admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-11 16:13:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-07-04T04:00:11.712104+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-07-04 04:03:48 +00:00
parent d706525a54
commit cbc4f1d853
20 changed files with 1250 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
CVE-2025/CVE-2025-55xx/CVE-2025-5567.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-5567",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-07-04T03:15:21.040",
"lastModified": "2025-07-04T03:15:21.040",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'data-url' DOM element attribute in all versions up to, and including, 7.4.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/tags/7.4.0/includes/js/shortcodes/index.js",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fbd67145-5b95-4890-a265-1dd7a029aec6?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2025/CVE-2025-59xx/CVE-2025-5924.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-5924",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-07-04T03:15:21.240",
"lastModified": "2025-07-04T03:15:21.240",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WP Firebase Push Notification plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.0. This is due to missing or incorrect nonce validation on the wfpn_brodcast_notification_message() function. This makes it possible for unauthenticated attackers to send broadcast notifications via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wp-push-notification-firebase/trunk/wp_push_notification_firebase.php#L67",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/996e0432-e795-4c01-8182-603a47f4f341?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2025/CVE-2025-59xx/CVE-2025-5933.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-5933",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-07-04T03:15:21.407",
"lastModified": "2025-07-04T03:15:21.407",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The RD Contacto plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. This is due to missing or incorrect nonce validation on the rdWappUpdateData() function. This makes it possible for unauthenticated attackers to update plugin settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/rd-wapp/trunk/includes/rdwapp-class.php#L35",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/113b3093-18fe-40ae-85af-aae1945201db?source=cve",
"source": "security@wordfence.com"
}
]
}

72
CVE-2025/CVE-2025-59xx/CVE-2025-5953.json Normal file
View File

@ -0,0 +1,72 @@
{
"id": "CVE-2025-5953",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-07-04T03:15:21.583",
"lastModified": "2025-07-04T03:15:21.583",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WP Human Resource Management plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization in the ajax_insert_employee() and update_empoyee() functions in versions 2.0.0 through 2.2.17. The AJAX handler reads the client-supplied $_POST['role'] and, after basic cleaning via hrm_clean(), passes it directly to wp_insert_user() and later to $user->set_role() without verifying that the current user is allowed to assign that role. This makes it possible for authenticated attackers, with Employee-level access and above, to elevate their privileges to administrator."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/hrm/tags/2.2.17/class/employee.php#L543",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/hrm/tags/2.2.17/class/employee.php#L591",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/hrm/tags/2.2.17/class/employee.php#L89",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/hrm/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3ba33a18-429f-4a3e-b018-bdfbbe6e8482?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2025/CVE-2025-59xx/CVE-2025-5956.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2025-5956",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-07-04T03:15:21.747",
