admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 11:07:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-04-04T08:00:20.205934+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-04-04 08:04:00 +00:00
parent 475746b846
commit be70a84ca5
22 changed files with 1807 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
CVE-2024/CVE-2024-136xx/CVE-2024-13645.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-13645",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-04-04T06:15:39.623",
"lastModified": "2025-04-04T06:15:39.623",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The tagDiv Composer plugin for WordPress is vulnerable to PHP Object Instantiation in all versions up to, and including, 5.3 via module parameter. This makes it possible for unauthenticated attackers to Instantiate a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://tagdiv.com/tagdiv-composer-page-builder-basics/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4124003c-4864-48f1-acba-9a613d9c99ae?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-137xx/CVE-2024-13708.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-13708",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-04-04T06:15:39.847",
"lastModified": "2025-04-04T06:15:39.847",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Booster for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in versions 4.0.1 to 7.2.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/woocommerce-jetpack/trunk/includes/class-wcj-checkout-files-upload.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f58b3971-e1e4-4337-82a3-99c9079c6696?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-138xx/CVE-2024-13898.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-13898",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-04-04T06:15:40.013",
"lastModified": "2025-04-04T06:15:40.013",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Simple Banner \u2013 Easily add multiple Banners/Bars/Notifications/Announcements to the top or bottom of your website plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3264130%40simple-banner%2Ftrunk&old=3210193%40simple-banner%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6a2dea28-14cf-4e83-ac72-efc7c97ecf54?source=cve",
"source": "security@wordfence.com"
}
]
}

56
CVE-2024/CVE-2024-422xx/CVE-2024-42208.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-42208",
"sourceIdentifier": "psirt@hcl.com",
"published": "2025-04-04T06:15:40.183",
"lastModified": "2025-04-04T06:15:40.183",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@hcl.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"baseScore": 3.5,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@hcl.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0120347",
"source": "psirt@hcl.com"
}
]
}

78
CVE-2025/CVE-2025-21xx/CVE-2025-2159.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2025-2159",
"sourceIdentifier": "security@m-files.com",
"published": "2025-04-04T06:15:40.347",
"lastModified": "2025-04-04T06:15:40.347",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stored XSS in Desktop UI in M-Files Server Admin tool before version 25.3.14681.7 on Windows allows authenticated local user to run scripts via UI"
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security@m-files.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "ACTIVE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security@m-files.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://product.m-files.com/security-advisories/cve-2025-2159/",
"source": "security@m-files.com"
}
]
}

60
CVE-2025/CVE-2025-22xx/CVE-2025-2270.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-2270",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-04-04T06:15:40.540",
"lastModified": "2025-04-04T06:15:40.540",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Countdown, Coming Soon, Maintenance \u2013 Countdown & Clock plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.8.9.1 via the createCdObj function. This makes it possible for unauthenticated attackers to include and execute files with the specific filenames on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in some cases."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/countdown-builder/trunk/classes/RegisterPostType.php#L116",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c2260d6b-1a41-4757-a063-8b8857ef416a?source=cve",
"source": "security@wordfence.com"
}
]
}

21
CVE-2025/CVE-2025-22xx/CVE-2025-2279.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2025-2279",
"sourceIdentifier": "contact@wpscan.com",
"published": "2025-04-04T06:15:40.757",
"lastModified": "2025-04-04T06:15:40.757",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Maps WordPress plugin through 1.0.6 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks."
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/cd87d7ba-86e9-45b6-a3cd-11f6486f0bd0/",
"source": "contact@wpscan.com"
}
]
}

64
CVE-2025/CVE-2025-23xx/CVE-2025-2317.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2025-2317",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-04-04T06:15:40.890",
"lastModified": "2025-04-04T06:15:40.890",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Product Filter by WBW plugin for WordPress is vulnerable to time-based SQL Injection via the filtersDataBackend parameter in all versions up to, and including, 2.7.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/woo-product-filter/tags/2.7.8/modules/meta/models/meta_values.php#L163",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/woo-product-filter/tags/2.7.8/modules/meta/models/meta_values.php#L174",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/329aae11-a141-4c61-8198-1cd8e4e6bfea?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2025/CVE-2025-27xx/CVE-2025-2780.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2025-2780",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-04-04T07:15:40.807",
"lastModified": "2025-04-04T07:15:40.807",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Woffice Core plugin for WordPress, used by the Woffice Theme, is vulnerable to arbitrary file uploads due to missing file type validation in the 'saveFeaturedImage' function in all versions up to, and including, 5.4.21. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "http://localhost:1337/wp-content/plugins/woffice-core/extensions/woffice-event/class-fw-extension-woffice-event.php#L1235",
"source": "security@wordfence.com"
},
{
"url": "https://hub.woffice.io/woffice/changelog#april-1st-2025-version-5422",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7d057ac6-a341-4ec3-956c-2a2a5636155c?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2025/CVE-2025-27xx/CVE-2025-2797.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2025-2797",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-04-04T07:15:42.380",
"lastModified": "2025-04-04T07:15:42.380",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Woffice Core plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.4.21. This is due to missing or incorrect nonce validation on the 'woffice_handle_user_approval_actions' function. This makes it possible for unauthenticated attackers to approve registration for any user via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "http://localhost/wp-content/plugins/woffice-core/extensions/woffice-user-registration/includes/helpers.php#L52",
"source": "security@wordfence.com"
},
{
"url": "https://hub.woffice.io/woffice/changelog#april-1st-2025-version-5422",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1665f2d0-899b-4f9b-91b1-e5799c3b4d3d?source=cve",
"source": "security@wordfence.com"
}
]
}

