admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-06-09T18:00:19.534302+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-06-09 18:03:55 +00:00
parent 37d37c619f
commit 9c246c77af
160 changed files with 6875 additions and 328 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
CVE-2011/CVE-2011-30xx/CVE-2011-3045.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2011-3045",
"sourceIdentifier": "cve@mitre.org",
"published": "2012-03-22T16:55:01.160",
"lastModified": "2025-04-11T00:51:21.963",
"lastModified": "2025-06-09T16:15:22.810",
"vulnStatus": "Deferred",
"cveTags": [],
"descriptions": [
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -52,6 +74,16 @@
"value": "CWE-190"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-195"
}
]
}
],
"configurations": [

34
CVE-2013/CVE-2013-43xx/CVE-2013-4392.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2013-4392",
"sourceIdentifier": "secalert@redhat.com",
"published": "2013-10-28T22:55:03.773",
"lastModified": "2025-04-11T00:51:21.963",
"lastModified": "2025-06-09T16:15:23.763",
"vulnStatus": "Deferred",
"cveTags": [],
"descriptions": [
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.3,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -52,6 +74,16 @@
"value": "CWE-59"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-59"
}
]
}
],
"configurations": [

38
CVE-2013/CVE-2013-73xx/CVE-2013-7353.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2013-7353",
"sourceIdentifier": "cve@mitre.org",
"published": "2014-05-06T14:55:05.010",
"lastModified": "2025-04-12T10:46:40.837",
"lastModified": "2025-06-09T16:15:23.980",
"vulnStatus": "Deferred",
"cveTags": [],
"descriptions": [
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -52,6 +74,20 @@
"value": "CWE-189"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
},
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [

38
CVE-2013/CVE-2013-73xx/CVE-2013-7354.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2013-7354",
"sourceIdentifier": "cve@mitre.org",
"published": "2014-05-06T14:55:05.043",
"lastModified": "2025-04-12T10:46:40.837",
"lastModified": "2025-06-09T16:15:24.220",
"vulnStatus": "Deferred",
"cveTags": [],
"descriptions": [
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -52,6 +74,20 @@
"value": "CWE-189"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
},
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [

34
CVE-2014/CVE-2014-94xx/CVE-2014-9495.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2014-9495",
"sourceIdentifier": "cve@mitre.org",
"published": "2015-01-10T19:59:00.047",
"lastModified": "2025-04-12T10:46:40.837",
"lastModified": "2025-06-09T16:15:24.410",
"vulnStatus": "Deferred",
"cveTags": [],
"descriptions": [
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -52,6 +74,16 @@
"value": "CWE-119"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"configurations": [

34
CVE-2015/CVE-2015-09xx/CVE-2015-0973.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2015-0973",
"sourceIdentifier": "cret@cert.org",
"published": "2015-01-18T18:59:03.020",
"lastModified": "2025-04-12T10:46:40.837",
"lastModified": "2025-06-09T16:15:24.780",
"vulnStatus": "Deferred",
"cveTags": [],
"descriptions": [
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -52,6 +74,16 @@
"value": "CWE-119"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [

34
CVE-2016/CVE-2016-27xx/CVE-2016-2781.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2016-2781",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-02-07T15:59:00.333",
"lastModified": "2025-04-20T01:37:25.860",
"lastModified": "2025-06-09T16:15:25.013",
"vulnStatus": "Deferred",
"cveTags": [],
"descriptions": [
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.5,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
@ -74,6 +96,16 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [

32
CVE-2016/CVE-2016-31xx/CVE-2016-3189.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2016-3189",
"sourceIdentifier": "cve@mitre.org",
"published": "2016-06-30T17:59:01.470",
"lastModified": "2025-04-12T10:46:40.837",
"lastModified": "2025-06-09T16:15:25.307",
"vulnStatus": "Deferred",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [
@ -74,6 +94,16 @@
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

32
CVE-2017/CVE-2017-126xx/CVE-2017-12652.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2017-12652",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-07-10T15:15:10.993",
"lastModified": "2025-05-21T16:15:24.660",
"lastModified": "2025-06-09T16:15:26.200",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -74,6 +94,16 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [

32
CVE-2017/CVE-2017-158xx/CVE-2017-15873.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2017-15873",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-10-24T20:29:00.280",
"lastModified": "2025-04-20T01:37:25.860",
"lastModified": "2025-06-09T16:15:26.423",
"vulnStatus": "Deferred",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [
@ -74,6 +94,16 @@
"value": "CWE-190"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [

34
CVE-2017/CVE-2017-158xx/CVE-2017-15874.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2017-15874",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-10-24T20:29:00.327",
"lastModified": "2025-04-20T01:37:25.860",
"lastModified": "2025-06-09T16:15:26.680",
"vulnStatus": "Deferred",
"cveTags": [],
"descriptions": [
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.3,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
@ -74,6 +96,16 @@
"value": "CWE-191"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-191"
}
]
}
],
"configurations": [

32
CVE-2017/CVE-2017-165xx/CVE-2017-16544.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2017-16544",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-11-20T15:29:00.387",
"lastModified": "2025-04-20T01:37:25.860",
"lastModified": "2025-06-09T16:15:26.850",
"vulnStatus": "Deferred",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -74,6 +94,16 @@
"value": "CWE-94"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [

