Auto-Update: 2025-07-03T08:00:11.125581+00:00

2025-07-11 16:13:34 +00:00 · 2025-07-03 08:03:47 +00:00 · 2025-07-03 08:03:47 +00:00 · 97a25d336f
commit 97a25d336f
parent cddf944353
4 changed files with 84 additions and 15 deletions
--- a/CVE-2024/CVE-2024-90xx/CVE-2024-9017.json
+++ b/CVE-2024/CVE-2024-90xx/CVE-2024-9017.json
@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-9017",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2025-07-03T07:15:21.860",
+  "lastModified": "2025-07-03T07:15:21.860",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The PeepSo Core: Groups plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Group Description field in all versions up to, and including, 6.4.6.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
+          "baseScore": 7.2,
+          "baseSeverity": "HIGH",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.peepso.com/changelog/",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/32ac79f4-ada7-4c14-8675-53f8375912d8?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}
--- a/CVE-2025/CVE-2025-61xx/CVE-2025-6151.json
+++ b/CVE-2025/CVE-2025-61xx/CVE-2025-6151.json
@ -2,13 +2,20 @@
  "id": "CVE-2025-6151",
  "sourceIdentifier": "cna@vuldb.com",
  "published": "2025-06-17T01:15:23.313",
-  "lastModified": "2025-06-19T01:20:04.247",
-  "vulnStatus": "Analyzed",
-  "cveTags": [],
+  "lastModified": "2025-07-03T06:15:21.047",
+  "vulnStatus": "Modified",
+  "cveTags": [
+    {
+      "sourceIdentifier": "cna@vuldb.com",
+      "tags": [
+        "unsupported-when-assigned"
+      ]
+    }
+  ],
  "descriptions": [
    {
      "lang": "en",
-      "value": "A vulnerability, which was classified as critical, has been found in TP-Link TL-WR940N V4. Affected by this issue is some unknown functionality of the file /userRpm/WanSlaacCfgRpm.htm. The manipulation of the argument dnsserver1 leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
+      "value": "A vulnerability, which was classified as critical, has been found in TP-Link TL-WR940N V4. Affected by this issue is some unknown functionality of the file /userRpm/WanSlaacCfgRpm.htm. The manipulation of the argument dnsserver1 leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer."
    },
    {
      "lang": "es",
@ -169,8 +176,8 @@
      "source": "cna@vuldb.com",
      "tags": [
        "Exploit",
-        "Third Party Advisory",
-        "Issue Tracking"
+        "Issue Tracking",
+        "Third Party Advisory"
      ]
    },
    {
@ -209,8 +216,8 @@
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "Exploit",
-        "Third Party Advisory",
-        "Issue Tracking"
+        "Issue Tracking",
+        "Third Party Advisory"
      ]
    }
  ]
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2025-07-03T06:00:12.114093+00:00
+2025-07-03T08:00:11.125581+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2025-07-03T05:15:25.330000+00:00
+2025-07-03T07:15:21.860000+00:00
 ```

 ### Last Data Feed Release
@ -33,20 +33,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-300104
+300105
 ```

 ### CVEs added in the last Commit

 Recently added CVEs: `1`

- [CVE-2025-5944](CVE-2025/CVE-2025-59xx/CVE-2025-5944.json) (`2025-07-03T05:15:25.330`)
+- [CVE-2024-9017](CVE-2024/CVE-2024-90xx/CVE-2024-9017.json) (`2025-07-03T07:15:21.860`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `0`
+Recently modified CVEs: `1`

+- [CVE-2025-6151](CVE-2025/CVE-2025-61xx/CVE-2025-6151.json) (`2025-07-03T06:15:21.047`)


