admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-03-09T19:00:19.539719+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-03-09 19:03:49 +00:00
parent d3b4d62c5d
commit a7e94bbb59
5 changed files with 292 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

137
CVE-2025/CVE-2025-21xx/CVE-2025-2126.json Normal file
View File

@ -0,0 +1,137 @@
{
"id": "CVE-2025-2126",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-09T17:15:37.453",
"lastModified": "2025-03-09T17:15:37.453",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in JoomlaUX JUX Real Estate 3.4.0 on Joomla and classified as critical. This issue affects some unknown processing of the file /extensions/realestate/index.php/properties/list/list-with-sidebar/realties of the component GET Parameter Handler. The manipulation of the argument title leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 6.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.299039",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.299039",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.509884",
"source": "cna@vuldb.com"
}
]
}

137
CVE-2025/CVE-2025-21xx/CVE-2025-2127.json Normal file
View File

@ -0,0 +1,137 @@
{
"id": "CVE-2025-2127",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-09T18:15:12.807",
"lastModified": "2025-03-09T18:15:12.807",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in JoomlaUX JUX Real Estate 3.4.0 on Joomla. It has been classified as problematic. Affected is an unknown function of the file /extensions/realestate/index.php/properties/list/list-with-sidebar/realties. The manipulation of the argument Itemid/jp_yearbuilt leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"baseScore": 5.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
},
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.299040",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.299040",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.509891",
"source": "cna@vuldb.com"
}
]
}

6
CVE-2025/CVE-2025-276xx/CVE-2025-27636.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-27636",
"sourceIdentifier": "security@apache.org",
"published": "2025-03-09T13:15:34.403",
"lastModified": "2025-03-09T15:15:35.430",
"lastModified": "2025-03-09T17:15:36.580",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -16,6 +16,10 @@
{
"url": "https://lists.apache.org/thread/l3zcg3vts88bmc7w8172wkgw610y693z",
"source": "security@apache.org"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/03/09/1",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}

15
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-03-09T17:00:19.999695+00:00
2025-03-09T19:00:19.539719+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-03-09T16:15:12.550000+00:00
2025-03-09T18:15:12.807000+00:00
```
### Last Data Feed Release
@ -33,23 +33,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
284575
284577
```
### CVEs added in the last Commit
Recently added CVEs: `3`
Recently added CVEs: `2`
- [CVE-2025-2123](CVE-2025/CVE-2025-21xx/CVE-2025-2123.json) (`2025-03-09T15:15:36.413`)
- [CVE-2025-2124](CVE-2025/CVE-2025-21xx/CVE-2025-2124.json) (`2025-03-09T16:15:11.533`)
- [CVE-2025-2125](CVE-2025/CVE-2025-21xx/CVE-2025-2125.json) (`2025-03-09T16:15:12.550`)
- [CVE-2025-2126](CVE-2025/CVE-2025-21xx/CVE-2025-2126.json) (`2025-03-09T17:15:37.453`)
- [CVE-2025-2127](CVE-2025/CVE-2025-21xx/CVE-2025-2127.json) (`2025-03-09T18:15:12.807`)
### CVEs modified in the last Commit
Recently modified CVEs: `1`
- [CVE-2025-27636](CVE-2025/CVE-2025-276xx/CVE-2025-27636.json) (`2025-03-09T15:15:35.430`)
- [CVE-2025-27636](CVE-2025/CVE-2025-276xx/CVE-2025-27636.json) (`2025-03-09T17:15:36.580`)
## Download and Usage

