admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-06-20T20:00:39.649147+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-06-20 20:04:19 +00:00
parent 37e14a16bb
commit dd76f906fd
59 changed files with 2273 additions and 281 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CVE-2023/CVE-2023-338xx/CVE-2023-33806.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-15T23:15:06.837",
"lastModified": "2024-11-21T08:06:02.147",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2023/CVE-2023-66xx/CVE-2023-6602.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-12-31T15:15:06.240",
"lastModified": "2024-12-31T15:15:06.240",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2023/CVE-2023-66xx/CVE-2023-6603.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-12-31T15:15:07.490",
"lastModified": "2024-12-31T15:15:07.490",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-120xx/CVE-2024-12086.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "secalert@redhat.com",
"published": "2025-01-14T18:15:25.297",
"lastModified": "2025-02-26T15:15:21.020",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-120xx/CVE-2024-12087.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "secalert@redhat.com",
"published": "2025-01-14T18:15:25.467",
"lastModified": "2025-06-02T15:15:27.363",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-210xx/CVE-2024-21088.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2024-04-16T22:15:28.810",
"lastModified": "2024-11-21T08:53:45.673",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-293xx/CVE-2024-29390.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-20T21:15:49.583",
"lastModified": "2025-03-27T20:15:25.893",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-306xx/CVE-2024-30656.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-15T22:15:08.870",
"lastModified": "2024-11-21T09:12:24.060",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-310xx/CVE-2024-31030.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-31T18:15:12.893",
"lastModified": "2024-11-21T09:12:44.697",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-316xx/CVE-2024-31648.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-15T21:15:07.503",
"lastModified": "2024-11-21T09:13:47.353",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-316xx/CVE-2024-31651.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-15T22:15:09.023",
"lastModified": "2024-11-21T09:13:47.943",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-319xx/CVE-2024-31914.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-01-06T16:15:28.320",
"lastModified": "2025-01-06T17:15:36.653",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-338xx/CVE-2024-33894.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-02T18:16:18.837",
"lastModified": "2024-11-21T09:17:41.037",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-344xx/CVE-2024-34451.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-16T22:15:09.130",
"lastModified": "2024-11-21T09:18:42.080",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",

2
CVE-2024/CVE-2024-366xx/CVE-2024-36600.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-14T19:15:50.967",
"lastModified": "2024-11-21T09:22:28.260",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-377xx/CVE-2024-37773.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2024-12-16T22:15:05.947",
"lastModified": "2024-12-17T16:15:25.580",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-377xx/CVE-2024-37774.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2024-12-16T22:15:06.127",
"lastModified": "2024-12-17T15:15:14.210",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-377xx/CVE-2024-37775.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2024-12-16T22:15:06.310",
"lastModified": "2024-12-17T15:15:14.637",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-377xx/CVE-2024-37776.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2024-12-16T22:15:06.490",
"lastModified": "2024-12-17T17:15:09.047",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-383xx/CVE-2024-38396.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-16T21:15:50.730",
"lastModified": "2024-11-21T09:25:36.147",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-384xx/CVE-2024-38446.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-17T17:15:15.340",
"lastModified": "2024-11-21T09:25:53.547",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-384xx/CVE-2024-38447.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-17T18:15:03.990",
"lastModified": "2024-11-21T09:25:53.860",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-384xx/CVE-2024-38467.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-16T16:15:09.877",
"lastModified": "2024-11-21T09:26:00.000",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

60
CVE-2024/CVE-2024-40xx/CVE-2024-4025.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-4025",
"sourceIdentifier": "cve@gitlab.com",
"published": "2025-06-20T19:15:35.290",
"lastModified": "2025-06-20T19:15:35.290",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Denial of Service (DoS) condition has been discovered in GitLab CE/EE affecting all versions from 7.10 prior before 16.11.5, version 17.0 before 17.0.3, and 17.1 before 17.1.1. It is possible for an attacker to cause a denial of service using a crafted markdown page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@gitlab.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "cve@gitlab.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1333"
}
]
}
],
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/457474",
"source": "cve@gitlab.com"
},
{
"url": "https://hackerone.com/reports/2024974",
"source": "cve@gitlab.com"
}
]
}

2
CVE-2024/CVE-2024-463xx/CVE-2024-46340.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2024-12-10T20:15:15.003",
"lastModified": "2025-04-03T16:15:32.550",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-463xx/CVE-2024-46341.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2024-12-10T20:15:15.110",
"lastModified": "2024-12-11T15:15:10.090",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