"lastModified": "2025-07-04T03:15:21.747",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WP Human Resource Management plugin for WordPress is vulnerable to Arbitrary User Deletion due to a missing authorization within the ajax_delete_employee() function in versions 2.0.0 through 2.2.17. The plugin\u2019s deletion handler reads the client-supplied $_POST['delete'] array and passes each ID directly to wp_delete_user() without verifying that the caller has the delete_users capability or limiting which user IDs may be removed. This makes it possible for authenticated attackers, with Employee-level access and above, to delete arbitrary accounts, including administrators."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/hrm/tags/2.2.17/class/employee.php#L48",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/hrm/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/28cf0f3f-0048-4da9-aa86-243479f7b974?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2025/CVE-2025-60xx/CVE-2025-6039.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-6039",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-07-04T03:15:21.910",
"lastModified": "2025-07-04T03:15:21.910",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ProcessingJS for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'pjs4wp' shortcode in all versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/processingjs-for-wp/trunk/processingjs-for-wp.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fcda8a7a-40e3-416e-940a-ba0245dcaa7d?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2025/CVE-2025-60xx/CVE-2025-6041.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-6041",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-07-04T03:15:22.080",
"lastModified": "2025-07-04T03:15:22.080",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The yContributors plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.5. This is due to missing or incorrect nonce validation on the 'yContributors' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/ycontributors/trunk/ycontributors_admin.php#L19",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1bd61124-d4af-4c88-be96-579c735b7b49?source=cve",
"source": "security@wordfence.com"
}
]
}

68
CVE-2025/CVE-2025-62xx/CVE-2025-6238.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2025-6238",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-07-04T03:15:22.237",
"lastModified": "2025-07-04T03:15:22.237",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The AI Engine plugin for WordPress is vulnerable to open redirect in version 2.8.4. This is due to an insecure OAuth implementation, as the 'redirect_uri' parameter is missing validation during the authorization flow. This makes it possible for unauthenticated attackers to intercept the authorization code and obtain an access token by redirecting the user to an attacker-controlled URI. Note: OAuth is disabled, the 'Meow_MWAI_Labs_OAuth' class is not loaded in the plugin in the patched version 2.8.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/ai-engine/tags/2.8.4/labs/oauth.php",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3321384/ai-engine/trunk/labs/mcp.php",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3321384/ai-engine/trunk/labs/oauth.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1edc84fd-8cb5-4899-9444-1b6ae3144917?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2025/CVE-2025-65xx/CVE-2025-6586.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-6586",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-07-04T03:15:22.407",
