admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-04-14T08:00:19.689956+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-04-14 08:03:52 +00:00
parent f23f5d9bb1
commit c66b1abaf8
10 changed files with 740 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
CVE-2024/CVE-2024-92xx/CVE-2024-9230.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-9230",
"sourceIdentifier": "contact@wpscan.com",
"published": "2025-04-14T06:15:15.223",
"lastModified": "2025-04-14T06:15:15.223",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The PowerPress Podcasting plugin by Blubrry WordPress plugin before 11.9.18 does not sanitise and escape some of its settings when adding a podcast, which could allow author and above users to perform Stored Cross-Site Scripting attacks"
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/ab5eaf57-fb61-4a08-b439-42dea40b7914/",
"source": "contact@wpscan.com"
}
]
}

21
CVE-2025/CVE-2025-25xx/CVE-2025-2563.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2025-2563",
"sourceIdentifier": "contact@wpscan.com",
"published": "2025-04-14T06:15:16.333",
"lastModified": "2025-04-14T06:15:16.333",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The User Registration & Membership WordPress plugin before 4.1.2 does not prevent users to set their account role when the Membership Addon is enabled, leading to a privilege escalation issue and allowing unauthenticated users to gain admin privileges"
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/2c0f62a1-9510-4f90-a297-17634e6c8b75/",
"source": "contact@wpscan.com"
}
]
}

56
CVE-2025/CVE-2025-305xx/CVE-2025-30516.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-30516",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2025-04-14T07:15:14.397",
"lastModified": "2025-04-14T07:15:14.397",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Mattermost Mobile Apps versions <=2.25.0\u00a0 fail to terminate sessions during logout under certain conditions (e.g. poor connectivity), allowing unauthorized users on shared devices to access sensitive notification content via continued mobile notifications"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 2.0,
"baseSeverity": "LOW",
"attackVector": "PHYSICAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.5,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-613"
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com"
}
]
}

56
CVE-2025/CVE-2025-320xx/CVE-2025-32093.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-32093",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2025-04-14T07:15:14.700",
"lastModified": "2025-04-14T07:15:14.700",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Mattermost versions 10.5.x <= 10.5.1, 10.4.x <= 10.4.3, 9.11.x <= 9.11.9 fail to restrict certain operations on system admins to only other system admins, which allows delegated granular administration users with the \"Edit Other Users\" permission to perform unauthorized modifications to system administrators via improper permission validation."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com"
}
]
}

141
CVE-2025/CVE-2025-35xx/CVE-2025-3552.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-3552",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-14T06:15:16.440",
"lastModified": "2025-04-14T06:15:16.440",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Lingxing ERP 2. It has been classified as critical. This affects an unknown part of the file /Api/TinyMce/UploadAjax.ashx. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
},
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://github.com/666lail/report/blob/main/tmp/fileUpload_3.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.304593",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.304593",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.547881",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2025/CVE-2025-35xx/CVE-2025-3553.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-3553",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-14T06:15:16.800",
"lastModified": "2025-04-14T06:15:16.800",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in phpshe 1.8. It has been declared as critical. This vulnerability affects the function pe_delete of the file /admin.php?mod=brand&act=del. The manipulation of the argument brand_id[] leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 6.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.304594",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.304594",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.548265",
"source": "cna@vuldb.com"
},
{
"url": "https://www.yuque.com/baimatangseng-iyusa/qwwm81/oz331okguefvaob4?singleDoc",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2025/CVE-2025-35xx/CVE-2025-3554.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-3554",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-14T07:15:14.860",
"lastModified": "2025-04-14T07:15:14.860",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in phpshe 1.8. It has been rated as problematic. This issue affects some unknown processing of the file api.php?mod=cron&act=buyer. The manipulation of the argument act leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"baseScore": 5.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
},
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.304595",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.304595",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.548411",
"source": "cna@vuldb.com"
},
{
"url": "https://www.yuque.com/baimatangseng-iyusa/qwwm81/zwhcyq1585ec8g37?singleDoc",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2025/CVE-2025-35xx/CVE-2025-3555.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-3555",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-14T07:15:15.090",
"lastModified": "2025-04-14T07:15:15.090",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic has been found in ScriptAndTools eCommerce-website-in-PHP 3.0. Affected is an unknown function of the file /login.php. The manipulation leads to improper restriction of excessive authentication attempts. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 3.7,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"baseScore": 2.6,
"accessVector": "NETWORK",
"accessComplexity": "HIGH",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"baseSeverity": "LOW",
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-307"
},
{
"lang": "en",
"value": "CWE-799"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.304596",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.304596",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.549168",
"source": "cna@vuldb.com"
},
{
"url": "https://www.websecurityinsights.my.id/2025/04/script-and-tools-ecommerce-30-loginphp.html",
"source": "cna@vuldb.com"
}
]
}

