diff --git a/CVE-2024/CVE-2024-136xx/CVE-2024-13645.json b/CVE-2024/CVE-2024-136xx/CVE-2024-13645.json new file mode 100644 index 00000000000..9e373f6c194 --- /dev/null +++ b/CVE-2024/CVE-2024-136xx/CVE-2024-13645.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-13645", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-04-04T06:15:39.623", + "lastModified": "2025-04-04T06:15:39.623", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The tagDiv Composer plugin for WordPress is vulnerable to PHP Object Instantiation in all versions up to, and including, 5.3 via module parameter. This makes it possible for unauthenticated attackers to Instantiate a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://tagdiv.com/tagdiv-composer-page-builder-basics/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4124003c-4864-48f1-acba-9a613d9c99ae?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-137xx/CVE-2024-13708.json b/CVE-2024/CVE-2024-137xx/CVE-2024-13708.json new file mode 100644 index 00000000000..c3430088d8e --- /dev/null +++ b/CVE-2024/CVE-2024-137xx/CVE-2024-13708.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-13708", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-04-04T06:15:39.847", + "lastModified": "2025-04-04T06:15:39.847", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Booster for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in versions 4.0.1 to 7.2.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 7.2, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/woocommerce-jetpack/trunk/includes/class-wcj-checkout-files-upload.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f58b3971-e1e4-4337-82a3-99c9079c6696?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-138xx/CVE-2024-13898.json b/CVE-2024/CVE-2024-138xx/CVE-2024-13898.json new file mode 100644 index 00000000000..df7e8b3ff06 --- /dev/null +++ b/CVE-2024/CVE-2024-138xx/CVE-2024-13898.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-13898", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-04-04T06:15:40.013", + "lastModified": "2025-04-04T06:15:40.013", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Simple Banner \u2013 Easily add multiple Banners/Bars/Notifications/Announcements to the top or bottom of your website plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 4.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3264130%40simple-banner%2Ftrunk&old=3210193%40simple-banner%2Ftrunk&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6a2dea28-14cf-4e83-ac72-efc7c97ecf54?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-422xx/CVE-2024-42208.json b/CVE-2024/CVE-2024-422xx/CVE-2024-42208.json new file mode 100644 index 00000000000..4369785404c --- /dev/null +++ b/CVE-2024/CVE-2024-422xx/CVE-2024-42208.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-42208", + "sourceIdentifier": "psirt@hcl.com", + "published": "2025-04-04T06:15:40.183", + "lastModified": "2025-04-04T06:15:40.183", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@hcl.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N", + "baseScore": 3.5, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@hcl.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0120347", + "source": "psirt@hcl.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-21xx/CVE-2025-2159.json b/CVE-2025/CVE-2025-21xx/CVE-2025-2159.json new file mode 100644 index 00000000000..feaad0da810 --- /dev/null +++ b/CVE-2025/CVE-2025-21xx/CVE-2025-2159.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2025-2159", + "sourceIdentifier": "security@m-files.com", + "published": "2025-04-04T06:15:40.347", + "lastModified": "2025-04-04T06:15:40.347", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Stored XSS in Desktop UI in M-Files Server Admin tool before version 25.3.14681.7 on Windows allows authenticated local user to run scripts via UI" + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security@m-files.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.1, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "ACTIVE", + "vulnConfidentialityImpact": "HIGH", + "vulnIntegrityImpact": "NONE", + "vulnAvailabilityImpact": "NONE", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "security@m-files.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://product.m-files.com/security-advisories/cve-2025-2159/", + "source": "security@m-files.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-22xx/CVE-2025-2270.json b/CVE-2025/CVE-2025-22xx/CVE-2025-2270.json new file mode 100644 index 00000000000..793c6666121 --- /dev/null +++ b/CVE-2025/CVE-2025-22xx/CVE-2025-2270.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-2270", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-04-04T06:15:40.540", + "lastModified": "2025-04-04T06:15:40.540", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Countdown, Coming Soon, Maintenance \u2013 Countdown & Clock plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.8.9.1 via the createCdObj function. This makes it possible for unauthenticated attackers to include and execute files with the specific filenames on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in some cases." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/countdown-builder/trunk/classes/RegisterPostType.php#L116", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c2260d6b-1a41-4757-a063-8b8857ef416a?