admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-03-24T15:00:22.415164+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-03-24 15:03:55 +00:00
parent 24ada614f2
commit dc40901ab7
160 changed files with 8087 additions and 439 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CVE-2020/CVE-2020-243xx/CVE-2020-24312.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-24312", "id": "CVE-2020-24312",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2020-08-26T13:15:10.860", "published": "2020-08-26T13:15:10.860",
"lastModified": "2024-11-21T05:14:35.103", "lastModified": "2025-03-24T14:32:35.300",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -85,9 +85,9 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:webdesi9:file_manager:*:*:*:*:*:wordpress:*:*", "criteria": "cpe:2.3:a:filemanagerpro:file_manager:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "6.4", "versionEndIncluding": "6.4",
"matchCriteriaId": "7F95AF1E-4974-454A-B41E-C6E996B98C83" "matchCriteriaId": "82EDFA9F-3005-43D8-A303-DD202534BBAC"
} }
] ]
} }

6
CVE-2021/CVE-2021-241xx/CVE-2021-24177.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-24177", "id": "CVE-2021-24177",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2021-04-05T19:15:16.247", "published": "2021-04-05T19:15:16.247",
"lastModified": "2024-11-21T05:52:31.933", "lastModified": "2025-03-24T14:32:35.300",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -95,9 +95,9 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:webdesi9:file_manager:*:*:*:*:*:wordpress:*:*", "criteria": "cpe:2.3:a:filemanagerpro:file_manager:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "7.1", "versionEndExcluding": "7.1",
"matchCriteriaId": "CFE8F14C-4E02-474F-AE64-5ADE7F7D1F08" "matchCriteriaId": "EDAF3474-8036-48E8-84C8-4F40036B69F9"
} }
] ]
} }

32
CVE-2022/CVE-2022-481xx/CVE-2022-48110.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-48110", "id": "CVE-2022-48110",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-02-13T20:15:10.820", "published": "2023-02-13T20:15:10.820",
"lastModified": "2024-11-21T07:32:50.707", "lastModified": "2025-03-24T13:15:24.493",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [ "cveTags": [
{ {
@ -43,6 +43,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
} }
] ]
}, },
@ -56,6 +76,16 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
} }
], ],
"configurations": [ "configurations": [

74
CVE-2024/CVE-2024-06xx/CVE-2024-0698.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0698", "id": "CVE-2024-0698",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-03-05T02:15:25.460", "published": "2024-03-05T02:15:25.460",
"lastModified": "2024-11-21T08:47:10.293", "lastModified": "2025-03-24T14:21:24.423",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,25 +36,87 @@
}, },
"exploitabilityScore": 3.1, "exploitabilityScore": 3.1,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:easyappointments:easy\\\\!appointments:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3.2",
"matchCriteriaId": "0CC6D729-8A5F-4E85-BE8B-CEAEEDF0E81B"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/browser/easyappointments/trunk/public/class-easyappointments-public.php#L141", "url": "https://plugins.trac.wordpress.org/browser/easyappointments/trunk/public/class-easyappointments-public.php#L141",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4b002e40-712d-4c3f-b168-9132e7b77e60?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4b002e40-712d-4c3f-b168-9132e7b77e60?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/browser/easyappointments/trunk/public/class-easyappointments-public.php#L141", "url": "https://plugins.trac.wordpress.org/browser/easyappointments/trunk/public/class-easyappointments-public.php#L141",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4b002e40-712d-4c3f-b168-9132e7b77e60?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4b002e40-712d-4c3f-b168-9132e7b77e60?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

6
CVE-2024/CVE-2024-07xx/CVE-2024-0761.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-0761", "id": "CVE-2024-0761",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-02-05T22:16:04.733", "published": "2024-02-05T22:16:04.733",
"lastModified": "2024-11-21T08:47:18.990", "lastModified": "2025-03-24T14:32:35.300",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -80,9 +80,9 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:webdesi9:file_manager:*:*:*:*:*:wordpress:*:*", "criteria": "cpe:2.3:a:filemanagerpro:file_manager:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "7.2.1", "versionEndIncluding": "7.2.1",
"matchCriteriaId": "1B86D114-5F1C-459E-8C82-671D783FE7C6" "matchCriteriaId": "7452FF6D-81C5-4331-9330-2D6C73726070"
} }
] ]
} }

81
CVE-2024/CVE-2024-10xx/CVE-2024-1013.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1013", "id": "CVE-2024-1013",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2024-03-18T11:15:09.227", "published": "2024-03-18T11:15:09.227",
"lastModified": "2024-11-21T08:49:35.760", "lastModified": "2025-03-24T13:02:51.540",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 5.2 "impactScore": 5.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
} }
] ]
}, },
@ -49,32 +69,77 @@
"value": "CWE-823" "value": "CWE-823"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:unixodbc:unixodbc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55099A48-74BF-49AE-A928-E2B869F8CE64"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://access.redhat.com/security/cve/CVE-2024-1013", "url": "https://access.redhat.com/security/cve/CVE-2024-1013",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
}, },
{ {
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260823", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260823",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
]
}, },
{ {
"url": "https://github.com/lurcher/unixODBC/pull/157", "url": "https://github.com/lurcher/unixODBC/pull/157",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
]
}, },
{ {
"url": "https://access.redhat.com/security/cve/CVE-2024-1013", "url": "https://access.redhat.com/security/cve/CVE-2024-1013",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
}, },
{ {
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260823", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260823",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
]
}, },
{ {
"url": "https://github.com/lurcher/unixODBC/pull/157", "url": "https://github.com/lurcher/unixODBC/pull/157",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
]
} }
] ]
} }

42
CVE-2024/CVE-2024-138xx/CVE-2024-13816.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13816", "id": "CVE-2024-13816",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2025-03-08T09:15:31.077", "published": "2025-03-08T09:15:31.077",
"lastModified": "2025-03-08T09:15:31.077", "lastModified": "2025-03-24T14:23:45.580",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -49,16 +49,50 @@
"value": "CWE-862" "value": "CWE-862"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:coderevolution:aiomatic:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.3.7",
"matchCriteriaId": "1C360910-2EA1-46ED-A75C-EC966CA979E8"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://coderevolution.ro/knowledge-base/faq/full-changelog-aiomatic-automatic-ai-content-writer-editor-gpt-3-gpt-4-chatgpt-chatbot-ai-toolkit/#item-description__changelog", "url": "https://coderevolution.ro/knowledge-base/faq/full-changelog-aiomatic-automatic-ai-content-writer-editor-gpt-3-gpt-4-chatgpt-chatbot-ai-toolkit/#item-description__changelog",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/69de7d93-b255-4d41-8680-9762ff632804?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/69de7d93-b255-4d41-8680-9762ff632804?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

89
CVE-2024/CVE-2024-139xx/CVE-2024-13903.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13903", "id": "CVE-2024-13903",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-21T07:15:34.877", "published": "2025-03-21T07:15:34.877",
"lastModified": "2025-03-21T07:15:34.877", "lastModified": "2025-03-24T14:36:07.503",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -63,7 +63,7 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
@ -80,6 +80,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
], ],
"cvssMetricV2": [ "cvssMetricV2": [
@ -122,32 +142,83 @@
"value": "CWE-121" "value": "CWE-121"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:quickjs-ng:quickjs:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.9.0",
"matchCriteriaId": "08423DC4-B8AC-4824-9532-63722E3F64F7"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://github.com/quickjs-ng/quickjs/commit/99c02eb45170775a9a679c32b45dd4000ea67aff", "url": "https://github.com/quickjs-ng/quickjs/commit/99c02eb45170775a9a679c32b45dd4000ea67aff",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://github.com/quickjs-ng/quickjs/issues/775", "url": "https://github.com/quickjs-ng/quickjs/issues/775",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking"
]
}, },
{ {
"url": "https://github.com/quickjs-ng/quickjs/releases/tag/v0.9.0", "url": "https://github.com/quickjs-ng/quickjs/releases/tag/v0.9.0",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Release Notes"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.300571", "url": "https://vuldb.com/?ctiid.300571",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?id.300571", "url": "https://vuldb.com/?id.300571",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?submit.517394", "url": "https://vuldb.com/?submit.517394",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
} }
] ]
} }

76
CVE-2024/CVE-2024-139xx/CVE-2024-13918.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13918", "id": "CVE-2024-13918",
"sourceIdentifier": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a", "sourceIdentifier": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a",
"published": "2025-03-10T10:15:10.280", "published": "2025-03-10T10:15:10.280",
"lastModified": "2025-03-10T17:15:34.383", "lastModified": "2025-03-24T14:15:59.000",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.6, "exploitabilityScore": 1.6,
"impactScore": 5.8 "impactScore": 5.8
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
} }
] ]
}, },
@ -49,24 +69,68 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:laravel:framework:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.9.0",
"versionEndExcluding": "11.36.0",
"matchCriteriaId": "A2A8A0BE-A7AA-4DA2-8A67-227CBBA94C18"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://github.com/laravel/framework/pull/53869", "url": "https://github.com/laravel/framework/pull/53869",
"source": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a" "source": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a",
"tags": [
"Issue Tracking",
"Patch"
]
}, },
{ {
"url": "https://github.com/laravel/framework/releases/tag/v11.36.0", "url": "https://github.com/laravel/framework/releases/tag/v11.36.0",
"source": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a" "source": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a",
"tags": [
"Release Notes"
]
}, },
{ {
"url": "https://github.com/sbaresearch/advisories/tree/public/2024/SBA-ADV-20241209-01_Laravel_Reflected_XSS_via_Request_Parameter_in_Debug-Mode_Error_Page", "url": "https://github.com/sbaresearch/advisories/tree/public/2024/SBA-ADV-20241209-01_Laravel_Reflected_XSS_via_Request_Parameter_in_Debug-Mode_Error_Page",
"source": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a" "source": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a",
"tags": [
"Exploit"
]
}, },
{ {
"url": "http://www.openwall.com/lists/oss-security/2025/03/10/3", "url": "http://www.openwall.com/lists/oss-security/2025/03/10/3",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory",
"Exploit"
]
} }
] ]
} }

76
CVE-2024/CVE-2024-139xx/CVE-2024-13919.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13919", "id": "CVE-2024-13919",
"sourceIdentifier": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a", "sourceIdentifier": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a",
"published": "2025-03-10T10:15:13.890", "published": "2025-03-10T10:15:13.890",
"lastModified": "2025-03-10T17:15:34.540", "lastModified": "2025-03-24T14:14:53.337",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.6, "exploitabilityScore": 1.6,
"impactScore": 5.8 "impactScore": 5.8
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
} }
] ]
}, },
@ -49,24 +69,68 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:laravel:framework:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.9.0",
"versionEndExcluding": "11.36.0",
"matchCriteriaId": "A2A8A0BE-A7AA-4DA2-8A67-227CBBA94C18"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://github.com/laravel/framework/pull/53869", "url": "https://github.com/laravel/framework/pull/53869",
"source": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a" "source": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a",
"tags": [
"Issue Tracking",
"Patch"
]
}, },
{ {
"url": "https://github.com/laravel/framework/releases/tag/v11.36.0", "url": "https://github.com/laravel/framework/releases/tag/v11.36.0",
"source": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a" "source": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a",
"tags": [
"Release Notes"
]
}, },
{ {
"url": "https://github.com/sbaresearch/advisories/tree/public/2024/SBA-ADV-20241209-02_Laravel_Reflected_XSS_via_Route_Parameter_in_Debug-Mode_Error_Page", "url": "https://github.com/sbaresearch/advisories/tree/public/2024/SBA-ADV-20241209-02_Laravel_Reflected_XSS_via_Route_Parameter_in_Debug-Mode_Error_Page",
"source": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a" "source": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a",
"tags": [
"Exploit"
]
}, },
{ {
"url": "http://www.openwall.com/lists/oss-security/2025/03/10/4", "url": "http://www.openwall.com/lists/oss-security/2025/03/10/4",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory",
"Exploit"
]
} }
] ]
} }

