Auto-Update: 2025-06-19T16:00:20.308673+00:00

CVE-2005/CVE-2005-23xx/CVE-2005-2347.json

@@ -0,0 +1,16 @@
+{
+  "id": "CVE-2005-2347",
+  "sourceIdentifier": "security@debian.org",
+  "published": "2025-06-19T11:15:23.593",
+  "lastModified": "2025-06-19T11:15:23.593",
+  "vulnStatus": "Rejected",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
+    }
+  ],
+  "metrics": {},
+  "references": []
+}

CVE-2016/CVE-2016-33xx/CVE-2016-3399.json

@@ -0,0 +1,16 @@
+{
+  "id": "CVE-2016-3399",
+  "sourceIdentifier": "security@debian.org",
+  "published": "2025-06-19T09:15:21.290",
+  "lastModified": "2025-06-19T09:15:21.290",
+  "vulnStatus": "Rejected",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
+    }
+  ],
+  "metrics": {},
+  "references": []
+}

CVE-2021/CVE-2021-471xx/CVE-2021-47144.json

@@ -2,174 +2,15 @@
   "id": "CVE-2021-47144",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T09:15:08.950",
-  "lastModified": "2024-12-17T14:49:22.333",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2025-06-19T14:15:24.327",
+  "vulnStatus": "Rejected",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
-      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/amdgpu: fix refcount leak\n\n[Why]\nthe gem object rfb->base.obj[0] is get according to num_planes\nin amdgpufb_create, but is not put according to num_planes\n\n[How]\nput rfb->base.obj[0] in amdgpu_fbdev_destroy according to num_planes"
-    },
-    {
-      "lang": "es",
-      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/amdgpu: corrige la fuga de refcount [Por qu\u00e9] el objeto gema rfb->base.obj[0] se obtiene seg\u00fan num_planes en amdgpufb_create, pero no se coloca seg\u00fan num_planes en amdgpufb_create num_planes [C\u00f3mo] poner rfb->base.obj[0] en amdgpu_fbdev_destroy seg\u00fan num_planes"
+      "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
     }
   ],
-  "metrics": {
-    "cvssMetricV31": [
-      {
-        "source": "nvd@nist.gov",
-        "type": "Primary",
-        "cvssData": {
-          "version": "3.1",
-          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
-          "baseScore": 5.5,
-          "baseSeverity": "MEDIUM",
-          "attackVector": "LOCAL",
-          "attackComplexity": "LOW",
-          "privilegesRequired": "LOW",
-          "userInteraction": "NONE",
-          "scope": "UNCHANGED",
-          "confidentialityImpact": "NONE",
-          "integrityImpact": "NONE",
-          "availabilityImpact": "HIGH"
-        },
-        "exploitabilityScore": 1.8,
-        "impactScore": 3.6
-      }
-    ]
-  },
-  "weaknesses": [
-    {
-      "source": "nvd@nist.gov",
-      "type": "Primary",
-      "description": [
-        {
-          "lang": "en",
-          "value": "NVD-CWE-Other"
-        }
-      ]
-    }
-  ],
-  "configurations": [
-    {
-      "nodes": [
-        {
-          "operator": "OR",
-          "negate": false,
-          "cpeMatch": [
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
-              "versionEndExcluding": "4.19.193",
-              "matchCriteriaId": "A3FDF344-70E4-41FE-8424-F05D70B8DC0F"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
-              "versionStartIncluding": "5.4.0",
-              "versionEndExcluding": "5.4.124",
-              "matchCriteriaId": "F717E3E3-B420-411F-AECC-2D26A9F33F0F"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
-              "versionStartIncluding": "5.10.0",
-              "versionEndExcluding": "5.10.42",
-              "matchCriteriaId": "18765089-FB00-4E06-82C2-69FE64CAB42D"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
-              "versionStartIncluding": "5.12.0",
-              "versionEndExcluding": "5.12.9",
-              "matchCriteriaId": "B1F28E29-3C08-49BB-BCE1-C601F43C091D"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*",
-              "matchCriteriaId": "0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*",
-              "matchCriteriaId": "96AC23B2-D46A-49D9-8203-8E1BEDCA8532"
-            }
-          ]
-        }
-      ]
-    }
-  ],
-  "references": [
-    {
-      "url": "https://git.kernel.org/stable/c/599e5d61ace952b0bb9bd942b198bbd0cfded1d7",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/95a4ec905e51a30c64cf2d78b04a7acbeae5ca94",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/9fdb8ed37a3a44f9c49372b69f87fd5f61cb3240",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/dde2656e0bbb2ac7d83a7bd95a8d5c3c95bbc009",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/fa7e6abc75f3d491bc561734312d065dc9dc2a77",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/599e5d61ace952b0bb9bd942b198bbd0cfded1d7",
-      "source": "af854a3a-2127-422b-91ae-364da2661108",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/95a4ec905e51a30c64cf2d78b04a7acbeae5ca94",
-      "source": "af854a3a-2127-422b-91ae-364da2661108",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/9fdb8ed37a3a44f9c49372b69f87fd5f61cb3240",
-      "source": "af854a3a-2127-422b-91ae-364da2661108",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/dde2656e0bbb2ac7d83a7bd95a8d5c3c95bbc009",
-      "source": "af854a3a-2127-422b-91ae-364da2661108",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/fa7e6abc75f3d491bc561734312d065dc9dc2a77",
-      "source": "af854a3a-2127-422b-91ae-364da2661108",
-      "tags": [
-        "Patch"
-      ]
-    }
-  ]
+  "metrics": {},
+  "references": []
 }

CVE-2022/CVE-2022-438xx/CVE-2022-43840.json

@@ -2,8 +2,8 @@
   "id": "CVE-2022-43840",
   "sourceIdentifier": "psirt@us.ibm.com",
   "published": "2025-04-14T21:15:16.200",
-  "lastModified": "2025-04-15T21:15:46.440",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2025-06-19T00:37:04.670",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
@@ -51,10 +51,32 @@
       ]
     }
   ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:ibm:aspera_console:*:*:*:*:*:*:*:*",
+              "versionStartIncluding": "3.4.0",
+              "versionEndIncluding": "3.4.4",
+              "matchCriteriaId": "682EB2AD-DD53-43FC-8A8E-7A3BDE927467"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://www.ibm.com/support/pages/node/7169766",
-      "source": "psirt@us.ibm.com"
+      "source": "psirt@us.ibm.com",
+      "tags": [
+        "Vendor Advisory"
+      ]
     }
   ]
 }

CVE-2022/CVE-2022-488xx/CVE-2022-48849.json

@@ -2,7 +2,7 @@
   "id": "CVE-2022-48849",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-07-16T13:15:12.103",
-  "lastModified": "2024-11-21T07:34:12.480",
+  "lastModified": "2025-06-19T13:15:21.690",
   "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
@@ -91,13 +91,6 @@
         "Patch"
       ]
     },
-    {
-      "url": "https://git.kernel.org/stable/c/fcd1d79aa943fff4fbaa0cce1d576995a7960699",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
     {
       "url": "https://git.kernel.org/stable/c/cb29021be49858059138f75d6311a7c35a9379b2",
       "source": "af854a3a-2127-422b-91ae-364da2661108",

CVE-2022/CVE-2022-489xx/CVE-2022-48935.json

@@ -2,8 +2,8 @@
   "id": "CVE-2022-48935",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-08-22T04:15:16.877",
-  "lastModified": "2024-08-23T01:45:31.280",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2025-06-19T13:15:21.983",
+  "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
     {
@@ -105,13 +105,6 @@
         "Patch"
       ]
     },
-    {
-      "url": "https://git.kernel.org/stable/c/88c795491bf45a8c08a0f94c9ca4f13722e51013",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
     {
       "url": "https://git.kernel.org/stable/c/8ffb8ac3448845f65634889b051bd65e4dee484b",
       "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
@@ -119,13 +112,6 @@
         "Patch"
       ]
     },
-    {
-      "url": "https://git.kernel.org/stable/c/b05a24cc453e3cd51b0c79e3c583b5d495eba1d6",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
     {
       "url": "https://git.kernel.org/stable/c/b4fcc081e527aa2ce12e956912fc47e251f6bd27",
       "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",

CVE-2022/CVE-2022-489xx/CVE-2022-48941.json

@@ -2,8 +2,8 @@
   "id": "CVE-2022-48941",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-08-22T04:15:17.967",
-  "lastModified": "2024-08-22T18:41:37.090",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2025-06-19T13:15:22.263",
+  "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
     {
@@ -84,13 +84,6 @@
     }
   ],
   "references": [
-    {
-      "url": "https://git.kernel.org/stable/c/05ae1f0fe9c6c5ead08b306e665763a352d20716",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
     {
       "url": "https://git.kernel.org/stable/c/2a3e61de89bab6696aa28b70030eb119968c5586",
       "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",

CVE-2022/CVE-2022-491xx/CVE-2022-49152.json

@@ -2,8 +2,8 @@
   "id": "CVE-2022-49152",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2025-02-26T07:00:52.440",
-  "lastModified": "2025-03-13T21:58:23.127",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2025-06-19T13:15:22.587",
+  "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
     {
@@ -105,40 +105,12 @@
         "Patch"
       ]
     },
-    {
-      "url": "https://git.kernel.org/stable/c/1ac49c8fd49fdf53d3cd8b77eb8ffda08d7fbe22",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/29968329b926d238e3107ec071a250397555d264",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/3e2852eda19ee1a400cd809d7a9322680f34a262",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
     {
       "url": "https://git.kernel.org/stable/c/3e3c658055c002900982513e289398a1aad4a488",
       "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
       "tags": [
         "Patch"
       ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/7521a97b1929042604bef6859f62fa8b4bbc077b",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
     }
   ]
 }

CVE-2022/CVE-2022-492xx/CVE-2022-49299.json

@@ -2,185 +2,15 @@
   "id": "CVE-2022-49299",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2025-02-26T07:01:06.727",
-  "lastModified": "2025-04-14T19:49:30.960",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2025-06-19T14:15:34.170",
+  "vulnStatus": "Rejected",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
-      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc2: gadget: don't reset gadget's driver->bus\n\nUDC driver should not touch gadget's driver internals, especially it\nshould not reset driver->bus. This wasn't harmful so far, but since\ncommit fc274c1e9973 (\"USB: gadget: Add a new bus for gadgets\") gadget\nsubsystem got it's own bus and messing with ->bus triggers the\nfollowing NULL pointer dereference:\n\ndwc2 12480000.hsotg: bound driver g_ether\n8<--- cut here ---\nUnable to handle kernel NULL pointer dereference at virtual address 00000000\n[00000000] *pgd=00000000\nInternal error: Oops: 5 [#1] SMP ARM\nModules linked in: ...\nCPU: 0 PID: 620 Comm: modprobe Not tainted 5.18.0-rc5-next-20220504 #11862\nHardware name: Samsung Exynos (Flattened Device Tree)\nPC is at module_add_driver+0x44/0xe8\nLR is at sysfs_do_create_link_sd+0x84/0xe0\n...\nProcess modprobe (pid: 620, stack limit = 0x(ptrval))\n...\n module_add_driver from bus_add_driver+0xf4/0x1e4\n bus_add_driver from driver_register+0x78/0x10c\n driver_register from usb_gadget_register_driver_owner+0x40/0xb4\n usb_gadget_register_driver_owner from do_one_initcall+0x44/0x1e0\n do_one_initcall from do_init_module+0x44/0x1c8\n do_init_module from load_module+0x19b8/0x1b9c\n load_module from sys_finit_module+0xdc/0xfc\n sys_finit_module from ret_fast_syscall+0x0/0x54\nException stack(0xf1771fa8 to 0xf1771ff0)\n...\ndwc2 12480000.hsotg: new device is high-speed\n---[ end trace 0000000000000000 ]---\n\nFix this by removing driver->bus entry reset."
-    },
-    {
-      "lang": "es",
-      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usb: dwc2: gadget: no restablezca el controlador UDC del bus del gadget-&gt;controlador no debe tocar los componentes internos del controlador del gadget, especialmente no debe restablecer el controlador UDC del bus del gadget-&gt;controlador. Esto no fue da\u00f1ino hasta ahora, pero desde el commit fc274c1e9973 (\"USB: gadget: Agregar un nuevo bus para gadgets\") el subsistema de gadget tiene su propio bus y jugar con -&gt;bus desencadena la siguiente desreferencia de puntero NULL: dwc2 12480000.hsotg: controlador vinculado g_ether 8&lt;--- corte aqu\u00ed --- No se puede manejar la desreferencia de puntero NULL del kernel en la direcci\u00f3n virtual 00000000 [00000000] *pgd=00000000 Error interno: Oops: 5 [#1] M\u00f3dulos SMP ARM vinculados en: ... CPU: 0 PID: 620 Comm: modprobe No contaminado 5.18.0-rc5-next-20220504 #11862 Nombre del hardware: Samsung Exynos (\u00e1rbol de dispositivos aplanado) La PC est\u00e1 en module_add_driver+0x44/0xe8 LR est\u00e1 en sysfs_do_create_link_sd+0x84/0xe0 ... Procesar modprobe (pid: 620, l\u00edmite de pila = 0x(ptrval)) ... module_add_driver desde bus_add_driver+0xf4/0x1e4 bus_add_driver desde driver_register+0x78/0x10c driver_register desde usb_gadget_register_driver_owner+0x40/0xb4 usb_gadget_register_driver_owner desde do_one_initcall+0x44/0x1e0 do_one_initcall desde do_init_module+0x44/0x1c8 do_init_module desde load_module+0x19b8/0x1b9c load_module desde sys_finit_module+0xdc/0xfc sys_finit_module de ret_fast_syscall+0x0/0x54 Pila de excepciones (0xf1771fa8 a 0xf1771ff0) ... dwc2 12480000.hsotg: el nuevo dispositivo es de alta velocidad ---[ fin de seguimiento 000000000000000 ]--- Solucione esto eliminando el restablecimiento de la entrada del bus del controlador."
+      "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
     }
   ],
-  "metrics": {
-    "cvssMetricV31": [
-      {
-        "source": "nvd@nist.gov",
-        "type": "Primary",
-        "cvssData": {
-          "version": "3.1",
-          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
-          "baseScore": 5.5,
-          "baseSeverity": "MEDIUM",
-          "attackVector": "LOCAL",
-          "attackComplexity": "LOW",
-          "privilegesRequired": "LOW",
-          "userInteraction": "NONE",
-          "scope": "UNCHANGED",
-          "confidentialityImpact": "NONE",
-          "integrityImpact": "NONE",
-          "availabilityImpact": "HIGH"
-        },
-        "exploitabilityScore": 1.8,
-        "impactScore": 3.6
-      }
-    ]
-  },
-  "weaknesses": [
-    {
-      "source": "nvd@nist.gov",
-      "type": "Primary",
-      "description": [
-        {
-          "lang": "en",
-          "value": "CWE-476"
-        }
-      ]
-    }
-  ],
-  "configurations": [
-    {
-      "nodes": [
-        {
-          "operator": "OR",
-          "negate": false,
-          "cpeMatch": [
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
-              "versionEndExcluding": "4.9.318",
-              "matchCriteriaId": "0D4D4067-974D-4560-8320-22FDA399E3F9"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
-              "versionStartIncluding": "4.10",
-              "versionEndExcluding": "4.14.283",
-              "matchCriteriaId": "D6823775-2653-4644-A0D4-4E6E68F10C65"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
-              "versionStartIncluding": "4.15",
-              "versionEndExcluding": "4.19.247",
-              "matchCriteriaId": "B8CFA0F4-2D75-41F4-9753-87944A08B53B"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
-              "versionStartIncluding": "4.20",
-              "versionEndExcluding": "5.4.198",
-              "matchCriteriaId": "3EC49633-14DE-4EBD-BB80-76AE2E3EABB9"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
-              "versionStartIncluding": "5.5",
-              "versionEndExcluding": "5.10.122",
-              "matchCriteriaId": "1B42AA01-44D8-4572-95E6-FF8E374CF9C5"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
-              "versionStartIncluding": "5.11",
-              "versionEndExcluding": "5.15.47",
-              "matchCriteriaId": "FC042EE3-4864-4325-BE0B-4BCDBF11AA61"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
-              "versionStartIncluding": "5.16",
-              "versionEndExcluding": "5.17.15",
-              "matchCriteriaId": "53E7AA2E-2FB4-45CA-A22B-08B4EDBB51AD"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
-              "versionStartIncluding": "5.18",
-              "versionEndExcluding": "5.18.4",
-              "matchCriteriaId": "FA6D643C-6D6A-4821-8A8D-B5776B8F0103"
-            }
-          ]
-        }
-      ]
-    }
-  ],
-  "references": [
-    {
-      "url": "https://git.kernel.org/stable/c/172cfc167c8ee6238f24f9c16efd598602af643c",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/3120aac6d0ecd9accf56894aeac0e265f74d3d5a",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/5127c0f365265bb69cd776ad6e4b872c309f3fa8",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/547ebdc200b862dff761ff4890f66d8217c33316",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/5b0c0298f7c3b57417f1729ec4071f76864b72dd",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/bee8f9808a7e82addfc73a0973b16a8bb684205b",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/d2159feb9d28ce496d77df98313ab454646372ac",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/d232ca0bbc7d03144bad0ffd1792c3352bfd03fa",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/efb15ff4a77fe053c941281775fefa91c87770e0",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    }
-  ]
+  "metrics": {},
+  "references": []
 }

CVE-2022/CVE-2022-493xx/CVE-2022-49352.json

@@ -2,7 +2,7 @@
   "id": "CVE-2022-49352",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2025-02-26T07:01:11.920",
-  "lastModified": "2025-02-26T07:01:11.920",
+  "lastModified": "2025-06-19T13:15:23.173",
   "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
@@ -17,10 +17,6 @@
   ],
   "metrics": {},
   "references": [
-    {
-      "url": "https://git.kernel.org/stable/c/0ab308d72af7548f21e4499d025c25887da0c26a",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
-    },
     {
       "url": "https://git.kernel.org/stable/c/1bcce88da60eccc946c0f4ed942b0f08cd565778",
       "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"

