admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-11 16:13:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-07-08T12:00:19.259441+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-07-08 12:03:56 +00:00
parent f3a74312c2
commit f9303675b9
65 changed files with 3513 additions and 130 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CVE-2019/CVE-2019-193xx/CVE-2019-19300.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2019-19300",
"sourceIdentifier": "productcert@siemens.com",
"published": "2020-04-14T20:15:14.903",
"lastModified": "2024-11-21T04:34:31.677",
"lastModified": "2025-07-08T11:15:22.140",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, KTK ATE530S, SIDOOR ATD430W, SIDOOR ATE530S COATED, SIDOOR ATE531S, SIMATIC ET 200AL IM 157-1 PN (6ES7157-1AB00-0AB0), SIMATIC ET 200MP IM 155-5 PN HF (6ES7155-5AA00-0AC0), SIMATIC ET 200pro IM 154-8 PN/DP CPU (6ES7154-8AB01-0AB0), SIMATIC ET 200pro IM 154-8F PN/DP CPU (6ES7154-8FB01-0AB0), SIMATIC ET 200pro IM 154-8FX PN/DP CPU (6ES7154-8FX00-0AB0), SIMATIC ET 200S IM 151-8 PN/DP CPU (6ES7151-8AB01-0AB0), SIMATIC ET 200S IM 151-8F PN/DP CPU (6ES7151-8FB01-0AB0), SIMATIC ET 200SP IM 155-6 MF HF (6ES7155-6MU00-0CN0), SIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants), SIMATIC ET 200SP IM 155-6 PN HF (6ES7155-6AU00-0CN0), SIMATIC ET 200SP IM 155-6 PN/2 HF (6ES7155-6AU01-0CN0), SIMATIC ET 200SP IM 155-6 PN/3 HF (6ES7155-6AU30-0CN0), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants), SIMATIC ET200ecoPN, AI 8xRTD/TC, M12-L (6ES7144-6JF00-0BB0), SIMATIC ET200ecoPN, CM 4x IO-Link, M12-L (6ES7148-6JE00-0BB0), SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L (6ES7148-6JG00-0BB0), SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L (6ES7148-6JJ00-0BB0), SIMATIC ET200ecoPN, DI 16x24VDC, M12-L (6ES7141-6BH00-0BB0), SIMATIC ET200ecoPN, DI 8x24VDC, M12-L (6ES7141-6BG00-0BB0), SIMATIC ET200ecoPN, DIQ 16x24VDC/2A, M12-L (6ES7143-6BH00-0BB0), SIMATIC ET200ecoPN, DQ 8x24VDC/0,5A, M12-L (6ES7142-6BG00-0BB0), SIMATIC ET200ecoPN, DQ 8x24VDC/2A, M12-L (6ES7142-6BR00-0BB0), SIMATIC MICRO-DRIVE PDC, SIMATIC PN/MF Coupler (6ES7158-3MU10-0XA0), SIMATIC PN/PN Coupler (6ES7158-3AD10-0XA0), SIMATIC S7-1200 CPU family (incl. SIPLUS variants), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants), SIMATIC S7-1500 Software Controller, SIMATIC S7-300 CPU 314C-2 PN/DP (6ES7314-6EH04-0AB0), SIMATIC S7-300 CPU 315-2 PN/DP (6ES7315-2EH14-0AB0), SIMATIC S7-300 CPU 315F-2 PN/DP (6ES7315-2FJ14-0AB0), SIMATIC S7-300 CPU 315T-3 PN/DP (6ES7315-7TJ10-0AB0), SIMATIC S7-300 CPU 317-2 PN/DP (6ES7317-2EK14-0AB0), SIMATIC S7-300 CPU 317F-2 PN/DP (6ES7317-2FK14-0AB0), SIMATIC S7-300 CPU 317T-3 PN/DP (6ES7317-7TK10-0AB0), SIMATIC S7-300 CPU 317TF-3 PN/DP (6ES7317-7UL10-0AB0), SIMATIC S7-300 CPU 319-3 PN/DP (6ES7318-3EL01-0AB0), SIMATIC S7-300 CPU 319F-3 PN/DP (6ES7318-3FL01-0AB0), SIMATIC S7-400 H V6\u00a0and below\u00a0CPU family (incl. SIPLUS variants), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants), SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants), SIMATIC TDC CP51M1, SIMATIC TDC CPU555, SIMATIC WinAC RTX 2010 (6ES7671-0RC08-0YA0), SIMATIC WinAC RTX F 2010 (6ES7671-1RC08-0YA0), SINAMICS S/G Control Unit w. PROFINET, SIPLUS ET 200MP IM 155-5 PN HF (6AG1155-5AA00-2AC0), SIPLUS ET 200MP IM 155-5 PN HF (6AG1155-5AA00-7AC0), SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL (6AG2155-5AA00-1AC0), SIPLUS ET 200S IM 151-8 PN/DP CPU (6AG1151-8AB01-7AB0), SIPLUS ET 200S IM 151-8F PN/DP CPU (6AG1151-8FB01-2AB0), SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU00-2CN0), SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU00-4CN0), SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU01-2CN0), SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU01-7CN0), SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL (6AG2155-6AU00-1CN0), SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL (6AG2155-6AU01-1CN0), SIPLUS ET 200SP IM 155-6 PN HF TX RAIL (6AG2155-6AU01-4CN0), SIPLUS NET PN/PN Coupler (6AG2158-3AD10-4XA0), SIPLUS S7-300 CPU 314C-2 PN/DP (6AG1314-6EH04-7AB0), SIPLUS S7-300 CPU 315-2 PN/DP (6AG1315-2EH14-7AB0), SIPLUS S7-300 CPU 315F-2 PN/DP (6AG1315-2FJ14-2AB0), SIPLUS S7-300 CPU 317-2 PN/DP (6AG1317-2EK14-7AB0), SIPLUS S7-300 CPU 317F-2 PN/DP (6AG1317-2FK14-2AB0). The Interniche-based TCP Stack can be forced to make very expensive calls for every incoming packet which can lead to a denial of service."
"value": "A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, KTK ATE530S, SIDOOR ATD430W, SIDOOR ATE530S COATED, SIDOOR ATE531S, SIMATIC ET 200AL IM 157-1 PN (6ES7157-1AB00-0AB0), SIMATIC ET 200eco PN, AI 8xRTD/TC, M12-L (6ES7144-6JF00-0BB0), SIMATIC ET 200eco PN, CM 4x IO-Link, M12-L (6ES7148-6JE00-0BB0), SIMATIC ET 200eco PN, CM 8x IO-Link, M12-L (6ES7148-6JG00-0BB0), SIMATIC ET 200eco PN, CM 8x IO-Link, M12-L (6ES7148-6JJ00-0BB0), SIMATIC ET 200eco PN, DI 16x24VDC, M12-L (6ES7141-6BH00-0BB0), SIMATIC ET 200eco PN, DI 8x24VDC, M12-L (6ES7141-6BG00-0BB0), SIMATIC ET 200eco PN, DIQ 16x24VDC/2A, M12-L (6ES7143-6BH00-0BB0), SIMATIC ET 200eco PN, DQ 8x24VDC/0,5A, M12-L (6ES7142-6BG00-0BB0), SIMATIC ET 200eco PN, DQ 8x24VDC/2A, M12-L (6ES7142-6BR00-0BB0), SIMATIC ET 200MP IM 155-5 PN HF (6ES7155-5AA00-0AC0), SIMATIC ET 200pro IM 154-8 PN/DP CPU (6ES7154-8AB01-0AB0), SIMATIC ET 200pro IM 154-8F PN/DP CPU (6ES7154-8FB01-0AB0), SIMATIC ET 200pro IM 154-8FX PN/DP CPU (6ES7154-8FX00-0AB0), SIMATIC ET 200S IM 151-8 PN/DP CPU (6ES7151-8AB01-0AB0), SIMATIC ET 200S IM 151-8F PN/DP CPU (6ES7151-8FB01-0AB0), SIMATIC ET 200SP IM 155-6 MF HF (6ES7155-6MU00-0CN0), SIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants), SIMATIC ET 200SP IM 155-6 PN HF (6ES7155-6AU00-0CN0), SIMATIC ET 200SP IM 155-6 PN/2 HF (6ES7155-6AU01-0CN0), SIMATIC ET 200SP IM 155-6 PN/3 HF (6ES7155-6AU30-0CN0), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants), SIMATIC MICRO-DRIVE PDC, SIMATIC PN/MF Coupler (6ES7158-3MU10-0XA0), SIMATIC PN/PN Coupler (6ES7158-3AD10-0XA0), SIMATIC S7-1200 CPU family (incl. SIPLUS variants), SIMATIC S7-1500 CPU family (incl. related ET 200 CPUs and SIPLUS variants), SIMATIC S7-1500 Software Controller, SIMATIC S7-300 CPU 314C-2 PN/DP (6ES7314-6EH04-0AB0), SIMATIC S7-300 CPU 315-2 PN/DP (6ES7315-2EH14-0AB0), SIMATIC S7-300 CPU 315F-2 PN/DP (6ES7315-2FJ14-0AB0), SIMATIC S7-300 CPU 315T-3 PN/DP (6ES7315-7TJ10-0AB0), SIMATIC S7-300 CPU 317-2 PN/DP (6ES7317-2EK14-0AB0), SIMATIC S7-300 CPU 317F-2 PN/DP (6ES7317-2FK14-0AB0), SIMATIC S7-300 CPU 317T-3 PN/DP (6ES7317-7TK10-0AB0), SIMATIC S7-300 CPU 317TF-3 PN/DP (6ES7317-7UL10-0AB0), SIMATIC S7-300 CPU 319-3 PN/DP (6ES7318-3EL01-0AB0), SIMATIC S7-300 CPU 319F-3 PN/DP (6ES7318-3FL01-0AB0), SIMATIC S7-400 H V6\u00a0and below\u00a0CPU family (incl. SIPLUS variants), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants), SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants), SIMATIC TDC CP51M1, SIMATIC TDC CPU555, SIMATIC WinAC RTX 2010 (6ES7671-0RC08-0YA0), SIMATIC WinAC RTX F 2010 (6ES7671-1RC08-0YA0), SINAMICS S/G Control Unit w. PROFINET, SIPLUS ET 200MP IM 155-5 PN HF (6AG1155-5AA00-2AC0), SIPLUS ET 200MP IM 155-5 PN HF (6AG1155-5AA00-7AC0), SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL (6AG2155-5AA00-1AC0), SIPLUS ET 200S IM 151-8 PN/DP CPU (6AG1151-8AB01-7AB0), SIPLUS ET 200S IM 151-8F PN/DP CPU (6AG1151-8FB01-2AB0), SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU00-2CN0), SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU00-4CN0), SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU01-2CN0), SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU01-7CN0), SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL (6AG2155-6AU00-1CN0), SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL (6AG2155-6AU01-1CN0), SIPLUS ET 200SP IM 155-6 PN HF TX RAIL (6AG2155-6AU01-4CN0), SIPLUS NET PN/PN Coupler (6AG2158-3AD10-4XA0), SIPLUS S7-300 CPU 314C-2 PN/DP (6AG1314-6EH04-7AB0), SIPLUS S7-300 CPU 315-2 PN/DP (6AG1315-2EH14-7AB0), SIPLUS S7-300 CPU 315F-2 PN/DP (6AG1315-2FJ14-2AB0), SIPLUS S7-300 CPU 317-2 PN/DP (6AG1317-2EK14-7AB0), SIPLUS S7-300 CPU 317F-2 PN/DP (6AG1317-2FK14-2AB0). The Interniche-based TCP Stack can be forced to make very expensive calls for every incoming packet which can lead to a denial of service."
},
{
"lang": "es",
@ -87,7 +87,7 @@
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

16
CVE-2021/CVE-2021-221xx/CVE-2021-22145.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-22145",
"sourceIdentifier": "bressers@elastic.co",
"published": "2021-07-21T15:15:14.063",
"lastModified": "2024-11-21T05:49:35.700",
"lastModified": "2025-07-08T11:15:23.120",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -65,6 +65,16 @@
]
},
"weaknesses": [
{
"source": "bressers@elastic.co",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
@ -127,6 +137,10 @@
"Vendor Advisory"
]
},
{
"url": "https://gist.github.com/lucasdrufva/f9c5d7c9e26ee087b736d727953afd34",
"source": "bressers@elastic.co"
},
{
"url": "https://security.netapp.com/advisory/ntap-20210827-0006/",
"source": "bressers@elastic.co",

100
CVE-2023/CVE-2023-522xx/CVE-2023-52236.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2023-52236",
"sourceIdentifier": "productcert@siemens.com",
"published": "2025-07-08T11:15:23.750",
"lastModified": "2025-07-08T11:15:23.750",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in RUGGEDCOM i800 (All versions), RUGGEDCOM i801 (All versions), RUGGEDCOM i802 (All versions), RUGGEDCOM i803 (All versions), RUGGEDCOM M2100 (All versions), RUGGEDCOM M2200 (All versions), RUGGEDCOM M969 (All versions), RUGGEDCOM RMC30 (All versions), RUGGEDCOM RMC8388 V4.X (All versions), RUGGEDCOM RMC8388 V5.X (All versions < V5.10.0), RUGGEDCOM RP110 (All versions), RUGGEDCOM RS1600 (All versions), RUGGEDCOM RS1600F (All versions), RUGGEDCOM RS1600T (All versions), RUGGEDCOM RS400 (All versions), RUGGEDCOM RS401 (All versions), RUGGEDCOM RS416 (All versions), RUGGEDCOM RS416P (All versions), RUGGEDCOM RS416Pv2 V4.X (All versions), RUGGEDCOM RS416Pv2 V5.X (All versions < V5.10.0), RUGGEDCOM RS416v2 V4.X (All versions), RUGGEDCOM RS416v2 V5.X (All versions < V5.10.0), RUGGEDCOM RS8000 (All versions), RUGGEDCOM RS8000A (All versions), RUGGEDCOM RS8000H (All versions), RUGGEDCOM RS8000T (All versions), RUGGEDCOM RS900 (All versions), RUGGEDCOM RS900 (32M) V4.X (All versions), RUGGEDCOM RS900 (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RS900G (All versions), RUGGEDCOM RS900G (32M) V4.X (All versions), RUGGEDCOM RS900G (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RS900GP (All versions), RUGGEDCOM RS900L (All versions), RUGGEDCOM RS900M-GETS-C01 (All versions), RUGGEDCOM RS900M-GETS-XX (All versions), RUGGEDCOM RS900M-STND-C01 (All versions), RUGGEDCOM RS900M-STND-XX (All versions), RUGGEDCOM RS900W (All versions), RUGGEDCOM RS910 (All versions), RUGGEDCOM RS910L (All versions), RUGGEDCOM RS910W (All versions), RUGGEDCOM RS920L (All versions), RUGGEDCOM RS920W (All versions), RUGGEDCOM RS930L (All versions), RUGGEDCOM RS930W (All versions), RUGGEDCOM RS940G (All versions), RUGGEDCOM RS969 (All versions), RUGGEDCOM RSG2100 (All versions), RUGGEDCOM RSG2100 (32M) V4.X (All versions), RUGGEDCOM RSG2100 (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RSG2100P (All versions), RUGGEDCOM RSG2100P (32M) V4.X (All versions), RUGGEDCOM RSG2100P (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RSG2200 (All versions), RUGGEDCOM RSG2288 V4.X (All versions), RUGGEDCOM RSG2288 V5.X (All versions < V5.10.0), RUGGEDCOM RSG2300 V4.X (All versions), RUGGEDCOM RSG2300 V5.X (All versions < V5.10.0), RUGGEDCOM RSG2300P V4.X (All versions), RUGGEDCOM RSG2300P V5.X (All versions < V5.10.0), RUGGEDCOM RSG2488 V4.X (All versions), RUGGEDCOM RSG2488 V5.X (All versions < V5.10.0), RUGGEDCOM RSG907R (All versions < V5.10.0), RUGGEDCOM RSG908C (All versions < V5.10.0), RUGGEDCOM RSG909R (All versions < V5.10.0), RUGGEDCOM RSG910C (All versions < V5.10.0), RUGGEDCOM RSG920P V4.X (All versions), RUGGEDCOM RSG920P V5.X (All versions < V5.10.0), RUGGEDCOM RSL910 (All versions < V5.10.0), RUGGEDCOM RST2228 (All versions < V5.10.0), RUGGEDCOM RST2228P (All versions < V5.10.0), RUGGEDCOM RST916C (All versions < V5.10.0), RUGGEDCOM RST916P (All versions < V5.10.0). The affected products support insecure cryptographic algorithms. An attacker could leverage these legacy algorithms to achieve a man-in-the-middle attack or impersonate communicating parties."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "productcert@siemens.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.2,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-327"
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-083019.html",
"source": "productcert@siemens.com"
}
]
}