60
CVE-2024/CVE-2024-49xx/CVE-2024-4994.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-4994",
"sourceIdentifier": "cve@gitlab.com",
"published": "2025-06-20T19:15:35.460",
"lastModified": "2025-06-20T19:15:35.460",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in GitLab CE/EE affecting all versions from 16.1.0 before 16.11.5, all versions starting from 17.0 before 17.0.3, all versions starting from 17.1.0 before 17.1.1 which allowed for a CSRF attack on GitLab's GraphQL API leading to the execution of arbitrary GraphQL mutations."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@gitlab.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "cve@gitlab.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/462012",
"source": "cve@gitlab.com"
},
{
"url": "https://hackerone.com/reports/2473644",
"source": "cve@gitlab.com"
}
]
}

2
CVE-2024/CVE-2024-506xx/CVE-2024-50659.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-07T18:15:19.153",
"lastModified": "2025-01-08T16:15:34.597",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-514xx/CVE-2024-51472.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-01-06T17:15:38.517",
"lastModified": "2025-01-06T17:15:38.517",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-548xx/CVE-2024-54887.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-09T20:15:39.277",
"lastModified": "2025-01-15T21:15:13.820",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-552xx/CVE-2024-55224.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-09T21:15:29.387",
"lastModified": "2025-01-10T18:15:24.053",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-552xx/CVE-2024-55225.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-09T21:15:29.567",
"lastModified": "2025-01-10T18:15:24.530",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-558xx/CVE-2024-55897.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-01-03T23:15:08.573",
"lastModified": "2025-03-13T16:15:25.453",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-560xx/CVE-2024-56072.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2024-12-15T03:15:16.323",
"lastModified": "2024-12-16T17:15:13.500",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-560xx/CVE-2024-56073.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2024-12-15T03:15:16.433",
"lastModified": "2024-12-16T17:15:13.700",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-560xx/CVE-2024-56084.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2024-12-16T06:15:07.070",
"lastModified": "2024-12-23T18:15:07.440",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2025/CVE-2025-20xx/CVE-2025-2056.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "security@wordfence.com",
"published": "2025-03-14T05:15:42.523",
"lastModified": "2025-03-14T05:15:42.523",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2025/CVE-2025-216xx/CVE-2025-21616.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-01-06T22:15:11.023",
"lastModified": "2025-01-07T16:15:40.390",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2025/CVE-2025-222xx/CVE-2025-22275.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-03T05:15:08.243",
"lastModified": "2025-01-03T07:15:25.297",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

60
CVE-2025/CVE-2025-24xx/CVE-2025-2443.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-2443",
"sourceIdentifier": "cve@gitlab.com",
"published": "2025-06-20T18:15:28.270",
"lastModified": "2025-06-20T18:15:28.270",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in GitLab EE that allows for cross-site-scripting attack and content security policy bypass in a user's browser under specific conditions, affecting all versions from 16.6 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@gitlab.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 5.8
}
]
},
"weaknesses": [
{
"source": "cve@gitlab.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/525363",
"source": "cve@gitlab.com"
},
{
"url": "https://hackerone.com/reports/3037340",
"source": "cve@gitlab.com"
}
]
}

102
CVE-2025/CVE-2025-250xx/CVE-2025-25034.json Normal file
View File

@ -0,0 +1,102 @@
{
"id": "CVE-2025-25034",
"sourceIdentifier": "disclosure@vulncheck.com",
"published": "2025-06-20T19:15:35.693",
"lastModified": "2025-06-20T19:15:35.693",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A PHP object injection vulnerability exists in SugarCRM versions prior to 6.5.24, 6.7.13, 7.5.2.5, 7.6.2.2, and 7.7.1.0 due to improper validation of PHP serialized input in the SugarRestSerialize.php script. The vulnerable code fails to sanitize the rest_data parameter before passing it to the unserialize() function. This allows an unauthenticated attacker to submit crafted serialized data containing malicious object declarations, resulting in arbitrary code execution within the application context. Although SugarCRM released a prior fix in advisory sugarcrm-sa-2016-001, the patch was incomplete and failed to address some vectors."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "disclosure@vulncheck.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "disclosure@vulncheck.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/sugarcrm_rest_unserialize_exec.rb",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://karmainsecurity.com/KIS-2016-07",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://vulncheck.com/advisories/sugarcrm-php-deserialization-rce",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://web.archive.org/web/20160508053502/http://www.sugarcrm.com/security/sugarcrm-sa-2016-001",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://web.archive.org/web/20160725194502/http://www.sugarcrm.com/security/sugarcrm-sa-2016-008",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://www.exploit-db.com/exploits/40344",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://www.sugarcrm.com/crm/",
"source": "disclosure@vulncheck.com"
}
]
}

