diff --git a/CVE-2024/CVE-2024-274xx/CVE-2024-27447.json b/CVE-2024/CVE-2024-274xx/CVE-2024-27447.json index 9a79c9b385a..6d7fb22d29b 100644 --- a/CVE-2024/CVE-2024-274xx/CVE-2024-27447.json +++ b/CVE-2024/CVE-2024-274xx/CVE-2024-27447.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27447", "sourceIdentifier": "cve@mitre.org", "published": "2024-02-26T16:28:00.477", - "lastModified": "2024-11-21T09:04:37.677", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-06-11T12:53:35.083", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -40,6 +40,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -51,14 +61,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pretix:pretix:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2024.1.1", + "matchCriteriaId": "C7E3E6F2-A77E-4AB4-A113-813EEC8C488E" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/pretix/pretix/compare/v2023.10.2...v2024.1.1", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://github.com/pretix/pretix/compare/v2023.10.2...v2024.1.1", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Release Notes" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-331xx/CVE-2024-33117.json b/CVE-2024/CVE-2024-331xx/CVE-2024-33117.json index 843534a9b47..628c1e9bb57 100644 --- a/CVE-2024/CVE-2024-331xx/CVE-2024-33117.json +++ b/CVE-2024/CVE-2024-331xx/CVE-2024-33117.json @@ -2,8 +2,8 @@ "id": "CVE-2024-33117", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-06T20:15:10.890", - "lastModified": "2024-12-06T21:15:07.340", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-06-11T12:04:14.130", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,37 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:crmeb:crmeb_java:1.3.4:*:*:*:*:*:*:*", + "matchCriteriaId": "29B90E2B-2215-4CB0-B880-C1256838E9F0" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/cxcxcxcxcxcxcxc/cxcxcxcxcxcxcxc/blob/main/cxcxcxcxcxc/about-2024/33117.txt", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://github.com/cxcxcxcxcxcxcxc/cxcxcxcxcxcxcxc/blob/main/cxcxcxcxcxc/about-2024/33117.txt", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-337xx/CVE-2024-33752.json b/CVE-2024/CVE-2024-337xx/CVE-2024-33752.json index 2924f612017..55e0174f1fa 100644 --- a/CVE-2024/CVE-2024-337xx/CVE-2024-33752.json +++ b/CVE-2024/CVE-2024-337xx/CVE-2024-33752.json @@ -2,8 +2,8 @@ "id": "CVE-2024-33752", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-06T14:15:08.003", - "lastModified": "2024-11-21T09:17:26.520", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-06-11T12:06:35.033", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,44 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:emlog:emlog:2.3.0:*:*:*:pro:*:*:*", + "matchCriteriaId": "D51AF99B-7574-4222-A2A2-C1ECC9BE8E51" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:emlog:emlog:2.3.2:*:*:*:pro:*:*:*", + "matchCriteriaId": "CF56C638-A105-4816-9451-101478F952D4" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Myanemo/emlogpro/blob/main/emlog%20pro2.3.2%20File%20upload%20to%20getshell.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://github.com/Myanemo/emlogpro/blob/main/emlog%20pro2.3.2%20File%20upload%20to%20getshell.md", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-415xx/CVE-2024-41588.json b/CVE-2024/CVE-2024-415xx/CVE-2024-41588.json index 2cc7fcc1d1d..db97ea265f8 100644 --- a/CVE-2024/CVE-2024-415xx/CVE-2024-41588.json +++ b/CVE-2024/CVE-2024-415xx/CVE-2024-41588.json @@ -2,8 +2,8 @@ "id": "CVE-2024-41588", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-03T19:15:04.363", - "lastModified": "2024-10-07T19:37:15.063", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-06-11T13:54:06.133", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,706 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2620_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "289E3E0B-6BA4-44B8-968A-AC374B15B631" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2620:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5D98663B-F2F5-4ADC-9FD5-75846890EEBA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2915_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.4.5.3", + "matchCriteriaId": "E6E55BCE-BBF0-454B-AE86-45B7298888B3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2915:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5860CBE4-328E-418D-9E81-1D3AF7DB8F2B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2866_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.4.5.2", + "matchCriteriaId": "89461FD4-897D-44F1-8486-4BCCDE3772DD" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2866:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0D0D2760-739F-4C79-AEDC-8B2CCCA2FF53" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2766_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.4.5.3", + "matchCriteriaId": "8F87D851-15BC-4FC1-8AB7-D5C15B2B74F0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2766:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C0AB3C84-67CA-4531-85FB-1A56F3C93ABF" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2865_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.4.5.2", + "matchCriteriaId": "C3D46DEC-06AB-489F-A0B5-10C31F80A8C1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2865:-:*:*:*:*:*:*:*", + "matchCriteriaId": "871448C6-9183-4828-A287-05F5EC6A44F6" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2765_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.4.5.3", + "matchCriteriaId": "1B1826F9-0258-44DD-A471-113CF55CE563" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2765:-:*:*:*:*:*:*:*", + "matchCriteriaId": "60657812-D3A8-4B1B-B7BE-F629991CB053" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2763_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.4.5.3", + "matchCriteriaId": "1A559F44-80F8-44B7-B70F-BA0B78C85283" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2763:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9EA9DF5D-6651-455A-9305-C42C0FF51F01" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2135_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.4.5.3", + "matchCriteriaId": "B4AB3320-27F8-4359-AEF8-6B1FDBA67111" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2135:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AEDC8A7F-08CF-44D2-A9A5-A1353AF35B45" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor166_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.2.7", + "matchCriteriaId": "08B9436B-B2FE-4644-BB06-B0537EC23A71" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor166:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7E33E647-5883-44FA-9915-34B89090D4E4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor3912_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.3.6.1", + "matchCriteriaId": "84670562-F228-40A0-A38D-144EA62556D3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor3912:-:*:*:*:*:*:*:*", + "matchCriteriaId": "282E5318-DAA8-4AA2-8E7D-4B8BD9162153" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor1000b_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.3.2.8", + "matchCriteriaId": "CDBC681E-CD03-49E5-BC3A-E4A7654975A3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor1000b_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.4.0.0", + "versionEndExcluding": "4.4.3.1", + "matchCriteriaId": "ABDC93B5-DC0A-4AA4-A340-382F108AE80B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor1000b:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9FF86645-253A-4BA3-BA2A-2725575C390D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor165_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.2.7", + "matchCriteriaId": "59521C99-00BA-4503-823E-3FEA44F8DDA0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor165:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8E644893-0457-43A9-98AB-9DB37A5C415C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.3.2.8", + "matchCriteriaId": "B937F11C-FC86-4D6E-A46B-BA2CA0FFCEF7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.4.0.0", + "versionEndExcluding": "4.4.3.1", + "matchCriteriaId": "2602941C-255F-4289-9043-D396CC4B3192" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor3910:-:*:*:*:*:*:*:*", + "matchCriteriaId": "894E4DDA-D9BE-441D-B447-B1CE52959347" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.3.2.8", + "matchCriteriaId": "0549C870-BE10-441A-B07D-0701915E5A9E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.4.0.0", + "versionEndExcluding": "4.4.3.1", + "matchCriteriaId": "0D1A9825-E419-4740-996A-5928D207FCB6" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2962:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BD0C9A21-7CFE-452F-8505-834AB8579D9B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigorlte200_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "E1BD8E59-6C67-4C80-B25F-2C5814A8CF0E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigorlte200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4DBF2015-9315-44C8-A9FE-E86146F1958E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2133_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "43265128-7E8E-4FE2-8488-AC5734A4AF70" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2133:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1878E59C-FB40-435D-940A-8952C56FA88B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2762_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "52F71B18-89B5-42C7-B4B7-448844D6AFBC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2762:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3873B2B9-95C1-4F00-9165-7C4D2A90CDE5" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2832_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "A96F64C0-09DD-4553-AC5F-D722B8321B0D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2832:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B0978465-D59F-4C0A-A29F-5D7BE58BA557" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2860_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "F2C4077B-C73F-4431-9103-C09960E203E1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