100
CVE-2024/CVE-2024-318xx/CVE-2024-31853.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2024-31853",
"sourceIdentifier": "productcert@siemens.com",
"published": "2025-07-08T11:15:23.997",
"lastModified": "2025-07-08T11:15:23.997",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.11). During establishment of a https connection to the TLS server of a managed device, the affected application doesn't check the extended key usage attribute of that device's certificate.\r\nThis could allow an attacker to execute an on-path network (MitM) attack."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "productcert@siemens.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-183963.html",
"source": "productcert@siemens.com"
}
]
}

100
CVE-2024/CVE-2024-318xx/CVE-2024-31854.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2024-31854",
"sourceIdentifier": "productcert@siemens.com",
"published": "2025-07-08T11:15:24.180",
"lastModified": "2025-07-08T11:15:24.180",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.11). During establishment of a https connection to the TLS server of a managed device, the affected application doesn't check device's certificate common name against an expected value.\r\nThis could allow an attacker to execute an on-path network (MitM) attack."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "productcert@siemens.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-183963.html",
"source": "productcert@siemens.com"
}
]
}

8
CVE-2024/CVE-2024-540xx/CVE-2024-54092.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-54092",
"sourceIdentifier": "productcert@siemens.com",
"published": "2025-04-08T09:15:23.320",
"lastModified": "2025-04-08T18:13:53.347",
"lastModified": "2025-07-08T11:15:24.580",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Industrial Edge Device Kit - arm64 V1.17 (All versions), Industrial Edge Device Kit - arm64 V1.18 (All versions), Industrial Edge Device Kit - arm64 V1.19 (All versions), Industrial Edge Device Kit - arm64 V1.20 (All versions < V1.20.2-1), Industrial Edge Device Kit - arm64 V1.21 (All versions < V1.21.1-1), Industrial Edge Device Kit - x86-64 V1.17 (All versions), Industrial Edge Device Kit - x86-64 V1.18 (All versions), Industrial Edge Device Kit - x86-64 V1.19 (All versions), Industrial Edge Device Kit - x86-64 V1.20 (All versions < V1.20.2-1), Industrial Edge Device Kit - x86-64 V1.21 (All versions < V1.21.1-1), Industrial Edge Own Device (IEOD) (All versions < V1.21.1-1-a), Industrial Edge Virtual Device (All versions < V1.21.1-1-a), SCALANCE LPE9413 (6GK5998-3GS01-2AC2) (All versions), SIMATIC IPC BX-39A Industrial Edge Device (All versions < V3.0), SIMATIC IPC BX-59A Industrial Edge Device (All versions < V3.0), SIMATIC IPC127E Industrial Edge Device (All versions < V3.0), SIMATIC IPC227E Industrial Edge Device (All versions < V3.0), SIMATIC IPC427E Industrial Edge Device (All versions < V3.0), SIMATIC IPC847E Industrial Edge Device (All versions < V3.0). Affected devices do not properly enforce user authentication on specific API endpoints when identity federation is used. This could facilitate an unauthenticated remote attacker to circumvent authentication and impersonate a legitimate user. Successful exploitation requires that identity federation is currently or has previously been used and the attacker has learned the identity of a legitimate user."
"value": "A vulnerability has been identified in Industrial Edge Device Kit - arm64 V1.17 (All versions), Industrial Edge Device Kit - arm64 V1.18 (All versions), Industrial Edge Device Kit - arm64 V1.19 (All versions), Industrial Edge Device Kit - arm64 V1.20 (All versions < V1.20.2-1), Industrial Edge Device Kit - arm64 V1.21 (All versions < V1.21.1-1), Industrial Edge Device Kit - x86-64 V1.17 (All versions), Industrial Edge Device Kit - x86-64 V1.18 (All versions), Industrial Edge Device Kit - x86-64 V1.19 (All versions), Industrial Edge Device Kit - x86-64 V1.20 (All versions < V1.20.2-1), Industrial Edge Device Kit - x86-64 V1.21 (All versions < V1.21.1-1), Industrial Edge Own Device (IEOD) (All versions < V1.21.1-1-a), Industrial Edge Virtual Device (All versions < V1.21.1-1-a), SCALANCE LPE9413 (6GK5998-3GS01-2AC2) (All versions < V2.1), SIMATIC IPC BX-39A Industrial Edge Device (All versions < V3.0), SIMATIC IPC BX-59A Industrial Edge Device (All versions < V3.0), SIMATIC IPC127E Industrial Edge Device (All versions < V3.0), SIMATIC IPC227E Industrial Edge Device (All versions < V3.0), SIMATIC IPC427E Industrial Edge Device (All versions < V3.0), SIMATIC IPC847E Industrial Edge Device (All versions < V3.0). Affected devices do not properly enforce user authentication on specific API endpoints when identity federation is used. This could facilitate an unauthenticated remote attacker to circumvent authentication and impersonate a legitimate user. Successful exploitation requires that identity federation is currently or has previously been used and the attacker has learned the identity of a legitimate user."
},
{
"lang": "es",
@ -63,7 +63,7 @@
"cvssMetricV31": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
@ -86,7 +86,7 @@
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

44
CVE-2025/CVE-2025-209xx/CVE-2025-20982.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2025-20982",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2025-07-08T11:15:24.733",
"lastModified": "2025-07-08T11:15:24.733",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds write in setting auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1 allows local privileged attackers to write out-of-bounds memory."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.5,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=07",
"source": "mobile.security@samsung.com"
}
]
}

44
CVE-2025/CVE-2025-209xx/CVE-2025-20983.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2025-20983",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2025-07-08T11:15:24.873",
"lastModified": "2025-07-08T11:15:24.873",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds write in checking auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1 allows local privileged attackers to write out-of-bounds memory."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.5,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=07",
"source": "mobile.security@samsung.com"
}
]
}

44
CVE-2025/CVE-2025-209xx/CVE-2025-20997.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2025-20997",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2025-07-08T11:15:25.000",
"lastModified": "2025-07-08T11:15:25.000",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Incorrect default permission in Framework for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to reset some configuration of Galaxy Watch."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.5,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=07",
"source": "mobile.security@samsung.com"
}
]
}

44
CVE-2025/CVE-2025-209xx/CVE-2025-20998.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2025-20998",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2025-07-08T11:15:25.137",
"lastModified": "2025-07-08T11:15:25.137",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in SamsungAccount for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to access phone number."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=07",
"source": "mobile.security@samsung.com"
}
]
}

44
CVE-2025/CVE-2025-209xx/CVE-2025-20999.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2025-20999",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2025-07-08T11:15:25.267",
"lastModified": "2025-07-08T11:15:25.267",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper authorization in accessing saved Wi-Fi password for Galaxy Tablet prior to SMR Jul-2025 Release 1 allows secondary users to access owner's saved Wi-Fi password."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.5,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=07",
"source": "mobile.security@samsung.com"
}
]
}

44
CVE-2025/CVE-2025-210xx/CVE-2025-21000.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2025-21000",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2025-07-08T11:15:25.397",
"lastModified": "2025-07-08T11:15:25.397",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper privilege management in Bluetooth prior to SMR Jul-2025 Release 1 allows local attackers to enable Bluetooth."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.5,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=07",
"source": "mobile.security@samsung.com"
}
]
}

44
CVE-2025/CVE-2025-210xx/CVE-2025-21001.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2025-21001",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2025-07-08T11:15:25.523",
"lastModified": "2025-07-08T11:15:25.523",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in LeAudioService prior to SMR Jul-2025 Release 1 allows local attackers to stop broadcasting Auracast."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.5,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=07",
"source": "mobile.security@samsung.com"
}
]
}

44
CVE-2025/CVE-2025-210xx/CVE-2025-21002.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2025-21002",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2025-07-08T11:15:25.660",
"lastModified": "2025-07-08T11:15:25.660",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in LeAudioService prior to SMR Jul-2025 Release 1 allows local attackers to manipulate broadcasting Auracast."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.5,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=07",
"source": "mobile.security@samsung.com"
}
]
}

44
CVE-2025/CVE-2025-210xx/CVE-2025-21003.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2025-21003",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2025-07-08T11:15:25.793",
"lastModified": "2025-07-08T11:15:25.793",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Insecure storage of sensitive information in Emergency SOS prior to SMR Jul-2025 Release 1 allows local attackers to access sensitive information."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.5,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=07",
"source": "mobile.security@samsung.com"
}
]
}

44
CVE-2025/CVE-2025-210xx/CVE-2025-21004.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2025-21004",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2025-07-08T11:15:25.923",
"lastModified": "2025-07-08T11:15:25.923",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper verification of intent by broadcast receiver in System UI for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to power off the device."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=07",
"source": "mobile.security@samsung.com"
}
]
}

44
CVE-2025/CVE-2025-210xx/CVE-2025-21005.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2025-21005",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2025-07-08T11:15:26.043",
"lastModified": "2025-07-08T11:15:26.043",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in isemtelephony prior to Android 15 allows local attackers to access sensitive information."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=07",
"source": "mobile.security@samsung.com"
}
]
}

44
CVE-2025/CVE-2025-210xx/CVE-2025-21006.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2025-21006",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2025-07-08T11:15:26.177",
"lastModified": "2025-07-08T11:15:26.177",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds write in handling of macro blocks for MPEG4 codec in libsavsvc.so prior to Android 15 allows local attackers to write out-of-bounds memory."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=07",
"source": "mobile.security@samsung.com"
}
]
}

44
CVE-2025/CVE-2025-210xx/CVE-2025-21007.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2025-21007",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2025-07-08T11:15:26.300",
"lastModified": "2025-07-08T11:15:26.300",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds write in accessing uninitialized memory in libsavsvc.so prior to Android 15 allows local attackers to cause memory corruption."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=07",
"source": "mobile.security@samsung.com"
}
]
}

44
CVE-2025/CVE-2025-210xx/CVE-2025-21008.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2025-21008",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2025-07-08T11:15:26.433",
"lastModified": "2025-07-08T11:15:26.433",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in decoding frame header in libsavsvc.so prior to Android 15 allows local attackers to cause memory corruption."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=07",
"source": "mobile.security@samsung.com"
}
]
}

44
CVE-2025/CVE-2025-210xx/CVE-2025-21009.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2025-21009",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2025-07-08T11:15:26.557",
"lastModified": "2025-07-08T11:15:26.557",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in decoding malformed frame header in libsavsvc.so prior to Android 15 allows local attackers to cause memory corruption."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=07",
"source": "mobile.security@samsung.com"
}
]
}

100
CVE-2025/CVE-2025-233xx/CVE-2025-23364.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2025-23364",
"sourceIdentifier": "productcert@siemens.com",
"published": "2025-07-08T11:15:26.683",
"lastModified": "2025-07-08T11:15:26.683",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in TIA Administrator (All versions < V3.0.6). The affected application improperly validates code signing certificates.\r\nThis could allow an attacker to bypass the check and exceute arbitrary code during installations."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "productcert@siemens.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.5,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-347"
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-573669.html",
"source": "productcert@siemens.com"
}
]
}

100
CVE-2025/CVE-2025-233xx/CVE-2025-23365.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2025-23365",
"sourceIdentifier": "productcert@siemens.com",
"published": "2025-07-08T11:15:26.860",
"lastModified": "2025-07-08T11:15:26.860",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in TIA Administrator (All versions < V3.0.6). The affected application allows low-privileged users to trigger installations by overwriting cache files and modifying the downloads path. This would allow an attacker to escalate privilege and exceute arbitrary code."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "productcert@siemens.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-573669.html",
"source": "productcert@siemens.com"
}
]
}

100
CVE-2025/CVE-2025-271xx/CVE-2025-27127.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2025-27127",
"sourceIdentifier": "productcert@siemens.com",
"published": "2025-07-08T11:15:27.070",
"lastModified": "2025-07-08T11:15:27.070",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in TIA Project-Server (All versions < V2.1.1), TIA Project-Server V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions), Totally Integrated Automation Portal (TIA Portal) V20 (All versions < V20 Update 3). The affected application improperly handles uploaded projects in the document root. This could allow an attacker with contributor privileges to cause denial of service by uploading a malicious project."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "productcert@siemens.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-460466.html",
"source": "productcert@siemens.com"
}
]
}

8
CVE-2025/CVE-2025-301xx/CVE-2025-30174.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2025-30174",
"sourceIdentifier": "productcert@siemens.com",
"published": "2025-05-13T10:15:23.893",
"lastModified": "2025-05-13T19:35:18.080",
"lastModified": "2025-07-08T11:15:27.257",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SINEC NMS (All versions), SINEMA Remote Connect (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions), Totally Integrated Automation Portal (TIA Portal) V20 (All versions), User Management Component (UMC) (All versions < V2.15.1.1). Affected products contain a out of bound read buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to cause a denial of service condition."
"value": "A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SINEC NMS (All versions < V4.0), SINEMA Remote Connect (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions), Totally Integrated Automation Portal (TIA Portal) V20 (All versions), User Management Component (UMC) (All versions < V2.15.1.1). Affected products contain a out of bound read buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to cause a denial of service condition."
},
{
"lang": "es",
@ -63,7 +63,7 @@
"cvssMetricV31": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
@ -86,7 +86,7 @@
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

8
CVE-2025/CVE-2025-301xx/CVE-2025-30175.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2025-30175",
"sourceIdentifier": "productcert@siemens.com",
"published": "2025-05-13T10:15:24.103",
"lastModified": "2025-05-13T19:35:18.080",
"lastModified": "2025-07-08T11:15:27.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SINEC NMS (All versions), SINEMA Remote Connect (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions), Totally Integrated Automation Portal (TIA Portal) V20 (All versions), User Management Component (UMC) (All versions < V2.15.1.1). Affected products contain a out of bound write buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to cause a denial of service condition."
"value": "A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SINEC NMS (All versions < V4.0), SINEMA Remote Connect (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions), Totally Integrated Automation Portal (TIA Portal) V20 (All versions), User Management Component (UMC) (All versions < V2.15.1.1). Affected products contain a out of bound write buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to cause a denial of service condition."
},
{
"lang": "es",
@ -63,7 +63,7 @@
"cvssMetricV31": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
@ -86,7 +86,7 @@
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

