From c7080a86a4c0d8cb05f5cecbb37043ffecc320b2 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Thu, 20 Mar 2025 07:03:52 +0000 Subject: [PATCH] Auto-Update: 2025-03-20T07:00:19.753181+00:00 --- CVE-2024/CVE-2024-104xx/CVE-2024-10445.json | 10 ++- CVE-2024/CVE-2024-138xx/CVE-2024-13875.json | 21 ++++++ CVE-2024/CVE-2024-138xx/CVE-2024-13876.json | 21 ++++++ CVE-2024/CVE-2024-138xx/CVE-2024-13877.json | 21 ++++++ CVE-2024/CVE-2024-138xx/CVE-2024-13878.json | 21 ++++++ CVE-2024/CVE-2024-138xx/CVE-2024-13880.json | 21 ++++++ CVE-2024/CVE-2024-138xx/CVE-2024-13881.json | 21 ++++++ CVE-2024/CVE-2024-506xx/CVE-2024-50629.json | 10 ++- CVE-2025/CVE-2025-13xx/CVE-2025-1314.json | 76 +++++++++++++++++++++ CVE-2025/CVE-2025-17xx/CVE-2025-1766.json | 64 +++++++++++++++++ CVE-2025/CVE-2025-17xx/CVE-2025-1770.json | 68 ++++++++++++++++++ CVE-2025/CVE-2025-222xx/CVE-2025-22228.json | 44 ++++++++++++ README.md | 22 ++++-- _state.csv | 18 +++-- 14 files changed, 422 insertions(+), 16 deletions(-) create mode 100644 CVE-2024/CVE-2024-138xx/CVE-2024-13875.json create mode 100644 CVE-2024/CVE-2024-138xx/CVE-2024-13876.json create mode 100644 CVE-2024/CVE-2024-138xx/CVE-2024-13877.json create mode 100644 CVE-2024/CVE-2024-138xx/CVE-2024-13878.json create mode 100644 CVE-2024/CVE-2024-138xx/CVE-2024-13880.json create mode 100644 CVE-2024/CVE-2024-138xx/CVE-2024-13881.json create mode 100644 CVE-2025/CVE-2025-13xx/CVE-2025-1314.json create mode 100644 CVE-2025/CVE-2025-17xx/CVE-2025-1766.json create mode 100644 CVE-2025/CVE-2025-17xx/CVE-2025-1770.json create mode 100644 CVE-2025/CVE-2025-222xx/CVE-2025-22228.json diff --git a/CVE-2024/CVE-2024-104xx/CVE-2024-10445.json b/CVE-2024/CVE-2024-104xx/CVE-2024-10445.json index beec2da3a62..9d70dfa0d7b 100644 --- a/CVE-2024/CVE-2024-104xx/CVE-2024-10445.json +++ b/CVE-2024/CVE-2024-104xx/CVE-2024-10445.json @@ -2,13 +2,17 @@ "id": "CVE-2024-10445", "sourceIdentifier": "security@synology.com", "published": "2025-03-19T02:15:28.413", - "lastModified": "2025-03-19T02:15:28.413", + "lastModified": "2025-03-20T05:15:38.783", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Improper certificate validation vulnerability in the update functionality in Synology BeeStation Manager (BSM) before 1.1-65374, Synology DiskStation Manager (DSM) before 6.2.4-25556-8, 7.1.1-42962-7, 7.2-64570-4, 7.2.1-69057-6 and 7.2.2-72806-1 and Synology Unified Controller (DSMUC) before 3.1.4-23079 allows remote attackers to write limited files via unspecified vectors." + "value": "Improper certificate validation vulnerability in the update functionality in Synology BeeStation Manager (BSM) before 1.1-65374 and Synology DiskStation Manager (DSM) before 7.1.1-42962-7, 7.2-64570-4, 7.2.1-69057-6 and 7.2.2-72806-1 allow remote attackers to write limited files via unspecified vectors." + }, + { + "lang": "es", + "value": "La vulnerabilidad de validaci\u00f3n de certificado incorrecta en la funcionalidad de actualizaci\u00f3n en Synology BeeStation Manager (BSM) anterior a 1.1-65374, Synology DiskStation Manager (DSM) anterior a 6.2.4-25556-8, 7.1.1-42962-7, 7.2-64570-4, 7.2.1-69057-6 y 7.2.2-72806-1 y Synology Unified Controller (DSMUC) anterior a 3.1.4-23079 permite a atacantes remotos escribir archivos limitados a trav\u00e9s de vectores no especificados." } ], "metrics": { @@ -38,7 +42,7 @@ "weaknesses": [ { "source": "security@synology.