From d66373eb034a2f6f78a26e5068a4e195a714366d Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Fri, 28 Feb 2025 11:03:48 +0000 Subject: [PATCH] Auto-Update: 2025-02-28T11:00:19.209665+00:00 --- CVE-2024/CVE-2024-108xx/CVE-2024-10860.json | 60 ++++++++++++++ CVE-2024/CVE-2024-134xx/CVE-2024-13469.json | 60 ++++++++++++++ CVE-2024/CVE-2024-136xx/CVE-2024-13638.json | 64 +++++++++++++++ CVE-2024/CVE-2024-137xx/CVE-2024-13716.json | 60 ++++++++++++++ CVE-2024/CVE-2024-138xx/CVE-2024-13831.json | 60 ++++++++++++++ CVE-2024/CVE-2024-138xx/CVE-2024-13832.json | 60 ++++++++++++++ CVE-2024/CVE-2024-138xx/CVE-2024-13851.json | 60 ++++++++++++++ CVE-2024/CVE-2024-84xx/CVE-2024-8420.json | 60 ++++++++++++++ CVE-2024/CVE-2024-84xx/CVE-2024-8425.json | 60 ++++++++++++++ CVE-2024/CVE-2024-90xx/CVE-2024-9019.json | 60 ++++++++++++++ CVE-2024/CVE-2024-91xx/CVE-2024-9193.json | 60 ++++++++++++++ CVE-2024/CVE-2024-91xx/CVE-2024-9195.json | 60 ++++++++++++++ CVE-2025/CVE-2025-14xx/CVE-2025-1413.json | 86 +++++++++++++++++++++ CVE-2025/CVE-2025-15xx/CVE-2025-1560.json | 64 +++++++++++++++ CVE-2025/CVE-2025-15xx/CVE-2025-1570.json | 60 ++++++++++++++ CVE-2025/CVE-2025-16xx/CVE-2025-1662.json | 60 ++++++++++++++ CVE-2025/CVE-2025-224xx/CVE-2025-22491.json | 56 ++++++++++++++ CVE-2025/CVE-2025-224xx/CVE-2025-22492.json | 56 ++++++++++++++ README.md | 33 +++++--- _state.csv | 28 +++++-- 20 files changed, 1152 insertions(+), 15 deletions(-) create mode 100644 CVE-2024/CVE-2024-108xx/CVE-2024-10860.json create mode 100644 CVE-2024/CVE-2024-134xx/CVE-2024-13469.json create mode 100644 CVE-2024/CVE-2024-136xx/CVE-2024-13638.json create mode 100644 CVE-2024/CVE-2024-137xx/CVE-2024-13716.json create mode 100644 CVE-2024/CVE-2024-138xx/CVE-2024-13831.json create mode 100644 CVE-2024/CVE-2024-138xx/CVE-2024-13832.json create mode 100644 CVE-2024/CVE-2024-138xx/CVE-2024-13851.json create mode 100644 CVE-2024/CVE-2024-84xx/CVE-2024-8420.json create mode 100644 CVE-2024/CVE-2024-84xx/CVE-2024-8425.json create mode 100644 CVE-2024/CVE-2024-90xx/CVE-2024-9019.json create mode 100644 CVE-2024/CVE-2024-91xx/CVE-2024-9193.json create mode 100644 CVE-2024/CVE-2024-91xx/CVE-2024-9195.json create mode 100644 CVE-2025/CVE-2025-14xx/CVE-2025-1413.json create mode 100644 CVE-2025/CVE-2025-15xx/CVE-2025-1560.json create mode 100644 CVE-2025/CVE-2025-15xx/CVE-2025-1570.json create mode 100644 CVE-2025/CVE-2025-16xx/CVE-2025-1662.json create mode 100644 CVE-2025/CVE-2025-224xx/CVE-2025-22491.json create mode 100644 CVE-2025/CVE-2025-224xx/CVE-2025-22492.json diff --git a/CVE-2024/CVE-2024-108xx/CVE-2024-10860.json b/CVE-2024/CVE-2024-108xx/CVE-2024-10860.json new file mode 100644 index 00000000000..1ca1e2991b7 --- /dev/null +++ b/CVE-2024/CVE-2024-108xx/CVE-2024-10860.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-10860", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-28T10:15:09.963", + "lastModified": "2025-02-28T10:15:09.963", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The NextMove Lite \u2013 Thank You Page for WooCommerce plugin for WordPress is vulnerable to unauthorized submission of data due to a missing capability check on the _submit_uninstall_reason_action() function in all versions up to, and including, 2.19.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to submit a deactivation reason on behalf of a site." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3246927/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5cefecf8-46dc-4ae1-9e94-b724beb7136f?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-134xx/CVE-2024-13469.json b/CVE-2024/CVE-2024-134xx/CVE-2024-13469.json new file mode 100644 index 00000000000..39c56ceea18 --- /dev/null +++ b/CVE-2024/CVE-2024-134xx/CVE-2024-13469.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-13469", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-28T09:15:09.823", + "lastModified": "2025-02-28T09:15:09.823", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Pricing Table by PickPlugins plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Button Link in all versions up to, and including, 1.12.10 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://wordpress.org/plugins/pricingtable/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5239c414-cd1d-4257-9f8e-e7a92c2119f9?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-136xx/CVE-2024-13638.json b/CVE-2024/CVE-2024-136xx/CVE-2024-13638.json new file mode 100644 index 00000000000..4661f166c22 --- /dev/null +++ b/CVE-2024/CVE-2024-136xx/CVE-2024-13638.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-13638", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-28T09:15:10.043", + "lastModified": "2025-02-28T09:15:10.043", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Order Attachments for WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.5.1 via the 'uploads' directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads directory which can contain file attachments added to orders." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 5.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.2, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/order-attachments-for-woocommerce/trunk/src/WCOA/Attachments/Attachment.php#L87", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/order-attachments-for-woocommerce/trunk/src/WCOA/Utils/Ajax.php#L61", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7e98b1ef-70dd-408d-8644-08933bca1cdd?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-137xx/CVE-2024-13716.json b/CVE-2024/CVE-2024-137xx/CVE-2024-13716.json new file mode 100644 index 00000000000..59d4f980150 --- /dev/null +++ b/CVE-2024/CVE-2024-137xx/CVE-2024-13716.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-13716", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-28T09:15:10.223", + "lastModified": "2025-02-28T09:15:10.223", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Forex Calculators plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_settings_callback() function in all versions up to, and including, 1.3.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update the plugin's settings." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/fx-calculators/tags/1.3.5/forex-calculators.php#L101", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/49ce8ca1-c1ae-4dda-909e-70c3b6d2b561?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-138xx/CVE-2024-13831.json b/CVE-2024/CVE-2024-138xx/CVE-2024-13831.json new file mode 100644 index 00000000000..971a500bc9d --- /dev/null +++ b/CVE-2024/CVE-2024-138xx/CVE-2024-13831.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-13831", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-28T09:15:10.400", + "lastModified": "2025-02-28T09:15:10.400", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Tabs for WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.0 via deserialization of untrusted input in the 'product_has_custom_tabs' function. This makes it possible for authenticated attackers, with Shop Manager-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.2, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/wc-tabs/trunk/wc-tabs-lite.php#L363", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/790a2c64-b358-41ed-be17-f2b99d294617?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-138xx/CVE-2024-13832.json b/CVE-2024/CVE-2024-138xx/CVE-2024-13832.json new file mode 100644 index 00000000000..2dda385ffcb --- /dev/null +++ b/CVE-2024/CVE-2024-138xx/CVE-2024-13832.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-13832", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-28T09:15:10.570", + "lastModified": "2025-02-28T09:15:10.570", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Ultra Addons Lite for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.1.8 via the 'ut_elementor' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from password protected, private, or draft posts that they should not have access to." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-639" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/ut-elementor-addons-lite/trunk/includes/queries.php#L506", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/476883a8-c258-477b-99d3-f35423d7a312?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-138xx/CVE-2024-13851.json b/CVE-2024/CVE-2024-138xx/CVE-2024-13851.json new file mode 100644 index 00000000000..220fc75f30c --- /dev/null +++ b/CVE-2024/CVE-2024-138xx/CVE-2024-13851.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-13851", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-28T09:15:10.733", + "lastModified": "2025-02-28T09:15:10.733", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Modal Portfolio plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.7.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://wordpress.org/plugins/modal-portfolio/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dc049cab-6793-4656-9b17-8ca64c566c4c?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8420.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8420.json new file mode 100644 index 00000000000..bf91a5752ae --- /dev/null +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8420.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-8420", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-28T09:15:10.910", + "lastModified": "2025-02-28T09:15:10.910", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The DHVC Form plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.4.7. This is due to the plugin allowing a user to supply the 'role' field when registering. This makes it possible for unauthenticated attackers to register as an administrator on sites." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-266" + } + ] + } + ], + "references": [ + { + "url": "https://codecanyon.net/item/dhvc-form-wordpress-form-for-visual-composer/8326593", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e4d51a0c-c625-4732-b345-df02971fbffa?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8425.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8425.json new file mode 100644 index 00000000000..49e2fd0387a --- /dev/null +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8425.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-8425", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-28T09:15:11.083", + "lastModified": "2025-02-28T09:15:11.083", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The WooCommerce Ultimate Gift Card plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'mwb_wgm_preview_mail' and 'mwb_wgm_woocommerce_add_cart_item_data' functions in all versions up to, and including, 2.6.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://codecanyon.net/item/woocommerce-ultimate-gift-card/19191057", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6ebffb82-7455-40c9-9ffd-b78e0e73e431?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-90xx/CVE-2024-9019.json b/CVE-2024/CVE-2024-90xx/CVE-2024-9019.json new file mode 100644 index 00000000000..8d0782e5310 --- /dev/null +++ b/CVE-2024/CVE-2024-90xx/CVE-2024-9019.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-9019", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-28T09:15:11.270", + "lastModified": "2025-02-28T09:15:11.270", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The SecuPress Free \u2014 WordPress Security plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's secupress_check_ban_ips_form shortcode in all versions up to, and including, 2.2.5.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/secupress/trunk/free/common.php#L238", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/56e842c8-61ac-4281-8c4a-9cb1f8ecc062?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-91xx/CVE-2024-9193.json b/CVE-2024/CVE-2024-91xx/CVE-2024-9193.json new file mode 100644 index 00000000000..34d23c003e1 --- /dev/null +++ b/CVE-2024/CVE-2024-91xx/CVE-2024-9193.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-9193", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-28T09:15:11.437", + "lastModified": "2025-02-28T09:15:11.437", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The WHMpress - WHMCS WordPress Integration Plugin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 6.3-revision-0 via the whmpress_domain_search_ajax_extended_results() function. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other \u201csafe\u201d file types can be uploaded and included. This makes it possible for unauthenticated attackers to update arbitrary options on the WordPress site. Utilizing the /admin/services.php file, this can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-98" + } + ] + } + ], + "references": [ + { + "url": "https://whmpress.com/docs/change-log/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5f3b0e75-d2f0-48b7-ba33-75c4e998030e?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-91xx/CVE-2024-9195.json b/CVE-2024/CVE-2024-91xx/CVE-2024-9195.json new file mode 100644 index 00000000000..91ddc81ad19 --- /dev/null +++ b/CVE-2024/CVE-2024-91xx/CVE-2024-9195.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-9195", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-28T09:15:11.633", + "lastModified": "2025-02-28T09:15:11.633", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The WHMPress - WHMCS Client Area plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the update_settings case in the /admin/ajax.php file in all versions up to, and including, 4.3-revision-3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://codecanyon.net/item/whmcs-client-area-whmpress-addon/11218646", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c8af0c5c-3d7b-416d-9d10-6867fcf909a5?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-14xx/CVE-2025-1413.json b/CVE-2025/CVE-2025-14xx/CVE-2025-1413.json new file mode 100644 index 00000000000..eaa82f524fe --- /dev/null +++ b/CVE-2025/CVE-2025-14xx/CVE-2025-1413.json @@ -0,0 +1,86 @@ +{ + "id": "CVE-2025-1413", + "sourceIdentifier": "cvd@cert.pl", + "published": "2025-02-28T09:15:11.850", + "lastModified": "2025-02-28T09:15:11.850", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "DaVinci Resolve on MacOS was found to be installed with incorrect file permissions (rwxrwxrwx). This is inconsistent with standard macOS security practices, where applications should have drwxr-xr-x permissions. Incorrect permissions allow for Dylib Hijacking. Guest account, other users and applications can exploit this vulnerability for privilege escalation. This issue affects DaVinci Resolve on MacOS in versions\u00a0before 19.1.3." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cvd@cert.pl", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 9.2, + "baseSeverity": "CRITICAL", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "HIGH", + "vulnIntegrityImpact": "HIGH", + "vulnAvailabilityImpact": "NONE", + "subConfidentialityImpact": "HIGH", + "subIntegrityImpact": "HIGH", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "cvd@cert.pl", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-266" + } + ] + } + ], + "references": [ + { + "url": "https://apps.apple.com/pl/app/davinci-resolve/id571213070?mt=12", + "source": "cvd@cert.pl" + }, + { + "url": "https://cert.pl/en/posts/2025/02/CVE-2025-1413/", + "source": "cvd@cert.pl" + }, + { + "url": "https://cert.pl/posts/2025/02/CVE-2025-1413/", + "source": "cvd@cert.pl" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-15xx/CVE-2025-1560.json b/CVE-2025/CVE-2025-15xx/CVE-2025-1560.json new file mode 100644 index 00000000000..5a10bce6eac --- /dev/null +++ b/CVE-2025/CVE-2025-15xx/CVE-2025-1560.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2025-1560", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-28T09:15:12.040", + "lastModified": "2025-02-28T09:15:12.040", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The WOW Entrance Effects (WEE!) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wee' shortcode in all versions up to, and including, 0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/wow-entrance-effects-wee/trunk/wee.php", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/wow-entrance-effects-wee/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/423e840e-0bc2-4481-afff-61ace85788d3?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-15xx/CVE-2025-1570.json b/CVE-2025/CVE-2025-15xx/CVE-2025-1570.json new file mode 100644 index 00000000000..b8a5095c3d8 --- /dev/null +++ b/CVE-2025/CVE-2025-15xx/CVE-2025-1570.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-1570", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-28T09:15:12.203", + "lastModified": "2025-02-28T09:15:12.203", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 8.1. This is due to the directorist_generate_password_reset_pin_code() and reset_user_password() functions not having enough controls to prevent a successful brute force attack of the OTP to change a password, or verify that a password reset request came from an authorized user. This makes it possible for unauthenticated attackers to generate and brute force an OTP that makes it possible to change any users passwords, including an administrator." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-640" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3246340/directorist", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/853562ed-7f2e-453c-b3d0-67c90bd0231f?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-16xx/CVE-2025-1662.json b/CVE-2025/CVE-2025-16xx/CVE-2025-1662.json new file mode 100644 index 00000000000..e0ad5d76818 --- /dev/null +++ b/CVE-2025/CVE-2025-16xx/CVE-2025-1662.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-1662", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-28T09:15:12.373", + "lastModified": "2025-02-28T09:15:12.373", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The URL Media Uploader plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.0.0 via the 'url_media_uploader_url_upload' action. This makes it possible for authenticated attackers, with author-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + } + ], + "references": [ + { + "url": "https://wordpress.org/plugins/url-media-uploader/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ae8f1852-2d67-4ed9-ab3d-5b3bf4083e06?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-224xx/CVE-2025-22491.json b/CVE-2025/CVE-2025-224xx/CVE-2025-22491.json new file mode 100644 index 00000000000..0be919913e6 --- /dev/null +++ b/CVE-2025/CVE-2025-224xx/CVE-2025-22491.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22491", + "sourceIdentifier": "CybersecurityCOE@eaton.com", + "published": "2025-02-28T09:15:12.540", + "lastModified": "2025-02-28T09:15:12.540", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The user input was not sanitized on Reporting Hierarchy Management page of Foreseer Reporting Software (FRS) application which could lead into execution of arbitrary JavaScript in a browser context\nfor all the interacting users. This security issue has been patched in the latest version 1.5.100 of the FRS." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "CybersecurityCOE@eaton.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "CybersecurityCOE@eaton.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/etn-va-2024-1009.pdf", + "source": "CybersecurityCOE@eaton.