8
CVE-2025/CVE-2025-301xx/CVE-2025-30176.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2025-30176",
"sourceIdentifier": "productcert@siemens.com",
"published": "2025-05-13T10:15:24.293",
"lastModified": "2025-05-13T19:35:18.080",
"lastModified": "2025-07-08T11:15:27.520",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SINEC NMS (All versions), SINEMA Remote Connect (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions), Totally Integrated Automation Portal (TIA Portal) V20 (All versions), User Management Component (UMC) (All versions < V2.15.1.1). Affected products contain a out of bound read buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to cause a denial of service condition."
"value": "A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SINEC NMS (All versions < V4.0), SINEMA Remote Connect (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions), Totally Integrated Automation Portal (TIA Portal) V20 (All versions), User Management Component (UMC) (All versions < V2.15.1.1). Affected products contain a out of bound read buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to cause a denial of service condition."
},
{
"lang": "es",
@ -63,7 +63,7 @@
"cvssMetricV31": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
@ -86,7 +86,7 @@
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

10
CVE-2025/CVE-2025-405xx/CVE-2025-40572.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2025-40572",
"sourceIdentifier": "productcert@siemens.com",
"published": "2025-05-13T10:15:26.577",
"lastModified": "2025-06-04T16:33:04.377",
"vulnStatus": "Analyzed",
"lastModified": "2025-07-08T11:15:27.650",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly assign permissions to critical ressources.\r\nThis could allow a non-privileged local attacker to access sensitive information stored on the device."
"value": "A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices do not properly assign permissions to critical ressources.\r\nThis could allow a non-privileged local attacker to access sensitive information stored on the device."
},
{
"lang": "es",
@ -63,7 +63,7 @@
"cvssMetricV31": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
@ -86,7 +86,7 @@
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

10
CVE-2025/CVE-2025-405xx/CVE-2025-40573.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2025-40573",
"sourceIdentifier": "productcert@siemens.com",
"published": "2025-05-13T10:15:26.773",
"lastModified": "2025-05-30T17:07:05.750",
"vulnStatus": "Analyzed",
"lastModified": "2025-07-08T11:15:27.797",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices are vulnerable to path traversal attacks.\r\nThis could allow a privileged local attacker to restore backups that are outside the backup folder."
"value": "A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices are vulnerable to path traversal attacks.\r\nThis could allow a privileged local attacker to restore backups that are outside the backup folder."
},
{
"lang": "es",
@ -63,7 +63,7 @@
"cvssMetricV31": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
@ -86,7 +86,7 @@
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

10
CVE-2025/CVE-2025-405xx/CVE-2025-40574.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2025-40574",
"sourceIdentifier": "productcert@siemens.com",
"published": "2025-05-13T10:15:26.980",
"lastModified": "2025-06-04T16:33:11.187",
"vulnStatus": "Analyzed",
"lastModified": "2025-07-08T11:15:27.940",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly assign permissions to critical ressources.\r\nThis could allow a non-privileged local attacker to interact with the backupmanager service."
"value": "A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices do not properly assign permissions to critical ressources.\r\nThis could allow a non-privileged local attacker to interact with the backupmanager service."
},
{
"lang": "es",
@ -63,7 +63,7 @@
"cvssMetricV31": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
@ -86,7 +86,7 @@
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

8
CVE-2025/CVE-2025-405xx/CVE-2025-40575.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2025-40575",
"sourceIdentifier": "productcert@siemens.com",
"published": "2025-05-13T10:15:27.170",
"lastModified": "2025-05-30T17:07:03.553",
"vulnStatus": "Analyzed",
"lastModified": "2025-07-08T11:15:28.083",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly validate incoming Profinet packets.\r\nAn unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd\r\nprocess."
"value": "A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices do not properly validate incoming Profinet packets.\r\nAn unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd\r\nprocess."
},
{
"lang": "es",
@ -106,7 +106,7 @@
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

10
CVE-2025/CVE-2025-405xx/CVE-2025-40576.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2025-40576",
"sourceIdentifier": "productcert@siemens.com",
"published": "2025-05-13T10:15:27.373",
"lastModified": "2025-06-04T16:33:20.990",
"vulnStatus": "Analyzed",
"lastModified": "2025-07-08T11:15:28.267",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly validate incoming Profinet packets.\r\nAn unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd process."
"value": "A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices do not properly validate incoming Profinet packets.\r\nAn unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd process."
},
{
"lang": "es",
@ -63,7 +63,7 @@
"cvssMetricV31": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
@ -86,7 +86,7 @@
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

10
CVE-2025/CVE-2025-405xx/CVE-2025-40577.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2025-40577",
"sourceIdentifier": "productcert@siemens.com",
"published": "2025-05-13T10:15:27.560",
"lastModified": "2025-06-04T16:33:24.207",
"vulnStatus": "Analyzed",
"lastModified": "2025-07-08T11:15:28.417",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly validate incoming Profinet packets.\r\nAn unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd process."
"value": "A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices do not properly validate incoming Profinet packets.\r\nAn unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd process."
},
{
"lang": "es",
@ -63,7 +63,7 @@
"cvssMetricV31": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
@ -86,7 +86,7 @@
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

8
CVE-2025/CVE-2025-405xx/CVE-2025-40579.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2025-40579",
"sourceIdentifier": "productcert@siemens.com",
"published": "2025-05-13T10:15:27.933",
"lastModified": "2025-06-04T16:33:35.340",
"vulnStatus": "Analyzed",
"lastModified": "2025-07-08T11:15:28.553",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices are vulnerable to a stack-based buffer overflow.\r\nThis could allow a non-privileged local attacker to execute arbitrary code on the device or to cause a denial of service condition."
"value": "A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices are vulnerable to a stack-based buffer overflow.\r\nThis could allow a non-privileged local attacker to execute arbitrary code on the device or to cause a denial of service condition."
},
{
"lang": "es",
@ -106,7 +106,7 @@
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

8
CVE-2025/CVE-2025-405xx/CVE-2025-40580.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2025-40580",
"sourceIdentifier": "productcert@siemens.com",
"published": "2025-05-13T10:15:28.137",
"lastModified": "2025-06-04T16:33:38.663",
"vulnStatus": "Analyzed",
"lastModified": "2025-07-08T11:15:28.717",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices are vulnerable to a stack-based buffer overflow.\r\nThis could allow a non-privileged local attacker to execute arbitrary code on the device or to cause a denial of service condition."
"value": "A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices are vulnerable to a stack-based buffer overflow.\r\nThis could allow a non-privileged local attacker to execute arbitrary code on the device or to cause a denial of service condition."
},
{
"lang": "es",
@ -106,7 +106,7 @@
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

8
CVE-2025/CVE-2025-405xx/CVE-2025-40592.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2025-40592",
"sourceIdentifier": "productcert@siemens.com",
"published": "2025-06-12T08:15:23.407",
"lastModified": "2025-06-12T16:06:20.180",
"lastModified": "2025-07-08T11:15:29.330",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Mendix Studio Pro 10 (All versions < V10.23.0), Mendix Studio Pro 10.12 (All versions < V10.12.17), Mendix Studio Pro 10.18 (All versions < V10.18.7), Mendix Studio Pro 10.6 (All versions < V10.6.24), Mendix Studio Pro 11 (All versions), Mendix Studio Pro 8 (All versions < V8.18.35), Mendix Studio Pro 9 (All versions < V9.24.35). A zip path traversal vulnerability exists in the module installation process of Studio Pro. By crafting a malicious module and distributing it via (for example) the Mendix Marketplace, an attacker could write or modify arbitrary files in directories outside a developer\u2019s project directory upon module installation."
"value": "A vulnerability has been identified in Mendix Studio Pro 10 (All versions < V10.23.0), Mendix Studio Pro 10.12 (All versions < V10.12.17), Mendix Studio Pro 10.18 (All versions < V10.18.7), Mendix Studio Pro 10.6 (All versions < V10.6.24), Mendix Studio Pro 11 (All versions < V11.0.0), Mendix Studio Pro 8 (All versions < V8.18.35), Mendix Studio Pro 9 (All versions < V9.24.35). A zip path traversal vulnerability exists in the module installation process of Studio Pro. By crafting a malicious module and distributing it via (for example) the Mendix Marketplace, an attacker could write or modify arbitrary files in directories outside a developer\u2019s project directory upon module installation."
},
{
"lang": "es",
@ -63,7 +63,7 @@
"cvssMetricV31": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N",
@ -86,7 +86,7 @@
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

100
CVE-2025/CVE-2025-405xx/CVE-2025-40593.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2025-40593",
"sourceIdentifier": "productcert@siemens.com",
"published": "2025-07-08T11:15:29.473",
"lastModified": "2025-07-08T11:15:29.473",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0). The affected application allows to control the device by storing arbitrary files in the SFTP folder of the device. This could allow an attacker to cause a denial of service condition."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "productcert@siemens.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-626991.html",
"source": "productcert@siemens.com"
}
]
}

100
CVE-2025/CVE-2025-407xx/CVE-2025-40735.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2025-40735",
"sourceIdentifier": "productcert@siemens.com",
"published": "2025-07-08T11:15:29.657",
"lastModified": "2025-07-08T11:15:29.657",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected devices are vulnerable to SQL injection. This could allow an unauthenticated remote attacker to execute arbitrary SQL queries on the server database."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "productcert@siemens.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-078892.html",
"source": "productcert@siemens.com"
}
]
}

100
CVE-2025/CVE-2025-407xx/CVE-2025-40736.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2025-40736",
"sourceIdentifier": "productcert@siemens.com",
"published": "2025-07-08T11:15:29.837",
"lastModified": "2025-07-08T11:15:29.837",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application exposes an endpoint that allows an unauthorized modification of administrative credentials. This could allow an unauthenticated attacker to reset the superadmin password and gain full control of the application (ZDI-CAN-26569)."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "productcert@siemens.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-078892.html",
"source": "productcert@siemens.com"
}
]
}

100
CVE-2025/CVE-2025-407xx/CVE-2025-40737.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2025-40737",
"sourceIdentifier": "productcert@siemens.com",
"published": "2025-07-08T11:15:30.007",
"lastModified": "2025-07-08T11:15:30.007",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application does not properly validate file paths when extracting uploaded ZIP files. This could allow an attacker to write arbitrary files to restricted locations and potentially execute code with elevated privileges (ZDI-CAN-26571)."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "productcert@siemens.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-078892.html",
"source": "productcert@siemens.com"
}
]
}

100
CVE-2025/CVE-2025-407xx/CVE-2025-40738.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2025-40738",
"sourceIdentifier": "productcert@siemens.com",
"published": "2025-07-08T11:15:30.190",
"lastModified": "2025-07-08T11:15:30.190",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application does not properly validate file paths when extracting uploaded ZIP files. This could allow an attacker to write arbitrary files to restricted locations and potentially execute code with elevated privileges (ZDI-CAN-26572)."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "productcert@siemens.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-078892.html",
"source": "productcert@siemens.com"
}
]
}

100
CVE-2025/CVE-2025-407xx/CVE-2025-40739.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2025-40739",
"sourceIdentifier": "productcert@siemens.com",
"published": "2025-07-08T11:15:30.380",
"lastModified": "2025-07-08T11:15:30.380",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Solid Edge SE2025 (All versions < V225.0 Update 5). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files.\r\nThis could allow an attacker to execute code in the context of the current process."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "productcert@siemens.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-091753.html",
"source": "productcert@siemens.com"
}
]
}

100
CVE-2025/CVE-2025-407xx/CVE-2025-40740.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2025-40740",
"sourceIdentifier": "productcert@siemens.com",
"published": "2025-07-08T11:15:30.560",
"lastModified": "2025-07-08T11:15:30.560",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Solid Edge SE2025 (All versions < V225.0 Update 5). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files.\r\nThis could allow an attacker to execute code in the context of the current process."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "productcert@siemens.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-091753.html",
"source": "productcert@siemens.com"
}
]
}

100
CVE-2025/CVE-2025-407xx/CVE-2025-40741.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2025-40741",
"sourceIdentifier": "productcert@siemens.com",
"published": "2025-07-08T11:15:30.747",
"lastModified": "2025-07-08T11:15:30.747",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Solid Edge SE2025 (All versions < V225.0 Update 5). The affected applications contain a stack based overflow vulnerability while parsing specially crafted CFG files.\r\nThis could allow an attacker to execute code in the context of the current process."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "productcert@siemens.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-091753.html",
"source": "productcert@siemens.com"
}
]
}

100
CVE-2025/CVE-2025-407xx/CVE-2025-40742.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2025-40742",
"sourceIdentifier": "productcert@siemens.com",
"published": "2025-07-08T11:15:30.923",
"lastModified": "2025-07-08T11:15:30.923",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions), SIPROTEC 5 6MD86 (CP300) (All versions), SIPROTEC 5 6MD89 (CP300) (All versions), SIPROTEC 5 6MD89 (CP300) V9.6 (All versions), SIPROTEC 5 6MU85 (CP300) (All versions), SIPROTEC 5 7KE85 (CP300) (All versions), SIPROTEC 5 7SA82 (CP100) (All versions), SIPROTEC 5 7SA82 (CP150) (All versions), SIPROTEC 5 7SA86 (CP300) (All versions), SIPROTEC 5 7SA87 (CP300) (All versions), SIPROTEC 5 7SD82 (CP100) (All versions), SIPROTEC 5 7SD82 (CP150) (All versions), SIPROTEC 5 7SD86 (CP300) (All versions), SIPROTEC 5 7SD87 (CP300) (All versions), SIPROTEC 5 7SJ81 (CP100) (All versions), SIPROTEC 5 7SJ81 (CP150) (All versions), SIPROTEC 5 7SJ82 (CP100) (All versions), SIPROTEC 5 7SJ82 (CP150) (All versions), SIPROTEC 5 7SJ85 (CP300) (All versions), SIPROTEC 5 7SJ86 (CP300) (All versions), SIPROTEC 5 7SK82 (CP100) (All versions), SIPROTEC 5 7SK82 (CP150) (All versions), SIPROTEC 5 7SK85 (CP300) (All versions), SIPROTEC 5 7SL82 (CP100) (All versions), SIPROTEC 5 7SL82 (CP150) (All versions), SIPROTEC 5 7SL86 (CP300) (All versions), SIPROTEC 5 7SL87 (CP300) (All versions), SIPROTEC 5 7SS85 (CP300) (All versions), SIPROTEC 5 7ST85 (CP300) (All versions), SIPROTEC 5 7ST86 (CP300) (All versions), SIPROTEC 5 7SX82 (CP150) (All versions), SIPROTEC 5 7SX85 (CP300) (All versions), SIPROTEC 5 7SY82 (CP150) (All versions), SIPROTEC 5 7UM85 (CP300) (All versions), SIPROTEC 5 7UT82 (CP100) (All versions), SIPROTEC 5 7UT82 (CP150) (All versions), SIPROTEC 5 7UT85 (CP300) (All versions), SIPROTEC 5 7UT86 (CP300) (All versions), SIPROTEC 5 7UT87 (CP300) (All versions), SIPROTEC 5 7VE85 (CP300) (All versions), SIPROTEC 5 7VK87 (CP300) (All versions), SIPROTEC 5 7VU85 (CP300) (All versions), SIPROTEC 5 Compact 7SX800 (CP050) (All versions). The affected devices include session identifiers in URL requests for certain functionalities. This could allow an attacker to retrieve sensitive session data from browser history, logs, or other storage mechanisms, potentially leading to unauthorized access."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "productcert@siemens.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-598"
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-904646.html",
"source": "productcert@siemens.com"
}
]
}

