admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 11:37:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-02-23T23:00:20.057715+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-02-23 23:03:46 +00:00
parent a3f673afe5
commit a148206511
4 changed files with 302 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

149
CVE-2025/CVE-2025-15xx/CVE-2025-1594.json Normal file
View File

@ -0,0 +1,149 @@
{
"id": "CVE-2025-1594",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-02-23T21:15:09.130",
"lastModified": "2025-02-23T21:15:09.130",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ff_aac_search_for_tns of the file libavcodec/aacenc_tns.c of the component AAC Encoder. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "PASSIVE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [
{
"url": "https://ffmpeg.org/",
"source": "cna@vuldb.com"
},
{
"url": "https://trac.ffmpeg.org/attachment/ticket/11418/poc",
"source": "cna@vuldb.com"
},
{
"url": "https://trac.ffmpeg.org/ticket/11418#comment:3",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.296589",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.296589",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.496929",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2025/CVE-2025-15xx/CVE-2025-1595.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-1595",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-02-23T22:15:08.190",
"lastModified": "2025-02-23T22:15:08.190",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Anhui Xufan Information Technology EasyCVR up to 2.7.0 and classified as problematic. This vulnerability affects unknown code of the file /api/v1/getbaseconfig. The manipulation leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "NONE",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"baseScore": 5.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
},
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://github.com/MH521/POC/blob/main/EasyCVR-%E8%A7%86%E9%A2%91%E7%AE%A1%E7%90%86%E5%B9%B3%E5%8F%B0getbaseconfig%E6%8E%A5%E5%8F%A3%E6%9C%AA%E6%8E%88%E6%9D%83%E8%AE%BF%E9%97%AE.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.296590",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.296590",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.497485",
"source": "cna@vuldb.com"
}
]
}

14
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-02-23T21:00:20.253775+00:00
2025-02-23T23:00:20.057715+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-02-23T20:15:09.210000+00:00
2025-02-23T22:15:08.190000+00:00
```
### Last Data Feed Release
@ -33,17 +33,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
282109
282111
```
### CVEs added in the last Commit
Recently added CVEs: `4`
Recently added CVEs: `2`
- [CVE-2025-1590](CVE-2025/CVE-2025-15xx/CVE-2025-1590.json) (`2025-02-23T19:15:08.780`)
- [CVE-2025-1591](CVE-2025/CVE-2025-15xx/CVE-2025-1591.json) (`2025-02-23T19:15:09.407`)
- [CVE-2025-1592](CVE-2025/CVE-2025-15xx/CVE-2025-1592.json) (`2025-02-23T20:15:08.243`)
- [CVE-2025-1593](CVE-2025/CVE-2025-15xx/CVE-2025-1593.json) (`2025-02-23T20:15:09.210`)
- [CVE-2025-1594](CVE-2025/CVE-2025-15xx/CVE-2025-1594.json) (`2025-02-23T21:15:09.130`)
- [CVE-2025-1595](CVE-2025/CVE-2025-15xx/CVE-2025-1595.json) (`2025-02-23T22:15:08.190`)
### CVEs modified in the last Commit

10
_state.csv
View File

@ -279712,10 +279712,12 @@ CVE-2025-1586,0,0,2e1988f52d595a1d9d9f6b46c7e86dfce63fd00ec8e302d63927e1f91f2ed4
CVE-2025-1587,0,0,549a7c2656a2ae2fbc91f2512a9c195c906f315a63875bedbfb98906fe2b2d89,2025-02-23T15:15:10.107000
CVE-2025-1588,0,0,276dd8268245c9486b93f77f6f34e5eeb8a013f4706e2808775c4a29407629d1,2025-02-23T16:15:08.637000
CVE-2025-1589,0,0,d59fc53f1317cf37da767c9f2425cbb5d54c2378befb855f03beb5810fb4efb2,2025-02-23T18:15:08.427000
CVE-2025-1590,1,1,1ad11388bda41ec07012eaa5c62864adb695bbc852c9bed8b8d1be07e6420b3b,2025-02-23T19:15:08.780000
CVE-2025-1591,1,1,91c7d35b1ff2c9c2952c39df19b5abd917f99e119dd68d46b75056f9e01502d1,2025-02-23T19:15:09.407000
CVE-2025-1592,1,1,177cec6067e9eb1dfc0a71399c1200f508d2234a34e7b7bd8fcd77ea2d8364e0,2025-02-23T20:15:08.243000
CVE-2025-1593,1,1,11816f1e28eb1338430f195be710ad934058ffe6425c7c51bd54af6ada593384,2025-02-23T20:15:09.210000
CVE-2025-1590,0,0,1ad11388bda41ec07012eaa5c62864adb695bbc852c9bed8b8d1be07e6420b3b,2025-02-23T19:15:08.780000
CVE-2025-1591,0,0,91c7d35b1ff2c9c2952c39df19b5abd917f99e119dd68d46b75056f9e01502d1,2025-02-23T19:15:09.407000
CVE-2025-1592,0,0,177cec6067e9eb1dfc0a71399c1200f508d2234a34e7b7bd8fcd77ea2d8364e0,2025-02-23T20:15:08.243000
CVE-2025-1593,0,0,11816f1e28eb1338430f195be710ad934058ffe6425c7c51bd54af6ada593384,2025-02-23T20:15:09.210000
CVE-2025-1594,1,1,82c79599ad23aee2986f472f3c7284952e11d3aa1cfc1fb2cbaff9ee1e59a908,2025-02-23T21:15:09.130000
CVE-2025-1595,1,1,2ebe71182f4cc97d68ea9808877b92817e3a7b934ff3df86e77453509bcc9f2d,2025-02-23T22:15:08.190000
CVE-2025-20014,0,0,9692e5cd581a413def58e50a6734c5a89401a76673de37fc6a41ad824a4429cc,2025-01-29T20:15:35.207000
CVE-2025-20016,0,0,6fccb84eb01c2cd66b422e82777f9738bfe5004121e1b551d0ae454724543c0e,2025-01-14T10:15:07.500000
CVE-2025-20029,0,0,9b8781ac9a16d1f4940e1c86f8d87c8f1f8e66cb5b362950b6fdcd60c25126c4,2025-02-05T18:15:29.573000

Can't render this file because it is too large.