CVE-2022/CVE-2022-494xx/CVE-2022-49412.json

@@ -2,8 +2,8 @@
   "id": "CVE-2022-49412",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2025-02-26T07:01:17.703",
-  "lastModified": "2025-03-24T19:52:31.537",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2025-06-19T13:15:23.390",
+  "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
     {
@@ -105,13 +105,6 @@
         "Patch"
       ]
     },
-    {
-      "url": "https://git.kernel.org/stable/c/7d172b9dc913e161d8ff88770eea01701ff553de",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
     {
       "url": "https://git.kernel.org/stable/c/8abc8763b11c35e03cc91d59fd0cd28d39f88ca9",
       "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
@@ -119,13 +112,6 @@
         "Patch"
       ]
     },
-    {
-      "url": "https://git.kernel.org/stable/c/97be7d13fbd4001eeab49b1be6399f23a8c66160",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
     {
       "url": "https://git.kernel.org/stable/c/a16c65cca7d2c7ff965fdd3adc8df2156529caf1",
       "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",

CVE-2022/CVE-2022-494xx/CVE-2022-49418.json

@@ -2,7 +2,7 @@
   "id": "CVE-2022-49418",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2025-02-26T07:01:18.260",
-  "lastModified": "2025-02-26T07:01:18.260",
+  "lastModified": "2025-06-19T13:15:23.660",
   "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
@@ -24,10 +24,6 @@
     {
       "url": "https://git.kernel.org/stable/c/c3ed222745d9ad7b69299b349a64ba533c64a34f",
       "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/eb1fe9600b86c24a789046bfc5c6851dda119280",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
     }
   ]
 }

CVE-2022/CVE-2022-495xx/CVE-2022-49558.json

@@ -2,7 +2,7 @@
   "id": "CVE-2022-49558",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2025-02-26T07:01:31.597",
-  "lastModified": "2025-02-26T07:01:31.597",
+  "lastModified": "2025-06-19T13:15:23.990",
   "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
@@ -37,10 +37,6 @@
       "url": "https://git.kernel.org/stable/c/b09e6ccf0d12f9356e8e3508d3e3dce126298538",
       "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
     },
-    {
-      "url": "https://git.kernel.org/stable/c/c73955a09408e7374d9abfd0e78ce3de9cda0635",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
-    },
     {
       "url": "https://git.kernel.org/stable/c/f9a43007d3f7ba76d5e7f9421094f00f2ef202f8",
       "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"

CVE-2023/CVE-2023-430xx/CVE-2023-43052.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-43052",
   "sourceIdentifier": "psirt@us.ibm.com",
   "published": "2025-03-07T17:15:18.060",
-  "lastModified": "2025-03-07T17:15:18.060",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2025-06-19T00:11:36.133",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
@@ -81,10 +81,35 @@
       ]
     }
   ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:ibm:control_center:6.2.1.0:*:*:*:*:*:*:*",
+              "matchCriteriaId": "86853A4E-905D-46A9-BF43-6D6117AA2442"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:ibm:control_center:6.3.1.0:*:*:*:*:*:*:*",
+              "matchCriteriaId": "5C510A28-7CFF-414B-A740-13A71CB97271"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://www.ibm.com/support/pages/node/7185102",
-      "source": "psirt@us.ibm.com"
+      "source": "psirt@us.ibm.com",
+      "tags": [
+        "Vendor Advisory"
+      ]
     }
   ]
 }

CVE-2023/CVE-2023-447xx/CVE-2023-44755.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-44755",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2025-04-22T18:15:58.483",
-  "lastModified": "2025-04-23T14:15:27.320",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2025-06-19T00:21:38.390",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
@@ -51,14 +51,39 @@
       ]
     }
   ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:mayurik:sacco_management_system:1.0:*:*:*:*:*:*:*",
+              "matchCriteriaId": "FDC948D1-2B9F-4317-8ED4-73F1BF7C4537"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://flashy-lemonade-192.notion.site/SQL-injection-in-Sacco-Management-system-via-password-and-id-parameter-1d85fc432de24db896446002f91acfd1",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Exploit",
+        "Third Party Advisory"
+      ]
     },
     {
       "url": "https://flashy-lemonade-192.notion.site/SQL-injection-in-Sacco-Management-system-via-password-and-id-parameter-1d85fc432de24db896446002f91acfd1?pvs=4",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Exploit",
+        "Third Party Advisory"
+      ]
     }
   ]
 }

CVE-2023/CVE-2023-525xx/CVE-2023-52569.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-52569",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-02T22:15:49.163",
-  "lastModified": "2025-01-16T17:08:05.613",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2025-06-19T13:15:25.037",
+  "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
     {
@@ -89,13 +89,6 @@
         "Patch"
       ]
     },
-    {
-      "url": "https://git.kernel.org/stable/c/39c4a9522db0072570d602e9b365119e17fb9f4f",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
     {
       "url": "https://git.kernel.org/stable/c/d10fd53393cc5de4b9cf1a4b8f9984f0a037aa51",
       "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",

CVE-2023/CVE-2023-526xx/CVE-2023-52681.json

@@ -2,7 +2,7 @@
   "id": "CVE-2023-52681",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-05-17T15:15:19.360",
-  "lastModified": "2024-11-21T08:40:21.033",
+  "lastModified": "2025-06-19T13:15:25.340",
   "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
@@ -17,10 +17,6 @@
   ],
   "metrics": {},
   "references": [
-    {
-      "url": "https://git.kernel.org/stable/c/48be1364dd387e375e1274b76af986cb8747be2c",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
-    },
     {
       "url": "https://git.kernel.org/stable/c/547713d502f7b4b8efccd409cff84d731a23853b",
       "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
@@ -29,10 +25,6 @@
       "url": "https://git.kernel.org/stable/c/92be3095c6ca1cdc46237839c6087555be9160e3",
       "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
     },
-    {
-      "url": "https://git.kernel.org/stable/c/ea6b597fcaca99562fa56a473bcbbbd79b40af03",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
-    },
     {
       "url": "https://git.kernel.org/stable/c/48be1364dd387e375e1274b76af986cb8747be2c",
       "source": "af854a3a-2127-422b-91ae-364da2661108"

CVE-2023/CVE-2023-527xx/CVE-2023-52733.json

@@ -2,194 +2,15 @@
   "id": "CVE-2023-52733",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-05-21T16:15:13.380",
-  "lastModified": "2025-04-02T14:51:20.137",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2025-06-19T13:15:25.540",
+  "vulnStatus": "Rejected",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
-      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/decompressor: specify __decompress() buf len to avoid overflow\n\nHistorically calls to __decompress() didn't specify \"out_len\" parameter\non many architectures including s390, expecting that no writes beyond\nuncompressed kernel image are performed. This has changed since commit\n2aa14b1ab2c4 (\"zstd: import usptream v1.5.2\") which includes zstd library\ncommit 6a7ede3dfccb (\"Reduce size of dctx by reutilizing dst buffer\n(#2751)\"). Now zstd decompression code might store literal buffer in\nthe unwritten portion of the destination buffer. Since \"out_len\" is\nnot set, it is considered to be unlimited and hence free to use for\noptimization needs. On s390 this might corrupt initrd or ipl report\nwhich are often placed right after the decompressor buffer. Luckily the\nsize of uncompressed kernel image is already known to the decompressor,\nso to avoid the problem simply specify it in the \"out_len\" parameter."
-    },
-    {
-      "lang": "es",
-      "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: s390/decompressor: especifique __decompress() buf len para evitar el desbordamiento. Hist\u00f3ricamente, las llamadas a __decompress() no especificaban el par\u00e1metro \"out_len\" en muchas arquitecturas, incluido s390, esperando que no se escribieran m\u00e1s all\u00e1 Se realizan im\u00e1genes del kernel sin comprimir. Esto ha cambiado desde la confirmaci\u00f3n 2aa14b1ab2c4 (\"zstd: import usptream v1.5.2\") que incluye la confirmaci\u00f3n de la biblioteca zstd 6a7ede3dfccb (\"Reducir el tama\u00f1o de dctx reutilizando el b\u00fafer dst (#2751)\"). Ahora el c\u00f3digo de descompresi\u00f3n zstd podr\u00eda almacenar un b\u00fafer literal en la parte no escrita del b\u00fafer de destino. Dado que \"out_len\" no est\u00e1 configurado, se considera ilimitado y, por lo tanto, de uso gratuito para las necesidades de optimizaci\u00f3n. En s390, esto podr\u00eda da\u00f1ar el informe initrd o ipl que a menudo se coloca justo despu\u00e9s del buffer del descompresor. Afortunadamente, el descompresor ya conoce el tama\u00f1o de la imagen del kernel sin comprimir, por lo que para evitar el problema simplemente especif\u00edquelo en el par\u00e1metro \"out_len\"."
+      "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
     }
   ],
-  "metrics": {
-    "cvssMetricV31": [
-      {
-        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
-        "type": "Secondary",
-        "cvssData": {
-          "version": "3.1",
-          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
-          "baseScore": 7.8,
-          "baseSeverity": "HIGH",
-          "attackVector": "LOCAL",
-          "attackComplexity": "LOW",
-          "privilegesRequired": "LOW",
-          "userInteraction": "NONE",
-          "scope": "UNCHANGED",
-          "confidentialityImpact": "HIGH",
-          "integrityImpact": "HIGH",
-          "availabilityImpact": "HIGH"
-        },
-        "exploitabilityScore": 1.8,
-        "impactScore": 5.9
-      }
-    ]
-  },
-  "weaknesses": [
-    {
-      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
-      "type": "Secondary",
-      "description": [
-        {
-          "lang": "en",
-          "value": "CWE-120"
-        }
-      ]
-    }
-  ],
-  "configurations": [
-    {
-      "nodes": [
-        {
-          "operator": "OR",
-          "negate": false,
-          "cpeMatch": [
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
-              "versionEndExcluding": "5.4.232",
-              "matchCriteriaId": "B50AC354-4651-4CDE-8EA9-58A9A917F725"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
-              "versionStartIncluding": "5.5",
-              "versionEndExcluding": "5.10.169",
-              "matchCriteriaId": "D8E6784B-A00F-47F0-882B-7209E1F374B7"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
-              "versionStartIncluding": "5.11",
-              "versionEndExcluding": "5.15.95",
-              "matchCriteriaId": "8508F80E-8588-4976-A2BA-7A2D85018C4E"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
-              "versionStartIncluding": "5.16",
-              "versionEndExcluding": "6.1.13",
-              "matchCriteriaId": "CE354BE6-0C0F-47EB-AD8A-1433F041AC20"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc1:*:*:*:*:*:*",
-              "matchCriteriaId": "FF501633-2F44-4913-A8EE-B021929F49F6"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc2:*:*:*:*:*:*",
-              "matchCriteriaId": "2BDA597B-CAC1-4DF0-86F0-42E142C654E9"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc3:*:*:*:*:*:*",
-              "matchCriteriaId": "725C78C9-12CE-406F-ABE8-0813A01D66E8"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc4:*:*:*:*:*:*",
-              "matchCriteriaId": "A127C155-689C-4F67-B146-44A57F4BFD85"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc5:*:*:*:*:*:*",
-              "matchCriteriaId": "D34127CC-68F5-4703-A5F6-5006F803E4AE"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc6:*:*:*:*:*:*",
-              "matchCriteriaId": "4AB8D555-648E-4F2F-98BD-3E7F45BD12A8"
-            }
-          ]
-        }
-      ]
-    }
-  ],
-  "references": [
-    {
-      "url": "https://git.kernel.org/stable/c/16409f7d9ca5bb8220e1049ea9aae0d3c94d2dfb",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/55dbd6f4ea954751340f4f73d5dcd7c8f12208b2",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/7ab41c2c08a32132ba8c14624910e2fe8ce4ba4b",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/9ed522143f959630f8b7782ddc212900d8f609a9",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/f1eb22d0ff064ad458b3b1a1eaa84ac3996206c2",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/16409f7d9ca5bb8220e1049ea9aae0d3c94d2dfb",
-      "source": "af854a3a-2127-422b-91ae-364da2661108",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/55dbd6f4ea954751340f4f73d5dcd7c8f12208b2",
-      "source": "af854a3a-2127-422b-91ae-364da2661108",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/7ab41c2c08a32132ba8c14624910e2fe8ce4ba4b",
-      "source": "af854a3a-2127-422b-91ae-364da2661108",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/9ed522143f959630f8b7782ddc212900d8f609a9",
-      "source": "af854a3a-2127-422b-91ae-364da2661108",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/f1eb22d0ff064ad458b3b1a1eaa84ac3996206c2",
-      "source": "af854a3a-2127-422b-91ae-364da2661108",
-      "tags": [
-        "Patch"
-      ]
-    }
-  ]
+  "metrics": {},
+  "references": []
 }

CVE-2023/CVE-2023-527xx/CVE-2023-52760.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-52760",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-05-21T16:15:15.410",
-  "lastModified": "2025-01-22T18:03:56.987",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2025-06-19T13:15:30.487",
+  "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
     {
@@ -84,13 +84,6 @@
         "Patch"
       ]
     },
-    {
-      "url": "https://git.kernel.org/stable/c/7ad4e0a4f61c57c3ca291ee010a9d677d0199fba",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
     {
       "url": "https://git.kernel.org/stable/c/bdcb8aa434c6d36b5c215d02a9ef07551be25a37",
       "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",

CVE-2023/CVE-2023-529xx/CVE-2023-52921.json

@@ -2,7 +2,7 @@
   "id": "CVE-2023-52921",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-11-19T02:15:09.310",
-  "lastModified": "2024-12-11T15:15:07.307",
+  "lastModified": "2025-06-19T13:15:30.640",
   "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
@@ -139,13 +139,6 @@
         "Patch"
       ]
     },
-    {
-      "url": "https://git.kernel.org/stable/c/9a2393af1f35d1975204fc00035c64a1c792b278",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
     {
       "url": "https://git.kernel.org/stable/c/e08e9dd09809b16f8f8cee8c466841b33d24ed96",
       "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",

CVE-2024/CVE-2024-226xx/CVE-2024-22653.json

@@ -2,8 +2,8 @@
   "id": "CVE-2024-22653",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2025-05-29T15:15:29.470",
-  "lastModified": "2025-05-30T16:31:03.107",
-  "vulnStatus": "Undergoing Analysis",
+  "lastModified": "2025-06-18T23:57:03.917",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
@@ -51,14 +51,38 @@
       ]
     }
   ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:yasm_project:yasm:2023-09-22:*:*:*:*:*:*:*",
+              "matchCriteriaId": "CED0EE19-843C-4F9E-AB11-C2912EC1BD3D"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://gist.github.com/TimChan2001/03e5792b15d0a34bfaad970e37c17660",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Third Party Advisory"
+      ]
     },
     {
       "url": "https://github.com/yasm/yasm/issues/247",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Exploit",
+        "Issue Tracking"
+      ]
     }
   ]
 }

CVE-2024/CVE-2024-249xx/CVE-2024-24916.json

@@ -0,0 +1,56 @@
+{
+  "id": "CVE-2024-24916",
+  "sourceIdentifier": "cve@checkpoint.com",
+  "published": "2025-06-19T14:15:44.983",
+  "lastModified": "2025-06-19T14:15:44.983",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Untrusted DLLs in the installer's directory may be loaded and executed, leading to potentially arbitrary code execution with the installer's privileges (admin)."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@checkpoint.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
+          "baseScore": 6.5,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 0.6,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve@checkpoint.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-427"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://support.checkpoint.com/results/sk/sk183342",
+      "source": "cve@checkpoint.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-267xx/CVE-2024-26710.json

@@ -2,8 +2,8 @@
   "id": "CVE-2024-26710",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-04-03T15:15:53.487",
-  "lastModified": "2025-03-17T15:36:11.620",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2025-06-19T13:15:31.147",
+  "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
     {
@@ -85,13 +85,6 @@
     }
   ],
   "references": [
-    {
-      "url": "https://git.kernel.org/stable/c/4297217bcf1f0948a19c2bacc6b68d92e7778ad9",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
     {
       "url": "https://git.kernel.org/stable/c/4cc31fa07445879a13750cb061bb8c2654975fcb",
       "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",

CVE-2024/CVE-2024-267xx/CVE-2024-26774.json

@@ -2,8 +2,8 @@
   "id": "CVE-2024-26774",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-04-03T17:15:53.130",
-  "lastModified": "2025-02-27T14:37:32.300",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2025-06-19T13:15:31.303",
+  "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
     {
@@ -101,13 +101,6 @@
     }
   ],
   "references": [
-    {
-      "url": "https://git.kernel.org/stable/c/687061cfaa2ac3095170e136dd9c29a4974f41d4",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
     {
       "url": "https://git.kernel.org/stable/c/8b40eb2e716b503f7a4e1090815a17b1341b2150",
       "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",

