admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-04-08T18:00:20.362308+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-04-08 18:03:55 +00:00
parent 5ffcae3e78
commit b0e04f0417
115 changed files with 5662 additions and 631 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

76
CVE-2020/CVE-2020-06xx/CVE-2020-0638.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-0638", "id": "CVE-2020-0638",
"sourceIdentifier": "secure@microsoft.com", "sourceIdentifier": "secure@microsoft.com",
"published": "2020-01-14T23:15:32.503", "published": "2020-01-14T23:15:32.503",
"lastModified": "2025-02-07T16:15:31.030", "lastModified": "2025-04-08T16:00:35.440",
"vulnStatus": "Modified", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -119,43 +119,83 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:microsoft:windows_10_1709:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "83B14968-3985-43C3-ACE5-8307196EFAE3" "matchCriteriaId": "555C22C7-356D-4DA7-8CED-DA7423BBC6CF"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:microsoft:windows_10_1709:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "7CB85C75-4D35-480E-843D-60579EC75FCB" "matchCriteriaId": "469F95D3-ABBB-4F1A-A000-BE0F6BD60FF6"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:microsoft:windows_10_1803:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "6B8F3DD2-A145-4AF1-8545-CC42892DA3D1" "matchCriteriaId": "40151476-C0FD-4336-8194-039E8827B7C8"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:microsoft:windows_10_1803:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "3FB5CDAE-C713-4D9D-9D6A-2C2E8924A4BB" "matchCriteriaId": "D82F8AF7-ED01-4649-849E-F248F0E02384"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "E9273B95-20ED-4547-B0A8-95AD15B30372" "matchCriteriaId": "73D24713-D897-408D-893B-77A61982597D"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "CAACE735-003E-4ACB-A82E-C0CF97D7F013" "matchCriteriaId": "306B7CE6-8239-4AED-9ED4-4C9F5B349F58"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "5B921FDB-8E7D-427E-82BE-4432585080CF" "matchCriteriaId": "345FCD64-D37B-425B-B64C-8B1640B7E850"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:microsoft:windows_10_1903:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "C253A63F-03AB-41CB-A03A-B2674DEA98AA" "matchCriteriaId": "9E1ED169-6F03-4BD5-B227-5FA54DB40AD7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1903:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "5C5B5180-1E12-45C2-8275-B9E528955307"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1903:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "B6A0DB01-49CB-4445-AFE8-57C2186857BA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1909:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "9285A9B5-4759-43E7-9589-CDBCA7100605"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1909:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "0D77EA14-F61D-4B9E-A385-70B88C482116"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1909:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "1A6FC9EE-D486-4AFE-A20E-4278468A1779"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_1803:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37097C39-D588-4018-B94D-5EB87B1E3D5A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_1903:-:*:*:*:*:*:*:*",
"matchCriteriaId": "530DF8C9-467C-4F4F-9FCA-CDD934BADF3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_1909:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADE7E7B1-64AC-4986-A50B-0918A42C05BB"
}, },
{ {
"vulnerable": true, "vulnerable": true,

97
CVE-2020/CVE-2020-06xx/CVE-2020-0674.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-0674", "id": "CVE-2020-0674",
"sourceIdentifier": "secure@microsoft.com", "sourceIdentifier": "secure@microsoft.com",
"published": "2020-02-11T22:15:14.883", "published": "2020-02-11T22:15:14.883",
"lastModified": "2025-02-07T16:15:31.490", "lastModified": "2025-04-08T16:00:10.390",
"vulnStatus": "Modified", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -185,38 +185,98 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": false, "vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0" "matchCriteriaId": "A045AC0A-471E-444C-B3B0-4CABC23E8CFB"
}, },
{ {
"vulnerable": false, "vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "E01A4CCA-4C43-46E0-90E6-3E4DBFBACD64" "matchCriteriaId": "28A7FEE9-B473-48A0-B0ED-A5CC1E44194C"
}, },
{ {
"vulnerable": false, "vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "83B14968-3985-43C3-ACE5-8307196EFAE3" "matchCriteriaId": "5E491E46-1917-41FE-8F9A-BB0BDDEB42C3"
}, },
{ {
"vulnerable": false, "vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "7CB85C75-4D35-480E-843D-60579EC75FCB" "matchCriteriaId": "0A1BC97A-263E-4291-8AEF-02EE4E6031E9"
}, },
{ {
"vulnerable": false, "vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:microsoft:windows_10_1709:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "6B8F3DD2-A145-4AF1-8545-CC42892DA3D1" "matchCriteriaId": "555C22C7-356D-4DA7-8CED-DA7423BBC6CF"
}, },
{ {
"vulnerable": false, "vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:microsoft:windows_10_1709:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "3FB5CDAE-C713-4D9D-9D6A-2C2E8924A4BB" "matchCriteriaId": "469F95D3-ABBB-4F1A-A000-BE0F6BD60FF6"
}, },
{ {
"vulnerable": false, "vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:microsoft:windows_10_1709:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "E9273B95-20ED-4547-B0A8-95AD15B30372" "matchCriteriaId": "D76003FB-EE99-4D8E-B6A0-B13C2041E5A0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1803:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "40151476-C0FD-4336-8194-039E8827B7C8"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1803:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "D82F8AF7-ED01-4649-849E-F248F0E02384"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1803:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "C1CFB53B-B17B-47BD-BAC1-C6C5D168FFB6"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "73D24713-D897-408D-893B-77A61982597D"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "306B7CE6-8239-4AED-9ED4-4C9F5B349F58"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "345FCD64-D37B-425B-B64C-8B1640B7E850"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1903:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "9E1ED169-6F03-4BD5-B227-5FA54DB40AD7"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1903:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "5C5B5180-1E12-45C2-8275-B9E528955307"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1903:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "B6A0DB01-49CB-4445-AFE8-57C2186857BA"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1909:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "9285A9B5-4759-43E7-9589-CDBCA7100605"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1909:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "0D77EA14-F61D-4B9E-A385-70B88C482116"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1909:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "1A6FC9EE-D486-4AFE-A20E-4278468A1779"
}, },
{ {
"vulnerable": false, "vulnerable": false,
@ -248,6 +308,11 @@
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
}, },
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{ {
"vulnerable": false, "vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",

22
CVE-2022/CVE-2022-33xx/CVE-2022-3341.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-3341", "id": "CVE-2022-3341",
"sourceIdentifier": "patrick@puiterwijk.org", "sourceIdentifier": "patrick@puiterwijk.org",
"published": "2023-01-12T15:15:10.007", "published": "2023-01-12T15:15:10.007",
"lastModified": "2024-11-21T07:19:19.960", "lastModified": "2025-04-08T16:15:19.387",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
} }
] ]
}, },

19
CVE-2022/CVE-2022-35xx/CVE-2022-3514.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-3514", "id": "CVE-2022-3514",
"sourceIdentifier": "cve@gitlab.com", "sourceIdentifier": "cve@gitlab.com",
"published": "2023-01-12T04:15:08.717", "published": "2023-01-12T04:15:08.717",
"lastModified": "2024-11-21T07:19:41.183", "lastModified": "2025-04-08T16:15:19.627",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-1333" "value": "CWE-1333"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1333"
}
]
} }
], ],
"configurations": [ "configurations": [
@ -169,6 +179,13 @@
"Permissions Required", "Permissions Required",
"Third Party Advisory" "Third Party Advisory"
] ]
},
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/377978",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Broken Link"
]
} }
] ]
} }

32
CVE-2022/CVE-2022-35xx/CVE-2022-3515.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-3515", "id": "CVE-2022-3515",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2023-01-12T15:15:10.187", "published": "2023-01-12T15:15:10.187",
"lastModified": "2024-11-21T07:19:41.320", "lastModified": "2025-04-08T16:15:19.830",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-190" "value": "CWE-190"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
} }
], ],
"configurations": [ "configurations": [

19
CVE-2022/CVE-2022-35xx/CVE-2022-3573.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-3573", "id": "CVE-2022-3573",
"sourceIdentifier": "cve@gitlab.com", "sourceIdentifier": "cve@gitlab.com",
"published": "2023-01-12T04:15:08.803", "published": "2023-01-12T04:15:08.803",
"lastModified": "2024-11-21T07:19:47.797", "lastModified": "2025-04-08T16:15:22.300",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
} }
], ],
"configurations": [ "configurations": [
@ -191,6 +201,13 @@
"Permissions Required", "Permissions Required",
"Third Party Advisory" "Third Party Advisory"
] ]
},
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/378216",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Broken Link"
]
} }
] ]
} }

22
CVE-2022/CVE-2022-35xx/CVE-2022-3592.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-3592", "id": "CVE-2022-3592",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2023-01-12T15:15:10.273", "published": "2023-01-12T15:15:10.273",
"lastModified": "2024-11-21T07:19:50.197", "lastModified": "2025-04-08T16:15:23.333",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
} }
] ]
}, },

12
CVE-2022/CVE-2022-36xx/CVE-2022-3613.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-3613", "id": "CVE-2022-3613",
"sourceIdentifier": "cve@gitlab.com", "sourceIdentifier": "cve@gitlab.com",
"published": "2023-01-12T04:15:08.883", "published": "2023-01-12T04:15:08.883",
"lastModified": "2024-11-21T07:19:52.917", "lastModified": "2025-04-08T16:15:23.557",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -69,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
} }
], ],
"configurations": [ "configurations": [

12
CVE-2022/CVE-2022-40xx/CVE-2022-4037.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4037", "id": "CVE-2022-4037",
"sourceIdentifier": "cve@gitlab.com", "sourceIdentifier": "cve@gitlab.com",
"published": "2023-01-12T04:15:09.910", "published": "2023-01-12T04:15:09.910",
"lastModified": "2024-11-21T07:34:29.540", "lastModified": "2025-04-08T17:15:32.497",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-362" "value": "CWE-362"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
} }
], ],
"configurations": [ "configurations": [

12
CVE-2022/CVE-2022-41xx/CVE-2022-4131.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4131", "id": "CVE-2022-4131",
"sourceIdentifier": "cve@gitlab.com", "sourceIdentifier": "cve@gitlab.com",
"published": "2023-01-12T04:15:10.107", "published": "2023-01-12T04:15:10.107",
"lastModified": "2024-11-21T07:34:38.210", "lastModified": "2025-04-08T17:15:33.520",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-1333" "value": "CWE-1333"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1333"
}
]
} }
], ],
"configurations": [ "configurations": [

12
CVE-2022/CVE-2022-41xx/CVE-2022-4167.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4167", "id": "CVE-2022-4167",
"sourceIdentifier": "cve@gitlab.com", "sourceIdentifier": "cve@gitlab.com",
"published": "2023-01-12T04:15:10.327", "published": "2023-01-12T04:15:10.327",
"lastModified": "2024-11-21T07:34:42.363", "lastModified": "2025-04-08T17:15:33.827",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-863" "value": "CWE-863"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
} }
], ],
"configurations": [ "configurations": [

