Auto-Update: 2025-04-06T04:00:33.062171+00:00

CVE-2024/CVE-2024-581xx/CVE-2024-58131.json

@@ -0,0 +1,56 @@
+{
+  "id": "CVE-2024-58131",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2025-04-06T03:15:13.967",
+  "lastModified": "2025-04-06T03:15:13.967",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "FISCO BCOS 3.11.0 has an issue with synchronization of the transaction pool that can, for example, be observed when a malicious node (that has modified the codebase to allow a large min_seal_time value) joins a blockchain network."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@mitre.org",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L",
+          "baseScore": 4.0,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "LOW"
+        },
+        "exploitabilityScore": 2.2,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve@mitre.org",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-821"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/FISCO-BCOS/FISCO-BCOS/issues/4656",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2024/CVE-2024-581xx/CVE-2024-58132.json

@@ -0,0 +1,56 @@
+{
+  "id": "CVE-2024-58132",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2025-04-06T03:15:15.290",
+  "lastModified": "2025-04-06T03:15:15.290",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In chainmaker-go (aka ChainMaker) before 2.3.6, multiple updates to a single node's configuration can cause other normal nodes to perform concurrent read and write operations on a map, leading to a panic."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@mitre.org",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L",
+          "baseScore": 4.0,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "LOW"
+        },
+        "exploitabilityScore": 2.2,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve@mitre.org",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-821"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://git.chainmaker.org.cn/chainmaker/issue/-/issues/1202",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2024/CVE-2024-581xx/CVE-2024-58133.json

@@ -0,0 +1,56 @@
+{
+  "id": "CVE-2024-58133",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2025-04-06T03:15:15.437",
+  "lastModified": "2025-04-06T03:15:15.437",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In chainmaker-go (aka ChainMaker) before 2.4.0, when making frequent updates to a node's configuration file and restarting this node, concurrent writes by logger.go to a map are mishandled. Creating other logs simultaneously can lead to a read-write conflict and panic."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@mitre.org",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L",
+          "baseScore": 4.0,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "LOW"
+        },
+        "exploitabilityScore": 2.2,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve@mitre.org",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-821"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://git.chainmaker.org.cn/chainmaker/issue/-/issues/1228",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2025/CVE-2025-33xx/CVE-2025-3307.json

@@ -0,0 +1,145 @@
+{
+  "id": "CVE-2025-3307",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2025-04-06T03:15:15.603",
+  "lastModified": "2025-04-06T03:15:15.603",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /reset.php. The manipulation of the argument useremail leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 6.9,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "vulnConfidentialityImpact": "LOW",
+          "vulnIntegrityImpact": "LOW",
+          "vulnAvailabilityImpact": "LOW",
+          "subConfidentialityImpact": "NONE",
+          "subIntegrityImpact": "NONE",
+          "subAvailabilityImpact": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirement": "NOT_DEFINED",
+          "integrityRequirement": "NOT_DEFINED",
+          "availabilityRequirement": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
+          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
+          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
+          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
+          "modifiedSubIntegrityImpact": "NOT_DEFINED",
+          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
+          "Safety": "NOT_DEFINED",
+          "Automatable": "NOT_DEFINED",
+          "Recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
+          "baseScore": 7.3,
+          "baseSeverity": "HIGH",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 3.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
+          "baseScore": 7.5,
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "NONE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "PARTIAL"
+        },
+        "baseSeverity": "HIGH",
+        "exploitabilityScore": 10.0,
+        "impactScore": 6.4,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-74"
+        },
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://code-projects.org/",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://github.com/p1026/CVE/issues/24",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.303504",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.303504",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.550192",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}

