admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-04-14T08:00:19.689956+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-04-14 08:03:52 +00:00
parent f23f5d9bb1
commit c66b1abaf8
10 changed files with 740 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
CVE-2024/CVE-2024-92xx/CVE-2024-9230.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-9230",
"sourceIdentifier": "contact@wpscan.com",
"published": "2025-04-14T06:15:15.223",
"lastModified": "2025-04-14T06:15:15.223",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The PowerPress Podcasting plugin by Blubrry WordPress plugin before 11.9.18 does not sanitise and escape some of its settings when adding a podcast, which could allow author and above users to perform Stored Cross-Site Scripting attacks"
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/ab5eaf57-fb61-4a08-b439-42dea40b7914/",
"source": "contact@wpscan.com"
}
]
}

21
CVE-2025/CVE-2025-25xx/CVE-2025-2563.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2025-2563",
"sourceIdentifier": "contact@wpscan.com",
"published": "2025-04-14T06:15:16.333",
"lastModified": "2025-04-14T06:15:16.333",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The User Registration & Membership WordPress plugin before 4.1.2 does not prevent users to set their account role when the Membership Addon is enabled, leading to a privilege escalation issue and allowing unauthenticated users to gain admin privileges"
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/2c0f62a1-9510-4f90-a297-17634e6c8b75/",
"source": "contact@wpscan.com"
}
]
}

56
CVE-2025/CVE-2025-305xx/CVE-2025-30516.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-30516",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2025-04-14T07:15:14.397",
"lastModified": "2025-04-14T07:15:14.397",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Mattermost Mobile Apps versions <=2.25.0\u00a0 fail to terminate sessions during logout under certain conditions (e.g. poor connectivity), allowing unauthorized users on shared devices to access sensitive notification content via continued mobile notifications"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 2.0,
"baseSeverity": "LOW",
"attackVector": "PHYSICAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.5,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-613"
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com"
}
]
}

56
CVE-2025/CVE-2025-320xx/CVE-2025-32093.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-32093",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2025-04-14T07:15:14.700",
"lastModified": "2025-04-14T07:15:14.700",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Mattermost versions 10.5.x <= 10.5.1, 10.4.x <= 10.4.3, 9.11.x <= 9.11.9 fail to restrict certain operations on system admins to only other system admins, which allows delegated granular administration users with the \"Edit Other Users\" permission to perform unauthorized modifications to system administrators via improper permission validation."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com"
}
]
}

141
CVE-2025/CVE-2025-35xx/CVE-2025-3552.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-3552",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-14T06:15:16.440",