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-22xx/CVE-2025-2279.json b/CVE-2025/CVE-2025-22xx/CVE-2025-2279.json new file mode 100644 index 00000000000..b5788a33006 --- /dev/null +++ b/CVE-2025/CVE-2025-22xx/CVE-2025-2279.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2025-2279", + "sourceIdentifier": "contact@wpscan.com", + "published": "2025-04-04T06:15:40.757", + "lastModified": "2025-04-04T06:15:40.757", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Maps WordPress plugin through 1.0.6 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/cd87d7ba-86e9-45b6-a3cd-11f6486f0bd0/", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-23xx/CVE-2025-2317.json b/CVE-2025/CVE-2025-23xx/CVE-2025-2317.json new file mode 100644 index 00000000000..8fb98e1f927 --- /dev/null +++ b/CVE-2025/CVE-2025-23xx/CVE-2025-2317.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2025-2317", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-04-04T06:15:40.890", + "lastModified": "2025-04-04T06:15:40.890", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Product Filter by WBW plugin for WordPress is vulnerable to time-based SQL Injection via the filtersDataBackend parameter in all versions up to, and including, 2.7.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/woo-product-filter/tags/2.7.8/modules/meta/models/meta_values.php#L163", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/woo-product-filter/tags/2.7.8/modules/meta/models/meta_values.php#L174", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/329aae11-a141-4c61-8198-1cd8e4e6bfea?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-27xx/CVE-2025-2780.json b/CVE-2025/CVE-2025-27xx/CVE-2025-2780.json new file mode 100644 index 00000000000..1bb49370858 --- /dev/null +++ b/CVE-2025/CVE-2025-27xx/CVE-2025-2780.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2025-2780", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-04-04T07:15:40.807", + "lastModified": "2025-04-04T07:15:40.807", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Woffice Core plugin for WordPress, used by the Woffice Theme, is vulnerable to arbitrary file uploads due to missing file type validation in the 'saveFeaturedImage' function in all versions up to, and including, 5.4.21. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "http://localhost:1337/wp-content/plugins/woffice-core/extensions/woffice-event/class-fw-extension-woffice-event.php#L1235", + "source": "security@wordfence.com" + }, + { + "url": "https://hub.woffice.io/woffice/changelog#april-1st-2025-version-5422", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7d057ac6-a341-4ec3-956c-2a2a5636155c?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-27xx/CVE-2025-2797.json b/CVE-2025/CVE-2025-27xx/CVE-2025-2797.json new file mode 100644 index 00000000000..c793f9ef48d --- /dev/null +++ b/CVE-2025/CVE-2025-27xx/CVE-2025-2797.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2025-2797", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-04-04T07:15:42.380", + "lastModified": "2025-04-04T07:15:42.380", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Woffice Core plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.4.21. This is due to missing or incorrect nonce validation on the 'woffice_handle_user_approval_actions' function. This makes it possible for unauthenticated attackers to approve registration for any user via a forged request granted they can trick a site administrator into performing an action such as clicking on a link." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "http://localhost/wp-content/plugins/woffice-core/extensions/woffice-user-registration/includes/helpers.php#L52", + "source": "security@wordfence.com" + }, + { + "url": "https://hub.woffice.io/woffice/changelog#april-1st-2025-version-5422", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1665f2d0-899b-4f9b-91b1-e5799c3b4d3d?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-28xx/CVE-2025-2836.json b/CVE-2025/CVE-2025-28xx/CVE-2025-2836.json new file mode 100644 index 00000000000..0eb6e87bd60 --- /dev/null +++ b/CVE-2025/CVE-2025-28xx/CVE-2025-2836.json @@ -0,0 +1,72 @@ +{ + "id": "CVE-2025-2836", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-04-04T06:15:41.070", + "lastModified": "2025-04-04T06:15:41.070", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The RegistrationMagic \u2013 Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018payment_method\u2019 parameter in all versions up to, and including, 6.0.4.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/custom-registration-form-builder-with-submission-manager/tags/6.0.4.3/includes/class_registration_magic.php#L1215", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/custom-registration-form-builder-with-submission-manager/tags/6.0.4.3/libs/factory/class_rm_form_factory_revamp.php#L1274", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/custom-registration-form-builder-with-submission-manager/tags/6.0.4.3/libs/factory/class_rm_form_factory_revamp.php#L1820", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3265041/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9c0c3932-bdb0-4edb-bfec-2ed52cbc5cb6?