From d228a8e5574190842ce13e6bcf0db573307a0cc1 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Thu, 6 Feb 2025 15:04:04 +0000 Subject: [PATCH] Auto-Update: 2025-02-06T15:00:37.800929+00:00 --- CVE-2017/CVE-2017-126xx/CVE-2017-12617.json | 4 +- CVE-2017/CVE-2017-166xx/CVE-2017-16651.json | 4 +- CVE-2019/CVE-2019-22xx/CVE-2019-2215.json | 4 +- CVE-2020/CVE-2020-154xx/CVE-2020-15415.json | 4 +- CVE-2020/CVE-2020-168xx/CVE-2020-16846.json | 19 ++- CVE-2020/CVE-2020-269xx/CVE-2020-26919.json | 4 +- CVE-2021/CVE-2021-320xx/CVE-2021-32030.json | 8 +- CVE-2023/CVE-2023-461xx/CVE-2023-46153.json | 6 +- CVE-2024/CVE-2024-106xx/CVE-2024-10646.json | 59 +++++++- CVE-2024/CVE-2024-117xx/CVE-2024-11713.json | 57 +++++++- CVE-2024/CVE-2024-117xx/CVE-2024-11714.json | 57 +++++++- CVE-2024/CVE-2024-117xx/CVE-2024-11715.json | 59 +++++++- CVE-2024/CVE-2024-126xx/CVE-2024-12602.json | 56 ++++++++ CVE-2024/CVE-2024-249xx/CVE-2024-24911.json | 56 ++++++++ CVE-2024/CVE-2024-554xx/CVE-2024-55417.json | 41 +++++- CVE-2024/CVE-2024-579xx/CVE-2024-57954.json | 56 ++++++++ CVE-2024/CVE-2024-579xx/CVE-2024-57955.json | 56 ++++++++ CVE-2024/CVE-2024-579xx/CVE-2024-57956.json | 56 ++++++++ CVE-2024/CVE-2024-579xx/CVE-2024-57957.json | 56 ++++++++ CVE-2024/CVE-2024-579xx/CVE-2024-57958.json | 56 ++++++++ CVE-2024/CVE-2024-579xx/CVE-2024-57959.json | 56 ++++++++ CVE-2024/CVE-2024-579xx/CVE-2024-57960.json | 56 ++++++++ CVE-2024/CVE-2024-579xx/CVE-2024-57961.json | 56 ++++++++ CVE-2024/CVE-2024-579xx/CVE-2024-57962.json | 56 ++++++++ CVE-2025/CVE-2025-10xx/CVE-2025-1074.json | 141 ++++++++++++++++++++ CVE-2025/CVE-2025-10xx/CVE-2025-1076.json | 56 ++++++++ CVE-2025/CVE-2025-222xx/CVE-2025-22220.json | 16 ++- README.md | 42 ++++-- _state.csv | 51 ++++--- 29 files changed, 1175 insertions(+), 73 deletions(-) create mode 100644 CVE-2024/CVE-2024-126xx/CVE-2024-12602.json create mode 100644 CVE-2024/CVE-2024-249xx/CVE-2024-24911.json create mode 100644 CVE-2024/CVE-2024-579xx/CVE-2024-57954.json create mode 100644 CVE-2024/CVE-2024-579xx/CVE-2024-57955.json create mode 100644 CVE-2024/CVE-2024-579xx/CVE-2024-57956.json create mode 100644 CVE-2024/CVE-2024-579xx/CVE-2024-57957.json create mode 100644 CVE-2024/CVE-2024-579xx/CVE-2024-57958.json create mode 100644 CVE-2024/CVE-2024-579xx/CVE-2024-57959.json create mode 100644 CVE-2024/CVE-2024-579xx/CVE-2024-57960.json create mode 100644 CVE-2024/CVE-2024-579xx/CVE-2024-57961.json create mode 100644 CVE-2024/CVE-2024-579xx/CVE-2024-57962.json create mode 100644 CVE-2025/CVE-2025-10xx/CVE-2025-1074.json create mode 100644 CVE-2025/CVE-2025-10xx/CVE-2025-1076.json diff --git a/CVE-2017/CVE-2017-126xx/CVE-2017-12617.json b/CVE-2017/CVE-2017-126xx/CVE-2017-12617.json index 363bc3527f2..28c41918660 100644 --- a/CVE-2017/CVE-2017-126xx/CVE-2017-12617.json +++ b/CVE-2017/CVE-2017-126xx/CVE-2017-12617.json @@ -2,8 +2,8 @@ "id": "CVE-2017-12617", "sourceIdentifier": "security@apache.org", "published": "2017-10-04T01:29:02.120", - "lastModified": "2025-02-04T19:15:21.370", - "vulnStatus": "Modified", + "lastModified": "2025-02-06T14:13:19.180", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { diff --git a/CVE-2017/CVE-2017-166xx/CVE-2017-16651.json b/CVE-2017/CVE-2017-166xx/CVE-2017-16651.json index 59817c579c6..6e21e19bdb5 100644 --- a/CVE-2017/CVE-2017-166xx/CVE-2017-16651.json +++ b/CVE-2017/CVE-2017-166xx/CVE-2017-16651.json @@ -2,8 +2,8 @@ "id": "CVE-2017-16651", "sourceIdentifier": "cve@mitre.org", "published": "2017-11-09T14:29:00.267", - "lastModified": "2025-02-04T21:15:11.373", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-02-06T14:42:25.350", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { diff --git a/CVE-2019/CVE-2019-22xx/CVE-2019-2215.json b/CVE-2019/CVE-2019-22xx/CVE-2019-2215.json index 17adf402dcd..445cd14053f 100644 --- a/CVE-2019/CVE-2019-22xx/CVE-2019-2215.json +++ b/CVE-2019/CVE-2019-22xx/CVE-2019-2215.json @@ -2,8 +2,8 @@ "id": "CVE-2019-2215", "sourceIdentifier": "security@android.com", "published": "2019-10-11T19:15:10.947", - "lastModified": "2024-11-21T04:40:27.037", - "vulnStatus": "Modified", + "lastModified": "2025-02-06T14:44:15.833", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { diff --git a/CVE-2020/CVE-2020-154xx/CVE-2020-15415.json b/CVE-2020/CVE-2020-154xx/CVE-2020-15415.json index 1a383ec127b..2d8fee0ef7b 100644 --- a/CVE-2020/CVE-2020-154xx/CVE-2020-15415.json +++ b/CVE-2020/CVE-2020-154xx/CVE-2020-15415.json @@ -2,8 +2,8 @@ "id": "CVE-2020-15415", "sourceIdentifier": "cve@mitre.org", "published": "2020-06-30T14:15:11.953", - "lastModified": "2024-11-21T05:05:30.363", - "vulnStatus": "Modified", + "lastModified": "2025-02-06T14:08:54.317", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { diff --git a/CVE-2020/CVE-2020-168xx/CVE-2020-16846.json b/CVE-2020/CVE-2020-168xx/CVE-2020-16846.json index 94d89ef4451..ba49632f4a0 100644 --- a/CVE-2020/CVE-2020-168xx/CVE-2020-16846.json +++ b/CVE-2020/CVE-2020-168xx/CVE-2020-16846.json @@ -2,8 +2,8 @@ "id": "CVE-2020-16846", "sourceIdentifier": "cve@mitre.org", "published": "2020-11-06T08:15:13.283", - "lastModified": "2024-11-21T05:07:15.510", - "vulnStatus": "Modified", + "lastModified": "2025-02-06T14:51:03.250", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -225,6 +225,21 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", + "matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493" + } + ] + } + ] } ], "references": [ diff --git a/CVE-2020/CVE-2020-269xx/CVE-2020-26919.json b/CVE-2020/CVE-2020-269xx/CVE-2020-26919.json index 3749fbc6e8f..e038d37f8b8 100644 --- a/CVE-2020/CVE-2020-269xx/CVE-2020-26919.json +++ b/CVE-2020/CVE-2020-269xx/CVE-2020-26919.json @@ -2,8 +2,8 @@ "id": "CVE-2020-26919", "sourceIdentifier": "cve@mitre.org", "published": "2020-10-09T07:15:17.607", - "lastModified": "2024-11-21T05:20:29.787", - "vulnStatus": "Modified", + "lastModified": "2025-02-06T14:56:16.810", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { diff --git a/CVE-2021/CVE-2021-320xx/CVE-2021-32030.json b/CVE-2021/CVE-2021-320xx/CVE-2021-32030.json index 0a55011352d..172bc8515a8 100644 --- a/CVE-2021/CVE-2021-320xx/CVE-2021-32030.json +++ b/CVE-2021/CVE-2021-320xx/CVE-2021-32030.json @@ -2,13 +2,13 @@ "id": "CVE-2021-32030", "sourceIdentifier": "cve@mitre.org", "published": "2021-05-06T15:15:07.973", - "lastModified": "2025-01-24T18:15:28.720", + "lastModified": "2025-02-06T14:15:29.230", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "The administrator application on ASUS GT-AC2900 devices before 3.0.0.4.386.42643 allows authentication bypass when processing remote input from an unauthenticated user, leading to unauthorized access to the administrator interface. This relates to handle_request in router/httpd/httpd.c and auth_check in web_hook.o. An attacker-supplied value of '\\0' matches the device's default value of '\\0' in some situations." + "value": "The administrator