admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 03:27:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-02-20T11:01:11.869829+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-02-20 11:04:41 +00:00
parent 1aba3453ed
commit bf4edc80e4
18 changed files with 1045 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
CVE-2024/CVE-2024-134xx/CVE-2024-13476.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-13476",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-20T10:15:09.990",
"lastModified": "2025-02-20T10:15:09.990",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The LTL Freight Quotes \u2013 GlobalTranz Edition plugin for WordPress is vulnerable to SQL Injection via the 'engtz_wd_save_dropship' AJAX endpoint in all versions up to, and including, 2.3.11 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3242457/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7eb7c846-c82b-40c8-a5ae-88b30c761ba9?source=cve",
"source": "security@wordfence.com"
}
]
}

68
CVE-2024/CVE-2024-135xx/CVE-2024-13520.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2024-13520",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-20T10:15:10.167",
"lastModified": "2025-02-20T10:15:10.167",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Gift Cards (Gift Vouchers and Packages) (WooCommerce Supported) plugin for WordPress is vulnerable to unauthorized modification of data|loss of data due to a missing capability check on the 'update_voucher_price', 'update_voucher_date', 'update_voucher_note' functions in all versions up to, and including, 4.4.6. This makes it possible for unauthenticated attackers to update the value, expiration date, and user note for any gift voucher."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/gift-voucher/trunk/include/edit-order-voucher.php#L30",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/gift-voucher/trunk/include/edit-order-voucher.php#L5",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/gift-voucher/trunk/include/edit-order-voucher.php#L56",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/190a21cd-9716-4a57-a793-63309c339427?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-137xx/CVE-2024-13748.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-13748",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-20T10:15:10.303",
"lastModified": "2025-02-20T10:15:10.303",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Ultimate Classified Listings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Title parameter in all versions up to, and including, 1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/ultimate-classified-listings/tags/1.4/inc/helpers.php#L407",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2c925848-1ba7-4009-93c2-1648dbf808e9?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-137xx/CVE-2024-13753.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-13753",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-20T10:15:10.450",
"lastModified": "2025-02-20T10:15:10.450",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Ultimate Classified Listings plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. This is due to missing or incorrect nonce validation on the update_profile function. This makes it possible for unauthenticated attackers to modify victim's email via a forged request, which might lead to account takeover, granted they can trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/ultimate-classified-listings/tags/1.4/classes/class-shortcodes.php#L701",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/61365b95-da97-425d-a314-648b3d00236f?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-137xx/CVE-2024-13789.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-13789",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-20T10:15:10.637",
