diff --git a/CVE-2023/CVE-2023-524xx/CVE-2023-52461.json b/CVE-2023/CVE-2023-524xx/CVE-2023-52461.json index c7ba185114a..dcbf1c2f8ae 100644 --- a/CVE-2023/CVE-2023-524xx/CVE-2023-52461.json +++ b/CVE-2023/CVE-2023-524xx/CVE-2023-52461.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52461", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-02-23T15:15:08.490", - "lastModified": "2024-11-21T08:39:49.340", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-03-26T11:41:07.140", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -39,22 +39,65 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.7.2", + "matchCriteriaId": "7229C448-E0C9-488B-8939-36BA5254065E" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/1470d173925d697b497656b93f7c5bddae2e64b2", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2bbe6ab2be53858507f11f99f856846d04765ae3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/1470d173925d697b497656b93f7c5bddae2e64b2", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2bbe6ab2be53858507f11f99f856846d04765ae3", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-134xx/CVE-2024-13411.json b/CVE-2024/CVE-2024-134xx/CVE-2024-13411.json new file mode 100644 index 00000000000..a3c874ad145 --- /dev/null +++ b/CVE-2024/CVE-2024-134xx/CVE-2024-13411.json @@ -0,0 +1,76 @@ +{ + "id": "CVE-2024-13411", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-03-26T12:15:13.880", + "lastModified": "2025-03-26T12:15:13.880", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Zapier for WordPress plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.5.1 via the updated_user() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to arbitrary locations originating from the web application which can be used to query and modify information from internal services." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/zapier/trunk/zapier.php#L114", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/zapier/trunk/zapier.php#L210", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/zapier/trunk/zapier.php#L284", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3257975/", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/zapier/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/701dc461-88e7-40bf-a4fb-f92723b6e05e?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-138xx/CVE-2024-13889.json b/CVE-2024/CVE-2024-138xx/CVE-2024-13889.json new file mode 100644 index 00000000000..c963e454f87 --- /dev/null +++ b/CVE-2024/CVE-2024-138xx/CVE-2024-13889.json @@ -0,0 +1,76 @@ +{ + "id": "CVE-2024-13889", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-03-26T12:15:14.590", + "lastModified": "2025-03-26T12:15:14.590", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The WordPress Importer plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 0.8.3 via deserialization of untrusted input in the 'maybe_unserialize' function. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.2, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/wordpress-importer/trunk/class-wp-import.php#L602", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/wordpress-importer/trunk/class-wp-import.php#L857", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/wordpress-importer/trunk/class-wp-import.php#L891", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/wordpress-importer/trunk/class-wp-import.php#L975", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3261419/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5f0795f7-6eba-4ff0-b0da-5d2b544adf14?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-276xx/CVE-2024-27680.json b/CVE-2024/CVE-2024-276xx/CVE-2024-27680.json index 7eebfe9fd81..24afcdf0cf4 100644 --- a/CVE-2024/CVE-2024-276xx/CVE-2024-27680.json +++ b/CVE-2024/CVE-2024-276xx/CVE-2024-27680.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27680", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-04T15:15:07.167", - "lastModified": "2024-11-21T09:04:53.150", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-03-26T11:41:33.737", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,39 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:flusity:flusity:2.33:*:*:*:*:*:*:*", + "matchCriteriaId": "1B6B6ED7-B93A-4853-9D83-40BCD781342C" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/xiaolanjing0/cms/blob/main/4.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://github.com/xiaolanjing0/cms/blob/main/4.md", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-13xx/CVE-2025-1312.json b/CVE-2025/CVE-2025-13xx/CVE-2025-1312.json new file mode 100644 index 00000000000..a147ef46fa8 --- /dev/null +++ b/CVE-2025/CVE-2025-13xx/CVE-2025-1312.