34
CVE-2017/CVE-2017-180xx/CVE-2017-18018.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2017-18018",
"sourceIdentifier": "cve@mitre.org",
"published": "2018-01-04T04:29:00.190",
"lastModified": "2024-11-21T03:19:10.713",
"lastModified": "2025-06-09T16:15:27.250",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
],
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
@ -74,6 +96,16 @@
"value": "CWE-362"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [

32
CVE-2018/CVE-2018-10001xx/CVE-2018-1000168.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-1000168",
"sourceIdentifier": "cve@mitre.org",
"published": "2018-05-08T15:29:00.207",
"lastModified": "2024-11-21T03:39:50.327",
"lastModified": "2025-06-09T16:15:27.577",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [
@ -78,6 +98,16 @@
"value": "CWE-476"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [

32
CVE-2018/CVE-2018-10005xx/CVE-2018-1000500.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-1000500",
"sourceIdentifier": "cve@mitre.org",
"published": "2018-06-26T16:29:00.353",
"lastModified": "2024-11-21T03:40:03.357",
"lastModified": "2025-06-09T16:15:27.847",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
],
"cvssMetricV2": [
@ -74,6 +94,16 @@
"value": "CWE-295"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
],
"configurations": [

32
CVE-2018/CVE-2018-10005xx/CVE-2018-1000517.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-1000517",
"sourceIdentifier": "cve@mitre.org",
"published": "2018-06-26T16:29:01.197",
"lastModified": "2024-11-21T03:40:06.130",
"lastModified": "2025-06-09T16:15:28.047",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -74,6 +94,16 @@
"value": "CWE-120"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [

12
CVE-2018/CVE-2018-156xx/CVE-2018-15686.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-15686",
"sourceIdentifier": "security@ubuntu.com",
"published": "2018-10-26T14:29:00.613",
"lastModified": "2024-11-21T03:51:16.633",
"lastModified": "2025-06-09T16:15:28.243",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -96,6 +96,16 @@
"value": "CWE-502"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"configurations": [

12
CVE-2018/CVE-2018-156xx/CVE-2018-15687.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-15687",
"sourceIdentifier": "security@ubuntu.com",
"published": "2018-10-26T14:29:00.757",
"lastModified": "2024-11-21T03:51:16.777",
"lastModified": "2025-06-09T16:15:28.517",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -96,6 +96,16 @@
"value": "CWE-362"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [

12
CVE-2018/CVE-2018-156xx/CVE-2018-15688.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-15688",
"sourceIdentifier": "security@ubuntu.com",
"published": "2018-10-26T14:29:00.897",
"lastModified": "2024-11-21T03:51:16.897",
"lastModified": "2025-06-09T16:15:28.660",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -96,6 +96,16 @@
"value": "CWE-120"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [

34
CVE-2018/CVE-2018-206xx/CVE-2018-20679.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-20679",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-01-09T16:29:00.273",
"lastModified": "2024-11-21T04:01:58.893",
"lastModified": "2025-06-09T16:15:29.090",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
@ -74,6 +96,16 @@
"value": "CWE-125"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [

32
CVE-2018/CVE-2018-69xx/CVE-2018-6954.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-6954",
"sourceIdentifier": "cve@mitre.org",
"published": "2018-02-13T20:29:00.547",
"lastModified": "2024-11-21T04:11:28.693",
"lastModified": "2025-06-09T16:15:29.307",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -74,6 +94,16 @@
"value": "CWE-59"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-59"
}
]
}
],
"configurations": [

32
CVE-2019/CVE-2019-129xx/CVE-2019-12900.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-12900",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-06-19T23:15:09.910",
"lastModified": "2024-11-21T04:23:47.333",
"lastModified": "2025-06-09T16:15:29.623",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -74,6 +94,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2019/CVE-2019-182xx/CVE-2019-18276.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-18276",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-11-28T01:15:10.603",
"lastModified": "2024-11-21T04:32:57.217",
"lastModified": "2025-06-09T16:15:29.960",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -74,6 +94,16 @@
"value": "CWE-273"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-273"
}
]
}
],
"configurations": [

32
CVE-2019/CVE-2019-203xx/CVE-2019-20386.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-20386",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-01-21T06:15:11.827",
"lastModified": "2024-11-21T04:38:21.573",
"lastModified": "2025-06-09T16:15:30.467",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.5,
"impactScore": 2.5
}
],
"cvssMetricV2": [
@ -74,6 +94,16 @@
"value": "CWE-401"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [

32
CVE-2019/CVE-2019-250xx/CVE-2019-25013.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-25013",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-01-04T18:15:13.027",
"lastModified": "2024-11-21T04:39:44.273",
"lastModified": "2025-06-09T16:15:30.703",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
],
"cvssMetricV2": [
@ -74,6 +94,16 @@
"value": "CWE-125"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [

32
CVE-2019/CVE-2019-57xx/CVE-2019-5747.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-5747",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-01-09T16:29:00.353",
"lastModified": "2024-11-21T04:45:25.193",
"lastModified": "2025-06-09T16:15:31.280",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [
@ -74,6 +94,16 @@
"value": "CWE-125"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [

32
CVE-2020/CVE-2020-137xx/CVE-2020-13776.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-13776",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-06-03T03:15:10.677",
"lastModified": "2024-11-21T05:01:50.167",
"lastModified": "2025-06-09T16:15:31.573",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -74,6 +94,16 @@
"value": "CWE-269"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"configurations": [

