admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-04-16T22:00:19.809240+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-04-16 22:03:53 +00:00
parent ce9022eb1a
commit bd48cfe7d8
56 changed files with 2508 additions and 381 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
CVE-2022/CVE-2022-465xx/CVE-2022-46536.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-46536",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-12-20T15:15:12.267",
"lastModified": "2024-11-21T07:30:41.320",
"lastModified": "2025-04-16T20:15:16.333",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-120"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [

39
CVE-2024/CVE-2024-400xx/CVE-2024-40068.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-40068",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T17:15:48.630",
"lastModified": "2025-04-16T17:15:48.630",
"lastModified": "2025-04-16T21:15:44.650",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -11,7 +11,42 @@
"value": "Sourcecodester Online ID Generator System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at id_generator/admin/?page=templates/manage_template&id=1."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.5,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/DiliLearngent/BugReport/blob/main/php/Online-ID-Generator-System/bug5-SQL-Injection-id2.md",

39
CVE-2024/CVE-2024-400xx/CVE-2024-40070.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-40070",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T17:15:48.847",
"lastModified": "2025-04-16T17:15:48.847",
"lastModified": "2025-04-16T21:15:45.217",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -11,7 +11,42 @@
"value": "Sourcecodester Online ID Generator System 1.0 was discovered to contain an arbitrary file upload vulnerability via id_generator/classes/Users.php?f=save. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.5,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"references": [
{
"url": "https://github.com/DiliLearngent/BugReport/blob/main/php/Online-ID-Generator-System/bug6-File-upload-img2.md",

39
CVE-2024/CVE-2024-533xx/CVE-2024-53304.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-53304",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T18:16:03.540",
"lastModified": "2025-04-16T18:16:03.540",
"lastModified": "2025-04-16T21:15:45.497",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -11,7 +11,42 @@
"value": "An issue in LRQA Nettitude PoshC2 after commit 09ee2cf allows unauthenticated attackers to connect to the C2 server and execute arbitrary commands via posing as an infected machine."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/fern89/3464e8428d7675e4f0f390a6b2b2842e",

39
CVE-2024/CVE-2024-533xx/CVE-2024-53305.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-53305",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T18:16:03.657",
"lastModified": "2025-04-16T18:16:03.657",
"lastModified": "2025-04-16T21:15:45.643",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -11,7 +11,42 @@
"value": "An issue in the component /models/config.py of Whoogle search v0.9.0 allows attackers to execute arbitrary code via supplying a crafted search query."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/fern89/ca5fe76ad81b4bc363e7341e523a1651",

21
CVE-2024/CVE-2024-553xx/CVE-2024-55371.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-55371",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T21:15:45.790",
"lastModified": "2025-04-16T21:15:45.790",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Wallos <= 2.38.2 has a file upload vulnerability in the restore backup function, which allows authenticated users to restore backups by uploading a ZIP file. The contents of the ZIP file are extracted on the server. This functionality enables an authenticated attacker (being an administrator is not required) to upload malicious files to the server. Once a web shell is installed, the attacker gains the ability to execute arbitrary commands."
}
],
"metrics": {},
"references": [
{
"url": "https://www.datafarm.co.th/blog/CVE-2024-55371-and-CVE-2024-55372-Malicious-File-Upload-to-RCE-in-Wallos-Application",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-553xx/CVE-2024-55372.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-55372",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T21:15:45.897",
"lastModified": "2025-04-16T21:15:45.897",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Wallos <=2.38.2 has a file upload vulnerability in the restore database function, which allows unauthenticated users to restore database by uploading a ZIP file. The contents of the ZIP file are extracted on the server. This functionality enables an unauthenticated attacker to upload malicious files to the server. Once a web shell is installed, the attacker gains the ability to execute arbitrary commands."
}
],
"metrics": {},
"references": [
{
"url": "https://www.datafarm.co.th/blog/CVE-2024-55371-and-CVE-2024-55372-Malicious-File-Upload-to-RCE-in-Wallos-Application",
"source": "cve@mitre.org"
}
]
}

16
CVE-2025/CVE-2025-215xx/CVE-2025-21578.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-21578",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2025-04-15T21:15:48.240",
"lastModified": "2025-04-16T13:25:59.640",
"lastModified": "2025-04-16T21:15:46.080",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "secalert_us@oracle.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
}
],
"references": [
{
"url": "https://www.oracle.com/security-alerts/cpuapr2025.html",

16
CVE-2025/CVE-2025-215xx/CVE-2025-21579.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-21579",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2025-04-15T21:15:53.233",
"lastModified": "2025-04-16T13:25:59.640",
"lastModified": "2025-04-16T21:15:46.193",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "secalert_us@oracle.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
}
],
"references": [
{
"url": "https://www.oracle.com/security-alerts/cpuapr2025.html",

16
CVE-2025/CVE-2025-215xx/CVE-2025-21580.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-21580",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2025-04-15T21:15:53.393",
"lastModified": "2025-04-16T13:25:59.640",
"lastModified": "2025-04-16T21:15:46.303",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "secalert_us@oracle.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
}
],
"references": [
{
"url": "https://www.oracle.com/security-alerts/cpuapr2025.html",

