admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-07-07T18:00:11.094997+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-07-07 18:03:47 +00:00
parent f40ca6e79a
commit ebab2b305f
142 changed files with 5810 additions and 711 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

136
CVE-2019/CVE-2019-168xx/CVE-2019-16869.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-16869",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-09-26T16:15:11.690",
"lastModified": "2024-11-21T04:31:14.483",
"lastModified": "2025-07-07T17:15:26.303",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -250,263 +250,267 @@
]
},
{
"url": "https://lists.apache.org/thread.html/0acadfb96176768caac79b404110df62d14d30aa9d53b6dbdb1407ac%40%3Cissues.spark.apache.org%3E",
"url": "https://github.com/poc-effectiveness/PoCAdaptation/tree/main/Adapted/CVE-2019-16869/5.0.0.Alpha1/exploit",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/19fed892608db1efe5a5ce14372137669ff639df0205323959af7de3%40%3Cdev.olingo.apache.org%3E",
"url": "https://lists.apache.org/thread.html/0acadfb96176768caac79b404110df62d14d30aa9d53b6dbdb1407ac@%3Cissues.spark.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/2494a2ac7f66af6e4646a4937b17972a4ec7cd3c7333c66ffd6c639d%40%3Cdev.zookeeper.apache.org%3E",
"url": "https://lists.apache.org/thread.html/19fed892608db1efe5a5ce14372137669ff639df0205323959af7de3@%3Cdev.olingo.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/2e1cf538b502713c2c42ffa46d81f4688edb5676eb55bd9fc4b4fed7%40%3Cissues.zookeeper.apache.org%3E",
"url": "https://lists.apache.org/thread.html/2494a2ac7f66af6e4646a4937b17972a4ec7cd3c7333c66ffd6c639d@%3Cdev.zookeeper.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/35961d1ae00849974353a932b4fef12ebce074541552eceefa04f1fd%40%3Cdev.olingo.apache.org%3E",
"url": "https://lists.apache.org/thread.html/2e1cf538b502713c2c42ffa46d81f4688edb5676eb55bd9fc4b4fed7@%3Cissues.zookeeper.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/37ed432b8eb35d8bd757f53783ec3e334bd51f514534432bea7f1c3d%40%3Cissues.zookeeper.apache.org%3E",
"url": "https://lists.apache.org/thread.html/35961d1ae00849974353a932b4fef12ebce074541552eceefa04f1fd@%3Cdev.olingo.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/380f6d2730603a2cd6b0a8bea9bcb21a86c199147e77e448c5f7390b%40%3Ccommits.zookeeper.apache.org%3E",
"url": "https://lists.apache.org/thread.html/37ed432b8eb35d8bd757f53783ec3e334bd51f514534432bea7f1c3d@%3Cissues.zookeeper.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/3e6d7aae1cca10257e3caf2d69b22f74c875f12a1314155af422569d%40%3Cdev.zookeeper.apache.org%3E",
"url": "https://lists.apache.org/thread.html/380f6d2730603a2cd6b0a8bea9bcb21a86c199147e77e448c5f7390b@%3Ccommits.zookeeper.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/51923a9ba513b2e816e02a9d1fd8aa6f12e3e4e99bbd9dc884bccbbe%40%3Cissues.spark.apache.org%3E",
"url": "https://lists.apache.org/thread.html/3e6d7aae1cca10257e3caf2d69b22f74c875f12a1314155af422569d@%3Cdev.zookeeper.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E",
"url": "https://lists.apache.org/thread.html/51923a9ba513b2e816e02a9d1fd8aa6f12e3e4e99bbd9dc884bccbbe@%3Cissues.spark.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/6063699b87b501ecca8dd3b0e82251bfc85f29363a9b46ac5ace80cf%40%3Cdev.olingo.apache.org%3E",
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/64b10f49c68333aaecf00348c5670fe182e49fd60d45c4a3ab241f8b%40%3Cissues.spark.apache.org%3E",
"url": "https://lists.apache.org/thread.html/6063699b87b501ecca8dd3b0e82251bfc85f29363a9b46ac5ace80cf@%3Cdev.olingo.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/681493a2f9b63f5b468f741d88d1aa51b2cfcf7a1c5b74ea8c4343fb%40%3Cissues.spark.apache.org%3E",
"url": "https://lists.apache.org/thread.html/64b10f49c68333aaecf00348c5670fe182e49fd60d45c4a3ab241f8b@%3Cissues.spark.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/6e1e34c0d5635a987d595df9e532edac212307243bb1b49eead6d55b%40%3Cissues.zookeeper.apache.org%3E",
"url": "https://lists.apache.org/thread.html/681493a2f9b63f5b468f741d88d1aa51b2cfcf7a1c5b74ea8c4343fb@%3Cissues.spark.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/76540c8b0ed761bfa6c81fa28c13057f13a5448aed079d656f6a3c79%40%3Cissues.zookeeper.apache.org%3E",
"url": "https://lists.apache.org/thread.html/6e1e34c0d5635a987d595df9e532edac212307243bb1b49eead6d55b@%3Cissues.zookeeper.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/799eb85d67cbddc1851a3e63a07b55e95b2f44f1685225d38570ce89%40%3Cissues.spark.apache.org%3E",
"url": "https://lists.apache.org/thread.html/76540c8b0ed761bfa6c81fa28c13057f13a5448aed079d656f6a3c79@%3Cissues.zookeeper.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/860acce024d79837e963a51a42bab2cef8e8d017aad2b455ecd1dcf0%40%3Cissues.spark.apache.org%3E",
"url": "https://lists.apache.org/thread.html/799eb85d67cbddc1851a3e63a07b55e95b2f44f1685225d38570ce89@%3Cissues.spark.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/9128111213b7b734ffc85db08d8f789b00a85a7f241b708e55debbd0%40%3Cissues.zookeeper.apache.org%3E",
"url": "https://lists.apache.org/thread.html/860acce024d79837e963a51a42bab2cef8e8d017aad2b455ecd1dcf0@%3Cissues.spark.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E",
"url": "https://lists.apache.org/thread.html/9128111213b7b734ffc85db08d8f789b00a85a7f241b708e55debbd0@%3Cissues.zookeeper.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/a0f77c73af32cbe4ff0968bfcbbe80ae6361f3dccdd46f3177547266%40%3Cissues.zookeeper.apache.org%3E",
"url": "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/af6e9c2d716868606523857a4cd7a5ee506e6d1710f5fb0d567ec030%40%3Cdev.olingo.apache.org%3E",
"url": "https://lists.apache.org/thread.html/a0f77c73af32cbe4ff0968bfcbbe80ae6361f3dccdd46f3177547266@%3Cissues.zookeeper.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E",
"url": "https://lists.apache.org/thread.html/af6e9c2d716868606523857a4cd7a5ee506e6d1710f5fb0d567ec030@%3Cdev.olingo.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/b264fa5801e87698e9f43f2b5585fbc5ebdc26c6f4aad861b258fb69%40%3Cdev.olingo.apache.org%3E",
"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/b2cd51795f938632c6f60a4c59d9e587fbacd7f7d0e0a3684850a30f%40%3Cissues.zookeeper.apache.org%3E",
"url": "https://lists.apache.org/thread.html/b264fa5801e87698e9f43f2b5585fbc5ebdc26c6f4aad861b258fb69@%3Cdev.olingo.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/b3dda6399a0ea2b647624b899fd330fca81834e41b13e3e11e1002d8%40%3Cdev.olingo.apache.org%3E",
"url": "https://lists.apache.org/thread.html/b2cd51795f938632c6f60a4c59d9e587fbacd7f7d0e0a3684850a30f@%3Cissues.zookeeper.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/b3ddeebbfaf8a288d7de8ab2611cf2609ab76b9809f0633248546b7c%40%3Cissues.spark.apache.org%3E",
"url": "https://lists.apache.org/thread.html/b3dda6399a0ea2b647624b899fd330fca81834e41b13e3e11e1002d8@%3Cdev.olingo.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/bdf7a5e597346a75d2d884ca48c767525e35137ad59d8f10b8fc943c%40%3Cdev.zookeeper.apache.org%3E",
"url": "https://lists.apache.org/thread.html/b3ddeebbfaf8a288d7de8ab2611cf2609ab76b9809f0633248546b7c@%3Cissues.spark.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/cbf6e6a04cb37e9320ad20e437df63beeab1755fc0761918ed5c5a6e%40%3Ccommits.zookeeper.apache.org%3E",
"url": "https://lists.apache.org/thread.html/bdf7a5e597346a75d2d884ca48c767525e35137ad59d8f10b8fc943c@%3Cdev.zookeeper.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/cf5aa087632ead838f8ac3a42e9837684e7afe6e0fcb7704e0c73bc0%40%3Ccommits.zookeeper.apache.org%3E",
"url": "https://lists.apache.org/thread.html/cbf6e6a04cb37e9320ad20e437df63beeab1755fc0761918ed5c5a6e@%3Ccommits.zookeeper.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/d14f721e0099b914daebe29bca199fde85d8354253be9d6d3d46507a%40%3Ccommits.cassandra.apache.org%3E",
"url": "https://lists.apache.org/thread.html/cf5aa087632ead838f8ac3a42e9837684e7afe6e0fcb7704e0c73bc0@%3Ccommits.zookeeper.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/d3eb0dbea75ef5c400bd49dfa1901ad50be606cca3cb29e0d01b6a54%40%3Cissues.zookeeper.apache.org%3E",
"url": "https://lists.apache.org/thread.html/d14f721e0099b914daebe29bca199fde85d8354253be9d6d3d46507a@%3Ccommits.cassandra.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/d7d530599dc7813056c712213e367b68cdf56fb5c9b73f864870bc4c%40%3Cdev.olingo.apache.org%3E",
"url": "https://lists.apache.org/thread.html/d3eb0dbea75ef5c400bd49dfa1901ad50be606cca3cb29e0d01b6a54@%3Cissues.zookeeper.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/e192fe8797c192679759ffa6b15e4d0806546945a41d8ebfbc6ee3ac%40%3Ccommits.tinkerpop.apache.org%3E",
"url": "https://lists.apache.org/thread.html/d7d530599dc7813056c712213e367b68cdf56fb5c9b73f864870bc4c@%3Cdev.olingo.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/e39931d7cdd17241e69a0a09a89d99d7435bcc59afee8a9628d67769%40%3Cdev.zookeeper.apache.org%3E",
"url": "https://lists.apache.org/thread.html/e192fe8797c192679759ffa6b15e4d0806546945a41d8ebfbc6ee3ac@%3Ccommits.tinkerpop.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/ee6faea9e542c0b90afd70297a9daa203e20d41aa2ac7fca6703662f%40%3Cissues.spark.apache.org%3E",
"url": "https://lists.apache.org/thread.html/e39931d7cdd17241e69a0a09a89d99d7435bcc59afee8a9628d67769@%3Cdev.zookeeper.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/f6c5ebfb018787c764f000362d59e4b231c0a36b6253aa866de8c64e%40%3Ccommits.cassandra.apache.org%3E",
"url": "https://lists.apache.org/thread.html/ee6faea9e542c0b90afd70297a9daa203e20d41aa2ac7fca6703662f@%3Cissues.spark.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E",
"url": "https://lists.apache.org/thread.html/f6c5ebfb018787c764f000362d59e4b231c0a36b6253aa866de8c64e@%3Ccommits.cassandra.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/r0aa8b28e76ec01c697b15e161e6797e88fc8d406ed762e253401106e%40%3Ccommits.camel.apache.org%3E",
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/r0c3d49bfdbc62fd3915676433cc5899c5506d06da1c552ef1b7923a5%40%3Ccommon-issues.hadoop.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r0aa8b28e76ec01c697b15e161e6797e88fc8d406ed762e253401106e@%3Ccommits.camel.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/r131e572d003914843552fa45c4398b9903fb74144986e8b107c0a3a7%40%3Ccommits.cassandra.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r0c3d49bfdbc62fd3915676433cc5899c5506d06da1c552ef1b7923a5@%3Ccommon-issues.hadoop.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/r3225f7dfe6b8a37e800ecb8e31abd7ac6c4312dbd3223dd8139c37bb%40%3Ccommits.cassandra.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r131e572d003914843552fa45c4398b9903fb74144986e8b107c0a3a7@%3Ccommits.cassandra.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/r4d3f1d3e333d9c2b2f6e6ae8ed8750d4de03410ac294bcd12c7eefa3%40%3Ccommits.cassandra.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r3225f7dfe6b8a37e800ecb8e31abd7ac6c4312dbd3223dd8139c37bb@%3Ccommits.cassandra.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/r73c400ab66d79821dec9e3472f0e2c048d528672bdb0f8bf44d7cb1f%40%3Ccommits.cassandra.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r4d3f1d3e333d9c2b2f6e6ae8ed8750d4de03410ac294bcd12c7eefa3@%3Ccommits.cassandra.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/r7790b9d99696d9eddce8a8c96f13bb68460984294ea6fea3800143e4%40%3Ccommits.pulsar.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r73c400ab66d79821dec9e3472f0e2c048d528672bdb0f8bf44d7cb1f@%3Ccommits.cassandra.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/r831e0548fad736a98140d0b3b7dc575af0c50faea0b266434ba813cc%40%3Cdev.rocketmq.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r7790b9d99696d9eddce8a8c96f13bb68460984294ea6fea3800143e4@%3Ccommits.pulsar.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/r832724df393a7ef25ca4c7c2eb83ad2d6c21c74569acda5233f9f1ec%40%3Ccommits.pulsar.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r831e0548fad736a98140d0b3b7dc575af0c50faea0b266434ba813cc@%3Cdev.rocketmq.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/r8402d67fdfe9cf169f859d52a7670b28a08eff31e54b522cc1432532%40%3Ccommon-issues.hadoop.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r832724df393a7ef25ca4c7c2eb83ad2d6c21c74569acda5233f9f1ec@%3Ccommits.pulsar.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/r86befa74c5cd1482c711134104aec339bf7ae879f2c4437d7ec477d4%40%3Ccommon-commits.hadoop.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r8402d67fdfe9cf169f859d52a7670b28a08eff31e54b522cc1432532@%3Ccommon-issues.hadoop.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/r90030b0117490caed526e57271bf4d7f9b012091ac5083c895d16543%40%3Ccommon-issues.hadoop.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r86befa74c5cd1482c711134104aec339bf7ae879f2c4437d7ec477d4@%3Ccommon-commits.hadoop.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/r959474dcf7f88565ed89f6252ca5a274419006cb71348f14764b183d%40%3Ccommits.cassandra.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r90030b0117490caed526e57271bf4d7f9b012091ac5083c895d16543@%3Ccommon-issues.hadoop.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/raaac04b7567c554786132144bea3dcb72568edd410c1e6f0101742e7%40%3Cissues.flink.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r959474dcf7f88565ed89f6252ca5a274419006cb71348f14764b183d@%3Ccommits.cassandra.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/rb25b42f666d2cac5e6e6b3f771faf60d1f1aa58073dcdd8db14edf8a%40%3Cdev.rocketmq.apache.org%3E",
"url": "https://lists.apache.org/thread.html/raaac04b7567c554786132144bea3dcb72568edd410c1e6f0101742e7@%3Cissues.flink.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/rb3361f6c6a5f834ad3db5e998c352760d393c0891b8d3bea90baa836%40%3Ccommon-issues.hadoop.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rb25b42f666d2cac5e6e6b3f771faf60d1f1aa58073dcdd8db14edf8a@%3Cdev.rocketmq.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/rc7eb5634b71d284483e58665b22bf274a69bd184d9bd7ede52015d91%40%3Ccommon-issues.hadoop.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rb3361f6c6a5f834ad3db5e998c352760d393c0891b8d3bea90baa836@%3Ccommon-issues.hadoop.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/rc8d554aad889d12b140d9fd7d2d6fc2e8716e9792f6f4e4b2cdc2d05%40%3Ccommits.cassandra.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rc7eb5634b71d284483e58665b22bf274a69bd184d9bd7ede52015d91@%3Ccommon-issues.hadoop.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/rcb2c59428f34d4757702f9ae739a8795bda7bea97b857e708a9c62c6%40%3Ccommon-commits.hadoop.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rc8d554aad889d12b140d9fd7d2d6fc2e8716e9792f6f4e4b2cdc2d05@%3Ccommits.cassandra.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/rcddf723a4b4117f8ed6042e9ac25e8c5110a617bab77694b61b14833%40%3Cdev.rocketmq.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rcb2c59428f34d4757702f9ae739a8795bda7bea97b857e708a9c62c6@%3Ccommon-commits.hadoop.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26%40%3Ccommits.pulsar.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rcddf723a4b4117f8ed6042e9ac25e8c5110a617bab77694b61b14833@%3Cdev.rocketmq.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/rdb69125652311d0c41f6066ff44072a3642cf33a4b5e3c4f9c1ec9c2%40%3Ccommits.pulsar.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26@%3Ccommits.pulsar.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/rdd5d243a5f8ed8b83c0104e321aa420e5e98792a95749e3c9a54c0b9%40%3Ccommon-commits.hadoop.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rdb69125652311d0c41f6066ff44072a3642cf33a4b5e3c4f9c1ec9c2@%3Ccommits.pulsar.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/re0b78a3d0a4ba2cf9f4e14e1d05040bde9051d5c78071177186336c9%40%3Ccommon-issues.hadoop.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rdd5d243a5f8ed8b83c0104e321aa420e5e98792a95749e3c9a54c0b9@%3Ccommon-commits.hadoop.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/re45ee9256d3233c31d78e59ee59c7dc841c7fbd83d0769285b41e948%40%3Ccommits.druid.apache.org%3E",
"url": "https://lists.apache.org/thread.html/re0b78a3d0a4ba2cf9f4e14e1d05040bde9051d5c78071177186336c9@%3Ccommon-issues.hadoop.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/re78eaef7d01ad65c370df30e45c686fffff00b37f7bfd78b26a08762%40%3Ccommon-issues.hadoop.apache.org%3E",
"url": "https://lists.apache.org/thread.html/re45ee9256d3233c31d78e59ee59c7dc841c7fbd83d0769285b41e948@%3Ccommits.druid.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/rf2bf8e2eb0a03227f5bc100b544113f8cafea01e887bb068e8d1fa41%40%3Ccommon-issues.hadoop.apache.org%3E",
"url": "https://lists.apache.org/thread.html/re78eaef7d01ad65c370df30e45c686fffff00b37f7bfd78b26a08762@%3Ccommon-issues.hadoop.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/rf5b2dfb7401666a19915f8eaef3ba9f5c3386e2066fcd2ae66e16a2f%40%3Cdev.flink.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rf2bf8e2eb0a03227f5bc100b544113f8cafea01e887bb068e8d1fa41@%3Ccommon-issues.hadoop.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/rf5b2dfb7401666a19915f8eaef3ba9f5c3386e2066fcd2ae66e16a2f@%3Cdev.flink.apache.org%3E",
"source": "cve@mitre.org"
},
{