100
CVE-2025/CVE-2025-412xx/CVE-2025-41222.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2025-41222",
"sourceIdentifier": "productcert@siemens.com",
"published": "2025-07-08T11:15:31.117",
"lastModified": "2025-07-08T11:15:31.117",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in RUGGEDCOM i800 (All versions), RUGGEDCOM i801 (All versions), RUGGEDCOM i802 (All versions), RUGGEDCOM i803 (All versions), RUGGEDCOM M2100 (All versions), RUGGEDCOM M2200 (All versions), RUGGEDCOM M969 (All versions), RUGGEDCOM RMC30 (All versions), RUGGEDCOM RMC8388 V4.X (All versions), RUGGEDCOM RMC8388 V5.X (All versions < V5.10.0), RUGGEDCOM RP110 (All versions), RUGGEDCOM RS1600 (All versions), RUGGEDCOM RS1600F (All versions), RUGGEDCOM RS1600T (All versions), RUGGEDCOM RS400 (All versions), RUGGEDCOM RS401 (All versions), RUGGEDCOM RS416 (All versions), RUGGEDCOM RS416P (All versions), RUGGEDCOM RS416Pv2 V4.X (All versions), RUGGEDCOM RS416Pv2 V5.X (All versions < V5.10.0), RUGGEDCOM RS416v2 V4.X (All versions), RUGGEDCOM RS416v2 V5.X (All versions < V5.10.0), RUGGEDCOM RS8000 (All versions), RUGGEDCOM RS8000A (All versions), RUGGEDCOM RS8000H (All versions), RUGGEDCOM RS8000T (All versions), RUGGEDCOM RS900 (All versions), RUGGEDCOM RS900 (32M) V4.X (All versions), RUGGEDCOM RS900 (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RS900G (All versions), RUGGEDCOM RS900G (32M) V4.X (All versions), RUGGEDCOM RS900G (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RS900GP (All versions), RUGGEDCOM RS900L (All versions), RUGGEDCOM RS900M-GETS-C01 (All versions), RUGGEDCOM RS900M-GETS-XX (All versions), RUGGEDCOM RS900M-STND-C01 (All versions), RUGGEDCOM RS900M-STND-XX (All versions), RUGGEDCOM RS900W (All versions), RUGGEDCOM RS910 (All versions), RUGGEDCOM RS910L (All versions), RUGGEDCOM RS910W (All versions), RUGGEDCOM RS920L (All versions), RUGGEDCOM RS920W (All versions), RUGGEDCOM RS930L (All versions), RUGGEDCOM RS930W (All versions), RUGGEDCOM RS940G (All versions), RUGGEDCOM RS969 (All versions), RUGGEDCOM RSG2100 (All versions), RUGGEDCOM RSG2100 (32M) V4.X (All versions), RUGGEDCOM RSG2100 (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RSG2100P (All versions), RUGGEDCOM RSG2100P (32M) V4.X (All versions), RUGGEDCOM RSG2100P (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RSG2200 (All versions), RUGGEDCOM RSG2288 V4.X (All versions), RUGGEDCOM RSG2288 V5.X (All versions < V5.10.0), RUGGEDCOM RSG2300 V4.X (All versions), RUGGEDCOM RSG2300 V5.X (All versions < V5.10.0), RUGGEDCOM RSG2300P V4.X (All versions), RUGGEDCOM RSG2300P V5.X (All versions < V5.10.0), RUGGEDCOM RSG2488 V4.X (All versions), RUGGEDCOM RSG2488 V5.X (All versions < V5.10.0), RUGGEDCOM RSG907R (All versions < V5.10.0), RUGGEDCOM RSG908C (All versions < V5.10.0), RUGGEDCOM RSG909R (All versions < V5.10.0), RUGGEDCOM RSG910C (All versions < V5.10.0), RUGGEDCOM RSG920P V4.X (All versions), RUGGEDCOM RSG920P V5.X (All versions < V5.10.0), RUGGEDCOM RSL910 (All versions < V5.10.0), RUGGEDCOM RST2228 (All versions < V5.10.0), RUGGEDCOM RST2228P (All versions < V5.10.0), RUGGEDCOM RST916C (All versions < V5.10.0), RUGGEDCOM RST916P (All versions < V5.10.0). Affected devices do not properly handle malformed TLS handshake messages. This could allow an attacker with network access to the webserver to cause a denial of service resulting in the web server and the device to crash."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "productcert@siemens.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-755"
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-083019.html",
"source": "productcert@siemens.com"
}
]
}

100
CVE-2025/CVE-2025-412xx/CVE-2025-41223.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2025-41223",
"sourceIdentifier": "productcert@siemens.com",
"published": "2025-07-08T11:15:31.327",
"lastModified": "2025-07-08T11:15:31.327",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in RUGGEDCOM i800 (All versions), RUGGEDCOM i801 (All versions), RUGGEDCOM i802 (All versions), RUGGEDCOM i803 (All versions), RUGGEDCOM M2100 (All versions), RUGGEDCOM M2200 (All versions), RUGGEDCOM M969 (All versions), RUGGEDCOM RMC30 (All versions), RUGGEDCOM RMC8388 V4.X (All versions), RUGGEDCOM RMC8388 V5.X (All versions < V5.10.0), RUGGEDCOM RP110 (All versions), RUGGEDCOM RS1600 (All versions), RUGGEDCOM RS1600F (All versions), RUGGEDCOM RS1600T (All versions), RUGGEDCOM RS400 (All versions), RUGGEDCOM RS401 (All versions), RUGGEDCOM RS416 (All versions), RUGGEDCOM RS416P (All versions), RUGGEDCOM RS416Pv2 V4.X (All versions), RUGGEDCOM RS416Pv2 V5.X (All versions < V5.10.0), RUGGEDCOM RS416v2 V4.X (All versions), RUGGEDCOM RS416v2 V5.X (All versions < V5.10.0), RUGGEDCOM RS8000 (All versions), RUGGEDCOM RS8000A (All versions), RUGGEDCOM RS8000H (All versions), RUGGEDCOM RS8000T (All versions), RUGGEDCOM RS900 (All versions), RUGGEDCOM RS900 (32M) V4.X (All versions), RUGGEDCOM RS900 (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RS900G (All versions), RUGGEDCOM RS900G (32M) V4.X (All versions), RUGGEDCOM RS900G (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RS900GP (All versions), RUGGEDCOM RS900L (All versions), RUGGEDCOM RS900M-GETS-C01 (All versions), RUGGEDCOM RS900M-GETS-XX (All versions), RUGGEDCOM RS900M-STND-C01 (All versions), RUGGEDCOM RS900M-STND-XX (All versions), RUGGEDCOM RS900W (All versions), RUGGEDCOM RS910 (All versions), RUGGEDCOM RS910L (All versions), RUGGEDCOM RS910W (All versions), RUGGEDCOM RS920L (All versions), RUGGEDCOM RS920W (All versions), RUGGEDCOM RS930L (All versions), RUGGEDCOM RS930W (All versions), RUGGEDCOM RS940G (All versions), RUGGEDCOM RS969 (All versions), RUGGEDCOM RSG2100 (All versions), RUGGEDCOM RSG2100 (32M) V4.X (All versions), RUGGEDCOM RSG2100 (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RSG2100P (All versions), RUGGEDCOM RSG2100P (32M) V4.X (All versions), RUGGEDCOM RSG2100P (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RSG2200 (All versions), RUGGEDCOM RSG2288 V4.X (All versions), RUGGEDCOM RSG2288 V5.X (All versions < V5.10.0), RUGGEDCOM RSG2300 V4.X (All versions), RUGGEDCOM RSG2300 V5.X (All versions < V5.10.0), RUGGEDCOM RSG2300P V4.X (All versions), RUGGEDCOM RSG2300P V5.X (All versions < V5.10.0), RUGGEDCOM RSG2488 V4.X (All versions), RUGGEDCOM RSG2488 V5.X (All versions < V5.10.0), RUGGEDCOM RSG907R (All versions < V5.10.0), RUGGEDCOM RSG908C (All versions < V5.10.0), RUGGEDCOM RSG909R (All versions < V5.10.0), RUGGEDCOM RSG910C (All versions < V5.10.0), RUGGEDCOM RSG920P V4.X (All versions), RUGGEDCOM RSG920P V5.X (All versions < V5.10.0), RUGGEDCOM RSL910 (All versions < V5.10.0), RUGGEDCOM RST2228 (All versions < V5.10.0), RUGGEDCOM RST2228P (All versions < V5.10.0), RUGGEDCOM RST916C (All versions < V5.10.0), RUGGEDCOM RST916P (All versions < V5.10.0). The affected devices support the TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 cipher suite, which uses CBC (Cipher Block Chaining) mode that is known to be vulnerable to timing attacks. This could allow an attacker to compromise the integrity and confidentiality of encrypted communications."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "productcert@siemens.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.2,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-327"
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-083019.html",
"source": "productcert@siemens.com"
}
]
}

100
CVE-2025/CVE-2025-412xx/CVE-2025-41224.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2025-41224",
"sourceIdentifier": "productcert@siemens.com",
"published": "2025-07-08T11:15:31.527",
"lastModified": "2025-07-08T11:15:31.527",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in RUGGEDCOM RMC8388 V5.X (All versions < V5.10.0), RUGGEDCOM RMC8388NC V5.X (All versions < V5.10.0), RUGGEDCOM RS416NCv2 V5.X (All versions < V5.10.0), RUGGEDCOM RS416PNCv2 V5.X (All versions < V5.10.0), RUGGEDCOM RS416Pv2 V5.X (All versions < V5.10.0), RUGGEDCOM RS416v2 V5.X (All versions < V5.10.0), RUGGEDCOM RS900 (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RS900G (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RS900GNC(32M) V5.X (All versions < V5.10.0), RUGGEDCOM RS900NC(32M) V5.X (All versions < V5.10.0), RUGGEDCOM RSG2100 (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RSG2100NC(32M) V5.X (All versions < V5.10.0), RUGGEDCOM RSG2100P (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RSG2100PNC (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RSG2288 V5.X (All versions < V5.10.0), RUGGEDCOM RSG2288NC V5.X (All versions < V5.10.0), RUGGEDCOM RSG2300 V5.X (All versions < V5.10.0), RUGGEDCOM RSG2300NC V5.X (All versions < V5.10.0), RUGGEDCOM RSG2300P V5.X (All versions < V5.10.0), RUGGEDCOM RSG2300PNC V5.X (All versions < V5.10.0), RUGGEDCOM RSG2488 V5.X (All versions < V5.10.0), RUGGEDCOM RSG2488NC V5.X (All versions < V5.10.0), RUGGEDCOM RSG907R (All versions < V5.10.0), RUGGEDCOM RSG908C (All versions < V5.10.0), RUGGEDCOM RSG909R (All versions < V5.10.0), RUGGEDCOM RSG910C (All versions < V5.10.0), RUGGEDCOM RSG920P V5.X (All versions < V5.10.0), RUGGEDCOM RSG920PNC V5.X (All versions < V5.10.0), RUGGEDCOM RSL910 (All versions < V5.10.0), RUGGEDCOM RSL910NC (All versions < V5.10.0), RUGGEDCOM RST2228 (All versions < V5.10.0), RUGGEDCOM RST2228P (All versions < V5.10.0), RUGGEDCOM RST916C (All versions < V5.10.0), RUGGEDCOM RST916P (All versions < V5.10.0). The affected products do not properly enforce interface access restrictions when changing from management to non-management interface configurations until a system reboot occurs, despite configuration being saved. This could allow an attacker with network access and credentials to gain access to device through non-management and maintain SSH access to the device until reboot."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "productcert@siemens.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"attackVector": "ADJACENT",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-693"
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-083019.html",
"source": "productcert@siemens.com"
}
]
}

18
CVE-2025/CVE-2025-429xx/CVE-2025-42967.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-42967",
"sourceIdentifier": "cna@sap.com",
"published": "2025-07-08T01:15:23.787",
"lastModified": "2025-07-08T01:15:23.787",
"lastModified": "2025-07-08T10:15:22.040",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP S/4HANA and SAP SCM Characteristic Propagation has remote code execution vulnerability. This allows an attacker with high privileges to create a new report with his own code potentially gaining full control of the affected SAP system causing high impact on confidentiality, integrity, and availability of the application."
"value": "SAP S/4HANA and SAP SCM Characteristic Propagation has remote code execution vulnerability. This allows an attacker with user level privileges to create a new report with his own code potentially gaining full control of the affected SAP system causing high impact on confidentiality, integrity, and availability of the application."
},
{
"lang": "es",
"value": "La propagaci\u00f3n de caracter\u00edsticas de SAP S/4HANA y SAP SCM presenta una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo. Esto permite a un atacante con altos privilegios crear un nuevo informe con su propio c\u00f3digo, obteniendo as\u00ed el control total del sistema SAP afectado, lo que afecta gravemente la confidencialidad, la integridad y la disponibilidad de la aplicaci\u00f3n."
}
],
"metrics": {
@ -18,19 +22,19 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 9.1,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.3,
"exploitabilityScore": 3.1,
"impactScore": 6.0
}
]
@ -38,7 +42,7 @@
"weaknesses": [
{
"source": "cna@sap.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

24
CVE-2025/CVE-2025-52xx/CVE-2025-5275.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-5275",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-06-26T03:15:23.860",
"lastModified": "2025-07-07T16:05:45.690",
"lastModified": "2025-07-08T11:32:22.210",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.3,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.0,
"impactScore": 2.7
}
]
},

24
CVE-2025/CVE-2025-53xx/CVE-2025-5338.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-5338",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-06-26T10:15:25.307",
"lastModified": "2025-07-07T15:00:22.017",
"lastModified": "2025-07-08T11:34:52.400",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},

24
CVE-2025/CVE-2025-58xx/CVE-2025-5842.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-5842",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-06-26T10:15:25.537",
"lastModified": "2025-07-07T14:58:39.873",
"lastModified": "2025-07-08T11:35:12.807",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},

24
CVE-2025/CVE-2025-59xx/CVE-2025-5929.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-5929",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-06-26T03:15:24.953",
"lastModified": "2025-07-07T16:04:01.473",
"lastModified": "2025-07-08T11:32:50.840",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},

24
CVE-2025/CVE-2025-62xx/CVE-2025-6212.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-6212",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-06-26T10:15:25.747",
"lastModified": "2025-07-07T14:57:39.777",
"lastModified": "2025-07-08T11:35:01.817",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},

24
CVE-2025/CVE-2025-62xx/CVE-2025-6290.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-6290",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-06-26T02:15:22.733",
"lastModified": "2025-07-07T17:16:39.837",
"lastModified": "2025-07-08T11:32:32.773",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},

24
CVE-2025/CVE-2025-63xx/CVE-2025-6383.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-6383",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-06-26T02:15:23.040",
"lastModified": "2025-07-07T17:15:05.383",
"lastModified": "2025-07-08T11:31:13.823",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},

24
CVE-2025/CVE-2025-65xx/CVE-2025-6537.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-6537",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-06-26T03:15:25.277",
"lastModified": "2025-07-07T15:03:23.390",
"lastModified": "2025-07-08T11:34:13.310",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},

24
CVE-2025/CVE-2025-65xx/CVE-2025-6546.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-6546",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-06-26T03:15:25.587",
"lastModified": "2025-07-07T15:02:09.700",
"lastModified": "2025-07-08T11:34:27.020",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},

60
CVE-2025/CVE-2025-67xx/CVE-2025-6744.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-6744",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-07-08T10:15:22.947",
"lastModified": "2025-07-08T10:15:22.947",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The The Woodmart theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 8.2.3. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode through the woodmart_get_products_shortcode() function. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://themeforest.net/item/woodmart-woocommerce-wordpress-theme/20264492",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dd056d29-3bd9-49e4-bcc4-fa487de8a27e?source=cve",
"source": "security@wordfence.com"
}
]
}