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2025-1312", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-03-26T12:15:14.890", + "lastModified": "2025-03-26T12:15:14.890", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Ultimate Blocks \u2013 WordPress Blocks Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'buttonTextColor\u2019 parameter in all versions up to, and including, 3.2.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/ultimate-blocks/trunk/src/blocks/call-to-action/block.php#L32", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3260377/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ac422162-be05-4420-9877-d6d41b83e881?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-15xx/CVE-2025-1542.json b/CVE-2025/CVE-2025-15xx/CVE-2025-1542.json new file mode 100644 index 00000000000..2481bcf0728 --- /dev/null +++ b/CVE-2025/CVE-2025-15xx/CVE-2025-1542.json @@ -0,0 +1,82 @@ +{ + "id": "CVE-2025-1542", + "sourceIdentifier": "cvd@cert.pl", + "published": "2025-03-26T11:15:38.240", + "lastModified": "2025-03-26T11:15:38.240", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper permission control\u00a0vulnerability in the OXARI\u00a0ServiceDesk\u00a0application could allow an attacker\u00a0using a guest access or an unprivileged account to gain additional administrative permissions in the application.This issue affects OXARI\u00a0ServiceDesk in versions before 2.0.324.0." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cvd@cert.pl", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 9.3, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "HIGH", + "vulnIntegrityImpact": "HIGH", + "vulnAvailabilityImpact": "LOW", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "cvd@cert.pl", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + } + ], + "references": [ + { + "url": "https://cert.pl/en/posts/2025/03/CVE-2025-1542/", + "source": "cvd@cert.pl" + }, + { + "url": "https://www.oxari.com/en/product/oxari-servicedesk", + "source": "cvd@cert.pl" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-17xx/CVE-2025-1769.json b/CVE-2025/CVE-2025-17xx/CVE-2025-1769.json new file mode 100644 index 00000000000..c2be2d77025 --- /dev/null +++ b/CVE-2025/CVE-2025-17xx/CVE-2025-1769.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2025-1769", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-03-26T12:15:15.040", + "lastModified": "2025-03-26T12:15:15.040", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Product Import Export for WooCommerce \u2013 Import Export Product CSV Suite plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.5.0 via the download_file() function. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of arbitrary log files on the server, which can contain sensitive information." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 4.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/product-import-export-for-woo/trunk/admin/modules/history/history.php#L753", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3261194/", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/product-import-export-for-woo/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4df60fbe-4475-4cbf-b497-a9c5251bc91f?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-19xx/CVE-2025-1911.json b/CVE-2025/CVE-2025-19xx/CVE-2025-1911.json new file mode 100644 index 00000000000..6b6d3d9c415 --- /dev/null +++ b/CVE-2025/CVE-2025-19xx/CVE-2025-1911.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2025-1911", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-03-26T12:15:15.197", + "lastModified": "2025-03-26T12:15:15.197", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Product Import Export for WooCommerce \u2013 Import Export Product CSV Suite plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the admin_log_page() function in all versions up to, and including, 2.5.0. This makes it possible for authenticated attackers, with Administrator-level access and above, to delete arbitrary log files on the server." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 2.7, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.2, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-73" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/product-import-export-for-woo/trunk/admin/modules/history/history.php#L248", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3261194/", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/product-import-export-for-woo/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d222ef6d-cdec-482e-92ba-65eeabbcdeae?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-19xx/CVE-2025-1912.json b/CVE-2025/CVE-2025-19xx/CVE-2025-1912.json new file mode 100644 index 00000000000..135892b28d0 --- /dev/null +++ b/CVE-2025/CVE-2025-19xx/CVE-2025-1912.