2019s settings page hasn\u2019t been visited and its welcome message has not been dismissed. This issue can be used to extract sensitive information from the database." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.6, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/advanced-google-recaptcha/trunk/libs/admin.php?rev=3248228#L106", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/advanced-google-recaptcha/trunk/libs/ajax.php?rev=3248228#L20", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/advanced-google-recaptcha/trunk/libs/ajax.php?rev=3248228#L277", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/advanced-google-recaptcha/trunk/libs/ajax.php?rev=3248228#L401", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/advanced-google-recaptcha/trunk/libs/setup.php?rev=3248228#L636", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3262396/", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/advanced-google-recaptcha/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/963a9b30-9194-4abc-aa69-eb333cbddef3?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-23xx/CVE-2025-2328.json b/CVE-2025/CVE-2025-23xx/CVE-2025-2328.json new file mode 100644 index 00000000000..d8086375299 --- /dev/null +++ b/CVE-2025/CVE-2025-23xx/CVE-2025-2328.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2025-2328", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-03-28T07:15:39.243", + "lastModified": "2025-03-28T07:15:39.243", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'dnd_remove_uploaded_files' function in all versions up to, and including, 1.3.8.7. This makes it possible for unauthenticated attackers to add arbitrary file paths (such as ../../../../wp-config.php) to uploaded files on the server, which can easily lead to remote code execution when an Administrator deletes the message. Exploiting this vulnerability requires the Flamingo plugin to be installed and activated." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/drag-and-drop-multiple-file-upload-contact-form-7/trunk/inc/dnd-upload-cf7.php#L153", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3261964/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0f6cca7a-b8ff-4ca5-b813-e611eac07695?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-24xx/CVE-2025-2485.json b/CVE-2025/CVE-2025-24xx/CVE-2025-2485.json new file mode 100644 index 00000000000..c3f989ba5ce --- /dev/null +++ b/CVE-2025/CVE-2025-24xx/CVE-2025-2485.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2025-2485", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-03-28T07:15:39.450", + "lastModified": "2025-03-28T07:15:39.450", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.3.8.7 via deserialization of untrusted input from the 'dnd_upload_cf7_upload'\r\n function. This makes it possible for attackers to inject a PHP Object through a PHAR file. