From 9dac8bc546a764b45e09a32442aae2b696b06c4f Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Mon, 2 Jun 2025 10:03:57 +0000 Subject: [PATCH] Auto-Update: 2025-06-02T10:00:19.566114+00:00 --- CVE-2025/CVE-2025-03xx/CVE-2025-0324.json | 56 +++++++++ CVE-2025/CVE-2025-03xx/CVE-2025-0325.json | 60 +++++++++ CVE-2025/CVE-2025-03xx/CVE-2025-0358.json | 56 +++++++++ CVE-2025/CVE-2025-51xx/CVE-2025-5113.json | 78 ++++++++++++ CVE-2025/CVE-2025-54xx/CVE-2025-5435.json | 141 +++++++++++++++++++++ CVE-2025/CVE-2025-54xx/CVE-2025-5436.json | 141 +++++++++++++++++++++ CVE-2025/CVE-2025-54xx/CVE-2025-5437.json | 137 ++++++++++++++++++++ CVE-2025/CVE-2025-54xx/CVE-2025-5438.json | 145 ++++++++++++++++++++++ CVE-2025/CVE-2025-54xx/CVE-2025-5455.json | 78 ++++++++++++ README.md | 25 ++-- _state.csv | 25 ++-- 11 files changed, 922 insertions(+), 20 deletions(-) create mode 100644 CVE-2025/CVE-2025-03xx/CVE-2025-0324.json create mode 100644 CVE-2025/CVE-2025-03xx/CVE-2025-0325.json create mode 100644 CVE-2025/CVE-2025-03xx/CVE-2025-0358.json create mode 100644 CVE-2025/CVE-2025-51xx/CVE-2025-5113.json create mode 100644 CVE-2025/CVE-2025-54xx/CVE-2025-5435.json create mode 100644 CVE-2025/CVE-2025-54xx/CVE-2025-5436.json create mode 100644 CVE-2025/CVE-2025-54xx/CVE-2025-5437.json create mode 100644 CVE-2025/CVE-2025-54xx/CVE-2025-5438.json create mode 100644 CVE-2025/CVE-2025-54xx/CVE-2025-5455.json diff --git a/CVE-2025/CVE-2025-03xx/CVE-2025-0324.json b/CVE-2025/CVE-2025-03xx/CVE-2025-0324.json new file mode 100644 index 00000000000..c5384e0ab45 --- /dev/null +++ b/CVE-2025/CVE-2025-03xx/CVE-2025-0324.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-0324", + "sourceIdentifier": "product-security@axis.com", + "published": "2025-06-02T08:15:20.560", + "lastModified": "2025-06-02T08:15:20.560", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The VAPIX Device Configuration framework allowed a privilege escalation, enabling a lower-privileged user to gain\u00a0administrator privileges." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "product-security@axis.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L", + "baseScore": 9.4, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.5 + } + ] + }, + "weaknesses": [ + { + "source": "product-security@axis.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-791" + } + ] + } + ], + "references": [ + { + "url": "https://www.axis.com/dam/public/04/f3/1c/cve-2025-0324pdf-en-US-483807.pdf", + "source": "product-security@axis.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-03xx/CVE-2025-0325.json b/CVE-2025/CVE-2025-03xx/CVE-2025-0325.json new file mode 100644 index 00000000000..d646836c2e4 --- /dev/null +++ b/CVE-2025/CVE-2025-03xx/CVE-2025-0325.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-0325", + "sourceIdentifier": "product-security@axis.com", + "published": "2025-06-02T08:15:20.767", + "lastModified": "2025-06-02T08:15:20.767", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A Guard Tour VAPIX API parameter allowed the use of arbitrary values and can be incorrectly called, allowing an attacker\u00a0to block access to the guard tour configuration page in the web interface of the Axis device." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "product-security@axis.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "product-security@axis.