"lastModified": "2025-04-14T06:15:16.440",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Lingxing ERP 2. It has been classified as critical. This affects an unknown part of the file /Api/TinyMce/UploadAjax.ashx. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
},
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://github.com/666lail/report/blob/main/tmp/fileUpload_3.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.304593",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.304593",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.547881",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2025/CVE-2025-35xx/CVE-2025-3553.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-3553",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-14T06:15:16.800",
"lastModified": "2025-04-14T06:15:16.800",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in phpshe 1.8. It has been declared as critical. This vulnerability affects the function pe_delete of the file /admin.php?mod=brand&act=del. The manipulation of the argument brand_id[] leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 6.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.304594",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.304594",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.548265",
"source": "cna@vuldb.com"
},
{
"url": "https://www.yuque.com/baimatangseng-iyusa/qwwm81/oz331okguefvaob4?singleDoc",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2025/CVE-2025-35xx/CVE-2025-3554.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-3554",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-14T07:15:14.860",
"lastModified": "2025-04-14T07:15:14.860",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in phpshe 1.8. It has been rated as problematic. This issue affects some unknown processing of the file api.php?mod=cron&act=buyer. The manipulation of the argument act leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"baseScore": 5.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
},
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.304595",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.304595",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.548411",
"source": "cna@vuldb.com"
},
{
"url": "https://www.yuque.com/baimatangseng-iyusa/qwwm81/zwhcyq1585ec8g37?singleDoc",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2025/CVE-2025-35xx/CVE-2025-3555.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-3555",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-14T07:15:15.090",
"lastModified": "2025-04-14T07:15:15.090",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic has been found in ScriptAndTools eCommerce-website-in-PHP 3.0. Affected is an unknown function of the file /login.php. The manipulation leads to improper restriction of excessive authentication attempts. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 3.7,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"baseScore": 2.6,
"accessVector": "NETWORK",
"accessComplexity": "HIGH",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"baseSeverity": "LOW",
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-307"
},
{
"lang": "en",
