diff --git a/CVE-2021/CVE-2021-476xx/CVE-2021-47667.json b/CVE-2021/CVE-2021-476xx/CVE-2021-47667.json index 19da8a21e52..5d9cb611b34 100644 --- a/CVE-2021/CVE-2021-476xx/CVE-2021-47667.json +++ b/CVE-2021/CVE-2021-476xx/CVE-2021-47667.json @@ -2,7 +2,7 @@ "id": "CVE-2021-47667", "sourceIdentifier": "cve@mitre.org", "published": "2025-04-05T05:15:43.223", - "lastModified": "2025-04-05T05:15:43.223", + "lastModified": "2025-04-05T06:15:38.380", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -11,7 +11,42 @@ "value": "An OS command injection vulnerability in lib/NSSDropoff.php in ZendTo 5.24-3 through 6.x before 6.10-7 allows unauthenticated remote attackers to execute arbitrary commands via shell metacharacters in the tmp_name parameter when dropping off a file via a POST /dropoff request." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "baseScore": 10.0, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], "references": [ { "url": "https://projectblack.io/blog/zendto-nday-vulnerabilities/", diff --git a/CVE-2024/CVE-2024-106xx/CVE-2024-10697.json b/CVE-2024/CVE-2024-106xx/CVE-2024-10697.json index aeeb5b377c1..1994c428044 100644 --- a/CVE-2024/CVE-2024-106xx/CVE-2024-10697.json +++ b/CVE-2024/CVE-2024-106xx/CVE-2024-10697.json @@ -2,13 +2,13 @@ "id": "CVE-2024-10697", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-02T12:15:15.780", - "lastModified": "2024-11-04T14:18:20.337", - "vulnStatus": "Analyzed", + "lastModified": "2025-04-05T07:15:38.113", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "A vulnerability has been found in Tenda AC6 15.03.05.19 and classified as critical. Affected by this vulnerability is the function formWriteFacMac of the file /goform/WriteFacMac of the component API Endpoint. The manipulation of the argument The leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." + "value": "A vulnerability has been found in Tenda AC6 15.03.05.19 and classified as critical. Affected by this vulnerability is the function formWriteFacMac of the file /goform/WriteFacMac of the component API Endpoint. The manipulation of the argument mac leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." }, { "lang": "es", @@ -131,8 +131,12 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Secondary", + "type": "Primary", "description": [ + { + "lang": "en", + "value": "CWE-74" + }, { "lang": "en", "value": "CWE-77" @@ -141,7 +145,7 @@ }, { "source": "nvd@nist.gov", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-137xx/CVE-2024-13776.json b/CVE-2024/CVE-2024-137xx/CVE-2024-13776.json new file mode 100644 index 00000000000..79fed670a0a --- /dev/null +++ b/CVE-2024/CVE-2024-137xx/CVE-2024-13776.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-13776", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-04-05T06:15:38.817", + "lastModified": "2025-04-05T06:15:38.817", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The ZoomSounds - WordPress Wave Audio Player with Playlist plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the 'dzsap_delete_notice' AJAX action in all versions up to, and including, 6.91. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update option values to 'seen' on the WordPress site. This can be leveraged to update an option that would create an error on the site and deny service to legitimate users or be used to set some values to true such as registration. There are several other functions also vulnerable to missing authorization." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://codecanyon.net/item/zoomsounds-wordpress-wave-audio-player-with-playlist/6181433", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0c8e538b-7157-42d3-abee-8259c6715cd5?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-18xx/CVE-2024-1833.json b/CVE-2024/CVE-2024-18xx/CVE-2024-1833.json index 945935b44ed..6f44866b7cb 100644 --- a/CVE-2024/CVE-2024-18xx/CVE-2024-1833.json +++ b/CVE-2024/CVE-2024-18xx/CVE-2024-1833.json @@ -2,13 +2,13 @@ "id": "CVE-2024-1833", "sourceIdentifier": "cna@vuldb.com", "published": "2024-02-23T20:15:52.307", - "lastModified": "2024-12-11T19:57:54.520", - "vulnStatus": "Analyzed", + "lastModified": "2025-04-05T07:15:39.790", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "A vulnerability was found in SourceCodester Employee Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /Account/login.php. The manipulation of the argument txtusername leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-254624." + "value": "A vulnerability was found in SourceCodester Employee Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /Account/login.php. The manipulation of the argument txtusername/txtphone leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." }, { "lang": "es", @@ -16,6 +16,50 @@ } ], "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "LOW", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "LOW", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], "cvssMetricV31": [ { "source": "cna@vuldb.com", @@ -89,6 +133,10 @@ "source": "cna@vuldb.com", "type": "Primary", "description": [ + { + "lang": "en", + "value": "CWE-74" + }, { "lang": "en", "value": "CWE-89" @@ -138,6 +186,14 @@ "VDB Entry" ] }, + { + "url": "https://vuldb.com/?submit.286680", + "source": "cna@vuldb.com" + }, + { + "url": "https://www.sourcecodester.com/", + "source": "cna@vuldb.com" + }, { "url": "https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/employee-management-system.md#2accountloginphp", "source": "af854a3a-2127-422b-91ae-364da2661108", diff --git a/CVE-2025/CVE-2025-08xx/CVE-2025-0839.json b/CVE-2025/CVE-2025-08xx/CVE-2025-0839.json new file mode 100644 index 00000000000..bec9a4933cd --- /dev/null +++ b/CVE-2025/CVE-2025-08xx/CVE-2025-0839.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-0839", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-04-05T06:15:39.050", + "lastModified": "2025-04-05T06:15:39.050", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The ZoomSounds plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 6.91 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://codecanyon.net/item/zoomsounds-wordpress-wave-audio-player-with-playlist/6181433", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/49b76f5f-03f7-48bc-b848-9ab55d875639?