Auto-Update: 2025-07-01T10:00:10.939705+00:00

2025-07-09 16:05:11 +00:00 · 2025-07-01 10:03:47 +00:00 · 2025-07-01 10:03:47 +00:00 · a1c6e7a482
commit a1c6e7a482
parent a7187623ad
7 changed files with 193 additions and 14 deletions
--- a/CVE-2025/CVE-2025-416xx/CVE-2025-41648.json
+++ b/CVE-2025/CVE-2025-416xx/CVE-2025-41648.json
@ -0,0 +1,56 @@
+{
+  "id": "CVE-2025-41648",
+  "sourceIdentifier": "info@cert.vde.com",
+  "published": "2025-07-01T08:15:23.280",
+  "lastModified": "2025-07-01T08:15:23.280",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An unauthenticated remote attacker can bypass the login to the web application of the affected devices making it possible to access and change all available settings of the IndustrialPI."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "info@cert.vde.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+          "baseScore": 9.8,
+          "baseSeverity": "CRITICAL",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "info@cert.vde.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-704"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://certvde.com/en/advisories/VDE-2025-039",
+      "source": "info@cert.vde.com"
+    }
+  ]
+}
--- a/CVE-2025/CVE-2025-416xx/CVE-2025-41656.json
+++ b/CVE-2025/CVE-2025-416xx/CVE-2025-41656.json
@ -0,0 +1,56 @@
+{
+  "id": "CVE-2025-41656",
+  "sourceIdentifier": "info@cert.vde.com",
+  "published": "2025-07-01T08:15:24.443",
+  "lastModified": "2025-07-01T08:15:24.443",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An unauthenticated remote attacker can run arbitrary commands on the affected devices with high privileges because the authentication for the Node_RED server is not configured by default."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "info@cert.vde.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
+          "baseScore": 10.0,
+          "baseSeverity": "CRITICAL",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 6.0
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "info@cert.vde.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-306"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://certvde.com/en/advisories/VDE-2025-045",
+      "source": "info@cert.vde.com"
+    }
+  ]
+}
--- a/CVE-2025/CVE-2025-50xx/CVE-2025-5072.json
+++ b/CVE-2025/CVE-2025-50xx/CVE-2025-5072.json
@ -0,0 +1,56 @@
+{
+  "id": "CVE-2025-5072",
+  "sourceIdentifier": "68630edc-a58c-4cbd-9b01-0e130455c8ae",
+  "published": "2025-07-01T09:15:23.430",
+  "lastModified": "2025-07-01T09:15:23.430",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Resource leak vulnerability in ASR180x\u3001ASR190x in con_mgr\u00a0allows Resource Leak Exposure.This issue affects Falcon_Linux\u3001Kestrel\u3001Lapwing_Linux: before v1536."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "68630edc-a58c-4cbd-9b01-0e130455c8ae",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