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-628" + }, + { + "lang": "en", + "value": "CWE-1287" + } + ] + } + ], + "references": [ + { + "url": "https://www.axis.com/dam/public/d0/ae/fe/cve-2025-0325pdf-en-US-483808.pdf", + "source": "product-security@axis.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-03xx/CVE-2025-0358.json b/CVE-2025/CVE-2025-03xx/CVE-2025-0358.json new file mode 100644 index 00000000000..2ab67e13046 --- /dev/null +++ b/CVE-2025/CVE-2025-03xx/CVE-2025-0358.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-0358", + "sourceIdentifier": "product-security@axis.com", + "published": "2025-06-02T08:15:20.917", + "lastModified": "2025-06-02T08:15:20.917", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a flaw in the VAPIX Device Configuration framework that allowed a privilege escalation, enabling a\u00a0lower-privileged user to gain administrator privileges." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "product-security@axis.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.0, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "product-security@axis.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-269" + } + ] + } + ], + "references": [ + { + "url": "https://www.axis.com/dam/public/35/90/85/cve-2025-0358pdf-en-US-483809.pdf", + "source": "product-security@axis.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-51xx/CVE-2025-5113.json b/CVE-2025/CVE-2025-51xx/CVE-2025-5113.json new file mode 100644 index 00000000000..f678dd18bd2 --- /dev/null +++ b/CVE-2025/CVE-2025-51xx/CVE-2025-5113.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2025-5113", + "sourceIdentifier": "research@onekey.com", + "published": "2025-06-02T08:15:21.073", + "lastModified": "2025-06-02T08:15:21.073", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Diviotec professional series exposes a web interface. One endpoint is vulnerable to arbitrary command injection and hardcoded passwords are used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "research@onekey.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 8.6, + "baseSeverity": "HIGH", + "attackVector": "ADJACENT", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "HIGH", + "vulnIntegrityImpact": "HIGH", + "vulnAvailabilityImpact": "HIGH", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "research@onekey.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] + } + ], + "references": [ + { + "url": "https://www.onekey.com/resource/security-advisory-remote-code-execution-on-diviotec-ip-camera-cve-2025-5113", + "source": "research@onekey.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-54xx/CVE-2025-5435.json b/CVE-2025/CVE-2025-54xx/CVE-2025-5435.json new file mode 100644 index 00000000000..125dc436b38 --- /dev/null +++ b/CVE-2025/CVE-2025-54xx/CVE-2025-5435.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2025-5435", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-06-02T08:15:21.230", + "lastModified": "2025-06-02T08:15:21.230", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in Marwal Infotech CMS 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /page.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "LOW", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "LOW", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "baseScore": 7.