admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-05 10:18:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-02-24T17:00:39.541398+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-02-24 17:04:07 +00:00
parent 8ace0774c1
commit 926f2ce3ef
144 changed files with 5155 additions and 1652 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
CVE-2017/CVE-2017-30xx/CVE-2017-3066.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2017-3066",
"sourceIdentifier": "psirt@adobe.com",
"published": "2017-04-27T14:59:00.233",
"lastModified": "2024-11-21T03:24:45.723",
"lastModified": "2025-02-24T16:15:10.670",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -74,6 +94,16 @@
"value": "CWE-502"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"configurations": [

4
CVE-2019/CVE-2019-152xx/CVE-2019-15271.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-15271",
"sourceIdentifier": "psirt@cisco.com",
"published": "2019-11-26T03:15:11.050",
"lastModified": "2024-11-21T04:28:20.240",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:35:55.637",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

16
CVE-2019/CVE-2019-16xx/CVE-2019-1652.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-1652",
"sourceIdentifier": "psirt@cisco.com",
"published": "2019-01-24T15:29:00.953",
"lastModified": "2024-11-21T04:37:01.077",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-02-24T15:03:38.597",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -122,8 +122,10 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "CBB99BF6-11C0-448C-91B2-F03690CE9089"
"criteria": "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.4.2.15",
"versionEndExcluding": "1.4.2.22",
"matchCriteriaId": "DD8708CE-218E-4B82-ACA2-A7FCFEB73086"
}
]
},
@ -149,8 +151,10 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "A402AB90-03C8-4B5B-AEF9-CDAC023DA6D3"
"criteria": "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.4.2.15",
"versionEndExcluding": "1.4.2.22",
"matchCriteriaId": "CF1269CE-6D9B-4497-9987-D107239AB632"
}
]
},

4
CVE-2020/CVE-2020-128xx/CVE-2020-12812.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-12812",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2020-07-24T23:15:12.003",
"lastModified": "2025-02-04T20:15:36.260",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-02-24T15:43:27.603",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2020/CVE-2020-31xx/CVE-2020-3118.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-3118",
"sourceIdentifier": "psirt@cisco.com",
"published": "2020-02-05T18:15:10.907",
"lastModified": "2024-11-21T05:30:21.770",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:35:44.490",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2020/CVE-2020-31xx/CVE-2020-3153.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-3153",
"sourceIdentifier": "psirt@cisco.com",
"published": "2020-02-19T20:15:15.113",
"lastModified": "2024-11-21T05:30:26.193",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:34:56.417",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2020/CVE-2020-31xx/CVE-2020-3161.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-3161",
"sourceIdentifier": "psirt@cisco.com",
"published": "2020-04-15T20:15:15.097",
"lastModified": "2024-11-21T05:30:27.190",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T16:14:27.920",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2020/CVE-2020-32xx/CVE-2020-3259.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-3259",
"sourceIdentifier": "psirt@cisco.com",
"published": "2020-05-06T17:15:12.777",
"lastModified": "2024-11-21T05:30:40.517",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:40:35.140",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

6
CVE-2020/CVE-2020-34xx/CVE-2020-3432.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2020-3432",
"sourceIdentifier": "psirt@cisco.com",
"published": "2025-02-12T00:15:07.670",
"lastModified": "2025-02-18T18:15:09.930",
"lastModified": "2025-02-24T16:15:11.573",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the uninstaller component of Cisco AnyConnect Secure Mobility Client for Mac OS could allow an authenticated, local attacker to corrupt the content of any file in the filesystem.\r\n The vulnerability is due to the incorrect handling of directory paths. An attacker could exploit this vulnerability by creating a symbolic link (symlink) to a target file on a specific path. A successful exploit could allow the attacker to corrupt the contents of the file. If the file is a critical systems file, the exploit could lead to a denial of service condition. To exploit this vulnerability, the attacker would need to have valid credentials on the system."
"value": "A vulnerability in the uninstaller component of Cisco AnyConnect Secure Mobility Client for Mac OS could allow an authenticated, local attacker to corrupt the content of any file in the filesystem.\r\nThe vulnerability is due to the incorrect handling of directory paths. An attacker could exploit this vulnerability by creating a symbolic link (symlink) to a target file on a specific path. A successful exploit could allow the attacker to corrupt the contents of the file. If the file is a critical systems file, the exploit could lead to a denial of service condition. To exploit this vulnerability, the attacker would need to have valid credentials on the system.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
@ -42,7 +42,7 @@
"weaknesses": [
{
"source": "psirt@cisco.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

4
CVE-2020/CVE-2020-34xx/CVE-2020-3433.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-3433",
"sourceIdentifier": "psirt@cisco.com",
"published": "2020-08-17T18:15:12.947",
"lastModified": "2024-11-21T05:31:03.480",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:40:28.853",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2020/CVE-2020-34xx/CVE-2020-3452.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-3452",
"sourceIdentifier": "psirt@cisco.com",
"published": "2020-07-22T20:15:11.970",
"lastModified": "2024-11-21T05:31:05.770",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:40:15.277",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2020/CVE-2020-35xx/CVE-2020-3566.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-3566",
"sourceIdentifier": "psirt@cisco.com",
"published": "2020-08-29T16:15:09.797",
"lastModified": "2024-11-21T05:31:19.740",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:39:27.530",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

6
CVE-2020/CVE-2020-35xx/CVE-2020-3569.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-3569",
"sourceIdentifier": "psirt@cisco.com",
"published": "2020-09-23T01:15:15.503",
"lastModified": "2024-11-21T05:31:20.100",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:39:08.970",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -524,6 +524,7 @@
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz",
"source": "psirt@cisco.com",
"tags": [
"Mitigation",
"Vendor Advisory"
]
},
@ -531,6 +532,7 @@
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
]
}