12
CVE-2022/CVE-2022-43xx/CVE-2022-4345.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4345", "id": "CVE-2022-4345",
"sourceIdentifier": "cve@gitlab.com", "sourceIdentifier": "cve@gitlab.com",
"published": "2023-01-12T04:15:10.663", "published": "2023-01-12T04:15:10.663",
"lastModified": "2024-11-21T07:35:05.870", "lastModified": "2025-04-08T17:15:34.117",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-835" "value": "CWE-835"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-835"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-457xx/CVE-2022-45728.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45728", "id": "CVE-2022-45728",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-01-12T22:15:09.407", "published": "2023-01-12T22:15:09.407",
"lastModified": "2024-11-21T07:29:39.407", "lastModified": "2025-04-08T16:15:23.770",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-457xx/CVE-2022-45729.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45729", "id": "CVE-2022-45729",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-01-12T22:15:09.463", "published": "2023-01-12T22:15:09.463",
"lastModified": "2024-11-21T07:29:39.560", "lastModified": "2025-04-08T16:15:24.010",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-479xx/CVE-2022-47927.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-47927", "id": "CVE-2022-47927",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-01-12T06:15:08.167", "published": "2023-01-12T06:15:08.167",
"lastModified": "2024-11-21T07:32:32.463", "lastModified": "2025-04-08T16:15:24.250",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-732" "value": "CWE-732"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
} }
], ],
"configurations": [ "configurations": [

22
CVE-2023/CVE-2023-341xx/CVE-2023-34124.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-34124", "id": "CVE-2023-34124",
"sourceIdentifier": "PSIRT@sonicwall.com", "sourceIdentifier": "PSIRT@sonicwall.com",
"published": "2023-07-13T01:15:08.723", "published": "2023-07-13T01:15:08.723",
"lastModified": "2025-02-13T17:16:34.607", "lastModified": "2025-04-08T16:15:24.530",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
] ]
}, },

52
CVE-2023/CVE-2023-514xx/CVE-2023-51409.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51409", "id": "CVE-2023-51409",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-12T14:15:07.370", "published": "2024-04-12T14:15:07.370",
"lastModified": "2024-11-21T08:38:03.200", "lastModified": "2025-04-08T16:29:05.930",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 6.0 "impactScore": 6.0
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
] ]
}, },
@ -51,14 +71,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:meowapps:ai_engine:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.9.99",
"matchCriteriaId": "4242BDD1-173B-4657-B0CF-DFBD7192E348"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/ai-engine/wordpress-ai-engine-plugin-1-9-98-unauthenticated-arbitrary-file-upload-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/ai-engine/wordpress-ai-engine-plugin-1-9-98-unauthenticated-arbitrary-file-upload-vulnerability?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://patchstack.com/database/vulnerability/ai-engine/wordpress-ai-engine-plugin-1-9-98-unauthenticated-arbitrary-file-upload-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/ai-engine/wordpress-ai-engine-plugin-1-9-98-unauthenticated-arbitrary-file-upload-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

34
CVE-2024/CVE-2024-17xx/CVE-2024-1712.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1712", "id": "CVE-2024-1712",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2024-04-15T05:15:14.950", "published": "2024-04-15T05:15:14.950",
"lastModified": "2024-11-25T21:15:12.783", "lastModified": "2025-04-08T16:31:49.733",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,14 +51,40 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:majeedraza:carousel_slider:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.2.7",
"matchCriteriaId": "32AEB3CA-3FDB-4940-A871-1CE7E82A642B"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/23805a61-9fcd-4744-a60d-05c8cb43ee01/", "url": "https://wpscan.com/vulnerability/23805a61-9fcd-4744-a60d-05c8cb43ee01/",
"source": "contact@wpscan.com" "source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://wpscan.com/vulnerability/23805a61-9fcd-4744-a60d-05c8cb43ee01/", "url": "https://wpscan.com/vulnerability/23805a61-9fcd-4744-a60d-05c8cb43ee01/",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

70
CVE-2024/CVE-2024-290xx/CVE-2024-29090.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-29090", "id": "CVE-2024-29090",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2024-03-28T06:15:12.447", "published": "2024-03-28T06:15:12.447",
"lastModified": "2025-02-13T18:17:49.383", "lastModified": "2025-04-08T16:38:50.373",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 4.0 "impactScore": 4.0
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 4.0
} }
] ]
}, },
@ -51,26 +71,62 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:meowapps:ai_engine:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.1.5",
"matchCriteriaId": "ADA8F266-6205-4D20-9F8C-E2282248E843"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/ai-engine/wordpress-ai-engine-plugin-2-1-4-server-side-request-forgery-ssrf-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/ai-engine/wordpress-ai-engine-plugin-2-1-4-server-side-request-forgery-ssrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.vicarius.io/vsociety/posts/chaos-in-the-ai-zoo-exploiting-cve-2024-29090-authenticated-ssrf-in-ai-engine-plugin-by-jordy-meow", "url": "https://www.vicarius.io/vsociety/posts/chaos-in-the-ai-zoo-exploiting-cve-2024-29090-authenticated-ssrf-in-ai-engine-plugin-by-jordy-meow",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://patchstack.com/database/vulnerability/ai-engine/wordpress-ai-engine-plugin-2-1-4-server-side-request-forgery-ssrf-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/ai-engine/wordpress-ai-engine-plugin-2-1-4-server-side-request-forgery-ssrf-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.vicarius.io/vsociety/posts/chaos-in-the-ai-zoo-exploiting-cve-2024-29090-authenticated-ssrf-in-ai-engine-plugin-by-jordy-meow", "url": "https://www.vicarius.io/vsociety/posts/chaos-in-the-ai-zoo-exploiting-cve-2024-29090-authenticated-ssrf-in-ai-engine-plugin-by-jordy-meow",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.vicarius.io/vsociety/posts/decoding-the-unseen-threat-exploiting-cve-2024-29090-authenticated-ssrf-in-ai-engine-by-jordy-meow-wordpress-plugin", "url": "https://www.vicarius.io/vsociety/posts/decoding-the-unseen-threat-exploiting-cve-2024-29090-authenticated-ssrf-in-ai-engine-by-jordy-meow-wordpress-plugin",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

52
CVE-2024/CVE-2024-291xx/CVE-2024-29100.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-29100", "id": "CVE-2024-29100",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2024-03-28T06:15:13.223", "published": "2024-03-28T06:15:13.223",
"lastModified": "2024-11-21T09:07:33.233", "lastModified": "2025-04-08T16:40:26.640",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 6.0 "impactScore": 6.0
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
} }
] ]
}, },
@ -51,14 +71,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:meowapps:ai_engine:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.1.5",
"matchCriteriaId": "ADA8F266-6205-4D20-9F8C-E2282248E843"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/ai-engine/wordpress-ai-engine-plugin-2-1-4-arbitrary-file-upload-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/ai-engine/wordpress-ai-engine-plugin-2-1-4-arbitrary-file-upload-vulnerability?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://patchstack.com/database/vulnerability/ai-engine/wordpress-ai-engine-plugin-2-1-4-arbitrary-file-upload-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/ai-engine/wordpress-ai-engine-plugin-2-1-4-arbitrary-file-upload-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

52
CVE-2024/CVE-2024-301xx/CVE-2024-30194.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-30194", "id": "CVE-2024-30194",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2024-03-27T07:15:55.217", "published": "2024-03-27T07:15:55.217",
"lastModified": "2024-11-21T09:11:24.730", "lastModified": "2025-04-08T16:40:00.357",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 3.7 "impactScore": 3.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
} }
] ]
}, },
@ -51,14 +71,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sunshinephotocart:sunshine_photo_cart:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.1.2",
"matchCriteriaId": "9BC47AC7-6C53-4DF2-959B-B81097A16A84"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/sunshine-photo-cart/wordpress-sunshine-photo-cart-plugin-3-1-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/sunshine-photo-cart/wordpress-sunshine-photo-cart-plugin-3-1-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://patchstack.com/database/vulnerability/sunshine-photo-cart/wordpress-sunshine-photo-cart-plugin-3-1-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/sunshine-photo-cart/wordpress-sunshine-photo-cart-plugin-3-1-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

52
CVE-2024/CVE-2024-302xx/CVE-2024-30221.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-30221", "id": "CVE-2024-30221",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2024-03-28T06:15:14.783", "published": "2024-03-28T06:15:14.783",
"lastModified": "2024-11-21T09:11:28.727", "lastModified": "2025-04-08T16:40:47.867",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.2, "exploitabilityScore": 2.2,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
] ]
}, },
@ -51,14 +71,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sunshinephotocart:sunshine_photo_cart:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.1.2",
"matchCriteriaId": "9BC47AC7-6C53-4DF2-959B-B81097A16A84"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/sunshine-photo-cart/wordpress-sunshine-photo-cart-plugin-3-1-1-php-object-injection-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/sunshine-photo-cart/wordpress-sunshine-photo-cart-plugin-3-1-1-php-object-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://patchstack.com/database/vulnerability/sunshine-photo-cart/wordpress-sunshine-photo-cart-plugin-3-1-1-php-object-injection-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/sunshine-photo-cart/wordpress-sunshine-photo-cart-plugin-3-1-1-php-object-injection-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

52
CVE-2024/CVE-2024-302xx/CVE-2024-30224.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-30224", "id": "CVE-2024-30224",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2024-03-28T05:15:50.323", "published": "2024-03-28T05:15:50.323",
"lastModified": "2024-11-21T09:11:29.103", "lastModified": "2025-04-08T16:39:44.773",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 6.0 "impactScore": 6.0
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
] ]
}, },
@ -51,14 +71,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpxpo:wholesalex:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3.3",
"matchCriteriaId": "413DFEA7-FC68-41D6-B2F7-588BFA38F51F"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/wholesalex/wordpress-wholesalex-plugin-1-3-2-unauthenticated-php-object-injection-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/wholesalex/wordpress-wholesalex-plugin-1-3-2-unauthenticated-php-object-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://patchstack.com/database/vulnerability/wholesalex/wordpress-wholesalex-plugin-1-3-2-unauthenticated-php-object-injection-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/wholesalex/wordpress-wholesalex-plugin-1-3-2-unauthenticated-php-object-injection-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

52
CVE-2024/CVE-2024-302xx/CVE-2024-30230.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-30230", "id": "CVE-2024-30230",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2024-03-28T05:15:51.500", "published": "2024-03-28T05:15:51.500",
"lastModified": "2024-11-21T09:11:29.843", "lastModified": "2025-04-08T16:39:31.563",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 5.8 "impactScore": 5.8
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
} }
] ]
}, },
@ -51,14 +71,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acowebs:pdf_invoices_and_packing_slips_for_woocommerce:*:*:*:*:free:wordpress:*:*",
"versionEndExcluding": "1.3.8",
"matchCriteriaId": "6EDE7F8C-E849-4058-BE61-FBEEFA4F0316"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/pdf-invoices-and-packing-slips-for-woocommerce/wordpress-pdf-invoices-and-packing-slips-for-woocommerce-plugin-1-3-7-php-object-injection-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/pdf-invoices-and-packing-slips-for-woocommerce/wordpress-pdf-invoices-and-packing-slips-for-woocommerce-plugin-1-3-7-php-object-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://patchstack.com/database/vulnerability/pdf-invoices-and-packing-slips-for-woocommerce/wordpress-pdf-invoices-and-packing-slips-for-woocommerce-plugin-1-3-7-php-object-injection-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/pdf-invoices-and-packing-slips-for-woocommerce/wordpress-pdf-invoices-and-packing-slips-for-woocommerce-plugin-1-3-7-php-object-injection-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