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present. This vulnerability may be exploited by unauthenticated attackers when a form is present on the site with the file upload action. The Flamingo plugin must be installed and activated in order to exploit the vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/drag-and-drop-multiple-file-upload-contact-form-7/trunk/inc/dnd-upload-cf7.php#L25", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/drag-and-drop-multiple-file-upload-contact-form-7/trunk/inc/dnd-upload-cf7.php#L844", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3261964/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/79ffe548-0005-4f5e-873f-a1afec64a251?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-25xx/CVE-2025-2578.json b/CVE-2025/CVE-2025-25xx/CVE-2025-2578.json new file mode 100644 index 00000000000..3fff86cf969 --- /dev/null +++ b/CVE-2025/CVE-2025-25xx/CVE-2025-2578.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2025-2578", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-03-28T08:15:15.603", + "lastModified": "2025-03-28T08:15:15.603", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.2.19 via the 'wpAmeliaApiCall' function. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/ameliabooking/trunk/ameliabooking.php#L172", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/ameliabooking/trunk/src/Application/Commands/Entities/GetEntitiesCommandHandler.php#L127", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3261318/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6806e07b-96bf-43ad-a3ac-2105e7449e3c?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 38028ed5ba2..73691b1145e 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-03-28T07:00:20.162918+00:00 +2025-03-28T09:00:20.020052+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-03-28T06:15:34.723000+00:00 +2025-03-28T08:15:15.603000+00:00 ``` ### Last Data Feed Release @@ -33,26 +33,28 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -287153 +287157 ``` ### CVEs added in the last Commit -Recently added CVEs: `5` +Recently added CVEs: `4` -- [CVE-2025-1762](CVE-2025/CVE-2025-17xx/CVE-2025-1762.json) (`2025-03-28T06:15:32.770`) -- [CVE-2025-2027](CVE-2025/CVE-2025-20xx/CVE-2025-2027.json) (`2025-03-28T06:15:33.403`) -- [CVE-2025-2294](CVE-2025/CVE-2025-22xx/CVE-2025-2294.json) (`2025-03-28T05:15:41.507`) -- [CVE-2025-2804](CVE-2025/CVE-2025-28xx/CVE-2025-2804.json) (`2025-03-28T06:15:34.157`) -- [CVE-2025-31335](CVE-2025/CVE-2025-313xx/CVE-2025-31335.json) (`2025-03-28T06:15:34.723`) +- [CVE-2025-2074](CVE-2025/CVE-2025-20xx/CVE-2025-2074.json) (`2025-03-28T08:15:15.430`) +- [CVE-2025-2328](CVE-2025/CVE-2025-23xx/CVE-2025-2328.json) (`2025-03-28T07:15:39.243`) +- [CVE-2025-2485](CVE-2025/CVE-2025-24xx/CVE-2025-2485.json) (`2025-03-28T07:15:39.450`) +- [CVE-2025-2578](CVE-2025/CVE-2025-25xx/CVE-2025-2578.json) (`2025-03-28T08:15:15.603`) ### CVEs