"value": "CWE-799"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.304596",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.304596",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.549168",
"source": "cna@vuldb.com"
},
{
"url": "https://www.websecurityinsights.my.id/2025/04/script-and-tools-ecommerce-30-loginphp.html",
"source": "cna@vuldb.com"
}
]
}

18
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2025-04-14T06:00:19.549104+00:00 2025-04-14T08:00:19.689956+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2025-04-14T05:15:15.330000+00:00 2025-04-14T07:15:15.090000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -33,15 +33,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
289744 289752
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `2` Recently added CVEs: `8`
- [CVE-2025-3550](CVE-2025/CVE-2025-35xx/CVE-2025-3550.json) (`2025-04-14T04:15:16.967`) - [CVE-2024-9230](CVE-2024/CVE-2024-92xx/CVE-2024-9230.json) (`2025-04-14T06:15:15.223`)
- [CVE-2025-3551](CVE-2025/CVE-2025-35xx/CVE-2025-3551.json) (`2025-04-14T05:15:15.330`) - [CVE-2025-2563](CVE-2025/CVE-2025-25xx/CVE-2025-2563.json) (`2025-04-14T06:15:16.333`)
- [CVE-2025-30516](CVE-2025/CVE-2025-305xx/CVE-2025-30516.json) (`2025-04-14T07:15:14.397`)
- [CVE-2025-32093](CVE-2025/CVE-2025-320xx/CVE-2025-32093.json) (`2025-04-14T07:15:14.700`)
- [CVE-2025-3552](CVE-2025/CVE-2025-35xx/CVE-2025-3552.json) (`2025-04-14T06:15:16.440`)
- [CVE-2025-3553](CVE-2025/CVE-2025-35xx/CVE-2025-3553.json) (`2025-04-14T06:15:16.800`)
- [CVE-2025-3554](CVE-2025/CVE-2025-35xx/CVE-2025-3554.json) (`2025-04-14T07:15:14.860`)
- [CVE-2025-3555](CVE-2025/CVE-2025-35xx/CVE-2025-3555.json) (`2025-04-14T07:15:15.090`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit

12
_state.csv
View File

@ -280522,6 +280522,7 @@ CVE-2024-9225,0,0,1704719e0ea2e5f5e0606a9d5d2023b553aeaf4205c1ecb8982fb87bfe7ba8
CVE-2024-9226,0,0,737254889761e79043d7b1ce1fabb643ec8682cb3fdbebee93469fa9d609c8b3,2024-11-12T13:56:24.513000 CVE-2024-9226,0,0,737254889761e79043d7b1ce1fabb643ec8682cb3fdbebee93469fa9d609c8b3,2024-11-12T13:56:24.513000
CVE-2024-9228,0,0,f832c4e68b6d914b6db8d0a26923de9ac2d359b666ae353a594a1dbebd259870,2024-10-07T19:01:04.960000 CVE-2024-9228,0,0,f832c4e68b6d914b6db8d0a26923de9ac2d359b666ae353a594a1dbebd259870,2024-10-07T19:01:04.960000
CVE-2024-9229,0,0,8ca2c97a38c4e01347e36dcc5beaf6ee08ed3c0d4d835cdeaff8b3cc58e2c1f0,2025-03-20T10:15:47.603000 CVE-2024-9229,0,0,8ca2c97a38c4e01347e36dcc5beaf6ee08ed3c0d4d835cdeaff8b3cc58e2c1f0,2025-03-20T10:15:47.603000
CVE-2024-9230,1,1,422fa7fe91a305a61125adc7bcb4b626a3126bcd0c2b533af236ea66a29399c0,2025-04-14T06:15:15.223000
CVE-2024-9231,0,0,07b78bcf598bdcc4695b3c1cf7651973edb0c6022b910ae480cfe1459ca81ece,2024-10-30T18:56:03.380000 CVE-2024-9231,0,0,07b78bcf598bdcc4695b3c1cf7651973edb0c6022b910ae480cfe1459ca81ece,2024-10-30T18:56:03.380000
CVE-2024-9232,0,0,c437dd6828a2bb6c2fef4b80c8004716f23c3f046aa60d93e2c14ad1e09f2d4f,2024-10-15T12:58:51.050000 CVE-2024-9232,0,0,c437dd6828a2bb6c2fef4b80c8004716f23c3f046aa60d93e2c14ad1e09f2d4f,2024-10-15T12:58:51.050000
CVE-2024-9234,0,0,c697ca46bb4a35f9e405ad10af95fb57a9d88346748e059f61a0140ee2b3f87b,2024-10-15T12:58:51.050000 CVE-2024-9234,0,0,c697ca46bb4a35f9e405ad10af95fb57a9d88346748e059f61a0140ee2b3f87b,2024-10-15T12:58:51.050000