10
_state.csv
View File

@ -281581,7 +281581,7 @@ CVE-2025-21226,0,0,2f5f6ccc39acdfb2b7cec30e176e0e2f1dc141d4d0fd55d9540bbaff25e2e
CVE-2025-21227,0,0,e74cc881cc3f14638775245e0247523b50d3fe8f76ca0a79bf3911d59cf7d8a7,2025-01-27T18:47:16.717000
CVE-2025-21228,0,0,e66ffb1cd2f0c8e69939717342c89b3e470530ed77fe35b7d613be20fb5699e7,2025-01-27T18:47:27.603000
CVE-2025-21229,0,0,5b9d343c3675c785c1883befc5d74a71c8b6d41d9e72125678b91a16a5f7065e,2025-01-27T18:47:37.697000
CVE-2025-2123,1,1,4acb0fd53b16a2ca153ab60669e2444368e4297661d2e9c1e10749c06973c268,2025-03-09T15:15:36.413000
CVE-2025-2123,0,0,4acb0fd53b16a2ca153ab60669e2444368e4297661d2e9c1e10749c06973c268,2025-03-09T15:15:36.413000
CVE-2025-21230,0,0,bf3028f0f96a246b5ecbe951552b973bc02e0b51e420392170a1dd03d48b14e3,2025-01-27T18:47:46.557000
CVE-2025-21231,0,0,d044bbfe2f119bd723d5344cae8147732c3ad7961b5471c3a188b0d47573734f,2025-01-27T18:47:57.930000
CVE-2025-21232,0,0,23d68831fa0a23eddcf0b6ecfa974d8fa3f8ae535f8e37868367b2a8f7dabf73,2025-01-24T21:51:59.700000
@ -281592,7 +281592,7 @@ CVE-2025-21236,0,0,dca2e8b53c129d574dbac8ccc02a830290e2d01e064a4d0709e813650ad78
CVE-2025-21237,0,0,b506da9329a9d4995f8f36c74496bc979a022c50f2ee3daece85fce4c81aff91,2025-01-29T23:15:25.410000
CVE-2025-21238,0,0,ed164642995b0290a2351fc6a7d58207d08112ad22db84484bb6e767035836a9,2025-01-24T21:53:02.610000
CVE-2025-21239,0,0,9c433f5e11131caf059a0860ba4c7d770134beadb640baa1fee0187df1c3cca9,2025-01-24T21:53:18.177000
CVE-2025-2124,1,1,d3d7cac978b1665e17d79fc4c035e308357d73d717ef3597a82d08df52ab375a,2025-03-09T16:15:11.533000
CVE-2025-2124,0,0,d3d7cac978b1665e17d79fc4c035e308357d73d717ef3597a82d08df52ab375a,2025-03-09T16:15:11.533000
CVE-2025-21240,0,0,4e590d3a8323baf8300345fb6a8ba38cde55c5c539dc581c1cd14a5acd47a173,2025-01-24T21:53:10.267000
CVE-2025-21241,0,0,ba5630f727baaa7b0cfb87aabbaa39f667322b2e958c54247ee336f6ea577069,2025-01-24T21:53:32.040000
CVE-2025-21242,0,0,c6ad86d582b94ed7a50bfc44a12a331f9937482569fe42f361fa93258452bd30,2025-01-24T21:53:39.887000
@ -281602,7 +281602,7 @@ CVE-2025-21245,0,0,f8977154881a23caac2cbfb367fae61be05ee6a5797e98c1fce578f1bb50e
CVE-2025-21246,0,0,2355d5f1e5f99349a2c983a1867ed42b3be58a725316ed8d7e78af1b25b93990,2025-01-24T21:54:27.603000
CVE-2025-21248,0,0,5fec9176d3491513238c849ca9f8b98246abbf6bcab1978fcfceaa9a87899f2d,2025-01-24T21:54:19.163000
CVE-2025-21249,0,0,cc0cd96bf402d287899c115acc983f6d8b986d6d0cc004dd6bff6ad28b81b32e,2025-01-24T21:54:39.180000
CVE-2025-2125,1,1,0bb426b75b2dbff3e29d363e4cca36b4e2e1281937adf61b4bb676fb3fe4258b,2025-03-09T16:15:12.550000
CVE-2025-2125,0,0,0bb426b75b2dbff3e29d363e4cca36b4e2e1281937adf61b4bb676fb3fe4258b,2025-03-09T16:15:12.550000
CVE-2025-21250,0,0,4e89a566438f1e28e8838350c59192f7c8bae0fa09d47d1f5f0f32355a4e81f7,2025-01-24T21:54:48.480000
CVE-2025-21251,0,0,5440266405ae4f5a1eea13ba92fdc75258561cea9d4f2a0de5b103c45023d533,2025-01-24T21:54:57.333000