application on ASUS GT-AC2900 devices before 3.0.0.4.386.42643 and Lyra Mini before 3.0.0.4_384_46630 allows authentication bypass when processing remote input from an unauthenticated user, leading to unauthorized access to the administrator interface. This relates to handle_request in router/httpd/httpd.c and auth_check in web_hook.o. An attacker-supplied value of '\\0' matches the device's default value of '\\0' in some situations. Note: All versions of Lyra Mini and earlier which are unsupported (End-of-Life, EOL) are also affected by this vulnerability, Consumers can mitigate this vulnerability by disabling the remote access features from WAN." }, { "lang": "es", @@ -122,6 +122,10 @@ "Vendor Advisory" ] }, + { + "url": "https://www.asus.com/us/supportonly/lyra%20mini/helpdesk_bios/", + "source": "cve@mitre.org" + }, { "url": "https://www.atredis.com/blog/2021/4/30/asus-authentication-bypass", "source": "cve@mitre.org" diff --git a/CVE-2023/CVE-2023-461xx/CVE-2023-46153.json b/CVE-2023/CVE-2023-461xx/CVE-2023-46153.json index fad205d5e26..79afc41c655 100644 --- a/CVE-2023/CVE-2023-461xx/CVE-2023-46153.json +++ b/CVE-2023/CVE-2023-461xx/CVE-2023-46153.json @@ -2,7 +2,7 @@ "id": "CVE-2023-46153", "sourceIdentifier": "audit@patchstack.com", "published": "2023-10-27T08:15:31.457", - "lastModified": "2024-11-21T08:27:59.547", + "lastModified": "2025-02-06T13:25:41.197", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -80,9 +80,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:monsterinsights:user_feedback:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:monsterinsights:userfeedback:*:*:*:*:*:wordpress:*:*", "versionEndIncluding": "1.0.9", - "matchCriteriaId": "43E2533A-0223-48BB-8825-8FB54556F329" + "matchCriteriaId": "08C5B5B9-8FC8-4BB2-8A1F-754D10BCCFB4" } ] } diff --git a/CVE-2024/CVE-2024-106xx/CVE-2024-10646.json b/CVE-2024/CVE-2024-106xx/CVE-2024-10646.json index 212d85b6362..1e4c972f4e0 100644 --- a/CVE-2024/CVE-2024-106xx/CVE-2024-10646.json +++ b/CVE-2024/CVE-2024-106xx/CVE-2024-10646.json @@ -2,8 +2,8 @@ "id": "CVE-2024-10646", "sourceIdentifier": "security@wordfence.com", "published": "2024-12-14T06:15:18.863", - "lastModified": "2024-12-14T06:15:18.863", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-02-06T14:06:12.100", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,7 +19,7 @@ "cvssMetricV31": [ { "source": "security@wordfence.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", @@ -36,6 +36,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 2.7 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 } ] }, @@ -51,18 +71,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fluentforms:contact_form:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "5.2.7", + "matchCriteriaId": "8B33ECED-6F73-42FC-B7B9-8280F12CB6A8" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/fluentform/tags/5.2.4", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Release Notes" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3203147/fluentform/trunk/boot/globals.php", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/41c2ec31-360d-4145-b0b4-77d4d1d4b8a1?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-117xx/CVE-2024-11713.json b/CVE-2024/CVE-2024-117xx/CVE-2024-11713.json index fde71d31397..f4c7a5b024b 100644 --- a/CVE-2024/CVE-2024-117xx/CVE-2024-11713.json +++ b/CVE-2024/CVE-2024-117xx/CVE-2024-11713.json @@ -2,8 +2,8 @@ "id": "CVE-2024-11713", "sourceIdentifier": "security@wordfence.com", "published": "2024-12-14T07:15:06.540", - "lastModified": "2024-12-14T07:15:06.540", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-02-06T14:01:08.230", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,6 +19,26 @@ "cvssMetricV31": [ { "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 4.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.6 + }, + { + "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", @@ -51,18 +71,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpjobportal:wp_job_portal:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "2.2.3", + "matchCriteriaId": "990D05B3-6114-4654-9399-4A620CAED94A" + } + ] + } + ] + } + ], "references": [ { "url": "https://gist.github.com/g1-nhantv/08ea67adc67d1ba98bf56c4fae5aec0f#file-deactivation-php-L11", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3202327/wp-job-portal/tags/2.2.3/includes/deactivation.php?old=3187129&old_path=wp-job-portal%2Ftags%2F2.2.2%2Fincludes%2Fdeactivation.php", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4d67675a-b77b-41c6-a94f-d9385e609b37?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-117xx/CVE-2024-11714.json b/CVE-2024/CVE-2024-117xx/CVE-2024-11714.json index 9c23a5ace3b..557eb7d2a0b 100644 --- a/CVE-2024/CVE-2024-117xx/CVE-2024-11714.json +++ b/CVE-2024/CVE-2024-117xx/CVE-2024-11714.json @@ -2,8 +2,8 @@ "id": "CVE-2024-11714", "sourceIdentifier": "security@wordfence.com", "published": "2024-12-14T07:15:06.713", - "lastModified": "2024-12-14T07:15:06.713", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-02-06T13:59:47.413", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,6 +19,26 @@ "cvssMetricV31": [ { "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 4.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.6 + }, + { + "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", @@ -51,18 +71,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpjobportal:wp_job_portal:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "2.2.3", + "matchCriteriaId": "990D05B3-6114-4654-9399-4A620CAED94A" + } + ] + } + ] + } + ], "references": [ { "url": "https://gist.github.com/g1-nhantv/60182158e1d763b2f4c3b5e2972b6961#file-fieldordering_model-php-L6", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3202327/wp-job-portal/tags/2.2.3/modules/fieldordering/model.php?old=3187129&old_path=wp-job-portal%2Ftags%2F2.2.2%2Fmodules%2Ffieldordering%2Fmodel.php", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/505858dc-c420-484c-a067-6962836eea6a?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-117xx/CVE-2024-11715.json b/CVE-2024/CVE-2024-117xx/CVE-2024-11715.json index 47b8d15e7ce..9e2986dfe77 100644 --- a/CVE-2024/CVE-2024-117xx/CVE-2024-11715.json +++ b/CVE-2024/CVE-2024-117xx/CVE-2024-11715.json @@ -2,8 +2,8 @@ "id": "CVE-2024-11715", "sourceIdentifier": "security@wordfence.com", "published": "2024-12-14T07:15:06.880", - "lastModified": "2024-12-14T07:15:06.880", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-02-06T13:38:51.857", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,7 +19,7 @@ "cvssMetricV31": [ { "source": "security@wordfence.