4
CVE-2020/CVE-2020-35xx/CVE-2020-3580.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-3580",
"sourceIdentifier": "psirt@cisco.com",
"published": "2020-10-21T19:15:18.607",
"lastModified": "2024-11-21T05:31:21.103",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:36:35.007",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2021/CVE-2021-14xx/CVE-2021-1497.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-1497",
"sourceIdentifier": "psirt@cisco.com",
"published": "2021-05-06T13:15:10.500",
"lastModified": "2024-11-21T05:44:29.070",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:36:23.223",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2021/CVE-2021-14xx/CVE-2021-1498.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-1498",
"sourceIdentifier": "psirt@cisco.com",
"published": "2021-05-06T13:15:10.537",
"lastModified": "2024-11-21T05:44:29.210",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:36:01.567",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2021/CVE-2021-226xx/CVE-2021-22600.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-22600",
"sourceIdentifier": "cve-coordination@google.com",
"published": "2022-01-26T14:15:08.123",
"lastModified": "2024-11-21T05:50:21.440",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:41:32.757",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2021/CVE-2021-330xx/CVE-2021-33044.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-33044",
"sourceIdentifier": "cybersecurity@dahuatech.com",
"published": "2021-09-15T22:15:10.497",
"lastModified": "2024-11-21T06:08:10.943",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:01:40.390",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2021/CVE-2021-330xx/CVE-2021-33045.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-33045",
"sourceIdentifier": "cybersecurity@dahuatech.com",
"published": "2021-09-15T22:15:10.687",
"lastModified": "2024-11-21T06:08:11.097",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:01:15.070",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

6
CVE-2021/CVE-2021-337xx/CVE-2021-33742.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-33742",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-06-08T23:15:09.540",
"lastModified": "2025-02-04T18:15:28.917",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:46:27.040",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -95,7 +95,7 @@
"description": [
{
"lang": "en",
"value": "CWE-119"
"value": "CWE-787"
}
]
},

4
CVE-2021/CVE-2021-344xx/CVE-2021-34448.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-34448",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-07-16T21:15:09.580",
"lastModified": "2025-02-04T19:15:24.500",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:48:50.077",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2021/CVE-2021-344xx/CVE-2021-34473.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-34473",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-07-14T18:15:11.163",
"lastModified": "2025-02-04T16:15:33.243",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:47:44.973",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2021/CVE-2021-344xx/CVE-2021-34486.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-34486",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-08-12T18:15:09.190",
"lastModified": "2025-02-04T16:15:33.430",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:47:13.477",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2021/CVE-2021-413xx/CVE-2021-41379.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-41379",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-11-10T01:19:32.127",
"lastModified": "2025-02-04T18:15:29.393",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:45:58.577",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2022/CVE-2022-207xx/CVE-2022-20701.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-20701",
"sourceIdentifier": "psirt@cisco.com",
"published": "2022-02-10T18:15:09.087",
"lastModified": "2024-11-21T06:43:21.653",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:23:58.563",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2022/CVE-2022-208xx/CVE-2022-20821.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-20821",
"sourceIdentifier": "psirt@cisco.com",
"published": "2022-05-26T14:15:08.123",
"lastModified": "2024-11-21T06:43:37.250",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:24:27.177",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

9
CVE-2022/CVE-2022-219xx/CVE-2022-21919.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-21919",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-01-11T21:15:13.463",
"lastModified": "2025-02-04T18:15:31.033",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:45:53.143",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -238,7 +238,10 @@
},
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21919",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2022/CVE-2022-219xx/CVE-2022-21971.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-21971",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-02-09T17:15:08.640",
"lastModified": "2025-01-29T21:15:12.387",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:49:16.387",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2022/CVE-2022-219xx/CVE-2022-21999.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-21999",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-02-09T17:15:09.563",
"lastModified": "2025-01-29T21:15:12.597",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:49:00.477",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2022/CVE-2022-245xx/CVE-2022-24521.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-24521",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-04-15T19:15:11.107",
"lastModified": "2025-02-04T15:15:15.040",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:48:24.020",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2022/CVE-2022-269xx/CVE-2022-26904.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-26904",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-04-15T19:15:15.027",
"lastModified": "2025-02-04T19:15:25.737",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:48:46.037",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

10
CVE-2022/CVE-2022-269xx/CVE-2022-26923.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-26923",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-05-10T21:15:10.133",
"lastModified": "2025-02-04T19:15:25.930",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:48:42.047",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -186,7 +186,11 @@
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26923",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-26923",

10
CVE-2022/CVE-2022-269xx/CVE-2022-26925.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-26925",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-05-10T21:15:10.187",
"lastModified": "2025-02-04T19:15:26.153",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:48:37.850",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -232,7 +232,11 @@
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26925",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-26925",

10
CVE-2022/CVE-2022-410xx/CVE-2022-41040.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-41040",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-10-03T01:15:08.753",
"lastModified": "2025-02-04T19:15:26.590",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:48:30.437",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -105,7 +105,11 @@
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41040",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://packetstormsecurity.com/files/170066/Microsoft-Exchange-ProxyNotShell-Remote-Code-Execution.html",

4
CVE-2022/CVE-2022-410xx/CVE-2022-41073.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-41073",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-11-09T22:15:21.207",
"lastModified": "2025-02-04T15:15:16.030",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:48:06.973",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

9
CVE-2022/CVE-2022-410xx/CVE-2022-41082.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-41082",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-10-03T01:15:08.843",
"lastModified": "2025-02-04T18:15:32.070",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:45:38.267",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -105,7 +105,10 @@
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41082",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://packetstormsecurity.com/files/170066/Microsoft-Exchange-ProxyNotShell-Remote-Code-Execution.html",