94
CVE-2025/CVE-2025-250xx/CVE-2025-25037.json Normal file
View File

@ -0,0 +1,94 @@
{
"id": "CVE-2025-25037",
"sourceIdentifier": "disclosure@vulncheck.com",
"published": "2025-06-20T19:15:35.870",
"lastModified": "2025-06-20T19:15:35.870",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists in Aquatronica Controller System firmware versions <= 5.1.6 and web interface versions <= 2.0. The tcp.php endpoint fails to restrict unauthenticated access, allowing remote attackers to issue crafted POST requests and retrieve sensitive configuration data, including plaintext administrative credentials. Exploitation of this flaw can lead to full compromise of the system, enabling unauthorized manipulation of connected devices and aquarium parameters."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "disclosure@vulncheck.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"subAvailabilityImpact": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "disclosure@vulncheck.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/encyclopedia/ips/56008",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://vulncheck.com/advisories/aquatronica-controller-system-credential-leak",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://www.aquatronica.com",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://www.exploit-db.com/exploits/52028",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2024-5824.php",
"source": "disclosure@vulncheck.com"
}
]
}

106
CVE-2025/CVE-2025-250xx/CVE-2025-25038.json Normal file
View File

@ -0,0 +1,106 @@
{
"id": "CVE-2025-25038",
"sourceIdentifier": "disclosure@vulncheck.com",
"published": "2025-06-20T19:15:36.050",
"lastModified": "2025-06-20T19:15:36.050",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An OS command injection vulnerability exists in MiniDVBLinux version 5.4 and earlier. The system\u2019s web-based management interface fails to properly sanitize user-supplied input before passing it to operating system commands. A remote unauthenticated attacker can exploit this vulnerability to execute arbitrary commands as the root user, potentially compromising the entire device."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "disclosure@vulncheck.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "disclosure@vulncheck.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://cxsecurity.com/issue/WLB-2022100039",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://packetstormsecurity.com/files/168744/",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://vulncheck.com/advisories/minidvblinux-command-injection",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://www.exploit-db.com/exploits/51096",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://www.fortiguard.com/encyclopedia/ips/52454",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://www.minidvblinux.de",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5717.php",
"source": "disclosure@vulncheck.com"
}
]
}

102
CVE-2025/CVE-2025-340xx/CVE-2025-34021.json Normal file
View File

@ -0,0 +1,102 @@
{
"id": "CVE-2025-34021",
"sourceIdentifier": "disclosure@vulncheck.com",
"published": "2025-06-20T19:15:36.530",
"lastModified": "2025-06-20T19:15:36.530",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A server-side request forgery (SSRF) vulnerability exists in multiple Selea Targa IP OCR-ANPR camera models, including iZero, Targa 512, Targa 504, Targa Semplice, Targa 704 TKM, Targa 805, Targa 710 INOX, Targa 750, and Targa 704 ILB. The application fails to validate user-supplied input in JSON POST parameters such as ipnotify_address and url, which are used by internal mechanisms to perform image fetch and DNS lookups. This allows remote unauthenticated attackers to induce the system to make arbitrary HTTP requests to internal or external systems, potentially bypassing firewall policies or conducting internal service enumeration."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "disclosure@vulncheck.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "LOW",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "disclosure@vulncheck.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://cxsecurity.com/issue/WLB-2021010170",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://packetstorm.news/files/id/161059",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://vulncheck.com/advisories/selea-targa-ip-camera-ssrf",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://www.exploit-db.com/exploits/49457",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://www.selea.com",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5617.php",
"source": "disclosure@vulncheck.com"
}
]
}

98
CVE-2025/CVE-2025-340xx/CVE-2025-34022.json Normal file
View File

@ -0,0 +1,98 @@
{
"id": "CVE-2025-34022",
"sourceIdentifier": "disclosure@vulncheck.com",
"published": "2025-06-20T19:15:36.720",
"lastModified": "2025-06-20T19:15:36.720",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A path traversal vulnerability exists in multiple models of Selea Targa IP OCR-ANPR cameras, including iZero, Targa 512, Targa 504, Targa Semplice, Targa 704 TKM, Targa 805, Targa 710 INOX, Targa 750, and Targa 704 ILB. The /common/get_file.php script in the \u201cDownload Archive in Storage\u201d page fails to properly validate user-supplied input to the file parameter. Unauthenticated remote attackers can exploit this vulnerability to read arbitrary files on the device, including sensitive system files containing cleartext credentials, potentially leading to authentication bypass and exposure of system information."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "disclosure@vulncheck.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"subAvailabilityImpact": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "disclosure@vulncheck.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://cxsecurity.com/issue/WLB-2021010165",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://packetstorm.news/files/id/161057",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://vulncheck.com/advisories/selea-targa-ip-camera-path-traversal",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://www.exploit-db.com/exploits/49456",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://www.selea.com",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5616.php",
"source": "disclosure@vulncheck.com"
}
]
}