16
CVE-2025/CVE-2025-215xx/CVE-2025-21581.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-21581",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2025-04-15T21:15:53.557",
"lastModified": "2025-04-16T13:25:59.640",
"lastModified": "2025-04-16T21:15:46.413",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "secalert_us@oracle.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
}
],
"references": [
{
"url": "https://www.oracle.com/security-alerts/cpuapr2025.html",

16
CVE-2025/CVE-2025-215xx/CVE-2025-21582.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-21582",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2025-04-15T21:15:53.687",
"lastModified": "2025-04-16T13:25:59.640",
"lastModified": "2025-04-16T21:15:46.527",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "secalert_us@oracle.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [
{
"url": "https://www.oracle.com/security-alerts/cpuapr2025.html",

16
CVE-2025/CVE-2025-215xx/CVE-2025-21584.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-21584",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2025-04-15T21:15:53.910",
"lastModified": "2025-04-16T13:25:59.640",
"lastModified": "2025-04-16T20:15:16.947",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "secalert_us@oracle.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
}
],
"references": [
{
"url": "https://www.oracle.com/security-alerts/cpuapr2025.html",

16
CVE-2025/CVE-2025-215xx/CVE-2025-21585.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-21585",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2025-04-15T21:15:54.037",
"lastModified": "2025-04-16T13:25:59.640",
"lastModified": "2025-04-16T20:15:17.057",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "secalert_us@oracle.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
}
],
"references": [
{
"url": "https://www.oracle.com/security-alerts/cpuapr2025.html",

27
CVE-2025/CVE-2025-228xx/CVE-2025-22872.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-22872",
"sourceIdentifier": "security@golang.org",
"published": "2025-04-16T18:16:04.183",
"lastModified": "2025-04-16T18:16:04.183",
"lastModified": "2025-04-16T21:15:46.640",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -11,7 +11,30 @@
"value": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. <math>, <svg>, etc contexts)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.2,
"impactScore": 3.7
}
]
},
"references": [
{
"url": "https://go.dev/cl/662715",

6
CVE-2025/CVE-2025-244xx/CVE-2025-24421.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2025-24421",
"sourceIdentifier": "psirt@adobe.com",
"published": "2025-02-11T18:15:44.077",
"lastModified": "2025-04-15T17:15:39.150",
"vulnStatus": "Modified",
"lastModified": "2025-04-16T20:15:17.170",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could exploit this vulnerability to modify select data. Exploitation of this issue does not require user interaction"
"value": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could exploit this vulnerability to read select data. Exploitation of this issue does not require user interaction"
},
{
"lang": "es",

6
CVE-2025/CVE-2025-244xx/CVE-2025-24427.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2025-24427",
"sourceIdentifier": "psirt@adobe.com",
"published": "2025-02-11T18:15:45.223",
"lastModified": "2025-04-15T17:15:39.877",
"vulnStatus": "Modified",
"lastModified": "2025-04-16T20:15:17.313",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploitation of this issue does not require user interaction."
"value": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access. Exploitation of this issue does not require user interaction."
},
{
"lang": "es",

29
CVE-2025/CVE-2025-261xx/CVE-2025-26153.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2025-26153",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T21:15:46.770",
"lastModified": "2025-04-16T21:15:46.770",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Stored XSS vulnerability exists in the message compose feature of Chamilo LMS 1.11.28. Attackers can inject malicious scripts into messages, which execute when victims, such as administrators, reply to the message."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/NoSpaceAvailable/234acdf57b5d7b29b2f39090c1686bc8",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/chamilo/chamilo-lms/commit/beb07770d674fcc9db6df0e59aab107678c28682",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/chamilo/chamilo-lms/commit/d5c29cf39ac30d7364a52bba4036c3e870412066",
"source": "cve@mitre.org"
}
]
}

21
CVE-2025/CVE-2025-280xx/CVE-2025-28072.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2025-28072",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T21:15:46.883",
"lastModified": "2025-04-16T21:15:46.883",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PHPGurukul Pre-School Enrollment System is vulnerable to Directory Traversal in manage-teachers.php."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/baixiaobi/TST/blob/main/README.md",
"source": "cve@mitre.org"
}
]
}

56
CVE-2025/CVE-2025-296xx/CVE-2025-29648.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-29648",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T20:15:17.460",
"lastModified": "2025-04-16T21:15:46.993",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL Injection vulnerability exists in the TP-Link EAP120 router s login dashboard (version 1.0), allowing an unauthenticated attacker to inject malicious SQL statements via the login fields."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/TheVeteran1/Vulnerability-Research/blob/main/CVE-2025-29648",
"source": "cve@mitre.org"
}
]
}

56
CVE-2025/CVE-2025-296xx/CVE-2025-29649.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-29649",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T20:15:17.563",
"lastModified": "2025-04-16T21:15:47.147",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL Injection vulnerability exists in the TP-Link TL-WR840N router s login dashboard (version 1.0), allowing an unauthenticated attacker to inject malicious SQL statements via the username and password fields."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/TheVeteran1/Vulnerability-Research/blob/main/CVE-2025-29649",
"source": "cve@mitre.org"
}
]
}

56
CVE-2025/CVE-2025-296xx/CVE-2025-29650.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-29650",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T20:15:17.663",
"lastModified": "2025-04-16T21:15:47.307",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL Injection vulnerability exists in the TP-Link M7200 4G LTE Mobile Wi-Fi Router Firmware Version: 1.0.7 Build 180127 Rel.55998n, allowing an unauthenticated attacker to inject malicious SQL statements via the username and password fields."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/TheVeteran1/Vulnerability-Research/blob/main/CVE-2025-29650",
"source": "cve@mitre.org"
}
]
}

