admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-06 18:52:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-03-31T02:00:19.981665+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-03-31 02:03:51 +00:00
parent 5164cc5934
commit 8e22ae826e
5 changed files with 439 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

141
CVE-2025/CVE-2025-29xx/CVE-2025-2966.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-2966",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-31T00:15:14.633",
"lastModified": "2025-03-31T00:15:14.633",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in ConcreteCMS up to 9.3.9 and classified as problematic. Affected by this issue is the function Save of the component Content Block Handler. The manipulation of the argument Source leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 3.5,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseScore": 4.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
},
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://github.com/yaowenxiao721/Poc/blob/main/Concretecms/Concretecms-poc4.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.302018",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.302018",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.522416",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2025/CVE-2025-29xx/CVE-2025-2967.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-2967",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-31T01:15:40.113",
"lastModified": "2025-03-31T01:15:40.113",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in ConcreteCMS up to 9.3.9. It has been classified as problematic. This affects the function Save of the component HTML Block Handler. The manipulation of the argument content leads to HTML injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 3.5,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseScore": 4.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
},
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://github.com/yaowenxiao721/Poc/blob/main/Concretecms/Concretecms-poc5.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.302019",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.302019",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.522417",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2025/CVE-2025-29xx/CVE-2025-2968.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-2968",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-31T01:15:40.303",
"lastModified": "2025-03-31T01:15:40.303",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in ConcreteCMS up to 9.3.9. It has been declared as problematic. This vulnerability affects the function Save of the component Feature Block Handler. The manipulation of the argument Paragraph Source leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 3.5,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseScore": 4.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
},
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://github.com/yaowenxiao721/Poc/blob/main/Concretecms/Concretecms-poc6.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.302020",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.302020",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.522418",
"source": "cna@vuldb.com"
}
]
}

18
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-03-30T23:55:20.133350+00:00
2025-03-31T02:00:19.981665+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-03-30T23:15:41.523000+00:00
2025-03-31T01:15:40.303000+00:00
```
### Last Data Feed Release
@ -27,24 +27,22 @@ Repository synchronizes with the NVD every 2 hours.
Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)
```plain
2025-03-29T01:00:04.349322+00:00
2025-03-31T00:00:04.406344+00:00
```
### Total Number of included CVEs
```plain
287340
287343
```
### CVEs added in the last Commit
Recently added CVEs: `5`
Recently added CVEs: `3`
- [CVE-2024-13804](CVE-2024/CVE-2024-138xx/CVE-2024-13804.json) (`2025-03-30T22:15:14.510`)
