From f583a4de43277fb6c64880a0d141aed708e421a4 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Mon, 9 Jun 2025 08:03:53 +0000 Subject: [PATCH] Auto-Update: 2025-06-09T08:00:19.109211+00:00 --- CVE-2018/CVE-2018-120xx/CVE-2018-12071.json | 6 +- CVE-2025/CVE-2025-252xx/CVE-2025-25207.json | 60 ++++++++ CVE-2025/CVE-2025-252xx/CVE-2025-25208.json | 60 ++++++++ CVE-2025/CVE-2025-252xx/CVE-2025-25209.json | 60 ++++++++ CVE-2025/CVE-2025-35xx/CVE-2025-3581.json | 21 +++ CVE-2025/CVE-2025-35xx/CVE-2025-3582.json | 21 +++ CVE-2025/CVE-2025-46xx/CVE-2025-4652.json | 21 +++ CVE-2025/CVE-2025-477xx/CVE-2025-47711.json | 60 ++++++++ CVE-2025/CVE-2025-477xx/CVE-2025-47712.json | 60 ++++++++ CVE-2025/CVE-2025-58xx/CVE-2025-5863.json | 145 +++++++++++++++++++ CVE-2025/CVE-2025-58xx/CVE-2025-5864.json | 149 ++++++++++++++++++++ CVE-2025/CVE-2025-58xx/CVE-2025-5865.json | 141 ++++++++++++++++++ CVE-2025/CVE-2025-58xx/CVE-2025-5866.json | 141 ++++++++++++++++++ CVE-2025/CVE-2025-58xx/CVE-2025-5893.json | 108 ++++++++++++++ README.md | 27 ++-- _state.csv | 25 +++- 16 files changed, 1089 insertions(+), 16 deletions(-) create mode 100644 CVE-2025/CVE-2025-252xx/CVE-2025-25207.json create mode 100644 CVE-2025/CVE-2025-252xx/CVE-2025-25208.json create mode 100644 CVE-2025/CVE-2025-252xx/CVE-2025-25209.json create mode 100644 CVE-2025/CVE-2025-35xx/CVE-2025-3581.json create mode 100644 CVE-2025/CVE-2025-35xx/CVE-2025-3582.json create mode 100644 CVE-2025/CVE-2025-46xx/CVE-2025-4652.json create mode 100644 CVE-2025/CVE-2025-477xx/CVE-2025-47711.json create mode 100644 CVE-2025/CVE-2025-477xx/CVE-2025-47712.json create mode 100644 CVE-2025/CVE-2025-58xx/CVE-2025-5863.json create mode 100644 CVE-2025/CVE-2025-58xx/CVE-2025-5864.json create mode 100644 CVE-2025/CVE-2025-58xx/CVE-2025-5865.json create mode 100644 CVE-2025/CVE-2025-58xx/CVE-2025-5866.json create mode 100644 CVE-2025/CVE-2025-58xx/CVE-2025-5893.json diff --git a/CVE-2018/CVE-2018-120xx/CVE-2018-12071.json b/CVE-2018/CVE-2018-120xx/CVE-2018-12071.json index ccd58e9f7b5..649eeefbcaa 100644 --- a/CVE-2018/CVE-2018-120xx/CVE-2018-12071.json +++ b/CVE-2018/CVE-2018-120xx/CVE-2018-12071.json @@ -2,7 +2,7 @@ "id": "CVE-2018-12071", "sourceIdentifier": "cve@mitre.org", "published": "2018-06-17T20:29:00.540", - "lastModified": "2024-11-21T03:44:32.020", + "lastModified": "2025-06-09T06:15:22.303", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -95,6 +95,10 @@ } ], "references": [ + { + "url": "https://github.com/bcit-ci/CodeIgniter/commit/800a20d6c4662d99ae0988b2f8f2238bb8bb29db", + "source": "cve@mitre.org" + }, { "url": "https://www.codeigniter.com/user_guide/changelog.html", "source": "cve@mitre.org", diff --git a/CVE-2025/CVE-2025-252xx/CVE-2025-25207.json b/CVE-2025/CVE-2025-252xx/CVE-2025-25207.json new file mode 100644 index 00000000000..d1fb784942c --- /dev/null +++ b/CVE-2025/CVE-2025-252xx/CVE-2025-25207.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-25207", + "sourceIdentifier": "secalert@redhat.com", + "published": "2025-06-09T06:15:24.413", + "lastModified": "2025-06-09T06:15:24.413", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Authorino service in the Red Hat Connectivity Link is the authorization service for zero trust API security. Authorino allows the users with developer persona to add callbacks to be executed to HTTP endpoints once the authorization process is completed. It was found that an attacker with developer persona access can add a large number of those callbacks to be executed by Authorino and as the authentication policy is enforced by a single instance of the service, this leada to a Denial of Service in Authorino while processing the post-authorization callbacks." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secalert@redhat.