52
CVE-2024/CVE-2024-302xx/CVE-2024-30236.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-30236", "id": "CVE-2024-30236",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2024-03-28T05:15:51.687", "published": "2024-03-28T05:15:51.687",
"lastModified": "2024-11-21T09:11:30.580", "lastModified": "2025-04-08T16:39:14.740",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.1, "exploitabilityScore": 3.1,
"impactScore": 4.7 "impactScore": 4.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
} }
] ]
}, },
@ -51,14 +71,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:contest-gallery:contest_gallery:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "21.3.5",
"matchCriteriaId": "8893A281-7B94-4AD2-A87C-905949FD332C"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/contest-gallery/wordpress-contest-gallery-plugin-21-3-4-sql-injection-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/contest-gallery/wordpress-contest-gallery-plugin-21-3-4-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://patchstack.com/database/vulnerability/contest-gallery/wordpress-contest-gallery-plugin-21-3-4-sql-injection-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/contest-gallery/wordpress-contest-gallery-plugin-21-3-4-sql-injection-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

52
CVE-2024/CVE-2024-304xx/CVE-2024-30483.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-30483", "id": "CVE-2024-30483",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2024-03-29T13:15:14.940", "published": "2024-03-29T13:15:14.940",
"lastModified": "2024-11-21T09:12:00.800", "lastModified": "2025-04-08T17:05:11.560",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 3.7 "impactScore": 3.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },
@ -51,14 +71,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpsimplesponsorships:simple_sponsorship:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.5.1",
"matchCriteriaId": "442CD134-08CF-423E-8E44-3CD3DC478463"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/wp-sponsors/wordpress-sponsors-plugin-3-5-1-cross-site-scripting-xss-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/wp-sponsors/wordpress-sponsors-plugin-3-5-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://patchstack.com/database/vulnerability/wp-sponsors/wordpress-sponsors-plugin-3-5-1-cross-site-scripting-xss-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/wp-sponsors/wordpress-sponsors-plugin-3-5-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

52
CVE-2024/CVE-2024-304xx/CVE-2024-30488.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-30488", "id": "CVE-2024-30488",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2024-03-29T14:15:11.247", "published": "2024-03-29T14:15:11.247",
"lastModified": "2024-11-21T09:12:01.450", "lastModified": "2025-04-08T17:01:49.073",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.1, "exploitabilityScore": 3.1,
"impactScore": 4.7 "impactScore": 4.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
} }
] ]
}, },
@ -51,14 +71,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:katieseaborn:zotpress:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "7.3.8",
"matchCriteriaId": "C96DE61F-EA12-41CD-9772-4C613E6F4E8D"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/zotpress/wordpress-zotpress-plugin-7-3-7-sql-injection-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/zotpress/wordpress-zotpress-plugin-7-3-7-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://patchstack.com/database/vulnerability/zotpress/wordpress-zotpress-plugin-7-3-7-sql-injection-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/zotpress/wordpress-zotpress-plugin-7-3-7-sql-injection-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

52
CVE-2024/CVE-2024-305xx/CVE-2024-30503.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-30503", "id": "CVE-2024-30503",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2024-03-29T13:15:15.163", "published": "2024-03-29T13:15:15.163",
"lastModified": "2024-11-21T09:12:03.510", "lastModified": "2025-04-08T17:04:31.510",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 3.7 "impactScore": 3.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
} }
] ]
}, },
@ -51,14 +71,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mailster:mailster:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.0.7",
"matchCriteriaId": "09A82B17-81FF-4371-9721-0AE7A1710D42"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/mailster/wordpress-mailster-plugin-4-0-6-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/mailster/wordpress-mailster-plugin-4-0-6-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://patchstack.com/database/vulnerability/mailster/wordpress-mailster-plugin-4-0-6-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/mailster/wordpress-mailster-plugin-4-0-6-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

52
CVE-2024/CVE-2024-305xx/CVE-2024-30519.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-30519", "id": "CVE-2024-30519",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2024-03-29T13:15:15.353", "published": "2024-03-29T13:15:15.353",
"lastModified": "2024-11-21T09:12:05.373", "lastModified": "2025-04-08T17:03:57.723",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 3.7 "impactScore": 3.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },
@ -51,14 +71,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lordicon:lordicon_animated_icons:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.0.1",
"matchCriteriaId": "4B923312-DEDA-4876-AA7F-FE06BF8415C9"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/lordicon-interactive-icons/wordpress-lordicon-animated-icons-plugin-2-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/lordicon-interactive-icons/wordpress-lordicon-animated-icons-plugin-2-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://patchstack.com/database/vulnerability/lordicon-interactive-icons/wordpress-lordicon-animated-icons-plugin-2-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/lordicon-interactive-icons/wordpress-lordicon-animated-icons-plugin-2-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

52
CVE-2024/CVE-2024-305xx/CVE-2024-30520.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-30520", "id": "CVE-2024-30520",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2024-03-29T13:15:15.597", "published": "2024-03-29T13:15:15.597",
"lastModified": "2024-11-21T09:12:05.497", "lastModified": "2025-04-08T17:03:29.167",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 3.7 "impactScore": 3.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },
@ -51,14 +71,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webdevocean:carousel_anything:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.1",
"matchCriteriaId": "19718317-DBC5-40B6-BA1E-5E1A112D39B7"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/carousel-anything/wordpress-carousel-anything-for-wpbakery-page-builder-plugin-2-1-cross-site-scripting-xss-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/carousel-anything/wordpress-carousel-anything-for-wpbakery-page-builder-plugin-2-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://patchstack.com/database/vulnerability/carousel-anything/wordpress-carousel-anything-for-wpbakery-page-builder-plugin-2-1-cross-site-scripting-xss-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/carousel-anything/wordpress-carousel-anything-for-wpbakery-page-builder-plugin-2-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

52
CVE-2024/CVE-2024-312xx/CVE-2024-31240.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31240", "id": "CVE-2024-31240",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-10T16:15:12.047", "published": "2024-04-10T16:15:12.047",
"lastModified": "2024-11-21T09:13:06.373", "lastModified": "2025-04-08T16:34:32.620",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.1, "exploitabilityScore": 3.1,
"impactScore": 4.0 "impactScore": 4.0
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
} }
] ]
}, },
@ -51,14 +71,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:infotheme:wp_poll_maker:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.4",
"matchCriteriaId": "4CDD1BD5-9FD2-49F9-998E-A25CEA5DFE4C"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/epoll-wp-voting/wordpress-wp-poll-maker-plugin-3-1-subscriber-arbitrary-file-deletion-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/epoll-wp-voting/wordpress-wp-poll-maker-plugin-3-1-subscriber-arbitrary-file-deletion-vulnerability?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://patchstack.com/database/vulnerability/epoll-wp-voting/wordpress-wp-poll-maker-plugin-3-1-subscriber-arbitrary-file-deletion-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/epoll-wp-voting/wordpress-wp-poll-maker-plugin-3-1-subscriber-arbitrary-file-deletion-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

52
CVE-2024/CVE-2024-312xx/CVE-2024-31245.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31245", "id": "CVE-2024-31245",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-10T16:15:12.257", "published": "2024-04-10T16:15:12.257",
"lastModified": "2024-11-21T09:13:06.973", "lastModified": "2025-04-08T16:35:33.887",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -51,14 +71,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:convertkit:convertkit_-_email_marketing\\,_email_newsletter_and_landing_pages:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.4.6",
"matchCriteriaId": "235F587D-FEAE-42F9-9FDE-5E9C1AB48E01"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/convertkit/wordpress-convertkit-plugin-2-4-5-email-disclosure-in-log-file-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/convertkit/wordpress-convertkit-plugin-2-4-5-email-disclosure-in-log-file-vulnerability?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://patchstack.com/database/vulnerability/convertkit/wordpress-convertkit-plugin-2-4-5-email-disclosure-in-log-file-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/convertkit/wordpress-convertkit-plugin-2-4-5-email-disclosure-in-log-file-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

52
CVE-2024/CVE-2024-312xx/CVE-2024-31247.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31247", "id": "CVE-2024-31247",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-10T16:15:12.470", "published": "2024-04-10T16:15:12.470",
"lastModified": "2024-11-21T09:13:07.353", "lastModified": "2025-04-08T16:36:09.910",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -51,14 +71,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fredericgilles:fg_drupal:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.71.0",
"matchCriteriaId": "037D5104-6126-4950-BADE-8C72AD299C8B"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/fg-drupal-to-wp/wordpress-fg-drupal-to-wordpress-plugin-3-70-3-sensitive-data-exposure-via-log-file-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/fg-drupal-to-wp/wordpress-fg-drupal-to-wordpress-plugin-3-70-3-sensitive-data-exposure-via-log-file-vulnerability?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://patchstack.com/database/vulnerability/fg-drupal-to-wp/wordpress-fg-drupal-to-wordpress-plugin-3-70-3-sensitive-data-exposure-via-log-file-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/fg-drupal-to-wp/wordpress-fg-drupal-to-wordpress-plugin-3-70-3-sensitive-data-exposure-via-log-file-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

52
CVE-2024/CVE-2024-312xx/CVE-2024-31249.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31249", "id": "CVE-2024-31249",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-10T16:15:12.670", "published": "2024-04-10T16:15:12.670",
"lastModified": "2024-11-21T09:13:07.600", "lastModified": "2025-04-08T16:36:41.943",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -51,14 +71,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "240119",
"matchCriteriaId": "31A32E78-8332-4B20-B597-0A34E48353DE"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/subscribe-to-comments-reloaded/wordpress-subscribe-to-comments-reloaded-plugin-220725-sensitive-data-exposure-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/subscribe-to-comments-reloaded/wordpress-subscribe-to-comments-reloaded-plugin-220725-sensitive-data-exposure-vulnerability?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://patchstack.com/database/vulnerability/subscribe-to-comments-reloaded/wordpress-subscribe-to-comments-reloaded-plugin-220725-sensitive-data-exposure-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/subscribe-to-comments-reloaded/wordpress-subscribe-to-comments-reloaded-plugin-220725-sensitive-data-exposure-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

52
CVE-2024/CVE-2024-312xx/CVE-2024-31253.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31253", "id": "CVE-2024-31253",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-10T16:15:12.867", "published": "2024-04-10T16:15:12.867",
"lastModified": "2024-11-21T09:13:08.120", "lastModified": "2025-04-08T16:37:25.197",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
} }
] ]
}, },
@ -51,14 +71,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wp-oauth:wp_oauth_server:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.4.0",
"matchCriteriaId": "F9E4A526-839D-49D9-8FDD-4ACBCE57E886"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/oauth2-provider/wordpress-wp-oauth-server-oauth-authentication-plugin-4-3-3-open-redirection-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/oauth2-provider/wordpress-wp-oauth-server-oauth-authentication-plugin-4-3-3-open-redirection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://patchstack.com/database/vulnerability/oauth2-provider/wordpress-wp-oauth-server-oauth-authentication-plugin-4-3-3-open-redirection-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/oauth2-provider/wordpress-wp-oauth-server-oauth-authentication-plugin-4-3-3-open-redirection-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

