From f78a75520c58d5726f644255364e9ff7a65fdb87 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Tue, 1 Jul 2025 04:03:48 +0000 Subject: [PATCH] Auto-Update: 2025-07-01T04:00:10.845973+00:00 --- CVE-2024/CVE-2024-103xx/CVE-2024-10306.json | 6 +- CVE-2024/CVE-2024-469xx/CVE-2024-46992.json | 60 ++++++++ CVE-2024/CVE-2024-469xx/CVE-2024-46993.json | 78 ++++++++++ CVE-2024/CVE-2024-493xx/CVE-2024-49364.json | 82 +++++++++++ CVE-2024/CVE-2024-493xx/CVE-2024-49365.json | 82 +++++++++++ CVE-2025/CVE-2025-38xx/CVE-2025-3891.json | 30 +++- CVE-2025/CVE-2025-495xx/CVE-2025-49520.json | 10 +- CVE-2025/CVE-2025-495xx/CVE-2025-49521.json | 10 +- CVE-2025/CVE-2025-530xx/CVE-2025-53003.json | 98 +++++++++++++ CVE-2025/CVE-2025-530xx/CVE-2025-53095.json | 60 ++++++++ CVE-2025/CVE-2025-530xx/CVE-2025-53096.json | 60 ++++++++ CVE-2025/CVE-2025-69xx/CVE-2025-6938.json | 145 +++++++++++++++++++ CVE-2025/CVE-2025-69xx/CVE-2025-6939.json | 145 +++++++++++++++++++ CVE-2025/CVE-2025-69xx/CVE-2025-6940.json | 149 ++++++++++++++++++++ README.md | 38 ++--- _state.csv | 46 +++--- 16 files changed, 1054 insertions(+), 45 deletions(-) create mode 100644 CVE-2024/CVE-2024-469xx/CVE-2024-46992.json create mode 100644 CVE-2024/CVE-2024-469xx/CVE-2024-46993.json create mode 100644 CVE-2024/CVE-2024-493xx/CVE-2024-49364.json create mode 100644 CVE-2024/CVE-2024-493xx/CVE-2024-49365.json create mode 100644 CVE-2025/CVE-2025-530xx/CVE-2025-53003.json create mode 100644 CVE-2025/CVE-2025-530xx/CVE-2025-53095.json create mode 100644 CVE-2025/CVE-2025-530xx/CVE-2025-53096.json create mode 100644 CVE-2025/CVE-2025-69xx/CVE-2025-6938.json create mode 100644 CVE-2025/CVE-2025-69xx/CVE-2025-6939.json create mode 100644 CVE-2025/CVE-2025-69xx/CVE-2025-6940.json diff --git a/CVE-2024/CVE-2024-103xx/CVE-2024-10306.json b/CVE-2024/CVE-2024-103xx/CVE-2024-10306.json index 7ed4137b1c5..92f2abba054 100644 --- a/CVE-2024/CVE-2024-103xx/CVE-2024-10306.json +++ b/CVE-2024/CVE-2024-103xx/CVE-2024-10306.json @@ -2,7 +2,7 @@ "id": "CVE-2024-10306", "sourceIdentifier": "secalert@redhat.com", "published": "2025-04-23T10:15:14.330", - "lastModified": "2025-06-24T07:15:25.567", + "lastModified": "2025-07-01T03:15:20.857", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -68,6 +68,10 @@ "url": "https://access.redhat.com/errata/RHSA-2025:9466", "source": "secalert@redhat.com" }, + { + "url": "https://access.redhat.com/errata/RHSA-2025:9997", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2024-10306", "source": "secalert@redhat.com" diff --git a/CVE-2024/CVE-2024-469xx/CVE-2024-46992.json b/CVE-2024/CVE-2024-469xx/CVE-2024-46992.json new file mode 100644 index 00000000000..74d05f20666 --- /dev/null +++ b/CVE-2024/CVE-2024-469xx/CVE-2024-46992.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-46992", + "sourceIdentifier": "security-advisories@github.com", + "published": "2025-07-01T02:15:20.977", + "lastModified": "2025-07-01T02:15:20.977", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Electron is an open source framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. From versions 30.0.0-alpha.1 to before 30.0.5 and 31.0.0-alpha.1 to before 31.0.0-beta.1, Electron is vulnerable to an ASAR Integrity bypass. This only impacts apps that have the embeddedAsarIntegrityValidation and onlyLoadAppFromAsar fuses enabled. Apps without these fuses enabled are not impacted. This issue is specific to Windows, apps using these fuses on macOS are not impacted. Specifically this issue can only be exploited if the app is launched from a filesystem the attacker has write access too. i.e. the ability to edit files inside the .app bundle on macOS which these fuses are supposed to protect against. This issue has been patched in versions 30.0.5 and 31.0.0-beta.1. There are no workarounds for this issue." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-354" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/electron/electron/security/advisories/GHSA-xw5q-g62x-2qjc", + "source": "security-advisories@github.com" + }, + { + "url": "https://www.electronjs.org/docs/latest/tutorial/fuses", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-469xx/CVE-2024-46993.json b/CVE-2024/CVE-2024-469xx/CVE-2024-46993.json new file mode 100644 index 00000000000..4dac0b9d93e --- /dev/null +++ b/CVE-2024/CVE-2024-469xx/CVE-2024-46993.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-46993", + "sourceIdentifier": "security-advisories@github.com", + "published": "2025-07-01T03:15:21.020", + "lastModified": "2025-07-01T03:15:21.020", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Electron is an open source framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. In versions prior to 28.3.2, 29.3.3, and 30.0.3, the nativeImage.createFromPath() and nativeImage.createFromBuffer() functions call a function downstream that is vulnerable to a heap buffer overflow. An Electron program that uses either of the affected functions is vulnerable to a buffer overflow if an attacker is in control of the image's height, width, and contents. This issue has been patched in versions 28.3.2, 29.3.3, and 30.0.3. There are no workarounds for this issue." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 4.4, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "HIGH", + "vulnIntegrityImpact": "HIGH", + "vulnAvailabilityImpact": "HIGH", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "UNREPORTED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-122" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/electron/electron/security/advisories/GHSA-6r2x-8pq8-9489", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-493xx/CVE-2024-49364.json b/CVE-2024/CVE-2024-493xx/CVE-2024-49364.json new file mode 100644 index 00000000000..d62f974ab63 --- /dev/null +++ b/CVE-2024/CVE-2024-493xx/CVE-2024-49364.json @@ -0,0 +1,82 @@ +{ + "id": "CVE-2024-49364", + "sourceIdentifier": "security-advisories@github.com", + "published": "2025-07-01T03:15:21.163", + "lastModified": "2025-07-01T03:15:21.163", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "tiny-secp256k1 is a tiny secp256k1 native/JS wrapper. Prior to version 1.1.7, a private key can be extracted on signing a malicious JSON-stringifiable object, when global Buffer is the buffer package. This affects only environments where require('buffer') is the NPM buffer package. The Buffer.isBuffer check can be bypassed, resulting in k reuse for different messages, leading to private key extraction over a single invalid message (and a second one for which any message/signature could be taken, e.g. previously known valid one). This issue has been patched in version 1.1.7." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "PRESENT", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "HIGH", + "vulnIntegrityImpact": "HIGH", + "vulnAvailabilityImpact": "NONE", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "PROOF_OF_CONCEPT", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-522" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/bitcoinjs/tiny-secp256k1/pull/140", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/bitcoinjs/tiny-secp256k1/security/advisories/GHSA-7mc2-6phr-23xc", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-493xx/CVE-2024-49365.json b/CVE-2024/CVE-2024-493xx/CVE-2024-49365.json new file mode 100644 index 00000000000..57afb5b64b7 --- /dev/null +++ b/CVE-2024/CVE-2024-493xx/CVE-2024-49365.json @@ -0,0 +1,82 @@ +{ + "id": "CVE-2024-49365", + "sourceIdentifier": "security-advisories@github.com", + "published": "2025-07-01T03:15:21.327", + "lastModified": "2025-07-01T03:15:21.327", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "tiny-secp256k1 is a tiny secp256k1 native/JS wrapper. Prior to version 1.1.7, a malicious JSON-stringifyable message can be made passing on verify(), when global Buffer is the buffer package. This affects only environments where require('buffer') is the NPM buffer package. Buffer.isBuffer check can be bypassed, resulting in strange objects being accepted as a message, and those messages could trick verify() into returning false-positive true values. This issue has been patched in version 1.1.7." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "PRESENT", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "HIGH", + "vulnIntegrityImpact": "HIGH", + "vulnAvailabilityImpact": "NONE", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "PROOF_OF_CONCEPT", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-347" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/bitcoinjs/tiny-secp256k1/pull/140", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/bitcoinjs/tiny-secp256k1/security/advisories/GHSA-5vhg-9xg4-cv9m", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-38xx/CVE-2025-3891.json b/CVE-2025/CVE-2025-38xx/CVE-2025-3891.json index 8d64a1b2ae9..f1c5edee496 100644 --- a/CVE-2025/CVE-2025-38xx/CVE-2025-3891.json +++ b/CVE-2025/CVE-2025-38xx/CVE-2025-3891.json @@ -2,7 +2,7 @@ "id": "CVE-2025-3891", "sourceIdentifier": "secalert@redhat.com", "published": "2025-04-29T12:15:32.137", - "lastModified": "2025-06-23T19:15:22.770", + "lastModified": "2025-07-01T02:15:21.967", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -139,6 +139,34 @@ } ], "references": [ + { + "url": "https://access.redhat.com/errata/RHSA-2025:10002", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2025:10003", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2025:10004", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2025:10006", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2025:10007", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2025:10008", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2025:10010", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/errata/RHSA-2025:4597", "source": "secalert@redhat.com", diff --git a/CVE-2025/CVE-2025-495xx/CVE-2025-49520.json b/CVE-2025/CVE-2025-495xx/CVE-2025-49520.json index d30b98f5948..d04243bd1e3 100644 --- a/CVE-2025/CVE-2025-495xx/CVE-2025-49520.json +++ b/CVE-2025/CVE-2025-495xx/CVE-2025-49520.json @@ -2,7 +2,7 @@ "id": "CVE-2025-49520", "sourceIdentifier": "secalert@redhat.com", "published": "2025-06-30T21:15:30.913", - "lastModified": "2025-06-30T21:15:30.913", + "lastModified": "2025-07-01T02:15:22.190", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -15,7 +15,7 @@ "cvssMetricV31": [ { "source": "secalert@redhat.