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2025-1912", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-03-26T12:15:15.353", + "lastModified": "2025-03-26T12:15:15.353", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Product Import Export for WooCommerce \u2013 Import Export Product CSV Suite plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.5.0 via the validate_file() Function. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N", + "baseScore": 7.6, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/product-import-export-for-woo/trunk/admin/modules/import/classes/class-import-ajax.php#L175", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3261194/", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/product-import-export-for-woo/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/406b52dc-3d36-4b03-a932-34f456395979?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-19xx/CVE-2025-1913.json b/CVE-2025/CVE-2025-19xx/CVE-2025-1913.json new file mode 100644 index 00000000000..df27286e887 --- /dev/null +++ b/CVE-2025/CVE-2025-19xx/CVE-2025-1913.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2025-1913", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-03-26T12:15:15.513", + "lastModified": "2025-03-26T12:15:15.513", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Product Import Export for WooCommerce \u2013 Import Export Product CSV Suite plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.5.0 via deserialization of untrusted input from the 'form_data' parameter This makes it possible for authenticated attackers, with Administrator-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.2, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/product-import-export-for-woo/trunk/admin/modules/import/classes/class-import-ajax.php", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3261194/", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/product-import-export-for-woo/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d4464bb1-273a-42c4-a7ec-8e123d286963?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-21xx/CVE-2025-2110.json b/CVE-2025/CVE-2025-21xx/CVE-2025-2110.json new file mode 100644 index 00000000000..909ee80f265 --- /dev/null +++ b/CVE-2025/CVE-2025-21xx/CVE-2025-2110.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2025-2110", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-03-26T12:15:15.827", + "lastModified": "2025-03-26T12:15:15.827", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The WP Compress \u2013 Instant Performance & Speed Optimization plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to missing capability checks on its on its AJAX functions in all versions up to, and including, 6.30.15. This makes it possible for authenticated attackers, with Subscriber-level access and above, to compromise the site in various ways depending on the specific function exploited - for example, by retrieving sensitive settings and configuration details, or by altering and deleting them, thereby disclosing sensitive information, disrupting the plugin\u2019s functionality, and potentially impacting overall site performance." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/wp-compress-image-optimizer/tags/6.30.15/classes/ajax.class.php", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3254259/", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/wp-compress-image-optimizer/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2bb4ead4-b2ad-42b4-92a0-fb7293f6df06?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-25xx/CVE-2025-2596.json b/CVE-2025/CVE-2025-25xx/CVE-2025-2596.json new file mode 100644 index 00000000000..006203f61fd --- /dev/null +++ b/CVE-2025/CVE-2025-25xx/CVE-2025-2596.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2025-2596", + "sourceIdentifier": "security@checkmk.com", + "published": "2025-03-26T11:15:39.183", + "lastModified": "2025-03-26T11:15:39.183", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Session logout could be overwritten in Checkmk GmbH's Checkmk versions <2.3.0p30, <2.2.0p41, and 2.1.0p49 (EOL)" + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security@checkmk.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 2.3, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "attackRequirements": "PRESENT", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "NONE", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "NONE", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "security@checkmk.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-613" + } + ] + } + ], + "references": [ + { + "url": "https://checkmk.com/werk/17808", + "source": "security@checkmk.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-275xx/CVE-2025-27551.json b/CVE-2025/CVE-2025-275xx/CVE-2025-27551.json new file mode 100644 index 00000000000..b86fffd9e59 --- /dev/null +++ b/CVE-2025/CVE-2025-275xx/CVE-2025-27551.json @@ -0,0 +1,37 @@ +{ + "id": "CVE-2025-27551", + "sourceIdentifier": "9b29abf9-4ab0-4765-b253-1875cd9b441e", + "published": "2025-03-26T11:15:38.943", + "lastModified": "2025-03-26T11:15:38.943", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "DBIx::Class::EncodedColumn use the rand() function, which is not cryptographically secure to salt password hashes.