32
CVE-2020/CVE-2020-276xx/CVE-2020-27618.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-27618",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-02-26T23:15:11.123",
"lastModified": "2024-11-21T05:21:29.230",
"lastModified": "2025-06-09T16:15:31.853",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [
@ -74,6 +94,16 @@
"value": "CWE-835"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-835"
}
]
}
],
"configurations": [

32
CVE-2020/CVE-2020-295xx/CVE-2020-29562.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-29562",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-12-04T07:15:11.003",
"lastModified": "2024-11-21T05:24:12.283",
"lastModified": "2025-06-09T16:15:32.127",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
],
"cvssMetricV2": [
@ -74,6 +94,16 @@
"value": "CWE-617"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-617"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-339xx/CVE-2021-33910.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33910",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-07-20T19:15:09.783",
"lastModified": "2024-11-21T06:09:45.593",
"lastModified": "2025-06-09T16:15:32.380",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [
@ -74,6 +94,16 @@
"value": "CWE-770"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-33xx/CVE-2021-3326.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-3326",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-01-27T20:15:14.020",
"lastModified": "2024-11-21T06:21:17.887",
"lastModified": "2025-06-09T16:15:32.670",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [
@ -74,6 +94,16 @@
"value": "CWE-617"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-617"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-405xx/CVE-2021-40528.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-40528",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-09-06T19:15:07.587",
"lastModified": "2024-11-21T06:24:19.853",
"lastModified": "2025-06-09T16:15:33.000",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
],
"cvssMetricV2": [
@ -74,6 +94,16 @@
"value": "CWE-327"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-327"
}
]
}
],
"configurations": [

22
CVE-2022/CVE-2022-05xx/CVE-2022-0563.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-0563",
"sourceIdentifier": "secalert@redhat.com",
"published": "2022-02-21T19:15:08.393",
"lastModified": "2024-11-21T06:38:55.503",
"lastModified": "2025-06-09T16:15:33.237",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [

32
CVE-2022/CVE-2022-283xx/CVE-2022-28391.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-28391",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-04-03T21:15:08.207",
"lastModified": "2024-11-21T06:57:17.253",
"lastModified": "2025-06-09T16:15:33.480",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -74,6 +94,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-88"
}
]
}
],
"configurations": [

8
CVE-2022/CVE-2022-414xx/CVE-2022-41404.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2022-41404",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-10-11T23:15:10.180",
"lastModified": "2025-05-20T14:15:25.047",
"lastModified": "2025-06-09T16:15:33.690",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in the fetch() method in the BasicProfile class of org.ini4j before v0.5.4 allows attackers to cause a Denial of Service (DoS) via unspecified vectors."
"value": "An issue in the fetch() method in the BasicProfile class of org.ini4j through version v0.5.4 allows attackers to cause a Denial of Service (DoS) via unspecified vectors."
},
{
"lang": "es",
@ -115,6 +115,10 @@
}
],
"references": [
{
"url": "https://github.com/Checkmarx/Vulnerabilities-Proofs-of-Concept/tree/main/2022/CVE-2022-41404",
"source": "cve@mitre.org"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00037.html",
"source": "cve@mitre.org",

56
CVE-2023/CVE-2023-259xx/CVE-2023-25999.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2023-25999",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:33.890",
"lastModified": "2025-06-09T16:15:33.890",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme BodyCenter - Gym, Fitness WooCommerce WordPress Theme allows PHP Local File Inclusion. This issue affects BodyCenter - Gym, Fitness WooCommerce WordPress Theme: from n/a through 2.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-98"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/theme/bodycenter/vulnerability/wordpress-bodycenter-gym-fitness-woocommerce-wordpress-theme-2-4-local-file-inclusion-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2023/CVE-2023-260xx/CVE-2023-26005.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2023-26005",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:34.043",
"lastModified": "2025-06-09T16:15:34.043",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BZOTheme Fitrush allows PHP Local File Inclusion. This issue affects Fitrush: from n/a through 1.3.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-98"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/theme/bw-fitrush/vulnerability/wordpress-fitrush-1-3-4-local-file-inclusion-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

4
CVE-2023/CVE-2023-429xx/CVE-2023-42983.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42983",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-04-11T15:15:45.890",
"lastModified": "2025-04-21T22:03:33.223",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-09T17:12:16.063",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

10
CVE-2023/CVE-2023-500xx/CVE-2023-50009.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-50009",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-19T17:15:52.070",
"lastModified": "2025-06-06T13:15:24.200",
"lastModified": "2025-06-09T16:15:34.193",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -110,6 +110,14 @@
"Product"
]
},
{
"url": "https://github.com/FFmpeg/FFmpeg/commit/162b4c60c8f72be2e93b759f3b1e14652b70b3ba",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/FFmpeg/FFmpeg/commit/c443658d26d2b8e19901f9507a890e0efca79056",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/",
"source": "cve@mitre.org"

14
CVE-2023/CVE-2023-500xx/CVE-2023-50010.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-50010",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-19T17:15:52.127",
"lastModified": "2025-06-06T13:15:24.467",
"lastModified": "2025-06-09T16:15:34.457",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -103,6 +103,18 @@
"Product"
]
},
{
"url": "https://git.ffmpeg.org/gitweb/ffmpeg.git/blobdiff/ab0fdaedd1e7224f7e84ea22fcbfaa4ca75a6c06..e4d2666bdc3dbd177a81bbf428654a5f2fa3787a:/libavfilter/vf_gradfun.c",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/FFmpeg/FFmpeg/commit/e4d2666bdc3dbd177a81bbf428654a5f2fa3787a",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/FFmpeg/FFmpeg/commit/e809c23786fe297797198a7b9f5d3392d581daf1",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/",
"source": "cve@mitre.org"

