admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-06 18:52:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-04-20T18:00:19.421727+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-04-20 18:03:52 +00:00
parent 8deb8b49d2
commit fac07b674b
6 changed files with 450 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CVE-2024/CVE-2024-129xx/CVE-2024-12905.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-12905",
"sourceIdentifier": "22e2d327-25fe-45d7-9f0c-dcd23b7108df",
"published": "2025-03-27T17:15:53.250",
"lastModified": "2025-03-28T18:11:40.180",
"lastModified": "2025-04-20T16:15:13.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -59,6 +59,10 @@
{
"url": "https://github.com/mafintosh/tar-fs/commit/a1dd7e7c7f4b4a8bd2ab60f513baca573b44e2ed",
"source": "22e2d327-25fe-45d7-9f0c-dcd23b7108df"
},
{
"url": "https://www.seal.security/blog/a-link-to-the-past-uncovering-a-new-vulnerability-in-tar-fs",
"source": "22e2d327-25fe-45d7-9f0c-dcd23b7108df"
}
]
}

145
CVE-2025/CVE-2025-38xx/CVE-2025-3828.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-3828",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-20T16:15:14.057",
"lastModified": "2025-04-20T16:15:14.057",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in PHPGurukul Men Salon Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/view-appointment.php?viewid=11. The manipulation of the argument remark leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/NuoNuo-L/cve/issues/2",
"source": "cna@vuldb.com"
},
{
"url": "https://phpgurukul.com/",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.305735",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.305735",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.555929",
"source": "cna@vuldb.com"
}
]
}

145
CVE-2025/CVE-2025-38xx/CVE-2025-3829.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-3829",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-20T16:15:14.230",
"lastModified": "2025-04-20T16:15:14.230",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in PHPGurukul Men Salon Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/sales-reports-detail.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/NuoNuo-L/cve/issues/3",
"source": "cna@vuldb.com"
},
{
"url": "https://phpgurukul.com/",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.305736",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.305736",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.555930",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2025/CVE-2025-38xx/CVE-2025-3830.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-3830",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-20T17:15:44.950",
"lastModified": "2025-04-20T17:15:44.950",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in kuangstudy KuangSimpleBBS 1.0. It has been declared as critical. Affected by this vulnerability is the function fileUpload of the file src/main/java/com/kuang/controller/QuestionController.java. The manipulation of the argument editormd-image-file leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 6.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
},
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://github.com/caigo8/CVE-md/blob/main/KuangSimpeBBS/%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.305737",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.305737",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.556133",
"source": "cna@vuldb.com"
}
]
}

14
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-04-20T16:00:19.333350+00:00
2025-04-20T18:00:19.421727+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-04-20T15:15:44.993000+00:00
2025-04-20T17:15:44.950000+00:00
```
### Last Data Feed Release
@ -33,21 +33,23 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
290938
290941
```
### CVEs added in the last Commit
Recently added CVEs: `1`
Recently added CVEs: `3`
- [CVE-2025-3827](CVE-2025/CVE-2025-38xx/CVE-2025-3827.json) (`2025-04-20T15:15:44.993`)
- [CVE-2025-3828](CVE-2025/CVE-2025-38xx/CVE-2025-3828.json) (`2025-04-20T16:15:14.057`)
- [CVE-2025-3829](CVE-2025/CVE-2025-38xx/CVE-2025-3829.json) (`2025-04-20T16:15:14.230`)
- [CVE-2025-3830](CVE-2025/CVE-2025-38xx/CVE-2025-3830.json) (`2025-04-20T17:15:44.950`)
### CVEs modified in the last Commit
Recently modified CVEs: `1`
- [CVE-2025-43929](CVE-2025/CVE-2025-439xx/CVE-2025-43929.json) (`2025-04-20T14:15:13.230`)
- [CVE-2024-12905](CVE-2024/CVE-2024-129xx/CVE-2024-12905.json) (`2025-04-20T16:15:13.913`)
## Download and Usage

