admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 19:16:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-03-09T11:00:19.372406+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-03-09 11:03:49 +00:00
parent 88608ce6da
commit 92fc3f4539
4 changed files with 287 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

141
CVE-2025/CVE-2025-21xx/CVE-2025-2118.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-2118",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-09T09:15:11.240",
"lastModified": "2025-03-09T09:15:11.240",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Quantico Tecnologia PRMV 6.48. It has been classified as critical. This affects an unknown part of the file /admin/login.php of the component Login Endpoint. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/yago3008/cves",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.299013",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.299013",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.506948",
"source": "cna@vuldb.com"
}
]
}

137
CVE-2025/CVE-2025-21xx/CVE-2025-2119.json Normal file
View File

@ -0,0 +1,137 @@
{
"id": "CVE-2025-2119",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-09T09:15:12.560",
"lastModified": "2025-03-09T09:15:12.560",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Thinkware Car Dashcam F800 Pro up to 20250226. It has been declared as problematic. This vulnerability affects unknown code of the component Device Registration Handler. The manipulation leads to use of default credentials. It is possible to launch the attack on the physical device. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 1.0,
"baseSeverity": "LOW",
"attackVector": "PHYSICAL",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 2.0,
"baseSeverity": "LOW",
"attackVector": "PHYSICAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.5,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:H/Au:N/C:P/I:N/A:N",
"baseScore": 1.2,
"accessVector": "LOCAL",
"accessComplexity": "HIGH",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"baseSeverity": "LOW",
"exploitabilityScore": 1.9,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1392"
}
]
}
],
"references": [
{
"url": "https://github.com/geo-chen/Thinkware-Dashcam",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.299032",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.299032",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.507326",
"source": "cna@vuldb.com"
}
]
}

10
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-03-09T09:00:19.489086+00:00
2025-03-09T11:00:19.372406+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-03-09T08:15:10.533000+00:00
2025-03-09T09:15:12.560000+00:00
```
### Last Data Feed Release
@ -33,15 +33,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
284566
284568
```
### CVEs added in the last Commit
Recently added CVEs: `2`
- [CVE-2025-2116](CVE-2025/CVE-2025-21xx/CVE-2025-2116.json) (`2025-03-09T07:15:10.003`)
- [CVE-2025-2117](CVE-2025/CVE-2025-21xx/CVE-2025-2117.json) (`2025-03-09T08:15:10.533`)
- [CVE-2025-2118](CVE-2025/CVE-2025-21xx/CVE-2025-2118.json) (`2025-03-09T09:15:11.240`)
- [CVE-2025-2119](CVE-2025/CVE-2025-21xx/CVE-2025-2119.json) (`2025-03-09T09:15:12.560`)
### CVEs modified in the last Commit

