diff --git a/CVE-2024/CVE-2024-115xx/CVE-2024-11584.json b/CVE-2024/CVE-2024-115xx/CVE-2024-11584.json new file mode 100644 index 00000000000..d1f5d52cc05 --- /dev/null +++ b/CVE-2024/CVE-2024-115xx/CVE-2024-11584.json @@ -0,0 +1,48 @@ +{ + "id": "CVE-2024-11584", + "sourceIdentifier": "security@ubuntu.com", + "published": "2025-06-26T10:15:24.703", + "lastModified": "2025-06-26T10:15:24.703", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "cloud-init\u00a0through 25.1.2 includes the systemd socket unit\u00a0cloud-init-hotplugd.socket with default\u00a0SocketMode\u00a0that grants 0666 permissions, making it world-writable.\u00a0This being used for the \"/run/cloud-init/hook-hotplug-cmd\" FIFO. An unprivelege user could trigger\u00a0hotplug-hook commands." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@ubuntu.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 5.9, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.5, + "impactScore": 3.4 + } + ] + }, + "references": [ + { + "url": "https://github.com/canonical/cloud-init/pull/6265/commits/6e10240a7f0a2d6110b398640b3fd46cfa9a7cf3", + "source": "security@ubuntu.com" + }, + { + "url": "https://github.com/canonical/cloud-init/releases/tag/25.1.3", + "source": "security@ubuntu.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-61xx/CVE-2024-6174.json b/CVE-2024/CVE-2024-61xx/CVE-2024-6174.json new file mode 100644 index 00000000000..1f1f10a1e0d --- /dev/null +++ b/CVE-2024/CVE-2024-61xx/CVE-2024-6174.json @@ -0,0 +1,44 @@ +{ + "id": "CVE-2024-6174", + "sourceIdentifier": "security@ubuntu.com", + "published": "2025-06-26T10:15:25.133", + "lastModified": "2025-06-26T10:15:25.133", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this,\u00a0cloud-init default configurations disable platform enumeration." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@ubuntu.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://github.com/canonical/cloud-init/releases/tag/25.1.3", + "source": "security@ubuntu.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-37xx/CVE-2025-3722.json b/CVE-2025/CVE-2025-37xx/CVE-2025-3722.json new file mode 100644 index 00000000000..e9b42fff405 --- /dev/null +++ b/CVE-2025/CVE-2025-37xx/CVE-2025-3722.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2025-3722", + "sourceIdentifier": "trellixpsirt@trellix.com", + "published": "2025-06-26T11:15:26.427", + "lastModified": "2025-06-26T11:15:26.427", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A path traversal vulnerability in System Information Reporter (SIR) 1.0.3 and prior allowed an authenticated high privileged user to issue malicious ePO post requests to System Information Reporter, leading to creation of files anywhere on the filesystem and possibly overwriting existing files and exposing sensitive information disclosure." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "trellixpsirt@trellix.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 0.0, + "baseSeverity": "NONE", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "NONE", + "vulnIntegrityImpact": "NONE", + "vulnAvailabilityImpact": "NONE", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "trellixpsirt@trellix.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://thrive.trellix.com/s/article/000014635", + "source": "trellixpsirt@trellix.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-37xx/CVE-2025-3771.json b/CVE-2025/CVE-2025-37xx/CVE-2025-3771.json new file mode 100644 index 00000000000..9cb5f67134d --- /dev/null +++ b/CVE-2025/CVE-2025-37xx/CVE-2025-3771.