\n\nThis vulnerability is associated with program files lib/DBIx/Class/EncodedColumn/Digest.pm.\n\nThis issue affects DBIx::Class::EncodedColumn until 0.00032." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "9b29abf9-4ab0-4765-b253-1875cd9b441e", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-338" + } + ] + } + ], + "references": [ + { + "url": "https://metacpan.org/release/WREIS/DBIx-Class-EncodedColumn-0.00032/changes", + "source": "9b29abf9-4ab0-4765-b253-1875cd9b441e" + }, + { + "url": "https://security.metacpan.org/docs/guides/random-data-for-security.html", + "source": "9b29abf9-4ab0-4765-b253-1875cd9b441e" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-275xx/CVE-2025-27552.json b/CVE-2025/CVE-2025-275xx/CVE-2025-27552.json new file mode 100644 index 00000000000..45a0591158c --- /dev/null +++ b/CVE-2025/CVE-2025-275xx/CVE-2025-27552.json @@ -0,0 +1,37 @@ +{ + "id": "CVE-2025-27552", + "sourceIdentifier": "9b29abf9-4ab0-4765-b253-1875cd9b441e", + "published": "2025-03-26T11:15:39.063", + "lastModified": "2025-03-26T11:15:39.063", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "DBIx::Class::EncodedColumn use the rand() function, which is not cryptographically secure to salt password hashes.\n\nThis vulnerability is associated with program files Crypt/Eksblowfish/Bcrypt.pm.\n\nThis issue affects DBIx::Class::EncodedColumn until 0.00032." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "9b29abf9-4ab0-4765-b253-1875cd9b441e", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-338" + } + ] + } + ], + "references": [ + { + "url": "https://metacpan.org/release/WREIS/DBIx-Class-EncodedColumn-0.00032/changes", + "source": "9b29abf9-4ab0-4765-b253-1875cd9b441e" + }, + { + "url": "https://security.metacpan.org/docs/guides/random-data-for-security.html", + "source": "9b29abf9-4ab0-4765-b253-1875cd9b441e" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 781ec729d64..fd51c5897b8 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-03-26T11:00:20.007345+00:00 +2025-03-26T13:00:19.445166+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-03-26T10:15:15.437000+00:00 +2025-03-26T12:15:15.827000+00:00 ``` ### Last Data Feed Release @@ -33,30 +33,33 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -286590 +286602 ``` ### CVEs added in the last Commit -Recently added CVEs: `11` +Recently added CVEs: `12` -- [CVE-2024-13702](CVE-2024/CVE-2024-137xx/CVE-2024-13702.json) (`2025-03-26T09:15:14.323`) -- [CVE-2024-13801](CVE-2024/CVE-2024-138xx/CVE-2024-13801.json) (`2025-03-26T09:15:15.763`) -- [CVE-2025-1310](CVE-2025/CVE-2025-13xx/CVE-2025-1310.json) (`2025-03-26T10:15:14.653`) -- [CVE-2025-1437](CVE-2025/CVE-2025-14xx/CVE-2025-1437.json) (`2025-03-26T10:15:14.930`) -- [CVE-2025-1439](CVE-2025/CVE-2025-14xx/CVE-2025-1439.json) (`2025-03-26T10:15:15.093`) -- [CVE-2025-1440](CVE-2025/CVE-2025-14xx/CVE-2025-1440.json) (`2025-03-26T10:15:15.260`) -- [CVE-2025-1514](CVE-2025/CVE-2025-15xx/CVE-2025-1514.json) (`2025-03-26T09:15:15.950`) -- [CVE-2025-1703](CVE-2025/CVE-2025-17xx/CVE-2025-1703.json) (`2025-03-26T10:15:15.437`) -- [CVE-2025-2009](CVE-2025/CVE-2025-20xx/CVE-2025-2009.json) (`2025-03-26T09:15:16.140`) -- [CVE-2025-2167](CVE-2025/CVE-2025-21xx/CVE-2025-2167.json) (`2025-03-26T09:15:16.500`) -- [CVE-2025-2257](CVE-2025/CVE-2025-22xx/CVE-2025-2257.json) (`2025-03-26T09:15:16.647`) +- [CVE-2024-13411](CVE-2024/CVE-2024-134xx/CVE-2024-13411.json) (`2025-03-26T12:15:13.880`) +- [CVE-2024-13889](CVE-2024/CVE-2024-138xx/CVE-2024-13889.json) (`2025-03-26T12:15:14.590`) +- [CVE-2025-1312](CVE-2025/CVE-2025-13xx/CVE-2025-1312.json) (`2025-03-26T12:15:14.890`) +- [CVE-2025-1542](CVE-2025/CVE-2025-15xx/CVE-2025-1542.json) (`2025-03-26T11:15:38.240`) +- [CVE-2025-1769](CVE-2025/CVE-2025-17xx/CVE-2025-1769.json) (`2025-03-26T12:15:15.040`) +- [CVE-2025-1911](CVE-2025/CVE-2025-19xx/CVE-2025-1911.json) (`2025-03-26T12:15:15.197`) +- [CVE-2025-1912](CVE-2025/CVE-2025-19xx/CVE-2025-1912.json) (`2025-03-26T12:15:15.353`) +- [CVE-2025-1913](CVE-2025/CVE-2025-19xx/CVE-2025-1913.json) (`2025-03-26T12:15:15.513`) +- [CVE-2025-2110](CVE-2025/CVE-2025-21xx/CVE-2025-2110.json) (`2025-03-26T12:15:15.827`) +- [CVE-2025-2596](CVE-2025/CVE-2025-25xx/CVE-2025-2596.json) (`2025-03-26T11:15:39.183`) +- [CVE-2025-27551](CVE-2025/CVE-2025-275xx/CVE-2025-27551.json) (`2025-03-26T11:15:38.943`) +- [CVE-2025-27552](CVE-2025/CVE-2025-275xx/CVE-2025-27552.json) (`2025-03-26T11:15:39.063`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `2` +- [CVE-2023-52461](CVE-2023/CVE-2023-524xx/CVE-2023-52461.json) (`2025-03-26T11:41:07.140`) +- [CVE-2024-27680](CVE-2024/CVE-2024-276xx/CVE-2024-27680.json) (`2025-03-26T11:41:33.737`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 