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.2, "impactScore": 2.5 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ] }, @@ -51,18 +71,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpjobportal:wp_job_portal:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "2.2.3", + "matchCriteriaId": "990D05B3-6114-4654-9399-4A620CAED94A" + } + ] + } + ] + } + ], "references": [ { "url": "https://gist.github.com/tvnnn/9b706643c5f88989c98815be8b101e11", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3202327/wp-job-portal/tags/2.2.3/modules/user/controller.php?old=3187129&old_path=wp-job-portal%2Ftags%2F2.2.2%2Fmodules%2Fuser%2Fcontroller.php", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4107199d-e3c7-4379-b39d-1868de7d777b?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-126xx/CVE-2024-12602.json b/CVE-2024/CVE-2024-126xx/CVE-2024-12602.json new file mode 100644 index 00000000000..6f3076c5813 --- /dev/null +++ b/CVE-2024/CVE-2024-126xx/CVE-2024-12602.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-12602", + "sourceIdentifier": "psirt@huawei.com", + "published": "2025-02-06T13:15:38.907", + "lastModified": "2025-02-06T13:15:38.907", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Identity verification vulnerability in the ParamWatcher module\nImpact: Successful exploitation of this vulnerability may affect service confidentiality." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@huawei.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 6.2, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.5, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@huawei.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-300" + } + ] + } + ], + "references": [ + { + "url": "https://consumer.huawei.com/en/support/bulletin/2025/2/", + "source": "psirt@huawei.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-249xx/CVE-2024-24911.json b/CVE-2024/CVE-2024-249xx/CVE-2024-24911.json new file mode 100644 index 00000000000..fc7da531c7b --- /dev/null +++ b/CVE-2024/CVE-2024-249xx/CVE-2024-24911.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-24911", + "sourceIdentifier": "cve@checkpoint.com", + "published": "2025-02-06T14:15:29.577", + "lastModified": "2025-02-06T14:15:29.577", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In rare scenarios, the cpca process on the Security Management Server / Domain Management Server may exit unexpectedly, creating a core dump file. When the cpca process is down, VPN and SIC connectivity issues may occur if the CRL is not present in the Security Gateway's CRL cache." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@checkpoint.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "cve@checkpoint.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "references": [ + { + "url": "https://support.checkpoint.com/results/sk/sk183101", + "source": "cve@checkpoint.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-554xx/CVE-2024-55417.json b/CVE-2024/CVE-2024-554xx/CVE-2024-55417.json index a9c1e73e4a3..a52a0dfb0fd 100644 --- a/CVE-2024/CVE-2024-554xx/CVE-2024-55417.json +++ b/CVE-2024/CVE-2024-554xx/CVE-2024-55417.json @@ -2,8 +2,8 @@ "id": "CVE-2024-55417", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-30T15:15:17.667", - "lastModified": "2025-01-30T15:15:17.667", - "vulnStatus": "Received", + "lastModified": "2025-02-06T14:15:29.703", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { @@ -15,7 +15,42 @@ "value": "DevDojo Voyager hasta la versi\u00f3n 1.8.0 es vulnerable a la omisi\u00f3n de la verificaci\u00f3n del tipo de archivo cuando un usuario autenticado carga un archivo a trav\u00e9s de /admin/media/upload. Un usuario autenticado puede cargar un shell web y provocar la ejecuci\u00f3n de c\u00f3digo arbitrario en el servidor." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], "references": [ { "url": "https://github.com/thedevdojo/voyager/blob/1.6/src/Http/Controllers/VoyagerMediaController.php#L238", diff --git a/CVE-2024/CVE-2024-579xx/CVE-2024-57954.json b/CVE-2024/CVE-2024-579xx/CVE-2024-57954.json new file mode 100644 index 00000000000..73803220c75 --- /dev/null +++ b/CVE-2024/CVE-2024-579xx/CVE-2024-57954.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-57954", + "sourceIdentifier": "psirt@huawei.com", + "published": "2025-02-06T13:15:39.467", + "lastModified": "2025-02-06T13:15:39.467", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Permission verification vulnerability in the media library module\nImpact: Successful exploitation of this vulnerability may affect service confidentiality." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@huawei.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 6.2, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.5, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@huawei.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://consumer.huawei.com/en/support/bulletin/2025/2/", + "source": "psirt@huawei.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-579xx/CVE-2024-57955.json b/CVE-2024/CVE-2024-579xx/CVE-2024-57955.json new file mode 100644 index 00000000000..a872932426e --- /dev/null +++ b/CVE-2024/CVE-2024-579xx/CVE-2024-57955.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-57955", + "sourceIdentifier": "psirt@huawei.com", + "published": "2025-02-06T13:15:39.590", + "lastModified": "2025-02-06T13:15:39.590", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Arbitrary write vulnerability in the Gallery module \nImpact: Successful exploitation of this vulnerability may affect service confidentiality." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@huawei.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 4.2 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@huawei.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://consumer.huawei.com/en/support/bulletin/2025/2/", + "source": "psirt@huawei.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-579xx/CVE-2024-57956.json b/CVE-2024/CVE-2024-579xx/CVE-2024-57956.json new file mode 100644 index 00000000000..503094da3a0 --- /dev/null +++ b/CVE-2024/CVE-2024-579xx/CVE-2024-57956.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-57956", + "sourceIdentifier": "psirt@huawei.com", + "published": "2025-02-06T13:15:39.723", + "lastModified": "2025-02-06T13:15:39.723", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Out-of-bounds read vulnerability in the interpreter string module\nImpact: Successful exploitation of this vulnerability may affect availability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@huawei.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", + "baseScore": 2.8, + "baseSeverity": "LOW", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 1.3, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@huawei.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-680" + } + ] + } + ], + "references": [ + { + "url": "https://consumer.huawei.com/en/support/bulletin/2025/2/", + "source": "psirt@huawei.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-579xx/CVE-2024-57957.json b/CVE-2024/CVE-2024-579xx/CVE-2024-57957.json new file mode 100644 index 00000000000..3e37aaae741 --- /dev/null +++ b/CVE-2024/CVE-2024-579xx/CVE-2024-57957.