From eecf44541ac9fcc4a711d44917ad9e921ed8bd65 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Thu, 13 Feb 2025 07:03:47 +0000 Subject: [PATCH] Auto-Update: 2025-02-13T07:00:19.487296+00:00 --- CVE-2024/CVE-2024-100xx/CVE-2024-10083.json | 100 ++++++++++++++++++++ CVE-2024/CVE-2024-107xx/CVE-2024-10763.json | 60 ++++++++++++ CVE-2024/CVE-2024-125xx/CVE-2024-12586.json | 21 ++++ CVE-2024/CVE-2024-131xx/CVE-2024-13119.json | 21 ++++ CVE-2024/CVE-2024-131xx/CVE-2024-13120.json | 21 ++++ CVE-2024/CVE-2024-131xx/CVE-2024-13121.json | 21 ++++ CVE-2024/CVE-2024-131xx/CVE-2024-13125.json | 21 ++++ CVE-2024/CVE-2024-132xx/CVE-2024-13227.json | 72 ++++++++++++++ CVE-2024/CVE-2024-132xx/CVE-2024-13229.json | 72 ++++++++++++++ CVE-2024/CVE-2024-137xx/CVE-2024-13770.json | 60 ++++++++++++ CVE-2025/CVE-2025-06xx/CVE-2025-0692.json | 21 ++++ CVE-2025/CVE-2025-08xx/CVE-2025-0837.json | 60 ++++++++++++ CVE-2025/CVE-2025-10xx/CVE-2025-1058.json | 100 ++++++++++++++++++++ CVE-2025/CVE-2025-10xx/CVE-2025-1059.json | 100 ++++++++++++++++++++ CVE-2025/CVE-2025-10xx/CVE-2025-1060.json | 100 ++++++++++++++++++++ CVE-2025/CVE-2025-10xx/CVE-2025-1070.json | 100 ++++++++++++++++++++ README.md | 29 ++++-- _state.csv | 22 ++++- 18 files changed, 990 insertions(+), 11 deletions(-) create mode 100644 CVE-2024/CVE-2024-100xx/CVE-2024-10083.json create mode 100644 CVE-2024/CVE-2024-107xx/CVE-2024-10763.json create mode 100644 CVE-2024/CVE-2024-125xx/CVE-2024-12586.json create mode 100644 CVE-2024/CVE-2024-131xx/CVE-2024-13119.json create mode 100644 CVE-2024/CVE-2024-131xx/CVE-2024-13120.json create mode 100644 CVE-2024/CVE-2024-131xx/CVE-2024-13121.json create mode 100644 CVE-2024/CVE-2024-131xx/CVE-2024-13125.json create mode 100644 CVE-2024/CVE-2024-132xx/CVE-2024-13227.json create mode 100644 CVE-2024/CVE-2024-132xx/CVE-2024-13229.json create mode 100644 CVE-2024/CVE-2024-137xx/CVE-2024-13770.json create mode 100644 CVE-2025/CVE-2025-06xx/CVE-2025-0692.json create mode 100644 CVE-2025/CVE-2025-08xx/CVE-2025-0837.json create mode 100644 CVE-2025/CVE-2025-10xx/CVE-2025-1058.json create mode 100644 CVE-2025/CVE-2025-10xx/CVE-2025-1059.json create mode 100644 CVE-2025/CVE-2025-10xx/CVE-2025-1060.json create mode 100644 CVE-2025/CVE-2025-10xx/CVE-2025-1070.json diff --git a/CVE-2024/CVE-2024-100xx/CVE-2024-10083.json b/CVE-2024/CVE-2024-100xx/CVE-2024-10083.json new file mode 100644 index 00000000000..99959ef119f --- /dev/null +++ b/CVE-2024/CVE-2024-100xx/CVE-2024-10083.json @@ -0,0 +1,100 @@ +{ + "id": "CVE-2024-10083", + "sourceIdentifier": "cybersecurity@se.com", + "published": "2025-02-13T06:15:19.210", + "lastModified": "2025-02-13T06:15:19.210", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "CWE-20: Improper Input Validation vulnerability exists that could cause denial of service of engineering\nworkstation when specific driver interface is invoked locally by an authenticated user with crafted input." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cybersecurity@se.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.8, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cybersecurity@se.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "cybersecurity@se.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-042-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-042-02.pdf", + "source": "cybersecurity@se.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-107xx/CVE-2024-10763.json b/CVE-2024/CVE-2024-107xx/CVE-2024-10763.json new file mode 100644 index 00000000000..d691957634e --- /dev/null +++ b/CVE-2024/CVE-2024-107xx/CVE-2024-10763.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-10763", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-13T05:15:12.943", + "lastModified": "2025-02-13T05:15:12.943", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Campress theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.35 via the 'campress_woocommerce_get_ajax_products' function. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where php file type can be uploaded and included." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://themeforest.net/item/campress-responsive-education-courses-and-events-wordpress-theme/19355619", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d818b467-a893-4f4f-b623-abff99ef37b4?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-125xx/CVE-2024-12586.json b/CVE-2024/CVE-2024-125xx/CVE-2024-12586.json new file mode 100644 index 00000000000..f89869cdc83 --- /dev/null +++ b/CVE-2024/CVE-2024-125xx/CVE-2024-12586.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-12586", + "sourceIdentifier": "contact@wpscan.com", + "published": "2025-02-13T06:15:20.607", + "lastModified": "2025-02-13T06:15:20.607", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Chalet-Montagne.com Tools WordPress plugin through 2.7.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/2ce05a44-762b-4aaf-b88a-92c830fd8ec4/", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-131xx/CVE-2024-13119.json b/CVE-2024/CVE-2024-131xx/CVE-2024-13119.json new file mode 100644 index 00000000000..1f3a31852ee --- /dev/null +++ b/CVE-2024/CVE-2024-131xx/CVE-2024-13119.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-13119", + "sourceIdentifier": "contact@wpscan.com", + "published": "2025-02-13T06:15:20.763", + "lastModified": "2025-02-13T06:15:20.763", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.20 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/32600a45-a8cd-446c-9aa2-0621a02a9754/", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-131xx/CVE-2024-13120.json b/CVE-2024/CVE-2024-131xx/CVE-2024-13120.json new file mode 100644 index 00000000000..d19bc9a9a52 --- /dev/null +++ b/CVE-2024/CVE-2024-131xx/CVE-2024-13120.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-13120", + "sourceIdentifier": "contact@wpscan.com", + "published": "2025-02-13T06:15:20.917", + "lastModified": "2025-02-13T06:15:20.917", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.20 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/5b70798c-c30d-42e6-ac72-821c5568b9b5/", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-131xx/CVE-2024-13121.json b/CVE-2024/CVE-2024-131xx/CVE-2024-13121.json new file mode 100644 index 00000000000..33f136ffc3c --- /dev/null +++ b/CVE-2024/CVE-2024-131xx/CVE-2024-13121.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-13121", + "sourceIdentifier": "contact@wpscan.com", + "published": "2025-02-13T06:15:21.050", + "lastModified": "2025-02-13T06:15:21.050", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.20 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/59ee8fe5-4820-4d52-b17a-7044631c40c1/", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-131xx/CVE-2024-13125.json b/CVE-2024/CVE-2024-131xx/CVE-2024-13125.json new file mode 100644 index 00000000000..c20239e9dc2 --- /dev/null +++ b/CVE-2024/CVE-2024-131xx/CVE-2024-13125.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-13125", + "sourceIdentifier": "contact@wpscan.com", + "published": "2025-02-13T06:15:21.210", + "lastModified": "2025-02-13T06:15:21.210", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Everest Forms WordPress plugin before 3.0.