74
CVE-2024/CVE-2024-13xx/CVE-2024-1379.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1379", "id": "CVE-2024-1379",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-03-20T07:15:09.903", "published": "2024-03-20T07:15:09.903",
"lastModified": "2024-11-21T08:50:27.157", "lastModified": "2025-03-24T14:48:13.980",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,25 +36,87 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:magenet:website_article_monetization:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.0.12",
"matchCriteriaId": "08C740F1-8336-4A86-9D65-8932985B3A07"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/browser/website-article-monetization-by-magenet/trunk/admin/article-backlinks-admin.php#L110", "url": "https://plugins.trac.wordpress.org/browser/website-article-monetization-by-magenet/trunk/admin/article-backlinks-admin.php#L110",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b8564dbb-6be8-4999-be65-d28609e05451?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b8564dbb-6be8-4999-be65-d28609e05451?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/browser/website-article-monetization-by-magenet/trunk/admin/article-backlinks-admin.php#L110", "url": "https://plugins.trac.wordpress.org/browser/website-article-monetization-by-magenet/trunk/admin/article-backlinks-admin.php#L110",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b8564dbb-6be8-4999-be65-d28609e05451?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b8564dbb-6be8-4999-be65-d28609e05451?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

74
CVE-2024/CVE-2024-14xx/CVE-2024-1473.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1473", "id": "CVE-2024-1473",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-03-20T07:15:10.133", "published": "2024-03-20T07:15:10.133",
"lastModified": "2024-11-21T08:50:39.520", "lastModified": "2025-03-24T14:44:29.747",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,25 +36,87 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:colorlib:coming_soon_&_maintenance_mode:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.99",
"matchCriteriaId": "C44A079E-1149-4385-AE7F-F24691DA3FD8"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://wordpress.org/plugins/colorlib-coming-soon-maintenance/", "url": "https://wordpress.org/plugins/colorlib-coming-soon-maintenance/",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/48dc10a9-7bb9-401f-befd-1bf620858825?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/48dc10a9-7bb9-401f-befd-1bf620858825?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://wordpress.org/plugins/colorlib-coming-soon-maintenance/", "url": "https://wordpress.org/plugins/colorlib-coming-soon-maintenance/",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/48dc10a9-7bb9-401f-befd-1bf620858825?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/48dc10a9-7bb9-401f-befd-1bf620858825?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

63
CVE-2024/CVE-2024-202xx/CVE-2024-20292.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20292", "id": "CVE-2024-20292",
"sourceIdentifier": "psirt@cisco.com", "sourceIdentifier": "psirt@cisco.com",
"published": "2024-03-06T17:15:08.797", "published": "2024-03-06T17:15:08.797",
"lastModified": "2024-11-21T08:52:14.293", "lastModified": "2025-03-24T13:56:44.540",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 0.8, "exploitabilityScore": 0.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
} }
] ]
}, },
@ -49,16 +69,51 @@
"value": "CWE-200" "value": "CWE-200"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-312"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:duo_authentication_for_windows_logon_and_rdp:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.0",
"versionEndExcluding": "4.3.0",
"matchCriteriaId": "D7A75C57-DC68-4A43-8ACA-90FAC4CBC271"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-duo-infodisc-rLCEqm6T", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-duo-infodisc-rLCEqm6T",
"source": "psirt@cisco.com" "source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-duo-infodisc-rLCEqm6T", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-duo-infodisc-rLCEqm6T",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

63
CVE-2024/CVE-2024-203xx/CVE-2024-20301.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20301", "id": "CVE-2024-20301",
"sourceIdentifier": "psirt@cisco.com", "sourceIdentifier": "psirt@cisco.com",
"published": "2024-03-06T17:15:08.987", "published": "2024-03-06T17:15:08.987",
"lastModified": "2024-11-21T08:52:17.907", "lastModified": "2025-03-24T13:53:28.940",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 0.3, "exploitabilityScore": 0.3,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.3,
"impactScore": 5.9
} }
] ]
}, },
@ -49,16 +69,51 @@
"value": "CWE-287" "value": "CWE-287"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-613"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:duo_authentication_for_windows_logon_and_rdp:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.2.0",
"versionEndExcluding": "4.3.0",
"matchCriteriaId": "FBED07B7-4B6D-4518-9AB0-DD754925E1CA"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-duo-win-bypass-pn42KKBm", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-duo-win-bypass-pn42KKBm",
"source": "psirt@cisco.com" "source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-duo-win-bypass-pn42KKBm", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-duo-win-bypass-pn42KKBm",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

76
CVE-2024/CVE-2024-23xx/CVE-2024-2316.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2316", "id": "CVE-2024-2316",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2024-03-08T12:15:50.053", "published": "2024-03-08T12:15:50.053",
"lastModified": "2024-11-21T09:09:29.647", "lastModified": "2025-03-24T13:45:34.743",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
} }
], ],
"cvssMetricV2": [ "cvssMetricV2": [
@ -76,30 +96,70 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bdtask:hospital_automanager:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20240227",
"matchCriteriaId": "9A799C05-4F43-4C92-B3A8-758D75995D2A"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://drive.google.com/file/d/1v_Ee2FWlbpLgHYIl88COPp05EHSxUWI0/view?usp=sharing", "url": "https://drive.google.com/file/d/1v_Ee2FWlbpLgHYIl88COPp05EHSxUWI0/view?usp=sharing",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.256270", "url": "https://vuldb.com/?ctiid.256270",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?id.256270", "url": "https://vuldb.com/?id.256270",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
}, },
{ {
"url": "https://drive.google.com/file/d/1v_Ee2FWlbpLgHYIl88COPp05EHSxUWI0/view?usp=sharing", "url": "https://drive.google.com/file/d/1v_Ee2FWlbpLgHYIl88COPp05EHSxUWI0/view?usp=sharing",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.256270", "url": "https://vuldb.com/?ctiid.256270",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?id.256270", "url": "https://vuldb.com/?id.256270",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"VDB Entry"
]
} }
] ]
} }

86
CVE-2024/CVE-2024-23xx/CVE-2024-2317.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2317", "id": "CVE-2024-2317",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2024-03-08T12:15:50.473", "published": "2024-03-08T12:15:50.473",
"lastModified": "2024-11-21T09:09:29.780", "lastModified": "2025-03-24T13:40:28.963",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.2, "exploitabilityScore": 1.2,
"impactScore": 2.5 "impactScore": 2.5
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
} }
], ],
"cvssMetricV2": [ "cvssMetricV2": [
@ -74,32 +94,82 @@
"value": "CWE-285" "value": "CWE-285"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bdtask:hospital_automanager:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2024-02-27",
"matchCriteriaId": "34BDF862-1057-4E25-B6E8-4DC3B782F521"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://drive.google.com/file/d/13-Fxw8fw3VP1PvL0fYvDBVlpTDQHyCkc/view?usp=sharing", "url": "https://drive.google.com/file/d/13-Fxw8fw3VP1PvL0fYvDBVlpTDQHyCkc/view?usp=sharing",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.256271", "url": "https://vuldb.com/?ctiid.256271",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?id.256271", "url": "https://vuldb.com/?id.256271",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"VDB Entry",
"Third Party Advisory"
]
}, },
{ {
"url": "https://drive.google.com/file/d/13-Fxw8fw3VP1PvL0fYvDBVlpTDQHyCkc/view?usp=sharing", "url": "https://drive.google.com/file/d/13-Fxw8fw3VP1PvL0fYvDBVlpTDQHyCkc/view?usp=sharing",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.256271", "url": "https://vuldb.com/?ctiid.256271",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?id.256271", "url": "https://vuldb.com/?id.256271",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Third Party Advisory"
]
} }
] ]
} }

34
CVE-2024/CVE-2024-252xx/CVE-2024-25269.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-25269", "id": "CVE-2024-25269",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-03-05T01:15:06.780", "published": "2024-03-05T01:15:06.780",
"lastModified": "2024-11-21T09:00:33.443", "lastModified": "2025-03-24T14:40:29.340",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,14 +51,40 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:struktur:libheif:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.17.6",
"matchCriteriaId": "52B72FAF-90BC-4DAA-9E61-ECB83EE59A35"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/strukturag/libheif/issues/1073", "url": "https://github.com/strukturag/libheif/issues/1073",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}, },
{ {
"url": "https://github.com/strukturag/libheif/issues/1073", "url": "https://github.com/strukturag/libheif/issues/1073",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking"
]
} }
] ]
} }

51
CVE-2024/CVE-2024-25xx/CVE-2024-2584.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2584", "id": "CVE-2024-2584",
"sourceIdentifier": "cve-coordination@incibe.es", "sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:10.060", "published": "2024-03-18T14:15:10.060",
"lastModified": "2024-11-21T09:10:03.963", "lastModified": "2025-03-24T13:26:38.360",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 4.2 "impactScore": 4.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -51,14 +71,37 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amss\\+\\+_project:amss\\+\\+:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "7923653C-8517-4869-A02F-4DC8AA1DAB6B"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss", "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "cve-coordination@incibe.es" "source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss", "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

51
CVE-2024/CVE-2024-25xx/CVE-2024-2585.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2585", "id": "CVE-2024-2585",
"sourceIdentifier": "cve-coordination@incibe.es", "sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:10.290", "published": "2024-03-18T14:15:10.290",
"lastModified": "2024-11-21T09:10:04.100", "lastModified": "2025-03-24T13:26:33.507",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 4.2 "impactScore": 4.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -51,14 +71,37 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amss\\+\\+_project:amss\\+\\+:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "7923653C-8517-4869-A02F-4DC8AA1DAB6B"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss", "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "cve-coordination@incibe.es" "source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss", "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

51
CVE-2024/CVE-2024-25xx/CVE-2024-2586.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2586", "id": "CVE-2024-2586",
"sourceIdentifier": "cve-coordination@incibe.es", "sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:10.540", "published": "2024-03-18T14:15:10.540",
"lastModified": "2024-11-21T09:10:04.220", "lastModified": "2025-03-24T13:26:35.903",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 4.2 "impactScore": 4.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -51,14 +71,37 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amss\\+\\+_project:amss\\+\\+:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "7923653C-8517-4869-A02F-4DC8AA1DAB6B"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss", "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "cve-coordination@incibe.es" "source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss", "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

52
CVE-2024/CVE-2024-26xx/CVE-2024-2654.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2654", "id": "CVE-2024-2654",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:35.947", "published": "2024-04-09T19:15:35.947",
"lastModified": "2025-02-26T18:15:13.590", "lastModified": "2025-03-24T14:41:58.103",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -71,30 +71,66 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:filemanagerpro:file_manager:*:*:*:*:free:wordpress:*:*",
"versionEndExcluding": "7.2.6",
"matchCriteriaId": "C973F4BF-578B-464A-8A13-B204D571FBE3"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/browser/wp-file-manager/trunk/file_folder_manager.php#L1353", "url": "https://plugins.trac.wordpress.org/browser/wp-file-manager/trunk/file_folder_manager.php#L1353",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset/3062387/wp-file-manager/trunk?contextall=1&old=3051451&old_path=%2Fwp-file-manager%2Ftrunk", "url": "https://plugins.trac.wordpress.org/changeset/3062387/wp-file-manager/trunk?contextall=1&old=3051451&old_path=%2Fwp-file-manager%2Ftrunk",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ca98fbc6-8cfa-4997-8a46-344afb75a97e?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ca98fbc6-8cfa-4997-8a46-344afb75a97e?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/browser/wp-file-manager/trunk/file_folder_manager.php#L1353", "url": "https://plugins.trac.wordpress.org/browser/wp-file-manager/trunk/file_folder_manager.php#L1353",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset/3062387/wp-file-manager/trunk?contextall=1&old=3051451&old_path=%2Fwp-file-manager%2Ftrunk", "url": "https://plugins.trac.wordpress.org/changeset/3062387/wp-file-manager/trunk?contextall=1&old=3051451&old_path=%2Fwp-file-manager%2Ftrunk",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ca98fbc6-8cfa-4997-8a46-344afb75a97e?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ca98fbc6-8cfa-4997-8a46-344afb75a97e?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