21
CVE-2025/CVE-2025-296xx/CVE-2025-29651.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2025-29651",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T20:15:17.760",
"lastModified": "2025-04-16T20:15:17.760",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL Injection vulnerability exists in the TP-Link M7650 4G LTE Mobile Wi-Fi Router Firmware Version: 1.0.7 Build 170623 Rel.1022n, allowing an unauthenticated attacker to inject malicious SQL statements via the username and password fields."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/TheVeteran1/Vulnerability-Research/blob/main/CVE-2025-29651",
"source": "cve@mitre.org"
}
]
}

21
CVE-2025/CVE-2025-296xx/CVE-2025-29652.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2025-29652",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T20:15:17.860",
"lastModified": "2025-04-16T20:15:17.860",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL Injection vulnerability exists in the TP-Link M7000 4G LTE Mobile Wi-Fi Router Firmware Version: 1.0.7 Build 180127 Rel.55998n, allowing an unauthenticated attacker to inject malicious SQL statements via the username and password fields"
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/TheVeteran1/Vulnerability-Research/blob/main/CVE-2025-29652",
"source": "cve@mitre.org"
}
]
}

21
CVE-2025/CVE-2025-296xx/CVE-2025-29653.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2025-29653",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T20:15:17.963",
"lastModified": "2025-04-16T20:15:17.963",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL Injection vulnerability exists in the TP-Link M7450 4G LTE Mobile Wi-Fi Router Firmware Version: 1.0.2 Build 170306 Rel.1015n, allowing an unauthenticated attacker to inject malicious SQL statements via the username and password fields."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/TheVeteran1/Vulnerability-Research/blob/main/CVE-2025-29653",
"source": "cve@mitre.org"
}
]
}

25
CVE-2025/CVE-2025-297xx/CVE-2025-29708.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2025-29708",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T21:15:47.460",
"lastModified": "2025-04-16T21:15:47.460",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SourceCodester Company Website CMS 1.0 contains a file upload vulnerability via the \"Create Services\" file /dashboard/Services."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/fupanc-w1n/fupanc/blob/main/php/CVE-2025-29708.md",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/fupanc-w1n/fupanc/blob/main/php/Company%20Website%20CMS1.md",
"source": "cve@mitre.org"
}
]
}

25
CVE-2025/CVE-2025-297xx/CVE-2025-29709.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2025-29709",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T21:15:47.570",
"lastModified": "2025-04-16T21:15:47.570",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SourceCodester Company Website CMS 1.0 has a File upload vulnerability via the \"Create portfolio\" file /dashboard/portfolio."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/fupanc-w1n/fupanc/blob/main/php/CVE-2025-29709.md",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/fupanc-w1n/fupanc/blob/main/php/Company%20Website%20CMS2.md",
"source": "cve@mitre.org"
}
]
}

25
CVE-2025/CVE-2025-297xx/CVE-2025-29710.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2025-29710",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T21:15:47.673",
"lastModified": "2025-04-16T21:15:47.673",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SourceCodester Company Website CMS 1.0 is vulnerable to Cross Site Scripting (XSS) via /dashboard/Services."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/fupanc-w1n/fupanc/blob/main/php/CVE-2025-29710.md",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/fupanc-w1n/fupanc/blob/main/php/Company%20Website%20CMS3.md",
"source": "cve@mitre.org"
}
]
}

16
CVE-2025/CVE-2025-306xx/CVE-2025-30682.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-30682",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2025-04-15T21:15:57.347",
"lastModified": "2025-04-16T13:25:59.640",
"lastModified": "2025-04-16T20:15:18.057",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "secalert_us@oracle.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
}
],
"references": [
{
"url": "https://www.oracle.com/security-alerts/cpuapr2025.html",

16
CVE-2025/CVE-2025-306xx/CVE-2025-30694.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-30694",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2025-04-15T21:15:58.697",
"lastModified": "2025-04-16T13:25:59.640",
"lastModified": "2025-04-16T20:15:18.170",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "secalert_us@oracle.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://www.oracle.com/security-alerts/cpuapr2025.html",

16
CVE-2025/CVE-2025-306xx/CVE-2025-30695.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-30695",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2025-04-15T21:15:58.810",
"lastModified": "2025-04-16T13:25:59.640",
"lastModified": "2025-04-16T20:15:18.283",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "secalert_us@oracle.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://www.oracle.com/security-alerts/cpuapr2025.html",

16
CVE-2025/CVE-2025-306xx/CVE-2025-30697.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-30697",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2025-04-15T21:15:59.030",
"lastModified": "2025-04-16T13:25:59.640",
"lastModified": "2025-04-16T20:15:18.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "secalert_us@oracle.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://www.oracle.com/security-alerts/cpuapr2025.html",

16
CVE-2025/CVE-2025-306xx/CVE-2025-30699.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-30699",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2025-04-15T21:15:59.247",
"lastModified": "2025-04-16T13:25:59.640",
"lastModified": "2025-04-16T20:15:18.507",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "secalert_us@oracle.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://www.oracle.com/security-alerts/cpuapr2025.html",