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/f60a8358-1765-4cae-9c89-0d75c5e394ec/", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-132xx/CVE-2024-13227.json b/CVE-2024/CVE-2024-132xx/CVE-2024-13227.json new file mode 100644 index 00000000000..5e81369ead1 --- /dev/null +++ b/CVE-2024/CVE-2024-132xx/CVE-2024-13227.json @@ -0,0 +1,72 @@ +{ + "id": "CVE-2024-13227", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-13T05:15:13.727", + "lastModified": "2025-02-13T05:15:13.727", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Rank Math SEO \u2013 AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Rank Math API in all versions up to, and including, 1.0.235 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/seo-by-rank-math/trunk/includes/rest/class-shared.php#L257", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3222905/", + "source": "security@wordfence.com" + }, + { + "url": "https://rankmath.com/changelog/free/page/2/", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/seo-by-rank-math/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/24df10fb-5143-478e-90f0-27f604ad43ee?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-132xx/CVE-2024-13229.json b/CVE-2024/CVE-2024-132xx/CVE-2024-13229.json new file mode 100644 index 00000000000..585f8807e5d --- /dev/null +++ b/CVE-2024/CVE-2024-132xx/CVE-2024-13229.json @@ -0,0 +1,72 @@ +{ + "id": "CVE-2024-13229", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-13T05:15:13.930", + "lastModified": "2025-02-13T05:15:13.930", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Rank Math SEO \u2013 AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the update_metadata() function in all versions up to, and including, 1.0.235. This makes it possible for authenticated attackers, with Contributor-level access and above, to delete any schema metadata assigned to any post." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/seo-by-rank-math/trunk/includes/rest/class-shared.php#L169", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3222905/", + "source": "security@wordfence.com" + }, + { + "url": "https://rankmath.com/changelog/free/page/2/", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/seo-by-rank-math/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5776f689-56dd-413d-b02d-5551b97dd5eb?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-137xx/CVE-2024-13770.json b/CVE-2024/CVE-2024-137xx/CVE-2024-13770.json new file mode 100644 index 00000000000..d8e209b1cdf --- /dev/null +++ b/CVE-2024/CVE-2024-137xx/CVE-2024-13770.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-13770", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-13T05:15:14.177", + "lastModified": "2025-02-13T05:15:14.177", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Puzzles | WP Magazine / Review with Store WordPress Theme + RTL theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.2.4 via deserialization of untrusted input 'view_more_posts' AJAX action. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present. The developer opted to remove the software from the repository, so an update is not available and it is recommended to find a replacement software." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], + "references": [ + { + "url": "https://themeforest.net/item/puzzles-wordpress-magazinereview-with-wooc/5690583", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/950d1c8f-6715-4b0d-bf3d-af978a146838?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-06xx/CVE-2025-0692.json b/CVE-2025/CVE-2025-06xx/CVE-2025-0692.json new file mode 100644 index 00000000000..916d4926fbf --- /dev/null +++ b/CVE-2025/CVE-2025-06xx/CVE-2025-0692.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2025-0692", + "sourceIdentifier": "contact@wpscan.com", + "published": "2025-02-13T06:15:21.353", + "lastModified": "2025-02-13T06:15:21.353", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Simple Video Management System WordPress plugin through 1.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/176f329b-a861-4ab0-ad1d-02f750f9b691/", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-08xx/CVE-2025-0837.json b/CVE-2025/CVE-2025-08xx/CVE-2025-0837.json new file mode 100644 index 00000000000..2a147dbe918 --- /dev/null +++ b/CVE-2025/CVE-2025-08xx/CVE-2025-0837.