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", @@ -38,7 +38,7 @@ "weaknesses": [ { "source": "secalert@redhat.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -48,6 +48,10 @@ } ], "references": [ + { + "url": "https://access.redhat.com/errata/RHSA-2025:9986", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2025-49520", "source": "secalert@redhat.com" diff --git a/CVE-2025/CVE-2025-495xx/CVE-2025-49521.json b/CVE-2025/CVE-2025-495xx/CVE-2025-49521.json index cb8189167b8..cfe9a133718 100644 --- a/CVE-2025/CVE-2025-495xx/CVE-2025-49521.json +++ b/CVE-2025/CVE-2025-495xx/CVE-2025-49521.json @@ -2,7 +2,7 @@ "id": "CVE-2025-49521", "sourceIdentifier": "secalert@redhat.com", "published": "2025-06-30T21:15:31.063", - "lastModified": "2025-06-30T21:15:31.063", + "lastModified": "2025-07-01T02:15:22.310", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -15,7 +15,7 @@ "cvssMetricV31": [ { "source": "secalert@redhat.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", @@ -38,7 +38,7 @@ "weaknesses": [ { "source": "secalert@redhat.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -48,6 +48,10 @@ } ], "references": [ + { + "url": "https://access.redhat.com/errata/RHSA-2025:9986", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2025-49521", "source": "secalert@redhat.com" diff --git a/CVE-2025/CVE-2025-530xx/CVE-2025-53003.json b/CVE-2025/CVE-2025-530xx/CVE-2025-53003.json new file mode 100644 index 00000000000..824734cf6be --- /dev/null +++ b/CVE-2025/CVE-2025-530xx/CVE-2025-53003.json @@ -0,0 +1,98 @@ +{ + "id": "CVE-2025-53003", + "sourceIdentifier": "security-advisories@github.com", + "published": "2025-07-01T02:15:22.413", + "lastModified": "2025-07-01T02:15:22.413", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Janssen Project is an open-source identity and access management (IAM) platform. Prior to version 1.8.0, the Config API returns results without scope verification. This has a large internal surface attack area that exposes all sorts of information from the IDP including clients, users, scripts ..etc. This issue has been patched in version 1.8.0. A workaround for this vulnerability involves users forking and building the config api, patching it in their system following commit 92eea4d." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 8.2, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "PRESENT", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "HIGH", + "vulnIntegrityImpact": "NONE", + "vulnAvailabilityImpact": "NONE", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + }, + { + "lang": "en", + "value": "CWE-269" + }, + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/JanssenProject/jans/commit/92eea4d4637f1cae16ad2f07b2c16378ff3fc5f1", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/JanssenProject/jans/issues/11575", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/JanssenProject/jans/releases/tag/v1.8.0", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/JanssenProject/jans/security/advisories/GHSA-373j-mhpf-84wg", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-530xx/CVE-2025-53095.json b/CVE-2025/CVE-2025-530xx/CVE-2025-53095.json new file mode 100644 index 00000000000..01b797bb2e8 --- /dev/null +++ b/CVE-2025/CVE-2025-530xx/CVE-2025-53095.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-53095", + "sourceIdentifier": "security-advisories@github.com", + "published": "2025-07-01T02:15:22.563", + "lastModified": "2025-07-01T02:15:22.563", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Sunshine is a self-hosted game stream host for Moonlight. Prior to version 2025.628.4510, the web UI of Sunshine lacks protection against Cross-Site Request Forgery (CSRF) attacks. This vulnerability allows an attacker to craft a malicious web page that, when visited by an authenticated user, can trigger unintended actions within the Sunshine application on behalf of that user. Specifically, since the application does OS command execution by design, this issue can be exploited to abuse the \"Command Preparations\" feature, enabling an attacker to inject arbitrary commands that will be executed with Administrator privileges when an application is launched. This issue has been patched in version 2025.628.4510." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", + "baseScore": 9.6, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/LizardByte/Sunshine/commit/738ac93a0ec1cd10412d1f339968775f53bfefe0", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/LizardByte/Sunshine/security/advisories/GHSA-39hj-fxvw-758m", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-530xx/CVE-2025-53096.json b/CVE-2025/CVE-2025-530xx/CVE-2025-53096.json new file mode 100644 index 00000000000..6049a8be905 --- /dev/null +++ b/CVE-2025/CVE-2025-530xx/CVE-2025-53096.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-53096", + "sourceIdentifier": "security-advisories@github.com", + "published": "2025-07-01T02:15:22.717", + "lastModified": "2025-07-01T02:15:22.717", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Sunshine is a self-hosted game stream host for Moonlight. Prior to version 2025.628.4510, the web UI of Sunshine lacks protection against Clickjacking attacks. This vulnerability allows an attacker to embed the Sunshine interface within a malicious website using an invisible or disguised iframe. If a user is tricked into interacting (one or multiple clicks) with the malicious page while authenticated, they may unknowingly perform actions within the Sunshine application without their consent. This issue has been patched in version 2025.628.4510." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-1021" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/LizardByte/Sunshine/commit/2f27a57d01911436017f87bf08b9e36dcfaa86cc", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/LizardByte/Sunshine/security/advisories/GHSA-x97g-h2vp-g2c5", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-69xx/CVE-2025-6938.json b/CVE-2025/CVE-2025-69xx/CVE-2025-6938.json new file mode 100644 index 00000000000..1ef80ce63a1 --- /dev/null +++ b/CVE-2025/CVE-2025-69xx/CVE-2025-6938.json @@ -0,0 +1,145 @@ +{ + "id": "CVE-2025-6938", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-07-01T02:15:22.873", + "lastModified": "2025-07-01T02:15:22.873", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /editcus.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "LOW", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "LOW", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "PROOF_OF_CONCEPT", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "baseScore": 7.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://code-projects.org/", + "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/Catcheryp/CVE/issues/4", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.314459", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.314459", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.605749", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-69xx/CVE-2025-6939.json b/CVE-2025/CVE-2025-69xx/CVE-2025-6939.json new file mode 100644 index 00000000000..570f929e0e0 --- /dev/null +++ b/CVE-2025/CVE-2025-69xx/CVE-2025-6939.json @@ -0,0 +1,145 @@ +{ + "id": "CVE-2025-6939", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-07-01T03:15:21.483", + "lastModified": "2025-07-01T03:15:21.483", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability classified as critical has been found in TOTOLINK A3002RU 3.0.0-B20230809.1615. Affected is an unknown function of the file /boafrm/formWlSiteSurvey of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 7.4, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "HIGH", + "vulnIntegrityImpact": "HIGH", + "vulnAvailabilityImpact": "HIGH", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "PROOF_OF_CONCEPT", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", + "baseScore": 9.0, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "COMPLETE", + "integrityImpact": "COMPLETE", + "availabilityImpact": "COMPLETE" + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 8.0, + "impactScore": 10.0, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + }, + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/awindog/cve/blob/main/688/30.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.314460", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.314460", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.605860", + "source": "cna@vuldb.com" + }, + { + "url": "https://www.totolink.net/", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-69xx/CVE-2025-6940.json b/CVE-2025/CVE-2025-69xx/CVE-2025-6940.json new file mode 100644 index 00000000000..35c15c449e6 --- /dev/null +++ b/CVE-2025/CVE-2025-69xx/CVE-2025-6940.json @@ -0,0 +1,149 @@ +{ + "id": "CVE-2025-6940", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-07-01T03:15:21.670", + "lastModified": "2025-07-01T03:15:21.670", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability classified as critical was found in TOTOLINK A702R 4.0.0-B20230721.1521. Affected by this vulnerability is an unknown functionality of the file /boafrm/formParentControl of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 7.4, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "HIGH", + "vulnIntegrityImpact": "HIGH", + "vulnAvailabilityImpact": "HIGH", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "PROOF_OF_CONCEPT", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", + "baseScore": 9.0, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "COMPLETE", + "integrityImpact": "COMPLETE", + "availabilityImpact": "COMPLETE" + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 8.0, + "impactScore": 10.0, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + }, + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/awindog/cve/blob/main/688/27.