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-30xx/CVE-2025-3086.json b/CVE-2025/CVE-2025-30xx/CVE-2025-3086.json new file mode 100644 index 00000000000..36a7d206087 --- /dev/null +++ b/CVE-2025/CVE-2025-30xx/CVE-2025-3086.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2025-3086", + "sourceIdentifier": "security@m-files.com", + "published": "2025-04-04T07:15:42.797", + "lastModified": "2025-04-04T07:15:42.797", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper isolation of users in M-Files Server version before 25.3.14549 allows anonymous user to affect other anonymous users views and possibly cause a denial of service" + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security@m-files.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "PRESENT", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "NONE", + "vulnIntegrityImpact": "NONE", + "vulnAvailabilityImpact": "LOW", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "LOW", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "security@m-files.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-653" + } + ] + } + ], + "references": [ + { + "url": "https://product.m-files.com/security-advisories/cve-2025-3086/", + "source": "security@m-files.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-30xx/CVE-2025-3087.json b/CVE-2025/CVE-2025-30xx/CVE-2025-3087.json new file mode 100644 index 00000000000..c7ac7d94352 --- /dev/null +++ b/CVE-2025/CVE-2025-30xx/CVE-2025-3087.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2025-3087", + "sourceIdentifier": "security@m-files.com", + "published": "2025-04-04T07:15:42.993", + "lastModified": "2025-04-04T07:15:42.993", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Stored XSS in M-Files Web versions from 25.1.14445.5 to 25.2.14524.4 allows an authenticated user to run scripts" + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security@m-files.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "PASSIVE", + "vulnConfidentialityImpact": "LOW", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "NONE", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "security@m-files.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://product.m-files.com/security-advisories/cve-2025-3087/", + "source": "security@m-files.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-321xx/CVE-2025-32111.json b/CVE-2025/CVE-2025-321xx/CVE-2025-32111.json new file mode 100644 index 00000000000..0b751b3158c --- /dev/null +++ b/CVE-2025/CVE-2025-321xx/CVE-2025-32111.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2025-32111", + "sourceIdentifier": "cve@mitre.org", + "published": "2025-04-04T07:15:42.580", + "lastModified": "2025-04-04T07:15:42.580", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Docker image from acme.sh before 40b6db6 is based on a .github/workflows/dockerhub.yml file that lacks \"persist-credentials: false\" for actions/checkout." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "baseScore": 8.7, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.8 + } + ] + }, + "weaknesses": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-260" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/acmesh-official/acme.sh/commit/40b6db6a2715628aa977ed1853fe5256704010ae", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/acmesh-official/acme.sh/commit/a1de13657e79c5471dbc8fa3539ea39160937389", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/actions/checkout/blob/85e6279cec87321a52edac9c87bce653a07cf6c2/README.md?plain=1#L70-L72", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-32xx/CVE-2025-3211.json b/CVE-2025/CVE-2025-32xx/CVE-2025-3211.json new file mode 100644 index 00000000000..5693c97636b --- /dev/null +++ b/CVE-2025/CVE-2025-32xx/CVE-2025-3211.json @@ -0,0 +1,145 @@ +{ + "id": "CVE-2025-3211", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-04-04T06:15:41.247", + "lastModified": "2025-04-04T06:15:41.247", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability classified as critical has been found in code-projects Patient Record Management System 1.0. This affects an unknown part of the file /birthing_print.php. The manipulation of the argument itr_no leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "LOW", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "LOW", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "baseScore": 6.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://code-projects.org/", + "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/codinglosser/cve/blob/main/README.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.303165", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.303165", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.545964", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-32xx/CVE-2025-3213.json b/CVE-2025/CVE-2025-32xx/CVE-2025-3213.json new file mode 100644 index 00000000000..9c40324b680 --- /dev/null +++ b/CVE-2025/CVE-2025-32xx/CVE-2025-3213.json @@ -0,0 +1,145 @@ +{ + "id": "CVE-2025-3213", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-04-04T06:15:41.480", + "lastModified": "2025-04-04T06:15:41.480", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability classified as critical was found in PHPGurukul e-Diary Management System 1.0. This vulnerability affects unknown code of the file /view-note.php?noteid=11. The manipulation of the argument remark leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "LOW", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "LOW", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "baseScore": 7.