Auto-Update: 2025-04-07T10:01:07.313222+00:00

CVE-2024/CVE-2024-118xx/CVE-2024-11859.json

@@ -0,0 +1,78 @@
+{
+  "id": "CVE-2024-11859",
+  "sourceIdentifier": "security@eset.com",
+  "published": "2025-04-07T09:15:15.427",
+  "lastModified": "2025-04-07T09:15:15.427",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "DLL Search Order Hijacking vulnerability potentially allowed an attacker with administrator privileges to load a malicious dynamic-link library and execute its code."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "security@eset.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 6.8,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "LOW",
+          "userInteraction": "PASSIVE",
+          "vulnConfidentialityImpact": "HIGH",
+          "vulnIntegrityImpact": "HIGH",
+          "vulnAvailabilityImpact": "NONE",
+          "subConfidentialityImpact": "NONE",
+          "subIntegrityImpact": "NONE",
+          "subAvailabilityImpact": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirement": "NOT_DEFINED",
+          "integrityRequirement": "NOT_DEFINED",
+          "availabilityRequirement": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
+          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
+          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
+          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
+          "modifiedSubIntegrityImpact": "NOT_DEFINED",
+          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
+          "Safety": "NOT_DEFINED",
+          "Automatable": "NOT_DEFINED",
+          "Recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@eset.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-427"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://support.eset.com/en/ca8810-dll-search-order-hijacking-vulnerability-in-eset-products-for-windows-fixed",
+      "source": "security@eset.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-219xx/CVE-2025-21918.json

@@ -9,6 +9,10 @@
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: ucsi: Fix NULL pointer access\n\nResources should be released only after all threads that utilize them\nhave been destroyed.\nThis commit ensures that resources are not released prematurely by waiting\nfor the associated workqueue to complete before deallocating them."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usb: typec: ucsi: Se corrige el acceso a punteros nulos. Los recursos solo deben liberarse despu\u00e9s de que se hayan destruido todos los subprocesos que los utilizan. Esta confirmaci\u00f3n garantiza que los recursos no se liberen prematuramente esperando a que se complete la cola de trabajo asociada antes de desasignarlos."
     }
   ],
   "metrics": {},

CVE-2025/CVE-2025-304xx/CVE-2025-30473.json

@@ -0,0 +1,53 @@
+{
+  "id": "CVE-2025-30473",
+  "sourceIdentifier": "security@apache.org",
+  "published": "2025-04-07T09:15:16.667",
+  "lastModified": "2025-04-07T09:15:16.667",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Airflow Common SQL Provider.\n\nWhen using the partition clause in SQLTableCheckOperator as parameter (which was a recommended pattern), Authenticated UI User could inject arbitrary SQL command when triggering DAG exposing partition_clause to the user.\nThis allowed the DAG Triggering user to escalate privileges to execute those arbitrary commands which they normally would not have.\n\n\nThis issue affects Apache Airflow Common SQL Provider: before 1.24.1.\n\nUsers are recommended to upgrade to version 1.24.1, which fixes the issue."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "security@apache.org",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/apache/airflow/pull/48098",
+      "source": "security@apache.org"
+    },
+    {
+      "url": "https://lists.apache.org/thread/53klkv790cylqcop0350w7nfq1y6h0t2",
+      "source": "security@apache.org"
+    },
+    {
+      "url": "http://www.openwall.com/lists/oss-security/2025/04/04/2",
+      "source": "af854a3a-2127-422b-91ae-364da2661108"
+    },
+    {
+      "url": "http://www.openwall.com/lists/oss-security/2025/04/06/1",
+      "source": "af854a3a-2127-422b-91ae-364da2661108"
+    },
+    {
+      "url": "http://www.openwall.com/lists/oss-security/2025/04/06/2",
+      "source": "af854a3a-2127-422b-91ae-364da2661108"
+    },
+    {
+      "url": "http://www.openwall.com/lists/oss-security/2025/04/06/3",
+      "source": "af854a3a-2127-422b-91ae-364da2661108"
+    }
+  ]
+}