52
CVE-2024/CVE-2024-312xx/CVE-2024-31254.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31254", "id": "CVE-2024-31254",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-10T16:15:13.073", "published": "2024-04-10T16:15:13.073",
"lastModified": "2024-11-21T09:13:08.240", "lastModified": "2025-04-08T16:37:46.997",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.2, "exploitabilityScore": 2.2,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -51,14 +71,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webtoffee:backup_and_migration:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.4.8",
"matchCriteriaId": "F81E07B6-25F9-49FE-977D-4495334178CB"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/wp-migration-duplicator/wordpress-wordpress-backup-migration-plugin-1-4-7-sensitive-data-exposure-via-log-file-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/wp-migration-duplicator/wordpress-wordpress-backup-migration-plugin-1-4-7-sensitive-data-exposure-via-log-file-vulnerability?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://patchstack.com/database/vulnerability/wp-migration-duplicator/wordpress-wordpress-backup-migration-plugin-1-4-7-sensitive-data-exposure-via-log-file-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/wp-migration-duplicator/wordpress-wordpress-backup-migration-plugin-1-4-7-sensitive-data-exposure-via-log-file-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

87
CVE-2024/CVE-2024-36xx/CVE-2024-3685.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3685", "id": "CVE-2024-3685",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2024-04-12T13:15:20.653", "published": "2024-04-12T13:15:20.653",
"lastModified": "2024-11-21T09:30:10.530", "lastModified": "2025-04-08T16:38:03.363",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 3.4 "impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
], ],
"cvssMetricV2": [ "cvssMetricV2": [
@ -76,38 +96,85 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dedecms:dedecms:5.7.112:*:*:*:*:*:*:*",
"matchCriteriaId": "A03BA3DE-8692-483B-AD78-AC288D0250DD"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/Echosssy/CVE/blob/main/Dedecms%E6%9C%80%E6%96%B0%E7%89%88SQL%E6%B3%A8%E5%85%A5.docx", "url": "https://github.com/Echosssy/CVE/blob/main/Dedecms%E6%9C%80%E6%96%B0%E7%89%88SQL%E6%B3%A8%E5%85%A5.docx",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Broken Link"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.260472", "url": "https://vuldb.com/?ctiid.260472",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?id.260472", "url": "https://vuldb.com/?id.260472",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?submit.309447", "url": "https://vuldb.com/?submit.309447",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://github.com/Echosssy/CVE/blob/main/Dedecms%E6%9C%80%E6%96%B0%E7%89%88SQL%E6%B3%A8%E5%85%A5.docx", "url": "https://github.com/Echosssy/CVE/blob/main/Dedecms%E6%9C%80%E6%96%B0%E7%89%88SQL%E6%B3%A8%E5%85%A5.docx",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.260472", "url": "https://vuldb.com/?ctiid.260472",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?id.260472", "url": "https://vuldb.com/?id.260472",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?submit.309447", "url": "https://vuldb.com/?submit.309447",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
} }
] ]
} }

97
CVE-2024/CVE-2024-36xx/CVE-2024-3686.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3686", "id": "CVE-2024-3686",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2024-04-12T14:15:08.003", "published": "2024-04-12T14:15:08.003",
"lastModified": "2024-11-21T09:30:10.667", "lastModified": "2025-04-08T16:29:52.190",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
], ],
"cvssMetricV2": [ "cvssMetricV2": [
@ -74,40 +94,97 @@
"value": "CWE-24" "value": "CWE-24"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dedecms:dedecms:5.7.112:*:*:*:*:*:*:*",
"matchCriteriaId": "A03BA3DE-8692-483B-AD78-AC288D0250DD"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://github.com/Echosssy/CVE/blob/main/Dedecms%E6%9C%80%E6%96%B0%E7%89%88%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E5%88%A0%E9%99%A4%E7%BB%95%E8%BF%87.pdf", "url": "https://github.com/Echosssy/CVE/blob/main/Dedecms%E6%9C%80%E6%96%B0%E7%89%88%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E5%88%A0%E9%99%A4%E7%BB%95%E8%BF%87.pdf",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.260473", "url": "https://vuldb.com/?ctiid.260473",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?id.260473", "url": "https://vuldb.com/?id.260473",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?submit.309454", "url": "https://vuldb.com/?submit.309454",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://github.com/Echosssy/CVE/blob/main/Dedecms%E6%9C%80%E6%96%B0%E7%89%88%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E5%88%A0%E9%99%A4%E7%BB%95%E8%BF%87.pdf", "url": "https://github.com/Echosssy/CVE/blob/main/Dedecms%E6%9C%80%E6%96%B0%E7%89%88%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E5%88%A0%E9%99%A4%E7%BB%95%E8%BF%87.pdf",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.260473", "url": "https://vuldb.com/?ctiid.260473",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?id.260473", "url": "https://vuldb.com/?id.260473",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?submit.309454", "url": "https://vuldb.com/?submit.309454",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
} }
] ]
} }

89
CVE-2024/CVE-2024-37xx/CVE-2024-3767.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3767", "id": "CVE-2024-3767",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2024-04-15T04:15:15.340", "published": "2024-04-15T04:15:15.340",
"lastModified": "2024-11-21T09:30:21.423", "lastModified": "2025-04-08T16:30:20.067",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 3.4 "impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
} }
], ],
"cvssMetricV2": [ "cvssMetricV2": [
@ -76,38 +96,87 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpgurukul:news_portal_project:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7A22B1B-0F21-4439-BCFD-81EAB5F70C3A"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/BurakSevben/CVEs/blob/main/News%20Portal/News%20Portal%20-%20SQL%20Injection%20-%203.md", "url": "https://github.com/BurakSevben/CVEs/blob/main/News%20Portal/News%20Portal%20-%20SQL%20Injection%20-%203.md",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.260614", "url": "https://vuldb.com/?ctiid.260614",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?id.260614", "url": "https://vuldb.com/?id.260614",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?submit.316290", "url": "https://vuldb.com/?submit.316290",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://github.com/BurakSevben/CVEs/blob/main/News%20Portal/News%20Portal%20-%20SQL%20Injection%20-%203.md", "url": "https://github.com/BurakSevben/CVEs/blob/main/News%20Portal/News%20Portal%20-%20SQL%20Injection%20-%203.md",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.260614", "url": "https://vuldb.com/?ctiid.260614",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?id.260614", "url": "https://vuldb.com/?id.260614",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?submit.316290", "url": "https://vuldb.com/?submit.316290",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
} }
] ]
} }

101
CVE-2024/CVE-2024-37xx/CVE-2024-3768.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3768", "id": "CVE-2024-3768",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2024-04-15T04:15:15.673", "published": "2024-04-15T04:15:15.673",
"lastModified": "2024-11-21T09:30:21.563", "lastModified": "2025-04-08T16:30:31.517",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -80,6 +80,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 3.4 "impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
], ],
"cvssMetricV2": [ "cvssMetricV2": [
@ -120,46 +140,103 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpgurukul:news_portal_project:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7A22B1B-0F21-4439-BCFD-81EAB5F70C3A"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/BurakSevben/CVEs/blob/main/News%20Portal/News%20Portal%20-%20SQL%20Injection%20-%204.md", "url": "https://github.com/BurakSevben/CVEs/blob/main/News%20Portal/News%20Portal%20-%20SQL%20Injection%20-%204.md",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/L1OudFd8cl09/CVE/blob/main/25_07_2024_b.md", "url": "https://github.com/L1OudFd8cl09/CVE/blob/main/25_07_2024_b.md",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.260615", "url": "https://vuldb.com/?ctiid.260615",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?id.260615", "url": "https://vuldb.com/?id.260615",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?submit.316291", "url": "https://vuldb.com/?submit.316291",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://github.com/BurakSevben/CVEs/blob/main/News%20Portal/News%20Portal%20-%20SQL%20Injection%20-%204.md", "url": "https://github.com/BurakSevben/CVEs/blob/main/News%20Portal/News%20Portal%20-%20SQL%20Injection%20-%204.md",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/L1OudFd8cl09/CVE/blob/main/25_07_2024_b.md", "url": "https://github.com/L1OudFd8cl09/CVE/blob/main/25_07_2024_b.md",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.260615", "url": "https://vuldb.com/?ctiid.260615",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?id.260615", "url": "https://vuldb.com/?id.260615",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?submit.316291", "url": "https://vuldb.com/?submit.316291",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
} }
] ]
} }

66
CVE-2024/CVE-2024-37xx/CVE-2024-3775.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3775", "id": "CVE-2024-3775",
"sourceIdentifier": "twcert@cert.org.tw", "sourceIdentifier": "twcert@cert.org.tw",
"published": "2024-04-15T04:15:16.137", "published": "2024-04-15T04:15:16.137",
"lastModified": "2024-11-21T09:30:22.403", "lastModified": "2025-04-08T16:30:51.500",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -51,14 +71,52 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:aenrich:a\\+hrd:6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF0E4AE-57D2-4778-8E19-77F585F85EE2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:aenrich:a\\+hrd:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E60AA81B-7D96-4771-902A-FACF58130D97"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:aenrich:a\\+hrd:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F2D47A8A-1486-4C86-84D0-6966CB015A79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:aenrich:a\\+hrd:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AFC4DCEB-8D0A-4836-B7F3-5DD18BBF4441"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.twcert.org.tw/tw/cp-132-7726-e5f70-1.html", "url": "https://www.twcert.org.tw/tw/cp-132-7726-e5f70-1.html",
"source": "twcert@cert.org.tw" "source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.twcert.org.tw/tw/cp-132-7726-e5f70-1.html", "url": "https://www.twcert.org.tw/tw/cp-132-7726-e5f70-1.html",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

51
CVE-2024/CVE-2024-37xx/CVE-2024-3776.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3776", "id": "CVE-2024-3776",
"sourceIdentifier": "twcert@cert.org.tw", "sourceIdentifier": "twcert@cert.org.tw",
"published": "2024-04-15T04:15:16.340", "published": "2024-04-15T04:15:16.340",
"lastModified": "2024-11-21T09:30:22.537", "lastModified": "2025-04-08T16:31:04.280",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
} }
] ]
}, },
@ -51,14 +71,37 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netvision:airpass:2.9.0.231006:*:*:*:*:*:*:*",
"matchCriteriaId": "630BC49B-896E-4876-8A5F-53A85983D25E"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.twcert.org.tw/tw/cp-132-7730-584e3-1.html", "url": "https://www.twcert.org.tw/tw/cp-132-7730-584e3-1.html",
"source": "twcert@cert.org.tw" "source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.twcert.org.tw/tw/cp-132-7730-584e3-1.html", "url": "https://www.twcert.org.tw/tw/cp-132-7730-584e3-1.html",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

