diff --git a/CVE-2025/CVE-2025-29xx/CVE-2025-2958.json b/CVE-2025/CVE-2025-29xx/CVE-2025-2958.json new file mode 100644 index 00000000000..0fcb5d8d052 --- /dev/null +++ b/CVE-2025/CVE-2025-29xx/CVE-2025-2958.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2025-2958", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-03-30T20:15:14.490", + "lastModified": "2025-03-30T20:15:14.490", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in TRENDnet TEW-818DRU 1.0.14.6. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /usr/sbin/httpd of the component HTTP Request Handler. The manipulation leads to denial of service. The attack needs to be done within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "ADJACENT", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "NONE", + "vulnIntegrityImpact": "NONE", + "vulnAvailabilityImpact": "HIGH", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", + "baseScore": 6.1, + "accessVector": "ADJACENT_NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "COMPLETE" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 6.5, + "impactScore": 6.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-404" + } + ] + } + ], + "references": [ + { + "url": "https://docs.google.com/document/d/1DHUsUpeizmqFbJe_0SjsJvCFspPeFDaK/edit#heading=h.gjdgxs", + "source": "cna@vuldb.com" + }, + { + "url": "https://drive.google.com/file/d/1SbZ63uqg6QJYjPFcLY5wBqWrh-NMrnZq/view?usp=drive_link", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.302011", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.302011", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.521723", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-29xx/CVE-2025-2959.json b/CVE-2025/CVE-2025-29xx/CVE-2025-2959.json new file mode 100644 index 00000000000..86830b33fac --- /dev/null +++ b/CVE-2025/CVE-2025-29xx/CVE-2025-2959.json @@ -0,0 +1,145 @@ +{ + "id": "CVE-2025-2959", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-03-30T21:15:31.960", + "lastModified": "2025-03-30T21:15:31.960", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in TRENDnet TEW-410APB 1.3.06b. It has been rated as problematic. Affected by this issue is the function sub_4019A0 of the file /usr/sbin/httpd of the component HTTP Request Handler. The manipulation leads to null pointer dereference. The attack needs to be initiated within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "ADJACENT", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "NONE", + "vulnIntegrityImpact": "NONE", + "vulnAvailabilityImpact": "HIGH", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", + "baseScore": 6.1, + "accessVector": "ADJACENT_NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "COMPLETE" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 6.5, + "impactScore": 6.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-404" + }, + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "references": [ + { + "url": "https://docs.google.com/document/d/1PcJZQ364MQxz1eUt6PLnWIQYTLNuJ5_3/edit#heading=h.gjdgxs", + "source": "cna@vuldb.com" + }, + { + "url": "https://drive.google.com/file/d/1idRNkvFHyh5vOxw2VIs2wcwdVOVLuqkG/view?usp=drive_link", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.302012", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.302012", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.521725", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-29xx/CVE-2025-2960.json b/CVE-2025/CVE-2025-29xx/CVE-2025-2960.json new file mode 100644 index 00000000000..ed1b2f0d8a7 --- /dev/null +++ b/CVE-2025/CVE-2025-29xx/CVE-2025-2960.json @@ -0,0 +1,145 @@ +{ + "id": "CVE-2025-2960", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-03-30T21:15:32.143", + "lastModified": "2025-03-30T21:15:32.143", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability classified as problematic has been found in TRENDnet TEW-637AP and TEW-638APB 1.2.7/1.3.0.106. This affects the function sub_41DED0 of the file /bin/goahead of the component HTTP Request Handler. The manipulation leads to null pointer dereference. Access to the local network is required for this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "ADJACENT", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "NONE", + "vulnIntegrityImpact": "NONE", + "vulnAvailabilityImpact": "HIGH", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", + "baseScore": 6.1, + "accessVector": "ADJACENT_NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "COMPLETE" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 6.5, + "impactScore": 6.