"lastModified": "2025-02-20T10:15:10.637",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ravpage plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.31 via deserialization of untrusted input from the 'paramsv2' parameter. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/ravpage/trunk/ravpage.php#L24",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5e0bcf70-2ffc-45c8-b63e-a8376b6cd22b?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-137xx/CVE-2024-13792.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-13792",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-20T10:15:10.850",
"lastModified": "2025-02-20T10:15:10.850",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WooCommerce Food - Restaurant Menu & Food ordering plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.3.2. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://codecanyon.net/item/woocommerce-food-restaurant-menu-food-ordering/25457330",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ec425326-2729-4142-b5f4-460dfd3ed773?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-138xx/CVE-2024-13802.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-13802",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-20T10:15:11.100",
"lastModified": "2025-02-20T10:15:11.100",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Bandsintown Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bandsintown_events' shortcode in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/bandsintown/tags/1.3.1/bandsintown.php#L134",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bab22f2e-0998-4401-ae9f-45bdce658c4f?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2024/CVE-2024-138xx/CVE-2024-13849.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-13849",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-20T10:15:11.330",
"lastModified": "2025-02-20T10:15:11.330",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Cookie Notice Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/cookie-notice-bar/tags/1.3.0/admin/partials/dc-cookie-notice-bar-admin-display.php",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/cookie-notice-bar/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/24bdffdc-1a4d-4a1c-8393-cf89f0a63bf9?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-138xx/CVE-2024-13855.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-13855",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-20T10:15:11.530",
"lastModified": "2025-02-20T10:15:11.530",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Prime Addons for Elementor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.1 via the pae_global_block shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract information from posts that are not public, including drafts, private, password protected, and restricted posts. This applies to posts created with Elementor only."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/prime-addons-for-elementor/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ac5012f2-3518-41c0-befe-597008f22152?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2024/CVE-2024-138xx/CVE-2024-13888.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-13888",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-20T09:15:09.577",