+          "baseScore": 5.4,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "LOW"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 2.5
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "68630edc-a58c-4cbd-9b01-0e130455c8ae",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-404"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.asrmicro.com/en/goods/psirt?cid=40",
+      "source": "68630edc-a58c-4cbd-9b01-0e130455c8ae"
+    }
+  ]
+}
--- a/CVE-2025/CVE-2025-534xx/CVE-2025-53415.json
+++ b/CVE-2025/CVE-2025-534xx/CVE-2025-53415.json
@ -2,7 +2,7 @@
  "id": "CVE-2025-53415",
  "sourceIdentifier": "759f5e80-c8e1-4224-bead-956d7b33c98b",
  "published": "2025-06-30T09:15:26.903",
-  "lastModified": "2025-06-30T18:38:23.493",
+  "lastModified": "2025-07-01T08:15:24.610",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
@ -53,7 +53,7 @@
  ],
  "references": [
    {
-      "url": "https://www.deltaww.com/en-US/Cybersecurity_Advisory",
+      "url": "https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2025-00009_DTM%20Soft%20and%20DTN%20Soft%20BIN%20File%20Parsing%20Deserialization%20of%20Untrusted%20Data.pdf",
      "source": "759f5e80-c8e1-4224-bead-956d7b33c98b"
    }
  ]
--- a/CVE-2025/CVE-2025-60xx/CVE-2025-6032.json
+++ b/CVE-2025/CVE-2025-60xx/CVE-2025-6032.json
@ -2,7 +2,7 @@
  "id": "CVE-2025-6032",
  "sourceIdentifier": "secalert@redhat.com",
  "published": "2025-06-24T14:15:30.703",
-  "lastModified": "2025-06-26T18:58:14.280",
+  "lastModified": "2025-07-01T08:15:24.757",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
@ -19,7 +19,7 @@
    "cvssMetricV31": [
      {
        "source": "secalert@redhat.com",
-        "type": "Primary",
+        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
@ -42,7 +42,7 @@
  "weaknesses": [
    {
      "source": "secalert@redhat.com",
-      "type": "Primary",
+      "type": "Secondary",
      "description": [
        {
          "lang": "en",
@ -52,6 +52,10 @@
    }
  ],
  "references": [
+    {
+      "url": "https://access.redhat.com/errata/RHSA-2025:9751",
+      "source": "secalert@redhat.com"
+    },
    {
      "url": "https://access.redhat.com/security/cve/CVE-2025-6032",
      "source": "secalert@redhat.com"
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2025-07-01T08:00:15.864836+00:00
+2025-07-01T10:00:10.939705+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2025-07-01T07:15:27.340000+00:00
+2025-07-01T09:15:23.430000+00:00
 ```

 ### Last Data Feed Release
@ -33,20 +33,24 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-299941
+299944
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `1`
+Recently added CVEs: `3`

- [CVE-2025-6934](CVE-2025/CVE-2025-69xx/CVE-2025-6934.json) (`2025-07-01T07:15:27.340`)
+- [CVE-2025-41648](CVE-2025/CVE-2025-416xx/CVE-2025-41648.json) (`2025-07-01T08:15:23.280`)
+- [CVE-2025-41656](CVE-2025/CVE-2025-416xx/CVE-2025-41656.json) (`2025-07-01T08:15:24.443`)
+- [CVE-2025-5072](CVE-2025/CVE-2025-50xx/CVE-2025-5072.json) (`2025-07-01T09:15:23.430`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `0`