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-57957", + "sourceIdentifier": "psirt@huawei.com", + "published": "2025-02-06T13:15:39.867", + "lastModified": "2025-02-06T13:15:39.867", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Vulnerability of improper log information control in the UI framework module\nImpact: Successful exploitation of this vulnerability may affect service confidentiality." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@huawei.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 6.6, + "baseSeverity": "MEDIUM", + "attackVector": "PHYSICAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 0.7, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@huawei.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-657" + } + ] + } + ], + "references": [ + { + "url": "https://consumer.huawei.com/en/support/bulletin/2025/2/", + "source": "psirt@huawei.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-579xx/CVE-2024-57958.json b/CVE-2024/CVE-2024-579xx/CVE-2024-57958.json new file mode 100644 index 00000000000..68b43e6fefd --- /dev/null +++ b/CVE-2024/CVE-2024-579xx/CVE-2024-57958.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-57958", + "sourceIdentifier": "psirt@huawei.com", + "published": "2025-02-06T13:15:40.000", + "lastModified": "2025-02-06T13:15:40.000", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Out-of-bounds array read vulnerability in the FFRT module\nImpact: Successful exploitation of this vulnerability may cause features to perform abnormally." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@huawei.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:L", + "baseScore": 5.7, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.5, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@huawei.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "references": [ + { + "url": "https://consumer.huawei.com/en/support/bulletin/2025/2/", + "source": "psirt@huawei.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-579xx/CVE-2024-57959.json b/CVE-2024/CVE-2024-579xx/CVE-2024-57959.json new file mode 100644 index 00000000000..3d966f10ca3 --- /dev/null +++ b/CVE-2024/CVE-2024-579xx/CVE-2024-57959.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-57959", + "sourceIdentifier": "psirt@huawei.com", + "published": "2025-02-06T13:15:40.133", + "lastModified": "2025-02-06T13:15:40.133", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Use-After-Free (UAF) vulnerability in the display module\nImpact: Successful exploitation of this vulnerability may cause features to perform abnormally." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@huawei.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 4.2 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@huawei.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "references": [ + { + "url": "https://consumer.huawei.com/en/support/bulletin/2025/2/", + "source": "psirt@huawei.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-579xx/CVE-2024-57960.json b/CVE-2024/CVE-2024-579xx/CVE-2024-57960.json new file mode 100644 index 00000000000..a0ac91a2741 --- /dev/null +++ b/CVE-2024/CVE-2024-579xx/CVE-2024-57960.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-57960", + "sourceIdentifier": "psirt@huawei.com", + "published": "2025-02-06T13:15:40.270", + "lastModified": "2025-02-06T13:15:40.270", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Input verification vulnerability in the ExternalStorageProvider module\nImpact: Successful exploitation of this vulnerability may affect service confidentiality." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@huawei.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L", + "baseScore": 7.7, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.3 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@huawei.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://consumer.huawei.com/en/support/bulletin/2025/2/", + "source": "psirt@huawei.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-579xx/CVE-2024-57961.json b/CVE-2024/CVE-2024-579xx/CVE-2024-57961.json new file mode 100644 index 00000000000..bc974551432 --- /dev/null +++ b/CVE-2024/CVE-2024-579xx/CVE-2024-57961.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-57961", + "sourceIdentifier": "psirt@huawei.com", + "published": "2025-02-06T13:15:40.417", + "lastModified": "2025-02-06T13:15:40.417", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Out-of-bounds write vulnerability in the emcom module\nImpact: Successful exploitation of this vulnerability may cause features to perform abnormally." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@huawei.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", + "baseScore": 6.8, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.5, + "impactScore": 4.2 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@huawei.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "references": [ + { + "url": "https://consumer.huawei.com/en/support/bulletin/2025/2/", + "source": "psirt@huawei.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-579xx/CVE-2024-57962.json b/CVE-2024/CVE-2024-579xx/CVE-2024-57962.json new file mode 100644 index 00000000000..731a8c53309 --- /dev/null +++ b/CVE-2024/CVE-2024-579xx/CVE-2024-57962.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-57962", + "sourceIdentifier": "psirt@huawei.com", + "published": "2025-02-06T13:15:40.600", + "lastModified": "2025-02-06T13:15:40.600", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Vulnerability of incomplete verification information in the VPN service module\nImpact: Successful exploitation of this vulnerability may affect availability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@huawei.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 4.2 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@huawei.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-701" + } + ] + } + ], + "references": [ + { + "url": "https://consumer.huawei.com/en/support/bulletin/2025/2/", + "source": "psirt@huawei.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-10xx/CVE-2025-1074.json b/CVE-2025/CVE-2025-10xx/CVE-2025-1074.json new file mode 100644 index 00000000000..c8ea07029cc --- /dev/null +++ b/CVE-2025/CVE-2025-10xx/CVE-2025-1074.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2025-1074", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-02-06T14:15:30.050", + "lastModified": "2025-02-06T14:15:30.050", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as problematic, was found in Webkul QloApps 1.6.1. Affected is the function logout of the file /en/?mylogout of the component URL Handler. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure. They are aware about it and are working on resolving it." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "PASSIVE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", + "baseScore": 5.0, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 10.