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.7, + "baseSeverity": "MEDIUM", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.1, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "secalert@redhat.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-400" + } + ] + } + ], + "references": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2025-25207", + "source": "secalert@redhat.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2347421", + "source": "secalert@redhat.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-252xx/CVE-2025-25208.json b/CVE-2025/CVE-2025-252xx/CVE-2025-25208.json new file mode 100644 index 00000000000..2ae2e368ecd --- /dev/null +++ b/CVE-2025/CVE-2025-252xx/CVE-2025-25208.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-25208", + "sourceIdentifier": "secalert@redhat.com", + "published": "2025-06-09T06:15:24.667", + "lastModified": "2025-06-09T06:15:24.667", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A Developer persona can bring down the Authorino service, preventing the evaluation of all AuthPolicies on the cluster" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secalert@redhat.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", + "baseScore": 5.7, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.1, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "secalert@redhat.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-400" + } + ] + } + ], + "references": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2025-25208", + "source": "secalert@redhat.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2347436", + "source": "secalert@redhat.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-252xx/CVE-2025-25209.json b/CVE-2025/CVE-2025-252xx/CVE-2025-25209.json new file mode 100644 index 00000000000..103d98c29bb --- /dev/null +++ b/CVE-2025/CVE-2025-252xx/CVE-2025-25209.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-25209", + "sourceIdentifier": "secalert@redhat.com", + "published": "2025-06-09T06:15:24.853", + "lastModified": "2025-06-09T06:15:24.853", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The AuthPolicy metadata on Red Hat Connectivity Link contains an object which stores secretes, however it assumes those secretes are already in the kuadrant-system instead of copying it to the referred namespace. This creates space for a malicious actor with a developer persona access to leak those secrets over HTTP connection, as long the attacker knows the name of the targeted secrets and those secrets are limited to one line only." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secalert@redhat.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L", + "baseScore": 5.7, + "baseSeverity": "MEDIUM", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 0.9, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "secalert@redhat.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2025-25209", + "source": "secalert@redhat.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2347438", + "source": "secalert@redhat.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-35xx/CVE-2025-3581.json b/CVE-2025/CVE-2025-35xx/CVE-2025-3581.json new file mode 100644 index 00000000000..3ad972eda28 --- /dev/null +++ b/CVE-2025/CVE-2025-35xx/CVE-2025-3581.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2025-3581", + "sourceIdentifier": "contact@wpscan.com", + "published": "2025-06-09T06:15:25.067", + "lastModified": "2025-06-09T06:15:25.067", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Newsletter WordPress plugin before 8.8.5 does not validate and escape some of its Widget options before outputting them back in a page/post where the block is embed, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/2d96f018-510d-40ab-9e73-76fa44784813/", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-35xx/CVE-2025-3582.json b/CVE-2025/CVE-2025-35xx/CVE-2025-3582.json new file mode 100644 index 00000000000..3747982aa9a --- /dev/null +++ b/CVE-2025/CVE-2025-35xx/CVE-2025-3582.