74
CVE-2024/CVE-2024-28xx/CVE-2024-2847.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2847", "id": "CVE-2024-2847",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:37.823", "published": "2024-04-09T19:15:37.823",
"lastModified": "2024-11-21T09:10:40.053", "lastModified": "2025-03-24T13:28:51.537",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,25 +36,87 @@
}, },
"exploitabilityScore": 3.1, "exploitabilityScore": 3.1,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:iptanus:wordpress_file_upload:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.24.6",
"matchCriteriaId": "8C7AA5C8-F9A7-4B84-89E1-36F08F7E3646"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3060091%40wp-file-upload%2Ftrunk&old=3045068%40wp-file-upload%2Ftrunk&sfp_email=&sfph_mail=", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3060091%40wp-file-upload%2Ftrunk&old=3045068%40wp-file-upload%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9f665099-d1c3-43a9-b37b-c9f42c9172ad?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9f665099-d1c3-43a9-b37b-c9f42c9172ad?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3060091%40wp-file-upload%2Ftrunk&old=3045068%40wp-file-upload%2Ftrunk&sfp_email=&sfph_mail=", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3060091%40wp-file-upload%2Ftrunk&old=3045068%40wp-file-upload%2Ftrunk&sfp_email=&sfph_mail=",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9f665099-d1c3-43a9-b37b-c9f42c9172ad?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9f665099-d1c3-43a9-b37b-c9f42c9172ad?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

52
CVE-2024/CVE-2024-325xx/CVE-2024-32508.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32508", "id": "CVE-2024-32508",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-17T10:15:10.997", "published": "2024-04-17T10:15:10.997",
"lastModified": "2024-11-21T09:15:03.767", "lastModified": "2025-03-24T14:27:15.187",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 3.7 "impactScore": 3.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },
@ -51,14 +71,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:detheme:dethemekit_for_elementor:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.1.0",
"matchCriteriaId": "FD69E481-93F1-4509-8406-2E96E36A6817"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/dethemekit-for-elementor/wordpress-dethemekit-for-elementor-plugin-2-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/dethemekit-for-elementor/wordpress-dethemekit-for-elementor-plugin-2-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://patchstack.com/database/vulnerability/dethemekit-for-elementor/wordpress-dethemekit-for-elementor-plugin-2-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/dethemekit-for-elementor/wordpress-dethemekit-for-elementor-plugin-2-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

74
CVE-2024/CVE-2024-37xx/CVE-2024-3732.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3732", "id": "CVE-2024-3732",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-04-23T10:15:07.537", "published": "2024-04-23T10:15:07.537",
"lastModified": "2024-11-21T09:30:16.123", "lastModified": "2025-03-24T14:18:23.650",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,25 +36,87 @@
}, },
"exploitabilityScore": 3.1, "exploitabilityScore": 3.1,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ayecode:geodirectory:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.3.49",
"matchCriteriaId": "6A396904-4878-4648-A92D-84F900404C1F"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3071121%40geodirectory&new=3071121%40geodirectory&sfp_email=&sfph_mail=", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3071121%40geodirectory&new=3071121%40geodirectory&sfp_email=&sfph_mail=",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5a91e786-f570-4c6c-b1c7-0110774cb808?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5a91e786-f570-4c6c-b1c7-0110774cb808?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3071121%40geodirectory&new=3071121%40geodirectory&sfp_email=&sfph_mail=", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3071121%40geodirectory&new=3071121%40geodirectory&sfp_email=&sfph_mail=",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5a91e786-f570-4c6c-b1c7-0110774cb808?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5a91e786-f570-4c6c-b1c7-0110774cb808?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

97
CVE-2024/CVE-2024-413xx/CVE-2024-41311.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41311", "id": "CVE-2024-41311",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-10-15T21:15:10.923", "published": "2024-10-15T21:15:10.923",
"lastModified": "2024-11-21T09:32:30.190", "lastModified": "2025-03-24T14:41:38.683",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -17,6 +17,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
},
{ {
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary", "type": "Secondary",
@ -40,6 +60,20 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
},
{
"lang": "en",
"value": "CWE-787"
}
]
},
{ {
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary", "type": "Secondary",
@ -55,26 +89,75 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:struktur:libheif:1.17.6:*:*:*:*:*:*:*",
"matchCriteriaId": "DB71230B-9BA1-464C-B2D7-38752ECE890D"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://gist.github.com/flyyee/79f1b224069842ee320115cafa5c35c0", "url": "https://gist.github.com/flyyee/79f1b224069842ee320115cafa5c35c0",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/strukturag/libheif/commit/a3ed1b1eb178c5d651d6ac619c8da3d71ac2be36", "url": "https://github.com/strukturag/libheif/commit/a3ed1b1eb178c5d651d6ac619c8da3d71ac2be36",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://github.com/strukturag/libheif/issues/1226", "url": "https://github.com/strukturag/libheif/issues/1226",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}, },
{ {
"url": "https://github.com/strukturag/libheif/pull/1227", "url": "https://github.com/strukturag/libheif/pull/1227",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
]
}, },
{ {
"url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00025.html", "url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00025.html",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
} }
] ]
} }

52
CVE-2024/CVE-2024-441xx/CVE-2024-44179.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44179", "id": "CVE-2024-44179",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2025-03-10T19:15:37.960", "published": "2025-03-10T19:15:37.960",
"lastModified": "2025-03-11T03:15:37.160", "lastModified": "2025-03-24T14:55:43.037",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,18 +51,60 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.7",
"matchCriteriaId": "064488F4-456F-4C5D-B325-4F1FCDF2D432"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.7",
"matchCriteriaId": "B8542FD9-368A-4A38-965E-47AE279208F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0",
"matchCriteriaId": "E8017C16-A17E-4AE7-9A0B-1295200A3A45"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.apple.com/en-us/121238", "url": "https://support.apple.com/en-us/121238",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Vendor Advisory",
"Release Notes"
]
}, },
{ {
"url": "https://support.apple.com/en-us/121246", "url": "https://support.apple.com/en-us/121246",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Vendor Advisory",
"Release Notes"
]
}, },
{ {
"url": "https://support.apple.com/en-us/121250", "url": "https://support.apple.com/en-us/121250",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Vendor Advisory",
"Release Notes"
]
} }
] ]
} }

74
CVE-2024/CVE-2024-50xx/CVE-2024-5090.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5090", "id": "CVE-2024-5090",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-06-11T03:15:12.253", "published": "2024-06-11T03:15:12.253",
"lastModified": "2024-11-21T09:46:56.690", "lastModified": "2025-03-24T13:29:44.987",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,25 +36,87 @@
}, },
"exploitabilityScore": 3.1, "exploitabilityScore": 3.1,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siteorigin:siteorigin_widgets_bundle:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.62.0",
"matchCriteriaId": "3F437509-3ACD-46D2-9B3A-756C3256667C"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/changeset/3098819/so-widgets-bundle", "url": "https://plugins.trac.wordpress.org/changeset/3098819/so-widgets-bundle",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2878de45-0123-4e07-bfec-015b36b11d01?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2878de45-0123-4e07-bfec-015b36b11d01?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset/3098819/so-widgets-bundle", "url": "https://plugins.trac.wordpress.org/changeset/3098819/so-widgets-bundle",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2878de45-0123-4e07-bfec-015b36b11d01?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2878de45-0123-4e07-bfec-015b36b11d01?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

66
CVE-2024/CVE-2024-545xx/CVE-2024-54539.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-54539", "id": "CVE-2024-54539",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:14.037", "published": "2025-01-27T22:15:14.037",
"lastModified": "2025-03-18T18:15:27.703", "lastModified": "2025-03-24T14:53:49.143",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -39,18 +39,74 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.7.2",
"matchCriteriaId": "0E37694D-5783-4112-B372-5915C231512F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.7.2",
"matchCriteriaId": "617CA14A-5EA4-4112-A564-DB1A5109A066"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0",
"versionEndExcluding": "15.2",
"matchCriteriaId": "A29E5D37-B333-4B43-9E4A-012CDD2C406D"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.apple.com/en-us/121839", "url": "https://support.apple.com/en-us/121839",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://support.apple.com/en-us/121840", "url": "https://support.apple.com/en-us/121840",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://support.apple.com/en-us/121842", "url": "https://support.apple.com/en-us/121842",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
} }
] ]
} }

70
CVE-2024/CVE-2024-545xx/CVE-2024-54542.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-54542", "id": "CVE-2024-54542",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:14.217", "published": "2025-01-27T22:15:14.217",
"lastModified": "2025-03-17T17:15:34.087", "lastModified": "2025-03-24T14:53:26.340",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,22 +51,80 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.2",
"matchCriteriaId": "12581F66-E5CF-4B04-A94C-E56DE31D0B62"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.2",
"matchCriteriaId": "61B67D76-E2DA-46D7-9E43-4E18D542AA57"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.2",
"matchCriteriaId": "02BF92BD-305C-46CA-8A77-C247AF8B1BC0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.2",
"matchCriteriaId": "3750AD63-B023-44CE-B44D-A90F98E3A8C0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.2",
"matchCriteriaId": "8C446885-2BC5-454D-88A1-146B17C051C3"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.apple.com/en-us/121837", "url": "https://support.apple.com/en-us/121837",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://support.apple.com/en-us/121839", "url": "https://support.apple.com/en-us/121839",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://support.apple.com/en-us/121843", "url": "https://support.apple.com/en-us/121843",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://support.apple.com/en-us/121846", "url": "https://support.apple.com/en-us/121846",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
} }
] ]
} }

104
CVE-2024/CVE-2024-54xx/CVE-2024-5418.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5418", "id": "CVE-2024-5418",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-05-31T03:15:08.853", "published": "2024-05-31T03:15:08.853",
"lastModified": "2024-11-21T09:47:36.970", "lastModified": "2025-03-24T14:25:36.727",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,49 +36,129 @@
}, },
"exploitabilityScore": 3.1, "exploitabilityScore": 3.1,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:detheme:dethemekit_for_elementor:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.1.5",
"matchCriteriaId": "1B7089A8-418A-4222-843D-0242CD9F7AEA"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/browser/dethemekit-for-elementor/tags/2.1.0/widgets/de-product-tab-slide.php#L1619", "url": "https://plugins.trac.wordpress.org/browser/dethemekit-for-elementor/tags/2.1.0/widgets/de-product-tab-slide.php#L1619",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/browser/dethemekit-for-elementor/tags/2.1.4/widgets/de-product-tab-slide.php#L1617", "url": "https://plugins.trac.wordpress.org/browser/dethemekit-for-elementor/tags/2.1.4/widgets/de-product-tab-slide.php#L1617",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset/3094885/", "url": "https://plugins.trac.wordpress.org/changeset/3094885/",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://wordpress.org/plugins/dethemekit-for-elementor/#developers", "url": "https://wordpress.org/plugins/dethemekit-for-elementor/#developers",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Release Notes"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/19bdbde1-1414-4113-890e-b6c96b8a6e11?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/19bdbde1-1414-4113-890e-b6c96b8a6e11?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/browser/dethemekit-for-elementor/tags/2.1.0/widgets/de-product-tab-slide.php#L1619", "url": "https://plugins.trac.wordpress.org/browser/dethemekit-for-elementor/tags/2.1.0/widgets/de-product-tab-slide.php#L1619",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/browser/dethemekit-for-elementor/tags/2.1.4/widgets/de-product-tab-slide.php#L1617", "url": "https://plugins.trac.wordpress.org/browser/dethemekit-for-elementor/tags/2.1.4/widgets/de-product-tab-slide.php#L1617",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset/3094885/", "url": "https://plugins.trac.wordpress.org/changeset/3094885/",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://wordpress.org/plugins/dethemekit-for-elementor/#developers", "url": "https://wordpress.org/plugins/dethemekit-for-elementor/#developers",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/19bdbde1-1414-4113-890e-b6c96b8a6e11?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/19bdbde1-1414-4113-890e-b6c96b8a6e11?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

45
CVE-2024/CVE-2024-550xx/CVE-2024-55009.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-55009", "id": "CVE-2024-55009",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-03-19T21:15:37.273", "published": "2025-03-19T21:15:37.273",
"lastModified": "2025-03-19T21:15:37.273", "lastModified": "2025-03-24T14:15:17.190",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Undergoing Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,7 +15,42 @@
"value": "Una vulnerabilidad de cross-site scripting (XSS) reflejado en AutoBib - Bibliographic collection management system 3.1.140 y anteriores permite a los atacantes ejecutar Javascript arbitrario en el contexto del navegador de una v\u00edctima mediante la inyecci\u00f3n de un payload manipulado en el par\u00e1metro WCE=topFrame&WCU=." "value": "Una vulnerabilidad de cross-site scripting (XSS) reflejado en AutoBib - Bibliographic collection management system 3.1.140 y anteriores permite a los atacantes ejecutar Javascript arbitrario en el contexto del navegador de una v\u00edctima mediante la inyecci\u00f3n de un payload manipulado en el par\u00e1metro WCE=topFrame&WCU=."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://medium.com/@r3dd1t/poc-cve-0b3ad0535631", "url": "https://medium.com/@r3dd1t/poc-cve-0b3ad0535631",
@ -28,6 +63,10 @@
{ {
"url": "https://youtu.be/SHk3mdsd2mI", "url": "https://youtu.be/SHk3mdsd2mI",
"source": "cve@mitre.org" "source": "cve@mitre.org"
},
{
"url": "https://medium.com/@r3dd1t/poc-cve-0b3ad0535631",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
} }
] ]
} }