+Recently modified CVEs: `2`

+- [CVE-2025-53415](CVE-2025/CVE-2025-534xx/CVE-2025-53415.json) (`2025-07-01T08:15:24.610`)
+- [CVE-2025-6032](CVE-2025/CVE-2025-60xx/CVE-2025-6032.json) (`2025-07-01T08:15:24.757`)


 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -295300,6 +295300,7 @@ CVE-2025-4164,0,0,c409a415056cfc60d19356dab298bdf2afe4926171d33ff65db9098cfdafae
 CVE-2025-41645,0,0,05dc7979d552d91b524b274c74c87b4d6526958474a345200f3e130228064f47,2025-05-13T19:35:18.080000
 CVE-2025-41646,0,0,67ce20c1a9865425780a6906ee39e9288bbd25b638b5a3631cb1e54cf8c9584e,2025-06-10T19:29:22.893000
 CVE-2025-41647,0,0,5696bfc663c0aa975622ee4248f52de6ec349aade18bbef9981e727fbbbe3bde,2025-06-26T18:57:43.670000
+CVE-2025-41648,1,1,504f1c7a8b9b8a537564a17fd156304c83dec8d5a7c368da63baa18651e0667b,2025-07-01T08:15:23.280000
 CVE-2025-41649,0,0,612914eeae0d0b80cff3d2f6bd08d474bd30dce7e9b2b85352e6df3c8ab3fb10,2025-05-28T15:01:30.720000
 CVE-2025-41650,0,0,269c0d41f251c325a207de06d644a97e57e82f1a90edffb55ef7207165df0de3,2025-05-28T15:01:30.720000
 CVE-2025-41651,0,0,38a22c1448767e102d555501f2b957b582c47bcd5ef6a6193da873a6e029276c,2025-05-28T15:01:30.720000
@ -295307,6 +295308,7 @@ CVE-2025-41652,0,0,61b56e820debad0d6ed87e53925b75193550ab4911ec76df587d7530bd8f7
 CVE-2025-41653,0,0,450cb90166822151ca98533cba100a0f07716a6f9e2e385d8b8766038d4b0cb2,2025-05-28T15:01:30.720000
 CVE-2025-41654,0,0,c22856a515f49ccd204a32143b656fc257abf14e343863bdec0d026ca010bcd0,2025-05-28T15:01:30.720000
 CVE-2025-41655,0,0,d4e55c0bf8ee1b4fb7f9a5a70eabfb748935a97fe6cc917be3646a99349642c3,2025-05-28T15:01:30.720000
+CVE-2025-41656,1,1,85744e7fcd8a78f60cdae964e41efce11b2f950448b4ffa6109ee4edb0f32e5c,2025-07-01T08:15:24.443000
 CVE-2025-41657,0,0,a1b26cabf0026db351c1064234b4cb5e82ff11e8893bb90659a77301a2b0ca47,2025-06-12T16:06:39.330000
 CVE-2025-4166,0,0,5bfebbee34c2356ee039434bb4ac7a8705ff7fab6fe8d313f7df39c4661cee90,2025-05-05T20:54:45.973000
 CVE-2025-41661,0,0,79dfa817986795435d6c654e1eede377100321eba8444aaa94e2f98111523cbf,2025-06-12T16:06:20.180000
@ -298345,6 +298347,7 @@ CVE-2025-50693,0,0,e45af4df59709862d79fed94eba81f3c720eac46d3c47878fa15d033f0971
 CVE-2025-50695,0,0,accd627332da7d97b76cb5783ee219c402d198efaa23d938427a710819f5d635,2025-06-27T16:33:31.330000
 CVE-2025-50699,0,0,4c0bde2fe08640f9876a0abd6c636cb9368d5a8798725bda59edf0ef6036f8a0,2025-06-26T18:58:14.280000
 CVE-2025-5071,0,0,884ba5d773bfa631189c2fa39c9690b3ec846f53f569c43eb315d4166f9f7924,2025-06-23T20:16:59.783000
+CVE-2025-5072,1,1,1b5ec5fa93a449e9393af6d7af6fb185f94f9e4e2d1e38b62956c21bf3f856ac,2025-07-01T09:15:23.430000
 CVE-2025-5073,0,0,a1230535d583b5f466b5fe2615cca31afcba55333f600b324f190ec047a41d18,2025-06-05T20:13:49.707000
 CVE-2025-5074,0,0,b32e6a163eb96eec8f69e51ca7a85c7da766b8b9d224e7b4f2f300a52a5b9bc3,2025-06-05T20:14:07.020000
 CVE-2025-5075,0,0,84d47ffcc3b0444179dda95ea7f7a9076e7c3fde7adbf4a674f65dac66b933d7,2025-06-23T14:51:26.367000