@ -286252,6 +286253,7 @@ CVE-2025-2562,0,0,d71b02468cafdbce84509f67bdfaa8893fe73450f99731b0a90af791f6f728
CVE-2025-25620,0,0,2998f203d004ba2c3686a85bfd6e4a9c803d92001b76576bf7ced9c40410ee3c,2025-03-10T19:15:40.393000 CVE-2025-25620,0,0,2998f203d004ba2c3686a85bfd6e4a9c803d92001b76576bf7ced9c40410ee3c,2025-03-10T19:15:40.393000
CVE-2025-25621,0,0,63a694a2198c853cb02da81979b70cf80909e4f217d0ad14b5c2cf8cdc3ac35a,2025-03-17T18:15:21.593000 CVE-2025-25621,0,0,63a694a2198c853cb02da81979b70cf80909e4f217d0ad14b5c2cf8cdc3ac35a,2025-03-17T18:15:21.593000
CVE-2025-25625,0,0,d35a53456bc87fc30424277ce00ed28d6dd49da4bed527e81b7815b9777704dd,2025-04-03T18:26:47.920000 CVE-2025-25625,0,0,d35a53456bc87fc30424277ce00ed28d6dd49da4bed527e81b7815b9777704dd,2025-04-03T18:26:47.920000
CVE-2025-2563,1,1,ea4cb9c6dbf55f0e8cff06bea698a1780980e3670ee9673fce76125454042b52,2025-04-14T06:15:16.333000
CVE-2025-25632,0,0,63a9daf8d062287fb49c86902495e07de54d2264559e40d7c6a1a7888562d43b,2025-04-09T20:56:55.750000 CVE-2025-25632,0,0,63a9daf8d062287fb49c86902495e07de54d2264559e40d7c6a1a7888562d43b,2025-04-09T20:56:55.750000
CVE-2025-25634,0,0,d0b51d7c1db69276cd41b2edd1346abe98f6557183fb728a8205e284d548820a,2025-04-10T18:17:11.187000 CVE-2025-25634,0,0,d0b51d7c1db69276cd41b2edd1346abe98f6557183fb728a8205e284d548820a,2025-04-10T18:17:11.187000
CVE-2025-25635,0,0,beaccf1b133ae432bcedfcf1b43f20544c4e5ac5d5d33afd3d44ae08bcd8754b,2025-04-03T15:37:36.397000 CVE-2025-25635,0,0,beaccf1b133ae432bcedfcf1b43f20544c4e5ac5d5d33afd3d44ae08bcd8754b,2025-04-03T15:37:36.397000
@ -288173,6 +288175,7 @@ CVE-2025-30474,0,0,eb6c167d1736e5a0a05d76dda95c9383453e456c61b97e97ddf0c32b61180
CVE-2025-3048,0,0,5eb6156d35bbaa6ace17e28077befe8dbbf8441f38642f57d7841d345fe9515f,2025-04-01T20:26:22.890000 CVE-2025-3048,0,0,5eb6156d35bbaa6ace17e28077befe8dbbf8441f38642f57d7841d345fe9515f,2025-04-01T20:26:22.890000
CVE-2025-30485,0,0,f2856ee96c6d55a594aa71df88615bdd59c4c1a0f52dcb79297759def1147103,2025-04-07T14:18:34.453000 CVE-2025-30485,0,0,f2856ee96c6d55a594aa71df88615bdd59c4c1a0f52dcb79297759def1147103,2025-04-07T14:18:34.453000
CVE-2025-3051,0,0,03f9e07d76193917b8de9d74f13ff070438d20cd42142f9b8ee6c497180d4b37,2025-04-01T20:26:11.547000 CVE-2025-3051,0,0,03f9e07d76193917b8de9d74f13ff070438d20cd42142f9b8ee6c497180d4b37,2025-04-01T20:26:11.547000
CVE-2025-30516,1,1,49dea84da951fb1248b98b4d033fd6c1dbf961bd9f1d5af46413bbb251ecef06,2025-04-14T07:15:14.397000
CVE-2025-30520,0,0,36202f4247a4e2c05ed8fe3c2794dc6deb26ec20b4118dea06db3314c5e3a395,2025-04-01T20:26:11.547000 CVE-2025-30520,0,0,36202f4247a4e2c05ed8fe3c2794dc6deb26ec20b4118dea06db3314c5e3a395,2025-04-01T20:26:11.547000
CVE-2025-30521,0,0,eee2f839741a5e176cacf865cc6d42d2df432fd3f60c0ff1d8e1355c4ac5b964,2025-03-27T16:44:44.143000 CVE-2025-30521,0,0,eee2f839741a5e176cacf865cc6d42d2df432fd3f60c0ff1d8e1355c4ac5b964,2025-03-27T16:44:44.143000
CVE-2025-30522,0,0,ab298bed764aa241f7fdd86556fbb1b68374df7068fea4de0fc7d11feb11540d,2025-03-27T16:44:44.143000 CVE-2025-30522,0,0,ab298bed764aa241f7fdd86556fbb1b68374df7068fea4de0fc7d11feb11540d,2025-03-27T16:44:44.143000
@ -289191,6 +289194,7 @@ CVE-2025-32079,0,0,9ea9747cb76172729a1aecc6c1cb10040df3f4ff126509d1d13e7c9a7eb7a