README.md

@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2025-04-06T02:00:19.546304+00:00
+2025-04-06T04:00:33.062171+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2025-04-06T01:15:40.663000+00:00
+2025-04-06T03:15:15.603000+00:00
 ```
 
 ### Last Data Feed Release
@@ -33,21 +33,23 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-288705
+288709
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `1`
+Recently added CVEs: `4`
 
-- [CVE-2025-3306](CVE-2025/CVE-2025-33xx/CVE-2025-3306.json) (`2025-04-06T01:15:40.663`)
+- [CVE-2024-58131](CVE-2024/CVE-2024-581xx/CVE-2024-58131.json) (`2025-04-06T03:15:13.967`)
+- [CVE-2024-58132](CVE-2024/CVE-2024-581xx/CVE-2024-58132.json) (`2025-04-06T03:15:15.290`)
+- [CVE-2024-58133](CVE-2024/CVE-2024-581xx/CVE-2024-58133.json) (`2025-04-06T03:15:15.437`)
+- [CVE-2025-3307](CVE-2025/CVE-2025-33xx/CVE-2025-3307.json) (`2025-04-06T03:15:15.603`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `1`
+Recently modified CVEs: `0`
 
-- [CVE-2025-32366](CVE-2025/CVE-2025-323xx/CVE-2025-32366.json) (`2025-04-06T00:15:18.980`)
 
 
 ## Download and Usage

_state.csv

@@ -277273,6 +277273,9 @@ CVE-2024-58128,0,0,2f080faeec9b7abd005e501afed73e7df0c396dabb6a1e25bf77fc72ecfac
 CVE-2024-58129,0,0,11e98106a59e025e34ac181bdadb4c8348e20bba976912e51d2c9c8ef8d2204d,2025-04-01T20:26:30.593000
 CVE-2024-5813,0,0,53a768ef9b74ee03be1393dbcc310c528fc37406ef9a9107d27a6d2a3860c95b,2025-02-11T21:36:40.947000
 CVE-2024-58130,0,0,b1da61426890522f6374bed5d854c2d8adfdac7556fa6282fde3bf2122dc7cb0,2025-04-01T20:26:30.593000
+CVE-2024-58131,1,1,9fd1d0f101e8504643dd97e11341423a7b57e2369ca3bb6c53dc98d5e69dcc9b,2025-04-06T03:15:13.967000
+CVE-2024-58132,1,1,63144f5332a5df63c528258323acf53fd624ad7a829f1669737504e10293900b,2025-04-06T03:15:15.290000
+CVE-2024-58133,1,1,2bec58de35812216083a092105ea8e4431fed0ed6a02e26ed74e4c4039d1fc18,2025-04-06T03:15:15.437000
 CVE-2024-5814,0,0,409f119643711fe465e9fd028af3caf838fd31e85495ee2ac73938edab3d7b3e,2024-08-28T12:57:39.090000
 CVE-2024-5815,0,0,aa6c60bd870ff05880c843bf9053a612a42ac0af7385b9bf8cbbf1b2da2f2182,2024-11-21T09:48:23.203000
 CVE-2024-5816,0,0,c490583764d2ee04b708da0ed821af6513ea115f0c316a2acec1e6bc5b69b75a,2024-11-21T09:48:23.347000
@@ -288671,7 +288674,7 @@ CVE-2025-3236,0,0,5d4e067380b83b38fff7db048531cbbf8dd6b43b2fc6d26b5d090f351b090b
 CVE-2025-32360,0,0,0e74289220e4b285c0e8748f3e1650706d339f80b6d12512f31f5c70a948d5d7,2025-04-05T21:15:40.820000
 CVE-2025-32364,0,0,cfb2ebfabb62fc4b801fb2bf95fe1940970bfddc2ea9963730d3ab7bd79a8124,2025-04-05T22:15:18.337000
 CVE-2025-32365,0,0,26d24ab60b153da5a84d5f59bd2fd2acbadd4a9a5ca08171ad2b1fd85144179a,2025-04-05T22:15:19.010000
-CVE-2025-32366,0,1,55ed558c8590729fba4d42dd8e9fca74dbbfd7a7c513816303bb4016f69cddc5,2025-04-06T00:15:18.980000
+CVE-2025-32366,0,0,55ed558c8590729fba4d42dd8e9fca74dbbfd7a7c513816303bb4016f69cddc5,2025-04-06T00:15:18.980000
 CVE-2025-3237,0,0,2b0634913d301c0209a0690fb90ddcaa8b200550805a1d4ec2db149b30fd4af2,2025-04-04T10:15:17.383000
 CVE-2025-3238,0,0,49b7638c423114327b5e6867f71919ab552663d9bb2b5517ae05eef59b2968e0,2025-04-04T10:15:17.577000
 CVE-2025-3239,0,0,a890b57275ecd0351eb57a0ff486b7b7ddc21d7a21c77a8b45094fdc21902b92,2025-04-04T11:15:40.393000
@@ -288703,4 +288706,5 @@ CVE-2025-3299,0,0,bddd729a6927cb255675ce738cd015969a7cc6b02a8cfe6feb6b634f6ef818
 CVE-2025-3303,0,0,6221e6ee3090234e52eafd095ff7bb4444c418778b5f3445b7a8782971faacf3,2025-04-05T21:15:40.990000
 CVE-2025-3304,0,0,29a38ac7df74814842edc977ed145111a95ed8ef942f514c967d6026c5a64b93,2025-04-05T22:15:19.203000
 CVE-2025-3305,0,0,b2c90129fe183fd0375eb40e77713311a1f1af30e665ffd707316b1c76fdc5b4,2025-04-05T23:15:41.780000
-CVE-2025-3306,1,1,8af2b5a7c28d3e6ac3e8cb07eb340dc6f7805a9ee07cb14217b9df657d2f2410,2025-04-06T01:15:40.663000
+CVE-2025-3306,0,0,8af2b5a7c28d3e6ac3e8cb07eb340dc6f7805a9ee07cb14217b9df657d2f2410,2025-04-06T01:15:40.663000
+CVE-2025-3307,1,1,63f106264214ff92c87fdac82ad9be3ac393f211140d772f87db85e9aba4f279,2025-04-06T03:15:15.603000