modified in the last Commit -Recently modified CVEs: `2` +Recently modified CVEs: `5` -- [CVE-2022-4064](CVE-2022/CVE-2022-40xx/CVE-2022-4064.json) (`2025-03-28T06:15:27.053`) -- [CVE-2024-4367](CVE-2024/CVE-2024-43xx/CVE-2024-4367.json) (`2025-03-28T05:15:40.777`) +- [CVE-2023-53027](CVE-2023/CVE-2023-530xx/CVE-2023-53027.json) (`2025-03-28T07:15:37.860`) +- [CVE-2024-21865](CVE-2024/CVE-2024-218xx/CVE-2024-21865.json) (`2025-03-28T08:15:13.337`) +- [CVE-2024-28041](CVE-2024/CVE-2024-280xx/CVE-2024-28041.json) (`2025-03-28T08:15:14.160`) +- [CVE-2024-29071](CVE-2024/CVE-2024-290xx/CVE-2024-29071.json) (`2025-03-28T08:15:14.327`) +- [CVE-2024-57894](CVE-2024/CVE-2024-578xx/CVE-2024-57894.json) (`2025-03-28T07:15:38.510`) ## Download and Usage diff --git a/_state.csv b/_state.csv index e0e60018d8a..ddb53b5fd82 100644 --- a/_state.csv +++ b/_state.csv @@ -206927,7 +206927,7 @@ CVE-2022-40636,0,0,669a0366b9b0cf27d6e87ea4373e444b8994970975e188a2d8e62d9fd5b1c CVE-2022-40637,0,0,57239816cf6ce40ee0806745565807c3a4132b0e4b98efa9246ada6b65c48049,2024-11-21T07:21:45.623000 CVE-2022-40638,0,0,f443d2dc163d484737c2ac08a3067b1e859249f31d20b3b124ff4090e233c601,2024-11-21T07:21:45.740000 CVE-2022-40639,0,0,0beec25c92ab93784240fadbca1b20786e25001a9ab576b7e1cc32819a9185c3,2024-11-21T07:21:45.860000 -CVE-2022-4064,0,1,639d83cebd0777a3f314b061e6bf218424efdba9b1c7703ff40b52b129148ac9,2025-03-28T06:15:27.053000 +CVE-2022-4064,0,0,639d83cebd0777a3f314b061e6bf218424efdba9b1c7703ff40b52b129148ac9,2025-03-28T06:15:27.053000 CVE-2022-40640,0,0,5fe05dfcb86b979ffc8937be948f34891adf6488726e644a747cb523f8e78e4c,2024-11-21T07:21:45.980000 CVE-2022-40641,0,0,cbe9effc427a54f53fe6f19360cbab8a68bc398421c091e80fe8a0d1ecd93346,2024-11-21T07:21:46.110000 CVE-2022-40642,0,0,98f6de3eb346184f68e613a92505d38494020d493791089d357c4a8d3e287515,2024-11-21T07:21:46.233000 @@ -241712,7 +241712,7 @@ CVE-2023-53023,0,0,4d59b0667ba596c8042de09725cd074cecf2dd3bd106505fada32725e37e2 CVE-2023-53024,0,0,4e891b11de56a88b0fed04ae5780277e924121dda06bf67cfb28de95bc39f324,2025-03-27T17:15:51.980000 CVE-2023-53025,0,0,7670798d7f703a63e18ba8a3be8f433ad3d3bfc09b8a4f9f65ac6dea3921d9ab,2025-03-27T18:17:34.243000 CVE-2023-53026,0,0,b6be25ec293572d60084282218ed0f9a6ac3c620f7008f9ef43a5900812f6d23,2025-03-27T17:15:52.250000 -CVE-2023-53027,0,0,51989cb065a72d9455bc6a827579a933b58091c00f54f1d7206bcefb6df19e09,2025-03-27T17:15:52.387000 +CVE-2023-53027,0,1,abe52dfb43bbd686e3fe35e91f50766f811247cd5855fb2a0edd84ee7dec5768,2025-03-28T07:15:37.860000 CVE-2023-53028,0,0,5fcd3ec87fa2674114cc5925b046fcfde50e33617feedea07a880f1b7cc83302,2025-03-27T17:15:52.507000 CVE-2023-53029,0,0,01c480a58c32253b7c7fa3113e6aa854d378ce7591aad7b61903d69c4bae8cb1,2025-03-27T17:15:52.627000 CVE-2023-5303,0,0,1fd7805db54c4356f03291c90e402ea807b85aec18298fa337830f7108304fe4,2024-11-21T08:41:29.423000 @@ -250594,7 +250594,7 @@ CVE-2024-21861,0,0,3a7f9befc113ffb23875efbe3d70cf01c22adb8b0631739aca4be1bb65b60 CVE-2024-21862,0,0,d1a916702185a96c58d5a48bea3eb8288c4be744e585ef9068b323222010f8e8,2025-01-28T17:38:46.637000 CVE-2024-21863,0,0,55f366380fbe866d6e020d9802a7829de46bf002961a873cc4fea65ba7605dda,2024-11-21T08:55:08.337000 CVE-2024-21864,0,0,1ad6c5ce84b48a780ceb370fb663156ccd2e7fcace23a3692a69ffb642270962,2024-11-21T08:55:08.513000 -CVE-2024-21865,0,0,583fd7dd0aa12097e737a2985a06d8c2e10647eb7bd05007cef306e8670a0ed2,2024-11-21T08:55:08.667000 +CVE-2024-21865,0,1,f727402985b7b39f06de892d124eb04c9b25ba8f2a21ca4a6fc3efd5c7470078,2025-03-28T08:15:13.337000 CVE-2024-21866,0,0,877a22cac4a3ed4e6886e06de6323d143f73ef29c73f7754337e7d90afe1e6da,2024-11-21T08:55:08.893000 CVE-2024-21869,0,0,e37c8a4889f9eaef99aadb2f6512dc2821c59f5e354397dfc83a1050590fa73d,2024-11-21T08:55:09.050000 CVE-2024-2187,0,0,1103ee7372c5ea9ac3f366f5b222f200117c18c2fbd61f44534e2c7446ae9f16,2025-01-09T17:06:43.647000 @@ -255317,7 +255317,7 @@ CVE-2024-28038,0,0,8768cefba90398b448778b075f725a3899e2632ffe57311f83a39e788009a CVE-2024-28039,0,0,912e2fff1df4bd0ef022958ba166bcf68f36535a86ebbb68adc8c1f474705819,2024-11-21T09:05:40.897000 CVE-2024-2804,0,0,57915a109e591d8c90c9b05656438fd856c82a6c13765732a75b491bd53d1ec8,2024-11-21T09:10:33.680000 CVE-2024-28040,0,0,b1cff596a39896c27ba0d07b453ff37627f01f1b0fbc09479e1315b02c0495ed,2024-11-21T09:05:41.093000 -CVE-2024-28041,0,0,17d7a4245d3ae77ae3c3fb94a5842d9ae1f23e4d3ad1f26e3b490cfbd4226398,2024-11-21T09:05:41.223000 +CVE-2024-28041,0,1,957993c2ab877e6021c77a287df6888da641261051792bcc93aab9978bcb5845,2025-03-28T08:15:14.160000 CVE-2024-28042,0,0,cc35caa1934027be4460152d18b50598c65de29291faae1c5c8bb4476e6396db,2024-11-21T09:05:41.433000 CVE-2024-28044,0,0,4321e66e9abad9bc2815f064d2409efc5b717b87741f240009dbca664117840a,2024-09-04T17:12:54.973000 CVE-2024-28045,0,0,3250b5241cb3eb30591229d8a728ec2919682fc73063bc0b93558e23a7537d7d,2024-11-21T09:05:41.680000 @@ -256029,7 +256029,7 @@ CVE-2024-29068,0,0,4ca16ab4f3100ce464ed61ba1b4d96efe5791a7c4dabbd87db88d42639a78 CVE-2024-29069,0,0,4e2e8f90811126be2345b98ed47ab42149083ecf4f708fcaf6870de0665ab7a3,2024-11-21T09:07:29.377000 