33
CVE-2023/CVE-2023-53xx/CVE-2023-5388.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5388",
"sourceIdentifier": "security@mozilla.org",
"published": "2024-03-19T12:15:07.537",
"lastModified": "2025-04-01T16:23:23.980",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-09T17:42:06.640",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -46,7 +46,7 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
"value": "CWE-203"
}
]
}
@ -79,6 +79,21 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
@ -94,14 +109,16 @@
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html",
"source": "security@mozilla.org",
"tags": [
"Mailing List"
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html",
"source": "security@mozilla.org",
"tags": [
"Mailing List"
"Mailing List",
"Third Party Advisory"
]
},
{
@ -137,14 +154,16 @@
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
"Mailing List",
"Third Party Advisory"
]
},
{

6
CVE-2024/CVE-2024-116xx/CVE-2024-11616.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-11616",
"sourceIdentifier": "psirt@netskope.com",
"published": "2024-12-19T10:15:13.323",
"lastModified": "2024-12-19T10:15:13.323",
"lastModified": "2025-06-09T17:15:26.263",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -74,6 +74,10 @@
}
],
"references": [
{
"url": "https://inbits-sec.com/posts/cve-2024-11616-netskope/",
"source": "psirt@netskope.com"
},
{
"url": "https://www.netskope.com/company/security-compliance-and-assurance/security-advisories-and-disclosures/netskope-security-advisory-nskpsa-2024-003",
"source": "psirt@netskope.com"

8
CVE-2024/CVE-2024-129xx/CVE-2024-12976.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-12976",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-12-27T02:15:06.063",
"lastModified": "2025-03-28T16:46:04.210",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-09T17:39:41.530",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -163,8 +163,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpgurukul:hospital_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0D7CB92F-609E-4807-A613-7AA413460314"
"criteria": "cpe:2.3:a:code-projects:hospital_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B669C3F2-082D-4374-B9E6-FDE5539B20CF"
}
]
}

26
CVE-2024/CVE-2024-210xx/CVE-2024-21026.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21026",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2024-04-16T22:15:18.020",
"lastModified": "2025-03-20T19:15:27.993",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-09T17:52:51.883",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "secalert_us@oracle.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},

24
CVE-2024/CVE-2024-211xx/CVE-2024-21116.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21116",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2024-04-16T22:15:33.653",
"lastModified": "2025-03-19T18:15:20.193",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-09T17:56:51.660",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,6 +19,26 @@
"cvssMetricV31": [
{
"source": "secalert_us@oracle.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",

24
CVE-2024/CVE-2024-211xx/CVE-2024-21136.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21136",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2024-07-16T23:15:14.243",
"lastModified": "2025-03-19T21:15:35.593",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-09T17:54:53.190",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,6 +19,26 @@
"cvssMetricV31": [
{
"source": "secalert_us@oracle.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",

26
CVE-2024/CVE-2024-211xx/CVE-2024-21175.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21175",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2024-07-16T23:15:21.337",
"lastModified": "2025-03-22T15:15:36.973",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-09T17:50:49.923",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "secalert_us@oracle.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},

8
CVE-2024/CVE-2024-228xx/CVE-2024-22873.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22873",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-26T16:27:56.733",
"lastModified": "2025-04-25T19:03:39.103",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-09T17:11:50.077",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -60,10 +60,10 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tencent:blueking_cmdb:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:tencent:blueking_configuration_management_database:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.2.2",
"versionEndIncluding": "3.9.47",
"matchCriteriaId": "6C6EA836-7A56-4910-9ED1-A353F28B692E"
"matchCriteriaId": "D0F0D307-A367-4BC8-A267-8ABB8BF0E2D2"
}
]
}

32
CVE-2024/CVE-2024-240xx/CVE-2024-24021.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-24021",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-08T02:15:07.950",
"lastModified": "2024-11-21T08:58:50.210",
"lastModified": "2025-06-09T17:15:27.310",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2024/CVE-2024-241xx/CVE-2024-24188.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-24188",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-07T14:15:52.917",
"lastModified": "2024-11-21T08:59:00.590",
"lastModified": "2025-06-09T17:15:27.700",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2024/CVE-2024-243xx/CVE-2024-24304.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-24304",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-07T09:15:15.913",
"lastModified": "2024-11-21T08:59:08.060",
"lastModified": "2025-06-09T17:15:28.043",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"configurations": [

8
CVE-2024/CVE-2024-252xx/CVE-2024-25251.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-25251",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-22T01:15:08.070",
"lastModified": "2025-04-02T20:20:43.033",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-09T17:58:16.700",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -60,8 +60,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:carmelogarcia:agro-school_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D94200-4E93-4519-A31A-45CF6CF2C3D9"
"criteria": "cpe:2.3:a:carmelo:agro-school_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB63B73-C821-4F83-A12E-2EA518AB4436"
}
]
}