4
CVE-2022/CVE-2022-411xx/CVE-2022-41125.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-41125",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-11-09T22:15:25.307",
"lastModified": "2025-02-04T16:15:34.370",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:47:00.947",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2022/CVE-2022-413xx/CVE-2022-41328.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-41328",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2023-03-07T17:15:12.093",
"lastModified": "2024-11-21T07:23:03.750",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-02-24T15:45:02.397",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

8
CVE-2022/CVE-2022-424xx/CVE-2022-42475.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-42475",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2023-01-02T09:15:09.490",
"lastModified": "2024-11-21T07:25:02.680",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-02-24T15:44:21.153",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -190,8 +190,8 @@
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0.0",
"versionEndIncluding": "2.0.11",
"matchCriteriaId": "6607C71D-D434-430A-8DFD-9125381D2D36"
"versionEndExcluding": "2.0.12",
"matchCriteriaId": "954674E3-7E54-4D94-80DE-CB73AE0452EA"
},
{
"vulnerable": true,

32
CVE-2022/CVE-2022-483xx/CVE-2022-48352.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-48352",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-03-27T22:15:20.207",
"lastModified": "2024-11-21T07:33:13.967",
"lastModified": "2025-02-24T15:15:10.903",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-665"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-665"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-483xx/CVE-2022-48353.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-48353",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-03-27T22:15:20.310",
"lastModified": "2024-11-21T07:33:14.083",
"lastModified": "2025-02-24T15:15:11.180",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"configurations": [

24
CVE-2023/CVE-2023-201xx/CVE-2023-20109.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20109",
"sourceIdentifier": "psirt@cisco.com",
"published": "2023-09-27T18:15:10.860",
"lastModified": "2024-11-21T07:40:34.167",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:23:16.197",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -1797,11 +1797,6 @@
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)e10d:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD4AF73-6C03-4978-BC43-857188BF7E4B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)e10e:*:*:*:*:*:*:*",
"matchCriteriaId": "CD7EF09E-2D74-4B05-B36E-263E35448FC1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)ea:*:*:*:*:*:*:*",
@ -3767,11 +3762,6 @@
"criteria": "cpe:2.3:o:cisco:ios_xe:3.8.10e:*:*:*:*:*:*:*",
"matchCriteriaId": "2CA1D885-2270-4370-9F3F-CA80B0E96DD5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.8.10ee:*:*:*:*:*:*:*",
"matchCriteriaId": "9D497018-2ED5-4A0C-9E1E-1441C7F596D4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.9.0as:*:*:*:*:*:*:*",
@ -5182,6 +5172,11 @@
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "280D24C6-A2BF-46E8-B512-6A3FA7833922"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "1F903F51-ABF4-49B0-A5BA-A6B51F79666F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.7.1:*:*:*:*:*:*:*",
@ -5257,11 +5252,6 @@
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "BD27DF50-9E81-4EC5-BA73-513F1DFB972C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.2b:*:*:*:*:*:*:*",
"matchCriteriaId": "91A099C9-0C81-4819-BE4A-FE59144C55BD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.3:*:*:*:*:*:*:*",

1233
CVE-2023/CVE-2023-202xx/CVE-2023-20269.json
View File

File diff suppressed because it is too large Load Diff

32
CVE-2023/CVE-2023-209xx/CVE-2023-20993.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-20993",
"sourceIdentifier": "security@android.com",
"published": "2023-03-24T20:15:12.130",
"lastModified": "2024-11-21T07:41:57.913",
"lastModified": "2025-02-24T15:15:11.343",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-755"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-755"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-210xx/CVE-2023-21013.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-21013",
"sourceIdentifier": "security@android.com",
"published": "2023-03-24T20:15:13.037",
"lastModified": "2024-11-21T07:42:00.110",
"lastModified": "2025-02-24T15:15:11.543",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-125"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-210xx/CVE-2023-21020.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-21020",
"sourceIdentifier": "security@android.com",
"published": "2023-03-24T20:15:13.287",
"lastModified": "2024-11-21T07:42:00.867",
"lastModified": "2025-02-24T15:15:11.720",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-210xx/CVE-2023-21047.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-21047",
"sourceIdentifier": "security@android.com",
"published": "2023-03-24T20:15:14.197",
"lastModified": "2024-11-21T07:42:03.770",
"lastModified": "2025-02-24T15:15:11.890",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-119"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"configurations": [

4
CVE-2023/CVE-2023-217xx/CVE-2023-21715.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-21715",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-02-14T20:15:14.280",
"lastModified": "2025-02-04T17:15:11.147",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:46:48.727",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2023/CVE-2023-248xx/CVE-2023-24880.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-24880",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-03-14T17:15:17.683",
"lastModified": "2025-02-04T15:15:16.667",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:48:01.833",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

32
CVE-2023/CVE-2023-284xx/CVE-2023-28470.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-28470",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-03-23T01:15:12.317",
"lastModified": "2024-11-21T07:55:09.477",
"lastModified": "2025-02-24T16:15:11.737",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-306"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-286xx/CVE-2023-28679.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-28679",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-04-02T21:15:09.240",
"lastModified": "2024-11-21T07:55:47.547",
"lastModified": "2025-02-24T15:15:12.050",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

26
CVE-2023/CVE-2023-353xx/CVE-2023-35311.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35311",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:17.177",
"lastModified": "2025-02-04T18:15:34.150",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:45:28.853",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -82,16 +82,6 @@
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-367"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
@ -101,7 +91,7 @@
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -109,6 +99,16 @@
"value": "CWE-367"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-367"
}
]
}
],
"configurations": [