CVE-2025/CVE-2025-33xx/CVE-2025-3342.json

@@ -0,0 +1,141 @@
+{
+  "id": "CVE-2025-3342",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2025-04-07T08:15:13.910",
+  "lastModified": "2025-04-07T08:15:13.910",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability has been found in codeprojects Online Restaurant Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/payment_save.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 6.9,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "vulnConfidentialityImpact": "LOW",
+          "vulnIntegrityImpact": "LOW",
+          "vulnAvailabilityImpact": "LOW",
+          "subConfidentialityImpact": "NONE",
+          "subIntegrityImpact": "NONE",
+          "subAvailabilityImpact": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirement": "NOT_DEFINED",
+          "integrityRequirement": "NOT_DEFINED",
+          "availabilityRequirement": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
+          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
+          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
+          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
+          "modifiedSubIntegrityImpact": "NOT_DEFINED",
+          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
+          "Safety": "NOT_DEFINED",
+          "Automatable": "NOT_DEFINED",
+          "Recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
+          "baseScore": 7.3,
+          "baseSeverity": "HIGH",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 3.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
+          "baseScore": 7.5,
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "NONE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "PARTIAL"
+        },
+        "baseSeverity": "HIGH",
+        "exploitabilityScore": 10.0,
+        "impactScore": 6.4,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-74"
+        },
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/p1026/CVE/issues/57",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.303556",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.303556",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.551916",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-33xx/CVE-2025-3343.json

@@ -0,0 +1,141 @@
+{
+  "id": "CVE-2025-3343",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2025-04-07T08:15:14.120",
+  "lastModified": "2025-04-07T08:15:14.120",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability was found in codeprojects Online Restaurant Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/reservation_update.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 6.9,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "vulnConfidentialityImpact": "LOW",
+          "vulnIntegrityImpact": "LOW",
+          "vulnAvailabilityImpact": "LOW",
+          "subConfidentialityImpact": "NONE",
+          "subIntegrityImpact": "NONE",
+          "subAvailabilityImpact": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirement": "NOT_DEFINED",
+          "integrityRequirement": "NOT_DEFINED",
+          "availabilityRequirement": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
+          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
+          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
+          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
+          "modifiedSubIntegrityImpact": "NOT_DEFINED",
+          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
+          "Safety": "NOT_DEFINED",
+          "Automatable": "NOT_DEFINED",
+          "Recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
+          "baseScore": 7.3,
+          "baseSeverity": "HIGH",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 3.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
+          "baseScore": 7.5,
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "NONE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "PARTIAL"
+        },
+        "baseSeverity": "HIGH",
+        "exploitabilityScore": 10.0,
+        "impactScore": 6.4,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-74"
+        },
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/p1026/CVE/issues/58",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.303557",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.303557",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.551917",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-33xx/CVE-2025-3344.json

@@ -0,0 +1,141 @@
+{
+  "id": "CVE-2025-3344",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2025-04-07T09:15:16.850",
+  "lastModified": "2025-04-07T09:15:16.850",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability was found in codeprojects Online Restaurant Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/assign_save.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 6.9,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "vulnConfidentialityImpact": "LOW",
+          "vulnIntegrityImpact": "LOW",
+          "vulnAvailabilityImpact": "LOW",
+          "subConfidentialityImpact": "NONE",
+          "subIntegrityImpact": "NONE",
+          "subAvailabilityImpact": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirement": "NOT_DEFINED",
+          "integrityRequirement": "NOT_DEFINED",
+          "availabilityRequirement": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
+          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
+          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
+          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
+          "modifiedSubIntegrityImpact": "NOT_DEFINED",
+          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
+          "Safety": "NOT_DEFINED",
+          "Automatable": "NOT_DEFINED",
+          "Recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
+          "baseScore": 7.3,
+          "baseSeverity": "HIGH",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 3.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
+          "baseScore": 7.5,
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "NONE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "PARTIAL"
+        },
+        "baseSeverity": "HIGH",
+        "exploitabilityScore": 10.0,
+        "impactScore": 6.4,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-74"
+        },
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/p1026/CVE/issues/59",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.303558",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.303558",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.551918",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-33xx/CVE-2025-3345.json