"lastModified": "2025-02-20T09:15:09.577",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WPMobile.App plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 11.56. This is due to insufficient validation on the redirect URL supplied via the 'redirect' parameter. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3243366",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/wpappninja/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a139f0fc-f3e0-4759-aa8d-ba138e5ccc87?source=cve",
"source": "security@wordfence.com"
}
]
}

72
CVE-2024/CVE-2024-64xx/CVE-2024-6432.json Normal file
View File

@ -0,0 +1,72 @@
{
"id": "CVE-2024-6432",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-20T10:15:11.767",
"lastModified": "2025-02-20T10:15:11.767",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Content Blocks (Custom Post Widget) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018content\u2019 parameter within the plugin's shortcode Content Block in all versions up to, and including, 3.3.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/custom-post-widget/trunk/shortcode.php#L73",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3146407/#file6",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3147521/",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/custom-post-widget/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1f784dfa-5c31-4c44-9230-7beac7f56893?source=cve",
"source": "security@wordfence.com"
}
]
}

68
CVE-2025/CVE-2025-08xx/CVE-2025-0866.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2025-0866",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-20T10:15:11.980",
"lastModified": "2025-02-20T10:15:11.980",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Legoeso PDF Manager plugin for WordPress is vulnerable to time-based SQL Injection via the \u2018checkedVals\u2019 parameter in all versions up to, and including, 1.2.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Author-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/legoeso-pdf-manager/trunk/inc/admin/class-pdf-doc-list-table.php#L543",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/legoeso-pdf-manager/trunk/inc/admin/class-pdf-doc-list-table.php#L567",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/legoeso-pdf-manager/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5e640767-7998-4404-a894-0b1794464c66?source=cve",
"source": "security@wordfence.com"
}
]
}

68
CVE-2025/CVE-2025-08xx/CVE-2025-0897.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2025-0897",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-20T09:15:09.750",
"lastModified": "2025-02-20T09:15:09.750",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Modal Window \u2013 create popup modal window plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'iframeBox' shortcode in all versions up to, and including, 6.1.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/modal-window/trunk/public/class-shortcodes.php#L70",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3243077/",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/modal-window/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/de4dfcc7-fcc0-46e5-8452-98783007368d?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2025/CVE-2025-10xx/CVE-2025-1064.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-1064",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-20T09:15:09.903",