86
CVE-2024/CVE-2024-87xx/CVE-2024-8773.json Normal file
View File

@ -0,0 +1,86 @@
{
"id": "CVE-2024-8773",
"sourceIdentifier": "cvd@cert.pl",
"published": "2025-03-24T13:15:25.453",
"lastModified": "2025-03-24T13:15:25.453",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SIMPLE.ERP client is vulnerable to MS SQL protocol downgrade request from a server side, what could lead to an unencrypted communication vulnerable to data interception and modification.\n\nThis issue affect SIMPLE.ERP from 6.20 to 6.30. Only the 6.30 version received a patch 6.30@a03.9, which make it possible for an administrator to enforce encrypted communication. Versions 6.20 and 6.25 remain unpatched."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cvd@cert.pl",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "cvd@cert.pl",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-757"
}
]
}
],
"references": [
{
"url": "https://cert.pl/en/posts/2025/03/CVE-2024-8773/",
"source": "cvd@cert.pl"
},
{
"url": "https://cert.pl/posts/2025/03/CVE-2024-8773/",
"source": "cvd@cert.pl"
},
{
"url": "https://simple.com.pl/produkty/simple-erp/dla-kogo/",
"source": "cvd@cert.pl"
}
]
}

86
CVE-2024/CVE-2024-87xx/CVE-2024-8774.json Normal file
View File

@ -0,0 +1,86 @@
{
"id": "CVE-2024-8774",
"sourceIdentifier": "cvd@cert.pl",
"published": "2025-03-24T13:15:25.693",
"lastModified": "2025-03-24T13:15:25.693",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SIMPLE.ERP client stores superuser password in a recoverable format, allowing any authenticated SIMPLE.ERP user to escalate privileges to a database administrator.\n\nThis issue affect SIMPLE.ERP from 6.20 through 6.30. Only the 6.30 version received a patch 6.30@a03.9, which removed the vulnerability. Versions 6.20 and 6.25 remain unpatched."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cvd@cert.pl",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "cvd@cert.pl",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-257"
}
]
}
],
"references": [
{
"url": "https://cert.pl/en/posts/2025/03/CVE-2024-8773/",
"source": "cvd@cert.pl"
},
{
"url": "https://cert.pl/posts/2025/03/CVE-2024-8773/",
"source": "cvd@cert.pl"
},
{
"url": "https://simple.com.pl/produkty/simple-erp/dla-kogo/",
"source": "cvd@cert.pl"
}
]
}

27
CVE-2025/CVE-2025-04xx/CVE-2025-0478.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-0478", "id": "CVE-2025-0478",
"sourceIdentifier": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "sourceIdentifier": "367425dc-4d06-4041-9650-c2dc6aaa27ce",
"published": "2025-03-24T12:15:13.227", "published": "2025-03-24T12:15:13.227",
"lastModified": "2025-03-24T12:15:13.227", "lastModified": "2025-03-24T14:15:17.930",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -11,7 +11,30 @@
"value": "Software installed and run as a non-privileged user may conduct improper GPU system calls to issue reads and writes to arbitrary physical memory pages.\n\nUnder certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel and drivers running on the platform, altering their behaviour." "value": "Software installed and run as a non-privileged user may conduct improper GPU system calls to issue reads and writes to arbitrary physical memory pages.\n\nUnder certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel and drivers running on the platform, altering their behaviour."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "source": "367425dc-4d06-4041-9650-c2dc6aaa27ce",

27
CVE-2025/CVE-2025-08xx/CVE-2025-0835.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-0835", "id": "CVE-2025-0835",
"sourceIdentifier": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "sourceIdentifier": "367425dc-4d06-4041-9650-c2dc6aaa27ce",
"published": "2025-03-24T12:15:13.597", "published": "2025-03-24T12:15:13.597",
"lastModified": "2025-03-24T12:15:13.597", "lastModified": "2025-03-24T14:15:18.090",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -11,7 +11,30 @@
"value": "Software installed and run as a non-privileged user may conduct improper GPU system calls to corrupt kernel heap memory." "value": "Software installed and run as a non-privileged user may conduct improper GPU system calls to corrupt kernel heap memory."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "source": "367425dc-4d06-4041-9650-c2dc6aaa27ce",

14
CVE-2025/CVE-2025-17xx/CVE-2025-1742.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-1742", "id": "CVE-2025-1742",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-02-27T17:15:16.460", "published": "2025-02-27T17:15:16.460",
"lastModified": "2025-02-27T17:15:16.460", "lastModified": "2025-03-24T14:15:18.307",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -63,7 +63,7 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
@ -111,7 +111,7 @@
"weaknesses": [ "weaknesses": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -125,6 +125,10 @@
} }
], ],
"references": [ "references": [
{
"url": "https://github.com/janssensjelle/published-pocs/blob/main/pihomehvac_xss_home.md",
"source": "cna@vuldb.com"
},
{ {
"url": "https://vuldb.com/?ctiid.297830", "url": "https://vuldb.com/?ctiid.297830",
"source": "cna@vuldb.com" "source": "cna@vuldb.com"
@ -136,10 +140,6 @@
{ {
"url": "https://vuldb.com/?submit.502501", "url": "https://vuldb.com/?submit.502501",
"source": "cna@vuldb.com" "source": "cna@vuldb.com"
},
{
"url": "https://www.singto.io/pocsforexploits/pihomehvac_xss_home.md",
"source": "cna@vuldb.com"
} }
] ]
} }

61
CVE-2025/CVE-2025-206xx/CVE-2025-20615.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-20615", "id": "CVE-2025-20615",
"sourceIdentifier": "ics-cert@hq.dhs.gov", "sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2025-02-13T22:15:11.590", "published": "2025-02-13T22:15:11.590",
"lastModified": "2025-02-13T22:15:11.590", "lastModified": "2025-03-24T13:39:29.907",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 0.7, "exploitabilityScore": 0.7,
"impactScore": 5.5 "impactScore": 5.5
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.7,
"impactScore": 5.9
} }
] ]
}, },
@ -49,16 +69,49 @@
"value": "CWE-359" "value": "CWE-359"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qardio:qardio:2.7.4:*:*:*:*:iphone_os:*:*",
"matchCriteriaId": "E68698AD-E33B-4C00-A016-FBF85EDAB538"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-044-01", "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-044-01",
"source": "ics-cert@hq.dhs.gov" "source": "ics-cert@hq.dhs.gov",
"tags": [
"US Government Resource"
]
}, },
{ {
"url": "https://www.qardio.com/about-us/#contact", "url": "https://www.qardio.com/about-us/#contact",
"source": "ics-cert@hq.dhs.gov" "source": "ics-cert@hq.dhs.gov",
"tags": [
"Product"
]
} }
] ]
} }

72
CVE-2025/CVE-2025-21xx/CVE-2025-2125.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2125", "id": "CVE-2025-2125",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-09T16:15:12.550", "published": "2025-03-09T16:15:12.550",
"lastModified": "2025-03-09T16:15:12.550", "lastModified": "2025-03-24T13:55:50.327",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -63,6 +63,26 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
@ -118,24 +138,64 @@
"value": "CWE-99" "value": "CWE-99"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-639"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:assaabloy:control_id_rhid:25.2.25.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ED890EAB-4EA2-47F7-8BF4-3AF92E718BA1"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://github.com/yago3008/cves", "url": "https://github.com/yago3008/cves",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.299038", "url": "https://vuldb.com/?ctiid.299038",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?id.299038", "url": "https://vuldb.com/?id.299038",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?submit.509856", "url": "https://vuldb.com/?submit.509856",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"VDB Entry"
]
} }
] ]
} }

73
CVE-2025/CVE-2025-21xx/CVE-2025-2147.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2147", "id": "CVE-2025-2147",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-10T11:15:38.157", "published": "2025-03-10T11:15:38.157",
"lastModified": "2025-03-10T11:15:38.157", "lastModified": "2025-03-24T14:30:40.943",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -63,7 +63,7 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
@ -80,6 +80,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
], ],
"cvssMetricV2": [ "cvssMetricV2": [
@ -122,24 +142,63 @@
"value": "CWE-552" "value": "CWE-552"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-425"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:caishixiong:modern_farm_digital_integrated_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AEED862C-2283-47AF-9870-9D9238FC6202"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://github.com/fubxx/CVE/blob/main/%E7%91%9E%E7%94%B0%E7%8E%B0%E4%BB%A3%E5%86%9C%E5%9C%BA%E6%95%B0%E5%AD%97%E5%8C%96%E7%BB%BC%E5%90%88%E7%AE%A1%E7%90%86%E7%B3%BB%E7%BB%9F%E7%9B%AE%E5%BD%95%E9%81%8D%E5%8E%86.md", "url": "https://github.com/fubxx/CVE/blob/main/%E7%91%9E%E7%94%B0%E7%8E%B0%E4%BB%A3%E5%86%9C%E5%9C%BA%E6%95%B0%E5%AD%97%E5%8C%96%E7%BB%BC%E5%90%88%E7%AE%A1%E7%90%86%E7%B3%BB%E7%BB%9F%E7%9B%AE%E5%BD%95%E9%81%8D%E5%8E%86.md",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.299058", "url": "https://vuldb.com/?ctiid.299058",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
}, },
{ {
"url": "https://vuldb.com/?id.299058", "url": "https://vuldb.com/?id.299058",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
}, },
{ {
"url": "https://vuldb.com/?submit.506593", "url": "https://vuldb.com/?submit.506593",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

31
CVE-2025/CVE-2025-21xx/CVE-2025-2150.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2150", "id": "CVE-2025-2150",
"sourceIdentifier": "twcert@cert.org.tw", "sourceIdentifier": "twcert@cert.org.tw",
"published": "2025-03-10T08:15:11.917", "published": "2025-03-10T08:15:11.917",
"lastModified": "2025-03-10T08:15:11.917", "lastModified": "2025-03-24T14:06:07.687",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,14 +51,37 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hgiga:c\\&cm\\@il:-:*:*:*:*:*:*:*",
"matchCriteriaId": "177F8E98-5F0D-4D4C-9386-8FDC6614AF5D"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.twcert.org.tw/en/cp-139-10005-05e0f-2.html", "url": "https://www.twcert.org.tw/en/cp-139-10005-05e0f-2.html",
"source": "twcert@cert.org.tw" "source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.twcert.org.tw/tw/cp-132-10004-99474-1.html", "url": "https://www.twcert.org.tw/tw/cp-132-10004-99474-1.html",
"source": "twcert@cert.org.tw" "source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

41
CVE-2025/CVE-2025-240xx/CVE-2025-24092.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-24092", "id": "CVE-2025-24092",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:15.267", "published": "2025-01-27T22:15:15.267",
"lastModified": "2025-03-18T15:15:58.933", "lastModified": "2025-03-24T14:53:04.507",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,14 +51,47 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.7.3",
"matchCriteriaId": "6049E692-EB64-4E7D-A1AC-CEBA288B7A55"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0",
"versionEndExcluding": "15.3",
"matchCriteriaId": "33FE4A81-3E35-4934-ABBB-4531E8E249AF"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.apple.com/en-us/122068", "url": "https://support.apple.com/en-us/122068",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://support.apple.com/en-us/122069", "url": "https://support.apple.com/en-us/122069",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
} }
] ]
} }

41
CVE-2025/CVE-2025-240xx/CVE-2025-24093.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-24093", "id": "CVE-2025-24093",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:15.350", "published": "2025-01-27T22:15:15.350",
"lastModified": "2025-03-18T12:15:14.730", "lastModified": "2025-03-24T14:52:50.327",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,14 +51,47 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.7.3",
"matchCriteriaId": "A12642CB-69CC-4C6E-A2C2-CA8AE736EE88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.7.3",
"matchCriteriaId": "9C523C7E-B1CF-454B-8AFD-B462C5120D9E"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.apple.com/en-us/122069", "url": "https://support.apple.com/en-us/122069",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://support.apple.com/en-us/122070", "url": "https://support.apple.com/en-us/122070",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
} }
] ]
} }