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/lyg986443/cve/issues/2", + "source": "cna@vuldb.com" + }, + { + "url": "https://phpgurukul.com/", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.303166", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.303166", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.546128", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-32xx/CVE-2025-3214.json b/CVE-2025/CVE-2025-32xx/CVE-2025-3214.json new file mode 100644 index 00000000000..95e226aa978 --- /dev/null +++ b/CVE-2025/CVE-2025-32xx/CVE-2025-3214.json @@ -0,0 +1,144 @@ +{ + "id": "CVE-2025-3214", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-04-04T06:15:41.740", + "lastModified": "2025-04-04T06:15:41.740", + "vulnStatus": "Received", + "cveTags": [ + { + "sourceIdentifier": "cna@vuldb.com", + "tags": [ + "disputed" + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been found in JFinal CMS up to 5.2.4 and classified as problematic. Affected by this vulnerability is the function engine.getTemplate of the file /readTemplate. The manipulation of the argument template leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The vendor explains that this is not a bug but a feature." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "LOW", + "vulnIntegrityImpact": "NONE", + "vulnAvailabilityImpact": "NONE", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", + "baseScore": 4.0, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/Q16G/cve_detail/blob/main/jfinal/jfinal_enjoy_file_read.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.303169", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.303169", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.548985", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-32xx/CVE-2025-3215.json b/CVE-2025/CVE-2025-32xx/CVE-2025-3215.json new file mode 100644 index 00000000000..8d8fff547ef --- /dev/null +++ b/CVE-2025/CVE-2025-32xx/CVE-2025-3215.json @@ -0,0 +1,145 @@ +{ + "id": "CVE-2025-3215", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-04-04T07:15:43.143", + "lastModified": "2025-04-04T07:15:43.143", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/add-subadmin.php. The manipulation of the argument fullname leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "LOW", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "LOW", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "baseScore": 6.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/Camllia2024/mycve/issues/1", + "source": "cna@vuldb.com" + }, + { + "url": "https://phpgurukul.com/", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.303170", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.303170", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.546164", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-32xx/CVE-2025-3216.json b/CVE-2025/CVE-2025-32xx/CVE-2025-3216.json new file mode 100644 index 00000000000..e466fe3a83c --- /dev/null +++ b/CVE-2025/CVE-2025-32xx/CVE-2025-3216.json @@ -0,0 +1,149 @@ +{ + "id": "CVE-2025-3216", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-04-04T07:15:43.400", + "lastModified": "2025-04-04T07:15:43.400", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in PHPGurukul e-Diary Management System 1.0. It has been classified as critical. This affects an unknown part of the file /password-recovery.php. The manipulation of the argument username/contactno leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "LOW", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "LOW", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "baseScore": 7.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/rookiekuan/CVE/issues/1", + "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/rookiekuan/CVE/issues/2", + "source": "cna@vuldb.com" + }, + { + "url": "https://phpgurukul.com/", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.303171", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.303171", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.546166", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-32xx/CVE-2025-3217.json b/CVE-2025/CVE-2025-32xx/CVE-2025-3217.json new file mode 100644 index 00000000000..d5f0b98c0cc --- /dev/null +++ b/CVE-2025/CVE-2025-32xx/CVE-2025-3217.json @@ -0,0 +1,145 @@ +{ + "id": "CVE-2025-3217", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-04-04T07:15:43.707", + "lastModified": "2025-04-04T07:15:43.707", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in PHPGurukul e-Diary Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /registration.php. The manipulation of the argument emailid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "LOW", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "LOW", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "baseScore": 7.