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + }, + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/mano257200/qloapps-csrf-logout-vulnerability", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.294834", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.294834", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.491600", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-10xx/CVE-2025-1076.json b/CVE-2025/CVE-2025-10xx/CVE-2025-1076.json new file mode 100644 index 00000000000..f5afadcd40e --- /dev/null +++ b/CVE-2025/CVE-2025-10xx/CVE-2025-1076.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-1076", + "sourceIdentifier": "cve-coordination@incibe.es", + "published": "2025-02-06T14:15:30.287", + "lastModified": "2025-02-06T14:15:30.287", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A Stored Cross-Site Scripting (Stored XSS) vulnerability has been found in the Holded application. This vulnerability could allow an attacker to store a JavaScript payload within the editable \u2018name\u2019 and \u2018icon\u2019 parameters of the Activities functionality." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 4.8, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "cve-coordination@incibe.es", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/stored-cross-site-scripting-vulnerability-holded", + "source": "cve-coordination@incibe.es" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-222xx/CVE-2025-22220.json b/CVE-2025/CVE-2025-222xx/CVE-2025-22220.json index ee62c933e99..d893bb4a9e3 100644 --- a/CVE-2025/CVE-2025-222xx/CVE-2025-22220.json +++ b/CVE-2025/CVE-2025-222xx/CVE-2025-22220.json @@ -2,8 +2,8 @@ "id": "CVE-2025-22220", "sourceIdentifier": "security@vmware.com", "published": "2025-01-30T16:15:31.143", - "lastModified": "2025-01-30T16:15:31.143", - "vulnStatus": "Received", + "lastModified": "2025-02-06T14:15:30.510", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { @@ -39,6 +39,18 @@ } ] }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-269" + } + ] + } + ], "references": [ { "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25329", diff --git a/README.md b/README.md index c6a81eb4754..d974d174be4 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-02-06T13:00:42.377786+00:00 +2025-02-06T15:00:37.800929+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-02-06T12:15:27.267000+00:00 +2025-02-06T14:56:16.810000+00:00 ``` ### Last Data Feed Release @@ -33,24 +33,46 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -280231 +280244 ``` ### CVEs added in the last Commit -Recently added CVEs: `3` +Recently added CVEs: `13` -- [CVE-2024-37358](CVE-2024/CVE-2024-373xx/CVE-2024-37358.json) (`2025-02-06T12:15:26.343`) -- [CVE-2024-45626](CVE-2024/CVE-2024-456xx/CVE-2024-45626.json) (`2025-02-06T12:15:27.110`) -- [CVE-2025-0982](CVE-2025/CVE-2025-09xx/CVE-2025-0982.json) (`2025-02-06T12:15:27.267`) +- [CVE-2024-12602](CVE-2024/CVE-2024-126xx/CVE-2024-12602.json) (`2025-02-06T13:15:38.907`) +- [CVE-2024-24911](CVE-2024/CVE-2024-249xx/CVE-2024-24911.json) (`2025-02-06T14:15:29.577`) +- [CVE-2024-57954](CVE-2024/CVE-2024-579xx/CVE-2024-57954.json) (`2025-02-06T13:15:39.467`) +- [CVE-2024-57955](CVE-2024/CVE-2024-579xx/CVE-2024-57955.json) (`2025-02-06T13:15:39.590`) +- [CVE-2024-57956](CVE-2024/CVE-2024-579xx/CVE-2024-57956.json) (`2025-02-06T13:15:39.723`) +- [CVE-2024-57957](CVE-2024/CVE-2024-579xx/CVE-2024-57957.json) (`2025-02-06T13:15:39.867`) +- [CVE-2024-57958](CVE-2024/CVE-2024-579xx/CVE-2024-57958.json) (`2025-02-06T13:15:40.000`) +- [CVE-2024-57959](CVE-2024/CVE-2024-579xx/CVE-2024-57959.json) (`2025-02-06T13:15:40.133`) +- [CVE-2024-57960](CVE-2024/CVE-2024-579xx/CVE-2024-57960.json) (`2025-02-06T13:15:40.270`) +- [CVE-2024-57961](CVE-2024/CVE-2024-579xx/CVE-2024-57961.json) (`2025-02-06T13:15:40.417`) +- [CVE-2024-57962](CVE-2024/CVE-2024-579xx/CVE-2024-57962.json) (`2025-02-06T13:15:40.600`) +- [CVE-2025-1074](CVE-2025/CVE-2025-10xx/CVE-2025-1074.json) (`2025-02-06T14:15:30.050`) +- [CVE-2025-1076](CVE-2025/CVE-2025-10xx/CVE-2025-1076.json) (`2025-02-06T14:15:30.287`) ### CVEs modified in the last Commit -Recently modified CVEs: `2` +Recently modified CVEs: `14` -- [CVE-2025-0725](CVE-2025/CVE-2025-07xx/CVE-2025-0725.json) (`2025-02-06T11:15:09.683`) -- [CVE-2025-22206](CVE-2025/CVE-2025-222xx/CVE-2025-22206.json) (`2025-02-06T11:15:10.797`) +- [CVE-2017-12617](CVE-2017/CVE-2017-126xx/CVE-2017-12617.json) (`2025-02-06T14:13:19.180`) +- [CVE-2017-16651](CVE-2017/CVE-2017-166xx/CVE-2017-16651.json) (`2025-02-06T14:42:25.350`) +- [CVE-2019-2215](CVE-2019/CVE-2019-22xx/CVE-2019-2215.json) (`2025-02-06T14:44:15.833`) +- [CVE-2020-15415](CVE-2020/CVE-2020-154xx/CVE-2020-15415.json) (`2025-02-06T14:08:54.317`) +- [CVE-2020-16846](CVE-2020/CVE-2020-168xx/CVE-2020-16846.json) (`2025-02-06T14:51:03.250`) +- [CVE-2020-26919](CVE-2020/CVE-2020-269xx/CVE-2020-26919.json) (`2025-02-06T14:56:16.810`) +- [CVE-2021-32030](CVE-2021/CVE-2021-320xx/CVE-2021-32030.json) (`2025-02-06T14:15:29.230`) +- [CVE-2023-46153](CVE-2023/CVE-2023-461xx/CVE-2023-46153.json) (`2025-02-06T13:25:41.197`) +- [CVE-2024-10646](CVE-2024/CVE-2024-106xx/CVE-2024-10646.json) (`2025-02-06T14:06:12.100`) +- [CVE-2024-11713](CVE-2024/CVE-2024-117xx/CVE-2024-11713.json) (`2025-02-06T14:01:08.230`) +- [CVE-2024-11714](CVE-2024/CVE-2024-117xx/CVE-2024-11714.json) (`2025-02-06T13:59:47.413`) +- [CVE-2024-11715](CVE-2024/CVE-2024-117xx/CVE-2024-11715.json) (`2025-02-06T13:38:51.857`) +- [CVE-2024-55417](CVE-2024/CVE-2024-554xx/CVE-2024-55417.json) (`2025-02-06T14:15:29.703`) +- [CVE-2025-22220](CVE-2025/CVE-2025-222xx/CVE-2025-22220.json) (`2025-02-06T14:15:30.510`) ## Download and Usage diff --git a/_state.csv b/_state.csv index e469080bf53..ca05fbc3f8a 100644 --- a/_state.csv +++ b/_state.csv @@ -96387,7 +96387,7 @@ CVE-2017-12613,0,0,123f5c3aabd1b1e5dd1f6c958738a91b706cdef18a786ed1ccafd8ca98c73 CVE-2017-12614,0,0,7d44afc3628a197eb4286e6df8f5215280f489d35961ac6e02d3e2259b7dcc28,2024-11-21T03:09:53.860000 CVE-2017-12615,0,0,aec4c8270af89f424d1b00cad7cfcd8278510a1af3eae411e7ea66e1eb47dd0d,2025-01-23T15:34:44.007000 CVE-2017-12616,0,0,44364ba13878fc3af02f2dae155b7c22e55470b84618749d06de79673cfab0e0,2024-11-21T03:09:54.137000 -CVE-2017-12617,0,0,f72b7d0141542df46b3a2ff3b421a9f990a98725f553bfeed9c034be5c890fb8,2025-02-04T19:15:21.370000 +CVE-2017-12617,0,1,dd9858a65e255c8ab9191a3bf64b7f742c9b4e8c827cff175ccb192c5bad671f,2025-02-06T14:13:19.180000 CVE-2017-12618,0,0,9ae0cbe580a0f4abeac13276fdd0ef745d642c56b6cb3dcbf88e674b511b41c5,2024-11-21T03:09:54.510000 CVE-2017-12619,0,0,273d42b034c0e0a623c3ef600de4fcfd117433ae835e910c00fc823cdc30d20d,2024-11-21T03:09:54.647000 CVE-2017-1262,0,0,6246430dc38db343b951b613b755bb4c855bf167ba7b871ae460110d74da7fdd,2024-11-21T03:21:36 @@ -100047,7 +100047,7 @@ CVE-2017-16648,0,0,d49df0b0a682947051f3fdf851a3ac78144fabe8450816ffcc0747e74174e