44
CVE-2024/CVE-2024-107xx/CVE-2024-10763.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10763",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-13T05:15:12.943",
"lastModified": "2025-02-13T05:15:12.943",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-24T16:41:26.690",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -42,23 +42,57 @@
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apuswp:campress:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.35",
"matchCriteriaId": "E46EEC69-2827-4E8B-95EF-DB1C69881C09"
}
]
}
]
}
],
"references": [
{
"url": "https://themeforest.net/item/campress-responsive-education-courses-and-events-wordpress-theme/19355619",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d818b467-a893-4f4f-b623-abff99ef37b4?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

69
CVE-2024/CVE-2024-120xx/CVE-2024-12041.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-12041",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-01T06:15:29.527",
"lastModified": "2025-02-01T06:15:29.527",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-02-24T16:05:18.207",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,6 +19,26 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -42,27 +62,64 @@
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-359"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpwax:directorist:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "8.1",
"matchCriteriaId": "54E6D716-FD5C-4A7F-AA25-541983BA57E9"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3208874/directorist/tags/8.0.9/includes/rest-api/Version1/class-users-controller.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3231156/directorist/tags/8.1/includes/rest-api/Version1/class-users-controller.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0d9817ff-ca56-4941-97bc-f26defe7ddd5?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

37
CVE-2024/CVE-2024-121xx/CVE-2024-12184.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-12184",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-01T04:15:30.443",
"lastModified": "2025-02-01T04:15:30.443",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-02-24T16:48:58.427",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,18 +51,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cimatti:wordpress_contact_forms:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.9.5",
"matchCriteriaId": "76073E28-ABA2-4035-80A2-DF1E6C0B121A"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3231363%40contact-forms&new=3231363%40contact-forms&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3232168%40contact-forms&new=3232168%40contact-forms&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/695df547-f068-4ac1-926f-80dbf75632dd?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

32
CVE-2024/CVE-2024-126xx/CVE-2024-12620.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-12620",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-01T04:15:30.583",
"lastModified": "2025-02-01T04:15:30.583",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-02-24T16:41:10.847",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:creativeinteractivemedia:animategl_animations:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.4.23",
"matchCriteriaId": "769B6217-EA5F-436C-9EEE-FA4DC3F60A91"
}
]
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/animategl/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/841a028d-ff36-4e3f-903b-e25951648075?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

56
CVE-2024/CVE-2024-129xx/CVE-2024-12916.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-12916",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2025-02-24T15:15:12.240",
"lastModified": "2025-02-24T15:15:12.240",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Agito Computer Life4All allows SQL Injection.This issue affects Life4All: before 10.01.2025."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-25-0042",
"source": "iletisim@usom.gov.tr"
}
]
}

56
CVE-2024/CVE-2024-129xx/CVE-2024-12917.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-12917",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2025-02-24T15:15:12.383",
"lastModified": "2025-02-24T15:15:12.383",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Files or Directories Accessible to External Parties vulnerability in Agito Computer Health4All allows Exploiting Incorrectly Configured Access Control Security Levels, Authentication Abuse.This issue affects Health4All: before 10.01.2025."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 5.5
}
]
},
"weaknesses": [
{
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-552"
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-25-0042",
"source": "iletisim@usom.gov.tr"
}
]
}

56
CVE-2024/CVE-2024-129xx/CVE-2024-12918.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-12918",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2025-02-24T15:15:12.537",
"lastModified": "2025-02-24T15:15:12.537",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Agito Computer Health4All allows SQL Injection.This issue affects Health4All: before 10.01.2025."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-25-0042",
"source": "iletisim@usom.gov.tr"
}
]
}

70
CVE-2024/CVE-2024-132xx/CVE-2024-13227.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13227",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-13T05:15:13.727",
"lastModified": "2025-02-13T05:15:13.727",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-24T16:44:13.157",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -51,26 +71,60 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rankmath:seo:*:*:*:*:free:wordpress:*:*",
"versionEndExcluding": "1.0.236",
"matchCriteriaId": "B4C1FD19-885F-49CB-BFA6-37BD2D7FBA26"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/seo-by-rank-math/trunk/includes/rest/class-shared.php#L257",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3222905/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://rankmath.com/changelog/free/page/2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://wordpress.org/plugins/seo-by-rank-math/#developers",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product",
"Release Notes"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/24df10fb-5143-478e-90f0-27f604ad43ee?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

44
CVE-2024/CVE-2024-133xx/CVE-2024-13343.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13343",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-01T04:15:30.717",
"lastModified": "2025-02-01T04:15:30.717",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-02-24T16:21:30.933",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -42,23 +42,57 @@
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vanquish:woocommerce_customers_manager:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "31.4",
"matchCriteriaId": "ADA0EC91-5D22-4D0C-A1A2-687283717151"
}
]
}
]
}
],
"references": [
{
"url": "https://codecanyon.net/item/woocommerce-customers-manager/10965432",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/193c9fe9-17bc-47e7-b93d-dfcebcf8004d?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

54
CVE-2024/CVE-2024-133xx/CVE-2024-13374.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13374",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-12T06:15:19.303",
"lastModified": "2025-02-12T06:15:19.303",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-24T15:55:44.733",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -51,14 +71,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:joomunited:wp_table_manager:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.1.4",
"matchCriteriaId": "12FC9BA5-82CC-4871-A715-A19104A94402"
}
]
}
]
}
],
"references": [
{
"url": "https://www.joomunited.com/wordpress-products/wp-table-manager",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/128bc7ee-9763-415f-b726-0e63d4b62271?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

54
CVE-2024/CVE-2024-135xx/CVE-2024-13547.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13547",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-01T04:15:30.857",
"lastModified": "2025-02-01T04:15:30.857",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-02-24T16:16:56.543",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -51,14 +71,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:athemes:athemes_addons_for_elementor:*:*:*:*:free:wordpress:*:*",
"versionEndExcluding": "1.0.13",
"matchCriteriaId": "536B04BA-5EEC-417F-AD26-7556503676A9"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3230740/athemes-addons-for-elementor-lite/trunk/inc/modules/widgets/image-accordion/class-image-accordion.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1e0f7686-1c8c-49d6-9d0b-3c8df6c24d0d?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