"lastModified": "2025-02-20T09:15:09.903",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Login/Signup Popup ( Inline Form + Woocommerce ) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's xoo_el_action shortcode in all versions up to, and including, 2.8.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3239293/easy-login-woocommerce",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dd62a072-8619-4f51-a52f-2ada7e455cb1?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2025/CVE-2025-13xx/CVE-2025-1328.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2025-1328",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-20T10:15:12.337",
"lastModified": "2025-02-20T10:15:12.337",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Typed JS: A typewriter style animation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018typespeed\u2019 parameter in all versions up to, and including, 1.2.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/mrlegend-typedjs/trunk/public/class-typed-js-public.php#L128",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/mrlegend-typedjs/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fdb15198-68dc-4612-abcc-6b02843f1629?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2025/CVE-2025-14xx/CVE-2025-1483.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-1483",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-20T10:15:12.537",
"lastModified": "2025-02-20T10:15:12.537",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The LTL Freight Quotes \u2013 GlobalTranz Edition plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the engtz_wd_save_dropship AJAX endpoint in all versions up to, and including, 2.3.12. This makes it possible for unauthenticated attackers to update the drop shipping settings."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3243002/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0906e9b0-5093-4ddd-8868-8fcaad8e3a5b?source=cve",
"source": "security@wordfence.com"
}
]
}

25
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-02-20T09:00:40.892867+00:00
2025-02-20T11:01:11.869829+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-02-20T08:15:21.367000+00:00
2025-02-20T10:15:12.537000+00:00
```
### Last Data Feed Release
@ -33,14 +33,29 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
281869
281885
```
### CVEs added in the last Commit
Recently added CVEs: `1`
Recently added CVEs: `16`
- [CVE-2024-13155](CVE-2024/CVE-2024-131xx/CVE-2024-13155.json) (`2025-02-20T08:15:21.367`)
- [CVE-2024-13476](CVE-2024/CVE-2024-134xx/CVE-2024-13476.json) (`2025-02-20T10:15:09.990`)
- [CVE-2024-13520](CVE-2024/CVE-2024-135xx/CVE-2024-13520.json) (`2025-02-20T10:15:10.167`)
- [CVE-2024-13748](CVE-2024/CVE-2024-137xx/CVE-2024-13748.json) (`2025-02-20T10:15:10.303`)
- [CVE-2024-13753](CVE-2024/CVE-2024-137xx/CVE-2024-13753.json) (`2025-02-20T10:15:10.450`)
- [CVE-2024-13789](CVE-2024/CVE-2024-137xx/CVE-2024-13789.json) (`2025-02-20T10:15:10.637`)
- [CVE-2024-13792](CVE-2024/CVE-2024-137xx/CVE-2024-13792.json) (`2025-02-20T10:15:10.850`)
- [CVE-2024-13802](CVE-2024/CVE-2024-138xx/CVE-2024-13802.json) (`2025-02-20T10:15:11.100`)
- [CVE-2024-13849](CVE-2024/CVE-2024-138xx/CVE-2024-13849.json) (`2025-02-20T10:15:11.330`)
- [CVE-2024-13855](CVE-2024/CVE-2024-138xx/CVE-2024-13855.json) (`2025-02-20T10:15:11.530`)
- [CVE-2024-13888](CVE-2024/CVE-2024-138xx/CVE-2024-13888.json) (`2025-02-20T09:15:09.577`)
- [CVE-2024-6432](CVE-2024/CVE-2024-64xx/CVE-2024-6432.json) (`2025-02-20T10:15:11.767`)