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2025-3582", + "sourceIdentifier": "contact@wpscan.com", + "published": "2025-06-09T06:15:25.200", + "lastModified": "2025-06-09T06:15:25.200", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Newsletter WordPress plugin before 8.85 does not sanitise and escape some of its Form settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/19db8521-8dff-48c5-b21a-1001895292e0/", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-46xx/CVE-2025-4652.json b/CVE-2025/CVE-2025-46xx/CVE-2025-4652.json new file mode 100644 index 00000000000..eb0eeccbc3e --- /dev/null +++ b/CVE-2025/CVE-2025-46xx/CVE-2025-4652.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2025-4652", + "sourceIdentifier": "contact@wpscan.com", + "published": "2025-06-09T06:15:25.740", + "lastModified": "2025-06-09T06:15:25.740", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Broadstreet WordPress plugin before 1.51.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/2a18ab96-ba95-4599-824f-df12e4851e6d/", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-477xx/CVE-2025-47711.json b/CVE-2025/CVE-2025-477xx/CVE-2025-47711.json new file mode 100644 index 00000000000..f6284c5e27b --- /dev/null +++ b/CVE-2025/CVE-2025-477xx/CVE-2025-47711.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-47711", + "sourceIdentifier": "secalert@redhat.com", + "published": "2025-06-09T06:15:25.320", + "lastModified": "2025-06-09T06:15:25.320", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data range, and a plugin responds with an even larger single block, the nbdkit server can encounter a critical internal error, leading to a denial-of-service." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secalert@redhat.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "secalert@redhat.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-193" + } + ] + } + ], + "references": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2025-47711", + "source": "secalert@redhat.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2365687", + "source": "secalert@redhat.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-477xx/CVE-2025-47712.json b/CVE-2025/CVE-2025-477xx/CVE-2025-47712.json new file mode 100644 index 00000000000..19522305696 --- /dev/null +++ b/CVE-2025/CVE-2025-477xx/CVE-2025-47712.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-47712", + "sourceIdentifier": "secalert@redhat.com", + "published": "2025-06-09T06:15:25.537", + "lastModified": "2025-06-09T06:15:25.537", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A flaw exists in the nbdkit \"blocksize\" filter that can be triggered by a specific type of client request. When a client requests block status information for a very large data range, exceeding a certain limit, it causes an internal error in the nbdkit, leading to a denial of service." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secalert@redhat.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "secalert@redhat.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-190" + } + ] + } + ], + "references": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2025-47712", + "source": "secalert@redhat.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2365724", + "source": "secalert@redhat.