"lastModified": "2025-07-04T03:15:22.407",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Download Plugin plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the dpwap_plugin_locInstall function in all versions up to, and including, 2.2.8. This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/download-plugin/tags/2.2.8/app/Plugins/Dpwapuploader.php#L300",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/37734c25-cce3-41fb-babf-714ba7a4bced?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2025/CVE-2025-67xx/CVE-2025-6729.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-6729",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-07-04T03:15:22.577",
"lastModified": "2025-07-04T03:15:22.577",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The PayMaster for WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 0.4.31 via the 'wp_ajax_paym_status' AJAX action This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/woocommerce-paymaster-gateway-019/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2b9b501e-2ce7-43d8-bad2-6c3176eed8e2?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2025/CVE-2025-67xx/CVE-2025-6739.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-6739",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-07-04T03:15:22.740",
"lastModified": "2025-07-04T03:15:22.740",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WPQuiz plugin for WordPress is vulnerable to SQL Injection via the 'id' attribute of the 'wpquiz' shortcode in all versions up to, and including, 0.4.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/wpquiz/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/16444905-b111-4b4f-a9f0-d8728da2ebfb?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2025/CVE-2025-67xx/CVE-2025-6782.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-6782",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-07-04T03:15:22.913",
"lastModified": "2025-07-04T03:15:22.913",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The GoZen Forms plugin for WordPress is vulnerable to SQL Injection via the 'forms-id' parameter of the dirGZActiveForm() function in all versions up to, and including, 1.1.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/gozen-forms/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d874a041-1cd4-4ca1-85bd-4050630d8502?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2025/CVE-2025-67xx/CVE-2025-6783.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-6783",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-07-04T03:15:23.077",
"lastModified": "2025-07-04T03:15:23.077",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The GoZen Forms plugin for WordPress is vulnerable to SQL Injection via the 'forms-id' parameter of the emdedSc() function in all versions up to, and including, 1.1.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/gozen-forms/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/784998a7-550d-4299-9995-af01e5ee1d21?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2025/CVE-2025-67xx/CVE-2025-6786.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-6786",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-07-04T03:15:23.237",
"lastModified": "2025-07-04T03:15:23.237",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The DocCheck Login plugin for WordPress is vulnerable to unauthorized post access in all versions up to, and including, 1.1.5. This is due to plugin redirecting a user to login on a password protected post after the page has loaded. This makes it possible for unauthenticated attackers to read posts they should not have access to."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/doccheck-login/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0739b5ec-b1c4-4451-97c1-f8d5ed26a2d5?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2025/CVE-2025-67xx/CVE-2025-6787.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-6787",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-07-04T03:15:23.403",