54
CVE-2024/CVE-2024-135xx/CVE-2024-13573.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13573",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-18T05:15:14.007",
"lastModified": "2025-02-18T05:15:14.007",
"vulnStatus": "Received",
"lastModified": "2025-02-24T15:40:57.757",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -51,14 +71,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:softdiscover:zigaform:*:*:*:*:lite:wordpress:*:*",
"versionEndIncluding": "7.4.2",
"matchCriteriaId": "928A5CA9-ED04-449E-A239-077D638B0B3F"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/zigaform-form-builder-lite/trunk/modules/formbuilder/controllers/uiform-fb-controller-frontend.php#L366",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/768d0ef5-5213-4283-b95e-ddfe0d2196bf?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

54
CVE-2024/CVE-2024-135xx/CVE-2024-13576.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13576",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-18T05:15:14.157",
"lastModified": "2025-02-18T05:15:14.157",
"vulnStatus": "Received",
"lastModified": "2025-02-24T15:42:32.780",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -51,14 +71,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adityapatadia:gumlet_video:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.0.4",
"matchCriteriaId": "373BB5ED-03A5-4318-BBE2-BD98ED3105DA"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/gumlet-video/tags/1.0.3/gumlet-video.php#L112",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6b8b94fc-9ae7-47f3-b804-92d0948b662e?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

49
CVE-2024/CVE-2024-136xx/CVE-2024-13600.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13600",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-12T06:15:19.643",
"lastModified": "2025-02-12T06:15:19.643",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-24T15:56:30.290",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -42,27 +42,64 @@
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:majesticsupport:majestic_support:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.0.6",
"matchCriteriaId": "1C81ADD0-65E9-4F00-98B4-3B2E0443AD50"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/majestic-support/tags/1.0.5/includes/classes/uploads.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3231938/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c5a8fd90-49dd-4a5e-88f2-cd6b338da2d6?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

32
CVE-2024/CVE-2024-136xx/CVE-2024-13654.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13654",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-12T05:15:11.987",
"lastModified": "2025-02-12T05:15:11.987",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-24T15:45:29.457",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mvpthemes:zoxpress:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.12.1",
"matchCriteriaId": "916710F8-20C4-4DDB-AE61-C1DE6852390E"
}
]
}
]
}
],
"references": [
{
"url": "https://themeforest.net/item/zoxpress-allinone-wordpress-news-theme/25586170",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f616be03-229b-4c50-b837-508da4d2b090?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

32
CVE-2024/CVE-2024-136xx/CVE-2024-13656.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13656",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-12T05:15:12.143",
"lastModified": "2025-02-12T05:15:12.143",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-24T15:46:39.887",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mvpthemes:click_mag:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.7.0",
"matchCriteriaId": "58DF9EAA-88DD-4E4C-BF8F-B770B958A2F3"
}
]
}
]
}
],
"references": [
{
"url": "https://themeforest.net/item/click-mag-viral-wordpress-news-magazineblog-theme/18081003",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ee5df5fe-4213-4d36-aa8f-7eb2710c32b6?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

54
CVE-2024/CVE-2024-136xx/CVE-2024-13658.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13658",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-12T05:15:12.320",
"lastModified": "2025-02-12T05:15:12.320",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-24T15:49:58.910",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -51,14 +71,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpo-hr:ngg_smart_image_search:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.3.2",
"matchCriteriaId": "BA5220BA-971E-487F-9490-31CDB7330103"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3233519%40ngg-smart-image-search&new=3233519%40ngg-smart-image-search&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d916e320-e78b-4305-a4da-10c6fb8db41a?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

54
CVE-2024/CVE-2024-136xx/CVE-2024-13665.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13665",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-12T05:15:12.483",
"lastModified": "2025-02-12T05:15:12.483",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-24T15:51:18.327",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -51,14 +71,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sktthemes:admire_extra:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.7",
"matchCriteriaId": "3B6EDE5C-E03D-4E0D-B161-C1EC47F6F5AC"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3233979%40admire-extra&new=3233979%40admire-extra",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bf682127-4b97-44ce-a94d-3a237c5af1cc?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

66
CVE-2024/CVE-2024-137xx/CVE-2024-13769.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13769",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-12T05:15:12.637",
"lastModified": "2025-02-12T05:15:12.637",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-24T15:54:05.167",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -36,29 +36,83 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:themerex:puzzles:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.2.5",
"matchCriteriaId": "5AAE3046-FED7-4569-A768-9BC8A285190C"
}
]
}
]
}
],
"references": [
{
"url": "https://themeforest.net/item/puzzles-wordpress-magazinereview-with-wooc/5690583",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3c22d064-348d-4335-beaf-22dcdcf88518?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

32
CVE-2024/CVE-2024-138xx/CVE-2024-13800.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13800",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-12T05:15:12.810",
"lastModified": "2025-02-12T05:15:12.810",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-24T15:55:09.120",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:convertplug:convertplus:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.5.31",
"matchCriteriaId": "D487C5EA-9EF9-4B42-BEA2-47AAD239DA76"
}
]
}
]
}
],
"references": [
{
"url": "https://www.convertplug.com/plus/product/convertplug/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/580ae2da-76f2-42b3-a26c-62ad8d6d1686?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

10
CVE-2024/CVE-2024-300xx/CVE-2024-30040.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-30040",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-05-14T17:17:12.410",
"lastModified": "2025-01-28T17:15:24.213",
"vulnStatus": "Modified",
"lastModified": "2025-02-24T15:50:23.420",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -66,7 +66,7 @@
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -76,7 +76,7 @@
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"type": "Primary",
"description": [
{
"lang": "en",
@ -86,7 +86,7 @@
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