2860:-:*:*:*:*:*:*:*", + "matchCriteriaId": "266C73DE-BFC6-4F3E-B022-559B3971CA44" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2862_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "9D081E5D-7A68-47A0-9EFE-1FC01DA2FF23" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2862:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8B01EDAE-BB9E-4431-BE8C-6505BA7CA42D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2925_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "6C470B04-BD57-429B-80FC-328A7D2E35E5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2925:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7536B29C-2030-4331-B8BF-D269D86D199B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2926_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "3A688631-4B36-43CC-AEF8-D390081F01DC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2926:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AF1B117B-603D-493C-A804-C18ED332A221" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2952_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "E207BB52-29F8-4F2F-AA06-855B38E22958" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2952:-:*:*:*:*:*:*:*", + "matchCriteriaId": "167336E2-AAA8-4424-AB07-2D7C9E1542B3" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor3220_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "CD8437FD-65E2-4203-82B9-8FC32444204A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor3220:-:*:*:*:*:*:*:*", + "matchCriteriaId": "64955940-3998-4B76-92D1-D9F3FAB874B4" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.forescout.com/resources/draybreak-draytek-research/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mitigation", + "Technical Description", + "Third Party Advisory" + ] }, { "url": "https://www.forescout.com/resources/draytek14-vulnerabilities", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-415xx/CVE-2024-41590.json b/CVE-2024/CVE-2024-415xx/CVE-2024-41590.json index 80cc08af8f1..81b84d61500 100644 --- a/CVE-2024/CVE-2024-415xx/CVE-2024-41590.json +++ b/CVE-2024/CVE-2024-415xx/CVE-2024-41590.json @@ -2,8 +2,8 @@ "id": "CVE-2024-41590", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-03T19:15:04.487", - "lastModified": "2024-10-07T19:37:16.150", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-06-11T13:49:57.290", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,706 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2765_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.4.5.3", + "matchCriteriaId": "1B1826F9-0258-44DD-A471-113CF55CE563" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2765:-:*:*:*:*:*:*:*", + "matchCriteriaId": "60657812-D3A8-4B1B-B7BE-F629991CB053" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2763_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.4.5.3", + "matchCriteriaId": "1A559F44-80F8-44B7-B70F-BA0B78C85283" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2763:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9EA9DF5D-6651-455A-9305-C42C0FF51F01" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2135_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.4.5.3", + "matchCriteriaId": "B4AB3320-27F8-4359-AEF8-6B1FDBA67111" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2135:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AEDC8A7F-08CF-44D2-A9A5-A1353AF35B45" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor166_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.2.7", + "matchCriteriaId": "08B9436B-B2FE-4644-BB06-B0537EC23A71" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor166:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7E33E647-5883-44FA-9915-34B89090D4E4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor3912_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.3.6.1", + "matchCriteriaId": "84670562-F228-40A0-A38D-144EA62556D3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor3912:-:*:*:*:*:*:*:*", + "matchCriteriaId": "282E5318-DAA8-4AA2-8E7D-4B8BD9162153" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor1000b_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.3.2.8", + "matchCriteriaId": "CDBC681E-CD03-49E5-BC3A-E4A7654975A3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor1000b_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.4.0.0", + "versionEndExcluding": "4.4.3.1", + "matchCriteriaId": "ABDC93B5-DC0A-4AA4-A340-382F108AE80B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor1000b:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9FF86645-253A-4BA3-BA2A-2725575C390D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor165_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.2.7", + "matchCriteriaId": "59521C99-00BA-4503-823E-3FEA44F8DDA0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor165:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8E644893-0457-43A9-98AB-9DB37A5C415C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.3.2.8", + "matchCriteriaId": "B937F11C-FC86-4D6E-A46B-BA2CA0FFCEF7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.4.0.0", + "versionEndExcluding": "4.4.3.1", + "matchCriteriaId": "2602941C-255F-4289-9043-D396CC4B3192" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor3910:-:*:*:*:*:*:*:*", + "matchCriteriaId": "894E4DDA-D9BE-441D-B447-B1CE52959347" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.3.2.8", + "matchCriteriaId": "0549C870-BE10-441A-B07D-0701915E5A9E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.4.0.0", + "versionEndExcluding": "4.4.3.1", + "matchCriteriaId": "0D1A9825-E419-4740-996A-5928D207FCB6" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2962:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BD0C9A21-7CFE-452F-8505-834AB8579D9B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigorlte200_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "E1BD8E59-6C67-4C80-B25F-2C5814A8CF0E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigorlte200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4DBF2015-9315-44C8-A9FE-E86146F1958E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2133_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "43265128-7E8E-4FE2-8488-AC5734A4AF70" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2133:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1878E59C-FB40-435D-940A-8952C56FA88B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2762_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "52F71B18-89B5-42C7-B4B7-448844D6AFBC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2762:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3873B2B9-95C1-4F00-9165-7C4D2A90CDE5" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2832_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "A96F64C0-09DD-4553-AC5F-D722B8321B0D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2832:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B0978465-D59F-4C0A-A29F-5D7BE58BA557" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2860_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "F2C4077B-C73F-4431-9103-C09960E203E1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2860:-:*:*:*:*:*:*:*", + "matchCriteriaId": "266C73DE-BFC6-4F3E-B022-559B3971CA44" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2862_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "9D081E5D-7A68-47A0-9EFE-1FC01DA2FF23" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2862:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8B01EDAE-BB9E-4431-BE8C-6505BA7CA42D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2925_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "6C470B04-BD57-429B-80FC-328A7D2E35E5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2925:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7536B29C-2030-4331-B8BF-D269D86D199B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2926_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "3A688631-4B36-43CC-AEF8-D390081F01DC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2926:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AF1B117B-603D-493C-A804-C18ED332A221" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2952_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "E207BB52-29F8-4F2F-AA06-855B38E22958" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2952:-:*:*:*:*:*:*:*", + "matchCriteriaId": "167336E2-AAA8-4424-AB07-2D7C9E1542B3" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor3220_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "CD8437FD-65E2-4203-82B9-8FC32444204A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor3220:-:*:*:*:*:*:*:*", + "matchCriteriaId": "64955940-3998-4B76-92D1-D9F3FAB874B4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2620_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "289E3E0B-6BA4-44B8-968A-AC374B15B631" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2620:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5D98663B-F2F5-4ADC-9FD5-75846890EEBA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2915_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.4.5.3", + "matchCriteriaId": "E6E55BCE-BBF0-454B-AE86-45B7298888B3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2915:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5860CBE4-328E-418D-9E81-1D3AF7DB8F2B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2866_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.4.5.2", + "matchCriteriaId": "89461FD4-897D-44F1-8486-4BCCDE3772DD" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2866:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0D0D2760-739F-4C79-AEDC-8B2CCCA2FF53" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2766_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.4.5.3", + "matchCriteriaId": "8F87D851-15BC-4FC1-8AB7-D5C15B2B74F0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2766:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C0AB3C84-67CA-4531-85FB-1A56F3C93ABF" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2865_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.4.5.2", + "matchCriteriaId": "C3D46DEC-06AB-489F-A0B5-10C31F80A8C1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2865:-:*:*:*:*:*:*:*", + "matchCriteriaId": "871448C6-9183-4828-A287-05F5EC6A44F6" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.forescout.com/resources/draybreak-draytek-research/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mitigation", + "Technical