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-224xx/CVE-2025-22492.json b/CVE-2025/CVE-2025-224xx/CVE-2025-22492.json new file mode 100644 index 00000000000..da00f5ab3e4 --- /dev/null +++ b/CVE-2025/CVE-2025-224xx/CVE-2025-22492.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22492", + "sourceIdentifier": "CybersecurityCOE@eaton.com", + "published": "2025-02-28T09:15:12.680", + "lastModified": "2025-02-28T09:15:12.680", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The connection string visible to users with access to FRSCore database on Foreseer Reporting Software (FRS) VM, this\nstring can be used for gaining administrative access to the 4crXref database. This vulnerability has been resolved in the latest version 1.5.100 of FRS." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "CybersecurityCOE@eaton.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.5 + } + ] + }, + "weaknesses": [ + { + "source": "CybersecurityCOE@eaton.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-922" + } + ] + } + ], + "references": [ + { + "url": "https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/etn-va-2024-1009.pdf", + "source": "CybersecurityCOE@eaton.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 2fcd33c71fa..cbcd570c677 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-02-28T09:00:25.100020+00:00 +2025-02-28T11:00:19.209665+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-02-28T08:15:35.810000+00:00 +2025-02-28T10:15:09.963000+00:00 ``` ### Last Data Feed Release @@ -33,24 +33,37 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -283484 +283502 ``` ### CVEs added in the last Commit -Recently added CVEs: `4` +Recently added CVEs: `18` -- [CVE-2025-0764](CVE-2025/CVE-2025-07xx/CVE-2025-0764.json) (`2025-02-28T07:15:33.863`) -- [CVE-2025-1405](CVE-2025/CVE-2025-14xx/CVE-2025-1405.json) (`2025-02-28T07:15:34.063`) -- [CVE-2025-1571](CVE-2025/CVE-2025-15xx/CVE-2025-1571.json) (`2025-02-28T07:15:34.227`) -- [CVE-2025-1572](CVE-2025/CVE-2025-15xx/CVE-2025-1572.json) (`2025-02-28T08:15:35.810`) +- [CVE-2024-10860](CVE-2024/CVE-2024-108xx/CVE-2024-10860.json) (`2025-02-28T10:15:09.963`) +- [CVE-2024-13469](CVE-2024/CVE-2024-134xx/CVE-2024-13469.json) (`2025-02-28T09:15:09.823`) +- [CVE-2024-13638](CVE-2024/CVE-2024-136xx/CVE-2024-13638.json) (`2025-02-28T09:15:10.043`) +- [CVE-2024-13716](CVE-2024/CVE-2024-137xx/CVE-2024-13716.json) (`2025-02-28T09:15:10.223`) +- [CVE-2024-13831](CVE-2024/CVE-2024-138xx/CVE-2024-13831.json) (`2025-02-28T09:15:10.400`) +- [CVE-2024-13832](CVE-2024/CVE-2024-138xx/CVE-2024-13832.json) (`2025-02-28T09:15:10.570`) +- [CVE-2024-13851](CVE-2024/CVE-2024-138xx/CVE-2024-13851.json) (`2025-02-28T09:15:10.733`) +- [CVE-2024-8420](CVE-2024/CVE-2024-84xx/CVE-2024-8420.json) (`2025-02-28T09:15:10.910`) +- [CVE-2024-8425](CVE-2024/CVE-2024-84xx/CVE-2024-8425.json) (`2025-02-28T09:15:11.083`) +- [CVE-2024-9019](CVE-2024/CVE-2024-90xx/CVE-2024-9019.json) (`2025-02-28T09:15:11.270`) +- [CVE-2024-9193](CVE-2024/CVE-2024-91xx/CVE-2024-9193.json) (`2025-02-28T09:15:11.437`) +- [CVE-2024-9195](CVE-2024/CVE-2024-91xx/CVE-2024-9195.json) (`2025-02-28T09:15:11.633`) +- [CVE-2025-1413](CVE-2025/CVE-2025-14xx/CVE-2025-1413.json) (`2025-02-28T09:15:11.850`) +- [CVE-2025-1560](CVE-2025/CVE-2025-15xx/CVE-2025-1560.json) (`2025-02-28T09:15:12.040`) +- [CVE-2025-1570](CVE-2025/CVE-2025-15xx/CVE-2025-1570.json) (`2025-02-28T09:15:12.203`) +- [CVE-2025-1662](CVE-2025/CVE-2025-16xx/CVE-2025-1662.json) (`2025-02-28T09:15:12.373`) +- [CVE-2025-22491](CVE-2025/CVE-2025-224xx/CVE-2025-22491.json) (`2025-02-28T09:15:12.540`) +- [CVE-2025-22492](CVE-2025/CVE-2025-224xx/CVE-2025-22492.json) (`2025-02-28T09:15:12.680`) ### CVEs modified in the last Commit -Recently modified CVEs: `1` +Recently modified CVEs: `0` -- [CVE-2024-12782](CVE-2024/CVE-2024-127xx/CVE-2024-12782.json) (`2025-02-28T07:15:33.487`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 5bdcc0dded2..bb23c02f041 100644 --- a/_state.csv +++ b/_state.csv @@ -245022,6 +245022,7 @@ CVE-2024-10856,0,0,7e9eb9b0320a824a6f22312f21c483e6a20231d2b64419ecd83ac1284ebe6 CVE-2024-10857,0,0,957ae8afb2b021b5a39096260dcb79ccdc7e257258c659d883b9a23a31df5c0b,2024-11-26T07:15:05.003000 CVE-2024-10858,0,0,42b123ba3b0529f7fcd2fe96eb2bcf8b1478b777f663ea90f1bede156318a16a,2024-12-26T20:15:20.080000 CVE-2024-1086,0,0,ed3b4cc9e937086bf7bd2a6eab945784d7bd20c1d6f9c68b6b3e2f0cc3cb68b3,2025-02-13T18:16:21.507000 +CVE-2024-10860,1,1,7c3c00f3072a2c47fdca547d3cc1a0275081d893f39926917a8c68219e57d0f9,2025-02-28T10:15:09.963000 CVE-2024-10861,0,0,a0a9ed450f8163c1435b46341b966a17dde352d3f4e975547d6d20959f88110b,2024-11-18T17:11:17.393000 CVE-2024-10862,0,0,8d0469751c4a45e9a11849af14ded70548f7b3b67c046bcdbd1a895c0f05bb5b,2025-01-17T14:53:51.413000 CVE-2024-10863,0,0,b5b227485fbe2ef5029ee042bb93b4e86d4e47bdafc29c909ac7a75d6e0d47a4,2024-11-22T16:15:21.257000 @@ -246770,7 +246771,7 @@ CVE-2024-12773,0,0,4a158210ce8f04e63a0cc5644404dce0edf638a1d39d2ff2dbf8f403280ec