4
CVE-2024/CVE-2024-547xx/CVE-2024-54772.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-54772",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-11T23:15:09.117",
"lastModified": "2025-02-12T22:15:40.110",
"lastModified": "2025-02-24T16:15:12.213",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Winbox service of MikroTik RouterOS v6.43 through v7.16.1. A discrepancy in response times between connection attempts made with a valid username and those with an invalid username allows attackers to enumerate for valid accounts."
"value": "An issue was discovered in the Winbox service of MikroTik RouterOS long-term release v6.43.13 through v6.49.13 and stable v6.43 through v7.17.2. A patch is available in the stable release v6.49.18. A discrepancy in response size between connection attempts made with a valid username and those with an invalid username allows attackers to enumerate for valid accounts."
},
{
"lang": "es",

29
CVE-2024/CVE-2024-568xx/CVE-2024-56897.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-56897",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-24T16:15:12.463",
"lastModified": "2025-02-24T16:15:12.463",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in the HTTP server in YI Car Dashcam v3.88 allows unrestricted file downloads, uploads, and API commands. API commands can also be made to make unauthorized modifications to the device settings, such as disabling recording, disabling sounds, factory reset."
}
],
"metrics": {},
"references": [
{
"url": "https://geochen.medium.com/cve-2024-56897-yi-car-dashcam-39304a4b21b4",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/geo-chen/YI-Smart-Dashcam/",
"source": "cve@mitre.org"
},
{
"url": "https://yitechnology.com.sg/products/dash-camera/",
"source": "cve@mitre.org"
}
]
}

61
CVE-2024/CVE-2024-569xx/CVE-2024-56938.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56938",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-12T22:15:40.430",
"lastModified": "2025-02-14T20:15:33.927",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-02-24T16:33:42.337",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,14 +81,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:learndash:learndash:6.7.1:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "ECD966AA-D79D-4986-A978-EFF6D03AE45B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/nikolas-ch/CVEs/tree/main/LearnDash_v6.7.1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/nikolas-ch/CVEs/blob/main/LearnDash_v6.7.1/CVE-2024-56938/StoredXSS_MaterialsContent_LearnDash_v6.7.1.PNG",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

61
CVE-2024/CVE-2024-569xx/CVE-2024-56939.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56939",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-12T22:15:40.530",
"lastModified": "2025-02-14T20:15:34.140",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-02-24T16:34:05.060",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,14 +81,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:learndash:learndash:6.7.1:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "ECD966AA-D79D-4986-A978-EFF6D03AE45B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/nikolas-ch/CVEs/tree/main/LearnDash_v6.7.1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/nikolas-ch/CVEs/blob/main/LearnDash_v6.7.1/CVE-2024-56939/StoredXSS_LDCommentBody_LearnDash_v6.7.1.PNG",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

63
CVE-2024/CVE-2024-569xx/CVE-2024-56940.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56940",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-12T22:15:40.643",
"lastModified": "2025-02-18T18:15:27.463",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-02-24T16:34:30.233",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,11 +15,66 @@
"value": "Un problema en la funci\u00f3n de carga de im\u00e1genes de perfil de LearnDash v6.7.1 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) mediante cargas excesivas de archivos."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:learndash:learndash:6.7.1:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "ECD966AA-D79D-4986-A978-EFF6D03AE45B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/nikolas-ch/CVEs/tree/main/LearnDash_v6.7.1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

64
CVE-2024/CVE-2024-576xx/CVE-2024-57602.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-57602",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-12T22:15:40.867",
"lastModified": "2025-02-12T22:15:40.867",
"vulnStatus": "Received",
"lastModified": "2025-02-24T16:40:27.567",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,11 +15,67 @@
"value": "Un problema en Alex Tselegidis EasyAppointments v.1.5.0 permite a un atacante remoto escalar privilegios a trav\u00e9s del archivo index.php."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:easyappointments:easyappointments:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EDEF4F7C-3B6E-4278-81C6-77D85F626E94"
}
]
}
]
}
],
"references": [
{
"url": "https://hkohi.ca/vulnerability/12",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

59
CVE-2024/CVE-2024-60xx/CVE-2024-6097.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6097",
"sourceIdentifier": "security@progress.com",
"published": "2025-02-12T18:15:21.977",
"lastModified": "2025-02-12T18:15:21.977",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-24T16:31:32.893",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,25 +36,76 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@progress.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-36"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:progress:telerik_reporting:*:*:*:*:*:*:*:*",
"versionEndExcluding": "19.0.25.211",
"matchCriteriaId": "402A86E7-1D88-4985-86FB-D91E0F63F795"
}
]
}
]
}
],
"references": [
{
"url": "https://docs.telerik.com/reporting/knowledge-base/kb-security-absolute-path-traversal-CVE-2024-6097",
"source": "security@progress.com"
"source": "security@progress.com",
"tags": [
"Vendor Advisory"
]
}
]
}

32
CVE-2025/CVE-2025-03xx/CVE-2025-0365.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-0365",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-01T06:15:31.213",
"lastModified": "2025-02-01T06:15:31.213",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-02-24T15:56:57.453",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:artbees:jupiter_x_core:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.8.8",
"matchCriteriaId": "E0A7CCAB-3FA9-4EFE-8BD2-5C479D5E3EF3"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3231122/jupiterx-core/trunk/includes/extensions/raven/includes/modules/inline-svg/widgets/inline-svg.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d3bc5ef7-6825-463f-a3ce-d6ab1fc0e030?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