16
CVE-2025/CVE-2025-307xx/CVE-2025-30700.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-30700",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2025-04-15T21:15:59.357",
"lastModified": "2025-04-16T13:25:59.640",
"lastModified": "2025-04-16T20:15:18.620",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "secalert_us@oracle.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://www.oracle.com/security-alerts/cpuapr2025.html",

16
CVE-2025/CVE-2025-307xx/CVE-2025-30707.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-30707",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2025-04-15T21:16:00.163",
"lastModified": "2025-04-16T13:25:59.640",
"lastModified": "2025-04-16T20:15:18.743",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "secalert_us@oracle.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://www.oracle.com/security-alerts/cpuapr2025.html",

16
CVE-2025/CVE-2025-307xx/CVE-2025-30709.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-30709",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2025-04-15T21:16:00.420",
"lastModified": "2025-04-16T13:25:59.640",
"lastModified": "2025-04-16T20:15:18.853",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "secalert_us@oracle.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://www.oracle.com/security-alerts/cpuapr2025.html",

16
CVE-2025/CVE-2025-307xx/CVE-2025-30710.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-30710",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2025-04-15T21:16:00.527",
"lastModified": "2025-04-16T13:25:59.640",
"lastModified": "2025-04-16T20:15:18.967",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "secalert_us@oracle.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://www.oracle.com/security-alerts/cpuapr2025.html",

56
CVE-2025/CVE-2025-328xx/CVE-2025-32817.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-32817",
"sourceIdentifier": "PSIRT@sonicwall.com",
"published": "2025-04-16T20:15:19.077",
"lastModified": "2025-04-16T21:15:47.780",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Improper Link Resolution vulnerability (CWE-59) in the SonicWall Connect Tunnel Windows (32 and 64 bit) client, this results in unauthorized file overwrite, potentially leading to denial of service or file corruption."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "PSIRT@sonicwall.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-59"
}
]
}
],
"references": [
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0007",
"source": "PSIRT@sonicwall.com"
}
]
}

37
CVE-2025/CVE-2025-36xx/CVE-2025-3619.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2025-3619",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2025-04-16T21:15:47.920",
"lastModified": "2025-04-16T21:15:47.920",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap buffer overflow in Codecs in Google Chrome on Windows prior to 135.0.7049.95 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)"
}
],
"metrics": {},
"weaknesses": [
{
"source": "chrome-cve-admin@google.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_15.html",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://issues.chromium.org/issues/409619251",
"source": "chrome-cve-admin@google.com"
}
]
}

37
CVE-2025/CVE-2025-36xx/CVE-2025-3620.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2025-3620",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2025-04-16T21:15:48.027",
"lastModified": "2025-04-16T21:15:48.027",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use after free in USB in Google Chrome prior to 135.0.7049.95 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
],
"metrics": {},
"weaknesses": [
{
"source": "chrome-cve-admin@google.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_15.html",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://issues.chromium.org/issues/405292639",
"source": "chrome-cve-admin@google.com"
}
]
}

14
CVE-2025/CVE-2025-36xx/CVE-2025-3679.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-3679",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-16T10:15:15.290",
"lastModified": "2025-04-16T13:25:37.340",
"lastModified": "2025-04-16T20:15:19.250",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in PCMan FTP Server 2.0.7. Affected is an unknown function of the component HOST Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad clasificada como cr\u00edtica en PCMan FTP Server 2.0.7. Se ve afectada una funci\u00f3n desconocida del componente HOST Command Handler. La manipulaci\u00f3n provoca un desbordamiento del b\u00fafer. Es posible ejecutar el ataque de forma remota. Se ha hecho p\u00fablico el exploit y puede que sea utilizado."
}
],
"metrics": {
@ -59,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +111,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -136,6 +140,10 @@
{
"url": "https://vuldb.com/?submit.552787",
"source": "cna@vuldb.com"
},
{
"url": "https://fitoxs.com/exploit/exploit-42ef6503a06aafc10808fa38b9e2e8f7.txt",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

10
CVE-2025/CVE-2025-36xx/CVE-2025-3680.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-3680",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-16T10:15:15.483",
"lastModified": "2025-04-16T13:25:37.340",
"lastModified": "2025-04-16T20:15:19.350",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -59,7 +59,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +107,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -136,6 +136,10 @@
{
"url": "https://vuldb.com/?submit.552788",
"source": "cna@vuldb.com"
},
{
"url": "https://fitoxs.com/exploit/exploit-4fcbb45637a8c2a83ec4e285bdf44ef4.txt",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

10
CVE-2025/CVE-2025-36xx/CVE-2025-3681.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-3681",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-16T10:15:15.647",
"lastModified": "2025-04-16T13:25:37.340",
"lastModified": "2025-04-16T20:15:19.460",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -59,7 +59,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +107,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -136,6 +136,10 @@
{
"url": "https://vuldb.com/?submit.552789",
"source": "cna@vuldb.com"
},
{
"url": "https://fitoxs.com/exploit/exploit-f2dbb39791fbe7e94d805312769e84cb.txt",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

10
CVE-2025/CVE-2025-36xx/CVE-2025-3682.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-3682",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-16T11:15:43.237",
"lastModified": "2025-04-16T13:25:37.340",
"lastModified": "2025-04-16T20:15:19.570",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -59,7 +59,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +107,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -136,6 +136,10 @@
{
"url": "https://vuldb.com/?submit.552790",
"source": "cna@vuldb.com"
},
{
"url": "https://fitoxs.com/exploit/exploit-e3b0c44298fc1c149afbf4c8996fb924.txt",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