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/YZS17/CVE/blob/main/SQL/SQLi%20in%20Marwal%20Infotech%20v1.0.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.310768", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.310768", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.584262", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-54xx/CVE-2025-5436.json b/CVE-2025/CVE-2025-54xx/CVE-2025-5436.json new file mode 100644 index 00000000000..f616c105b46 --- /dev/null +++ b/CVE-2025/CVE-2025-54xx/CVE-2025-5436.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2025-5436", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-06-02T08:15:21.437", + "lastModified": "2025-06-02T08:15:21.437", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in Multilaser Sirius RE016 MLT1.0. It has been rated as problematic. This issue affects some unknown processing of the file /cgi-bin/cstecgi.cgi. The manipulation leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "LOW", + "vulnIntegrityImpact": "NONE", + "vulnAvailabilityImpact": "NONE", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", + "baseScore": 5.0, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 10.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + }, + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/DefaultCh40s/RE016/blob/main/re016.py", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.310769", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.310769", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.584324", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-54xx/CVE-2025-5437.json b/CVE-2025/CVE-2025-54xx/CVE-2025-5437.json new file mode 100644 index 00000000000..323641f6648 --- /dev/null +++ b/CVE-2025/CVE-2025-54xx/CVE-2025-5437.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2025-5437", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-06-02T09:15:21.027", + "lastModified": "2025-06-02T09:15:21.027", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability classified as critical has been found in Multilaser Sirius RE016 MLT1.0. Affected is an unknown function of the file /cgi-bin/cstecgi.cgi of the component Password Change Handler. The manipulation leads to improper authentication. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "NONE", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "NONE", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", + "baseScore": 5.0, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 10.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/DefaultCh40s/RE016/blob/main/re016.py", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.310770", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.310770", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.584325", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-54xx/CVE-2025-5438.json b/CVE-2025/CVE-2025-54xx/CVE-2025-5438.json new file mode 100644 index 00000000000..d8d46534cac --- /dev/null +++ b/CVE-2025/CVE-2025-54xx/CVE-2025-5438.json @@ -0,0 +1,145 @@ +{ + "id": "CVE-2025-5438", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-06-02T09:15:21.280", + "lastModified": "2025-06-02T09:15:21.280", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. It has been declared as critical. Affected by this vulnerability is the function WPS of the file /goform/WPS. The manipulation of the argument PIN leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "LOW", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "LOW", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "baseScore": 6.