1a7d77a4f22..60509e1b0a5 100644 --- a/_state.csv +++ b/_state.csv @@ -241078,7 +241078,7 @@ CVE-2023-52458,0,0,fdc24a051b1b2915fa851fc41d64e4806cb7366ecb0cb857fc4237a1e6d0a CVE-2023-52459,0,0,7a35fca1697526f74e9c91d9f5f8e0238dd61ff49e157d4a65086dd39a1fa0b5,2024-11-21T08:39:49.080000 CVE-2023-5246,0,0,71b08073507c72303c6218241cd511240cd963b14c859420de2e31a511697365,2024-11-21T08:41:22.023000 CVE-2023-52460,0,0,338eeec63077ab6376c52f951015d601771848b278038c36be56efe838b5e5f8,2024-11-21T08:39:49.213000 -CVE-2023-52461,0,0,9aa97213efb1a3461c918e61dce6e88473eae0209edce9d60ce14981e0fd68e9,2024-11-21T08:39:49.340000 +CVE-2023-52461,0,1,9379cd65f16a21f34aa2ebc3d448001287f403ee64c4d534b309449f67c6de18,2025-03-26T11:41:07.140000 CVE-2023-52462,0,0,b72bf8d417d2d25ff363b15e3e49e57a273650623bc7f75d958db0f0e9c41495,2024-11-21T08:39:49.553000 CVE-2023-52463,0,0,6f9a8191f138a8b8e1ea75cd203eab9eaf73fb4337d789766847b4227d0d61f2,2024-11-21T08:39:49.730000 CVE-2023-52464,0,0,1bbc4461fd8cead2d72950753b8e090d2ca08426254e292cd801b5c5a924dc48,2024-11-21T08:39:49.893000 @@ -247727,6 +247727,7 @@ CVE-2024-13408,0,0,e396f32e4dcbb651814f9215fd3a09eb2577d8842a6e7054a1c2694b62332 CVE-2024-13409,0,0,16195c232130678b474ab73526a536d491d9fdbf657fb8a2a79faa0112e2d1e0,2025-02-05T01:36:36.047000 CVE-2024-1341,0,0,18a405c4f3b1670bb4682ce0d2bacf1a2f13ce190629c8c1f1c6d07cc16f0c27,2025-02-27T03:18:02.077000 CVE-2024-13410,0,0,c8efcc0710b923cc6eb60456fcfce89ff0c0c26adea4a60a1c9581e3e6307ba6,2025-03-19T07:15:33.233000 +CVE-2024-13411,1,1,0617e2ad1f73fcfa473d519329d89e33b2b5aa81c4ab3d1272c419361b63b393,2025-03-26T12:15:13.880000 CVE-2024-13412,0,0,a7c26f2b95654b150dd44aaba7168674e4d0fc6138c51107b5476354f60ef52b,2025-03-19T07:15:33.980000 CVE-2024-13413,0,0,b43ed4643dabc8868dcfa53910d76ce2221751b062cab18595b77b8d890794e4,2025-03-11T05:15:37.083000 CVE-2024-13415,0,0,20f4b651b70587580f805a97274e0650f9bb61a3067aa9a0bda1ff129a051ce4,2025-01-31T06:15:29.287000 @@ -248018,7 +248019,7 @@ CVE-2024-13699,0,0,6c179d99e1e68d225e4cf32bfc134108fb7e1de353e5a047f158d68ed9ec8 CVE-2024-1370,0,0,da6427f03006934633b115ec37d488931b10b7ade7ab0e2e50968c13d4ecf76a,2025-03-05T17:21:25.677000 CVE-2024-13700,0,0,9ce20ac3b11103f5abdc5f2758b97ef5dcc76de719f13fdbcb103d53e58691eb,2025-01-31T16:49:24.477000 CVE-2024-13701,0,0,521368ae5abaf2abfb46429e33c728f78e759a939d38cf1b0d41e4d95d49ddef,2025-02-25T03:53:21.997000 -CVE-2024-13702,1,1,fe63a3dace858f10892a6b6902d918b8c2cea7c279d06a50e3cac75f18096316,2025-03-26T09:15:14.323000 +CVE-2024-13702,0,0,fe63a3dace858f10892a6b6902d918b8c2cea7c279d06a50e3cac75f18096316,2025-03-26T09:15:14.323000 CVE-2024-13703,0,0,6dfd68dbb32b8f6168034a526d94cad394bc6c760f20c9e7fb75bd1126bfb122,2025-03-13T02:15:11.293000 CVE-2024-13704,0,0,edacb1bf034aad21d3de74c25d716996b7c2a06ccbd4adcf15412220d4bc97f7,2025-02-21T15:34:38.797000 CVE-2024-13705,0,0,5ec6ac499cda9ee218cf1587251a6725974948adf52db55dc1b1fdc60e1d5cc2,2025-01-31T18:17:10.220000 @@ -248102,7 +248103,7 @@ CVE-2024-13798,0,0,ce094bf82021ad6e4ff8123a67b873e4d45b85370d9f1b7c7aef06d072410 CVE-2024-13799,0,0,568137e6611c802d800a1c88238ba60b18e92925318c7d21fcf20c95230c7dfb,2025-02-19T06:15:21.283000 CVE-2024-1380,0,0,189ef0e7c99b94999bf853d72512eb8cc5fd5c5f665b06c2b0baa188813ae89d,2025-01-31T13:26:51.163000 CVE-2024-13800,0,0,db269d664e8ffceb549584ac138b0b3d8532020dce3ad8c5501401929c306f63,2025-02-24T15:55:09.120000 -CVE-2024-13801,1,1,bb464877728778b8a6bb042be169ab1665e06a3e723ff5179fd681a0bea46d55,2025-03-26T09:15:15.763000 +CVE-2024-13801,0,0,bb464877728778b8a6bb042be169ab1665e06a3e723ff5179fd681a0bea46d55,2025-03-26T09:15:15.763000 CVE-2024-13802,0,0,774d150df9948895bc1c8319c04951551fc49cae4e2c0e8ce41994610c382f58,2025-02-25T20:57:34.193000 CVE-2024-13803,0,0,93a9df80fad16c66cdad18cf7b08a600f14f988ff84d4f170dbb9b255e8d0a90,2025-02-26T13:15:38.027000 CVE-2024-13805,0,0,ab23ddffd79c9236654dca87d416c22cef2f181f71a6522374ad6bbab1e39bf2,2025-03-07T10:15:16.123000 @@ -248181,6 +248182,7 @@ CVE-2024-13884,0,0,10f7fcc75a4fc204450b358cca600c89abd80738d1e6ea67e85cdd937ea09 CVE-2024-13885,0,0,75264973709d612b700dd0d733855b9e045bfa0ed4f3dd1ed0110e51b91a48a2,2025-03-14T17:15:41.520000 CVE-2024-13887,0,0,89499ff7ff9d73f249e52c3c47699c4b603d353d5a310262686faceeeb325e58,2025-03-13T04:15:18.680000 CVE-2024-13888,0,0,45ea465fd1196bf38b8c341b411c16c5302500649feb2c402e910f2e8aae7f79,2025-02-25T20:39:44.927000 +CVE-2024-13889,1,1,75c1940ee7572976bef4ca467ac2dcab37c382f2c4d252f4ba0c5d0520a00cb4,2025-03-26T12:15:14.590000 CVE-2024-1389,0,0,44c915b89d8f24815db27dcf9521c10fcca5d968291afb2cbd201094aadb9d12,2025-01-27T17:15:51.567000 