- [CVE-2025-0866](CVE-2025/CVE-2025-08xx/CVE-2025-0866.json) (`2025-02-20T10:15:11.980`)
- [CVE-2025-0897](CVE-2025/CVE-2025-08xx/CVE-2025-0897.json) (`2025-02-20T09:15:09.750`)
- [CVE-2025-1064](CVE-2025/CVE-2025-10xx/CVE-2025-1064.json) (`2025-02-20T09:15:09.903`)
- [CVE-2025-1328](CVE-2025/CVE-2025-13xx/CVE-2025-1328.json) (`2025-02-20T10:15:12.337`)
- [CVE-2025-1483](CVE-2025/CVE-2025-14xx/CVE-2025-1483.json) (`2025-02-20T10:15:12.537`)
### CVEs modified in the last Commit

18
_state.csv
View File

@ -246310,7 +246310,7 @@ CVE-2024-1315,0,0,ae67b7f13a317bdc1be64b4fdf580a08492423f203ba37c909a5dc9e35687d
CVE-2024-13152,0,0,1623718d378ce88a22bbad626a4c6a35c6f57e2c6234ac08eff4555d55063391,2025-02-14T13:15:42.170000
CVE-2024-13153,0,0,e5372006a19c4f2229d5d82f2f00e097ecc1dd71c1df06bd0280614a58d1fbcf,2025-01-09T09:15:07.243000
CVE-2024-13154,0,0,8b848cb4ffbbf3d5300b505058bccc136fae4b33341f37a24f40fb8ac9f235ba,2025-01-13T21:15:11.970000
CVE-2024-13155,1,1,abc846c187ee610be36b9327ce826db0bbe36e3bd8c2ca0e9dc519f899621278,2025-02-20T08:15:21.367000
CVE-2024-13155,0,0,abc846c187ee610be36b9327ce826db0bbe36e3bd8c2ca0e9dc519f899621278,2025-02-20T08:15:21.367000
CVE-2024-13156,0,0,30f08a5146793529d2149bd8fe28d1d230f7d62ef9b057e2393b31a9d88e81a0,2025-01-14T09:15:20.910000
CVE-2024-13157,0,0,80e03db47d7aeaaff8ebfe5d3bb0d4e0a672091f1b6d6e0617afb0f75c61e9a3,2025-01-31T09:15:06.617000
CVE-2024-13158,0,0,d921bcc53f0c4810cb7f77f962be3471977624bd876c8c3eed3db3c6a249539e,2025-01-14T18:15:26.020000
@ -246604,6 +246604,7 @@ CVE-2024-13470,0,0,62d62489ae69e29df63f8eb0190e3d2c26ee16e4de50a68486e1e17ce1678
CVE-2024-13472,0,0,78a083d4b9b0a592d2a2cc443e9c6a93e0d6fbb4d284dd5848fb1a89da8cee59,2025-02-11T21:06:13.237000
CVE-2024-13473,0,0,9f1cf3419ff4cec497cc77086acc28179e477b7bcff14ca4047a6f9eefd9483f,2025-02-18T18:15:18.990000
CVE-2024-13475,0,0,5092e9173eadac632d984f8d6b080371e4a16d09f059f921441142bd53ed3c18,2025-02-12T10:15:11.777000
CVE-2024-13476,1,1,e536d7c12b219bc57ecc07fef47f72334a7428667d6be5f52a983e55580fccce,2025-02-20T10:15:09.990000
CVE-2024-13477,0,0,994d41dcdca8ea2949161c6a3039cf39facb69cdf429b9bbd695e457cde87ed6,2025-02-12T12:15:28.660000
CVE-2024-13478,0,0,3d283885de2ff5694d473a7458eb6a9fee1962d7b2f3d84adb8d26453f66b0b0,2025-02-19T12:15:29.777000
CVE-2024-13479,0,0,265f3fc391e53c595bed244b3e7c3502077a0bb4298bb2e92ab4714dd5430254,2025-02-19T12:15:30.610000
@ -246645,6 +246646,7 @@ CVE-2024-13516,0,0,5ffb65a61f80c9c94522737749ad7061abe4071a127f73ee8fe2d406cf9b6
CVE-2024-13517,0,0,cfab1b395558d480252b3d9445658f67696997e56c4b9d51564795ba8972f0d2,2025-02-07T17:10:03.317000
CVE-2024-13519,0,0,dc09c545fe78d4520b3958b8cc7f812509309ee95d98546daffd0145d2c455d7,2025-01-18T07:15:09.510000
CVE-2024-1352,0,0,80e73adafdfe15b995501384770910e119d96dba6ac79b22584e1c2a8e29f667,2025-01-17T17:23:55.973000
CVE-2024-13520,1,1,0d022892f28692b2ae8762509ce4aad5b3f48413ebef3a0cfb18328336d55b8b,2025-02-20T10:15:10.167000
CVE-2024-13521,0,0,56cff5e8dab3e4a84fd4fc6c17bcf2fe279d9bc71acdce76cf6f6b7cd5e70b11,2025-01-30T17:41:52.897000
CVE-2024-13522,0,0,1ec5bbee168af71e2c569fc16b8aceb6b0c6360701cfbb6feabd58c3768384f3,2025-02-18T05:15:12.463000
CVE-2024-13523,0,0,a01422a75b98041b28e49f24f2d7440e366f8a9a4929907951037686a612b3c8,2025-02-18T07:15:08.303000
@ -246809,9 +246811,11 @@ CVE-2024-13740,0,0,ba6332fba984f0b615db8e6ca888f7060538e8c0e0b28351d9f7958c938b9
CVE-2024-13741,0,0,175049f3021b19cf7fa751f03fe80f12100c24edbb7e3c159d12f4c96d5eb8a9,2025-02-18T02:15:13.047000