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-58xx/CVE-2025-5863.json b/CVE-2025/CVE-2025-58xx/CVE-2025-5863.json new file mode 100644 index 00000000000..40dcf14f6fd --- /dev/null +++ b/CVE-2025/CVE-2025-58xx/CVE-2025-5863.json @@ -0,0 +1,145 @@ +{ + "id": "CVE-2025-5863", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-06-09T06:15:25.870", + "lastModified": "2025-06-09T06:15:25.870", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in Tenda AC5 15.03.06.47. It has been classified as critical. Affected is the function formSetRebootTimer of the file /goform/SetRebootTimer. The manipulation of the argument rebootTime leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 7.4, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "HIGH", + "vulnIntegrityImpact": "HIGH", + "vulnAvailabilityImpact": "HIGH", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "PROOF_OF_CONCEPT", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", + "baseScore": 9.0, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "COMPLETE", + "integrityImpact": "COMPLETE", + "availabilityImpact": "COMPLETE" + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 8.0, + "impactScore": 10.0, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + }, + { + "lang": "en", + "value": "CWE-121" + } + ] + } + ], + "references": [ + { + "url": "https://lavender-bicycle-a5a.notion.site/Tenda-AC5-formSetRebootTimer-20a53a41781f80a6b9a8f6e5915cf256?source=copy_link", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.311622", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.311622", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.591981", + "source": "cna@vuldb.com" + }, + { + "url": "https://www.tenda.com.cn/", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-58xx/CVE-2025-5864.json b/CVE-2025/CVE-2025-58xx/CVE-2025-5864.json new file mode 100644 index 00000000000..df3ee3bcad1 --- /dev/null +++ b/CVE-2025/CVE-2025-58xx/CVE-2025-5864.json @@ -0,0 +1,149 @@ +{ + "id": "CVE-2025-5864", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-06-09T06:15:26.170", + "lastModified": "2025-06-09T06:15:26.170", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in Tenda TDSEE App up to 1.7.12. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /app/ConfirmSmsCode of the component Password Reset Confirmation Code Handler. The manipulation leads to improper restriction of excessive authentication attempts. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 1.7.15 is able to address this issue. It is recommended to upgrade the affected component." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "LOW", + "vulnIntegrityImpact": "NONE", + "vulnAvailabilityImpact": "NONE", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "PROOF_OF_CONCEPT", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 3.7, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.2, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", + "baseScore": 2.6, + "accessVector": "NETWORK", + "accessComplexity": "HIGH", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "baseSeverity": "LOW", + "exploitabilityScore": 4.9, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-307" + }, + { + "lang": "en", + "value": "CWE-799" + } + ] + } + ], + "references": [ + { + "url": "https://blog.kevgen.ru/posts/account_takeover_in_tdsee_app/", + "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/k3vg3n/researches/blob/main/Account_takeover_in_TDSEE_app.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.311623", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.311623", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.592074", + "source": "cna@vuldb.com" + }, + { + "url": "https://www.tenda.com.cn/", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-58xx/CVE-2025-5865.json b/CVE-2025/CVE-2025-58xx/CVE-2025-5865.json new file mode 100644 index 00000000000..93cab73ff40 --- /dev/null +++ b/CVE-2025/CVE-2025-58xx/CVE-2025-5865.