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-138xx/CVE-2024-13875.json b/CVE-2024/CVE-2024-138xx/CVE-2024-13875.json new file mode 100644 index 00000000000..2dda947f78b --- /dev/null +++ b/CVE-2024/CVE-2024-138xx/CVE-2024-13875.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-13875", + "sourceIdentifier": "contact@wpscan.com", + "published": "2025-03-20T06:15:20.620", + "lastModified": "2025-03-20T06:15:20.620", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The WP-PManager WordPress plugin through 1.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/82c54fb5-f1d9-4bae-a3de-d4335809b81c/", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-138xx/CVE-2024-13876.json b/CVE-2024/CVE-2024-138xx/CVE-2024-13876.json new file mode 100644 index 00000000000..5c66f318e62 --- /dev/null +++ b/CVE-2024/CVE-2024-138xx/CVE-2024-13876.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-13876", + "sourceIdentifier": "contact@wpscan.com", + "published": "2025-03-20T06:15:21.910", + "lastModified": "2025-03-20T06:15:21.910", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The mEintopf WordPress plugin through 0.2.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/d80cd18a-065f-443b-b548-d780b785d68e/", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-138xx/CVE-2024-13877.json b/CVE-2024/CVE-2024-138xx/CVE-2024-13877.json new file mode 100644 index 00000000000..c51d7293c4e --- /dev/null +++ b/CVE-2024/CVE-2024-138xx/CVE-2024-13877.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-13877", + "sourceIdentifier": "contact@wpscan.com", + "published": "2025-03-20T06:15:22.007", + "lastModified": "2025-03-20T06:15:22.007", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Passbeemedia Web Push Notification WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/0e8ce3cf-1598-4c5d-b119-99d5f676e619/", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-138xx/CVE-2024-13878.json b/CVE-2024/CVE-2024-138xx/CVE-2024-13878.json new file mode 100644 index 00000000000..a54753382b4 --- /dev/null +++ b/CVE-2024/CVE-2024-138xx/CVE-2024-13878.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-13878", + "sourceIdentifier": "contact@wpscan.com", + "published": "2025-03-20T06:15:22.113", + "lastModified": "2025-03-20T06:15:22.113", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The SpotBot WordPress plugin through 0.1.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/882b2022-4ed6-4d9e-8b35-f48ea1580884/", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-138xx/CVE-2024-13880.json b/CVE-2024/CVE-2024-138xx/CVE-2024-13880.json new file mode 100644 index 00000000000..c04618a0765 --- /dev/null +++ b/CVE-2024/CVE-2024-138xx/CVE-2024-13880.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-13880", + "sourceIdentifier": "contact@wpscan.com", + "published": "2025-03-20T06:15:22.213", + "lastModified": "2025-03-20T06:15:22.213", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The My Quota WordPress plugin through 1.0.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/bee3b002-e808-4402-8bf6-4375ed7b3807/", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-138xx/CVE-2024-13881.json b/CVE-2024/CVE-2024-138xx/CVE-2024-13881.json new file mode 100644 index 00000000000..cb100058282 --- /dev/null +++ b/CVE-2024/CVE-2024-138xx/CVE-2024-13881.