diff --git a/CVE-2024/CVE-2024-118xx/CVE-2024-11857.json b/CVE-2024/CVE-2024-118xx/CVE-2024-11857.json new file mode 100644 index 00000000000..449c3b44637 --- /dev/null +++ b/CVE-2024/CVE-2024-118xx/CVE-2024-11857.json @@ -0,0 +1,104 @@ +{ + "id": "CVE-2024-11857", + "sourceIdentifier": "twcert@cert.org.tw", + "published": "2025-06-02T04:15:26.000", + "lastModified": "2025-06-02T04:15:26.000", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Bluetooth HCI Adaptor from Realtek has a Link Following vulnerability. Local attackers with regular privileges can create a symbolic link with the same name as a specific file, causing the product to delete arbitrary files pointed to by the link. Subsequently, attackers can leverage arbitrary file deletion to privilege escalation." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "twcert@cert.org.tw", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 8.5, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "HIGH", + "vulnIntegrityImpact": "HIGH", + "vulnAvailabilityImpact": "HIGH", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-59" + } + ] + } + ], + "references": [ + { + "url": "https://www.twcert.org.tw/en/cp-139-10161-fa1b5-2.html", + "source": "twcert@cert.org.tw" + }, + { + "url": "https://www.twcert.org.tw/tw/cp-132-10160-76012-1.html", + "source": "twcert@cert.org.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-216xx/CVE-2025-21605.json b/CVE-2025/CVE-2025-216xx/CVE-2025-21605.json index b51f384e110..59ff88dea0b 100644 --- a/CVE-2025/CVE-2025-216xx/CVE-2025-21605.json +++ b/CVE-2025/CVE-2025-216xx/CVE-2025-21605.json @@ -2,7 +2,7 @@ "id": "CVE-2025-21605", "sourceIdentifier": "security-advisories@github.com", "published": "2025-04-23T16:15:34.770", - "lastModified": "2025-05-12T15:15:59.200", + "lastModified": "2025-06-02T04:15:36.617", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -60,6 +60,10 @@ "url": "https://github.com/redis/redis/security/advisories/GHSA-r67f-p999-2gff", "source": "security-advisories@github.com" }, + { + "url": "https://github.com/valkey-io/valkey/releases/tag/8.1.1", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, { "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00014.html", "source": "af854a3a-2127-422b-91ae-364da2661108" diff --git a/CVE-2025/CVE-2025-251xx/CVE-2025-25179.json b/CVE-2025/CVE-2025-251xx/CVE-2025-25179.json new file mode 100644 index 00000000000..f40ad58934a --- /dev/null +++ b/CVE-2025/CVE-2025-251xx/CVE-2025-25179.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2025-25179", + "sourceIdentifier": "367425dc-4d06-4041-9650-c2dc6aaa27ce", + "published": "2025-06-02T05:15:20.160", + "lastModified": "2025-06-02T05:15:20.160", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "367425dc-4d06-4041-9650-c2dc6aaa27ce", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-280" + } + ] + } + ], + "references": [ + { + "url": "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", + "source": "367425dc-4d06-4041-9650-c2dc6aaa27ce" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-409xx/CVE-2025-40908.json b/CVE-2025/CVE-2025-409xx/CVE-2025-40908.json index 14f3a37c049..e58b90149e4 100644 --- a/CVE-2025/CVE-2025-409xx/CVE-2025-40908.json +++ b/CVE-2025/CVE-2025-409xx/CVE-2025-40908.json @@ -2,7 +2,7 @@ "id": "CVE-2025-40908", "sourceIdentifier": "9b29abf9-4ab0-4765-b253-1875cd9b441e", "published": "2025-06-01T14:15:21.113", - "lastModified": "2025-06-01T14:15:21.113", + "lastModified": "2025-06-02T04:15:38.817", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -11,7 +11,30 @@ "value": "YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", + "baseScore": 9.1, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.2 + } + ] + }, "weaknesses": [ { "source": "9b29abf9-4ab0-4765-b253-1875cd9b441e", diff --git a/CVE-2025/CVE-2025-491xx/CVE-2025-49112.json b/CVE-2025/CVE-2025-491xx/CVE-2025-49112.json new file mode 100644 index 00000000000..883d5b77eda --- /dev/null +++ b/CVE-2025/CVE-2025-491xx/CVE-2025-49112.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2025-49112", + "sourceIdentifier": "cve@mitre.org", + "published": "2025-06-02T05:15:21.277", + "lastModified": "2025-06-02T05:15:21.277", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "setDeferredReply in networking.c in Valkey through 8.1.1 has an integer underflow for prev->size - prev->used." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", + "baseScore": 3.1, + "baseSeverity": "LOW", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 1.6, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "cve@mitre.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-191" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/redis/redis/blob/994bc96bb1744cb153392fc96bdba43eae56e17f/src/networking.c#L783", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/valkey-io/valkey/blob/daea05b1e26db29bfd1c033e27f9d519a2f8ccbb/src/networking.c#L886", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/valkey-io/valkey/pull/2101", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-491xx/CVE-2025-49113.json b/CVE-2025/CVE-2025-491xx/CVE-2025-49113.json new file mode 100644 index 00000000000..15b0d2b842d --- /dev/null +++ b/CVE-2025/CVE-2025-491xx/CVE-2025-49113.json @@ -0,0 +1,80 @@ +{ + "id": "CVE-2025-49113", + "sourceIdentifier": "cve@mitre.org", + "published": "2025-06-02T05:15:53.420", + "lastModified": "2025-06-02T05:15:53.420", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the _from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "baseScore": 9.9, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.1, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "cve@mitre.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/roundcube/roundcubemail/commit/0376f69e958a8fef7f6f09e352c541b4e7729c4d", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/roundcube/roundcubemail/commit/7408f31379666124a39f9cb1018f62bc5e2dc695", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/roundcube/roundcubemail/commit/c50a07d88ca38f018a0f4a0b008e9a1deb32637e", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/roundcube/roundcubemail/pull/9865", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.5.10", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.6.11", + "source": "cve@mitre.org" + }, + { + "url": "https://roundcube.net/news/2025/06/01/security-updates-1.6.11-and-1.5.10", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-54xx/CVE-2025-5427.json b/CVE-2025/CVE-2025-54xx/CVE-2025-5427.json new file mode 100644 index 00000000000..c71e20d7c6b --- /dev/null +++ b/CVE-2025/CVE-2025-54xx/CVE-2025-5427.