49
CVE-2025/CVE-2025-03xx/CVE-2025-0366.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-0366",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-01T06:15:31.367",
"lastModified": "2025-02-01T06:15:31.367",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-02-24T15:56:36.713",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -42,27 +42,64 @@
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-98"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:artbees:jupiter_x_core:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.8.8",
"matchCriteriaId": "E0A7CCAB-3FA9-4EFE-8BD2-5C479D5E3EF3"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3231122/jupiterx-core/trunk/includes/extensions/raven/includes/modules/forms/classes/ajax-handler.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3231122/jupiterx-core/trunk/includes/extensions/raven/includes/modules/video/widgets/video.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1a20dc1d-eb7c-47ac-ad9a-ec4c0d5db62e?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

82
CVE-2025/CVE-2025-11xx/CVE-2025-1197.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-1197",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-02-12T13:15:08.983",
"lastModified": "2025-02-18T18:15:33.303",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-02-24T16:15:20.820",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -80,6 +80,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [
@ -111,7 +131,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -122,28 +142,74 @@
"value": "CWE-89"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fabianros:real_estate_property_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8974B5B-08CE-4EDC-8B76-7074DD336CE2"
}
]
}
]
}
],
"references": [
{
"url": "https://code-projects.org/",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/YinshengLu/CVE/blob/main/cve3.pdf",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.295105",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.295105",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.496856",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

14
CVE-2025/CVE-2025-15xx/CVE-2025-1555.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-1555",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-02-21T21:15:13.703",
"lastModified": "2025-02-21T21:15:13.703",
"lastModified": "2025-02-24T15:15:12.810",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in hzmanyun Education and Training System 3.1.1. This vulnerability affects the function saveImage. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en hzmanyun Education and Training System 3.1.1. Esta vulnerabilidad afecta a la funci\u00f3n saveImage. La manipulaci\u00f3n del archivo de argumentos permite la carga sin restricciones. El ataque se puede iniciar de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse. Se contact\u00f3 al proveedor con anticipaci\u00f3n sobre esta revelaci\u00f3n, pero no respondi\u00f3 de ninguna manera."
}
],
"metrics": {
@ -59,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +111,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -136,6 +140,10 @@
{
"url": "https://vuldb.com/?submit.496932",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/Rain1er/report/blob/main/CDG/bnhiMg%3D%3D.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

10
CVE-2025/CVE-2025-16xx/CVE-2025-1632.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-1632",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-02-24T14:15:11.590",
"lastModified": "2025-02-24T14:15:11.590",
"lastModified": "2025-02-24T15:15:13.217",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -59,7 +59,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
@ -107,7 +107,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -136,6 +136,10 @@
{
"url": "https://vuldb.com/?submit.496460",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/Ekkosun/pocs/blob/main/bsdunzip-poc",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

67
CVE-2025/CVE-2025-230xx/CVE-2025-23017.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2025-23017",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-24T15:15:13.393",
"lastModified": "2025-02-24T16:15:14.420",
"vulnStatus": "Received",
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"exclusively-hosted-service"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "WorkOS Hosted AuthKit before 2025-01-07 allows a password authentication MFA bypass (by enrolling a new authentication factor) when the attacker knows the user's password. No exploitation occurred."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-305"
}
]
}
],
"references": [
{
"url": "https://workos.com/security/advisories",
"source": "cve@mitre.org"
},
{
"url": "https://www.authkit.com",
"source": "cve@mitre.org"
}
]
}

11
CVE-2025/CVE-2025-245xx/CVE-2025-24527.json
View File

@ -2,9 +2,16 @@
"id": "CVE-2025-24527",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-29T17:15:29.873",
"lastModified": "2025-02-06T08:15:30.500",
"lastModified": "2025-02-24T16:15:14.683",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"exclusively-hosted-service"
]
}
],
"descriptions": [
{
"lang": "en",

12
CVE-2025/CVE-2025-252xx/CVE-2025-25282.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-25282",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-02-21T21:15:23.590",
"lastModified": "2025-02-21T21:15:23.590",
"lastModified": "2025-02-24T15:15:13.620",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine based on deep document understanding. An authenticated user can exploit the Insecure Direct Object Reference (IDOR) vulnerability that may lead to unauthorized cross-tenant access (list tenant user accounts, add user account into other tenant). Unauthorized cross-tenant access: list user from other tenant (e.g., via GET /<tenant_id>/user/list), add user account to other tenant (POST /<tenant_id>/user). This issue has not yet been patched. Users are advised to reach out to the project maintainers to coordinate a fix."
},
{
"lang": "es",
"value": "RAGFlow es un motor RAG (Retrieval-Augmented Generation) de c\u00f3digo abierto basado en una comprensi\u00f3n profunda de los documentos. Un usuario autenticado puede explotar la vulnerabilidad de referencia directa a objetos inseguros (IDOR) que puede provocar un acceso no autorizado entre inquilinos (enumerar cuentas de usuario de inquilinos, agregar una cuenta de usuario a otro inquilino). Acceso no autorizado entre inquilinos: enumerar usuarios de otros inquilinos (por ejemplo, a trav\u00e9s de GET //user/list), agregar una cuenta de usuario a otro inquilino (POST //user). Este problema a\u00fan no se ha solucionado. Se recomienda a los usuarios que se pongan en contacto con los encargados del mantenimiento del proyecto para coordinar una soluci\u00f3n."
}
],
"metrics": {
@ -38,7 +42,7 @@
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,6 +55,10 @@
{
"url": "https://github.com/infiniflow/ragflow/security/advisories/GHSA-wc5v-g79p-7hch",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/infiniflow/ragflow/security/advisories/GHSA-wc5v-g79p-7hch",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

25
CVE-2025/CVE-2025-254xx/CVE-2025-25460.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2025-25460",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-24T16:15:14.873",
"lastModified": "2025-02-24T16:15:14.873",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stored Cross-Site Scripting (XSS) vulnerability was identified in FlatPress 1.3.1 within the \"Add Entry\" feature. This vulnerability allows authenticated attackers to inject malicious JavaScript payloads into blog posts, which are executed when other users view the posts. The issue arises due to improper input sanitization of the \"TextArea\" field in the blog entry submission form."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/RoNiXxCybSeC0101/CVE-2025-25460",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/flatpressblog/flatpress",
"source": "cve@mitre.org"
}
]
}