Description", + "Third Party Advisory" + ] }, { "url": "https://www.forescout.com/resources/draytek14-vulnerabilities", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-415xx/CVE-2024-41596.json b/CVE-2024/CVE-2024-415xx/CVE-2024-41596.json index c83aceef906..6ba689a74d9 100644 --- a/CVE-2024/CVE-2024-415xx/CVE-2024-41596.json +++ b/CVE-2024/CVE-2024-415xx/CVE-2024-41596.json @@ -2,8 +2,8 @@ "id": "CVE-2024-41596", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-03T19:15:04.923", - "lastModified": "2024-10-04T13:50:43.727", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-06-11T13:40:06.773", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,706 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2620_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "289E3E0B-6BA4-44B8-968A-AC374B15B631" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2620:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5D98663B-F2F5-4ADC-9FD5-75846890EEBA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2915_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.4.5.3", + "matchCriteriaId": "E6E55BCE-BBF0-454B-AE86-45B7298888B3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2915:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5860CBE4-328E-418D-9E81-1D3AF7DB8F2B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2866_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.4.5.2", + "matchCriteriaId": "89461FD4-897D-44F1-8486-4BCCDE3772DD" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2866:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0D0D2760-739F-4C79-AEDC-8B2CCCA2FF53" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2766_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.4.5.3", + "matchCriteriaId": "8F87D851-15BC-4FC1-8AB7-D5C15B2B74F0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2766:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C0AB3C84-67CA-4531-85FB-1A56F3C93ABF" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2865_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.4.5.2", + "matchCriteriaId": "C3D46DEC-06AB-489F-A0B5-10C31F80A8C1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2865:-:*:*:*:*:*:*:*", + "matchCriteriaId": "871448C6-9183-4828-A287-05F5EC6A44F6" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2765_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.4.5.3", + "matchCriteriaId": "1B1826F9-0258-44DD-A471-113CF55CE563" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2765:-:*:*:*:*:*:*:*", + "matchCriteriaId": "60657812-D3A8-4B1B-B7BE-F629991CB053" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2763_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.4.5.3", + "matchCriteriaId": "1A559F44-80F8-44B7-B70F-BA0B78C85283" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2763:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9EA9DF5D-6651-455A-9305-C42C0FF51F01" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2135_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.4.5.3", + "matchCriteriaId": "B4AB3320-27F8-4359-AEF8-6B1FDBA67111" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2135:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AEDC8A7F-08CF-44D2-A9A5-A1353AF35B45" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor166_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.2.7", + "matchCriteriaId": "08B9436B-B2FE-4644-BB06-B0537EC23A71" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor166:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7E33E647-5883-44FA-9915-34B89090D4E4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor3912_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.3.6.1", + "matchCriteriaId": "84670562-F228-40A0-A38D-144EA62556D3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor3912:-:*:*:*:*:*:*:*", + "matchCriteriaId": "282E5318-DAA8-4AA2-8E7D-4B8BD9162153" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor1000b_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.3.2.8", + "matchCriteriaId": "CDBC681E-CD03-49E5-BC3A-E4A7654975A3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor1000b_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.4.0.0", + "versionEndExcluding": "4.4.3.1", + "matchCriteriaId": "ABDC93B5-DC0A-4AA4-A340-382F108AE80B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor1000b:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9FF86645-253A-4BA3-BA2A-2725575C390D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor165_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.2.7", + "matchCriteriaId": "59521C99-00BA-4503-823E-3FEA44F8DDA0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor165:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8E644893-0457-43A9-98AB-9DB37A5C415C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.3.2.8", + "matchCriteriaId": "B937F11C-FC86-4D6E-A46B-BA2CA0FFCEF7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.4.0.0", + "versionEndExcluding": "4.4.3.1", + "matchCriteriaId": "2602941C-255F-4289-9043-D396CC4B3192" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor3910:-:*:*:*:*:*:*:*", + "matchCriteriaId": "894E4DDA-D9BE-441D-B447-B1CE52959347" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.3.2.8", + "matchCriteriaId": "0549C870-BE10-441A-B07D-0701915E5A9E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.4.0.0", + "versionEndExcluding": "4.4.3.1", + "matchCriteriaId": "0D1A9825-E419-4740-996A-5928D207FCB6" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2962:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BD0C9A21-7CFE-452F-8505-834AB8579D9B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigorlte200_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "E1BD8E59-6C67-4C80-B25F-2C5814A8CF0E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigorlte200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4DBF2015-9315-44C8-A9FE-E86146F1958E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2133_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "43265128-7E8E-4FE2-8488-AC5734A4AF70" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2133:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1878E59C-FB40-435D-940A-8952C56FA88B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2762_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "52F71B18-89B5-42C7-B4B7-448844D6AFBC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2762:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3873B2B9-95C1-4F00-9165-7C4D2A90CDE5" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2832_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "A96F64C0-09DD-4553-AC5F-D722B8321B0D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2832:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B0978465-D59F-4C0A-A29F-5D7BE58BA557" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2860_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "F2C4077B-C73F-4431-9103-C09960E203E1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2860:-:*:*:*:*:*:*:*", + "matchCriteriaId": "266C73DE-BFC6-4F3E-B022-559B3971CA44" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2862_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "9D081E5D-7A68-47A0-9EFE-1FC01DA2FF23" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2862:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8B01EDAE-BB9E-4431-BE8C-6505BA7CA42D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2925_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "6C470B04-BD57-429B-80FC-328A7D2E35E5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2925:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7536B29C-2030-4331-B8BF-D269D86D199B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2926_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "3A688631-4B36-43CC-AEF8-D390081F01DC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2926:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AF1B117B-603D-493C-A804-C18ED332A221" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor2952_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "E207BB52-29F8-4F2F-AA06-855B38E22958" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor2952:-:*:*:*:*:*:*:*", + "matchCriteriaId": "167336E2-AAA8-4424-AB07-2D7C9E1542B3" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:draytek:vigor3220_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "CD8437FD-65E2-4203-82B9-8FC32444204A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:draytek:vigor3220:-:*:*:*:*:*:*:*", + "matchCriteriaId": "64955940-3998-4B76-92D1-D9F3FAB874B4" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.forescout.com/resources/draybreak-draytek-research/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mitigation", + "Technical Description", + "Third Party Advisory" + ] }, { "url": "https://www.forescout.com/resources/draytek14-vulnerabilities", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-95xx/CVE-2024-9529.json b/CVE-2024/CVE-2024-95xx/CVE-2024-9529.json index 551b820f2c9..b888cd18a09 100644 --- a/CVE-2024/CVE-2024-95xx/CVE-2024-9529.json +++ b/CVE-2024/CVE-2024-95xx/CVE-2024-9529.