54
CVE-2025/CVE-2025-240xx/CVE-2025-24099.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-24099", "id": "CVE-2025-24099",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2025-01-30T17:15:18.473", "published": "2025-01-30T17:15:18.473",
"lastModified": "2025-01-30T22:15:10.160", "lastModified": "2025-03-24T14:59:36.260",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,18 +51,62 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.7.3",
"matchCriteriaId": "A12642CB-69CC-4C6E-A2C2-CA8AE736EE88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.7.3",
"matchCriteriaId": "9C523C7E-B1CF-454B-8AFD-B462C5120D9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0",
"versionEndExcluding": "15.3",
"matchCriteriaId": "33FE4A81-3E35-4934-ABBB-4531E8E249AF"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.apple.com/en-us/122068", "url": "https://support.apple.com/en-us/122068",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Vendor Advisory",
"Release Notes"
]
}, },
{ {
"url": "https://support.apple.com/en-us/122069", "url": "https://support.apple.com/en-us/122069",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Vendor Advisory",
"Release Notes"
]
}, },
{ {
"url": "https://support.apple.com/en-us/122070", "url": "https://support.apple.com/en-us/122070",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Vendor Advisory",
"Release Notes"
]
} }
] ]
} }

57
CVE-2025/CVE-2025-241xx/CVE-2025-24101.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-24101", "id": "CVE-2025-24101",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:15.717", "published": "2025-01-27T22:15:15.717",
"lastModified": "2025-01-29T17:15:29.547", "lastModified": "2025-03-24T14:52:32.450",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -17,6 +17,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{ {
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary", "type": "Secondary",
@ -40,6 +60,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-922"
}
]
},
{ {
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary", "type": "Secondary",
@ -51,10 +81,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.3",
"matchCriteriaId": "38BA63B3-CC2C-4E63-AE2C-B8DB08B5E89B"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.apple.com/en-us/122068", "url": "https://support.apple.com/en-us/122068",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

54
CVE-2025/CVE-2025-241xx/CVE-2025-24176.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-24176", "id": "CVE-2025-24176",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:20.643", "published": "2025-01-27T22:15:20.643",
"lastModified": "2025-01-28T16:15:44.630", "lastModified": "2025-03-24T14:59:58.437",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,18 +51,62 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.7.3",
"matchCriteriaId": "A12642CB-69CC-4C6E-A2C2-CA8AE736EE88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.7.3",
"matchCriteriaId": "9C523C7E-B1CF-454B-8AFD-B462C5120D9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0",
"versionEndExcluding": "15.3",
"matchCriteriaId": "33FE4A81-3E35-4934-ABBB-4531E8E249AF"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.apple.com/en-us/122068", "url": "https://support.apple.com/en-us/122068",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Vendor Advisory",
"Release Notes"
]
}, },
{ {
"url": "https://support.apple.com/en-us/122069", "url": "https://support.apple.com/en-us/122069",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Vendor Advisory",
"Release Notes"
]
}, },
{ {
"url": "https://support.apple.com/en-us/122070", "url": "https://support.apple.com/en-us/122070",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Vendor Advisory",
"Release Notes"
]
} }
] ]
} }

58
CVE-2025/CVE-2025-243xx/CVE-2025-24387.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-24387", "id": "CVE-2025-24387",
"sourceIdentifier": "security@otrs.com", "sourceIdentifier": "security@otrs.com",
"published": "2025-03-10T10:15:14.360", "published": "2025-03-10T10:15:14.360",
"lastModified": "2025-03-10T10:15:14.360", "lastModified": "2025-03-24T14:11:20.387",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.2, "exploitabilityScore": 1.2,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
} }
] ]
}, },
@ -49,12 +69,44 @@
"value": "CWE-1275" "value": "CWE-1275"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndIncluding": "2025.1.2",
"matchCriteriaId": "94C7FB8D-6F6C-4C2C-8F52-EE231CDFB848"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://otrs.com/release-notes/otrs-security-advisory-2025-05/", "url": "https://otrs.com/release-notes/otrs-security-advisory-2025-05/",
"source": "security@otrs.com" "source": "security@otrs.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

83
CVE-2025/CVE-2025-25xx/CVE-2025-2582.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2582", "id": "CVE-2025-2582",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-21T07:15:36.953", "published": "2025-03-21T07:15:36.953",
"lastModified": "2025-03-21T07:15:36.953", "lastModified": "2025-03-24T14:29:50.370",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -63,7 +63,7 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
@ -80,6 +80,26 @@
}, },
"exploitabilityScore": 2.1, "exploitabilityScore": 2.1,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
], ],
"cvssMetricV2": [ "cvssMetricV2": [
@ -122,28 +142,75 @@
"value": "CWE-94" "value": "CWE-94"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BF35AE54-3B18-4459-900E-95D9F3D7E9BC"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://github.com/Fewword/Poc/blob/main/smf/smf-poc3.md", "url": "https://github.com/Fewword/Poc/blob/main/smf/smf-poc3.md",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/Fewword/Poc/blob/main/smf/smf-poc4.md", "url": "https://github.com/Fewword/Poc/blob/main/smf/smf-poc4.md",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.300542", "url": "https://vuldb.com/?ctiid.300542",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?id.300542", "url": "https://vuldb.com/?id.300542",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?submit.511999", "url": "https://vuldb.com/?submit.511999",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
} }
] ]
} }

83
CVE-2025/CVE-2025-25xx/CVE-2025-2583.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2583", "id": "CVE-2025-2583",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-21T07:15:37.157", "published": "2025-03-21T07:15:37.157",
"lastModified": "2025-03-21T07:15:37.157", "lastModified": "2025-03-24T14:27:53.530",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -63,7 +63,7 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
@ -80,6 +80,26 @@
}, },
"exploitabilityScore": 2.1, "exploitabilityScore": 2.1,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
} }
], ],
"cvssMetricV2": [ "cvssMetricV2": [
@ -122,28 +142,75 @@
"value": "CWE-94" "value": "CWE-94"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:simplemachines:simple_machines_forum:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BF35AE54-3B18-4459-900E-95D9F3D7E9BC"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://github.com/Fewword/Poc/blob/main/smf/smf-poc5.md", "url": "https://github.com/Fewword/Poc/blob/main/smf/smf-poc5.md",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/Fewword/Poc/blob/main/smf/smf-poc6.md", "url": "https://github.com/Fewword/Poc/blob/main/smf/smf-poc6.md",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.300543", "url": "https://vuldb.com/?ctiid.300543",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?id.300543", "url": "https://vuldb.com/?id.300543",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?submit.512001", "url": "https://vuldb.com/?submit.512001",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
} }
] ]
} }

83
CVE-2025/CVE-2025-25xx/CVE-2025-2584.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2584", "id": "CVE-2025-2584",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-21T08:15:11.273", "published": "2025-03-21T08:15:11.273",
"lastModified": "2025-03-21T08:15:11.273", "lastModified": "2025-03-24T14:02:56.053",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -63,7 +63,7 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
@ -80,6 +80,26 @@
}, },
"exploitabilityScore": 1.6, "exploitabilityScore": 1.6,
"impactScore": 3.4 "impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.2
} }
], ],
"cvssMetricV2": [ "cvssMetricV2": [
@ -122,28 +142,75 @@
"value": "CWE-122" "value": "CWE-122"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webassembly:wabt:1.0.36:*:*:*:*:*:*:*",
"matchCriteriaId": "06135620-B0C1-480E-84EA-C8AABC2D9D68"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://github.com/WebAssembly/wabt/issues/2557", "url": "https://github.com/WebAssembly/wabt/issues/2557",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking"
]
}, },
{ {
"url": "https://github.com/WebAssembly/wabt/issues/2557#issue-2900405517", "url": "https://github.com/WebAssembly/wabt/issues/2557#issue-2900405517",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.300544", "url": "https://vuldb.com/?ctiid.300544",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?id.300544", "url": "https://vuldb.com/?id.300544",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?submit.515406", "url": "https://vuldb.com/?submit.515406",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
} }
] ]
} }

12
CVE-2025/CVE-2025-261xx/CVE-2025-26125.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-26125", "id": "CVE-2025-26125",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-03-17T18:15:21.763", "published": "2025-03-17T18:15:21.763",
"lastModified": "2025-03-19T19:15:46.717", "lastModified": "2025-03-24T13:15:25.920",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -22,20 +22,20 @@
"type": "Secondary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:H", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 6.8, "baseScore": 7.3,
"baseSeverity": "MEDIUM", "baseSeverity": "HIGH",
"attackVector": "LOCAL", "attackVector": "LOCAL",
"attackComplexity": "LOW", "attackComplexity": "LOW",
"privilegesRequired": "LOW", "privilegesRequired": "LOW",
"userInteraction": "REQUIRED", "userInteraction": "REQUIRED",
"scope": "UNCHANGED", "scope": "UNCHANGED",
"confidentialityImpact": "LOW", "confidentialityImpact": "HIGH",
"integrityImpact": "HIGH", "integrityImpact": "HIGH",
"availabilityImpact": "HIGH" "availabilityImpact": "HIGH"
}, },
"exploitabilityScore": 1.3, "exploitabilityScore": 1.3,
"impactScore": 5.5 "impactScore": 5.9
} }
] ]
}, },

29
CVE-2025/CVE-2025-267xx/CVE-2025-26796.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-26796", "id": "CVE-2025-26796",
"sourceIdentifier": "security@apache.org", "sourceIdentifier": "security@apache.org",
"published": "2025-03-22T13:15:35.513", "published": "2025-03-22T13:15:35.513",
"lastModified": "2025-03-22T14:15:16.537", "lastModified": "2025-03-24T14:15:18.500",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [ "cveTags": [
{ {
"sourceIdentifier": "security@apache.org", "sourceIdentifier": "security@apache.org",
@ -18,7 +18,30 @@
"value": "** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache Oozie.\n\nThis issue affects Apache Oozie: all versions.\n\nAs this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.\n\nNOTE: This vulnerability only affects products that are no longer supported by the maintainer." "value": "** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache Oozie.\n\nThis issue affects Apache Oozie: all versions.\n\nAs this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.\n\nNOTE: This vulnerability only affects products that are no longer supported by the maintainer."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "security@apache.org", "source": "security@apache.org",

16
CVE-2025/CVE-2025-26xx/CVE-2025-2621.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2621", "id": "CVE-2025-2621",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-22T17:15:34.790", "published": "2025-03-22T17:15:34.790",
"lastModified": "2025-03-22T17:15:34.790", "lastModified": "2025-03-24T13:15:26.220",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [ "cveTags": [
{ {
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
@ -16,6 +16,10 @@
{ {
"lang": "en", "lang": "en",
"value": "A vulnerability was found in D-Link DAP-1620 1.03 and classified as critical. This issue affects the function check_dws_cookie of the file /storage. The manipulation of the argument uid leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer." "value": "A vulnerability was found in D-Link DAP-1620 1.03 and classified as critical. This issue affects the function check_dws_cookie of the file /storage. The manipulation of the argument uid leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer."
},
{
"lang": "es",
"value": "Se detect\u00f3 una vulnerabilidad en D-Link DAP-1620 1.03, clasificada como cr\u00edtica. Este problema afecta a la funci\u00f3n check_dws_cookie del archivo /storage. La manipulaci\u00f3n del argumento uid provoca un desbordamiento del b\u00fafer en la pila. El ataque puede iniciarse remotamente. Se ha hecho p\u00fablico el exploit y puede que sea utilizado. Esta vulnerabilidad solo afecta a los productos que ya no reciben soporte del fabricante."
} }
], ],
"metrics": { "metrics": {
@ -66,7 +70,7 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
@ -114,7 +118,7 @@
"weaknesses": [ "weaknesses": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -147,6 +151,10 @@
{ {
"url": "https://www.dlink.com/", "url": "https://www.dlink.com/",
"source": "cna@vuldb.com" "source": "cna@vuldb.com"
},
{
"url": "https://witty-maiasaura-083.notion.site/D-link-DAP-1620-check_dws_uid-Vulnerability-1b4b2f2a63618025b049f6e62a1835c0",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
} }
] ]
} }