76
CVE-2025/CVE-2025-257xx/CVE-2025-25746.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-25746",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-12T17:15:24.500",
"lastModified": "2025-02-12T17:15:24.500",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-24T16:30:37.200",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,11 +15,79 @@
"value": "Se descubri\u00f3 que D-Link DIR-853 A1 FW1.20B07 conten\u00eda una vulnerabilidad de desbordamiento de b\u00fafer basada en pila a trav\u00e9s del par\u00e1metro Contrase\u00f1a en el m\u00f3dulo SetWanSettings."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dir-853_firmware:1.20b07:*:*:*:*:*:*:*",
"matchCriteriaId": "DD86F202-BD48-4C40-97C1-8D74422FF28E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dir-853:a1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B2B23D3-C719-4537-9F25-7302A7159F9A"
}
]
}
]
}
],
"references": [
{
"url": "https://dear-sunshine-ba5.notion.site/D-Link-DIR-853-5-1812386a66448044b489f223b8c2e78a",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

72
CVE-2025/CVE-2025-268xx/CVE-2025-26803.json Normal file
View File

@ -0,0 +1,72 @@
{
"id": "CVE-2025-26803",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-24T16:15:15.020",
"lastModified": "2025-02-24T16:15:15.020",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The http parser in Phusion Passenger 6.0.21 through 6.0.25 before 6.0.26 allows a denial of service during parsing of a request with an invalid HTTP method."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-908"
}
]
}
],
"references": [
{
"url": "https://blog.phusion.nl/2025/02/19/passenger-6-0-26/",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/phusion/passenger/commit/bb15591646687064ab2d578d5f9660b2a4168017",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/phusion/passenger/compare/release-6.0.25...release-6.0.26",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/phusion/passenger/releases/tag/release-6.0.26",
"source": "cve@mitre.org"
},
{
"url": "https://www.phusionpassenger.com/support",
"source": "cve@mitre.org"
}
]
}

56
CVE-2025/CVE-2025-268xx/CVE-2025-26883.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-26883",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-02-24T15:15:14.007",
"lastModified": "2025-02-24T15:15:14.007",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in bPlugins Animated Text Block allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Animated Text Block: from n/a through 1.0.7."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/animated-text-block/vulnerability/wordpress-animated-text-block-plugin-1-0-7-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-272xx/CVE-2025-27265.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-27265",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-02-24T15:15:14.310",
"lastModified": "2025-02-24T15:15:14.310",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aaron D. Campbell Google Maps for WordPress allows DOM-Based XSS. This issue affects Google Maps for WordPress: from n/a through 1.0.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/google-maps-for-wordpress/vulnerability/wordpress-google-maps-for-wordpress-plugin-1-0-3-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-272xx/CVE-2025-27266.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-27266",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-02-24T15:15:14.443",
"lastModified": "2025-02-24T15:15:14.443",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ignacio Perez Hover Image Button allows DOM-Based XSS. This issue affects Hover Image Button: from n/a through 1.1.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/hover-image-button/vulnerability/wordpress-hover-image-button-plugin-1-1-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-272xx/CVE-2025-27272.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-27272",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-02-24T15:15:14.587",
"lastModified": "2025-02-24T15:15:14.587",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in vinagecko VG PostCarousel allows PHP Local File Inclusion. This issue affects VG PostCarousel: from n/a through 1.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-98"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/vg-postcarousel/vulnerability/wordpress-vg-postcarousel-plugin-1-1-local-file-inclusion-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-272xx/CVE-2025-27276.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-27276",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-02-24T15:15:14.730",
"lastModified": "2025-02-24T15:15:14.730",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in lizeipe Photo Gallery ( Responsive ) allows Privilege Escalation. This issue affects Photo Gallery ( Responsive ): from n/a through 4.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/photo-gallery-pearlbells/vulnerability/wordpress-photo-gallery-responsive-plugin-4-0-csrf-to-privilege-escalation-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-272xx/CVE-2025-27277.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-27277",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-02-24T15:15:14.867",
"lastModified": "2025-02-24T15:15:14.867",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in tiefpunkt Add Linked Images To Gallery allows Cross Site Request Forgery. This issue affects Add Linked Images To Gallery: from n/a through 1.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/add-linked-images-to-gallery-v01/vulnerability/wordpress-add-linked-images-to-gallery-plugin-1-4-csrf-to-stored-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-272xx/CVE-2025-27280.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-27280",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-02-24T15:15:15.007",
"lastModified": "2025-02-24T15:15:15.007",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alobaidi Archive Page allows DOM-Based XSS. This issue affects Archive Page: from n/a through 1.0.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/archive-page/vulnerability/wordpress-archive-page-plugin-1-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-272xx/CVE-2025-27290.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-27290",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-02-24T15:15:15.153",
"lastModified": "2025-02-24T15:15:15.153",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in seyyed-amir Erima Zarinpal Donate allows Cross Site Request Forgery. This issue affects Erima Zarinpal Donate: from n/a through 1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/erima-zarinpal-donate/vulnerability/wordpress-select-erima-zarinpal-donate-plugin-1-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-272xx/CVE-2025-27294.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-27294",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-02-24T15:15:15.287",
"lastModified": "2025-02-24T15:15:15.287",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in platcom WP-Asambleas allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP-Asambleas: from n/a through 2.85.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.2,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/wp-asambleas/vulnerability/wordpress-wp-asambleas-plugin-2-85-0-arbitrary-shortcode-execution-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

Some files were not shown because too many files have changed in this diff Show More