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9529", "sourceIdentifier": "contact@wpscan.com", "published": "2024-11-15T07:15:17.900", - "lastModified": "2024-11-15T19:35:19.160", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-06-11T13:58:02.947", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -39,10 +39,50 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:advancedcustomfields:advanced_custom_fields:*:*:*:*:free:wordpress:*:*", + "versionEndExcluding": "6.3.9", + "matchCriteriaId": "5CB906B0-599D-429F-83E1-4EE3EA1B7D9C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:advancedcustomfields:advanced_custom_fields:*:*:*:*:pro:wordpress:*:*", + "versionEndExcluding": "6.3.9", + "matchCriteriaId": "1BAC7937-5B8E-4F75-B339-46D656238AF6" + } + ] + } + ] + } + ], "references": [ { "url": "https://wpscan.com/vulnerability/dd3cc8d8-4dff-47f9-b036-5d09f2c7e5f2/", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-33xx/CVE-2025-3302.json b/CVE-2025/CVE-2025-33xx/CVE-2025-3302.json new file mode 100644 index 00000000000..a95c2ae8aab --- /dev/null +++ b/CVE-2025/CVE-2025-33xx/CVE-2025-3302.json @@ -0,0 +1,92 @@ +{ + "id": "CVE-2025-3302", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-06-11T12:15:25.377", + "lastModified": "2025-06-11T12:15:25.377", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Xagio SEO \u2013 AI Powered SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018HTTP_REFERER\u2019 parameter in all versions up to, and including, 7.1.0.16 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The vulnerability was partially patched in version 7.1.0.0." + }, + { + "lang": "es", + "value": "El complemento Xagio SEO \u2013 AI Powered SEO para WordPress es vulnerable a Cross-Site Scripting almacenado a trav\u00e9s del par\u00e1metro 'HTTP_REFERER' en todas las versiones hasta la 7.1.0.16 incluida, debido a una depuraci\u00f3n de entrada y un escape de salida insuficientes. Esto permite a atacantes no autenticados inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutan al acceder un usuario a una p\u00e1gina inyectada. La vulnerabilidad se corrigi\u00f3 parcialmente en la versi\u00f3n 7.1.0.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 7.2, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/xagio-seo/tags/7.0.0.34/modules/redirects/models/xagio_log404.php#L263", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/xagio-seo/tags/7.0.0.34/modules/redirects/models/xagio_log404.php#L335", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/xagio-seo/tags/7.0.0.34/modules/redirects/redirects.js#L554", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/xagio-seo/tags/7.0.0.34/modules/redirects/redirects.js#L662", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3281174/", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3305780/", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/xagio-seo", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9e2afd66-c896-47c8-bf56-84a086087d55?source=cve", + "source": "security@wordfence.com" + }, + { + "url": "https://xagio.com/redirects/", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-38xx/CVE-2025-3877.json b/CVE-2025/CVE-2025-38xx/CVE-2025-3877.json index b63b0ac71b7..581432aae04 100644 --- a/CVE-2025/CVE-2025-38xx/CVE-2025-3877.json +++ b/CVE-2025/CVE-2025-38xx/CVE-2025-3877.json @@ -2,101 +2,15 @@ "id": "CVE-2025-3877", "sourceIdentifier": "security@mozilla.org", "published": "2025-05-14T17:15:48.567", - "lastModified": "2025-06-05T14:26:54.100", - "vulnStatus": "Analyzed", + "lastModified": "2025-06-11T13:15:24.007", + "vulnStatus": "Rejected", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's desktop or home directory without prompting, even if auto-saving is disabled. This behavior can be abused to fill the disk with garbage data (e.g. using /dev/urandom on Linux) or to leak Windows credentials via SMB links when the email is viewed in HTML mode. While user interaction is required to download the .pdf file, visual obfuscation can conceal the download trigger. Viewing the email in HTML mode is enough to load external content. This vulnerability affects Thunderbird < 128.10.1 and Thunderbird < 138.0.1." - }, - { - "lang": "es", - "value": "Un correo electr\u00f3nico HTML manipulado que utiliza enlaces mailbox:/// puede desencadenar descargas autom\u00e1ticas no solicitadas de archivos .pdf al escritorio o directorio personal del usuario sin previo aviso, incluso con el guardado autom\u00e1tico desactivado. Este comportamiento puede utilizarse para llenar el disco con datos innecesarios (p. ej., usando /dev/urandom en Linux) o para filtrar credenciales de Windows mediante enlaces SMB al visualizar el correo electr\u00f3nico en modo HTML. Si bien se requiere la interacci\u00f3n del usuario para descargar el archivo .pdf, la ofuscaci\u00f3n visual puede ocultar el desencadenador de la descarga. Ver el correo electr\u00f3nico en modo HTML es suficiente para cargar contenido externo. Esta vulnerabilidad afecta a Thunderbird (versi\u00f3n anterior a la 128.10.1) y Thunderbird (versi\u00f3n anterior a la 138.0.1)." + "value": "Rejected reason: This CVE was marked as fixed, but due to other code landing - was not actually fixed. It was subsequently fixed in CVE-2025-5986." } ], - "metrics": { - "cvssMetricV31": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L", - "baseScore": 5.4, - "baseSeverity": "MEDIUM", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "LOW" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.5 - } - ] - }, - "weaknesses": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-200" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", - "versionEndExcluding": "128.10.1", - "matchCriteriaId": "82B93B43-AAD0-4F6F-8022-9842E39D73D6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", - "versionStartIncluding": "129.0", - "versionEndExcluding": "138.0.1", - "matchCriteriaId": "4AFE1A41-57DD-4532-9F3F-D3E9705868BA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1958580", - "source": "security@mozilla.org", - "tags": [ - "Permissions Required" - ] - }, - { - "url": "https://www.mozilla.org/security/advisories/mfsa2025-34/", - "source": "security@mozilla.org", - "tags": [ - "Vendor Advisory" - ] - }, - { - "url": "https://www.mozilla.org/security/advisories/mfsa2025-35/", - "source": "security@mozilla.org", - "tags": [ - "Vendor Advisory" - ] - } - ] + "metrics": {}, + "references": [] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-496xx/CVE-2025-49651.json b/CVE-2025/CVE-2025-496xx/CVE-2025-49651.json index 6c7f508fd85..5bbff425f18 100644 --- a/CVE-2025/CVE-2025-496xx/CVE-2025-49651.json +++ b/CVE-2025/CVE-2025-496xx/CVE-2025-49651.json @@ -2,13 +2,17 @@ "id": "CVE-2025-49651", "sourceIdentifier": "6f8de1f0-f67e-45a6-b68f-98777fdb759c", "published": "2025-06-09T18:15:26.740", - "lastModified": "2025-06-09T18:15:26.740", + "lastModified": "2025-06-11T13:15:24.483", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Missing Authorization in Lablup's BackendAI allows attackers to takeover all active sessions; Accessing, stealing, or altering any data accessible in the session. This vulnerability exists in all current versions of BackendAI." + }, + { + "lang": "es", + "value": "La falta de autorizaci\u00f3n en BackendAI de Lablup permite a los atacantes tomar el control de todas las sesiones activas, accediendo, robando o alterando cualquier dato accesible en la sesi\u00f3n. Esta vulnerabilidad existe en todas las versiones actuales de BackendAI." } ], "metrics": { @@ -49,7 +53,7 @@ ], "references": [ { - "url": "https://hiddenlayer.com/sai_security_advisor/2025-05-backendai-49653/", + "url": "https://hiddenlayer.com/sai_security_advisor/2025-06-backendai/", "source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c" } ] diff --git a/CVE-2025/CVE-2025-496xx/CVE-2025-49652.json b/CVE-2025/CVE-2025-496xx/CVE-2025-49652.json index 901bae5f0f8..8ac2f2c77b5 100644 --- a/CVE-2025/CVE-2025-496xx/CVE-2025-49652.json +++ b/CVE-2025/CVE-2025-496xx/CVE-2025-49652.json @@ -2,13 +2,17 @@ "id": "CVE-2025-49652", "sourceIdentifier": "6f8de1f0-f67e-45a6-b68f-98777fdb759c", "published": "2025-06-09T18:15:26.897", - "lastModified": "2025-06-09T18:15:26.897", + "lastModified": "2025-06-11T13:15:24.613", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Missing Authentication in the registration feature of Lablup's BackendAI allows arbitrary users to create user accounts that can access private data even when registration is disabled." + }, + { + "lang": "es", + "value": "La falta de autenticaci\u00f3n en la funci\u00f3n de registro de BackendAI de Lablup permite que usuarios arbitrarios creen cuentas de usuario que pueden acceder a datos privados incluso cuando el registro est\u00e1 deshabilitado." } ], "metrics": { @@ -49,7 +53,7 @@ ], "references": [ { - "url": "https://hiddenlayer.com/sai_security_advisor/2025-05-backendai-49653/", + "url": "https://hiddenlayer.com/sai_security_advisor/2025-06-backendai/", "source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c" } ] diff --git a/CVE-2025/CVE-2025-496xx/CVE-2025-49653.json b/CVE-2025/CVE-2025-496xx/CVE-2025-49653.json index 9564608e8bb..2897a4cc984 100644 --- a/CVE-2025/CVE-2025-496xx/CVE-2025-49653.json +++ b/CVE-2025/CVE-2025-496xx/CVE-2025-49653.json @@ -2,13 +2,17 @@ "id": "CVE-2025-49653", "sourceIdentifier": "6f8de1f0-f67e-45a6-b68f-98777fdb759c", "published": "2025-06-09T18:15:27.033", - "lastModified": "2025-06-09T18:15:27.033", + "lastModified": "2025-06-11T13:15:24.720", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Exposure of sensitive data in active sessions in Lablup's BackendAI allows attackers to retrieve credentials for users on the management platform." + }, + { + "lang": "es", + "value": "La exposici\u00f3n de datos confidenciales en sesiones activas en BackendAI de Lablup permite a los atacantes recuperar las credenciales de los usuarios en la plataforma de administraci\u00f3n." } ], "metrics": { @@ -49,7 +53,7 @@ ], "references": [ { - "url": "https://hiddenlayer.com/sai_security_advisor/2025-05-backendai-49653/", + "url": "https://hiddenlayer.com/sai_security_advisor/2025-06-backendai/", "source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c" } ] diff --git a/CVE-2025/CVE-2025-497xx/CVE-2025-49709.json b/CVE-2025/CVE-2025-497xx/CVE-2025-49709.json new file mode 100644 index 00000000000..1cf69b2a78f --- /dev/null +++ b/CVE-2025/CVE-2025-497xx/CVE-2025-49709.