12
CVE-2020/CVE-2020-280xx/CVE-2020-28095.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-28095",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-12-30T21:15:12.797",
"lastModified": "2024-11-21T05:22:21.310",
"vulnStatus": "Modified",
"lastModified": "2025-07-07T17:21:03.403",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -86,8 +86,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac1200_firmware:15.03.06.51_multi:*:*:*:*:*:*:*",
"matchCriteriaId": "9E65345E-8EED-482B-B870-D1B4109DB98F"
"criteria": "cpe:2.3:o:tenda:ac6_firmware:15.03.06.51:*:*:*:*:*:*:*",
"matchCriteriaId": "254F3947-1DC2-4F81-AECB-8BB28CAEA5F1"
}
]
},
@ -97,8 +97,8 @@
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac1200:ac6:*:*:*:*:*:*:*",
"matchCriteriaId": "B9834139-68C4-4F1E-A3E9-3A18D5899D3E"
"criteria": "cpe:2.3:h:tenda:ac6:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E382AD7E-1450-40FC-AE9D-698B491805F0"
}
]
}

20
CVE-2021/CVE-2021-31xx/CVE-2021-3186.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-3186",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-01-26T18:16:28.147",
"lastModified": "2024-11-21T06:21:05.777",
"vulnStatus": "Modified",
"lastModified": "2025-07-07T17:21:17.707",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -22,19 +22,19 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
],
@ -86,8 +86,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac1200_firmware:15.03.06.47_multi:*:*:*:*:*:*:*",
"matchCriteriaId": "ED8D69BB-E549-4993-8935-66A4AE0B3880"
"criteria": "cpe:2.3:o:tenda:ac5_firmware:15.03.06.47:*:*:*:*:*:*:*",
"matchCriteriaId": "2D94CA12-3FED-4730-B1B4-4F6AAA3AB17E"
}
]
},
@ -97,8 +97,8 @@
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac1200:ac5:*:*:*:*:*:*:*",
"matchCriteriaId": "7E9BE77D-A37D-4E54-8500-40E904CF04C6"
"criteria": "cpe:2.3:h:tenda:ac5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A74C4FD-76A0-4E7C-94E0-EC293F379DD2"
}
]
}

40
CVE-2021/CVE-2021-44xx/CVE-2021-4457.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4457",
"sourceIdentifier": "contact@wpscan.com",
"published": "2025-06-25T15:15:21.100",
"lastModified": "2025-07-01T19:15:24.787",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:40:37.030",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,10 +39,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:digitalzoomstudio:zoomsounds:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "6.05",
"matchCriteriaId": "5F201978-8D9D-4BA2-974C-8C0733F9087E"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/07259a61-8ba9-4dd0-8d52-cc1df389c0ad",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-512xx/CVE-2023-51232.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2023-51232",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-07-07T14:15:23.140",
"lastModified": "2025-07-07T14:15:23.140",
"lastModified": "2025-07-07T16:15:21.693",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory Traversal vulnerability in dagster-webserver Dagster thru 1.0.3 allows remote attackers to obtain sensitive information via crafted request to the /logs endpoint. This may be restricted to certain file names that start with a dot ('.')."
"value": "Directory Traversal vulnerability in dagster-webserver Dagster thru 1.5.11 allows remote attackers to obtain sensitive information via crafted request to the /logs endpoint. This may be restricted to certain file names that start with a dot ('.')."
}
],
"metrics": {},

