Auto-Update: 2025-04-26T16:00:13.385053+00:00

2025-05-30 10:10:41 +00:00 · 2025-04-26 16:03:49 +00:00 · 2025-04-26 16:03:49 +00:00 · 9bfaa64fde
commit 9bfaa64fde
parent d9745b110e
4 changed files with 126 additions and 7 deletions
--- a/CVE-2024/CVE-2024-536xx/CVE-2024-53636.json
+++ b/CVE-2024/CVE-2024-536xx/CVE-2024-53636.json
@ -0,0 +1,56 @@
+{
+  "id": "CVE-2024-53636",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2025-04-26T15:15:44.080",
+  "lastModified": "2025-04-26T15:15:44.080",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An arbitrary file upload vulnerability via writefile.php of Serosoft Academia Student Information System (SIS) EagleR-1.0.118 allows attackers to execute arbitrary code via ../ in the filePath parameter."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@mitre.org",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
+          "baseScore": 6.4,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 3.1,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve@mitre.org",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-24"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2024-53636",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2025/CVE-2025-466xx/CVE-2025-46646.json
+++ b/CVE-2025/CVE-2025-466xx/CVE-2025-46646.json
@ -0,0 +1,60 @@
+{
+  "id": "CVE-2025-46646",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2025-04-26T15:15:45.057",
+  "lastModified": "2025-04-26T15:15:45.057",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In Artifex Ghostscript before 10.05.0, decode_utf8 in base/gp_utf8.c mishandles overlong UTF-8 encoding. NOTE: this issue exists because of an incomplete fix for CVE-2024-46954."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@mitre.org",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N",
+          "baseScore": 4.5,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "LOCAL",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 1.4,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve@mitre.org",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-24"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://bugs.ghostscript.com/show_bug.cgi?id=708311",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=f14ea81e6c3d2f51593f23cdf13c4679a18f1a3f",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2025-04-26T14:00:20.262027+00:00
+2025-04-26T16:00:13.385053+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2025-04-26T13:15:42.940000+00:00
+2025-04-26T15:15:45.057000+00:00
 ```

 ### Last Data Feed Release
@ -33,20 +33,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-291480
+291482
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `0`
+Recently added CVEs: `2`

+- [CVE-2024-53636](CVE-2024/CVE-2024-536xx/CVE-2024-53636.json) (`2025-04-26T15:15:44.080`)
+- [CVE-2025-46646](CVE-2025/CVE-2025-466xx/CVE-2025-46646.json) (`2025-04-26T15:15:45.057`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `1`
+Recently modified CVEs: `0`

- [CVE-2024-56430](CVE-2024/CVE-2024-564xx/CVE-2024-56430.json) (`2025-04-26T13:15:42.940`)


 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -274720,6 +274720,7 @@ CVE-2024-53620,0,0,0ec00be95852a0998a14f46021597d58d0eefdd89109b46c5f804a1cf687b
 CVE-2024-53623,0,0,531ddce100784ec8b317b297b660a260e518e8b80f64012824aac6bf3d8289e3,2024-12-02T20:15:07.917000
 CVE-2024-5363,0,0,1a1d04dd62a3d9ceb936776096c694704c071db758e0c336b93f44ac203c6bde,2025-02-10T14:41:03.540000
 CVE-2024-53635,0,0,7a67e9e0d9d71b612bd6cfd95f53056a7f326cdca18b0bdba544dd72fd3cefe4,2025-04-04T15:39:01.230000
+CVE-2024-53636,1,1,837db0ca45371cf0dbb16d156db2e1dbd4c0d0cd05c7d0c723edd12300dcf818,2025-04-26T15:15:44.080000
 CVE-2024-5364,0,0,aa5f84f14464447d90ef8caf1f257dc2f279cb9cd3689bc4d8a6e5bed5923442,2025-02-10T14:41:25.130000
 CVE-2024-53647,0,0,cfcb346f723938ad054c8fdc72391827a75db16440dc5160efbbab2c409a3044,2024-12-31T16:15:26.437000
 CVE-2024-53648,0,0,45c01bfa5a9acb65ae01f03972d763b96e09818681d1d686dc2d5d5e84b1288c,2025-02-11T11:15:14.460000
@ -276386,7 +276387,7 @@ CVE-2024-56412,0,0,9de65a8965a720aee61d5a73e14bdf5e61cc3466412a93eb6a99af9f75093
 CVE-2024-56413,0,0,379dc229ccabdf364af9829d579c8a73e199b5e7c66cddebda4706bf51009015,2025-01-02T16:15:08.570000
 CVE-2024-56414,0,0,8d131c69616c062c73dec88651a9a991bc9ee2aa5d8bfac07e8125110c170173,2025-01-02T16:15:08.693000
 CVE-2024-5642,0,0,272b3c46f017079f5e7a4c3a57dae457f6d7a543b129faf9804cec24715f8735,2024-11-21T09:48:04.713000
-CVE-2024-56430,0,1,2bffe926c5e68f1bdd0512132587fbce173389a8e75ddcf80974890bd54440ad,2025-04-26T13:15:42.940000
+CVE-2024-56430,0,0,2bffe926c5e68f1bdd0512132587fbce173389a8e75ddcf80974890bd54440ad,2025-04-26T13:15:42.940000
 CVE-2024-56431,0,0,67cc611113625e736ceaa831a4486700220f1e0f8c3f1b943c5f85189d898fc7,2025-04-25T20:15:38.220000
 CVE-2024-56433,0,0,41933bdf4cf50f4b61b9a39102f868e297a293e10ec834a2eac62b7879bed51f,2024-12-26T09:15:07.267000
 CVE-2024-56434,0,0,77666c843737cc5a12cb8a3f8ccfddbad46fbc8e173c92ce2eda6e7d103804e3,2025-01-13T21:27:24.040000
@ -291479,3 +291480,4 @@ CVE-2025-46613,0,0,fb63aa932416287c8229af8ca941c8fc1e3cc17d68277bca805056b66b2de
 CVE-2025-46616,0,0,6f77a3deea80513a0e444e82f1b969313a83fb972c392a9b077d9c4200172c06,2025-04-25T07:15:48.643000
 CVE-2025-46617,0,0,8264fe3c72bbb8b882b06aaed5126806c5af44dc16714e5ba80c3b2cd476f946,2025-04-25T07:15:48.837000
 CVE-2025-46618,0,0,4e5b2699bfdedc6ad58a2dd050f1132b14684461f25e6c5475feda78ee59e7e9,2025-04-25T15:15:40.957000
+CVE-2025-46646,1,1,949a77c3146b1ad773ec42268b57ffae39a9f8969f54ab4f38eda1edb565c7c9,2025-04-26T15:15:45.057000