CVE-2024-12774,0,0,a5018f9b8a1ed4e5ce72ea8a47b3a7028c7d128473c99e738a64f122822c050a,2025-01-27T15:15:09.803000 CVE-2024-1278,0,0,5fc68c762fc836b6c12a71eed788de7c0888610c449a9d12f31cc3647bf88af1,2025-01-29T16:26:48.717000 CVE-2024-12781,0,0,c74d8fa49d4e1ce3b752d35981d8b052a93e3f1d0fb27ff932f88f085f9b3bc6,2025-01-07T07:15:27.937000 -CVE-2024-12782,0,1,d2e881814d729c9fad0c1c1a3b56268648b9ca7902e0e86e7f1cea35a422381d,2025-02-28T07:15:33.487000 +CVE-2024-12782,0,0,d2e881814d729c9fad0c1c1a3b56268648b9ca7902e0e86e7f1cea35a422381d,2025-02-28T07:15:33.487000 CVE-2024-12783,0,0,1cbf05ea91cf262fc7ff861feed31dbe6250d2c08bd8ebca814337722a82f119,2025-01-10T21:26:40.627000 CVE-2024-12784,0,0,16a1647cb8b6a8b723facb6fac58d6bd338129da42378715684c47157df977b2,2025-02-11T15:03:54.250000 CVE-2024-12785,0,0,f237e43081c01ed50416da96588e0c5c37314200a5fa658b44c6f12aeace42a0,2025-02-07T14:58:01.530000 @@ -247394,6 +247395,7 @@ CVE-2024-13465,0,0,ec8251f01c9f88d7585f9bf4822b9e6fe7e3358f78bb52205382957231114 CVE-2024-13466,0,0,ad9c9053e3167555f400e28f8c129f78ebaefbfea867abbbb84a69e9c4118ca4,2025-02-18T19:15:13.923000 CVE-2024-13467,0,0,923a38005e4f33b4b00ab497e7b9124480dbc307e6f66ebdda4f5013f61f8d36,2025-02-04T19:33:01.617000 CVE-2024-13468,0,0,3b114e7865942bd4a908c446f11cc9e4d2c0bb866058c63bfd1c63d95d58f732,2025-02-19T08:15:16.027000 +CVE-2024-13469,1,1,59dce6c462c5a88a80921bfc05a3a5bb68a1971f53d52b089cd62613870d0a02,2025-02-28T09:15:09.823000 CVE-2024-1347,0,0,b12a4cbf8e4f285872bf9a248874204d9208208e515ae74de2299237bb6626ad,2024-12-11T19:24:26.643000 CVE-2024-13470,0,0,62d62489ae69e29df63f8eb0190e3d2c26ee16e4de50a68486e1e17ce16780e9,2025-02-04T18:51:38.467000 CVE-2024-13472,0,0,78a083d4b9b0a592d2a2cc443e9c6a93e0d6fbb4d284dd5848fb1a89da8cee59,2025-02-11T21:06:13.237000 @@ -247544,6 +247546,7 @@ CVE-2024-13632,0,0,ab87904e3237e1ff207bd083064fa234eb8396de2c71155409ff7865e4a4b CVE-2024-13633,0,0,5ee7398c6e0e74dbda092bd1434016432f8cbad05a1f93851c7c1e6797876da1,2025-02-26T15:15:22.940000 CVE-2024-13634,0,0,0925e4eb0a5b6a25a950b2bbdaa9ac2e640f74d1a050a484380e5d735ef0dc4f,2025-02-26T15:15:23.103000 CVE-2024-13636,0,0,060ea877f973da3e3139131075fc6b65a68ba520ee71166120bdf003d38b6862,2025-02-24T22:15:11.277000 +CVE-2024-13638,1,1,4fbd33032dbdde9da6016e5df748c24187ab44e7250c73361acba382280f65a3,2025-02-28T09:15:10.043000 CVE-2024-13639,0,0,071381e5184000ecf8c72dcde14c2011c1cb4ea4b355e15fb5e9c5b4fb270c14,2025-02-18T18:15:51.587000 CVE-2024-1364,0,0,47f33fd19586ab96196a2cb0337c2030aca42f1bd8c4ab84cfa2e52c3dbe5e59,2024-11-21T08:50:25.223000 CVE-2024-13641,0,0,f5ae933978b19eaa8786ac84fc5f20a253f923886108cb6b544c748640981d51,2025-02-25T19:39:47.477000 @@ -247610,6 +247613,7 @@ CVE-2024-13712,0,0,dc7644dc4e1dbc747bbf2221b44bd3e1c5714d00548aa1a048cc6c77b3cd4 CVE-2024-13713,0,0,90954b7583c56b27a881e3e89dac99a8fe4d669edd575847540b2c9eda75eaf1,2025-02-25T03:28:44.207000 CVE-2024-13714,0,0,b97d32dee0692688a979a37af59123f65e30a687518c4b6566287e3189fcc055,2025-02-12T06:15:19.987000 CVE-2024-13715,0,0,f17d510da8f1903ed11deb0997b2f7b6b7c66954d157d92b6358d4c629959cde,2025-01-30T18:53:45.883000 +CVE-2024-13716,1,1,a730dc60dc22c20ef2e1e6a37f90d5aa74273af9534de5004e3970125a69b204,2025-02-28T09:15:10.223000 CVE-2024-13717,0,0,4177d6f2dff693b69b1517de82a3632e741bac0287c1343530f73c4d6d1ed41b,2025-01-31T06:15:29.770000 CVE-2024-13718,0,0,2a66de61882126095d3053f4a883ea3530a7a8c40923166079a0a9d06dc8603b,2025-02-21T15:25:03.847000 CVE-2024-13719,0,0,82e1c4af9f0b8d4908b4e334be7136368e8b0d540e14dda9dec9f059b1234cbf,2025-02-19T08:15:20.737000 @@ -247672,6 +247676,8 @@ CVE-2024-13822,0,0,b03830906a27cd03fc0531c5c6e7b60f126f1978ea681f2921431ba76aa58 CVE-2024-13829,0,0,0eb68c1cd51e57e24834aa430c28539b9740e4aeaf2e4bf4d57d2d018e612c3a,2025-02-05T06:15:31.257000 CVE-2024-1383,0,0,aa117bb4caae4c90c9ef562f3b17aec83c186c85e2ed83fcc25ce7b11090cff4,2024-11-21T08:50:27.733000 CVE-2024-13830,0,0,c6d7b41600cf06f096c92eda44ad4947ed0129124f061312ef644e59d67aa0f4,2025-02-13T17:09:11.660000 +CVE-2024-13831,1,1,dc606325056ecb3af1d0abdf4906087df581d7aaf8a47f4b06428d6e01b13004,2025-02-28T09:15:10.400000 +CVE-2024-13832,1,1,ec5b2acd93db5978e9a901bf338782a10b26bfa5fce10324f0a5b3fac0b88ab1,2025-02-28T09:15:10.570000 CVE-2024-13834,0,0,43e5ae6cc904537a30eeccc37c7b9a07fd2bfb264b9574278bc2a72960c00c36,2025-02-24T12:37:18.957000 CVE-2024-13837,0,0,b186071e4ea62233d731f5821d490b3ab777186a5f4da25e22f6fedfafcbdd0c,2025-02-17T19:15:09.463000 CVE-2024-1384,0,0,f50cb0336a3fe51b62fe599c783d20749a5fb92b8e797d5c0ac36d466c13f7ad,2024-09-19T22:13:04.370000 @@ -247683,6 +247689,7 @@ CVE-2024-13848,0,0,5623c6bf6e4d11fedf071f2d8a6a41f683ea08f022ec414f86d8eab78cead CVE-2024-13849,0,0,ff236b733a56083f87d9fda1374c64bc737bce2f85ab541b6c51d8f632de7db5,2025-02-25T20:58:18.983000 CVE-2024-1385,0,0,8d44f2ddcfbec761b90cec48d83e59f97d1a3c53ec848ed4ca09c1c2ed005096,2024-11-21T08:50:27.933000 