16
CVE-2025/CVE-2025-26xx/CVE-2025-2624.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-2624", "id": "CVE-2025-2624",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-22T19:15:34.450", "published": "2025-03-22T19:15:34.450",
"lastModified": "2025-03-22T19:15:34.450", "lastModified": "2025-03-24T13:15:26.373",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A vulnerability was found in westboy CicadasCMS 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /system/cms/content/save. The manipulation of the argument content/fujian/laiyuan leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." "value": "A vulnerability was found in westboy CicadasCMS 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /system/cms/content/save. The manipulation of the argument content/fujian/laiyuan leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en Westboy CicadasCMS 1.0. Se ha clasificado como cr\u00edtica. Este problema afecta a una funcionalidad desconocida del archivo /system/cms/content/save. La manipulaci\u00f3n del argumento content/fujian/laiyuan provoca una inyecci\u00f3n SQL. El ataque puede ejecutarse remotamente. Se ha hecho p\u00fablico el exploit y puede que sea utilizado."
} }
], ],
"metrics": { "metrics": {
@ -59,7 +63,7 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +111,7 @@
"weaknesses": [ "weaknesses": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -136,6 +140,10 @@
{ {
"url": "https://vuldb.com/?submit.519295", "url": "https://vuldb.com/?submit.519295",
"source": "cna@vuldb.com" "source": "cna@vuldb.com"
},
{
"url": "https://github.com/IceFoxH/VULN/issues/11",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
} }
] ]
} }

16
CVE-2025/CVE-2025-26xx/CVE-2025-2625.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-2625", "id": "CVE-2025-2625",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-22T20:15:12.470", "published": "2025-03-22T20:15:12.470",
"lastModified": "2025-03-22T20:15:12.470", "lastModified": "2025-03-24T13:15:26.507",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A vulnerability classified as critical has been found in westboy CicadasCMS 1.0. This affects an unknown part of the file /system/cms/content/page. The manipulation of the argument orderField/orderDirection leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." "value": "A vulnerability classified as critical has been found in westboy CicadasCMS 1.0. This affects an unknown part of the file /system/cms/content/page. The manipulation of the argument orderField/orderDirection leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha detectado una vulnerabilidad cr\u00edtica en westboy CicadasCMS 1.0. Esta afecta a una parte desconocida del archivo /system/cms/content/page. La manipulaci\u00f3n del argumento orderField/orderDirection provoca una inyecci\u00f3n SQL. Es posible iniciar el ataque de forma remota. Se ha hecho p\u00fablico el exploit y puede que sea utilizado."
} }
], ],
"metrics": { "metrics": {
@ -59,7 +63,7 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +111,7 @@
"weaknesses": [ "weaknesses": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -136,6 +140,10 @@
{ {
"url": "https://vuldb.com/?submit.519296", "url": "https://vuldb.com/?submit.519296",
"source": "cna@vuldb.com" "source": "cna@vuldb.com"
},
{
"url": "https://github.com/IceFoxH/VULN/issues/12",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
} }
] ]
} }

16
CVE-2025/CVE-2025-26xx/CVE-2025-2626.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-2626", "id": "CVE-2025-2626",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-22T21:15:36.817", "published": "2025-03-22T21:15:36.817",
"lastModified": "2025-03-22T21:15:36.817", "lastModified": "2025-03-24T13:15:26.627",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A vulnerability classified as critical was found in SourceCodester Kortex Lite Advocate Office Management System 1.0. This vulnerability affects unknown code of the file edit_case.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." "value": "A vulnerability classified as critical was found in SourceCodester Kortex Lite Advocate Office Management System 1.0. This vulnerability affects unknown code of the file edit_case.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad clasificada como cr\u00edtica en SourceCodester Kortex Lite Advocate Office Management System 1.0. Esta vulnerabilidad afecta al c\u00f3digo desconocido del archivo edit_case.php. La manipulaci\u00f3n del ID del argumento provoca una inyecci\u00f3n SQL. El ataque puede iniciarse remotamente. Se ha hecho p\u00fablico el exploit y puede que sea utilizado."
} }
], ],
"metrics": { "metrics": {
@ -59,7 +63,7 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +111,7 @@
"weaknesses": [ "weaknesses": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -140,6 +144,10 @@
{ {
"url": "https://www.sourcecodester.com/", "url": "https://www.sourcecodester.com/",
"source": "cna@vuldb.com" "source": "cna@vuldb.com"
},
{
"url": "https://github.com/Hefei-Coffee/cve/issues/16",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
} }
] ]
} }

16
CVE-2025/CVE-2025-26xx/CVE-2025-2628.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-2628", "id": "CVE-2025-2628",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-22T22:15:12.160", "published": "2025-03-22T22:15:12.160",
"lastModified": "2025-03-22T22:15:12.160", "lastModified": "2025-03-24T14:15:19.187",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A vulnerability, which was classified as critical, was found in PHPGurukul Art Gallery Management System 1.1. Affected is an unknown function of the file /art-enquiry.php. The manipulation of the argument eid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." "value": "A vulnerability, which was classified as critical, was found in PHPGurukul Art Gallery Management System 1.1. Affected is an unknown function of the file /art-enquiry.php. The manipulation of the argument eid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad clasificada como cr\u00edtica en PHPGurukul Art Gallery Management System 1.1. La funci\u00f3n afectada es desconocida en el archivo /art-enquiry.php. La manipulaci\u00f3n del argumento eid provoca una inyecci\u00f3n SQL. Es posible ejecutar el ataque de forma remota. Se ha hecho p\u00fablico el exploit y puede que sea utilizado."
} }
], ],
"metrics": { "metrics": {
@ -59,7 +63,7 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +111,7 @@
"weaknesses": [ "weaknesses": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -140,6 +144,10 @@
{ {
"url": "https://vuldb.com/?submit.519615", "url": "https://vuldb.com/?submit.519615",
"source": "cna@vuldb.com" "source": "cna@vuldb.com"
},
{
"url": "https://github.com/ydnd/cve/issues/3",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
} }
] ]
} }

12
CVE-2025/CVE-2025-26xx/CVE-2025-2637.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2637", "id": "CVE-2025-2637",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-23T00:15:26.223", "published": "2025-03-23T00:15:26.223",
"lastModified": "2025-03-23T00:15:26.223", "lastModified": "2025-03-24T14:15:19.310",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -59,7 +59,7 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
@ -107,7 +107,7 @@
"weaknesses": [ "weaknesses": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -136,6 +136,10 @@
{ {
"url": "https://vuldb.com/?submit.519632", "url": "https://vuldb.com/?submit.519632",
"source": "cna@vuldb.com" "source": "cna@vuldb.com"
},
{
"url": "https://github.com/H3rmesk1t/vulnerability-paper/blob/main/jizhiCMS-1.7.0-Incorrect%20Access%20Control.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
} }
] ]
} }

12
CVE-2025/CVE-2025-26xx/CVE-2025-2638.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2638", "id": "CVE-2025-2638",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-23T02:15:24.877", "published": "2025-03-23T02:15:24.877",
"lastModified": "2025-03-23T02:15:24.877", "lastModified": "2025-03-24T14:15:19.430",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -59,7 +59,7 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
@ -107,7 +107,7 @@
"weaknesses": [ "weaknesses": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -136,6 +136,10 @@
{ {
"url": "https://vuldb.com/?submit.519633", "url": "https://vuldb.com/?submit.519633",
"source": "cna@vuldb.com" "source": "cna@vuldb.com"
},
{
"url": "https://github.com/H3rmesk1t/vulnerability-paper/blob/main/jizhiCMS-1.7.0-Incorrect%20Access%20Control2.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
} }
] ]
} }

12
CVE-2025/CVE-2025-26xx/CVE-2025-2641.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2641", "id": "CVE-2025-2641",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-23T05:15:12.020", "published": "2025-03-23T05:15:12.020",
"lastModified": "2025-03-23T05:15:12.020", "lastModified": "2025-03-24T13:15:26.757",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -59,7 +59,7 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +107,7 @@
"weaknesses": [ "weaknesses": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -140,6 +140,10 @@
{ {
"url": "https://vuldb.com/?submit.519768", "url": "https://vuldb.com/?submit.519768",
"source": "cna@vuldb.com" "source": "cna@vuldb.com"
},
{
"url": "https://github.com/liuhao2638/cve/issues/2",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
} }
] ]
} }

12
CVE-2025/CVE-2025-26xx/CVE-2025-2642.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2642", "id": "CVE-2025-2642",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-23T07:15:12.103", "published": "2025-03-23T07:15:12.103",
"lastModified": "2025-03-23T07:15:12.103", "lastModified": "2025-03-24T13:15:26.883",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -59,7 +59,7 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +107,7 @@
"weaknesses": [ "weaknesses": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -140,6 +140,10 @@
{ {
"url": "https://vuldb.com/?submit.519769", "url": "https://vuldb.com/?submit.519769",
"source": "cna@vuldb.com" "source": "cna@vuldb.com"
},
{
"url": "https://github.com/liuhao2638/cve/issues/3",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
} }
] ]
} }

12
CVE-2025/CVE-2025-26xx/CVE-2025-2643.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2643", "id": "CVE-2025-2643",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-23T08:15:11.860", "published": "2025-03-23T08:15:11.860",
"lastModified": "2025-03-23T08:15:11.860", "lastModified": "2025-03-24T13:15:27.007",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -59,7 +59,7 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +107,7 @@
"weaknesses": [ "weaknesses": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -140,6 +140,10 @@
{ {
"url": "https://vuldb.com/?submit.519772", "url": "https://vuldb.com/?submit.519772",
"source": "cna@vuldb.com" "source": "cna@vuldb.com"
},
{
"url": "https://github.com/liuhao2638/cve/issues/6",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
} }
] ]
} }

12
CVE-2025/CVE-2025-26xx/CVE-2025-2644.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2644", "id": "CVE-2025-2644",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-23T08:15:12.743", "published": "2025-03-23T08:15:12.743",
"lastModified": "2025-03-23T08:15:12.743", "lastModified": "2025-03-24T13:15:27.143",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -59,7 +59,7 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +107,7 @@
"weaknesses": [ "weaknesses": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -140,6 +140,10 @@
{ {
"url": "https://vuldb.com/?submit.519773", "url": "https://vuldb.com/?submit.519773",
"source": "cna@vuldb.com" "source": "cna@vuldb.com"
},
{
"url": "https://github.com/liuhao2638/cve/issues/7",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
} }
] ]
} }

12
CVE-2025/CVE-2025-26xx/CVE-2025-2645.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2645", "id": "CVE-2025-2645",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-23T09:15:16.060", "published": "2025-03-23T09:15:16.060",
"lastModified": "2025-03-23T09:15:16.060", "lastModified": "2025-03-24T13:15:27.263",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -59,7 +59,7 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
@ -107,7 +107,7 @@
"weaknesses": [ "weaknesses": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -140,6 +140,10 @@
{ {
"url": "https://vuldb.com/?submit.519775", "url": "https://vuldb.com/?submit.519775",
"source": "cna@vuldb.com" "source": "cna@vuldb.com"
},
{
"url": "https://github.com/liuhao2638/cve/issues/8",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
} }
] ]
} }

12
CVE-2025/CVE-2025-26xx/CVE-2025-2646.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2646", "id": "CVE-2025-2646",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-23T10:15:12.810", "published": "2025-03-23T10:15:12.810",
"lastModified": "2025-03-23T10:15:12.810", "lastModified": "2025-03-24T13:15:27.390",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -59,7 +59,7 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +107,7 @@
"weaknesses": [ "weaknesses": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -140,6 +140,10 @@
{ {
"url": "https://vuldb.com/?submit.519776", "url": "https://vuldb.com/?submit.519776",
"source": "cna@vuldb.com" "source": "cna@vuldb.com"
},
{
"url": "https://github.com/liuhao2638/cve/issues/9",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
} }
] ]
} }

12
CVE-2025/CVE-2025-26xx/CVE-2025-2647.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2647", "id": "CVE-2025-2647",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-23T11:15:34.133", "published": "2025-03-23T11:15:34.133",
"lastModified": "2025-03-23T11:15:34.133", "lastModified": "2025-03-24T13:15:27.513",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -59,7 +59,7 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +107,7 @@
"weaknesses": [ "weaknesses": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -140,6 +140,10 @@
{ {
"url": "https://vuldb.com/?submit.519777", "url": "https://vuldb.com/?submit.519777",
"source": "cna@vuldb.com" "source": "cna@vuldb.com"
},
{
"url": "https://github.com/liuhao2638/cve/issues/10",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
} }
] ]
} }