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-13881", + "sourceIdentifier": "contact@wpscan.com", + "published": "2025-03-20T06:15:22.317", + "lastModified": "2025-03-20T06:15:22.317", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Link My Posts WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/900fa2c6-0cac-4920-aef2-e8b94248b62e/", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-506xx/CVE-2024-50629.json b/CVE-2024/CVE-2024-506xx/CVE-2024-50629.json index d55bd00b0fb..29732480c89 100644 --- a/CVE-2024/CVE-2024-506xx/CVE-2024-50629.json +++ b/CVE-2024/CVE-2024-506xx/CVE-2024-50629.json @@ -2,13 +2,17 @@ "id": "CVE-2024-50629", "sourceIdentifier": "security@synology.com", "published": "2025-03-19T06:15:15.460", - "lastModified": "2025-03-19T06:15:15.460", + "lastModified": "2025-03-20T05:15:39.483", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Improper encoding or escaping of output vulnerability in the webapi component in Synology BeeStation Manager (BSM) before 1.1-65374, Synology DiskStation Manager (DSM) before 6.2.4-25556-8, 7.1.1-42962-7, 7.2-64570-4, 7.2.1-69057-6 and 7.2.2-72806-1 and Synology Unified Controller (DSMUC) before 3.1.4-23079 allows remote attackers to read limited files via unspecified vectors." + "value": "Improper encoding or escaping of output vulnerability in the webapi component in Synology BeeStation Manager (BSM) before 1.1-65374 and Synology DiskStation Manager (DSM) before 7.1.1-42962-7, 7.2-64570-4, 7.2.1-69057-6 and 7.2.2-72806-1 allow remote attackers to read limited files via unspecified vectors." + }, + { + "lang": "es", + "value": "La vulnerabilidad de codificaci\u00f3n o escape incorrecto de la salida en el componente webapi en Synology BeeStation Manager (BSM) anterior a 1.1-65374, Synology DiskStation Manager (DSM) anterior a 6.2.4-25556-8, 7.1.1-42962-7, 7.2-64570-4, 7.2.1-69057-6 y 7.2.2-72806-1 y Synology Unified Controller (DSMUC) anterior a 3.1.4-23079 permite a atacantes remotos leer archivos limitados a trav\u00e9s de vectores no especificados." } ], "metrics": { @@ -38,7 +42,7 @@ "weaknesses": [ { "source": "security@synology.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2025/CVE-2025-13xx/CVE-2025-1314.json b/CVE-2025/CVE-2025-13xx/CVE-2025-1314.json new file mode 100644 index 00000000000..e76410b5d9c --- /dev/null +++ b/CVE-2025/CVE-2025-13xx/CVE-2025-1314.json @@ -0,0 +1,76 @@ +{ + "id": "CVE-2025-1314", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-03-20T06:15:22.437", + "lastModified": "2025-03-20T06:15:22.437", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Custom Twitter Feeds \u2013 A Tweets Widget or X Feed Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.5. This is due to missing or incorrect nonce validation on the ctf_clear_cache_admin() function. This makes it possible for unauthenticated attackers to reset the plugin's cache via a forged request granted they can trick a site administrator into performing an action such as clicking on a link." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/custom-twitter-feeds/trunk/custom-twitter-feed.php#L1014", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/custom-twitter-feeds/trunk/custom-twitter-feed.php#L810", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/custom-twitter-feeds/trunk/custom-twitter-feed.php#L833", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3254840/", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/custom-twitter-feeds/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/28d47605-ecb8-42cc-901a-3cf07b946877?