149
CVE-2025/CVE-2025-71xx/CVE-2025-7172.json Normal file
View File

@ -0,0 +1,149 @@
{
"id": "CVE-2025-7172",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-07-08T10:15:23.140",
"lastModified": "2025-07-08T10:15:23.140",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in code-projects Crime Reporting System 1.0. This affects an unknown part of the file /headlogin.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "PROOF_OF_CONCEPT",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://code-projects.org/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/A1b2rt/CVE/issues/5",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.315111",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.315111",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.606646",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.606655",
"source": "cna@vuldb.com"
}
]
}

145
CVE-2025/CVE-2025-71xx/CVE-2025-7173.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-7173",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-07-08T10:15:23.370",
"lastModified": "2025-07-08T10:15:23.370",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-student.php. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "PROOF_OF_CONCEPT",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://code-projects.org/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/Qq2240151/CVE/issues/2",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.315112",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.315112",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.606656",
"source": "cna@vuldb.com"
}
]
}

145
CVE-2025/CVE-2025-71xx/CVE-2025-7174.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-7174",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-07-08T11:15:31.717",
"lastModified": "2025-07-08T11:15:31.717",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in code-projects Library System 1.0 and classified as critical. This issue affects some unknown processing of the file /teacher-issue-book.php. The manipulation of the argument idn leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "PROOF_OF_CONCEPT",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://code-projects.org/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/Qq2240151/CVE/issues/1",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.315113",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.315113",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.606657",
"source": "cna@vuldb.com"
}
]
}

145
CVE-2025/CVE-2025-71xx/CVE-2025-7175.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-7175",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-07-08T11:15:31.920",
"lastModified": "2025-07-08T11:15:31.920",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in code-projects E-Commerce Site 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/users_photo.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "PROOF_OF_CONCEPT",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 6.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
},
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://code-projects.org/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/kn1g78/cve/blob/main/ecom.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.315114",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.315114",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.606710",
"source": "cna@vuldb.com"
}
]
}

67
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-07-08T10:00:12.760185+00:00
2025-07-08T12:00:19.259441+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-07-08T09:15:23.017000+00:00
2025-07-08T11:35:12.807000+00:00
```
### Last Data Feed Release
@ -33,26 +33,69 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
300803
300841
```
### CVEs added in the last Commit
Recently added CVEs: `6`
Recently added CVEs: `38`
- [CVE-2025-38236](CVE-2025/CVE-2025-382xx/CVE-2025-38236.json) (`2025-07-08T08:15:20.960`)
- [CVE-2025-38237](CVE-2025/CVE-2025-382xx/CVE-2025-38237.json) (`2025-07-08T08:15:21.870`)
- [CVE-2025-7168](CVE-2025/CVE-2025-71xx/CVE-2025-7168.json) (`2025-07-08T08:15:21.993`)
- [CVE-2025-7169](CVE-2025/CVE-2025-71xx/CVE-2025-7169.json) (`2025-07-08T08:15:22.270`)
- [CVE-2025-7170](CVE-2025/CVE-2025-71xx/CVE-2025-7170.json) (`2025-07-08T09:15:22.540`)
- [CVE-2025-7171](CVE-2025/CVE-2025-71xx/CVE-2025-7171.json) (`2025-07-08T09:15:23.017`)
- [CVE-2025-21005](CVE-2025/CVE-2025-210xx/CVE-2025-21005.json) (`2025-07-08T11:15:26.043`)
- [CVE-2025-21006](CVE-2025/CVE-2025-210xx/CVE-2025-21006.json) (`2025-07-08T11:15:26.177`)
- [CVE-2025-21007](CVE-2025/CVE-2025-210xx/CVE-2025-21007.json) (`2025-07-08T11:15:26.300`)
- [CVE-2025-21008](CVE-2025/CVE-2025-210xx/CVE-2025-21008.json) (`2025-07-08T11:15:26.433`)
- [CVE-2025-21009](CVE-2025/CVE-2025-210xx/CVE-2025-21009.json) (`2025-07-08T11:15:26.557`)
- [CVE-2025-23364](CVE-2025/CVE-2025-233xx/CVE-2025-23364.json) (`2025-07-08T11:15:26.683`)
- [CVE-2025-23365](CVE-2025/CVE-2025-233xx/CVE-2025-23365.json) (`2025-07-08T11:15:26.860`)
- [CVE-2025-27127](CVE-2025/CVE-2025-271xx/CVE-2025-27127.json) (`2025-07-08T11:15:27.070`)
- [CVE-2025-40593](CVE-2025/CVE-2025-405xx/CVE-2025-40593.json) (`2025-07-08T11:15:29.473`)
- [CVE-2025-40735](CVE-2025/CVE-2025-407xx/CVE-2025-40735.json) (`2025-07-08T11:15:29.657`)
- [CVE-2025-40736](CVE-2025/CVE-2025-407xx/CVE-2025-40736.json) (`2025-07-08T11:15:29.837`)
- [CVE-2025-40737](CVE-2025/CVE-2025-407xx/CVE-2025-40737.json) (`2025-07-08T11:15:30.007`)
- [CVE-2025-40738](CVE-2025/CVE-2025-407xx/CVE-2025-40738.json) (`2025-07-08T11:15:30.190`)
- [CVE-2025-40739](CVE-2025/CVE-2025-407xx/CVE-2025-40739.json) (`2025-07-08T11:15:30.380`)
- [CVE-2025-40740](CVE-2025/CVE-2025-407xx/CVE-2025-40740.json) (`2025-07-08T11:15:30.560`)
- [CVE-2025-40741](CVE-2025/CVE-2025-407xx/CVE-2025-40741.json) (`2025-07-08T11:15:30.747`)
- [CVE-2025-40742](CVE-2025/CVE-2025-407xx/CVE-2025-40742.json) (`2025-07-08T11:15:30.923`)
- [CVE-2025-41222](CVE-2025/CVE-2025-412xx/CVE-2025-41222.json) (`2025-07-08T11:15:31.117`)
- [CVE-2025-41223](CVE-2025/CVE-2025-412xx/CVE-2025-41223.json) (`2025-07-08T11:15:31.327`)
- [CVE-2025-41224](CVE-2025/CVE-2025-412xx/CVE-2025-41224.json) (`2025-07-08T11:15:31.527`)
- [CVE-2025-6744](CVE-2025/CVE-2025-67xx/CVE-2025-6744.json) (`2025-07-08T10:15:22.947`)
- [CVE-2025-7172](CVE-2025/CVE-2025-71xx/CVE-2025-7172.json) (`2025-07-08T10:15:23.140`)
- [CVE-2025-7173](CVE-2025/CVE-2025-71xx/CVE-2025-7173.json) (`2025-07-08T10:15:23.370`)
- [CVE-2025-7174](CVE-2025/CVE-2025-71xx/CVE-2025-7174.json) (`2025-07-08T11:15:31.717`)
- [CVE-2025-7175](CVE-2025/CVE-2025-71xx/CVE-2025-7175.json) (`2025-07-08T11:15:31.920`)
### CVEs modified in the last Commit
Recently modified CVEs: `1`
Recently modified CVEs: `25`
- [CVE-2025-7346](CVE-2025/CVE-2025-73xx/CVE-2025-7346.json) (`2025-07-08T08:15:22.460`)
- [CVE-2019-19300](CVE-2019/CVE-2019-193xx/CVE-2019-19300.json) (`2025-07-08T11:15:22.140`)
- [CVE-2021-22145](CVE-2021/CVE-2021-221xx/CVE-2021-22145.json) (`2025-07-08T11:15:23.120`)
- [CVE-2024-54092](CVE-2024/CVE-2024-540xx/CVE-2024-54092.json) (`2025-07-08T11:15:24.580`)
- [CVE-2025-30174](CVE-2025/CVE-2025-301xx/CVE-2025-30174.json) (`2025-07-08T11:15:27.257`)
- [CVE-2025-30175](CVE-2025/CVE-2025-301xx/CVE-2025-30175.json) (`2025-07-08T11:15:27.393`)
- [CVE-2025-30176](CVE-2025/CVE-2025-301xx/CVE-2025-30176.json) (`2025-07-08T11:15:27.520`)
- [CVE-2025-40572](CVE-2025/CVE-2025-405xx/CVE-2025-40572.json) (`2025-07-08T11:15:27.650`)
- [CVE-2025-40573](CVE-2025/CVE-2025-405xx/CVE-2025-40573.json) (`2025-07-08T11:15:27.797`)
- [CVE-2025-40574](CVE-2025/CVE-2025-405xx/CVE-2025-40574.json) (`2025-07-08T11:15:27.940`)
- [CVE-2025-40575](CVE-2025/CVE-2025-405xx/CVE-2025-40575.json) (`2025-07-08T11:15:28.083`)
- [CVE-2025-40576](CVE-2025/CVE-2025-405xx/CVE-2025-40576.json) (`2025-07-08T11:15:28.267`)
- [CVE-2025-40577](CVE-2025/CVE-2025-405xx/CVE-2025-40577.json) (`2025-07-08T11:15:28.417`)
- [CVE-2025-40579](CVE-2025/CVE-2025-405xx/CVE-2025-40579.json) (`2025-07-08T11:15:28.553`)
- [CVE-2025-40580](CVE-2025/CVE-2025-405xx/CVE-2025-40580.json) (`2025-07-08T11:15:28.717`)
- [CVE-2025-40592](CVE-2025/CVE-2025-405xx/CVE-2025-40592.json) (`2025-07-08T11:15:29.330`)
- [CVE-2025-42967](CVE-2025/CVE-2025-429xx/CVE-2025-42967.json) (`2025-07-08T10:15:22.040`)
- [CVE-2025-5275](CVE-2025/CVE-2025-52xx/CVE-2025-5275.json) (`2025-07-08T11:32:22.210`)
- [CVE-2025-5338](CVE-2025/CVE-2025-53xx/CVE-2025-5338.json) (`2025-07-08T11:34:52.400`)
- [CVE-2025-5842](CVE-2025/CVE-2025-58xx/CVE-2025-5842.json) (`2025-07-08T11:35:12.807`)
- [CVE-2025-5929](CVE-2025/CVE-2025-59xx/CVE-2025-5929.json) (`2025-07-08T11:32:50.840`)
- [CVE-2025-6212](CVE-2025/CVE-2025-62xx/CVE-2025-6212.json) (`2025-07-08T11:35:01.817`)
- [CVE-2025-6290](CVE-2025/CVE-2025-62xx/CVE-2025-6290.json) (`2025-07-08T11:32:32.773`)
- [CVE-2025-6383](CVE-2025/CVE-2025-63xx/CVE-2025-6383.json) (`2025-07-08T11:31:13.823`)
- [CVE-2025-6537](CVE-2025/CVE-2025-65xx/CVE-2025-6537.json) (`2025-07-08T11:34:13.310`)
- [CVE-2025-6546](CVE-2025/CVE-2025-65xx/CVE-2025-6546.json) (`2025-07-08T11:34:27.020`)
## Download and Usage