"lastModified": "2025-07-04T03:15:23.403",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Smart Docs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'smartdocs_search' shortcode in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/smart-docs/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/70c41a28-982f-43e6-9415-3a2d996959f3?source=cve",
"source": "security@wordfence.com"
}
]
}

68
CVE-2025/CVE-2025-68xx/CVE-2025-6814.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2025-6814",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-07-04T03:15:23.580",
"lastModified": "2025-07-04T03:15:23.580",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Booking X plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_now() function in versions 1.0 to 1.1.2. This makes it possible for unauthenticated attackers to download all plugin data, including user accounts, user meta, and PayPal credentials, by issuing a crafted POST request."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/booking-x/tags/1.1.2/admin/class-bookingx-admin.php#L784",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/booking-x/tags/1.1.2/includes/class-bookingx.php#L322",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/booking-x/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6a30d572-e086-4b83-8cb7-4cef9a3253bd?source=cve",
"source": "security@wordfence.com"
}
]
}

68
CVE-2025/CVE-2025-70xx/CVE-2025-7046.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2025-7046",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-07-04T03:15:23.743",
"lastModified": "2025-07-04T03:15:23.743",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Portfolio for Elementor & Image Gallery | PowerFolio plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Custom JS Attributes of Plugin's widgets in all versions up to, and including, 3.2.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\r\nThe issue was partially fixed in version 3.2.0 and fully fixed in version 3.2.1"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/portfolio-elementor/trunk/elementor/elementor-widgets/image_gallery_widget.php#L492",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/portfolio-elementor/trunk/elementor/elementor-widgets/portfolio_widget.php#L541",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3318503/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/11f01584-e389-4551-b151-f3f0686d1d5d?source=cve",
"source": "security@wordfence.com"
}
]
}

145
CVE-2025/CVE-2025-70xx/CVE-2025-7053.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-7053",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-07-04T03:15:23.917",
"lastModified": "2025-07-04T03:15:23.917",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Cockpit up to 2.11.3. It has been rated as problematic. This issue affects some unknown processing of the file /system/users/save. The manipulation of the argument name/email leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 2.11.4 is able to address this issue. The patch is named bdcd5e3bc651c0839c7eea807f3eb6af856dbc76. It is recommended to upgrade the affected component. The vendor was contacted early about this disclosure and acted very professional. A patch and new release was made available very quickly."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 3.5,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseScore": 4.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
},
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://github.com/Cockpit-HQ/Cockpit/commit/bdcd5e3bc651c0839c7eea807f3eb6af856dbc76",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/Cockpit-HQ/Cockpit/releases/tag/2.11.4",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.314819",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.314819",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.605594",
"source": "cna@vuldb.com"
}
]
}

33
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-07-03T23:55:11.542510+00:00
2025-07-04T04:00:11.712104+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-07-03T22:15:21.287000+00:00