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-17xx/CVE-2025-1766.json b/CVE-2025/CVE-2025-17xx/CVE-2025-1766.json new file mode 100644 index 00000000000..73e4353a882 --- /dev/null +++ b/CVE-2025/CVE-2025-17xx/CVE-2025-1766.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2025-1766", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-03-20T06:15:22.740", + "lastModified": "2025-03-20T06:15:22.740", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Event Manager, Events Calendar, Tickets, Registrations \u2013 Eventin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'payment_complete' function in all versions up to, and including, 4.0.24. This makes it possible for unauthenticated attackers to update the status of ticket payments to 'completed', possibly resulting in financial loss." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "http://plugins.trac.wordpress.org/browser/wp-event-solution/tags/4.0.24/core/Order/PaymentController.php#L97", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3257023/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f2bcaff9-bf04-4d8e-9422-c433264067ff?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-17xx/CVE-2025-1770.json b/CVE-2025/CVE-2025-17xx/CVE-2025-1770.json new file mode 100644 index 00000000000..c8323e13b27 --- /dev/null +++ b/CVE-2025/CVE-2025-17xx/CVE-2025-1770.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2025-1770", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-03-20T06:15:22.903", + "lastModified": "2025-03-20T06:15:22.903", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Event Manager, Events Calendar, Tickets, Registrations \u2013 Eventin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.0.24 via the 'style' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other \u201csafe\u201d file types can be uploaded and included." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/wp-event-solution/tags/4.0.24/widgets/events-calendar/events-calendar.php#L715", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/wp-event-solution/tags/4.0.24/widgets/upcoming-event-tab/style/tab-1.php#L53", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3257023/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5f24baee-7003-449b-9072-d95fa1e26c8f?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-222xx/CVE-2025-22228.json b/CVE-2025/CVE-2025-222xx/CVE-2025-22228.json new file mode 100644 index 00000000000..3708e50da75 --- /dev/null +++ b/CVE-2025/CVE-2025-222xx/CVE-2025-22228.json @@ -0,0 +1,44 @@ +{ + "id": "CVE-2025-22228", + "sourceIdentifier": "security@vmware.com", + "published": "2025-03-20T06:15:23.087", + "lastModified": "2025-03-20T06:15:23.087", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "BCryptPasswordEncoder.matches(CharSequence,String)\u00a0will incorrectly return true\u00a0for passwords larger than 72 characters as long as the first 72 characters are the same." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@vmware.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", + "baseScore": 7.4, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.2 + } + ] + }, + "references": [ + { + "url": "https://spring.io/security/cve-2025-22228", + "source": "security@vmware.