51
CVE-2024/CVE-2024-37xx/CVE-2024-3777.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3777", "id": "CVE-2024-3777",
"sourceIdentifier": "twcert@cert.org.tw", "sourceIdentifier": "twcert@cert.org.tw",
"published": "2024-04-15T04:15:16.553", "published": "2024-04-15T04:15:16.553",
"lastModified": "2024-11-21T09:30:22.660", "lastModified": "2025-04-08T16:31:20.500",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
] ]
}, },
@ -51,14 +71,37 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ai3:qbibot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57AA182A-EAE2-4304-803F-AF9A061002AE"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.twcert.org.tw/tw/cp-132-7732-9a54e-1.html", "url": "https://www.twcert.org.tw/tw/cp-132-7732-9a54e-1.html",
"source": "twcert@cert.org.tw" "source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.twcert.org.tw/tw/cp-132-7732-9a54e-1.html", "url": "https://www.twcert.org.tw/tw/cp-132-7732-9a54e-1.html",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

51
CVE-2024/CVE-2024-37xx/CVE-2024-3778.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3778", "id": "CVE-2024-3778",
"sourceIdentifier": "twcert@cert.org.tw", "sourceIdentifier": "twcert@cert.org.tw",
"published": "2024-04-15T04:15:16.747", "published": "2024-04-15T04:15:16.747",
"lastModified": "2024-11-21T09:30:22.783", "lastModified": "2025-04-08T16:31:34.400",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.2, "exploitabilityScore": 1.2,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
} }
] ]
}, },
@ -51,14 +71,37 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ai3:qbibot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57AA182A-EAE2-4304-803F-AF9A061002AE"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.twcert.org.tw/tw/cp-132-7732-9a54e-1.html", "url": "https://www.twcert.org.tw/tw/cp-132-7732-9a54e-1.html",
"source": "twcert@cert.org.tw" "source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.twcert.org.tw/tw/cp-132-7732-9a54e-1.html", "url": "https://www.twcert.org.tw/tw/cp-132-7732-9a54e-1.html",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

56
CVE-2024/CVE-2024-488xx/CVE-2024-48887.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-48887",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-04-08T17:15:34.440",
"lastModified": "2025-04-08T17:15:34.440",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A unverified password change vulnerability in Fortinet FortiSwitch GUI may allow a remote unauthenticated attacker to change admin passwords via a specially crafted request"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-620"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-435",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-529xx/CVE-2024-52974.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-52974",
"sourceIdentifier": "bressers@elastic.co",
"published": "2025-04-08T17:15:34.653",
"lastModified": "2025-04-08T17:15:34.653",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue has been identified where a specially crafted request sent to an Observability API could cause the kibana server to crash.\n\nA successful attack requires a malicious user to have read permissions for Observability assigned to them."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "bressers@elastic.co",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "bressers@elastic.co",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://discuss.elastic.co/t/kibana-7-17-23-and-8-15-1-security-update-esa-2024-36/376923",
"source": "bressers@elastic.co"
}
]
}

56
CVE-2024/CVE-2024-529xx/CVE-2024-52980.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-52980",
"sourceIdentifier": "bressers@elastic.co",
"published": "2025-04-08T17:15:34.880",
"lastModified": "2025-04-08T17:15:34.880",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was discovered in Elasticsearch, where a large recursion using the innerForbidCircularReferences function of the PatternBank class could cause the Elasticsearch node to crash.\n\nA successful attack requires a malicious user to have read_pipeline Elasticsearch cluster privilege assigned to them."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "bressers@elastic.co",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "bressers@elastic.co",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://discuss.elastic.co/t/elasticsearch-8-15-1-security-update-esa-2024-34/376919",
"source": "bressers@elastic.co"
}
]
}

56
CVE-2024/CVE-2024-529xx/CVE-2024-52981.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-52981",
"sourceIdentifier": "bressers@elastic.co",
"published": "2025-04-08T17:15:35.187",
"lastModified": "2025-04-08T17:15:35.187",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Elasticsearch, where a large recursion using the Well-KnownText formatted string with nested GeometryCollection objects could cause a stackoverflow."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "bressers@elastic.co",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "bressers@elastic.co",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://discuss.elastic.co/t/elasticsearch-7-17-24-and-8-15-1-security-update-esa-2024-37/376924",
"source": "bressers@elastic.co"
}
]
}

52
CVE-2024/CVE-2024-578xx/CVE-2024-57835.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-57835", "id": "CVE-2024-57835",
"sourceIdentifier": "9b29abf9-4ab0-4765-b253-1875cd9b441e", "sourceIdentifier": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"published": "2025-04-05T16:15:32.143", "published": "2025-04-05T16:15:32.143",
"lastModified": "2025-04-07T19:15:54.490", "lastModified": "2025-04-08T16:48:07.570",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -49,24 +49,64 @@
"value": "CWE-338" "value": "CWE-338"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-338"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nipotan:line_integration_for_amon2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.04",
"matchCriteriaId": "111E0891-2A13-4EFB-BFA7-24C832E4594F"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://metacpan.org/release/SHLOMIF/String-Random-0.32/source/lib/String/Random.pm#L377", "url": "https://metacpan.org/release/SHLOMIF/String-Random-0.32/source/lib/String/Random.pm#L377",
"source": "9b29abf9-4ab0-4765-b253-1875cd9b441e" "source": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"tags": [
"Product"
]
}, },
{ {
"url": "https://metacpan.org/release/TANIGUCHI/Amon2-Auth-Site-LINE-0.04/source/lib/Amon2/Auth/Site/LINE.pm#L235", "url": "https://metacpan.org/release/TANIGUCHI/Amon2-Auth-Site-LINE-0.04/source/lib/Amon2/Auth/Site/LINE.pm#L235",
"source": "9b29abf9-4ab0-4765-b253-1875cd9b441e" "source": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"tags": [
"Product"
]
}, },
{ {
"url": "https://metacpan.org/release/TANIGUCHI/Amon2-Auth-Site-LINE-0.04/source/lib/Amon2/Auth/Site/LINE.pm#L255", "url": "https://metacpan.org/release/TANIGUCHI/Amon2-Auth-Site-LINE-0.04/source/lib/Amon2/Auth/Site/LINE.pm#L255",
"source": "9b29abf9-4ab0-4765-b253-1875cd9b441e" "source": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"tags": [
"Product"
]
}, },
{ {
"url": "https://security.metacpan.org/docs/guides/random-data-for-security.html", "url": "https://security.metacpan.org/docs/guides/random-data-for-security.html",
"source": "9b29abf9-4ab0-4765-b253-1875cd9b441e" "source": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"tags": [
"Technical Description"
]
} }
] ]
} }

63
CVE-2024/CVE-2024-581xx/CVE-2024-58131.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-58131", "id": "CVE-2024-58131",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-04-06T03:15:13.967", "published": "2025-04-06T03:15:13.967",
"lastModified": "2025-04-07T14:17:50.220", "lastModified": "2025-04-08T16:45:17.107",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.2, "exploitabilityScore": 2.2,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 3.7,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4
} }
] ]
}, },
@ -49,16 +69,51 @@
"value": "CWE-821" "value": "CWE-821"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-662"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fisco-bcos:fisco-bcos:3.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3B2555C-B485-46AF-B5F2-926798817527"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://github.com/FISCO-BCOS/FISCO-BCOS/issues/4656", "url": "https://github.com/FISCO-BCOS/FISCO-BCOS/issues/4656",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}, },
{ {
"url": "https://github.com/FISCO-BCOS/FISCO-BCOS/issues/4656", "url": "https://github.com/FISCO-BCOS/FISCO-BCOS/issues/4656",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Issue Tracking"
]
} }
] ]
} }

56
CVE-2025/CVE-2025-10xx/CVE-2025-1095.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-1095",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-04-08T16:15:24.910",
"lastModified": "2025-04-08T16:15:24.910",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Personal Communications v14 and v15 include a Windows service that is vulnerable to local privilege escalation (LPE). The vulnerability allows any interactively logged in users on the target computer to run commands with full privileges in the context of NT AUTHORITY\\SYSTEM. This allows for a low privileged attacker to escalate their privileges. This vulnerability is due to an incomplete fix for CVE-2024-25029."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7230335",
"source": "psirt@us.ibm.com"
}
]
}

78
CVE-2025/CVE-2025-22xx/CVE-2025-2285.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2025-2285",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2025-04-08T16:15:26.303",
"lastModified": "2025-04-08T16:15:26.303",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A local code execution vulnerability exists in the Rockwell Automation\u00a0Arena\u00ae \u00a0due to an uninitialized pointer. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerability a legitimate user must open a malicious DOE file."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-457"
}
]
}
],
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1726.html",
"source": "PSIRT@rockwellautomation.com"
}
]
}

78
CVE-2025/CVE-2025-22xx/CVE-2025-2286.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2025-2286",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2025-04-08T16:15:26.480",
"lastModified": "2025-04-08T16:15:26.480",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A local code execution vulnerability exists in the Rockwell Automation\u00a0Arena\u00ae \u00a0due to an uninitialized pointer. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerability a legitimate user must open a malicious DOE file."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-457"
}
]
}
],
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1726.html",
"source": "PSIRT@rockwellautomation.com"
}
]
}

78
CVE-2025/CVE-2025-22xx/CVE-2025-2287.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2025-2287",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2025-04-08T16:15:26.620",
"lastModified": "2025-04-08T16:15:26.620",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A local code execution vulnerability exists in the Rockwell Automation\u00a0Arena\u00ae \u00a0due to an uninitialized pointer. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerability a legitimate user must open a malicious DOE file."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-457"
}
]
}
],
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1726.html",
"source": "PSIRT@rockwellautomation.com"
}
]
}

78
CVE-2025/CVE-2025-22xx/CVE-2025-2288.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2025-2288",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2025-04-08T16:15:26.750",
"lastModified": "2025-04-08T16:15:26.750",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A local code execution vulnerability exists in the Rockwell Automation\u00a0Arena\u00ae\u00a0due to a threat actor being able to write outside of the allocated memory buffer. The flaw is a result of improper validation of user-supplied data. \u00a0If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerability a legitimate user must open a malicious DOE file."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1726.html",
"source": "PSIRT@rockwellautomation.com"
}
]
}

78
CVE-2025/CVE-2025-22xx/CVE-2025-2293.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2025-2293",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2025-04-08T16:15:26.887",
"lastModified": "2025-04-08T16:15:26.887",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A local code execution vulnerability exists in the Rockwell Automation\u00a0Arena\u00ae\u00a0due to a threat actor being able to write outside of the allocated memory buffer. The flaw is a result of improper validation of user-supplied data. \u00a0If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerability a legitimate user must open a malicious DOE file."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1726.html",
"source": "PSIRT@rockwellautomation.com"
}
]
}

33
CVE-2025/CVE-2025-252xx/CVE-2025-25226.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2025-25226",
"sourceIdentifier": "security@joomla.org",
"published": "2025-04-08T17:15:35.453",
"lastModified": "2025-04-08T17:15:35.453",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper handling of identifiers lead to a SQL injection vulnerability in the quoteNameStr method of the database package. Please note: the affected method is a protected method. It has no usages in the original packages in neither the 2.x nor 3.x branch and therefore the vulnerability in question can not be exploited when using the original database class. However, classes extending the affected class might be affected, if the vulnerable method is used."
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@joomla.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://developer.joomla.org/security-centre/963-20250401-framework-sql-injection-vulnerability-in-quotenamestr-method-of-database-package.html",
"source": "security@joomla.org"
}
]
}

