From a1c6e7a482a17dbcb22173fedee5fb96c2566239 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Tue, 1 Jul 2025 10:03:47 +0000 Subject: [PATCH] Auto-Update: 2025-07-01T10:00:10.939705+00:00 --- CVE-2025/CVE-2025-416xx/CVE-2025-41648.json | 56 +++++++++++++++++++++ CVE-2025/CVE-2025-416xx/CVE-2025-41656.json | 56 +++++++++++++++++++++ CVE-2025/CVE-2025-50xx/CVE-2025-5072.json | 56 +++++++++++++++++++++ CVE-2025/CVE-2025-534xx/CVE-2025-53415.json | 4 +- CVE-2025/CVE-2025-60xx/CVE-2025-6032.json | 10 ++-- README.md | 16 +++--- _state.csv | 9 ++-- 7 files changed, 193 insertions(+), 14 deletions(-) create mode 100644 CVE-2025/CVE-2025-416xx/CVE-2025-41648.json create mode 100644 CVE-2025/CVE-2025-416xx/CVE-2025-41656.json create mode 100644 CVE-2025/CVE-2025-50xx/CVE-2025-5072.json diff --git a/CVE-2025/CVE-2025-416xx/CVE-2025-41648.json b/CVE-2025/CVE-2025-416xx/CVE-2025-41648.json new file mode 100644 index 00000000000..658fa94618b --- /dev/null +++ b/CVE-2025/CVE-2025-416xx/CVE-2025-41648.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-41648", + "sourceIdentifier": "info@cert.vde.com", + "published": "2025-07-01T08:15:23.280", + "lastModified": "2025-07-01T08:15:23.280", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An unauthenticated remote attacker can bypass the login to the web application of the affected devices making it possible to access and change all available settings of the IndustrialPI." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "info@cert.vde.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "info@cert.vde.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-704" + } + ] + } + ], + "references": [ + { + "url": "https://certvde.com/en/advisories/VDE-2025-039", + "source": "info@cert.vde.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-416xx/CVE-2025-41656.json b/CVE-2025/CVE-2025-416xx/CVE-2025-41656.json new file mode 100644 index 00000000000..8a9029420a3 --- /dev/null +++ b/CVE-2025/CVE-2025-416xx/CVE-2025-41656.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-41656", + "sourceIdentifier": "info@cert.vde.com", + "published": "2025-07-01T08:15:24.443", + "lastModified": "2025-07-01T08:15:24.443", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An unauthenticated remote attacker can run arbitrary commands on the affected devices with high privileges because the authentication for the Node_RED server is not configured by default." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "info@cert.vde.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "baseScore": 10.0, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "info@cert.vde.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-306" + } + ] + } + ], + "references": [ + { + "url": "https://certvde.com/en/advisories/VDE-2025-045", + "source": "info@cert.vde.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-50xx/CVE-2025-5072.json b/CVE-2025/CVE-2025-50xx/CVE-2025-5072.json new file mode 100644 index 00000000000..968da384ed0 --- /dev/null +++ b/CVE-2025/CVE-2025-50xx/CVE-2025-5072.