CVE-2024/CVE-2024-267xx/CVE-2024-26794.json

@@ -2,119 +2,15 @@
   "id": "CVE-2024-26794",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-04-04T09:15:08.683",
-  "lastModified": "2025-04-04T14:28:38.927",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2025-06-19T13:15:31.510",
+  "vulnStatus": "Rejected",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
-      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix race between ordered extent completion and fiemap\n\nFor fiemap we recently stopped locking the target extent range for the\nwhole duration of the fiemap call, in order to avoid a deadlock in a\nscenario where the fiemap buffer happens to be a memory mapped range of\nthe same file. This use case is very unlikely to be useful in practice but\nit may be triggered by fuzz testing (syzbot, etc).\n\nHowever by not locking the target extent range for the whole duration of\nthe fiemap call we can race with an ordered extent. This happens like\nthis:\n\n1) The fiemap task finishes processing a file extent item that covers\n   the file range [512K, 1M[, and that file extent item is the last item\n   in the leaf currently being processed;\n\n2) And ordered extent for the file range [768K, 2M[, in COW mode,\n   completes (btrfs_finish_one_ordered()) and the file extent item\n   covering the range [512K, 1M[ is trimmed to cover the range\n   [512K, 768K[ and then a new file extent item for the range [768K, 2M[\n   is inserted in the inode's subvolume tree;\n\n3) The fiemap task calls fiemap_next_leaf_item(), which then calls\n   btrfs_next_leaf() to find the next leaf / item. This finds that the\n   the next key following the one we previously processed (its type is\n   BTRFS_EXTENT_DATA_KEY and its offset is 512K), is the key corresponding\n   to the new file extent item inserted by the ordered extent, which has\n   a type of BTRFS_EXTENT_DATA_KEY and an offset of 768K;\n\n4) Later the fiemap code ends up at emit_fiemap_extent() and triggers\n   the warning:\n\n      if (cache->offset + cache->len > offset) {\n               WARN_ON(1);\n               return -EINVAL;\n      }\n\n   Since we get 1M > 768K, because the previously emitted entry for the\n   old extent covering the file range [512K, 1M[ ends at an offset that\n   is greater than the new extent's start offset (768K). This makes fiemap\n   fail with -EINVAL besides triggering the warning that produces a stack\n   trace like the following:\n\n     [1621.677651] ------------[ cut here ]------------\n     [1621.677656] WARNING: CPU: 1 PID: 204366 at fs/btrfs/extent_io.c:2492 emit_fiemap_extent+0x84/0x90 [btrfs]\n     [1621.677899] Modules linked in: btrfs blake2b_generic (...)\n     [1621.677951] CPU: 1 PID: 204366 Comm: pool Not tainted 6.8.0-rc5-btrfs-next-151+ #1\n     [1621.677954] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.2-0-gea1b7a073390-prebuilt.qemu.org 04/01/2014\n     [1621.677956] RIP: 0010:emit_fiemap_extent+0x84/0x90 [btrfs]\n     [1621.678033] Code: 2b 4c 89 63 (...)\n     [1621.678035] RSP: 0018:ffffab16089ffd20 EFLAGS: 00010206\n     [1621.678037] RAX: 00000000004fa000 RBX: ffffab16089ffe08 RCX: 0000000000009000\n     [1621.678039] RDX: 00000000004f9000 RSI: 00000000004f1000 RDI: ffffab16089ffe90\n     [1621.678040] RBP: 00000000004f9000 R08: 0000000000001000 R09: 0000000000000000\n     [1621.678041] R10: 0000000000000000 R11: 0000000000001000 R12: 0000000041d78000\n     [1621.678043] R13: 0000000000001000 R14: 0000000000000000 R15: ffff9434f0b17850\n     [1621.678044] FS:  00007fa6e20006c0(0000) GS:ffff943bdfa40000(0000) knlGS:0000000000000000\n     [1621.678046] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n     [1621.678048] CR2: 00007fa6b0801000 CR3: 000000012d404002 CR4: 0000000000370ef0\n     [1621.678053] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n     [1621.678055] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n     [1621.678056] Call Trace:\n     [1621.678074]  <TASK>\n     [1621.678076]  ? __warn+0x80/0x130\n     [1621.678082]  ? emit_fiemap_extent+0x84/0x90 [btrfs]\n     [1621.678159]  ? report_bug+0x1f4/0x200\n     [1621.678164]  ? handle_bug+0x42/0x70\n     [1621.678167]  ? exc_invalid_op+0x14/0x70\n     [1621.678170]  ? asm_exc_invalid_op+0x16/0x20\n     [1621.678178]  ? emit_fiemap_extent+0x84/0x90 [btrfs]\n     [1621.678253]  extent_fiemap+0x766\n---truncated---"
-    },
-    {
-      "lang": "es",
-      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: btrfs: corrige la ejecuci\u00f3n entre la finalizaci\u00f3n de extensi\u00f3n ordenada y fiemap Para fiemap recientemente dejamos de bloquear el rango de extensi\u00f3n objetivo durante toda la duraci\u00f3n de la llamada a fiemap, para evitar un punto muerto en un escenario donde el b\u00fafer fiemap resulta ser un rango mapeado en memoria del mismo archivo. Es muy poco probable que este caso de uso sea \u00fatil en la pr\u00e1ctica, pero puede activarse mediante pruebas difusas (syzbot, etc.). Sin embargo, al no bloquear el rango de extensi\u00f3n objetivo durante toda la duraci\u00f3n de la llamada a fiemap, podemos competir con una extensi\u00f3n ordenada. Esto sucede as\u00ed: 1) La tarea fiemap termina de procesar un elemento de extensi\u00f3n de archivo que cubre el rango de archivos [512K, 1M[, y ese elemento de extensi\u00f3n de archivo es el \u00faltimo elemento de la hoja que se est\u00e1 procesando actualmente; 2) Y la extensi\u00f3n ordenada para el rango de archivos [768K, 2M[, en modo COW, se completa (btrfs_finish_one_ordered()) y el elemento de extensi\u00f3n de archivo que cubre el rango [512K, 1M[ se recorta para cubrir el rango [512K, 768K[ y luego se inserta un nuevo elemento de extensi\u00f3n de archivo para el rango [768K, 2M[ en el \u00e1rbol de subvolumen del inodo; 3) La tarea fiemap llama a fiemap_next_leaf_item(), que luego llama a btrfs_next_leaf() para encontrar la siguiente hoja/elemento. Esto encuentra que la siguiente clave despu\u00e9s de la que procesamos anteriormente (su tipo es BTRFS_EXTENT_DATA_KEY y su desplazamiento es 512K), es la clave correspondiente al nuevo elemento de extensi\u00f3n de archivo insertado por la extensi\u00f3n ordenada, que tiene un tipo de BTRFS_EXTENT_DATA_KEY y un desplazamiento de 768K; 4) M\u00e1s tarde, el c\u00f3digo fiemap termina en emit_fiemap_extent() y activa la advertencia: if (cache-&gt;offset + cache-&gt;len &gt; offset) { WARN_ON(1); devolver -EINVAL; } Dado que obtenemos 1M &gt; 768K, porque la entrada emitida previamente para la extensi\u00f3n anterior que cubre el rango de archivos [512K, 1M[ termina en un desplazamiento que es mayor que el desplazamiento inicial de la nueva extensi\u00f3n (768K). Esto hace que fiemap falle con -EINVAL adem\u00e1s de activar la advertencia que produce un seguimiento de pila como el siguiente: [1621.677651] ------------[ cortar aqu\u00ed ]----------- - [1621.677656] ADVERTENCIA: CPU: 1 PID: 204366 en fs/btrfs/extent_io.c:2492 emit_fiemap_extent+0x84/0x90 [btrfs] [1621.677899] M\u00f3dulos vinculados en: btrfs blake2b_generic (...) [1621.677951] CPU: 1 PID: 204366 Comm: pool No contaminado 6.8.0-rc5-btrfs-next-151+ #1 [1621.677954] Nombre del hardware: PC est\u00e1ndar QEMU (i440FX + PIIX, 1996), BIOS rel-1.16.2-0-gea1b7a073390- prebuilt.qemu.org 01/04/2014 [1621.677956] RIP: 0010:emit_fiemap_extent+0x84/0x90 [btrfs] [1621.678033] C\u00f3digo: 2b 4c 89 63 (...) [1621.678035] RSP: 0018:ffffab160 89ffd20 EFLAGS: 00010206 [1621.678037] RAX: 00000000004fa000 RBX: ffffab16089ffe08 RCX: 0000000000009000 [1621.678039] RDX: 00000000004f9000 RSI: 00000000004f1000 RDI : ffffab16089ffe90 [1621.678040] RBP: 00000000004f9000 R08: 0000000000001000 R09: 00000000000000000 [1621.678041] R10: 0000000000000000 R11 : 0000000000001000 R12: 0000000041d78000 [1621.678043 ] R13: 0000000000001000 R14: 00000000000000000 R15: ffff9434f0b17850 [1621.678044] FS: 00007fa6e20006c0(0000) GS:ffff943bdfa40000(0000) kn lGS:0000000000000000 [1621.678046] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [1621.678048] CR2: 00007fa6b0801000 CR3 : 000000012d404002 CR4: 0000000000370ef0 [1621.678053] DR0: 0000000000000000 DR1: 00000000000000000 DR2: 0000000000000000 [1621.678055] DR 3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [1621.678056] Seguimiento de llamadas: [1621.678074]  [1621.678076] ? __advertir+0x80/0x130 [1621.678082] ? emit_fiemap_extent+0x84/0x90 [btrfs] [1621.678159] ? report_bug+0x1f4/0x200 [1621.678164] ? ---truncado---"
+      "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
     }
   ],
-  "metrics": {
-    "cvssMetricV31": [
-      {
-        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
-        "type": "Secondary",
-        "cvssData": {
-          "version": "3.1",
-          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
-          "baseScore": 5.3,
-          "baseSeverity": "MEDIUM",
-          "attackVector": "NETWORK",
-          "attackComplexity": "LOW",
-          "privilegesRequired": "NONE",
-          "userInteraction": "NONE",
-          "scope": "UNCHANGED",
-          "confidentialityImpact": "NONE",
-          "integrityImpact": "NONE",
-          "availabilityImpact": "LOW"
-        },
-        "exploitabilityScore": 3.9,
-        "impactScore": 1.4
-      }
-    ]
-  },
-  "weaknesses": [
-    {
-      "source": "nvd@nist.gov",
-      "type": "Primary",
-      "description": [
-        {
-          "lang": "en",
-          "value": "CWE-362"
-        }
-      ]
-    }
-  ],
-  "configurations": [
-    {
-      "nodes": [
-        {
-          "operator": "OR",
-          "negate": false,
-          "cpeMatch": [
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:6.6.24:*:*:*:*:*:*:*",
-              "matchCriteriaId": "6780E887-1EB4-4EE5-9542-B333E869A101"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:6.7.12:*:*:*:*:*:*:*",
-              "matchCriteriaId": "8790AB97-4076-49F9-AEF1-60DFBD74D917"
-            }
-          ]
-        }
-      ]
-    }
-  ],
-  "references": [
-    {
-      "url": "https://git.kernel.org/stable/c/31d07a757c6d3430e03cc22799921569999b9a12",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/a1a4a9ca77f143c00fce69c1239887ff8b813bec",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/d43f8e58f10a44df8c08e7f7076f3288352cd168",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/31d07a757c6d3430e03cc22799921569999b9a12",
-      "source": "af854a3a-2127-422b-91ae-364da2661108",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/a1a4a9ca77f143c00fce69c1239887ff8b813bec",
-      "source": "af854a3a-2127-422b-91ae-364da2661108",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/d43f8e58f10a44df8c08e7f7076f3288352cd168",
-      "source": "af854a3a-2127-422b-91ae-364da2661108",
-      "tags": [
-        "Patch"
-      ]
-    }
-  ]
+  "metrics": {},
+  "references": []
 }

CVE-2024/CVE-2024-268xx/CVE-2024-26829.json

@@ -2,8 +2,8 @@
   "id": "CVE-2024-26829",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-04-17T10:15:09.347",
-  "lastModified": "2025-01-14T14:58:05.850",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2025-06-19T13:15:35.917",
+  "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
     {
@@ -125,13 +125,6 @@
         "Patch"
       ]
     },
-    {
-      "url": "https://git.kernel.org/stable/c/486a4176bc783df798bce2903824801af8d2c3ae",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
     {
       "url": "https://git.kernel.org/stable/c/7219a692ffc00089015ada33b85b334d1a4b6e8e",
       "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",

CVE-2024/CVE-2024-274xx/CVE-2024-27410.json

@@ -2,7 +2,7 @@
   "id": "CVE-2024-27410",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-05-17T12:15:11.690",
-  "lastModified": "2024-11-21T09:04:33.790",
+  "lastModified": "2025-06-19T13:15:36.097",
   "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
@@ -17,14 +17,6 @@
   ],
   "metrics": {},
   "references": [
-    {
-      "url": "https://git.kernel.org/stable/c/063715c33b4c37587aeca2c83cf08ead0c542995",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/0cfbb26ee5e7b3d6483a73883f9f6157bca22ec9",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
-    },
     {
       "url": "https://git.kernel.org/stable/c/177d574be4b58f832354ab1ef5a297aa0c9aa2df",
       "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
@@ -33,18 +25,10 @@
       "url": "https://git.kernel.org/stable/c/930e826962d9f01dcd2220176134427358d112f2",
       "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
     },
-    {
-      "url": "https://git.kernel.org/stable/c/99eb2159680af8786104dac80528acd5acd45980",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
-    },
     {
       "url": "https://git.kernel.org/stable/c/a2add961a5ed25cfd6a74f9ffb9e7ab6d6ded838",
       "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
     },
-    {
-      "url": "https://git.kernel.org/stable/c/d38d31bbbb9dc0d4d71a45431eafba03d0bc150d",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
-    },
     {
       "url": "https://git.kernel.org/stable/c/f78c1375339a291cba492a70eaf12ec501d28a8e",
       "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"

CVE-2024/CVE-2024-357xx/CVE-2024-35788.json

@@ -2,168 +2,15 @@
   "id": "CVE-2024-35788",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-05-17T13:15:58.640",
-  "lastModified": "2025-03-05T17:33:07.867",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2025-06-19T13:15:36.360",
+  "vulnStatus": "Rejected",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
-      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix bounds check for dcn35 DcfClocks\n\n[Why]\nNumFclkLevelsEnabled is used for DcfClocks bounds check\ninstead of designated NumDcfClkLevelsEnabled.\nThat can cause array index out-of-bounds access.\n\n[How]\nUse designated variable for dcn35 DcfClocks bounds check."
-    },
-    {
-      "lang": "es",
-      "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: drm/amd/display: Corrige la verificaci\u00f3n de l\u00edmites para dcn35 DcfClocks [Por qu\u00e9] NumFclkLevelsEnabled se usa para la verificaci\u00f3n de l\u00edmites de DcfClocks en lugar del designado NumDcfClkLevelsEnabled. Eso puede provocar un acceso fuera de los l\u00edmites al \u00edndice de matriz. [C\u00f3mo] Utilice la variable designada para comprobar los l\u00edmites de dcn35 DcfClocks."
+      "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
     }
   ],
-  "metrics": {
-    "cvssMetricV31": [
-      {
-        "source": "nvd@nist.gov",
-        "type": "Primary",
-        "cvssData": {
-          "version": "3.1",
-          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
-          "baseScore": 7.8,
-          "baseSeverity": "HIGH",
-          "attackVector": "LOCAL",
-          "attackComplexity": "LOW",
-          "privilegesRequired": "LOW",
-          "userInteraction": "NONE",
-          "scope": "UNCHANGED",
-          "confidentialityImpact": "HIGH",
-          "integrityImpact": "HIGH",
-          "availabilityImpact": "HIGH"
-        },
-        "exploitabilityScore": 1.8,
-        "impactScore": 5.9
-      }
-    ]
-  },
-  "weaknesses": [
-    {
-      "source": "nvd@nist.gov",
-      "type": "Primary",
-      "description": [
-        {
-          "lang": "en",
-          "value": "CWE-129"
-        }
-      ]
-    }
-  ],
-  "configurations": [
-    {
-      "nodes": [
-        {
-          "operator": "OR",
-          "negate": false,
-          "cpeMatch": [
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
-              "versionEndExcluding": "6.7.12",
-              "matchCriteriaId": "D395D167-B806-45A5-9C34-38C8A1FE0F7B"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
-              "versionStartIncluding": "6.8",
-              "versionEndExcluding": "6.8.3",
-              "matchCriteriaId": "4C59BBC3-6495-4A77-9C82-55EC7CDF5E02"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:-:*:*:*:*:*:*",
-              "matchCriteriaId": "3F2A4A3D-068A-4CF2-A09F-9C7937DDB0A5"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*",
-              "matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*",
-              "matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*",
-              "matchCriteriaId": "52048DDA-FC5A-4363-95A0-A6357B4D7F8C"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*",
-              "matchCriteriaId": "A06B2CCF-3F43-4FA9-8773-C83C3F5764B2"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc5:*:*:*:*:*:*",
-              "matchCriteriaId": "F850DCEC-E08B-4317-A33B-D2DCF39F601B"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc6:*:*:*:*:*:*",
-              "matchCriteriaId": "91326417-E981-482E-A5A3-28BC1327521B"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc7:*:*:*:*:*:*",
-              "matchCriteriaId": "DAECDCD8-F556-4606-8D7B-5C6D47A501F2"
-            }
-          ]
-        }
-      ]
-    }
-  ],
-  "references": [
-    {
-      "url": "https://git.kernel.org/stable/c/2f10d4a51bbcd938f1f02f16c304ad1d54717b96",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch",
-        "Mailing List"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/c373f233dab44a13752daec13788e2ad3bf86410",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch",
-        "Mailing List"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/f6e163e9c3d50cd167ab9d411ed01b7718177387",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch",
-        "Mailing List"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/2f10d4a51bbcd938f1f02f16c304ad1d54717b96",
-      "source": "af854a3a-2127-422b-91ae-364da2661108",
-      "tags": [
-        "Patch",
-        "Mailing List"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/c373f233dab44a13752daec13788e2ad3bf86410",
-      "source": "af854a3a-2127-422b-91ae-364da2661108",
-      "tags": [
-        "Patch",
-        "Mailing List"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/f6e163e9c3d50cd167ab9d411ed01b7718177387",
-      "source": "af854a3a-2127-422b-91ae-364da2661108",
-      "tags": [
-        "Patch",
-        "Mailing List"
-      ]
-    }
-  ]
+  "metrics": {},
+  "references": []
 }