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-12xx/CVE-2025-1233.json b/CVE-2025/CVE-2025-12xx/CVE-2025-1233.json new file mode 100644 index 00000000000..2a9ad1e2f7b --- /dev/null +++ b/CVE-2025/CVE-2025-12xx/CVE-2025-1233.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-1233", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-04-05T06:15:39.223", + "lastModified": "2025-04-05T06:15:39.223", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Lafka Plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'lafka_options_upload' AJAX function in all versions up to, and including, 7.1.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to update the theme option that overrides the site." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://themeforest.net/item/lafka-fast-food-restaurant-woocommerce-theme/23969682", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/865b87a8-ab8a-4054-9e18-50693023cb96?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-27xx/CVE-2025-2789.json b/CVE-2025/CVE-2025-27xx/CVE-2025-2789.json new file mode 100644 index 00000000000..517c7b2719a --- /dev/null +++ b/CVE-2025/CVE-2025-27xx/CVE-2025-2789.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2025-2789", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-04-05T06:15:39.477", + "lastModified": "2025-04-05T06:15:39.477", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The MultiVendorX \u2013 Empower Your WooCommerce Store with a Dynamic Multivendor Marketplace \u2013 Build the Next Amazon, eBay, Etsy plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the delete_table_rate_shipping_row function in all versions up to, and including, 4.2.19. This makes it possible for unauthenticated attackers to delete Table Rates that can impact the shipping cost calculations." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/dc-woocommerce-multi-vendor/tags/4.2.19/packages/mvx-tablerate/mvx-tablerate.php#L211", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/dc-woocommerce-multi-vendor/tags/4.2.19/packages/mvx-tablerate/mvx-tablerate.php#L78", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bf4eca37-066f-428c-a4f7-061ce06e1142?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-29xx/CVE-2025-2941.json b/CVE-2025/CVE-2025-29xx/CVE-2025-2941.json new file mode 100644 index 00000000000..1e599ab3508 --- /dev/null +++ b/CVE-2025/CVE-2025-29xx/CVE-2025-2941.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2025-2941", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-04-05T07:15:40.107", + "lastModified": "2025-04-05T07:15:40.107", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Drag and Drop Multiple File Upload for WooCommerce plugin for WordPress is vulnerable to arbitrary file moving due to insufficient file path validation via the wc-upload-file[] parameter in all versions up to, and including, 1.1.4. This makes it possible for unauthenticated attackers to move arbitrary files on the server, which can easily lead to remote code execution when the right file is moved (such as wp-config.php)." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3266697%40drag-and-drop-multiple-file-upload-for-woocommerce&new=3266697%40drag-and-drop-multiple-file-upload-for-woocommerce&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/drag-and-drop-multiple-file-upload-for-woocommerce/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2685a2b4-aba3-425b-af0d-06f7693ab3d7?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-323xx/CVE-2025-32352.json b/CVE-2025/CVE-2025-323xx/CVE-2025-32352.json index 099582fe4de..46b93b95725 100644 --- a/CVE-2025/CVE-2025-323xx/CVE-2025-32352.json +++ b/CVE-2025/CVE-2025-323xx/CVE-2025-32352.json @@ -2,7 +2,7 @@ "id": "CVE-2025-32352", "sourceIdentifier": "cve@mitre.org", "published": "2025-04-05T05:15:44.693", - "lastModified": "2025-04-05T05:15:44.693", + "lastModified": "2025-04-05T06:15:39.653", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -11,7 +11,42 @@ "value": "A type confusion vulnerability in lib/NSSAuthenticator.php in ZendTo before v5.04-7 allows remote attackers to bypass authentication for users with passwords stored as MD5 hashes that can be interpreted as numbers. A solution requires moving from MD5 to bcrypt." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", + "baseScore": 4.8, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.2, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-843" + } + ] + } + ], "references": [ { "url": "https://projectblack.io/blog/zendto-nday-vulnerabilities/", diff --git a/README.md b/README.md index 089a52d0124..642c4ab9b94 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-04-05T06:00:26.904821+00:00 +2025-04-05T08:00:20.150946+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-04-05T05:15:44.693000+00:00 +2025-04-05T07:15:40.107000+00:00 ``` ### Last Data Feed Release @@ -33,22 +33,28 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -288679 +288684 ``` ### CVEs added in the last Commit -Recently added CVEs: `2` +Recently added CVEs: `5` -- [CVE-2021-47667](CVE-2021/CVE-2021-476xx/CVE-2021-47667.json) (`2025-04-05T05:15:43.223`) -- [CVE-2025-32352](CVE-2025/CVE-2025-323xx/CVE-2025-32352.json) (`2025-04-05T05:15:44.693`) +- [CVE-2024-13776](CVE-2024/CVE-2024-137xx/CVE-2024-13776.json) (`2025-04-05T06:15:38.817`) +- [CVE-2025-0839](CVE-2025/CVE-2025-08xx/CVE-2025-0839.json) (`2025-04-05T06:15:39.050`) +- [CVE-2025-1233](CVE-2025/CVE-2025-12xx/CVE-2025-1233.json) (`2025-04-05T06:15:39.223`) +- [CVE-2025-2789](CVE-2025/CVE-2025-27xx/CVE-2025-2789.json) (`2025-04-05T06:15:39.477`) +- [CVE-2025-2941](CVE-2025/CVE-2025-29xx/CVE-2025-2941.json) (`2025-04-05T07:15:40.107`) ### CVEs modified in the last Commit -Recently modified CVEs: `1` +Recently modified CVEs: `4` -- [CVE-2025-31161](CVE-2025/CVE-2025-311xx/CVE-2025-31161.json) (`2025-04-03T20:15:25.373`) +- [CVE-2021-47667](CVE-2021/CVE-2021-476xx/CVE-2021-47667.json) (`2025-04-05T06:15:38.380`) +- [CVE-2024-10697](CVE-2024/CVE-2024-106xx/CVE-2024-10697.json) (`2025-04-05T07:15:38.113`) +- [CVE-2024-1833](CVE-2024/CVE-2024-18xx/CVE-2024-1833.json) (`2025-04-05T07:15:39.790`) +- [CVE-2025-32352](CVE-2025/CVE-2025-323xx/CVE-2025-32352.json) (`2025-04-05T06:15:39.653`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 61205924177..0ef9a8559b8 