72
CVE-2025/CVE-2025-28xx/CVE-2025-2836.json Normal file
View File

@ -0,0 +1,72 @@
{
"id": "CVE-2025-2836",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-04-04T06:15:41.070",
"lastModified": "2025-04-04T06:15:41.070",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The RegistrationMagic \u2013 Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018payment_method\u2019 parameter in all versions up to, and including, 6.0.4.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/custom-registration-form-builder-with-submission-manager/tags/6.0.4.3/includes/class_registration_magic.php#L1215",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/custom-registration-form-builder-with-submission-manager/tags/6.0.4.3/libs/factory/class_rm_form_factory_revamp.php#L1274",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/custom-registration-form-builder-with-submission-manager/tags/6.0.4.3/libs/factory/class_rm_form_factory_revamp.php#L1820",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3265041/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9c0c3932-bdb0-4edb-bfec-2ed52cbc5cb6?source=cve",
"source": "security@wordfence.com"
}
]
}

78
CVE-2025/CVE-2025-30xx/CVE-2025-3086.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2025-3086",
"sourceIdentifier": "security@m-files.com",
"published": "2025-04-04T07:15:42.797",
"lastModified": "2025-04-04T07:15:42.797",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper isolation of users in M-Files Server version before 25.3.14549 allows anonymous user to affect other anonymous users views and possibly cause a denial of service"
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security@m-files.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "LOW",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security@m-files.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-653"
}
]
}
],
"references": [
{
"url": "https://product.m-files.com/security-advisories/cve-2025-3086/",
"source": "security@m-files.com"
}
]
}

78
CVE-2025/CVE-2025-30xx/CVE-2025-3087.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2025-3087",
"sourceIdentifier": "security@m-files.com",
"published": "2025-04-04T07:15:42.993",
"lastModified": "2025-04-04T07:15:42.993",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stored XSS in M-Files Web versions from 25.1.14445.5 to 25.2.14524.4 allows an authenticated user to run scripts"
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security@m-files.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security@m-files.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://product.m-files.com/security-advisories/cve-2025-3087/",
"source": "security@m-files.com"
}
]
}

64
CVE-2025/CVE-2025-321xx/CVE-2025-32111.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2025-32111",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-04T07:15:42.580",
"lastModified": "2025-04-04T07:15:42.580",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Docker image from acme.sh before 40b6db6 is based on a .github/workflows/dockerhub.yml file that lacks \"persist-credentials: false\" for actions/checkout."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.2,
"impactScore": 5.8
}
]
},
"weaknesses": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-260"
}
]
}
],
"references": [
{
"url": "https://github.com/acmesh-official/acme.sh/commit/40b6db6a2715628aa977ed1853fe5256704010ae",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/acmesh-official/acme.sh/commit/a1de13657e79c5471dbc8fa3539ea39160937389",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/actions/checkout/blob/85e6279cec87321a52edac9c87bce653a07cf6c2/README.md?plain=1#L70-L72",
"source": "cve@mitre.org"
}
]
}

145
CVE-2025/CVE-2025-32xx/CVE-2025-3211.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-3211",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-04T06:15:41.247",
"lastModified": "2025-04-04T06:15:41.247",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in code-projects Patient Record Management System 1.0. This affects an unknown part of the file /birthing_print.php. The manipulation of the argument itr_no leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 6.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://code-projects.org/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/codinglosser/cve/blob/main/README.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.303165",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.303165",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.545964",
"source": "cna@vuldb.com"
}
]
}

145
CVE-2025/CVE-2025-32xx/CVE-2025-3213.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-3213",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-04T06:15:41.480",
"lastModified": "2025-04-04T06:15:41.480",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in PHPGurukul e-Diary Management System 1.0. This vulnerability affects unknown code of the file /view-note.php?noteid=11. The manipulation of the argument remark leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/lyg986443/cve/issues/2",
"source": "cna@vuldb.com"
},
{
"url": "https://phpgurukul.com/",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.303166",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.303166",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.546128",
"source": "cna@vuldb.com"
}
]
}

144
CVE-2025/CVE-2025-32xx/CVE-2025-3214.json Normal file
View File

@ -0,0 +1,144 @@
{
"id": "CVE-2025-3214",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-04T06:15:41.740",
"lastModified": "2025-04-04T06:15:41.740",
"vulnStatus": "Received",
"cveTags": [
{
"sourceIdentifier": "cna@vuldb.com",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in JFinal CMS up to 5.2.4 and classified as problematic. Affected by this vulnerability is the function engine.getTemplate of the file /readTemplate. The manipulation of the argument template leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The vendor explains that this is not a bug but a feature."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"baseScore": 4.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://github.com/Q16G/cve_detail/blob/main/jfinal/jfinal_enjoy_file_read.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.303169",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.303169",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.548985",
"source": "cna@vuldb.com"
}
]
}

145
CVE-2025/CVE-2025-32xx/CVE-2025-3215.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-3215",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-04T07:15:43.143",
"lastModified": "2025-04-04T07:15:43.143",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/add-subadmin.php. The manipulation of the argument fullname leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 6.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/Camllia2024/mycve/issues/1",
"source": "cna@vuldb.com"
},
{
"url": "https://phpgurukul.com/",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.303170",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.303170",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.546164",
"source": "cna@vuldb.com"
}
]
}

149
CVE-2025/CVE-2025-32xx/CVE-2025-3216.json Normal file
View File

@ -0,0 +1,149 @@
{
"id": "CVE-2025-3216",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-04T07:15:43.400",
"lastModified": "2025-04-04T07:15:43.400",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in PHPGurukul e-Diary Management System 1.0. It has been classified as critical. This affects an unknown part of the file /password-recovery.php. The manipulation of the argument username/contactno leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/rookiekuan/CVE/issues/1",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/rookiekuan/CVE/issues/2",
"source": "cna@vuldb.com"
},
{
"url": "https://phpgurukul.com/",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.303171",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.303171",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.546166",
"source": "cna@vuldb.com"
}
]
}