33
CVE-2025/CVE-2025-252xx/CVE-2025-25227.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2025-25227",
"sourceIdentifier": "security@joomla.org",
"published": "2025-04-08T17:15:35.610",
"lastModified": "2025-04-08T17:15:35.610",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Insufficient state checks lead to a vector that allows to bypass 2FA checks."
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@joomla.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"references": [
{
"url": "https://developer.joomla.org/security-centre/964-20250402-core-mfa-authentication-bypass.html",
"source": "security@joomla.org"
}
]
}

56
CVE-2025/CVE-2025-270xx/CVE-2025-27078.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-27078",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2025-04-08T16:15:25.683",
"lastModified": "2025-04-08T17:15:35.767",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in a system binary of AOS-8 Instant and AOS-10 AP could allow an authenticated remote attacker to inject commands into the underlying operating system while using the CLI. Successful exploitation could lead to complete system compromise."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-alert@hpe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04844en_us&docLocale=en_US",
"source": "security-alert@hpe.com"
}
]
}

56
CVE-2025/CVE-2025-270xx/CVE-2025-27079.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-27079",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2025-04-08T16:15:25.837",
"lastModified": "2025-04-08T17:15:35.970",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the file creation process on the command line interface of AOS-8 Instant and AOS-10 AP could allow an authenticated remote attacker to perform remote code execution (RCE). Successful exploitation could allow an attacker to execute arbitrary operating system commands on the underlying operating system leading to potential system compromise."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-alert@hpe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04844en_us&docLocale=en_US",
"source": "security-alert@hpe.com"
}
]
}

44
CVE-2025/CVE-2025-270xx/CVE-2025-27082.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2025-27082",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2025-04-08T17:15:36.233",
"lastModified": "2025-04-08T17:15:36.233",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Arbitrary File Write vulnerabilities exist in the web-based management interface of both the AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an Authenticated attacker to upload arbitrary files and execute arbitrary commands on the underlying host operating system."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-alert@hpe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04845en_us&docLocale=en_US",
"source": "security-alert@hpe.com"
}
]
}

44
CVE-2025/CVE-2025-270xx/CVE-2025-27083.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2025-27083",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2025-04-08T17:15:36.500",
"lastModified": "2025-04-08T17:15:36.500",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Authenticated command injection vulnerabilities exist in the AOS-10 GW and AOS-8 Controller/Mobility Conductor web-based management interface. Successful exploitation of these vulnerabilities allows an Authenticated attacker to execute arbitrary commands as a privileged user on the underlying operating system."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-alert@hpe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04845en_us&docLocale=en_US",
"source": "security-alert@hpe.com"
}
]
}

44
CVE-2025/CVE-2025-270xx/CVE-2025-27084.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2025-27084",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2025-04-08T17:15:36.700",
"lastModified": "2025-04-08T17:15:36.700",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Captive Portal of an AOS-10 GW and AOS-8 Controller/Mobility Conductor could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack. Successful exploitation could enable the attacker to execute arbitrary script code in the victim's browser within the context of the affected interface."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-alert@hpe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04845en_us&docLocale=en_US",
"source": "security-alert@hpe.com"
}
]
}

44
CVE-2025/CVE-2025-270xx/CVE-2025-27085.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2025-27085",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2025-04-08T17:15:36.887",
"lastModified": "2025-04-08T17:15:36.887",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities exist in the web-based management interface of AOS-10 GW and AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated, remote attacker to download arbitrary files from the filesystem of an affected device."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-alert@hpe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04845en_us&docLocale=en_US",
"source": "security-alert@hpe.com"
}
]
}

56
CVE-2025/CVE-2025-274xx/CVE-2025-27441.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-27441",
"sourceIdentifier": "security@zoom.us",
"published": "2025-04-08T17:15:37.080",
"lastModified": "2025-04-08T17:15:37.080",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross site scripting in some Zoom Workplace Apps may allow an unauthenticated user to conduct a loss of integrity via adjacent network access."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@zoom.us",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.1,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security@zoom.us",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://www.zoom.com/en/trust/security-bulletin/zsb-25013",
"source": "security@zoom.us"
}
]
}

56
CVE-2025/CVE-2025-274xx/CVE-2025-27442.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-27442",
"sourceIdentifier": "security@zoom.us",
"published": "2025-04-08T17:15:37.487",
"lastModified": "2025-04-08T17:15:37.487",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross site scripting in some Zoom Workplace Apps may allow an unauthenticated user to conduct a loss of integrity via adjacent network access."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@zoom.us",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.1,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security@zoom.us",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://www.zoom.com/en/trust/security-bulletin/zsb-25013",
"source": "security@zoom.us"
}
]
}

56
CVE-2025/CVE-2025-274xx/CVE-2025-27443.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-27443",
"sourceIdentifier": "security@zoom.us",
"published": "2025-04-08T17:15:38.113",
"lastModified": "2025-04-08T17:15:38.113",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Insecure default variable initialization in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a loss of integrity via local access."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@zoom.us",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 2.8,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.3,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@zoom.us",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1188"
}
]
}
],
"references": [
{
"url": "https://www.zoom.com/en/trust/security-bulletin/zsb-25014",
"source": "security@zoom.us"
}
]
}

47
CVE-2025/CVE-2025-284xx/CVE-2025-28413.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2025-28413", "id": "CVE-2025-28413",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-04-07T16:15:25.543", "published": "2025-04-07T16:15:25.543",
"lastModified": "2025-04-07T16:15:25.543", "lastModified": "2025-04-08T16:15:25.983",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the SysDictTypeController component" "value": "An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the SysDictTypeController component"
},
{
"lang": "es",
"value": "Un problema en RUoYi v.4.8.0 permite que un atacante remoto escale privilegios a trav\u00e9s del componente SysDictTypeController"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
} }
], ],
"metrics": {},
"references": [ "references": [
{ {
"url": "https://github.com/20210607/cve_public/blob/main/ruoyi_case/CVE-2025-28413.md", "url": "https://github.com/20210607/cve_public/blob/main/ruoyi_case/CVE-2025-28413.md",
@ -20,6 +59,10 @@
{ {
"url": "https://github.com/yangzongzhuan/RuoYi", "url": "https://github.com/yangzongzhuan/RuoYi",
"source": "cve@mitre.org" "source": "cve@mitre.org"
},
{
"url": "https://github.com/20210607/cve_public/blob/main/ruoyi_case/CVE-2025-28413.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
} }
] ]
} }

78
CVE-2025/CVE-2025-28xx/CVE-2025-2829.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2025-2829",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2025-04-08T16:15:27.133",
"lastModified": "2025-04-08T16:15:27.133",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A local code execution vulnerability exists in the Rockwell Automation\u00a0Arena\u00ae\u00a0due to a threat actor being able to write outside of the allocated memory buffer. The flaw is a result of improper validation of user-supplied data. \u00a0If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerability a legitimate user must open a malicious DOE file."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1726.html",
"source": "PSIRT@rockwellautomation.com"
}
]
}

39
CVE-2025/CVE-2025-304xx/CVE-2025-30401.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-30401", "id": "CVE-2025-30401",
"sourceIdentifier": "cve-assign@fb.com", "sourceIdentifier": "cve-assign@fb.com",
"published": "2025-04-05T12:15:14.540", "published": "2025-04-05T12:15:14.540",
"lastModified": "2025-04-07T19:15:56.223", "lastModified": "2025-04-08T16:48:26.703",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -39,10 +39,43 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:whatsapp:whatsapp:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "2.2450.6",
"matchCriteriaId": "2A3F57F6-8A7D-4EF5-9473-A36DF09278D0"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.facebook.com/security/advisories/cve-2025-30401", "url": "https://www.facebook.com/security/advisories/cve-2025-30401",
"source": "cve-assign@fb.com" "source": "cve-assign@fb.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

56
CVE-2025/CVE-2025-306xx/CVE-2025-30670.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-30670",
"sourceIdentifier": "security@zoom.us",
"published": "2025-04-08T17:15:38.413",
"lastModified": "2025-04-08T17:15:38.413",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Null pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@zoom.us",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@zoom.us",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [
{
"url": "https://www.zoom.com/en/trust/security-bulletin/zsb-25015",
"source": "security@zoom.us"
}
]
}

56
CVE-2025/CVE-2025-306xx/CVE-2025-30671.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-30671",
"sourceIdentifier": "security@zoom.us",
"published": "2025-04-08T17:15:38.607",
"lastModified": "2025-04-08T17:15:38.607",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Null pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@zoom.us",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@zoom.us",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [
{
"url": "https://www.zoom.com/en/trust/security-bulletin/zsb-25015",
"source": "security@zoom.us"
}
]
}

64
CVE-2025/CVE-2025-320xx/CVE-2025-32017.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2025-32017",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-04-08T16:15:27.320",
"lastModified": "2025-04-08T16:15:27.320",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Umbraco is a free and open source .NET content management system. Authenticated users to the Umbraco backoffice are able to craft management API request that exploit a path traversal vulnerability to upload files into a incorrect location. The issue affects Umbraco 14+ and is patched in 14.3.4 and 15.3.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-23"
}
]
}
],
"references": [
{
"url": "https://github.com/umbraco/Umbraco-CMS/commit/06a2a500b358ce15b1e228391eb60bd517c6e833",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/umbraco/Umbraco-CMS/commit/d3c1443b14b1076faf13d1bcecc42860fdf5fad8",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-q62r-8ppj-xvf4",
"source": "security-advisories@github.com"
}
]
}

56
CVE-2025/CVE-2025-320xx/CVE-2025-32018.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-32018",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-04-08T16:15:27.487",
"lastModified": "2025-04-08T16:15:27.487",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cursor is a code editor built for programming with AI. In versions 0.45.0 through 0.48.6, the Cursor app introduced a regression affecting the set of file paths the Cursor Agent is permitted to modify automatically. Under specific conditions, the agent could be prompted, either directly by the user or via maliciously crafted context, to automatically write to files outside of the opened workspace. This behavior required deliberate prompting, making successful exploitation highly impractical in real-world scenarios. Furthermore, the edited file was still displayed in the UI as usual for user review, making it unlikely for the edit to go unnoticed by the user. This vulnerability is fixed in 0.48.7."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://github.com/getcursor/cursor/security/advisories/GHSA-qjh8-mh96-fc86",
"source": "security-advisories@github.com"
}
]
}

82
CVE-2025/CVE-2025-320xx/CVE-2025-32024.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2025-32024",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-04-08T16:15:27.703",
"lastModified": "2025-04-08T16:15:27.703",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "bep/imagemeta is a Go library for reading EXIF, IPTC and XMP image meta data from JPEG, TIFF, PNG, and WebP files. The EXIF data format allows for defining excessively large data structures in relatively small payloads. Before v0.10.0, If you didn't trust the input images, this could be abused to construct denial-of-service attacks. v0.10.0 added LimitNumTags (default 5000) and LimitTagSize (default 10000) options."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"references": [
{
"url": "https://github.com/bep/imagemeta/commit/4fd89616d8bf7f9bb892360d3fb19080ec2b4602",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/bep/imagemeta/security/advisories/GHSA-q7rw-w4cq-2j6w",
"source": "security-advisories@github.com"
}
]
}