52
CVE-2024/CVE-2024-279xx/CVE-2024-27995.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27995",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-03-21T15:16:54.133",
"lastModified": "2024-11-21T09:05:35.423",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-09T17:10:47.097",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -51,14 +71,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:reputeinfosystems:armember:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.0.24",
"matchCriteriaId": "E11F4A66-B188-4F01-BA17-037AF97E2B5F"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/armember-membership/wordpress-armember-plugin-4-0-23-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://patchstack.com/database/vulnerability/armember-membership/wordpress-armember-plugin-4-0-23-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

37
CVE-2024/CVE-2024-315xx/CVE-2024-31585.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31585",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-17T19:15:08.007",
"lastModified": "2025-06-03T15:35:31.007",
"vulnStatus": "Analyzed",
"lastModified": "2025-06-09T16:15:34.637",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -103,6 +103,18 @@
"Third Party Advisory"
]
},
{
"url": "https://git.ffmpeg.org/gitweb/ffmpeg.git/blobdiff/aec67d3d7d2895bfea61aa1358d9d8e956f8615c..ab0fdaedd1e7224f7e84ea22fcbfaa4ca75a6c06:/libavfilter/avf_showspectrum.c",
"source": "cve@mitre.org"
},
{
"url": "https://git.ffmpeg.org/gitweb/ffmpeg.git/blobdiff/bf2d7b20ea1c7d15dcbaedd479f40295e5c83430..3061bf668feffc7c1f0b244205167b3b86da8015:/libavfilter/avf_showspectrum.c",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/FFmpeg/FFmpeg/commit/3061bf668feffc7c1f0b244205167b3b86da8015",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/FFmpeg/FFmpeg/commit/81df787b53eb5c6433731f6eaaf7f2a94d8a8c80",
"source": "cve@mitre.org",
@ -118,25 +130,16 @@
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/",
"source": "cve@mitre.org"
},
{
"url": "https://gist.github.com/1047524396/dc2c64ffe0c3934a6176bcd2c5cf5656",

8
CVE-2024/CVE-2024-39xx/CVE-2024-3963.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3963",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-07-13T06:15:02.967",
"lastModified": "2025-05-13T13:51:53.133",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-09T17:07:01.677",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -60,9 +60,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rafflepress:giveaways_and_contests:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:rafflepress:rafflepress:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.12.14",
"matchCriteriaId": "BA397387-7568-4E55-B739-44270AA47EB1"
"matchCriteriaId": "E124A033-084C-4279-A27F-9CCDDC8CB87C"
}
]
}

29
CVE-2024/CVE-2024-464xx/CVE-2024-46452.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-46452",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-06-09T17:15:28.370",
"lastModified": "2025-06-09T17:15:28.370",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Host Header injection vulnerability in the password reset function of VigyBag Open Source Online Shop commit 3f0e21b allows attackers to redirect victim users to a malicious site via a crafted URL."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/ch3tanbug/vulnerability-research/tree/main/CVE-2024-46452",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/codervivek5/VigyBag",
"source": "cve@mitre.org"
},
{
"url": "https://www.vigybag.com",
"source": "cve@mitre.org"
}
]
}

8
CVE-2024/CVE-2024-539xx/CVE-2024-53901.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-53901",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-24T17:15:04.990",
"lastModified": "2024-11-26T19:52:01.653",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-09T17:36:58.807",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -90,9 +90,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tonyc:imager:*:*:*:*:*:perl:*:*",
"criteria": "cpe:2.3:a:tonycoz:imager:*:*:*:*:*:perl:*:*",
"versionEndExcluding": "1.025",
"matchCriteriaId": "68B8FA76-6DF7-4B1D-B577-641B6B4B6891"
"matchCriteriaId": "DE8A82F0-39EF-4079-904C-E752DB0CAA7B"
}
]
}

10
CVE-2024/CVE-2024-94xx/CVE-2024-9422.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-9422",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-11-22T06:15:20.370",
"lastModified": "2025-05-15T15:53:40.453",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-09T16:50:24.997",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -63,6 +63,12 @@
"criteria": "cpe:2.3:a:geomywp:geo_my_wordpress:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.5",
"matchCriteriaId": "97249232-7F87-42C9-8141-CA6A47E96B45"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geomywp:geo_my_wordpress_premium_settings:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.1",
"matchCriteriaId": "4972FBDA-85B9-4444-AFF5-98F5CD643D7E"
}
]
}

56
CVE-2025/CVE-2025-239xx/CVE-2025-23974.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-23974",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:34.893",
"lastModified": "2025-06-09T16:15:34.893",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Incorrect Privilege Assignment vulnerability in ifkooo One-Login allows Privilege Escalation. This issue affects One-Login: from n/a through 1.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-266"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/one-login/vulnerability/wordpress-one-login-1-4-privilege-escalation-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-247xx/CVE-2025-24767.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-24767",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:35.047",
"lastModified": "2025-06-09T16:15:35.047",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in facturaone TicketBAI Facturas para WooCommerce allows Blind SQL Injection. This issue affects TicketBAI Facturas para WooCommerce: from n/a through 3.19."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/wp-ticketbai/vulnerability/wordpress-ticketbai-facturas-para-woocommerce-3-19-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-247xx/CVE-2025-24768.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-24768",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:35.203",
"lastModified": "2025-06-09T16:15:35.203",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme Nitan allows PHP Local File Inclusion. This issue affects Nitan: from n/a through 2.9."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-98"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/theme/snsnitan/vulnerability/wordpress-nitan-2-9-local-file-inclusion-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-247xx/CVE-2025-24770.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-24770",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:35.360",
"lastModified": "2025-06-09T16:15:35.360",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BZOTheme CraftXtore allows PHP Local File Inclusion. This issue affects CraftXtore: from n/a through 1.7."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-98"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/theme/bw-craftxtore/vulnerability/wordpress-craftxtore-1-7-local-file-inclusion-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