90
CVE-2025/CVE-2025-340xx/CVE-2025-34023.json Normal file
View File

@ -0,0 +1,90 @@
{
"id": "CVE-2025-34023",
"sourceIdentifier": "disclosure@vulncheck.com",
"published": "2025-06-20T19:15:36.887",
"lastModified": "2025-06-20T19:15:36.887",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A path traversal vulnerability exists in the Karel IP1211 IP Phone's web management panel. The /cgi-bin/cgiServer.exx endpoint fails to properly sanitize user input to the page parameter, allowing remote authenticated attackers to access arbitrary files on the underlying system by using crafted path traversal sequences (e.g., ../../). This can expose sensitive files such as /etc/passwd and /etc/shadow."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "disclosure@vulncheck.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"subAvailabilityImpact": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "disclosure@vulncheck.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://cxsecurity.com/issue/WLB-2020100038",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://vulncheck.com/advisories/selea-targa-ip-camera-path-traversal",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://web.archive.org/web/20201020023943/https://www.karel.com.tr/urun-cozum/ip1211-ip-telefon",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://www.exploit-db.com/exploits/48857",
"source": "disclosure@vulncheck.com"
}
]
}

94
CVE-2025/CVE-2025-340xx/CVE-2025-34024.json Normal file
View File

@ -0,0 +1,94 @@
{
"id": "CVE-2025-34024",
"sourceIdentifier": "disclosure@vulncheck.com",
"published": "2025-06-20T19:15:37.053",
"lastModified": "2025-06-20T19:15:37.053",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An OS command injection vulnerability exists in the Edimax EW-7438RPn firmware version 1.13 and prior via the mp.asp form handler. The /goform/mp endpoint improperly handles user-supplied input to the command parameter. An authenticated attacker can inject shell commands using shell metacharacters to achieve arbitrary command execution as the root user."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "disclosure@vulncheck.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"subAvailabilityImpact": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "disclosure@vulncheck.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://vulncheck.com/advisories/edimax-ew-7438rpn-command-injections",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://www.broadcom.com/support/security-center/attacksignatures/detail?asid=32163",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://www.edimax.com/edimax/merchandise/merchandise_detail/data/edimax/global/wi-fi_range_extenders_n300/ew-7438rpn_mini/",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://www.exploit-db.com/exploits/48377",
"source": "disclosure@vulncheck.com"
}
]
}

90
CVE-2025/CVE-2025-340xx/CVE-2025-34029.json Normal file
View File

@ -0,0 +1,90 @@
{
"id": "CVE-2025-34029",
"sourceIdentifier": "disclosure@vulncheck.com",
"published": "2025-06-20T19:15:37.210",
"lastModified": "2025-06-20T19:15:37.210",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An OS command injection vulnerability exists in the Edimax EW-7438RPn Mini firmware version 1.13 and prior via the syscmd.asp form handler. The /goform/formSysCmd endpoint exposes a system command interface through the sysCmd parameter. A remote authenticated attacker can submit arbitrary shell commands directly, resulting in command execution as the root user."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "disclosure@vulncheck.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"subAvailabilityImpact": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "disclosure@vulncheck.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://vulncheck.com/advisories/edimax-ew-7438rpn-command-injections",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://www.broadcom.com/support/security-center/attacksignatures/detail?asid=32163",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://www.edimax.com/edimax/merchandise/merchandise_detail/data/edimax/global/wi-fi_range_extenders_n300/ew-7438rpn_mini/",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://www.exploit-db.com/exploits/48377",
"source": "disclosure@vulncheck.com"
}
]
}

94
CVE-2025/CVE-2025-340xx/CVE-2025-34030.json Normal file
View File

@ -0,0 +1,94 @@
{
"id": "CVE-2025-34030",
"sourceIdentifier": "disclosure@vulncheck.com",
"published": "2025-06-20T19:15:37.343",
"lastModified": "2025-06-20T19:15:37.343",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An OS command injection vulnerability exists in sar2html version 3.2.2 and prior via the plot parameter in index.php. The application fails to sanitize user-supplied input before using it in a system-level context. Remote, unauthenticated attackers can inject shell commands by appending them to the plot parameter (e.g., ?plot=;id) in a crafted GET request. The output of the command is displayed in the application's interface after interacting with the host selection UI. Successful exploitation leads to arbitrary command execution on the underlying system."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "disclosure@vulncheck.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"subAvailabilityImpact": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "disclosure@vulncheck.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://github.com/cemtan/sar2html",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://vulncheck.com/advisories/sar2html-command-injection",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://www.exploit-db.com/exploits/47204",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://www.fortiguard.com/encyclopedia/ips/48624",
"source": "disclosure@vulncheck.com"
}
]
}