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2025-3771", + "sourceIdentifier": "trellixpsirt@trellix.com", + "published": "2025-06-26T11:15:29.030", + "lastModified": "2025-06-26T11:15:29.030", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Vulnerability allows local user to write registry backup files into another location set by the user by creating junction symlink in System Information Reporter." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "trellixpsirt@trellix.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:H/SC:L/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 7.2, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "attackRequirements": "PRESENT", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "LOW", + "vulnIntegrityImpact": "HIGH", + "vulnAvailabilityImpact": "HIGH", + "subConfidentialityImpact": "LOW", + "subIntegrityImpact": "HIGH", + "subAvailabilityImpact": "HIGH", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "trellixpsirt@trellix.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-59" + } + ] + } + ], + "references": [ + { + "url": "https://fireeye.lightning.force.com/lightning/r/Best_Practices__kav/ka0Pi000000EUhNIAW/view", + "source": "trellixpsirt@trellix.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-53xx/CVE-2025-5338.json b/CVE-2025/CVE-2025-53xx/CVE-2025-5338.json new file mode 100644 index 00000000000..d33f998b18f --- /dev/null +++ b/CVE-2025/CVE-2025-53xx/CVE-2025-5338.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2025-5338", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-06-26T10:15:25.307", + "lastModified": "2025-06-26T10:15:25.307", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Royal Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 1.7.1024 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/royal-elementor-addons/tags/1.7.1022/assets/js/frontend.js", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3309082/", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/royal-elementor-addons/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/201ff7b6-d72a-43c3-a7b1-c4f917c9d27f?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-58xx/CVE-2025-5842.json b/CVE-2025/CVE-2025-58xx/CVE-2025-5842.json new file mode 100644 index 00000000000..4735ece0d1a --- /dev/null +++ b/CVE-2025/CVE-2025-58xx/CVE-2025-5842.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2025-5842", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-06-26T10:15:25.537", + "lastModified": "2025-06-26T10:15:25.537", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Modern Design Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018class\u2019 parameter in all versions up to, and including, 1.1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/mdl-shortcodes/trunk/mdl-shortcodes.php#L197", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3317171/", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/mdl-shortcodes/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1be519d5-b505-4b5d-9f14-c8544e8f8298?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-62xx/CVE-2025-6212.json b/CVE-2025/CVE-2025-62xx/CVE-2025-6212.json new file mode 100644 index 00000000000..e1977837366 --- /dev/null +++ b/CVE-2025/CVE-2025-62xx/CVE-2025-6212.json @@ -0,0 +1,72 @@ +{ + "id": "CVE-2025-6212", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-06-26T10:15:25.747", + "lastModified": "2025-06-26T10:15:25.747", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Database module in versions 3.5.11 to 3.5.19 due to insufficient input sanitization and output escaping. The unfiltered field names are stored alongside the sanitized values. Later, the admin-side AJAX endpoint ajax_get_table_data() returns those raw names as JSON column headers, and the client-side DataTables renderer injects them directly into the DOM without any HTML encoding. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 7.2, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/ultimate-addons-for-contact-form-7/trunk/addons/database/assets/js/database-pro-main.js", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/ultimate-addons-for-contact-form-7/trunk/addons/database/database.php", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3316177/", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/ultimate-addons-for-contact-form-7/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f49e48cb-7d0b-4bcf-9090-869472b8442a?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-67xx/CVE-2025-6703.json b/CVE-2025/CVE-2025-67xx/CVE-2025-6703.json new file mode 100644 index 00000000000..6dfcecb7cc3 --- /dev/null +++ b/CVE-2025/CVE-2025-67xx/CVE-2025-6703.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2025-6703", + "sourceIdentifier": "security@mozilla.org", + "published": "2025-06-26T10:15:25.950", + "lastModified": "2025-06-26T10:15:25.950", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Input Validation vulnerability in Mozilla neqo leads to an unexploitable crash..This issue affects neqo: from 0.4.24 through 0.13.2." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security@mozilla.org", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:X/RE:L/U:Clear", + "baseScore": 2.3, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "PRESENT", + "privilegesRequired": "NONE", + "userInteraction": "PASSIVE", + "vulnConfidentialityImpact": "NONE", + "vulnIntegrityImpact": "NONE", + "vulnAvailabilityImpact": "LOW", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "LOW", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "YES", + "Recovery": "AUTOMATIC", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "LOW", + "providerUrgency": "CLEAR" + } + } + ] + }, + "weaknesses": [ + { + "source": "security@mozilla.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/mozilla/neqo/security/advisories/GHSA-jfv6-x22w-grhf", + "source": "security@mozilla.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 20b612f49b4..bba8b39d700 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-06-26T10:00:32.319706+00:00 +2025-06-26T12:00:32.047464+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-06-26T08:15:23.040000+00:00 +2025-06-26T11:15:29.030000+00:00 ``` ### Last Data Feed Release @@ -33,14 +33,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -299411 +299419 ``` ### CVEs added in the last Commit -Recently added CVEs: `1` +Recently added CVEs: `8` -- [CVE-2025-52934](CVE-2025/CVE-2025-529xx/CVE-2025-52934.json) (`2025-06-26T08:15:23.040`) +- [CVE-2024-11584](CVE-2024/CVE-2024-115xx/CVE-2024-11584.json) (`2025-06-26T10:15:24.703`) +- [CVE-2024-6174](CVE-2024/CVE-2024-61xx/CVE-2024-6174.json) (`2025-06-26T10:15:25.133`) +- [CVE-2025-3722](CVE-2025/CVE-2025-37xx/CVE-2025-3722.json) (`2025-06-26T11:15:26.427`) +- [CVE-2025-3771](CVE-2025/CVE-2025-37xx/CVE-2025-3771.json) (`2025-06-26T11:15:29.030`) +- [CVE-2025-5338](CVE-2025/CVE-2025-53xx/CVE-2025-5338.json) (`2025-06-26T10:15:25.307`) +- [CVE-2025-5842](CVE-2025/CVE-2025-58xx/CVE-2025-5842.json) (`2025-06-26T10:15:25.537`) +- [CVE-2025-6212](CVE-2025/CVE-2025-62xx/CVE-2025-6212.json) (`2025-06-26T10:15:25.747`) +- [CVE-2025-6703](CVE-2025/CVE-2025-67xx/CVE-2025-6703.json) (`2025-06-26T10:15:25.950`) ### CVEs modified in the last Commit diff --git a/_state.csv b/_state.csv index 275912a29e4..ff8d337f2e8 100644 --- a/_state.csv +++ b/_state.csv @@ -247008,6 +247008,7 @@ CVE-2024-11580,0,0,2902a2896d70a09162eab174719b1f937a00063abe723be1bb8861e8aaeb5 CVE-2024-11581,0,0,54519437e00f96c23a8c70641ca6b3fe6fa4bcc79e1443a9a5c2a0ca7b114449,2024-12-20T17:32:03.967000 