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2025-5865", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-06-09T07:15:22.660", + "lastModified": "2025-06-09T07:15:22.660", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in RT-Thread 5.1.0. It has been rated as critical. Affected by this issue is the function sys_select of the file rt-thread/components/lwp/lwp_syscall.c of the component Parameter Handler. The manipulation of the argument timeout leads to memory corruption. The vendor explains, that \"[t]he timeout parameter should be checked to check if it can be accessed correctly in kernel mode and used temporarily in kernel memory.\"" + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 8.6, + "baseSeverity": "HIGH", + "attackVector": "ADJACENT", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "HIGH", + "vulnIntegrityImpact": "HIGH", + "vulnAvailabilityImpact": "HIGH", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.0, + "baseSeverity": "HIGH", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.1, + "impactScore": 5.9 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C", + "baseScore": 7.7, + "accessVector": "ADJACENT_NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "COMPLETE", + "integrityImpact": "COMPLETE", + "availabilityImpact": "COMPLETE" + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 5.1, + "impactScore": 10.0, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/RT-Thread/rt-thread/issues/10298", + "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/RT-Thread/rt-thread/issues/10298#issuecomment-2894952150", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.311624", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.311624", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.584124", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-58xx/CVE-2025-5866.json b/CVE-2025/CVE-2025-58xx/CVE-2025-5866.json new file mode 100644 index 00000000000..a67c9281778 --- /dev/null +++ b/CVE-2025/CVE-2025-58xx/CVE-2025-5866.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2025-5866", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-06-09T07:15:22.947", + "lastModified": "2025-06-09T07:15:22.947", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability classified as critical has been found in RT-Thread 5.1.0. This affects the function sys_sigprocmask of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument how leads to improper validation of array index." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 8.6, + "baseSeverity": "HIGH", + "attackVector": "ADJACENT", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "HIGH", + "vulnIntegrityImpact": "HIGH", + "vulnAvailabilityImpact": "HIGH", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.0, + "baseSeverity": "HIGH", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.1, + "impactScore": 5.9 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:A/AC:M/Au:S/C:C/I:C/A:C", + "baseScore": 7.4, + "accessVector": "ADJACENT_NETWORK", + "accessComplexity": "MEDIUM", + "authentication": "SINGLE", + "confidentialityImpact": "COMPLETE", + "integrityImpact": "COMPLETE", + "availabilityImpact": "COMPLETE" + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 4.4, + "impactScore": 10.0, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + }, + { + "lang": "en", + "value": "CWE-129" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/RT-Thread/rt-thread/issues/10300", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.311625", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.311625", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.584127", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-58xx/CVE-2025-5893.json b/CVE-2025/CVE-2025-58xx/CVE-2025-5893.json new file mode 100644 index 00000000000..66174e53cef --- /dev/null +++ b/CVE-2025/CVE-2025-58xx/CVE-2025-5893.json @@ -0,0 +1,108 @@ +{ + "id": "CVE-2025-5893", + "sourceIdentifier": "twcert@cert.org.tw", + "published": "2025-06-09T07:15:23.167", + "lastModified": "2025-06-09T07:15:23.167", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Smart Parking Management System from Honding Technology has an Exposure of Sensitive Information vulnerability, allowing unauthenticated remote attackers to access a specific page and obtain plaintext administrator credentials." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "twcert@cert.org.tw", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 9.3, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "HIGH", + "vulnIntegrityImpact": "HIGH", + "vulnAvailabilityImpact": "HIGH", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-256" + }, + { + "lang": "en", + "value": "CWE-497" + } + ] + } + ], + "references": [ + { + "url": "https://www.twcert.org.tw/en/cp-139-10169-651d6-2.html", + "source": "twcert@cert.org.tw" + }, + { + "url": "https://www.twcert.org.tw/tw/cp-132-10167-39c6d-1.html", + "source": "twcert@cert.org.tw" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 0cedf5c085b..8ace15cbb6e 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-06-09T06:00:18.891645+00:00 +2025-06-09T08:00:19.109211+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-06-09T05:15:21.887000+00:00 +2025-06-09T07:15:23.167000+00:00 ``` ### Last Data Feed Release @@ -33,24 +33,33 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -297021 +297034 ``` ### CVEs added in the last Commit -Recently added CVEs: `4` +Recently added CVEs: `13` -- [CVE-2025-5859](CVE-2025/CVE-2025-58xx/CVE-2025-5859.json) (`2025-06-09T04:15:45.350`) -- [CVE-2025-5860](CVE-2025/CVE-2025-58xx/CVE-2025-5860.json) (`2025-06-09T04:15:48.427`) -- [CVE-2025-5861](CVE-2025/CVE-2025-58xx/CVE-2025-5861.json) (`2025-06-09T05:15:20.297`) -- [CVE-2025-5862](CVE-2025/CVE-2025-58xx/CVE-2025-5862.json) (`2025-06-09T05:15:21.887`) +- [CVE-2025-25207](CVE-2025/CVE-2025-252xx/CVE-2025-25207.json) (`2025-06-09T06:15:24.413`) +- [CVE-2025-25208](CVE-2025/CVE-2025-252xx/CVE-2025-25208.json) (`2025-06-09T06:15:24.667`) +- [CVE-2025-25209](CVE-2025/CVE-2025-252xx/CVE-2025-25209.json) (`2025-06-09T06:15:24.853`) +- [CVE-2025-3581](CVE-2025/CVE-2025-35xx/CVE-2025-3581.json) (`2025-06-09T06:15:25.067`) +- [CVE-2025-3582](CVE-2025/CVE-2025-35xx/CVE-2025-3582.json) (`2025-06-09T06:15:25.200`) +- [CVE-2025-4652](CVE-2025/CVE-2025-46xx/CVE-2025-4652.json) (`2025-06-09T06:15:25.740`) +- [CVE-2025-47711](CVE-2025/CVE-2025-477xx/CVE-2025-47711.json) (`2025-06-09T06:15:25.320`) +- [CVE-2025-47712](CVE-2025/CVE-2025-477xx/CVE-2025-47712.json) (`2025-06-09T06:15:25.537`) +- [CVE-2025-5863](CVE-2025/CVE-2025-58xx/CVE-2025-5863.json) (`2025-06-09T06:15:25.870`) +- [CVE-2025-5864](CVE-2025/CVE-2025-58xx/CVE-2025-5864.json) (`2025-06-09T06:15:26.170`) +- [CVE-2025-5865](CVE-2025/CVE-2025-58xx/CVE-2025-5865.json) (`2025-06-09T07:15:22.660`) +- [CVE-2025-5866](CVE-2025/CVE-2025-58xx/CVE-2025-5866.json) (`2025-06-09T07:15:22.947`) +- [CVE-2025-5893](CVE-2025/CVE-2025-58xx/CVE-2025-5893.json) (`2025-06-09T07:15:23.167`) ### CVEs modified in the last Commit Recently modified CVEs: `1` -- [CVE-2025-49113](CVE-2025/CVE-2025-491xx/CVE-2025-49113.json) (`2025-06-09T04:15:35.803`) +- [CVE-2018-12071](CVE-2018/CVE-2018-120xx/CVE-2018-12071.json) (`2025-06-09T06:15:22.303`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 91e557f6ce1..63eac4e5986 100644 --- a/_state.csv +++ b/_state.csv @@ -113116,7 +113116,7 @@ CVE-2018-12067,0,0,fc63e3dffbcfda95972a2f7cb2d34a791132dc613d9a381286b055bc4a8c3 CVE-2018-12068,0,0,bd47436ba4d935b26d231aff6014de1f62272bc41695797e2ca6ae41aa6420b4,2024-11-21T03:44:31.713000 CVE-2018-1207,0,0,81f6c7a732eba688a3d50edbe2a9b0a485fd997b48ff851a8b34d333456c661c,2024-11-21T03:59:23.730000 