4
CVE-2025/CVE-2025-259xx/CVE-2025-25946.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-25946",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-19T23:15:15.743",
"lastModified": "2025-05-13T14:02:21.333",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-09T16:49:57.563",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

56
CVE-2025/CVE-2025-265xx/CVE-2025-26592.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-26592",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:35.517",
"lastModified": "2025-06-09T16:15:35.517",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Inset allows PHP Local File Inclusion. This issue affects Inset: from n/a through 1.18.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-98"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/theme/inset/vulnerability/wordpress-inset-1-18-0-local-file-inclusion-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-273xx/CVE-2025-27362.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-27362",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:35.663",
"lastModified": "2025-06-09T16:15:35.663",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BZOTheme Petito allows PHP Local File Inclusion. This issue affects Petito: from n/a through 1.6.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-98"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/theme/bw-petito/vulnerability/wordpress-petito-1-6-2-local-file-inclusion-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-288xx/CVE-2025-28888.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-28888",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:35.857",
"lastModified": "2025-06-09T16:15:35.857",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BZOTheme GiftXtore allows PHP Local File Inclusion. This issue affects GiftXtore: from n/a through 1.7.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-98"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/theme/bw-giftxtore/vulnerability/wordpress-giftxtore-1-7-4-local-file-inclusion-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-289xx/CVE-2025-28944.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-28944",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:36.000",
"lastModified": "2025-06-09T16:15:36.000",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme Avaz allows PHP Local File Inclusion. This issue affects Avaz: from n/a through 2.8."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-98"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/theme/snsavaz/vulnerability/wordpress-avaz-2-8-local-file-inclusion-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-289xx/CVE-2025-28945.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-28945",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:36.150",
"lastModified": "2025-06-09T16:15:36.150",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme Valen - Sport, Fashion WooCommerce WordPress Theme allows PHP Local File Inclusion. This issue affects Valen - Sport, Fashion WooCommerce WordPress Theme: from n/a through 2.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-98"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/theme/valen/vulnerability/wordpress-valen-sport-fashion-woocommerce-wordpress-theme-2-4-local-file-inclusion-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-289xx/CVE-2025-28992.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-28992",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:36.303",
"lastModified": "2025-06-09T16:15:36.303",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme SNS Anton allows PHP Local File Inclusion. This issue affects SNS Anton: from n/a through 4.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-98"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/theme/snsanton/vulnerability/wordpress-sns-anton-4-1-local-file-inclusion-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

29
CVE-2025/CVE-2025-296xx/CVE-2025-29627.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2025-29627",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-06-09T17:15:28.617",
"lastModified": "2025-06-09T17:15:28.617",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in KeeperChat IOS Application v.5.8.8 allows a physically proximate attacker to escalate privileges via the Biometric Authentication Module"
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/SahilDabhilkar/CVE-Reference/blob/main/CVE-2025-29627.md",
"source": "cve@mitre.org"
},
{
"url": "https://www.keepersecurity.com/",
"source": "cve@mitre.org"
},
{
"url": "https://www.keepersecurity.com/en_GB/keeperchat.html",
"source": "cve@mitre.org"
}
]
}

14
CVE-2025/CVE-2025-29xx/CVE-2025-2917.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2917",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-28T18:15:17.253",
"lastModified": "2025-04-14T13:53:30.877",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-09T17:30:31.340",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -159,9 +159,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:1000cms:chestnutcms:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:1000mz:chestnutcms:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.5.3",
"matchCriteriaId": "877CAF5E-F22C-473F-A7A0-BD9D794405F7"
"matchCriteriaId": "8DD87B68-7227-419B-8A2D-3F00B3290753"
}
]
}
@ -173,7 +173,8 @@
"url": "https://r0ot.notion.site/ChestnutCMS-1-5-3-Arbitrary-file-read-vulnerability-1ae27d744f7f8074a169ca849e8a1d31?pvs=4",
"source": "cna@vuldb.com",
"tags": [
"Broken Link"
"Exploit",
"Third Party Advisory"
]
},
{
@ -204,7 +205,8 @@
"url": "https://r0ot.notion.site/ChestnutCMS-1-5-3-Arbitrary-file-read-vulnerability-1ae27d744f7f8074a169ca849e8a1d31",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Broken Link"
"Exploit",
"Third Party Advisory"
]
}
]