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-0837", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-13T05:15:14.623", + "lastModified": "2025-02-13T05:15:14.623", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Puzzles theme for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 4.2.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://themeforest.net/item/puzzles-wordpress-magazinereview-with-wooc/5690583", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/669e3015-b64c-440d-bc06-db4828c07196?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-10xx/CVE-2025-1058.json b/CVE-2025/CVE-2025-10xx/CVE-2025-1058.json new file mode 100644 index 00000000000..856ee491709 --- /dev/null +++ b/CVE-2025/CVE-2025-10xx/CVE-2025-1058.json @@ -0,0 +1,100 @@ +{ + "id": "CVE-2025-1058", + "sourceIdentifier": "cybersecurity@se.com", + "published": "2025-02-13T06:15:21.480", + "lastModified": "2025-02-13T06:15:21.480", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "CWE-494: Download of Code Without Integrity Check vulnerability exists that could render the device\ninoperable when malicious firmware is downloaded." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cybersecurity@se.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 7.2, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cybersecurity@se.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "cybersecurity@se.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-494" + } + ] + } + ], + "references": [ + { + "url": "https://download.schneider-electric.com/files?p_Doc_Ref=sevd-2025-042-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-042-01.pdf", + "source": "cybersecurity@se.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-10xx/CVE-2025-1059.json b/CVE-2025/CVE-2025-10xx/CVE-2025-1059.json new file mode 100644 index 00000000000..0c542c1766e --- /dev/null +++ b/CVE-2025/CVE-2025-10xx/CVE-2025-1059.json @@ -0,0 +1,100 @@ +{ + "id": "CVE-2025-1059", + "sourceIdentifier": "cybersecurity@se.com", + "published": "2025-02-13T06:15:21.680", + "lastModified": "2025-02-13T06:15:21.680", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "CWE-770: Allocation of Resources Without Limits or Throttling vulnerability exists that could\ncause communications to stop when malicious packets are sent to the webserver of the device." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cybersecurity@se.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 8.7, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cybersecurity@se.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "cybersecurity@se.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-770" + } + ] + } + ], + "references": [ + { + "url": "https://download.schneider-electric.com/files?p_Doc_Ref=sevd-2025-042-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-042-01.pdf", + "source": "cybersecurity@se.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-10xx/CVE-2025-1060.json b/CVE-2025/CVE-2025-10xx/CVE-2025-1060.json new file mode 100644 index 00000000000..f421aec4bf4 --- /dev/null +++ b/CVE-2025/CVE-2025-10xx/CVE-2025-1060.json @@ -0,0 +1,100 @@ +{ + "id": "CVE-2025-1060", + "sourceIdentifier": "cybersecurity@se.com", + "published": "2025-02-13T06:15:22.213", + "lastModified": "2025-02-13T06:15:22.213", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists that could result in the exposure\nof data when network traffic is being sniffed by an attacker." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cybersecurity@se.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 8.7, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cybersecurity@se.