@@ -0,0 +1,141 @@
+{
+  "id": "CVE-2025-3345",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2025-04-07T09:15:17.047",
+  "lastModified": "2025-04-07T09:15:17.047",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability was found in codeprojects Online Restaurant Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/combo.php. The manipulation of the argument del leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 6.9,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "vulnConfidentialityImpact": "LOW",
+          "vulnIntegrityImpact": "LOW",
+          "vulnAvailabilityImpact": "LOW",
+          "subConfidentialityImpact": "NONE",
+          "subIntegrityImpact": "NONE",
+          "subAvailabilityImpact": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirement": "NOT_DEFINED",
+          "integrityRequirement": "NOT_DEFINED",
+          "availabilityRequirement": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
+          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
+          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
+          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
+          "modifiedSubIntegrityImpact": "NOT_DEFINED",
+          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
+          "Safety": "NOT_DEFINED",
+          "Automatable": "NOT_DEFINED",
+          "Recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
+          "baseScore": 7.3,
+          "baseSeverity": "HIGH",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 3.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
+          "baseScore": 7.5,
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "NONE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "PARTIAL"
+        },
+        "baseSeverity": "HIGH",
+        "exploitabilityScore": 10.0,
+        "impactScore": 6.4,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-74"
+        },
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/p1026/CVE/issues/60",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.303559",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.303559",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.551919",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}