CVE-2024-13742,0,0,aa7b21df6f3ec325db10419962054c1a324c9ebd12e6b4ba3b8ccbdda20e9f49,2025-01-30T18:38:19.663000
CVE-2024-13743,0,0,27ea41ebfcfb791fdac8994b9a3c60039e7203f73b7d197f4d7616cc1f730a6d,2025-02-18T23:15:09.267000
CVE-2024-13748,1,1,1697b574f690f336c11060fdfb3f73b4037faf1a5992f7a8b6df68b81a12de40,2025-02-20T10:15:10.303000
CVE-2024-13749,0,0,80f262ecaea974125eab2d55e54ea371d41d3a900599102c4f121cdbe4bfacc8,2025-02-12T04:15:09.793000
CVE-2024-1375,0,0,be19da9eb494f4d8787330f2f78fc8aabab79724cc539fca66a358b2ab7e8ba7,2024-11-21T08:50:26.593000
CVE-2024-13752,0,0,90982070281cf6fac387cb369b7b78fff5885316e613711da2e6fb3910f9109c,2025-02-15T10:15:08.533000
CVE-2024-13753,1,1,b2ba220ac3d1a62c609e1defaf324d88eb47f70fafd61d617b1b90635fc079be,2025-02-20T10:15:10.450000
CVE-2024-13758,0,0,2e4bd9fb3fef024cef02d2b8f2dacb7555196f6b2dc915351eaf15ff5ed3368d,2025-01-31T20:28:53.477000
CVE-2024-1376,0,0,34411a3106e4c74f2617f4da0b50ff6e7d812385caea8af0b8361fb64d6e9d04,2024-11-21T08:50:26.737000
CVE-2024-13767,0,0,5e2a432b5514ebb28e43fc58238979fb079695a503a95ef3a2bddb1da15dea7c,2025-01-31T03:15:10.693000
@ -246821,14 +246825,17 @@ CVE-2024-13770,0,0,a44f66c1dcb1ed45bbd56efa11122dee804aa0389e710164fb7a159776bdc
CVE-2024-13775,0,0,89d1ec6a71cec12ef8d6fda55cf89bde1f18738024bb28bd682eafe6ee6a6e20,2025-02-01T13:15:22.847000
CVE-2024-1378,0,0,041aa523b6aa5691bc95edbf2c3845e6125399d35aa90aa412089416e101b866,2024-11-21T08:50:26.997000
CVE-2024-13783,0,0,ac9bfe0bdafe91bcdd1a8a8c9fc20390084611c0cb7ca54a0c41211f48373302,2025-02-18T11:15:11.600000
CVE-2024-13789,1,1,66685c0c937a45caf4804fdbb0f6a654b7766a4df93c13ce786e130fd2ed5ff5,2025-02-20T10:15:10.637000
CVE-2024-1379,0,0,d57d063aae1fbcb792bd04eccc73dc16507c20c6267e19d5bea5a4e5413062c5,2024-11-21T08:50:27.157000
CVE-2024-13791,0,0,e8f3bd70e313cf86e3514fe881c4b6e7c79dc2453560333d0bb8ba37212823df,2025-02-14T11:15:09.320000
CVE-2024-13792,1,1,5eea2eb9c2e9b718585e09fb9464cf4787dcedab1db15551defa783e010d8240,2025-02-20T10:15:10.850000
CVE-2024-13794,0,0,27d6b89d805464403aa5cd7b47bffa4f0df39472970f2a8182a5a27be68e3d41,2025-02-18T18:15:19.290000
CVE-2024-13795,0,0,5ff186d2b18ebdd910aed1b17c910f62f178a43b9b5396d894a01eab3d2cf2bf,2025-02-18T08:15:09.980000
CVE-2024-13797,0,0,fe09b7061fe6273763b2c8668b8146404830403c0458cc4116f6d91c5b5628d2,2025-02-18T11:15:11.753000
CVE-2024-13799,0,0,ec8cb514ef31404e1cd13657eea18c026b0b0f4d5ffefec8356a7aac820d1c0c,2025-02-19T06:15:21.283000
CVE-2024-1380,0,0,189ef0e7c99b94999bf853d72512eb8cc5fd5c5f665b06c2b0baa188813ae89d,2025-01-31T13:26:51.163000
CVE-2024-13800,0,0,f8189949096d0fbf1e64f83c4f4243db2d6cd8eee32b0c9aa4085efbf0645426,2025-02-12T05:15:12.810000
CVE-2024-13802,1,1,fd81c83638437a642a8e1df7595c3a3a89a54e0438783fe338ef7efb14df6f36,2025-02-20T10:15:11.100000
CVE-2024-1381,0,0,f79abe04d98fb58eb4a1bc15edce6ddf9cf798d335c45513b35103feeb919d6b,2024-11-21T08:50:27.453000
CVE-2024-13813,0,0,a0414a00a2a30561fb3007f9bc2cc4b58102a245d589b97ea6ee429ccb8e907a,2025-02-11T16:15:39.220000
CVE-2024-13814,0,0,1eaa34671c59ff347de019eb0f7db92c91d554728619786a007d058e64ccd6e0,2025-02-18T21:30:00.523000
@ -246845,15 +246852,18 @@ CVE-2024-13841,0,0,42857531268142aae6c02637b3b6e7d79dd71736d6804136946d48ddaede1
CVE-2024-13842,0,0,955b2791810b1a10a02616a1134c790dde9472870ffb2ecef1b260eb338bf89c,2025-02-11T16:15:39.513000
CVE-2024-13843,0,0,510b2676ce058323607c3a8a5ac880be2eb8da89d56b6ba23759e15b6c5d2ded,2025-02-11T16:15:39.667000
CVE-2024-13848,0,0,df6c3059e3b4c6e50b09360738ce65b75366af6866f9db1d8dd4c079c2d2cfbe,2025-02-18T05:15:19.157000