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2025-49709", + "sourceIdentifier": "security@mozilla.org", + "published": "2025-06-11T12:15:26.977", + "lastModified": "2025-06-11T12:15:26.977", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Certain canvas operations could have lead to memory corruption. This vulnerability affects Firefox < 139.0.4." + }, + { + "lang": "es", + "value": "Ciertas operaciones de canvas podr\u00edan haber provocado corrupci\u00f3n de memoria. Esta vulnerabilidad afecta a Firefox anterior a la versi\u00f3n 139.0.4." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1966083", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-47/", + "source": "security@mozilla.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-497xx/CVE-2025-49710.json b/CVE-2025/CVE-2025-497xx/CVE-2025-49710.json new file mode 100644 index 00000000000..d733f647e09 --- /dev/null +++ b/CVE-2025/CVE-2025-497xx/CVE-2025-49710.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2025-49710", + "sourceIdentifier": "security@mozilla.org", + "published": "2025-06-11T12:15:27.083", + "lastModified": "2025-06-11T12:15:27.083", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An integer overflow was present in `OrderedHashTable` used by the JavaScript engine This vulnerability affects Firefox < 139.0.4." + }, + { + "lang": "es", + "value": "Se produjo un desbordamiento de entero en `OrderedHashTable` utilizado por el motor JavaScript. Esta vulnerabilidad afecta a Firefox < 139.0.4." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1970095", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-47/", + "source": "security@mozilla.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-51xx/CVE-2025-5144.json b/CVE-2025/CVE-2025-51xx/CVE-2025-5144.json new file mode 100644 index 00000000000..835b9cc8f3c --- /dev/null +++ b/CVE-2025/CVE-2025-51xx/CVE-2025-5144.json @@ -0,0 +1,76 @@ +{ + "id": "CVE-2025-5144", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-06-11T13:15:24.823", + "lastModified": "2025-06-11T13:15:24.823", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The The Events Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018data-date-*\u2019 parameters in all versions up to, and including, 6.13.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://bootstrap-datepicker.readthedocs.io/en/latest/index.html#data-api", + "source": "security@wordfence.com" + }, + { + "url": "https://github.com/uxsolutions/bootstrap-datepicker/blob/master/js/bootstrap-datepicker.js#L131", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/the-events-calendar/tags/6.12.0.1/vendor/bootstrap-datepicker/js/bootstrap-datepicker.min.js", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/the-events-calendar/tags/6.13.0/vendor/bootstrap-datepicker/js/bootstrap-datepicker.min.js", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3307301/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/56822fe5-352c-4269-9fab-d8c796362b74?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-52xx/CVE-2025-5263.json b/CVE-2025/CVE-2025-52xx/CVE-2025-5263.json index 849b7d14ba4..ca0acf4bb6d 100644 --- a/CVE-2025/CVE-2025-52xx/CVE-2025-5263.json +++ b/CVE-2025/CVE-2025-52xx/CVE-2025-5263.json @@ -2,13 +2,13 @@ "id": "CVE-2025-5263", "sourceIdentifier": "security@mozilla.org", "published": "2025-05-27T13:15:22.100", - "lastModified": "2025-06-05T14:11:49.567", - "vulnStatus": "Analyzed", + "lastModified": "2025-06-11T12:15:27.183", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Error handling for script execution was incorrectly isolated from web content, which could have allowed cross-origin leak attacks. This vulnerability affects Firefox < 139, Firefox ESR < 115.24, and Firefox ESR < 128.11." + "value": "Error handling for script execution was incorrectly isolated from web content, which could have allowed cross-origin leak attacks. This vulnerability affects Firefox < 139, Firefox ESR < 115.24, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11." }, { "lang": "es", @@ -110,6 +110,14 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-45/", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-46/", + "source": "security@mozilla.org" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-52xx/CVE-2025-5264.json b/CVE-2025/CVE-2025-52xx/CVE-2025-5264.json index 95eb9a8d41c..66946ecc7db 100644 --- a/CVE-2025/CVE-2025-52xx/CVE-2025-5264.json +++ b/CVE-2025/CVE-2025-52xx/CVE-2025-5264.json @@ -2,13 +2,13 @@ "id": "CVE-2025-5264", "sourceIdentifier": "security@mozilla.org", "published": "2025-05-27T13:15:22.200", - "lastModified": "2025-06-04T20:13:22.030", - "vulnStatus": "Analyzed", + "lastModified": "2025-06-11T12:15:27.373", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Due to insufficient escaping of the newline character in the \u201cCopy as cURL\u201d feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability affects Firefox < 139, Firefox ESR < 115.24, and Firefox ESR < 128.11." + "value": "Due to insufficient escaping of the newline character in the \u201cCopy as cURL\u201d feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability affects Firefox < 139, Firefox ESR < 115.24, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11." }, { "lang": "es", @@ -110,6 +110,14 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-45/", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-46/", + "source": "security@mozilla.org" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-52xx/CVE-2025-5265.json b/CVE-2025/CVE-2025-52xx/CVE-2025-5265.json index 863263be376..c1f23f66080 100644 --- a/CVE-2025/CVE-2025-52xx/CVE-2025-5265.json +++ b/CVE-2025/CVE-2025-52xx/CVE-2025-5265.json @@ -2,13 +2,13 @@ "id": "CVE-2025-5265", "sourceIdentifier": "security@mozilla.org", "published": "2025-05-27T13:15:22.303", - "lastModified": "2025-06-05T14:11:39.047", - "vulnStatus": "Analyzed", + "lastModified": "2025-06-11T12:15:27.553", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Due to insufficient escaping of the ampersand character in the \u201cCopy as cURL\u201d feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system.\n*This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 139, Firefox ESR < 115.24, and Firefox ESR < 128.11." + "value": "Due to insufficient escaping of the ampersand character in the \u201cCopy as cURL\u201d feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system.\n*This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 139, Firefox ESR < 115.24, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11." }, { "lang": "es", @@ -110,6 +110,14 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-45/", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-46/", + "source": "security@mozilla.org" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-52xx/CVE-2025-5266.json b/CVE-2025/CVE-2025-52xx/CVE-2025-5266.json index e032cf69ef5..f9ac6e00451 100644 --- a/CVE-2025/CVE-2025-52xx/CVE-2025-5266.json +++ b/CVE-2025/CVE-2025-52xx/CVE-2025-5266.json @@ -2,13 +2,13 @@ "id": "CVE-2025-5266", "sourceIdentifier": "security@mozilla.org", "published": "2025-05-27T13:15:22.403", - "lastModified": "2025-06-04T20:13:30.083", - "vulnStatus": "Analyzed", + "lastModified": "2025-06-11T12:15:27.730", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Script elements loading cross-origin resources generated load and error events which leaked information enabling XS-Leaks attacks. This vulnerability affects Firefox < 139 and Firefox ESR < 128.11." + "value": "Script elements loading cross-origin resources generated load and error events which leaked information enabling XS-Leaks attacks. This vulnerability affects Firefox < 139, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11." }, { "lang": "es", @@ -96,6 +96,14 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-45/", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-46/", + "source": "security@mozilla.org" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-52xx/CVE-2025-5267.json b/CVE-2025/CVE-2025-52xx/CVE-2025-5267.json index 139a20c3b1b..b82965ede20 100644 --- a/CVE-2025/CVE-2025-52xx/CVE-2025-5267.json +++ b/CVE-2025/CVE-2025-52xx/CVE-2025-5267.json @@ -2,13 +2,13 @@ "id": "CVE-2025-5267", "sourceIdentifier": "security@mozilla.org", "published": "2025-05-27T13:15:22.507", - "lastModified": "2025-06-04T20:13:36.650", - "vulnStatus": "Analyzed", + "lastModified": "2025-06-11T12:15:27.910", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "A clickjacking vulnerability could have been used to trick a user into leaking saved payment card details to a malicious page. This vulnerability affects Firefox < 139 and Firefox ESR < 128.11." + "value": "A clickjacking vulnerability could have been used to trick a user into leaking saved payment card details to a malicious page. This vulnerability affects Firefox < 139, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11." }, { "lang": "es", @@ -96,6 +96,14 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-45/", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-46/", + "source": "security@mozilla.org" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-52xx/CVE-2025-5268.json b/CVE-2025/CVE-2025-52xx/CVE-2025-5268.json index 11f4013ccc3..33b02d6d223 100644 --- a/CVE-2025/CVE-2025-52xx/CVE-2025-5268.json +++ b/CVE-2025/CVE-2025-52xx/CVE-2025-5268.json @@ -2,13 +2,13 @@ "id": "CVE-2025-5268", "sourceIdentifier": "security@mozilla.org", "published": "2025-05-27T13:15:22.610", - "lastModified": "2025-05-30T01:15:17.360", - "vulnStatus": "Analyzed", + "lastModified": "2025-06-11T12:15:28.087", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 139 and Firefox ESR < 128.11." + "value": "Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 139, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11." }, { "lang": "es", @@ -102,6 +102,14 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-45/", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-46/", + "source": "security@mozilla.org" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-52xx/CVE-2025-5269.json b/CVE-2025/CVE-2025-52xx/CVE-2025-5269.json index 0628f81faa0..8fa2746dcf5 100644 --- a/CVE-2025/CVE-2025-52xx/CVE-2025-5269.json +++ b/CVE-2025/CVE-2025-52xx/CVE-2025-5269.json @@ -2,13 +2,13 @@ "id": "CVE-2025-5269", "sourceIdentifier": "security@mozilla.org", "published": "2025-05-27T13:15:22.717", - "lastModified": "2025-05-30T01:15:10.063", - "vulnStatus": "Analyzed", + "lastModified": "2025-06-11T12:15:28.270", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Memory safety bug present in Firefox ESR 128.10, and Thunderbird 128.10. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 128.11." + "value": "Memory safety bug present in Firefox ESR 128.10, and Thunderbird 128.10. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 128.11 and Thunderbird < 128.11." }, { "lang": "es", @@ -89,6 +89,10 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-46/", + "source": "security@mozilla.org" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-52xx/CVE-2025-5270.json b/CVE-2025/CVE-2025-52xx/CVE-2025-5270.json index 24cf6537c57..d540405eef0 100644 --- a/CVE-2025/CVE-2025-52xx/CVE-2025-5270.json +++ b/CVE-2025/CVE-2025-52xx/CVE-2025-5270.json @@ -2,13 +2,13 @@ "id": "CVE-2025-5270", "sourceIdentifier": "security@mozilla.org", "published": "2025-05-27T13:15:22.823", - "lastModified": "2025-05-28T18:36:10.270", - "vulnStatus": "Analyzed", + "lastModified": "2025-06-11T12:15:28.457", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This vulnerability affects Firefox < 139." + "value": "In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This vulnerability affects Firefox < 139 and Thunderbird < 139." }, { "lang": "es", @@ -83,6 +83,10 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-45/", + "source": "security@mozilla.org" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-52xx/CVE-2025-5271.json b/CVE-2025/CVE-2025-52xx/CVE-2025-5271.json index f8c9a18e844..a2d256478b1 100644 --- a/CVE-2025/CVE-2025-52xx/CVE-2025-5271.json +++ b/CVE-2025/CVE-2025-52xx/CVE-2025-5271.json @@ -2,13 +2,13 @@ "id": "CVE-2025-5271", "sourceIdentifier": "security@mozilla.org", "published": "2025-05-27T13:15:22.923", - "lastModified": "2025-05-28T18:35:56.847", - "vulnStatus": "Analyzed", + "lastModified": "2025-06-11T12:15:28.647", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Previewing a response in Devtools ignored CSP headers, which could have allowed content injection attacks. This vulnerability affects Firefox < 139." + "value": "Previewing a response in Devtools ignored CSP headers, which could have allowed content injection attacks. This vulnerability affects Firefox < 139 and Thunderbird < 139." }, { "lang": "es", @@ -83,6 +83,10 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-45/", + "source": "security@mozilla.org" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-52xx/CVE-2025-5272.json b/CVE-2025/CVE-2025-52xx/CVE-2025-5272.json index 0792c91ee55..15b816fd3e7 100644 --- a/CVE-2025/CVE-2025-52xx/CVE-2025-5272.json +++ b/CVE-2025/CVE-2025-52xx/CVE-2025-5272.json @@ -2,13 +2,13 @@ "id": "CVE-2025-5272", "sourceIdentifier": "security@mozilla.org", "published": "2025-05-27T13:15:23.023", - "lastModified": "2025-05-28T18:35:29.857", - "vulnStatus": "Analyzed", + "lastModified": "2025-06-11T12:15:28.840", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Memory safety bugs present in Firefox 138 and Thunderbird 138. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 139." + "value": "Memory safety bugs present in Firefox 138 and Thunderbird 138. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 139 and Thunderbird < 139." }, { "lang": "es", @@ -89,6 +89,10 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-45/", + "source": "security@mozilla.org" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-56xx/CVE-2025-5687.json b/CVE-2025/CVE-2025-56xx/CVE-2025-5687.json new file mode 100644 index 00000000000..097c533190b --- /dev/null +++ b/CVE-2025/CVE-2025-56xx/CVE-2025-5687.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2025-5687", + "sourceIdentifier": "security@mozilla.org", + "published": "2025-06-11T12:15:29.023", + "lastModified": "2025-06-11T12:15:29.023", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability in Mozilla VPN on macOS allows privilege escalation from a normal user to root.\n*This bug only affects Mozilla VPN on macOS. Other operating systems are unaffected.* This vulnerability affects Mozilla VPN 2.28.0 < (macOS)." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en Mozilla VPN para macOS permite la escalada de privilegios de un usuario normal a root. *Este error solo afecta a Mozilla VPN en macOS. Otros sistemas operativos no se ven afectados.* Esta vulnerabilidad afecta a Mozilla VPN 2.28.0 < (macOS)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1953736", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-48/", + "source": "security@mozilla.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-59xx/CVE-2025-5986.json b/CVE-2025/CVE-2025-59xx/CVE-2025-5986.json new file mode 100644 index 00000000000..84db0456ece --- /dev/null +++ b/CVE-2025/CVE-2025-59xx/CVE-2025-5986.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2025-5986", + "sourceIdentifier": "security@mozilla.org", + "published": "2025-06-11T12:15:29.183", + "lastModified": "2025-06-11T12:15:29.183", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's desktop or home directory without prompting, even if auto-saving is disabled. This behavior can be abused to fill the disk with garbage data (e.g. using /dev/urandom on Linux) or to leak Windows credentials via SMB links when the email is viewed in HTML mode. While user interaction is required to download the .pdf file, visual obfuscation can conceal the download trigger. Viewing the email in HTML mode is enough to load external content. This vulnerability affects Thunderbird < 128.11.1 and Thunderbird < 139.0.2." + }, + { + "lang": "es", + "value": "Un correo electr\u00f3nico HTML manipulado que utiliza enlaces mailbox:/// puede desencadenar descargas autom\u00e1ticas no solicitadas de archivos .pdf al escritorio o directorio personal del usuario sin previo aviso, incluso con el guardado autom\u00e1tico desactivado. Este comportamiento puede utilizarse para llenar el disco con datos innecesarios (p. ej., usando /dev/urandom en Linux) o para filtrar credenciales de Windows mediante enlaces SMB al visualizar el correo electr\u00f3nico en modo HTML. Si bien se requiere la interacci\u00f3n del usuario para descargar el archivo .pdf, la ofuscaci\u00f3n visual puede ocultar el desencadenador de la descarga. Ver el correo electr\u00f3nico en modo HTML es suficiente para cargar contenido externo. Esta vulnerabilidad afecta a Thunderbird (versi\u00f3n anterior a la 128.11.1) y Thunderbird (versi\u00f3n anterior a la 139.0.2)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1958580%2C1968012", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-49/", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-50/", + "source": "security@mozilla.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index b598c887c6d..9552e498edf 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-06-11T12:00:27.453854+00:00 +2025-06-11T14:00:19.698145+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-06-11T11:15:23.450000+00:00 +2025-06-11T13:58:02.947000+00:00 ``` ### Last Data Feed Release @@ -33,23 +33,46 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -297712 +297718 ``` ### CVEs added in the last Commit -Recently added CVEs: `3` +Recently added CVEs: `6` -- [CVE-2025-4128](CVE-2025/CVE-2025-41xx/CVE-2025-4128.json) (`2025-06-11T11:15:23.143`) -- [CVE-2025-4315](CVE-2025/CVE-2025-43xx/CVE-2025-4315.json) (`2025-06-11T10:15:21.733`) -- [CVE-2025-4573](CVE-2025/CVE-2025-45xx/CVE-2025-4573.json) (`2025-06-11T11:15:23.313`) +- [CVE-2025-3302](CVE-2025/CVE-2025-33xx/CVE-2025-3302.json) (`2025-06-11T12:15:25.377`) +- [CVE-2025-49709](CVE-2025/CVE-2025-497xx/CVE-2025-49709.json) (`2025-06-11T12:15:26.977`) +- [CVE-2025-49710](CVE-2025/CVE-2025-497xx/CVE-2025-49710.json) (`2025-06-11T12:15:27.083`) +- [CVE-2025-5144](CVE-2025/CVE-2025-51xx/CVE-2025-5144.json) (`2025-06-11T13:15:24.823`) +- [CVE-2025-5687](CVE-2025/CVE-2025-56xx/CVE-2025-5687.json) (`2025-06-11T12:15:29.023`) +- [CVE-2025-5986](CVE-2025/CVE-2025-59xx/CVE-2025-5986.json) (`2025-06-11T12:15:29.183`) ### CVEs modified in the last Commit -Recently modified CVEs: `1` +Recently modified CVEs: `21` -- [CVE-2025-5889](CVE-2025/CVE-2025-58xx/CVE-2025-5889.json) (`2025-06-11T11:15:23.450`) +- [CVE-2024-27447](CVE-2024/CVE-2024-274xx/CVE-2024-27447.json) (`2025-06-11T12:53:35.083`) +- [CVE-2024-33117](CVE-2024/CVE-2024-331xx/CVE-2024-33117.json) (`2025-06-11T12:04:14.130`) +- [CVE-2024-33752](CVE-2024/CVE-2024-337xx/CVE-2024-33752.json) (`2025-06-11T12:06:35.033`) +- [CVE-2024-41588](CVE-2024/CVE-2024-415xx/CVE-2024-41588.json) (`2025-06-11T13:54:06.133`) +- [CVE-2024-41590](CVE-2024/CVE-2024-415xx/CVE-2024-41590.json) (`2025-06-11T13:49:57.290`) +- [CVE-2024-41596](CVE-2024/CVE-2024-415xx/CVE-2024-41596.json) (`2025-06-11T13:40:06.773`) +- [CVE-2024-9529](CVE-2024/CVE-2024-95xx/CVE-2024-9529.json) (`2025-06-11T13:58:02.947`) +- [CVE-2025-3877](CVE-2025/CVE-2025-38xx/CVE-2025-3877.json) (`2025-06-11T13:15:24.007`) +- [CVE-2025-49651](CVE-2025/CVE-2025-496xx/CVE-2025-49651.json) (`2025-06-11T13:15:24.483`) +- [CVE-2025-49652](CVE-2025/CVE-2025-496xx/CVE-2025-49652.json) (`2025-06-11T13:15:24.613`) +- [CVE-2025-49653](CVE-2025/CVE-2025-496xx/CVE-2025-49653.json) (`2025-06-11T13:15:24.720`) +- [CVE-2025-5263](CVE-2025/CVE-2025-52xx/CVE-2025-5263.json) (`2025-06-11T12:15:27.183`) +- [CVE-2025-5264](CVE-2025/CVE-2025-52xx/CVE-2025-5264.json) (`2025-06-11T12:15:27.373`) +- [CVE-2025-5265](CVE-2025/CVE-2025-52xx/CVE-2025-5265.json) (`2025-06-11T12:15:27.553`) +- [CVE-2025-5266](CVE-2025/CVE-2025-52xx/CVE-2025-5266.json) (`2025-06-11T12:15:27.730`) +- [CVE-2025-5267](CVE-2025/CVE-2025-52xx/CVE-2025-5267.json) (`2025-06-11T12:15:27.910`) +- [CVE-2025-5268](CVE-2025/CVE-2025-52xx/CVE-2025-5268.json) (`2025-06-11T12:15:28.087`) +- [CVE-2025-5269](CVE-2025/CVE-2025-52xx/CVE-2025-5269.json) (`2025-06-11T12:15:28.270`) +- [CVE-2025-5270](CVE-2025/CVE-2025-52xx/CVE-2025-5270.json) (`2025-06-11T12:15:28.457`) +- [CVE-2025-5271](CVE-2025/CVE-2025-52xx/CVE-2025-5271.json) (`2025-06-11T12:15:28.647`) +- [CVE-2025-5272](CVE-2025/CVE-2025-52xx/CVE-2025-5272.json) (`2025-06-11T12:15:28.840`) ## Download