 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -281925,6 +281925,7 @@ CVE-2024-9011,0,0,24ced7d06552bc9d1dd30636af61f2f64e910b6c47eefac677c31a4765d5a4
 CVE-2024-9014,0,0,220003038e0ed1cc49a0befe3090135c41cd16a5f829c2d65bd6cc8f984c0497,2024-09-26T13:32:55.343000
 CVE-2024-9015,0,0,70610f66e2554a4ae6806b1835adece9ecbb77c46846bbc910eff47baf4dabd3,2025-02-11T02:15:36.640000
 CVE-2024-9016,0,0,4433e8aa830f673f06363371194ce7f1e194c18475143eaf030c41e8abd4610f,2025-04-15T16:15:47.550000
+CVE-2024-9017,1,1,413a2f833956f2c1688737fbb2dd6454d3974bd7e932fc745d7dc0685e55aa07,2025-07-03T07:15:21.860000
 CVE-2024-9018,0,0,9d5f9a71065cb5737c3eb97e3b8fce2545d7a7505edc442df3224ec9cdcd8b15,2024-10-07T19:20:48.293000
 CVE-2024-9019,0,0,e7c280dd9795175417ea8024bce5f2c9bffae51a9cc95a1fdc27d7cf05fb48a9,2025-03-06T17:43:48.203000
 CVE-2024-9020,0,0,5ce246caccb2c0203fb4c1f8ed5d7f546d3c9f2ea8a37ba7d826dd6d43e54b11,2025-05-13T21:23:17.843000
@ -299456,7 +299457,7 @@ CVE-2025-5938,0,0,de6ba49470711279279f27a904465957f8293ec15c3176c20b2597289d4c7b
 CVE-2025-5939,0,0,fae4e42cb7ec096d2eda48ac42042deaadc4d81bda29462ec7008261e2cabbf5,2025-06-16T12:32:18.840000
 CVE-2025-5940,0,0,12f5ab38c06b65e778613d0d51aa6f11358e4f8612cc24f4f82cb80affac2e7b,2025-06-30T18:38:48.477000
 CVE-2025-5943,0,0,35b1a03e31f4997e71998954ee281c02ada0936b00fc64cfacb7aa84cfa29429,2025-06-12T16:06:29.520000
-CVE-2025-5944,1,1,0cfbdd7d7a70c1d816fe8f6235d46ece7906d106888041a45680f2fcd51ae772,2025-07-03T05:15:25.330000
+CVE-2025-5944,0,0,0cfbdd7d7a70c1d816fe8f6235d46ece7906d106888041a45680f2fcd51ae772,2025-07-03T05:15:25.330000
 CVE-2025-5945,0,0,c7e4d5fd43d260b09c3d268ba39649757ca6834ec123b67f85c953ef50c7c56d,2025-06-10T09:15:25.930000
 CVE-2025-5950,0,0,760fa6d42f3c866c98b5e3438e6c6f00bd5fd5520537943b3e544b07838ccbee,2025-06-16T12:32:18.840000
 CVE-2025-5951,0,0,8284d36183b5c5a20ce1ccc5cb7415a68b49193aca2a0e8df993129c1d1d98e3,2025-06-28T23:15:21.963000
@ -299584,7 +299585,7 @@ CVE-2025-6147,0,0,59ecbde0789a8203b15ce4d192e855bbe9b1cda317ee7c6c058f57ec910107
 CVE-2025-6148,0,0,1d80dfd65e83b1c0094d1738353bddfce30f1ccddcddac7fd512e97214056b99,2025-06-23T19:28:33.990000
 CVE-2025-6149,0,0,bfa9b70c74b833d4b13edc2b8c0deb75557d095959799446cbc897b529f45341,2025-06-23T19:28:26.243000
 CVE-2025-6150,0,0,1c1c8c9840248db413992659480d6a0621f81bf1fb34376aa4877ba8e62a64a5,2025-06-23T19:28:18.330000
-CVE-2025-6151,0,0,66f985d955d28732cb3e20742ce5c2b75d056fdf6e0c0fd5329b3e2551fd465e,2025-06-19T01:20:04.247000
+CVE-2025-6151,0,1,1391683b3575957e896133fcca7f5f323d73d40b9e6178c928c6711a0a97e152,2025-07-03T06:15:21.047000
 CVE-2025-6152,0,0,32d4186f036cfff413fb083fa82eb785e9512523c1a40900c862dc16e87a29b7,2025-07-02T19:47:02.363000
 CVE-2025-6153,0,0,9cb391bc0c728a51d1642ebf8a165fb9af8fa2212048ca86e4445e0b055258b3,2025-06-24T15:53:37.673000
 CVE-2025-6154,0,0,95060072831785f3ed57ae597e6cc6e6409b897d7a65ff870ebacbcf6fb1f450,2025-06-24T15:53:35.847000