145
CVE-2025/CVE-2025-32xx/CVE-2025-3217.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-3217",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-04T07:15:43.707",
"lastModified": "2025-04-04T07:15:43.707",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in PHPGurukul e-Diary Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /registration.php. The manipulation of the argument emailid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/rookiekuan/CVE/issues/3",
"source": "cna@vuldb.com"
},
{
"url": "https://phpgurukul.com/",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.303172",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.303172",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.546168",
"source": "cna@vuldb.com"
}
]
}

39
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-04-04T06:00:20.082391+00:00
2025-04-04T08:00:20.205934+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-04-04T05:15:46.817000+00:00
2025-04-04T07:15:43.707000+00:00
```
### Last Data Feed Release
@ -33,24 +33,33 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
288468
288488
```
### CVEs added in the last Commit
Recently added CVEs: `11`
Recently added CVEs: `20`
- [CVE-2024-13744](CVE-2024/CVE-2024-137xx/CVE-2024-13744.json) (`2025-04-04T05:15:44.350`)
- [CVE-2025-2075](CVE-2025/CVE-2025-20xx/CVE-2025-2075.json) (`2025-04-04T05:15:45.400`)
- [CVE-2025-3191](CVE-2025/CVE-2025-31xx/CVE-2025-3191.json) (`2025-04-04T05:15:45.577`)
- [CVE-2025-3192](CVE-2025/CVE-2025-31xx/CVE-2025-3192.json) (`2025-04-04T05:15:45.743`)
- [CVE-2025-3194](CVE-2025/CVE-2025-31xx/CVE-2025-3194.json) (`2025-04-04T05:15:45.927`)
- [CVE-2025-3197](CVE-2025/CVE-2025-31xx/CVE-2025-3197.json) (`2025-04-04T05:15:46.103`)
- [CVE-2025-3206](CVE-2025/CVE-2025-32xx/CVE-2025-3206.json) (`2025-04-04T04:15:39.357`)
- [CVE-2025-3207](CVE-2025/CVE-2025-32xx/CVE-2025-3207.json) (`2025-04-04T04:15:39.603`)
- [CVE-2025-3208](CVE-2025/CVE-2025-32xx/CVE-2025-3208.json) (`2025-04-04T05:15:46.367`)
- [CVE-2025-3209](CVE-2025/CVE-2025-32xx/CVE-2025-3209.json) (`2025-04-04T05:15:46.600`)
- [CVE-2025-3210](CVE-2025/CVE-2025-32xx/CVE-2025-3210.json) (`2025-04-04T05:15:46.817`)
- [CVE-2024-13645](CVE-2024/CVE-2024-136xx/CVE-2024-13645.json) (`2025-04-04T06:15:39.623`)
- [CVE-2024-13708](CVE-2024/CVE-2024-137xx/CVE-2024-13708.json) (`2025-04-04T06:15:39.847`)
- [CVE-2024-13898](CVE-2024/CVE-2024-138xx/CVE-2024-13898.json) (`2025-04-04T06:15:40.013`)
- [CVE-2024-42208](CVE-2024/CVE-2024-422xx/CVE-2024-42208.json) (`2025-04-04T06:15:40.183`)
- [CVE-2025-2159](CVE-2025/CVE-2025-21xx/CVE-2025-2159.json) (`2025-04-04T06:15:40.347`)
- [CVE-2025-2270](CVE-2025/CVE-2025-22xx/CVE-2025-2270.json) (`2025-04-04T06:15:40.540`)
- [CVE-2025-2279](CVE-2025/CVE-2025-22xx/CVE-2025-2279.json) (`2025-04-04T06:15:40.757`)
- [CVE-2025-2317](CVE-2025/CVE-2025-23xx/CVE-2025-2317.json) (`2025-04-04T06:15:40.890`)
- [CVE-2025-2780](CVE-2025/CVE-2025-27xx/CVE-2025-2780.json) (`2025-04-04T07:15:40.807`)
- [CVE-2025-2797](CVE-2025/CVE-2025-27xx/CVE-2025-2797.json) (`2025-04-04T07:15:42.380`)
- [CVE-2025-2836](CVE-2025/CVE-2025-28xx/CVE-2025-2836.json) (`2025-04-04T06:15:41.070`)
- [CVE-2025-3086](CVE-2025/CVE-2025-30xx/CVE-2025-3086.json) (`2025-04-04T07:15:42.797`)
- [CVE-2025-3087](CVE-2025/CVE-2025-30xx/CVE-2025-3087.json) (`2025-04-04T07:15:42.993`)
- [CVE-2025-3211](CVE-2025/CVE-2025-32xx/CVE-2025-3211.json) (`2025-04-04T06:15:41.247`)
- [CVE-2025-32111](CVE-2025/CVE-2025-321xx/CVE-2025-32111.json) (`2025-04-04T07:15:42.580`)
- [CVE-2025-3213](CVE-2025/CVE-2025-32xx/CVE-2025-3213.json) (`2025-04-04T06:15:41.480`)
- [CVE-2025-3214](CVE-2025/CVE-2025-32xx/CVE-2025-3214.json) (`2025-04-04T06:15:41.740`)
- [CVE-2025-3215](CVE-2025/CVE-2025-32xx/CVE-2025-3215.json) (`2025-04-04T07:15:43.143`)
- [CVE-2025-3216](CVE-2025/CVE-2025-32xx/CVE-2025-3216.json) (`2025-04-04T07:15:43.400`)
- [CVE-2025-3217](CVE-2025/CVE-2025-32xx/CVE-2025-3217.json) (`2025-04-04T07:15:43.707`)
### CVEs modified in the last Commit