README.md

@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2025-04-07T08:00:20.238066+00:00
+2025-04-07T10:01:07.313222+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2025-04-07T07:15:39.573000+00:00
+2025-04-07T09:15:17.047000+00:00
 ```
 
 ### Last Data Feed Release
@@ -33,24 +33,26 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-288787
+288793
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `5`
+Recently added CVEs: `6`
 
-- [CVE-2024-11071](CVE-2024/CVE-2024-110xx/CVE-2024-11071.json) (`2025-04-07T06:15:39.167`)
-- [CVE-2025-3338](CVE-2025/CVE-2025-33xx/CVE-2025-3338.json) (`2025-04-07T06:15:40.547`)
-- [CVE-2025-3339](CVE-2025/CVE-2025-33xx/CVE-2025-3339.json) (`2025-04-07T06:15:40.823`)
-- [CVE-2025-3340](CVE-2025/CVE-2025-33xx/CVE-2025-3340.json) (`2025-04-07T07:15:39.067`)
-- [CVE-2025-3341](CVE-2025/CVE-2025-33xx/CVE-2025-3341.json) (`2025-04-07T07:15:39.573`)
+- [CVE-2024-11859](CVE-2024/CVE-2024-118xx/CVE-2024-11859.json) (`2025-04-07T09:15:15.427`)
+- [CVE-2025-30473](CVE-2025/CVE-2025-304xx/CVE-2025-30473.json) (`2025-04-07T09:15:16.667`)
+- [CVE-2025-3342](CVE-2025/CVE-2025-33xx/CVE-2025-3342.json) (`2025-04-07T08:15:13.910`)
+- [CVE-2025-3343](CVE-2025/CVE-2025-33xx/CVE-2025-3343.json) (`2025-04-07T08:15:14.120`)
+- [CVE-2025-3344](CVE-2025/CVE-2025-33xx/CVE-2025-3344.json) (`2025-04-07T09:15:16.850`)
+- [CVE-2025-3345](CVE-2025/CVE-2025-33xx/CVE-2025-3345.json) (`2025-04-07T09:15:17.047`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `0`
+Recently modified CVEs: `1`
 
+- [CVE-2025-21918](CVE-2025/CVE-2025-219xx/CVE-2025-21918.json) (`2025-04-01T20:26:01.990`)
 
 
 ## Download and Usage

_state.csv

@@ -245534,7 +245534,7 @@ CVE-2024-11068,0,0,27b5234cdb2340fcc5efbf261c80bbf2d55dab89f3140f4955847575b03dd
 CVE-2024-11069,0,0,076f3859fdfa80941888f3284b502c2a2b6c46de09cc72f474773d2b7cedff3b,2025-01-23T17:20:03.587000
 CVE-2024-1107,0,0,5a3b93404fbe99abd1fe2d556d56f474326161e66d8f315a27927add1837860b,2024-11-21T08:49:48.697000
 CVE-2024-11070,0,0,d9ef5a8cd255789c36276ce8f4e1ab8ca41ed12c0a36ef18cc771900f2cf520f,2024-11-23T01:31:09.333000
-CVE-2024-11071,1,1,b764b907d689f24fd9ff9d6ff0b783ce48301d7517483a024e500845f3053aa5,2025-04-07T06:15:39.167000
+CVE-2024-11071,0,0,b764b907d689f24fd9ff9d6ff0b783ce48301d7517483a024e500845f3053aa5,2025-04-07T06:15:39.167000
 CVE-2024-11073,0,0,9e7fc2654a47a5aac025cc05db692caf55ef624e5b11770874bfc94cff9b5e2c,2024-11-18T17:21:19.557000
 CVE-2024-11074,0,0,58fb08bfcedc261a69e7301987c03f396959f4915994c478098af6f46a428527,2024-11-14T19:06:54.750000
 CVE-2024-11075,0,0,1453691218eaa30381e9b896380b7d3816e51e01355ecf6bb51d349da772dacc,2024-11-19T21:57:32.967000
@@ -246330,6 +246330,7 @@ CVE-2024-11854,0,0,999afde0352966c3848f9613a3046f97c5bfc972302cd671fa92812a3b6ba
 CVE-2024-11855,0,0,b8bfb341060496fd32ee788a9ac0c446229bec4b5e208f7ac30bcfa919ff4d7a,2024-12-14T05:15:07.960000
 CVE-2024-11856,0,0,d5dc91ea132c91646f44dabd18a1a6c06e1b122275ee7e71ea02b3d69779ae26,2024-12-02T03:15:13.713000
 CVE-2024-11858,0,0,73fd067f9f80a3fe9add2844a0fc8b12fbc4555aad7446ed909f2e6252e70dfe,2024-12-15T14:15:22.320000
+CVE-2024-11859,1,1,b68c5d1f3abbbe45099e3280f2bf7cee4cebaa851dbf10e73da29ae6e458ae2c,2025-04-07T09:15:15.427000
 CVE-2024-1186,0,0,2e273a7149091b295fd44850226681809150a1697d95b70cddb9945c7f5d2c46,2024-11-21T08:49:59.387000
 CVE-2024-11860,0,0,b4d86970e53cc06e2bb8bbb6ca541cbcee674b01ab736af3ad4a9b157ea7fdee,2024-12-04T21:08:39.133000
 CVE-2024-11862,0,0,f2607ef95f43bacf07d967cbeba7a58170571a09b34a70089d64cd1d0d5addef,2024-11-27T15:15:25.393000