29
CVE-2025/CVE-2025-461xx/CVE-2025-46158.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2025-46158",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-06-20T18:15:28.440",
"lastModified": "2025-06-20T18:15:28.440",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in redoxOS kernel before commit 5d41cd7c allows a local attacker to cause a denial of service via the `setitimer` syscall"
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Marsman1996/pocs/tree/master/redox/CVE-2025-46158",
"source": "cve@mitre.org"
},
{
"url": "https://gitlab.redox-os.org/redox-os/kernel/-/issues/164",
"source": "cve@mitre.org"
},
{
"url": "https://gitlab.redox-os.org/redox-os/kernel/-/merge_requests/386",
"source": "cve@mitre.org"
}
]
}

60
CVE-2025/CVE-2025-51xx/CVE-2025-5121.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-5121",
"sourceIdentifier": "cve@gitlab.com",
"published": "2025-06-20T18:15:28.913",
"lastModified": "2025-06-20T18:15:28.913",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in GitLab CE/EE affecting all versions from 17.11 before 17.11.4 and 18.0 before 18.0.2. A missing authorization check may have allowed compliance frameworks to be applied to projects outside the compliance framework's group."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@gitlab.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "cve@gitlab.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/545429",
"source": "cve@gitlab.com"
},
{
"url": "https://hackerone.com/reports/3153908",
"source": "cve@gitlab.com"
}
]
}

102
CVE-2025/CVE-2025-524xx/CVE-2025-52484.json Normal file
View File

@ -0,0 +1,102 @@
{
"id": "CVE-2025-52484",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-06-20T18:15:28.747",
"lastModified": "2025-06-20T18:15:28.747",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "RISC Zero is a general computing platform based on zk-STARKs and the RISC-V microarchitecture. Due to a missing constraint in the rv32im circuit, any 3-register RISC-V instruction (including remu and divu) in risc0-zkvm 2.0.0, 2.0.1, and 2.0.2 are vulnerable to an attack by a malicious prover. The main idea for the attack is to confuse the RISC-V virtual machine into treating the value of the rs1 register as the same as the rs2 register due to a lack of constraints in the rv32im circuit. Rust applications using the risc0-zkvm crate at versions 2.0.0, 2.0.1, and 2.0.2 should upgrade to version 2.1.0. Smart contract applications using the official RISC Zero Verifier Router do not need to take any action: zkVM version 2.1 is active on all official routers, and version 2.0 has been disabled. Smart contract applications not using the verifier router should update their contracts to send verification calls to the 2.1 version of the verifier."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 2.7,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "UNREPORTED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-345"
}
]
}
],
"references": [
{
"url": "https://github.com/risc0/risc0/commit/006d86c363b16d2b2ac42d32d832a209ff8ab4c9",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/risc0/risc0/commit/1873bbb8a56793edd1f6195242d184cf6cc5175d",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/risc0/risc0/commit/67f2d81c638bff5f4fcfe11a084ebb34799b7a89",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/risc0/risc0/pull/3181",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/risc0/risc0/security/advisories/GHSA-g3qg-6746-3mg9",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/risc0/zirgen/commit/e0e2918302c93e956f73ca2e44aef2b861d8c3ae",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/risc0/zirgen/pull/238",
"source": "security-advisories@github.com"
}
]
}

145
CVE-2025/CVE-2025-63xx/CVE-2025-6356.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-6356",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-20T18:15:29.280",
"lastModified": "2025-06-20T18:15:29.280",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in code-projects Simple Pizza Ordering System 1.0 and classified as critical. This issue affects some unknown processing of the file /addmem.php. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "PROOF_OF_CONCEPT",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://code-projects.org/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/rom4j/cve/issues/14",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.313349",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.313349",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.597297",
"source": "cna@vuldb.com"
}
]
}

145
CVE-2025/CVE-2025-63xx/CVE-2025-6357.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-6357",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-20T18:15:29.477",
"lastModified": "2025-06-20T18:15:29.477",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been classified as critical. Affected is an unknown function of the file /paymentportal.php. The manipulation of the argument person leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "PROOF_OF_CONCEPT",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://code-projects.org/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/rom4j/cve/issues/13",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.313350",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.313350",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.597298",
"source": "cna@vuldb.com"
}
]
}

145
CVE-2025/CVE-2025-63xx/CVE-2025-6358.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-6358",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-20T18:15:29.660",
"lastModified": "2025-06-20T18:15:29.660",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /saveorder.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "PROOF_OF_CONCEPT",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://code-projects.org/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/rom4j/cve/issues/12",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.313351",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.313351",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.597299",
"source": "cna@vuldb.com"
}
]
}