2025-07-04T03:15:23.917000+00:00
```
### Last Data Feed Release
@ -27,28 +27,43 @@ Repository synchronizes with the NVD every 2 hours.
Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)
```plain
2025-07-03T00:00:02.115490+00:00
2025-07-04T00:00:02.110622+00:00
```
### Total Number of included CVEs
```plain
300250
300268
```
### CVEs added in the last Commit
Recently added CVEs: `1`
Recently added CVEs: `18`
- [CVE-2025-5322](CVE-2025/CVE-2025-53xx/CVE-2025-5322.json) (`2025-07-03T22:15:21.287`)
- [CVE-2025-5567](CVE-2025/CVE-2025-55xx/CVE-2025-5567.json) (`2025-07-04T03:15:21.040`)
- [CVE-2025-5924](CVE-2025/CVE-2025-59xx/CVE-2025-5924.json) (`2025-07-04T03:15:21.240`)
- [CVE-2025-5933](CVE-2025/CVE-2025-59xx/CVE-2025-5933.json) (`2025-07-04T03:15:21.407`)
- [CVE-2025-5953](CVE-2025/CVE-2025-59xx/CVE-2025-5953.json) (`2025-07-04T03:15:21.583`)
- [CVE-2025-5956](CVE-2025/CVE-2025-59xx/CVE-2025-5956.json) (`2025-07-04T03:15:21.747`)
- [CVE-2025-6039](CVE-2025/CVE-2025-60xx/CVE-2025-6039.json) (`2025-07-04T03:15:21.910`)
- [CVE-2025-6041](CVE-2025/CVE-2025-60xx/CVE-2025-6041.json) (`2025-07-04T03:15:22.080`)
- [CVE-2025-6238](CVE-2025/CVE-2025-62xx/CVE-2025-6238.json) (`2025-07-04T03:15:22.237`)
- [CVE-2025-6586](CVE-2025/CVE-2025-65xx/CVE-2025-6586.json) (`2025-07-04T03:15:22.407`)
- [CVE-2025-6729](CVE-2025/CVE-2025-67xx/CVE-2025-6729.json) (`2025-07-04T03:15:22.577`)
- [CVE-2025-6739](CVE-2025/CVE-2025-67xx/CVE-2025-6739.json) (`2025-07-04T03:15:22.740`)
- [CVE-2025-6782](CVE-2025/CVE-2025-67xx/CVE-2025-6782.json) (`2025-07-04T03:15:22.913`)
- [CVE-2025-6783](CVE-2025/CVE-2025-67xx/CVE-2025-6783.json) (`2025-07-04T03:15:23.077`)
- [CVE-2025-6786](CVE-2025/CVE-2025-67xx/CVE-2025-6786.json) (`2025-07-04T03:15:23.237`)
- [CVE-2025-6787](CVE-2025/CVE-2025-67xx/CVE-2025-6787.json) (`2025-07-04T03:15:23.403`)
- [CVE-2025-6814](CVE-2025/CVE-2025-68xx/CVE-2025-6814.json) (`2025-07-04T03:15:23.580`)
- [CVE-2025-7046](CVE-2025/CVE-2025-70xx/CVE-2025-7046.json) (`2025-07-04T03:15:23.743`)
- [CVE-2025-7053](CVE-2025/CVE-2025-70xx/CVE-2025-7053.json) (`2025-07-04T03:15:23.917`)
### CVEs modified in the last Commit
Recently modified CVEs: `2`
Recently modified CVEs: `0`
- [CVE-2025-49826](CVE-2025/CVE-2025-498xx/CVE-2025-49826.json) (`2025-07-03T22:15:21.010`)
- [CVE-2025-53367](CVE-2025/CVE-2025-533xx/CVE-2025-53367.json) (`2025-07-03T22:15:21.140`)
## Download and Usage

24
_state.csv
View File

@ -298367,7 +298367,7 @@ CVE-2025-49822,0,0,de49443b576bc1f584b5a6900459b73ba17d0494708f2396f6ea98c8b4c73
CVE-2025-49823,0,0,552cd4fad516f02486ff3428bf048ea275d9b1dd6acc2c30a167deddc98bdc84,2025-06-17T20:50:23.507000
CVE-2025-49824,0,0,974ad385597c7ebe1657b4c04293530cc71abe0711af75ee866eb4ab4d2dd957,2025-06-18T13:46:52.973000
CVE-2025-49825,0,0,f444b584006d5aede2c38e3ee10f0e113cb3d3f832999c3a3531ef94f625084b,2025-06-18T13:46:52.973000
CVE-2025-49826,0,1,60378491bc2422807013416a197799856e5a77af524cf2af91a06d6f59277421,2025-07-03T22:15:21.010000
CVE-2025-49826,0,0,60378491bc2422807013416a197799856e5a77af524cf2af91a06d6f59277421,2025-07-03T22:15:21.010000
CVE-2025-4983,0,0,8b53f9fcac717498609c6596ba194e3872474340efe5891a55ff7cfbe70e31d1,2025-05-30T16:31:03.107000
CVE-2025-4984,0,0,8011ca13e469a81f6afb4511e42cccafc7f5c3edf7ae8617debc1cb5fd406589,2025-05-30T16:31:03.107000
CVE-2025-49842,0,0,25f68be05f1cee4c74ac248773f32070b2173a4b15896e09f4b989979b7acc44,2025-06-17T20:50:23.507000
@ -298997,7 +298997,7 @@ CVE-2025-53203,0,0,3066a5e0ae713dd43c66d01a142b4c33aa4af60f15bae9ce1c285859f6161
CVE-2025-53206,0,0,1d8e9afd4d5808862609505109286c8fb5bf14faa1fefc35871110b47245a7ae,2025-06-30T18:38:48.477000
CVE-2025-5321,0,0,31d96e00ea1024b8084a7837ef9bf0b4fd55d789d529b1f4fae375684c451003,2025-06-01T05:15:20.947000
CVE-2025-53211,0,0,2abef6a3dfa316373b80998aadb9b980ebc2dc6ea27961810065342330691763,2025-06-30T18:38:48.477000