CVE-2024-13849,1,1,d98f7937784c29e9abe71d6667822b62b2ca578c3586a491787af9ba63c49a21,2025-02-20T10:15:11.330000
CVE-2024-1385,0,0,8d44f2ddcfbec761b90cec48d83e59f97d1a3c53ec848ed4ca09c1c2ed005096,2024-11-21T08:50:27.933000
CVE-2024-13850,0,0,6b9449e6648abb1edf82833d79485652b7d8e214965b03129c424b1f771ff336,2025-02-08T13:15:06.840000
CVE-2024-13852,0,0,face120ea95fed62ec099664fadaf77219da01c7521b566ddd6f702b5c620406,2025-02-18T05:15:19.423000
CVE-2024-13854,0,0,da76605e45e5cccb1e4ac357ef915fd87a7797a2aa194293a861365173d04915,2025-02-19T08:15:21.440000
CVE-2024-13855,1,1,87ff80a4a4bcadf924c0b68cea8cd371d8a19ee5f045d490959e15e51f021d88,2025-02-20T10:15:11.530000
CVE-2024-1386,0,0,0e88f4287d62ff6aff092302a9322ab713c8f07c6df5c6bed70e82252a8c824b,2024-11-21T08:50:28.063000
CVE-2024-13867,0,0,d1ccd3c88095b1998a7fe8f4f64aebb963278c8b08e66fe2014f445cd5f48e2a,2025-02-18T18:41:21.660000
CVE-2024-1387,0,0,8e6bcbdaec79085616e17d0cff8f7e9074033b4370339ebb2fb375231d6ccb3f,2025-01-07T18:19:26.400000
CVE-2024-13879,0,0,9feaa77a4a107496b778129b23b28c9a020cd8ce5e3b7bb155fa8c6898d38c2d,2025-02-17T16:15:15.950000
CVE-2024-1388,0,0,4055ac29f5fc98e5c697dde8e9fd854a4a3e80aad935e1d1af922e2721330e53,2025-01-16T15:18:18.140000
CVE-2024-13888,1,1,c87839d2bca683e4e01b4f16bf4650844bb0d5c14b76b96fd45e3c4854b6fe97,2025-02-20T09:15:09.577000
CVE-2024-1389,0,0,44c915b89d8f24815db27dcf9521c10fcca5d968291afb2cbd201094aadb9d12,2025-01-27T17:15:51.567000
CVE-2024-1390,0,0,ffdeb8cc4a3b1077717739c1e237f842eedff68b0ec02858887f3acd549f9f88,2025-01-22T16:49:11.553000
CVE-2024-1391,0,0,fccbf24dfb651f372e2b51106217c90f4de85c1f936edcd91290184be12fa7b9,2025-01-17T19:52:57.843000
@ -275763,6 +275773,7 @@ CVE-2024-6426,0,0,4ce002f398761811225a9161509362fcf85e9093181ba3d834a2dc27a8c558
CVE-2024-6427,0,0,80de2373d634cddc1315c0548dc19b6640fad9157630b47b6d68e0948ebd24fe,2024-11-21T09:49:38.180000
CVE-2024-6428,0,0,9824e5fb0d614a3d0e710881a83479c00dc37380d4de17daf97ea6d59ba991f6,2024-11-21T09:49:38.313000
CVE-2024-6431,0,0,202245554d16495714b4a50b0b5396dc96bed4c4cca10e8f1efb34aa2485167d,2024-11-21T09:49:38.450000
CVE-2024-6432,1,1,b8b9e37a8ed808ba75a38e5d2d9d9c05235a2a1d87bd14d42f4cb5ef34a79bba,2025-02-20T10:15:11.767000
CVE-2024-6433,0,0,42c6a0efce14f311f1548d33d512d616e158da3b932d3b757e1b72ad689e1dfb,2024-11-21T09:49:38.570000
CVE-2024-6434,0,0,6a4274085a2124b428b913ddcbc2570d1d62abe5639e19e73a17b1e138716c77,2024-11-21T09:49:38.717000
CVE-2024-6435,0,0,4b307bda22842f0e1dad89cbe8433b0a2f5a1573c8d400fddf8a5d2b32d831e0,2025-01-31T15:01:23.807000
@ -279275,6 +279286,7 @@ CVE-2025-0861,0,0,f7d18c923472db6cea06c2a90819cfa3d8e6d354711eaf47f13c55bfd3702f
CVE-2025-0862,0,0,dee81cd1ce38cab472cf28eb1ce5e1d9037dd3bdafbd545dddc7d172ac5b30e6,2025-02-11T11:15:16.043000
CVE-2025-0864,0,0,e56e1de16064acc329a5a32cc0ae2f68a867a09df61e368d37eca098dd9d89f8,2025-02-18T08:15:10.723000
CVE-2025-0865,0,0,80ee86109bc8176d915ab531176f207ba267c3135c04d72fc66dcd322326ed90,2025-02-19T08:15:21.853000
CVE-2025-0866,1,1,3255655eeba447d8936ae6bd9253ad70311926c87296ef63be450f30c50c2dad,2025-02-20T10:15:11.980000
CVE-2025-0867,0,0,00bdec3c0865b5f1af866315340e7f0b0b67377723af000ff55ae7ae60c91aed,2025-02-14T13:15:42.620000
CVE-2025-0869,0,0,c00b46e6ec082bb5acc28b4863ecc13d05083b8391495aa8cb5415a092650002,2025-02-07T17:15:31.307000
CVE-2025-0870,0,0,1d396f929e817f7895a91994ddee9c76172e4af1ca8cb701d53be58252025809,2025-01-30T13:15:10.483000