CVE-2024/CVE-2024-359xx/CVE-2024-35927.json

@@ -2,7 +2,7 @@
   "id": "CVE-2024-35927",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-05-19T11:15:48.860",
-  "lastModified": "2024-11-21T09:21:13.223",
+  "lastModified": "2025-06-19T13:15:40.283",
   "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
@@ -48,18 +48,10 @@
       "url": "https://git.kernel.org/stable/c/3d1b47e3a935abd4f258a945db87e7267ff4079c",
       "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
     },
-    {
-      "url": "https://git.kernel.org/stable/c/4ad8d57d902fbc7c82507cfc1b031f3a07c3de6e",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
-    },
     {
       "url": "https://git.kernel.org/stable/c/5abffb66d12bcac84bf7b66389c571b8bb6e82bd",
       "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
     },
-    {
-      "url": "https://git.kernel.org/stable/c/786c27982a39d79cc753f84229eb5977ac8ef1c1",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
-    },
     {
       "url": "https://git.kernel.org/stable/c/18451798f4a4e7418b9fad7e7dd313fe84b1f545",
       "source": "af854a3a-2127-422b-91ae-364da2661108"

CVE-2024/CVE-2024-360xx/CVE-2024-36022.json

@@ -2,36 +2,15 @@
   "id": "CVE-2024-36022",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-05-30T15:15:49.263",
-  "lastModified": "2024-11-21T09:21:27.403",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2025-06-19T14:15:45.160",
+  "vulnStatus": "Rejected",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
-      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Init zone device and drm client after mode-1 reset on reload\n\nIn passthrough environment, when amdgpu is reloaded after unload, mode-1\nis triggered after initializing the necessary IPs, That init does not\ninclude KFD, and KFD init waits until the reset is completed. KFD init\nis called in the reset handler, but in this case, the zone device and\ndrm client is not initialized, causing app to create kernel panic.\n\nv2: Removing the init KFD condition from amdgpu_amdkfd_drm_client_create.\nAs the previous version has the potential of creating DRM client twice.\n\nv3: v2 patch results in SDMA engine hung as DRM open causes VM clear to SDMA\nbefore SDMA init. Adding the condition to in drm client creation, on top of v1,\nto guard against drm client creation call multiple times."
-    },
-    {
-      "lang": "es",
-      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amdgpu: dispositivo de zona de inicio y cliente drm despu\u00e9s del restablecimiento del modo 1 al recargar. En el entorno de paso a trav\u00e9s, cuando amdgpu se recarga despu\u00e9s de la descarga, el modo 1 se activa despu\u00e9s de inicializar las IP necesarias. Ese inicio no incluye KFD, y el inicio de KFD espera hasta que se complete el reinicio. Se llama a KFD init en el controlador de reinicio, pero en este caso, el dispositivo de zona y el cliente drm no se inicializan, lo que hace que la aplicaci\u00f3n genere p\u00e1nico en el kernel. v2: Eliminaci\u00f3n de la condici\u00f3n KFD inicial de amdgpu_amdkfd_drm_client_create. Como la versi\u00f3n anterior tiene el potencial de crear un cliente DRM dos veces. v3: el parche v2 hace que el motor SDMA se bloquee porque la apertura de DRM hace que la VM se borre a SDMA antes de que se inicie SDMA. Agregar la condici\u00f3n a la creaci\u00f3n del cliente DRM, adem\u00e1s de la versi\u00f3n 1, para protegerse contra llamadas de creaci\u00f3n del cliente DRM varias veces."
+      "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
     }
   ],
   "metrics": {},
-  "references": [
-    {
-      "url": "https://git.kernel.org/stable/c/4f8154f775197d0021b690c2945d6a4d8094c8f6",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/f679fd6057fbf5ab34aaee28d58b7f81af0cbf48",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/4f8154f775197d0021b690c2945d6a4d8094c8f6",
-      "source": "af854a3a-2127-422b-91ae-364da2661108"
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/f679fd6057fbf5ab34aaee28d58b7f81af0cbf48",
-      "source": "af854a3a-2127-422b-91ae-364da2661108"
-    }
-  ]
+  "references": []
 }

CVE-2024/CVE-2024-362xx/CVE-2024-36288.json

@@ -2,7 +2,7 @@
   "id": "CVE-2024-36288",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-06-21T12:15:10.967",
-  "lastModified": "2024-11-21T09:21:59.667",
+  "lastModified": "2025-06-19T13:15:40.433",
   "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
@@ -131,14 +131,6 @@
         "Patch"
       ]
     },
-    {
-      "url": "https://git.kernel.org/stable/c/f9977e4e0cd98a5f06f2492b4f3547db58deabf5",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Mailing List",
-        "Patch"
-      ]
-    },
     {
       "url": "https://git.kernel.org/stable/c/0a1cb0c6102bb4fd310243588d39461da49497ad",
       "source": "af854a3a-2127-422b-91ae-364da2661108",

CVE-2024/CVE-2024-438xx/CVE-2024-43835.json

@@ -2,8 +2,8 @@
   "id": "CVE-2024-43835",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-08-17T10:15:09.183",
-  "lastModified": "2024-10-30T21:45:17.447",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2025-06-19T13:15:41.177",
+  "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
     {
@@ -71,13 +71,6 @@
     }
   ],
   "references": [
-    {
-      "url": "https://git.kernel.org/stable/c/19ac6f29bf64304ef04630c8ab56ecd2059d7aa1",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
     {
       "url": "https://git.kernel.org/stable/c/468a729b78895893d0e580ceea49bed8ada2a2bd",
       "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",

CVE-2024/CVE-2024-438xx/CVE-2024-43845.json

@@ -2,8 +2,8 @@
   "id": "CVE-2024-43845",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-08-17T10:15:09.837",
-  "lastModified": "2024-10-25T19:51:07.187",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2025-06-19T13:15:41.423",
+  "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
     {
@@ -99,13 +99,6 @@
         "Patch"
       ]
     },
-    {
-      "url": "https://git.kernel.org/stable/c/c996b570305e7a6910c2ce4cdcd4c22757ffe241",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
     {
       "url": "https://git.kernel.org/stable/c/fe2ead240c31e8d158713beca9d0681a6e6a53ab",
       "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",

CVE-2024/CVE-2024-439xx/CVE-2024-43911.json

@@ -2,7 +2,7 @@
   "id": "CVE-2024-43911",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-08-26T11:15:05.227",
-  "lastModified": "2024-11-08T16:15:22.483",
+  "lastModified": "2025-06-19T13:15:41.600",
   "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
@@ -77,14 +77,6 @@
         "Patch"
       ]
     },
-    {
-      "url": "https://git.kernel.org/stable/c/0acaf4a5025d6dafb7da787d2d4c47ed95e46ed6",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/a53c2d847627b790fb3bd8b00e02c247941b17e0",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
-    },
     {
       "url": "https://git.kernel.org/stable/c/a5594c1e03b0df3908b1e1202a1ba34422eed0f6",
       "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",

CVE-2024/CVE-2024-449xx/CVE-2024-44955.json

@@ -2,91 +2,15 @@
   "id": "CVE-2024-44955",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-09-04T19:15:30.423",
-  "lastModified": "2024-12-09T13:10:03.600",
-  "vulnStatus": "Modified",
+  "lastModified": "2025-06-19T14:15:45.237",
+  "vulnStatus": "Rejected",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
-      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Don't refer to dc_sink in is_dsc_need_re_compute\n\n[Why]\nWhen unplug one of monitors connected after mst hub, encounter null pointer dereference.\n\nIt's due to dc_sink get released immediately in early_unregister() or detect_ctx(). When\ncommit new state which directly referring to info stored in dc_sink will cause null pointer\ndereference.\n\n[how]\nRemove redundant checking condition. Relevant condition should already be covered by checking\nif dsc_aux is null or not. Also reset dsc_aux to NULL when the connector is disconnected."
-    },
-    {
-      "lang": "es",
-      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: No hacer referencia a dc_sink en is_dsc_need_re_compute [Por qu\u00e9] Cuando se desconecta uno de los monitores conectados despu\u00e9s del concentrador mst, se produce una desreferencia de puntero nulo. Esto se debe a que dc_sink se libera inmediatamente en early_unregister() o detect_ctx(). Cuando se confirma un nuevo estado que hace referencia directa a la informaci\u00f3n almacenada en dc_sink, se producir\u00e1 una desreferencia de puntero nulo. [C\u00f3mo] Eliminar la condici\u00f3n de comprobaci\u00f3n redundante. La condici\u00f3n relevante ya deber\u00eda estar cubierta comprobando si dsc_aux es nulo o no. Tambi\u00e9n se restablece dsc_aux a NULL cuando se desconecta el conector."
+      "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
     }
   ],
-  "metrics": {
-    "cvssMetricV31": [
-      {
-        "source": "nvd@nist.gov",
-        "type": "Primary",
-        "cvssData": {
-          "version": "3.1",
-          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
-          "baseScore": 5.5,
-          "baseSeverity": "MEDIUM",
-          "attackVector": "LOCAL",
-          "attackComplexity": "LOW",
-          "privilegesRequired": "LOW",
-          "userInteraction": "NONE",
-          "scope": "UNCHANGED",
-          "confidentialityImpact": "NONE",
-          "integrityImpact": "NONE",
-          "availabilityImpact": "HIGH"
-        },
-        "exploitabilityScore": 1.8,
-        "impactScore": 3.6
-      }
-    ]
-  },
-  "weaknesses": [
-    {
-      "source": "nvd@nist.gov",
-      "type": "Primary",
-      "description": [
-        {
-          "lang": "en",
-          "value": "CWE-476"
-        }
-      ]
-    }
-  ],
-  "configurations": [
-    {
-      "nodes": [
-        {
-          "operator": "OR",
-          "negate": false,
-          "cpeMatch": [
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
-              "versionEndExcluding": "6.10.5",
-              "matchCriteriaId": "E4CB0927-C720-465B-99F2-3E47215515F2"
-            }
-          ]
-        }
-      ]
-    }
-  ],
-  "references": [
-    {
-      "url": "https://git.kernel.org/stable/c/39b217193729aa45eded8de24d9245468a0c0263",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/c7e65cab54a89f4df54110f0b44c4ade93d1a911",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/fcf6a49d79923a234844b8efe830a61f3f0584e4",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    }
-  ]
+  "metrics": {},
+  "references": []
 }

CVE-2024/CVE-2024-450xx/CVE-2024-45025.json

@@ -2,8 +2,8 @@
   "id": "CVE-2024-45025",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-09-11T16:15:07.440",
-  "lastModified": "2024-09-13T16:30:07.073",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2025-06-19T13:15:41.733",
+  "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
     {
@@ -162,20 +162,6 @@
         "Patch"
       ]
     },
-    {
-      "url": "https://git.kernel.org/stable/c/e807487a1d5fd5d941f26578ae826ca815dbfcd6",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/ee501f827f3db02d4e599afbbc1a7f8b792d05d7",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
     {
       "url": "https://git.kernel.org/stable/c/fe5bf14881701119aeeda7cf685f3c226c7380df",
       "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",

CVE-2024/CVE-2024-452xx/CVE-2024-45208.json

@@ -0,0 +1,68 @@
+{
+  "id": "CVE-2024-45208",
+  "sourceIdentifier": "support@hackerone.com",
+  "published": "2025-06-19T00:15:21.097",
+  "lastModified": "2025-06-19T00:15:21.097",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Versa Director SD-WAN orchestration platform which makes use of Cisco NCS application service. Active and Standby Directors communicate over TCP ports 4566 and 4570 to exchange High Availability (HA) information using a shared password. Affected versions of Versa Director bound to these ports on all interfaces. An attacker that can access the Versa Director could access the NCS service on port 4566 and exploit it to perform unauthorized administrative actions and perform remote code execution. Customers are recommended to follow the hardening guide.\r\n\r\nVersa Networks is not aware of any reported instance where this vulnerability was exploited. Proof of concept for this vulnerability has been disclosed by third party security researchers."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "support@hackerone.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+          "baseScore": 9.8,
+          "baseSeverity": "CRITICAL",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://docs.versa-networks.com/Solutions/System_Hardening/Perform_Manual_Hardening_for_Versa_Director#Harden_Port_4566",
+      "source": "support@hackerone.com"
+    },
+    {
+      "url": "https://security-portal.versa-networks.com/emailbulletins/68526c3cdc94d6b9f2faf718",
+      "source": "support@hackerone.com"
+    },
+    {
+      "url": "https://support.versa-networks.com/support/solutions/articles/23000024323-release-21-2-3",
+      "source": "support@hackerone.com"
+    },
+    {
+      "url": "https://support.versa-networks.com/support/solutions/articles/23000025680-release-22-1-2",
+      "source": "support@hackerone.com"
+    },
+    {
+      "url": "https://support.versa-networks.com/support/solutions/articles/23000026033-release-22-1-3",
+      "source": "support@hackerone.com"
+    },
+    {
+      "url": "https://support.versa-networks.com/support/solutions/articles/23000026708-release-22-1-4",
+      "source": "support@hackerone.com"
+    },
+    {
+      "url": "https://support.versa-networks.com/support/solutions/articles/23000026724-versa-director-ha-port-exploit-discovery-remediation",
+      "source": "support@hackerone.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-467xx/CVE-2024-46700.json

@@ -2,102 +2,15 @@
   "id": "CVE-2024-46700",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-09-13T06:15:14.720",
-  "lastModified": "2024-09-13T16:53:25.383",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2025-06-19T13:15:42.090",
+  "vulnStatus": "Rejected",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
-      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu/mes: fix mes ring buffer overflow\n\nwait memory room until enough before writing mes packets\nto avoid ring buffer overflow.\n\nv2: squash in sched_hw_submission fix\n\n(cherry picked from commit 34e087e8920e635c62e2ed6a758b0cd27f836d13)"
-    },
-    {
-      "lang": "es",
-      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amdgpu/mes: se corrige el desbordamiento del b\u00fafer de anillo de mes; esperar a que haya suficiente espacio en la memoria antes de escribir paquetes mes para evitar el desbordamiento del b\u00fafer de anillo. v2: se corrige el squash en sched_hw_submission (seleccionado del commit 34e087e8920e635c62e2ed6a758b0cd27f836d13)"
+      "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
     }
   ],
-  "metrics": {
-    "cvssMetricV31": [
-      {
-        "source": "nvd@nist.gov",
-        "type": "Primary",
-        "cvssData": {
-          "version": "3.1",
-          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
-          "baseScore": 7.8,
-          "baseSeverity": "HIGH",
-          "attackVector": "LOCAL",
-          "attackComplexity": "LOW",
-          "privilegesRequired": "LOW",
-          "userInteraction": "NONE",
-          "scope": "UNCHANGED",
-          "confidentialityImpact": "HIGH",
-          "integrityImpact": "HIGH",
-          "availabilityImpact": "HIGH"
-        },
-        "exploitabilityScore": 1.8,
-        "impactScore": 5.9
-      }
-    ]
-  },
-  "weaknesses": [
-    {
-      "source": "nvd@nist.gov",
-      "type": "Primary",
-      "description": [
-        {
-          "lang": "en",
-          "value": "CWE-120"
-        }
-      ]
-    }
-  ],
-  "configurations": [
-    {
-      "nodes": [
-        {
-          "operator": "OR",
-          "negate": false,
-          "cpeMatch": [
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
-              "versionEndExcluding": "6.10.8",
-              "matchCriteriaId": "04EAB214-6594-4DB7-86FA-A1EDE64FB9EE"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
-              "matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
-              "matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
-              "matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
-            }
-          ]
-        }
-      ]
-    }
-  ],
-  "references": [
-    {
-      "url": "https://git.kernel.org/stable/c/11752c013f562a1124088a35bd314aa0e9f0e88f",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/ed37550d7c516017c3b0324bdf144e2fa563ffb0",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    }
-  ]
+  "metrics": {},
+  "references": []
 }

CVE-2024/CVE-2024-468xx/CVE-2024-46852.json

@@ -2,7 +2,7 @@
   "id": "CVE-2024-46852",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-09-27T13:15:16.917",
-  "lastModified": "2024-10-17T14:15:07.887",
+  "lastModified": "2025-06-19T13:15:46.410",
   "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
@@ -120,10 +120,6 @@
     }
   ],
   "references": [
-    {
-      "url": "https://git.kernel.org/stable/c/007180fcb6cc4a93211d4cc45fef3f5ccccd56ae",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
-    },
     {
       "url": "https://git.kernel.org/stable/c/79cce5e81d20fa9ad553be439d665ac3302d3c95",
       "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"

CVE-2024/CVE-2024-566xx/CVE-2024-56694.json

@@ -2,7 +2,7 @@
   "id": "CVE-2024-56694",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-12-28T10:15:15.203",
-  "lastModified": "2025-01-09T16:16:23.053",
+  "lastModified": "2025-06-19T13:15:46.560",
   "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
@@ -113,10 +113,6 @@
         "Patch"
       ]
     },
-    {
-      "url": "https://git.kernel.org/stable/c/078f7e1521442a55db4bed812a2fbaf02ac33819",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
-    },
     {
       "url": "https://git.kernel.org/stable/c/221109ba2127eabd0aa64718543638b58b15df56",
       "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"