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-77" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/wudipjq/my_vuln/blob/main/Linksys/vuln_1/1.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.310777", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.310777", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.584360", + "source": "cna@vuldb.com" + }, + { + "url": "https://www.linksys.com/", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-54xx/CVE-2025-5455.json b/CVE-2025/CVE-2025-54xx/CVE-2025-5455.json new file mode 100644 index 00000000000..0190e77130b --- /dev/null +++ b/CVE-2025/CVE-2025-54xx/CVE-2025-5455.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2025-5455", + "sourceIdentifier": "a59d8014-47c4-4630-ab43-e1b13cbe58e3", + "published": "2025-06-02T09:15:21.493", + "lastModified": "2025-06-02T09:15:21.493", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An issue was found in the private API function qDecodeDataUrl() in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code.\n\nIf the function was called with malformed data, for example, an URL that\ncontained a \"charset\" parameter that lacked a value (such as\n\"data:charset,\"), and Qt was built with assertions enabled, then it would hit an assertion, resulting in a denial of service\n(abort).\n\nThis impacts Qt up to 5.15.18, 6.0.0->6.5.8, 6.6.0->6.8.3 and 6.9.0. This has been fixed in 5.15.19, 6.5.9, 6.8.4 and 6.9.1." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "a59d8014-47c4-4630-ab43-e1b13cbe58e3", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:H/SC:N/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:U/V:X/RE:M/U:Clear", + "baseScore": 8.4, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "ACTIVE", + "vulnConfidentialityImpact": "NONE", + "vulnIntegrityImpact": "HIGH", + "vulnAvailabilityImpact": "HIGH", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "HIGH", + "subAvailabilityImpact": "HIGH", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "USER", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "MODERATE", + "providerUrgency": "CLEAR" + } + } + ] + }, + "weaknesses": [ + { + "source": "a59d8014-47c4-4630-ab43-e1b13cbe58e3", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://codereview.qt-project.org/c/qt/qtbase/+/642006", + "source": "a59d8014-47c4-4630-ab43-e1b13cbe58e3" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index cc4c57fb36e..88ea3954a24 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-06-02T08:00:20.823698+00:00 +2025-06-02T10:00:19.566114+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-06-02T07:15:22.230000+00:00 +2025-06-02T09:15:21.493000+00:00 ``` ### Last Data Feed Release @@ -33,21 +33,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -296172 +296181 ``` ### CVEs added in the last Commit -Recently added CVEs: `8` +Recently added CVEs: `9` -- [CVE-2025-1235](CVE-2025/CVE-2025-12xx/CVE-2025-1235.json) (`2025-06-02T07:15:21.450`) -- [CVE-2025-1485](CVE-2025/CVE-2025-14xx/CVE-2025-1485.json) (`2025-06-02T06:15:20.267`) -- [CVE-2025-3951](CVE-2025/CVE-2025-39xx/CVE-2025-3951.json) (`2025-06-02T06:15:20.620`) -- [CVE-2025-4010](CVE-2025/CVE-2025-40xx/CVE-2025-4010.json) (`2025-06-02T07:15:21.833`) -- [CVE-2025-5431](CVE-2025/CVE-2025-54xx/CVE-2025-5431.json) (`2025-06-02T06:15:20.740`) -- [CVE-2025-5432](CVE-2025/CVE-2025-54xx/CVE-2025-5432.json) (`2025-06-02T06:15:21.023`) -- [CVE-2025-5433](CVE-2025/CVE-2025-54xx/CVE-2025-5433.json) (`2025-06-02T07:15:22.000`) -- [CVE-2025-5434](CVE-2025/CVE-2025-54xx/CVE-2025-5434.json) (`2025-06-02T07:15:22.230`) +- [CVE-2025-0324](CVE-2025/CVE-2025-03xx/CVE-2025-0324.json) (`2025-06-02T08:15:20.560`) +- [CVE-2025-0325](CVE-2025/CVE-2025-03xx/CVE-2025-0325.json) (`2025-06-02T08:15:20.767`) +- [CVE-2025-0358](CVE-2025/CVE-2025-03xx/CVE-2025-0358.json) (`2025-06-02T08:15:20.917`) +- [CVE-2025-5113](CVE-2025/CVE-2025-51xx/CVE-2025-5113.json) (`2025-06-02T08:15:21.073`) +- [CVE-2025-5435](CVE-2025/CVE-2025-54xx/CVE-2025-5435.json) (`2025-06-02T08:15:21.230`) +- [CVE-2025-5436](CVE-2025/CVE-2025-54xx/CVE-2025-5436.json) (`2025-06-02T08:15:21.437`) +- [CVE-2025-5437](CVE-2025/CVE-2025-54xx/CVE-2025-5437.json) (`2025-06-02T09:15:21.027`) +- [CVE-2025-5438](CVE-2025/CVE-2025-54xx/CVE-2025-5438.json) (`2025-06-02T09:15:21.280`) +- [CVE-2025-5455](CVE-2025/CVE-2025-54xx/CVE-2025-5455.json) (`2025-06-02T09:15:21.493`) ### CVEs modified in the last Commit diff --git a/_state.csv b/_state.csv index 1e4ca94f782..6096614b7ae 100644 --- a/_state.csv +++ b/_state.csv @@ -282542,6 +282542,8 @@ CVE-2025-0316,0,0,25fd7fe5edf79101ae2318703f4978f3c60d73f85c2ce3aafc07a98a04e1c5 CVE-2025-0317,0,0,1123791ff2d58b6f495de598eaa7b07d475197b92f1bcee30e0f8801714b425c,2025-04-02T16:07:20.300000 CVE-2025-0318,0,0,1adf5fbf909f385869a8e3e2c4143fad7dfe52742d5225eb605180883ed9373b,2025-02-25T22:09:05.680000 CVE-2025-0321,0,0,949a46e9b053903a4a5e7760dec47f1d94e986bd99c2cdf86cabc314ed2bfdb6,2025-01-30T17:39:45.447000 +CVE-2025-0324,1,1,52423cd92dd20ee620b7c443ba62058d2e234026a475e7508d3314613f5c222f,2025-06-02T08:15:20.560000 +CVE-2025-0325,1,1,1b2daf0ae0b2f6c8e906607fd1c098d3946f334f627872e63d2a88ae242aaaf2,2025-06-02T08:15:20.767000 CVE-2025-0327,0,0,b0d403ed029992537329b72e255db6654825e2f564637a9b3d86592d52f17a2b,2025-02-13T07:15:10.570000 CVE-2025-0328,0,0,25c0760d244498984cda91678b883cf89d3e8fcbb9c37fd0d45c67359c7184a7,2025-01-09T17:15:17.330000 CVE-2025-0329,0,0,86e7446008ec6cc24ddbd8186a5b113231eae3c153e2ee31de61002da3a0e409,2025-05-20T20:15:41.090000 @@ -282571,6 +282573,7 @@ CVE-2025-0354,0,0,55d23a0a87a8729e983746f1f043f903439316639d87df33d11e2f4253dd49 CVE-2025-0355,0,0,60139aab38184d5553deea3c96ee67451ff405f2b0f65acb32b8c01c91586866,2025-01-21T04:15:07.877000 CVE-2025-0356,0,0,7e522859a3d0689ccb777c8fef64a1b2b2f878cb4a2c9cceba026470a39874f6,2025-02-17T10:15:08.973000 CVE-2025-0357,0,0,df5c0a6ac781af75cafd196fb09095118363aace417f54bcacf4fa1ca90a90ea,2025-05-28T20:40:49.010000 +CVE-2025-0358,1,1,67eb28ac0a6e5a0a1b0601caf0e62ae1412b17c6fedf30dc6124168cf4594a87,2025-06-02T08:15:20.917000 CVE-2025-0359,0,0,5d195c4a796a9d61c5445ec078ba210735f7a70ba6be4fd93632b7b4f6027f55,2025-03-04T06:15:30.023000 CVE-2025-0360,0,0,6206f28ff4cea73a7524a4842bc2375d59423b5ee65bea65d99ad80bb9353d1b,2025-03-04T06:15:30.180000 CVE-2025-0361,0,0,38c5565d3d35e3d9ea55d49f3958a1fdae6a96a7127a923a7e096f4b7af3eefa,2025-04-08T18:13:53.347000 @@ -283274,7 +283277,7 @@ CVE-2025-1230,0,0,dd0a3ca0e089c26c5259a45f938e8e64977c81ece19c03ae3b8594f4d83448 CVE-2025-1231,0,0,dcc7744995b7d6bb53bad0c3a17ccdace3cc9ce75803cc23b72d1ab8d116a265,2025-03-28T16:22:09.763000 CVE-2025-1232,0,0,fcd0ac59c3c7caf2407e342073ec1e90203a50961ca0b407b3ff0599be277293,2025-05-09T12:00:30.697000 CVE-2025-1233,0,0,248d157a3a9795ad7b5bacde63572ac501f8b78b0f5a37a6e1dc0eb248d4f5a1,2025-04-07T14:17:50.220000 -CVE-2025-1235,1,1,8146f10f36445378f6868c08b1d44deafe50c376e73fbd30030222b8da0fdbb8,2025-06-02T07:15:21.450000 +CVE-2025-1235,0,0,8146f10f36445378f6868c08b1d44deafe50c376e73fbd30030222b8da0fdbb8,2025-06-02T07:15:21.450000 CVE-2025-1239,0,0,6187788ffe5fd6000cc24d081f477dcae5b0ef59871d160b3ff23ee25b818501,2025-02-14T14:15:32.687000 CVE-2025-1240,0,0,363ac0ec488e57d295d78c481b595c1c1507ba076f5813d8f4f20530988afa84,2025-02-11T22:15:29.800000 CVE-2025-1243,0,0,b36908327b1b41fa664c4a39c71934592fd1d75bcc40ba67f7d64ed64955da7e,2025-02-12T01:15:09.073000 @@ -283471,7 +283474,7 @@ CVE-2025-1479,0,0,da613c9cffa07de1a538909407be6870d9fa6c4515c3cb371621aa3eb53fd0 CVE-2025-1481,0,0,d10660ccfc75afffd9cc52715a6e9675c63c4f59ae92c95b59ff9bb03291f5a4,2025-03-12T16:40:25.783000 CVE-2025-1483,0,0,eed3d83cb2da5908d92aa9dd620a120571071c04f49e7599dc48ec4179593bf0,2025-02-25T18:59:39.860000 CVE-2025-1484,0,0,6d217d721a5de7a9d860e4a9318f4944f3853e2f4fbfc2bfa097bc5a318410f8,2025-05-30T16:31:03.107000 -CVE-2025-1485,1,1,ccde96526f106c09da803fe4e64200b3dca262576180472153ccfa071cd08c48,2025-06-02T06:15:20.267000 +CVE-2025-1485,0,0,ccde96526f106c09da803fe4e64200b3dca262576180472153ccfa071cd08c48,2025-06-02T06:15:20.267000 CVE-2025-1486,0,0,d9927d7d4d1384639bc8151ec9cdf5ac42c5c5ba19dec6e228e44ddcc54c667c,2025-04-09T13:10:08.783000 CVE-2025-1487,0,0,08095a6c47277e146f974b72230847c7e22adc360332813ad879609a240493bd,2025-04-09T13:07:45.937000 CVE-2025-1488,0,0,41db8f13bdc7bcc4795270a365123a77f5c2866e92341d8e17a3cfe430cb556b,2025-03-27T00:25:37.117000 @@ -293594,7 +293597,7 @@ CVE-2025-39505,0,0,0677fac6beec77521e6cb7a2462dcfabf24b73771e71144370fe1fac1a5cd CVE-2025-39506,0,0,c041a0372538698a8f9d605ef133903ae98a32f47f46be4c5902cd3007028990,2025-05-23T15:54:42.643000 CVE-2025-39507,0,0,153edd47f6c54e82721dafc775a1295a12cc1a46c28af61e988288ae13eaeac8,2025-05-19T13:35:50.497000 CVE-2025-39509,0,0,d3578f65cd41e4e0c16f06d83435211fb15d698deb858958cf89a70a520fd1d7,2025-05-19T13:35:50.497000 -CVE-2025-3951,1,1,53a450658437af0a38c200c140ce803529e7cfa43f6c8b35a1ab7e901d3fab62,2025-06-02T06:15:20.620000 +CVE-2025-3951,0,0,53a450658437af0a38c200c140ce803529e7cfa43f6c8b35a1ab7e901d3fab62,2025-06-02T06:15:20.620000 CVE-2025-39511,0,0,a36b3376d554b5146c42c1b1398688f2aa1974a059829a1cc40eb1eaa00a9ff1,2025-05-19T13:35:50.497000 CVE-2025-39512,0,0,126985d0ea09fa4c3bb0f5148fddbfff2eeceb61c37d743a298410e0bf5c015f,2025-04-16T13:25:37.340000 CVE-2025-39513,0,0,1ce19e3c2a9b234563847c1f7c6fcae3a029b809bb52b6108c9c455bb7201527,2025-04-16T13:25:37.340000 @@ -293747,7 +293750,7 @@ CVE-2025-4006,0,0,b4863f9bca9c45c782eac4e0a8df6c153136ca75006dde5bfd67dbac13da0e CVE-2025-4007,0,0,9777df4491741671ed8bb32daaef6bd13e88a3bc80a38f81c67c7e3aae15aace,2025-04-29T13:52:10.697000 CVE-2025-4008,0,0,f0130f878a53471d3fb1549dc09ccb4cbdfcbe18d257d761f05f6b646d258a62,2025-05-23T08:15:18.633000 CVE-2025-4009,0,0,0370307f1749db0bcf82f9fb8d3b9e4085526846709cddc4bd8a8d824343e156,2025-05-28T15:01:30.720000 -CVE-2025-4010,1,1,cc2f6f4c6d088ba86836a4bfff957b1644d39794001cc5e7aa56f4558e9e6764,2025-06-02T07:15:21.833000 +CVE-2025-4010,0,0,cc2f6f4c6d088ba86836a4bfff957b1644d39794001cc5e7aa56f4558e9e6764,2025-06-02T07:15:21.833000 CVE-2025-4011,0,0,3819550e074b2f97f25ec51252193290e9c87c0a28a7aedb206338328c0e7b76,2025-04-29T13:52:10.697000 CVE-2025-40114,0,0,18b151536edb74ce6ae0abb057cdaf2f657d28b31cc048efaafef211823a9957,2025-04-29T13:46:29.167000 CVE-2025-4012,0,0,36dc3f78b0e7e3ac1f05487215ef307e4a3550924eb6d25961b0b1557c98be91,2025-05-12T19:30:30.873000 @@ -295959,6 +295962,7 @@ CVE-2025-5109,0,0,5abf8acd1fc057f203dd85a2a34a9edaa7978027ca3d8fc7088b1ce3b56aeb CVE-2025-5110,0,0,e2706181e4b2e1bc3c920ff85e81ecd3dc0098104158eb0a62ceafab3ac1e150,2025-05-23T15:54:42.643000 CVE-2025-5111,0,0,ab3c47416b65781d53c047fed78dbbb335dd4bed9307ae97643de9e73c2c429f,2025-05-23T15:54:42.643000 CVE-2025-5112,0,0,f0cd0b8c93be317d3a2c0e92912b455b4fb61ee919b7fe6bebacd87c921bdc33,2025-05-23T15:54:42.643000 +CVE-2025-5113,1,1,c9cd1ca469c2fe586b05d50d6a6361ec97a90883addf6a9736351ab6c4e1b616,2025-06-02T08:15:21.073000 CVE-2025-5114,0,0,20a4205c8646981529f8abb6bcbb5fe0a32214254e6052ddc8802d6fd9b03d3c,2025-05-23T15:54:42.643000 CVE-2025-5117,0,0,d8ff3473124b58dde3b831065aca2c1cf497de1bb078c68e491105627964201f,2025-05-28T15:01:30.720000 CVE-2025-5119,0,0,bf969a61748b203da4a3f2f501a91ebb4932bff138f2ad55051f80ff5d8eb019,2025-05-28T14:58:52.920000 @@ -296167,7 +296171,12 @@ CVE-2025-5427,0,0,7248241b6511e7dae2909aae008975c5e1d909b0fa9a2d42cb023cab3ad79f CVE-2025-5428,0,0,8e37e3d63a4fe3eb041bc551acaf6d51874f670999761815a63f3357c2185ba8,2025-06-02T04:15:44.977000 CVE-2025-5429,0,0,d3b059787ffa7e06d4a4aef3851efbbfa5534e20659ffd5b3f55c63550568be6,2025-06-02T05:16:08.447000 CVE-2025-5430,0,0,9c8ff751e513a786224c51fe5c3552be7b4d78ad672aaba460fa4a9f98a16c6a,2025-06-02T05:16:09.920000 -CVE-2025-5431,1,1,efefbcf239cea408ae0e3ee2472f3f1a37ba8c9e3dce439dcb4ab817f2a98a32,2025-06-02T06:15:20.740000 -CVE-2025-5432,1,1,d572dc3edae46e5957de45fa4ac2dd9d097546a0d1041dbbae03cd7598f7b12e,2025-06-02T06:15:21.023000 -CVE-2025-5433,1,1,c8bef5e02889d81d9820bc4f7df922d26d02dd5fb2e601c82875e353e00ca72f,2025-06-02T07:15:22 -CVE-2025-5434,1,1,4e7c75fc3ac4e181befe9a93c9c12ef65751e8d2fe55da16447e5daadcd83eaa,2025-06-02T07:15:22.230000 +CVE-2025-5431,0,0,efefbcf239cea408ae0e3ee2472f3f1a37ba8c9e3dce439dcb4ab817f2a98a32,2025-06-02T06:15:20.740000 +CVE-2025-5432,0,0,d572dc3edae46e5957de45fa4ac2dd9d097546a0d1041dbbae03cd7598f7b12e,2025-06-02T06:15:21.023000 +CVE-2025-5433,0,0,c8bef5e02889d81d9820bc4f7df922d26d02dd5fb2e601c82875e353e00ca72f,2025-06-02T07:15:22 +CVE-2025-5434,0,0,4e7c75fc3ac4e181befe9a93c9c12ef65751e8d2fe55da16447e5daadcd83eaa,2025-06-02T07:15:22.230000 +CVE-2025-5435,1,1,dcf4258cf6809dfc182d62df7089a871748c9b139044f7b2923e29e48b3038b5,2025-06-02T08:15:21.230000 +CVE-2025-5436,1,1,d68e6cc48ff07effcdabcbcf49258634252ea2262182e54eb43102662626e959,2025-06-02T08:15:21.437000 +CVE-2025-5437,1,1,3052fa6936274bb3eba99317d3e4daab84fd4fe1ceb685290dca60c7fa3d1a04,2025-06-02T09:15:21.027000 +CVE-2025-5438,1,1,990c843261638a390371e7714161b5d3176423efe5d9172f5f232f3bddb512be,2025-06-02T09:15:21.280000 +CVE-2025-5455,1,1,8d271c9b47b5647f1f114bae05a0555876aab8060dabdd5d5775e0ee67faf718,2025-06-02T09:15:21.493000