100644 --- a/_state.csv +++ b/_state.csv @@ -187955,7 +187955,7 @@ CVE-2021-47657,0,0,e7b773ff5c57ebd68c588a4b48c0e5eb233dc82beaa2f144ae46a979b8e0e CVE-2021-47658,0,0,40cee62fe59cbcad55bfa583a2a783321bfe2aa50e6ba27a98aa5e5272260471,2025-02-26T06:37:07.557000 CVE-2021-47659,0,0,5aa899f756953f035092f7b1fe4153c0d3304e0ff38c8b4cdec0e8f319d19fd3,2025-02-26T06:37:07.640000 CVE-2021-47660,0,0,e59321e11599e4443f5093be84e3c1ac718be1209a0746e320294c82fef27666,2025-03-18T18:50:52.930000 -CVE-2021-47667,1,1,858f8346965b7e90410456fc3dd8a286af4ba7e16a442f3c074b2fe589889767,2025-04-05T05:15:43.223000 +CVE-2021-47667,0,1,cdd308d45e6c2efb3c0cce196ca2579a803c34684680b24f63aa813691ac0bf1,2025-04-05T06:15:38.380000 CVE-2022-0001,0,0,4861ed23367706f73be950406ea7a4bb1674e2afa946c770c3197e5622ea5e9c,2025-04-01T17:15:42.023000 CVE-2022-0002,0,0,8109a7e42c2476389a26f4b576e048bf54a0f7b87a24a41ab958cd97937ab177,2024-11-21T06:37:45.933000 CVE-2022-0004,0,0,76e2034631db671c6d78b8f053274466d56a4afd5cff5cbbea3a9413334df9ae,2024-11-21T06:37:46.137000 @@ -245154,7 +245154,7 @@ CVE-2024-10693,0,0,2fb5fcb7aba901ccdb28bbcecdf84c10c502383213eeb37d4538addd8a61d CVE-2024-10694,0,0,05c164a4732350edd5fee46247e775b1e69a11363b78cebc8b6784de8da1fb44,2024-11-11T21:15:06.030000 CVE-2024-10695,0,0,35cef9e33246637d49e253b33fc95d5b5806d427aec3c4244d5b26dc1b28de11,2024-11-14T19:44:16.020000 CVE-2024-10696,0,0,2720d210d1520d7ccb05bf778730d93163c6d42c81c74f25ce11c5d9757ea63d,2025-02-05T14:55:34.007000 -CVE-2024-10697,0,0,26e89514c3fb2cd64988a83f8b5f23fc96a264deaec68f5be58ff8e4991f8840,2024-11-04T14:18:20.337000 +CVE-2024-10697,0,1,4538d835758909ab7c1456a9a184c711f3ad9dd2bbb45af19d559998c9d553ce,2025-04-05T07:15:38.113000 CVE-2024-10698,0,0,48ae7a5e9aad6499942c4e04e7abd670d0824d5373e1fc48e05d4fa2ce28f1b8,2024-11-04T14:20:58.853000 CVE-2024-10699,0,0,7c4e91a3572ee76bd0473daf25c7e155131a26ac39b5f837e301ff50f40dd4f0,2024-11-05T20:15:56.417000 CVE-2024-1070,0,0,d2d5327da37483d9112a2ed5ee1eab39e561b54de7db4ab8ba2ab1685a05f062,2025-01-19T02:47:09.663000 @@ -248215,6 +248215,7 @@ CVE-2024-13772,0,0,1d5961251148beac7ef936803d48aea86b346d1b5b12d83fc965e64f4e204 CVE-2024-13773,0,0,acdd0a13ab662eb153e0e047745f468f0c691fa835346ca4efc9e7240c863343,2025-03-27T01:07:51.827000 CVE-2024-13774,0,0,7926f46cbbe245fc4b69a913b305cdf8d086f57fe42cd5293333d393cb9ec93a,2025-03-12T17:01:06.413000 CVE-2024-13775,0,0,4f9074e732a3ab519a109b5697b6e141a486c1977d56f68019ad553f34df5449,2025-02-24T19:04:52.170000 +CVE-2024-13776,1,1,cf25ee2c7a4450ccaf52fa2ebb6a52fa95c1029311931a8d44f4108e3eb7a65f,2025-04-05T06:15:38.817000 CVE-2024-13777,0,0,e95e92048e929c187fcb10d876bc7666966c67f194b150a2f5d7dbd9a477d6cc,2025-03-05T10:15:15.367000 CVE-2024-13778,0,0,25e48974c7c2e8b9485e2a450a8fcfd8529904956dfee29086563b2afc474b01,2025-03-05T10:15:15.720000 CVE-2024-13779,0,0,2c25d0f931499e640a9b9d1a52e16ff0830016b962d04d2c777eb106c9eed5e0,2025-03-05T10:15:16.213000 @@ -248768,7 +248769,7 @@ CVE-2024-1829,0,0,634338941c91cc090704fdeb495f9134b13230d52cb66c3e2ac7c4389fa934 CVE-2024-1830,0,0,6148977243dff6823944555b57332bea031dfbf211e468b224b330e17ff6d713,2024-12-06T16:15:12.410000 