102
_state.csv
View File

@ -136572,7 +136572,7 @@ CVE-2019-19297,0,0,47ac26a22676d548b4ee448eadae7e8cafbacbca70c7f4f2e645e9eeddabf
CVE-2019-19298,0,0,a9c04ecd2cf97f1b1fe3d703e20c5a4af9b269b861120b09365a33264fd2f0a8,2024-11-21T04:34:31.407000
CVE-2019-19299,0,0,03c1fc8ff7f137b2bf17fd6b64b9503b67c5be6439d6858d5e05e7a692e6c997,2024-11-21T04:34:31.543000
CVE-2019-1930,0,0,91d07001df99cb281a09ff5bb7b8c13bc4ad3a2dd14c0a871ce71c446ef21457,2024-11-26T16:09:02.407000
CVE-2019-19300,0,0,b374481ed649ead163e4c3775a06c4e7dd6f22a1761cc26720f869a055f80bb1,2024-11-21T04:34:31.677000
CVE-2019-19300,0,1,b61066dc1778b8ea6b87871a12216dec666dadc2171a6ddc11a3d677ae24e44b,2025-07-08T11:15:22.140000
CVE-2019-19301,0,0,d9c319366c48f9b5514cdffb6166ccacebf48d55a4c1972c50093faf167261be,2024-11-21T04:34:31.900000
CVE-2019-19306,0,0,acda1633508bfc6a9da66d4fd04417cc64b1455ecf1cfbaefaac0ce8b8d62518,2024-11-21T04:34:32.117000
CVE-2019-19307,0,0,43e55d8e7e02dfad2951d487568a759f3b9e93b3cc679f9192a5f8ae891c2e1a,2024-11-21T04:34:32.273000
@ -168722,7 +168722,7 @@ CVE-2021-22141,0,0,ea6660cabcdf71676a5395cd83446fac4adf491e804ec22ec83a72cdb949b
CVE-2021-22142,0,0,d7a3445a627a6eb5df7fe1cefecd4020e9d473a93de608568f57b3c9650f7d3d,2024-11-21T05:49:35.293000
CVE-2021-22143,0,0,58500de7280243b58e912d3e21e7e20eba05593ca80bca91b023cd8c32a2a0f7,2024-11-21T05:49:35.437000
CVE-2021-22144,0,0,e66f081ce4c3321f44d046b70596b8eb483e8f2465f1c337c9478cf0c751668f,2024-11-21T05:49:35.577000
CVE-2021-22145,0,0,0974cce2f80dc3785087adaa63b22c711367cc197fc3e7e62d464df175030daa,2024-11-21T05:49:35.700000
CVE-2021-22145,0,1,21a028ad378b359524b20e4689da4d6c6a9b87751fe68f3f5b61b66a29b1da41,2025-07-08T11:15:23.120000
CVE-2021-22146,0,0,4640073c1d142ce294f3a6d232deaca06e8e31a3f9583baa67f2bb157da24dfa,2024-11-21T05:49:35.827000
CVE-2021-22147,0,0,5c90adb0e950610c69746d52a8b2b0430b1b8184a59467ad5fadd5f9b2c17a99,2024-11-21T05:49:35.947000
CVE-2021-22148,0,0,7e6e3029e5e4bc1328b3386b89a5288c6bf978565cb8b9661acad592a3fa35d4,2024-11-21T05:49:36.067000
@ -241741,6 +241741,7 @@ CVE-2023-52232,0,0,25816897725e03b2601314f3c9389a2be7d7e262fad693583de240b223ce3
CVE-2023-52233,0,0,877bd66a154fad8c345ab7555640a1d78deadfb819ba5856bea098cb5a886a2f,2025-06-04T15:05:06.540000
CVE-2023-52234,0,0,6984b41c87b7f2d15b820bc3d8db1038b20cc6bb55fdedabf1511bd51365f7a8,2025-03-10T15:52:35.053000
CVE-2023-52235,0,0,4f1e2f38c8f4b55ae6d956cbec2c5763374a4cbfb41d1307d39af61dd9437d7b,2025-03-13T20:15:16.470000
CVE-2023-52236,1,1,0e57b3089b13a39d4da9955b8213db71e16e528a891828e0afbc729b48690e1e,2025-07-08T11:15:23.750000
CVE-2023-52237,0,0,ec00cd5043a647583ae661e798908ac8aae8b8c80323fd5ded69d2879fe6e25e,2024-11-21T08:39:27.630000
CVE-2023-52238,0,0,8b91affaee9fe41fbb00a1a88e4e12c3ca7d1995b7642fbf22e7576aa0f87b25,2024-11-21T08:39:27.907000
CVE-2023-52239,0,0,c28a063b7fa56cbc60e5bf7e799f7020ddac741446ed7e5a20eb359aae46640a,2025-06-17T16:15:28.247000
@ -259333,6 +259334,8 @@ CVE-2024-3185,0,0,1c67103dbf88a510a8278b98b5d99e3057e7b8f69cfef404fe34f189a7ca07
CVE-2024-31850,0,0,3cf28f7334b4de0542e5428e9e2adb543da6f22147b194d3fb612012e6aa1a98,2024-11-21T09:14:01.337000
CVE-2024-31851,0,0,e45f336d82b2d3d9adbf3a8bac0b970c5266b3cdbe6939aeace9733f93a83fdc,2024-11-21T09:14:01.463000
CVE-2024-31852,0,0,ba9051f6bc6d3b5aba3b4d7f2092d68c6a17eb29edddb549caa75380b0b647ce,2024-12-04T21:15:23.467000
CVE-2024-31853,1,1,cab61e3b35618d5f631c7bed03e2310289877bbfca4ff8110baadcdd5c7d0736,2025-07-08T11:15:23.997000
CVE-2024-31854,1,1,52b2b00eb942b78651056a3a4cf01c91493b53456298d8d1b9031cbe0319ba90,2025-07-08T11:15:24.180000
CVE-2024-31856,0,0,b0ae28b2cf04a3d57b1162c504882bace010687db30d97cb579a93bed060de40,2024-11-21T09:14:01.757000
CVE-2024-31857,0,0,20dfb12af53dc65b264ed20f498f15824869d4ee981fc0225fa3ba43b44587e3,2025-04-04T13:03:08.680000
CVE-2024-31858,0,0,fb7ea5972ca29ef5dbb01c13ffa0f30c065ee6f5e39915061b97fa7a1c736b37,2025-02-12T22:15:33.340000
@ -276426,7 +276429,7 @@ CVE-2024-54089,0,0,efd2198ce361ea992eb01ea5caf6a93dad81fb83e8cf416236617bce8d42a
CVE-2024-5409,0,0,e57e1ade9406d6824e9de4b5fb59a028c0cc0d3b407f2e5791339282678e1347,2025-06-05T15:31:08.950000
CVE-2024-54090,0,0,66ce7fba27ae90aef333be57d6145501dc74f76ec68d084b34f2e2ffb0d19de5,2025-02-11T11:15:15.647000
CVE-2024-54091,0,0,6669dfba9e4b52b11ac13f159a10cf6dd259350d4a591cc31c8accd2299f4839,2025-04-08T09:15:22.763000
CVE-2024-54092,0,0,a6e6da3cd74c0f306142e6eb1230a6db9b96f478924732391d48c59502d536e8,2025-04-08T18:13:53.347000
CVE-2024-54092,0,1,f3528427f364e078623d36f73d6874bf4a2ece3c7101a63cc4b72ee9f4c2058b,2025-07-08T11:15:24.580000
CVE-2024-54093,0,0,8ff323e645aebc7aeef25ba10ab98f1f6ad0ea9c0f1d7ee8b34034da91ced70a,2025-03-04T19:11:00.280000
CVE-2024-54094,0,0,4b5414d6bb86aa6d5d0ad7d402a8fed5c92b81411a35a19b8983e665f6e00eaa,2025-03-04T18:48:25.970000
CVE-2024-54095,0,0,21c8eedb1a0957c805c27199698b550557aa3e86d67c7e9aa5fc64a1b6a6ca6d,2025-03-04T18:45:18.927000
@ -284973,6 +284976,8 @@ CVE-2025-20979,0,0,231f64c3e176775ba854746f023aa81bf6b40a4874e615d2c4610802ac3d0
CVE-2025-2098,0,0,339294206fd4d5be14c5ec0cfdf9d0429803ca53d006fc61729cc0a81c0f19c1,2025-03-27T16:45:27.850000
CVE-2025-20980,0,0,7fdd5a1f3346b410ae9e2acd7c3f47424f0d1437083753fdf0525f723ce42b13,2025-05-07T14:13:20.483000
CVE-2025-20981,0,0,3cd666e2f6ca8dbe42267b7ba7f17b10b23a6b03f2fc8612f5f137dbde34d2f6,2025-06-04T14:54:33.783000
CVE-2025-20982,1,1,24ee05660d228aaf1d0eb67163a948364b3e1f7c8f0f9b38fd16fc4994a1b86a,2025-07-08T11:15:24.733000
CVE-2025-20983,1,1,623a1a4238fe5601043b1a52fd41f2f9acb47eff33405ba1b440ebd6c26fa81a,2025-07-08T11:15:24.873000
CVE-2025-20984,0,0,e7280baeb13683cb27514b85160ab9b678f39f8df2cf27f792346506ca0946ee,2025-06-04T14:54:33.783000
CVE-2025-20985,0,0,f1546ae707d82e33a5482d68554ce8489a02400f5065ef7262899124d0fa85b0,2025-06-04T14:54:33.783000
CVE-2025-20986,0,0,a8c17dd67caf405f6f23f17b2129a7137468e63456e903401ccdccb0b601a184,2025-06-04T14:54:33.783000
@ -284986,6 +284991,19 @@ CVE-2025-20993,0,0,2f2e05380962f23c2442bc279bb02edf00e9574fe76d3c8cb0266c25828d2
CVE-2025-20994,0,0,9433fa250a990918bc6b86efd5f43f4cb8ee99e0799546de1201054f6acdb498,2025-06-04T14:54:33.783000
CVE-2025-20995,0,0,b0e261ba12a516e344c63e2844a9aedbf277b62990580f34723653f536b23d63,2025-06-04T14:54:33.783000
CVE-2025-20996,0,0,2997e4a5961993fb94aabc2509dc00cf8844c2ce85f291a3f0f1326b812fee1f,2025-06-04T14:54:33.783000
CVE-2025-20997,1,1,4c58aace1c446c8632e77dbb9866cad0aeee455f0ae788aa8bb8d412b249f1a6,2025-07-08T11:15:25
CVE-2025-20998,1,1,1e4f98e146197e2ce7f270513e58cfe699f7a11c95f18a350b3931c14fa0b0af,2025-07-08T11:15:25.137000
CVE-2025-20999,1,1,4d7183e3ea83e9542f846ba4b4bb9550f2b80f03de8a1a39dae2f407a22fd825,2025-07-08T11:15:25.267000
CVE-2025-21000,1,1,ba6d11147334c007f877e2bb66d8bf8adbc7af88d9b28fa8037b130cfa211139,2025-07-08T11:15:25.397000
CVE-2025-21001,1,1,b3ea220c767871b63f0e2d22e358eaa6f57116429352db7b7d319504ebe7ce12,2025-07-08T11:15:25.523000
CVE-2025-21002,1,1,a3e61dd61d3981c05d6fec980cfe82a27bfd228618868a5fa3b3adf2ee453e43,2025-07-08T11:15:25.660000
CVE-2025-21003,1,1,d652f08513c64a2eef22f3c9c58611479c8daab84658f0cf36b443f4d41c4372,2025-07-08T11:15:25.793000
CVE-2025-21004,1,1,78019a154159f714a54e4540cdf79f59b8c81c132422f794818e2a42a19c4464,2025-07-08T11:15:25.923000
CVE-2025-21005,1,1,aa028eebf906c9021d059e469fd57414afcfdd1bb8538d4b31fe0f048585f6b9,2025-07-08T11:15:26.043000
CVE-2025-21006,1,1,d7ab8fe801048595e6c27f5dde7019b8d70b47c965bc4e7a920530bdfa78b384,2025-07-08T11:15:26.177000
CVE-2025-21007,1,1,2a4e898d2fcc5c2c49adec42459dc07ef2cfb16ec731fa7b0987782f1940079e,2025-07-08T11:15:26.300000
CVE-2025-21008,1,1,4c0745cf078c6b15af97932f27b1f3d2f692bbe0cb82189c8b82c4abfbbdd4ba,2025-07-08T11:15:26.433000
CVE-2025-21009,1,1,6310e97b028c7f2cacdaa8371ce08bdf75e2f5df1d7cdfb16493261849e67ba8,2025-07-08T11:15:26.557000
CVE-2025-2101,0,0,e2f134d8ec38a4ef69a8a1b6464b6041847978860b9b377155f00fb727decdb9,2025-04-29T13:52:10.697000
CVE-2025-2102,0,0,1b84a94b9bc783c0eba8b42961ff5295a1d593e71ba7b75effdb8c35c2b35fb6,2025-05-21T20:24:58.133000
CVE-2025-2103,0,0,8165c0b352513de64cda0403ba5ccccfa989e53bace8ba5cf69fd4b2ec66dc6b,2025-03-21T15:06:58.433000
@ -287024,6 +287042,8 @@ CVE-2025-2336,0,0,e04e263f577ee94994be76c7f45e2a366ef0c6a3a1e415c7a4e9e5f507e178
CVE-2025-23360,0,0,44ec4858c221e4e9b3ef85a446da660e97979bf1d4ef5b7d7efaafadb38d1c40,2025-03-11T20:15:16.633000
CVE-2025-23362,0,0,f1b04109bb5a53f0fa12693fb841988a838f82d29d11cab82e724120097242c3,2025-01-29T02:15:27.910000
CVE-2025-23363,0,0,35c6147ff63b42be8a96d41b6675b8a23b828204268fd2d9be277916193444c2,2025-06-10T16:15:35.990000
CVE-2025-23364,1,1,0802d20064c77c6c2665c3aa4972bf47f72305d94be4dc6f3ac141fc9d24394e,2025-07-08T11:15:26.683000
CVE-2025-23365,1,1,174e01e36091bcb966b234ddfa050d8646b724961f456d1784b2152213f87e96,2025-07-08T11:15:26.860000
CVE-2025-23366,0,0,19d3d492f06020aadbd27d64e622d5ed1c347260739b5074a05d263b32a748da,2025-01-14T18:16:06.290000
CVE-2025-23367,0,0,dc098e4899b3f306817e6d6c34a4bd055f0e4dc6c153870c1142849722c7141a,2025-05-06T20:15:25.910000
CVE-2025-23368,0,0,420fb00642e39b5577b4518ecebd554328cd6cece3e6b7323ad06772dda6199f,2025-05-31T19:15:20.510000
@ -289848,6 +289868,7 @@ CVE-2025-27111,0,0,a8db734f919007cb50cb1902fbb4102eb8dcaaff069aa0ece6c61372ee7c3
CVE-2025-27112,0,0,8750eafe79b9906895ef1a1c17b5f7972ae9a0f6916d156cfca0a444751c0bd2,2025-02-27T20:24:21.910000
CVE-2025-27113,0,0,3f927ac99bedded3f15625d404f90be5185a2dbbeb1f3658f62dd072e77cf603,2025-03-07T01:15:12.823000
CVE-2025-2712,0,0,5b607158b37961f61c6154e4f3efff3b2ccb5f8d5bf2f3995341498b4ba2aa89,2025-03-27T16:45:46.410000
CVE-2025-27127,1,1,b8c1ecdc3e069d27c718406fd5e0e227eb463370435b497d2627d0c08f2d24f1,2025-07-08T11:15:27.070000
CVE-2025-2713,0,0,96d615228bbe2400210a94715d82e0cb4affc98dd4349c31070f30252b2cc770,2025-03-28T18:11:40.180000
CVE-2025-27130,0,0,a424518fe58cf3693b2d27c1fa1013a0db02f6fc2b32ae8122f4d597cfd847e5,2025-04-01T20:26:11.547000
CVE-2025-27131,0,0,071d8576367ac4bcd57ae780dc39fb5ba7d654b804cb1f5932df1fbd3dc6ce84,2025-06-09T19:06:16.757000
@ -291384,9 +291405,9 @@ CVE-2025-30170,0,0,125f86bf22e4a10f87718521e72597a9068155c72dc7683753e3e197da176
CVE-2025-30171,0,0,6e1ddac05f87d85ff5a2d0de8306324c0b93023b9c775c6ba74b31de582c35da,2025-05-23T15:55:02.040000
CVE-2025-30172,0,0,0b708de60b7a65334f925cc61136479f9873434736e5851abdef89168cd43ee4,2025-05-23T15:55:02.040000
CVE-2025-30173,0,0,0cd4b73524781f21a2123919a94aab807dcdc411dc4063867eafd2d2623336a0,2025-05-23T15:55:02.040000
CVE-2025-30174,0,0,97694fa836d9fb3bc7419d6145b1ee74a042477654983a200e606ef6d3027697,2025-05-13T19:35:18.080000
CVE-2025-30175,0,0,f890ba937db7c89764dd43e9337130526272f0a21def276da8a61175247c15ef,2025-05-13T19:35:18.080000