@@ -283484,7 +283485,7 @@ CVE-2025-21914,0,0,43e8b841764a3fb4c5b2f5ca1dfd80d9a692c6c675aac830883c15ea6e940
 CVE-2025-21915,0,0,e9ff01185dd6c94141f82aa842ee98c862510b5c38faa1b2f82c23eceaf3eae4,2025-04-01T20:26:01.990000
 CVE-2025-21916,0,0,5ff5f340e651fe9e743b93228fca454cbb2103c90f2d61eac89d73e481d51305,2025-04-01T20:26:01.990000
 CVE-2025-21917,0,0,be60b88a08c97b17ede457c1899b76fcd08baac5756180d18f5a6c9e05c9b50a,2025-04-01T20:26:01.990000
-CVE-2025-21918,0,0,2e089a7ac136f228fced96b1cda70a9ed57881191ec6f8feca10f77c02af4ed1,2025-04-01T20:26:01.990000
+CVE-2025-21918,0,1,924b94b4e9d0aa014925b9838ae3bd72b4fb3ba35b6e86ecd36fcd80eb345062,2025-04-01T20:26:01.990000
 CVE-2025-21919,0,0,adacb5b9add61e538b123bc259207b47f723388fd375d2edd7dd54b131998a32,2025-04-01T20:26:01.990000
 CVE-2025-2192,0,0,154f3902bcd5e64a72bf0ae06aa3f84eb0e5031d75ead63c96aedd6785aca290,2025-03-11T14:15:27.443000
 CVE-2025-21920,0,0,de9507e0572ed1d50213f1db0350f23969dc66af66371ffa6304239e2c01687f,2025-04-01T20:26:01.990000
@@ -287677,6 +287678,7 @@ CVE-2025-3047,0,0,a30c36369bf3e12cbd7e65026519106518e3e5f822a760b35651157c31c62e
 CVE-2025-30470,0,0,74bfaf44e0681d163fdd1bb7cb5edf9226008c5405e279c34157c5a94d199b90,2025-04-04T18:15:36.720000
 CVE-2025-30471,0,0,9269044bc98a97554e0c019dea428a665104b61258abc5e9fae7c043683161e9,2025-04-04T18:15:26.537000
 CVE-2025-30472,0,0,a9a589c92e85a7dd5dc78fc910cf31729074e91942c97c7d1b5338ab1df8371e,2025-04-01T20:28:02.283000
+CVE-2025-30473,1,1,4bc609bd792b661459918cb3834a9d4c8251559304f069bd00d156cbd98b999b,2025-04-07T09:15:16.667000
 CVE-2025-30474,0,0,eb6c167d1736e5a0a05d76dda95c9383453e456c61b97e97ddf0c32b61180eb9,2025-04-01T18:15:30.003000
 CVE-2025-3048,0,0,8c9d9ed36af65f4d6aa3fb74d6647d88f2ae80886b1a7fcca7e2b0a1fc1e20e2,2025-04-01T20:26:22.890000
 CVE-2025-30485,0,0,40c2bfc3a7529030acaba7b858cf13857c2ea57bdac4e839daf060735cb16f8a,2025-04-03T07:15:41.110000
@@ -288782,7 +288784,11 @@ CVE-2025-3334,0,0,706299386e020d274119decb9c2db2a55cacbe094a17783589bb7f32e5b96f
 CVE-2025-3335,0,0,d09a7956d2ecee178f89e4e888552712d59a4d4339afa40dba244fe0fc6635cc,2025-04-07T04:15:36.017000
 CVE-2025-3336,0,0,3cc453d9260109ce1073b18d0eac2cfa232dee06f1b69469e964f5f7f315c468,2025-04-07T05:15:29.767000
 CVE-2025-3337,0,0,8715b9957d608f1ec7456c4f26c251aca7e422873ba24280bbceb69498efa44c,2025-04-07T05:15:31.707000
-CVE-2025-3338,1,1,10505a9cdc6664189920cbca060bf28870c086a7db40c4db16dca7e2d6fe94b1,2025-04-07T06:15:40.547000
-CVE-2025-3339,1,1,952d5ef6529dd456c22372c973d3a7e101a4c4f44c5b3d4621960313b13eb6ff,2025-04-07T06:15:40.823000
-CVE-2025-3340,1,1,220948cfb011f661ab01a7393803167ed1a1f0434fdec727018e38f04a5ca519,2025-04-07T07:15:39.067000
-CVE-2025-3341,1,1,7fb01e7c340f2b445323a7b7b6fb2098cb4ae15f633003f38b8bc602ab5c5bb8,2025-04-07T07:15:39.573000
+CVE-2025-3338,0,0,10505a9cdc6664189920cbca060bf28870c086a7db40c4db16dca7e2d6fe94b1,2025-04-07T06:15:40.547000
+CVE-2025-3339,0,0,952d5ef6529dd456c22372c973d3a7e101a4c4f44c5b3d4621960313b13eb6ff,2025-04-07T06:15:40.823000
+CVE-2025-3340,0,0,220948cfb011f661ab01a7393803167ed1a1f0434fdec727018e38f04a5ca519,2025-04-07T07:15:39.067000
+CVE-2025-3341,0,0,7fb01e7c340f2b445323a7b7b6fb2098cb4ae15f633003f38b8bc602ab5c5bb8,2025-04-07T07:15:39.573000
+CVE-2025-3342,1,1,deace936bd60dab082139939254e85c98ae9e697787a0f1baa37e9158485a628,2025-04-07T08:15:13.910000
+CVE-2025-3343,1,1,eec621cc7fe6a834a2f443ec38ca943ffb9f3e3f01ffec434c2062a598b3969b,2025-04-07T08:15:14.120000
+CVE-2025-3344,1,1,a58b3ce2e11b8f4240a7e00280e9001b2c4df020b273799feb5c2d07e9000bd9,2025-04-07T09:15:16.850000
+CVE-2025-3345,1,1,41b232ef3d896e76634b3ffd0199594e52e88bc75d9bb547cb22c6d0c760ff8c,2025-04-07T09:15:17.047000