CVE-2024/CVE-2024-567xx/CVE-2024-56786.json

@@ -2,131 +2,15 @@
   "id": "CVE-2024-56786",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2025-01-08T18:15:19.633",
-  "lastModified": "2025-02-11T16:15:48.100",
-  "vulnStatus": "Modified",
+  "lastModified": "2025-06-19T13:15:46.830",
+  "vulnStatus": "Rejected",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
-      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: put bpf_link's program when link is safe to be deallocated\n\nIn general, BPF link's underlying BPF program should be considered to be\nreachable through attach hook -> link -> prog chain, and, pessimistically,\nwe have to assume that as long as link's memory is not safe to free,\nattach hook's code might hold a pointer to BPF program and use it.\n\nAs such, it's not (generally) correct to put link's program early before\nwaiting for RCU GPs to go through. More eager bpf_prog_put() that we\ncurrently do is mostly correct due to BPF program's release code doing\nsimilar RCU GP waiting, but as will be shown in the following patches,\nBPF program can be non-sleepable (and, thus, reliant on only \"classic\"\nRCU GP), while BPF link's attach hook can have sleepable semantics and\nneeds to be protected by RCU Tasks Trace, and for such cases BPF link\nhas to go through RCU Tasks Trace + \"classic\" RCU GPs before being\ndeallocated. And so, if we put BPF program early, we might free BPF\nprogram before we free BPF link, leading to use-after-free situation.\n\nSo, this patch defers bpf_prog_put() until we are ready to perform\nbpf_link's deallocation. At worst, this delays BPF program freeing by\none extra RCU GP, but that seems completely acceptable. Alternatively,\nwe'd need more elaborate ways to determine BPF hook, BPF link, and BPF\nprogram lifetimes, and how they relate to each other, which seems like\nan unnecessary complication.\n\nNote, for most BPF links we still will perform eager bpf_prog_put() and\nlink dealloc, so for those BPF links there are no observable changes\nwhatsoever. Only BPF links that use deferred dealloc might notice\nslightly delayed freeing of BPF programs.\n\nAlso, to reduce code and logic duplication, extract program put + link\ndealloc logic into bpf_link_dealloc() helper."
-    },
-    {
-      "lang": "es",
-      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bpf: poner el programa de bpf_link cuando es seguro desasignarlo En general, se debe considerar que el programa BPF subyacente del enlace BPF es accesible a trav\u00e9s de la cadena de gancho de conexi\u00f3n -> enlace -> programa y, de manera pesimista, tenemos que asumir que mientras no sea seguro liberar la memoria del enlace, el c\u00f3digo del gancho de conexi\u00f3n podr\u00eda contener un puntero al programa BPF y usarlo. Como tal, no es (generalmente) correcto poner el programa del enlace antes de esperar a que pasen los GP de RCU. El bpf_prog_put() m\u00e1s ansioso que hacemos actualmente es mayormente correcto debido a que el c\u00f3digo de lanzamiento del programa BPF hace una espera similar de GP RCU, pero como se mostrar\u00e1 en los parches siguientes, el programa BPF puede no ser inactivo (y, por lo tanto, depender solo del GP RCU \"cl\u00e1sico\"), mientras que el gancho de conexi\u00f3n del enlace BPF puede tener sem\u00e1ntica inactiva y necesita estar protegido por el Seguimiento de tareas RCU, y para tales casos el enlace BPF tiene que pasar por el Seguimiento de tareas RCU + GP RCU \"cl\u00e1sicos\" antes de ser desasignado. Y entonces, si ponemos el programa BPF temprano, podr\u00edamos liberar el programa BPF antes de liberar el enlace BPF, lo que lleva a una situaci\u00f3n de use-after-free. Entonces, este parche pospone bpf_prog_put() hasta que estemos listos para realizar la desasignaci\u00f3n de bpf_link. En el peor de los casos, esto retrasa la liberaci\u00f3n del programa BPF por un GP RCU adicional, pero eso parece completamente aceptable. Alternativamente, necesitar\u00edamos formas m\u00e1s elaboradas de determinar el gancho BPF, el enlace BPF y la duraci\u00f3n del programa BPF, y c\u00f3mo se relacionan entre s\u00ed, lo que parece una complicaci\u00f3n innecesaria. Tenga en cuenta que, para la mayor\u00eda de los enlaces BPF, seguiremos ejecutando bpf_prog_put() y link dealloc con avidez, por lo que para esos enlaces BPF no hay cambios observables en absoluto. Solo los enlaces BPF que usan dealloc diferido pueden notar una liberaci\u00f3n ligeramente retrasada de los programas BPF. Adem\u00e1s, para reducir la duplicaci\u00f3n de c\u00f3digo y l\u00f3gica, extraiga la l\u00f3gica de put del programa + link dealloc en el asistente bpf_link_dealloc()."
+      "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
     }
   ],
-  "metrics": {
-    "cvssMetricV31": [
-      {
-        "source": "nvd@nist.gov",
-        "type": "Primary",
-        "cvssData": {
-          "version": "3.1",
-          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
-          "baseScore": 5.5,
-          "baseSeverity": "MEDIUM",
-          "attackVector": "LOCAL",
-          "attackComplexity": "LOW",
-          "privilegesRequired": "LOW",
-          "userInteraction": "NONE",
-          "scope": "UNCHANGED",
-          "confidentialityImpact": "NONE",
-          "integrityImpact": "NONE",
-          "availabilityImpact": "HIGH"
-        },
-        "exploitabilityScore": 1.8,
-        "impactScore": 3.6
-      },
-      {
-        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
-        "type": "Secondary",
-        "cvssData": {
-          "version": "3.1",
-          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
-          "baseScore": 7.8,
-          "baseSeverity": "HIGH",
-          "attackVector": "LOCAL",
-          "attackComplexity": "LOW",
-          "privilegesRequired": "LOW",
-          "userInteraction": "NONE",
-          "scope": "UNCHANGED",
-          "confidentialityImpact": "HIGH",
-          "integrityImpact": "HIGH",
-          "availabilityImpact": "HIGH"
-        },
-        "exploitabilityScore": 1.8,
-        "impactScore": 5.9
-      }
-    ]
-  },
-  "weaknesses": [
-    {
-      "source": "nvd@nist.gov",
-      "type": "Primary",
-      "description": [
-        {
-          "lang": "en",
-          "value": "NVD-CWE-noinfo"
-        }
-      ]
-    },
-    {
-      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
-      "type": "Secondary",
-      "description": [
-        {
-          "lang": "en",
-          "value": "CWE-416"
-        }
-      ]
-    }
-  ],
-  "configurations": [
-    {
-      "nodes": [
-        {
-          "operator": "OR",
-          "negate": false,
-          "cpeMatch": [
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
-              "versionEndExcluding": "6.6.66",
-              "matchCriteriaId": "90A079EF-8212-45DF-84FB-C525A64635B0"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
-              "versionStartIncluding": "6.7",
-              "versionEndExcluding": "6.12.5",
-              "matchCriteriaId": "9501D045-7A94-42CA-8B03-821BE94A65B7"
-            }
-          ]
-        }
-      ]
-    }
-  ],
-  "references": [
-    {
-      "url": "https://git.kernel.org/stable/c/2fcb921c2799c49ac5e365cf4110f94a64ae4885",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/5fe23c57abadfd46a7a66e81f3536e4757252a0b",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/f44ec8733a8469143fde1984b5e6931b2e2f6f3f",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
-      "tags": [
-        "Patch"
-      ]
-    }
-  ]
+  "metrics": {},
+  "references": []
 }

CVE-2024/CVE-2024-579xx/CVE-2024-57920.json

@@ -2,28 +2,15 @@
   "id": "CVE-2024-57920",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2025-01-19T12:15:26.150",
-  "lastModified": "2025-01-19T12:15:26.150",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2025-06-19T13:15:50.980",
+  "vulnStatus": "Rejected",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
-      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: wq_release signals dma_fence only when available\n\nkfd_process_wq_release() signals eviction fence by\ndma_fence_signal() which wanrs if dma_fence\nis NULL.\n\nkfd_process->ef is initialized by kfd_process_device_init_vm()\nthrough ioctl. That means the fence is NULL for a new\ncreated kfd_process, and close a kfd_process right\nafter open it will trigger the warning.\n\nThis commit conditionally signals the eviction fence\nin kfd_process_wq_release() only when it is available.\n\n[  503.660882] WARNING: CPU: 0 PID: 9 at drivers/dma-buf/dma-fence.c:467 dma_fence_signal+0x74/0xa0\n[  503.782940] Workqueue: kfd_process_wq kfd_process_wq_release [amdgpu]\n[  503.789640] RIP: 0010:dma_fence_signal+0x74/0xa0\n[  503.877620] Call Trace:\n[  503.880066]  <TASK>\n[  503.882168]  ? __warn+0xcd/0x260\n[  503.885407]  ? dma_fence_signal+0x74/0xa0\n[  503.889416]  ? report_bug+0x288/0x2d0\n[  503.893089]  ? handle_bug+0x53/0xa0\n[  503.896587]  ? exc_invalid_op+0x14/0x50\n[  503.900424]  ? asm_exc_invalid_op+0x16/0x20\n[  503.904616]  ? dma_fence_signal+0x74/0xa0\n[  503.908626]  kfd_process_wq_release+0x6b/0x370 [amdgpu]\n[  503.914081]  process_one_work+0x654/0x10a0\n[  503.918186]  worker_thread+0x6c3/0xe70\n[  503.921943]  ? srso_alias_return_thunk+0x5/0xfbef5\n[  503.926735]  ? srso_alias_return_thunk+0x5/0xfbef5\n[  503.931527]  ? __kthread_parkme+0x82/0x140\n[  503.935631]  ? __pfx_worker_thread+0x10/0x10\n[  503.939904]  kthread+0x2a8/0x380\n[  503.943132]  ? __pfx_kthread+0x10/0x10\n[  503.946882]  ret_from_fork+0x2d/0x70\n[  503.950458]  ? __pfx_kthread+0x10/0x10\n[  503.954210]  ret_from_fork_asm+0x1a/0x30\n[  503.958142]  </TASK>\n[  503.960328] ---[ end trace 0000000000000000 ]---\n\n(cherry picked from commit 2774ef7625adb5fb9e9265c26a59dca7b8fd171e)"
-    },
-    {
-      "lang": "es",
-      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amdkfd: wq_release env\u00eda una se\u00f1al a dma_fence solo cuando est\u00e1 disponible kfd_process_wq_release() env\u00eda una se\u00f1al de desalojo a dma_fence_signal(), que se activa si dma_fence es NULL. kfd_process-&gt;ef se inicializa mediante kfd_process_device_init_vm() a trav\u00e9s de ioctl. Esto significa que el desalojo es NULL para un nuevo kfd_process creado, y cerrar un kfd_process justo despu\u00e9s de abrirlo activar\u00e1 la advertencia. Esta confirmaci\u00f3n env\u00eda una se\u00f1al condicional al desalojo en kfd_process_wq_release() solo cuando est\u00e1 disponible. [ 503.660882] ADVERTENCIA: CPU: 0 PID: 9 en drivers/dma-buf/dma-fence.c:467 dma_fence_signal+0x74/0xa0 [ 503.782940] Cola de trabajo: kfd_process_wq kfd_process_wq_release [amdgpu] [ 503.789640] RIP: 0010:dma_fence_signal+0x74/0xa0 [ 503.877620] Seguimiento de llamadas: [ 503.880066]  [ 503.882168] ? __warn+0xcd/0x260 [ 503.885407] ? dma_fence_signal+0x74/0xa0 [ 503.889416] ? report_bug+0x288/0x2d0 [ 503.893089] ? handle_bug+0x53/0xa0 [ 503.896587] ? exc_invalid_op+0x14/0x50 [ 503.900424] ? asm_exc_invalid_op+0x16/0x20 [ 503.904616] ? __kthread_parkme+0x82/0x140 [503.935631] ? __pfx_worker_thread+0x10/0x10 [ 503.939904] kthread+0x2a8/0x380 [ 503.943132] ? __pfx_kthread+0x10/0x10 [ 503.954210] ret_from_fork_asm+0x1a/0x30 [ 503.958142]  [ 503.960328] ---[ fin del seguimiento 000000000000000 ]--- (seleccionado de el commit 2774ef7625adb5fb9e9265c26a59dca7b8fd171e)"
+      "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
     }
   ],
   "metrics": {},
-  "references": [
-    {
-      "url": "https://git.kernel.org/stable/c/a993d319aebb7cce8a10c6e685344b7c2ad5c4c2",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/c8243def299793ac6c85fdc1086089c800c1051a",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
-    }
-  ]
+  "references": []
 }

CVE-2024/CVE-2024-580xx/CVE-2024-58077.json

@@ -2,7 +2,7 @@
   "id": "CVE-2024-58077",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2025-03-06T17:15:21.123",
-  "lastModified": "2025-03-06T17:15:21.123",
+  "lastModified": "2025-06-19T13:15:51.193",
   "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
@@ -32,10 +32,6 @@
     {
       "url": "https://git.kernel.org/stable/c/90778f31efdf44622065ebbe8d228284104bd26f",
       "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/b65ba768302adc7ddc70811116cef80ca089af59",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
     }
   ]
 }