@ -279288,6 +279300,7 @@ CVE-2025-0882,0,0,f8cdd5be4a5ead42b24a22ef4df5e88faf0b516030bc2a511e27ba50d819cc
CVE-2025-0890,0,0,68df14f89e9fe80a79d0a5c45e2ac7eb09be58559d3bae2cdceaf342154a05c6,2025-02-04T11:15:08.880000
CVE-2025-0893,0,0,872c69097c7b2ec13b302ffd3b210287444f3dcfd1f7ff02519c618f95b70473,2025-02-19T18:15:24.127000
CVE-2025-0896,0,0,ecb21883de9b1361a3658cc48f44fdef2f626a3624bc2d70212f10094545a767,2025-02-13T02:15:29.470000
CVE-2025-0897,1,1,cade221d6eb479db908dde72749d854eec08ffca27791d62f68eff32758aed4b,2025-02-20T09:15:09.750000
CVE-2025-0899,0,0,d8701cd2c405f04761906304023370caa539e5fcf15c63a9325dc062ea45abed,2025-02-12T19:00:59.227000
CVE-2025-0901,0,0,8576e90f3f88086e5daf580b6c523f255280985c9bdf2649941334bc2c0fff8f,2025-02-12T19:00:52.577000
CVE-2025-0902,0,0,d3b3b12c4b0c7e57e30c3d4cf431b37a3914287ec889acdcd9941b6c82bdf01c,2025-02-12T19:00:34.533000
@ -279370,6 +279383,7 @@ CVE-2025-1058,0,0,f0fad2f3f49afeee020cd5166bcf442481ddfb4558eb17fc96aa811a077ae5
CVE-2025-1059,0,0,0ab1d4e680647fc777b1f82262b0090b83c24b4ef86b71d82e6bf1295dac9761,2025-02-13T06:15:21.680000
CVE-2025-1060,0,0,a3af803539184a670e8a1150c8d0a2bc56d4cd2cc859a7263777d630bbc1a271,2025-02-13T06:15:22.213000
CVE-2025-1061,0,0,719d74f0f0646df1bcdf5186f15b6b006503d4de7dcd7fdf659e983ae5a27990,2025-02-07T02:15:29.587000
CVE-2025-1064,1,1,3476c323fbb99f00363316e4eadec811e94f110d7f8898624f63fa6bc0b178c6,2025-02-20T09:15:09.903000
CVE-2025-1065,0,0,7a62f98369ffccf4b00a81d8982feffe5ffb0f550549018fa41283fbe2ed1658,2025-02-19T06:15:21.507000
CVE-2025-1066,0,0,3fc22615f942b72b8cf5d09f7bd097e7cf373f3b0fcdec9d31e667deb7a70a15,2025-02-18T19:15:24.243000
CVE-2025-1070,0,0,5146e4f08b2531ff82fc620bde7cb0c34c86b4487a1fbc38c78ecd1432016151,2025-02-13T06:15:22.463000
@ -279501,6 +279515,7 @@ CVE-2025-1283,0,0,afbf73056779c2284deff120b8f7806be9c37e816574c79d2148aa8a36b813
CVE-2025-1293,0,0,de22ea463bb11f59b8d001bee87aa35e3db1395d25b26c300642e262a14ba018,2025-02-20T01:15:09.950000
CVE-2025-1298,0,0,3dd2689cd87b723cb3286c5171c05d1ec556a4e424788772bb6ebd63733b94f4,2025-02-18T15:15:18.007000
CVE-2025-1302,0,0,80ab185ad47640442cc52c9cc763e0a51ea23219a81264b6e3df3c8afc9e7cea,2025-02-15T05:15:11.683000
CVE-2025-1328,1,1,5679f4d1fb42d96e89d2a315978dab8dea6fffe2e65cd47be423fc2942444d0c,2025-02-20T10:15:12.337000
CVE-2025-1332,0,0,b482e2f3c2fe31a7c23343f351379d12ec2298734a614d40739ee811eedd1bd1,2025-02-16T01:15:20.440000
CVE-2025-1335,0,0,cca5a5aeab602daf60e1966b659a6706e108a1c270c3d12ddcea19b2340f545f,2025-02-16T04:15:23.230000
CVE-2025-1336,0,0,1d4332a43e181efb84f487de4a15195bff051d66dfbf23e944c2a28a29d70a13,2025-02-16T09:15:09.347000
@ -279548,6 +279563,7 @@ CVE-2025-1447,0,0,0171066f5cc38b75ed48310b7b051ba77753a7de710aef2fb49270a13c1b06
CVE-2025-1448,0,0,8646602fe654ea9c8b8dc30e88ebd580a07aa04ffb2e255dc4fb4a77857c3ea4,2025-02-19T02:15:08.833000
CVE-2025-1464,0,0,b14d16c6baac3507cd4582169a63151cc0fa9ea50d60b1fe8184ca7d2a79a3df,2025-02-19T14:15:30.337000
CVE-2025-1465,0,0,2910b362fc4eb01a626127c50d683f7ea305894f7d9657ebb7cc043987c8c3ee,2025-02-19T16:15:40.667000
CVE-2025-1483,1,1,76cafe28555a10dbbf45546d6f75e89aec9e95ad54aaa4bc0e47714c7e682b94,2025-02-20T10:15:12.537000
CVE-2025-1492,0,0,4cf0d4c2a3031b043d71ffc226830ce9ea797081b5a3ae5a1323a931931fb733,2025-02-20T02:15:38.553000
CVE-2025-20014,0,0,9692e5cd581a413def58e50a6734c5a89401a76673de37fc6a41ad824a4429cc,2025-01-29T20:15:35.207000
CVE-2025-20016,0,0,6fccb84eb01c2cd66b422e82777f9738bfe5004121e1b551d0ae454724543c0e,2025-01-14T10:15:07.500000

Can't render this file because it is too large.