145
CVE-2025/CVE-2025-63xx/CVE-2025-6359.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-6359",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-20T19:15:37.803",
"lastModified": "2025-06-20T19:15:37.803",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /cashconfirm.php. The manipulation of the argument transactioncode leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "PROOF_OF_CONCEPT",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://code-projects.org/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/rom4j/cve/issues/11",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.313352",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.313352",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.597300",
"source": "cna@vuldb.com"
}
]
}

145
CVE-2025/CVE-2025-63xx/CVE-2025-6360.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-6360",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-20T19:15:38.023",
"lastModified": "2025-06-20T19:15:38.023",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in code-projects Simple Pizza Ordering System 1.0. This affects an unknown part of the file /portal.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "PROOF_OF_CONCEPT",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://code-projects.org/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/rom4j/cve/issues/10",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.313353",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.313353",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.597301",
"source": "cna@vuldb.com"
}
]
}

94
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-06-20T18:00:19.771094+00:00
2025-06-20T20:00:39.649147+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-06-20T17:57:08.107000+00:00
2025-06-20T19:15:38.023000+00:00
```
### Last Data Feed Release
@ -33,58 +33,64 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
298924
298944
```
### CVEs added in the last Commit
Recently added CVEs: `14`
Recently added CVEs: `20`
- [CVE-2025-44203](CVE-2025/CVE-2025-442xx/CVE-2025-44203.json) (`2025-06-20T16:15:28.700`)
- [CVE-2025-44635](CVE-2025/CVE-2025-446xx/CVE-2025-44635.json) (`2025-06-20T17:15:40.400`)
- [CVE-2025-45331](CVE-2025/CVE-2025-453xx/CVE-2025-45331.json) (`2025-06-20T16:15:29.083`)
- [CVE-2025-45890](CVE-2025/CVE-2025-458xx/CVE-2025-45890.json) (`2025-06-20T16:15:29.240`)
- [CVE-2025-48059](CVE-2025/CVE-2025-480xx/CVE-2025-48059.json) (`2025-06-20T17:15:40.560`)
- [CVE-2025-49132](CVE-2025/CVE-2025-491xx/CVE-2025-49132.json) (`2025-06-20T17:15:41.140`)
- [CVE-2025-5416](CVE-2025/CVE-2025-54xx/CVE-2025-5416.json) (`2025-06-20T16:15:29.553`)
- [CVE-2025-6193](CVE-2025/CVE-2025-61xx/CVE-2025-6193.json) (`2025-06-20T16:15:29.713`)
- [CVE-2025-6347](CVE-2025/CVE-2025-63xx/CVE-2025-6347.json) (`2025-06-20T16:15:30.057`)
- [CVE-2025-6351](CVE-2025/CVE-2025-63xx/CVE-2025-6351.json) (`2025-06-20T16:15:30.250`)
- [CVE-2025-6352](CVE-2025/CVE-2025-63xx/CVE-2025-6352.json) (`2025-06-20T16:15:30.430`)
- [CVE-2025-6353](CVE-2025/CVE-2025-63xx/CVE-2025-6353.json) (`2025-06-20T17:15:41.737`)
- [CVE-2025-6354](CVE-2025/CVE-2025-63xx/CVE-2025-6354.json) (`2025-06-20T17:15:41.977`)
- [CVE-2025-6355](CVE-2025/CVE-2025-63xx/CVE-2025-6355.json) (`2025-06-20T17:15:42.217`)