CVE-2024-1831,0,0,6fd85e7529a63e00bc5f2636a1e1deaabe646bf27f29cb7695129aadef74eb57,2024-12-17T19:46:52.420000 CVE-2024-1832,0,0,5402cb172702ed493fb8e9ab5cbf84e70a8430b6c8176c5bf7ebbb7532c23b94,2024-12-11T19:57:16.060000 -CVE-2024-1833,0,0,73c6db13a6bf6bebcbe761f8ce5ab9b72646ae195c4842aef1aaacd389ae2c18,2024-12-11T19:57:54.520000 +CVE-2024-1833,0,1,bc21f45e97a19b429a80e7fa19ee2fb0cdc92847e114b4d5e7e516f9c791eef0,2025-04-05T07:15:39.790000 CVE-2024-1834,0,0,df78284299f4955a3f571f357aa7c4cd0f01492e2184d3e43b9bc4b22c9d9804,2024-12-06T19:59:24.463000 CVE-2024-1839,0,0,f0da7bf185d38fd773c850a3daf150e18d5d5ae2a4b2d076062d74bab85b97e5,2024-11-21T08:51:25.720000 CVE-2024-1840,0,0,2e6d7672faccf941673a79a75aacce54ff693ecbc0604990f24bf8316ac34cbb,2024-11-21T08:51:25.860000 @@ -281666,6 +281667,7 @@ CVE-2025-0834,0,0,239a6f08c2db88ce57ab64c699932d200eff33712703b8a8f00d02b0120734 CVE-2025-0835,0,0,86c0cb2e488afc89fa52f180613ab97692422d807ab06537e40f2f9f52bbe16f,2025-03-27T16:44:44.143000 CVE-2025-0837,0,0,edb903a525c34e5db3f70de24ac0ad9bb2158867f6a7f92ca61239987715eef7,2025-02-24T17:08:29.033000 CVE-2025-0838,0,0,5a9fc4e1768f097f2fc50c995427721cfd5a7a3b77299bdbe2955b9299abd536,2025-02-21T15:15:11.890000 +CVE-2025-0839,1,1,19f3ba440f41ab5cd7d8d05b4cea3a3e7905466b292cc6565e562ffcfca388c0,2025-04-05T06:15:39.050000 CVE-2025-0840,0,0,ad52784c9689f7e5a12133bf5b8e57840dc23d31e5e9f25f1808977a060838b2,2025-03-04T15:08:47.770000 CVE-2025-0841,0,0,b774fca3a24dc7d508cd784f030d5801ea9f63adf71e1a38a09a02a937c41b6d,2025-01-29T21:15:20.973000 CVE-2025-0842,0,0,880989b2076d537c6bb018739fce330a49d894aec3d353193ef18e6fe884c71a,2025-02-25T19:45:04.700000 @@ -281949,6 +281951,7 @@ CVE-2025-1229,0,0,fa5787151bd081a7c3655f50c46799853d648eeeec0e4010ed7332955f8d9d CVE-2025-1230,0,0,dd0a3ca0e089c26c5259a45f938e8e64977c81ece19c03ae3b8594f4d83448d5,2025-02-12T11:15:11.230000 CVE-2025-1231,0,0,dcc7744995b7d6bb53bad0c3a17ccdace3cc9ce75803cc23b72d1ab8d116a265,2025-03-28T16:22:09.763000 CVE-2025-1232,0,0,70fa05f64d70f4f99806ee5917ab254387b18b5b1cbfa977b5d854807b6ef4a0,2025-03-19T15:15:53.263000 +CVE-2025-1233,1,1,70ce240069d38a23b97c691f8ac3785266c855fa31d7b4f5ca02bc520c4facb6,2025-04-05T06:15:39.223000 CVE-2025-1239,0,0,6187788ffe5fd6000cc24d081f477dcae5b0ef59871d160b3ff23ee25b818501,2025-02-14T14:15:32.687000 CVE-2025-1240,0,0,363ac0ec488e57d295d78c481b595c1c1507ba076f5813d8f4f20530988afa84,2025-02-11T22:15:29.800000 CVE-2025-1243,0,0,b36908327b1b41fa664c4a39c71934592fd1d75bcc40ba67f7d64ed64955da7e,2025-02-12T01:15:09.073000 @@ -287045,6 +287048,7 @@ CVE-2025-2786,0,0,c5e8b76a681b9d71929b5a590a805fc5d2deb5979544c619801dad6bbdc020 CVE-2025-27867,0,0,706ccc11683336c438698de97765a7b785ce156810f1f1b352bcbe344a4419e0,2025-03-21T21:15:36.910000 CVE-2025-2787,0,0,4aa889cfcc070b06e1753e76a9737fc448b22e64e5347c5b1fb406395a105243,2025-03-31T07:15:18.557000 CVE-2025-27888,0,0,8a8aa5b91d5bfb492ad148fbb9efc0a6effab4f3d802fb1b2e446246bda2ee28,2025-03-20T12:15:14.563000 +CVE-2025-2789,1,1,ae69432487cf049211a01dc18977974abe0d6432ff436b04ffb333d42894f341,2025-04-05T06:15:39.477000 CVE-2025-27893,0,0,e84577b5fcdd778bbc1f7429e59a23dbdaffc7f181556a9020c20ce55649162f,2025-03-11T14:15:26.033000 