- [CVE-2025-2961](CVE-2025/CVE-2025-29xx/CVE-2025-2961.json) (`2025-03-30T22:15:15.293`)
- [CVE-2025-2963](CVE-2025/CVE-2025-29xx/CVE-2025-2963.json) (`2025-03-30T22:15:15.597`)
- [CVE-2025-2964](CVE-2025/CVE-2025-29xx/CVE-2025-2964.json) (`2025-03-30T23:15:40.477`)
- [CVE-2025-2965](CVE-2025/CVE-2025-29xx/CVE-2025-2965.json) (`2025-03-30T23:15:41.523`)
- [CVE-2025-2966](CVE-2025/CVE-2025-29xx/CVE-2025-2966.json) (`2025-03-31T00:15:14.633`)
- [CVE-2025-2967](CVE-2025/CVE-2025-29xx/CVE-2025-2967.json) (`2025-03-31T01:15:40.113`)
- [CVE-2025-2968](CVE-2025/CVE-2025-29xx/CVE-2025-2968.json) (`2025-03-31T01:15:40.303`)
### CVEs modified in the last Commit

13
_state.csv
View File

@ -248218,7 +248218,7 @@ CVE-2024-13800,0,0,db269d664e8ffceb549584ac138b0b3d8532020dce3ad8c5501401929c306
CVE-2024-13801,0,0,6b81a2ef4a4e09dd2b073044ee14684c69b7e1700476947d0d1140f5e689a17b,2025-03-27T16:45:46.410000
CVE-2024-13802,0,0,774d150df9948895bc1c8319c04951551fc49cae4e2c0e8ce41994610c382f58,2025-02-25T20:57:34.193000
CVE-2024-13803,0,0,93a9df80fad16c66cdad18cf7b08a600f14f988ff84d4f170dbb9b255e8d0a90,2025-02-26T13:15:38.027000
CVE-2024-13804,1,1,25259920d77e123155d53c4374e413698b48a5e08bf9f3c7e1f59089683c3825,2025-03-30T22:15:14.510000
CVE-2024-13804,0,0,25259920d77e123155d53c4374e413698b48a5e08bf9f3c7e1f59089683c3825,2025-03-30T22:15:14.510000
CVE-2024-13805,0,0,ab23ddffd79c9236654dca87d416c22cef2f181f71a6522374ad6bbab1e39bf2,2025-03-07T10:15:16.123000
CVE-2024-13806,0,0,2b103acb686ba11654b3e2c5ab41948ab81fbeb9ed340b778f561b48dfe3cc2f,2025-03-01T08:15:33.653000
CVE-2024-13809,0,0,0560f3b13a50d69c775a261a59e91c9ab0b720365e711ebd048429107113c32d,2025-03-05T10:15:17.313000
@ -286911,13 +286911,16 @@ CVE-2025-2957,0,0,2041a1bad0f3b94a621933efa1578c7527d556b201ebee469ee54a43ff2ada
CVE-2025-2958,0,0,3fb7ff6d9357ff22658d5d8cf8c232650334b49c9bd2618eded13fa8fb2dfe34,2025-03-30T20:15:14.490000
CVE-2025-2959,0,0,60c1c20f48bdcf669f4f9dbc70d78d2366c9bda1947d22fdbb1d2e25f877a952,2025-03-30T21:15:31.960000
CVE-2025-2960,0,0,c3d0db303cca848fbbc44321d4a2627efd9c17f1dd9bd3222aadeac187bb3cc3,2025-03-30T21:15:32.143000
CVE-2025-2961,1,1,40343ba1dff53e3d26f084a8364379afb407239058565a02a4f5e10c05608d06,2025-03-30T22:15:15.293000
CVE-2025-2963,1,1,7935bf29cf82104e394f20a41a12f7131573cfa70725a19775826488848d4213,2025-03-30T22:15:15.597000
CVE-2025-2961,0,0,40343ba1dff53e3d26f084a8364379afb407239058565a02a4f5e10c05608d06,2025-03-30T22:15:15.293000
CVE-2025-2963,0,0,7935bf29cf82104e394f20a41a12f7131573cfa70725a19775826488848d4213,2025-03-30T22:15:15.597000
CVE-2025-29635,0,0,777467e4305cb03534788245920edd5bae11b2ba20b7be470dbace3c9dda6025,2025-03-27T16:45:46.410000
CVE-2025-2964,1,1,f792eb8dbb924c494beec0502f23ec0d845150b3f1a6766a57443bf372d2e87b,2025-03-30T23:15:40.477000
CVE-2025-2964,0,0,f792eb8dbb924c494beec0502f23ec0d845150b3f1a6766a57443bf372d2e87b,2025-03-30T23:15:40.477000
CVE-2025-29640,0,0,684661940e38e3fbc4f2676adca19fd07a4b95839bb039ae44b7731f40899f4a,2025-03-24T18:15:23.613000
CVE-2025-29641,0,0,da834c0947f85989328576ecb3102fddbcebc6673f6bdf9795762806f49bd137,2025-03-24T18:15:23.773000
CVE-2025-2965,1,1,ca30ec54806de204f68473d4384fb878343a159e22554244bec17979a1a1d2b3,2025-03-30T23:15:41.523000
CVE-2025-2965,0,0,ca30ec54806de204f68473d4384fb878343a159e22554244bec17979a1a1d2b3,2025-03-30T23:15:41.523000
CVE-2025-2966,1,1,337b112ac2971ec98b1bcb201e9bbb3293d96bf5a3a61b4fea7d3cc98a57603f,2025-03-31T00:15:14.633000
CVE-2025-2967,1,1,0466d496cdb31951753d98574cf5b01d0c507f87266ba4b977181a8abfdbc7a8,2025-03-31T01:15:40.113000
CVE-2025-2968,1,1,dc093bfbb8686bf3ae9cc9cf59813c15185884da5b9ac38e74fa0b665f3c44b1,2025-03-31T01:15:40.303000
CVE-2025-29768,0,0,492de4cf9bc586f0c097ff358f0d6522edec16b3a3700b1c85d835d10d900b1f,2025-03-13T17:15:37.623000
CVE-2025-29770,0,0,64a7761b4081159cba0465c32543c25f86c7bc3fdca10868943a613198ef8db7,2025-03-19T16:15:31.977000
CVE-2025-29771,0,0,40341ca82018118ee52a3bd3891794f5bfb5824a75c694db796b525153dba5da,2025-03-14T19:15:48.847000

Can't render this file because it is too large.