@ -298840,7 +298843,7 @@ CVE-2025-53392,0,0,bccadda7d7ed5e7d96eda919617ca61a93ea88413285b2a192f6a5d2885b8
 CVE-2025-53393,0,0,7b64755a7e1248a68992b6b63c4b482ad2eb522925d6670add06e1eb0c5e94da,2025-06-30T18:38:23.493000
 CVE-2025-5340,0,0,9b48da383be5dfbe2bc488480a2be183877451ec75241964210e2e3aad9a2ceb,2025-06-04T14:54:33.783000
 CVE-2025-5341,0,0,2f7555dddd47395f556aef803e272926d99b2be1a7b798f5f5a29577ec1f1191,2025-06-05T20:12:23.777000
-CVE-2025-53415,0,0,33b74d5a137487e1b651bb46afe36b3ccd12029320a37a4553cc83b48e4a0274,2025-06-30T18:38:23.493000
+CVE-2025-53415,0,1,a69e8e91492110c4dbcf675778ea91b79a25d896361aa62120c18b659d9f38c5,2025-07-01T08:15:24.610000
 CVE-2025-53416,0,0,5766bb5741c2eb8f5d7acde7664083885dadd438f2f420d57a6193893c29ac92,2025-06-30T10:15:26.127000
 CVE-2025-5349,0,0,c3dba6df59d2293dc5933fab4b44180a83c69961191d6e1c8668a3b028af5d72,2025-06-17T20:50:23.507000
 CVE-2025-5353,0,0,a9d9e9f405a59eeaccd7ee5466c700cdd9eae2ba20f2bc9c98c5c42953abdf75,2025-06-12T16:06:39.330000
@ -299368,7 +299371,7 @@ CVE-2025-6021,0,0,4d6c316d6b2265feaa5a1f1976caab5acbb233a1583e3791720a0a82dcf439
 CVE-2025-6029,0,0,e9108be7e98d0780991a9dbc9771d79381463de686ea76ad25b1212ca465841e,2025-06-16T12:32:18.840000
 CVE-2025-6030,0,0,e2d083f85b4980fab673be25fe64ff6c58fe5f2e84e15893b8c80d92f1561a4f,2025-06-16T12:32:18.840000
 CVE-2025-6031,0,0,8862006220262f75545734fb5f034c6db29d3c4cbd11030b12e4d70636f9f9cc,2025-06-16T12:32:18.840000
-CVE-2025-6032,0,0,0f517754c22a370cfa7c5b41208770f3083cc36154d65c09646b5c3116704717,2025-06-26T18:58:14.280000
+CVE-2025-6032,0,1,014f9ead9a096c2552bec1427c0bb6bffaac544598b639c9601573d50f357ea8,2025-07-01T08:15:24.757000
 CVE-2025-6035,0,0,b71b50bc0c235c19b2d078bb69ae3921b820489d58f8688dea7a7bdd7515f125,2025-06-16T12:32:18.840000
 CVE-2025-6040,0,0,76a8c143b5834b0cf93cda3bf80ab595e40b144f2532ce0d72ddcf42d08934bb,2025-06-16T12:32:18.840000
 CVE-2025-6050,0,0,67e03dde344620698f5a7773057ca524136abcdd721ce9bc82366b3da1039da8,2025-06-17T20:50:23.507000
@ -299933,7 +299936,7 @@ CVE-2025-6929,0,0,9ece799ba6281b8e7980c379023d8b829d9e61abb4e41ab8d03daafaba29b6
 CVE-2025-6930,0,0,bee982db182da79a40468adbb11226ff1e623020a4f5164f27db8f4cc413aaf3,2025-06-30T22:15:30.010000
 CVE-2025-6931,0,0,df9ddfbde912faafa5e4493b429283a88936738657f10a40de2d7749ea0b032c,2025-06-30T23:15:21.863000
 CVE-2025-6932,0,0,6c23dab722d2bfca6e0ab05eb53a46bfd002e1a13ce5c4f6e40d491d0daae338,2025-06-30T23:15:22.103000
-CVE-2025-6934,1,1,a17d233a1432d2df5bb92b39d598a58250ad95fa7709f512169f9ea3cbd589d9,2025-07-01T07:15:27.340000
+CVE-2025-6934,0,0,a17d233a1432d2df5bb92b39d598a58250ad95fa7709f512169f9ea3cbd589d9,2025-07-01T07:15:27.340000
 CVE-2025-6935,0,0,fd4a1ec4b99f2a650759c2bea64cb45ca308091d621bef64e4913956328f51d5,2025-07-01T00:15:26.503000
 CVE-2025-6936,0,0,17d978cfdc085edc95015327ec5495108c341661ff194664ad18d0b05d6deb47,2025-07-01T00:15:26.740000
 CVE-2025-6937,0,0,b10d8c1265117b053b6599e6b544c7c61d2c978d507bac9b95b840b3f696bfc4,2025-07-01T01:15:28.577000