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/awindog/cve/blob/main/688/27.md#poc", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.314461", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.314461", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.605861", + "source": "cna@vuldb.com" + }, + { + "url": "https://www.totolink.net/", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index e5ea07c7bc6..9465772d7ae 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-07-01T02:00:11.871522+00:00 +2025-07-01T04:00:10.845973+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-07-01T01:15:28.577000+00:00 +2025-07-01T03:15:21.670000+00:00 ``` ### Last Data Feed Release @@ -33,33 +33,33 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -299928 +299938 ``` ### CVEs added in the last Commit -Recently added CVEs: `6` +Recently added CVEs: `10` -- [CVE-2025-2141](CVE-2025/CVE-2025-21xx/CVE-2025-2141.json) (`2025-07-01T01:15:27.603`) -- [CVE-2025-36056](CVE-2025/CVE-2025-360xx/CVE-2025-36056.json) (`2025-07-01T01:15:28.113`) -- [CVE-2025-53005](CVE-2025/CVE-2025-530xx/CVE-2025-53005.json) (`2025-07-01T01:15:28.430`) -- [CVE-2025-6935](CVE-2025/CVE-2025-69xx/CVE-2025-6935.json) (`2025-07-01T00:15:26.503`) -- [CVE-2025-6936](CVE-2025/CVE-2025-69xx/CVE-2025-6936.json) (`2025-07-01T00:15:26.740`) -- [CVE-2025-6937](CVE-2025/CVE-2025-69xx/CVE-2025-6937.json) (`2025-07-01T01:15:28.577`) +- [CVE-2024-46992](CVE-2024/CVE-2024-469xx/CVE-2024-46992.json) (`2025-07-01T02:15:20.977`) +- [CVE-2024-46993](CVE-2024/CVE-2024-469xx/CVE-2024-46993.json) (`2025-07-01T03:15:21.020`) +- [CVE-2024-49364](CVE-2024/CVE-2024-493xx/CVE-2024-49364.json) (`2025-07-01T03:15:21.163`) +- [CVE-2024-49365](CVE-2024/CVE-2024-493xx/CVE-2024-49365.json) (`2025-07-01T03:15:21.327`) +- [CVE-2025-53003](CVE-2025/CVE-2025-530xx/CVE-2025-53003.json) (`2025-07-01T02:15:22.413`) +- [CVE-2025-53095](CVE-2025/CVE-2025-530xx/CVE-2025-53095.json) (`2025-07-01T02:15:22.563`) +- [CVE-2025-53096](CVE-2025/CVE-2025-530xx/CVE-2025-53096.json) (`2025-07-01T02:15:22.717`) +- [CVE-2025-6938](CVE-2025/CVE-2025-69xx/CVE-2025-6938.json) (`2025-07-01T02:15:22.873`) +- [CVE-2025-6939](CVE-2025/CVE-2025-69xx/CVE-2025-6939.json) (`2025-07-01T03:15:21.483`) +- [CVE-2025-6940](CVE-2025/CVE-2025-69xx/CVE-2025-6940.json) (`2025-07-01T03:15:21.670`) ### CVEs modified in the last Commit -Recently modified CVEs: `8` +Recently modified CVEs: `4` -- [CVE-2024-33542](CVE-2024/CVE-2024-335xx/CVE-2024-33542.json) (`2025-07-01T00:17:21.697`) -- [CVE-2025-53004](CVE-2025/CVE-2025-530xx/CVE-2025-53004.json) (`2025-07-01T01:15:28.283`) -- [CVE-2025-6543](CVE-2025/CVE-2025-65xx/CVE-2025-6543.json) (`2025-07-01T01:00:02.237`) -- [CVE-2025-6824](CVE-2025/CVE-2025-68xx/CVE-2025-6824.json) (`2025-07-01T00:33:14.560`) -- [CVE-2025-6844](CVE-2025/CVE-2025-68xx/CVE-2025-6844.json) (`2025-07-01T00:37:06.470`) -- [CVE-2025-6845](CVE-2025/CVE-2025-68xx/CVE-2025-6845.json) (`2025-07-01T00:22:08.410`) -- [CVE-2025-6846](CVE-2025/CVE-2025-68xx/CVE-2025-6846.json) (`2025-07-01T00:24:47.417`) -- [CVE-2025-6847](CVE-2025/CVE-2025-68xx/CVE-2025-6847.json) (`2025-07-01T00:46:11.677`) +- [CVE-2024-10306](CVE-2024/CVE-2024-103xx/CVE-2024-10306.json) (`2025-07-01T03:15:20.857`) +- [CVE-2025-3891](CVE-2025/CVE-2025-38xx/CVE-2025-3891.json) (`2025-07-01T02:15:21.967`) +- [CVE-2025-49520](CVE-2025/CVE-2025-495xx/CVE-2025-49520.json) (`2025-07-01T02:15:22.190`) +- [CVE-2025-49521](CVE-2025/CVE-2025-495xx/CVE-2025-49521.json) (`2025-07-01T02:15:22.310`) ## Download and Usage diff --git a/_state.csv b/_state.csv index dd52a020ce7..6d6ebcb0e6c 100644 --- a/_state.csv +++ b/_state.csv @@ -245710,7 +245710,7 @@ CVE-2024-1030,0,0,6d2d82ef3072f02e7c34d7489d5c3e0649bc9fdc5d37c6ed18885f5f961ee1 CVE-2024-10300,0,0,71f89392a82bac9e3a1118d602fedad5aa8e35f49fa5cc5e5782fb8c6482f21b,2024-10-25T18:49:01.953000 CVE-2024-10301,0,0,3d2ee5c748542f3efcde40d90c311550627d3156c0575f82911af7d8dec82c11,2024-10-25T18:47:54.033000 CVE-2024-10305,0,0,c796e0a9a1f8c346431dc8391644400d6ff87d94b0f13883aeae274109208b98,2025-02-11T02:15:33.200000 -CVE-2024-10306,0,0,fa45917d64481b0737b083d2e091cd946005e48c194b6f6cf4c0627d5be06569,2025-06-24T07:15:25.567000 +CVE-2024-10306,0,1,b68b21ed8c2e02632873d5c9e9d29a5aeb992de5a913986d49fa752c4c2ed419,2025-07-01T03:15:20.857000 CVE-2024-10307,0,0,b3c6596e9363272e01afbca3eda91cdf366d6168437cf679755595a795028a90,2025-03-28T18:11:40.180000 