42
_state.csv
View File

@ -248086,6 +248086,7 @@ CVE-2024-13641,0,0,f5ae933978b19eaa8786ac84fc5f20a253f923886108cb6b544c748640981
CVE-2024-13642,0,0,e62737ae89b22b0d2ca4d332b68aa19e6175af0f52e0500481826051778e9daf,2025-02-04T16:00:49.540000
CVE-2024-13643,0,0,976eb3748a453f62f41c154b29792936c30855f6728fa73bdd9cf169ffa6a36c,2025-02-11T08:15:30.450000
CVE-2024-13644,0,0,64cef7310d19b282392436c6941be53a7496c3c7abf46493750d161d9bcf28af,2025-02-25T19:39:23.487000
CVE-2024-13645,1,1,86dbfe36e5b0e2ed46b0b852cffb96ab7708e20f00d7478ae829844f89cf24aa,2025-04-04T06:15:39.623000
CVE-2024-13646,0,0,df579ebc80f166383afd2bf72cceedaa012995a592dad78c8758f9a4e2dd62bd,2025-01-31T18:19:45.780000
CVE-2024-13647,0,0,6e1407c77b77d3e371c61bec5218af8663c4b22a67829d396df6d9f4a2019011,2025-03-21T14:56:47.833000
CVE-2024-13648,0,0,8f62ea1c5007901a89b064138ec6b8d294bdb0d08cd28f0fa62f3f5d12de0925,2025-02-25T03:30:34.843000
@ -248152,6 +248153,7 @@ CVE-2024-13704,0,0,edacb1bf034aad21d3de74c25d716996b7c2a06ccbd4adcf15412220d4bc9
CVE-2024-13705,0,0,5ec6ac499cda9ee218cf1587251a6725974948adf52db55dc1b1fdc60e1d5cc2,2025-01-31T18:17:10.220000
CVE-2024-13706,0,0,ab3c260451f5aeaf628499ae0037d8fc16844264bd9ec15ebc42f8eab05dd8b8,2025-02-18T19:15:14.357000
CVE-2024-13707,0,0,032e2a9cb1b090228bf905c1e52e11efae679d2f0165154d533e21d339074c69,2025-01-31T18:12:42.913000
CVE-2024-13708,1,1,24b936cc6d49ad6d0466c6c8931a11b1e9339563c881fc79735140b4c18f7ede,2025-04-04T06:15:39.847000
CVE-2024-13709,0,0,89bb0c649902e7b71dd397a2d1262eb45ecb5db3a49c5090d0564ce4341f03af,2025-01-25T04:15:07.670000
CVE-2024-1371,0,0,700f360c37065b466d7daf295c0b566055365a6732e2b4756cd7fe3bd3dfd8e6,2024-11-21T08:50:26.150000
CVE-2024-13710,0,0,2d042377c961f6132538daa0dd50a89dbc1265d4f80c8c32ae629157282d5e48,2025-03-27T16:45:46.410000
@ -248187,7 +248189,7 @@ CVE-2024-13740,0,0,7ff99f97d425424bdc9a3d1a435df988f74877e53c6e3d16169a71dec8c37
CVE-2024-13741,0,0,78f05de9655a03d53c2e8400793bb4a26c0069c47279ba1e219e404df9296757,2025-02-24T12:40:05.483000
CVE-2024-13742,0,0,aa7b21df6f3ec325db10419962054c1a324c9ebd12e6b4ba3b8ccbdda20e9f49,2025-01-30T18:38:19.663000
CVE-2024-13743,0,0,55c8dc190eb39157b66a10e1b93cb1305bc4d10ce4cb3fd182854193f3e3c946,2025-02-18T23:15:09.267000
CVE-2024-13744,1,1,44bf6b64f0ae1e72635482133d7783b6ea902b7c482eeba2d380d80a96d3d67d,2025-04-04T05:15:44.350000
CVE-2024-13744,0,0,44bf6b64f0ae1e72635482133d7783b6ea902b7c482eeba2d380d80a96d3d67d,2025-04-04T05:15:44.350000
CVE-2024-13746,0,0,4744ce63c95c52e5db95476dbd9a3113792c8e496a71ed5da9e5324799e177fd,2025-03-01T05:15:15.103000
CVE-2024-13747,0,0,514db0c22818e902187c8184fe95083c26656dd07b4355e7a170f454d6cd0a87,2025-03-05T10:15:14.617000
CVE-2024-13748,0,0,434305d89c46996e593a1c20227391db3e976db9a09c9806ae0372c5517d7c24,2025-02-25T20:54:55.803000
@ -248320,6 +248322,7 @@ CVE-2024-13893,0,0,fa5eb1d679920542099905b2166422dd832df0600663b7e6c3349a9bf0a03
CVE-2024-13894,0,0,381f271b629199f022fdf9fd4b83845b543284434a4e6931eb7fc74e5af2dadc,2025-03-06T14:15:35.777000
CVE-2024-13895,0,0,e8d5a6bac9730aeb4a8848468a12eea3815476c71300fdcead98f4dfa8122c9c,2025-03-12T16:44:26.183000
CVE-2024-13897,0,0,04f8f74fe55f18650082e0f1721ca59668171996133eedd9591e8be8a245c842,2025-03-06T09:15:25.787000
CVE-2024-13898,1,1,ef05d6b0749f5a9e0212029e95f4e9c21bbbbaa60b220c614c8a260e32725bf3,2025-04-04T06:15:40.013000
CVE-2024-13899,0,0,52a6df255cced586247fa5995c60bd6a4c8114bd9f571a8a9cd0a46e9cfea6df,2025-03-11T13:26:57.550000
CVE-2024-1390,0,0,ffdeb8cc4a3b1077717739c1e237f842eedff68b0ec02858887f3acd549f9f88,2025-01-22T16:49:11.553000