CVE-2025-21252,0,0,6055e1c3e54e765508a0901e6591be173ca3b23ac49a425f1555d0244d559b99,2025-01-24T21:55:05.360000
@ -281613,6 +281613,7 @@ CVE-2025-21256,0,0,046fe33676648d49ab958cea06795409b133ff67b2e397e47021fff2b0522
CVE-2025-21257,0,0,a4aa8eb764428591988a4a9138451d22d056f236bcba642d77cd9ec1175f53f8,2025-01-27T18:48:34.057000
CVE-2025-21258,0,0,1f595e4730f0a0101ec7c6ff9cdba409af8fa944714e620a4a15245fbce00d59,2025-01-27T18:48:41.780000
CVE-2025-21259,0,0,8612071202f3d3592dfe29f2bd8e2314128424dcfd6444cf3765d46d69eb3ffb,2025-02-28T16:02:50.353000
CVE-2025-2126,1,1,aa7468b0e3a8806805757005f42d52f4646e392fd8f7d52d04f7a5c1e448926b,2025-03-09T17:15:37.453000
CVE-2025-21260,0,0,0a7c1f91b0bf465a1abd98448dde131c6cb51ed7e169790e660636d55e49b3fd,2025-01-27T18:48:49.733000
CVE-2025-21261,0,0,4959e566283cea5c3896dc096def632c73bb2ea004186a297dc44c88399b27c3,2025-01-27T18:49:17.243000
CVE-2025-21262,0,0,53158e77111cde0b4bd12b84c347b79f0eb1bff1360ae5aad148e2597a850e89,2025-02-07T15:18:05.707000
@ -281622,6 +281623,7 @@ CVE-2025-21266,0,0,8abedea79e8511d7cc9ff7357e5ea6cdb9a2f5b9b226509251d920fc3d818
CVE-2025-21267,0,0,3a891da8fda86c30d805053c71e6dd16d7ce53ed47c2014adf2682e9c1aa9108,2025-02-11T22:16:55.863000
CVE-2025-21268,0,0,4355dd42a101fb9f129ac11118f3256c96ab67a419ccdd9dbd668d0ac27fec35,2025-01-27T18:49:59.800000
CVE-2025-21269,0,0,65d7ef207dcfb292db82e49469b33d6fba54787be18065168c6f9ec6800b825c,2025-01-27T18:50:21.237000
CVE-2025-2127,1,1,9bd07b409ba602e1c1b63ded85f49c2048c107f0a244f7917dec42bd0c488b97,2025-03-09T18:15:12.807000
CVE-2025-21270,0,0,2d46973a30b722f08c103801bc79939c8fec9b43c85bfe5e28d9ef7adacb72a0,2025-01-27T18:50:32.540000
CVE-2025-21271,0,0,4274828aba1e10041b203e489347317201805b7afde940eb3f935826dc13b54f,2025-01-27T18:38:24.280000
CVE-2025-21272,0,0,9666530ffb6a8bce08f2ce0b86a8e62feebbce948e4c49cfa04a42d76596221d,2025-01-27T18:38:15.907000
@ -284514,7 +284516,7 @@ CVE-2025-27622,0,0,aab424c81f70efb6c2294313600d100f64e720f683885d3b6918b7e0d0c95
CVE-2025-27623,0,0,a7729605ea601dac947d3c9e9dda3f4cf0fc759f67e3d847999a08d4d426400f,2025-03-06T17:15:23.647000
CVE-2025-27624,0,0,386e769fd54c9c9e387001be90fa20a8140740d08fb61eb8c2dc8cbb750364f8,2025-03-06T17:15:23.797000
CVE-2025-27625,0,0,85889be78be476b146c5fda687cdd2b7a01a613eea674a60ada7a9651223e2d5,2025-03-06T17:15:23.960000
CVE-2025-27636,0,1,aaa21b87ef3ccd4318706c44b3410750c79ebb076ae4c3e55e483302e235723a,2025-03-09T15:15:35.430000
CVE-2025-27636,0,1,ab2059c2e72432341cf829888597fff4374d703fafd84b2dd034a070a4071acf,2025-03-09T17:15:36.580000
CVE-2025-27637,0,0,9c062615c8ec6a3ced4ee678ddb923b6d263f273f4e63f5f7bf9a46985accf21,2025-03-05T16:15:40.713000
CVE-2025-27638,0,0,799c839b25e9819e4ec80c30ab7682e659f557f1c902bc7211099cb508098b42,2025-03-05T17:15:16.853000
CVE-2025-27639,0,0,a0477d98f560583497b6432bc3e9038f2aa7b8df2110514ba2e616c075cb3f66,2025-03-05T17:15:17.027000

Can't render this file because it is too large.