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2025-5427", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-06-02T04:15:44.000", + "lastModified": "2025-06-02T04:15:44.000", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in juzaweb CMS up to 3.4.2. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin-cp/permalinks of the component Permalinks Page. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "LOW", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "LOW", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "baseScore": 6.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-266" + }, + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/Cyber-Wo0dy/report/blob/main/juzawebcms/3.4.2/juzawebcms_unprivileged_user_acess_modify_permalinks.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.310760", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.310760", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.584055", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-54xx/CVE-2025-5428.json b/CVE-2025/CVE-2025-54xx/CVE-2025-5428.json new file mode 100644 index 00000000000..7f6eb8be4ff --- /dev/null +++ b/CVE-2025/CVE-2025-54xx/CVE-2025-5428.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2025-5428", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-06-02T04:15:44.977", + "lastModified": "2025-06-02T04:15:44.977", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability classified as critical has been found in juzaweb CMS up to 3.4.2. This affects an unknown part of the file /admin-cp/log-viewer of the component Error Logs Page. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "LOW", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "LOW", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "baseScore": 6.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-266" + }, + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/Cyber-Wo0dy/report/blob/main/juzawebcms/3.4.2/juzawebcms_unprivileged_user_list_delete_logs.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.310761", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.310761", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.584056", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-54xx/CVE-2025-5429.json b/CVE-2025/CVE-2025-54xx/CVE-2025-5429.json new file mode 100644 index 00000000000..72e7c3af74d --- /dev/null +++ b/CVE-2025/CVE-2025-54xx/CVE-2025-5429.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2025-5429", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-06-02T05:16:08.447", + "lastModified": "2025-06-02T05:16:08.447", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability classified as critical was found in juzaweb CMS up to 3.4.2. This vulnerability affects unknown code of the file /admin-cp/plugin/install of the component Plugins Page. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "LOW", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "LOW", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "baseScore": 6.