CVE-2025/CVE-2025-231xx/CVE-2025-23121.json

@@ -0,0 +1,44 @@
+{
+  "id": "CVE-2025-23121",
+  "sourceIdentifier": "support@hackerone.com",
+  "published": "2025-06-19T00:15:21.260",
+  "lastModified": "2025-06-19T00:15:21.260",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "support@hackerone.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
+          "baseScore": 9.9,
+          "baseSeverity": "CRITICAL",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 3.1,
+        "impactScore": 6.0
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://www.veeam.com/kb4743",
+      "source": "support@hackerone.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-231xx/CVE-2025-23168.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2025-23168",
+  "sourceIdentifier": "support@hackerone.com",
+  "published": "2025-06-19T00:15:21.377",
+  "lastModified": "2025-06-19T00:15:21.377",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Versa Director SD-WAN orchestration platform implements Two-Factor Authentication (2FA) using One-Time Passcodes (OTP) delivered via email or SMS. Versa Director accepts untrusted user input when dispatching 2FA codes, allowing an attacker who knows a valid username and password to redirect the OTP delivery (SMS/email) to their own device. OTP/TOTP codes are not invalidated after use, enabling reuse by an attacker who has previously intercepted or obtained a valid code. In addition, the 2FA system does not adequately restrict the number or frequency of login attempts. The OTP values are generated from a relatively small keyspace, making brute-force attacks more feasible. \r\n\r\nExploitation Status: \r\n\r\nVersa Networks is not aware of any reported instance where this vulnerability was exploited. Proof of concept for this vulnerability has been disclosed by third party security researchers.  \r\n\r\nWorkarounds or Mitigation: \r\n\r\nVersa recommends that Director be upgraded to one of the remediated software versions."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "support@hackerone.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+          "baseScore": 6.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.4
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://security-portal.versa-networks.com/emailbulletins/68526512dc94d6b9f2faf715",
+      "source": "support@hackerone.com"
+    },
+    {
+      "url": "https://support.versa-networks.com/support/solutions/articles/23000024323-release-21-2-3",
+      "source": "support@hackerone.com"
+    },
+    {
+      "url": "https://support.versa-networks.com/support/solutions/articles/23000025680-release-22-1-2",
+      "source": "support@hackerone.com"
+    },
+    {
+      "url": "https://support.versa-networks.com/support/solutions/articles/23000026033-release-22-1-3",
+      "source": "support@hackerone.com"
+    },
+    {
+      "url": "https://support.versa-networks.com/support/solutions/articles/23000026708-release-22-1-4",
+      "source": "support@hackerone.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-231xx/CVE-2025-23169.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2025-23169",
+  "sourceIdentifier": "support@hackerone.com",
+  "published": "2025-06-19T00:15:21.497",
+  "lastModified": "2025-06-19T00:15:21.497",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Versa Director SD-WAN orchestration platform allows customization of the user interface, including the header, footer, and logo. However, the input provided for these customizations is not properly validated or sanitized, allowing a malicious user to inject and store cross-site scripting (XSS) payloads. \r\n\r\nExploitation Status: \r\n\r\nVersa Networks is not aware of any reported instance where this vulnerability was exploited. Proof of concept for this vulnerability has been disclosed by third party security researchers.  \r\n\r\nWorkarounds or Mitigation: \r\n\r\nThere are no workarounds to disable the GUI option. Versa recommends that Director be upgraded to one of the remediated software versions."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "support@hackerone.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
+          "baseScore": 6.1,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 0.9,
+        "impactScore": 5.2
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://security-portal.versa-networks.com/emailbulletins/68526a08dc94d6b9f2faf716",
+      "source": "support@hackerone.com"
+    },
+    {
+      "url": "https://support.versa-networks.com/support/solutions/articles/23000024323-release-21-2-3",
+      "source": "support@hackerone.com"
+    },
+    {
+      "url": "https://support.versa-networks.com/support/solutions/articles/23000025680-release-22-1-2",
+      "source": "support@hackerone.com"
+    },
+    {
+      "url": "https://support.versa-networks.com/support/solutions/articles/23000026033-release-22-1-3",
+      "source": "support@hackerone.com"
+    },
+    {
+      "url": "https://support.versa-networks.com/support/solutions/articles/23000026708-release-22-1-4",
+      "source": "support@hackerone.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-231xx/CVE-2025-23170.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2025-23170",
+  "sourceIdentifier": "support@hackerone.com",
+  "published": "2025-06-19T00:15:21.620",
+  "lastModified": "2025-06-19T00:15:21.620",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Versa Director SD-WAN orchestration platform includes functionality to initiate SSH sessions to remote CPEs and the Director shell via Shell-In-A-Box. The underlying Python script, shell-connect.py, is vulnerable to command injection through the user argument. This allows an attacker to execute arbitrary commands on the system. \r\n\r\nExploitation Status: \r\n\r\nVersa Networks is not aware of any reported instance where this vulnerability was exploited. Proof of concept for this vulnerability has been disclosed by third party security researchers.  \r\n\r\nWorkarounds or Mitigation: \r\n\r\nThere are no workarounds to disable the GUI option. Versa recommends that Director be upgraded to one of the remediated software versions."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "support@hackerone.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
+          "baseScore": 6.7,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 0.8,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://security-portal.versa-networks.com/emailbulletins/68526bc7dc94d6b9f2faf717",
+      "source": "support@hackerone.com"
+    },
+    {
+      "url": "https://support.versa-networks.com/support/solutions/articles/23000024323-release-21-2-3",
+      "source": "support@hackerone.com"
+    },
+    {
+      "url": "https://support.versa-networks.com/support/solutions/articles/23000025680-release-22-1-2",
+      "source": "support@hackerone.com"
+    },
+    {
+      "url": "https://support.versa-networks.com/support/solutions/articles/23000026033-release-22-1-3",
+      "source": "support@hackerone.com"
+    },
+    {
+      "url": "https://support.versa-networks.com/support/solutions/articles/23000026708-release-22-1-4",
+      "source": "support@hackerone.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-231xx/CVE-2025-23171.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2025-23171",
+  "sourceIdentifier": "support@hackerone.com",
+  "published": "2025-06-19T00:15:21.743",
+  "lastModified": "2025-06-19T00:15:21.743",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Versa Director SD-WAN orchestration platform provides an option to upload various types of files. The Versa Director does not correctly limit file upload permissions. The UI appears not to allow file uploads but uploads still succeed. In addition, the Versa Director discloses the full filename of uploaded temporary files, including the UUID prefix. Insecure UCPE image upload in Versa Director allows an authenticated attacker to upload a webshell. \r\n\r\nExploitation Status: \r\n\r\nVersa Networks is not aware of any reported instance where this vulnerability was exploited. Proof of concept for this vulnerability has been disclosed by third party security researchers.  \r\n\r\nWorkarounds or Mitigation: \r\n\r\nThere are no workarounds to disable the GUI option. Versa recommends that Director be upgraded to one of the remediated software versions."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "support@hackerone.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
+          "baseScore": 7.2,
+          "baseSeverity": "HIGH",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 1.2,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://security-portal.versa-networks.com/emailbulletins/68526dbbdc94d6b9f2faf71a",
+      "source": "support@hackerone.com"
+    },
+    {
+      "url": "https://support.versa-networks.com/support/solutions/articles/23000024323-release-21-2-3",
+      "source": "support@hackerone.com"
+    },
+    {
+      "url": "https://support.versa-networks.com/support/solutions/articles/23000025680-release-22-1-2",
+      "source": "support@hackerone.com"
+    },
+    {
+      "url": "https://support.versa-networks.com/support/solutions/articles/23000026033-release-22-1-3",
+      "source": "support@hackerone.com"
+    },
+    {
+      "url": "https://support.versa-networks.com/support/solutions/articles/23000026708-release-22-1-4",
+      "source": "support@hackerone.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-231xx/CVE-2025-23172.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2025-23172",
+  "sourceIdentifier": "support@hackerone.com",
+  "published": "2025-06-19T00:15:21.857",
+  "lastModified": "2025-06-19T00:15:21.857",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Versa Director SD-WAN orchestration platform includes a Webhook feature for sending notifications to external HTTP endpoints. However, the \"Add Webhook\" and \"Test Webhook\" functionalities can be abused by an authenticated user to send crafted HTTP requests to localhost. This can be leveraged to execute commands on behalf of the versa user, who has sudo privileges, potentially leading to privilege escalation or remote code execution.  \r\n \r\nExploitation Status: \r\n\r\nVersa Networks is not aware of any reported instance where this vulnerability was exploited. Proof of concept for this vulnerability has been disclosed by third party security researchers.  \r\n\r\nWorkarounds or Mitigation: \r\n\r\nThere are no workarounds to disable the GUI option. Versa recommends that Director be upgraded to one of the remediated software versions."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "support@hackerone.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
+          "baseScore": 7.2,
+          "baseSeverity": "HIGH",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 1.2,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://security-portal.versa-networks.com/emailbulletins/68526e7bdc94d6b9f2faf71b",
+      "source": "support@hackerone.com"
+    },
+    {
+      "url": "https://support.versa-networks.com/support/solutions/articles/23000024323-release-21-2-3",
+      "source": "support@hackerone.com"
+    },
+    {
+      "url": "https://support.versa-networks.com/support/solutions/articles/23000025680-release-22-1-2",
+      "source": "support@hackerone.com"
+    },
+    {
+      "url": "https://support.versa-networks.com/support/solutions/articles/23000026033-release-22-1-3",
+      "source": "support@hackerone.com"
+    },
+    {
+      "url": "https://support.versa-networks.com/support/solutions/articles/23000026708-release-22-1-4",
+      "source": "support@hackerone.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-231xx/CVE-2025-23173.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2025-23173",
+  "sourceIdentifier": "support@hackerone.com",
+  "published": "2025-06-19T00:15:21.977",
+  "lastModified": "2025-06-19T00:15:21.977",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Versa Director SD-WAN orchestration platform provides direct web-based access to uCPE virtual machines through the Director GUI. By default, the websockify service is exposed on port 6080 and accessible from the internet. This exposure introduces significant risk, as websockify has known weaknesses that can be exploited, potentially leading to remote code execution. \r\n\r\nVersa Networks is not aware of any reported instance where this vulnerability was exploited. Proof of concept for this vulnerability has been disclosed by third party security researchers.  \r\n\r\nWorkarounds or Mitigation: \r\n\r\nRestrict access to TCP port 6080 if uCPE console access is not necessary. Versa recommends that Director be upgraded to one of the remediated software versions."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "support@hackerone.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
+          "baseScore": 7.5,
+          "baseSeverity": "HIGH",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://security-portal.versa-networks.com/emailbulletins/68526ee0dc94d6b9f2faf71c",
+      "source": "support@hackerone.com"
+    },
+    {
+      "url": "https://support.versa-networks.com/support/solutions/articles/23000024323-release-21-2-3",
+      "source": "support@hackerone.com"
+    },
+    {
+      "url": "https://support.versa-networks.com/support/solutions/articles/23000025680-release-22-1-2",
+      "source": "support@hackerone.com"
+    },
+    {
+      "url": "https://support.versa-networks.com/support/solutions/articles/23000026033-release-22-1-3",
+      "source": "support@hackerone.com"
+    },
+    {
+      "url": "https://support.versa-networks.com/support/solutions/articles/23000026708-release-22-1-4",
+      "source": "support@hackerone.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-242xx/CVE-2025-24286.json

@@ -0,0 +1,44 @@
+{
+  "id": "CVE-2025-24286",
+  "sourceIdentifier": "support@hackerone.com",
+  "published": "2025-06-19T00:15:22.093",
+  "lastModified": "2025-06-19T00:15:22.093",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability allowing an authenticated user with the Backup Operator role to modify backup jobs, which could execute arbitrary code."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "support@hackerone.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
+          "baseScore": 7.2,
+          "baseSeverity": "HIGH",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 1.2,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://www.veeam.com/kb4743",
+      "source": "support@hackerone.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-242xx/CVE-2025-24287.json

@@ -0,0 +1,44 @@
+{
+  "id": "CVE-2025-24287",
+  "sourceIdentifier": "support@hackerone.com",
+  "published": "2025-06-19T00:15:22.207",
+  "lastModified": "2025-06-19T00:15:22.207",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability allowing local system users to modify directory contents, allowing for arbitrary code execution on the local system with elevated permissions."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "support@hackerone.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
+          "baseScore": 6.1,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "LOW"
+        },
+        "exploitabilityScore": 1.8,
+        "impactScore": 4.2
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://www.veeam.com/kb4743",
+      "source": "support@hackerone.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-242xx/CVE-2025-24288.json

@@ -0,0 +1,48 @@
+{
+  "id": "CVE-2025-24288",
+  "sourceIdentifier": "support@hackerone.com",
+  "published": "2025-06-19T00:15:22.323",
+  "lastModified": "2025-06-19T00:15:22.323",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Versa Director software exposes a number of services by default and allow attackers an easy foothold due to default credentials and multiple accounts (most with sudo access) that utilize the same default credentials. By default, Versa director exposes ssh and postgres to the internet, alongside a host of other services.\r\n\r\nVersa Networks is not aware of any reported instance where this vulnerability was exploited. Proof of concept for this vulnerability has been disclosed by third party security researchers.  \r\n\r\nWorkarounds or Mitigation: \r\n\r\nVersa recommends the following  security controls:\r\n\r\n1) Change default passwords to complex passwords\r\n2) Passwords must be complex with at least 8 characters that comprise of upper case, and lower case alphabets,  as well as at at least one digit, and one special character\r\n3) Passwords must be changed at least every 90 days\r\n4) Password change history is checked to ensure that the at least the last 5 passwords must be used when changing password.\r\n5) Review and audit logs for all authentication attempts to check for unauthorized/suspicious login attempts and enforce remediation steps."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "support@hackerone.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+          "baseScore": 9.8,
+          "baseSeverity": "CRITICAL",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://security-portal.versa-networks.com/emailbulletins/68526d12dc94d6b9f2faf719",
+      "source": "support@hackerone.com"
+    },
+    {
+      "url": "https://support.versa-networks.com/support/solutions/articles/23000026708-release-22-1-4",
+      "source": "support@hackerone.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-242xx/CVE-2025-24291.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2025-24291",
+  "sourceIdentifier": "support@hackerone.com",
+  "published": "2025-06-19T00:15:22.437",
+  "lastModified": "2025-06-19T00:15:22.437",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Versa Director SD-WAN orchestration platform provides functionality to upload various types of files. However, the Java code handling file uploads contains an argument injection vulnerability. By appending additional arguments to the file name, an attacker can bypass MIME type validation, allowing the upload of arbitrary file types. This flaw can be exploited to place a malicious file on disk. \r\n\r\nVersa Networks is not aware of any reported instance where this vulnerability was exploited. Proof of concept for this vulnerability has been disclosed by third party security researchers.  \r\n\r\nThere are no workarounds to disable the GUI option. Versa recommends that Director be upgraded to one of the remediated software versions."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "support@hackerone.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
+          "baseScore": 6.1,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 0.9,
+        "impactScore": 5.2
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://security-portal.versa-networks.com/emailbulletins/68526fc6dc94d6b9f2faf71d",
+      "source": "support@hackerone.com"
+    },
+    {
+      "url": "https://support.versa-networks.com/support/solutions/articles/23000024323-release-21-2-3",
+      "source": "support@hackerone.com"
+    },
+    {
+      "url": "https://support.versa-networks.com/support/solutions/articles/23000025680-release-22-1-2",
+      "source": "support@hackerone.com"
+    },
+    {
+      "url": "https://support.versa-networks.com/support/solutions/articles/23000026033-release-22-1-3",
+      "source": "support@hackerone.com"
+    },
+    {
+      "url": "https://support.versa-networks.com/support/solutions/articles/23000026708-release-22-1-4",
+      "source": "support@hackerone.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-255xx/CVE-2025-25580.json

@@ -2,8 +2,8 @@
   "id": "CVE-2025-25580",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2025-03-18T15:16:00.123",
-  "lastModified": "2025-03-19T19:15:44.917",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2025-06-19T00:18:57.017",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
@@ -51,10 +51,32 @@
       ]
     }
   ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:r1bbit:yimioa:*:*:*:*:*:*:*:*",
+              "versionEndExcluding": "2024.07.04",
+              "matchCriteriaId": "12EE45D4-0E6C-44B0-8E4F-1B821044BB12"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://gitee.com/r1bbit/yimioa/issues/IBI6XT",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Exploit",
+        "Issue Tracking"
+      ]
     }
   ]
 }

CVE-2025/CVE-2025-255xx/CVE-2025-25585.json

@@ -2,8 +2,8 @@
   "id": "CVE-2025-25585",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2025-03-18T15:16:00.253",
-  "lastModified": "2025-03-19T19:15:45.203",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2025-06-19T00:16:52.923",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
@@ -51,10 +51,32 @@
       ]
     }
   ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:r1bbit:yimioa:*:*:*:*:*:*:*:*",
+              "versionEndExcluding": "2024.07.04",
+              "matchCriteriaId": "12EE45D4-0E6C-44B0-8E4F-1B821044BB12"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://gitee.com/r1bbit/yimioa/issues/IBI7PG",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Exploit",
+        "Issue Tracking"
+      ]
     }
   ]
 }

CVE-2025/CVE-2025-255xx/CVE-2025-25590.json

@@ -2,8 +2,8 @@
   "id": "CVE-2025-25590",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2025-03-18T15:16:00.373",
-  "lastModified": "2025-03-19T19:15:45.640",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2025-06-19T00:17:23.083",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
@@ -51,10 +51,32 @@
       ]
     }
   ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:r1bbit:yimioa:*:*:*:*:*:*:*:*",
+              "versionEndExcluding": "2024.07.04",
+              "matchCriteriaId": "12EE45D4-0E6C-44B0-8E4F-1B821044BB12"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://gitee.com/r1bbit/yimioa/issues/IBI7XH",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Exploit",
+        "Issue Tracking"
+      ]
     }
   ]
 }

CVE-2025/CVE-2025-279xx/CVE-2025-27913.json

@@ -2,8 +2,8 @@
   "id": "CVE-2025-27913",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2025-03-10T20:15:14.500",
-  "lastModified": "2025-03-11T03:15:40.027",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2025-06-19T00:14:38.870",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
@@ -95,10 +95,32 @@
       ]
     }
   ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:passbolt:passbolt_api:*:*:*:*:*:*:*:*",
+              "versionEndExcluding": "5.0.0",
+              "matchCriteriaId": "B392CCF7-6685-4C9F-AD83-9D98B1D1625C"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://www.passbolt.com/incidents/host-header-injection",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Vendor Advisory",
+        "Mitigation"
+      ]
     }
   ]
 }

CVE-2025/CVE-2025-290xx/CVE-2025-29058.json

@@ -2,8 +2,8 @@
   "id": "CVE-2025-29058",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2025-04-18T21:15:43.843",
-  "lastModified": "2025-04-21T14:23:45.950",
-  "vulnStatus": "Undergoing Analysis",
+  "lastModified": "2025-06-19T00:24:18.037",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
@@ -51,10 +51,30 @@
       ]
     }
   ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:qimou_cms_project:qimou_cms:3.34.0:*:*:*:*:*:*:*",
+              "matchCriteriaId": "B50095A0-C8D6-4504-8E83-ABB06128C792"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://cdn.wjlin0.com/halo-img/74CMSv3.34.0%E5%AD%98%E5%9C%A8%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96%E6%BC%8F%E6%B4%9E.zip",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Broken Link"
+      ]
     }
   ]
 }

CVE-2025/CVE-2025-293xx/CVE-2025-29339.json

@@ -2,8 +2,8 @@
   "id": "CVE-2025-29339",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2025-04-22T17:16:46.827",
-  "lastModified": "2025-04-23T14:15:28.957",
-  "vulnStatus": "Undergoing Analysis",
+  "lastModified": "2025-06-19T00:23:24.013",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
@@ -51,10 +51,33 @@
       ]
     }
   ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:open5gs:open5gs:*:*:*:*:*:*:*:*",
+              "versionEndIncluding": "2.7.2",
+              "matchCriteriaId": "E8160C0A-E77F-487D-B5E0-C6657E80D327"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://github.com/open5gs/open5gs/issues/3727",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Exploit",
+        "Issue Tracking",
+        "Vendor Advisory"
+      ]
     }
   ]
 }

CVE-2025/CVE-2025-316xx/CVE-2025-31698.json

@@ -0,0 +1,33 @@
+{
+  "id": "CVE-2025-31698",
+  "sourceIdentifier": "security@apache.org",
+  "published": "2025-06-19T10:15:20.980",
+  "lastModified": "2025-06-19T10:15:20.980",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "ACL configured in ip_allow.config or remap.config does not use IP addresses that are provided by PROXY protocol.\n\nUsers can use a new setting (proxy.config.acl.subjects) to choose which IP addresses to use for the ACL if Apache Traffic Server is configured to accept PROXY protocol.\u00a0\nThis issue affects undefined: from 10.0.0 through 10.0.6, from 9.0.0 through 9.2.10.\n\nUsers are recommended to upgrade to version 9.2.11 or 10.0.6, which fixes the issue."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "security@apache.org",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-284"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://lists.apache.org/thread/15t32nxbypqg1m2smp640vjx89o6v5f8",
+      "source": "security@apache.org"
+    }
+  ]
+}

CVE-2025/CVE-2025-327xx/CVE-2025-32790.json

@@ -2,8 +2,8 @@
   "id": "CVE-2025-32790",
   "sourceIdentifier": "security-advisories@github.com",
   "published": "2025-04-18T13:15:58.177",
-  "lastModified": "2025-04-21T14:23:45.950",
-  "vulnStatus": "Undergoing Analysis",
+  "lastModified": "2025-06-19T00:36:04.717",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
@@ -36,6 +36,26 @@
         },
         "exploitabilityScore": 2.8,
         "impactScore": 3.4
+      },
+      {
+        "source": "nvd@nist.gov",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
+          "baseScore": 4.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 1.4
       }
     ]
   },
@@ -49,24 +69,69 @@
           "value": "CWE-284"
         }
       ]
+    },
+    {
+      "source": "nvd@nist.gov",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "NVD-CWE-noinfo"
+        }
+      ]
+    }
+  ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:langgenius:dify:*:*:*:*:*:node.js:*:*",
+              "versionEndExcluding": "0.6.13",
+              "matchCriteriaId": "DBA28F0B-2A55-4349-8728-2F6793E4295E"
+            }
+          ]
+        }
+      ]
     }
   ],
   "references": [
     {
       "url": "https://github.com/langgenius/dify/commit/59ad091e69736bc9dc1a3bace62ec0a232346246",
-      "source": "security-advisories@github.com"
+      "source": "security-advisories@github.com",
+      "tags": [
+        "Patch"
+      ]
     },
     {
       "url": "https://github.com/langgenius/dify/pull/5841",
-      "source": "security-advisories@github.com"
+      "source": "security-advisories@github.com",
+      "tags": [
+        "Issue Tracking",
+        "Vendor Advisory"
+      ]
     },
     {
       "url": "https://github.com/langgenius/dify/security/advisories/GHSA-jp6m-v4gw-5vgp",
-      "source": "security-advisories@github.com"
+      "source": "security-advisories@github.com",
+      "tags": [
+        "Exploit",
+        "Vendor Advisory",
+        "Mitigation"
+      ]
     },
     {
       "url": "https://github.com/langgenius/dify/security/advisories/GHSA-jp6m-v4gw-5vgp",
-      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
+      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+      "tags": [
+        "Exploit",
+        "Vendor Advisory",
+        "Mitigation"
+      ]
     }
   ]
 }