12
CVE-2025/CVE-2025-26xx/CVE-2025-2648.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2648", "id": "CVE-2025-2648",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-23T12:15:12.110", "published": "2025-03-23T12:15:12.110",
"lastModified": "2025-03-23T12:15:12.110", "lastModified": "2025-03-24T13:15:27.633",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -59,7 +59,7 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +107,7 @@
"weaknesses": [ "weaknesses": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -140,6 +140,10 @@
{ {
"url": "https://vuldb.com/?submit.519779", "url": "https://vuldb.com/?submit.519779",
"source": "cna@vuldb.com" "source": "cna@vuldb.com"
},
{
"url": "https://github.com/liuhao2638/cve/issues/11",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
} }
] ]
} }

12
CVE-2025/CVE-2025-26xx/CVE-2025-2650.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2650", "id": "CVE-2025-2650",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-23T14:15:13.797", "published": "2025-03-23T14:15:13.797",
"lastModified": "2025-03-23T14:15:13.797", "lastModified": "2025-03-24T14:15:19.550",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -59,7 +59,7 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
@ -107,7 +107,7 @@
"weaknesses": [ "weaknesses": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -140,6 +140,10 @@
{ {
"url": "https://vuldb.com/?submit.519781", "url": "https://vuldb.com/?submit.519781",
"source": "cna@vuldb.com" "source": "cna@vuldb.com"
},
{
"url": "https://github.com/liuhao2638/cve/issues/13",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
} }
] ]
} }

12
CVE-2025/CVE-2025-26xx/CVE-2025-2652.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2652", "id": "CVE-2025-2652",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-23T15:15:13.737", "published": "2025-03-23T15:15:13.737",
"lastModified": "2025-03-23T15:15:13.737", "lastModified": "2025-03-24T13:15:27.757",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -59,7 +59,7 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
@ -107,7 +107,7 @@
"weaknesses": [ "weaknesses": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -140,6 +140,10 @@
{ {
"url": "https://www.sourcecodester.com/", "url": "https://www.sourcecodester.com/",
"source": "cna@vuldb.com" "source": "cna@vuldb.com"
},
{
"url": "https://github.com/happytraveller-alone/cve/blob/main/dir.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
} }
] ]
} }

12
CVE-2025/CVE-2025-26xx/CVE-2025-2654.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2654", "id": "CVE-2025-2654",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-23T16:15:13.840", "published": "2025-03-23T16:15:13.840",
"lastModified": "2025-03-23T16:15:13.840", "lastModified": "2025-03-24T13:15:27.943",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -59,7 +59,7 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +107,7 @@
"weaknesses": [ "weaknesses": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Primary", "type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -140,6 +140,10 @@
{ {
"url": "https://www.sourcecodester.com/", "url": "https://www.sourcecodester.com/",
"source": "cna@vuldb.com" "source": "cna@vuldb.com"
},
{
"url": "https://github.com/Colorado-all/cve/blob/main/AC%20Repair%20and%20Services%20System%20using/SQL-4.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
} }
] ]
} }

18
CVE-2025/CVE-2025-26xx/CVE-2025-2691.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2691", "id": "CVE-2025-2691",
"sourceIdentifier": "report@snyk.io", "sourceIdentifier": "report@snyk.io",
"published": "2025-03-23T15:15:13.940", "published": "2025-03-23T15:15:13.940",
"lastModified": "2025-03-23T15:15:13.940", "lastModified": "2025-03-24T13:15:28.787",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -89,12 +89,26 @@
"value": "CWE-918" "value": "CWE-918"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://security.snyk.io/vuln/SNYK-JS-NOSSRF-9510842", "url": "https://security.snyk.io/vuln/SNYK-JS-NOSSRF-9510842",
"source": "report@snyk.io" "source": "report@snyk.io"
},
{
"url": "https://security.snyk.io/vuln/SNYK-JS-NOSSRF-9510842",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
} }
] ]
} }

29
CVE-2025/CVE-2025-275xx/CVE-2025-27553.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-27553", "id": "CVE-2025-27553",
"sourceIdentifier": "security@apache.org", "sourceIdentifier": "security@apache.org",
"published": "2025-03-23T15:15:13.377", "published": "2025-03-23T15:15:13.377",
"lastModified": "2025-03-23T19:15:14.350", "lastModified": "2025-03-24T14:15:18.687",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -11,7 +11,30 @@
"value": "Relative Path Traversal vulnerability in Apache Commons VFS before 2.10.0.\n\nThe FileObject API in Commons VFS has a 'resolveFile' method that\ntakes a 'scope' parameter. Specifying 'NameScope.DESCENDENT' promises that \"an exception is thrown if the resolved file is not a descendent of\nthe base file\". However, when the path contains encoded \"..\"\ncharacters (for example, \"%2E%2E/bar.txt\"), it might return file objects that are not\na descendent of the base file, without throwing an exception.\nThis issue affects Apache Commons VFS: before 2.10.0.\n\nUsers are recommended to upgrade to version 2.10.0, which fixes the issue." "value": "Relative Path Traversal vulnerability in Apache Commons VFS before 2.10.0.\n\nThe FileObject API in Commons VFS has a 'resolveFile' method that\ntakes a 'scope' parameter. Specifying 'NameScope.DESCENDENT' promises that \"an exception is thrown if the resolved file is not a descendent of\nthe base file\". However, when the path contains encoded \"..\"\ncharacters (for example, \"%2E%2E/bar.txt\"), it might return file objects that are not\na descendent of the base file, without throwing an exception.\nThis issue affects Apache Commons VFS: before 2.10.0.\n\nUsers are recommended to upgrade to version 2.10.0, which fixes the issue."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "security@apache.org", "source": "security@apache.org",

43
CVE-2025/CVE-2025-291xx/CVE-2025-29101.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-29101", "id": "CVE-2025-29101",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-03-20T13:15:36.467", "published": "2025-03-20T13:15:36.467",
"lastModified": "2025-03-20T13:15:36.467", "lastModified": "2025-03-24T14:15:18.843",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,11 +15,50 @@
"value": "Se descubri\u00f3 que Tenda AC8V4.0 V16.03.34.06 contiene un desbordamiento de pila a trav\u00e9s del par\u00e1metro deviceid en la funci\u00f3n get_parentControl_list_Info." "value": "Se descubri\u00f3 que Tenda AC8V4.0 V16.03.34.06 contiene un desbordamiento de pila a trav\u00e9s del par\u00e1metro deviceid en la funci\u00f3n get_parentControl_list_Info."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/Raining-101/IOT_cve/blob/main/tenda-ac8_get_parentControl_list_Info_overflow.md", "url": "https://github.com/Raining-101/IOT_cve/blob/main/tenda-ac8_get_parentControl_list_Info_overflow.md",
"source": "cve@mitre.org" "source": "cve@mitre.org"
},
{
"url": "https://github.com/Raining-101/IOT_cve/blob/main/tenda-ac8_get_parentControl_list_Info_overflow.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
} }
] ]
} }

18
CVE-2025/CVE-2025-298xx/CVE-2025-29806.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-29806", "id": "CVE-2025-29806",
"sourceIdentifier": "secure@microsoft.com", "sourceIdentifier": "secure@microsoft.com",
"published": "2025-03-23T17:15:29.450", "published": "2025-03-23T17:15:29.450",
"lastModified": "2025-03-23T17:15:29.450", "lastModified": "2025-03-24T13:15:26.083",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,7 +15,7 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "secure@microsoft.com", "source": "secure@microsoft.com",
"type": "Primary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
@ -35,6 +35,18 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29806", "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29806",

39
CVE-2025/CVE-2025-300xx/CVE-2025-30092.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-30092", "id": "CVE-2025-30092",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-03-19T21:15:41.293", "published": "2025-03-19T21:15:41.293",
"lastModified": "2025-03-19T21:15:41.293", "lastModified": "2025-03-24T14:15:20.007",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "Intrexx Portal Server 12.x <= 12.0.2 y 11.x <= 11.9.2 permite XSS en m\u00faltiples scripts de Velocity." "value": "Intrexx Portal Server 12.x <= 12.0.2 y 11.x <= 11.9.2 permite XSS en m\u00faltiples scripts de Velocity."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://security.intrexx.com/en/security-advisories/ixsa-20250310-02/", "url": "https://security.intrexx.com/en/security-advisories/ixsa-20250310-02/",

182
CVE-2025/CVE-2025-303xx/CVE-2025-30346.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-30346", "id": "CVE-2025-30346",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-03-21T07:15:37.350", "published": "2025-03-21T07:15:37.350",
"lastModified": "2025-03-21T07:15:37.350", "lastModified": "2025-03-24T14:47:51.437",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.2, "exploitabilityScore": 2.2,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.2,
"impactScore": 2.5
} }
] ]
}, },
@ -49,12 +69,168 @@
"value": "CWE-444" "value": "CWE-444"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-444"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.11:r1:*:*:*:*:*:*",
"matchCriteriaId": "943E3FE8-EA6D-4500-8014-697A9A0CEF91"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.11:r2:*:*:*:*:*:*",
"matchCriteriaId": "F2CBF396-441D-44F2-BAFF-D3B2A981FBCD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.11:r3:*:*:*:*:*:*",
"matchCriteriaId": "136343D5-80C1-4F83-8471-2C26F9FD492A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.11:r4:*:*:*:*:*:*",
"matchCriteriaId": "A34B5F57-B86F-41CB-A3D8-9084960D3E45"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.11:r5:*:*:*:*:*:*",
"matchCriteriaId": "F56C6B72-1648-4BC7-A1E6-909DD51DAA30"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.11:r6:*:*:*:*:*:*",
"matchCriteriaId": "F6A98E3A-74A4-46AB-BE58-EA0BF9D5EF89"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.11:r7:*:*:*:*:*:*",
"matchCriteriaId": "27571EA4-E959-4B6B-A7BA-ED18C42D59B8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.12:r1:*:*:*:*:*:*",
"matchCriteriaId": "D94DA623-9D4C-4E20-9187-084B1F26115F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.12:r2:*:*:*:*:*:*",
"matchCriteriaId": "EA7B6AAB-DB21-42EA-B363-C17290E0A05E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.12:r3:*:*:*:*:*:*",
"matchCriteriaId": "7E00CC49-4237-44EC-8CE5-695F99222B91"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.12:r4:*:*:*:*:*:*",
"matchCriteriaId": "6C052A78-5D8B-4249-B298-E1AEA6A80B5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.12:r5:*:*:*:*:*:*",
"matchCriteriaId": "233436C7-4DE1-4780-A074-B83864B023CF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.12:r6:*:*:*:*:*:*",
"matchCriteriaId": "2D5CE182-CC6C-4D6C-A481-D467C09756B4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.12:r7:*:*:*:*:*:*",
"matchCriteriaId": "EFDE0DA4-9EDE-4EB9-870E-8402DD590566"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.12:r8:*:*:*:*:*:*",
"matchCriteriaId": "092A6346-A101-44D8-A5B2-8178B251CB6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.12:r9:*:*:*:*:*:*",
"matchCriteriaId": "8A5DAC70-FD7A-4E8A-B5E3-5380CDE0A7F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.13:r1:*:*:*:*:*:*",
"matchCriteriaId": "7345B2F1-A33C-430E-9DB9-52BF63F750A8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.13:r2:*:*:*:*:*:*",
"matchCriteriaId": "5C977CB4-E9E8-49B4-9D2A-B5DFA088EA1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.13:r3:*:*:*:*:*:*",
"matchCriteriaId": "F0FEF673-0DED-4646-B5C2-3D5A4617380F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.13:r4:*:*:*:*:*:*",
"matchCriteriaId": "E2128880-BA15-414B-84F0-E57B96DF376C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.13:r5:*:*:*:*:*:*",
"matchCriteriaId": "A9C9D8DF-86F8-4020-AC66-EF8367A11EDC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.13:r6:*:*:*:*:*:*",
"matchCriteriaId": "132F60B2-FADA-479E-B45E-166046A2567C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.13:r7:*:*:*:*:*:*",
"matchCriteriaId": "E4FB05CB-0966-43CD-84AA-B4F2DA181446"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.13:r8:*:*:*:*:*:*",
"matchCriteriaId": "2AAA8F5B-F974-4493-9573-F60CC9E084A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.13:r9:*:*:*:*:*:*",
"matchCriteriaId": "B67CD7FB-4810-4AFA-BD4D-F2AB2A41D0A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish_cache_project:varnish_cache:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.6.2",
"matchCriteriaId": "757060EC-9D22-4B11-9112-648A9B8A22F2"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://varnish-cache.org/security/VSV00015.html", "url": "https://varnish-cache.org/security/VSV00015.html",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