CVE-2018-12070,0,0,d74339d40db497e7b026eb0751313e0d84688071817cd14ec151aad8d629f8f3,2024-11-21T03:44:31.870000 -CVE-2018-12071,0,0,9f27b5c26270f7559896eda64917c651820fae42dc7b84b213d6386760d9de7c,2024-11-21T03:44:32.020000 +CVE-2018-12071,0,1,2ad6e361b37c1d49eb35842a473c8930a8b3c7845e79ed716ebd99c9a51fa050,2025-06-09T06:15:22.303000 CVE-2018-12072,0,0,ce198082a9927636c178b5e0ed8974bbea8844c896a9b2ceb4cc03df8f4bd455,2024-11-21T03:44:32.167000 CVE-2018-12073,0,0,b8f8881dad6a1161196f8e3e8b3e4e679cdc9ea9f06ab74e0446d060509e34fc,2024-11-21T03:44:32.320000 CVE-2018-12076,0,0,007deecc570aa910e56930ab0e337727886f77f64a912807a58a71de34cd663b,2024-11-21T03:44:32.477000 @@ -288093,6 +288093,9 @@ CVE-2025-25203,0,0,040b03b28fff3f91466e7eaa5a2d6143cc21f99e3d967437d45c81f30cd9c CVE-2025-25204,0,0,119932f98cc8b58871d029f6ccd9a89a806462d1c2b6c06ee7f6d1cb510c31af,2025-02-14T17:15:19.140000 CVE-2025-25205,0,0,53d346539ec5bb58856ce63a9d1fdca5438e2c859c2047a9cb707ece5a8bcbe8,2025-02-12T19:15:21.717000 CVE-2025-25206,0,0,9f668b067e3e448579721524d9498db32e90e7d300d6cfeef5961eac800c1c31,2025-02-14T17:15:19.327000 +CVE-2025-25207,1,1,0e0e829685716ecaf759b88ee7f1a127bb4d67ef50c8a9747c9c0f18797d0855,2025-06-09T06:15:24.413000 +CVE-2025-25208,1,1,2cb54ece6be4fc5be8d5da7ec45f5e96a01cd7bf7b477bf9a03f30ff0c08c70a,2025-06-09T06:15:24.667000 +CVE-2025-25209,1,1,f9bb4fdb4861f6a5c3332f6a81c8217b23bda315e14a275024d2c4a778590a02,2025-06-09T06:15:24.853000 CVE-2025-25211,0,0,cc654165143e1a6a565806b2fc146b90cc33ea614905ce025bd44c72692f30c8,2025-04-01T20:26:30.593000 CVE-2025-25213,0,0,4b306f44f1e5df4d081a6c0fb4426c0cd2686db9ca8e9c6904e1b2bea864dca1,2025-04-09T20:02:41.860000 CVE-2025-25217,0,0,58cf9d35ac5fa2a92b051fa347e53fb769b1db03984f073f24ffed20906c5810,2025-06-08T12:15:21.933000 @@ -293183,6 +293186,8 @@ CVE-2025-3577,0,0,dfdef997e669866588ab8eb7c1ca73b6cf2cbe16fcb69f43d2b34abd27af80 CVE-2025-3578,0,0,e13e840aaf0a24c67a679c44959c85bec14fbcb560caa6c65722eed662e1826f,2025-04-15T18:39:27.967000 CVE-2025-3579,0,0,6c0217c9a43a942438244f9ebf630b5c65085fd986d644363e1cb943f76ed2bf,2025-04-15T18:39:27.967000 CVE-2025-3580,0,0,fb5209c3cd7ebcd66c15bce657f3ddb23cbe27d0c5d33814deb9407bd651e1de,2025-05-23T15:54:42.643000 +CVE-2025-3581,1,1,33341e7a70b3d423dd506a0f8229ae6b99cd52d14722d63db080f1d0d9465703,2025-06-09T06:15:25.067000 +CVE-2025-3582,1,1,0ad7e27dfc60920df2e45bfe2bc378b36e2e2195339903d1da786b9a065191b3,2025-06-09T06:15:25.200000 CVE-2025-3583,0,0,5e828bc2ad696ee8fcb9f09a10e41d54b38effce4c0c5b61566233d5e9eb1a29,2025-05-07T16:36:47.020000 CVE-2025-3584,0,0,59ca71c3ddec8b989ca250d68253dd4ed4793bd2db21f016ec9f563d6fba7dc2,2025-06-05T14:10:30.393000 CVE-2025-3585,0,0,793d014b8d4f8a0338ac5bc0543e903589c1e8b4dc1d9fc37efe0dfb6e2b3b88,2025-05-21T20:01:00.620000 @@ -295183,6 +295188,7 @@ CVE-2025-46516,0,0,4c88ad304f0a3200cb6dc067922e69e11f23bef3885f8612be34edd9304b4 CVE-2025-46517,0,0,e00d3386df3e4b7181f0c929b08e457a807826ffd3ac273de6467947811d8ead,2025-04-29T13:52:28.490000 CVE-2025-46518,0,0,8ff37657d40d28b7e43670dec8250c937bdcb35627142fe4e1a4550710ea863b,2025-05-23T15:54:42.643000 CVE-2025-46519,0,0,a33ce7fa0944b2cff6a953c93d911a59cad0e41e0288c75a1ef712b260164b09,2025-04-29T13:52:28.490000 +CVE-2025-4652,1,1,98d76ea334495bc8fefb0aeae67dead3801e9fdef11ca8e8f6e0003476b6ddd0,2025-06-09T06:15:25.740000 CVE-2025-46520,0,0,1c31d6dbbd3e5241ef4e2c12464d7caf8aa9991d18bc3f254623825eb9b8b54c,2025-04-29T13:52:28.490000 CVE-2025-46521,0,0,c218263f26834f6156811624211affe72a1577541fc4caa1b57a6d05a3e214a1,2025-04-29T13:52:28.490000 CVE-2025-46522,0,0,d3d2527c85c582d99da6bcb828f5f2b083bd408e3a5301718b05fe08113648f0,2025-04-29T13:52:28.490000 @@ -295732,6 +295738,8 @@ CVE-2025-47708,0,0,b46183ff90ad8011319bd811809b8dcc43906e688b5b61113c48b937e14fc