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-5072", + "sourceIdentifier": "68630edc-a58c-4cbd-9b01-0e130455c8ae", + "published": "2025-07-01T09:15:23.430", + "lastModified": "2025-07-01T09:15:23.430", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Resource leak vulnerability in ASR180x\u3001ASR190x in con_mgr\u00a0allows Resource Leak Exposure.This issue affects Falcon_Linux\u3001Kestrel\u3001Lapwing_Linux: before v1536." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "68630edc-a58c-4cbd-9b01-0e130455c8ae", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "68630edc-a58c-4cbd-9b01-0e130455c8ae", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-404" + } + ] + } + ], + "references": [ + { + "url": "https://www.asrmicro.com/en/goods/psirt?cid=40", + "source": "68630edc-a58c-4cbd-9b01-0e130455c8ae" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-534xx/CVE-2025-53415.json b/CVE-2025/CVE-2025-534xx/CVE-2025-53415.json index 01bfee4d032..11ebf8b96cb 100644 --- a/CVE-2025/CVE-2025-534xx/CVE-2025-53415.json +++ b/CVE-2025/CVE-2025-534xx/CVE-2025-53415.json @@ -2,7 +2,7 @@ "id": "CVE-2025-53415", "sourceIdentifier": "759f5e80-c8e1-4224-bead-956d7b33c98b", "published": "2025-06-30T09:15:26.903", - "lastModified": "2025-06-30T18:38:23.493", + "lastModified": "2025-07-01T08:15:24.610", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -53,7 +53,7 @@ ], "references": [ { - "url": "https://www.deltaww.com/en-US/Cybersecurity_Advisory", + "url": "https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2025-00009_DTM%20Soft%20and%20DTN%20Soft%20BIN%20File%20Parsing%20Deserialization%20of%20Untrusted%20Data.pdf", "source": "759f5e80-c8e1-4224-bead-956d7b33c98b" } ] diff --git a/CVE-2025/CVE-2025-60xx/CVE-2025-6032.json b/CVE-2025/CVE-2025-60xx/CVE-2025-6032.json index fee54ca32be..eaf809c2257 100644 --- a/CVE-2025/CVE-2025-60xx/CVE-2025-6032.json +++ b/CVE-2025/CVE-2025-60xx/CVE-2025-6032.json @@ -2,7 +2,7 @@ "id": "CVE-2025-6032", "sourceIdentifier": "secalert@redhat.com", "published": "2025-06-24T14:15:30.703", - "lastModified": "2025-06-26T18:58:14.280", + "lastModified": "2025-07-01T08:15:24.757", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -19,7 +19,7 @@ "cvssMetricV31": [ { "source": "secalert@redhat.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", @@ -42,7 +42,7 @@ "weaknesses": [ { "source": "secalert@redhat.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -52,6 +52,10 @@ } ], "references": [ + { + "url": "https://access.redhat.com/errata/RHSA-2025:9751", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2025-6032", "source": "secalert@redhat.com" diff --git a/README.md b/README.md index e88a9d1d87c..d0a8ec5ef0a 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-07-01T08:00:15.864836+00:00 +2025-07-01T10:00:10.939705+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-07-01T07:15:27.340000+00:00 +2025-07-01T09:15:23.430000+00:00 ``` ### Last Data Feed Release @@ -33,20 +33,24 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -299941 +299944 ``` ### CVEs added in the last Commit -Recently added CVEs: `1` +Recently added CVEs: `3` -- [CVE-2025-6934](CVE-2025/CVE-2025-69xx/CVE-2025-6934.json) (`2025-07-01T07:15:27.340`) +- [CVE-2025-41648](CVE-2025/CVE-2025-416xx/CVE-2025-41648.json) (`2025-07-01T08:15:23.280`) +- [CVE-2025-41656](CVE-2025/CVE-2025-416xx/CVE-2025-41656.json) (`2025-07-01T08:15:24.443`) +- [CVE-2025-5072](CVE-2025/CVE-2025-50xx/CVE-2025-5072.json) (`2025-07-01T09:15:23.430`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `2` +- [CVE-2025-53415](CVE-2025/CVE-2025-534xx/CVE-2025-53415.json) (`2025-07-01T08:15:24.610`) +- [CVE-2025-6032](CVE-2025/CVE-2025-60xx/CVE-2025-6032.json) (`2025-07-01T08:15:24.757`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 77a3984ef6c..388bafed5e7 100644 --- a/_state.csv +++ b/_state.csv @@ -295300,6 +295300,7 @@ CVE-2025-4164,0,0,c409a415056cfc60d19356dab298bdf2afe4926171d33ff65db9098cfdafae CVE-2025-41645,0,0,05dc7979d552d91b524b274c74c87b4d6526958474a345200f3e130228064f47,2025-05-13T19:35:18.080000 CVE-2025-41646,0,0,67ce20c1a9865425780a6906ee39e9288bbd25b638b5a3631cb1e54cf8c9584e,2025-06-10T19:29:22.893000 CVE-2025-41647,0,0,5696bfc663c0aa975622ee4248f52de6ec349aade18bbef9981e727fbbbe3bde,2025-06-26T18:57:43.670000 +CVE-2025-41648,1,1,504f1c7a8b9b8a537564a17fd156304c83dec8d5a7c368da63baa18651e0667b,2025-07-01T08:15:23.280000 CVE-2025-41649,0,0,612914eeae0d0b80cff3d2f6bd08d474bd30dce7e9b2b85352e6df3c8ab3fb10,2025-05-28T15:01:30.720000 CVE-2025-41650,0,0,269c0d41f251c325a207de06d644a97e57e82f1a90edffb55ef7207165df0de3,2025-05-28T15:01:30.720000 CVE-2025-41651,0,0,38a22c1448767e102d555501f2b957b582c47bcd5ef6a6193da873a6e029276c,2025-05-28T15:01:30.720000 @@ -295307,6 +295308,7 @@ CVE-2025-41652,0,0,61b56e820debad0d6ed87e53925b75193550ab4911ec76df587d7530bd8f7 CVE-2025-41653,0,0,450cb90166822151ca98533cba100a0f07716a6f9e2e385d8b8766038d4b0cb2,2025-05-28T15:01:30.720000 CVE-2025-41654,0,0,c22856a515f49ccd204a32143b656fc257abf14e343863bdec0d026ca010bcd0,2025-05-28T15:01:30.720000 CVE-2025-41655,0,0,d4e55c0bf8ee1b4fb7f9a5a70eabfb748935a97fe6cc917be3646a99349642c3,2025-05-28T15:01:30.720000 +CVE-2025-41656,1,1,85744e7fcd8a78f60cdae964e41efce11b2f950448b4ffa6109ee4edb0f32e5c,2025-07-01T08:15:24.443000 CVE-2025-41657,0,0,a1b26cabf0026db351c1064234b4cb5e82ff11e8893bb90659a77301a2b0ca47,2025-06-12T16:06:39.330000 CVE-2025-4166,0,0,5bfebbee34c2356ee039434bb4ac7a8705ff7fab6fe8d313f7df39c4661cee90,2025-05-05T20:54:45.973000 CVE-2025-41661,0,0,79dfa817986795435d6c654e1eede377100321eba8444aaa94e2f98111523cbf,2025-06-12T16:06:20.180000 @@ -298345,6 +298347,7 @@ CVE-2025-50693,0,0,e45af4df59709862d79fed94eba81f3c720eac46d3c47878fa15d033f0971 CVE-2025-50695,0,0,accd627332da7d97b76cb5783ee219c402d198efaa23d938427a710819f5d635,2025-06-27T16:33:31.330000 CVE-2025-50699,0,0,4c0bde2fe08640f9876a0abd6c636cb9368d5a8798725bda59edf0ef6036f8a0,2025-06-26T18:58:14.280000 CVE-2025-5071,0,0,884ba5d773bfa631189c2fa39c9690b3ec846f53f569c43eb315d4166f9f7924,2025-06-23T20:16:59.783000 +CVE-2025-5072,1,1,1b5ec5fa93a449e9393af6d7af6fb185f94f9e4e2d1e38b62956c21bf3f856ac,2025-07-01T09:15:23.430000 CVE-2025-5073,0,0,a1230535d583b5f466b5fe2615cca31afcba55333f600b324f190ec047a41d18,2025-06-05T20:13:49.707000 CVE-2025-5074,0,0,b32e6a163eb96eec8f69e51ca7a85c7da766b8b9d224e7b4f2f300a52a5b9bc3,2025-06-05T20:14:07.020000 