9
_state.csv
View File

@ -247399,7 +247399,7 @@ CVE-2024-12901,0,0,9090f7834bc3c030e72169daa1c979a89e62ab4d337c41ce0895aac0a7fd9
CVE-2024-12902,0,0,f67161e0fccba6773f5846cbc230324e550643d0923f7ba0e7e1a11f1d4a5be7,2024-12-23T11:15:06.153000
CVE-2024-12903,0,0,934e7684198b909838e52981ff3e91a85ceaf2d8442d1b9996709c268c32e282,2024-12-23T13:15:06.390000
CVE-2024-12904,0,0,671a7c9940a0c77cd61b5157b9a25d05e94a81dd74e911832e959fb41cee16f3,2025-02-11T02:15:33.927000
CVE-2024-12905,0,0,831b363d80d945d90131f323ffb73efa9e2f3ae68cef4aba4297c3626a1560f5,2025-03-28T18:11:40.180000
CVE-2024-12905,0,1,aa8cc156c24902f439d09fdb7bac79eb3de63f75d5a9b607fc5acaf290fbb720,2025-04-20T16:15:13.913000
CVE-2024-12907,0,0,888eb59eb672b880a00352690cbd4fe68b3b4bda1cea5583ad3fabfdc05fe373,2025-01-02T16:15:07.690000
CVE-2024-12908,0,0,76a88b8500008d4ca56b5c37bddceec64b40a69d8577b8cdbf6118a2030881b4,2024-12-27T15:15:10.240000
CVE-2024-12909,0,0,f0d6494e68aae34d5cb59a938816f9aaacb68f060b0a770985be4948c8337bac,2025-03-20T10:15:31.833000
@ -290768,7 +290768,10 @@ CVE-2025-3824,0,0,b965e5d32afe683a75f0838637bd08ae64a757afc4446e12179b507fbbeaf6
CVE-2025-38240,0,0,55c3c53507175385d390f4e5f0701155663d7d45488ce3854f0ce48d67d704f4,2025-04-18T07:15:43.510000
CVE-2025-3825,0,0,b0e42a018583b9ba31e420c2ccd93016111550e85efb6830da587538548ada98,2025-04-20T12:15:14.113000
CVE-2025-3826,0,0,16667ae8014611f3ba610c83d8dac4ed037e4c57a8e2ec56facb3e00355785c6,2025-04-20T13:15:44.937000
CVE-2025-3827,1,1,2c065676f62a8efc53d1267f1968e879a7688f19a99cac3edee7f01713ad93fd,2025-04-20T15:15:44.993000
CVE-2025-3827,0,0,2c065676f62a8efc53d1267f1968e879a7688f19a99cac3edee7f01713ad93fd,2025-04-20T15:15:44.993000
CVE-2025-3828,1,1,21ba1969c15d55d422105012001d55399a9f348f31d9a56752eb6b0b0ebb605e,2025-04-20T16:15:14.057000
CVE-2025-3829,1,1,d6f820dab60b7926192ca686dc2cdac1d32f1c148d9cb377aa4dc9ca0de2e07c,2025-04-20T16:15:14.230000
CVE-2025-3830,1,1,c349ff4b9a002c0025c459962a7618a1bb39129fae2021ecbde6472ecb914ca4,2025-04-20T17:15:44.950000
CVE-2025-38479,0,0,b2b6ea65e240d4ffeed782b9d037d3b3cf1f0ae1e3ce4a6e40a815527e135169,2025-04-18T07:15:43.613000
CVE-2025-38575,0,0,fc45fd45a431f685538b4001e1e87131d23faf0a16a9209a56843479513a7e70,2025-04-18T07:15:43.717000
CVE-2025-38637,0,0,994255e82cd74ce8666ff4c2bb27a6e5073245f15905958a121473a3bd555340,2025-04-18T07:15:43.823000
@ -290936,4 +290939,4 @@ CVE-2025-43919,0,0,ad4cbb29e051ea2358fff2073270b1cfd676f19b936b7832be0b6c643b0e3
CVE-2025-43920,0,0,b78354739d89571d106f08bd550eb673b1af9ed695f9a469ebcd3fe832889821,2025-04-20T01:15:45.867000
CVE-2025-43921,0,0,b59dba0610887a199b0faf2f19a0e03e63d8e4472120cfd2c980e88dc9faec57,2025-04-20T01:15:46.043000
CVE-2025-43928,0,0,7e137dc78a97082b3c993605d044d26a389eebe6d6590183c90296f75caf000e,2025-04-20T03:15:35.003000
CVE-2025-43929,0,1,b7b16912e19748274928ce4ed708cddadca19d9026021836109f3f82db667fc8,2025-04-20T14:15:13.230000
CVE-2025-43929,0,0,b7b16912e19748274928ce4ed708cddadca19d9026021836109f3f82db667fc8,2025-04-20T14:15:13.230000

Can't render this file because it is too large.