10
CVE-2025/CVE-2025-36xx/CVE-2025-3683.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-3683",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-16T11:15:43.393",
"lastModified": "2025-04-16T13:25:37.340",
"lastModified": "2025-04-16T20:15:19.670",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -59,7 +59,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +107,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -136,6 +136,10 @@
{
"url": "https://vuldb.com/?submit.552791",
"source": "cna@vuldb.com"
},
{
"url": "https://fitoxs.com/exploit/exploit-5f4dcc3b5aa765d61d8327deb882cf99.txt",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

141
CVE-2025/CVE-2025-37xx/CVE-2025-3723.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-3723",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-16T20:15:19.777",
"lastModified": "2025-04-16T20:15:19.777",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in PCMan FTP Server 2.0.7 and classified as critical. This issue affects some unknown processing of the component MDTM Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://fitoxs.com/exploit/exploit-d41d8cd98f00b204e9800998ecf8427e.txt",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.305069",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.305069",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.552796",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2025/CVE-2025-37xx/CVE-2025-3724.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-3724",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-16T20:15:19.960",
"lastModified": "2025-04-16T20:15:19.960",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in PCMan FTP Server 2.0.7. It has been classified as critical. Affected is an unknown function of the component DIR Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://fitoxs.com/exploit/exploit-21232f297a57a5a743894a0e4a801fc3.txt",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.305070",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.305070",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.552808",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2025/CVE-2025-37xx/CVE-2025-3725.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-3725",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-16T20:15:20.123",
"lastModified": "2025-04-16T20:15:20.123",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in PCMan FTP Server 2.0.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component MIC Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://fitoxs.com/exploit/exploit-827ccb0eea8a706c4c34a16891f84e7b.txt",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.305071",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.305071",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.552814",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2025/CVE-2025-37xx/CVE-2025-3726.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-3726",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-16T20:15:20.283",
"lastModified": "2025-04-16T20:15:20.283",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in PCMan FTP Server 2.0.7. It has been rated as critical. Affected by this issue is some unknown functionality of the component CD Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://fitoxs.com/exploit/exploit-900150983cd24fb0d6963f7d28e17f72.txt",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.305072",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.305072",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.552815",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2025/CVE-2025-37xx/CVE-2025-3727.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-3727",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-16T21:15:48.203",
"lastModified": "2025-04-16T21:15:48.203",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in PCMan FTP Server 2.0.7. This affects an unknown part of the component STATUS Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://fitoxs.com/exploit/exploit-5ebe2294ecd0e0f08eab7690d2a6ee69.txt",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.305073",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.305073",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.552816",
"source": "cna@vuldb.com"
}
]
}

145
CVE-2025/CVE-2025-37xx/CVE-2025-3728.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-3728",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-16T21:15:48.363",
"lastModified": "2025-04-16T21:15:48.363",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in SourceCodester Simple Hotel Booking System 1.0. This vulnerability affects the function Login. The manipulation of the argument uname leads to buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 4.3,
"accessVector": "LOCAL",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 3.1,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://github.com/eeeee-vul/CVE/issues/3",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.305074",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.305074",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.553627",
"source": "cna@vuldb.com"
},
{
"url": "https://www.sourcecodester.com/",
"source": "cna@vuldb.com"
}
]
}

145
CVE-2025/CVE-2025-37xx/CVE-2025-3729.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-3729",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-16T21:15:48.537",
"lastModified": "2025-04-16T21:15:48.537",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in SourceCodester Web-based Pharmacy Product Management System 1.0. This issue affects some unknown processing of the file backup.php of the component Database Backup Handler. The manipulation of the argument txtdbname leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
},
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://github.com/yaklang/IRifyScanResult/blob/main/Web-based%20Pharmacy%20Product%20Management%20System/rce_in_backup.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.305075",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.305075",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.553631",
"source": "cna@vuldb.com"
},
{
"url": "https://www.sourcecodester.com/",
"source": "cna@vuldb.com"
}
]
}

149
CVE-2025/CVE-2025-37xx/CVE-2025-3730.json Normal file
View File

@ -0,0 +1,149 @@
{
"id": "CVE-2025-3730",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-16T21:15:48.700",
"lastModified": "2025-04-16T21:15:48.700",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, was found in PyTorch 2.6.0. Affected is the function torch.nn.functional.ctc_loss of the file aten/src/ATen/native/LossCTC.cpp. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The name of the patch is 46fc5d8e360127361211cb237d5f9eef0223e567. It is recommended to apply a patch to fix this issue."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P",
"baseScore": 1.7,
"accessVector": "LOCAL",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "LOW",
"exploitabilityScore": 3.1,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-404"
}
]
}
],
"references": [
{
"url": "https://github.com/pytorch/pytorch/issues/150835",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/pytorch/pytorch/issues/150835#issue-2979082232",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/pytorch/pytorch/pull/150981",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/timocafe/tewart-pytorch/commit/46fc5d8e360127361211cb237d5f9eef0223e567",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.305076",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.305076",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.553645",
"source": "cna@vuldb.com"
}
]
}