CVE-2025-5075,0,0,84d47ffcc3b0444179dda95ea7f7a9076e7c3fde7adbf4a674f65dac66b933d7,2025-06-23T14:51:26.367000 @@ -298840,7 +298843,7 @@ CVE-2025-53392,0,0,bccadda7d7ed5e7d96eda919617ca61a93ea88413285b2a192f6a5d2885b8 CVE-2025-53393,0,0,7b64755a7e1248a68992b6b63c4b482ad2eb522925d6670add06e1eb0c5e94da,2025-06-30T18:38:23.493000 CVE-2025-5340,0,0,9b48da383be5dfbe2bc488480a2be183877451ec75241964210e2e3aad9a2ceb,2025-06-04T14:54:33.783000 CVE-2025-5341,0,0,2f7555dddd47395f556aef803e272926d99b2be1a7b798f5f5a29577ec1f1191,2025-06-05T20:12:23.777000 -CVE-2025-53415,0,0,33b74d5a137487e1b651bb46afe36b3ccd12029320a37a4553cc83b48e4a0274,2025-06-30T18:38:23.493000 +CVE-2025-53415,0,1,a69e8e91492110c4dbcf675778ea91b79a25d896361aa62120c18b659d9f38c5,2025-07-01T08:15:24.610000 CVE-2025-53416,0,0,5766bb5741c2eb8f5d7acde7664083885dadd438f2f420d57a6193893c29ac92,2025-06-30T10:15:26.127000 CVE-2025-5349,0,0,c3dba6df59d2293dc5933fab4b44180a83c69961191d6e1c8668a3b028af5d72,2025-06-17T20:50:23.507000 CVE-2025-5353,0,0,a9d9e9f405a59eeaccd7ee5466c700cdd9eae2ba20f2bc9c98c5c42953abdf75,2025-06-12T16:06:39.330000 @@ -299368,7 +299371,7 @@ CVE-2025-6021,0,0,4d6c316d6b2265feaa5a1f1976caab5acbb233a1583e3791720a0a82dcf439 CVE-2025-6029,0,0,e9108be7e98d0780991a9dbc9771d79381463de686ea76ad25b1212ca465841e,2025-06-16T12:32:18.840000 CVE-2025-6030,0,0,e2d083f85b4980fab673be25fe64ff6c58fe5f2e84e15893b8c80d92f1561a4f,2025-06-16T12:32:18.840000 CVE-2025-6031,0,0,8862006220262f75545734fb5f034c6db29d3c4cbd11030b12e4d70636f9f9cc,2025-06-16T12:32:18.840000 -CVE-2025-6032,0,0,0f517754c22a370cfa7c5b41208770f3083cc36154d65c09646b5c3116704717,2025-06-26T18:58:14.280000 +CVE-2025-6032,0,1,014f9ead9a096c2552bec1427c0bb6bffaac544598b639c9601573d50f357ea8,2025-07-01T08:15:24.757000 CVE-2025-6035,0,0,b71b50bc0c235c19b2d078bb69ae3921b820489d58f8688dea7a7bdd7515f125,2025-06-16T12:32:18.840000 CVE-2025-6040,0,0,76a8c143b5834b0cf93cda3bf80ab595e40b144f2532ce0d72ddcf42d08934bb,2025-06-16T12:32:18.840000 CVE-2025-6050,0,0,67e03dde344620698f5a7773057ca524136abcdd721ce9bc82366b3da1039da8,2025-06-17T20:50:23.507000 @@ -299933,7 +299936,7 @@ CVE-2025-6929,0,0,9ece799ba6281b8e7980c379023d8b829d9e61abb4e41ab8d03daafaba29b6 CVE-2025-6930,0,0,bee982db182da79a40468adbb11226ff1e623020a4f5164f27db8f4cc413aaf3,2025-06-30T22:15:30.010000 CVE-2025-6931,0,0,df9ddfbde912faafa5e4493b429283a88936738657f10a40de2d7749ea0b032c,2025-06-30T23:15:21.863000 CVE-2025-6932,0,0,6c23dab722d2bfca6e0ab05eb53a46bfd002e1a13ce5c4f6e40d491d0daae338,2025-06-30T23:15:22.103000 -CVE-2025-6934,1,1,a17d233a1432d2df5bb92b39d598a58250ad95fa7709f512169f9ea3cbd589d9,2025-07-01T07:15:27.340000 +CVE-2025-6934,0,0,a17d233a1432d2df5bb92b39d598a58250ad95fa7709f512169f9ea3cbd589d9,2025-07-01T07:15:27.340000 CVE-2025-6935,0,0,fd4a1ec4b99f2a650759c2bea64cb45ca308091d621bef64e4913956328f51d5,2025-07-01T00:15:26.503000 CVE-2025-6936,0,0,17d978cfdc085edc95015327ec5495108c341661ff194664ad18d0b05d6deb47,2025-07-01T00:15:26.740000 CVE-2025-6937,0,0,b10d8c1265117b053b6599e6b544c7c61d2c978d507bac9b95b840b3f696bfc4,2025-07-01T01:15:28.577000