CVE-2024-13900,0,0,a36f38c86f625b2f6c78f95d04b10fcda1c4c7dcd50cfc141d8c356f3933fb59,2025-02-25T04:02:36.137000
@ -266140,6 +266143,7 @@ CVE-2024-42195,0,0,25be1bbcfe19ccb6d2a3ee91045d9ea1242797e882b8752f28a38a75bd1e1
CVE-2024-42196,0,0,74165ceca6e8e10016e2eeb4a033a572e7a1426e3140b48f5bdc3f16162b9281,2024-12-06T15:15:08.550000
CVE-2024-4220,0,0,c10e6b612d929680611c4be467944f24a66f27a0712499a1f349b6953213d81a,2024-11-21T09:42:24.913000
CVE-2024-42207,0,0,7999bd374d3d2e00ca96b064d6050023c869b6b304031749819fd6f354ea6a70,2025-02-05T16:15:40.447000
CVE-2024-42208,1,1,e121e96b2ff54773be6d5af86cfc12039d7cb11f5831759db855c5b805b5e02f,2025-04-04T06:15:40.183000
CVE-2024-42218,0,0,3bca921601eaa25faf0015687ed4f595ccacf0ae5ca15099cde7ba2db042877a,2024-08-12T18:27:54.660000
CVE-2024-42219,0,0,a97969401a201997f2184a96905a9ffb0133ef1ebb5bd9c9a8f1fdcbd582f6f4,2024-08-12T18:30:21.627000
CVE-2024-4222,0,0,78ad3754433d9edd7ad7b04b2e437643c27bc5a8227a6a311a1fd475543e40e7,2025-01-22T18:23:01.487000
@ -282622,7 +282626,7 @@ CVE-2025-2067,0,0,e336b7e791e3fd3cb322ecbc1c5f69ca2b6e5c18fb1ce058eaa6d863ecf3dc
CVE-2025-2071,0,0,7bfe8b685b8245c9943c6d89aac222493a621b72ec29c3cf9622feee00de6032,2025-04-01T20:26:30.593000
CVE-2025-2072,0,0,7452b78e49b40682ae575d6750e2bb1f2de3946160c5bee4487d35d4121dbb19,2025-04-01T20:26:30.593000
CVE-2025-2074,0,0,ebfc92b5bd49f5ccf1c23f472584acdf57def146ebcae3c4ff93af452a5b7959,2025-03-28T18:11:40.180000
CVE-2025-2075,1,1,d223289b61acf35afe7b69c6ed714cb92916b4e282fee1c14a1cb0c472efdcc5,2025-04-04T05:15:45.400000
CVE-2025-2075,0,0,d223289b61acf35afe7b69c6ed714cb92916b4e282fee1c14a1cb0c472efdcc5,2025-04-04T05:15:45.400000
CVE-2025-2076,0,0,4b17faacef13c37de95a24fc1d0a696f48b3a96cded3d3b37bf400752a7db1ce,2025-03-12T04:15:18.800000
CVE-2025-2077,0,0,1c0edbdaffae49fa47155cca050ec7e654aca70fade8fda3498bb18e55151b35,2025-04-02T12:44:08.040000
CVE-2025-2078,0,0,9de7f9d36f257c6e4ade1283dce5bdc5d09f9fe37ce0133e41f71eebe0b83db2,2025-04-02T12:43:28.130000
@ -283097,6 +283101,7 @@ CVE-2025-21569,0,0,5df0154e36384276f1807ec7f051b457b9528fd8420a266b3a9f61e681a5e
CVE-2025-2157,0,0,5c6192ea5b2e45321f17a6fe2ad70d5b25d9e993a209c52e11c52f0c6d50997f,2025-03-15T07:15:34.930000
CVE-2025-21570,0,0,ace167949078eb846cc68a40950678bfa282af3d76d61bcddefc7d830cafe3ca,2025-02-04T17:15:21.550000
CVE-2025-21571,0,0,bdb8c4caf4103cfe30d360ecbf83480841b6726b170ed756d9f8b563b72e6029,2025-02-04T19:15:33.230000
CVE-2025-2159,1,1,600b4c41d87b779603a28d516515c266e64884facfe1ceb681492e1b54f37a76,2025-04-04T06:15:40.347000
CVE-2025-21590,0,0,b36ae92dc904bf55dc4028b2cedf584a24120b0d6e0ef4bd06450d9ddd9f9379,2025-03-14T20:35:13.207000
CVE-2025-21592,0,0,0a84f4727dd27f622e413c24aa51afb8f8c31954e309fc604ecc75437f628076,2025-01-09T17:15:18.203000
CVE-2025-21593,0,0,e4d522ec2585fd9f462af9cacf0614ec9db94ff7e8bb2d84aad64f6482447684,2025-01-09T17:15:18.380000
@ -283944,6 +283949,7 @@ CVE-2025-22696,0,0,a78ad16e71ffcef32da6e8beedb19b7429b4548fb7904e608e5ab76d1d2bd
CVE-2025-22697,0,0,16dd0b7cf82e29a70c33cbf098a2cba9d36ab8943fa49e56289464a87de2dcc4,2025-02-25T18:37:08.783000
CVE-2025-22698,0,0,b51b4118377ad4bc0c1967a67cc0b7072dea4c5652c4409886046312f9ce5632,2025-02-14T13:15:42.757000
CVE-2025-22699,0,0,aa251ed374c7131b82fa13b089f71f242ba87a24bd93b88104587dc53b3887f5,2025-02-18T19:15:26.290000
CVE-2025-2270,1,1,ca6d0c190f8969b44f1790b7a9f407379be384f3ce35cc79cf5c9369d62f4634,2025-04-04T06:15:40.540000
CVE-2025-22700,0,0,88aaedc9c5edb573fa30dda68b0167b132ed36dbb1f26784a49841ff4734d88c,2025-02-04T15:15:22.140000
CVE-2025-22701,0,0,9a84f2ae3e62c1e3d064a4669384e54a23193f984d548418408b1656cee0bffa,2025-02-03T15:15:19.933000