CVE-2024-10308,0,0,7d25344eaafedd87dec065a0c2fdf72a371424d31caf12f177490522cd87b5ec,2025-01-09T20:30:43.060000 CVE-2024-10309,0,0,4b2759d257cfe7d5297e8d161cf11fe4adb179be4b097ccbd04ffe263460154b,2025-05-11T23:38:49.507000 @@ -260596,7 +260596,7 @@ CVE-2024-33539,0,0,c813ab74a2e4d40724448131d06b114701c6fe22f9b0a92f0d8f3bcd0f5a5 CVE-2024-3354,0,0,9343993999c727adc455b2f3ec5fd60115992345bf5486d6e966523c7fcfabad,2025-02-11T14:49:51.667000 CVE-2024-33540,0,0,757c59563d6d7999151106a5d086f394dda6b9ed32a0a12c94f07a25768805ac,2024-11-21T09:17:06.720000 CVE-2024-33541,0,0,10ac1da999a2f7f61facf1fd9cbc6e73f2b3041342b34d46913ec6deb8cb8fca,2025-03-06T16:48:30.300000 -CVE-2024-33542,0,1,aa38f7c6abb4a22500b29011feaf8ec56d846a12e3bf9338cbe203da929ac71e,2025-07-01T00:17:21.697000 +CVE-2024-33542,0,0,aa38f7c6abb4a22500b29011feaf8ec56d846a12e3bf9338cbe203da929ac71e,2025-07-01T00:17:21.697000 CVE-2024-33543,0,0,63797616ab7a39b146f722c6c44190261d0464349f39646ae3b90f2a9366096b,2024-11-21T09:17:07.083000 CVE-2024-33544,0,0,cd39eba8ecbbcada14f1c97935868f46e3ab4c53a2bf0020042c2391bef6eed0,2024-11-21T09:17:07.223000 CVE-2024-33545,0,0,92e99edd1de7e92380931ae209d57791cedc9d9505bbd009ddb8ed2266a6a135,2024-11-21T09:17:07.347000 @@ -270993,6 +270993,8 @@ CVE-2024-46988,0,0,acd89b292d81a9c010991540bdc019514c5c2b6f105f296502ddc3d473aab CVE-2024-46989,0,0,6bdb8413cce46a7600ac612bf9e3165d11c9dbb0c72558e12e9157e78fac4943,2024-09-20T12:30:17.483000 CVE-2024-4699,0,0,6704af27a34ce8014650bda6e0af4c124874de8e57045418eda51d998401afef,2024-11-21T09:43:24.157000 CVE-2024-46990,0,0,dd7309bdaa6de92d4c638eb588c5ba5946904af2e94432491a46d771714c57b5,2024-09-20T12:30:17.483000 +CVE-2024-46992,1,1,4f14c121d3213efe136e83fd6be29dd805094c3ff8cc7f090ca084c6c9798400,2025-07-01T02:15:20.977000 +CVE-2024-46993,1,1,4253a6d1fcbf16aa04b65fa7bb1dd88f3f4c236589b79954cce996c90abaa591,2025-07-01T03:15:21.020000 CVE-2024-46994,0,0,69ae49c22ca9b2cb7980b984d8bf731e286ec44b1259e1b123990c8a9f90f105,2024-10-28T15:30:10.080000 CVE-2024-46995,0,0,f3e6bb51149efa3705cc82908e43a8f54c24e34fce879d34e11fb4568c544b58,2024-10-28T15:33:01.150000 CVE-2024-46996,0,0,0e90808564880ccefb264ad38fc9e5a776e8f60726f52ae1bae94d223155f8ec,2024-10-28T15:31:43.137000 @@ -272751,6 +272753,8 @@ CVE-2024-49360,0,0,2f416d472f9e1e4d8a2e89b815e30ec60b8a63378897a83d489ff8cd1e223 CVE-2024-49361,0,0,5c68e704b74611841c8fbae38a5cac59cbf1d64f57e6e089b8f58950a417a465,2024-10-21T17:10:22.857000 CVE-2024-49362,0,0,7b22733ff3252c3e0adb7c235cda5b63b9ba37779f585a79ddab8ccb55216869,2025-05-07T14:10:19.787000 CVE-2024-49363,0,0,00c396e356a3ccfb42609ceffdd1d050b93f8d59c5f6b1feb3fffdb5ff3fae8a,2024-12-18T20:15:23.073000 +CVE-2024-49364,1,1,a2111c7cd3866e24aabda9522728b166e7c67890c6cc1f4d22599634c214d79d,2025-07-01T03:15:21.163000 +CVE-2024-49365,1,1,ce883acb18934a9b85208919c6a62558ddae365c21355f4bef0ab59835b5c21c,2025-07-01T03:15:21.327000 CVE-2024-49366,0,0,fce76dfb2074699c434c110844725b5b8a135e34e57b5d5783c61b5329318085,2024-11-07T15:15:04.587000 CVE-2024-49367,0,0,ac627424ca9c2e09c2a9cb25bb1842cfc2c94c36b69a656744a4c01e163e5d71,2024-11-07T14:57:17.393000 CVE-2024-49368,0,0,c3e4aaffa16bb3cb2d3c91269151a568bf5ca1c54ba4d0c1f7409512f0d3d67b,2024-11-06T18:28:54.440000 @@ -285207,7 +285211,7 @@ CVE-2025-21406,0,0,6c291d888693effc4c704398bf9fe1ea90097879dc039825d7dbe20016f09 CVE-2025-21407,0,0,75fede06292d95a8c42cb27cc3f5b2257526d05517ed0aab3f9eb96bcb3fd2e6,2025-02-14T17:36:43.997000 CVE-2025-21408,0,0,dde39692a9cd7bcc03498eac1e13d6927330f107e7077667a1cb2769fa60a687,2025-02-11T19:36:51.360000 CVE-2025-21409,0,0,3bf5836a71fbbaa0695b5c54fccc80deb4b92732317730f3aa826e45ebb1b888,2025-01-16T20:33:29.353000 -CVE-2025-2141,1,1,723ce002519b57ac38361062dc3752ec365ef3f986c573c08384f94699101251,2025-07-01T01:15:27.603000 +CVE-2025-2141,0,0,723ce002519b57ac38361062dc3752ec365ef3f986c573c08384f94699101251,2025-07-01T01:15:27.603000 CVE-2025-21410,0,0,7143363598b411415057911e839e3e2734d5d4dab59fd90f8ec466c0580653af,2025-02-14T17:35:15.613000 CVE-2025-21411,0,0,d2e29cedca2f1fe913d6878a152d5e3cf8623634997c4c44b466ea286fc6f7de,2025-01-16T20:33:43.177000 CVE-2025-21413,0,0,92246b94b6ff8ad6af923e8c9e956388783c15bc49ee5b2dd584abbbec41314d,2025-01-16T20:33:54.607000 @@ -294012,7 +294016,7 @@ CVE-2025-36048,0,0,48d28565b5a5dac8864125e4e10278da8c90f89c017b04d11826768d75600 CVE-2025-36049,0,0,2a677c358d9f805db8bbb2e9b50a2fe58c97d8abe6296a5b5533901f920d6f73,2025-06-23T20:16:59.783000 CVE-2025-3605,0,0,9176bdbc7dac7692b3792270d47f63d72180fcbe4f8435ffab86ce86c23fcbca,2025-05-12T17:32:32.760000 CVE-2025-36050,0,0,9924fee6b96a28ef599becda3313e6f2a6f534db0fa5f23b692badcc78188651,2025-06-23T20:16:40.143000 -CVE-2025-36056,1,1,3f6d7f09b9f12f9730ecb989bf991ee526e2dff9bc1f043d4beecf3ba83c5d33,2025-07-01T01:15:28.113000 +CVE-2025-36056,0,0,3f6d7f09b9f12f9730ecb989bf991ee526e2dff9bc1f043d4beecf3ba83c5d33,2025-07-01T01:15:28.113000 CVE-2025-3606,0,0,9e462a995d1e7019ecb96791362c7ba0b1305419ebea53ce8f14b67c14ed347e,2025-04-29T13:52:28.490000 