CVE-2024-2907,0,0,afcf7b0dd1ad120eb5edd4bb53db0ef2b60221906dcb3f6ebc628e09a063a180,2024-11-21T09:10:48.460000 CVE-2024-29070,0,0,21ffac6570edd10ecd5fff3a43896c471f489fa590118d73cfc78a627475d09a,2024-11-21T09:07:29.507000 -CVE-2024-29071,0,0,372c1c08eb5f1afdaa85b2ef8f1cb678c9eee2b9ac1ab8bac2f503acd32a6021,2024-11-21T09:07:29.693000 +CVE-2024-29071,0,1,3ef49d390c6f5168aa83a3911e374700797ea322a3d27cf3485d832744bd5b0c,2025-03-28T08:15:14.327000 CVE-2024-29072,0,0,57f80ce7c236f332a7f5c114423b69d762766a5c42687b949a1667cb5c018eb1,2024-11-21T09:07:29.887000 CVE-2024-29073,0,0,a97c1130a7ff47c79178263365495d696944009337b55c711a86468fd2e28d23,2024-11-21T09:07:30.007000 CVE-2024-29074,0,0,37fef7b70252074605b40dcd9b7a5a1b496283b8ab455c06a52e22d00ddd7f49,2025-01-02T19:12:32.683000 @@ -267287,7 +267287,7 @@ CVE-2024-43660,0,0,1dc83515bc7eda08ad1a0a1026113c7a5161779ef9edfb934d9d2a4d61e1d CVE-2024-43661,0,0,015abc64d6786f1b30b1a3ea941a97b1b0d755773998b3250abd38042855c09b,2025-01-09T15:15:17.937000 CVE-2024-43662,0,0,ebccc73d7680304a85104a6931a9045211211ac6a1d4b040f75195362d8ecad2,2025-01-09T08:15:29.637000 CVE-2024-43663,0,0,241a1ff57536167d594b47ac2b685efe574676f29c6fadd622deb3b336920af7,2025-01-09T15:15:18.173000 -CVE-2024-4367,0,1,c9aa813b56159479445d505ad3001931e1b0824b5b5f9a0fe1b3dc1debe5c746,2025-03-28T05:15:40.777000 +CVE-2024-4367,0,0,c9aa813b56159479445d505ad3001931e1b0824b5b5f9a0fe1b3dc1debe5c746,2025-03-28T05:15:40.777000 CVE-2024-4368,0,0,817a09abda4a6c1dc6203fe5e1d271562b21e0a1a41cffdadd0bcc130bb5c2c5,2025-03-13T20:15:23.683000 CVE-2024-43683,0,0,eaf87ecdd1484317d24eb3ad1010b7b5e6e4b47e9a68a80d2a141aa188b02f2a,2024-11-01T16:15:08.930000 CVE-2024-43684,0,0,dd623d71d4067816a2c5038539e7602036563822931327d0a0d346837c8c2fc2,2024-11-01T17:15:17.127000 @@ -276964,7 +276964,7 @@ CVE-2024-57890,0,0,876228291e28ce2dbcf91efd1283214e54d4069730fa474ebc3b3b0d9a534 CVE-2024-57891,0,0,cd33e3a4e8d37a5f36fd34bd5a361c07ff62e7972f171735ba5dd223fe03e6f1,2025-01-15T13:15:13.590000 CVE-2024-57892,0,0,14736616310e4e8ee489220b3fa985deb190abfc580a60b1a99e9cb0181d3dfe,2025-02-13T14:16:17.800000 CVE-2024-57893,0,0,de1df3ef6db19acaf3c7c48dd5c62fb10118eacffbfad185b7dbbf80a82129c6,2025-01-15T13:15:13.820000 -CVE-2024-57894,0,0,d7d6f6140de35b010b1b5beb6457a2e35be159e74f947f8b4b5cce28e627637c,2025-01-15T13:15:13.943000 +CVE-2024-57894,0,1,024b8193ba03ea5fa8d1c61a7de60c721e41ed0015e59fea3e48a68d54e30550,2025-03-28T07:15:38.510000 CVE-2024-57895,0,0,9ad2e608235ea6296b191cd61921ed3a449403f186ff27dacefb37686d68c65d,2025-01-21T17:47:20.323000 CVE-2024-57896,0,0,b4cf92b31099574638c678d1da9fe631de93ee5f7ca16ae4933efbe750b33d2f,2025-02-11T16:15:49.050000 CVE-2024-57897,0,0,3d8c470fae69b589d24f1b293420d7a6a2c10fa45e69bbcc2f2a6813cfb371e3,2025-01-15T13:15:14.317000 @@ -282145,7 +282145,7 @@ CVE-2025-1755,0,0,09476b6d542bfcc927e067fe8e3ce0d3ca1fbe0a9d5ffac658df7f448d43f3 CVE-2025-1756,0,0,787bba2bf34abbaae222d1a9edb902cd4b5b03484def1773bc6176dae0327cd2,2025-02-27T16:15:39.287000 CVE-2025-1757,0,0,c25e39602a825b6394df945ad4b24df4019eaaa8085cc7f11e82831fb6895cb4,2025-03-10T16:48:47.823000 CVE-2025-1758,0,0,0373ea84effa2e885cc20b107f682d5ddfeea043aa22d13e9c170486f7fa1885,2025-03-19T16:15:30.527000 -CVE-2025-1762,1,1,ce5f230370b79f7bc53052e2ff511d886eca4bd8b9760a3e1a224e01388ab45e,2025-03-28T06:15:32.770000 +CVE-2025-1762,0,0,ce5f230370b79f7bc53052e2ff511d886eca4bd8b9760a3e1a224e01388ab45e,2025-03-28T06:15:32.770000 CVE-2025-1764,0,0,13706f4025eae225fc3793a7e7a1fa321df281c8253d66f7993d98f6aa09100c,2025-03-14T06:15:24.860000 CVE-2025-1766,0,0,598707d3f8b19c5a3ff0b336e9bc39a76f8ffb8a9d939d0b001d5b5f979e7c65,2025-03-20T06:15:22.740000 CVE-2025-1767,0,0,db4a25182003b3801d09638d93655c86fe8651aa60672fd3a6309c07b55e200e,2025-03-13T21:15:43.127000 @@ -282417,7 +282417,7 @@ CVE-2025-20232,0,0,0d5d053026f8c32cba542b805870a42fc42882344ea0c79ae85ae165075eb CVE-2025-20233,0,0,827e4cb515e7d3bbb9223a377b0054261580f1cd7e2f972f151a15685ae6593c,2025-03-27T16:45:27.850000 CVE-2025-2024,0,0,1ebba8845ef88303f0909fcf3cb590cfef8154204f03ba1b4e83e42241658ece,2025-03-07T20:15:39.023000 CVE-2025-2025,0,0,8bf05e4c9932aa58da11a2b15541e516431650b70642c5a505f451f40d61fe35,2025-03-25T19:48:15.730000 -CVE-2025-2027,1,1,9c025c7ce03dd1417baef4d7a07a2426f29fa04e7628aec491c0c66705567d36,2025-03-28T06:15:33.403000 +CVE-2025-2027,0,0,9c025c7ce03dd1417baef4d7a07a2426f29fa04e7628aec491c0c66705567d36,2025-03-28T06:15:33.403000 CVE-2025-2029,0,0,d542afcc372a129fd7977f37fa3c5e3e2b220f9ceca1025a42b23e0691f5c316,2025-03-06T15:15:17.943000 CVE-2025-2030,0,0,0e82bd47c24dfd47a0763661b2667fde4902819acb4b011b12553acdfd131e3f,2025-03-10T07:15:36.400000 CVE-2025-2031,0,0,5b762fc7e74e43ed51009a6fc81cd4ad661cf88635712ad2ea503f672c7ad652,2025-03-06T17:15:24.153000 @@ -282484,6 +282484,7 @@ CVE-2025-20652,0,0,9485bc5abd99cf5824b119c49fe5e9158c152f14429264c67d56a50ce2458 CVE-2025-20653,0,0,50d853eb215922ff4e0114da3bc24d2a38f72d15c38383615dd0616a498c1d6f,2025-03-20T19:15:37.333000 CVE-2025-2066,0,0,91ff735ed7e88e4436bc7b6b6f477b59d5c22b6987e7f0098d0b58198b0d10ea,2025-03-07T05:15:17.293000 CVE-2025-2067,0,0,e336b7e791e3fd3cb322ecbc1c5f69ca2b6e5c18fb1ce058eaa6d863ecf3dcd2,2025-03-07T05:15:17.527000 +CVE-2025-2074,1,1,635184731cdb0768caff9b93253bc7cc7b0ae263a8fa04ad42076da9a21fd811,2025-03-28T08:15:15.430000 CVE-2025-2076,0,0,4b17faacef13c37de95a24fc1d0a696f48b3a96cded3d3b37bf400752a7db1ce,2025-03-12T04:15:18.800000 CVE-2025-2077,0,0,542014bf1c951910ecf1a12c2d80a016c7b30ee77de8c04037976c31a7e5da5b,2025-03-12T04:15:19 