18
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-04-14T06:00:19.549104+00:00
2025-04-14T08:00:19.689956+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-04-14T05:15:15.330000+00:00
2025-04-14T07:15:15.090000+00:00
```
### Last Data Feed Release
@ -33,15 +33,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
289744
289752
```
### CVEs added in the last Commit
Recently added CVEs: `2`
Recently added CVEs: `8`
- [CVE-2025-3550](CVE-2025/CVE-2025-35xx/CVE-2025-3550.json) (`2025-04-14T04:15:16.967`)
- [CVE-2025-3551](CVE-2025/CVE-2025-35xx/CVE-2025-3551.json) (`2025-04-14T05:15:15.330`)
- [CVE-2024-9230](CVE-2024/CVE-2024-92xx/CVE-2024-9230.json) (`2025-04-14T06:15:15.223`)
- [CVE-2025-2563](CVE-2025/CVE-2025-25xx/CVE-2025-2563.json) (`2025-04-14T06:15:16.333`)
- [CVE-2025-30516](CVE-2025/CVE-2025-305xx/CVE-2025-30516.json) (`2025-04-14T07:15:14.397`)
- [CVE-2025-32093](CVE-2025/CVE-2025-320xx/CVE-2025-32093.json) (`2025-04-14T07:15:14.700`)
- [CVE-2025-3552](CVE-2025/CVE-2025-35xx/CVE-2025-3552.json) (`2025-04-14T06:15:16.440`)
- [CVE-2025-3553](CVE-2025/CVE-2025-35xx/CVE-2025-3553.json) (`2025-04-14T06:15:16.800`)
- [CVE-2025-3554](CVE-2025/CVE-2025-35xx/CVE-2025-3554.json) (`2025-04-14T07:15:14.860`)
- [CVE-2025-3555](CVE-2025/CVE-2025-35xx/CVE-2025-3555.json) (`2025-04-14T07:15:15.090`)
### CVEs modified in the last Commit