and Usage diff --git a/_state.csv b/_state.csv index c4b659dfcd5..205ca394833 100644 --- a/_state.csv +++ b/_state.csv @@ -255746,7 +255746,7 @@ CVE-2024-27441,0,0,8627ee176bbd8db9047f0ac2824f85227251736cca8356f59d7164883e716 CVE-2024-27442,0,0,b113225cd79b3d0b44b8bc15a83e3bd1b29f742e07843ffbf5a451ca58f7ad33,2024-08-13T17:30:36.833000 CVE-2024-27443,0,0,3c0a90cacc761474c320235ca1b019a4cad7bf02e5db3b5bcee9676fec4b0c87,2025-05-21T18:43:52.287000 CVE-2024-27444,0,0,f2782679746ac825122096e332d365a1377f937908fa850657f47ae7562722ec,2024-11-21T09:04:37.470000 -CVE-2024-27447,0,0,58c4b3b2043c957ce5dade74764c4bc1aebd307c6b5a0cfc4a4a2fe5b787a9fd,2024-11-21T09:04:37.677000 +CVE-2024-27447,0,1,f6d6d9fad48a31686fdab5f9950d31651bead604f5590caf8910094e154c5642,2025-06-11T12:53:35.083000 CVE-2024-27448,0,0,8d84df435d462af3b84b4a4f1503868d7e64fb34bcf7329beab88ef9e1029260,2025-03-13T15:15:42.293000 CVE-2024-2745,0,0,28743d3482c4dc2cc7e95a6a28bdb765faa2729a76e91dd4c556600c182f0f12,2025-02-25T18:36:41.020000 CVE-2024-27453,0,0,d7a686cd701b8be9d28be91ce51b1a48b487049402a86408c25fdcdc51bc0bfb,2025-06-10T17:58:18.297000 @@ -260018,7 +260018,7 @@ CVE-2024-33110,0,0,6ffbc94f167a52dfbd0ed621b524235b74f27a94f81d2620691ca07e335ee CVE-2024-33111,0,0,17f4a588b6771453aae4fc0d8fe54488d2c27b36ab3b37893b9ded6fd2912f18,2025-05-21T13:02:32.660000 CVE-2024-33112,0,0,f8ad2bcf8d7e340ab8b56d4ec4e1bfe3463c718134abce8b16f9a87aaa63e418,2025-05-21T13:02:30.203000 CVE-2024-33113,0,0,7cf7987cc0dd6caecd85afedffd5aa13c551f5a0cf5e90dfd19e9f43dd0dd370,2025-05-21T13:02:27.457000 -CVE-2024-33117,0,0,8552376d82bc5ea5f10b0096ec96a0896f4535cab3b58e17a1204148ea532a7a,2024-12-06T21:15:07.340000 +CVE-2024-33117,0,1,528352eca85edaf59d5ef88e311d6c940ccae0f464a8c238d0cc95b7c6f9cd01,2025-06-11T12:04:14.130000 CVE-2024-33118,0,0,72c8999c88c2b5558e4a8f33a58e566f4eb8caa38d2e54a61703d28769d04715,2025-06-10T19:43:40.383000 CVE-2024-3312,0,0,5f7abfea07e26708b46deb725eba9cf7ab27075e45367056ede9366567e02312,2024-11-21T09:29:22.277000 CVE-2024-33120,0,0,6059ae7834dce7456d75514ab19c32a74ce0bc8de7f67b7ab7f5e8e4997c2e7a,2025-05-01T14:55:22.393000 @@ -260413,7 +260413,7 @@ CVE-2024-3374,0,0,420f73150af02275166b9c440c567922c144b0ea7f73169b89eb730ef81c3a CVE-2024-33748,0,0,acc248d0cfbd8692cea48635d656011bb983fa9bd242614a24fa39140acf6529,2024-11-21T09:17:26.140000 CVE-2024-33749,0,0,2749a1eef01de8a6200de4cabc78dc3e00a5a4d8cb932c669d1e90435b0ca346,2025-04-01T18:05:32.370000 CVE-2024-3375,0,0,9705036410c25948012494141e27b48a4ee424b1500d49272b52c98930b4fb01,2024-11-21T09:29:29.443000 -CVE-2024-33752,0,0,303257eae9122abbdacdf0312dd251da9cbaf8817e28d2e256d7349a5b409390,2024-11-21T09:17:26.520000 +CVE-2024-33752,0,1,cb9a92a990be6bf2f2831adfde5bc6f3b734cb86e9dd2d39a6e6c3426345c897,2025-06-11T12:06:35.033000 CVE-2024-33753,0,0,d6dd9a560aacef7fbfdb8e582f966b14086954aa85705d5f248034003e649ad3,2024-11-21T09:17:26.740000 CVE-2024-3376,0,0,d0b726129a0cb4aa357ddbea81c1414fafc204c7b2176615db21f058e6802519,2025-01-17T17:41:21.647000 CVE-2024-33763,0,0,efdd783f0638df5aefc0de37545ea93326aee139131b46e1d8e52abd6f3fb384,2025-04-15T17:14:08.027000 @@ -266485,16 +266485,16 @@ CVE-2024-41584,0,0,8ee9ae082d5209bf32a9612fbd142972ee3d4ff51fed2ea5dd87a62b3ae6a CVE-2024-41585,0,0,f603abcc7adc50c0f0418039db97e6157e5d644c828ff6d6a43a1148e2cbdcd7,2025-04-10T13:41:39.553000 CVE-2024-41586,0,0,2ca5c96a0d26f43109380a195dfb7e58cb016f80ea656e1dca0934dfc33fbe62,2025-04-10T13:41:46.850000 CVE-2024-41587,0,0,49423dacd1b4227d5ab73e5f650b6e45277b0abc6417b9dfb6a350665edb1b90,2025-03-18T16:15:22.733000 -CVE-2024-41588,0,0,12855fd9528cca7b6a9f8895e8cab1cad70bf0d06c459b85a1fabc864b49c613,2024-10-07T19:37:15.063000 +CVE-2024-41588,0,1,43c1fa557b9ca13f5d6e637d1577733d0e70b7fd248ce3a14c85fc6e91bf133e,2025-06-11T13:54:06.133000 CVE-2024-41589,0,0,e9c30a32e1d5bd5f4b6364fc650d57d72e5e61f9fa07da023f0932b49a18787a,2025-04-10T13:43:37.377000 CVE-2024-4159,0,0,79fc1543f1260705e74b8deeae175c555b129f183a9014a6e4288a6f9681a384,2025-02-06T17:49:55.727000 -CVE-2024-41590,0,0,ae72a29310011ac761f22598a9a9fd38be630e5dd14d9297905fcb9bb42b92be,2024-10-07T19:37:16.150000 +CVE-2024-41590,0,1,4bd11c0a5a16ea227fdd8eebb5961a9e31a379af597a578b269e3cd5b756015e,2025-06-11T13:49:57.290000 CVE-2024-41591,0,0,fbe56be2c7d21e58694890c979fd5b2525d6606e74bcf44af4f4eb9ebfc7cb62,2025-03-14T16:15:34.730000 CVE-2024-41592,0,0,da34ad5373a3e4f26de17396b443b16c2b3db924958258ea30640b9d1bddd551,2025-06-03T13:52:04.560000 CVE-2024-41593,0,0,4c655fb675e2e26beb224f3146b60f9a593776c70e4428cbb9b0d5eb10e9c063,2025-03-13T19:15:47.260000 CVE-2024-41594,0,0,0fa2ba762c2fbc09f3e5499bc08c98877b67fafe9367aa7a338ecace00d5bdc7,2025-03-19T16:15:26.387000 CVE-2024-41595,0,0,55147bb2c7f980be0e8dfce69050f7ac0e8d3bd44beedc81b56dc3a9145dbb12,2025-04-10T14:37:24.073000 -CVE-2024-41596,0,0,43439c4ee719412f0a386579c81b6225f50b961dd789fe5cbe9e1862ea1f0c0f,2024-10-04T13:50:43.727000 +CVE-2024-41596,0,1,4c9a2c20ad07ecda2ee244a2fc0a6001029f77098a96d1bb2f0e364c0927f005,2025-06-11T13:40:06.773000 CVE-2024-41597,0,0,8bc3478a40fad9fe08a5b14f99fcfb65827e68ea30f05fc2a19957f05a35e7ba,2024-11-21T09:32:49.140000 CVE-2024-41599,0,0,19010d159a05e51c251b0e87e5efe7d7695f4c30ed161561b8ad7fb41917cdd4,2025-03-19T18:15:21.827000 CVE-2024-4160,0,0,77018d19c3c59babab69bb4c4bd714918ace7f45db9fbec548c4760db9a196a9,2025-03-21T19:16:41.813000 @@ -281984,7 +281984,7 @@ CVE-2024-9522,0,0,81a7015961146d67081255db9702f745971d5b01a572ccb06cd379a82785f7 CVE-2024-9524,0,0,c0e0025075860eb301ff4ff643bd32cf5eb6831d27ec91d35b567d38c9af7c09,2025-05-12T17:32:32.760000 CVE-2024-9526,0,0,acc606f8e9195e546a271d256c6ec9cc804f4a841580ecb828b473fe7b0b33c3,2024-11-18T17:11:17.393000 CVE-2024-9528,0,0,324f5a9bfc4a37c1aeda9587a3d9c2b641c0fbccff333ce06df06554eda75394,2025-02-06T18:35:28.637000 -CVE-2024-9529,0,0,6b328ba0bed5589256da193b60a8a18489bbec6f2035b97998856b36e33a34ba,2024-11-15T19:35:19.160000 +CVE-2024-9529,0,1,e0835773ff2868f746ad772bca71cef0b4d7976759453aa0ec2fad83ec18fe03,2025-06-11T13:58:02.947000 CVE-2024-9530,0,0,d9770d6d9d81aca35282dd37cad0ec897a8e52cf92a99657df0b6283cc63f82d,2024-10-25T18:52:10.810000 CVE-2024-9531,0,0,bd5dea9af3b5acebc7a9498df783f0aa08a3c09d57316df4d5faf9fd73c9b899,2025-06-05T16:56:56.240000 CVE-2024-9532,0,0,ee74e81fcd3228028851cbf05d2cfbe5eea8f3421ccb07415d383b1bab6b2af5,2024-10-09T11:18:49.027000 @@ -293053,6 +293053,7 @@ CVE-2025-3300,0,0,71838a45e38cfd4f9033706465f5d20314584bcf58aabb1bb7ca5cab40d521 CVE-2025-33004,0,0,0dbcf8f4552332912f870f20d881c87d766919198baf5864e35f56c668cfa064,2025-06-09T18:08:21.600000 CVE-2025-33005,0,0,cc36f120cbed36c030ac1a468cb0a7afdae6956296ad02b259f7e3a82ab309a5,2025-06-09T18:07:39.407000 CVE-2025-3301,0,0,b2cbbbf942710dc17dd30bf45e19011afe7becbc724cdeebd3bb45dd2691a5aa,2025-05-02T13:53:49.480000 +CVE-2025-3302,1,1,38fc44d8b6ab8b7fd1331287581e06949fb4e0b7f6684587b3a21ec43e33b278,2025-06-11T12:15:25.377000 CVE-2025-33024,0,0,a929691d5533595a80202115459e86f84fc81996ba9c41d2a68880f3e6fcf59f,2025-05-13T19:35:18.080000 CVE-2025-33025,0,0,4b295e88dd02f429bce7f4aed7e0b1b7ea585aae960bbc6de9d4364036c40d6c,2025-05-13T19:35:18.080000 CVE-2025-33026,0,0,16823ea87e15ed5dd06862f606f290dd47fd68e96dd8b001f96144de8d0bef0f,2025-04-22T17:37:37.900000 @@ -293889,7 +293890,7 @@ CVE-2025-3872,0,0,26604960001ce7e7efc01090e0c7f3ace8c54075c9f64bec667f2f9d611a1c CVE-2025-3874,0,0,48404b5920dfb8e9d0e9a6f6c853dfae3dfd8be20985f098e8a46e30a37014f9,2025-05-06T15:39:29.083000 CVE-2025-3875,0,0,1b7ebae355c4f48c8dddf4fcdd6fc15c745cdda51dd1f8022d95692c7a83a312,2025-06-05T14:27:05.837000 CVE-2025-3876,0,0,98fa4965cd0fb5896f08763a0582c93ea252014e67d6fd79d41bdf5071b00a40,2025-05-21T13:35:09.450000 -CVE-2025-3877,0,0,171808fa8225deb7d71109a8aae6e5d930f890ae885f799a5dc3c8c157cdf177,2025-06-05T14:26:54.100000 +CVE-2025-3877,0,1,a620192bb17052afd6333e66b5a40238ba021cbb671fc7173692c585e43df3dd,2025-06-11T13:15:24.007000 CVE-2025-3878,0,0,6edc0413060b870ca8db342e4d416bc7330af04d97c4384be96b3d4817bff1e1,2025-05-21T13:36:16.070000 CVE-2025-3879,0,0,d832e10f3f5a35fa6f778cb83701763ba1ca0a6464dece4429751c1aa0bef5fb,2025-05-05T20:54:19.760000 CVE-2025-3881,0,0,24b54933e846a45dd97d5a9a438a485d3ead998ef41689a70b444bb5ab176e29,2025-05-23T15:55:02.040000 @@ -294442,7 +294443,7 @@ CVE-2025-4124,0,0,2116d33601d18584d8ff86788e21befdf79ee067b30d9afca370ae97d0f6cb CVE-2025-4125,0,0,9ce360e53c445df2b459e99f4cc1a32fbf05cb06f761d7887ca2ad1edf5cdba7,2025-05-16T16:56:47.173000 CVE-2025-4126,0,0,c504eb8f9e35e66ea3a2e9e649e0b3ff59910e9bf49695680cf85ff18119f2ac,2025-05-16T14:43:26.160000 CVE-2025-4127,0,0,440aeef33b0470c9ce2f9d93f454f227b230a85f1c418afc74834471a41511d6,2025-06-04T22:46:00.467000 -CVE-2025-4128,1,1,add058cb3c82bda3b8528b31512480936d486c01ced26234eec277e965a5f17b,2025-06-11T11:15:23.143000 +CVE-2025-4128,0,0,add058cb3c82bda3b8528b31512480936d486c01ced26234eec277e965a5f17b,2025-06-11T11:15:23.143000 CVE-2025-4131,0,0,e145db9bdcf5e54a3788ea8919212b2cfcdb96e29e639a2a6fca852d8fbe36f2,2025-05-02T13:52:51.693000 CVE-2025-4132,0,0,e4809de586f057a9e14a37c05676b7015f221bfc82c94512bf23f0611070b256,2025-05-12T09:15:16.080000 CVE-2025-4133,0,0,62707a46d404303184816916a5f626e6709dc33fc51eeac3cd7609c2da4dc930,2025-06-09T20:13:53.007000 @@ -294681,7 +294682,7 @@ CVE-2025-4311,0,0,b86b7f03b9a3e13ebec6a81fa3374a72088c76d5ed9808b613942b1a544a85 CVE-2025-4312,0,0,b020ac5d93c94e4243097f7603b6eb31d5f3637b9a07a16410872c1ee6380b29,2025-05-14T20:56:44.840000 CVE-2025-4313,0,0,96adfe49118b3dc0ffa2d766514becfcea2a2e173aec97c2971381d69b1c7c38,2025-05-14T20:57:03.937000 CVE-2025-4314,0,0,89cfceef9bbe0699f164e05975fe9dcf3155dc1437b8d0bc5f6540ae67e31e0a,2025-05-14T20:57:14.900000 -CVE-2025-4315,1,1,e5d7fb1431e38b2f10126259e4ebe8eb19601904fe230cc0d953564d096d24fb,2025-06-11T10:15:21.733000 +CVE-2025-4315,0,0,e5d7fb1431e38b2f10126259e4ebe8eb19601904fe230cc0d953564d096d24fb,2025-06-11T10:15:21.733000 CVE-2025-4316,0,0,a3cffae4e2b5f53f1a661b0b9d82da9e0409120ddd80fb5f02808f802009be7c,2025-05-14T13:15:48.907000 CVE-2025-4317,0,0,f983c055783da6de4e51f0e6cd7b6401724e0ab142e6ae06607742ab65cbbc38,2025-05-13T19:35:18.080000 CVE-2025-4318,0,0,5887b3ce06385074832e5ab93ef36220685a1c2570be13ee561ec8804f3cb15a,2025-06-10T01:15:23.483000 @@ -295157,7 +295158,7 @@ CVE-2025-4562,0,0,d2657f9e359abe15e16bbecb49ae9ba4428138285e1222df0d7e8c7358260e CVE-2025-4564,0,0,8d3f9720d908e446b737db8b900434db81b180dd53397ac7362129a7e91e5314,2025-05-16T14:43:26.160000 CVE-2025-4567,0,0,a5c879fa190e64c457804cb929009e4d3ed79771da2179c3388d5be1060c5622,2025-06-05T14:09:17.020000 CVE-2025-4568,0,0,a7dc4015dc0dc8a1d051ca0a0c8659f2aa00a001767db9893b5b3f88ebbd1af5,2025-06-05T20:12:23.777000 -CVE-2025-4573,1,1,b3373ae029c84eab61791e1c228ff91a08fffff18ea5882aa16e746ccb44e6a2,2025-06-11T11:15:23.313000 +CVE-2025-4573,0,0,b3373ae029c84eab61791e1c228ff91a08fffff18ea5882aa16e746ccb44e6a2,2025-06-11T11:15:23.313000 CVE-2025-4574,0,0,a936e70ea81d08570f1b370d85f904e33ed32b85014f55e350943da2afdfcfb5,2025-05-16T14:43:56.797000 CVE-2025-45746,0,0,4f739c19260013516117a27de71915ddd8b481653d1fe15c253a574b15da0223,2025-05-21T14:15:31.553000 CVE-2025-4575,0,0,0624d6300232d42a9f90f1e62069c560ca8ea8d361bea47508069c55d62ec0b1,2025-05-23T15:55:02.040000 @@ -297015,13 +297016,15 @@ CVE-2025-49599,0,0,cd0748db942732a0e968c564ce05d560bd51611e52e8cb06dc26ca9e65d8d CVE-2025-49619,0,0,bf456b7c74aaa6eab01b4c779d57de166fafc9ff7198338c147fed153e2c86a7,2025-06-09T16:15:46.937000 CVE-2025-4963,0,0,bcea30a5657c56e720740d0c1da3f6ecccc2ea27495c62c19f4e987237e46939,2025-05-28T15:01:30.720000 CVE-2025-4964,0,0,9a4175fc819c8903aae087508d79cb283240d351bb7e4f3f9bd0bc9b58a9f683,2025-06-06T14:07:28.330000 -CVE-2025-49651,0,0,31c3e4a58bb2be814284bc4c21746611c9ccdeb3404b0d06020b787c80f6fc0e,2025-06-09T18:15:26.740000 -CVE-2025-49652,0,0,418ace564269eb4c3fcc19ebfe4464eb6a68cb3aadaef8381d4ab4e03748b2c5,2025-06-09T18:15:26.897000 -CVE-2025-49653,0,0,813c373524f96e3f2dcd4fa87a5451235e7b4bc02385e0b84e327ef521f73436,2025-06-09T18:15:27.033000 +CVE-2025-49651,0,1,3dc40157fb10bae7243a77ac51b211b66ba5acc56dee973c3a32b5a2ba7b366d,2025-06-11T13:15:24.483000 +CVE-2025-49652,0,1,4e7502c990624f15263178caeb248d6dfded2ce2c251ff5e53411eb5a9308d20,2025-06-11T13:15:24.613000 +CVE-2025-49653,0,1,1ecfe673ed5ad877726cedd55cefd4c60f1c99abefcd145ee08bdc016366d375,2025-06-11T13:15:24.720000 CVE-2025-4966,0,0,8884eb97bbdf1a18517bed6dc84588ccbd4cf19bb3dff5ec3aa5d29bc4c7285b,2025-06-06T14:07:28.330000 CVE-2025-4967,0,0,108222a9fb8d269319085d1510581dfa0458c27c4448fa960791612bde83ca72,2025-05-30T16:31:03.107000 CVE-2025-4969,0,0,4f90cc424a2a0f4e9ed8afa3693879db2394c134460b9fa8753024f2852d3968,2025-05-21T20:24:58.133000 +CVE-2025-49709,1,1,746dffc6d2c5432d7e4eba087556ee9d62a1593fe8d9f284a73de26c2354176d,2025-06-11T12:15:26.977000 CVE-2025-4971,0,0,ec01b010a198b670732c969d73dfa53bbd76f2e075f866245cc573c614982079,2025-05-21T20:25:16.407000 +CVE-2025-49710,1,1,e16065f68a1c3ecdcf2117f4df50c2fccdd2d13a0cce4d1033f135418707e259,2025-06-11T12:15:27.083000 CVE-2025-4975,0,0,e6592341c2d044f9e5e990b69dac44d61e569344ba65d2de38b936ca41ba415e,2025-05-23T15:54:42.643000 CVE-2025-4977,0,0,bd1fd849d67fd76fbcb9bab811ae102c8a3ea5945e2e64bb03121997ef69d512,2025-05-21T20:25:16.407000 CVE-2025-4978,0,0,d098f546d229ff0b8b6c1c02e6df2a8e7e88cccb563b41e18115eb4da78ff2f6,2025-05-21T20:25:16.407000 @@ -297139,6 +297142,7 @@ CVE-2025-5138,0,0,3bae41860cd01f5b3b29a66081652cec538a389d28958af017b419d06b3890 CVE-2025-5139,0,0,1f6b6d6f74654497d336b663b2d16a5fe2eea3d0378c7d1c3577dfaa66e63c83,2025-05-28T14:58:52.920000 CVE-2025-5140,0,0,7eb8851e623e7595aeb04f88f3b17c4f06b9055459a202a999065089d465d23f,2025-05-28T14:58:52.920000 CVE-2025-5142,0,0,cfb77a196d5255a5a436db83dff520eaaa1d53cc832ec32bce9b0d13a0b8d87b,2025-06-04T18:29:34.470000 +CVE-2025-5144,1,1,1a91210a39f37e90277264f7461097da3f9ae047ad04d93d74703664d1f3c808,2025-06-11T13:15:24.823000 CVE-2025-5145,0,0,79eef495ab65fcf81286a635001443af56e362b501d3db2d9a57e69f802a1c67,2025-05-28T14:58:52.920000 CVE-2025-5146,0,0,30dc5c61e39c6bb48e155d9bcd0fd66e2395886111a482cc56b330fb6c74d9f8,2025-05-29T07:15:25.120000 CVE-2025-5147,0,0,0d68c3226bde9ea189f2d3e4a81d7d02206c36b54e63b2ea80685be3458a5459,2025-05-29T07:15:25.330000 @@ -297234,16 +297238,16 @@ CVE-2025-5256,0,0,8e276989283383806f3abf5c20dbe67142f0dc8ca07046605c539922633ebc CVE-2025-5257,0,0,75d358e3d2bbe3761b44e1bc4ce97e0b1726e1521e4fab98ee61ac2e91cdcfa1,2025-05-29T14:29:50.247000 CVE-2025-5259,0,0,762eb0e82b940f038c9de9747260da22e83abc89d044ade4d08f1060ed5d681a,2025-05-30T16:31:03.107000 CVE-2025-5262,0,0,8d158d6fd94524fd413794cf0b5bc75dd7b83edc10bc60eca4a90ef0afe5fb85,2025-05-27T18:15:31.980000 -CVE-2025-5263,0,0,d7538b8a0a27a8f755f3d49b6912ad5feac5a2bbad7f510b5b67d70d4e22c200,2025-06-05T14:11:49.567000 -CVE-2025-5264,0,0,840179a7a45a50b5f27cbaa37d29ab181d97fdee2acbe8c0095b46589b264310,2025-06-04T20:13:22.030000 -CVE-2025-5265,0,0,b06ea76311a2481a6bb15ef8ec9b9a8b992de4b2fc8824524d302db093c13fc6,2025-06-05T14:11:39.047000 -CVE-2025-5266,0,0,5e767ca3b12ec0aede92e74a6498e76329efbb66efbb39db24b67649aa79b601,2025-06-04T20:13:30.083000 -CVE-2025-5267,0,0,c8e4972c2cd2f1cc108b34d8f3033871d3c1ebcc65e2d2c6c36b398c1ff450d0,2025-06-04T20:13:36.650000 -CVE-2025-5268,0,0,9ca56217f6656b3db6f3886ae97c6aaf51981b2cfee3ec36114b04504f1fde37,2025-05-30T01:15:17.360000 -CVE-2025-5269,0,0,636b981ad0b6bd51e888bd083e0521a5d5430a75a4379a3e968a67a4dc3d2be8,2025-05-30T01:15:10.063000 -CVE-2025-5270,0,0,aa456a57f4f2365f19a6751f7c8757f0e45ea8ebbfa9b865c8b311a5b75652fd,2025-05-28T18:36:10.270000 -CVE-2025-5271,0,0,690e8825fc80b6fc0ecfe900ac3dcad130d2f9496b37f82b320aac0ae279f7b4,2025-05-28T18:35:56.847000 -CVE-2025-5272,0,0,074c893922ad04d4cd97e1ed2d35dd3b2f922b3d3528dc0bfa306f766f8c44dc,2025-05-28T18:35:29.857000 +CVE-2025-5263,0,1,aa86671b7ea99b1d0dfc0c6352f8f2192817a359ea9bf4567f068ac38cd6af34,2025-06-11T12:15:27.183000 +CVE-2025-5264,0,1,5acf980c26362c26ab94ae3c7ae821049757c87d0eefb697447d18253fa00440,2025-06-11T12:15:27.373000 +CVE-2025-5265,0,1,28606bb83a73b4f9d7dede4858210717150080ffa1d142904c522b1757edcd5e,2025-06-11T12:15:27.553000 +CVE-2025-5266,0,1,86469d529066a0232f0c8eb07f8e9f67c94f247bc436f8d1062b8a0475806c9b,2025-06-11T12:15:27.730000 +CVE-2025-5267,0,1,8716e9a87e0f688cdc06fb8b4836782dc60cade2df62eba24b97b33d9115e8be,2025-06-11T12:15:27.910000 +CVE-2025-5268,0,1,d57c0308433fa204e62ae9e945a3726f05cee3787137e819d7cdad3d4005c86c,2025-06-11T12:15:28.087000 +CVE-2025-5269,0,1,b922f617fbcbba106d44af23edcbb0031488ab18b41d436f84ab099755898527,2025-06-11T12:15:28.270000 +CVE-2025-5270,0,1,96297246b7606c4dbbeaaf8f99515d023221026a42fbd39003eb5516a389c3ab,2025-06-11T12:15:28.457000 +CVE-2025-5271,0,1,e8162e6d0dc193ebe9401a5dcd034fa2e97416454d77b1504f9845da76fee3ef,2025-06-11T12:15:28.647000 +CVE-2025-5272,0,1,b1d0c7e19ac36597fb989e72bcee09751441797b45636fb052ca12e726df56d9,2025-06-11T12:15:28.840000 CVE-2025-5273,0,0,7a172885547dbfa68292354132d6eab77847bfdd0e0f37bfe0a33c637c28685a,2025-05-29T14:29:50.247000 CVE-2025-5276,0,0,39d67915dab7ad2300f3ccd3a288fcee1075e32b914c45ad140eb6b7725be52b,2025-05-29T14:29:50.247000 CVE-2025-5277,0,0,ba5aa3a145e9e2e34ac18c63e7fe60e94ac49ba4d7121cc0bc36eebe3309abbf,2025-05-28T15:01:30.720000 @@ -297526,6 +297530,7 @@ CVE-2025-5680,0,0,951e9727eb6f85cb1826e5addda531b5a3ed92e200dcd69a9572852fb51b7d CVE-2025-5683,0,0,1a3b3cb960b03a08fa5b7c4079149ff9fe6c9f4a5d5c8b0f22c43f750a1037ab,2025-06-05T20:12:23.777000 CVE-2025-5685,0,0,9300f7d7685cfc359ac44cb8501f97431249edd5f4608a9c2df4c4def6573138,2025-06-10T15:01:39.320000 CVE-2025-5686,0,0,ceecb4c8c9b6240c3c4cf6461703c0b505d1b9b8eeadd71aabaf7a72390230d4,2025-06-06T14:07:28.330000 +CVE-2025-5687,1,1,c421add6eee3470a0c8dd4c0cfabac86c20482eace4697dc1de0a9f06f87c7e8,2025-06-11T12:15:29.023000 CVE-2025-5688,0,0,8859de4a9377955821b5e59f7a118128be39b8ffcd1a35e1ff851cd9073a522a,2025-06-05T20:12:23.777000 CVE-2025-5690,0,0,2e6ec95a91973b0c3c4a92b7ee6f9cd8669b2bfbe2e8890344ec60c22753f2e7,2025-06-05T20:12:23.777000 CVE-2025-5693,0,0,3eb6fccacf1bd20f2333db0bbaacd99059fce8b8a971e8a4304fa128bcdb0cb9,2025-06-10T15:01:27.903000 @@ -297658,7 +297663,7 @@ CVE-2025-5885,0,0,bca2d2871b63dd6eccf4504f84b7c81750e56a52a9d6586fb746c58736eec6 CVE-2025-5886,0,0,57f3fe000a27ba71a3c9ab8b5a9188dfe28750cdcdddec173aef81c271bb4a71,2025-06-10T14:15:31.160000 CVE-2025-5887,0,0,5136919542c2b0d6efd89daa4797cf9dc684ce484d0bee313edcf2d161ac9cfb,2025-06-09T20:15:25.013000 CVE-2025-5888,0,0,8ae86dc91bfbb19db8069a50148c81b6ef6ab94e58e8b25cf50a4393802ed91e,2025-06-09T18:15:27.873000 -CVE-2025-5889,0,1,79d0f0c5b3b726a47581058a31b8e711ba8cb30df8b90eb32d56990eb48db20f,2025-06-11T11:15:23.450000 +CVE-2025-5889,0,0,79d0f0c5b3b726a47581058a31b8e711ba8cb30df8b90eb32d56990eb48db20f,2025-06-11T11:15:23.450000 CVE-2025-5890,0,0,9b58b02992b94753d85c9e33614b8f5e4a7c9dafd386882d79ee3548ab14456d,2025-06-09T19:15:25.677000 CVE-2025-5891,0,0,d1b139b281160bbb253ff7821b55cbfd2c048c282b2fd4ee6f3798db59ba4610,2025-06-09T20:15:25.213000 CVE-2025-5892,0,0,ef651ac9f964b6d5d0e2d2ef95a783ff216013027d6f33862f90d2f4c4f6bc6f,2025-06-09T20:15:25.377000 @@ -297710,4 +297715,5 @@ CVE-2025-5979,0,0,d27c61690a89a70834e1ac7ec79b55e9c00b548ee2fa9335cb0305161ad452 CVE-2025-5980,0,0,e040dd481b18254b8331cc7db878c5d64b7a6be5a4fa7521d9ea11a576b92997,2025-06-10T21:15:23.150000 CVE-2025-5984,0,0,23b7a2e2427c55d6b8b71bdfb3210e81fbbb4de6329b5126e67b10ed13442fce,2025-06-10T23:15:58.583000 CVE-2025-5985,0,0,6446d10df39548f8cc9543e4c4495bd4e0a246e2b8805b29cf25763ee00bb5ed,2025-06-10T23:15:58.770000 +CVE-2025-5986,1,1,b188af1bd59926106ceca49db67102e84e5873a91ec7194d797228e2ae3e438a,2025-06-11T12:15:29.183000 CVE-2025-5991,0,0,63a683acbdc0ee08246e1a037b74c64c0c9a5c11210d84e35e546c14a58c12d4,2025-06-11T08:15:22.933000