CVE-2025/CVE-2025-327xx/CVE-2025-32795.json

@@ -2,8 +2,8 @@
   "id": "CVE-2025-32795",
   "sourceIdentifier": "security-advisories@github.com",
   "published": "2025-04-18T16:15:23.627",
-  "lastModified": "2025-04-21T14:23:45.950",
-  "vulnStatus": "Undergoing Analysis",
+  "lastModified": "2025-06-19T00:25:59.333",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
@@ -49,20 +49,62 @@
           "value": "CWE-284"
         }
       ]
+    },
+    {
+      "source": "nvd@nist.gov",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "NVD-CWE-noinfo"
+        }
+      ]
+    }
+  ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:langgenius:dify:*:*:*:*:*:node.js:*:*",
+              "versionEndExcluding": "0.6.12",
+              "matchCriteriaId": "63A68C09-32F4-4AEE-B016-EFBAD72543EC"
+            }
+          ]
+        }
+      ]
     }
   ],
   "references": [
     {
       "url": "https://github.com/langgenius/dify/pull/5266",
-      "source": "security-advisories@github.com"
+      "source": "security-advisories@github.com",
+      "tags": [
+        "Issue Tracking",
+        "Vendor Advisory"
+      ]
     },
     {
       "url": "https://github.com/langgenius/dify/security/advisories/GHSA-gg5w-m2vw-vmmj",
-      "source": "security-advisories@github.com"
+      "source": "security-advisories@github.com",
+      "tags": [
+        "Exploit",
+        "Vendor Advisory",
+        "Mitigation"
+      ]
     },
     {
       "url": "https://github.com/langgenius/dify/security/advisories/GHSA-gg5w-m2vw-vmmj",
-      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
+      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+      "tags": [
+        "Exploit",
+        "Vendor Advisory",
+        "Mitigation"
+      ]
     }
   ]
 }

CVE-2025/CVE-2025-328xx/CVE-2025-32896.json

@@ -0,0 +1,41 @@
+{
+  "id": "CVE-2025-32896",
+  "sourceIdentifier": "security@apache.org",
+  "published": "2025-06-19T11:15:24.190",
+  "lastModified": "2025-06-19T11:15:24.190",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "# Summary\n\nUnauthorized users can perform Arbitrary File Read and Deserialization\nattack by submit job using restful api-v1.\n\n# Details\nUnauthorized users can access `/hazelcast/rest/maps/submit-job` to submit\njob.\nAn attacker can set extra params in mysql url to perform Arbitrary File\nRead and Deserialization attack.\n\nThis issue affects Apache SeaTunnel: <=2.3.10\n\n# Fixed\n\nUsers are recommended to upgrade to version 2.3.11, and enable restful api-v2 & open https two-way authentication , which fixes the issue."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "security@apache.org",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-306"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/apache/seatunnel/pull/9010",
+      "source": "security@apache.org"
+    },
+    {
+      "url": "https://lists.apache.org/thread/qvh3zyt1jr25rgvw955rb8qjrnbxfro9",
+      "source": "security@apache.org"
+    },
+    {
+      "url": "http://www.openwall.com/lists/oss-security/2025/04/12/1",
+      "source": "af854a3a-2127-422b-91ae-364da2661108"
+    }
+  ]
+}

CVE-2025/CVE-2025-380xx/CVE-2025-38030.json

@@ -2,40 +2,15 @@
   "id": "CVE-2025-38030",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2025-06-18T10:15:35.100",
-  "lastModified": "2025-06-18T13:46:52.973",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2025-06-19T13:15:51.760",
+  "vulnStatus": "Rejected",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
-      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"drm/amd: Keep display off while going into S4\"\n\ncommit 68bfdc8dc0a1a (\"drm/amd: Keep display off while going into S4\")\nattempted to keep displays off during the S4 sequence by not resuming\ndisplay IP.  This however leads to hangs because DRM clients such as the\nconsole can try to access registers and cause a hang.\n\n(cherry picked from commit e485502c37b097b0bd773baa7e2741bf7bd2909a)"
+      "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
     }
   ],
   "metrics": {},
-  "references": [
-    {
-      "url": "https://git.kernel.org/stable/c/7c220f89add8e7d6db63c9c4d9566917f8175a0b",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/7e7cb7a13c81073d38a10fa7b450d23712281ec4",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/9c40d1f7b75fc93d7ef02acc3a2a712cb057e576",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/ed7d24b0c375f74a1956e73d53549be78bf2774c",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/edfb7f9d27e2cd9aad55cfb5aaa6c67801613e6a",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
-    },
-    {
-      "url": "https://git.kernel.org/stable/c/ff887e77b777e806b5210eba229e0bd657e07b60",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
-    }
-  ]
+  "references": []
 }

CVE-2025/CVE-2025-43xx/CVE-2025-4367.json

@@ -0,0 +1,68 @@
+{
+  "id": "CVE-2025-4367",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2025-06-19T04:15:36.313",
+  "lastModified": "2025-06-19T04:15:36.313",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpdm_user_dashboard shortcode in all versions up to, and including, 3.3.18 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
+          "baseScore": 6.4,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 3.1,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-80"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/download-manager/trunk/src/User/views/dashboard/profile.php#L79",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/download-manager/trunk/src/wpdm-functions.php#L200",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3313608%40download-manager&old=3308801%40download-manager&sfp_email=&sfph_mail=",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/029956d7-6e3f-4159-9f53-05691e0262fc?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-446xx/CVE-2025-44612.json

@@ -2,8 +2,8 @@
   "id": "CVE-2025-44612",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2025-05-30T03:15:20.110",
-  "lastModified": "2025-05-30T22:15:22.617",
-  "vulnStatus": "Undergoing Analysis",
+  "lastModified": "2025-06-19T01:08:28.777",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
@@ -51,10 +51,42 @@
       ]
     }
   ],
+  "configurations": [
+    {
+      "operator": "AND",
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:tinxy:wifi_lock_controller_firmware:1:*:*:*:*:*:*:*",
+              "matchCriteriaId": "D5412F14-F539-403A-B269-AFCB5CC6A956"
+            }
+          ]
+        },
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:tinxy:wifi_lock_controller:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "D3D05B11-9932-4DD5-86C6-B66BA7D3949D"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://github.com/ShravanSinghRathore/Tinxy/wiki/1.-WiFi-Lock-Controller-v1-RF-%281%E2%80%909%29",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Third Party Advisory"
+      ]
     }
   ]
 }

CVE-2025/CVE-2025-446xx/CVE-2025-44614.json

@@ -2,8 +2,8 @@
   "id": "CVE-2025-44614",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2025-05-30T03:15:20.573",
-  "lastModified": "2025-05-30T22:15:22.790",
-  "vulnStatus": "Undergoing Analysis",
+  "lastModified": "2025-06-19T01:06:45.603",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
@@ -51,10 +51,42 @@
       ]
     }
   ],
+  "configurations": [
+    {
+      "operator": "AND",
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:tinxy:wifi_lock_controller_firmware:1:*:*:*:*:*:*:*",
+              "matchCriteriaId": "D5412F14-F539-403A-B269-AFCB5CC6A956"
+            }
+          ]
+        },
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:tinxy:wifi_lock_controller:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "D3D05B11-9932-4DD5-86C6-B66BA7D3949D"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://github.com/ShravanSinghRathore/Tinxy/wiki/1.-WiFi-Lock-Controller-v1-RF-%281%E2%80%909%29",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Third Party Advisory"
+      ]
     }
   ]
 }

CVE-2025/CVE-2025-446xx/CVE-2025-44619.json

@@ -2,8 +2,8 @@
   "id": "CVE-2025-44619",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2025-05-30T03:15:20.737",
-  "lastModified": "2025-05-30T22:15:22.967",
-  "vulnStatus": "Undergoing Analysis",
+  "lastModified": "2025-06-19T01:04:28.143",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
@@ -51,14 +51,49 @@
       ]
     }
   ],
+  "configurations": [
+    {
+      "operator": "AND",
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:tinxy:wifi_lock_controller_firmware:1:*:*:*:*:*:*:*",
+              "matchCriteriaId": "D5412F14-F539-403A-B269-AFCB5CC6A956"
+            }
+          ]
+        },
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:tinxy:wifi_lock_controller:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "D3D05B11-9932-4DD5-86C6-B66BA7D3949D"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "http://tinxy.com",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Broken Link"
+      ]
     },
     {
       "url": "http://wifi.com",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Product"
+      ]
     }
   ]
 }

CVE-2025/CVE-2025-449xx/CVE-2025-44906.json

@@ -2,8 +2,8 @@
   "id": "CVE-2025-44906",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2025-05-30T04:15:46.583",
-  "lastModified": "2025-05-30T22:15:23.487",
-  "vulnStatus": "Undergoing Analysis",
+  "lastModified": "2025-06-19T00:57:57.120",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
@@ -51,14 +51,39 @@
       ]
     }
   ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:jhead_project:jhead:3.08:*:*:*:*:*:*:*",
+              "matchCriteriaId": "E20ACC36-4896-4F01-B566-E37FC500A87C"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://github.com/madao123123/crash_report/blob/main/jhead/jhead.md",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Exploit",
+        "Third Party Advisory"
+      ]
     },
     {
       "url": "https://github.com/madao123123/crash_report/blob/main/jhead/jhead.md",
-      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
+      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+      "tags": [
+        "Exploit",
+        "Third Party Advisory"
+      ]
     }
   ]
 }

CVE-2025/CVE-2025-44xx/CVE-2025-4479.json

@@ -0,0 +1,68 @@
+{
+  "id": "CVE-2025-4479",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2025-06-19T04:15:49.147",
+  "lastModified": "2025-06-19T04:15:49.147",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The ElementsKit Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin image comparison widget's before/after labels in all versions up to, and including, 3.5.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
+          "baseScore": 6.4,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 3.1,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/elementskit-lite/tags/3.5.0/widgets/init/assets/js/elementor.js",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/elementskit-lite/tags/3.5.0/widgets/init/assets/js/widget-scripts.js",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3311822%40elementskit-lite&old=3300179%40elementskit-lite&sfp_email=&sfph_mail=",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c2995828-8a3e-400d-9e2b-aba8fd17cf00?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-454xx/CVE-2025-45474.json

@@ -2,8 +2,8 @@
   "id": "CVE-2025-45474",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2025-05-29T16:15:40.143",
-  "lastModified": "2025-05-30T16:31:03.107",
-  "vulnStatus": "Undergoing Analysis",
+  "lastModified": "2025-06-19T00:45:23.457",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
@@ -51,10 +51,31 @@
       ]
     }
   ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:maccms:maccms:10.0:2025.1000.4047:*:*:*:*:*:*",
+              "matchCriteriaId": "C5D75D35-F395-490F-8D42-D409A16FED9A"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://www.yuque.com/morysummer/vx41bz/ptnnp4eema601rvz",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Exploit",
+        "Third Party Advisory"
+      ]
     }
   ]
 }

CVE-2025/CVE-2025-458xx/CVE-2025-45878.json

@@ -2,13 +2,17 @@
   "id": "CVE-2025-45878",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2025-06-17T17:15:33.487",
-  "lastModified": "2025-06-17T20:50:23.507",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2025-06-19T01:16:08.927",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "A cross-site scripting (XSS) vulnerability in the report manager function of Miliaris Amigdala v2.2.6 allows attackers to execute arbitrary HTML in the context of a user's browser via a crafted payload."
+    },
+    {
+      "lang": "es",
+      "value": "Una vulnerabilidad de Cross-Site Scripting (XSS) en la funci\u00f3n de administrador de informes de Miliaris Amigdala v2.2.6 permite a los atacantes ejecutar HTML arbitrario en el contexto del navegador de un usuario a trav\u00e9s de un payload manipulado."
     }
   ],
   "metrics": {
@@ -47,14 +51,37 @@
       ]
     }
   ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:miliaris:amygdala:2.2.6:*:*:*:*:*:*:*",
+              "matchCriteriaId": "ED0824F0-D832-4AE3-9CE0-4B3B344E9C6B"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://www.miliaris.it/",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Product"
+      ]
     },
     {
       "url": "https://xaliom.blogspot.com/2025/06/cve-2025-45878cve-2025-45879-and-cve.html",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Third Party Advisory"
+      ]
     }
   ]
 }

CVE-2025/CVE-2025-458xx/CVE-2025-45879.json

@@ -2,13 +2,17 @@
   "id": "CVE-2025-45879",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2025-06-17T16:15:32.730",
-  "lastModified": "2025-06-17T20:50:23.507",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2025-06-19T01:17:35.180",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "A cross-site scripting (XSS) vulnerability in the e-mail manager function of Miliaris Amigdala v2.2.6 allows attackers to execute arbitrary HTML in the context of a user's browser via a crafted payload."
+    },
+    {
+      "lang": "es",
+      "value": "Una vulnerabilidad de Cross-Site Scripting (XSS) en la funci\u00f3n de administrador de correo electr\u00f3nico de Miliaris Amigdala v2.2.6 permite a los atacantes ejecutar HTML arbitrario en el contexto del navegador de un usuario a trav\u00e9s de un payload manipulado."
     }
   ],
   "metrics": {
@@ -47,14 +51,37 @@
       ]
     }
   ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:miliaris:amygdala:2.2.6:*:*:*:*:*:*:*",
+              "matchCriteriaId": "ED0824F0-D832-4AE3-9CE0-4B3B344E9C6B"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://www.miliaris.it/",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Product"
+      ]
     },
     {
       "url": "https://xaliom.blogspot.com/2025/06/cve-2025-45878cve-2025-45879-and-cve.html",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Third Party Advisory"
+      ]
     }
   ]
 }

CVE-2025/CVE-2025-458xx/CVE-2025-45880.json

@@ -2,13 +2,17 @@
   "id": "CVE-2025-45880",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2025-06-17T17:15:33.603",
-  "lastModified": "2025-06-17T20:50:23.507",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2025-06-19T01:14:25.967",
+  "vulnStatus": "Undergoing Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "A cross-site scripting (XSS) vulnerability in the data resource management function of Miliaris Amigdala v2.2.6 allows attackers to execute arbitrary HTML in the context of a user's browser via a crafted payload."
+    },
+    {
+      "lang": "es",
+      "value": "Una vulnerabilidad de Cross-Site Scripting (XSS) en la funci\u00f3n de gesti\u00f3n de recursos de datos de Miliaris Amigdala v2.2.6 permite a los atacantes ejecutar HTML arbitrario en el contexto del navegador de un usuario a trav\u00e9s de un payload manipulado."
     }
   ],
   "metrics": {
@@ -47,14 +51,37 @@
       ]
     }
   ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:miliaris:amygdala:2.2.6:*:*:*:*:*:*:*",
+              "matchCriteriaId": "ED0824F0-D832-4AE3-9CE0-4B3B344E9C6B"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://www.miliaris.it/",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Vendor Advisory"
+      ]
     },
     {
       "url": "https://xaliom.blogspot.com/2025/06/cve-2025-45878cve-2025-45879-and-cve.html",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Third Party Advisory"
+      ]
     }
   ]
 }

CVE-2025/CVE-2025-45xx/CVE-2025-4571.json

@@ -0,0 +1,88 @@
+{
+  "id": "CVE-2025-4571",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2025-06-19T07:15:27.383",
+  "lastModified": "2025-06-19T07:15:27.383",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The GiveWP \u2013 Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to unauthorized view and modification of data due to an insufficient capability check on the permissionsCheck functions in all versions up to, and including, 4.3.0. This makes it possible for authenticated attackers, with Contributor-level access and above, to view or delete fundraising campaigns, view donors' data, modify campaign events, etc."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
+          "baseScore": 5.4,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 2.5
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-862"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/give/tags/4.2.0/src/API/Endpoints/Logs/Endpoint.php#L26",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/give/tags/4.2.0/src/API/Endpoints/Logs/GetLogs.php#L40",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/give/tags/4.2.0/src/Campaigns/ListTable/Routes/DeleteCampaignListTable.php#L40",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/give/tags/4.2.0/src/Campaigns/ListTable/Routes/GetCampaignsListTable.php#L95",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/give/tags/4.2.0/src/Donors/Endpoints/Endpoint.php#L57",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/give/tags/4.2.0/src/Donors/Endpoints/ListDonors.php#L31",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/give/tags/4.2.0/src/EventTickets/Routes/UpdateEvent.php#L36",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset/3305112/",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8f03b4ef-e877-430e-a440-3af0feca818c?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-46xx/CVE-2025-4661.json

@@ -0,0 +1,78 @@
+{
+  "id": "CVE-2025-4661",
+  "sourceIdentifier": "sirt@brocade.com",
+  "published": "2025-06-19T03:15:25.530",
+  "lastModified": "2025-06-19T03:15:25.530",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A path transversal vulnerability in \nBrocade Fabric OS 9.1.0 through 9.2.2 could allow a local admin user to \ngain access to files outside the intended directory potentially leading \nto the disclosure of sensitive information.\n\n\nNote: Admin level privilege is required on the switch in order to exploit"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "sirt@brocade.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 4.8,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "ADJACENT",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "vulnConfidentialityImpact": "LOW",
+          "vulnIntegrityImpact": "NONE",
+          "vulnAvailabilityImpact": "NONE",
+          "subConfidentialityImpact": "NONE",
+          "subIntegrityImpact": "NONE",
+          "subAvailabilityImpact": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirement": "NOT_DEFINED",
+          "integrityRequirement": "NOT_DEFINED",
+          "availabilityRequirement": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
+          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
+          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
+          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
+          "modifiedSubIntegrityImpact": "NOT_DEFINED",
+          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
+          "Safety": "NOT_DEFINED",
+          "Automatable": "NOT_DEFINED",
+          "Recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "sirt@brocade.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-22"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35814",
+      "source": "sirt@brocade.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-477xx/CVE-2025-47748.json