CVE-2025-5322,1,1,d9baa1d71d7baae7074c859e8b6f20f3d30a81a0e4112512adba2f0b232545fa,2025-07-03T22:15:21.287000
CVE-2025-5322,0,0,d9baa1d71d7baae7074c859e8b6f20f3d30a81a0e4112512adba2f0b232545fa,2025-07-03T22:15:21.287000
CVE-2025-5323,0,0,b0785ba87cd1215b18904af4ecc0dec4461f38599fcb91263ef5f63563e48a70,2025-05-30T16:31:03.107000
CVE-2025-5324,0,0,78e349d2bd14065297b1365314e2e0d4a2b731776a4275b89f97d27f39ee4fa3,2025-05-30T16:31:03.107000
CVE-2025-5325,0,0,c13176172452a62b2dce96df66b8263f391e2e94fbea914673cf01de62808a2d,2025-05-30T16:31:03.107000
@ -299080,7 +299080,7 @@ CVE-2025-5335,0,0,5abfb5e74bc6ec2f8ed9b95f56ffcbd4f93dcd183997df85e24502ad959346
CVE-2025-53358,0,0,3d97a4954e653a509d4005c71cf64fbb269b7293bb5ffaddd5ae485b7c74944b,2025-07-03T15:13:53.147000
CVE-2025-53359,0,0,45ed40db77640f47ba583ca32d5c60d80ffbacd98c4463b392cad98fdcfa3117,2025-07-03T15:13:53.147000
CVE-2025-5336,0,0,51ebbfc8a6c001d043ad92fbb70974a3ccedacbc8290bd5643cc8faeb9732c02,2025-06-16T12:32:18.840000
CVE-2025-53367,0,1,53fcb440f7d5bc00881a51ca9bbc481ac0441fcc6f11b71200db91212c4ee6c6,2025-07-03T22:15:21.140000
CVE-2025-53367,0,0,53fcb440f7d5bc00881a51ca9bbc481ac0441fcc6f11b71200db91212c4ee6c6,2025-07-03T22:15:21.140000
CVE-2025-53368,0,0,be3c0a7f58e2bbd4e68679c536da2e841620327ebe3522ae8a918c23f429e2ff,2025-07-03T20:15:23.577000
CVE-2025-53369,0,0,935c1344485ff5b914be62cc3781976d8c660c47c3bc47debabf78b9f979ea5a,2025-07-03T20:15:23.737000
CVE-2025-5337,0,0,f5b214301a56cadaeebc0b9a86ddeaf885fbd4e9b8e681558e7ccfb718bae2b0,2025-06-16T12:32:18.840000
@ -299276,6 +299276,7 @@ CVE-2025-5563,0,0,abd05332a66da82c0a84bbcebb55ce866c616ee358de4033b1bc944eee92c5
CVE-2025-5564,0,0,7809e1fdf6de89ef637777fde783c5f5ed408a93fc9e8800ee881fa5f62b3fb1,2025-06-26T18:57:43.670000
CVE-2025-5565,0,0,69057d9fcda3a9d391a6fdd2d36028e43e46d962e75d2a96d0e0e06e8f6deb95,2025-06-06T14:07:28.330000
CVE-2025-5566,0,0,779c860a161eb64dc6f40dd7f0ca399f4546b6e4ee22bf38748c51ae144c439c,2025-06-10T15:10:27.370000
CVE-2025-5567,1,1,d4c7d20634622e043ae59ec8b72f9143af320d6153f818337e9bf15ac8f30ba6,2025-07-04T03:15:21.040000
CVE-2025-5568,0,0,3985b2b3c56041cfacfc47ea29b5076a771839690445a0941918b66a37c31945,2025-06-09T12:15:47.880000
CVE-2025-5569,0,0,4c30b6740d26360ebc0aa84c2a25fe04c9749eefc6a71facbba872eca1a65c71,2025-06-04T14:54:33.783000
CVE-2025-5571,0,0,88815a4b21737d58e162800981d93fa4afd05c1cd7a98afd3597a0eeba47b636,2025-06-04T14:54:33.783000
@ -299579,6 +299580,7 @@ CVE-2025-5916,0,0,77a227907bb56f71f2bfd1bf497899ff1c8f6eb6d2e97956e9c7ee1b79bfbd
CVE-2025-5917,0,0,0b15f8cb6694a25438c80b55bb7a5b265e6faccf484d04cd7c6d5563268713ff,2025-06-12T16:06:47.857000
CVE-2025-5918,0,0,86b80ccf0910833edc22c6b7530445ae3be8c3d5eb7bba766fb3c183b6d35d2b,2025-06-12T16:06:47.857000
CVE-2025-5923,0,0,bd32fa6b95a8f310c6b07918d04b1a4cdef7f962ecfa8c2518b68d11b4b0741e,2025-06-16T12:32:18.840000
CVE-2025-5924,1,1,9ba78a539e8693d538bf35030d997b8e8c7185e23c112eda4f626320d2cf5b4e,2025-07-04T03:15:21.240000
CVE-2025-5925,0,0,74cb0f740f96269546a558716b8983e19baddafe2aff8e369ed86d426f629748,2025-06-12T16:06:39.330000
CVE-2025-5926,0,0,d101bf01d3fcfe0cdb9553376422f17ca8d863b6b3e856d7675080f3ca9408fd,2025-06-16T12:32:18.840000
CVE-2025-5927,0,0,0a0e7781a27f101005773f229ef6f5725a6a5e021dbbed62649398005b6b9ea0,2025-06-26T18:57:43.670000
@ -299586,6 +299588,7 @@ CVE-2025-5928,0,0,bf8e560b30d16961d3816817e86769462398f4dfd1c11ce3fc0a5a6f046beb
CVE-2025-5929,0,0,ac3c429d58adea1d7dc59fa88fe445b6e7625f0820f062aef785b1d40af21800,2025-06-26T18:57:43.670000
CVE-2025-5930,0,0,f247db24f36bcbf2f7d81e18a82d068f64b444dc019b1b0b868d92f5ff3fa36b,2025-06-16T12:32:18.840000
CVE-2025-5932,0,0,d1195345b3e2262847f1a971fa34210f177c9a6a4f5dfc87432b0985fe39715a,2025-06-26T18:57:43.670000
CVE-2025-5933,1,1,72deb43742f5065714f512f8f54b692bc2fae075a8d13229b12fcca9663e61e3,2025-07-04T03:15:21.407000
CVE-2025-5934,0,0,2b04aea49be1b2e817d664c8d52ff126b146b95757a60bd9875f5715a4755cac,2025-06-20T13:11:11.560000