82
CVE-2025/CVE-2025-320xx/CVE-2025-32025.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2025-32025",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-04-08T16:15:27.873",
"lastModified": "2025-04-08T16:15:27.873",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "bep/imagemeta is a Go library for reading EXIF, IPTC and XMP image meta data from JPEG, TIFF, PNG, and WebP files. The buffer created for parsing metadata for PNG and WebP images was only bounded by their input data type, which could lead to potentially large memory allocation, and unreasonably high for image metadata. Before v0.11.0, If you didn't trust the input images, this could be abused to construct denial-of-service attacks. v0.11.0 added a 10 MB upper limit."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"references": [
{
"url": "https://github.com/bep/imagemeta/commit/ee0de9b029f4e82106729f69559f27c9a404229d",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/bep/imagemeta/security/advisories/GHSA-fmhh-rw3h-785m",
"source": "security-advisories@github.com"
}
]
}

56
CVE-2025/CVE-2025-320xx/CVE-2025-32026.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-32026",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-04-08T16:15:28.023",
"lastModified": "2025-04-08T16:15:28.023",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Element Web is a Matrix web client built using the Matrix React SDK. Element Web, starting from version 1.11.16 up to version 1.11.96, can be configured to load Element Call from an external URL. Under certain conditions, the external page is able to get access to the media encryption keys used for an Element Call call. Version 1.11.97 fixes the problem."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 3.8,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.2,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-497"
}
]
}
],
"references": [
{
"url": "https://github.com/element-hq/element-web/security/advisories/GHSA-69q3-jg79-cg79",
"source": "security-advisories@github.com"
}
]
}

56
CVE-2025/CVE-2025-320xx/CVE-2025-32028.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-32028",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-04-08T16:15:28.180",
"lastModified": "2025-04-08T16:15:28.180",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HAX CMS PHP allows you to manage your microsite universe with PHP backend. Multiple file upload functions within the HAX CMS PHP application call a \u2019save\u2019 function in \u2019HAXCMSFile.php\u2019. This save function uses a denylist to block specific file types from being uploaded to the server. This list is non-exhaustive and only blocks \u2019.php\u2019, \u2019.sh\u2019, \u2019.js\u2019, and \u2019.css\u2019 files. The existing logic causes the system to \"fail open\" rather than \"fail closed.\" This vulnerability is fixed in 10.0.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://github.com/haxtheweb/issues/security/advisories/GHSA-vj5q-3jv2-cg5p",
"source": "security-advisories@github.com"
}
]
}

56
CVE-2025/CVE-2025-321xx/CVE-2025-32117.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-32117",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-04-08T17:15:38.837",
"lastModified": "2025-04-08T17:15:38.837",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OTWthemes Widgetize Pages Light allows Reflected XSS. This issue affects Widgetize Pages Light: from n/a through 3.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/widgetize-pages-light/vulnerability/wordpress-widgetize-pages-light-plugin-3-0-reflected-cross-site-scripting-xss-vulnerability-2?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-321xx/CVE-2025-32164.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-32164",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-04-08T17:15:39.143",
"lastModified": "2025-04-08T17:15:39.143",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in maennchen1.de m1.DownloadList. This issue affects m1.DownloadList: from n/a through 0.21."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-497"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/m1downloadlist/vulnerability/wordpress-m1-downloadlist-plugin-0-21-sensitive-data-exposure-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-322xx/CVE-2025-32211.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-32211",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-04-08T17:15:39.407",
"lastModified": "2025-04-08T17:15:39.407",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Broadstreet Broadstreet allows Stored XSS. This issue affects Broadstreet: from n/a through 1.51.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/broadstreet/vulnerability/wordpress-broadstreet-plugin-1-51-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-322xx/CVE-2025-32279.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-32279",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-04-08T17:15:39.600",
"lastModified": "2025-04-08T17:15:39.600",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Shahjada Live Forms. This issue affects Live Forms: from n/a through 4.8.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/liveforms/vulnerability/wordpress-live-forms-plugin-4-8-5-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

63
CVE-2025/CVE-2025-323xx/CVE-2025-32369.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-32369", "id": "CVE-2025-32369",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-04-06T06:15:15.470", "published": "2025-04-06T06:15:15.470",
"lastModified": "2025-04-07T14:17:50.220", "lastModified": "2025-04-08T17:27:42.950",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.1, "exploitabilityScore": 3.1,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },
@ -49,16 +69,51 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kentico:xperience:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.0.181",
"matchCriteriaId": "10B62A1E-3257-4208-8F1F-3E584EF14233"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://devnet.kentico.com/download/hotfixes", "url": "https://devnet.kentico.com/download/hotfixes",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}, },
{ {
"url": "https://labs.watchtowr.com/xss-to-rce-by-abusing-custom-file-handlers-kentico-xperience-cms-cve-2025-2748/", "url": "https://labs.watchtowr.com/xss-to-rce-by-abusing-custom-file-handlers-kentico-xperience-cms-cve-2025-2748/",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

10
CVE-2025/CVE-2025-324xx/CVE-2025-32409.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-32409", "id": "CVE-2025-32409",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-04-07T22:15:16.963", "published": "2025-04-07T22:15:16.963",
"lastModified": "2025-04-07T22:15:16.963", "lastModified": "2025-04-08T16:15:28.547",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Ratta SuperNote A6 X2 Nomad before December 2024 allows remote code execution because an arbitrary firmware image (signed with debug keys) can be sent to TCP port 60002, and placed into the correct image-update location as a consequence of both directory traversal and unintended handling of concurrency." "value": "Ratta SuperNote A6 X2 Nomad before December 2024 allows remote code execution because an arbitrary firmware image (signed with debug keys) can be sent to TCP port 60002, and placed into the correct image-update location as a consequence of both directory traversal and unintended handling of concurrency."
},
{
"lang": "es",
"value": "Ratta SuperNote A6 X2 Nomad antes de diciembre de 2024 permite la ejecuci\u00f3n remota de c\u00f3digo porque se puede enviar una imagen de firmware arbitraria (firmada con claves de depuraci\u00f3n) al puerto TCP 60002 y colocarla en la ubicaci\u00f3n de actualizaci\u00f3n de imagen correcta como consecuencia tanto de directory traversal como de la gesti\u00f3n no intencionado de la simultaneidad."
} }
], ],
"metrics": { "metrics": {
@ -51,6 +55,10 @@
{ {
"url": "https://www.prizmlabs.io/post/remote-rootkits-uncovering-a-0-click-rce-in-the-supernote-nomad-e-ink-tablet", "url": "https://www.prizmlabs.io/post/remote-rootkits-uncovering-a-0-click-rce-in-the-supernote-nomad-e-ink-tablet",
"source": "cve@mitre.org" "source": "cve@mitre.org"
},
{
"url": "https://www.prizmlabs.io/post/remote-rootkits-uncovering-a-0-click-rce-in-the-supernote-nomad-e-ink-tablet",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
} }
] ]
} }

86
CVE-2025/CVE-2025-32xx/CVE-2025-3206.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-3206", "id": "CVE-2025-3206",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-04T04:15:39.357", "published": "2025-04-04T04:15:39.357",
"lastModified": "2025-04-07T14:18:15.560", "lastModified": "2025-04-08T17:59:46.877",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -80,6 +80,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 3.4 "impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
], ],
"cvssMetricV2": [ "cvssMetricV2": [
@ -122,32 +142,82 @@
"value": "CWE-89" "value": "CWE-89"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:code-projects:hospital_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B669C3F2-082D-4374-B9E6-FDE5539B20CF"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://code-projects.org/", "url": "https://code-projects.org/",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://github.com/Lanxiy7th/lx_CVE_report-/issues/19", "url": "https://github.com/Lanxiy7th/lx_CVE_report-/issues/19",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.303160", "url": "https://vuldb.com/?ctiid.303160",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?id.303160", "url": "https://vuldb.com/?id.303160",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?submit.545895", "url": "https://vuldb.com/?submit.545895",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://github.com/Lanxiy7th/lx_CVE_report-/issues/19", "url": "https://github.com/Lanxiy7th/lx_CVE_report-/issues/19",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

86
CVE-2025/CVE-2025-32xx/CVE-2025-3207.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-3207", "id": "CVE-2025-3207",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-04T04:15:39.603", "published": "2025-04-04T04:15:39.603",
"lastModified": "2025-04-07T14:18:15.560", "lastModified": "2025-04-08T17:56:53.623",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -80,6 +80,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 3.4 "impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
], ],
"cvssMetricV2": [ "cvssMetricV2": [
@ -122,32 +142,82 @@
"value": "CWE-89" "value": "CWE-89"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:code-projects:patient_record_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3A18F6F3-1FDD-4D63-BFB1-6E520B4EAA45"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://code-projects.org/", "url": "https://code-projects.org/",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://github.com/2364490073/cve1/blob/main/README.md", "url": "https://github.com/2364490073/cve1/blob/main/README.md",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.303161", "url": "https://vuldb.com/?ctiid.303161",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?id.303161", "url": "https://vuldb.com/?id.303161",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?submit.545934", "url": "https://vuldb.com/?submit.545934",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://github.com/2364490073/cve1/blob/main/README.md", "url": "https://github.com/2364490073/cve1/blob/main/README.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

86
CVE-2025/CVE-2025-32xx/CVE-2025-3208.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-3208", "id": "CVE-2025-3208",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-04T05:15:46.367", "published": "2025-04-04T05:15:46.367",
"lastModified": "2025-04-07T14:18:15.560", "lastModified": "2025-04-08T17:48:42.087",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -80,6 +80,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 3.4 "impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
], ],
"cvssMetricV2": [ "cvssMetricV2": [
@ -122,32 +142,82 @@
"value": "CWE-89" "value": "CWE-89"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:code-projects:patient_record_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3A18F6F3-1FDD-4D63-BFB1-6E520B4EAA45"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://code-projects.org/", "url": "https://code-projects.org/",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://github.com/ZOKEYE/CVE/blob/main/cve2.md", "url": "https://github.com/ZOKEYE/CVE/blob/main/cve2.md",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.303162", "url": "https://vuldb.com/?ctiid.303162",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?id.303162", "url": "https://vuldb.com/?id.303162",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?submit.545960", "url": "https://vuldb.com/?submit.545960",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://github.com/ZOKEYE/CVE/blob/main/cve2.md", "url": "https://github.com/ZOKEYE/CVE/blob/main/cve2.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

86
CVE-2025/CVE-2025-32xx/CVE-2025-3210.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-3210", "id": "CVE-2025-3210",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-04T05:15:46.817", "published": "2025-04-04T05:15:46.817",
"lastModified": "2025-04-07T14:18:15.560", "lastModified": "2025-04-08T17:43:12.840",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -80,6 +80,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 3.4 "impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
], ],
"cvssMetricV2": [ "cvssMetricV2": [
@ -122,32 +142,82 @@
"value": "CWE-89" "value": "CWE-89"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:code-projects:patient_record_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3A18F6F3-1FDD-4D63-BFB1-6E520B4EAA45"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://code-projects.org/", "url": "https://code-projects.org/",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://github.com/yujiyuji159/cve/blob/main/README.md", "url": "https://github.com/yujiyuji159/cve/blob/main/README.md",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.303164", "url": "https://vuldb.com/?ctiid.303164",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?id.303164", "url": "https://vuldb.com/?id.303164",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?submit.545962", "url": "https://vuldb.com/?submit.545962",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://github.com/yujiyuji159/cve/blob/main/README.md", "url": "https://github.com/yujiyuji159/cve/blob/main/README.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