27
CVE-2025/CVE-2025-37xx/CVE-2025-3733.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-3733",
"sourceIdentifier": "mlhess@drupal.org",
"published": "2025-04-16T17:15:49.840",
"lastModified": "2025-04-16T17:15:49.840",
"lastModified": "2025-04-16T21:15:48.873",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -11,7 +11,30 @@
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal baguetteBox.Js allows Cross-Site Scripting (XSS).This issue affects baguetteBox.Js: from 0.0.0 before 2.0.4, from 3.0.0 before 3.0.1."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.2,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "mlhess@drupal.org",

109
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-04-16T20:00:20.985704+00:00
2025-04-16T22:00:19.809240+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-04-16T19:57:31.797000+00:00
2025-04-16T21:15:48.873000+00:00
```
### Last Data Feed Release
@ -33,69 +33,68 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
290430
290454
```
### CVEs added in the last Commit
Recently added CVEs: `75`
Recently added CVEs: `24`
- [CVE-2025-32849](CVE-2025/CVE-2025-328xx/CVE-2025-32849.json) (`2025-04-16T18:16:14.723`)
- [CVE-2025-32850](CVE-2025/CVE-2025-328xx/CVE-2025-32850.json) (`2025-04-16T18:16:14.930`)
- [CVE-2025-32851](CVE-2025/CVE-2025-328xx/CVE-2025-32851.json) (`2025-04-16T18:16:15.143`)
- [CVE-2025-32852](CVE-2025/CVE-2025-328xx/CVE-2025-32852.json) (`2025-04-16T18:16:15.333`)
- [CVE-2025-32853](CVE-2025/CVE-2025-328xx/CVE-2025-32853.json) (`2025-04-16T18:16:15.497`)
- [CVE-2025-32854](CVE-2025/CVE-2025-328xx/CVE-2025-32854.json) (`2025-04-16T18:16:15.660`)
- [CVE-2025-32855](CVE-2025/CVE-2025-328xx/CVE-2025-32855.json) (`2025-04-16T18:16:15.853`)
- [CVE-2025-32856](CVE-2025/CVE-2025-328xx/CVE-2025-32856.json) (`2025-04-16T18:16:16.023`)
- [CVE-2025-32857](CVE-2025/CVE-2025-328xx/CVE-2025-32857.json) (`2025-04-16T18:16:16.403`)
- [CVE-2025-32858](CVE-2025/CVE-2025-328xx/CVE-2025-32858.json) (`2025-04-16T18:16:16.663`)
- [CVE-2025-32859](CVE-2025/CVE-2025-328xx/CVE-2025-32859.json) (`2025-04-16T18:16:16.837`)
- [CVE-2025-32860](CVE-2025/CVE-2025-328xx/CVE-2025-32860.json) (`2025-04-16T18:16:17.020`)
- [CVE-2025-32861](CVE-2025/CVE-2025-328xx/CVE-2025-32861.json) (`2025-04-16T18:16:17.193`)
- [CVE-2025-32862](CVE-2025/CVE-2025-328xx/CVE-2025-32862.json) (`2025-04-16T18:16:17.367`)
- [CVE-2025-32863](CVE-2025/CVE-2025-328xx/CVE-2025-32863.json) (`2025-04-16T18:16:17.527`)
- [CVE-2025-32864](CVE-2025/CVE-2025-328xx/CVE-2025-32864.json) (`2025-04-16T18:16:17.693`)
- [CVE-2025-32865](CVE-2025/CVE-2025-328xx/CVE-2025-32865.json) (`2025-04-16T18:16:17.853`)
- [CVE-2025-32866](CVE-2025/CVE-2025-328xx/CVE-2025-32866.json) (`2025-04-16T18:16:18.020`)
- [CVE-2025-32867](CVE-2025/CVE-2025-328xx/CVE-2025-32867.json) (`2025-04-16T18:16:18.197`)
- [CVE-2025-32868](CVE-2025/CVE-2025-328xx/CVE-2025-32868.json) (`2025-04-16T18:16:18.390`)
- [CVE-2025-32869](CVE-2025/CVE-2025-328xx/CVE-2025-32869.json) (`2025-04-16T18:16:18.577`)
- [CVE-2025-32870](CVE-2025/CVE-2025-328xx/CVE-2025-32870.json) (`2025-04-16T18:16:18.767`)
- [CVE-2025-32871](CVE-2025/CVE-2025-328xx/CVE-2025-32871.json) (`2025-04-16T18:16:18.943`)
- [CVE-2025-32872](CVE-2025/CVE-2025-328xx/CVE-2025-32872.json) (`2025-04-16T18:16:19.303`)
- [CVE-2025-39472](CVE-2025/CVE-2025-394xx/CVE-2025-39472.json) (`2025-04-16T18:16:19.610`)
- [CVE-2024-55371](CVE-2024/CVE-2024-553xx/CVE-2024-55371.json) (`2025-04-16T21:15:45.790`)