6
_state.csv
View File

@ -281526,12 +281526,12 @@ CVE-2025-21156,0,0,27b960f0b5b6864477f57a25e5df52b68937946efa0b6d1473b660f8b7066
CVE-2025-21157,0,0,dc11ff4b6b9e18e8b723fd7cd41934447880c05424133b5ef5cb6054de515224,2025-03-03T14:54:17.487000
CVE-2025-21158,0,0,68d9b59f620ec5478dd99f17f5a82d6ee9d79b9f8dce8ee154ea0f44bd83c1b3,2025-03-03T14:54:17.487000
CVE-2025-21159,0,0,75b81232e76a92c2406023a42299b2d80a3265bf969ddf7c23ff5875e97010cb,2025-02-19T23:05:19.987000
CVE-2025-2116,1,1,9cf5aac929ab2a4cb01f0eb70d95bc3443ad98553fb57c59992aedbbd0380d22,2025-03-09T07:15:10.003000
CVE-2025-2116,0,0,9cf5aac929ab2a4cb01f0eb70d95bc3443ad98553fb57c59992aedbbd0380d22,2025-03-09T07:15:10.003000
CVE-2025-21160,0,0,862a1ab6d16666907185ea583ef8abbee75c3f385bb77ad9385a3d5ed46eef75,2025-02-19T23:10:32.813000
CVE-2025-21161,0,0,dc98f450f7090ac4cd4a639e59b5d7f88758fc138feafd7efe5d6027c5043e86,2025-02-19T23:12:47.180000
CVE-2025-21162,0,0,6d90726fc3556d421d764e82d05572f6298c459c0515652403080fdf9402e9b2,2025-02-11T18:15:28.567000
CVE-2025-21163,0,0,e26246ff0281e90ae86c0be76f49aa0531c32701df080849dd0c8c5912fa53e9,2025-02-19T23:11:21.383000
CVE-2025-2117,1,1,c433443c2971686df66591821ce3726fca7e6d58366225dfa17baadb1f9075a7,2025-03-09T08:15:10.533000
CVE-2025-2117,0,0,c433443c2971686df66591821ce3726fca7e6d58366225dfa17baadb1f9075a7,2025-03-09T08:15:10.533000
CVE-2025-21171,0,0,2ad53d6d5d0803fb4c8aaf281e1d8978f4a504076700f4a844166f5f5c037cc2,2025-02-05T20:07:01.797000
CVE-2025-21172,0,0,2752dda13ef4b5444713f530f6b1dbc287b8cc852b11521802b533a0d95a9bbd,2025-02-05T20:03:33.053000
CVE-2025-21173,0,0,0d0b1ae8deb458c653548eac4fb7e3ee80963ca3f4c83c5e84749f00abaffddc,2025-02-05T18:56:08.103000
@ -281539,6 +281539,7 @@ CVE-2025-21176,0,0,d03f69dcb3b1e51b711d4c41d6bfccaba1562702f0aaad28329089c8f50b7
CVE-2025-21177,0,0,4f903499a658859fcb10826be90a0ea63b63f075823c3150567dddccfd65ed77,2025-02-11T22:19:45.057000
CVE-2025-21178,0,0,c7959eb5f27aa12e423969f2bfc0eb3fb196cb3a2af9c2f656ceade14ab294a1,2025-01-27T18:42:39.560000
CVE-2025-21179,0,0,56c99027ad0d41d9c697e46ad29c10aa7c65635cadb6d982db31f0458c99ddfa,2025-02-25T16:56:10.590000
CVE-2025-2118,1,1,1ac16eac1541ef81454bddc60b2e4c9422f4e5c218b8688a4337305f337d463b,2025-03-09T09:15:11.240000
CVE-2025-21181,0,0,da3a9934c4290b3b670cda21e1ec49e2e6a47888699680facdd72d5c329d6586,2025-03-04T15:15:26.497000
CVE-2025-21182,0,0,cc183a741d3d0b62fc82a334158a2ca4fdae6dba068e1b2b22a750e1789b8393,2025-02-25T16:59:25.820000
CVE-2025-21183,0,0,97c60133d935bc6f85808e271daf514b07d577c1754cf44ed14ffde224dc4835,2025-02-25T17:00:06.170000
@ -281548,6 +281549,7 @@ CVE-2025-21186,0,0,8a8ba48b87441215f1c43ede85a3e2813061bed74393786f63526fd639d8d
CVE-2025-21187,0,0,05994f278acb907e9de51acc1037aa859f6c5afa8dace166ad321c325a389481,2025-02-05T19:14:06.093000
CVE-2025-21188,0,0,b31daea4bb469ad7d6730cf1515cfeaf51d8ab46128508537630adf914f3c6d0,2025-02-28T16:02:50.353000
CVE-2025-21189,0,0,329c5c7b58ec66de4b6d9cd35e4d5fad7c108585bdc451001b100691c802e6da,2025-01-27T18:42:24.057000
CVE-2025-2119,1,1,11c1e79be3bf50aecb03d6336a71ed783eaf7a99a912f6e661ef31e34a8febe6,2025-03-09T09:15:12.560000
CVE-2025-21190,0,0,8b2db67cb947998b5b47f9d8f9638f01b53bd9f51551def40a37a7298cc49d1c,2025-02-28T16:02:50.353000
CVE-2025-21193,0,0,f3dd779a9a437e46fb9f30ebcb1d8f684dbb5bb54fbad7b1b2971d455cbeaf6b,2025-01-27T18:42:17.480000
CVE-2025-21194,0,0,4cbf78ebc8712bf991c571b0aba8e62887ba280acbf4ff53a1e72f262be2e98d,2025-02-11T18:15:30.820000

Can't render this file because it is too large.