CVE-2017-16649,0,0,a2f5485408ce043cdfae945d9dc06aa743f9d480812654f5119d3431ebffc87c,2024-11-21T03:16:45.607000 CVE-2017-1665,0,0,e74920cd0ea1fbfb24af522fe82e1b515b1c8fde683470023dfdf95634d0b6a2,2024-11-21T03:22:11.310000 CVE-2017-16650,0,0,0773e28fdf618677b2744d709bab543f7e5fb6dc035a78a3c746fb76d6164940,2024-11-21T03:16:45.763000 -CVE-2017-16651,0,0,28e209e64843b28701f6c834cecadffa09ee5899bdd0fb71c31bfd97f96b4e10,2025-02-04T21:15:11.373000 +CVE-2017-16651,0,1,294123111aed036b87e4d65861d6a882858447e05cf39f26f4e03f16f841d264,2025-02-06T14:42:25.350000 CVE-2017-16652,0,0,f492a8214a6cdd89f5ac3d14cf0aea738c61dc3dfef54a963e0ad800d881d151,2024-11-21T03:16:46.070000 CVE-2017-16653,0,0,7f23b5dd2f97ac64881a9aed1e42735fa2e1aeeab2e7bb40851789639b3abba0,2024-11-21T03:16:46.210000 CVE-2017-16654,0,0,56fed4b58de7189769824ed8dcf2f4b781cfb5ad40c04c3e7e8f87b1a965bacd,2024-11-21T03:16:46.353000 @@ -138140,7 +138140,7 @@ CVE-2019-2211,0,0,2608473af17c421fcd554476dce50b35c6363b5b4b22a951ab699048e55a9e CVE-2019-2212,0,0,a20debe4b7f1e99c8eab04e14ee0b110b6f003967a45bf05d502359c8d6848bb,2024-11-21T04:40:26.693000 CVE-2019-2213,0,0,5635b096df95e889de03debfe59376523777aa9c1d91724f729cf1dda5fdd3da,2024-11-21T04:40:26.807000 CVE-2019-2214,0,0,ba9a3dceb05f2cc4eb8524391475a1a294a0a775fc540956ecb4085f0168c564,2024-11-21T04:40:26.917000 -CVE-2019-2215,0,0,c47d0f13ba788f9aab2ec130fc10a8c5a78c58dd142594c31513a53e2606695a,2024-11-21T04:40:27.037000 +CVE-2019-2215,0,1,44f0a1be95901d40075551dd792227e186f32230fe9c49e06576a6ebe5fe8090,2025-02-06T14:44:15.833000 CVE-2019-2216,0,0,8b02f1c902d165d9a09a6b68a5a07dce9a6f8f806e99499a37a55dab6a5ede6d,2024-11-21T04:40:27.250000 CVE-2019-2217,0,0,2b01b16dd59cb5d6c26e701150093b71a73bcd22bc80d52c047f7c8852763a0f,2024-11-21T04:40:27.367000 CVE-2019-2218,0,0,97526fe1dc01e04b988ef2ce0b3ef09b2c4d30c90d44c9c9861d893464b1f069,2024-11-21T04:40:27.473000 @@ -150351,7 +150351,7 @@ CVE-2020-15408,0,0,be185f34f4e6ea610723a0f3ef1216ddd75d02511339cf2ce9fd57a3c5cb3 CVE-2020-1541,0,0,25206e7a22a82fcb5745d118f8c5fd5811563ebabdc439028ca44434b91bb2fb,2024-11-21T05:10:47.823000 CVE-2020-15411,0,0,84121f1cdcb29d88d662aaa4410b5245a70a133481ef399fb5b442d6bb0bb8a7,2024-11-21T05:05:30.077000 CVE-2020-15412,0,0,23fd3ac1afbf4c8eae530e6edfb22c088b55f940e0125f59894af0f091c894ce,2024-11-21T05:05:30.220000 -CVE-2020-15415,0,0,bb428f78283dabc337e23b471ed921f6edd9a168a3b8078d176e189bf63e8e97,2024-11-21T05:05:30.363000 +CVE-2020-15415,0,1,c77b47d2a24bb0444c2659d1aaadc658d01c4463349d3407e5ac7b61ac635f90,2025-02-06T14:08:54.317000 CVE-2020-15416,0,0,3b40a3305888e05552637425bf01f0a40bee024f2a79aaee425321d88f837f88,2024-11-21T05:05:30.600000 CVE-2020-15417,0,0,42e72ab4998a392f6e29844d18d18008aae68741b068f24fa497455dea39032d,2024-11-21T05:05:30.723000 CVE-2020-15418,0,0,ee69e090574f64f2d493aa2076d0f13eeaa63538e2ef57fd676f2f59eb78f3d4,2024-11-21T05:05:30.847000 @@ -151457,7 +151457,7 @@ CVE-2020-1684,0,0,715699df63ca7f469fa7ed6670fff5bc11eb0785af7b9361d8223bae41fead CVE-2020-16843,0,0,365e27680fc827df274a1fb4f5b863669f8d0cc123eead4791dfee7881eb6eeb,2024-11-21T05:07:15.010000 CVE-2020-16844,0,0,feef725aae7813ba06a09ac0f8e7952f5e9e9d11c31be2e17c63dc2ea27f5d78,2024-11-21T05:07:15.150000 CVE-2020-16845,0,0,d5ada1f1936495e04476cb10a33c854499ac17dabfb2de6d52a48a09a1abd432,2024-11-21T05:07:15.297000 -CVE-2020-16846,0,0,5db9c6df3c9e6616487979e3a914ba2a4665c366224d42fe55d939246a5937f0,2024-11-21T05:07:15.510000 +CVE-2020-16846,0,1,bac7d958536c7a588882d16ed000b11e296bec55b0726ad7e28a334d988a4bab,2025-02-06T14:51:03.250000 CVE-2020-16847,0,0,cd14b565f3650432d319c8fb24964d30f7f65e870ece38e0a9b7e367289cc28f,2024-11-21T05:07:15.710000 CVE-2020-16849,0,0,63affc5537663967a3f937180672292f71db0b7a922a69687b2db28acfbcb8eb,2024-11-21T05:07:15.857000 CVE-2020-1685,0,0,5320981a0efba2d779b2378402c6e6afcf0f35eb41faafe2ec6a375e9e47da39,2024-11-21T05:11:09.680000 @@ -155982,7 +155982,7 @@ CVE-2020-26915,0,0,0a57b6f50f0bf65a737fff70d0d3ffce96a98ef291a88741a834528550072 CVE-2020-26916,0,0,8f38c492b8efb57552df46a1d938a21d840676e4f77b2cb5b5861b6cb1f49a79,2024-11-21T05:20:29.347000 CVE-2020-26917,0,0,47579e5f320d103344788e0d5150b1b0bf9906fedda5f0335bb08cd25b999199,2024-11-21T05:20:29.493000 CVE-2020-26918,0,0,6b9c372a3ce264e6652f62c3bc5ed539f15de4ece8862b78cf5f1756e6553eda,2024-11-21T05:20:29.643000 -CVE-2020-26919,0,0,95f81d9412f81f76ff6de937166e5ad37809e803088c2cf5f4fcc2fe4e1bac71,2024-11-21T05:20:29.787000 +CVE-2020-26919,0,1,8d3eb7d0e4d90c3aac8b94844463ee681ab366aacce7fd209714e79d8f7a551a,2025-02-06T14:56:16.810000 CVE-2020-2692,0,0,9811b014530014449811eb141740a17e24afb4fb2be2e0de2d9571cca1388730,2024-11-21T05:26:00.970000 CVE-2020-26920,0,0,633fc7cb3f5075c843179eb823cd08878b2cc079d2312ec436a83ffa81c54d5b,2024-11-21T05:20:29.927000 CVE-2020-26921,0,0,31696c45454d3e1c8439b336274d69de73fe9c2b0f563b03a40bbb771abb2601,2024-11-21T05:20:30.073000 @@ -176237,7 +176237,7 @@ CVE-2021-32025,0,0,be1366e60cdc64085a7ca3378dd8b2945646288a6056d66d9eaf86e564481 CVE-2021-32027,0,0,5ee2aa7a5aa3fa8bb911c577fd863dbdb076a0ad3ef0512d7dd32317414b22da,2024-11-21T06:06:44.467000 CVE-2021-32028,0,0,84c85cca513953c25777bc582de148d107114d46d9b13227dc0a8bf544f4d415,2024-11-21T06:06:44.593000 CVE-2021-32029,0,0,56c471bfaedf8eeeae330cda0d2954472dbd44261f536849dbc437841365a531,2024-11-21T06:06:44.717000 -CVE-2021-32030,0,0,793995724539fd7266f05023c81575e5fa8384d2c075c98f7758d1c73aca9099,2025-01-24T18:15:28.720000 +CVE-2021-32030,0,1,77c612155ee01ce93998ac25a588acfff5d71ce5e79c730c5dde299d17b0fdf7,2025-02-06T14:15:29.230000 CVE-2021-32032,0,0,d4a228b8d3584c392915c1306de9b4891f451e0bcc887a1a2c922b4efeafaf40,2024-11-21T06:06:44.993000 CVE-2021-32033,0,0,9d53a703f8e89930e795f200116050cb1538597c59d5f4de2f68d4733f37ec27,2024-11-21T06:06:45.167000 CVE-2021-32036,0,0,5f2cf3c6d2205a2b02a642da73b2e1978439d07a378edd4a500d10314baf33fc,2024-11-21T06:06:45.330000 @@ -235549,7 +235549,7 @@ CVE-2023-4615,0,0,9fae9637c8cd7e213276c8985e06c308a9a77cab48d7799762846af013eae7 CVE-2023-46150,0,0,1bfb03db034f316d09e8bb7258b950941fd711ae481e0efce83d7bf99ebd3e71,2024-11-21T08:27:59.163000 CVE-2023-46151,0,0,8034e82598c00a93e7400b047c0484c096868a5e8c9b2b0ba54b4014961532ae,2024-11-21T08:27:59.290000 CVE-2023-46152,0,0,c55612c4fc36ba437254983bdbe2f124448557bc559dbd5f5398f590c41881c7,2024-11-21T08:27:59.417000 -CVE-2023-46153,0,0,d75466ced18a5e7b0bceedc121ce7977f4266a898b80c011be8a3e2fa6630a2b,2024-11-21T08:27:59.547000 +CVE-2023-46153,0,1,f6969dad7cbd573a2756969167eb9057a1c0212a1700fcf74cd5eb46f6a874fc,2025-02-06T13:25:41.197000 CVE-2023-46154,0,0,c577546109f0e130989f0dd53262ec5b8a64616d7d987a0aca4e3db9542bc35f,2024-11-21T08:27:59.673000 CVE-2023-46156,0,0,3e326833395be52bab7157604f95366ff6dd91ead71468a7b7e3f41b151780d4,2024-11-21T08:27:59.820000 CVE-2023-46157,0,0,139187c0b027c36ad70b576df65f01721d5c386e5bb7e72fef3d1c4a7e22e3ba,2024-11-21T08:28:00.137000 @@ -243933,7 +243933,7 @@ CVE-2024-10637,0,0,93d08933ba9c4ceaffb9a190c50c42965d9f07240a31bdb136bdb3d17454c