- [CVE-2024-4025](CVE-2024/CVE-2024-40xx/CVE-2024-4025.json) (`2025-06-20T19:15:35.290`)
- [CVE-2024-4994](CVE-2024/CVE-2024-49xx/CVE-2024-4994.json) (`2025-06-20T19:15:35.460`)
- [CVE-2025-2443](CVE-2025/CVE-2025-24xx/CVE-2025-2443.json) (`2025-06-20T18:15:28.270`)
- [CVE-2025-25034](CVE-2025/CVE-2025-250xx/CVE-2025-25034.json) (`2025-06-20T19:15:35.693`)
- [CVE-2025-25037](CVE-2025/CVE-2025-250xx/CVE-2025-25037.json) (`2025-06-20T19:15:35.870`)
- [CVE-2025-25038](CVE-2025/CVE-2025-250xx/CVE-2025-25038.json) (`2025-06-20T19:15:36.050`)
- [CVE-2025-34021](CVE-2025/CVE-2025-340xx/CVE-2025-34021.json) (`2025-06-20T19:15:36.530`)
- [CVE-2025-34022](CVE-2025/CVE-2025-340xx/CVE-2025-34022.json) (`2025-06-20T19:15:36.720`)
- [CVE-2025-34023](CVE-2025/CVE-2025-340xx/CVE-2025-34023.json) (`2025-06-20T19:15:36.887`)
- [CVE-2025-34024](CVE-2025/CVE-2025-340xx/CVE-2025-34024.json) (`2025-06-20T19:15:37.053`)
- [CVE-2025-34029](CVE-2025/CVE-2025-340xx/CVE-2025-34029.json) (`2025-06-20T19:15:37.210`)
- [CVE-2025-34030](CVE-2025/CVE-2025-340xx/CVE-2025-34030.json) (`2025-06-20T19:15:37.343`)
- [CVE-2025-46158](CVE-2025/CVE-2025-461xx/CVE-2025-46158.json) (`2025-06-20T18:15:28.440`)
- [CVE-2025-5121](CVE-2025/CVE-2025-51xx/CVE-2025-5121.json) (`2025-06-20T18:15:28.913`)
- [CVE-2025-52484](CVE-2025/CVE-2025-524xx/CVE-2025-52484.json) (`2025-06-20T18:15:28.747`)
- [CVE-2025-6356](CVE-2025/CVE-2025-63xx/CVE-2025-6356.json) (`2025-06-20T18:15:29.280`)
- [CVE-2025-6357](CVE-2025/CVE-2025-63xx/CVE-2025-6357.json) (`2025-06-20T18:15:29.477`)
- [CVE-2025-6358](CVE-2025/CVE-2025-63xx/CVE-2025-6358.json) (`2025-06-20T18:15:29.660`)
- [CVE-2025-6359](CVE-2025/CVE-2025-63xx/CVE-2025-6359.json) (`2025-06-20T19:15:37.803`)
- [CVE-2025-6360](CVE-2025/CVE-2025-63xx/CVE-2025-6360.json) (`2025-06-20T19:15:38.023`)
### CVEs modified in the last Commit
Recently modified CVEs: `149`
Recently modified CVEs: `37`
- [CVE-2025-26199](CVE-2025/CVE-2025-261xx/CVE-2025-26199.json) (`2025-06-20T16:15:28.217`)
- [CVE-2025-28355](CVE-2025/CVE-2025-283xx/CVE-2025-28355.json) (`2025-06-20T16:19:02.220`)
- [CVE-2025-30194](CVE-2025/CVE-2025-301xx/CVE-2025-30194.json) (`2025-06-20T16:15:28.553`)
- [CVE-2025-32881](CVE-2025/CVE-2025-328xx/CVE-2025-32881.json) (`2025-06-20T16:53:44.603`)
- [CVE-2025-32882](CVE-2025/CVE-2025-328xx/CVE-2025-32882.json) (`2025-06-20T16:52:25.717`)
- [CVE-2025-32884](CVE-2025/CVE-2025-328xx/CVE-2025-32884.json) (`2025-06-20T16:50:32.157`)
- [CVE-2025-32885](CVE-2025/CVE-2025-328xx/CVE-2025-32885.json) (`2025-06-20T16:48:21.597`)
- [CVE-2025-32886](CVE-2025/CVE-2025-328xx/CVE-2025-32886.json) (`2025-06-20T16:45:10.870`)
- [CVE-2025-32887](CVE-2025/CVE-2025-328xx/CVE-2025-32887.json) (`2025-06-20T16:39:45.180`)
- [CVE-2025-32888](CVE-2025/CVE-2025-328xx/CVE-2025-32888.json) (`2025-06-20T16:38:27.003`)
- [CVE-2025-32889](CVE-2025/CVE-2025-328xx/CVE-2025-32889.json) (`2025-06-20T16:35:09.850`)
- [CVE-2025-32890](CVE-2025/CVE-2025-328xx/CVE-2025-32890.json) (`2025-06-20T16:28:33.357`)
- [CVE-2025-3440](CVE-2025/CVE-2025-34xx/CVE-2025-3440.json) (`2025-06-20T17:14:07.857`)
- [CVE-2025-3900](CVE-2025/CVE-2025-39xx/CVE-2025-3900.json) (`2025-06-20T16:22:21.453`)
- [CVE-2025-4778](CVE-2025/CVE-2025-47xx/CVE-2025-4778.json) (`2025-06-20T17:43:12.677`)