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-266" + }, + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/Cyber-Wo0dy/report/blob/main/juzawebcms/3.4.2/juzawebcms_unprivileged_user_list_install_plugins.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.310762", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.310762", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.584057", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-54xx/CVE-2025-5430.json b/CVE-2025/CVE-2025-54xx/CVE-2025-5430.json new file mode 100644 index 00000000000..308b84b6137 --- /dev/null +++ b/CVE-2025/CVE-2025-54xx/CVE-2025-5430.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2025-5430", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-06-02T05:16:09.920", + "lastModified": "2025-06-02T05:16:09.920", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as critical, has been found in AssamLook CMS 1.0. This issue affects some unknown processing of the file /product.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "LOW", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "LOW", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "baseScore": 6.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/YZS17/CVE/blob/main/SQL/SQLi%20in%20AssamLook%20CMS-v1.0.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.310763", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.310763", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.584257", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 878c93fbe3b..9c2e28ec904 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-06-02T04:00:19.639477+00:00 +2025-06-02T06:00:19.558735+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-06-02T03:15:25.717000+00:00 +2025-06-02T05:16:09.920000+00:00 ``` ### Last Data Feed Release @@ -33,30 +33,29 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -296156 +296164 ``` ### CVEs added in the last Commit -Recently added CVEs: `11` +Recently added CVEs: `8` -- [CVE-2025-20672](CVE-2025/CVE-2025-206xx/CVE-2025-20672.json) (`2025-06-02T03:15:24.443`) -- [CVE-2025-20673](CVE-2025/CVE-2025-206xx/CVE-2025-20673.json) (`2025-06-02T03:15:24.613`) -- [CVE-2025-20674](CVE-2025/CVE-2025-206xx/CVE-2025-20674.json) (`2025-06-02T03:15:24.737`) -- [CVE-2025-20675](CVE-2025/CVE-2025-206xx/CVE-2025-20675.json) (`2025-06-02T03:15:24.863`) -- [CVE-2025-20676](CVE-2025/CVE-2025-206xx/CVE-2025-20676.json) (`2025-06-02T03:15:24.987`) -- [CVE-2025-20677](CVE-2025/CVE-2025-206xx/CVE-2025-20677.json) (`2025-06-02T03:15:25.103`) -- [CVE-2025-20678](CVE-2025/CVE-2025-206xx/CVE-2025-20678.json) (`2025-06-02T03:15:25.230`) -- [CVE-2025-5423](CVE-2025/CVE-2025-54xx/CVE-2025-5423.json) (`2025-06-02T02:15:19.760`) -- [CVE-2025-5424](CVE-2025/CVE-2025-54xx/CVE-2025-5424.json) (`2025-06-02T03:15:25.360`) -- [CVE-2025-5425](CVE-2025/CVE-2025-54xx/CVE-2025-5425.json) (`2025-06-02T03:15:25.537`) -- [CVE-2025-5426](CVE-2025/CVE-2025-54xx/CVE-2025-5426.json) (`2025-06-02T03:15:25.717`) +- [CVE-2024-11857](CVE-2024/CVE-2024-118xx/CVE-2024-11857.json) (`2025-06-02T04:15:26.000`) +- [CVE-2025-25179](CVE-2025/CVE-2025-251xx/CVE-2025-25179.json) (`2025-06-02T05:15:20.160`) +- [CVE-2025-49112](CVE-2025/CVE-2025-491xx/CVE-2025-49112.json) (`2025-06-02T05:15:21.277`) +- [CVE-2025-49113](CVE-2025/CVE-2025-491xx/CVE-2025-49113.json) (`2025-06-02T05:15:53.420`) +- [CVE-2025-5427](CVE-2025/CVE-2025-54xx/CVE-2025-5427.json) (`2025-06-02T04:15:44.000`) +- [CVE-2025-5428](CVE-2025/CVE-2025-54xx/CVE-2025-5428.json) (`2025-06-02T04:15:44.977`) +- [CVE-2025-5429](CVE-2025/CVE-2025-54xx/CVE-2025-5429.json) (`2025-06-02T05:16:08.447`) +- [CVE-2025-5430](CVE-2025/CVE-2025-54xx/CVE-2025-5430.json) (`2025-06-02T05:16:09.920`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `2` +- [CVE-2025-21605](CVE-2025/CVE-2025-216xx/CVE-2025-21605.json) (`2025-06-02T04:15:36.617`) +- [CVE-2025-40908](CVE-2025/CVE-2025-409xx/CVE-2025-40908.json) (`2025-06-02T04:15:38.817`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 071461a4d4e..71fec605ba7 100644 --- a/_state.csv +++ b/_state.csv @@ -246966,6 +246966,7 @@ CVE-2024-11853,0,0,34e99eba0841fa956ba4d7c4a308f8505540f1a8e5d486ec7f2fdd3d46494 CVE-2024-11854,0,0,999afde0352966c3848f9613a3046f97c5bfc972302cd671fa92812a3b6bafdc,2024-12-04T12:15:19.250000 CVE-2024-11855,0,0,b8bfb341060496fd32ee788a9ac0c446229bec4b5e208f7ac30bcfa919ff4d7a,2024-12-14T05:15:07.960000 CVE-2024-11856,0,0,d5dc91ea132c91646f44dabd18a1a6c06e1b122275ee7e71ea02b3d69779ae26,2024-12-02T03:15:13.713000 +CVE-2024-11857,1,1,178415c887407683170bebc7492a4a777b8e1716e9d97c2a63019d7730cf53ac,2025-06-02T04:15:26 CVE-2024-11858,0,0,73fd067f9f80a3fe9add2844a0fc8b12fbc4555aad7446ed909f2e6252e70dfe,2024-12-15T14:15:22.320000 CVE-2024-11859,0,0,e0c37a256811d6c3ed803647df0b4f38245519a802f001a8c0b0c679e61a20a1,2025-04-16T11:15:41.373000 CVE-2024-1186,0,0,2e273a7149091b295fd44850226681809150a1697d95b70cddb9945c7f5d2c46,2024-11-21T08:49:59.387000 @@ -284174,13 +284175,13 @@ CVE-2025-20668,0,0,4efde7cafee47bf30ca99edbe1e503aa47fb2d622289f8c7edb4b9fe9679e CVE-2025-2067,0,0,e5f1e57adc4edd42d03cb1428859c6d8f42f55a5cdb84315e745ffb2fc33dd73,2025-05-14T16:14:48.690000 CVE-2025-20670,0,0,0daec7733223332ecfca57b38ce85a4460ac74b45b4d452294bb01585317d8ea,2025-05-12T18:15:44.703000 CVE-2025-20671,0,0,d29b0be50e03d1be191b5842401236862e6d6c0fc14d06806db5030382f64d66,2025-05-07T15:15:56.947000 -CVE-2025-20672,1,1,bfb0e5ae35b79d4482ff41fcb0dc20295f3b1765de47757b166b0b080c3a5bd6,2025-06-02T03:15:24.443000 -CVE-2025-20673,1,1,254768889bdbfd6e76f709c4056daaa1be441649f0024395bdcd18cc8e2c31a1,2025-06-02T03:15:24.613000 -CVE-2025-20674,1,1,3e03b32ca2d56058a06cf7ae739bab538600fd57519e6d2c00e69e1c732b80a1,2025-06-02T03:15:24.737000 -CVE-2025-20675,1,1,0c5263d592ca1f5b618e72da59fd091513a571e3411965e51bbe4cd54bf8509b,2025-06-02T03:15:24.863000 -CVE-2025-20676,1,1,3088a4370fc8243e791dc0f3ce0a7e8403cc54617956ca1fbdea6cd1ab5e7367,2025-06-02T03:15:24.987000 -CVE-2025-20677,1,1,606c825d76f726a9840e334946205206bcd9b223e91a3b9c78a6b8d1d4422773,2025-06-02T03:15:25.103000 -CVE-2025-20678,1,1,6b59c6e878481480682e0bdf651900c7eb1131a6cf159b085dc5bba1f933a1d4,2025-06-02T03:15:25.230000 +CVE-2025-20672,0,0,bfb0e5ae35b79d4482ff41fcb0dc20295f3b1765de47757b166b0b080c3a5bd6,2025-06-02T03:15:24.443000 +CVE-2025-20673,0,0,254768889bdbfd6e76f709c4056daaa1be441649f0024395bdcd18cc8e2c31a1,2025-06-02T03:15:24.613000 +CVE-2025-20674,0,0,3e03b32ca2d56058a06cf7ae739bab538600fd57519e6d2c00e69e1c732b80a1,2025-06-02T03:15:24.737000 +CVE-2025-20675,0,0,0c5263d592ca1f5b618e72da59fd091513a571e3411965e51bbe4cd54bf8509b,2025-06-02T03:15:24.863000 +CVE-2025-20676,0,0,3088a4370fc8243e791dc0f3ce0a7e8403cc54617956ca1fbdea6cd1ab5e7367,2025-06-02T03:15:24.987000 +CVE-2025-20677,0,0,606c825d76f726a9840e334946205206bcd9b223e91a3b9c78a6b8d1d4422773,2025-06-02T03:15:25.103000 +CVE-2025-20678,0,0,6b59c6e878481480682e0bdf651900c7eb1131a6cf159b085dc5bba1f933a1d4,2025-06-02T03:15:25.230000 CVE-2025-2068,0,0,caea7b6972516a21e1fb4cb2f8db6e455533cd0aab201f39e697eeb619aa0bfd,2025-04-29T13:52:28.490000 CVE-2025-2069,0,0,3be67bf54f8ec61314fa1aeec7cad10107ab60b66fe6d57dfc7b2068092e5954,2025-04-29T13:52:28.490000 CVE-2025-2070,0,0,aa6c57d00653559715f3617271164e399083db51bc42952895ad83bcf08a7d15,2025-04-29T13:52:28.490000 @@ -284798,7 +284799,7 @@ CVE-2025-21601,0,0,0a3de1bd0f7b2152d39100c8775a8996119c68746c8d9f247ee42e02416b1 CVE-2025-21602,0,0,c19be4b4737359a2e4ed4f02c889d9a8f5b6a59c1e0d49883a4919ec981debf6,2025-01-09T17:15:19.150000 CVE-2025-21603,0,0,de5a98ab5a1846941043ac114cde34c932a06d56fde93bc5468f6ea62d88c11e,2025-01-08T15:15:21.320000 CVE-2025-21604,0,0,a34f469e60a5c97c37f25f38185bf1e66489153f244790f5fcee58d0e1ef98a9,2025-01-06T16:15:30.927000 -CVE-2025-21605,0,0,638a222cbabdeee814c262d3f10d592e9c414d26a08e953534ecee0793400b71,2025-05-12T15:15:59.200000 +CVE-2025-21605,0,1,5d4d91cfbb9495363a63c1abe4e3da20ab0fb3d6d573f32bad1897467d2c290f,2025-06-02T04:15:36.617000 CVE-2025-21606,0,0,a19668b5b8fc9af5d593a5704f1b419f2af7457a16702862aae2b42a335d351c,2025-01-17T21:15:11.420000 CVE-2025-21607,0,0,2ce4ba41763b4986cd26eb54a8075a3cd0338658a0c3e9c0baa1dfce0ce697aa,2025-04-24T15:15:57.293000 CVE-2025-21608,0,0,d574978b81bfed48d2606c0950417bee8811351e74bb8d93791061c4e37c7692,2025-02-18T19:15:25.220000 @@ -287922,6 +287923,7 @@ CVE-2025-2517,0,0,d5f18489614869649cdda48e18fead9184cb1c42970b5856b1c4b6d2f7bf53 CVE-2025-25170,0,0,10b2b5d5b1d8e09a883b23033bc8ac75abe37fde2151575888a21edb35483c78,2025-03-03T14:15:54.613000 CVE-2025-25175,0,0,57f52436a99f7fed27112577d2b540c306e155b82b661017f91c9191eec841c4,2025-03-13T09:15:14.123000 CVE-2025-25178,0,0,4d3495fd89869cab43d2d5601ae744320ec1fbb133f1b7ab10bcd79797aa78af,2025-04-15T15:16:07.543000 +CVE-2025-25179,1,1,0664ca98bae8342bf248103bce283686940031a025e1a3de5401f0969870563c,2025-06-02T05:15:20.160000 CVE-2025-2518,0,0,a8f5c8872d95d859608c7cfe7c532bd063803d6f530f9a6abeebcf860d42a83b,2025-05-30T16:31:03.107000 CVE-2025-25181,0,0,aebe0b9a6314ff7a9f4a4ab410e1c6b1bc48e96ec20a3daea50dbb87c370c597,2025-03-13T14:31:11.140000 CVE-2025-25182,0,0,6fd347398e5cc83c7bcf9c93dfa3366f2e8e0aced29c81495217dd5d01f504cd,2025-02-12T17:15:23.857000 @@ -293870,7 +293872,7 @@ CVE-2025-4089,0,0,505a4df56497bc3e08f2e58439684c838786761a96bd4da3f2b0e37b4fa97e CVE-2025-4090,0,0,7f9eabb4ad6772523e0c5f0a270166b4617494fcbb3075e75cc2736a0fa15b02,2025-05-09T19:32:34.333000 CVE-2025-40906,0,0,3bcd0a99f567a8c8c8c888444bf8652ce672ff26763dd9562ab4be9a1279c017,2025-05-19T13:35:50.497000 CVE-2025-40907,0,0,02479ee238b9c2c4380d00bd9d3c9ee05adf00f8c7961fd6f9263c931d94c687,2025-05-16T16:15:41.590000 -CVE-2025-40908,0,0,c44cfeeef6d66b76589d2ba6197e0366b615837a8f47723010484949715bf8dd,2025-06-01T14:15:21.113000 +CVE-2025-40908,0,1,9e6f7c01493ad7d898ae71483c9feee0a759fd2cb47de6da8eb69ddcf35d1f6b,2025-06-02T04:15:38.817000 CVE-2025-40909,0,0,18728e90d02bd071d5442765be38f7f39285eeeb0496c2d4d452027e8589c68c,2025-05-31T01:15:20.217000 CVE-2025-4091,0,0,798a4cccfe2006913bea941ae05240fec836c7335fe01bd824f887f2a82ba4a5,2025-05-09T19:32:09.470000 CVE-2025-40911,0,0,fcf4deedf6cc79e67d521479df45c4b1f5ac81bf8605fcf0e3b318f0c121b089,2025-05-28T15:01:30.720000 @@ -295834,6 +295836,8 @@ CVE-2025-4908,0,0,de60be5e9644ec87fb1afc243f75b0e5b1a22cdd347bf91d496fa5782bf1af CVE-2025-4909,0,0,2543aa084bfc859fe1a7a0558cc76c793b6ee9b986cb9885265313fc24749d9b,2025-05-28T13:08:14.173000 CVE-2025-4910,0,0,d0c7584b70570a0f60f72259e5222dec42c6f070aafbec7da031c0738cd595d2,2025-05-21T17:40:58.137000 CVE-2025-4911,0,0,8165f0d1dc1e78afded21e50626575112805e2ff63d8f266295fb56c02f3696f,2025-05-21T13:26:25.383000 +CVE-2025-49112,1,1,68b9f8ae8378455b94697490a4c9482a35ead35162dc1f57c6769030fa5d1d53,2025-06-02T05:15:21.277000 +CVE-2025-49113,1,1,358ac32f89451109a971e873fdac6b608e79e1801d399ebf53ee99796c6b9da4,2025-06-02T05:15:53.420000 CVE-2025-4912,0,0,952cc1697455c59886c397e61a80308747f6eedd0f377c0531d621b366fc5d7d,2025-05-21T17:41:21.063000 CVE-2025-4913,0,0,53b3af32223266d4fefa6288fa7668d3e6278e5d2f6f83bce997bdbd90d149c2,2025-05-19T17:37:22.390000 CVE-2025-4914,0,0,a988b116f09ba2a954362a47d883dbc77032cfbf0fc2d8366f3812d4ec746e85,2025-05-19T17:37:31.327000 @@ -296151,7 +296155,11 @@ CVE-2025-5412,0,0,e9d0b0fe7f8dcd8d841b570517b2744e7108e434c1576f843d0583c17dff96 CVE-2025-5420,0,0,23f0a84179be5b244145ce337dd03d4b33df7af9e256aa34033da4aaa616573f,2025-06-02T00:15:20.760000 CVE-2025-5421,0,0,e04d1c8c1c684dd46ee9eab5d434fcc4f2e7316a4d5a5798a296821536a9080f,2025-06-02T01:15:20.227000 CVE-2025-5422,0,0,c6ddc9557d9418c8a078a21758ae44655fb46a13caee8d31056ddf2a33d5c667,2025-06-02T01:15:20.437000 -CVE-2025-5423,1,1,5af918e3202c6319d4708fce7446e53f757e7df733a740dec64d67694f21cff5,2025-06-02T02:15:19.760000 -CVE-2025-5424,1,1,8846307422a1e70afaa4472c8339f8684a9ad79dc12a6b1e4401dcca541b4122,2025-06-02T03:15:25.360000 -CVE-2025-5425,1,1,be91d19736e14b87d2d7a8a21cf7155dfcdc6ebc2c74f44b7cabd08f35eb48eb,2025-06-02T03:15:25.537000 -CVE-2025-5426,1,1,57cb772d14527dbc6e6a63b12d5b01bad3ac902c3f8c60c73dd5ff0ee844eb33,2025-06-02T03:15:25.717000 +CVE-2025-5423,0,0,5af918e3202c6319d4708fce7446e53f757e7df733a740dec64d67694f21cff5,2025-06-02T02:15:19.760000 +CVE-2025-5424,0,0,8846307422a1e70afaa4472c8339f8684a9ad79dc12a6b1e4401dcca541b4122,2025-06-02T03:15:25.360000 +CVE-2025-5425,0,0,be91d19736e14b87d2d7a8a21cf7155dfcdc6ebc2c74f44b7cabd08f35eb48eb,2025-06-02T03:15:25.537000 +CVE-2025-5426,0,0,57cb772d14527dbc6e6a63b12d5b01bad3ac902c3f8c60c73dd5ff0ee844eb33,2025-06-02T03:15:25.717000 +CVE-2025-5427,1,1,7248241b6511e7dae2909aae008975c5e1d909b0fa9a2d42cb023cab3ad79f41,2025-06-02T04:15:44 +CVE-2025-5428,1,1,8e37e3d63a4fe3eb041bc551acaf6d51874f670999761815a63f3357c2185ba8,2025-06-02T04:15:44.977000 +CVE-2025-5429,1,1,d3b059787ffa7e06d4a4aef3851efbbfa5534e20659ffd5b3f55c63550568be6,2025-06-02T05:16:08.447000 +CVE-2025-5430,1,1,9c8ff751e513a786224c51fe5c3552be7b4d78ad672aaba460fa4a9f98a16c6a,2025-06-02T05:16:09.920000