- [CVE-2024-55372](CVE-2024/CVE-2024-553xx/CVE-2024-55372.json) (`2025-04-16T21:15:45.897`)
- [CVE-2025-26153](CVE-2025/CVE-2025-261xx/CVE-2025-26153.json) (`2025-04-16T21:15:46.770`)
- [CVE-2025-28072](CVE-2025/CVE-2025-280xx/CVE-2025-28072.json) (`2025-04-16T21:15:46.883`)
- [CVE-2025-29648](CVE-2025/CVE-2025-296xx/CVE-2025-29648.json) (`2025-04-16T20:15:17.460`)
- [CVE-2025-29649](CVE-2025/CVE-2025-296xx/CVE-2025-29649.json) (`2025-04-16T20:15:17.563`)
- [CVE-2025-29650](CVE-2025/CVE-2025-296xx/CVE-2025-29650.json) (`2025-04-16T20:15:17.663`)
- [CVE-2025-29651](CVE-2025/CVE-2025-296xx/CVE-2025-29651.json) (`2025-04-16T20:15:17.760`)
- [CVE-2025-29652](CVE-2025/CVE-2025-296xx/CVE-2025-29652.json) (`2025-04-16T20:15:17.860`)
- [CVE-2025-29653](CVE-2025/CVE-2025-296xx/CVE-2025-29653.json) (`2025-04-16T20:15:17.963`)
- [CVE-2025-29708](CVE-2025/CVE-2025-297xx/CVE-2025-29708.json) (`2025-04-16T21:15:47.460`)
- [CVE-2025-29709](CVE-2025/CVE-2025-297xx/CVE-2025-29709.json) (`2025-04-16T21:15:47.570`)
- [CVE-2025-29710](CVE-2025/CVE-2025-297xx/CVE-2025-29710.json) (`2025-04-16T21:15:47.673`)
- [CVE-2025-32817](CVE-2025/CVE-2025-328xx/CVE-2025-32817.json) (`2025-04-16T20:15:19.077`)
- [CVE-2025-3619](CVE-2025/CVE-2025-36xx/CVE-2025-3619.json) (`2025-04-16T21:15:47.920`)
- [CVE-2025-3620](CVE-2025/CVE-2025-36xx/CVE-2025-3620.json) (`2025-04-16T21:15:48.027`)
- [CVE-2025-3723](CVE-2025/CVE-2025-37xx/CVE-2025-3723.json) (`2025-04-16T20:15:19.777`)
- [CVE-2025-3724](CVE-2025/CVE-2025-37xx/CVE-2025-3724.json) (`2025-04-16T20:15:19.960`)
- [CVE-2025-3725](CVE-2025/CVE-2025-37xx/CVE-2025-3725.json) (`2025-04-16T20:15:20.123`)
- [CVE-2025-3726](CVE-2025/CVE-2025-37xx/CVE-2025-3726.json) (`2025-04-16T20:15:20.283`)
- [CVE-2025-3727](CVE-2025/CVE-2025-37xx/CVE-2025-3727.json) (`2025-04-16T21:15:48.203`)
- [CVE-2025-3728](CVE-2025/CVE-2025-37xx/CVE-2025-3728.json) (`2025-04-16T21:15:48.363`)
- [CVE-2025-3729](CVE-2025/CVE-2025-37xx/CVE-2025-3729.json) (`2025-04-16T21:15:48.537`)
- [CVE-2025-3730](CVE-2025/CVE-2025-37xx/CVE-2025-3730.json) (`2025-04-16T21:15:48.700`)
### CVEs modified in the last Commit
Recently modified CVEs: `158`
Recently modified CVEs: `30`
- [CVE-2024-46647](CVE-2024/CVE-2024-466xx/CVE-2024-46647.json) (`2025-04-16T19:24:47.270`)
- [CVE-2024-46648](CVE-2024/CVE-2024-466xx/CVE-2024-46648.json) (`2025-04-16T19:18:01.420`)
- [CVE-2024-46649](CVE-2024/CVE-2024-466xx/CVE-2024-46649.json) (`2025-04-16T19:17:33.750`)
- [CVE-2024-49200](CVE-2024/CVE-2024-492xx/CVE-2024-49200.json) (`2025-04-16T19:15:52.470`)
- [CVE-2024-50064](CVE-2024/CVE-2024-500xx/CVE-2024-50064.json) (`2025-04-16T19:15:52.623`)
- [CVE-2024-56736](CVE-2024/CVE-2024-567xx/CVE-2024-56736.json) (`2025-04-16T18:16:03.783`)
- [CVE-2024-56744](CVE-2024/CVE-2024-567xx/CVE-2024-56744.json) (`2025-04-16T19:15:52.783`)
- [CVE-2025-20236](CVE-2025/CVE-2025-202xx/CVE-2025-20236.json) (`2025-04-16T18:16:04.037`)
- [CVE-2025-21176](CVE-2025/CVE-2025-211xx/CVE-2025-21176.json) (`2025-04-16T19:44:45.977`)
- [CVE-2025-21693](CVE-2025/CVE-2025-216xx/CVE-2025-21693.json) (`2025-04-16T19:15:52.933`)
- [CVE-2025-21860](CVE-2025/CVE-2025-218xx/CVE-2025-21860.json) (`2025-04-16T19:15:53.090`)
- [CVE-2025-21907](CVE-2025/CVE-2025-219xx/CVE-2025-21907.json) (`2025-04-16T19:15:53.203`)
- [CVE-2025-22903](CVE-2025/CVE-2025-229xx/CVE-2025-22903.json) (`2025-04-16T19:15:53.300`)