- [CVE-2025-47916](CVE-2025/CVE-2025-479xx/CVE-2025-47916.json) (`2025-06-20T17:42:15.083`)
- [CVE-2025-47947](CVE-2025/CVE-2025-479xx/CVE-2025-47947.json) (`2025-06-20T16:13:40.530`)
- [CVE-2025-48060](CVE-2025/CVE-2025-480xx/CVE-2025-48060.json) (`2025-06-20T17:39:13.377`)
- [CVE-2025-48063](CVE-2025/CVE-2025-480xx/CVE-2025-48063.json) (`2025-06-20T17:38:28.517`)
- [CVE-2025-48070](CVE-2025/CVE-2025-480xx/CVE-2025-48070.json) (`2025-06-20T16:05:45.280`)
- [CVE-2025-48708](CVE-2025/CVE-2025-487xx/CVE-2025-48708.json) (`2025-06-20T17:13:54.913`)
- [CVE-2025-5030](CVE-2025/CVE-2025-50xx/CVE-2025-5030.json) (`2025-06-20T17:40:22.427`)
- [CVE-2025-5033](CVE-2025/CVE-2025-50xx/CVE-2025-5033.json) (`2025-06-20T16:15:38.947`)
- [CVE-2025-5080](CVE-2025/CVE-2025-50xx/CVE-2025-5080.json) (`2025-06-20T16:03:35.810`)
- [CVE-2025-5109](CVE-2025/CVE-2025-51xx/CVE-2025-5109.json) (`2025-06-20T16:02:35.837`)
- [CVE-2024-33894](CVE-2024/CVE-2024-338xx/CVE-2024-33894.json) (`2024-11-21T09:17:41.037`)
- [CVE-2024-34451](CVE-2024/CVE-2024-344xx/CVE-2024-34451.json) (`2024-11-21T09:18:42.080`)
- [CVE-2024-36600](CVE-2024/CVE-2024-366xx/CVE-2024-36600.json) (`2024-11-21T09:22:28.260`)
- [CVE-2024-37773](CVE-2024/CVE-2024-377xx/CVE-2024-37773.json) (`2024-12-17T16:15:25.580`)
- [CVE-2024-37774](CVE-2024/CVE-2024-377xx/CVE-2024-37774.json) (`2024-12-17T15:15:14.210`)
- [CVE-2024-37775](CVE-2024/CVE-2024-377xx/CVE-2024-37775.json) (`2024-12-17T15:15:14.637`)
- [CVE-2024-37776](CVE-2024/CVE-2024-377xx/CVE-2024-37776.json) (`2024-12-17T17:15:09.047`)
- [CVE-2024-38396](CVE-2024/CVE-2024-383xx/CVE-2024-38396.json) (`2024-11-21T09:25:36.147`)
- [CVE-2024-38446](CVE-2024/CVE-2024-384xx/CVE-2024-38446.json) (`2024-11-21T09:25:53.547`)
- [CVE-2024-38447](CVE-2024/CVE-2024-384xx/CVE-2024-38447.json) (`2024-11-21T09:25:53.860`)
- [CVE-2024-38467](CVE-2024/CVE-2024-384xx/CVE-2024-38467.json) (`2024-11-21T09:26:00.000`)
- [CVE-2024-46340](CVE-2024/CVE-2024-463xx/CVE-2024-46340.json) (`2025-04-03T16:15:32.550`)
- [CVE-2024-46341](CVE-2024/CVE-2024-463xx/CVE-2024-46341.json) (`2024-12-11T15:15:10.090`)
- [CVE-2024-50659](CVE-2024/CVE-2024-506xx/CVE-2024-50659.json) (`2025-01-08T16:15:34.597`)
- [CVE-2024-51472](CVE-2024/CVE-2024-514xx/CVE-2024-51472.json) (`2025-01-06T17:15:38.517`)
- [CVE-2024-54887](CVE-2024/CVE-2024-548xx/CVE-2024-54887.json) (`2025-01-15T21:15:13.820`)
- [CVE-2024-55224](CVE-2024/CVE-2024-552xx/CVE-2024-55224.json) (`2025-01-10T18:15:24.053`)
- [CVE-2024-55225](CVE-2024/CVE-2024-552xx/CVE-2024-55225.json) (`2025-01-10T18:15:24.530`)
- [CVE-2024-55897](CVE-2024/CVE-2024-558xx/CVE-2024-55897.json) (`2025-03-13T16:15:25.453`)
- [CVE-2024-56072](CVE-2024/CVE-2024-560xx/CVE-2024-56072.json) (`2024-12-16T17:15:13.500`)
- [CVE-2024-56073](CVE-2024/CVE-2024-560xx/CVE-2024-56073.json) (`2024-12-16T17:15:13.700`)
- [CVE-2024-56084](CVE-2024/CVE-2024-560xx/CVE-2024-56084.json) (`2024-12-23T18:15:07.440`)
- [CVE-2025-2056](CVE-2025/CVE-2025-20xx/CVE-2025-2056.json) (`2025-03-14T05:15:42.523`)
- [CVE-2025-21616](CVE-2025/CVE-2025-216xx/CVE-2025-21616.json) (`2025-01-07T16:15:40.390`)
- [CVE-2025-22275](CVE-2025/CVE-2025-222xx/CVE-2025-22275.json) (`2025-01-03T07:15:25.297`)
## Download and Usage

420
_state.csv
View File

File diff suppressed because it is too large Load Diff