107
CVE-2025/CVE-2025-303xx/CVE-2025-30347.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-30347", "id": "CVE-2025-30347",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-03-21T07:15:37.527", "published": "2025-03-21T07:15:37.527",
"lastModified": "2025-03-21T07:15:37.527", "lastModified": "2025-03-24T14:19:23.963",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.2, "exploitabilityScore": 2.2,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -49,12 +69,93 @@
"value": "CWE-125" "value": "CWE-125"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.13:r10:*:*:*:*:*:*",
"matchCriteriaId": "D5975FD1-9072-41BC-90DD-2623499C0596"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.13:r11:*:*:*:*:*:*",
"matchCriteriaId": "0E789035-901F-4D2D-B2A5-A59D7027C774"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.13:r12:*:*:*:*:*:*",
"matchCriteriaId": "2D8B185D-B4A9-42DE-8997-8E6ECF3B4DE7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.13:r2:*:*:*:*:*:*",
"matchCriteriaId": "5C977CB4-E9E8-49B4-9D2A-B5DFA088EA1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.13:r3:*:*:*:*:*:*",
"matchCriteriaId": "F0FEF673-0DED-4646-B5C2-3D5A4617380F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.13:r4:*:*:*:*:*:*",
"matchCriteriaId": "E2128880-BA15-414B-84F0-E57B96DF376C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.13:r5:*:*:*:*:*:*",
"matchCriteriaId": "A9C9D8DF-86F8-4020-AC66-EF8367A11EDC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.13:r6:*:*:*:*:*:*",
"matchCriteriaId": "132F60B2-FADA-479E-B45E-166046A2567C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.13:r7:*:*:*:*:*:*",
"matchCriteriaId": "E4FB05CB-0966-43CD-84AA-B4F2DA181446"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.13:r8:*:*:*:*:*:*",
"matchCriteriaId": "2AAA8F5B-F974-4493-9573-F60CC9E084A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.13:r9:*:*:*:*:*:*",
"matchCriteriaId": "B67CD7FB-4810-4AFA-BD4D-F2AB2A41D0A4"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://docs.varnish-software.com/security/VEV00001/", "url": "https://docs.varnish-software.com/security/VEV00001/",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Mitigation",
"Vendor Advisory"
]
} }
] ]
} }

71
CVE-2025/CVE-2025-303xx/CVE-2025-30348.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-30348", "id": "CVE-2025-30348",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-03-21T07:15:37.673", "published": "2025-03-21T07:15:37.673",
"lastModified": "2025-03-21T07:15:37.673", "lastModified": "2025-03-24T14:08:36.513",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
} }
] ]
}, },
@ -49,12 +69,57 @@
"value": "CWE-407" "value": "CWE-407"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-407"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.19",
"matchCriteriaId": "EE4D111C-B1A7-4A17-AA3D-4A7F81D81F82"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.0",
"versionEndExcluding": "6.5.9",
"matchCriteriaId": "2052B596-AF66-4AB5-9353-7DF480123D7B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6.0",
"versionEndExcluding": "6.8.0",
"matchCriteriaId": "2F90A01A-9D6A-4094-A589-D1188D83C9FE"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://codereview.qt-project.org/c/qt/qtbase/+/581442", "url": "https://codereview.qt-project.org/c/qt/qtbase/+/581442",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Patch"
]
} }
] ]
} }

56
CVE-2025/CVE-2025-305xx/CVE-2025-30521.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-30521",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-03-24T14:15:20.170",
"lastModified": "2025-03-24T14:15:20.170",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in giangmd93 GP Back To Top allows Cross Site Request Forgery. This issue affects GP Back To Top: from n/a through 3.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/gp-back-to-top/vulnerability/wordpress-gp-back-to-top-plugin-3-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-305xx/CVE-2025-30522.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-30522",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-03-24T14:15:20.397",
"lastModified": "2025-03-24T14:15:20.397",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Damian Orzol Contact Form 7 Material Design allows Stored XSS. This issue affects Contact Form 7 Material Design: from n/a through 1.0.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/cf7-material-design/vulnerability/wordpress-contact-form-7-material-design-plugin-1-0-0-csrf-to-stored-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-305xx/CVE-2025-30523.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-30523",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-03-24T14:15:20.593",
"lastModified": "2025-03-24T14:15:20.593",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Marcel-NL Super Simple Subscriptions allows SQL Injection. This issue affects Super Simple Subscriptions: from n/a through 1.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.3,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/super-simple-subscriptions/vulnerability/wordpress-super-simple-subscriptions-plugin-1-1-0-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-305xx/CVE-2025-30525.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-30525",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-03-24T14:15:20.757",
"lastModified": "2025-03-24T14:15:20.757",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ProfitShare.ro WP Profitshare allows SQL Injection. This issue affects WP Profitshare: from n/a through 1.4.9."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.3,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/wp-profitshare/vulnerability/wordpress-wp-profitshare-plugin-1-4-9-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-305xx/CVE-2025-30526.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-30526",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-03-24T14:15:20.920",
"lastModified": "2025-03-24T14:15:20.920",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in lucksy Typekit plugin for WordPress allows Cross Site Request Forgery. This issue affects Typekit plugin for WordPress: from n/a through 1.2.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/typekit/vulnerability/wordpress-typekit-plugin-1-2-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-305xx/CVE-2025-30527.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-30527",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-03-24T14:15:21.083",
"lastModified": "2025-03-24T14:15:21.083",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in codetoolbox My Bootstrap Menu allows Stored XSS. This issue affects My Bootstrap Menu: from n/a through 1.2.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/my-bootstrap-menu/vulnerability/wordpress-my-bootstrap-menu-plugin-1-2-1-stored-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-305xx/CVE-2025-30528.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-30528",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-03-24T14:15:21.240",
"lastModified": "2025-03-24T14:15:21.240",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in wpshopee Awesome Logos allows SQL Injection. This issue affects Awesome Logos: from n/a through 1.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/awesome-logos/vulnerability/wordpress-awesome-logos-plugin-1-2-csrf-to-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-305xx/CVE-2025-30529.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-30529",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-03-24T14:15:21.397",
"lastModified": "2025-03-24T14:15:21.397",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in S\u00e9bastien Dumont Auto Load Next Post allows Cross Site Request Forgery. This issue affects Auto Load Next Post: from n/a through 1.5.14."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/auto-load-next-post/vulnerability/wordpress-auto-load-next-post-plugin-1-5-14-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-305xx/CVE-2025-30530.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-30530",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-03-24T14:15:21.543",
"lastModified": "2025-03-24T14:15:21.543",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Atikul AI Preloader allows Stored XSS. This issue affects AI Preloader: from n/a through 1.0.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/ai-preloader/vulnerability/wordpress-ai-preloader-plugin-1-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-305xx/CVE-2025-30531.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-30531",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-03-24T14:15:21.693",
"lastModified": "2025-03-24T14:15:21.693",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in GBS Developer WP Ride Booking allows Cross Site Request Forgery. This issue affects WP Ride Booking: from n/a through 2.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/wp-ride-booking/vulnerability/wordpress-wp-ride-booking-plugin-2-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-305xx/CVE-2025-30532.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-30532",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-03-24T14:15:21.850",
"lastModified": "2025-03-24T14:15:21.850",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MorganF Weather Layer allows Stored XSS. This issue affects Weather Layer: from n/a through 4.2.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/weather-layer/vulnerability/wordpress-weather-layer-plugin-4-2-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-305xx/CVE-2025-30533.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-30533",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-03-24T14:15:21.993",
"lastModified": "2025-03-24T14:15:21.993",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gopiplus Message ticker allows Stored XSS. This issue affects Message ticker: from n/a through 9.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/message-ticker/vulnerability/wordpress-message-ticker-plugin-9-3-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-305xx/CVE-2025-30534.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-30534",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-03-24T14:15:22.143",
"lastModified": "2025-03-24T14:15:22.143",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in captcha.soft Image Captcha allows Cross Site Request Forgery. This issue affects Image Captcha: from n/a through 1.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/image-captcha/vulnerability/wordpress-image-captcha-plugin-1-2-cross-site-request-forgery-csrf-to-settings-change-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-305xx/CVE-2025-30535.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-30535",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-03-24T14:15:22.297",
"lastModified": "2025-03-24T14:15:22.297",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in muro External image replace allows Cross Site Request Forgery. This issue affects External image replace: from n/a through 1.0.8."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/external-image-replace/vulnerability/wordpress-external-image-replace-plugin-1-0-8-cross-site-request-forgery-csrf-to-settings-change-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-305xx/CVE-2025-30536.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-30536",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-03-24T14:15:22.450",
"lastModified": "2025-03-24T14:15:22.450",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zeitwesentech Beautiful Link Preview allows Stored XSS. This issue affects Beautiful Link Preview: from n/a through 1.5.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/beautiful-link-preview/vulnerability/wordpress-beautiful-link-preview-plugin-1-5-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-305xx/CVE-2025-30537.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-30537",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-03-24T14:15:22.593",
"lastModified": "2025-03-24T14:15:22.593",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cristian Sarov Upload Quota per User allows Stored XSS. This issue affects Upload Quota per User: from n/a through 1.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/upload-quota-per-user/vulnerability/wordpress-upload-quota-per-user-1-3-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-305xx/CVE-2025-30538.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-30538",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-03-24T14:15:22.743",
"lastModified": "2025-03-24T14:15:22.743",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in ChrisHurst Simple Optimizer allows Cross Site Request Forgery. This issue affects Simple Optimizer: from n/a through 1.2.7."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/simple-optimizer/vulnerability/wordpress-simple-optimizer-plugin-1-2-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-305xx/CVE-2025-30539.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-30539",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-03-24T14:15:22.887",
"lastModified": "2025-03-24T14:15:22.887",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Benedikt Mo BMo Expo allows Stored XSS. This issue affects BMo Expo: from n/a through 1.0.15."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/bmo-expo/vulnerability/wordpress-bmo-expo-plugin-1-0-15-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-305xx/CVE-2025-30540.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-30540",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-03-24T14:15:23.030",
"lastModified": "2025-03-24T14:15:23.030",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in avaibook AvaiBook allows Stored XSS. This issue affects AvaiBook: from n/a through 1.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/avaibook/vulnerability/wordpress-avaibook-plugin-1-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-305xx/CVE-2025-30541.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-30541",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-03-24T14:15:23.180",
"lastModified": "2025-03-24T14:15:23.180",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in OTWthemes Info Boxes Shortcode and Widget allows Cross Site Request Forgery. This issue affects Info Boxes Shortcode and Widget: from n/a through 1.15."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/info-boxes-shortcode-and-widget/vulnerability/wordpress-info-boxes-shortcode-and-widgets-plugin-1-15-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-305xx/CVE-2025-30542.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-30542",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-03-24T14:15:23.337",
"lastModified": "2025-03-24T14:15:23.337",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in wpsolutions SoundCloud Ultimate allows Cross Site Request Forgery. This issue affects SoundCloud Ultimate: from n/a through 1.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/soundcloud-ultimate/vulnerability/wordpress-wp-soundcloud-ultimate-plugin-1-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-305xx/CVE-2025-30543.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-30543",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-03-24T14:15:23.483",
"lastModified": "2025-03-24T14:15:23.483",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in swayam.tejwani Menu Duplicator allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Menu Duplicator: from n/a through 1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/copy-menu/vulnerability/wordpress-menu-duplicator-plugin-1-0-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-305xx/CVE-2025-30545.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-30545",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-03-24T14:15:23.653",
"lastModified": "2025-03-24T14:15:23.653",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pixeline issuuPress allows Stored XSS. This issue affects issuuPress: from n/a through 1.3.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/issuupress/vulnerability/wordpress-issuupress-plugin-1-3-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

Some files were not shown because too many files have changed in this diff Show More