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "cybersecurity@se.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-319" + } + ] + } + ], + "references": [ + { + "url": "https://download.schneider-electric.com/files?p_Doc_Ref=sevd-2025-042-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-042-01.pdf", + "source": "cybersecurity@se.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-10xx/CVE-2025-1070.json b/CVE-2025/CVE-2025-10xx/CVE-2025-1070.json new file mode 100644 index 00000000000..35c6794b220 --- /dev/null +++ b/CVE-2025/CVE-2025-10xx/CVE-2025-1070.json @@ -0,0 +1,100 @@ +{ + "id": "CVE-2025-1070", + "sourceIdentifier": "cybersecurity@se.com", + "published": "2025-02-13T06:15:22.463", + "lastModified": "2025-02-13T06:15:22.463", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could render the device\ninoperable when a malicious file is downloaded." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cybersecurity@se.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 7.2, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cybersecurity@se.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "cybersecurity@se.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://download.schneider-electric.com/files?p_Doc_Ref=sevd-2025-042-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-042-01.pdf", + "source": "cybersecurity@se.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index eabb7d0a1f2..eead887ea0e 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-02-13T05:00:27.653958+00:00 +2025-02-13T07:00:19.487296+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-02-13T04:15:08.653000+00:00 +2025-02-13T06:15:22.463000+00:00 ``` ### Last Data Feed Release @@ -33,22 +33,35 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -281188 +281204 ``` ### CVEs added in the last Commit -Recently added CVEs: `0` +Recently added CVEs: `16` +- [CVE-2024-10083](CVE-2024/CVE-2024-100xx/CVE-2024-10083.json) (`2025-02-13T06:15:19.210`) +- [CVE-2024-10763](CVE-2024/CVE-2024-107xx/CVE-2024-10763.json) (`2025-02-13T05:15:12.943`) +- [CVE-2024-12586](CVE-2024/CVE-2024-125xx/CVE-2024-12586.json) (`2025-02-13T06:15:20.607`) +- [CVE-2024-13119](CVE-2024/CVE-2024-131xx/CVE-2024-13119.json) (`2025-02-13T06:15:20.763`) +- [CVE-2024-13120](CVE-2024/CVE-2024-131xx/CVE-2024-13120.json) (`2025-02-13T06:15:20.917`) +- [CVE-2024-13121](CVE-2024/CVE-2024-131xx/CVE-2024-13121.json) (`2025-02-13T06:15:21.050`) +- [CVE-2024-13125](CVE-2024/CVE-2024-131xx/CVE-2024-13125.json) (`2025-02-13T06:15:21.210`) +- [CVE-2024-13227](CVE-2024/CVE-2024-132xx/CVE-2024-13227.json) (`2025-02-13T05:15:13.727`) +- [CVE-2024-13229](CVE-2024/CVE-2024-132xx/CVE-2024-13229.json) (`2025-02-13T05:15:13.930`) +- [CVE-2024-13770](CVE-2024/CVE-2024-137xx/CVE-2024-13770.json) (`2025-02-13T05:15:14.177`) +- [CVE-2025-0692](CVE-2025/CVE-2025-06xx/CVE-2025-0692.json) (`2025-02-13T06:15:21.353`) +- [CVE-2025-0837](CVE-2025/CVE-2025-08xx/CVE-2025-0837.json) (`2025-02-13T05:15:14.623`) +- [CVE-2025-1058](CVE-2025/CVE-2025-10xx/CVE-2025-1058.json) (`2025-02-13T06:15:21.480`) +- [CVE-2025-1059](CVE-2025/CVE-2025-10xx/CVE-2025-1059.json) (`2025-02-13T06:15:21.680`) +- [CVE-2025-1060](CVE-2025/CVE-2025-10xx/CVE-2025-1060.json) (`2025-02-13T06:15:22.213`) +- [CVE-2025-1070](CVE-2025/CVE-2025-10xx/CVE-2025-1070.json) (`2025-02-13T06:15:22.463`) ### CVEs modified in the last Commit -Recently modified CVEs: `3` +Recently modified CVEs: `0` -- [CVE-2024-12085](CVE-2024/CVE-2024-120xx/CVE-2024-12085.json) (`2025-02-13T03:15:07.707`) -- [CVE-2024-29171](CVE-2024/CVE-2024-291xx/CVE-2024-29171.json) (`2025-02-13T04:15:07.557`) -- [CVE-2024-29172](CVE-2024/CVE-2024-291xx/CVE-2024-29172.json) (`2025-02-13T04:15:08.653`) ## Download and Usage diff --git a/_state.csv