56
CVE-2025/CVE-2025-310xx/CVE-2025-31019.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-31019",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:36.450",
"lastModified": "2025-06-09T16:15:36.450",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in miniOrange Password Policy Manager allows Authentication Abuse. This issue affects Password Policy Manager: from n/a through 2.0.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-288"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/password-policy-manager/vulnerability/wordpress-password-policy-manager-plugin-2-0-4-account-takeover-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-310xx/CVE-2025-31022.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-31022",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:36.610",
"lastModified": "2025-06-09T16:15:36.610",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in PayU India PayU India allows Authentication Abuse. This issue affects PayU India: from n/a through 3.8.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-288"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/payu-india/vulnerability/wordpress-payu-india-plugin-3-8-5-account-takeover-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-310xx/CVE-2025-31039.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-31039",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:36.757",
"lastModified": "2025-06-09T16:15:36.757",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Restriction of XML External Entity Reference vulnerability in pixelgrade Category Icon allows XML Entity Linking. This issue affects Category Icon: from n/a through 1.0.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-611"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/category-icon/vulnerability/wordpress-category-icon-plugin-1-0-2-xml-external-entity-xxe-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-310xx/CVE-2025-31045.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-31045",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:36.907",
"lastModified": "2025-06-09T16:15:36.907",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in elfsight elfsight Contact Form widget allows Retrieve Embedded Sensitive Data. This issue affects elfsight Contact Form widget: from n/a through 2.3.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-497"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/elfsight-contact-form/vulnerability/wordpress-elfsight-contact-form-widget-2-3-1-sensitive-data-exposure-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-310xx/CVE-2025-31050.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-31050",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:37.050",
"lastModified": "2025-06-09T16:15:37.050",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in appthaplugins Apptha Slider Gallery allows Path Traversal. This issue affects Apptha Slider Gallery: from n/a through 2.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/apptha-slider-gallery/vulnerability/wordpress-apptha-slider-gallery-plugin-2-5-arbitrary-file-read-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-310xx/CVE-2025-31052.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-31052",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:37.197",
"lastModified": "2025-06-09T16:15:37.197",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Deserialization of Untrusted Data vulnerability in themeton The Fashion - Model Agency One Page Beauty Theme allows Object Injection. This issue affects The Fashion - Model Agency One Page Beauty Theme: from n/a through 1.4.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/theme/nrgfashion/vulnerability/wordpress-the-fashion-model-agency-one-page-beauty-theme-1-4-4-deserialization-of-untrusted-data-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-310xx/CVE-2025-31057.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-31057",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:37.367",
"lastModified": "2025-06-09T16:15:37.367",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Universal Video Player allows Reflected XSS. This issue affects Universal Video Player: from n/a through 1.4.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/elementor_widget_universal_video_player/vulnerability/wordpress-universal-video-player-plugin-1-4-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-310xx/CVE-2025-31058.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-31058",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:37.520",
"lastModified": "2025-06-09T16:15:37.520",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Revolution Video Player allows Reflected XSS. This issue affects Revolution Video Player: from n/a through 2.9.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/revolution_video_player/vulnerability/wordpress-revolution-video-player-plugin-2-9-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-310xx/CVE-2025-31059.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-31059",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:37.670",
"lastModified": "2025-06-09T16:15:37.670",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in woobewoo WBW Product Table PRO allows SQL Injection. This issue affects WBW Product Table PRO: from n/a through 2.1.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/woo-producttables-pro/vulnerability/wordpress-wbw-product-table-pro-2-1-3-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-310xx/CVE-2025-31061.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-31061",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:37.813",
"lastModified": "2025-06-09T16:15:37.813",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in redqteam Wishlist allows Reflected XSS. This issue affects Wishlist: from n/a through 2.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/wishlist/vulnerability/wordpress-wishlist-plugin-2-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-313xx/CVE-2025-31396.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-31396",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:37.957",
"lastModified": "2025-06-09T16:15:37.957",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Deserialization of Untrusted Data vulnerability in themeton FLAP - Business WordPress Theme allows Object Injection. This issue affects FLAP - Business WordPress Theme: from n/a through 1.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/theme/flap/vulnerability/wordpress-flap-business-wordpress-theme-1-5-php-object-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-313xx/CVE-2025-31398.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-31398",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:38.103",
"lastModified": "2025-06-09T16:15:38.103",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Deserialization of Untrusted Data vulnerability in themeton PIMP - Creative MultiPurpose allows Object Injection. This issue affects PIMP - Creative MultiPurpose: from n/a through 1.7."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/theme/pimp/vulnerability/wordpress-pimp-creative-multipurpose-1-7-deserialization-of-untrusted-data-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-314xx/CVE-2025-31424.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-31424",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:38.260",
"lastModified": "2025-06-09T16:15:38.260",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in kamleshyadav WP Lead Capturing Pages allows Blind SQL Injection. This issue affects WP Lead Capturing Pages: from n/a through 2.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/leadcapture/vulnerability/wordpress-wp-lead-capturing-pages-plugin-2-3-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-314xx/CVE-2025-31426.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-31426",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:38.417",
"lastModified": "2025-06-09T16:15:38.417",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Sticky Radio Player allows Reflected XSS. This issue affects Sticky Radio Player: from n/a through 3.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/lbg-audio5-html5-shoutcast_sticky/vulnerability/wordpress-sticky-radio-player-plugin-3-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-314xx/CVE-2025-31429.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-31429",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:38.570",
"lastModified": "2025-06-09T16:15:38.570",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Deserialization of Untrusted Data vulnerability in themeton PressGrid - Frontend Publish Reaction & Multimedia Theme allows Object Injection. This issue affects PressGrid - Frontend Publish Reaction & Multimedia Theme: from n/a through 1.3.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/theme/press-grid/vulnerability/wordpress-pressgrid-frontend-publish-reaction-multimedia-theme-1-3-1-deserialization-of-untrusted-data-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-316xx/CVE-2025-31635.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-31635",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:38.720",
"lastModified": "2025-06-09T16:15:38.720",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in LambertGroup CLEVER allows Path Traversal. This issue affects CLEVER: from n/a through 2.6."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/lbg-audio11-html5-shoutcast_history/vulnerability/wordpress-clever-2-6-arbitrary-file-download-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-316xx/CVE-2025-31638.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-31638",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:38.877",
"lastModified": "2025-06-09T16:15:38.877",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themeton Spare allows Reflected XSS. This issue affects Spare: from n/a through 1.7."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/theme/spare/vulnerability/wordpress-spare-1-7-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-319xx/CVE-2025-31917.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-31917",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:39.030",
"lastModified": "2025-06-09T16:15:39.030",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Universal Video Player allows Reflected XSS. This issue affects Universal Video Player: from n/a through 3.8.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/universal_video_player/vulnerability/wordpress-universal-video-player-plugin-3-8-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-319xx/CVE-2025-31920.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-31920",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:39.187",
"lastModified": "2025-06-09T16:15:39.187",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AmentoTech WP Guppy allows SQL Injection. This issue affects WP Guppy: from n/a through 4.3.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.1,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/wp-guppy/vulnerability/wordpress-wp-guppy-4-3-3-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-319xx/CVE-2025-31925.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-31925",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:39.337",
"lastModified": "2025-06-09T16:15:39.337",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup SHOUT allows Reflected XSS. This issue affects SHOUT: from n/a through 3.5.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/lbg-audio8-html5-radio_ads/vulnerability/wordpress-shout-plugin-3-5-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