32
CVE-2024/CVE-2024-110xx/CVE-2024-11089.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-11089",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-21T14:15:08.530",
"lastModified": "2024-11-21T15:15:21.500",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T16:03:33.517",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,14 +61,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tarassych:anonymous_restricted_content:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.6.6",
"matchCriteriaId": "30C21593-D38F-40CF-8333-FDBE9758AB56"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3191193/anonymous-restricted-content",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/95a01f44-2356-4ea4-b48e-80e3c6114efa?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

42
CVE-2024/CVE-2024-16xx/CVE-2024-1646.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-1646",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-04-16T00:15:09.967",
"lastModified": "2024-11-21T08:50:59.783",
"lastModified": "2025-07-07T16:01:35.617",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
@ -51,22 +51,54 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:parisneo:lollms-webui:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.3",
"matchCriteriaId": "2FCF4058-5BC4-451A-ACC7-FA8D4C261CAE"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/parisneo/lollms-webui/commit/02e829b5653a1aa5dbbe9413ec84f96caa1274e8",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.com/bounties/2f769c46-aa85-4ab8-8b08-fe791313b7ba",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/parisneo/lollms-webui/commit/02e829b5653a1aa5dbbe9413ec84f96caa1274e8",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.com/bounties/2f769c46-aa85-4ab8-8b08-fe791313b7ba",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

29
CVE-2024/CVE-2024-251xx/CVE-2024-25176.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-25176",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-07-07T17:15:27.247",
"lastModified": "2025-07-07T17:15:27.247",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LuaJIT through 2.1 has a stack-buffer-overflow in lj_strfmt_wfnum in lj_strfmt_num.c."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/pwnhacker0x18/cd75d01fc7c9b6c85c183fbe5353d276",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/LuaJIT/LuaJIT/commit/343ce0edaf3906a62022936175b2f5410024cbfc",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/LuaJIT/LuaJIT/issues/1149",
"source": "cve@mitre.org"
}
]
}

29
CVE-2024/CVE-2024-251xx/CVE-2024-25177.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-25177",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-07-07T17:15:27.403",
"lastModified": "2025-07-07T17:15:27.403",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LuaJIT through 2.1 has an unsinking of IR_FSTORE for NULL metatable, which leads to Denial of Service (DoS)."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/pwnhacker0x18/a73f560d79f2c3d4011d6c5a2676f04a",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/LuaJIT/LuaJIT/commit/85b4fed0b0353dd78c8c875c2f562d522a2b310f",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/LuaJIT/LuaJIT/issues/1147",
"source": "cve@mitre.org"
}
]
}

29
CVE-2024/CVE-2024-251xx/CVE-2024-25178.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-25178",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-07-07T17:15:27.527",
"lastModified": "2025-07-07T17:15:27.527",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LuaJIT through 2.1 has an out-of-bounds read in the stack-overflow handler in lj_state.c"
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/pwnhacker0x18/423b4292f301ab274b42d5ed6e0b87d8",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/LuaJIT/LuaJIT/commit/defe61a56751a0db5f00ff3ab7b8f45436ba74c8",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/LuaJIT/LuaJIT/issues/1152",
"source": "cve@mitre.org"
}
]
}

65
CVE-2024/CVE-2024-290xx/CVE-2024-29028.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-29028",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-04-19T15:15:50.243",
"lastModified": "2024-11-21T09:07:24.313",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T16:03:50.147",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -51,22 +71,55 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:usememos:memos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "0.13.2",
"versionEndExcluding": "0.16.1",
"matchCriteriaId": "5859F707-F9A3-477B-8620-72D0932868F2"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/usememos/memos/commit/6ffc09d86a1302c384ef085aa70c7bddb3ce7ba9",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://securitylab.github.com/advisories/GHSL-2023-154_GHSL-2023-156_memos",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/usememos/memos/commit/6ffc09d86a1302c384ef085aa70c7bddb3ce7ba9",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://securitylab.github.com/advisories/GHSL-2023-154_GHSL-2023-156_memos",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

75
CVE-2024/CVE-2024-290xx/CVE-2024-29030.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-29030",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-04-19T15:15:50.430",
"lastModified": "2024-11-21T09:07:24.583",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T16:05:52.817",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -51,30 +71,69 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:usememos:memos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "0.13.2",
"versionEndExcluding": "0.22.0",
"matchCriteriaId": "1BF6028C-D563-4A72-80B2-910AEA67A040"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/usememos/memos/blob/06dbd8731161245444f4b50f4f9ed267f7c3cf63/api/v1/resource.go#L83",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/usememos/memos/commit/bbd206e8930281eb040cc8c549641455892b9eb5",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://securitylab.github.com/advisories/GHSL-2023-154_GHSL-2023-156_memos/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/usememos/memos/blob/06dbd8731161245444f4b50f4f9ed267f7c3cf63/api/v1/resource.go#L83",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://github.com/usememos/memos/commit/bbd206e8930281eb040cc8c549641455892b9eb5",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://securitylab.github.com/advisories/GHSL-2023-154_GHSL-2023-156_memos/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

57
CVE-2024/CVE-2024-333xx/CVE-2024-33365.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-33365",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-29T17:15:10.947",
"lastModified": "2024-11-21T09:16:50.347",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T16:09:32.320",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,22 +51,67 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac10_firmware:16.03.10.20:*:*:*:*:*:*:*",
"matchCriteriaId": "A19C486B-52A3-4C3E-851D-F349E8E0A706"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac10:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "970AEBF4-2B32-4633-A75B-2D2C598C048D"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/johnathanhuutri/CVE_report/blob/master/CVE-2024-33365/README.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://hackmd.io/%40JohnathanHuuTri/rJNbEItJC",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/johnathanhuutri/CVE_report/blob/master/CVE-2024-33365/README.md",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://hackmd.io/%40JohnathanHuuTri/rJNbEItJC",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

27
CVE-2024/CVE-2024-352xx/CVE-2024-35285.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35285",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-21T21:15:05.307",
"lastModified": "2024-10-23T15:12:34.673",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:55:18.673",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mitel:micollab:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.8.0.33",
"matchCriteriaId": "E7001BBF-C3BB-4219-BE0D-1444BE43DF9E"
}
]
}
]
}
],
"references": [
{
"url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-24-0013",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

27
CVE-2024/CVE-2024-352xx/CVE-2024-35286.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35286",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-21T21:15:05.367",
"lastModified": "2024-10-23T15:12:34.673",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:55:27.693",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mitel:micollab:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.8.0.33",
"matchCriteriaId": "E7001BBF-C3BB-4219-BE0D-1444BE43DF9E"
}
]
}
]
}
],
"references": [
{
"url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-24-0014",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

27
CVE-2024/CVE-2024-352xx/CVE-2024-35287.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35287",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-21T21:15:05.450",
"lastModified": "2024-10-23T15:12:34.673",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:55:48.843",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mitel:micollab:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.8.1.5",
"matchCriteriaId": "A86FB9E2-A0A9-45A4-86CD-073206E7E41C"
}
]
}
]
}
],
"references": [
{
"url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-24-0023",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

37
CVE-2024/CVE-2024-353xx/CVE-2024-35314.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35314",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-21T21:15:05.533",
"lastModified": "2025-03-25T15:15:22.007",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:54:52.597",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,43 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mitel:micollab:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.7.1.110",
"matchCriteriaId": "00AF6EAC-B97B-468A-AE23-625321787BCA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mitel:mivoice_business_solution_virtual_instance:1.0.0.25:*:*:*:*:*:*:*",
"matchCriteriaId": "831F3CAF-72D0-497C-A5E1-AC09F660DB43"
}
]
}
]
}
],
"references": [
{
"url": "https://www.mitel.com/-/media/mitel/file/pdf/support/security-advisories/security-bulletin_24-0015-001-v3.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-24-0015",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

32
CVE-2024/CVE-2024-353xx/CVE-2024-35315.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35315",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-21T21:15:05.613",
"lastModified": "2024-10-23T21:35:04.820",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:54:43.887",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,36 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mitel:micollab:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.7.1.110",
"matchCriteriaId": "00AF6EAC-B97B-468A-AE23-625321787BCA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mitel:mivoice_business_solution_virtual_instance:1.0.0.25:*:*:*:*:*:*:*",
"matchCriteriaId": "831F3CAF-72D0-497C-A5E1-AC09F660DB43"
}
]
}
]
}
],
"references": [
{
"url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-24-0016",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

44
CVE-2024/CVE-2024-400xx/CVE-2024-40084.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40084",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-21T21:15:05.770",
"lastModified": "2024-10-23T15:12:34.673",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:37:27.353",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,50 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:viloliving:vilo_5_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "5.16.1.33",
"matchCriteriaId": "EE511F6D-2988-4CC4-871A-35BFD35B593C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:viloliving:vilo_5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C570CD02-826A-4682-8BB3-251011DD5C85"
}
]
}
]
}
],
"references": [
{
"url": "http://vilo.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
},
{
"url": "https://github.com/byu-cybersecurity-research/vilo/blob/main/vulns/CVE-2024-40084.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

44
CVE-2024/CVE-2024-400xx/CVE-2024-40087.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40087",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-21T21:15:06.003",
"lastModified": "2024-10-23T15:12:34.673",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:37:37.820",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,50 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:viloliving:vilo_5_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "5.16.1.33",
"matchCriteriaId": "EE511F6D-2988-4CC4-871A-35BFD35B593C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:viloliving:vilo_5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C570CD02-826A-4682-8BB3-251011DD5C85"
}
]
}
]
}
],
"references": [
{
"url": "http://vilo.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
},
{
"url": "https://github.com/byu-cybersecurity-research/vilo/blob/main/vulns/CVE-2024-40087.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

44
CVE-2024/CVE-2024-400xx/CVE-2024-40088.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40088",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-21T21:15:06.080",
"lastModified": "2024-10-23T15:12:34.673",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:37:43.360",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -55,14 +55,50 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:viloliving:vilo_5_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "5.16.1.33",
"matchCriteriaId": "EE511F6D-2988-4CC4-871A-35BFD35B593C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:viloliving:vilo_5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C570CD02-826A-4682-8BB3-251011DD5C85"
}
]
}
]
}
],
"references": [
{
"url": "http://vilo.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
},
{
"url": "https://github.com/byu-cybersecurity-research/vilo/blob/main/vulns/CVE-2024-40088.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

44
CVE-2024/CVE-2024-400xx/CVE-2024-40089.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40089",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-21T21:15:06.150",
"lastModified": "2024-10-23T15:12:34.673",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:37:50.703",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,50 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:viloliving:vilo_5_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "5.16.1.33",
"matchCriteriaId": "EE511F6D-2988-4CC4-871A-35BFD35B593C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:viloliving:vilo_5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C570CD02-826A-4682-8BB3-251011DD5C85"
}
]
}
]
}
],
"references": [
{
"url": "http://vilo.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
},
{
"url": "https://github.com/byu-cybersecurity-research/vilo/blob/main/vulns/CVE-2024-40089.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