CVE-2025-47709,0,0,9c00b271893f53d1f52294cb240e92548326ebdfcea3825170f6a366a64bc3e2,2025-05-19T15:15:24.443000 CVE-2025-4771,0,0,098fa6c5f50ab00bca1e41fbaecb02800df7623ac7bf2fda48146206c10d346e,2025-05-21T14:16:02.380000 CVE-2025-47710,0,0,3861e04e9e65074d020efa7dab9e00a25ecb80cf10fb272d3ea074fb3b627c14,2025-05-19T15:15:24.580000 +CVE-2025-47711,1,1,9a5c8182ca59ddff43bb4ecb707f27881878df9fc97d4fa36fe7191a73d76ba7,2025-06-09T06:15:25.320000 +CVE-2025-47712,1,1,101eee340b6391eab98727e94b0f48ecbd365584e37b148dd337d3790adb4bb1,2025-06-09T06:15:25.537000 CVE-2025-4772,0,0,d0f3fa4362a8236e85b8ffd939fd0423a16232ac9a4ecc1b20eb2790c7640e3f,2025-05-21T20:59:39.237000 CVE-2025-47724,0,0,c392ae279a9c6e1324e9d9c71628ad9f2bd31920b4d617428838fa9f83dc2fa5,2025-06-04T14:54:33.783000 CVE-2025-47725,0,0,889f3515c44952cf57a8d17f0356726e20588e99515827ba927156d41cc6af64,2025-06-04T14:54:33.783000 @@ -296288,7 +296296,7 @@ CVE-2025-4909,0,0,2543aa084bfc859fe1a7a0558cc76c793b6ee9b986cb9885265313fc24749d CVE-2025-4910,0,0,d0c7584b70570a0f60f72259e5222dec42c6f070aafbec7da031c0738cd595d2,2025-05-21T17:40:58.137000 CVE-2025-4911,0,0,8165f0d1dc1e78afded21e50626575112805e2ff63d8f266295fb56c02f3696f,2025-05-21T13:26:25.383000 CVE-2025-49112,0,0,53acc03eb5f34e287cf80e6f2606bfb4760fb16ea2fe509fc70b20f7de56218f,2025-06-02T17:32:17.397000 -CVE-2025-49113,0,1,3740e35451abe1a78e20b6fcfcc30939518c1442be6c83079800621122ba29db,2025-06-09T04:15:35.803000 +CVE-2025-49113,0,0,3740e35451abe1a78e20b6fcfcc30939518c1442be6c83079800621122ba29db,2025-06-09T04:15:35.803000 CVE-2025-4912,0,0,952cc1697455c59886c397e61a80308747f6eedd0f377c0531d621b366fc5d7d,2025-05-21T17:41:21.063000 CVE-2025-49127,0,0,75d721494d98d4722f3d78798cf05e23db38a7c6bebef6c22b8d9a8d81898d86,2025-06-06T21:15:23.137000 CVE-2025-49128,0,0,42874cd39e27e420db84f117bd69f6a93c7d0ef6555be75306d09ad33e291157,2025-06-06T22:15:23.427000 @@ -297016,7 +297024,12 @@ CVE-2025-5855,0,0,d297afa07413f8f41b9c10d467cc6d2d69e3eed5d9294778e365ecd234f953 CVE-2025-5856,0,0,78118142298e16e53ebce08fcc0e868d82e15e050c9ef03ea368f6548b1fd763,2025-06-09T03:15:25.353000 CVE-2025-5857,0,0,be4dd6b66ef955da24b6daef73272f333f337110f5eac2fe46d9617044524617,2025-06-09T03:15:26 CVE-2025-5858,0,0,887c9b62596baae7ae622fb724b298af9500480ddd2ebefb98dec0f8d58b3ee9,2025-06-09T03:15:26.190000 -CVE-2025-5859,1,1,6b7923abeb300c134b7519954ec60c06a2d244931efd3f53a9e5517b47c9fae2,2025-06-09T04:15:45.350000 -CVE-2025-5860,1,1,b998a3183531c6c25fbb639a8c7d53f3d06c5149568a0f8364158a6bef400433,2025-06-09T04:15:48.427000 -CVE-2025-5861,1,1,a862f0db4e6993f9ab273ba42d1a9716562ac19fbf1131e7894a39cb6ec3e418,2025-06-09T05:15:20.297000 -CVE-2025-5862,1,1,0fa759fec7bd1c0efd0c0afd7a3a54fd5f8d485b772cb0df12745f419b3ed464,2025-06-09T05:15:21.887000 +CVE-2025-5859,0,0,6b7923abeb300c134b7519954ec60c06a2d244931efd3f53a9e5517b47c9fae2,2025-06-09T04:15:45.350000 +CVE-2025-5860,0,0,b998a3183531c6c25fbb639a8c7d53f3d06c5149568a0f8364158a6bef400433,2025-06-09T04:15:48.427000 +CVE-2025-5861,0,0,a862f0db4e6993f9ab273ba42d1a9716562ac19fbf1131e7894a39cb6ec3e418,2025-06-09T05:15:20.297000 +CVE-2025-5862,0,0,0fa759fec7bd1c0efd0c0afd7a3a54fd5f8d485b772cb0df12745f419b3ed464,2025-06-09T05:15:21.887000 +CVE-2025-5863,1,1,48c76b9bfa38e7e0a0f52b1b842aed688908b32d6a421ab601c1014d7706ec32,2025-06-09T06:15:25.870000 +CVE-2025-5864,1,1,a8dfdc92ebae782cfb313fdf227d67ce16ff2d07e50f927ff70b066b1c4f2b62,2025-06-09T06:15:26.170000 +CVE-2025-5865,1,1,a5836e94fbb60a125a2805660c473972fadb9903f2bf855f605cedbd858d9acd,2025-06-09T07:15:22.660000 +CVE-2025-5866,1,1,1a1d40945c1633e902dcaac1351e4ba6f87f431ee14eece2cadb9e2cd6c656d1,2025-06-09T07:15:22.947000 +CVE-2025-5893,1,1,db2cb20387f45cbfc876a64d8c459c328ded6b8c6c817ea819d837fda0dd41a7,2025-06-09T07:15:23.167000