CVE-2024-1064,0,0,7b760eef6fec23e7e81fb51d838ef1bddf15caed76d88b6ad1d3e688cbbd4a4b,2024-11-21T08:49:42.843000 CVE-2024-10640,0,0,a398cd6d72329485656ef5fe95883039ee9518985823ed26e6c02ea5501d6402,2024-11-12T13:56:24.513000 CVE-2024-10645,0,0,4bf8393d98652382c145c8e94d665dfa0043fae11a672b2399957f22677ef320,2024-11-18T17:11:17.393000 -CVE-2024-10646,0,0,7dfda05a455d4b526dd19d77ec0fc86a0000f7bebf3c7c344ce9e838bb165a75,2024-12-14T06:15:18.863000 +CVE-2024-10646,0,1,29bd29c35e84a9dc7ff9345840ca7510d0fba315131aeb752adfa741227a4a67,2025-02-06T14:06:12.100000 CVE-2024-10647,0,0,05b3aabb4778e43bb6f2ea80f3d833ac24d1ab3b06ce7337c8de9fe67f9f78b9,2024-11-08T21:20:50.847000 CVE-2024-1065,0,0,b15b37df186076da575ae1588759c677f2677d06b5081dbb99648fc8d071921c,2024-11-21T08:49:42.970000 CVE-2024-10651,0,0,daa7d277426e3cae52065dc92f7f81ece792840b77223c8e793cafff956732fc,2024-11-01T12:57:03.417000 @@ -244899,9 +244899,9 @@ CVE-2024-1171,0,0,ecbdcf43f5b983dd6d5e3901a4f79f545f1f5986a89a0bc7c9ca53a4bbe921 CVE-2024-11710,0,0,bfd1e5c32dce0918e1d3e307f709b2d7d8ea65d4cb991eb82b0d7ae028220e09,2025-02-05T15:21:02.823000 CVE-2024-11711,0,0,756edf763cdd44f479ce754d8ac611a710a6c71eac3d65dd8e652c367029fdc0,2025-02-05T15:30:28.690000 CVE-2024-11712,0,0,0c1286bf421e6a686d47b012ecca7ebee70cdf7ddf16850a153debcbd5225913,2025-02-05T15:17:40.330000 -CVE-2024-11713,0,0,4178482b5df99c0291e215f2545743c50197edb7179b5b0fd0118c8ead9b975f,2024-12-14T07:15:06.540000 -CVE-2024-11714,0,0,c6471527e19f0ca60843e70cf630e8e5f2ae6981854a480677e1b01b2ada84f8,2024-12-14T07:15:06.713000 -CVE-2024-11715,0,0,0815aaace33685f035482241a4ccb0b0e0d773cd3b4b8723c5ec1e7d7b552602,2024-12-14T07:15:06.880000 +CVE-2024-11713,0,1,efbfb29a397ac25e2cad0ac8be7d684c08b27727f3f4460d3d6f8fa625d87d82,2025-02-06T14:01:08.230000 +CVE-2024-11714,0,1,48451ef6ba02066a684be121bb1a323837abfee218ee2a192bb71f8391bc5c35,2025-02-06T13:59:47.413000 +CVE-2024-11715,0,1,9e2c7d6539d86e87f0f536990a843b4ed38eb3f505410f40a0a8f48f23904099,2025-02-06T13:38:51.857000 CVE-2024-11716,0,0,522e4ed8199ad8f3f63cbe6d21a80da8ac391d52575f83334b9f923b884fcb00,2025-01-02T18:15:15.367000 CVE-2024-11717,0,0,68750f09c3123f04bf7a5bd697483739e358151e1b46d1fb4198fc9ac2d13fce,2025-01-02T18:15:15.740000 CVE-2024-1172,0,0,1bc2ee9b555d1b5ce6888d4346af93aa633bcdcf2636d0f9ad6817045e164057,2025-01-08T19:08:16.787000 @@ -245676,6 +245676,7 @@ CVE-2024-12598,0,0,2c0e6e211745cf2c8a775604eda102619f7e15adec08efbb58ccc8f252ed3 CVE-2024-1260,0,0,237fdcd6650ec6f817190c6cbe0c450181ce5f478e263f9f314859cdec5f8244,2024-11-21T08:50:10.880000 CVE-2024-12600,0,0,9a89f3457143d9699d8148f8e38d980253f87c103b8227ed4c6349cbfe2dc493,2025-01-25T07:15:07.807000 CVE-2024-12601,0,0,f9b91f2d20d6914a3b5ca3c9af2a431f615ff9e20926a30171bf1c35967a6eba,2024-12-17T12:15:20.543000 +CVE-2024-12602,1,1,1c5c7d8720fce1ce10a2f48b61f7506d8e0386f1a278253248efe29b529c1ae4,2025-02-06T13:15:38.907000 CVE-2024-12603,0,0,b77b6c9527bd0798c4124cb6a67b3eb0384daf1c81bc149052bbc09ab0e74875,2024-12-13T03:15:05.187000 CVE-2024-12605,0,0,a0f2993b097a4c99b97e822aef9d508fcc987f27fa00acaa2c8fa4c5ee5e87b3,2025-01-09T15:15:14.150000 CVE-2024-12606,0,0,640593522db4b989e186e13bcaa1c8fc14a8675964d1b9990cbdc5261025156e,2025-01-10T04:15:19.667000 @@ -250916,6 +250917,7 @@ CVE-2024-24907,0,0,a4ea414f343ecf7afc1b453c69047fa5e86e608436cc607d44bd97223fa35 CVE-2024-24908,0,0,3fe8a4406d98df79c31854dfc70dcbb01052c410a9cc2527fc70de1a24e6240d,2025-02-04T17:16:56.643000 CVE-2024-2491,0,0,89f0ea744341245ddf2590c596f0d2277cd047aba3e8200dedbe9df25ac5534a,2025-01-15T18:41:29.187000 CVE-2024-24910,0,0,6b331799a881a5d956a87c006abe5e882f01b24bf255742ad3b49c624db6b57b,2024-11-21T08:59:57.760000 +CVE-2024-24911,1,1,b451c4d214708df5e83f2c9b3ce5109a5c809f213292f909409cca010859157b,2025-02-06T14:15:29.577000 CVE-2024-24912,0,0,7e4db9efaf9ed4fd90c3653c0c141095d6d30e8a8ae2098e663586572a626f62,2024-11-21T08:59:57.947000 CVE-2024-24914,0,0,6a184fa1912b50a75a0f68f12ef7de42e993a65d0e5eee8a5ac41cb6b37ddf0c,2024-11-08T19:01:03.880000 CVE-2024-24919,0,0,79021d06164055237b10fa49935e385f8096a39629b5d8ac929ac9e336c9c5cc,2025-01-27T21:42:18.743000 @@ -260466,7 +260468,7 @@ CVE-2024-37353,0,0,7ff7b7453550602b650cfdec5ef1242f502029e3779b416a04c17939bc6e6 CVE-2024-37354,0,0,8714660eea3ed91e9b81cd464e3754efc32fe0d558dd6abd8ab964c32e5c5bd4,2024-11-21T09:23:42.537000 CVE-2024-37356,0,0,4fe4d4a17eafd229e9050e6753d570a71ec28698aaa6438baa1abb86c96de84d,2024-11-21T09:23:42.667000 CVE-2024-37357,0,0,fc7134e6eb69001209ce08e10f760d544b4fb396e8ea209636530f56b5eb787e,2025-01-14T16:15:30.027000 -CVE-2024-37358,1,1,62996cbed763a7a073e736479350a2bc2ed9c39bcfc296590ecd95931bb4b2a6,2025-02-06T12:15:26.343000 +CVE-2024-37358,0,0,62996cbed763a7a073e736479350a2bc2ed9c39bcfc296590ecd95931bb4b2a6,2025-02-06T12:15:26.343000 CVE-2024-3736,0,0,6e4a1ef94c0273eebc8e9e6b2b5445ce88780aebebada592671bcb41b0d8c2d8,2024-11-21T09:30:16.647000 CVE-2024-37364,0,0,c4ba2eb3ad001e136c90a8138bde00d47fa986718a2e611803c5ba1d95d0615c,2024-11-21T09:23:42.810000 CVE-2024-37365,0,0,92f445546c97440aae8023b82925d87a3f96476cde45f92ebb44b9fbc714aebc,2024-11-12T15:48:59.103000 @@ -266658,7 +266660,7 @@ CVE-2024-45622,0,0,b710e3973bc54105a6c52433711f835588415a56a038ced9ed7020c8b95ca CVE-2024-45623,0,0,5c441374691aca3d3dc1871007085f3589123ddb707473a40f59605250fae5e7,2024-09-03T15:35:15.360000 CVE-2024-45624,0,0,b55674d4570db6379ffcfb68d511bfd6e80435e71433865e310cb34f4d504a6c,2024-09-12T15:35:48.600000 CVE-2024-45625,0,0,d20161a4995ace7748c12e338379fbc120e9cd3065297a8eb4465406af4a3f9e,2024-09-10T11:19:40.113000 -CVE-2024-45626,1,1,6002cd6e89f81480970cb0ecf639bfcedc03ac95a777249235fc3bf81f87cfaa,2025-02-06T12:15:27.110000 +CVE-2024-45626,0,0,6002cd6e89f81480970cb0ecf639bfcedc03ac95a777249235fc3bf81f87cfaa,2025-02-06T12:15:27.110000 CVE-2024-45627,0,0,06f8e7024e61e55a40ff1609bfbcf38e586710636d9d54b99621459f22bd28f9,2025-01-14T18:15:29.477000 CVE-2024-4563,0,0,b89c6e32d64d62a8b24c69598703856273065e960659587d8cad79f58476b289,2025-01-08T19:51:35.093000 CVE-2024-4564,0,0,ee8f47044242c05a630f54d8d399a7051500b8cbd4c8fa39ec50216846d2f2cf,2024-11-21T09:43:07.050000 @@ -273102,7 +273104,7 @@ CVE-2024-55413,0,0,eef50e9e636ae6bc827b08d7c7eec17970a99ab50a51fccd44bf2d480fff7 CVE-2024-55414,0,0,0d97009591fcf6c0b34e60fb7a805f4c6f9d80da2e217dde940ef3fa78396336,2025-01-08T16:15:35.883000 CVE-2024-55415,0,0,1a0da7a4ae47e7ad2a135b79cc22a26978d3d5bb00b31797dc31601b30aba395,2025-01-30T15:15:17.490000 CVE-2024-55416,0,0,db0c9a53e3fb0f41d51f008a9ca025415ecc691750768c767ec7ea36c4bdafea,2025-01-30T15:15:17.583000 -CVE-2024-55417,0,0,6de1b978c4ba67c4a636099591eb4fd754478936bc2700f1ce8d19ab5f78d35a,2025-01-30T15:15:17.667000 +CVE-2024-55417,0,1,7112f2e86e4b407e3cff6c6b3782141d7a1320d3243965a5042f9153f6635c5b,2025-02-06T14:15:29.703000 CVE-2024-5542,0,0,6f204123d7eb6582297f3ed2f1f9284859b42e6e6e67e32f4ec293ca8971e5c4,2024-11-21T09:47:53.577000 