CVE-2025-3607,0,0,00a61937e6c72150e849325aa06a18ed35736c13546aa89382694e35fbdc7236,2025-04-29T13:52:47.470000 CVE-2025-3608,0,0,9a5b2a685e23ed54a5b4d9074656a8f2a2ccacace07a3f4ed149936d1bf208f0,2025-05-21T19:48:33.080000 @@ -294649,7 +294653,7 @@ CVE-2025-3887,0,0,db93e723129ee4206bae383d30f7197fb24378c5583f1d02aac2a2ae7870e9 CVE-2025-3888,0,0,4e775fb1080727b9bf1fcdbb5dfd0f65ded686aefe81b5cfb875e802c37fa70d,2025-06-04T20:10:15.797000 CVE-2025-3889,0,0,addcdab3a978b132a54b1f1982e1745a3e16133d88989aba0f11c2d9da982971,2025-05-06T15:39:43.323000 CVE-2025-3890,0,0,d96df3538703b6e7aa875d8f583dc14e28a363f629bce9d326c752b01881ed1a,2025-05-06T14:55:31.320000 -CVE-2025-3891,0,0,fbde6829a423f1bcc8b5dc9458b7a1163e32ee07776d76d000113a5dd6f5f71d,2025-06-23T19:15:22.770000 +CVE-2025-3891,0,1,4a3b9c52c88cc0a23d31f1ab9d49c202a62f21f6498fb1bd699eb5e7de8a7561,2025-07-01T02:15:21.967000 CVE-2025-3893,0,0,1ab86d04da56f98bab184b01c702cbbec8f916378a6e5df504f9128fd6b7062f,2025-05-23T15:54:42.643000 CVE-2025-3894,0,0,5fc1ef7ab55e4a66950bb4d6ad69ffb2f2004eb936be378e0237154abb754876,2025-05-23T15:54:42.643000 CVE-2025-3895,0,0,9d24bc256da3d45e242029d4ef6ca15a30f74d3a742ef680b58f60274e1455ef,2025-05-23T15:54:42.643000 @@ -298066,8 +298070,8 @@ CVE-2025-49509,0,0,83d7c029291217af9a97963b6a105646b66e999b31aeea3bf105eeb0ecb2a CVE-2025-4951,0,0,8d2965f90ffa46a261e1b06cd533aeb358abbd5115dc1f57a5b34acf12ab582b,2025-05-21T20:25:16.407000 CVE-2025-49510,0,0,3bb8122e36ad249db39449b81c1d9bb5005e0826a2addc079025211cebc0dc64,2025-06-12T16:06:39.330000 CVE-2025-49511,0,0,5857ce4f5934ac8d4eab419d1a69fa9027dcf280ff9a1fb08e4e3e1a5703ab2f,2025-06-12T16:06:39.330000 -CVE-2025-49520,0,0,cb8826b22300f5a9d2eae9ca5dafc15b1f5e0f8306ced606515beea3acf195ef,2025-06-30T21:15:30.913000 -CVE-2025-49521,0,0,8d9931f59dc1f8590f74fb0429e8ba8edb007bf2a0a1c9740d850475b0fd0bb7,2025-06-30T21:15:31.063000 +CVE-2025-49520,0,1,c00c5db1e0d7cdfcf03ce2a151d4a6f1c9dd6234f02cc9e35bc9dc762ccb8040,2025-07-01T02:15:22.190000 +CVE-2025-49521,0,1,f5759572ad27815817cd4949078de9ea61bd0b160316fbc144b68c5d87cc6701,2025-07-01T02:15:22.310000 CVE-2025-4954,0,0,1ec01516c4567931b4ffc24e86d8b1eee9006bb52ce75acce1cd554027fb1f48,2025-06-12T16:06:39.330000 CVE-2025-49549,0,0,d51ae214ec023b9fbf2d300a776160828d2a71b7300d33bc04b291b25e1ecd5e,2025-06-26T18:57:43.670000 CVE-2025-4955,0,0,85a93e6cc9d76b6eb96cac66d66bf9a676c7375a6a733a4a5f80ea99e88eb438,2025-06-18T19:15:22.137000 @@ -298690,8 +298694,9 @@ CVE-2025-52997,0,0,8717eb5a96661b5be48b3e1d3819b0de26e9a9606e208971a9b2aa822c420 CVE-2025-52999,0,0,8e3ffe270e9e0f4f311570c01291b88502def8da5bc3d26946c9776265012b0e,2025-06-26T18:57:43.670000 CVE-2025-53001,0,0,3c076b45fb4f64495030b45a0e1e68f972266e053573d2640ae8c69ca5f6b1fe,2025-06-30T16:15:24.123000 CVE-2025-53002,0,0,88ca888237f37e4e624e68585cc923f4d5409fd291622a596533223ce1e1a8f6,2025-06-26T18:57:43.670000 -CVE-2025-53004,0,1,d632ba9d9912824e93b83b618f123488201992a59ed771cb8a010250afa34d25,2025-07-01T01:15:28.283000 -CVE-2025-53005,1,1,3d09e91c00d25360a5766e83920baf9ac2646df47165c486fde139fba475fda9,2025-07-01T01:15:28.430000 +CVE-2025-53003,1,1,e9f77d771559920cfc259577cc91273643328dc9eeaad2279a1baf5cbc2605b5,2025-07-01T02:15:22.413000 +CVE-2025-53004,0,0,d632ba9d9912824e93b83b618f123488201992a59ed771cb8a010250afa34d25,2025-07-01T01:15:28.283000 +CVE-2025-53005,0,0,3d09e91c00d25360a5766e83920baf9ac2646df47165c486fde139fba475fda9,2025-07-01T01:15:28.430000 CVE-2025-53007,0,0,a4076fc87f8a0924938a60c1b4d21b89458fde7ab2bc0e9913efaa46d339ee87,2025-06-26T18:57:43.670000 CVE-2025-5301,0,0,172c3938c2a9928b9f8edd9f7241e7981b7b3a36108e0e0149558a51f65a1594,2025-06-18T05:15:50.287000 CVE-2025-53013,0,0,ee406bf23bf1a0f5f249e7eb22f810b8cfccae8c849cf03bf7e4a61df66a8caa,2025-06-26T18:57:43.670000 @@ -298710,6 +298715,8 @@ CVE-2025-5309,0,0,4f40b16e57161a0b02ce9c3f4d7e0ba4cf08b0282b7954a09175078f67da41 CVE-2025-53091,0,0,92df4bd6ff7616918bf70e4c4609426cb00f6faf7ba7c21c62f74e44092c8dd5,2025-06-30T18:38:23.493000 CVE-2025-53093,0,0,74633fa37f55d3e4578f17a8a8e9cf5802a23514d8c74f36bbe49970c76e862b,2025-06-30T18:38:23.493000 CVE-2025-53094,0,0,418576393828aa4e87c8e5ad6e152067b9fe196eb6fcd7a235ffa2a208b13760,2025-06-30T18:38:23.493000 +CVE-2025-53095,1,1,e95ac446c74b5b238ad5a555b806c0287b264594ffa6e33067aeff5c0cad9acd,2025-07-01T02:15:22.563000 +CVE-2025-53096,1,1,b7d487a3bf94a4e295eaa706cf439f580af9d01cb1b8eb3627f928d7030982ce,2025-07-01T02:15:22.717000 CVE-2025-53097,0,0,b4f020aa269a3e7b86908bda17779dfdc94eaacf2df957f9e5c8283f7aaff4ba,2025-06-30T18:38:23.493000 CVE-2025-53098,0,0,f6fd86d213c1093ee1a72325f7366c8369d98ef6951f20bbf94026ca02d5437d,2025-06-30T18:38:23.493000 CVE-2025-5310,0,0,83a7b09238ca7875fa8ef57928e2bc09dd731a880c6ea88ea2fd5c6208a31ba0,2025-06-30T18:38:23.493000 @@ -299701,7 +299708,7 @@ CVE-2025-6536,0,0,bd4abefc70387d924c3e572721c1a2fa7652203fc239516c5a7622b44e3bfb