CVE-2024-11582,0,0,5e500d72782f3c6c9cfe57a8b04f3c73a0d08c89d5d781f1ea62d59a2f770b01,2025-02-19T04:15:10.200000 CVE-2024-11583,0,0,0b07441a5ea7c52db00cfe826d700b0c0eb6984d5bc925e0a246fd9c511bc36e,2025-01-31T20:03:24.500000 +CVE-2024-11584,1,1,b0b3827aadbbf036f493fbf1e204212d6a0bec98492bba94b1260a1ffaed9167,2025-06-26T10:15:24.703000 CVE-2024-11585,0,0,d73bc146050e187d4f7b957a4961cb8470ba9ebdf69a5843cdfa9e686c284b8e,2024-12-06T06:15:22.723000 CVE-2024-11586,0,0,acbb89c7a73edeb9af616fbe1a7bbf2dff72a4d1c23f19e17196df7c7df36053,2024-11-25T18:15:10.123000 CVE-2024-11587,0,0,0c53e214732460d3ba9182e7aecf740be5ad9acf89e1672faca46af72ab29a76,2024-11-22T21:15:27.747000 @@ -279177,6 +279178,7 @@ CVE-2024-6170,0,0,4f4feaa051cf526bf9bfbbaa3bec84ff456fdf5126d8574d1136d86b9b9157 CVE-2024-6171,0,0,4346ab3f7b14d6380848f6593d4fb20ee4785e9f959985312273f695426c45f9,2024-11-21T09:49:06.920000 CVE-2024-6172,0,0,9dc6aaa43f42439daad697184574bc02a04b5894b5b2724df2c821e07b19be8e,2024-11-21T09:49:07.047000 CVE-2024-6173,0,0,1cddb9debbb5fdfd0cf79297d2f2924b6dcb127b463f053c35bed2e7c56d0027,2024-11-29T06:15:07.503000 +CVE-2024-6174,1,1,6863f4d68f1bef354c414e6e5100228e095e83d7d402b684e0d83a47be5273a0,2025-06-26T10:15:25.133000 CVE-2024-6175,0,0,383dab664f87e85a026415f2c3e224ae5fa1dd4ed7e1268ce66f7b926c48a731,2024-11-21T09:49:07.253000 CVE-2024-6176,0,0,21f9ff18133f6ec4699eaf4acac05a3a991a9eb6a5269b5794afff3ac818b1d9,2024-11-21T09:49:07.357000 CVE-2024-6177,0,0,fa162b485f99f68812e2fb99c0e89ed20ad30eb8f2dc55d4b95a1db0a4b76f7a,2024-11-21T09:49:07.480000 @@ -294046,6 +294048,7 @@ CVE-2025-3712,0,0,ea56365e47ceb44e31dafb8f72bb0d4f1a8a74a514b3fc339176f713c23eaf CVE-2025-3713,0,0,7e67304534c06f2079db65e532178b0781d2814a48010fdc27d2a08fd7f43f29,2025-05-28T03:15:22.430000 CVE-2025-3714,0,0,3fcd28d3a7b81c31d305f49be6e84a00b4570b4ee1caa0904bee1851b94e6d66,2025-05-28T04:15:45.850000 CVE-2025-3715,0,0,2d1d9dba7f9eff4431b265f83f4af3c259cac9ce8ddae0a96ec092e646ca8d2a,2025-05-19T13:35:20.460000 +CVE-2025-3722,1,1,02a724da708495f386d56d774a7fff7fad2857fabf6eeb6f40bb7a171eae374e,2025-06-26T11:15:26.427000 CVE-2025-3723,0,0,477418a320dfd53a6e935f7e337452b515033da0e585c9ca76a1582be0b01b2c,2025-05-12T20:40:10.330000 CVE-2025-3724,0,0,18e69c1094bab55d0abc5efd07a77f5bb56c4db0cf848fa0037b08e463c287e2,2025-05-12T20:40:24.853000 CVE-2025-3725,0,0,1e309d1f74fab356e2cc6c357ddf51ae0df3b4f4658fe92471e09a3c56b4252c,2025-05-12T20:40:40.500000 @@ -294084,6 +294087,7 @@ CVE-2025-3766,0,0,4ab1f8c3347dd4d857f6ed47618688e65322f18fd502bb56163206717ca51a CVE-2025-3767,0,0,292444054f64728a26421e1d4abd19f40fd20bae5ef25e71c0fda7db865359ae,2025-04-23T14:08:13.383000 CVE-2025-3768,0,0,bc353dd6d519bf091c1975f4b269d3c3a4ac208a15aea53b50d1ffe54ed1e121,2025-06-05T20:12:23.777000 CVE-2025-3769,0,0,3f7372036ea22709a172464e7fa400f2a2b90380b5ac20ab94f3bbb2664582da,2025-05-16T14:43:56.797000 +CVE-2025-3771,1,1,e09ddd4df425dc033db9e6e4856fa05278a81a35dab22418c6ee19b384cf289c,2025-06-26T11:15:29.030000 CVE-2025-37730,0,0,67e6e3825da3f11311501c243f4ff0e5cfb6a91fd935a3fdef62ae25a64429d2,2025-05-07T14:13:20.483000 CVE-2025-37738,0,0,ba1e253afea970e2d6cbcac0df377f410e996b34b809210266fb935a59d8f3ae,2025-05-02T13:53:20.943000 CVE-2025-37739,0,0,d93f652e6f780625188bc3e58a094ab90f62616b233dc5bfe99eda3073ee8767,2025-05-02T13:53:20.943000 @@ -298446,7 +298450,7 @@ CVE-2025-52921,0,0,eb0aa8eadcd3c62d0a2f8e9986a6d53f122ed90a401be70c752560a9e8b83 CVE-2025-52922,0,0,63f8deb7283aa29878227b0620db68a51e4f8976e3d04246cba3ccabf488960d,2025-06-23T20:16:21.633000 CVE-2025-52923,0,0,0d394519edc28fc465ed4098c53a67edbc1762e355c471e49bda15d53d1acc6e,2025-06-23T20:16:21.633000 CVE-2025-52926,0,0,df6cf2638f59ab59a25c6cfa3728a1a0a30ea899e6a8ed81cad7b5bb46aa2e08,2025-06-23T20:16:21.633000 -CVE-2025-52934,1,1,3c52e8bfe57b1a51aaa8b3b133dd27fbe9d41dacfc08acadbc3e53ae3e5c616c,2025-06-26T08:15:23.040000 +CVE-2025-52934,0,0,3c52e8bfe57b1a51aaa8b3b133dd27fbe9d41dacfc08acadbc3e53ae3e5c616c,2025-06-26T08:15:23.040000 CVE-2025-52935,0,0,e90442b27348ddc08b70a4f2c9d685a21683a5219fe3b28f02af658cb695b621,2025-06-23T20:16:21.633000 CVE-2025-52936,0,0,aa832922e1b2bf92ff240ff870ed504cb854da22917214db98a7fd33f57bab16,2025-06-23T20:16:21.633000 CVE-2025-52937,0,0,7155fdb03a62afee2d480e9fbd91c6ac9f29561d359af43e719f0125704aa0c9,2025-06-23T20:16:21.633000 @@ -298492,6 +298496,7 @@ CVE-2025-5334,0,0,3b25ffa10fa68a37bf0e18657dc7cc96e971a33e8fade936cdd13017087298 CVE-2025-5335,0,0,5abfb5e74bc6ec2f8ed9b95f56ffcbd4f93dcd183997df85e24502ad95934637,2025-06-12T16:06:39.330000 CVE-2025-5336,0,0,51ebbfc8a6c001d043ad92fbb70974a3ccedacbc8290bd5643cc8faeb9732c02,2025-06-16T12:32:18.840000 CVE-2025-5337,0,0,f5b214301a56cadaeebc0b9a86ddeaf885fbd4e9b8e681558e7ccfb718bae2b0,2025-06-16T12:32:18.840000 +CVE-2025-5338,1,1,f006efd42d70264210fbd6141455221acbec012a03c0cae0348be72a8bb33532,2025-06-26T10:15:25.307000 CVE-2025-5340,0,0,9b48da383be5dfbe2bc488480a2be183877451ec75241964210e2e3aad9a2ceb,2025-06-04T14:54:33.783000 CVE-2025-5341,0,0,2f7555dddd47395f556aef803e272926d99b2be1a7b798f5f5a29577ec1f1191,2025-06-05T20:12:23.777000 CVE-2025-5349,0,0,c3dba6df59d2293dc5933fab4b44180a83c69961191d6e1c8668a3b028af5d72,2025-06-17T20:50:23.507000 @@ -298880,6 +298885,7 @@ CVE-2025-5838,0,0,35626c7c8e1d04fa7bdba348c0108b2c123b4d5d313bbcf8d5dd0d6177716b CVE-2025-5839,0,0,af2c1c6da3fb5a22931f1ffebd67420dd5150792d38533d6eb8686e18f591276,2025-06-09T19:07:34.470000 CVE-2025-5840,0,0,a1906b279632ca933a71469d14d9b22734a373c8dc4ebaee1a55c4351d13760a,2025-06-10T15:45:31.043000 CVE-2025-5841,0,0,f400ea2f8b46ebb92066563e7d4eaccd25056b8981da67e57e016f89e1a31dc6,2025-06-16T12:32:18.840000 +CVE-2025-5842,1,1,7d2c79ed9cd89d676c12144f678969a69b95a2fa524c5effe8105f543604e1fd,2025-06-26T10:15:25.537000 CVE-2025-5846,0,0,9f0922e59852557839f797b88c35f7182dbdb91a0671689ca165af3bce9b0b13,2025-06-26T06:15:24.030000 CVE-2025-5847,0,0,72a670a977f930c072e82981d9be0647255328c3124df63dafd15061a72168a9,2025-06-09T19:04:55.580000 CVE-2025-5848,0,0,97a77699d44911bbc0f7dbb24d5b37ad7d0974431c5e2858413f0642987e5a7c,2025-06-09T19:04:50.113000 @@ -299114,6 +299120,7 @@ CVE-2025-6196,0,0,a443edb8dad0601e0cbd1385e8a473b74e22417d0a97c7514592b470b58b5b CVE-2025-6199,0,0,8b74f0ab0d170aa7cc558f1e79481a7093394c0368bbc35b907707db4c26f548,2025-06-17T20:50:23.507000 CVE-2025-6201,0,0,09953b11a7588a9edc2f3925b0cbb84add185ea803d7765dc4a2a786cd413a85,2025-06-23T20:16:59.783000 CVE-2025-6206,0,0,f095e462b0f9c530be73de1fe9b71847681b1cb490797f58b1dc23dd20a548bf,2025-06-24T09:15:25.653000 +CVE-2025-6212,1,1,d68d2c7ec394e1765170c6fe8c8153b073484f550c4507decdf42f086d4b7303,2025-06-26T10:15:25.747000 CVE-2025-6216,0,0,fa2fdcc5033cf3a1df6342a01f2acd273f87b99c1664b4ca0db573d99035212e,2025-06-23T20:16:21.633000 CVE-2025-6217,0,0,0d2c65c94d7cc4fabd9027df56e983345e1f33543f29c53f0c45cf319713d14d,2025-06-23T20:16:21.633000 CVE-2025-6218,0,0,0c57dc44b918f69aa41dfa2cd45995e68693308920cd967c81e00d12734bb127,2025-06-25T19:03:33.817000 @@ -299410,3 +299417,4 @@ CVE-2025-6667,0,0,8d9ad53a3335c05cc0865d1435899d49a25a3ca653a61e0fdb6ad611b59d42 CVE-2025-6668,0,0,b7f7ce19d9ba8dfe1a594307d757f6e849bb60917444403b692842e09544abd4,2025-06-25T22:15:24.450000 CVE-2025-6669,0,0,259554a4afe15a633cf6db3e0b294386f75a87b93f6e7e142528c6c7d99925a1,2025-06-25T23:15:21.310000 CVE-2025-6678,0,0,3d8df884ccaa68204bde970fbc5a3e37b905ea9e2d3ab8e9d4e745c1411dc54e,2025-06-25T18:15:25.507000 +CVE-2025-6703,1,1,09072c2cd4e411c0d5c8360ca7f6fdefccb20fabc17c8c1696e0829eab242c2a,2025-06-26T10:15:25.950000