CVE-2025-5935,0,0,c15a5d20553ffc7a7c30ae68f0e5f38be384091a8a588ccb546a6d6a87a9c526,2025-06-12T16:06:39.330000
CVE-2025-5936,0,0,14dd833e2dbb67a80ae2b6a949f46ce52c3dcb506a64a073c6dff2bcf9fbd529,2025-06-30T18:38:48.477000
@ -299599,6 +299602,8 @@ CVE-2025-5945,0,0,c7e4d5fd43d260b09c3d268ba39649757ca6834ec123b67f85c953ef50c7c5
CVE-2025-5950,0,0,760fa6d42f3c866c98b5e3438e6c6f00bd5fd5520537943b3e544b07838ccbee,2025-06-16T12:32:18.840000
CVE-2025-5951,0,0,8284d36183b5c5a20ce1ccc5cb7415a68b49193aca2a0e8df993129c1d1d98e3,2025-06-28T23:15:21.963000
CVE-2025-5952,0,0,80f5810e94a735443b1add4b87f50d30096f6ed0c46ddf37bebc56b27e945b75,2025-06-12T16:06:39.330000
CVE-2025-5953,1,1,6f2741b57f9c8e54b10411ac1c34494bd0ca3c28041e4fea6cfd02b64ce3ed2f,2025-07-04T03:15:21.583000
CVE-2025-5956,1,1,d303bd1a0f1015c2c6436862e595e6b77b66cea274127f3bf9a8911a53dca760,2025-07-04T03:15:21.747000
CVE-2025-5958,0,0,a36b78799dbbd1551f96c1bff1614591c13905c454c0b07d9b02e19316c76c99,2025-06-16T14:50:15.493000
CVE-2025-5959,0,0,a39e129e58512bcee45e4710589bda0209f85db251e85a57b71fd6de1e661083,2025-06-16T14:49:13.623000
CVE-2025-5961,0,0,1f529e00e0720b3c7547946ced624e6e38b15f9933d5f2d377b257a874600174,2025-07-03T15:13:53.147000
@ -299645,7 +299650,9 @@ CVE-2025-6030,0,0,e2d083f85b4980fab673be25fe64ff6c58fe5f2e84e15893b8c80d92f1561a
CVE-2025-6031,0,0,8862006220262f75545734fb5f034c6db29d3c4cbd11030b12e4d70636f9f9cc,2025-06-16T12:32:18.840000
CVE-2025-6032,0,0,7d36c2d58b732d43afa3008a3147d35986d6ec9223b352842d54a5562a9f2d17,2025-07-02T08:15:57.507000
CVE-2025-6035,0,0,b71b50bc0c235c19b2d078bb69ae3921b820489d58f8688dea7a7bdd7515f125,2025-06-16T12:32:18.840000
CVE-2025-6039,1,1,868818f24df2495b17e9c868b8fb6746eaa5654dbd24487bd282c919f94f7ddf,2025-07-04T03:15:21.910000
CVE-2025-6040,0,0,76a8c143b5834b0cf93cda3bf80ab595e40b144f2532ce0d72ddcf42d08934bb,2025-06-16T12:32:18.840000
CVE-2025-6041,1,1,f1590bc7f430e44e26265ed5472774b979ce04156432a94e9a184078db1536d6,2025-07-04T03:15:22.080000
CVE-2025-6050,0,0,67e03dde344620698f5a7773057ca524136abcdd721ce9bc82366b3da1039da8,2025-06-17T20:50:23.507000
CVE-2025-6052,0,0,f7b8f6bed96346c732cfe3c58915aaa99b04704580ca581c3769d9ac03c1036c,2025-06-16T12:32:18.840000
CVE-2025-6055,0,0,a1414c05d6a8565eece9cbd85c74aae5128e8846318652e194e65bb36ec8b3a2,2025-06-16T12:32:18.840000
@ -299763,6 +299770,7 @@ CVE-2025-6217,0,0,0d2c65c94d7cc4fabd9027df56e983345e1f33543f29c53f0c45cf319713d1
CVE-2025-6218,0,0,0c57dc44b918f69aa41dfa2cd45995e68693308920cd967c81e00d12734bb127,2025-06-25T19:03:33.817000
CVE-2025-6220,0,0,5f7d83b19f9a74deb42015750f7b5335a45a31dba8653fadb3cf8eaf78a671be,2025-06-18T13:47:40.833000
CVE-2025-6224,0,0,c2476a14c43ef31967d89288ff41b75746283c187c9c6cdc794d96fe44a26458,2025-07-03T15:14:12.767000
CVE-2025-6238,1,1,36b4bbb9d43939aa7354f99e83b946ef0626ccf0965dcda14a2e13464c7059f4,2025-07-04T03:15:22.237000
CVE-2025-6240,0,0,ba4da5fd605eca3c919532cf0a8a1661ebda5a87c35d4010c4dddeaa23d93e9a,2025-06-23T20:16:59.783000
CVE-2025-6252,0,0,d94ef9caefc0819c7f1c58e2e565f62f1e87e996f551797f28baeb89f4277c31,2025-06-30T18:38:23.493000
CVE-2025-6257,0,0,cc91b7557b526c88672e08add1b684bde89a65ab4dd7fa052a99a1c1c9c823b5,2025-06-23T20:16:40.143000
@ -300023,6 +300031,7 @@ CVE-2025-6580,0,0,14c9a21bff52d8562deb8a5ff102203adfe298df563381633ada51bbda9d23
CVE-2025-6581,0,0,9eb16713b89b10d47a3355e63f223e1d1babaf81dbe3bf267fcf583104bec561,2025-07-02T17:11:46.147000
CVE-2025-6582,0,0,06b49d50890d886846d052750b63a829a4a61d16f96e10b0780325588b187412,2025-07-02T17:04:36.247000
CVE-2025-6583,0,0,30d0558eb9467ec1d68b23c75a699e90fa70f2c3c0ad5646089f1aba65b21e55,2025-07-02T16:46:47.320000
CVE-2025-6586,1,1,e11a5e35bf076081b4e3338818c61730afa31ea632007d30c99ffe81d736c299,2025-07-04T03:15:22.407000
CVE-2025-6587,0,0,94e040daa08ba5c9e3932753930ce394b84353f61fda95c1801a18e9a0bd6347,2025-07-03T15:13:53.147000
CVE-2025-6600,0,0,0112972e1e9176f69319f72a7472c90ba6839f66bf6753048a883b2df6ce423f,2025-07-03T15:14:12.767000