44
CVE-2024/CVE-2024-400xx/CVE-2024-40090.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40090",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-21T21:15:06.223",
"lastModified": "2024-10-23T15:12:34.673",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:37:58.717",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,50 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:viloliving:vilo_5_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "5.16.1.33",
"matchCriteriaId": "EE511F6D-2988-4CC4-871A-35BFD35B593C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:viloliving:vilo_5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C570CD02-826A-4682-8BB3-251011DD5C85"
}
]
}
]
}
],
"references": [
{
"url": "http://vilo.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
},
{
"url": "https://github.com/byu-cybersecurity-research/vilo/blob/main/vulns/CVE-2024-40090.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

53
CVE-2024/CVE-2024-404xx/CVE-2024-40412.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40412",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-10T16:15:04.290",
"lastModified": "2024-11-21T09:31:03.587",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T16:20:02.940",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,22 +51,63 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ax12_firmware:22.03.01.46:*:*:*:*:*:*:*",
"matchCriteriaId": "ACC5CA19-0A08-462F-A948-9D2338076B61"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ax12:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "19AB5CD4-69C7-4619-8A1B-34B70D738D34"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Feng-ZZ-pwn/IOT/blob/main/Tenda%20AX12/1/README.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://static.tenda.com.cn/tdcweb/download/uploadfile/AX12/V22.03.01.46.zip",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/Feng-ZZ-pwn/IOT/blob/main/Tenda%20AX12/1/README.md",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
},
{
"url": "https://static.tenda.com.cn/tdcweb/download/uploadfile/AX12/V22.03.01.46.zip",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
}
]
}

45
CVE-2024/CVE-2024-405xx/CVE-2024-40503.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40503",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-16T19:15:13.043",
"lastModified": "2024-11-21T09:31:12.497",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T16:32:08.337",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,51 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ax12_firmware:16.03.49.18_cn:*:*:*:*:*:*:*",
"matchCriteriaId": "B8FDC39E-1E9B-44A9-9ED1-7293A9D0DC7E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ax12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE639FC1-068D-4570-AD2A-1837C339B97A"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/Mivik/8927ad100a638756e1fe214dd5fca5f9",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://gist.github.com/Mivik/8927ad100a638756e1fe214dd5fca5f9",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

43
CVE-2024/CVE-2024-405xx/CVE-2024-40515.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40515",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-16T20:15:03.863",
"lastModified": "2024-11-21T09:31:14.117",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T16:11:28.260",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,49 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ax2_pro_firmware:16.03.29.48_cn:*:*:*:*:*:*:*",
"matchCriteriaId": "6201D2AA-8680-44B9-A373-118D34BE9BEB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ax2_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "84565C91-1D83-4339-9185-5339DF177AD9"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/as-lky/410d6ae5c8ead88c2e0f5c641b2382ec",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://gist.github.com/as-lky/410d6ae5c8ead88c2e0f5c641b2382ec",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

38
CVE-2024/CVE-2024-464xx/CVE-2024-46450.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46450",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-16T22:15:39.840",
"lastModified": "2025-02-03T21:15:13.043",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T16:40:50.920",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,42 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac6_firmware:15.03.06.50:*:*:*:*:*:*:*",
"matchCriteriaId": "ED890D2E-3860-4E6E-A1D4-FC0031430884"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac6:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E382AD7E-1450-40FC-AE9D-698B491805F0"
}
]
}
]
}
],
"references": [
{
"url": "https://pastebin.com/BXxTqsZk",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

27
CVE-2024/CVE-2024-471xx/CVE-2024-47189.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-47189",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-21T20:15:14.697",
"lastModified": "2024-11-04T22:35:09.220",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:52:12.773",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mitel:micollab:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.8.1.201",
"matchCriteriaId": "C63877D5-7A76-4953-A3E1-A72CD7FD7AD6"
}
]
}
]
}
],
"references": [
{
"url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2024-0026",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

27
CVE-2024/CVE-2024-472xx/CVE-2024-47223.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-47223",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-21T20:15:14.770",
"lastModified": "2024-10-23T15:12:34.673",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:52:15.770",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mitel:micollab:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.8.1.201",
"matchCriteriaId": "C63877D5-7A76-4953-A3E1-A72CD7FD7AD6"
}
]
}
]
}
],
"references": [
{
"url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2024-0028",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

27
CVE-2024/CVE-2024-479xx/CVE-2024-47912.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-47912",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-21T20:15:14.877",
"lastModified": "2024-10-23T15:12:34.673",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:52:18.600",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mitel:micollab:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.8.1.201",
"matchCriteriaId": "C63877D5-7A76-4953-A3E1-A72CD7FD7AD6"
}
]
}
]
}
],
"references": [
{
"url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2024-0027",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

39
CVE-2024/CVE-2024-481xx/CVE-2024-48192.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-48192",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-17T17:15:12.380",
"lastModified": "2024-10-18T12:52:33.507",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T16:20:38.143",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:g3_firmware:15.01.0.5\\(2848_755\\)_en:*:*:*:*:*:*:*",
"matchCriteriaId": "A9C78F40-AF20-48AE-84A4-49A08FD66451"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:g3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A1B3B7C-2164-40B6-959A-188796737C16"
}
]
}
]
}
],
"references": [
{
"url": "https://colorful-meadow-5b9.notion.site/G3_HardCode_vuln-6b5ae19473b745d7abe5e01b4529caf8?pvs=4",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

27
CVE-2024/CVE-2024-482xx/CVE-2024-48232.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-48232",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-25T21:15:04.170",
"lastModified": "2024-10-30T19:35:26.257",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:33:49.187",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mipjz_project:mipjz:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E4AEA22F-BAAD-4FC2-B025-B0E93FD5F818"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/sansanyun/mipjz/issues/17",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

27
CVE-2024/CVE-2024-482xx/CVE-2024-48233.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-48233",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-25T21:15:04.243",
"lastModified": "2024-10-30T19:35:27.360",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:33:29.767",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mipjz_project:mipjz:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E4AEA22F-BAAD-4FC2-B025-B0E93FD5F818"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/sansanyun/mipjz/issues/16",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

44
CVE-2024/CVE-2024-482xx/CVE-2024-48270.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-48270",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-01T14:15:06.953",
"lastModified": "2024-11-04T19:35:11.057",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:32:41.660",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,14 +39,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:misstt123:oasys:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "39BFE25A-F3E7-4A44-963A-532C30CF0C97"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/majic-banana/vulnerability/blob/main/POC/Verification%20Code%20Reuse--misstt123oasys.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/misstt123/oasys",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

27
CVE-2024/CVE-2024-485xx/CVE-2024-48597.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-48597",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-21T20:15:15.010",
"lastModified": "2024-10-23T15:12:34.673",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:06:38.947",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:angeljudesuarez:online_clinic_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F83E07A-EC1A-47DB-ACEE-279F60BD4F0A"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/h1-wh0areu/bug_report/blob/main/online-clinic-management-system/SQLi-1.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

55
CVE-2024/CVE-2024-48xx/CVE-2024-4839.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-4839",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-06-24T13:15:11.900",
"lastModified": "2024-11-21T09:43:42.800",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:31:29.717",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -51,14 +73,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lollms:lollms-webui:9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8161B4F7-AE3F-4A7D-9B47-131C1AA3EC6F"
}
]
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/dcfc5a07-0427-42b5-a623-8d943873d7ff",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://huntr.com/bounties/dcfc5a07-0427-42b5-a623-8d943873d7ff",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

53
CVE-2024/CVE-2024-48xx/CVE-2024-4841.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-4841",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-06-23T15:15:09.233",
"lastModified": "2024-11-21T09:43:43.037",
"lastModified": "2025-07-07T17:23:31.907",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -51,14 +73,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:parisneo:lollms-webui:9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8A3CF797-E28D-4E5D-B025-383EED5EF2EB"
}
]
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/740dda3e-7104-4ccf-9ac4-8870e4d6d602",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://huntr.com/bounties/740dda3e-7104-4ccf-9ac4-8870e4d6d602",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

31
CVE-2024/CVE-2024-509xx/CVE-2024-50983.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50983",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-15T22:15:15.907",
"lastModified": "2024-11-18T19:35:05.963",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T16:12:47.073",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:getflightpath:flightpath:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FD6C90C7-D538-49AE-BD61-CC080FD89F7B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/redhotchilihacker1/CVE-Hunting/blob/master/CVE-2024-50983/README.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/swampopus/flightpath/blob/e713acf9f125af22cc68c2f5664c2869cd73616b/flightpath/CHANGELOG.txt#L4",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}
]
}

37
CVE-2024/CVE-2024-509xx/CVE-2024-50986.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50986",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-15T15:15:07.773",
"lastModified": "2024-11-29T22:15:06.677",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:03:46.800",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,18 +51,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:clementine-player:clementine:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DBB9203-382C-45BA-A8F5-8430EE7DACE5"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/clementine-player/Clementine",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/riftsandroses/CVE-2024-50986/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.clementine-player.org/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

33
CVE-2024/CVE-2024-510xx/CVE-2024-51091.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-51091",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-03T18:15:29.523",
"lastModified": "2025-03-04T17:15:12.870",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:02:04.873",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:seajs:seajs:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C6966BF9-F8A4-4D2C-96CD-EFE163F8256A"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/jackfromeast/176413c3bd73f825f7aeeb05e80e02a6",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://gist.github.com/jackfromeast/176413c3bd73f825f7aeeb05e80e02a6",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

72
CVE-2024/CVE-2024-514xx/CVE-2024-51459.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-51459",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-03-19T19:15:42.180",
"lastModified": "2025-03-19T19:15:42.180",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T16:58:53.093",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.5,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -51,10 +71,54 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.7",
"versionEndExcluding": "11.7.1.136",
"matchCriteriaId": "7F1D1624-B6B9-4533-AAC5-6DF002160103"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7185056",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

72
CVE-2024/CVE-2024-514xx/CVE-2024-51477.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-51477",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-03-29T00:15:23.950",
"lastModified": "2025-04-01T20:26:30.593",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T16:27:25.043",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -51,10 +71,54 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.7",
"versionEndExcluding": "11.7.1",
"matchCriteriaId": "C8544C8A-580A-4A26-8731-0511ADC66F36"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7185058",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

63
CVE-2024/CVE-2024-515xx/CVE-2024-51568.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-51568",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-29T23:15:04.520",
"lastModified": "2024-11-01T12:57:03.417",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T16:17:23.937",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -51,22 +71,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cyberpanel:cyberpanel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.3.5",
"matchCriteriaId": "1FA9BF50-1DBE-40E2-97A8-2B6102FEEFCA"
}
]
}
]
}
],
"references": [
{
"url": "https://cwe.mitre.org/data/definitions/78.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://cyberpanel.net/KnowledgeBase/home/change-logs/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://cyberpanel.net/blog/cyberpanel-v2-3-5",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://dreyand.rs/code/review/2024/10/27/what-are-my-options-cyberpanel-v236-pre-auth-rce",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

32
CVE-2024/CVE-2024-51xx/CVE-2024-5125.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5125",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-11-14T18:15:26.760",
"lastModified": "2024-11-15T16:35:09.290",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:01:29.420",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -73,14 +73,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lollms:lollms-webui:9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8161B4F7-AE3F-4A7D-9B47-131C1AA3EC6F"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/parisneo/lollms-webui/commit/9b0f6c4ad1b9a2cd3466dcefaa278df30feed67e",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.com/bounties/e6ae8cfd-9f8b-41df-a0cc-1e7a47416995",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