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index b1544081570..e0722fa21a6 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-03-20T05:00:20.517238+00:00 +2025-03-20T07:00:19.753181+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-03-20T04:15:17.907000+00:00 +2025-03-20T06:15:23.087000+00:00 ``` ### Last Data Feed Release @@ -33,21 +33,31 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -285725 +285735 ``` ### CVEs added in the last Commit -Recently added CVEs: `0` +Recently added CVEs: `10` +- [CVE-2024-13875](CVE-2024/CVE-2024-138xx/CVE-2024-13875.json) (`2025-03-20T06:15:20.620`) +- [CVE-2024-13876](CVE-2024/CVE-2024-138xx/CVE-2024-13876.json) (`2025-03-20T06:15:21.910`) +- [CVE-2024-13877](CVE-2024/CVE-2024-138xx/CVE-2024-13877.json) (`2025-03-20T06:15:22.007`) +- [CVE-2024-13878](CVE-2024/CVE-2024-138xx/CVE-2024-13878.json) (`2025-03-20T06:15:22.113`) +- [CVE-2024-13880](CVE-2024/CVE-2024-138xx/CVE-2024-13880.json) (`2025-03-20T06:15:22.213`) +- [CVE-2024-13881](CVE-2024/CVE-2024-138xx/CVE-2024-13881.json) (`2025-03-20T06:15:22.317`) +- [CVE-2025-1314](CVE-2025/CVE-2025-13xx/CVE-2025-1314.json) (`2025-03-20T06:15:22.437`) +- [CVE-2025-1766](CVE-2025/CVE-2025-17xx/CVE-2025-1766.json) (`2025-03-20T06:15:22.740`) +- [CVE-2025-1770](CVE-2025/CVE-2025-17xx/CVE-2025-1770.json) (`2025-03-20T06:15:22.903`) +- [CVE-2025-22228](CVE-2025/CVE-2025-222xx/CVE-2025-22228.json) (`2025-03-20T06:15:23.087`) ### CVEs modified in the last Commit Recently modified CVEs: `2` -- [CVE-2024-10441](CVE-2024/CVE-2024-104xx/CVE-2024-10441.json) (`2025-03-20T04:15:16.153`) -- [CVE-2024-27564](CVE-2024/CVE-2024-275xx/CVE-2024-27564.json) (`2025-03-20T04:15:17.907`) +- [CVE-2024-10445](CVE-2024/CVE-2024-104xx/CVE-2024-10445.json) (`2025-03-20T05:15:38.783`) +- [CVE-2024-50629](CVE-2024/CVE-2024-506xx/CVE-2024-50629.json) (`2025-03-20T05:15:39.483`) ## Download and Usage diff --git a/_state.csv b/_state.csv index f747622df18..138d9c205ee 100644 --- a/_state.csv +++ b/_state.csv @@ -244737,11 +244737,11 @@ CVE-2024-10438,0,0,9ced19709ace1d6bfb86b8de1801377c2112b016d1dc92ec0264f2bb581a3 CVE-2024-10439,0,0,dff63217c69fae9244806d074600acaa18035b339be2a233d07b224cb66e4434,2024-10-31T00:35:36.173000 CVE-2024-1044,0,0,afe542ab3d14120a4dc6f87d2e56310efaf4c6644bbb29e84c8a93856ebe6be3,2025-02-05T14:39:38.177000 CVE-2024-10440,0,0,28edfb6b2838e0c83bba465fa859f9eabfcf16c21fbb114f33945ddeeeda5c34,2024-10-31T00:34:23.870000 -CVE-2024-10441,0,1,aebae05b36ac6cb47759e06fdd5cb056920a99df39c38c73f4a48586f0216782,2025-03-20T04:15:16.153000 +CVE-2024-10441,0,0,aebae05b36ac6cb47759e06fdd5cb056920a99df39c38c73f4a48586f0216782,2025-03-20T04:15:16.153000 CVE-2024-10442,0,0,e70304607e1a9fcff67a7d0da96dd66a959139b41dd01258f3a99b5d3ca40002,2025-03-19T03:15:11.790000 CVE-2024-10443,0,0,9a248fde514219a3f9853f6d0a6319c7fe25a6f75bf2697069d2e08ef9a76558,2025-01-14T19:29:55.853000 CVE-2024-10444,0,0,1c5145ef8af107fe13950f2b19576a35cd6ac8c804342d4235202a1f865c009b,2025-03-19T02:15:28.297000 -CVE-2024-10445,0,0,b6c0251e2e2f4d1a3dcbdc3cae299ba4826fd0744c4f3821ed0432b008a2f258,2025-03-19T02:15:28.413000 +CVE-2024-10445,0,1,00101347e241c4fa89fa12b5ad3c4d6469ccf3820d75b549fa2f2ad986007cb8,2025-03-20T05:15:38.783000 CVE-2024-10446,0,0,3d25a165556e0fad6d8407d42b9edffae95ba1513463aa6427887274dcd60e3e,2024-11-01T16:39:25.890000 CVE-2024-10447,0,0,1aabb36338a0fb4db4a2b1a8bcc54889f8acb58ed831d08462413a477f5f50d0,2024-10-31T01:23:46.300000 