78
CVE-2025/CVE-2025-32xx/CVE-2025-3285.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2025-3285",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2025-04-08T16:15:28.690",
"lastModified": "2025-04-08T16:15:28.690",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A local code execution vulnerability exists in the Rockwell Automation\u00a0Arena\u00ae\u00a0due to a threat actor being able to read outside of the allocated memory buffer. The flaw is a result of improper validation of user-supplied data. \u00a0If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerability a legitimate user must open a malicious DOE file."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1726.html",
"source": "PSIRT@rockwellautomation.com"
}
]
}

78
CVE-2025/CVE-2025-32xx/CVE-2025-3286.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2025-3286",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2025-04-08T16:15:28.840",
"lastModified": "2025-04-08T16:15:28.840",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A local code execution vulnerability exists in the Rockwell Automation\u00a0Arena\u00ae\u00a0due to a threat actor being able to read outside of the allocated memory buffer. The flaw is a result of improper validation of user-supplied data. \u00a0If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerability a legitimate user must open a malicious DOE file."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1726.html",
"source": "PSIRT@rockwellautomation.com"
}
]
}

78
CVE-2025/CVE-2025-32xx/CVE-2025-3287.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2025-3287",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2025-04-08T16:15:28.980",
"lastModified": "2025-04-08T16:15:28.980",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A local code execution vulnerability exists in the Rockwell Automation\u00a0Arena\u00ae due to a stack-based memory buffer overflow. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerability a legitimate user must open a malicious DOE file."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1726.html",
"source": "PSIRT@rockwellautomation.com"
}
]
}

78
CVE-2025/CVE-2025-32xx/CVE-2025-3288.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2025-3288",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2025-04-08T16:15:29.120",
"lastModified": "2025-04-08T16:15:29.120",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A local code execution vulnerability exists in the Rockwell Automation\u00a0Arena\u00ae\u00a0due to a threat actor being able to read outside of the allocated memory buffer. The flaw is a result of improper validation of user-supplied data. \u00a0If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerability a legitimate user must open a malicious DOE file."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1726.html",
"source": "PSIRT@rockwellautomation.com"
}
]
}

66
CVE-2025/CVE-2025-32xx/CVE-2025-3289.json Normal file
View File

@ -0,0 +1,66 @@
{
"id": "CVE-2025-3289",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2025-04-08T16:15:29.253",
"lastModified": "2025-04-08T16:15:29.253",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A local code execution vulnerability exists in the Rockwell Automation\u00a0Arena\u00ae due to a stack-based memory buffer overflow. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerability a legitimate user must open a malicious DOE file."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1726.html",
"source": "PSIRT@rockwellautomation.com"
}
]
}

54
CVE-2025/CVE-2025-32xx/CVE-2025-3296.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-3296", "id": "CVE-2025-3296",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-05T08:15:13.787", "published": "2025-04-05T08:15:13.787",
"lastModified": "2025-04-07T17:15:38.227", "lastModified": "2025-04-08T16:49:21.037",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -124,30 +124,68 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oretnom23:online_eyewear_shop:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "464A3580-D632-43EB-93EF-E2A1A5736F14"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/foreverfeifei/cve/blob/main/sql.md", "url": "https://github.com/foreverfeifei/cve/blob/main/sql.md",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.303491", "url": "https://vuldb.com/?ctiid.303491",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?id.303491", "url": "https://vuldb.com/?id.303491",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?submit.549932", "url": "https://vuldb.com/?submit.549932",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://www.sourcecodester.com/", "url": "https://www.sourcecodester.com/",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://github.com/foreverfeifei/cve/blob/main/sql.md", "url": "https://github.com/foreverfeifei/cve/blob/main/sql.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
} }
] ]
} }

54
CVE-2025/CVE-2025-32xx/CVE-2025-3297.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-3297", "id": "CVE-2025-3297",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-05T09:15:15.237", "published": "2025-04-05T09:15:15.237",
"lastModified": "2025-04-07T17:15:38.387", "lastModified": "2025-04-08T16:49:12.910",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -124,30 +124,68 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oretnom23:online_eyewear_shop:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "464A3580-D632-43EB-93EF-E2A1A5736F14"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/foreverfeifei/cve/blob/main/xss.md", "url": "https://github.com/foreverfeifei/cve/blob/main/xss.md",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.303492", "url": "https://vuldb.com/?ctiid.303492",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?id.303492", "url": "https://vuldb.com/?id.303492",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?submit.549982", "url": "https://vuldb.com/?submit.549982",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://www.sourcecodester.com/", "url": "https://www.sourcecodester.com/",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://github.com/foreverfeifei/cve/blob/main/xss.md", "url": "https://github.com/foreverfeifei/cve/blob/main/xss.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
} }
] ]
} }

54
CVE-2025/CVE-2025-32xx/CVE-2025-3298.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-3298", "id": "CVE-2025-3298",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-05T11:15:40.917", "published": "2025-04-05T11:15:40.917",
"lastModified": "2025-04-07T17:15:38.550", "lastModified": "2025-04-08T16:49:00.290",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -124,30 +124,68 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oretnom23:online_eyewear_shop:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "464A3580-D632-43EB-93EF-E2A1A5736F14"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/foreverfeifei/cve/blob/main/user.md", "url": "https://github.com/foreverfeifei/cve/blob/main/user.md",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.303493", "url": "https://vuldb.com/?ctiid.303493",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?id.303493", "url": "https://vuldb.com/?id.303493",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?submit.550010", "url": "https://vuldb.com/?submit.550010",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://www.sourcecodester.com/", "url": "https://www.sourcecodester.com/",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://github.com/foreverfeifei/cve/blob/main/user.md", "url": "https://github.com/foreverfeifei/cve/blob/main/user.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
} }
] ]
} }

56
CVE-2025/CVE-2025-32xx/CVE-2025-3299.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-3299", "id": "CVE-2025-3299",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-05T11:15:41.180", "published": "2025-04-05T11:15:41.180",
"lastModified": "2025-04-07T17:15:38.713", "lastModified": "2025-04-08T16:48:45.137",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -124,30 +124,70 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpgurukul:men_salon_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "06009EBA-F4B6-4CC8-8366-72B4A1552FA3"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/LaneyYu/cve/issues/1", "url": "https://github.com/LaneyYu/cve/issues/1",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking"
]
}, },
{ {
"url": "https://phpgurukul.com/", "url": "https://phpgurukul.com/",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.303494", "url": "https://vuldb.com/?ctiid.303494",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?id.303494", "url": "https://vuldb.com/?id.303494",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?submit.550185", "url": "https://vuldb.com/?submit.550185",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://github.com/LaneyYu/cve/issues/1", "url": "https://github.com/LaneyYu/cve/issues/1",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Issue Tracking"
]
} }
] ]
} }

49
CVE-2025/CVE-2025-33xx/CVE-2025-3305.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-3305", "id": "CVE-2025-3305",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-05T23:15:41.780", "published": "2025-04-05T23:15:41.780",
"lastModified": "2025-04-07T16:15:26.767", "lastModified": "2025-04-08T16:46:55.203",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -124,26 +124,61 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:1902756969:ikun_library:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A42A18EC-38D0-4A4D-A9BD-015B951BBAEB"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/buluorifu/Vulnerability-recurrence/blob/main/Refer/IKUN_Library-authority.md", "url": "https://github.com/buluorifu/Vulnerability-recurrence/blob/main/Refer/IKUN_Library-authority.md",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.303502", "url": "https://vuldb.com/?ctiid.303502",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?id.303502", "url": "https://vuldb.com/?id.303502",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?submit.550186", "url": "https://vuldb.com/?submit.550186",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://github.com/buluorifu/Vulnerability-recurrence/blob/main/Refer/IKUN_Library-authority.md", "url": "https://github.com/buluorifu/Vulnerability-recurrence/blob/main/Refer/IKUN_Library-authority.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
} }
] ]
} }

89
CVE-2025/CVE-2025-33xx/CVE-2025-3308.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-3308", "id": "CVE-2025-3308",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-06T04:15:15.887", "published": "2025-04-06T04:15:15.887",
"lastModified": "2025-04-07T15:15:45.040", "lastModified": "2025-04-08T17:38:09.607",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -80,6 +80,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.4 "impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
], ],
"cvssMetricV2": [ "cvssMetricV2": [
@ -122,32 +142,85 @@
"value": "CWE-89" "value": "CWE-89"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adonesevangelista:online_blood_bank_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4F53F723-1E87-4190-A902-24A47378C80B"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://code-projects.org/", "url": "https://code-projects.org/",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://github.com/p1026/CVE/issues/25", "url": "https://github.com/p1026/CVE/issues/25",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory",
"Issue Tracking"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.303505", "url": "https://vuldb.com/?ctiid.303505",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?id.303505", "url": "https://vuldb.com/?id.303505",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?submit.550193", "url": "https://vuldb.com/?submit.550193",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://github.com/p1026/CVE/issues/25", "url": "https://github.com/p1026/CVE/issues/25",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory",
"Issue Tracking"
]
} }
] ]
} }

14
CVE-2025/CVE-2025-33xx/CVE-2025-3381.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-3381", "id": "CVE-2025-3381",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-07T20:15:21.760", "published": "2025-04-07T20:15:21.760",
"lastModified": "2025-04-07T20:15:21.760", "lastModified": "2025-04-08T16:15:29.563",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A vulnerability, which was classified as critical, was found in zhangyanbo2007 youkefu 4.2.0. This affects an unknown part of the file WebIMController.java of the component File Upload. The manipulation of the argument ID leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." "value": "A vulnerability, which was classified as critical, was found in zhangyanbo2007 youkefu 4.2.0. This affects an unknown part of the file WebIMController.java of the component File Upload. The manipulation of the argument ID leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad clasificada como cr\u00edtica en zhangyanbo2007 youkefu 4.2.0. Esta afecta a una parte desconocida del archivo WebIMController.java del componente File Upload. La manipulaci\u00f3n del ID del argumento provoca un cruce de rutas. Es posible iniciar el ataque de forma remota. Se ha hecho p\u00fablico el exploit y puede que sea utilizado."
} }
], ],
"metrics": { "metrics": {
@ -59,7 +63,7 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +111,7 @@
"weaknesses": [ "weaknesses": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -132,6 +136,10 @@
{ {
"url": "https://vuldb.com/?submit.552369", "url": "https://vuldb.com/?submit.552369",
"source": "cna@vuldb.com" "source": "cna@vuldb.com"
},
{
"url": "https://github.com/mapl3miss/uckefuVul/blob/main/uckefu-upload.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
} }
] ]
} }

Some files were not shown because too many files have changed in this diff Show More