45
CVE-2024/CVE-2024-528xx/CVE-2024-52872.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-52872",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-17T04:15:04.047",
"lastModified": "2024-11-18T18:35:09.270",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:59:56.147",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,14 +39,51 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:flagsmith:flagsmith:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.134.1",
"matchCriteriaId": "2867667E-9B13-4D92-8DB8-18EEECB277EF"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Flagsmith/flagsmith/compare/v2.134.0...v2.134.1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/Flagsmith/flagsmith/pull/4459",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch",
"Issue Tracking"
]
}
]
}

28
CVE-2024/CVE-2024-533xx/CVE-2024-53384.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-53384",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-03T18:15:29.670",
"lastModified": "2025-03-05T19:15:37.560",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:58:38.380",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:egoist:tsup:8.3.4:*:*:*:*:node.js:*:*",
"matchCriteriaId": "4CE30A1E-3B45-4EAB-A29B-892012CE4DB7"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/jackfromeast/36f98bf7542d11835c883c1d175d9b92",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}
]
}

28
CVE-2024/CVE-2024-533xx/CVE-2024-53387.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-53387",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-03T17:15:13.050",
"lastModified": "2025-03-04T17:15:13.043",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:56:33.610",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:umeditor_project:umeditor:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F04C7A-824B-475C-8C31-A1690C472C3E"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/jackfromeast/d52c506113f33b8871d0e647411df894",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"Patch"
]
}
]
}

28
CVE-2024/CVE-2024-533xx/CVE-2024-53388.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-53388",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-03T17:15:13.167",
"lastModified": "2025-03-04T17:15:13.217",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:55:50.930",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mavo:mavo:0.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6A11209D-EE10-4015-A493-DBE09650AAE8"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/jackfromeast/a61a5429a97985e7ff4c1d39e339d5d8",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"Patch"
]
}
]
}

27
CVE-2024/CVE-2024-536xx/CVE-2024-53619.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-53619",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-26T19:15:30.727",
"lastModified": "2024-11-26T20:15:33.880",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:54:54.130",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:spip:spip:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B342AEDF-3D8E-4E98-BD3D-9904B0E0DB38"
}
]
}
]
}
],
"references": [
{
"url": "https://grimthereaperteam.medium.com/spip-4-3-3-malicious-file-upload-xss-in-pdf-526c03bb1776",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

43
CVE-2024/CVE-2024-541xx/CVE-2024-54169.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-54169",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-02-27T15:15:39.100",
"lastModified": "2025-02-27T15:15:39.100",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:52:04.707",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,47 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:entirex:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "371F5AF5-0001-42F2-9279-ED83FBE2C4C9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7184194",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

43
CVE-2024/CVE-2024-541xx/CVE-2024-54170.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-54170",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-02-27T15:15:39.240",
"lastModified": "2025-02-27T15:15:39.240",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:51:11.820",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,47 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:entirex:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "371F5AF5-0001-42F2-9279-ED83FBE2C4C9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7184194",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

43
CVE-2024/CVE-2024-541xx/CVE-2024-54171.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-54171",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-02-06T21:15:21.453",
"lastModified": "2025-02-06T21:15:21.453",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:50:09.553",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,47 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:entirex:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "371F5AF5-0001-42F2-9279-ED83FBE2C4C9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7182693",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

31
CVE-2024/CVE-2024-549xx/CVE-2024-54957.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-54957",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-27T20:16:01.980",
"lastModified": "2025-03-03T16:15:38.450",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:49:10.313",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nagios:nagios_xi:2024:r1.2.2:*:*:*:*:*:*",
"matchCriteriaId": "7FFC081E-728A-4643-A8DF-5CC8E94E7D78"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Sharpe-nl/CVEs/tree/main/CVE-2024-54957",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.nagios.com/products/security/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

26
CVE-2024/CVE-2024-549xx/CVE-2024-54960.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-54960",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-20T18:15:25.457",
"lastModified": "2025-02-20T20:15:45.927",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:46:10.793",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nagios:nagios_xi:2024:r1.2.2:*:*:*:*:*:*",
"matchCriteriaId": "7FFC081E-728A-4643-A8DF-5CC8E94E7D78"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Sharpe-nl/CVEs/tree/main/CVE-2024-54960",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

55
CVE-2024/CVE-2024-551xx/CVE-2024-55160.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-55160",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-27T21:15:37.213",
"lastModified": "2025-03-03T16:15:38.617",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:45:27.787",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,30 +51,69 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:g-fast:gfast:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2",
"versionEndIncluding": "3.2",
"matchCriteriaId": "1ECEF6B7-C9B7-4FFC-9810-5F493EC25E5C"
}
]
}
]
}
],
"references": [
{
"url": "http://gfast.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://github.com/SuperDu1/CVE/issues/2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://github.com/tiger1103/gfast/blob/os-v3.2/api/v1/system/sys_oper_log.go#L35",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/tiger1103/gfast/blob/os-v3.2/internal/app/system/logic/sysOperLog/sys_oper_log.go#L121",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/tiger1103/gfast/tree/os-v3.2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/SuperDu1/CVE/issues/2",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

40
CVE-2024/CVE-2024-61xx/CVE-2024-6165.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6165",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-07-31T06:15:03.373",
"lastModified": "2024-08-01T14:00:13.553",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T16:08:08.900",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,10 +39,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wanotifier:wanotifier:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.6.1",
"matchCriteriaId": "33874CB7-8A1A-41C5-9D07-7D3CD83151F8"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/b9e6648a-9d19-4e73-ad6c-f727802d8dd5/",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-82xx/CVE-2024-8267.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8267",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-09-25T01:15:45.997",
"lastModified": "2024-09-26T13:32:02.803",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T16:05:26.340",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -37,6 +37,26 @@
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -81,26 +101,60 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:softlabbd:radio_player:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.0.79",
"matchCriteriaId": "F90F9FE8-B448-400F-A70C-DF3C5D221065"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/radio-player/trunk/block/class-block.php#L26",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3152379/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3152379/radio-player/trunk/block/class-block.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://wordpress.org/plugins/radio-player/#developers",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product",
"Release Notes"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/49581614-14a8-4450-8f83-d8d22a3feee9?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

56
CVE-2025/CVE-2025-13xx/CVE-2025-1351.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-1351",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-07-07T17:15:27.693",
"lastModified": "2025-07-07T17:15:27.693",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Storage Virtualize 8.5, 8.6, and 8.7 products could allow a user to escalate their privileges to that of another user logging in at the same time due to a race condition in the login function."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7237157",
"source": "psirt@us.ibm.com"
}
]
}

33
CVE-2025/CVE-2025-211xx/CVE-2025-21199.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-21199",
"sourceIdentifier": "secure@microsoft.com",
"published": "2025-03-11T17:16:19.670",
"lastModified": "2025-03-11T17:16:19.670",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:18:36.070",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:azure_agent:*:*:*:*:*:backup:*:*",
"versionEndExcluding": "2.0.9940.0",
"matchCriteriaId": "10E372B1-99BC-4DBE-AC91-9D90969430B4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:azure_agent:*:*:*:*:*:site_recovery:*:*",
"versionEndExcluding": "9.30",
"matchCriteriaId": "B675A111-5EBD-4983-AEE9-6E23CF2F90FB"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21199",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
}
]
}

51
CVE-2025/CVE-2025-240xx/CVE-2025-24076.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-24076",
"sourceIdentifier": "secure@microsoft.com",
"published": "2025-03-11T17:16:30.480",
"lastModified": "2025-03-11T17:16:30.480",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:24:22.777",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,55 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.5039",
"matchCriteriaId": "0B27CE48-66A0-488B-A7B6-18A5A191AFDA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22631.5039",
"matchCriteriaId": "77DC7D9D-F85F-41B4-A944-D27B388A1157"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.26100.3403",
"matchCriteriaId": "84168D48-1F68-4590-98BB-E926339D1A01"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.25398.1486",
"matchCriteriaId": "96046A7B-76A1-4DCF-AEA5-25344D37E492"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.26100.3403",
"matchCriteriaId": "CF81B44C-8FF7-4C61-9974-3F98DA9D492C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24076",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
}
]
}

63
CVE-2025/CVE-2025-240xx/CVE-2025-24084.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-24084",
"sourceIdentifier": "secure@microsoft.com",
"published": "2025-03-11T17:16:33.523",
"lastModified": "2025-03-11T17:16:33.523",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:29:07.287",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,67 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.5039",
"matchCriteriaId": "0B27CE48-66A0-488B-A7B6-18A5A191AFDA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22631.5039",
"matchCriteriaId": "77DC7D9D-F85F-41B4-A944-D27B388A1157"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.26100.3403",
"matchCriteriaId": "B7ADF37E-1DD3-4539-8922-1E059955FEF1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.26100.3403",
"matchCriteriaId": "E0A74D52-ABC0-4733-B892-F8688B6AEBA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.3270",
"matchCriteriaId": "AAACC9C4-DDC5-4059-AFE3-A49DB2347A86"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.25398.1486",
"matchCriteriaId": "EF423F8C-2E8A-46AB-BB2D-C416BF341F92"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.26100.3403",
"matchCriteriaId": "CF81B44C-8FF7-4C61-9974-3F98DA9D492C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24084",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
}
]
}

162
CVE-2025/CVE-2025-249xx/CVE-2025-24987.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-24987",
"sourceIdentifier": "secure@microsoft.com",
"published": "2025-03-11T17:16:34.767",
"lastModified": "2025-03-11T17:16:34.767",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:33:06.623",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.7,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
}
]
},
@ -51,10 +71,146 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20947",
"matchCriteriaId": "6997DE6E-CBAD-4690-A68C-8F10E477DCC2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20947",
"matchCriteriaId": "3CBCF6D9-5085-473C-82F5-98BC246A9C4C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.7876",
"matchCriteriaId": "0CF0E174-4692-4AA3-B72E-12E73A1BDBE5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.7876",
"matchCriteriaId": "340EF5F8-D4F5-4AD8-9D80-1DEC2F376BE5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.17763.7009",
"matchCriteriaId": "67C8DCD7-90C4-431F-BD03-FDFDE170E748"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.7009",
"matchCriteriaId": "05169574-28AB-4E42-B3DE-710574BB1AD3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19044.5608",
"matchCriteriaId": "83256070-991F-404C-AE4C-CBB46166CA67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.5608",
"matchCriteriaId": "A1F779E2-8536-4B06-A151-6115C9D88D29"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.5039",
"matchCriteriaId": "0B27CE48-66A0-488B-A7B6-18A5A191AFDA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22631.5039",
"matchCriteriaId": "77DC7D9D-F85F-41B4-A944-D27B388A1157"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.26100.3403",
"matchCriteriaId": "84168D48-1F68-4590-98BB-E926339D1A01"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.7876",
"matchCriteriaId": "C7610CDB-A02B-4C62-B17F-6DCE2B3DE4F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.7009",
"matchCriteriaId": "D271422D-A29F-4DBF-BF72-BCD90E393A5A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.3328",
"matchCriteriaId": "C1426FF0-A402-4149-9F2B-0FA3CEB4BB5B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.25398.1486",
"matchCriteriaId": "EF423F8C-2E8A-46AB-BB2D-C416BF341F92"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.26100.3403",
"matchCriteriaId": "CF81B44C-8FF7-4C61-9974-3F98DA9D492C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24987",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
}
]
}