CVE-2025-30176,0,0,c1bd2b7ffef5f0e4c660a189483015165b303f3c3712bfe313b02ec0266a13b1,2025-05-13T19:35:18.080000
CVE-2025-30174,0,1,7c5496a856057ad177d2ba741a99b289936587f4527f834dc14c20b7439813f5,2025-07-08T11:15:27.257000
CVE-2025-30175,0,1,fd323807fbd1d41d94cfb9ee8ffc1d8ebdfcaec0f71545d2712920df2c8f54aa,2025-07-08T11:15:27.393000
CVE-2025-30176,0,1,3e35006bf840d0fb8fedbada0acc4159d0cae0adac155699e4427dea0b9127ab,2025-07-08T11:15:27.520000
CVE-2025-30177,0,0,dd6bcf9daefbb6e1a68c3d702c2bf7abf53ae7032efaf201b8e1a6842e388876,2025-04-15T13:00:12.587000
CVE-2025-30179,0,0,e6188b5cfe41efd4be24afd0a9be97fe3cad7c2aaaf7dc5206b7ef410f616059,2025-03-27T14:45:47.520000
CVE-2025-3018,0,0,699e90ef59bc974dffc7069ff5404d401834f1962c8486f8c32f7bd651f7ed16,2025-04-07T14:35:25.290000
@ -294980,8 +295001,8 @@ CVE-2025-38232,0,0,b446111677a15eef3d5a51e04c9eea515113cb574d43b2169fb423609b26e
CVE-2025-38233,0,0,afdffe290ca80c9a789387ca12cd1e81c7c6ebe83b7e4cb392ce6d0adb1e21f3,2025-07-04T14:15:32.953000
CVE-2025-38234,0,0,829e151d3722969e4296c72d092f8f462985b592d44984b22f3bb0cb4dc82826,2025-07-04T14:15:33.087000
CVE-2025-38235,0,0,f3e80fec81abd1d9c6da9c43d940d2c9d7a711fdf26936c795b18d8745a748ba,2025-07-06T10:15:24.223000
CVE-2025-38236,1,1,430bad2b76f229ac74304fc05a367abc6d3a4056ae7fa26638c2f9cc9e7eed79,2025-07-08T08:15:20.960000
CVE-2025-38237,1,1,e1edc35ce9d35aa4c0d1e8bd642af5307f7433ad1bbca00ee5c1b3f444aa5053,2025-07-08T08:15:21.870000
CVE-2025-38236,0,0,430bad2b76f229ac74304fc05a367abc6d3a4056ae7fa26638c2f9cc9e7eed79,2025-07-08T08:15:20.960000
CVE-2025-38237,0,0,e1edc35ce9d35aa4c0d1e8bd642af5307f7433ad1bbca00ee5c1b3f444aa5053,2025-07-08T08:15:21.870000
CVE-2025-3824,0,0,4042020909e5223dbce6d2958e1aacca8166710222023563345f997e50394c09,2025-04-30T17:36:04.970000
CVE-2025-38240,0,0,117d76f4b128d7e0799c3952cf9e021270b3a89841576592d72d8a875350efe5,2025-04-21T14:23:45.950000
CVE-2025-3825,0,0,f32d1d72467b4949b7a1ca6e34d7286cd27354f39fac3d30ab70022243e0cd52,2025-04-30T17:33:52.383000
@ -295460,23 +295481,24 @@ CVE-2025-40568,0,0,bea488b27f57eabc5a1a8b12bfda8cbb9a32ab6c6d2516c21c261159ab2f5
CVE-2025-40569,0,0,a5f1f61caa2593cac66ffa31f4fd2a4e3c91c65148982d43f10a76f85c018b80,2025-06-12T16:06:39.330000
CVE-2025-4057,0,0,9c6590fa9bf494a0600a26ad246e54596c8c82001b91ef44ca85f7febf25408b,2025-05-28T15:01:30.720000
CVE-2025-40571,0,0,92334778ad54371de5319151f377af047fd17886086318e1331ade489105548b,2025-06-12T08:15:22.297000
CVE-2025-40572,0,0,0257e64a395df62fc80927bb901380e2ac5b5bf3a6620de4ddb93ce29ccc6d89,2025-06-04T16:33:04.377000
CVE-2025-40573,0,0,a3aa3ed2431de6a0ce1b55d8f0469c1759dc45094077be23a0673e95338e6056,2025-05-30T17:07:05.750000
CVE-2025-40574,0,0,e4edb3a9d9c58a4941f1c2d3a07247dc4296bc24e51040d2339240ce5914602a,2025-06-04T16:33:11.187000
CVE-2025-40575,0,0,5fda0d1d6f63806e2155be6aeb2d9b16935b54b6531f33f121d6e7e2ffd2df0a,2025-05-30T17:07:03.553000
CVE-2025-40576,0,0,4e30afa4fe34d85ca551a68a2c1756d32fd548fb0fd81a5c70155c3bce625613,2025-06-04T16:33:20.990000
CVE-2025-40577,0,0,732ca1b23f31a17f839e325bdaa08c4bb75bbc88f87161a4aa7189516b7db6df,2025-06-04T16:33:24.207000
CVE-2025-40572,0,1,bfa8c01b7de24510ff2c35c2b7f4862f50ef5d06ed5ecdb501045af20715b7d9,2025-07-08T11:15:27.650000
CVE-2025-40573,0,1,7b109a825b0e62490e3192991ce0d7d9f7f56ef29018391917f7f4dc6e0b8d3a,2025-07-08T11:15:27.797000
CVE-2025-40574,0,1,5191d8b8a68599c81d74a5184d6cfbc9465e7e987ec04ef77d0926a0036252ef,2025-07-08T11:15:27.940000
CVE-2025-40575,0,1,cdbf000b7b17ad44f613adbf3c3fbcf3a794fd314bcaab4dacf270551a48bbc5,2025-07-08T11:15:28.083000
CVE-2025-40576,0,1,35546c6aaa264b67dd17c978bdd71f49b798bbc25c05731f852414215bdbc9a8,2025-07-08T11:15:28.267000
CVE-2025-40577,0,1,3469cc45a9c1066a2487e7c4315b717ef8e0d94ec3c2505215947ab00e8d3f40,2025-07-08T11:15:28.417000
CVE-2025-40578,0,0,68c793efdd93cb2820925059cf1726fd680faa3f5959386ba791cd71b196579a,2025-06-04T16:33:29.650000
CVE-2025-40579,0,0,8f0b6e862b598f731a1e3f0477b61058b8e5a9123d5af01c6f161e925936aac3,2025-06-04T16:33:35.340000
CVE-2025-40579,0,1,63e093c07f1a758f8fa561d4d403872e787cf3af6595908707339539b5c38ca9,2025-07-08T11:15:28.553000
CVE-2025-4058,0,0,aa3f7c986fcd6ae85ff29d3948d47ceeba066e55e131a86edc9d2db243c68119,2025-05-15T20:44:45.693000
CVE-2025-40580,0,0,3374a0f16af4727c5151eab506ec9fc3de863dd4eed8b2805030dfef17bbe139,2025-06-04T16:33:38.663000
CVE-2025-40580,0,1,02d409d52032298c5eb4287691c4e7ebcbc7735986c7cd3c8cd509bf3fa4e622,2025-07-08T11:15:28.717000
CVE-2025-40581,0,0,06bc68cbcde637c7b9d09e2f3e2a4ba4663b0e49ef9f77fe37fea58c7a655ae2,2025-06-04T16:33:41.450000
CVE-2025-40582,0,0,7bfc694f37bee448665aa6012b244216ab1ddad4829d57c68f42e07d6cf45971,2025-05-30T17:07:00.713000
CVE-2025-40583,0,0,4b49bcba4fd5129cf3344c13b358ddecba3246768b81ffa138ced46c610d3959,2025-05-30T17:06:58.513000
CVE-2025-40585,0,0,cc49595cf918d38ac5ca973b9f62b22af94b8b980f73beef0c7038a55a139cbb,2025-06-12T16:06:39.330000
CVE-2025-4059,0,0,aaceabed3f9504437b5acc8d70c6023c40c2f0a56aba5d8e6d1c9f7eecdc635a,2025-05-15T20:45:28.467000
CVE-2025-40591,0,0,287b7cab1fd76e8adb3aa980b49a631f0bc9062780824cad9dd2f0ff13f69e79,2025-06-12T16:06:39.330000
CVE-2025-40592,0,0,ca8e9c62d960228191090f349b8062a5da83d387e737d4ebf08a6246ebed54e1,2025-06-12T16:06:20.180000
CVE-2025-40592,0,1,d167b00de1483c951fe43cc552b62b49543eff58159af12bb6823a6122401016,2025-07-08T11:15:29.330000
CVE-2025-40593,1,1,e51b040a7af17b3f5051f28ce8918891c3b06a5db9c4628dfadec9cee61bafac,2025-07-08T11:15:29.473000
CVE-2025-40595,0,0,e8883618ba87c7020b44e8c6f164b0155ef7e7a3cf9c54a337a593438f28d611,2025-05-16T14:43:56.797000
CVE-2025-4060,0,0,170985bf8f2f8cc428b363944749e5a7390ec03c3ff9ebf1391dace27bffb441,2025-05-09T19:34:16.987000
CVE-2025-4061,0,0,38d10b753ff5d559244af6fd3081a54533e11210e5e1217338182a3bb0bb72be,2025-05-09T19:34:08.123000
@ -295550,7 +295572,15 @@ CVE-2025-40731,0,0,d60c62e1efb95e2b565ba5cdd1823438090fcfa4d190527ad179b2ff07ef2
CVE-2025-40732,0,0,b700ef468ef5143eab1a98a8a5ac6a7d7624ae511e2f8f3e0dea04d0ebabeee8,2025-07-07T19:38:33.170000
CVE-2025-40733,0,0,264813c2043b96d454598a2961a40f1f771ab5e11dbf8f475c01110001a3b9d3,2025-07-07T18:18:08.400000
CVE-2025-40734,0,0,dd1cf6ad7ae73b91f6e1567d2c837c143f88fe605c960391f2b618e852f997b8,2025-07-07T18:17:48.017000
CVE-2025-40735,1,1,4ab576df561a2045516e507c1b5476121885a79d996c207b8f8cf980a16c1ac0,2025-07-08T11:15:29.657000
CVE-2025-40736,1,1,1e411489e1a21a4a6bfe03c4aa43cdefa23a76d415b8257bf7b1194d1883175f,2025-07-08T11:15:29.837000
CVE-2025-40737,1,1,ab7a48c790db43fea70864b81d60407b90cb4595b7259c8f4b3db5c25a8c230c,2025-07-08T11:15:30.007000
CVE-2025-40738,1,1,027bbc273e0ffbe7b990afbf224a9a2edca5025a549dbffc00b0aaa91a71863b,2025-07-08T11:15:30.190000
CVE-2025-40739,1,1,86e715337b2fffa5a0946f5560d31b5f46754524478a37541f320675cb6c0dce,2025-07-08T11:15:30.380000
CVE-2025-4074,0,0,67c949a36ba05d695588494a1af59c90dcd6f218e799b578e62cc10508e92154,2025-05-09T13:49:25.337000
CVE-2025-40740,1,1,ebe91ae840e094d087a6b5a8cf8f95a6f1b616ab1ca898d06ab0997153a17f4c,2025-07-08T11:15:30.560000
CVE-2025-40741,1,1,971ad7caa457466209b0f23784636cc2c28eedd3f60ab31981cc70afb6c0a7f1,2025-07-08T11:15:30.747000
CVE-2025-40742,1,1,57cf3ff9363cffedbd3fdca7c5121d75efcb0692ba65b22acd0b165e1ffc2034,2025-07-08T11:15:30.923000
CVE-2025-4075,0,0,980439803ac2a564a1211ca7907d1f8cd24fb9992986c85d77b9d15e9738b3a9,2025-05-02T13:53:40.163000
CVE-2025-4076,0,0,15e359152ac3968e95f76736d18611ed85f132cae7da09b8e96a2ab1cfc7b92d,2025-05-02T13:53:40.163000
CVE-2025-4077,0,0,8079a7498d68430e78a72c093e01ac09f17f033b46e97453ab1f898650cf61ff,2025-05-14T20:12:06.770000
@ -295609,6 +295639,9 @@ CVE-2025-4119,0,0,e22a40d4a6bba430436ed5cd521d95b9290408de98448e267ea5b0ff1d02e2
CVE-2025-4120,0,0,91a7986356ace02b1faadbef66f401c0debf895af76ae678f57790666062b352,2025-05-13T20:28:48.900000
CVE-2025-4121,0,0,7e5016f57db0166b2ed895f4d1dbfeb1645406dfaf0cae2948f2a256c69377c3,2025-05-13T20:28:09.793000
CVE-2025-4122,0,0,b6ca4452ee292421b2c21021a76be5367aa41cfbabca448a9baeb52d919cf372,2025-05-12T19:43:56.157000
CVE-2025-41222,1,1,738466ae450d43dcf79524b7c682479f01350dd58e3b6cc054165b80b6ad3891,2025-07-08T11:15:31.117000
CVE-2025-41223,1,1,4c9cef3608318e54ef56fb7a699b3187c36056c726ec913392d7588703cf45b6,2025-07-08T11:15:31.327000
CVE-2025-41224,1,1,1a8abb704cab998fd7157646b7cd9b5d6ed39478873dea8d8f6c3ea8d79cfaa3,2025-07-08T11:15:31.527000
CVE-2025-41225,0,0,ffc98f9dcad9846a3a108fe3a7132a69bd7a2a6d0a3c8f34ab76d93d3bf08419,2025-05-21T20:25:16.407000
CVE-2025-41226,0,0,ca4cc48cca0502f2bc408b79a88ab6d132173955f1ef39e82ca47faffba98e58,2025-05-21T20:25:16.407000
CVE-2025-41227,0,0,4080075a62ea151bef0a098041eb959f6a8703afeba9690ae542cedf1c853291,2025-05-21T20:25:16.407000
@ -295853,7 +295886,7 @@ CVE-2025-42963,0,0,3eceb758431bd7a9b776e6e359f16ac8c0bd21ef6b4f957b0e4b861a43f9a
CVE-2025-42964,0,0,35eca8fe2e5b0b8592914d5f9aceac811262537d112dd16fac42dd7a2874f291,2025-07-08T01:15:23.240000
CVE-2025-42965,0,0,5468ec2b856abda7976d3a7237854316e3a567ad8f1e21914fd754cca072a790,2025-07-08T01:15:23.440000
CVE-2025-42966,0,0,f5060d8be8c97a112f6bc890e97f1361483623af18e26949db8b983231720bd9,2025-07-08T01:15:23.630000
CVE-2025-42967,0,0,a6e510917a634ebb18bbae9d20133392f6b21c2e7e0c465ace2491b306170cbb,2025-07-08T01:15:23.787000
CVE-2025-42967,0,1,66fcf4f745ead69569e143881a197a2eadc36681f688e13394b8d383891f97aa,2025-07-08T10:15:22.040000
CVE-2025-42968,0,0,8d0a352810ded26f1ea99be4361c89b7f442d5266f1052174dabce56e8dd9e2f,2025-07-08T01:15:23.950000
CVE-2025-42969,0,0,9338f259fb3824acc0cf0f061beeaca8fff6d92da434d45e0c6b7290c985ddcf,2025-07-08T01:15:24.120000
CVE-2025-4297,0,0,2125bd423cd8ee8185dc917035443ae13b98a933b8dab9e4e9a974e1b93ea733,2025-05-16T17:44:43.850000
@ -299117,7 +299150,7 @@ CVE-2025-52727,0,0,476ed505113a23aff77c5c6570fb8f496f28335fc67949f18ed6f5220203d
CVE-2025-52729,0,0,0b274f7b391a2b3ca207455316eb5f5a18760bd16bb1ce17fa066170bf9eb025,2025-06-30T18:38:48.477000
CVE-2025-5273,0,0,7a172885547dbfa68292354132d6eab77847bfdd0e0f37bfe0a33c637c28685a,2025-05-29T14:29:50.247000
CVE-2025-52733,0,0,7b459b7ccea847e17c1de3d7bfd534831df085ed8c830c3122c8262c5439f0d8,2025-06-23T20:16:40.143000
CVE-2025-5275,0,0,7318240c035e3165e0ef1bc99cf0989e0af69db842c9d78443bbde336329c1ab,2025-07-07T16:05:45.690000
CVE-2025-5275,0,1,5b77f3d7d547bfc5aca0dea72dfa50f5ec03b6706fb1b7fce785a83ffe687ef4,2025-07-08T11:32:22.210000
CVE-2025-5276,0,0,39d67915dab7ad2300f3ccd3a288fcee1075e32b914c45ad140eb6b7725be52b,2025-05-29T14:29:50.247000
CVE-2025-5277,0,0,ba5aa3a145e9e2e34ac18c63e7fe60e94ac49ba4d7121cc0bc36eebe3309abbf,2025-05-28T15:01:30.720000
CVE-2025-52772,0,0,deb02b2d983c296f8b89a2559d4d4f189f1c6c676131c9feadcc246a08a5cc14,2025-06-23T20:16:40.143000