12
_state.csv
View File

@ -280522,6 +280522,7 @@ CVE-2024-9225,0,0,1704719e0ea2e5f5e0606a9d5d2023b553aeaf4205c1ecb8982fb87bfe7ba8
CVE-2024-9226,0,0,737254889761e79043d7b1ce1fabb643ec8682cb3fdbebee93469fa9d609c8b3,2024-11-12T13:56:24.513000
CVE-2024-9228,0,0,f832c4e68b6d914b6db8d0a26923de9ac2d359b666ae353a594a1dbebd259870,2024-10-07T19:01:04.960000
CVE-2024-9229,0,0,8ca2c97a38c4e01347e36dcc5beaf6ee08ed3c0d4d835cdeaff8b3cc58e2c1f0,2025-03-20T10:15:47.603000
CVE-2024-9230,1,1,422fa7fe91a305a61125adc7bcb4b626a3126bcd0c2b533af236ea66a29399c0,2025-04-14T06:15:15.223000
CVE-2024-9231,0,0,07b78bcf598bdcc4695b3c1cf7651973edb0c6022b910ae480cfe1459ca81ece,2024-10-30T18:56:03.380000
CVE-2024-9232,0,0,c437dd6828a2bb6c2fef4b80c8004716f23c3f046aa60d93e2c14ad1e09f2d4f,2024-10-15T12:58:51.050000
CVE-2024-9234,0,0,c697ca46bb4a35f9e405ad10af95fb57a9d88346748e059f61a0140ee2b3f87b,2024-10-15T12:58:51.050000
@ -286252,6 +286253,7 @@ CVE-2025-2562,0,0,d71b02468cafdbce84509f67bdfaa8893fe73450f99731b0a90af791f6f728
CVE-2025-25620,0,0,2998f203d004ba2c3686a85bfd6e4a9c803d92001b76576bf7ced9c40410ee3c,2025-03-10T19:15:40.393000
CVE-2025-25621,0,0,63a694a2198c853cb02da81979b70cf80909e4f217d0ad14b5c2cf8cdc3ac35a,2025-03-17T18:15:21.593000
CVE-2025-25625,0,0,d35a53456bc87fc30424277ce00ed28d6dd49da4bed527e81b7815b9777704dd,2025-04-03T18:26:47.920000
CVE-2025-2563,1,1,ea4cb9c6dbf55f0e8cff06bea698a1780980e3670ee9673fce76125454042b52,2025-04-14T06:15:16.333000
CVE-2025-25632,0,0,63a9daf8d062287fb49c86902495e07de54d2264559e40d7c6a1a7888562d43b,2025-04-09T20:56:55.750000
CVE-2025-25634,0,0,d0b51d7c1db69276cd41b2edd1346abe98f6557183fb728a8205e284d548820a,2025-04-10T18:17:11.187000
CVE-2025-25635,0,0,beaccf1b133ae432bcedfcf1b43f20544c4e5ac5d5d33afd3d44ae08bcd8754b,2025-04-03T15:37:36.397000
@ -288173,6 +288175,7 @@ CVE-2025-30474,0,0,eb6c167d1736e5a0a05d76dda95c9383453e456c61b97e97ddf0c32b61180
CVE-2025-3048,0,0,5eb6156d35bbaa6ace17e28077befe8dbbf8441f38642f57d7841d345fe9515f,2025-04-01T20:26:22.890000
CVE-2025-30485,0,0,f2856ee96c6d55a594aa71df88615bdd59c4c1a0f52dcb79297759def1147103,2025-04-07T14:18:34.453000
CVE-2025-3051,0,0,03f9e07d76193917b8de9d74f13ff070438d20cd42142f9b8ee6c497180d4b37,2025-04-01T20:26:11.547000
CVE-2025-30516,1,1,49dea84da951fb1248b98b4d033fd6c1dbf961bd9f1d5af46413bbb251ecef06,2025-04-14T07:15:14.397000
CVE-2025-30520,0,0,36202f4247a4e2c05ed8fe3c2794dc6deb26ec20b4118dea06db3314c5e3a395,2025-04-01T20:26:11.547000
CVE-2025-30521,0,0,eee2f839741a5e176cacf865cc6d42d2df432fd3f60c0ff1d8e1355c4ac5b964,2025-03-27T16:44:44.143000
CVE-2025-30522,0,0,ab298bed764aa241f7fdd86556fbb1b68374df7068fea4de0fc7d11feb11540d,2025-03-27T16:44:44.143000
@ -289191,6 +289194,7 @@ CVE-2025-32079,0,0,9ea9747cb76172729a1aecc6c1cb10040df3f4ff126509d1d13e7c9a7eb7a
CVE-2025-3208,0,0,467c67ee8369e3212684108818f80d158b2f4485a63647368e73220138caff6d,2025-04-08T17:48:42.087000
CVE-2025-32080,0,0,8c5137c35b2b3c54cc7c5e0e0214d97db0b8376e0d36e9287126ae8d1d4b11b2,2025-04-11T17:15:44.973000
CVE-2025-3209,0,0,efaeccbde8dfc66e8697afeb5d539c2f695606dff80d7c548cff76ae6514c4e4,2025-04-07T14:18:15.560000
CVE-2025-32093,1,1,840d563c9f546c12b4c77ed00bbb397e353206c1cbc749eb0a2f2a027994d2c0,2025-04-14T07:15:14.700000
CVE-2025-3210,0,0,e3a6c98204c21b98a0522091394112cf3856887b7b64633cf1e308a0cb6727df,2025-04-08T17:43:12.840000
CVE-2025-32107,0,0,a689a2435b39d5968d7bf2a8f1256f4c1ffc589945169a8a583af99a6981cea6,2025-04-11T15:39:52.920000
CVE-2025-3211,0,0,e2eebcc8ba292d8d3d123757d4623f49a37b0c48559fde3713cb0f540bc6af19,2025-04-07T14:18:15.560000
@ -289740,6 +289744,10 @@ CVE-2025-3546,0,0,3bfa6e539e5c794ae339e4aa3fbd7c9f5394e2a712426c748bb204616a71f6
CVE-2025-3547,0,0,fb838352b1454cdda575b658cafa79bf22d90767dd1c8ea131fa3850cc6c80bf,2025-04-14T03:15:16.463000
CVE-2025-3548,0,0,92cd8083cf9c095c813019ef54f80985fdc719ae55f1259cbab509851adb95f4,2025-04-14T03:15:16.640000
CVE-2025-3549,0,0,e73319b0ed69f6ab5784674fced7b5df42aee0835147e441f8bd5104ffcc60fc,2025-04-14T03:15:16.823000
CVE-2025-3550,1,1,a96ad7b3abe441d18af3da6c8bba5c64b9ac6022f2a67fc5eb6a560b0bfcd545,2025-04-14T04:15:16.967000
CVE-2025-3551,1,1,bf8a2dc7c80bb41327056daaf325de91b6ca0a8ca30145ec7fb2ad477703fc3a,2025-04-14T05:15:15.330000
CVE-2025-3550,0,0,a96ad7b3abe441d18af3da6c8bba5c64b9ac6022f2a67fc5eb6a560b0bfcd545,2025-04-14T04:15:16.967000
CVE-2025-3551,0,0,bf8a2dc7c80bb41327056daaf325de91b6ca0a8ca30145ec7fb2ad477703fc3a,2025-04-14T05:15:15.330000
CVE-2025-3552,1,1,d8a1cd457ee8a10be49e4938230b1d442704fb4276edea52c0502b59197590af,2025-04-14T06:15:16.440000
CVE-2025-3553,1,1,3d0280d97597b57c2181463ad78e0eb1317e8e694f321f0001424e1d1f0ba71b,2025-04-14T06:15:16.800000
CVE-2025-3554,1,1,da630508062c5be1b981df7385b8096851c1cfec70f988d229b8a510c452dda0,2025-04-14T07:15:14.860000
CVE-2025-3555,1,1,799a3a54c7e8d78c25a21f4ff2a39797ec135a56c0e9141bc5209d5b8a28ff33,2025-04-14T07:15:15.090000
CVE-2025-3572,0,0,ce93ec390a9611703e154796a1c8b29e4cb3ba90d0f017a2ea9b391560345b34,2025-04-14T03:15:17

Can't render this file because it is too large.