162
CVE-2025/CVE-2025-249xx/CVE-2025-24988.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-24988",
"sourceIdentifier": "secure@microsoft.com",
"published": "2025-03-11T17:16:35.013",
"lastModified": "2025-03-11T17:16:35.013",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:34:42.237",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.7,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
}
]
},
@ -51,10 +71,146 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20947",
"matchCriteriaId": "6997DE6E-CBAD-4690-A68C-8F10E477DCC2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20947",
"matchCriteriaId": "3CBCF6D9-5085-473C-82F5-98BC246A9C4C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.7876",
"matchCriteriaId": "0CF0E174-4692-4AA3-B72E-12E73A1BDBE5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.7876",
"matchCriteriaId": "340EF5F8-D4F5-4AD8-9D80-1DEC2F376BE5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.17763.7009",
"matchCriteriaId": "67C8DCD7-90C4-431F-BD03-FDFDE170E748"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.7009",
"matchCriteriaId": "05169574-28AB-4E42-B3DE-710574BB1AD3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19044.5608",
"matchCriteriaId": "83256070-991F-404C-AE4C-CBB46166CA67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.5608",
"matchCriteriaId": "A1F779E2-8536-4B06-A151-6115C9D88D29"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.5039",
"matchCriteriaId": "0B27CE48-66A0-488B-A7B6-18A5A191AFDA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22631.5039",
"matchCriteriaId": "77DC7D9D-F85F-41B4-A944-D27B388A1157"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.26100.3403",
"matchCriteriaId": "84168D48-1F68-4590-98BB-E926339D1A01"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.7876",
"matchCriteriaId": "C7610CDB-A02B-4C62-B17F-6DCE2B3DE4F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.7009",
"matchCriteriaId": "D271422D-A29F-4DBF-BF72-BCD90E393A5A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.3328",
"matchCriteriaId": "C1426FF0-A402-4149-9F2B-0FA3CEB4BB5B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.25398.1486",
"matchCriteriaId": "EF423F8C-2E8A-46AB-BB2D-C416BF341F92"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.26100.3403",
"matchCriteriaId": "CF81B44C-8FF7-4C61-9974-3F98DA9D492C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24988",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
}
]
}

38
CVE-2025/CVE-2025-259xx/CVE-2025-25905.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-25905",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-06-25T16:15:26.173",
"lastModified": "2025-06-26T18:57:43.670",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:40:16.800",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,18 +51,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:4pace:cadclick:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.13.0",
"matchCriteriaId": "4EFFCA00-9517-44B6-8C43-F9C818518348"
}
]
}
]
}
],
"references": [
{
"url": "https://4pace.com/en/products/cadclick",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://medium.com/@mdjab3r/cve-2025-25905-ffff82c635f2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://support.cadclick.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

161
CVE-2025/CVE-2025-266xx/CVE-2025-26645.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-26645",
"sourceIdentifier": "secure@microsoft.com",
"published": "2025-03-11T17:16:44.200",
"lastModified": "2025-03-11T17:16:44.200",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:48:56.897",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -55,10 +55,165 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20947",
"matchCriteriaId": "6997DE6E-CBAD-4690-A68C-8F10E477DCC2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20947",
"matchCriteriaId": "3CBCF6D9-5085-473C-82F5-98BC246A9C4C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.7876",
"matchCriteriaId": "0CF0E174-4692-4AA3-B72E-12E73A1BDBE5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.7876",
"matchCriteriaId": "340EF5F8-D4F5-4AD8-9D80-1DEC2F376BE5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.17763.7009",
"matchCriteriaId": "67C8DCD7-90C4-431F-BD03-FDFDE170E748"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.7009",
"matchCriteriaId": "05169574-28AB-4E42-B3DE-710574BB1AD3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19044.5608",
"matchCriteriaId": "83256070-991F-404C-AE4C-CBB46166CA67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.5608",
"matchCriteriaId": "A1F779E2-8536-4B06-A151-6115C9D88D29"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.5039",
"matchCriteriaId": "0B27CE48-66A0-488B-A7B6-18A5A191AFDA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22631.5039",
"matchCriteriaId": "77DC7D9D-F85F-41B4-A944-D27B388A1157"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.26100.3403",
"matchCriteriaId": "84168D48-1F68-4590-98BB-E926339D1A01"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.7876",
"matchCriteriaId": "C7610CDB-A02B-4C62-B17F-6DCE2B3DE4F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.6893",
"matchCriteriaId": "273EE4B9-8B53-4387-98C8-EC5D2558DB82"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.3270",
"matchCriteriaId": "AAACC9C4-DDC5-4059-AFE3-A49DB2347A86"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionStartExcluding": "10.0.20348.3270",
"versionEndExcluding": "10.0.20348.3328",
"matchCriteriaId": "2569319C-B855-466E-B4A5-D5774DBBD516"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.25398.1486",
"matchCriteriaId": "EF423F8C-2E8A-46AB-BB2D-C416BF341F92"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.26100.3403",
"matchCriteriaId": "CF81B44C-8FF7-4C61-9974-3F98DA9D492C"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:remote_desktop:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "1.2.6017.0",
"matchCriteriaId": "F39323C4-C48F-4CAA-9E6B-31041B347686"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:windows_app:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "2.0.365.0",
"matchCriteriaId": "2569A07D-E2CC-4AC8-B2B1-BD6FBD576004"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26645",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
}
]
}

25
CVE-2025/CVE-2025-267xx/CVE-2025-26780.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2025-26780",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-07-07T16:15:22.683",
"lastModified": "2025-07-07T16:15:22.683",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in L2 in Samsung Mobile Processor and Modem Exynos 2400 and Modem 5400. The lack of a length check leads to a Denial of Service via a malformed PDCP packet."
}
],
"metrics": {},
"references": [
{
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/",
"source": "cve@mitre.org"
},
{
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-26780/",
"source": "cve@mitre.org"
}
]
}

8
CVE-2025/CVE-2025-30xx/CVE-2025-3044.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-3044",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-07-07T10:15:26.717",
"lastModified": "2025-07-07T10:15:26.717",
"lastModified": "2025-07-07T16:15:23.013",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -38,7 +38,7 @@
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -55,6 +55,10 @@
{
"url": "https://huntr.com/bounties/80182c3a-876f-422f-8bac-38267e0345d6",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/80182c3a-876f-422f-8bac-38267e0345d6",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

76
CVE-2025/CVE-2025-320xx/CVE-2025-32023.json Normal file
View File

@ -0,0 +1,76 @@
{
"id": "CVE-2025-32023",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-07-07T16:15:22.830",
"lastModified": "2025-07-07T16:15:22.830",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use a specially crafted string to trigger a stack/heap out of bounds write on hyperloglog operations, potentially leading to remote code execution. The bug likely affects all Redis versions with hyperloglog operations implemented. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing hyperloglog operations. This can be done using ACL to restrict HLL commands."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-680"
}
]
}
],
"references": [
{
"url": "https://github.com/redis/redis/commit/50188747cbfe43528d2719399a2a3c9599169445",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/redis/redis/releases/tag/6.2.19",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/redis/redis/releases/tag/7.2.10",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/redis/redis/releases/tag/7.4.5",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/redis/redis/releases/tag/8.0.3",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/redis/redis/security/advisories/GHSA-rp2m-q4j6-gr43",
"source": "security-advisories@github.com"
}
]
}

8
CVE-2025/CVE-2025-32xx/CVE-2025-3262.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-3262",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-07-07T10:15:27.200",
"lastModified": "2025-07-07T10:15:27.200",
"lastModified": "2025-07-07T16:15:23.130",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -38,7 +38,7 @@
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -55,6 +55,10 @@
{
"url": "https://huntr.com/bounties/ecf5ccc4-39e7-4fb3-b547-14a41d31a184",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/ecf5ccc4-39e7-4fb3-b547-14a41d31a184",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

56
CVE-2025/CVE-2025-360xx/CVE-2025-36014.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-36014",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-07-07T17:15:27.890",
"lastModified": "2025-07-07T17:15:27.890",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Integration Bus for z/OS 10.1.0.0 through 10.1.0.5 is vulnerable to code injection by a privileged user with access to the IIB install directory."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7239003",
"source": "psirt@us.ibm.com"
}
]
}

25
CVE-2025/CVE-2025-439xx/CVE-2025-43931.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2025-43931",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-07-07T16:15:23.250",
"lastModified": "2025-07-07T16:15:23.250",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "flask-boilerplate through a170e7c allows account takeover via the password reset feature because SERVER_NAME is not configured and thus a reset depends on the Host HTTP header."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/BrookeYangRui/19fcc6c19df7bb4d8437476c609a6129",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/MaxHalford/flask-boilerplate/blob/a170e7cec605906801680567c4279b30ccd9630b/app/views/user.py#L103-L126",
"source": "cve@mitre.org"
}
]
}

25
CVE-2025/CVE-2025-439xx/CVE-2025-43932.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2025-43932",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-07-07T16:15:23.380",
"lastModified": "2025-07-07T16:15:23.380",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "JobCenter through 7e7b0b2 allows account takeover via the password reset feature because SERVER_NAME is not configured and thus a reset depends on the Host HTTP header."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/guomaoqiu/JobCenter/blob/7e7b0b2f756d66bba7e592a6c8952c78a3573d9c/app/templates/auth/email/reset_password.txt",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/guomaoqiu/JobCenter/issues/18",
"source": "cve@mitre.org"
}
]
}

25
CVE-2025/CVE-2025-439xx/CVE-2025-43933.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2025-43933",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-07-07T16:15:23.513",
"lastModified": "2025-07-07T16:15:23.513",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "fblog through 983bede allows account takeover via the password reset feature because SERVER_NAME is not configured and thus a reset depends on the Host HTTP header."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/ghost123gg/fblog/blob/983bedec9f837a54ab2dfd358a9cb45504a2e709/app/templates/auth/email/resetPassword.html#L1-L8",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/ghost123gg/fblog/issues/5",
"source": "cve@mitre.org"
}
]
}

25
CVE-2025/CVE-2025-450xx/CVE-2025-45065.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2025-45065",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-07-07T16:15:23.650",
"lastModified": "2025-07-07T16:15:23.650",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "employee record management system in php and mysql v1 was discovered to contain a SQL injection vulnerability via the loginerms.php endpoint."
}
],
"metrics": {},
"references": [
{
"url": "https://docs.google.com/document/d/1Sq08I_eKCY-YOmVOQPIEj4Ui2pW0gIgXHcqD9fcvR7M/edit?usp=sharing",
"source": "cve@mitre.org"
},
{
"url": "https://medium.com/@shrutukapoor25/cve-2025-45065-b58a33e65860",
"source": "cve@mitre.org"
}
]
}