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/rookiekuan/CVE/issues/3", + "source": "cna@vuldb.com" + }, + { + "url": "https://phpgurukul.com/", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.303172", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.303172", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.546168", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 56d2ae3c85a..7abf1220f37 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-04-04T06:00:20.082391+00:00 +2025-04-04T08:00:20.205934+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-04-04T05:15:46.817000+00:00 +2025-04-04T07:15:43.707000+00:00 ``` ### Last Data Feed Release @@ -33,24 +33,33 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -288468 +288488 ``` ### CVEs added in the last Commit -Recently added CVEs: `11` +Recently added CVEs: `20` -- [CVE-2024-13744](CVE-2024/CVE-2024-137xx/CVE-2024-13744.json) (`2025-04-04T05:15:44.350`) -- [CVE-2025-2075](CVE-2025/CVE-2025-20xx/CVE-2025-2075.json) (`2025-04-04T05:15:45.400`) -- [CVE-2025-3191](CVE-2025/CVE-2025-31xx/CVE-2025-3191.json) (`2025-04-04T05:15:45.577`) -- [CVE-2025-3192](CVE-2025/CVE-2025-31xx/CVE-2025-3192.json) (`2025-04-04T05:15:45.743`) -- [CVE-2025-3194](CVE-2025/CVE-2025-31xx/CVE-2025-3194.json) (`2025-04-04T05:15:45.927`) -- [CVE-2025-3197](CVE-2025/CVE-2025-31xx/CVE-2025-3197.json) (`2025-04-04T05:15:46.103`) -- [CVE-2025-3206](CVE-2025/CVE-2025-32xx/CVE-2025-3206.json) (`2025-04-04T04:15:39.357`) -- [CVE-2025-3207](CVE-2025/CVE-2025-32xx/CVE-2025-3207.json) (`2025-04-04T04:15:39.603`) -- [CVE-2025-3208](CVE-2025/CVE-2025-32xx/CVE-2025-3208.json) (`2025-04-04T05:15:46.367`) -- [CVE-2025-3209](CVE-2025/CVE-2025-32xx/CVE-2025-3209.json) (`2025-04-04T05:15:46.600`) -- [CVE-2025-3210](CVE-2025/CVE-2025-32xx/CVE-2025-3210.json) (`2025-04-04T05:15:46.817`) +- [CVE-2024-13645](CVE-2024/CVE-2024-136xx/CVE-2024-13645.json) (`2025-04-04T06:15:39.623`) +- [CVE-2024-13708](CVE-2024/CVE-2024-137xx/CVE-2024-13708.json) (`2025-04-04T06:15:39.847`) +- [CVE-2024-13898](CVE-2024/CVE-2024-138xx/CVE-2024-13898.json) (`2025-04-04T06:15:40.013`) +- [CVE-2024-42208](CVE-2024/CVE-2024-422xx/CVE-2024-42208.json) (`2025-04-04T06:15:40.183`) +- [CVE-2025-2159](CVE-2025/CVE-2025-21xx/CVE-2025-2159.json) (`2025-04-04T06:15:40.347`) +- [CVE-2025-2270](CVE-2025/CVE-2025-22xx/CVE-2025-2270.json) (`2025-04-04T06:15:40.540`) +- [CVE-2025-2279](CVE-2025/CVE-2025-22xx/CVE-2025-2279.json) (`2025-04-04T06:15:40.757`) +- [CVE-2025-2317](CVE-2025/CVE-2025-23xx/CVE-2025-2317.json) (`2025-04-04T06:15:40.890`) +- [CVE-2025-2780](CVE-2025/CVE-2025-27xx/CVE-2025-2780.json) (`2025-04-04T07:15:40.807`) +- [CVE-2025-2797](CVE-2025/CVE-2025-27xx/CVE-2025-2797.json) (`2025-04-04T07:15:42.380`) +- [CVE-2025-2836](CVE-2025/CVE-2025-28xx/CVE-2025-2836.json) (`2025-04-04T06:15:41.070`) +- [CVE-2025-3086](CVE-2025/CVE-2025-30xx/CVE-2025-3086.json) (`2025-04-04T07:15:42.797`) +- [CVE-2025-3087](CVE-2025/CVE-2025-30xx/CVE-2025-3087.json) (`2025-04-04T07:15:42.993`) +- [CVE-2025-3211](CVE-2025/CVE-2025-32xx/CVE-2025-3211.json) (`2025-04-04T06:15:41.247`) +- [CVE-2025-32111](CVE-2025/CVE-2025-321xx/CVE-2025-32111.json) (`2025-04-04T07:15:42.580`) +- [CVE-2025-3213](CVE-2025/CVE-2025-32xx/CVE-2025-3213.json) (`2025-04-04T06:15:41.480`) +- [CVE-2025-3214](CVE-2025/CVE-2025-32xx/CVE-2025-3214.json) (`2025-04-04T06:15:41.740`) +- [CVE-2025-3215](CVE-2025/CVE-2025-32xx/CVE-2025-3215.json) (`2025-04-04T07:15:43.143`) +- [CVE-2025-3216](CVE-2025/CVE-2025-32xx/CVE-2025-3216.json) (`2025-04-04T07:15:43.400`) +- [CVE-2025-3217](CVE-2025/CVE-2025-32xx/CVE-2025-3217.json) (`2025-04-04T07:15:43.707`) ### CVEs modified in the last Commit diff --git a/_state.csv b/_state.csv index cad9ede410f..b82474ea527 100644 --- a/_state.csv +++ b/_state.csv @@ -248086,6 +248086,7 @@ CVE-2024-13641,0,0,f5ae933978b19eaa8786ac84fc5f20a253f923886108cb6b544c748640981 CVE-2024-13642,0,0,e62737ae89b22b0d2ca4d332b68aa19e6175af0f52e0500481826051778e9daf,2025-02-04T16:00:49.540000 CVE-2024-13643,0,0,976eb3748a453f62f41c154b29792936c30855f6728fa73bdd9cf169ffa6a36c,2025-02-11T08:15:30.450000 CVE-2024-13644,0,0,64cef7310d19b282392436c6941be53a7496c3c7abf46493750d161d9bcf28af,2025-02-25T19:39:23.487000 +CVE-2024-13645,1,1,86dbfe36e5b0e2ed46b0b852cffb96ab7708e20f00d7478ae829844f89cf24aa,2025-04-04T06:15:39.623000 CVE-2024-13646,0,0,df579ebc80f166383afd2bf72cceedaa012995a592dad78c8758f9a4e2dd62bd,2025-01-31T18:19:45.780000 CVE-2024-13647,0,0,6e1407c77b77d3e371c61bec5218af8663c4b22a67829d396df6d9f4a2019011,2025-03-21T14:56:47.833000 CVE-2024-13648,0,0,8f62ea1c5007901a89b064138ec6b8d294bdb0d08cd28f0fa62f3f5d12de0925,2025-02-25T03:30:34.843000 @@ -248152,6 +248153,7 @@ CVE-2024-13704,0,0,edacb1bf034aad21d3de74c25d716996b7c2a06ccbd4adcf15412220d4bc9 CVE-2024-13705,0,0,5ec6ac499cda9ee218cf1587251a6725974948adf52db55dc1b1fdc60e1d5cc2,2025-01-31T18:17:10.220000 CVE-2024-13706,0,0,ab3c260451f5aeaf628499ae0037d8fc16844264bd9ec15ebc42f8eab05dd8b8,2025-02-18T19:15:14.357000 CVE-2024-13707,0,0,032e2a9cb1b090228bf905c1e52e11efae679d2f0165154d533e21d339074c69,2025-01-31T18:12:42.913000 +CVE-2024-13708,1,1,24b936cc6d49ad6d0466c6c8931a11b1e9339563c881fc79735140b4c18f7ede,2025-04-04T06:15:39.847000 CVE-2024-13709,0,0,89bb0c649902e7b71dd397a2d1262eb45ecb5db3a49c5090d0564ce4341f03af,2025-01-25T04:15:07.670000 CVE-2024-1371,0,0,700f360c37065b466d7daf295c0b566055365a6732e2b4756cd7fe3bd3dfd8e6,2024-11-21T08:50:26.150000 CVE-2024-13710,0,0,2d042377c961f6132538daa0dd50a89dbc1265d4f80c8c32ae629157282d5e48,2025-03-27T16:45:46.410000 @@ -248187,7 +248189,7 @@ CVE-2024-13740,0,0,7ff99f97d425424bdc9a3d1a435df988f74877e53c6e3d16169a71dec8c37 