CVE-2025-2078,0,0,a56b0ea482de0b321a2677b0cdea82d60abcbfe24a12528635911474c7f1e3fe,2025-03-12T04:15:19.210000 @@ -283828,7 +283829,7 @@ CVE-2025-22919,0,0,329e8b26e961cfd3a5f94c152403744377d574dcba7ab4dca039db01cbe65 CVE-2025-22920,0,0,90e7ff21ce793067aa456b5ccb84cf38ff13a7ab9f13a9d4f7138f20eaa66180,2025-02-19T22:15:23.810000 CVE-2025-22921,0,0,fc4d8d5f4bc002d31a8eab55216be4cd1b637344934aafdd7df2486b9762015c,2025-02-19T15:15:17.497000 CVE-2025-22936,0,0,d81f6f27c0c4b19886d50175e4767c83ad84386da04b2ebc81be17b6a19a6c20,2025-02-12T14:15:33.187000 -CVE-2025-2294,1,1,1a31d54bf878d84c64d85b33385ea1f5709b41f2552c84c4044d574f003452a3,2025-03-28T05:15:41.507000 +CVE-2025-2294,0,0,1a31d54bf878d84c64d85b33385ea1f5709b41f2552c84c4044d574f003452a3,2025-03-28T05:15:41.507000 CVE-2025-22946,0,0,7db37666dfbf9142b1788db2e9c9ed7b839c8fa56ddb82a64c0b003e5a2cac22,2025-01-14T15:15:28.480000 CVE-2025-22949,0,0,4497a547d6c85b77c71713f92e0bd769cd0fee1b37f22227e370aa8af86f0dec,2025-01-14T15:15:28.637000 CVE-2025-2295,0,0,5afd41ba1c620aa8b1c09ed9d5c8905d7597b06ca6637c246ba28374bca35eb0,2025-03-14T22:15:11.600000 @@ -283998,6 +283999,7 @@ CVE-2025-23242,0,0,9b20bedcf14352ca9df0a5ecc34f6004c4e1503c511865ff1afa1d3c82eca CVE-2025-23243,0,0,d341dee54207e76092fa73545c292abf7fbfda4eb6567d84dd5238ba2f02d191,2025-03-11T20:15:16.463000 CVE-2025-2325,0,0,13c6f3c24dd300d81977cebacc098db98e57b148c37ef530d50f5e2edd70e656,2025-03-25T20:07:03.383000 CVE-2025-2326,0,0,0ec0c28e6b995dc182a44a080592df606d562ca954869d7753960c79a6ff321c,2025-03-24T15:15:16.830000 +CVE-2025-2328,1,1,5115e45695da2493c44ae7ef68ec04d1df5e80a99f07c64ce37e8b0405e6e91e,2025-03-28T07:15:39.243000 CVE-2025-2331,0,0,b072726b3afe477229f13ce6fa12da5840fde8f6531f821787ad2abd1eb769a5,2025-03-22T12:15:26.833000 CVE-2025-2332,0,0,046a67a9cf7f433a88b7d72805ea1318db1beb7a584083c71cb5548df758625f,2025-03-27T16:45:27.850000 CVE-2025-2333,0,0,600470717f73ae989a4e33407be9c331e6223c6ec027e4a7c73886df7950cb72,2025-03-15T12:15:12.610000 @@ -285159,6 +285161,7 @@ CVE-2025-24843,0,0,fb4d0afee0c2783ca1631e4031059d2c08004431e384816d6d85a2fa124d2 CVE-2025-24845,0,0,b01e6a569b8cc3a4584487bdfb3da2fbed952ffc0174ca89c61a3e20ee1bf86f,2025-02-06T08:15:30.673000 CVE-2025-24846,0,0,395a1c47127c2c7ef37d1800a5094c8ea72456277181e4a623939a06fd6c82a4,2025-03-03T09:15:39.817000 CVE-2025-24849,0,0,8e5985d51102085b2b29506fc161cb28ee1a0b2a33328ea438367fccd6fa114a,2025-02-28T17:15:17.253000 +CVE-2025-2485,1,1,ce8777b4de39fbe982a57affd8c2f051aabb31fceb6a5bf99f1c6ca14ea719aa,2025-03-28T07:15:39.450000 CVE-2025-24855,0,0,3b83ed2e42d12574419e7a5d93b58d3d4fa5393073d22ec518ba075ff8bdfcf5,2025-03-14T02:15:15.717000 