CVE-2024-10448,0,0,30527750f046c9cbebeef89666183ad8cc7981e5e7641fb5f3c0c165f52e1c10,2024-11-01T18:26:55.980000 @@ -247959,8 +247959,14 @@ CVE-2024-13870,0,0,3cb87b62ec130122ba819c9d907ccf45e4d470775a7726fc8ca4fa815401f CVE-2024-13871,0,0,6914e75153aa8ac82856a10614a4ab71bf74b973b9197753b08e3467b50ff7e4,2025-03-12T12:15:14.087000 CVE-2024-13872,0,0,8441a8b9821b99dd5d66f21ca116b3982d70866c01c29996d1bcba8ba0374b87,2025-03-12T12:15:14.273000 CVE-2024-13873,0,0,55e5174b0343fd72e7abadc33d2c5cbba17148439d124d339cc41ecc820eadf2,2025-03-11T13:32:22.040000 +CVE-2024-13875,1,1,4c4cecd6b115bd318fac78ba810a7e795d1c9ba3a8dc6f2ae96b08e6c9c2e698,2025-03-20T06:15:20.620000 +CVE-2024-13876,1,1,a6ebb82a1fbefbec5c14d68f2b73e5515e609b6de3baf8cad239c22497244595,2025-03-20T06:15:21.910000 +CVE-2024-13877,1,1,86f0106017c8b156183efc0f8f67c29d774d90ea066e396d3e86f4f2bc1d0895,2025-03-20T06:15:22.007000 +CVE-2024-13878,1,1,76be53f327d568ac30dae8c2a9f910a385d388d6c51d3af1e9b6d00145e8e707,2025-03-20T06:15:22.113000 CVE-2024-13879,0,0,840cef42e99ba3012c3b31f8bded69776814665d9c25d0869b7b55ae4acecc40,2025-02-17T16:15:15.950000 CVE-2024-1388,0,0,4055ac29f5fc98e5c697dde8e9fd854a4a3e80aad935e1d1af922e2721330e53,2025-01-16T15:18:18.140000 +CVE-2024-13880,1,1,f43a7abb0507806a71f44c2a191537323a6d4b532fc4e4c876f6db3e8144a038,2025-03-20T06:15:22.213000 +CVE-2024-13881,1,1,8b65cb8fa8cbde3862235205edca969a348d00c229e25f68f803d628efd02697,2025-03-20T06:15:22.317000 CVE-2024-13882,0,0,84433ff5336d8ffd4f3b9e1900997873e762c753471a7d076048637860bc8a15,2025-03-13T13:06:16.947000 CVE-2024-13883,0,0,1e82cdf8d40eea1cf0fdba117374eff50482e8082835729e73b8298b4bf2a5eb,2025-02-25T03:39:21.267000 CVE-2024-13884,0,0,a633c4be0fc2c6cc5ab3035b1404e8e38cf9bff027e285ddb96ab884f66c4960,2025-03-14T17:15:41.327000 @@ -254617,7 +254623,7 @@ CVE-2024-27559,0,0,71c1073ce70c0a5981360edceff2e9e6fee7537870ee9d7f5743c89a522a4 CVE-2024-2756,0,0,a5e32d8741cc26d296895613cf08c20905d9f2aa36e0d7124d341861eb8226fa,2025-02-13T18:17:57.060000 CVE-2024-27561,0,0,fc16f92d17651bc7c1c4e9050d562b06f5135d4a3f335b425cd240bae1399bcf,2025-01-21T15:08:34.140000 CVE-2024-27563,0,0,5533c243cccd53d02317f51d488d5c114a766a4a03a83659e29f733a18ae8237,2025-01-21T15:08:45.213000 -CVE-2024-27564,0,1,50190b3a2f4ca8031a551dcdd586d3ed2688b2baaa0327653b0987902a5a8736,2025-03-20T04:15:17.907000 +CVE-2024-27564,0,0,50190b3a2f4ca8031a551dcdd586d3ed2688b2baaa0327653b0987902a5a8736,2025-03-20T04:15:17.907000 CVE-2024-27565,0,0,a3b38ad3cbec062b28bbaa8b020ffb17a64d4ab23e3a1af71e103df51fce5c55,2025-01-21T15:11:29.370000 CVE-2024-27567,0,0,1cabb61feb31ce9256b51a36fe51ecd8a3fe0d13c184bf0c394563554cdc6fb6,2024-11-21T09:04:45.313000 CVE-2024-27568,0,0,f60461d2234dac0a41c0e3ac1d3945e36e4cc38ca6bc0749c4b7d5949db225b3,2024-11-21T09:04:45.523000 @@ -272113,7 +272119,7 @@ CVE-2024-50625,0,0,600a63b94c23d23207c426e1e43b071296b787357ca99d17c5661761f04e2 CVE-2024-50626,0,0,ee346cb1a02e9d6ceaf318c396c6bbfc04e63993edcd6528fb39c33b5fb34c43,2024-12-12T02:06:32.817000 CVE-2024-50627,0,0,54f35ecd4423ba348ca66129853a9258eaef3460345ced0ea32309ba3face4cb,2024-12-11T17:15:17.200000 CVE-2024-50628,0,0,0643f111de6b649c82d0d465a05ff1bea2d7a2ca8f3d6abb1fa505b9869b41b4,2024-12-11T17:15:17.350000 -CVE-2024-50629,0,0,092e026a31e02ec3801500a4ae72b99eb644aab0124068333f8636ff45eea81a,2025-03-19T06:15:15.460000 +CVE-2024-50629,0,1,6a085e7a99631135fbebbaf60fda4592036c7aabcdb7966ee6230a71459481a5,2025-03-20T05:15:39.483000 CVE-2024-5063,0,0,e630fa0c680d15c2ffb71fb0fff853109ca27af8a13b608135186f60d8e0f3a0,2025-03-03T16:05:23.833000 CVE-2024-50630,0,0,42480fa67393e893874111e10def74090d1580a476b884485586f78334425893,2025-03-19T06:15:15.620000 CVE-2024-50631,0,0,6556b6fba30659d0e3b45c702b6e019d0f671fd06e0aa4fb8ca6f932b0269b12,2025-03-19T06:15:15.773000 @@ -281279,6 +281285,7 @@ CVE-2025-1302,0,0,4c600c674f22378513ee28ce145975f04e5b0e89605ff80d937b77394d750b CVE-2025-1306,0,0,de526cacf8bf273c9432977eceb9f985b41588e9255fe87d024d0d9921890929,2025-03-05T18:45:32.943000 CVE-2025-1307,0,0,f5a65a0d70e64918e5c1a7d1d02a502ae3db9a76fffe081c38f2a5d059c1eb26,2025-03-05T13:55:29.927000 CVE-2025-1309,0,0,5d2b17215fed7de1b66f6e9e5fd86a1c64bff76093266d0c2270f4eeb2161dcf,2025-03-07T08:15:42.017000 +CVE-2025-1314,1,1,bef0af46751d157bebb1445681f0889869bad06628324dcac2c91ae6407a6677,2025-03-20T06:15:22.437000 CVE-2025-1315,0,0,c9e8745dbefb0bf0261b2f91c12e9e98e3cc98d8ec5104e6ca17c1728c337c11,2025-03-13T15:00:51.697000 CVE-2025-1316,0,0,b820806d7f30742e1f310d479db0e6f1081291250a05ea270fa97a86d0378e82,2025-03-20T01:00:01.543000 CVE-2025-1319,0,0,5608e8fed0951b886a3c35a412349882285377e0e71940df00323908f2c62220,2025-03-06T15:09:58.827000 @@ -281541,8 +281548,10 @@ CVE-2025-1756,0,0,787bba2bf34abbaae222d1a9edb902cd4b5b03484def1773bc6176dae0327c CVE-2025-1757,0,0,d127b6a3ffac663a4e001beb8dfa5007692cd7ce23f31435b6a43f3b159cc775,2025-03-10T16:48:47.823000 CVE-2025-1758,0,0,6e7273d280b144143a8cb958771624064d702636d9b502f05afaec79b1ceb45f,2025-03-19T16:15:30.527000 CVE-2025-1764,0,0,2349f087fbe3740df3245b33b9534c78e758d2c1712d6b5913bb9ce7cf3580a6,2025-03-14T06:15:24.860000 +CVE-2025-1766,1,1,02b1b243fe7cb40bb62deeed4b2a391d24d57727a42d8f3a6c8b5cef7fdc54a9,2025-03-20T06:15:22.740000 CVE-2025-1767,0,0,2d7a67a49e2d8224d71f3f81db0cee88468897d8d69262d33481730c6124ca91,2025-03-13T21:15:43.127000 CVE-2025-1768,0,0,21c4d8708441d636d3d85a241f0a7821ff945f56838f66ee7adb3147ed9da671,2025-03-07T11:15:15.653000 +CVE-2025-1770,1,1,13645f43cf69bb3c76ece6bd3fa7072e9be79814027bfd73f476cbe1b659aec9,2025-03-20T06:15:22.903000 CVE-2025-1771,0,0,c171ed55fed0a4a64976e6e8eeb1698997415eae3c2cf608015436b6fb242c77,2025-03-15T05:15:47.253000 CVE-2025-1773,0,0,795daaa3f258262b445a3a99a79426a4cfa2d8aa55ca3c162cbe1a93dbd5c998,2025-03-15T05:15:47.403000 CVE-2025-1774,0,0,8e0367ed8bb2061d3c8c88202d36163a48bcaa3789cd28f90c30f0871f7acaaa,2025-03-17T15:15:43.523000 @@ -282670,6 +282679,7 @@ CVE-2025-22222,0,0,58fbf61f1e86261177996a1b70d050ee1228a83c36092ff3d83feec937c30 CVE-2025-22224,0,0,0c0906335b7f86da24b3fde710fab603a9c0fb60b93cf41fdeb4c7c486105569,2025-03-05T16:18:36.103000 CVE-2025-22225,0,0,3e24abbf0adc5a228537b56235fd143ccfc793c2f301e3da3c6a729ab38579e2,2025-03-05T16:21:26.263000 CVE-2025-22226,0,0,082732854e25a0da9d3d2451729acf57e56fc1a000d9bb5bff3b534351f8cdf6,2025-03-05T16:22:52.433000 +CVE-2025-22228,1,1,631f2a9704603135b25c1f0231162c8eee30537c895b26265bf8e03a65c63644,2025-03-20T06:15:23.087000 CVE-2025-22260,0,0,6bffdd50ff1b9a95889c1f9bea94c0f7f92eb9097aa6e2dd07529a5cbb0d5ce1,2025-02-03T15:15:17.503000 CVE-2025-22261,0,0,cabefa2bbb4850682fa8dc2dd04543561914d58490173d75f62166401d731c68,2025-02-26T15:15:24.877000 CVE-2025-22262,0,0,2a90436047a91b64c9791cff4f6c4190896e3e92637458d2d2ccf25cb4f8537c,2025-01-21T14:15:09.757000