CVE-2024-5543,0,0,a26f2d14789d49017a49269cf3e4b4468656a016d744676df971b6df226be4f0,2024-11-21T09:47:53.697000 CVE-2024-5544,0,0,9d691e1e8372bdc434d572825f303cd1b0a2983a0161dea14c330331f38ec0b0,2024-11-21T09:47:53.813000 @@ -274457,7 +274459,16 @@ CVE-2024-57946,0,0,7694bfd6f4bfcb27622fd33f724eed0c14a58bd72141bedb13eda08e23a02 CVE-2024-57947,0,0,0f394f81965ff60be8ebf8ad0ab0612e0d5ea1bd9618d127584b4c77570cc2fc,2025-01-23T14:15:25.293000 CVE-2024-57948,0,0,c07bf97b3b6358de0571b78c1e211a24bc27d24c3da430aa98d08a0013f7d88f,2025-02-02T11:15:14.713000 CVE-2024-5795,0,0,8c27870eb8f46b4876cdd6a9335698b3a6adeccd1af066b5f5391281ef70b349,2024-11-21T09:48:20.780000 +CVE-2024-57954,1,1,e07d499b82bda9841e091c6a36e38e891dc88030a835efefc206beca22ddc87d,2025-02-06T13:15:39.467000 +CVE-2024-57955,1,1,a4b0b669f8c7cd2a1e7947c80a4df0d26d24339d01d26a03a3b02ddcc200b927,2025-02-06T13:15:39.590000 +CVE-2024-57956,1,1,6706212876fa699149c45162f2c75bc873fd2f5468738defa9c80399423608f0,2025-02-06T13:15:39.723000 +CVE-2024-57957,1,1,ed667853028df7e791913bdb1037c09dcb2dfb4612ed89dd77c5d1b7bf998782,2025-02-06T13:15:39.867000 +CVE-2024-57958,1,1,30b8c1f23728b22e8f3bf4f729d74ef4038e5d192d3ce36135d499fab479850e,2025-02-06T13:15:40 +CVE-2024-57959,1,1,8c6ea4ac034bb0de59dab7883189140992e354434695fff1d2df023eed080da2,2025-02-06T13:15:40.133000 CVE-2024-5796,0,0,10c3848976491ca5eeb295d89b1679f80388276c56109509ef1777f493022afe,2024-11-21T09:48:20.910000 +CVE-2024-57960,1,1,8125ba828f81144c851e6f5e7019e9090a8c63d86b655ddaadb03d691ac85590,2025-02-06T13:15:40.270000 +CVE-2024-57961,1,1,a481f1e32402b863ed40d27f8e3276549712c9a4e16d9ec38411a9c1995055a4,2025-02-06T13:15:40.417000 +CVE-2024-57962,1,1,aa02adc9a628f0a58ddefcc0a44bc2813378806d45112cb634abff123b940950,2025-02-06T13:15:40.600000 CVE-2024-57965,0,0,beca1a5c4241b8a17f2dc2e6caf9cfcb35d784b0c331b6bcd655a61453686e3e,2025-01-29T10:15:08.113000 CVE-2024-57966,0,0,40e2f22cb22a31ff1abb28cf2e7cdb6b2203c6459f1e312f0ed24484eb3b3c7c,2025-02-03T05:15:10.080000 CVE-2024-57967,0,0,91eb1bfd2e20a3b6504519270fe1735c3bd2ee8a6236093524acc33a3a4157f6,2025-02-03T18:15:37.853000 @@ -278402,7 +278413,7 @@ CVE-2025-0710,0,0,010c22bb91a250418d55abc4eaa70cc8949df634eef581adb3636c9db03dda CVE-2025-0720,0,0,1da4f3fb7977aa71d8d9a8e3f7a06c0c3c1ed142f923cc4868ac50fedaa97c0d,2025-01-26T23:15:21.547000 CVE-2025-0721,0,0,151152f411aa28e9121ab2a32ebc3ecb28fe5e8b508d6820387e16cbfda81f9c,2025-01-27T00:15:26.317000 CVE-2025-0722,0,0,c9258e96fea043e69bdeaa4cb3c7c089fa7706045bfdfb06a99b2cfbd46d8a8c,2025-01-27T00:15:26.517000 -CVE-2025-0725,0,1,ececce84edd30bf7f72c8ed3d8ba30d12e4bf4efa2eaad6b86a774c7e4b58c21,2025-02-06T11:15:09.683000 +CVE-2025-0725,0,0,ececce84edd30bf7f72c8ed3d8ba30d12e4bf4efa2eaad6b86a774c7e4b58c21,2025-02-06T11:15:09.683000 CVE-2025-0729,0,0,b3cd201258049c526a15c72f22bf765517f681dbe52f68677709aa8b21b9ec16,2025-01-27T17:15:16.917000 CVE-2025-0730,0,0,b0f8b58b424cc51685ec90ca8981a0ca40c34a5eeb1253b074c44fe87e601682,2025-01-27T17:15:17.133000 CVE-2025-0732,0,0,07b41495fd0afdf179fc98fe053710ec1b3fdc2df8bd25c7480598b82ff64b81,2025-01-27T18:15:40.550000 @@ -278494,7 +278505,7 @@ CVE-2025-0971,0,0,c8a3294328317f8d3453b7c51436c171e751d25251685937b4bd407805261e CVE-2025-0972,0,0,3993ac5cb544f96eddd4ea382f0cae390a0048486c03ea18bb36ab062e41c6ed,2025-02-03T00:15:28.007000 CVE-2025-0973,0,0,37f661449c5d41bc7d595495ef0c9ea92e0effb9bc1925009def0bc433286647,2025-02-03T01:15:07.263000 CVE-2025-0974,0,0,8c546eff83dbe5240d979de322859dbce3e0f40803afa459c807306a06c0fe25,2025-02-03T02:15:26.433000 -CVE-2025-0982,1,1,3e753dfbc563c4ce8b6b3fa8334843ace7fd76f79278394611157b2e2098a86e,2025-02-06T12:15:27.267000 +CVE-2025-0982,0,0,3e753dfbc563c4ce8b6b3fa8334843ace7fd76f79278394611157b2e2098a86e,2025-02-06T12:15:27.267000 CVE-2025-1003,0,0,28c07c3915c653630648b64a7cbd4a7c616ace8285e5d0c3a3c404659b6f5188,2025-02-04T00:15:33.940000 CVE-2025-1009,0,0,2dfce1a6ef3a5258a1ead4cc70f7690cef7c227c3f80a57d2d9913ffcc23af3e,2025-02-05T19:15:44.887000 CVE-2025-1010,0,0,03e8b449c171fa78173030080d8bb8a5a467a9a0474962b20870b954fbc5c75d,2025-02-05T19:15:45.040000 @@ -278513,6 +278524,8 @@ CVE-2025-1025,0,0,47807b8e82e17527c7201ea4708ddff28a865df6bf51354013b48cefc41061 CVE-2025-1026,0,0,934680430568ee4f9133f3caf4202e9f856a4d1cce3fe9e6aa36c7f381dad077,2025-02-05T05:15:10.687000 CVE-2025-1028,0,0,e2d695e5f743c52691e2706279de4015f0c0e2d5f7e673aad15fe64754f22233,2025-02-05T04:15:06.543000 CVE-2025-1066,0,0,943618a84dade8a5481fc80d151ff92e33e36ee3e33910be7d64cb1ffb6e7898,2025-02-06T00:15:27.760000 +CVE-2025-1074,1,1,8c051b3034ec925098d2cc149a99487b209750af6f897c8ae0e6246aeecd5382,2025-02-06T14:15:30.050000 +CVE-2025-1076,1,1,f8bd6961c3afe7e83bd1f50700b9a7057842b534d28d95685ee3dedd4ec97dab,2025-02-06T14:15:30.287000 CVE-2025-20014,0,0,c7b03c8de0f1a02652afc1076707a5c9ed340500d3cc7fc3a1a2840db59d647f,2025-01-29T20:15:35.207000 CVE-2025-20016,0,0,6fccb84eb01c2cd66b422e82777f9738bfe5004121e1b551d0ae454724543c0e,2025-01-14T10:15:07.500000 CVE-2025-20029,0,0,7beae6544fac5da36b705aa7bd201e5432df1e59d09b16381fbe97a847fc40ed,2025-02-05T18:15:29.573000 @@ -278970,14 +278983,14 @@ CVE-2025-22152,0,0,089f04aace28abfa88265f6c9c2782b5476de8a0e353916617123187c142e CVE-2025-22153,0,0,25942cbccd29909e1ea0be6d083f0e8cabc6b2b46ac2d218bce2acfdeffc85bf,2025-01-23T18:15:33.267000 CVE-2025-22204,0,0,49ea900c4abe197bce181bfe4a44bc14a6884dd859034fa73b2f1042e6ec51a6,2025-02-04T18:15:35.247000 CVE-2025-22205,0,0,4a7393a73c090000f7e7459f6326bb2956f3bef3fff211860e4b811cae26357d,2025-02-05T18:15:30.803000 -CVE-2025-22206,0,1,094330103ef881a5c8f14e940f719b75f142ae139c1345e47cbc22b02438b266,2025-02-06T11:15:10.797000 +CVE-2025-22206,0,0,094330103ef881a5c8f14e940f719b75f142ae139c1345e47cbc22b02438b266,2025-02-06T11:15:10.797000 CVE-2025-22214,0,0,9f9cbba758088c6fe54f3b7aba457fa8b68f7e0bf397744585451dc526c7cea3,2025-01-02T04:15:06.277000 CVE-2025-22215,0,0,e26e39627ebf88fc4492196348e13c55563ef72a3b7150347ad788f5576b3be6,2025-01-08T15:15:21.927000 CVE-2025-22216,0,0,b108a47a76cc941caf7304a7cc76897ef598f7beee3219dba5477e4826578b01,2025-01-31T18:15:38.247000 CVE-2025-22217,0,0,f3fef5a69b2be34a186b3e51c931a3690ed7399e3ba29e98e418130f3c1dc9fa,2025-01-28T19:15:14.640000 CVE-2025-22218,0,0,8ac337491628126d467f7ab55bac46dbfcf33358cf58c6c16abe60d98a331058,2025-01-30T15:15:18.487000 CVE-2025-22219,0,0,1c39691d9e352ad3d7484867f51ce85f029460df817b5cfa8fbcd4def489d53d,2025-01-30T16:15:31.013000 -CVE-2025-22220,0,0,580dadec7dd9c73952bf786335aed9eb7baa5009c552d2b04e9e3ca575202a99,2025-01-30T16:15:31.143000 +CVE-2025-22220,0,1,a00b168f73aec469e4c78128ddc9ae91feb9fbb9ddcfb4c72ca05c1c287f029b,2025-02-06T14:15:30.510000 CVE-2025-22221,0,0,9132a98f5e42cd8e4f18f943d601d8a965b1d192ea7c09ad9108f76311e9dc7d,2025-01-30T16:15:31.257000 CVE-2025-22222,0,0,196104d9226ae602070373db2a85b7c4b7a140a07c26a83ec21801773a6ad626,2025-01-30T16:15:31.367000 CVE-2025-22260,0,0,bf0326d32be52f5fa1e2189a19450e32b37060777f63eb053059d9cbed513ffa,2025-02-03T15:15:17.503000