CVE-2025-22702,0,0,6ac1782bfb69b4b4021fbd6db2e519450bbaf5ca9491d7b17a45323b64311993,2025-02-14T13:15:42.893000
@ -284026,6 +284032,7 @@ CVE-2025-22785,0,0,aa4353d5806fe5723076a35c33b8891ff3a61998eca5d33194fb5785a62e2
CVE-2025-22786,0,0,b91ca87977dc2162388a9c52b3e5d7929f67ae175cfbed6e892a70ae5f6c7bfc,2025-03-06T19:37:02.493000
CVE-2025-22787,0,0,123539ec0f563d41af7ca03da6e6f99109a8200bc75541fbc478fac310c97242,2025-02-25T15:41:08.223000
CVE-2025-22788,0,0,af55bbe385e5ad19db90f54f67dcad4a6458802599e6dbb5e4a7878a0103b5e0,2025-01-15T16:15:41.750000
CVE-2025-2279,1,1,615caad5394d6ba2a1c93b09e60575a9c4983e0b26d7b582d497539fa933271b,2025-04-04T06:15:40.757000
CVE-2025-22793,0,0,1e0903441186396148f438dd4c5bf609b6c2892614e2b8eb44fcfefd5125737c,2025-01-15T16:15:41.897000
CVE-2025-22794,0,0,29518117e4a1792c4e052772321e6d0937ed1ba46c8e343f64999407bc634a6a,2025-02-18T19:15:26.560000
CVE-2025-22795,0,0,6ef875d457c8e19bcf577814595be38d790143627f91775ea895c88416ac9b7c,2025-01-15T16:15:42.053000
@ -284230,6 +284237,7 @@ CVE-2025-23125,0,0,2e6f0fce9ee8e787d649705f4cf1025930f6b72d6ac2efc70c4c1837b8d7d
CVE-2025-23126,0,0,aec9ca15332b86ad22382c8419cfef8190ae4b723f5c3088974b31a1f5dd4089,2025-01-11T15:15:09.100000
CVE-2025-23127,0,0,ef1aeaee3e917139d62386eaa309c28fa46e54be8ed45ecdaab4f9d4f96931db,2025-01-11T15:15:09.173000
CVE-2025-23128,0,0,856260a69fb4f1bb5d13296c47ffc7dac686c7ca9a44fff8151b1b7f11a740a9,2025-01-11T15:15:09.250000
CVE-2025-2317,1,1,f4cd62f9f9dd1e5739a5555f224184d488dda7121d36518445c1a5ee1577049e,2025-04-04T06:15:40.890000
CVE-2025-23184,0,0,d117de9ebd2827a8b285a215a95edfb5f2bc8c36d298a840f4f419212fe8e651,2025-02-15T01:15:11.010000
CVE-2025-23185,0,0,6a8fc3993811d2ce0c7ae31663c2f10b11720d00b7d18acd6d25289de30c4360,2025-03-11T01:15:34.330000
CVE-2025-23187,0,0,c290fe7dd4f9aea98485c447bf9862acb0a55538c675ba503d3516720f3efd65,2025-02-18T18:15:33.497000
@ -286992,6 +287000,7 @@ CVE-2025-27793,0,0,8ae5ea10e12dcadd7fbe7d01abf4cd47c8df86334043c5ca8ff67abda3373
CVE-2025-27794,0,0,29af72e657ff2464b2a2937c7c4f1f9dbae6fd8fd9c8cc38aa28016fcbce1e25,2025-04-02T12:33:56.437000
CVE-2025-27795,0,0,4ff7b2f77f376cfe6fd93166198dd47ff9402055417a29c3c719e8e028d2917b,2025-03-07T16:15:40.187000
CVE-2025-27796,0,0,896c9fe3f771a2fa3519e20ae6313b458be8f4415e50a669613e7a3928ce34c1,2025-03-07T22:15:37.813000
CVE-2025-2780,1,1,a9c872631741b3ecb4e5f49e9cbf05f77b47998e2e017e28c9ee8374a89feb22,2025-04-04T07:15:40.807000
CVE-2025-27809,0,0,acf17088263ac0454f3c19e9b5b69eee2adc10f0e02e48930b8a575ccd37ca6c,2025-03-27T16:45:46.410000
CVE-2025-2781,0,0,f71242cf9553514cc2ec12a96aa1195882b54360169109a0233e1040d7956dda,2025-04-01T20:26:30.593000
CVE-2025-27810,0,0,d1482541c832943462d5d5141f3260f826675da05c4de1d17a8d8000d1e76d18,2025-03-27T16:45:46.410000
@ -287032,6 +287041,7 @@ CVE-2025-27926,0,0,55eb57ada8c72239b09d3012ac06f54ef846ef608760d35a348131200e00a
CVE-2025-27932,0,0,036d05ff385938ab4080533cb14ce5447e7754455506217e340766b3e6cee90a,2025-03-28T18:11:40.180000
CVE-2025-27933,0,0,93368137a33aa362057a4035ec036f1aedaefb3c8486745a8d93918e46a37c4e,2025-03-27T14:55:25.660000
CVE-2025-2794,0,0,1a96a5e4fced0b738085ab3d0bfc6f597f8a7a2553b0aa413b0b61c07815e82e,2025-04-01T20:26:22.890000
CVE-2025-2797,1,1,12a3119c38a928a91caf8053696fffa03704c7d7340f486852052726c3e51ed1,2025-04-04T07:15:42.380000
CVE-2025-28010,0,0,716afcbc5cebfe3c684dbf7aa12e99a30e3cb54526d7e93ef8e97f615752b08f,2025-04-03T16:42:46.520000
CVE-2025-28011,0,0,fdcb5591ea26e059e8d35048712169c6e42fd9f817189e1097ee50f0c5ccdc59,2025-03-28T20:00:36.220000