CVE-2025-6537,0,0,aba74773e54d847a6dcdd26b2482f0491c84acb0bd3df1fe9fb1f724c6b81a08,2025-06-26T18:57:43.670000 CVE-2025-6538,0,0,f0fdc75553b1c22679341e253db1da8954bb632a20495521f7de1f6b92741db5,2025-06-26T18:57:43.670000 CVE-2025-6540,0,0,152da5365eac22d0f26ca667fa5bb4d11854e502ffc4dd5d66492004a74f6967,2025-06-26T18:57:43.670000 -CVE-2025-6543,0,1,dd793aaa96d1cd21017391d723602d43b4aeeb2930ed2a5e5c65ca39955594e7,2025-07-01T01:00:02.237000 +CVE-2025-6543,0,0,dd793aaa96d1cd21017391d723602d43b4aeeb2930ed2a5e5c65ca39955594e7,2025-07-01T01:00:02.237000 CVE-2025-6545,0,0,4a2e9a49fc7908d94e6672d7a2b53a6f95fca2e09b0d849d624a1d4044dc33c8,2025-06-23T20:16:21.633000 CVE-2025-6546,0,0,494de40d7df6c2443041022672d90acb8494a980877b137f48c23d5cab87487a,2025-06-26T18:57:43.670000 CVE-2025-6547,0,0,308fc321cf1c1a3e1d4bfaae0194d79b5c51460bd5056b984e695544d81bad19,2025-06-23T20:16:21.633000 @@ -299836,7 +299843,7 @@ CVE-2025-6820,0,0,0843912694393c62ee7e4fe28c8ed5e4a74854099d579bc54bd12cf584734d CVE-2025-6821,0,0,b7c30ee4dceaa883d0ccedbb4ffe15ba8e3fe1bad36afe008136b91a0d56ff85,2025-06-30T18:38:23.493000 CVE-2025-6822,0,0,55ccc5c265e3126cad7185bca8e73361c895f92372a18ba2d43d952bea77ccc5,2025-06-30T18:38:23.493000 CVE-2025-6823,0,0,d4681baecbbdeb1f4afba9f070ed11c2363843f9b7c48a9a90b53e7a773f0722,2025-06-30T18:38:23.493000 -CVE-2025-6824,0,1,996d4667715d3db5326a58fc60b209742994cbc814600cca4969efc54193b8e4,2025-07-01T00:33:14.560000 +CVE-2025-6824,0,0,996d4667715d3db5326a58fc60b209742994cbc814600cca4969efc54193b8e4,2025-07-01T00:33:14.560000 CVE-2025-6825,0,0,c453337e64634628f145133e8231013d0c9da307c00fc3e380a1513d356c807f,2025-06-30T18:38:23.493000 CVE-2025-6826,0,0,33fc96299f4c2cc733582263ee14bc0560154bf46592d806a8f21fbdcd037685,2025-06-30T18:38:23.493000 CVE-2025-6827,0,0,2c975856bcf0a57893ca62cb5d518afd8f87a2ed37acfeb8fae7a8a925148295,2025-06-30T18:38:23.493000 @@ -299851,10 +299858,10 @@ CVE-2025-6840,0,0,4d17187dc4c185842daff8fdbbf0f33e7acff53a1dddfabc5d93f04a152e9d CVE-2025-6841,0,0,a7458b3d6e3da566ab6e4bc12d9456871e872b6b29dca180b0b903ee108e9bf4,2025-06-30T18:38:23.493000 CVE-2025-6842,0,0,806508ba5e403684cf7e993609c9933812976e4c05ee4f462b61907ac38aa9b0,2025-06-30T18:38:23.493000 CVE-2025-6843,0,0,2d1f2e4b2941a0da42a5529f64eaad8d43bfd72840fbf08c00b5ab919c4ccc01,2025-06-30T18:38:23.493000 -CVE-2025-6844,0,1,a5399cc6b9f83c60e71132c6de005ef5e49467f969507cf499c0f71719bb3c08,2025-07-01T00:37:06.470000 -CVE-2025-6845,0,1,18db1704c3375be965d2c1d6c289644274878cbd1039ecdb0419a895181a8e3a,2025-07-01T00:22:08.410000 -CVE-2025-6846,0,1,f4874fb208c744d9b428a787f074a0d93b49be1928de201bf112a7e7ec17f2a7,2025-07-01T00:24:47.417000 -CVE-2025-6847,0,1,71bd4bfe20f3730a9db23adf419d7dd9c794d21526228ac19cab2f9b6dfadcd6,2025-07-01T00:46:11.677000 +CVE-2025-6844,0,0,a5399cc6b9f83c60e71132c6de005ef5e49467f969507cf499c0f71719bb3c08,2025-07-01T00:37:06.470000 +CVE-2025-6845,0,0,18db1704c3375be965d2c1d6c289644274878cbd1039ecdb0419a895181a8e3a,2025-07-01T00:22:08.410000 +CVE-2025-6846,0,0,f4874fb208c744d9b428a787f074a0d93b49be1928de201bf112a7e7ec17f2a7,2025-07-01T00:24:47.417000 +CVE-2025-6847,0,0,71bd4bfe20f3730a9db23adf419d7dd9c794d21526228ac19cab2f9b6dfadcd6,2025-07-01T00:46:11.677000 CVE-2025-6848,0,0,24173891f041d8488a6483bfeb4e1b99fe7ae40b1fb64cffc104ef502e69ec73,2025-06-30T18:38:23.493000 CVE-2025-6849,0,0,540cc65662fb49c3e40e56ade8b5f227a8327c0590da34fce019ed524068b235,2025-06-30T18:38:23.493000 CVE-2025-6850,0,0,a778e0ec23cb8cda661eb40d5398f33388a0c670fa630cf4c9961a5590389396,2025-06-30T18:38:23.493000 @@ -299924,6 +299931,9 @@ CVE-2025-6929,0,0,9ece799ba6281b8e7980c379023d8b829d9e61abb4e41ab8d03daafaba29b6 CVE-2025-6930,0,0,bee982db182da79a40468adbb11226ff1e623020a4f5164f27db8f4cc413aaf3,2025-06-30T22:15:30.010000 CVE-2025-6931,0,0,df9ddfbde912faafa5e4493b429283a88936738657f10a40de2d7749ea0b032c,2025-06-30T23:15:21.863000 CVE-2025-6932,0,0,6c23dab722d2bfca6e0ab05eb53a46bfd002e1a13ce5c4f6e40d491d0daae338,2025-06-30T23:15:22.103000 -CVE-2025-6935,1,1,fd4a1ec4b99f2a650759c2bea64cb45ca308091d621bef64e4913956328f51d5,2025-07-01T00:15:26.503000 -CVE-2025-6936,1,1,17d978cfdc085edc95015327ec5495108c341661ff194664ad18d0b05d6deb47,2025-07-01T00:15:26.740000 -CVE-2025-6937,1,1,b10d8c1265117b053b6599e6b544c7c61d2c978d507bac9b95b840b3f696bfc4,2025-07-01T01:15:28.577000 +CVE-2025-6935,0,0,fd4a1ec4b99f2a650759c2bea64cb45ca308091d621bef64e4913956328f51d5,2025-07-01T00:15:26.503000 +CVE-2025-6936,0,0,17d978cfdc085edc95015327ec5495108c341661ff194664ad18d0b05d6deb47,2025-07-01T00:15:26.740000 +CVE-2025-6937,0,0,b10d8c1265117b053b6599e6b544c7c61d2c978d507bac9b95b840b3f696bfc4,2025-07-01T01:15:28.577000 +CVE-2025-6938,1,1,a368cbfe42ef22bd782dddc5db9bceac2a1f859a98a44510652780b0cb7b6d57,2025-07-01T02:15:22.873000 +CVE-2025-6939,1,1,87b3da633dfd97190510f1f9157e2db47b33f4692d57ee61151ede7614dc9100,2025-07-01T03:15:21.483000 +CVE-2025-6940,1,1,010318edf45fd4ebe8f3d7225a1d16d34343b06a6dbc8db5a5f54ad11fb142cb,2025-07-01T03:15:21.670000