CVE-2025-6603,0,0,94e8918af653fece9803c6dda129968de5b58a553aefbcdcb849847b69658ab4,2025-06-26T18:57:43.670000
@ -300100,6 +300109,7 @@ CVE-2025-6707,0,0,aef66556c55eec41bae463c7faf45c123c97efb1da15664a3018a0cfbb06ba
CVE-2025-6709,0,0,90498322242e290afd27889d9cfd65fddf909a1cfa7b78d899a4f3639a3f1253,2025-06-26T18:57:43.670000
CVE-2025-6710,0,0,97fb861af21f82df37e774a622e381a13202757cf11269e05074cb8b8b77bc3d,2025-06-26T18:57:43.670000
CVE-2025-6725,0,0,a2520bcd148ac768abbb97089f3d98d6281e55b56fe1591d0610425b8362a99d,2025-07-03T15:13:53.147000
CVE-2025-6729,1,1,46ab08a49b2d7c9031409cf54c133dfc815343b04d9a8f84f817179bcb32e2b8,2025-07-04T03:15:22.577000
CVE-2025-6731,0,0,372cdc09b88b76ae1a3439cacc26558b9d3793f6aabb288d1732baf08077c5eb,2025-06-30T18:38:48.477000
CVE-2025-6732,0,0,8fbae11e85db6326dce69c03fc40f9211057f9c0c6b79145f0a15d2bc6b0f7f7,2025-06-30T18:38:48.477000
CVE-2025-6733,0,0,29112c27c8fa4f85be74fdc3843a414c0b31c464c139e7c2f4cb2ad60f19d16d,2025-06-30T18:38:48.477000
@ -300107,6 +300117,7 @@ CVE-2025-6734,0,0,af9d11ca1e3694eed90555abd94388c3d1b00018f30b0a440d9a21f5de02d1
CVE-2025-6735,0,0,8734d70a00401da0ff9abed01b375db63bfe1b857ecd09eeb97e4130c9f85bb1,2025-06-30T18:38:48.477000
CVE-2025-6736,0,0,25903f9d1406c60f622962611fc5443a5d32d3cdb912833a9ad0899ef2f7c32d,2025-06-30T18:38:48.477000
CVE-2025-6738,0,0,3259930ec98b59546eeaeace9fb84641bae60a8fe1ea462b5fb5b4147d4fd671,2025-06-30T18:38:48.477000
CVE-2025-6739,1,1,42e8587a0ef9a977f682fe5bf2e7b84bea08b757c7154d8e297f8504442d9547,2025-07-04T03:15:22.740000
CVE-2025-6748,0,0,7f8f18ce472108822cda61d00f4ec9b1169d30c9d958ea970ce7bf174900b6ff,2025-06-30T18:38:48.477000
CVE-2025-6749,0,0,d1c491f56475f9982f91a0af7dbfe7ca7d1db32da1110cdac506d65ba7fc1676,2025-06-30T18:38:48.477000
CVE-2025-6750,0,0,f1b454f50a80614e8eea516f2449d507837abfd24769c351c9d643bb9f9983b5,2025-07-01T17:44:05.567000
@ -300129,6 +300140,11 @@ CVE-2025-6775,0,0,8844e93591b9f8f71933b4490a51dbe07d217bfd77f147a80f371490cffe99
CVE-2025-6776,0,0,a4afdc2a1b97ae313dde86d53b3dc2e793c44e826a62632b061ac5f515e063ef,2025-06-30T18:38:23.493000
CVE-2025-6777,0,0,e8b99b5ae9eb63ff94f7e705ede5d230cdaf4fba32d606ed695faa8f69c4026e,2025-06-30T18:38:23.493000
CVE-2025-6778,0,0,2899a3428a0cdf8e90a2d3c9a843fbb7aebdd0d0b43dda4d5d7954f83b288059,2025-06-30T18:38:23.493000
CVE-2025-6782,1,1,2b312307a1219eeccac1c18d44b02813c781865178c8be27ba23e04d2cac0e36,2025-07-04T03:15:22.913000
CVE-2025-6783,1,1,4bcbb814cd59361563462fb15f43060897563bd62e01a6d9e2a3af29912e09d4,2025-07-04T03:15:23.077000
CVE-2025-6786,1,1,cff517b6b10ccd7cf9f149a12e581ed3db63149e44d5063bacdbd69438b31eea,2025-07-04T03:15:23.237000
CVE-2025-6787,1,1,0b9083cb6422c613e6abc0326e5d57730494e160098d47204e102aea59f72e9f,2025-07-04T03:15:23.403000
CVE-2025-6814,1,1,074a43a8b3552b5ade24048775774228527c207408433584b79dc0f4f85c6c5c,2025-07-04T03:15:23.580000
CVE-2025-6816,0,0,5e9e5e2b35582b9f79370f11aa6db1969ced2cc7c6592e7f435aaffb84197923,2025-07-01T17:32:51.163000
CVE-2025-6817,0,0,f566ef24b61618394adfc182824a9952f225ff540b64bfe9d61b2edac708b720,2025-07-01T17:30:53.610000
CVE-2025-6818,0,0,a0000652c781adc29bf710133d5d06ca50842e03be22d2b59f6613f3db2e9b17,2025-06-30T18:38:23.493000
@ -300249,3 +300265,5 @@ CVE-2025-6960,0,0,f69e258addd0f7bd059256f11f94faf1722290a3191bb1314eac761ab08782
CVE-2025-6961,0,0,53750fb63f59995656a78ac3316404959c4e4fad3b2a07f4850a61cd0324f635,2025-07-03T15:14:12.767000
CVE-2025-6962,0,0,44e91228f386656f0fe7bbc39ade3e56c4211c1c88ec7964c70ae173041289c5,2025-07-03T15:14:12.767000
CVE-2025-6963,0,0,1850847a61a91cf087d068ba6686d6003da6219f5068f201b00a459270304a8a,2025-07-03T15:14:12.767000
CVE-2025-7046,1,1,bfc3f75a19ddf4c011fa35d5d7e3dba1ee0500cd88145609200c5475efeafb9e,2025-07-04T03:15:23.743000
CVE-2025-7053,1,1,7c553631a1754842980c905e7a5036f2578e53e5fdd6a16c5f10c740b90f1d52,2025-07-04T03:15:23.917000

Can't render this file because it is too large.