CVE-2025-28015,0,0,2ec3b03d6a2c5b451e55cb244fde2066264789b2e32a98f716bffd5d4cc31009,2025-03-28T19:49:16.520000
@ -287064,6 +287074,7 @@ CVE-2025-2831,0,0,1ae81597715ce516aca81a4f719c74684bee390c094eaf6c3092e19f96d27e
CVE-2025-2832,0,0,9ba849558861453fef9ac84ebe5df211359e27bc420cd4cffb0300d913dc6662,2025-03-27T16:45:27.850000
CVE-2025-2833,0,0,5ee1553047443311af90b172ce83a898e2802ed44b7f8cedda9626fc88ddfee1,2025-04-01T15:43:23.657000
CVE-2025-2835,0,0,d7ec8814e77c0fff114f70483f5128f96470cad92e38743f9e0d4c15e01c27bb,2025-04-01T15:43:38.550000
CVE-2025-2836,1,1,ccdcae40e03ea9c46008b7df0a684b232a4c229d3a2ea132deede0bbbd852394,2025-04-04T06:15:41.070000
CVE-2025-28361,0,0,012842a41606e730430b254a67bbb658386b3833897674145b51c035a48415eb,2025-04-01T15:43:05.143000
CVE-2025-2837,0,0,b89aeb2a53f8a50fdc7d1cb971618f78d6548d3dfb914df0b41cb0d9a2a5f82a,2025-03-27T16:45:27.850000
CVE-2025-2838,0,0,ad5519332c14610c417f2ebe0957fac238c08deca06808872c71584919e4dfa3,2025-03-27T16:45:27.850000
@ -287818,6 +287829,7 @@ CVE-2025-30856,0,0,ccb96c8af7c196f023c8879d78b299b4b08ce7c7817b7565fc16363eb58e0
CVE-2025-30857,0,0,b5ba2e57e180b100f5d4d19d911d2db57f8452762f300ab7a96ab93aa7007fbb,2025-03-27T16:45:12.210000
CVE-2025-30858,0,0,db16218f98ae2c467d337187b891e8c307d5bc5a0b721253feba989de0248b50,2025-04-03T14:15:33.973000
CVE-2025-30859,0,0,9fb4cb315d361c1ff2b1e74e39cf8c9d8e9ce4142f3dc5275511d19208d18ac5,2025-03-27T16:45:12.210000
CVE-2025-3086,1,1,ec4d8bec8a10f7b8a2117e7f517bd2eedd6ff6e4372f397ffe6dd1a6a349ed49,2025-04-04T07:15:42.797000
CVE-2025-30860,0,0,c08bf263ce25dd900d5697e0d60f4d47d5c677cfd2bf6f938b2b25f8e01bdeae,2025-03-27T16:45:12.210000
CVE-2025-30861,0,0,eb2d94d45a90359287e050f5763410477dc05648d625edfa77cbda9a9d236398,2025-03-27T16:45:12.210000
CVE-2025-30862,0,0,a98168c1d651be274914694af9e7979a627c3c97be45045cc6948e3fa80745c5,2025-03-27T16:45:12.210000
@ -287828,6 +287840,7 @@ CVE-2025-30866,0,0,bfcfb31d390344d8a10b72e59af13af80a476cc8bbc19a5929b49ad9fad01
CVE-2025-30867,0,0,ad501afdd1f9d4d3e510c448c7a3512c9a52fbd7b66921095afcb6daeeff301c,2025-03-27T16:45:12.210000
CVE-2025-30868,0,0,0ce69a49d90edf537d7d9bde764d07d7255ce2ba3583c37eff7f468be21da2e8,2025-03-27T16:45:12.210000
CVE-2025-30869,0,0,acc88bf8ebbad99b2b2ed393b10f82c1669cde75bb0fb28f22fa6c41073cc157,2025-04-01T20:26:11.547000
CVE-2025-3087,1,1,6b0646ad2437f4ce53ca21837e1b4e56707a68c6cbfb963293fc91da3dd012b5,2025-04-04T07:15:42.993000
CVE-2025-30870,0,0,26ef848ad27e7d9224fd33e8be10e32100d1566ca2803fa757b9116452dfc568,2025-04-01T20:26:11.547000
CVE-2025-30871,0,0,7c3854deb0642b8eae958a1aed4582e5158e5614f363495a55e00351f0f694e1,2025-03-27T16:45:12.210000
CVE-2025-30872,0,0,b536365800566287c904971c159342f1608ad2caa5882ee55888508434c1c145,2025-03-27T16:45:12.210000
@ -288442,14 +288455,14 @@ CVE-2025-31906,0,0,858ea326679f35199fd193b52e043ef137ef7190828e881910c02e1564073
CVE-2025-31907,0,0,d42241d500728696f9411bad9f6074b9f63ac7eaf81e97702878a9e276105f17,2025-04-03T14:15:42.953000
CVE-2025-31908,0,0,eb42864180a2f3ae29ca7fcb7b1369893cc75fb1cfe5c6047b9b04c7be11c526,2025-04-01T20:26:01.990000
CVE-2025-31909,0,0,81eff332f8808b56a6e7fb4cb9dd28a2a0d39da7b5ec69237fa3a2fbf730de58,2025-04-03T14:15:43.107000
CVE-2025-3191,1,1,8d3a3f83e8117a9b04e8f60b6c315d654755f87b7d6f4149bc903795bac858ce,2025-04-04T05:15:45.577000
CVE-2025-3191,0,0,8d3a3f83e8117a9b04e8f60b6c315d654755f87b7d6f4149bc903795bac858ce,2025-04-04T05:15:45.577000
CVE-2025-31910,0,0,b832932727781de50b17852301cd5a5c89392213265492ff6ff074f0ba795d9f,2025-04-01T20:26:01.990000
CVE-2025-31911,0,0,dafd63d68911a812be24e808d99a55a8ceeb5feee73a79d1772176f67f721793,2025-04-03T14:15:43.257000