CVE-2024-13741,0,0,78f05de9655a03d53c2e8400793bb4a26c0069c47279ba1e219e404df9296757,2025-02-24T12:40:05.483000 CVE-2024-13742,0,0,aa7b21df6f3ec325db10419962054c1a324c9ebd12e6b4ba3b8ccbdda20e9f49,2025-01-30T18:38:19.663000 CVE-2024-13743,0,0,55c8dc190eb39157b66a10e1b93cb1305bc4d10ce4cb3fd182854193f3e3c946,2025-02-18T23:15:09.267000 -CVE-2024-13744,1,1,44bf6b64f0ae1e72635482133d7783b6ea902b7c482eeba2d380d80a96d3d67d,2025-04-04T05:15:44.350000 +CVE-2024-13744,0,0,44bf6b64f0ae1e72635482133d7783b6ea902b7c482eeba2d380d80a96d3d67d,2025-04-04T05:15:44.350000 CVE-2024-13746,0,0,4744ce63c95c52e5db95476dbd9a3113792c8e496a71ed5da9e5324799e177fd,2025-03-01T05:15:15.103000 CVE-2024-13747,0,0,514db0c22818e902187c8184fe95083c26656dd07b4355e7a170f454d6cd0a87,2025-03-05T10:15:14.617000 CVE-2024-13748,0,0,434305d89c46996e593a1c20227391db3e976db9a09c9806ae0372c5517d7c24,2025-02-25T20:54:55.803000 @@ -248320,6 +248322,7 @@ CVE-2024-13893,0,0,fa5eb1d679920542099905b2166422dd832df0600663b7e6c3349a9bf0a03 CVE-2024-13894,0,0,381f271b629199f022fdf9fd4b83845b543284434a4e6931eb7fc74e5af2dadc,2025-03-06T14:15:35.777000 CVE-2024-13895,0,0,e8d5a6bac9730aeb4a8848468a12eea3815476c71300fdcead98f4dfa8122c9c,2025-03-12T16:44:26.183000 CVE-2024-13897,0,0,04f8f74fe55f18650082e0f1721ca59668171996133eedd9591e8be8a245c842,2025-03-06T09:15:25.787000 +CVE-2024-13898,1,1,ef05d6b0749f5a9e0212029e95f4e9c21bbbbaa60b220c614c8a260e32725bf3,2025-04-04T06:15:40.013000 CVE-2024-13899,0,0,52a6df255cced586247fa5995c60bd6a4c8114bd9f571a8a9cd0a46e9cfea6df,2025-03-11T13:26:57.550000 CVE-2024-1390,0,0,ffdeb8cc4a3b1077717739c1e237f842eedff68b0ec02858887f3acd549f9f88,2025-01-22T16:49:11.553000 CVE-2024-13900,0,0,a36f38c86f625b2f6c78f95d04b10fcda1c4c7dcd50cfc141d8c356f3933fb59,2025-02-25T04:02:36.137000 @@ -266140,6 +266143,7 @@ CVE-2024-42195,0,0,25be1bbcfe19ccb6d2a3ee91045d9ea1242797e882b8752f28a38a75bd1e1 CVE-2024-42196,0,0,74165ceca6e8e10016e2eeb4a033a572e7a1426e3140b48f5bdc3f16162b9281,2024-12-06T15:15:08.550000 CVE-2024-4220,0,0,c10e6b612d929680611c4be467944f24a66f27a0712499a1f349b6953213d81a,2024-11-21T09:42:24.913000 CVE-2024-42207,0,0,7999bd374d3d2e00ca96b064d6050023c869b6b304031749819fd6f354ea6a70,2025-02-05T16:15:40.447000 +CVE-2024-42208,1,1,e121e96b2ff54773be6d5af86cfc12039d7cb11f5831759db855c5b805b5e02f,2025-04-04T06:15:40.183000 CVE-2024-42218,0,0,3bca921601eaa25faf0015687ed4f595ccacf0ae5ca15099cde7ba2db042877a,2024-08-12T18:27:54.660000 CVE-2024-42219,0,0,a97969401a201997f2184a96905a9ffb0133ef1ebb5bd9c9a8f1fdcbd582f6f4,2024-08-12T18:30:21.627000 CVE-2024-4222,0,0,78ad3754433d9edd7ad7b04b2e437643c27bc5a8227a6a311a1fd475543e40e7,2025-01-22T18:23:01.487000 @@ -282622,7 +282626,7 @@ CVE-2025-2067,0,0,e336b7e791e3fd3cb322ecbc1c5f69ca2b6e5c18fb1ce058eaa6d863ecf3dc CVE-2025-2071,0,0,7bfe8b685b8245c9943c6d89aac222493a621b72ec29c3cf9622feee00de6032,2025-04-01T20:26:30.593000 CVE-2025-2072,0,0,7452b78e49b40682ae575d6750e2bb1f2de3946160c5bee4487d35d4121dbb19,2025-04-01T20:26:30.593000 CVE-2025-2074,0,0,ebfc92b5bd49f5ccf1c23f472584acdf57def146ebcae3c4ff93af452a5b7959,2025-03-28T18:11:40.180000 -CVE-2025-2075,1,1,d223289b61acf35afe7b69c6ed714cb92916b4e282fee1c14a1cb0c472efdcc5,2025-04-04T05:15:45.400000 +CVE-2025-2075,0,0,d223289b61acf35afe7b69c6ed714cb92916b4e282fee1c14a1cb0c472efdcc5,2025-04-04T05:15:45.400000 CVE-2025-2076,0,0,4b17faacef13c37de95a24fc1d0a696f48b3a96cded3d3b37bf400752a7db1ce,2025-03-12T04:15:18.800000 CVE-2025-2077,0,0,1c0edbdaffae49fa47155cca050ec7e654aca70fade8fda3498bb18e55151b35,2025-04-02T12:44:08.040000 CVE-2025-2078,0,0,9de7f9d36f257c6e4ade1283dce5bdc5d09f9fe37ce0133e41f71eebe0b83db2,2025-04-02T12:43:28.130000 @@ -283097,6 +283101,7 @@ CVE-2025-21569,0,0,5df0154e36384276f1807ec7f051b457b9528fd8420a266b3a9f61e681a5e CVE-2025-2157,0,0,5c6192ea5b2e45321f17a6fe2ad70d5b25d9e993a209c52e11c52f0c6d50997f,2025-03-15T07:15:34.930000 CVE-2025-21570,0,0,ace167949078eb846cc68a40950678bfa282af3d76d61bcddefc7d830cafe3ca,2025-02-04T17:15:21.550000 CVE-2025-21571,0,0,bdb8c4caf4103cfe30d360ecbf83480841b6726b170ed756d9f8b563b72e6029,2025-02-04T19:15:33.230000 +CVE-2025-2159,1,1,600b4c41d87b779603a28d516515c266e64884facfe1ceb681492e1b54f37a76,2025-04-04T06:15:40.347000 CVE-2025-21590,0,0,b36ae92dc904bf55dc4028b2cedf584a24120b0d6e0ef4bd06450d9ddd9f9379,2025-03-14T20:35:13.207000 CVE-2025-21592,0,0,0a84f4727dd27f622e413c24aa51afb8f8c31954e309fc604ecc75437f628076,2025-01-09T17:15:18.203000 CVE-2025-21593,0,0,e4d522ec2585fd9f462af9cacf0614ec9db94ff7e8bb2d84aad64f6482447684,2025-01-09T17:15:18.380000 @@ -283944,6 +283949,7 @@ CVE-2025-22696,0,0,a78ad16e71ffcef32da6e8beedb19b7429b4548fb7904e608e5ab76d1d2bd CVE-2025-22697,0,0,16dd0b7cf82e29a70c33cbf098a2cba9d36ab8943fa49e56289464a87de2dcc4,2025-02-25T18:37:08.783000 CVE-2025-22698,0,0,b51b4118377ad4bc0c1967a67cc0b7072dea4c5652c4409886046312f9ce5632,2025-02-14T13:15:42.757000 CVE-2025-22699,0,0,aa251ed374c7131b82fa13b089f71f242ba87a24bd93b88104587dc53b3887f5,2025-02-18T19:15:26.290000 +CVE-2025-2270,1,1,ca6d0c190f8969b44f1790b7a9f407379be384f3ce35cc79cf5c9369d62f4634,2025-04-04T06:15:40.540000 CVE-2025-22700,0,0,88aaedc9c5edb573fa30dda68b0167b132ed36dbb1f26784a49841ff4734d88c,2025-02-04T15:15:22.140000 CVE-2025-22701,0,0,9a84f2ae3e62c1e3d064a4669384e54a23193f984d548418408b1656cee0bffa,2025-02-03T15:15:19.933000 CVE-2025-22702,0,0,6ac1782bfb69b4b4021fbd6db2e519450bbaf5ca9491d7b17a45323b64311993,2025-02-14T13:15:42.893000 @@ -284026,6 +284032,7 @@ CVE-2025-22785,0,0,aa4353d5806fe5723076a35c33b8891ff3a61998eca5d33194fb5785a62e2 CVE-2025-22786,0,0,b91ca87977dc2162388a9c52b3e5d7929f67ae175cfbed6e892a70ae5f6c7bfc,2025-03-06T19:37:02.493000 CVE-2025-22787,0,0,123539ec0f563d41af7ca03da6e6f99109a8200bc75541fbc478fac310c97242,2025-02-25T15:41:08.223000 CVE-2025-22788,0,0,af55bbe385e5ad19db90f54f67dcad4a6458802599e6dbb5e4a7878a0103b5e0,2025-01-15T16:15:41.750000 +CVE-2025-2279,1,1,615caad5394d6ba2a1c93b09e60575a9c4983e0b26d7b582d497539fa933271b,2025-04-04T06:15:40.757000 CVE-2025-22793,0,0,1e0903441186396148f438dd4c5bf609b6c2892614e2b8eb44fcfefd5125737c,2025-01-15T16:15:41.897000 CVE-2025-22794,0,0,29518117e4a1792c4e052772321e6d0937ed1ba46c8e343f64999407bc634a6a,2025-02-18T19:15:26.560000 CVE-2025-22795,0,0,6ef875d457c8e19bcf577814595be38d790143627f91775ea895c88416ac9b7c,2025-01-15T16:15:42.053000 @@ -284230,6 +284237,7 @@ CVE-2025-23125,0,0,2e6f0fce9ee8e787d649705f4cf1025930f6b72d6ac2efc70c4c1837b8d7d CVE-2025-23126,0,0,aec9ca15332b86ad22382c8419cfef8190ae4b723f5c3088974b31a1f5dd4089,2025-01-11T15:15:09.100000 CVE-2025-23127,0,0,ef1aeaee3e917139d62386eaa309c28fa46e54be8ed45ecdaab4f9d4f96931db,2025-01-11T15:15:09.173000 CVE-2025-23128,0,0,856260a69fb4f1bb5d13296c47ffc7dac686c7ca9a44fff8151b1b7f11a740a9,2025-01-11T15:15:09.250000 +CVE-2025-2317,1,1,f4cd62f9f9dd1e5739a5555f224184d488dda7121d36518445c1a5ee1577049e,2025-04-04T06:15:40.890000 CVE-2025-23184,0,0,d117de9ebd2827a8b285a215a95edfb5f2bc8c36d298a840f4f419212fe8e651,2025-02-15T01:15:11.010000 CVE-2025-23185,0,0,6a8fc3993811d2ce0c7ae31663c2f10b11720d00b7d18acd6d25289de30c4360,2025-03-11T01:15:34.330000 CVE-2025-23187,0,0,c290fe7dd4f9aea98485c447bf9862acb0a55538c675ba503d3516720f3efd65,2025-02-18T18:15:33.497000 @@ -286992,6 +287000,7 @@ CVE-2025-27793,0,0,8ae5ea10e12dcadd7fbe7d01abf4cd47c8df86334043c5ca8ff67abda3373 CVE-2025-27794,0,0,29af72e657ff2464b2a2937c7c4f1f9dbae6fd8fd9c8cc38aa28016fcbce1e25,2025-04-02T12:33:56.437000 CVE-2025-27795,0,0,4ff7b2f77f376cfe6fd93166198dd47ff9402055417a29c3c719e8e028d2917b,2025-03-07T16:15:40.187000 CVE-2025-27796,0,0,896c9fe3f771a2fa3519e20ae6313b458be8f4415e50a669613e7a3928ce34c1,2025-03-07T22:15:37.813000 +CVE-2025-2780,1,1,a9c872631741b3ecb4e5f49e9cbf05f77b47998e2e017e28c9ee8374a89feb22,2025-04-04T07:15:40.807000 CVE-2025-27809,0,0,acf17088263ac0454f3c19e9b5b69eee2adc10f0e02e48930b8a575ccd37ca6c,2025-03-27T16:45:46.410000 CVE-2025-2781,0,0,f71242cf9553514cc2ec12a96aa1195882b54360169109a0233e1040d7956dda,2025-04-01T20:26:30.593000 CVE-2025-27810,0,0,d1482541c832943462d5d5141f3260f826675da05c4de1d17a8d8000d1e76d18,2025-03-27T16:45:46.410000 @@ -287032,6 +287041,7 @@ CVE-2025-27926,0,0,55eb57ada8c72239b09d3012ac06f54ef846ef608760d35a348131200e00a CVE-2025-27932,0,0,036d05ff385938ab4080533cb14ce5447e7754455506217e340766b3e6cee90a,2025-03-28T18:11:40.180000 CVE-2025-27933,0,0,93368137a33aa362057a4035ec036f1aedaefb3c8486745a8d93918e46a37c4e,2025-03-27T14:55:25.660000 CVE-2025-2794,0,0,1a96a5e4fced0b738085ab3d0bfc6f597f8a7a2553b0aa413b0b61c07815e82e,2025-04-01T20:26:22.890000 +CVE-2025-2797,1,1,12a3119c38a928a91caf8053696fffa03704c7d7340f486852052726c3e51ed1,2025-04-04T07:15:42.380000 CVE-2025-28010,0,0,716afcbc5cebfe3c684dbf7aa12e99a30e3cb54526d7e93ef8e97f615752b08f,2025-04-03T16:42:46.520000 CVE-2025-28011,0,0,fdcb5591ea26e059e8d35048712169c6e42fd9f817189e1097ee50f0c5ccdc59,2025-03-28T20:00:36.220000 CVE-2025-28015,0,0,2ec3b03d6a2c5b451e55cb244fde2066264789b2e32a98f716bffd5d4cc31009,2025-03-28T19:49:16.520000 @@ -287064,6 +287074,7 @@ CVE-2025-2831,0,0,1ae81597715ce516aca81a4f719c74684bee390c094eaf6c3092e19f96d27e CVE-2025-2832,0,0,9ba849558861453fef9ac84ebe5df211359e27bc420cd4cffb0300d913dc6662,2025-03-27T16:45:27.850000 CVE-2025-2833,0,0,5ee1553047443311af90b172ce83a898e2802ed44b7f8cedda9626fc88ddfee1,2025-04-01T15:43:23.657000 CVE-2025-2835,0,0,d7ec8814e77c0fff114f70483f5128f96470cad92e38743f9e0d4c15e01c27bb,2025-04-01T15:43:38.550000 +CVE-2025-2836,1,1,ccdcae40e03ea9c46008b7df0a684b232a4c229d3a2ea132deede0bbbd852394,2025-04-04T06:15:41.070000 CVE-2025-28361,0,0,012842a41606e730430b254a67bbb658386b3833897674145b51c035a48415eb,2025-04-01T15:43:05.143000 CVE-2025-2837,0,0,b89aeb2a53f8a50fdc7d1cb971618f78d6548d3dfb914df0b41cb0d9a2a5f82a,2025-03-27T16:45:27.850000 CVE-2025-2838,0,0,ad5519332c14610c417f2ebe0957fac238c08deca06808872c71584919e4dfa3,2025-03-27T16:45:27.850000 @@ -287818,6 +287829,7 @@ CVE-2025-30856,0,0,ccb96c8af7c196f023c8879d78b299b4b08ce7c7817b7565fc16363eb58e0 CVE-2025-30857,0,0,b5ba2e57e180b100f5d4d19d911d2db57f8452762f300ab7a96ab93aa7007fbb,2025-03-27T16:45:12.210000 CVE-2025-30858,0,0,db16218f98ae2c467d337187b891e8c307d5bc5a0b721253feba989de0248b50,2025-04-03T14:15:33.973000 CVE-2025-30859,0,0,9fb4cb315d361c1ff2b1e74e39cf8c9d8e9ce4142f3dc5275511d19208d18ac5,2025-03-27T16:45:12.210000 +CVE-2025-3086,1,1,ec4d8bec8a10f7b8a2117e7f517bd2eedd6ff6e4372f397ffe6dd1a6a349ed49,2025-04-04T07:15:42.797000 CVE-2025-30860,0,0,c08bf263ce25dd900d5697e0d60f4d47d5c677cfd2bf6f938b2b25f8e01bdeae,2025-03-27T16:45:12.210000 CVE-2025-30861,0,0,eb2d94d45a90359287e050f5763410477dc05648d625edfa77cbda9a9d236398,2025-03-27T16:45:12.210000 CVE-2025-30862,0,0,a98168c1d651be274914694af9e7979a627c3c97be45045cc6948e3fa80745c5,2025-03-27T16:45:12.210000 @@ -287828,6 +287840,7 @@ CVE-2025-30866,0,0,bfcfb31d390344d8a10b72e59af13af80a476cc8bbc19a5929b49ad9fad01 CVE-2025-30867,0,0,ad501afdd1f9d4d3e510c448c7a3512c9a52fbd7b66921095afcb6daeeff301c,2025-03-27T16:45:12.210000 CVE-2025-30868,0,0,0ce69a49d90edf537d7d9bde764d07d7255ce2ba3583c37eff7f468be21da2e8,2025-03-27T16:45:12.210000 CVE-2025-30869,0,0,acc88bf8ebbad99b2b2ed393b10f82c1669cde75bb0fb28f22fa6c41073cc157,2025-04-01T20:26:11.547000 +CVE-2025-3087,1,1,6b0646ad2437f4ce53ca21837e1b4e56707a68c6cbfb963293fc91da3dd012b5,2025-04-04T07:15:42.993000 CVE-2025-30870,0,0,26ef848ad27e7d9224fd33e8be10e32100d1566ca2803fa757b9116452dfc568,2025-04-01T20:26:11.547000 CVE-2025-30871,0,0,7c3854deb0642b8eae958a1aed4582e5158e5614f363495a55e00351f0f694e1,2025-03-27T16:45:12.210000 CVE-2025-30872,0,0,b536365800566287c904971c159342f1608ad2caa5882ee55888508434c1c145,2025-03-27T16:45:12.210000 @@ -288442,14 +288455,14 @@ CVE-2025-31906,0,0,858ea326679f35199fd193b52e043ef137ef7190828e881910c02e1564073 CVE-2025-31907,0,0,d42241d500728696f9411bad9f6074b9f63ac7eaf81e97702878a9e276105f17,2025-04-03T14:15:42.953000 CVE-2025-31908,0,0,eb42864180a2f3ae29ca7fcb7b1369893cc75fb1cfe5c6047b9b04c7be11c526,2025-04-01T20:26:01.990000 CVE-2025-31909,0,0,81eff332f8808b56a6e7fb4cb9dd28a2a0d39da7b5ec69237fa3a2fbf730de58,2025-04-03T14:15:43.107000 -CVE-2025-3191,1,1,8d3a3f83e8117a9b04e8f60b6c315d654755f87b7d6f4149bc903795bac858ce,2025-04-04T05:15:45.577000 +CVE-2025-3191,0,0,8d3a3f83e8117a9b04e8f60b6c315d654755f87b7d6f4149bc903795bac858ce,2025-04-04T05:15:45.577000 CVE-2025-31910,0,0,b832932727781de50b17852301cd5a5c89392213265492ff6ff074f0ba795d9f,2025-04-01T20:26:01.990000 CVE-2025-31911,0,0,dafd63d68911a812be24e808d99a55a8ceeb5feee73a79d1772176f67f721793,2025-04-03T14:15:43.257000 -CVE-2025-3192,1,1,2edd9035d60d45ad31bf81475b0f9bed8c4d75a8b50ac5c5c5614a6cf4c3ffda,2025-04-04T05:15:45.743000 -CVE-2025-3194,1,1,6eea2e22bec3c043f65c7b6f47d1dad4e8779fa2f13aa87798754aea3e7347fa,2025-04-04T05:15:45.927000 +CVE-2025-3192,0,0,2edd9035d60d45ad31bf81475b0f9bed8c4d75a8b50ac5c5c5614a6cf4c3ffda,2025-04-04T05:15:45.743000 +CVE-2025-3194,0,0,6eea2e22bec3c043f65c7b6f47d1dad4e8779fa2f13aa87798754aea3e7347fa,2025-04-04T05:15:45.927000 CVE-2025-3195,0,0,e308bbc9d3f37a0c8a9faf387891f3285bc40798453437526976c2501eee7c24,2025-04-04T02:15:18.423000 CVE-2025-3196,0,0,0c469902e9c03af3c2770eb5cc31c7d1c31b69b0dd88372a701cee966793608a,2025-04-04T02:15:18.627000 -CVE-2025-3197,1,1,71b5a5c7733a960a62e0cdfaf622fe39d49338627f221498f2b8b23ebd3b00b8,2025-04-04T05:15:46.103000 +CVE-2025-3197,0,0,71b5a5c7733a960a62e0cdfaf622fe39d49338627f221498f2b8b23ebd3b00b8,2025-04-04T05:15:46.103000 CVE-2025-3198,0,0,5d95a2ea82b745791bf640f9d48bf15646c2f00575cbe9c113a8856b82db0671,2025-04-04T02:15:18.803000 CVE-2025-3199,0,0,3c39a54e77c268763e35ff0806d798e495bbb47478d8118de3630638857b12fa,2025-04-04T02:15:19.013000 CVE-2025-3202,0,0,7d2271acefbd0aeb4336195e51e318c90694b16ffaeb4c3f403e4e40b17682a9,2025-04-04T03:15:13.997000 @@ -288462,8 +288475,15 @@ CVE-2025-32051,0,0,589593a5c32fc3f7a2c9e7f401bf3b9d6791113746b52db46878a17a59e4b CVE-2025-32052,0,0,93f807bd4245cc5799f1be08815a308eceaa0bb1e8adb95a792899ec2afa2d3d,2025-04-03T15:15:51.933000 CVE-2025-32053,0,0,d520a131e7b01facf20f15232e756d3ec63aa37b267d0001764d8e875c120425,2025-04-03T15:15:52.580000 CVE-2025-32054,0,0,c7229c2808b9e8a02f9a2719fb481be0ce92ce94e21566b72428d9c00abe0871,2025-04-03T17:15:30.947000 -CVE-2025-3206,1,1,9461a858ecbdb40c286c40585f1f296f61c4dd3ce4e76d2f270eac846232eb6d,2025-04-04T04:15:39.357000 -CVE-2025-3207,1,1,3472db8b80c3c38b626a489a32005fcd483e835d214256e90e391bca8d00b18b,2025-04-04T04:15:39.603000 -CVE-2025-3208,1,1,3b1c8fa7819797bb886f41de6fe6d0d0aee50eabe57c9d74563735668945813a,2025-04-04T05:15:46.367000 -CVE-2025-3209,1,1,62b49ea7164197672367460bafd0c45b13288363a3afc2526bfe72e5f4219256,2025-04-04T05:15:46.600000 -CVE-2025-3210,1,1,ed47b7f02545c0297d3eb0f3f3166c3c64436ff388c08cd32cd505e1f17e60e3,2025-04-04T05:15:46.817000 +CVE-2025-3206,0,0,9461a858ecbdb40c286c40585f1f296f61c4dd3ce4e76d2f270eac846232eb6d,2025-04-04T04:15:39.357000 +CVE-2025-3207,0,0,3472db8b80c3c38b626a489a32005fcd483e835d214256e90e391bca8d00b18b,2025-04-04T04:15:39.603000 +CVE-2025-3208,0,0,3b1c8fa7819797bb886f41de6fe6d0d0aee50eabe57c9d74563735668945813a,2025-04-04T05:15:46.367000 +CVE-2025-3209,0,0,62b49ea7164197672367460bafd0c45b13288363a3afc2526bfe72e5f4219256,2025-04-04T05:15:46.600000 +CVE-2025-3210,0,0,ed47b7f02545c0297d3eb0f3f3166c3c64436ff388c08cd32cd505e1f17e60e3,2025-04-04T05:15:46.817000 +CVE-2025-3211,1,1,901d0e8cc0af47a7a52a66c912e0237d861171b167433649c1cee7a047b46f71,2025-04-04T06:15:41.247000 +CVE-2025-32111,1,1,e3f3bc1b4b34ef98fb0364aa81c1af93345c8423f7f5a2bcab6070b4665f246a,2025-04-04T07:15:42.580000 +CVE-2025-3213,1,1,9d96e561b551cffe0855bf2b9647f13263d9f4e04e15a0684a1d1e06a49fae26,2025-04-04T06:15:41.480000 +CVE-2025-3214,1,1,0a9d86013c5f83c623c6504daea66041eff3a79ce66876e9490a500bf3f1dc09,2025-04-04T06:15:41.740000 +CVE-2025-3215,1,1,b3a77f349bbe525f135b1274c73d7b20b3840cec1aeec3b3bade0ae456140aba,2025-04-04T07:15:43.143000 +CVE-2025-3216,1,1,15f1863b673497f78a4f23229bea5cca269dcc299849f8cee02dd225b2afbf09,2025-04-04T07:15:43.400000 +CVE-2025-3217,1,1,a40fb1147322b2e605d2f06652d9fd97bfc430636da25b6d552eb7fa1193e789,2025-04-04T07:15:43.707000