29
CVE-2025/CVE-2025-454xx/CVE-2025-45479.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2025-45479",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-07-07T16:15:23.780",
"lastModified": "2025-07-07T16:15:23.780",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Insufficient security mechanisms for created containers in educoder challenges v1.0 allow attackers to execute arbitrary code via injecting crafted content into a container."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/YX-hueimie/CVE-Issues/blob/main/CVE-2025-45479.md",
"source": "cve@mitre.org"
},
{
"url": "https://www.educoder.net/",
"source": "cve@mitre.org"
},
{
"url": "https://www.educoder.net/shixuns/fb7qhjgz/challenges",
"source": "cve@mitre.org"
}
]
}

12
CVE-2025/CVE-2025-467xx/CVE-2025-46733.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-46733",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-07-04T14:15:33.217",
"lastModified": "2025-07-04T14:15:33.217",
"lastModified": "2025-07-07T17:15:28.197",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. In version 4.5.0, using a specially crafted tee-supplicant binary running in REE userspace, an attacker can trigger a panic in a TA that uses the libutee Secure Storage API. Many functions in libutee, specifically those which make up the Secure Storage API, will panic if a system call returns an unexpected return code. This behavior is mandated by the TEE Internal Core API specification. However, in OP-TEE\u2019s implementation, return codes of secure storage operations are passed through unsanitized from the REE tee-supplicant, through the Linux kernel tee-driver, through the OP-TEE kernel, back to libutee. Thus, an attacker with access to REE userspace, and the ability to stop tee-supplicant and replace it with their own process (generally trivial for a root user, and depending on the way permissions are set up, potentially available even to less privileged users) can run a malicious tee-supplicant process that responds to storage requests with unexpected response codes, triggering a panic in the requesting TA. This is particularly dangerous for TAs built with `TA_FLAG_SINGLE_INSTANCE` (corresponding to `gpd.ta.singleInstance` and `TA_FLAG_INSTANCE_KEEP_ALIVE` (corresponding to `gpd.ta.keepAlive`). The behavior of these TAs may depend on memory that is preserved between sessions, and the ability of an attacker to panic the TA and reload it with a clean memory space can compromise the behavior of those TAs. A critical example of this is the optee_ftpm TA. It uses the kept alive memory to hold PCR values, which crucially must be non-resettable. An attacker who can trigger a panic in the fTPM TA can reset the PCRs, and then extend them PCRs with whatever they choose, falsifying boot measurements, accessing sealed data, and potentially more. The impact of this issue depends significantly on the behavior of affected TAs. For some, it could manifest as a denial of service, while for others, like the fTPM TA, it can result in the disclosure of sensitive data. Anyone running the fTPM TA is affected, but similar attacks may be possible on other TAs that leverage the Secure Storage API. A fix is available in commit 941a58d78c99c4754fbd4ec3079ec9e1d596af8f."
},
{
"lang": "es",
"value": "OP-TEE es un Entorno de Ejecuci\u00f3n Confiable (TEE) dise\u00f1ado para complementar un kernel Linux no seguro que se ejecuta en n\u00facleos Arm; los n\u00facleos Cortex-A utilizan la tecnolog\u00eda TrustZone. En la versi\u00f3n 4.5.0, mediante un binario tee-supplicant especialmente manipulado que se ejecuta en el espacio de usuario de REE, un atacante puede generar un p\u00e1nico en un TA que utiliza la API de Almacenamiento Seguro de libutee. Muchas funciones de libutee, en particular las que conforman la API de Almacenamiento Seguro, entrar\u00e1n en p\u00e1nico si una llamada al sistema devuelve un c\u00f3digo de retorno inesperado. Este comportamiento est\u00e1 estipulado por la especificaci\u00f3n de la API del N\u00facleo Interno de TEE. Sin embargo, en la implementaci\u00f3n de OP-TEE, los c\u00f3digos de retorno de las operaciones de almacenamiento seguro se transfieren sin sanear desde el tee-supplicant de REE, a trav\u00e9s del controlador tee del kernel de Linux, a trav\u00e9s del kernel de OP-TEE, de vuelta a libutee. De este modo, un atacante con acceso al espacio de usuario REE y la capacidad de detener tee-supplicant y reemplazarlo con su propio proceso (generalmente trivial para un usuario root y, dependiendo de la forma en que se configuren los permisos, potencialmente disponible incluso para usuarios menos privilegiados) puede ejecutar un proceso tee-supplicant malicioso que responde a las solicitudes de almacenamiento con c\u00f3digos de respuesta inesperados, lo que provoca p\u00e1nico en el TA solicitante. Esto es particularmente peligroso para los TA creados con `TA_FLAG_SINGLE_INSTANCE` (que corresponde a `gpd.ta.singleInstance` y `TA_FLAG_INSTANCE_KEEP_ALIVE` (que corresponde a `gpd.ta.keepAlive`). El comportamiento de estos TA puede depender de la memoria que se conserva entre sesiones, y la capacidad de un atacante de generar p\u00e1nico en el TA y recargarlo con un espacio de memoria limpio puede comprometer el comportamiento de esos TA. Un ejemplo cr\u00edtico de esto es el TA optee_ftpm. Utiliza la memoria viva mantenida para almacenar valores de PCR, que crucialmente deben ser no reiniciables. Un atacante que puede provocar un p\u00e1nico en el TA fTPM puede reiniciar los PCR y luego extenderlos con lo que elija, falsificando mediciones de arranque, accediendo a datos sellados y potencialmente m\u00e1s. El impacto de este problema depende significativamente del comportamiento de los TA afectados. Para algunos, podr\u00eda manifestarse como una denegaci\u00f3n de servicio, mientras que para otros, como el TA fTPM, Puede resultar en la divulgaci\u00f3n de datos confidenciales. Cualquier usuario de la TA fTPM se ve afectado, pero podr\u00edan producirse ataques similares en otras TA que utilizan la API de Almacenamiento Seguro. Hay una soluci\u00f3n disponible en el commit 941a58d78c99c4754fbd4ec3079ec9e1d596af8f."
}
],
"metrics": {
@ -38,7 +42,7 @@
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -55,6 +59,10 @@
{
"url": "https://github.com/OP-TEE/optee_os/security/advisories/GHSA-f35r-hm2m-p6c3",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/OP-TEE/optee_os/security/advisories/GHSA-f35r-hm2m-p6c3",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

25
CVE-2025/CVE-2025-472xx/CVE-2025-47202.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2025-47202",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-07-07T16:15:23.943",
"lastModified": "2025-07-07T16:15:23.943",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In RRC in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400, the lack of a length check leads to out-of-bounds writes."
}
],
"metrics": {},
"references": [
{
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/",
"source": "cve@mitre.org"
},
{
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-47202/",
"source": "cve@mitre.org"
}
]
}

76
CVE-2025/CVE-2025-483xx/CVE-2025-48367.json Normal file
View File

@ -0,0 +1,76 @@
{
"id": "CVE-2025-48367",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-07-07T16:15:24.063",
"lastModified": "2025-07-07T16:15:24.063",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Redis is an open source, in-memory database that persists on disk. An unauthenticated connection can cause repeated IP protocol errors, leading to client starvation and, ultimately, a denial of service. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"references": [
{
"url": "https://github.com/redis/redis/commit/bde62951accfc4bb0a516276fd0b4b307e140ce2",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/redis/redis/releases/tag/6.2.19",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/redis/redis/releases/tag/7.2.10",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/redis/redis/releases/tag/7.4.5",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/redis/redis/releases/tag/8.0.3",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/redis/redis/security/advisories/GHSA-4q32-c38c-pwgq",
"source": "security-advisories@github.com"
}
]
}

25
CVE-2025/CVE-2025-524xx/CVE-2025-52492.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2025-52492",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-07-07T16:15:24.233",
"lastModified": "2025-07-07T16:15:24.233",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been discovered in the firmware of Paxton Paxton10 before 4.6 SR6. The firmware file, rootfs.tar.gz, contains hard-coded credentials for the Twilio API. A remote attacker who obtains a copy of the firmware can extract these credentials. This could allow the attacker to gain unauthorized access to the associated Twilio account, leading to information disclosure, potential service disruption, and unauthorized use of the Twilio services."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/jackcaplin/0dfb7ef428b8ade5de4396dd753cd894",
"source": "cve@mitre.org"
},
{
"url": "https://paxton-access.co.uk",
"source": "cve@mitre.org"
}
]
}

32
CVE-2025/CVE-2025-52xx/CVE-2025-5275.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-5275",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-06-26T03:15:23.860",
"lastModified": "2025-06-26T18:57:43.670",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T16:05:45.690",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpbeginner:charitable:*:*:*:*:-:wordpress:*:*",
"versionEndExcluding": "1.8.6.2",
"matchCriteriaId": "21B0B881-56D7-48CE-B685-4EFE1DF4A056"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/charitable/tags/1.8.5.3/templates/form-fields/checkbox.php#L40",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/453d8918-32dc-43d6-8969-71f719536891?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

14
CVE-2025/CVE-2025-531xx/CVE-2025-53169.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-53169",
"sourceIdentifier": "psirt@huawei.com",
"published": "2025-07-07T03:15:27.720",
"lastModified": "2025-07-07T03:15:27.720",
"lastModified": "2025-07-07T16:15:24.467",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -35,6 +35,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2025/7/",

82
CVE-2025/CVE-2025-533xx/CVE-2025-53373.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2025-53373",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-07-07T16:15:24.950",
"lastModified": "2025-07-07T16:15:24.950",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Natours is a Tour Booking API. The attacker can easily take over any victim account by injecting an attacker-controlled server domain in the Host header when requesting the /forgetpassword endpoint. This vulnerability is fixed with commit 7401793a8d9ed0f0c250c4e0ee2815d685d7a70b."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 8.9,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "PROOF_OF_CONCEPT",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-640"
}
]
}
],
"references": [
{
"url": "https://github.com/ahmed-elgaml11/Natours/commit/7401793a8d9ed0f0c250c4e0ee2815d685d7a70b",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/ahmed-elgaml11/Natours/security/advisories/GHSA-8gmw-7p75-58qv",
"source": "security-advisories@github.com"
}
]
}

86
CVE-2025/CVE-2025-533xx/CVE-2025-53374.json Normal file
View File

@ -0,0 +1,86 @@
{
"id": "CVE-2025-53374",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-07-07T16:15:25.113",
"lastModified": "2025-07-07T16:15:25.113",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dokploy is a self-hostable Platform as a Service (PaaS) that simplifies the deployment and management of applications and databases. An authenticated low-privileged account can retrieve detailed profile information about another users in the same organization by directly invoking user.one. The response discloses personally-identifiable information (PII) such as e-mail address, role, two-factor status, organization ID, and various account flags. The fix will be available in the v0.23.7."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 1.3,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "UNREPORTED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-359"
},
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://github.com/Dokploy/dokploy/commit/61cf426615a4aa095b150362526aa52f2d1ea115",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/Dokploy/dokploy/security/advisories/GHSA-fcq8-wv2q-f758",
"source": "security-advisories@github.com"
}
]
}

82
CVE-2025/CVE-2025-533xx/CVE-2025-53375.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2025-53375",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-07-07T16:15:25.317",
"lastModified": "2025-07-07T16:15:25.317",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dokploy is a self-hostable Platform as a Service (PaaS) that simplifies the deployment and management of applications and databases. An authenticated attacker can read any file that the Traefik process user can access (e.g., /etc/passwd, application source, environment variable files containing credentials and secrets). This may lead to full compromise of other services or lateral movement. This vulnerability is fixed in 0.23.7."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "UNREPORTED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://github.com/Dokploy/dokploy/commit/e42f6bc61050cd438726921fced64477cbf8f8e6",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/Dokploy/dokploy/security/advisories/GHSA-vq94-qm94-mxp6",
"source": "security-advisories@github.com"
}
]
}