CVE-2025-27910,0,0,0bb94e3f7527c14f76129f12ea1086d3e9a5c32bf0c93521589ebefce719530f,2025-03-12T16:15:24.253000 CVE-2025-27911,0,0,10e67228aa90db73c3414ce28096a25aef6cbc3f128533308c9edad1912d6fdb,2025-03-11T08:15:11.500000 @@ -287294,6 +287298,7 @@ CVE-2025-29386,0,0,f142ce16dea374d9a9926fc7db0f8c42e7cb63baff73e2c1cd84f28fd5ff5 CVE-2025-29387,0,0,b884feacdec450fec77e09de60b95a7b9adedf54ff8f4d0b7df747bf1bec2f45,2025-03-17T19:51:04.180000 CVE-2025-29401,0,0,58e28d32bb8e9d05a099b3459d8a1f2140d9f050ebab60871b5c42621e6014f9,2025-03-25T16:15:25.543000 CVE-2025-29405,0,0,b0b5dc47fefba80ac6689c1790abcddffbf12cf547b54f457820a149edabea55,2025-03-24T15:15:16.377000 +CVE-2025-2941,1,1,094b00b9e6d088811ecf26e17c416799f070dbcf52257544fd7686bcfb70f588,2025-04-05T07:15:40.107000 CVE-2025-29410,0,0,3510b68778a017b0e23b941a9980ddf8e60a71bac2ed2fc9032b4ad5e7c083cb,2025-04-01T20:19:45.107000 CVE-2025-29411,0,0,2db77ec7ff1713e83db16ef9382b1b93726987a942a81980c85b5d938eb11a61,2025-03-28T19:38:32.533000 CVE-2025-29412,0,0,18b9368439cc13cf6542e48513e267199e988c63f4be1cca921d8f0f101a5ed4,2025-04-01T20:19:31.970000 @@ -287994,7 +287999,7 @@ CVE-2025-31139,0,0,f77a452b5e1edddf158af71a264cde2428ac6b657f8dcbc921a40f17dadbb CVE-2025-31140,0,0,b5354da0d0be6641b36fd62d7ae5da72fa26945541a5950d6dcb5ec04d83adab,2025-03-27T16:45:12.210000 CVE-2025-31141,0,0,406867c864568f6048dee1b7cffcd596f08f273e12b98bc9b9a899fec211a190,2025-03-27T16:45:12.210000 CVE-2025-31160,0,0,c6ed6d0cefcf860ce239e0955556eee41726f134fd4b83b02d780bf30460df3c,2025-03-31T13:15:46.050000 -CVE-2025-31161,0,1,31ce1d1c0f1506c2c2dddc897b8bc45aea29e21aeae54f317466f0652eacf801,2025-04-03T20:15:25.373000 +CVE-2025-31161,0,0,31ce1d1c0f1506c2c2dddc897b8bc45aea29e21aeae54f317466f0652eacf801,2025-04-03T20:15:25.373000 CVE-2025-31162,0,0,cfeafc9944d79e10529164231b0943be3a87194c4053baabeebe9b961989cbf3,2025-04-01T20:26:39.627000 CVE-2025-31163,0,0,0d23fc46a79319324af9251b76f99e828668eada4156c0f4488a35318beebb85,2025-04-01T20:26:39.627000 CVE-2025-31164,0,0,4b001c140896288467c92c772e2ebf8f58e53bdc0e31f0e36dc064cef4c67cc1,2025-04-01T20:26:39.627000 @@ -288652,7 +288657,7 @@ CVE-2025-32280,0,0,d476e0ea637ab56145969c302826537350b13f731c646bac3d054d0da04d3 CVE-2025-3229,0,0,09347180a6a7f828e0747f2ed45b00fdd7a1f719f9ab350e19aecf2c1c123a1d,2025-04-04T09:15:17.357000 CVE-2025-3231,0,0,de2ff2a8c76e38c6b06f54c3981a381c63043cd187dc0f869ed608d2e9e7696c,2025-04-04T09:15:17.677000 CVE-2025-3235,0,0,d022d5157edbac8fbfeb9141a3748050787bdf76ed78cf441cd594af050e5131,2025-04-04T10:15:16.900000 -CVE-2025-32352,1,1,e49862656afe1f48e623e3322071201d713b7d7aef559b96110882d6d35a747b,2025-04-05T05:15:44.693000 +CVE-2025-32352,0,1,9ba6350b6807916f69f8382d7df9501c6c2329ac3a6a0d75e0f3016720f7409b,2025-04-05T06:15:39.653000 CVE-2025-3236,0,0,5d4e067380b83b38fff7db048531cbbf8dd6b43b2fc6d26b5d090f351b090b28,2025-04-04T10:15:17.177000 CVE-2025-3237,0,0,2b0634913d301c0209a0690fb90ddcaa8b200550805a1d4ec2db149b30fd4af2,2025-04-04T10:15:17.383000 CVE-2025-3238,0,0,49b7638c423114327b5e6867f71919ab552663d9bb2b5517ae05eef59b2968e0,2025-04-04T10:15:17.577000