CVE-2024-13890,0,0,355c25a0b64e2b11b5b17fe1a6fd6a7b791d12ac0c833401d52f3b729f30eb44,2025-03-12T16:48:41.693000 CVE-2024-13891,0,0,15d5f22e16d362bc6aa7f84f23a58b6ec9da45506aa8b9c52e0769c2743f78fd,2025-03-14T17:15:41.717000 @@ -254891,7 +254893,7 @@ CVE-2024-2767,0,0,63fb7925e3ed607eb8169902b3e027c065fc9d1cd4958d404a1ac76e9d79ea CVE-2024-27673,0,0,b827936180312254f56c8c18e1a9e00f4dbc9d441e499ec6aaa928d4b3451535,2024-04-03T16:15:07.173000 CVE-2024-27674,0,0,34ccb3f85191f3225246fe31e6b6aa02ad062724f279521d20a183c721e94258,2024-11-21T09:04:52.927000 CVE-2024-2768,0,0,73606e2fcaa404aa5195b229503329bf796940cee0d4ef224671a9d1016ab40e,2025-02-21T17:07:47.053000 -CVE-2024-27680,0,0,03e0b85897908f590edededca26ae33bfb173df38dd28e91259cc537ee4bbbf1,2024-11-21T09:04:53.150000 +CVE-2024-27680,0,1,045ae7f21a76d8b5dcbb31c4b83eae90c185f080a0865122dfcb71911a8e3350,2025-03-26T11:41:33.737000 CVE-2024-27683,0,0,e240f9a72cf4b7568ca46ea6bb64ddcf3a6ec5aa03a9416b260ae22da9008b86,2024-11-21T09:04:53.367000 CVE-2024-27684,0,0,8f9956a4a0b43c906740d1106a32a742a9fcef0903170255a4a05b3de7b55181,2024-11-21T09:04:53.583000 CVE-2024-27689,0,0,b8125c9204d9b7912d4a758cf2a362c6f50eefc46a69eade4a7f53332972070e,2024-11-21T09:04:53.813000 @@ -281729,8 +281731,9 @@ CVE-2025-1302,0,0,4c600c674f22378513ee28ce145975f04e5b0e89605ff80d937b77394d750b CVE-2025-1306,0,0,de526cacf8bf273c9432977eceb9f985b41588e9255fe87d024d0d9921890929,2025-03-05T18:45:32.943000 CVE-2025-1307,0,0,f5a65a0d70e64918e5c1a7d1d02a502ae3db9a76fffe081c38f2a5d059c1eb26,2025-03-05T13:55:29.927000 CVE-2025-1309,0,0,5d2b17215fed7de1b66f6e9e5fd86a1c64bff76093266d0c2270f4eeb2161dcf,2025-03-07T08:15:42.017000 -CVE-2025-1310,1,1,1c2d4505468bb908c19a864be72e2bdc6591212daaa3ccd957c82c76cf5add42,2025-03-26T10:15:14.653000 +CVE-2025-1310,0,0,1c2d4505468bb908c19a864be72e2bdc6591212daaa3ccd957c82c76cf5add42,2025-03-26T10:15:14.653000 CVE-2025-1311,0,0,f6c7853d29144d30e1440fe649502c47ee37834c55b5d3f4a34600897bc61e58,2025-03-22T07:15:24.433000 +CVE-2025-1312,1,1,d05a4b623df796da515f6bec12f5c229ea8c9f0dba981198b466e753d000b131,2025-03-26T12:15:14.890000 CVE-2025-1314,0,0,bafad489ff1eadbb41395d6cf3743ce464b25bb7da82ca4e71ee61d8353e849a,2025-03-20T06:15:22.437000 CVE-2025-1315,0,0,b2e5cb43d68af8915879a41f899eac8effc6f5ff149f94a7a5bed3683712a9b7,2025-03-13T15:00:51.697000 CVE-2025-1316,0,0,c2931120323888406b8ead50daf4943444c62f5ffe8d72bd7b5c79484ca09a72,2025-03-25T16:46:07.540000 @@ -281815,9 +281818,9 @@ CVE-2025-1433,0,0,e4257b265cb0fea8237bfb54d6e25ede0c1cfc291c5042720840e13d6e6532 CVE-2025-1434,0,0,a3866a08b633baa47e1218d0ddb17df7ba7c9c2875011d0577de1d45619f3f98,2025-03-11T08:15:11.207000 CVE-2025-1435,0,0,3d678d6656d20bd5b96aa1f5dc812b5bfdb1816c9aa05dbe2ea5cdc48474d52d,2025-03-05T09:15:10.267000 CVE-2025-1436,0,0,4fd0b2ae4e724dd49b85592d1f1318f63e647837cea49133222d911b8ad33afb,2025-03-14T17:15:50.623000 -CVE-2025-1437,1,1,610ca7c6cf1b368f3c3f53bf779c4a7873ca78594266c672ccc74608f565b282,2025-03-26T10:15:14.930000 -CVE-2025-1439,1,1,82de4c165e0d3a974cd52a4f26dd6930a7722b80c168da8c08aa1030fe8ca941,2025-03-26T10:15:15.093000 -CVE-2025-1440,1,1,06b88c7fde36b7ffcfe9911908004dac3275c432076f3b7c82ff61018f56ac14,2025-03-26T10:15:15.260000 +CVE-2025-1437,0,0,610ca7c6cf1b368f3c3f53bf779c4a7873ca78594266c672ccc74608f565b282,2025-03-26T10:15:14.930000 +CVE-2025-1439,0,0,82de4c165e0d3a974cd52a4f26dd6930a7722b80c168da8c08aa1030fe8ca941,2025-03-26T10:15:15.093000 +CVE-2025-1440,0,0,06b88c7fde36b7ffcfe9911908004dac3275c432076f3b7c82ff61018f56ac14,2025-03-26T10:15:15.260000 CVE-2025-1441,0,0,2d81c29ba90afc9b9a305ea2ed689bb369bca8be1da9da1458054db63323a34f,2025-02-28T19:51:28.980000 CVE-2025-1445,0,0,6a5f20112b988cc2c3d237b320d17b66c82196c854c54237efd1d40ed57525d2,2025-03-25T13:15:40.347000 CVE-2025-1446,0,0,95901e0cac0119ec391ef035d23ba55e02dd62d2391e09d32f36b0377dc79fe8,2025-03-24T19:15:49.973000 @@ -281861,7 +281864,7 @@ CVE-2025-1509,0,0,dd42a33d90057770cc0fff8a787b9ce6f9b83b6dcef0adadc46d0dded06e7a CVE-2025-1510,0,0,908b98a8ee37341a28713a06694a08e53c25ab91ce664e9dcc93619135ea532a,2025-03-06T15:13:33.280000 CVE-2025-1511,0,0,1c181a66cf1ac99d67fff65c89ad0c75490b829a67e03df0160cb907d2bc8f45,2025-03-06T17:55:34.303000 CVE-2025-1513,0,0,ce3139c624bf0aef8e367fe572f1b2e77a39780d5752c990d66c97a9a157ed49,2025-03-06T17:55:57.117000 -CVE-2025-1514,1,1,0d1793603f6cba59dc27aeba05d9e383115c690b54a3f0733d6de98099924107,2025-03-26T09:15:15.950000 +CVE-2025-1514,0,0,0d1793603f6cba59dc27aeba05d9e383115c690b54a3f0733d6de98099924107,2025-03-26T09:15:15.950000 CVE-2025-1515,0,0,96efd86c5199277c649db9d3a44020b0cf7829d395d3a3db8805b6323baa5417,2025-03-05T10:15:19.850000 CVE-2025-1517,0,0,59f92391aff92edb8f0e2c5d447824bc758e9021eff4b28d2fd46f3db7241347,2025-03-24T17:56:06.763000 CVE-2025-1526,0,0,6ccdbe928ef24ca526e4b1e5e42bcc074377bcc67cdebc47d468f5396b2349da,2025-03-24T18:04:40.790000 @@ -281874,6 +281877,7 @@ CVE-2025-1537,0,0,861630e1b0372f1f37852ff12813e7a5ac2fa6d179d082cf3113227aa130bf CVE-2025-1538,0,0,13e428f2e0a70ca29f792d43841bea06ccb32609b695e1ccad7a3e5c918f65a6,2025-02-25T20:54:42.947000 CVE-2025-1539,0,0,5be918eac13b456089d712df20e654187887e4c08708a48e1848fdb356188426,2025-03-03T16:36:49.113000 CVE-2025-1540,0,0,cb4999aaeeb60402765c3628ea219ecf33f2a8090fd69a8d886ff441036aa008,2025-03-06T09:15:26.317000 +CVE-2025-1542,1,1,4e2adf2ff25372013a2918c53c097d77c36d83ea6791050655febde2e8aa25a1,2025-03-26T11:15:38.240000 CVE-2025-1543,0,0,dfb74998b01a6403cafc6b46cb4c4c78345f8468d3e985eba5ddcbda95801293,2025-02-21T16:15:32.787000 CVE-2025-1544,0,0,2377ad87743f4fe242650024fb03372701542bc42778ab3d19eda86c524de177,2025-02-21T16:15:32.953000 CVE-2025-1546,0,0,51ef3cbc8ac56bb33fe743735a6d072664b6eb44d4e8fe737f496fc69a6fe775,2025-02-21T18:15:21.523000 @@ -281984,7 +281988,7 @@ CVE-2025-1693,0,0,7ebc617b821b94f1ea8c04b23cc41634822af607e5925c55616ab5694b115f CVE-2025-1695,0,0,cbf3efd6d4e73bfe3ff835fcf882f73adfdb39988dff2937e451b5c5884a1eaa,2025-03-05T15:19:14.313000 CVE-2025-1696,0,0,a4ebe2093d6db003a81772653e3b8096038d292b86e17d8021513423bef33f12,2025-03-06T12:15:36.293000 CVE-2025-1702,0,0,8350c512bb427a18e75fe369e7c514680d305e4b55cc00b262ae74877fe4e9d9,2025-03-05T12:15:35.420000 -CVE-2025-1703,1,1,bef1b8ee325e662be521ba36b3069d0bb842015c7226b0ff5fecedf73b37bfc1,2025-03-26T10:15:15.437000 +CVE-2025-1703,0,0,bef1b8ee325e662be521ba36b3069d0bb842015c7226b0ff5fecedf73b37bfc1,2025-03-26T10:15:15.437000 CVE-2025-1707,0,0,eb806af042366277371dce5ba4e4d20eb3821597874c2eb4040b48171f171ef9,2025-03-11T22:15:12.583000 CVE-2025-1714,0,0,6e67e5fe1ad7d1f8ea60e413f9fa7e7e2f63bd8d4c4369040436660c144fa80c,2025-03-07T05:15:16.233000 CVE-2025-1716,0,0,7b54faf04c0c346ecfa632bdb4185fc3c19aff41bf7399ecadc1ddfb775e6d41,2025-03-03T16:15:39.520000 @@ -282014,6 +282018,7 @@ CVE-2025-1764,0,0,13706f4025eae225fc3793a7e7a1fa321df281c8253d66f7993d98f6aa0910 CVE-2025-1766,0,0,598707d3f8b19c5a3ff0b336e9bc39a76f8ffb8a9d939d0b001d5b5f979e7c65,2025-03-20T06:15:22.740000 CVE-2025-1767,0,0,db4a25182003b3801d09638d93655c86fe8651aa60672fd3a6309c07b55e200e,2025-03-13T21:15:43.127000 CVE-2025-1768,0,0,21c4d8708441d636d3d85a241f0a7821ff945f56838f66ee7adb3147ed9da671,2025-03-07T11:15:15.653000 +CVE-2025-1769,1,1,bc5badcb36958e1f8f1dd29e22fb474934c2e43fca72c5983c3edb91637d4ceb,2025-03-26T12:15:15.040000 CVE-2025-1770,0,0,dabca41c99283c1e30c784be93a5fbf7941611623d961fbc22d34f6c0b873c34,2025-03-20T06:15:22.903000 CVE-2025-1771,0,0,f941eeb87406f27b32688fc24536403440e01c6f12dad32afe5e745de8f06ad7,2025-03-15T05:15:47.253000 CVE-2025-1773,0,0,8ec8dbded090ba64a07cfd6b14e86950d4c62160e124de793edae4c60a6f92e5,2025-03-15T05:15:47.403000 @@ -282120,6 +282125,9 @@ CVE-2025-1903,0,0,6d340e8ed917a821f64df99818d24e210d21c9915d508adde3298f17a8197a CVE-2025-1904,0,0,f1403f89463521fa6ecf20ea0b63150d28c96f5825eb8230b39ee2a81e24b378,2025-03-06T12:20:33.473000 CVE-2025-1905,0,0,2b4eb6efb4aab05c0b5f79955f2e8fa7379c3a611db1f2d5266246ca15810f0c,2025-03-06T12:21:06.503000 CVE-2025-1906,0,0,25be12853bbdada8a0f0b6f9783f2e12a1ead904ee5fe2efcc8d708d8d5a84e0,2025-03-06T12:17:27.613000 +CVE-2025-1911,1,1,fda2ee948a7e9dc10da88e86e64ec48c3e958c0e13e09dddebed25db73a20631,2025-03-26T12:15:15.197000 +CVE-2025-1912,1,1,52e94094a51833e8f6daebbbcb34134e997db747948d39dc047a1d5773606455,2025-03-26T12:15:15.353000 +CVE-2025-1913,1,1,b97da76f8fdcb485607fc8cacd478099fc4d9428d282394b8b42280342910b19,2025-03-26T12:15:15.513000 CVE-2025-1914,0,0,187c21953cf4a3bb0942d3a4ab2c435e7f496e314b9f90d9d30af8457a4151bb,2025-03-05T15:15:15.560000 CVE-2025-1915,0,0,8c5ae217f132591a153953e83bf0fd453c3706a9955aee72137219d75a19a23c,2025-03-05T15:15:15.743000 CVE-2025-1916,0,0,089ca37827fcfe2123f7e680bf24d5eeed87218e78fb702864a4ae52e0027b8e,2025-03-05T15:15:15.900000 @@ -282201,7 +282209,7 @@ CVE-2025-20075,0,0,d1a101f734614c5c8c3625d1b34c0ffc62ba95c1554396b4b462975c1a68b CVE-2025-20081,0,0,abcfce6f9eaab6cfa483ac5a94822b346d626721da33852cd21d93971e9a065d,2025-03-04T19:10:41.293000 CVE-2025-20086,0,0,c718ee138c5d706935ee7319c465eb1db60c32a8ee92f074be268892106cc0d1,2025-01-15T17:15:19.107000 CVE-2025-20088,0,0,d069a0a8d0e55448ae448cb2d1bba620f97cc6785542779fdc1ef2f2206cb89e,2025-01-15T17:15:19.243000 -CVE-2025-2009,1,1,13f4089f3ceb3ac83cf8a3db17b37031a204a5438f304e4f0b081cf128a2de73,2025-03-26T09:15:16.140000 +CVE-2025-2009,0,0,13f4089f3ceb3ac83cf8a3db17b37031a204a5438f304e4f0b081cf128a2de73,2025-03-26T09:15:16.140000 CVE-2025-20091,0,0,0cdb9eea19c09be50063181dcf3e2d9657e09008131c8aa6c7ec3cb8d1eff20b,2025-03-06T18:07:00.587000 CVE-2025-20094,0,0,cc9826181bf1f83e2cac160833fefdc5cca091c7fe9a0c6abd476a3468c0bc65,2025-02-06T08:15:29.837000 