82
CVE-2025/CVE-2025-533xx/CVE-2025-53376.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2025-53376",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-07-07T16:15:25.467",
"lastModified": "2025-07-07T16:15:25.467",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dokploy is a self-hostable Platform as a Service (PaaS) that simplifies the deployment and management of applications and databases. An authenticated, low-privileged user can run arbitrary OS commands on the Dokploy host. The tRPC procedure\ndocker.getContainersByAppNameMatch interpolates the attacker-supplied appName value into a Docker CLI call without sanitisation, enabling command injection under the Dokploy service account. This vulnerability is fixed in 0.23.7."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "UNREPORTED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://github.com/Dokploy/dokploy/commit/fb5d2bd5b67322f1468e5e4d0d5abcf97517761c",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/Dokploy/dokploy/security/advisories/GHSA-m486-7pmj-8cmv",
"source": "security-advisories@github.com"
}
]
}

82
CVE-2025/CVE-2025-533xx/CVE-2025-53377.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2025-53377",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-07-07T17:15:29.097",
"lastModified": "2025-07-07T17:15:29.097",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the cadastro_dependente_pessoa_nova.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the id_funcionario parameter. This vulnerability is fixed in 3.4.3."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 2.0,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "ACTIVE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "PROOF_OF_CONCEPT",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/LabRedesCefetRJ/WeGIA/commit/8ab726c9f4d0fce7ad6c66640c3126f95f73ddd7",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-qgrq-qjq6-h6gj",
"source": "security-advisories@github.com"
}
]
}

37
CVE-2025/CVE-2025-534xx/CVE-2025-53487.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2025-53487",
"sourceIdentifier": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"published": "2025-07-07T16:15:25.623",
"lastModified": "2025-07-07T16:15:25.623",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ApprovedRevs extension for MediaWiki is vulnerable to stored XSS in multiple locations where system messages are inserted into raw HTML without proper escaping. Attackers can exploit this by injecting JavaScript payloads via the uselang=x-xss language override, which causes crafted message keys to be rendered unescaped.\n\n\n\n\nThis issue affects Mediawiki - ApprovedRevs extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2."
}
],
"metrics": {},
"weaknesses": [
{
"source": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://gerrit.wikimedia.org/r/q/Ifcab085111e7898da485a5e2ae287fee4e6d167b",
"source": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc"
},
{
"url": "https://phabricator.wikimedia.org/T394383",
"source": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc"
}
]
}

37
CVE-2025/CVE-2025-534xx/CVE-2025-53491.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2025-53491",
"sourceIdentifier": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"published": "2025-07-07T17:15:29.267",
"lastModified": "2025-07-07T17:15:29.267",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - FlaggedRevs Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - FlaggedRevs Extension: from 1.43.X before 1.43.2."
}
],
"metrics": {},
"weaknesses": [
{
"source": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/FlaggedRevs/+/1165929",
"source": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc"
},
{
"url": "https://phabricator.wikimedia.org/T394397",
"source": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc"
}
]
}

37
CVE-2025/CVE-2025-534xx/CVE-2025-53497.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2025-53497",
"sourceIdentifier": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"published": "2025-07-07T17:15:29.400",
"lastModified": "2025-07-07T17:15:29.400",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - RelatedArticles Extension allows Stored XSS.This issue affects Mediawiki - RelatedArticles Extension: from 1.43.X before 1.43.2."
}
],
"metrics": {},
"weaknesses": [
{
"source": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/RelatedArticles/+/1166024",
"source": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc"
},
{
"url": "https://phabricator.wikimedia.org/T396413",
"source": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc"
}
]
}

82
CVE-2025/CVE-2025-535xx/CVE-2025-53525.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2025-53525",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-07-07T17:15:29.530",
"lastModified": "2025-07-07T17:15:29.530",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the profile_familiar.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the id_dependente parameter. This vulnerability is fixed in 3.4.3."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 2.0,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "ACTIVE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "PROOF_OF_CONCEPT",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/LabRedesCefetRJ/WeGIA/commit/45695edc5ff7689f14efcfddb37e0323df34e184",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-982x-v58q-6qpj",
"source": "security-advisories@github.com"
}
]
}

82
CVE-2025/CVE-2025-535xx/CVE-2025-53526.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2025-53526",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-07-07T17:15:29.690",
"lastModified": "2025-07-07T17:15:29.690",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WeGIA is a web manager for charitable institutions. An XSS Injection vulnerability was identified in novo_memorando.php.\nAfter the memo was submitted, the vulnerability was confirmed by accessing listar_memorandos_antigos.php. Upon loading this page, the injected script was executed in the browser. This vulnerability is fixed in 3.4.3."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 2.0,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "ACTIVE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "PROOF_OF_CONCEPT",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/LabRedesCefetRJ/WeGIA/commit/f8cf5d0473334e6c28ea7f604da11ee2a7b419df",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-46fm-hx2r-69fg",
"source": "security-advisories@github.com"
}
]
}

82
CVE-2025/CVE-2025-535xx/CVE-2025-53527.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2025-53527",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-07-07T17:15:29.860",
"lastModified": "2025-07-07T17:15:29.860",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WeGIA is a web manager for charitable institutions. A Time-Based Blind SQL Injection vulnerability was discovered in the almox parameter of the /controle/relatorio_geracao.php endpoint. This issue allows attacker to inject arbitrary SQL queries, potentially leading to unauthorized data access or further exploitation depending on database configuration. This vulnerability is fixed in 3.4.1."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/LabRedesCefetRJ/WeGIA/commit/9de9a741d1d26ae76b2215a32660817d9bd452aa",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-43xw-c4g6-jgff",
"source": "security-advisories@github.com"
}
]
}

60
CVE-2025/CVE-2025-535xx/CVE-2025-53529.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-53529",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-07-07T17:15:30.030",
"lastModified": "2025-07-07T17:15:30.030",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WeGIA is a web manager for charitable institutions. An SQL Injection vulnerability was identified in the /html/funcionario/profile_funcionario.php endpoint. The id_funcionario parameter is not properly sanitized or validated before being used in a SQL query, allowing an unauthenticated attacker to inject arbitrary SQL commands. The vulnerability is fixed in 3.4.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/LabRedesCefetRJ/WeGIA/commit/0a061bcc5024937edd18ab3e65ccc8f38deb6957",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-rrj6-pj6w-8j2r",
"source": "security-advisories@github.com"
}
]
}

78
CVE-2025/CVE-2025-535xx/CVE-2025-53530.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2025-53530",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-07-07T17:15:30.197",
"lastModified": "2025-07-07T17:15:30.197",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WeGIA is a web manager for charitable institutions. The Wegia server has a vulnerability that allows excessively long HTTP GET requests to a specific URL. This issue arises from the lack of validation for the length of the errorstr parameter. Tests confirmed that the server processes URLs up to 8,142 characters, resulting in high resource consumption, elevated latency, timeouts, and read errors. This makes the server susceptible to Denial of Service (DoS) attacks. This vulnerability is fixed in 3.3.0."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"references": [
{
"url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-562r-xgj9-2r7p",
"source": "security-advisories@github.com"
}
]
}

78
CVE-2025/CVE-2025-535xx/CVE-2025-53531.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2025-53531",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-07-07T17:15:30.363",
"lastModified": "2025-07-07T17:15:30.363",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WeGIA is a web manager for charitable institutions. The Wegia server has a vulnerability that allows excessively long HTTP GET requests to a specific URL. This issue arises from the lack of validation for the length of the fid parameter. Tests confirmed that the server processes URLs up to 8,142 characters, resulting in high resource consumption, elevated latency, timeouts, and read errors. This makes the server susceptible to Denial of Service (DoS) attacks. This vulnerability is fixed in 3.3.0."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"references": [
{
"url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-4ffc-f23j-54m3",
"source": "security-advisories@github.com"
}
]
}

64
CVE-2025/CVE-2025-535xx/CVE-2025-53532.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2025-53532",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-07-07T17:15:30.533",
"lastModified": "2025-07-07T17:15:30.533",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "giscus is a commenting system powered by GitHub Discussions. A bug in giscus' discussions creation API allowed an unauthorized user to create discussions on any repository where giscus is installed. This affects the server-side part of giscus, which is provided via http://giscus.app or your own self-hosted service. This vulnerability is fixed by the c43af7806e65adfcf4d0feeebef76dc36c95cb9a and 4b9745fe1a326ce08d69f8a388331bc993d19389 commits."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-285"
}
]
}
],
"references": [
{
"url": "https://github.com/giscus/giscus/commit/4b9745fe1a326ce08d69f8a388331bc993d19389",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/giscus/giscus/commit/c43af7806e65adfcf4d0feeebef76dc36c95cb9a",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/giscus/giscus/security/advisories/GHSA-w6vg-v24f-4vm3",
"source": "security-advisories@github.com"
}
]
}

32
CVE-2025/CVE-2025-58xx/CVE-2025-5813.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-5813",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-06-26T03:15:24.800",
"lastModified": "2025-06-26T18:57:43.670",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T16:04:42.837",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:suhailahmad64:amazon_products_to_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.2.7",
"matchCriteriaId": "0DC397EF-BDEE-420B-A9EB-044427283169"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/import-products-to-wc/trunk/inc/functions.php#L266",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a0906540-46fc-4f76-9265-cb87c6340fad?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

38
CVE-2025/CVE-2025-59xx/CVE-2025-5929.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-5929",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-06-26T03:15:24.953",
"lastModified": "2025-06-26T18:57:43.670",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T16:04:01.473",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,18 +51,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zourbuth:the_countdown:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.0.1",
"matchCriteriaId": "C910F21D-5888-4AD8-9DF7-5977578D4864"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/the-countdown/tags/2.0.1/the-countdown.php#L95",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://wordpress.org/plugins/the-countdown/#developers",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product",
"Release Notes"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/34578df8-661c-4c54-b06c-e1d787ca3c55?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

32
CVE-2025/CVE-2025-59xx/CVE-2025-5932.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-5932",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-06-26T03:15:25.110",
"lastModified": "2025-06-26T18:57:43.670",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T16:03:18.250",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:coolrunner:homerunner:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.29",
"matchCriteriaId": "C307CDA2-7F38-4E71-A149-7B578715E860"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/homerunner-smartcheckout/tags/1.0.29/classes/class-settings.php#L319",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/36eaff34-50cd-4399-8314-19ae4f50d017?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

33
CVE-2025/CVE-2025-62xx/CVE-2025-6290.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-6290",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-06-26T02:15:22.733",
"lastModified": "2025-06-26T18:57:43.670",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-07T17:16:39.837",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:blakelong:tournament_bracket_generator:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.0",
"matchCriteriaId": "6B0FDE73-B59B-420F-B856-E46A4DC85FEE"
}
]
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/tournament-bracket-generator/#developers",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product",
"Release Notes"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bdde01aa-2d38-4085-b11a-ef8633ee928a?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

Some files were not shown because too many files have changed in this diff Show More