b/_state.csv index f63329835b3..ceafd1ed498 100644 --- a/_state.csv +++ b/_state.csv @@ -243524,6 +243524,7 @@ CVE-2024-1008,0,0,b40015512ed5e87d02054dd89de2047943a9359fbfa251a46279fc6c655a93 CVE-2024-10080,0,0,43a1f7f93e056c92c1c639ac172ae8b144e833cbd5a522d58f1f49f7054a891c,2024-10-22T16:27:38.840000 CVE-2024-10081,0,0,5c422073043efca649bdbf0235dee597da99b355edaf2c92bc7ed3dcfa93a042,2024-11-06T18:17:17.287000 CVE-2024-10082,0,0,06415cdb965ac64636892c496f9de214d59f82f169c648183613af8a98253c78,2024-11-06T18:17:17.287000 +CVE-2024-10083,1,1,6fed9f75e98b3988fd51b5d761382eae45a7841787eae6559633aa782efef1e5,2025-02-13T06:15:19.210000 CVE-2024-10084,0,0,aa7524ac6f9ff0a4b9d5665381cefd3535aab2cd20f5b5573266707557de2a8a,2024-11-06T18:17:17.287000 CVE-2024-10086,0,0,c34575f938553fa7d7ae7ba88022934e50d186981e616c6c9f4320956c07bcc0,2025-01-10T13:15:08.623000 CVE-2024-1009,0,0,7f10991a2aedcbb0eeb168a4df9621d13325fa39adae509b0e5c1de61defa9f2,2024-11-21T08:49:35.077000 @@ -244133,6 +244134,7 @@ CVE-2024-10759,0,0,f8bc712fb9410a5ee08f3180d1171d66b15914b48b9a217cb416a2def4d3a CVE-2024-1076,0,0,229c3c3be53023b3f8854e6dfc46fb3635e16fbfbd84ced93f49f0159417c5df,2024-11-21T08:49:44.590000 CVE-2024-10760,0,0,4caeff16d941f4eaea6483471e8bd5b0672f1a62737769a70015e44c6a8cca8f,2024-11-05T19:45:47.893000 CVE-2024-10761,0,0,c6d174b8f4641a03c5bf55f193f6eac898b2be3e32b111450f17980d3bd9ad7a,2025-01-22T08:15:07.060000 +CVE-2024-10763,1,1,5bf807a1e8b588b7b84fedf8f55ce9b5092142517eba54cf122078df9cf07a2e,2025-02-13T05:15:12.943000 CVE-2024-10764,0,0,9403f6bafb5947fdaa7cb8c78451d2ac19b5d12ee73e1a4325fe5cc4119a0428,2024-11-06T14:44:53.410000 CVE-2024-10765,0,0,ed6be3a759d855ad20d58959831792648cd98223f0ea5e3efce60624691a4cd3,2024-11-06T14:45:35.600000 CVE-2024-10766,0,0,97d873f52c572201eba37cf1bcce1c48835952a8e15078f1553c16d85428be93,2024-11-06T14:59:34.303000 @@ -245338,7 +245340,7 @@ CVE-2024-1208,0,0,3c4b0e7895c1837530e812c9d592f58958b18ef870d236a49969dfb3f5e669 CVE-2024-12082,0,0,d67c450c190c0364d4b144dcd382bc569f8e4f4f12ff2a960005828e083c85c7,2024-12-11T17:12:56.793000 CVE-2024-12083,0,0,d43543ed1a2c4c8cfbaff70b85f71ffc7dc15514475ec8e8bc46a80ffd753fb3,2025-01-14T01:15:09.267000 CVE-2024-12084,0,0,85dd725fc2f0b24c79e999378b1f0199fad5fe5d164b31609c57a84bcb434c0d,2025-01-15T15:15:10.537000 -CVE-2024-12085,0,1,0f7387d8a8cbcf858f99c9313accf9078fca73b9d473ef2d012dc4c94ca96599,2025-02-13T03:15:07.707000 +CVE-2024-12085,0,0,0f7387d8a8cbcf858f99c9313accf9078fca73b9d473ef2d012dc4c94ca96599,2025-02-13T03:15:07.707000 CVE-2024-12086,0,0,e5130c03152639985c3e2f822b45f241716bd573825b1ce309364a23fc10467b,2025-01-14T22:15:26.370000 CVE-2024-12087,0,0,083db16c2a7b9baa1b397fd2cd269bff2aa8f7c2646d1851d134f1f8a052e34a,2025-01-14T22:15:26.503000 CVE-2024-12088,0,0,43a2123ff1daddac120d556957600405449568b28a84ca944004ee72fa7fff31,2025-02-10T12:15:28.537000 @@ -245786,6 +245788,7 @@ CVE-2024-12582,0,0,bbfe1aae814f308a85392c13709691d46da248e6458c80cb519b63fa483aa CVE-2024-12583,0,0,18b36426c2246709d6e004bec0c8a5de7c91c679c9d1416c197a6176fa3a08fa,2025-01-04T09:15:06.090000 CVE-2024-12584,0,0,adcd511bb3f4eac61fabd0c77513e0f49514ba8fec705794080ba1b5bd973bc5,2025-01-08T07:15:26.833000 CVE-2024-12585,0,0,5da3be9bc678e425dc481c70b7523d18c5d89e9715457ba9168db2468bb42cc7,2025-01-08T16:15:34.130000 +CVE-2024-12586,1,1,3e86030ae6efd3b0eee2f26dcc2d1ae87f3ef3d571a2e191467c0c395f6a0843,2025-02-13T06:15:20.607000 CVE-2024-12587,0,0,7960172962a4bd5df694844fdf178521cdb4dbd17b76b544453367f416394602,2025-01-13T20:15:27.283000 CVE-2024-12588,0,0,9ef4dd85f085f6ba612688cc14a2c49d05248e20e75bd2d7bdd4aff39b5ac0f2,2024-12-21T09:15:06.233000 CVE-2024-1259,0,0,1c6bb100fc9cba505c4d696801bfd3102c508e530bb2e36c86a6685675278bd7,2024-11-21T08:50:10.730000 @@ -246220,7 +246223,11 @@ CVE-2024-13114,0,0,0294bf3cffe33550cb4e4f68d18089dfac8f013192677ef679fc2a8b508cb CVE-2024-13115,0,0,13b8199069b20efe9868960868ade8b98a30fac2dac411b23e0856355daac94f,2025-02-04T19:15:30.240000 CVE-2024-13116,0,0,98f3ad6698735710def1c6baf530db546e54e66a9af268d4888f3cbf2c43dee6,2025-02-03T15:15:16.290000 CVE-2024-13117,0,0,48c4c1a0deaa83ed5f11e564cf33aba28b1ea8edfb18de9dc2dbe1b856b27247,2025-02-03T15:15:16.440000 +CVE-2024-13119,1,1,60b1a375de28bc883ab45342fd0423621675e7467947d0e4576bf341efaee064,2025-02-13T06:15:20.763000 CVE-2024-1312,0,0,d16b3ecc82cd74d4071dc20055eab0a36b43013bc6757c1d62cda1a87b890d59,2024-11-21T08:50:18.020000 +CVE-2024-13120,1,1,86a62d7e8dc07a5a432f59769e70576dece57f473109852bbfedb327386a505d,2025-02-13T06:15:20.917000 +CVE-2024-13121,1,1,400cb6a6458fcea63bb0abfca45b1de45b0b3f23ff4f2af5f948d3f4940e0b5c,2025-02-13T06:15:21.050000 +CVE-2024-13125,1,1,a81585c57e23fbe08648b139f20ab4084b413b412946f0295543270276b031fd,2025-02-13T06:15:21.210000 CVE-2024-13129,0,0,c8465ea9fafd80ae001698785c09dec31df42294cc4a62b87a1aaef854b51892,2025-01-03T22:15:06.677000 CVE-2024-1313,0,0,cad1078661641c2022e5f0188a431d9a70908db5ab4b61d98e0389abbba8b680,2024-11-21T08:50:18.207000 CVE-2024-13130,0,0,11faf417785d12b2b829d9b6bcccc37fdbc1730d9810cb9c4f93c832649c2012,2025-01-10T14:15:27.740000 @@ -246311,6 +246318,8 @@ CVE-2024-13223,0,0,7b6514669964c43964feed3c6cf2542df0b09778a89a37fa663f94bf88ff0 CVE-2024-13224,0,0,5b837998456d69f57f92f54fe581798d78b4a9cd50e5d6a94dbcf214ddede567,2025-01-31T16:15:32.273000 CVE-2024-13225,0,0,94019de9ef351f6f8bbbc82a565d38e218a78321cab8c9f489a569facf419206,2025-01-31T16:15:32.403000 CVE-2024-13226,0,0,5b9d889c58e6e93e7ddf59213d7cc5ae3d20f838a8db712a9f4b833405dda9db,2025-01-31T16:15:32.537000 +CVE-2024-13227,1,1,0104c1e9279cbd79fb5f7979880c0a168f560f07286d214061a6e3c5037aae63,2025-02-13T05:15:13.727000 +CVE-2024-13229,1,1,146bc2f1a373090b5ad0d19ea72c34662f1c63e16e134a41d372bdefddf09acd,2025-02-13T05:15:13.930000 CVE-2024-1323,0,0,4b7fa94b4154618460e40e6b98637f7cb2a430b6e413bf16925f79721ae6c94f,2025-01-16T19:29:54.047000 CVE-2024-13230,0,0,77b1ecbf192b34e98ac8a66dc9d4d1a94979c767aa5e8f2b9158ee6752bafedc,2025-01-21T11:15:09.267000 CVE-2024-13234,0,0,4c493a769573d261245a83332615004948f6e06f366df55b9e6c3d12849e4b0c,2025-02-04T21:05:33.863000 @@ -246645,6 +246654,7 @@ CVE-2024-1376,0,0,34411a3106e4c74f2617f4da0b50ff6e7d812385caea8af0b8361fb64d6e9d CVE-2024-13767,0,0,5e2a432b5514ebb28e43fc58238979fb079695a503a95ef3a2bddb1da15dea7c,2025-01-31T03:15:10.693000 CVE-2024-13769,0,0,36e50521c0bb73916a53ae4ab4011fae4b8d9c6f3961785a0f7ccd04cbcf7378,2025-02-12T05:15:12.637000 CVE-2024-1377,0,0,76446229d1bded69224cd2e98212f244bd2380b3470adb0152ce2b85f9216c33,2025-01-07T18:20:57.347000 +CVE-2024-13770,1,1,d13bd531ee0ebdf4997e11d8335d5ed003498b54f6fbd68ad07b3520f8fe51d7,2025-02-13T05:15:14.177000 CVE-2024-13775,0,0,1960bdf058198508440d85f951a3bd6116d9785e359b0700d7138122fee08aaa,2025-02-01T13:15:22.847000 CVE-2024-1378,0,0,041aa523b6aa5691bc95edbf2c3845e6125399d35aa90aa412089416e101b866,2024-11-21T08:50:26.997000 CVE-2024-1379,0,0,d57d063aae1fbcb792bd04eccc73dc16507c20c6267e19d5bea5a4e5413062c5,2024-11-21T08:50:27.157000 @@ -254457,8 +254467,8 @@ CVE-2024-29168,0,0,76da846afbf9a55737b5d5153c7075fb50544a452bceda1dfcbdd4dbae96e CVE-2024-29169,0,0,d2a39941096d1cea2fb67256e6d405f7dadbfc7f6cf149bb994f4d72fa9e7ae2,2025-02-04T17:21:08.633000 CVE-2024-2917,0,0,b5f4311ed824c628747b6d6d6b66642d4215c934be667bd71791c2a5029b2dec,2024-11-21T09:10:50.053000 CVE-2024-29170,0,0,370cd60a5ddffa88cf8f7934c452c63f52b7ba07af57e96fdb32da3666fff09f,2025-01-08T16:25:58.207000 -CVE-2024-29171,0,1,0c7b29e322ec5ec7605787faa00e201458401074d4e8ee1bf7d931eb58bcb08f,2025-02-13T04:15:07.557000 -CVE-2024-29172,0,1,6539f73e12d6daaa4dc2aff6ade5b3eb08181a6d7b325f81e072d01b7819dca3,2025-02-13T04:15:08.653000 +CVE-2024-29171,0,0,0c7b29e322ec5ec7605787faa00e201458401074d4e8ee1bf7d931eb58bcb08f,2025-02-13T04:15:07.557000 +CVE-2024-29172,0,0,6539f73e12d6daaa4dc2aff6ade5b3eb08181a6d7b325f81e072d01b7819dca3,2025-02-13T04:15:08.653000 CVE-2024-29173,0,0,8f66bdd18b6f7192b1d98e3f67c2fa7b88807a5fecb3bffa3f651ea2750e1735,2025-02-03T15:08:59.513000 CVE-2024-29174,0,0,65010050e670e870e2ab6c488596f4f6fc1385fbeba243078e77aa3e825c9f1d,2024-11-21T09:07:43.507000 CVE-2024-29175,0,0,1a7114481e9b20c8eff6bf81f7575050706de007b87f7c2ddbf4ca9624c9a616,2024-11-21T09:07:43.653000 @@ -278875,6 +278885,7 @@ CVE-2025-0680,0,0,12c78670909e60210afb321c5c55c759452f5848b71a1a0162a282c763d503 CVE-2025-0681,0,0,938db0e5190e161ed989ccb4c84d5297432f7561de8078fdf9969ec60d4620a5,2025-01-30T19:15:14.300000 CVE-2025-0682,0,0,82dc327006a11cf9eb8ed15c2db6bd7a0cc541bc0cc289fa88e6bc57635c989b,2025-01-25T06:15:28.740000 CVE-2025-0683,0,0,205e229f4e62e374b1f661149af1c3e061009820d5bfef3aa4d78ef37a506574,2025-01-31T18:15:37.750000 +CVE-2025-0692,1,1,56cc96f6d7be1971917744ac7d249038148425fc5b20ff08420cb0a91079ae90,2025-02-13T06:15:21.353000 CVE-2025-0693,0,0,8bef81ffbc69ad8fade82b6e724a9e7fb69f78f00b1731c577419f05b6dfd9c0,2025-01-23T22:15:15.397000 CVE-2025-0695,0,0,5a6f397a6b64075e37b58670bef347904c3201da024fb297d91e9e2cec2630c8,2025-01-27T11:15:11.087000 CVE-2025-0696,0,0,8bb1aa81d5469057848d400dac8fd3ed60fd05dfdf66155ab4dbeb5d35fb6ddc,2025-01-27T11:15:11.267000 @@ -278943,6 +278954,7 @@ CVE-2025-0808,0,0,637dbd48261618e1808102ff3b4dbb069375514bc6259f22e577bb05373a48 CVE-2025-0809,0,0,886fb9b396d2aad5cff53c02349fc0fee570a4920d4c4e68da65e25a660a34b2,2025-01-31T06:15:29.933000 CVE-2025-0825,0,0,7f81ca19fb96d77c0731181ff23092e49d4e8a157f0a8fa4a0ca13f53bda7923,2025-02-04T15:15:19.420000 CVE-2025-0834,0,0,239a6f08c2db88ce57ab64c699932d200eff33712703b8a8f00d02b01207348f,2025-01-30T09:15:09.703000 +CVE-2025-0837,1,1,2dd7973af6fce81a46dfa76902f2b5db7d3debf86d7a4a86f2d7e2515d71ea0b,2025-02-13T05:15:14.623000 CVE-2025-0840,0,0,dcc73de0595740e9bb877d1b68b6e13f7a74ad4d50a26f82e22ce56d8c04db6b,2025-01-29T20:15:35.007000 CVE-2025-0841,0,0,d34ffb164e9f6e4e065c3a7bf9858f8af34d279265f630e92f70d22138303c3f,2025-01-29T21:15:20.973000 CVE-2025-0842,0,0,817f7fca87e6acf8de7da5acb91e6b0b68dcf3f7c69a8b83dc023ca38974b3a1,2025-01-29T22:15:30.283000 @@ -279030,8 +279042,12 @@ CVE-2025-1028,0,0,e6b466122e3fc2d0ee27df4e2f7cd7a187e72415f42ddc27a98c68b86b7822 CVE-2025-1042,0,0,727597b2df8c6e5925af064d1c047222ac7870d4fb0653bc96def494163afd0b,2025-02-12T15:15:16.230000 CVE-2025-1044,0,0,f2d901015fc0e6049437a84a32809b8c4712e1d9cd344db9b24ed666ed368479,2025-02-11T20:15:35.913000 CVE-2025-1052,0,0,2558dc5aa326f4b5ba9a0b42415250f88c10a360fd02b001eec15ae5cce74dea,2025-02-11T20:15:36.070000 +CVE-2025-1058,1,1,68758fb3a7edcb4555679953ceea098802b07f6f694869dafe8f70b9e50ad23b,2025-02-13T06:15:21.480000 +CVE-2025-1059,1,1,f04f4e4845d9d9b34b7552b5f3678626ad00807a01ed09615ed24204eba0ec4d,2025-02-13T06:15:21.680000 +CVE-2025-1060,1,1,65f5a7e67223a9c734992ce3a8f5501f5cc1436daa7785c3e5772dccca05e33c,2025-02-13T06:15:22.213000 CVE-2025-1061,0,0,6a23092bda6a59b35939be3869c0d77fbfb36191dc775a19d3c3e005aa053667,2025-02-07T02:15:29.587000 CVE-2025-1066,0,0,468d6b911c82b607d62a348c0acd3c70b696eb364bff12a91f2702b314026e69,2025-02-06T15:15:17.330000 +CVE-2025-1070,1,1,2f9cdd6a4f5d17a43d22ee25968a30c3e37f403e9f09199c813f09be5217859b,2025-02-13T06:15:22.463000 CVE-2025-1072,0,0,825d30ddf601b7987739e0edd519e9e1729cc73a5fe77174507a50eb4652101c,2025-02-07T04:15:07.737000 CVE-2025-1074,0,0,bff74005338669ff7836b30084d755fdd0cbda1678d758cad83a696ca60ee659,2025-02-06T14:15:30.050000 CVE-2025-1076,0,0,288f626100e57e18963e248da4aed1530482da98080d17f699af6ed450ee83ac,2025-02-06T14:15:30.287000