- [CVE-2025-22911](CVE-2025/CVE-2025-229xx/CVE-2025-22911.json) (`2025-04-16T19:15:53.447`)
- [CVE-2025-23053](CVE-2025/CVE-2025-230xx/CVE-2025-23053.json) (`2025-04-16T18:48:12.467`)
- [CVE-2025-23054](CVE-2025/CVE-2025-230xx/CVE-2025-23054.json) (`2025-04-16T18:48:06.840`)
- [CVE-2025-25453](CVE-2025/CVE-2025-254xx/CVE-2025-25453.json) (`2025-04-16T19:15:53.603`)
- [CVE-2025-25458](CVE-2025/CVE-2025-254xx/CVE-2025-25458.json) (`2025-04-16T19:15:53.750`)
- [CVE-2025-27892](CVE-2025/CVE-2025-278xx/CVE-2025-27892.json) (`2025-04-16T19:15:53.907`)
- [CVE-2025-29213](CVE-2025/CVE-2025-292xx/CVE-2025-29213.json) (`2025-04-16T19:15:54.063`)
- [CVE-2025-29471](CVE-2025/CVE-2025-294xx/CVE-2025-29471.json) (`2025-04-16T19:15:54.220`)
- [CVE-2025-30683](CVE-2025/CVE-2025-306xx/CVE-2025-30683.json) (`2025-04-16T19:15:54.427`)
- [CVE-2025-30684](CVE-2025/CVE-2025-306xx/CVE-2025-30684.json) (`2025-04-16T18:16:05.883`)
- [CVE-2025-3684](CVE-2025/CVE-2025-36xx/CVE-2025-3684.json) (`2025-04-16T19:15:55.000`)
- [CVE-2025-3734](CVE-2025/CVE-2025-37xx/CVE-2025-3734.json) (`2025-04-16T18:16:19.783`)
- [CVE-2025-21578](CVE-2025/CVE-2025-215xx/CVE-2025-21578.json) (`2025-04-16T21:15:46.080`)
- [CVE-2025-21579](CVE-2025/CVE-2025-215xx/CVE-2025-21579.json) (`2025-04-16T21:15:46.193`)
- [CVE-2025-21580](CVE-2025/CVE-2025-215xx/CVE-2025-21580.json) (`2025-04-16T21:15:46.303`)
- [CVE-2025-21581](CVE-2025/CVE-2025-215xx/CVE-2025-21581.json) (`2025-04-16T21:15:46.413`)
- [CVE-2025-21582](CVE-2025/CVE-2025-215xx/CVE-2025-21582.json) (`2025-04-16T21:15:46.527`)
- [CVE-2025-21584](CVE-2025/CVE-2025-215xx/CVE-2025-21584.json) (`2025-04-16T20:15:16.947`)
- [CVE-2025-21585](CVE-2025/CVE-2025-215xx/CVE-2025-21585.json) (`2025-04-16T20:15:17.057`)
- [CVE-2025-22872](CVE-2025/CVE-2025-228xx/CVE-2025-22872.json) (`2025-04-16T21:15:46.640`)
- [CVE-2025-24421](CVE-2025/CVE-2025-244xx/CVE-2025-24421.json) (`2025-04-16T20:15:17.170`)
- [CVE-2025-24427](CVE-2025/CVE-2025-244xx/CVE-2025-24427.json) (`2025-04-16T20:15:17.313`)
- [CVE-2025-30682](CVE-2025/CVE-2025-306xx/CVE-2025-30682.json) (`2025-04-16T20:15:18.057`)
- [CVE-2025-30694](CVE-2025/CVE-2025-306xx/CVE-2025-30694.json) (`2025-04-16T20:15:18.170`)
- [CVE-2025-30695](CVE-2025/CVE-2025-306xx/CVE-2025-30695.json) (`2025-04-16T20:15:18.283`)
- [CVE-2025-30697](CVE-2025/CVE-2025-306xx/CVE-2025-30697.json) (`2025-04-16T20:15:18.393`)
- [CVE-2025-30699](CVE-2025/CVE-2025-306xx/CVE-2025-30699.json) (`2025-04-16T20:15:18.507`)
- [CVE-2025-30700](CVE-2025/CVE-2025-307xx/CVE-2025-30700.json) (`2025-04-16T20:15:18.620`)
- [CVE-2025-30707](CVE-2025/CVE-2025-307xx/CVE-2025-30707.json) (`2025-04-16T20:15:18.743`)
- [CVE-2025-30709](CVE-2025/CVE-2025-307xx/CVE-2025-30709.json) (`2025-04-16T20:15:18.853`)
- [CVE-2025-30710](CVE-2025/CVE-2025-307xx/CVE-2025-30710.json) (`2025-04-16T20:15:18.967`)
- [CVE-2025-3679](CVE-2025/CVE-2025-36xx/CVE-2025-3679.json) (`2025-04-16T20:15:19.250`)
- [CVE-2025-3680](CVE-2025/CVE-2025-36xx/CVE-2025-3680.json) (`2025-04-16T20:15:19.350`)
- [CVE-2025-3681](CVE-2025/CVE-2025-36xx/CVE-2025-3681.json) (`2025-04-16T20:15:19.460`)
- [CVE-2025-3682](CVE-2025/CVE-2025-36xx/CVE-2025-3682.json) (`2025-04-16T20:15:19.570`)
- [CVE-2025-3683](CVE-2025/CVE-2025-36xx/CVE-2025-3683.json) (`2025-04-16T20:15:19.670`)
- [CVE-2025-3733](CVE-2025/CVE-2025-37xx/CVE-2025-3733.json) (`2025-04-16T21:15:48.873`)
## Download and Usage

544
_state.csv
View File

File diff suppressed because it is too large Load Diff