@ -299426,7 +299459,7 @@ CVE-2025-53374,0,0,048614a745ae7e98f5321a32b66858d6e6101230ba932d75c053cf17ba954
CVE-2025-53375,0,0,848890d1efe87764cc544f04fa066b455261f9ea61f69788716dddfa6fa591e5,2025-07-07T16:15:25.317000
CVE-2025-53376,0,0,fc3afaaa04120e6e44ddb4595db6ad187159526aa9e92e3e7d46c6c8dd40e083,2025-07-07T16:15:25.467000
CVE-2025-53377,0,0,e496263adfef21784d6329ded37f2d78cc2ff795a2b0a4930ed58aa9270fa435,2025-07-07T17:15:29.097000
CVE-2025-5338,0,0,c30ab7b546edbed44c74dbf146f1dd5ebab57290d2ab537dfdd55be58264d8a1,2025-07-07T15:00:22.017000
CVE-2025-5338,0,1,30f15d6c7d64c82a0621f7e47f07f7b28b663e259f04318e25340aa82d6ae3c0,2025-07-08T11:34:52.400000
CVE-2025-53380,0,0,778a4ed3b4b51402648379b0a66e0653fc3388939d52b44cfb536c593d391f6d,2025-06-28T03:15:24.373000
CVE-2025-53381,0,0,5bca2379c91be4fadf0c25a7392b9c1b3f109e154b7525c42492575516c349ca,2025-06-28T03:15:25.393000
CVE-2025-53382,0,0,4695e14174a7cc685cd3ded81df4de7cc22e0d73407b891865d54a432fde8f3b,2025-06-28T03:15:25.470000
@ -299898,7 +299931,7 @@ CVE-2025-5838,0,0,35626c7c8e1d04fa7bdba348c0108b2c123b4d5d313bbcf8d5dd0d6177716b
CVE-2025-5839,0,0,af2c1c6da3fb5a22931f1ffebd67420dd5150792d38533d6eb8686e18f591276,2025-06-09T19:07:34.470000
CVE-2025-5840,0,0,a1906b279632ca933a71469d14d9b22734a373c8dc4ebaee1a55c4351d13760a,2025-06-10T15:45:31.043000
CVE-2025-5841,0,0,f400ea2f8b46ebb92066563e7d4eaccd25056b8981da67e57e016f89e1a31dc6,2025-06-16T12:32:18.840000
CVE-2025-5842,0,0,e34270d5535813532b218b2e0a190d340953f01febe70c33ec2aa6acf5499336,2025-07-07T14:58:39.873000
CVE-2025-5842,0,1,c31a3006bfcd97a6189e80541b0f5399ea0b610a2ef79d86f7f717f890b35b51,2025-07-08T11:35:12.807000
CVE-2025-5846,0,0,b9dae5d78b058906eef82693476ed197d8158ba3f9251bdb3cbb82dffcfb1b46,2025-06-26T18:57:43.670000
CVE-2025-5847,0,0,72a670a977f930c072e82981d9be0647255328c3124df63dafd15061a72168a9,2025-06-09T19:04:55.580000
CVE-2025-5848,0,0,97a77699d44911bbc0f7dbb24d5b37ad7d0974431c5e2858413f0642987e5a7c,2025-06-09T19:04:50.113000
@ -299977,7 +300010,7 @@ CVE-2025-5925,0,0,74cb0f740f96269546a558716b8983e19baddafe2aff8e369ed86d426f6297
CVE-2025-5926,0,0,d101bf01d3fcfe0cdb9553376422f17ca8d863b6b3e856d7675080f3ca9408fd,2025-06-16T12:32:18.840000
CVE-2025-5927,0,0,0c73989162ec688b3e537c5db5863dbd2ec2103b11b32c3e43eb90084da6cbc2,2025-06-26T18:57:43.670000
CVE-2025-5928,0,0,bf8e560b30d16961d3816817e86769462398f4dfd1c11ce3fc0a5a6f046bebeb,2025-06-16T12:32:18.840000
CVE-2025-5929,0,0,b716d721471a8e2b249626b1f9385a50183b8d247eeb60e850baf3fe11eb962c,2025-07-07T16:04:01.473000
CVE-2025-5929,0,1,22ddf18d1b5be0427bfffe06c7c342a3ee4be212fd6ecf814d57608fd0af56fb,2025-07-08T11:32:50.840000
CVE-2025-5930,0,0,f247db24f36bcbf2f7d81e18a82d068f64b444dc019b1b0b868d92f5ff3fa36b,2025-06-16T12:32:18.840000
CVE-2025-5932,0,0,2139f6b06237b79e72d4532bc8219346e6dc94ec5de4cc7ea77426914ccc3bb1,2025-07-07T16:03:18.250000
CVE-2025-5933,0,0,4ab1a4e0a3eb3d84beabd54254ef79ff81b64f59138d24e8a3ed5570a379ad13,2025-07-04T03:15:21.407000
@ -300163,7 +300196,7 @@ CVE-2025-6201,0,0,09953b11a7588a9edc2f3925b0cbb84add185ea803d7765dc4a2a786cd413a
CVE-2025-6206,0,0,c66ee500876bc4abb021bb9d77aeda45e0e42d83e894cdd37485d8f28334b052,2025-06-26T18:58:14.280000
CVE-2025-6209,0,0,4d194405f99de3505fed4fbc7baf9d82092f31b0c10e81656b4ad21d616433ac,2025-07-07T14:15:25.287000
CVE-2025-6210,0,0,14d31ee2b00a58e0d63a7ab89552e4950b1424b800527d9bb45e7fdd7c86ee97,2025-07-07T10:15:29.040000
CVE-2025-6212,0,0,94c0e0fc8f02bafef8bc84e19e2ea10848e097b196903fddf25d22a1310a929a,2025-07-07T14:57:39.777000
CVE-2025-6212,0,1,9eb0c977d92e30e2e67efcaac7f25f50243836e669a2d22cb477be6116fc0bde,2025-07-08T11:35:01.817000
CVE-2025-6216,0,0,fa2fdcc5033cf3a1df6342a01f2acd273f87b99c1664b4ca0db573d99035212e,2025-06-23T20:16:21.633000
CVE-2025-6217,0,0,0d2c65c94d7cc4fabd9027df56e983345e1f33543f29c53f0c45cf319713d14d,2025-06-23T20:16:21.633000
CVE-2025-6218,0,0,0e265a89cc2a3bd08feb5d5cbdea0ea20f815a5e3a21352ce4021a3ae0596bec,2025-06-25T19:03:33.817000
@ -300199,7 +300232,7 @@ CVE-2025-6285,0,0,0f5e702030ae71dd658a22b122b4aed0ed12d1aae61fb46ec51e0841a0ec90
CVE-2025-6286,0,0,b7219a51a324575d8724ff4298827d1d2120856c9a6df23d680f1ea8dbfc94c7,2025-06-26T21:33:36.923000
CVE-2025-6287,0,0,c97270e78c42232e6181a1fc6418c4993fc08485bae7bc11e103b2bd3b0836b8,2025-06-26T21:30:45.290000
CVE-2025-6288,0,0,fa5bb2cf674608fadad9e3141e14760d75f6db2208fe52ae1ce80a76abaa33b6,2025-06-26T21:19:24.540000
CVE-2025-6290,0,0,48ba9ddaba7effeee4a9c6928184d470f08294bc9085512bde08aac01c042136,2025-07-07T17:16:39.837000
CVE-2025-6290,0,1,c2ed75c99fd22b3a767fa6ba8364d4a3c4bca918872facb4981c311910b82f9b,2025-07-08T11:32:32.773000
CVE-2025-6291,0,0,dc1a968051b9db85759355228419cc46165b7a6778eb4ff9ec8664745bc75db4,2025-06-26T17:00:25.153000
CVE-2025-6292,0,0,950777517b48d376f4e9cfbb6475ca5763192a729885525f030e7df89973a74b,2025-06-26T17:25:51.993000
CVE-2025-6293,0,0,30342ac281aebc0a30969c59d523a1a3a2cc7a536dbaaadfbb8317c27c072af8,2025-06-26T17:22:14.003000
@ -300279,7 +300312,7 @@ CVE-2025-6375,0,0,c5c7694dc72a40d77b42ca7bdac2085f0219ee2826ef00eb4a9804c963c510
CVE-2025-6378,0,0,c9f832cbc4a58e4712b3be36fa473dbfb776e558d71ae65da6d05b8879aaf667,2025-07-07T17:15:44.053000
CVE-2025-6379,0,0,a573d0789f74e2940a233e26e5770bd43ee83276728b28e7918a6f6c0e9e28bc,2025-07-07T15:24:31.510000
CVE-2025-6381,0,0,bcb772a2599dc7010241cc7bbab88371a6f4c6ca137948aff05aab6ef1ed3e85,2025-07-07T15:24:28.070000
CVE-2025-6383,0,0,cbad0deb6722e8c8c6599e2836abb6b9280c085acc8c5c7fa818af09adc4c75c,2025-07-07T17:15:05.383000
CVE-2025-6383,0,1,d4983baed15d1793d27d210c93a94db5a7e163abe77193a900e62847d2cde376,2025-07-08T11:31:13.823000
CVE-2025-6384,0,0,97aa0c1b3518730f2ff1ac0c6e40e6df53f12abb019ae8c41f191d17b86f6691,2025-06-23T20:16:40.143000
CVE-2025-6386,0,0,b2a078e22a659d4d88f448dea0064464b20c22ed2491c180557e36b6a04d2807,2025-07-07T10:15:29.187000
CVE-2025-6393,0,0,32247b5db96e134f65a8c77173062a4edd972dbb6c0ac396c8f0bf9ce435cde7,2025-06-23T20:16:21.633000
@ -300401,12 +300434,12 @@ CVE-2025-6533,0,0,492d887b9495cf568d73a9f91a4235f8d4b3302adbb98cd523caec1f71017f
CVE-2025-6534,0,0,27dbfbc1ad88a7b2b9a2381731f87a7e228a23f139d2c856c6c4ef9c8c4f00da,2025-06-26T18:58:14.280000
CVE-2025-6535,0,0,3ec3c99c4450294264961f65a26d690a1af52c1d1f2140ee1766ea03af869a81,2025-06-26T18:58:14.280000
CVE-2025-6536,0,0,bd4abefc70387d924c3e572721c1a2fa7652203fc239516c5a7622b44e3bfb00,2025-06-26T18:58:14.280000
CVE-2025-6537,0,0,35a059cab9fdc0c1b6f72e0502b21079436d69ae1ca92b73ceef2576f210013e,2025-07-07T15:03:23.390000
CVE-2025-6537,0,1,6cc047e68af8cc140a533baef81117cae1d7e838b2f26be233dae033dab14eca,2025-07-08T11:34:13.310000
CVE-2025-6538,0,0,e09f0a97dfdb50a09d0300934010eb6d0f1d88eba5fa750c8cc98ba07c13c662,2025-07-07T18:33:37.610000
CVE-2025-6540,0,0,082438792186c440bf4ff42d97a1cb1ef2ee9a0b9d0da94f6ceb561b424c8589,2025-07-07T15:02:44.263000
CVE-2025-6543,0,0,614be473b1a9f0b696f8665a5ce20ebb99b6c34c213be6f11e91a24c2a2ce20d,2025-07-01T18:19:45.547000
CVE-2025-6545,0,0,232265ccc6fe056c6abf53601342de9afd636906f2fd3b22c8fe97e99accaff8,2025-06-23T20:16:21.633000
CVE-2025-6546,0,0,20c09019fe66bae4cc490eb13bf7440432b4eb2d00e32caa0dd1d13ce9bfccc3,2025-07-07T15:02:09.700000
CVE-2025-6546,0,1,e2ccb0f36404155cf63065e6218ff7146480ba7d5ad20b9847888ed82aa12363,2025-07-08T11:34:27.020000
CVE-2025-6547,0,0,9faf016e4cd0d979f6fd378ab40d2ecc76b2956dd06a9026d16b0df65d7d2aad,2025-06-23T20:16:21.633000
CVE-2025-6550,0,0,c0a691cea8a5ed699b0d12b82357599196c16b195f2af32ef4c55625a42b68d0,2025-07-07T15:38:38.413000
CVE-2025-6551,0,0,eb31b65edf1928c67c505e9607a92d57f68bd5fa54806dd6c722d8ad4c081a2e,2025-06-26T18:58:14.280000
@ -300527,6 +300560,7 @@ CVE-2025-6738,0,0,3259930ec98b59546eeaeace9fb84641bae60a8fe1ea462b5fb5b4147d4fd6
CVE-2025-6739,0,0,bd154751d866345fec59da65321a383a12e1d3bc94957e355ab825597d37c48a,2025-07-04T03:15:22.740000
CVE-2025-6740,0,0,4df025ce77d1adfe2573d12dc431280049a6a66b06d7c4a694ba8dc72df73175,2025-07-04T12:15:35.570000
CVE-2025-6743,0,0,1a2f8644f53e75d6c8b80fff15734043e2ec6a57d7ca239c2f4e32f989444480,2025-07-08T07:15:26.410000
CVE-2025-6744,1,1,b5f9cafc355fb33653432dc11abcd11bb57a79884e7e009d43a5e54dab2f595a,2025-07-08T10:15:22.947000
CVE-2025-6746,0,0,2cee8b5f62f2740e58418e06d7d18549cb6c59f308feeb8d07ef0e27b444984f,2025-07-08T07:15:26.587000
CVE-2025-6748,0,0,7f8f18ce472108822cda61d00f4ec9b1169d30c9d958ea970ce7bf174900b6ff,2025-06-30T18:38:48.477000
CVE-2025-6749,0,0,d1c491f56475f9982f91a0af7dbfe7ca7d1db32da1110cdac506d65ba7fc1676,2025-06-30T18:38:48.477000
@ -300795,10 +300829,14 @@ CVE-2025-7164,0,0,8d98866f9ff941dcf1d5368040d34d26da7d068cb61dbec8e36d2c25d7a47d
CVE-2025-7165,0,0,81e0312c17d7e6aa177ff46a5153ebba82f6184909c7b5c996a38f7990401222,2025-07-08T06:15:24.513000
CVE-2025-7166,0,0,aace25dc354d2484e73e9aecc6dec28a284773282ee58ca2bfecef576bf55ae7,2025-07-08T07:15:26.770000
CVE-2025-7167,0,0,c3279b90c72edddbb3f2437b841bbecf3ec7435b7e931acecf262d7a408a3e53,2025-07-08T07:15:27.007000
CVE-2025-7168,1,1,fb880b5317c6035c05e262a96bd2de7e7adf297b4e6d918e4be4ba830aa9111b,2025-07-08T08:15:21.993000
CVE-2025-7169,1,1,184c902a0d97c4e02337c915d2da886f21abd036d6a49c2e82f628964ea5f387,2025-07-08T08:15:22.270000
CVE-2025-7170,1,1,d631825d5bab89ac42aa3b35d7a966fe06c83c27748d1e2260e5125e1237edd6,2025-07-08T09:15:22.540000
CVE-2025-7171,1,1,06a2f67a05d60ed4fd07ed9c6047f56a41f41014333d700280eee3959c419329,2025-07-08T09:15:23.017000
CVE-2025-7168,0,0,fb880b5317c6035c05e262a96bd2de7e7adf297b4e6d918e4be4ba830aa9111b,2025-07-08T08:15:21.993000
CVE-2025-7169,0,0,184c902a0d97c4e02337c915d2da886f21abd036d6a49c2e82f628964ea5f387,2025-07-08T08:15:22.270000
CVE-2025-7170,0,0,d631825d5bab89ac42aa3b35d7a966fe06c83c27748d1e2260e5125e1237edd6,2025-07-08T09:15:22.540000
CVE-2025-7171,0,0,06a2f67a05d60ed4fd07ed9c6047f56a41f41014333d700280eee3959c419329,2025-07-08T09:15:23.017000
CVE-2025-7172,1,1,f41fecf7b2118461549a8a9d9d0a0be0da977c67a024b1cbd4b88f73a77b994a,2025-07-08T10:15:23.140000
CVE-2025-7173,1,1,6e0c73472c557bd1341bd35c16c4bea5f3973b49196db66ae55cebbd70d1caf8,2025-07-08T10:15:23.370000
CVE-2025-7174,1,1,6bc9e552f0f271a604fda837ba2f94bb6d920ef116b8a8d8ae4186082e519696,2025-07-08T11:15:31.717000
CVE-2025-7175,1,1,0efdf066dc3fd1e3eadc405c80607fa3a80dd3f56ce3f6d0f662297b052c8b8c,2025-07-08T11:15:31.920000
CVE-2025-7259,0,0,92aedb6a5e38fb030175a289364c754cf67f487a6a25e9d17c23717610f38507,2025-07-07T16:15:30.440000
CVE-2025-7327,0,0,f8b1188e4f7cc5573c9ecf71a12200117edf4fd74dc9f9fae96673aaeccbf801,2025-07-08T06:15:24.730000
CVE-2025-7346,0,1,cb21a649388e1e53857cfea094e0a78c37a218b32465f4276a51b680f561d62b,2025-07-08T08:15:22.460000
CVE-2025-7346,0,0,cb21a649388e1e53857cfea094e0a78c37a218b32465f4276a51b680f561d62b,2025-07-08T08:15:22.460000

Can't render this file because it is too large.