47
CVE-2025/CVE-2025-322xx/CVE-2025-32254.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-32254",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-04-04T16:15:34.887",
"lastModified": "2025-04-07T14:18:15.560",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-09T16:53:01.463",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -51,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:iqonicdesign:wpbookit:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.3",
"matchCriteriaId": "6A950E66-29C8-4F6A-A209-59DD62DBD36F"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/wpbookit/vulnerability/wordpress-wpbookit-plugin-1-0-1-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

56
CVE-2025/CVE-2025-322xx/CVE-2025-32291.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-32291",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:39.480",
"lastModified": "2025-06-09T16:15:39.480",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in FantasticPlugins SUMO Affiliates Pro allows Using Malicious Files. This issue affects SUMO Affiliates Pro: from n/a through 10.7.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/affs/vulnerability/wordpress-sumo-affiliates-pro-10-7-0-arbitrary-file-upload-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-323xx/CVE-2025-32305.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-32305",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:39.640",
"lastModified": "2025-06-09T16:15:39.640",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sneeit FlatNews allows Reflected XSS. This issue affects FlatNews: from n/a through 5.8."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/theme/flatnews/vulnerability/wordpress-flatnews-theme-5-8-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-323xx/CVE-2025-32308.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-32308",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:39.790",
"lastModified": "2025-06-09T16:15:39.790",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in looks_awesome Team Builder allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Team Builder: from n/a through 1.5.7."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/a-team-showcase/vulnerability/wordpress-team-builder-1-5-7-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-325xx/CVE-2025-32595.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-32595",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:39.937",
"lastModified": "2025-06-09T16:15:39.937",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Krowd allows PHP Local File Inclusion. This issue affects Krowd: from n/a through 1.4.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-98"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/theme/krowd/vulnerability/wordpress-krowd-1-4-1-local-file-inclusion-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

27
CVE-2025/CVE-2025-329xx/CVE-2025-32924.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-32924",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-05-19T20:15:21.920",
"lastModified": "2025-05-21T20:25:16.407",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-09T17:06:44.660",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:roninwp:revy:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.1",
"matchCriteriaId": "3AC15B25-BC37-48C7-8514-FEDD8EE49BB5"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/revy/vulnerability/wordpress-revy-plugin-2-1-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2025/CVE-2025-329xx/CVE-2025-32925.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-32925",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-05-19T20:15:22.070",
"lastModified": "2025-05-21T20:25:16.407",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-09T17:08:45.590",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.6,
"impactScore": 6.0
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -51,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fantasticplugins:sumo_reward_points:*:*:*:*:*:*:*:*",
"versionEndIncluding": "30.7.0",
"matchCriteriaId": "476A4713-F7CA-4A10-B2B9-56BE10EF0042"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/rewardsystem/vulnerability/wordpress-sumo-reward-points-plugin-30-7-0-local-file-inclusion-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

27
CVE-2025/CVE-2025-329xx/CVE-2025-32926.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-32926",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-05-19T20:15:22.213",
"lastModified": "2025-05-21T20:25:16.407",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-09T17:09:57.147",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:themegoods:grand_restaurant:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "7.0",
"matchCriteriaId": "A469538B-DB11-4012-99E2-070384A0D772"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/theme/grandrestaurant/vulnerability/wordpress-grand-restaurant-wordpress-theme-7-0-path-traversal-to-php-object-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

56
CVE-2025/CVE-2025-394xx/CVE-2025-39473.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-39473",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-09T16:15:40.080",
"lastModified": "2025-06-09T16:15:40.080",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WebGeniusLab Seofy Core allows PHP Local File Inclusion. This issue affects Seofy Core: from n/a through 1.4.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/seofy-core/vulnerability/wordpress-seofy-core-1-4-5-local-file-inclusion-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

Some files were not shown because too many files have changed in this diff Show More