CVE-2025-24856,0,0,de81d5fa3871c8fea36d9f92d65c776b1ac74e3aaeeb12190f8f5c33a73c1a6a,2025-03-16T04:15:14.517000 CVE-2025-24858,0,0,80a2e3e27ced5551413d1f52e03f6696ce40853726c2f8318cd2bd73891576ca,2025-01-26T07:15:09.237000 @@ -285622,6 +285625,7 @@ CVE-2025-2577,0,0,929de73a39a3543c29173f273a3d41f338242898e72fad38fbcc81d8274db1 CVE-2025-25770,0,0,083dca9bf78425b081932176ffd5590f62d2e6b52d7243e21c6da305bd5b4229,2025-02-24T18:15:20.280000 CVE-2025-25772,0,0,049a4d8ccd7e92d8a6c37014ca81c63552e30fbd0e2bdc0e271ff3963136769b,2025-02-21T22:15:12.813000 CVE-2025-25774,0,0,69d43747c15f87af0da05215cab928648fd3e1ba63812309aa7f5e031fa6f50d,2025-03-12T19:15:39.777000 +CVE-2025-2578,1,1,305da95c0e840ae7646b20190d56fea585c13c9903d6a9062c87913d93d56a70,2025-03-28T08:15:15.603000 CVE-2025-25783,0,0,7667c9a81f530a99609c56eb13bc325e3e204504dcfbc3fb6341518f78f741e8,2025-03-04T22:15:40.787000 CVE-2025-25784,0,0,3e43aebf6f03069ac210115a03220d81a261d055bf117d06bf3215e14e26226d,2025-03-05T15:15:17.730000 CVE-2025-25785,0,0,12399114d1e01798a9cb8e44ff529be3a97f5d175baa693f6af5ee4fed7d3d07,2025-03-05T15:15:17.930000 @@ -286608,7 +286612,7 @@ CVE-2025-27933,0,0,93368137a33aa362057a4035ec036f1aedaefb3c8486745a8d93918e46a37 CVE-2025-28010,0,0,6260ea576a8c0d7bd0a38d2f3c79cf58da9a7c5443332c696e69e06a75d63ce4,2025-03-19T15:15:54.430000 CVE-2025-28011,0,0,904ac06066433043222ace0eb3e8530f1f0d607436509b286714603b0a427d36,2025-03-19T19:15:47.517000 CVE-2025-28015,0,0,648b242f524f2d1e65282c0d2ade8d5979df5a4c9cf086b42e2449484b2f9631,2025-03-19T19:15:47.650000 -CVE-2025-2804,1,1,84020102f277b538ffb8ab51ba7022798f05e2dde9899675eb282f2dc201e37b,2025-03-28T06:15:34.157000 +CVE-2025-2804,0,0,84020102f277b538ffb8ab51ba7022798f05e2dde9899675eb282f2dc201e37b,2025-03-28T06:15:34.157000 CVE-2025-28135,0,0,67520c1f57ea15ce6a3fbebf8fb1a036612a258dbeeaf68f8167eb1360c1936d,2025-03-27T16:45:12.210000 CVE-2025-28138,0,0,8c0673577a1929357533e79b7892ab1b2319abdda1d9f5bd31a1a742b947848b,2025-03-27T16:45:12.210000 CVE-2025-2819,0,0,38e9c36ae873a346ecdd7625eb6881a65dff946dea1e4d5fe1469a7230964dac,2025-03-27T16:45:27.850000 @@ -287151,4 +287155,4 @@ CVE-2025-31178,0,0,0159271cafd90a7c68cb6b42d742565e913c95d142c34439b76c4b7fbcd3a CVE-2025-31179,0,0,cda1c9467c3475201d82575e129fca6c85eec975e0bfb5c626efdafa30a80311,2025-03-27T16:45:12.210000 CVE-2025-31180,0,0,96a8b1c900905723c52b2ac8ec7d74d27ca8fc06e172a796b6c77948919bf976,2025-03-27T16:45:12.210000 CVE-2025-31181,0,0,adf787fa7be98612076fa1d074f2dd202915c081eba78290d23e687b246de36d,2025-03-27T16:45:12.210000 -CVE-2025-31335,1,1,10ae6e3d427bfe13348b2d10ee12f129bdeadfbd4a1839e0c92366307e617223,2025-03-28T06:15:34.723000 +CVE-2025-31335,0,0,10ae6e3d427bfe13348b2d10ee12f129bdeadfbd4a1839e0c92366307e617223,2025-03-28T06:15:34.723000