CVE-2025-3192,1,1,2edd9035d60d45ad31bf81475b0f9bed8c4d75a8b50ac5c5c5614a6cf4c3ffda,2025-04-04T05:15:45.743000
CVE-2025-3194,1,1,6eea2e22bec3c043f65c7b6f47d1dad4e8779fa2f13aa87798754aea3e7347fa,2025-04-04T05:15:45.927000
CVE-2025-3192,0,0,2edd9035d60d45ad31bf81475b0f9bed8c4d75a8b50ac5c5c5614a6cf4c3ffda,2025-04-04T05:15:45.743000
CVE-2025-3194,0,0,6eea2e22bec3c043f65c7b6f47d1dad4e8779fa2f13aa87798754aea3e7347fa,2025-04-04T05:15:45.927000
CVE-2025-3195,0,0,e308bbc9d3f37a0c8a9faf387891f3285bc40798453437526976c2501eee7c24,2025-04-04T02:15:18.423000
CVE-2025-3196,0,0,0c469902e9c03af3c2770eb5cc31c7d1c31b69b0dd88372a701cee966793608a,2025-04-04T02:15:18.627000
CVE-2025-3197,1,1,71b5a5c7733a960a62e0cdfaf622fe39d49338627f221498f2b8b23ebd3b00b8,2025-04-04T05:15:46.103000
CVE-2025-3197,0,0,71b5a5c7733a960a62e0cdfaf622fe39d49338627f221498f2b8b23ebd3b00b8,2025-04-04T05:15:46.103000
CVE-2025-3198,0,0,5d95a2ea82b745791bf640f9d48bf15646c2f00575cbe9c113a8856b82db0671,2025-04-04T02:15:18.803000
CVE-2025-3199,0,0,3c39a54e77c268763e35ff0806d798e495bbb47478d8118de3630638857b12fa,2025-04-04T02:15:19.013000
CVE-2025-3202,0,0,7d2271acefbd0aeb4336195e51e318c90694b16ffaeb4c3f403e4e40b17682a9,2025-04-04T03:15:13.997000
@ -288462,8 +288475,15 @@ CVE-2025-32051,0,0,589593a5c32fc3f7a2c9e7f401bf3b9d6791113746b52db46878a17a59e4b
CVE-2025-32052,0,0,93f807bd4245cc5799f1be08815a308eceaa0bb1e8adb95a792899ec2afa2d3d,2025-04-03T15:15:51.933000
CVE-2025-32053,0,0,d520a131e7b01facf20f15232e756d3ec63aa37b267d0001764d8e875c120425,2025-04-03T15:15:52.580000
CVE-2025-32054,0,0,c7229c2808b9e8a02f9a2719fb481be0ce92ce94e21566b72428d9c00abe0871,2025-04-03T17:15:30.947000
CVE-2025-3206,1,1,9461a858ecbdb40c286c40585f1f296f61c4dd3ce4e76d2f270eac846232eb6d,2025-04-04T04:15:39.357000
CVE-2025-3207,1,1,3472db8b80c3c38b626a489a32005fcd483e835d214256e90e391bca8d00b18b,2025-04-04T04:15:39.603000
CVE-2025-3208,1,1,3b1c8fa7819797bb886f41de6fe6d0d0aee50eabe57c9d74563735668945813a,2025-04-04T05:15:46.367000
CVE-2025-3209,1,1,62b49ea7164197672367460bafd0c45b13288363a3afc2526bfe72e5f4219256,2025-04-04T05:15:46.600000
CVE-2025-3210,1,1,ed47b7f02545c0297d3eb0f3f3166c3c64436ff388c08cd32cd505e1f17e60e3,2025-04-04T05:15:46.817000
CVE-2025-3206,0,0,9461a858ecbdb40c286c40585f1f296f61c4dd3ce4e76d2f270eac846232eb6d,2025-04-04T04:15:39.357000
CVE-2025-3207,0,0,3472db8b80c3c38b626a489a32005fcd483e835d214256e90e391bca8d00b18b,2025-04-04T04:15:39.603000
CVE-2025-3208,0,0,3b1c8fa7819797bb886f41de6fe6d0d0aee50eabe57c9d74563735668945813a,2025-04-04T05:15:46.367000
CVE-2025-3209,0,0,62b49ea7164197672367460bafd0c45b13288363a3afc2526bfe72e5f4219256,2025-04-04T05:15:46.600000
CVE-2025-3210,0,0,ed47b7f02545c0297d3eb0f3f3166c3c64436ff388c08cd32cd505e1f17e60e3,2025-04-04T05:15:46.817000
CVE-2025-3211,1,1,901d0e8cc0af47a7a52a66c912e0237d861171b167433649c1cee7a047b46f71,2025-04-04T06:15:41.247000
CVE-2025-32111,1,1,e3f3bc1b4b34ef98fb0364aa81c1af93345c8423f7f5a2bcab6070b4665f246a,2025-04-04T07:15:42.580000
CVE-2025-3213,1,1,9d96e561b551cffe0855bf2b9647f13263d9f4e04e15a0684a1d1e06a49fae26,2025-04-04T06:15:41.480000
CVE-2025-3214,1,1,0a9d86013c5f83c623c6504daea66041eff3a79ce66876e9490a500bf3f1dc09,2025-04-04T06:15:41.740000
CVE-2025-3215,1,1,b3a77f349bbe525f135b1274c73d7b20b3840cec1aeec3b3bade0ae456140aba,2025-04-04T07:15:43.143000
CVE-2025-3216,1,1,15f1863b673497f78a4f23229bea5cca269dcc299849f8cee02dd225b2afbf09,2025-04-04T07:15:43.400000
CVE-2025-3217,1,1,a40fb1147322b2e605d2f06652d9fd97bfc430636da25b6d552eb7fa1193e789,2025-04-04T07:15:43.707000

Can't render this file because it is too large.