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-404" + }, + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "references": [ + { + "url": "https://docs.google.com/document/d/17FadWn-UWXjvcYNzDI4JRjag-lGUU9pJ/edit#heading=h.gjdgxs", + "source": "cna@vuldb.com" + }, + { + "url": "https://drive.google.com/file/d/1SS7jsYBNl0faSOy_vH5tNn_xJJ_HA1xU/view?usp=drive_link", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.302013", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.302013", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.521727", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index fa64549a543..60df2a8c044 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-03-30T20:00:19.386614+00:00 +2025-03-30T22:00:20.291782+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-03-30T19:15:14.933000+00:00 +2025-03-30T21:15:32.143000+00:00 ``` ### Last Data Feed Release @@ -33,23 +33,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -287332 +287335 ``` ### CVEs added in the last Commit Recently added CVEs: `3` -- [CVE-2025-2955](CVE-2025/CVE-2025-29xx/CVE-2025-2955.json) (`2025-03-30T18:15:14.767`) -- [CVE-2025-2956](CVE-2025/CVE-2025-29xx/CVE-2025-2956.json) (`2025-03-30T18:15:15.783`) -- [CVE-2025-2957](CVE-2025/CVE-2025-29xx/CVE-2025-2957.json) (`2025-03-30T19:15:14.933`) +- [CVE-2025-2958](CVE-2025/CVE-2025-29xx/CVE-2025-2958.json) (`2025-03-30T20:15:14.490`) +- [CVE-2025-2959](CVE-2025/CVE-2025-29xx/CVE-2025-2959.json) (`2025-03-30T21:15:31.960`) +- [CVE-2025-2960](CVE-2025/CVE-2025-29xx/CVE-2025-2960.json) (`2025-03-30T21:15:32.143`) ### CVEs modified in the last Commit -Recently modified CVEs: `1` +Recently modified CVEs: `0` -- [CVE-2025-0927](CVE-2025/CVE-2025-09xx/CVE-2025-0927.json) (`2025-03-30T19:15:14.110`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 1ffa8fa472f..55edfa61e24 100644 --- a/_state.csv +++ b/_state.csv @@ -281638,7 +281638,7 @@ CVE-2025-0918,0,0,4227989e3d35097382e4bc473e8d6b90f5c37e9be43ac707cd1a7bd79f7110 CVE-2025-0919,0,0,f3c40a8c3e9859b98dc4dbb233022019405b6bb3a32be39636bc5e978bd23a1b,2025-02-12T17:15:23.357000 CVE-2025-0924,0,0,f098c8869b022dbda442e50477571fe8e89ac3ff2ff9ea7bd16e8bb1ca9eb537,2025-02-17T05:15:09.410000 CVE-2025-0925,0,0,96e6ae1415f7de21f9d2302b09edfb8f35c8ed2d838c20a02e0bb3cb8fbcd173,2025-02-12T17:15:23.437000 -CVE-2025-0927,0,1,0908c23d6f6990c54b7de0758b40cefa31b4e751fbae276256b6b68015681ca0,2025-03-30T19:15:14.110000 +CVE-2025-0927,0,0,0908c23d6f6990c54b7de0758b40cefa31b4e751fbae276256b6b68015681ca0,2025-03-30T19:15:14.110000 CVE-2025-0929,0,0,bcacb82faee52c17b22479d26474b4df04f76f99e634ac515f50cccea0dc9587,2025-01-31T14:15:34.130000 CVE-2025-0930,0,0,e48470a5aeaab134703b9f1449e9c6f114cca0e6b49cd331dee21f5acc590fd8,2025-01-31T14:15:34.293000 CVE-2025-0934,0,0,435f4840918befd21a2a5141d511b1a79f3fc5ba70f4b6b5d6a0bdf42935fbde,2025-02-18T18:49:12.210000 @@ -286904,9 +286904,12 @@ CVE-2025-2951,0,0,260a4b8d6604868493de69370b70ea9ee633b7dbbb872247f955ad5094edac CVE-2025-2952,0,0,ac4f52b399b6ffe238908d243c97fdc3e9560ea5405afc25137584a010190c3e,2025-03-30T15:15:28.830000 CVE-2025-2953,0,0,07565cffbe8714abe6b4ed7e46ca16f69c2108508cb787fa0734d2ed5e32c9e4,2025-03-30T16:15:14.380000 CVE-2025-2954,0,0,7e02a867136ffbb6815278535bb5cd9c486013b3ec71cf0a1341f957b5b0d107,2025-03-30T17:15:19.890000 -CVE-2025-2955,1,1,d83378c7e317cdb0fe079597f38bf579e1f5ed3820efe14a7ab5c84bd4c1ac88,2025-03-30T18:15:14.767000 -CVE-2025-2956,1,1,90a1b4cdebc743592cd4699d9cd14343efe464b4279255164f5bcaf799c79b37,2025-03-30T18:15:15.783000 -CVE-2025-2957,1,1,2041a1bad0f3b94a621933efa1578c7527d556b201ebee469ee54a43ff2adaee,2025-03-30T19:15:14.933000 +CVE-2025-2955,0,0,d83378c7e317cdb0fe079597f38bf579e1f5ed3820efe14a7ab5c84bd4c1ac88,2025-03-30T18:15:14.767000 +CVE-2025-2956,0,0,90a1b4cdebc743592cd4699d9cd14343efe464b4279255164f5bcaf799c79b37,2025-03-30T18:15:15.783000 +CVE-2025-2957,0,0,2041a1bad0f3b94a621933efa1578c7527d556b201ebee469ee54a43ff2adaee,2025-03-30T19:15:14.933000 +CVE-2025-2958,1,1,3fb7ff6d9357ff22658d5d8cf8c232650334b49c9bd2618eded13fa8fb2dfe34,2025-03-30T20:15:14.490000 +CVE-2025-2959,1,1,60c1c20f48bdcf669f4f9dbc70d78d2366c9bda1947d22fdbb1d2e25f877a952,2025-03-30T21:15:31.960000 +CVE-2025-2960,1,1,c3d0db303cca848fbbc44321d4a2627efd9c17f1dd9bd3222aadeac187bb3cc3,2025-03-30T21:15:32.143000 CVE-2025-29635,0,0,777467e4305cb03534788245920edd5bae11b2ba20b7be470dbace3c9dda6025,2025-03-27T16:45:46.410000 CVE-2025-29640,0,0,684661940e38e3fbc4f2676adca19fd07a4b95839bb039ae44b7731f40899f4a,2025-03-24T18:15:23.613000 CVE-2025-29641,0,0,da834c0947f85989328576ecb3102fddbcebc6673f6bdf9795762806f49bd137,2025-03-24T18:15:23.773000