CVE-2025-20097,0,0,44f65a5475190446e165a44597504f8f11f3d766148b58ad519cc1d02d7b02f9,2025-02-12T22:15:41.850000 @@ -282419,6 +282427,7 @@ CVE-2025-21092,0,0,03af17d12271d3564885d10071c53bea8826591d692686e1c0d8803603e1f CVE-2025-21095,0,0,c386ac503377b743afd9fcbb59e3f9db50d4310fdf761d76706a482de8cda7b5,2025-03-05T16:15:37.487000 CVE-2025-21097,0,0,56c8f54b537437305f22923caf43b164fc28222de6fd60b26bf16c417f5c9c3c,2025-03-06T18:07:39.457000 CVE-2025-21098,0,0,dc52a3f16e39fecc93d1ee27a67287d6db18a4b95402eb98c08a4da2374cbce4,2025-03-06T18:08:03.217000 +CVE-2025-2110,1,1,2dc6f3ad983af11b81f9e9f47b8d3392e7d319c21fd83923f4df7d536bfee3e7,2025-03-26T12:15:15.827000 CVE-2025-21101,0,0,0410baf8ce887e4bee4e642f5416b4c957a9c2a93d873e61b46c5aa6fe5ccada,2025-02-04T15:50:56.233000 CVE-2025-21102,0,0,933ca72a52260837d55d5545fa75f1f12ce9dc7f55e3f7d4f145fee0707ab4ba,2025-01-24T19:10:11.977000 CVE-2025-21103,0,0,e47eb06001984d8500d168dff51756d65a465cd5cf145d2cfc8ed0911d350714,2025-02-17T14:15:08.597000 @@ -282879,7 +282888,7 @@ CVE-2025-21666,0,0,09a887db3b9a7f1ff5a317bee005091ad62ba5630ef0df2d9565a2ca4f2b4 CVE-2025-21667,0,0,1d3421162daba54a5b257dec21046c336ea4d1c2548b277380c64838560bc3f3,2025-02-03T20:00:28.727000 CVE-2025-21668,0,0,c957a19bf46951855e353bbef33bee1aaa8a5599eacf3b8f0e64afe11a44aa4a,2025-01-31T12:15:27.960000 CVE-2025-21669,0,0,f693fe3407a5a10b6015a8b5648a41115fa5f363f68427e72ac57ff90c068424,2025-02-04T15:38:39.790000 -CVE-2025-2167,1,1,a3286df3da48d881d62f74f5ff1ff40842cdbd2a36bc9d1e4b9f71244d1239bc,2025-03-26T09:15:16.500000 +CVE-2025-2167,0,0,a3286df3da48d881d62f74f5ff1ff40842cdbd2a36bc9d1e4b9f71244d1239bc,2025-03-26T09:15:16.500000 CVE-2025-21670,0,0,ca2de355b2236daf5daae7fbc1d2b8883b364d957a9314e913d3902bff31465c,2025-02-04T15:37:25.103000 CVE-2025-21671,0,0,56f608e264b1cd08fd32368c031880a65efd5786aa874d7df055769a8166fc98,2025-02-10T18:15:35.147000 CVE-2025-21672,0,0,cab58e2d04d760da852a8245246140e438babd82d5c91b36a25530a9eb3934b5,2025-02-03T20:04:22.147000 @@ -283362,7 +283371,7 @@ CVE-2025-22564,0,0,c6bcdc2f84aa39c7ba65ae760aaf069d1367d782297729876d0295b371334 CVE-2025-22567,0,0,7640327e90d13935406fda5e46326035dce8768c7ac08f762a301197dc23d3c0,2025-01-13T14:15:11.460000 CVE-2025-22568,0,0,f3a337c9bc58a10967a71c972b3d36d20f02e69abf28f2da99dbae5c50742b4f,2025-01-13T14:15:11.610000 CVE-2025-22569,0,0,71c2a126896a25500ec5a83e43acb4e704a716153f97fc1411303eae2fdb9009,2025-01-13T14:15:11.787000 -CVE-2025-2257,1,1,b906a9d340289263acf545d84013f0f8e6b13bfc29e21a8b02f585ced44c6360,2025-03-26T09:15:16.647000 +CVE-2025-2257,0,0,b906a9d340289263acf545d84013f0f8e6b13bfc29e21a8b02f585ced44c6360,2025-03-26T09:15:16.647000 CVE-2025-22570,0,0,81e63174bbd9a8d7742f7e13c0c424e4e252c599a54eb0b708c66a7dc1c203c0,2025-01-13T14:15:11.940000 CVE-2025-22571,0,0,589592d19e0408795b9c88db00be613623e0a28c0ced64bee3ab080db5508985,2025-01-07T16:15:53.187000 CVE-2025-22572,0,0,09d362e6905110bf03efd8d9b3422685fc5a6f559575660b2f11c273a0d7b10c,2025-01-07T16:15:53.357000 @@ -285433,6 +285442,7 @@ CVE-2025-25952,0,0,733f7d41a569ab0086bde2648edacf6a1480bd27bad80edec358adfce1ddd CVE-2025-25953,0,0,c63208d17b5abc8d04a1effcfa3f9d2231a0266b3bf41265e2e620c714e3b025,2025-03-05T17:15:15.810000 CVE-2025-25957,0,0,b65136edccab78b78b9c909881827ed1ed034886966746fcab259eb6d692acae,2025-02-21T15:15:13.067000 CVE-2025-25958,0,0,0f8b1b28a95747b988ec24f56374cc73cf997d93ede793e430858c23744338af,2025-02-21T16:15:33.173000 +CVE-2025-2596,1,1,4c94c23c20af6ad264e3d4fbadeebf650d242c9fafd94b949253e5235652ab1b,2025-03-26T11:15:39.183000 CVE-2025-25960,0,0,f81f6a42cc37f50d144da0c1d5b21881b06cbfd074736b0e8bb6bc8c20ba8aa2,2025-02-21T22:15:13.297000 CVE-2025-25967,0,0,989386a4237cbda80018de244f1663bcd7537e8be154d2ce1f656a6eb97ba253,2025-03-06T12:25:50.837000 CVE-2025-25968,0,0,aa03a40375072b5ed2e0cc97eadb8b6a24b2d3fca5df43f3cc84fd5f8cf62db9,2025-02-20T20:15:46.993000 @@ -286126,6 +286136,8 @@ CVE-2025-27521,0,0,238fcbb4ddab85c97db2ebf1a5930f855cf28b2ad902f1b11a70a00fedb15 CVE-2025-2753,0,0,c4f223f01f43a4bc41fb6e6000479abc3fcfdfa8bea381ce5d291229dae4b9e3,2025-03-25T09:15:17.247000 CVE-2025-2754,0,0,a326bc3858285141a99f7245126546f196cdca853219c40a22fbd6bab233bcc7,2025-03-25T09:15:17.730000 CVE-2025-2755,0,0,2be4e1e06353a961288a1ac89a57890790aa2d17e4e656d7cb4215a8ecda9be5,2025-03-25T09:15:17.983000 +CVE-2025-27551,1,1,9fbc2489ec80e9de647c2e8ff1734eff43438393501575b7372498c02dea54d9,2025-03-26T11:15:38.943000 +CVE-2025-27552,1,1,57a3ef3068d58ee4a0b541b28f35dc104129aded6f6e2313b1880a5379244811,2025-03-26T11:15:39.063000 CVE-2025-27553,0,0,183dc3a86b8b1f61354b767d69fc5cfccf39fac83a814abf975899e48ebf1d50,2025-03-24T14:15:18.687000 CVE-2025-27554,0,0,cf23284196495ef624f6aebb4a495f3e36a6b5bfc39b634f5a2b752d43a7754d,2025-03-01T06:15:34.693000 CVE-2025-2756,0,0,58b5bd5add05519b3703c9867b1ef41f7806d55535cab28fb5b5ea6f68937930,2025-03-25T10:15:16.627000