CVE-2024-13850,0,0,21374982a6b82adc74612a8ed4ca91538e192f9010fe0e837b933250ab0049eb,2025-02-24T17:36:09.667000 +CVE-2024-13851,1,1,b398a5e42cb9d7be9c1f996abecf4cac62eb034d55b15397f51759f424614a8a,2025-02-28T09:15:10.733000 CVE-2024-13852,0,0,dd2c33f18b8ccbee6b646903a658fcb7af55315e978ebdb8f9c794cc0b1e0482,2025-02-21T15:50:45.813000 CVE-2024-13854,0,0,b293d3f2f05083e98beb719565723791c5cf1a85fbf867f7cfec3a20f9286342,2025-02-19T08:15:21.440000 CVE-2024-13855,0,0,9aad1f9df577d823156d8f799c672a44111ca2c006ede84d8cbdc8cff07c1227,2025-02-25T18:23:31.507000 @@ -278515,9 +278522,11 @@ CVE-2024-8415,0,0,e8d703c5be439a7b12f448c59ea16ff0dc181840132c9ef3746fdeb083d8c4 CVE-2024-8416,0,0,064686b03f2591358d01e2435bf6d0c05dabb68525db32e9554b611a0eda381c,2024-09-06T16:38:44.053000 CVE-2024-8417,0,0,ae5c46124418f1e175898401d4cd10e4ac5ab2a5760b3ada369013efaf5f9e0e,2024-11-21T09:53:11.207000 CVE-2024-8418,0,0,13014cb10bf2076fdd98d7e7307a7de55e2e6a5c70285579360946d216816d18,2024-09-17T20:15:06.710000 +CVE-2024-8420,1,1,ea5022a359dce7e54c310a8e4a463f6170d2c6e2d53163c491680ffcf3cf05d2,2025-02-28T09:15:10.910000 CVE-2024-8421,0,0,6800675b8d580f62fefe249f14070dd1be7b0d76f26f1a650e36706f5d41a8e4,2024-10-30T22:15:03.503000 CVE-2024-8422,0,0,595c3a4c4569e5d22b76db5956453d2a1a1a701b00065efde8acf9a79c387cf0,2024-10-16T18:00:10.507000 CVE-2024-8424,0,0,70e0efba1b7474fd71ae798ee933fd249d2e6d2cb69d7469e257caaac30ab429,2024-11-08T19:01:03.880000 +CVE-2024-8425,1,1,fc73b4c2c260fe21b5bc2fab7f3679ac5cb884a24671e36c961f5bb842707523,2025-02-28T09:15:11.083000 CVE-2024-8427,0,0,b84207915031e0f3fd8ae31fc1649578b63ca815fcdfb9b3c22054b4863be5e4,2024-09-11T17:41:18.733000 CVE-2024-8428,0,0,16614a0b61f86dd0b83d47d6c77d8385fb4c68c4d0f570f88f7c5094d2f7b53a,2024-09-26T21:58:45.393000 CVE-2024-8429,0,0,7d7adc19f31eabcda933830e1386025bcbab9119931c58d61657c8ea833e8e43,2024-12-17T12:15:20.853000 @@ -279025,6 +279034,7 @@ CVE-2024-9011,0,0,5f917ba5d6e9e414a668fa259efdc89c2355605a5666ae5f81812d44488e6a CVE-2024-9014,0,0,220003038e0ed1cc49a0befe3090135c41cd16a5f829c2d65bd6cc8f984c0497,2024-09-26T13:32:55.343000 CVE-2024-9015,0,0,70610f66e2554a4ae6806b1835adece9ecbb77c46846bbc910eff47baf4dabd3,2025-02-11T02:15:36.640000 CVE-2024-9018,0,0,9d5f9a71065cb5737c3eb97e3b8fce2545d7a7505edc442df3224ec9cdcd8b15,2024-10-07T19:20:48.293000 +CVE-2024-9019,1,1,b0e5ef09bc954fd45f762ba11289b323f0e5567e0b4c42b4e45e1e94cd6e6eeb,2025-02-28T09:15:11.270000 CVE-2024-9020,0,0,13f7d55260c3dda01ac88411af938bbf50d791e8c741bac69665223f77a450e5,2025-01-22T15:15:14.407000 CVE-2024-9021,0,0,38ce15408413883ac2962e131e46ff98aae3d8ba8d1d410ba95b4f315f4dd5ce,2024-10-10T12:57:21.987000 CVE-2024-9022,0,0,b97de3f37f13459888a48b84864cef3e3e6492a34af924d2e6bb02f8326a41fe,2024-10-15T14:34:12.063000 @@ -279166,7 +279176,9 @@ CVE-2024-9188,0,0,5dd6784f0ddf222dfed6f3f6f8ef1425cb794ae63276e1d1603c62bc0b0fa2 CVE-2024-9189,0,0,4e8c036fffae828e6f3882cbb1531defe39b113820187b885e346d496fe1295e,2024-10-03T17:26:19.397000 CVE-2024-9191,0,0,2d8772819e072256f7caa86d1c651c053e8fc5e8d42fd3c3815efa0104833a44,2024-11-05T17:06:41.363000 CVE-2024-9192,0,0,802019c9061fe1dee1b6059a0f58621063432e2ddeee0c2676186f080e117e0c,2024-11-18T17:11:17.393000 +CVE-2024-9193,1,1,7aa1dbde18a2cefd1d5c7994b259059c12b9ea975239024491588fedc661ea63,2025-02-28T09:15:11.437000 CVE-2024-9194,0,0,04a4ea65d38da4fcbaabc5e2d1e4083861c0f3dd2bc313d0389a7e90a03127c9,2024-11-21T17:15:27.480000 +CVE-2024-9195,1,1,78b1fc40d9caf9991dd97fbb23b8dd02b45f5722200cffc9c47e60fc4d41061a,2025-02-28T09:15:11.633000 CVE-2024-9196,0,0,451745349e35725debe11f08251f5349b7496561e06ccf08f6fdde37a22bdb15,2025-02-11T02:15:36.827000 CVE-2024-9197,0,0,33c1567de1a18762ef3858935357bc00f6cde05df47d6c1305df2581bf9eb8d5,2025-01-21T21:18:24.393000 CVE-2024-9198,0,0,641d70ca97204854d04cbb4e4de612cfeb0ea4b8a4de965802073ac66a64a690,2024-10-02T14:33:52.780000 @@ -280265,7 +280277,7 @@ CVE-2025-0754,0,0,01e22cbc27c23b2a20fc22b4b38925f42f70aba0e3cf26d239fd3f71faae49 CVE-2025-0759,0,0,f572811706ba51744ee45129f48d6948c8d40f854e28ffb23f9648591608afb2,2025-02-27T15:15:40.603000 CVE-2025-0760,0,0,41c51c3186d7c1d82dcf6c1e725fcfd59fdc585d73de4a715eb553b80d5dac62,2025-02-26T00:15:10.890000 CVE-2025-0762,0,0,e4f54e0a8112ca4bbd93833150136d658b70b741ccb351b92cec93e89ce75210,2025-01-29T15:15:17.687000 -CVE-2025-0764,1,1,c361408dc8341f519ad818deefae08734344056ea08640e21b6d8307fed6f9af,2025-02-28T07:15:33.863000 +CVE-2025-0764,0,0,c361408dc8341f519ad818deefae08734344056ea08640e21b6d8307fed6f9af,2025-02-28T07:15:33.863000 CVE-2025-0767,0,0,18b19f88a460710b0a272571f92b11e64f98033d887b75623068759f9e10d0cf,2025-02-27T19:15:49.350000 CVE-2025-0781,0,0,b187217e5320659130c2f954520571f906b51edbf3680129182cf06170507db1,2025-01-29T22:15:30.187000 CVE-2025-0783,0,0,8924456cd6700604f4e019fec6c3db3aae4fc1d29681bfa897a8d15c04913bcb,2025-01-28T19:15:14.410000 @@ -280618,11 +280630,12 @@ CVE-2025-1391,0,0,6fee9eda29ef94ebb6c29d27c38776c5f8bb1fbd11f215f0e687819427cb50 CVE-2025-1392,0,0,8e4405371022efbf780ff58db6d926727305203f058fec61ae92b5e8fa805a81,2025-02-17T16:15:16.120000 CVE-2025-1402,0,0,c23c451cfa1d570fb16b3d38ae224aa085b42cdb084d4b1dbd67b0732fd42aba,2025-02-25T04:04:59.860000 CVE-2025-1403,0,0,cdf9a8de03213e0ac7f7767452341bf79edc3d976615c3099248fc0b29544461,2025-02-21T18:15:20.550000 -CVE-2025-1405,1,1,f79a249eed6f1df2e72b69769faa924709e9a914f91232fbbc17335baa300615,2025-02-28T07:15:34.063000 +CVE-2025-1405,0,0,f79a249eed6f1df2e72b69769faa924709e9a914f91232fbbc17335baa300615,2025-02-28T07:15:34.063000 CVE-2025-1406,0,0,6fbc92715581c083383884df65716e311e7920e9986e87816bf21c4af15408ec,2025-02-25T03:38:24.303000 CVE-2025-1407,0,0,81ebc501504f4e0e97111e960151a7a649f1ecbd9d904ea14ecfe9745b475037,2025-02-25T03:37:32.347000 CVE-2025-1410,0,0,1acd34ee1bf4de50c7bb7990bb2833820ce8a935ac6fe3383da13c0fe4fe3da0,2025-02-25T03:35:42.633000 CVE-2025-1412,0,0,af6752d241a9229d1b7ffcf487afc415a29cfa03072b0a3797beadd6e57308ed,2025-02-24T08:15:09.890000 +CVE-2025-1413,1,1,f96e155e6d851d7d3bb06c9668e0843604deba9a4449bfef780b497cc84830b4,2025-02-28T09:15:11.850000 CVE-2025-1414,0,0,b3b9c3affbe2798ab158992b46088a156edfb77f4ed4319f53d9b7d1a64ef9f9,2025-02-18T21:15:25.440000 CVE-2025-1426,0,0,4a8cd471295100a135e3f1ec50bc3f2c2b0c11be304dbe11e606b36ac015f623,2025-02-19T20:15:36.467000 CVE-2025-1441,0,0,1a8d7925760ab15d6de1f722cbb1abd9befdb71560d55b0f11dd7282b2ec419a,2025-02-19T05:15:12.050000 @@ -280659,8 +280672,10 @@ CVE-2025-1553,0,0,3c10d6a755dcef4709f1d7b4a32da74f40ecec9ec11c525c5e38cbe72383a6 CVE-2025-1555,0,0,b87953fc659c2e74abd428dd8b83c4d989fea69643d0c4eecfbab0e6ac242e9a,2025-02-24T15:15:12.810000 CVE-2025-1556,0,0,724b13759326d4daa23c48d02c1ce795525d880ae020ac09a68b1de9594640a5,2025-02-22T13:15:12.010000 CVE-2025-1557,0,0,49607b48e972d9fd5d215f054ea7353b084df75dff065ecc488af6c52d9e37af,2025-02-22T13:15:12.247000 -CVE-2025-1571,1,1,2ff9d1871ce4b294af235897d1f180d1853e1f37cf780d6e8da053f8773e82c8,2025-02-28T07:15:34.227000 -CVE-2025-1572,1,1,1320b2f727383676da6c73261af1868478cf6dd12bf50e5bdd5ba7a431e21124,2025-02-28T08:15:35.810000 +CVE-2025-1560,1,1,94ea0392f231db4bf68a65aff70aa4324f399504541076f334dc955e4571374b,2025-02-28T09:15:12.040000 +CVE-2025-1570,1,1,b46b74003a884bfde248d1f55d464c09d2edda3a9f89316fe0cc50da512e923b,2025-02-28T09:15:12.203000 +CVE-2025-1571,0,0,2ff9d1871ce4b294af235897d1f180d1853e1f37cf780d6e8da053f8773e82c8,2025-02-28T07:15:34.227000 +CVE-2025-1572,0,0,1320b2f727383676da6c73261af1868478cf6dd12bf50e5bdd5ba7a431e21124,2025-02-28T08:15:35.810000 CVE-2025-1575,0,0,4f36554ed6482f45b74d35521d78ee1f8257f79829174fda75a5bd3bf6296f94,2025-02-23T04:15:24.980000 CVE-2025-1576,0,0,1f104649f17b82a7de320595b093dfc1101ef45ab193119cf4c9a764ae0261d6,2025-02-23T05:15:11.853000 CVE-2025-1577,0,0,511daa570f9ea062413f2bed6b33eae352829c776630ae7166a5c1ba24874bf7,2025-02-23T07:15:08.970000 @@ -280710,6 +280725,7 @@ CVE-2025-1644,0,0,c089c614bad147aba27db7e276630bda628e1050898eb7eafd3da256285acd CVE-2025-1645,0,0,f84c25d5345ae177afb924fbcfe7e77498beaa89bb1760e6fea90a27526a406a,2025-02-25T02:15:16.123000 CVE-2025-1646,0,0,5710e0e746a724f69e8cc150a43d0c87decff43af6a1a7566fd6006b723baac7,2025-02-25T14:15:31.320000 CVE-2025-1648,0,0,01be54e92ee6583d4b180477f3f82c99c2017256ad3257671bbc83775fcbe841,2025-02-28T01:30:32.830000 +CVE-2025-1662,1,1,65cfd856306d889617e3038fc6a8c795bc27be9c444f1a9c5df3c4ffdd828a0f,2025-02-28T09:15:12.373000 CVE-2025-1673,0,0,43512569ec0b0b4646ee8d2f3e7a6a4bcb909a60652f0dbc32a6d2623d178b1f,2025-02-28T01:30:32.830000 CVE-2025-1674,0,0,c9ab5cf0d854b00d30135f8d3aae01653c22e99139baff93dd6ad32b17a41d13,2025-02-28T01:30:32.830000 CVE-2025-1675,0,0,919ba4e5330550da1b3bdc08ee6fe479b5b6b92bc2456a105e1c616b57e9b557,2025-02-25T08:15:30.020000 @@ -281551,6 +281567,8 @@ CVE-2025-22450,0,0,08efaa8a0b7289f6e07d2143106d9ab0ee4947a312acaf42c999e908a6f4e CVE-2025-22467,0,0,8bd8bd517db848742ab03a7d28d508822057ab7be14ae3f2dcda13c476e2f133,2025-02-20T15:53:06.133000 CVE-2025-22475,0,0,15e2f0e4f859c49a221c12f5e1eb7e46b6c6aca8f0ab3cc88af90136ef2fdb5f,2025-02-07T20:42:39.800000 CVE-2025-22480,0,0,30f78fb08b81b0a4a0f02016506c54aff4f612e77005946c54cb0114603ea9f7,2025-02-18T18:39:56.053000 +CVE-2025-22491,1,1,e26a392df2afadce272fd73c1e836888f4b2c5b4ac6036088413dff6be206365,2025-02-28T09:15:12.540000 +CVE-2025-22492,1,1,e9bde4f21fb6310ad0cfe4e54a5331c3fe81f9a835d2382636a7b0f15d89bca3,2025-02-28T09:15:12.680000 CVE-2025-22495,0,0,b69414b6cefd90565ddf9757afc00445135fb48616564da9514c4b5ad30aaa8c,2025-02-24T17:15:13.723000 CVE-2025-22498,0,0,f3f7d57a5c074cef7d66fd0b0c22de1f5c4ac45e596ff524016d32b7cab75963,2025-01-13T14:15:10.787000 CVE-2025-22499,0,0,2c7469ba06cedcc8f30abf0610d7acbf7462216a8d6077933c22c805fba653a7,2025-01-13T14:15:10.960000