CVE-2025-3208,0,0,467c67ee8369e3212684108818f80d158b2f4485a63647368e73220138caff6d,2025-04-08T17:48:42.087000 CVE-2025-3208,0,0,467c67ee8369e3212684108818f80d158b2f4485a63647368e73220138caff6d,2025-04-08T17:48:42.087000
CVE-2025-32080,0,0,8c5137c35b2b3c54cc7c5e0e0214d97db0b8376e0d36e9287126ae8d1d4b11b2,2025-04-11T17:15:44.973000 CVE-2025-32080,0,0,8c5137c35b2b3c54cc7c5e0e0214d97db0b8376e0d36e9287126ae8d1d4b11b2,2025-04-11T17:15:44.973000
CVE-2025-3209,0,0,efaeccbde8dfc66e8697afeb5d539c2f695606dff80d7c548cff76ae6514c4e4,2025-04-07T14:18:15.560000 CVE-2025-3209,0,0,efaeccbde8dfc66e8697afeb5d539c2f695606dff80d7c548cff76ae6514c4e4,2025-04-07T14:18:15.560000
CVE-2025-32093,1,1,840d563c9f546c12b4c77ed00bbb397e353206c1cbc749eb0a2f2a027994d2c0,2025-04-14T07:15:14.700000
CVE-2025-3210,0,0,e3a6c98204c21b98a0522091394112cf3856887b7b64633cf1e308a0cb6727df,2025-04-08T17:43:12.840000 CVE-2025-3210,0,0,e3a6c98204c21b98a0522091394112cf3856887b7b64633cf1e308a0cb6727df,2025-04-08T17:43:12.840000
CVE-2025-32107,0,0,a689a2435b39d5968d7bf2a8f1256f4c1ffc589945169a8a583af99a6981cea6,2025-04-11T15:39:52.920000 CVE-2025-32107,0,0,a689a2435b39d5968d7bf2a8f1256f4c1ffc589945169a8a583af99a6981cea6,2025-04-11T15:39:52.920000
CVE-2025-3211,0,0,e2eebcc8ba292d8d3d123757d4623f49a37b0c48559fde3713cb0f540bc6af19,2025-04-07T14:18:15.560000 CVE-2025-3211,0,0,e2eebcc8ba292d8d3d123757d4623f49a37b0c48559fde3713cb0f540bc6af19,2025-04-07T14:18:15.560000
@ -289740,6 +289744,10 @@ CVE-2025-3546,0,0,3bfa6e539e5c794ae339e4aa3fbd7c9f5394e2a712426c748bb204616a71f6
CVE-2025-3547,0,0,fb838352b1454cdda575b658cafa79bf22d90767dd1c8ea131fa3850cc6c80bf,2025-04-14T03:15:16.463000 CVE-2025-3547,0,0,fb838352b1454cdda575b658cafa79bf22d90767dd1c8ea131fa3850cc6c80bf,2025-04-14T03:15:16.463000
CVE-2025-3548,0,0,92cd8083cf9c095c813019ef54f80985fdc719ae55f1259cbab509851adb95f4,2025-04-14T03:15:16.640000 CVE-2025-3548,0,0,92cd8083cf9c095c813019ef54f80985fdc719ae55f1259cbab509851adb95f4,2025-04-14T03:15:16.640000
CVE-2025-3549,0,0,e73319b0ed69f6ab5784674fced7b5df42aee0835147e441f8bd5104ffcc60fc,2025-04-14T03:15:16.823000 CVE-2025-3549,0,0,e73319b0ed69f6ab5784674fced7b5df42aee0835147e441f8bd5104ffcc60fc,2025-04-14T03:15:16.823000
CVE-2025-3550,1,1,a96ad7b3abe441d18af3da6c8bba5c64b9ac6022f2a67fc5eb6a560b0bfcd545,2025-04-14T04:15:16.967000 CVE-2025-3550,0,0,a96ad7b3abe441d18af3da6c8bba5c64b9ac6022f2a67fc5eb6a560b0bfcd545,2025-04-14T04:15:16.967000
CVE-2025-3551,1,1,bf8a2dc7c80bb41327056daaf325de91b6ca0a8ca30145ec7fb2ad477703fc3a,2025-04-14T05:15:15.330000 CVE-2025-3551,0,0,bf8a2dc7c80bb41327056daaf325de91b6ca0a8ca30145ec7fb2ad477703fc3a,2025-04-14T05:15:15.330000
CVE-2025-3552,1,1,d8a1cd457ee8a10be49e4938230b1d442704fb4276edea52c0502b59197590af,2025-04-14T06:15:16.440000
CVE-2025-3553,1,1,3d0280d97597b57c2181463ad78e0eb1317e8e694f321f0001424e1d1f0ba71b,2025-04-14T06:15:16.800000
CVE-2025-3554,1,1,da630508062c5be1b981df7385b8096851c1cfec70f988d229b8a510c452dda0,2025-04-14T07:15:14.860000
CVE-2025-3555,1,1,799a3a54c7e8d78c25a21f4ff2a39797ec135a56c0e9141bc5209d5b8a28ff33,2025-04-14T07:15:15.090000
CVE-2025-3572,0,0,ce93ec390a9611703e154796a1c8b29e4cb3ba90d0f017a2ea9b391560345b34,2025-04-14T03:15:17 CVE-2025-3572,0,0,ce93ec390a9611703e154796a1c8b29e4cb3ba90d0f017a2ea9b391560345b34,2025-04-14T03:15:17

Can't render this file because it is too large.