@@ -2,8 +2,8 @@
   "id": "CVE-2025-47748",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2025-05-28T18:15:27.307",
-  "lastModified": "2025-05-30T17:15:29.117",
-  "vulnStatus": "Undergoing Analysis",
+  "lastModified": "2025-06-19T00:02:12.070",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
@@ -51,14 +51,39 @@
       ]
     }
   ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:netwrix:directory_manager:*:*:*:*:*:*:*:*",
+              "versionStartIncluding": "11.0.0.0",
+              "versionEndExcluding": "11.1.25134.03",
+              "matchCriteriaId": "C8C200D2-C9DC-47E4-9DA9-C61B7E27C651"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://community.netwrix.com/t/adv-2025-014-critical-vulnerabilities-in-netwrix-directory-manager-formerly-imanami-groupid-v11/13951",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Vendor Advisory"
+      ]
     },
     {
       "url": "https://netwrix.com",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Product"
+      ]
     }
   ]
 }

CVE-2025/CVE-2025-47xx/CVE-2025-4738.json

@@ -0,0 +1,56 @@
+{
+  "id": "CVE-2025-4738",
+  "sourceIdentifier": "iletisim@usom.gov.tr",
+  "published": "2025-06-19T13:15:51.840",
+  "lastModified": "2025-06-19T13:15:51.840",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yirmibes Software MY ERP allows SQL Injection.This issue affects MY ERP: before 1.170."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "iletisim@usom.gov.tr",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+          "baseScore": 9.8,
+          "baseSeverity": "CRITICAL",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "iletisim@usom.gov.tr",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.usom.gov.tr/bildirim/tr-25-0132",
+      "source": "iletisim@usom.gov.tr"
+    }
+  ]
+}

CVE-2025/CVE-2025-487xx/CVE-2025-48747.json

@@ -2,8 +2,8 @@
   "id": "CVE-2025-48747",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2025-05-28T18:15:27.553",
-  "lastModified": "2025-05-29T14:29:50.247",
-  "vulnStatus": "Undergoing Analysis",
+  "lastModified": "2025-06-19T00:01:01.873",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
@@ -51,14 +51,39 @@
       ]
     }
   ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:netwrix:directory_manager:*:*:*:*:*:*:*:*",
+              "versionStartIncluding": "11.0.0.0",
+              "versionEndExcluding": "11.1.25134.03",
+              "matchCriteriaId": "C8C200D2-C9DC-47E4-9DA9-C61B7E27C651"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://community.netwrix.com/t/adv-2025-014-critical-vulnerabilities-in-netwrix-directory-manager-formerly-imanami-groupid-v11/13951",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Vendor Advisory"
+      ]
     },
     {
       "url": "https://netwrix.com",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Product"
+      ]
     }
   ]
 }

CVE-2025/CVE-2025-487xx/CVE-2025-48749.json

@@ -2,8 +2,8 @@
   "id": "CVE-2025-48749",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2025-05-28T18:15:27.723",
-  "lastModified": "2025-05-29T14:29:50.247",
-  "vulnStatus": "Undergoing Analysis",
+  "lastModified": "2025-06-18T23:59:44.600",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
@@ -51,14 +51,39 @@
       ]
     }
   ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:netwrix:directory_manager:*:*:*:*:*:*:*:*",
+              "versionStartIncluding": "11.0.0.0",
+              "versionEndExcluding": "11.1.25134.03",
+              "matchCriteriaId": "C8C200D2-C9DC-47E4-9DA9-C61B7E27C651"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://community.netwrix.com/t/adv-2025-014-critical-vulnerabilities-in-netwrix-directory-manager-formerly-imanami-groupid-v11/13951",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Vendor Advisory"
+      ]
     },
     {
       "url": "https://netwrix.com",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Product"
+      ]
     }
   ]
 }

CVE-2025/CVE-2025-488xx/CVE-2025-48886.json

@@ -0,0 +1,64 @@
+{
+  "id": "CVE-2025-48886",
+  "sourceIdentifier": "security-advisories@github.com",
+  "published": "2025-06-19T15:15:20.473",
+  "lastModified": "2025-06-19T15:15:20.473",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Hydra is a layer-two scalability solution for Cardano. Prior to version 0.22.0, the process assumes L1 event finality and does not consider failed transactions. Currently, Cardano L1 is monitored for certain events which are necessary for state progression. At the moment, Hydra considers those events as finalized as soon as they are recognized by the node participants making such transactions the target of re-org attacks. The system does not currently consider the fact that failed transactions on the Cardano L1 can indeed appear in blocks because these transactions are so infrequent. This issue has been patched in version 0.22.0."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security-advisories@github.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N",
+          "baseScore": 4.8,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 1.2,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security-advisories@github.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-755"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/cardano-scaling/hydra/commit/2bc6a82ef6dbfa8b94e1c11d55253713065f605e",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/cardano-scaling/hydra/commit/fb22d968964bf5d5b79227cc845d871147044ce7",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/cardano-scaling/hydra/security/advisories/GHSA-qr9f-mpgf-wp25",
+      "source": "security-advisories@github.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-488xx/CVE-2025-48887.json

@@ -2,8 +2,8 @@
   "id": "CVE-2025-48887",
   "sourceIdentifier": "security-advisories@github.com",
   "published": "2025-05-30T18:15:32.500",
-  "lastModified": "2025-06-02T17:32:17.397",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2025-06-19T00:55:27.710",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
@@ -51,22 +51,56 @@
       ]
     }
   ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:vllm:vllm:*:*:*:*:*:*:*:*",
+              "versionStartIncluding": "0.6.4",
+              "versionEndExcluding": "0.9.0",
+              "matchCriteriaId": "18A93B72-AD3E-46D7-8948-E0765D4A7CB1"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://github.com/vllm-project/vllm/commit/4fc1bf813ad80172c1db31264beaef7d93fe0601",
-      "source": "security-advisories@github.com"
+      "source": "security-advisories@github.com",
+      "tags": [
+        "Patch"
+      ]
     },
     {
       "url": "https://github.com/vllm-project/vllm/pull/18454",
-      "source": "security-advisories@github.com"
+      "source": "security-advisories@github.com",
+      "tags": [
+        "Issue Tracking",
+        "Patch"
+      ]
     },
     {
       "url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-w6q7-j642-7c25",
-      "source": "security-advisories@github.com"
+      "source": "security-advisories@github.com",
+      "tags": [
+        "Exploit",
+        "Vendor Advisory"
+      ]
     },
     {
       "url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-w6q7-j642-7c25",
-      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
+      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+      "tags": [
+        "Exploit",
+        "Vendor Advisory"
+      ]
     }
   ]
 }

CVE-2025/CVE-2025-490xx/CVE-2025-49014.json

@@ -0,0 +1,82 @@
+{
+  "id": "CVE-2025-49014",
+  "sourceIdentifier": "security-advisories@github.com",
+  "published": "2025-06-19T15:15:20.650",
+  "lastModified": "2025-06-19T15:15:20.650",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "jq is a command-line JSON processor. In version 1.8.0 a heap use after free vulnerability exists within the function f_strflocaltime of /src/builtin.c. This issue has been patched in commit 499c91b, no known fix version exists at time of publication."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "security-advisories@github.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 5.5,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "vulnConfidentialityImpact": "NONE",
+          "vulnIntegrityImpact": "NONE",
+          "vulnAvailabilityImpact": "LOW",
+          "subConfidentialityImpact": "NONE",
+          "subIntegrityImpact": "NONE",
+          "subAvailabilityImpact": "NONE",
+          "exploitMaturity": "PROOF_OF_CONCEPT",
+          "confidentialityRequirement": "NOT_DEFINED",
+          "integrityRequirement": "NOT_DEFINED",
+          "availabilityRequirement": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
+          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
+          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
+          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
+          "modifiedSubIntegrityImpact": "NOT_DEFINED",
+          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
+          "Safety": "NOT_DEFINED",
+          "Automatable": "NOT_DEFINED",
+          "Recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security-advisories@github.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-416"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/jqlang/jq/commit/499c91bca9d4d027833bc62787d1bb075c03680e",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/jqlang/jq/security/advisories/GHSA-rmjp-cr27-wpg2",
+      "source": "security-advisories@github.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-497xx/CVE-2025-49763.json

@@ -0,0 +1,33 @@
+{
+  "id": "CVE-2025-49763",
+  "sourceIdentifier": "security@apache.org",
+  "published": "2025-06-19T10:15:21.887",
+  "lastModified": "2025-06-19T10:15:21.887",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "ESI plugin does not have the limit for maximum inclusion depth, and that allows excessive memory consumption if malicious instructions are inserted.\n\nUsers can use a new setting for the plugin (--max-inclusion-depth) to limit it.\nThis issue affects Apache Traffic Server: from 10.0.0 through 10.0.5, from 9.0.0 through 9.2.10.\n\nUsers are recommended to upgrade to version 9.2.11 or 10.0.6,  which fixes the issue."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "security@apache.org",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-400"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://lists.apache.org/thread/15t32nxbypqg1m2smp640vjx89o6v5f8",
+      "source": "security@apache.org"
+    }
+  ]
+}

CVE-2025/CVE-2025-49xx/CVE-2025-4965.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2025-4965",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2025-06-19T07:15:30.313",
+  "lastModified": "2025-06-19T07:15:30.313",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The WPBakery Page Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Grid Builder feature in all versions up to, and including, 8.4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
+          "baseScore": 6.4,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 3.1,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://kb.wpbakery.com/docs/preface/release-notes/",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a0489172-279c-4397-a937-bca4840a196f?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-501xx/CVE-2025-50181.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2025-50181",
+  "sourceIdentifier": "security-advisories@github.com",
+  "published": "2025-06-19T01:15:24.453",
+  "lastModified": "2025-06-19T01:15:24.453",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, it is possible to disable redirects for all requests by instantiating a PoolManager and specifying retries in a way that disable redirects. By default, requests and botocore users are not affected. An application attempting to mitigate SSRF or open redirect vulnerabilities by disabling redirects at the PoolManager level will remain vulnerable. This issue has been patched in version 2.5.0."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security-advisories@github.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 1.6,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security-advisories@github.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-601"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-pq67-6m6q-mj2v",
+      "source": "security-advisories@github.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-501xx/CVE-2025-50182.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2025-50182",
+  "sourceIdentifier": "security-advisories@github.com",
+  "published": "2025-06-19T02:15:17.967",
+  "lastModified": "2025-06-19T02:15:17.967",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, urllib3 does not control redirects in browsers and Node.js. urllib3 supports being used in a Pyodide runtime utilizing the JavaScript Fetch API or falling back on XMLHttpRequest. This means Python libraries can be used to make HTTP requests from a browser or Node.js. Additionally, urllib3 provides a mechanism to control redirects, but the retries and redirect parameters are ignored with Pyodide; the runtime itself determines redirect behavior. This issue has been patched in version 2.5.0."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security-advisories@github.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 1.6,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security-advisories@github.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-601"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/urllib3/urllib3/commit/7eb4a2aafe49a279c29b6d1f0ed0f42e9736194f",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-48p4-8xcf-vxj5",
+      "source": "security-advisories@github.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-501xx/CVE-2025-50183.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2025-50183",
+  "sourceIdentifier": "security-advisories@github.com",
+  "published": "2025-06-19T03:15:25.717",
+  "lastModified": "2025-06-19T03:15:25.717",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "OpenList Frontend is a UI component for OpenList. Prior to version 4.0.0-rc.4, a vulnerability exists in the file preview/browsing feature of the application, where files with a .py extension that contain JavaScript code wrapped in <script> tags may be interpreted and executed as HTML in certain modes. This leads to a stored XSS vulnerability. This issue has been patched in version 4.0.0-rc.4."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security-advisories@github.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
+          "baseScore": 6.5,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security-advisories@github.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/OpenListTeam/OpenList-Frontend/commit/7b5ed20c608c7b9b36d1950a386678e0a89f8175",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/OpenListTeam/OpenList/security/advisories/GHSA-2hw3-h8qx-hqqp",
+      "source": "security-advisories@github.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-502xx/CVE-2025-50201.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2025-50201",
+  "sourceIdentifier": "security-advisories@github.com",
+  "published": "2025-06-19T04:15:49.340",
+  "lastModified": "2025-06-19T04:15:49.340",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "WeGIA is a web manager for charitable institutions. Prior to version 3.4.2, an OS Command Injection vulnerability was identified in the /html/configuracao/debug_info.php endpoint. The branch parameter is not properly sanitized before being concatenated and executed in a shell command on the server's operating system. This flaw allows an unauthenticated attacker to execute arbitrary commands on the server with the privileges of the web server user (www-data). This issue has been patched in version 3.4.2."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security-advisories@github.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+          "baseScore": 9.8,
+          "baseSeverity": "CRITICAL",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security-advisories@github.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-78"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/LabRedesCefetRJ/WeGIA/commit/45f32ad1d52775fc99f3c90075c8136c6d4d1d3d",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-52p5-5fmw-9hrf",
+      "source": "security-advisories@github.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-50xx/CVE-2025-5071.json

@@ -0,0 +1,64 @@
+{
+  "id": "CVE-2025-5071",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2025-06-19T10:15:22.027",
+  "lastModified": "2025-06-19T10:15:22.027",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The AI Engine plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the 'Meow_MWAI_Labs_MCP::can_access_mcp' function in versions 2.8.0 to 2.8.3. This makes it possible for authenticated attackers, with subscriber-level access and above, to have full access to the MCP and run various commands like 'wp_create_user', 'wp_update_user' and 'wp_update_option', which can be used for privilege escalation, and 'wp_update_post', 'wp_delete_post', 'wp_update_comment' and 'wp_delete_comment', which can be used to edit and delete posts and comments."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+          "baseScore": 8.8,
+          "baseSeverity": "HIGH",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-863"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/ai-engine/tags/2.8.1/labs/mcp.php#L43",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset/3313554/ai-engine#file21",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0e7654a1-0020-4bf1-86be-bdb238a9fe0d?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-51xx/CVE-2025-5136.json

@@ -2,8 +2,8 @@
   "id": "CVE-2025-5136",
   "sourceIdentifier": "cna@vuldb.com",
   "published": "2025-05-25T00:15:23.043",
-  "lastModified": "2025-05-28T18:15:29.530",
-  "vulnStatus": "Undergoing Analysis",
+  "lastModified": "2025-06-19T00:43:40.970",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
@@ -122,28 +122,78 @@
           "value": "CWE-330"
         }
       ]
+    },
+    {
+      "source": "nvd@nist.gov",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "NVD-CWE-noinfo"
+        }
+      ]
+    }
+  ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:project_team:tmall_demo:*:*:*:*:*:*:*:*",
+              "versionEndIncluding": "2025-05-05",
+              "matchCriteriaId": "7E13454D-93F2-4322-91A6-F4F365B6AA50"
+            }
+          ]
+        }
+      ]
     }
   ],
   "references": [
     {
       "url": "https://github.com/bdkuzma/vuln/issues/15",
-      "source": "cna@vuldb.com"
+      "source": "cna@vuldb.com",
+      "tags": [
+        "Issue Tracking",
+        "Third Party Advisory",
+        "Exploit"
+      ]
     },
     {
       "url": "https://vuldb.com/?ctiid.310215",
-      "source": "cna@vuldb.com"
+      "source": "cna@vuldb.com",
+      "tags": [
+        "Permissions Required",
+        "VDB Entry"
+      ]
     },
     {
       "url": "https://vuldb.com/?id.310215",
-      "source": "cna@vuldb.com"
+      "source": "cna@vuldb.com",
+      "tags": [
+        "Third Party Advisory",
+        "VDB Entry"
+      ]
     },
     {
       "url": "https://vuldb.com/?submit.571960",
-      "source": "cna@vuldb.com"
+      "source": "cna@vuldb.com",
+      "tags": [
+        "Third Party Advisory",
+        "VDB Entry"
+      ]
     },
     {
       "url": "https://github.com/bdkuzma/vuln/issues/15",
-      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
+      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+      "tags": [
+        "Issue Tracking",
+        "Third Party Advisory",
+        "Exploit"
+      ]
     }
   ]
 }

CVE-2025/CVE-2025-51xx/CVE-2025-5198.json

@@ -2,8 +2,8 @@
   "id": "CVE-2025-5198",
   "sourceIdentifier": "secalert@redhat.com",
   "published": "2025-05-27T21:15:22.863",
-  "lastModified": "2025-05-28T15:01:30.720",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2025-06-19T00:08:12.993",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
@@ -36,6 +36,26 @@
         },
         "exploitabilityScore": 1.6,
         "impactScore": 3.4
+      },
+      {
+        "source": "nvd@nist.gov",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
+          "baseScore": 5.4,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 2.3,
+        "impactScore": 2.7
       }
     ]
   },
@@ -51,18 +71,61 @@
       ]
     }
   ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:redhat:advanced_cluster_security:4.0:*:*:*:*:kubernates:*:*",
+              "matchCriteriaId": "0FB56EBE-BCC0-4833-82B3-D5EFC50A7E65"
+            }
+          ]
+        }
+      ]
+    },
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:stackrox:stackrox:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "52EBFA77-3FF6-43EB-8606-C02D32796957"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://access.redhat.com/security/cve/CVE-2025-5198",
-      "source": "secalert@redhat.com"
+      "source": "secalert@redhat.com",
+      "tags": [
+        "Third Party Advisory"
+      ]
     },
     {
       "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368568",
-      "source": "secalert@redhat.com"
+      "source": "secalert@redhat.com",
+      "tags": [
+        "Issue Tracking",
+        "Third Party Advisory"
+      ]
     },
     {
       "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368568",
-      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
+      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+      "tags": [
+        "Issue Tracking",
+        "Third Party Advisory"
+      ]
     }
   ]
 }

CVE-2025/CVE-2025-524xx/CVE-2025-52467.json

@@ -0,0 +1,64 @@
+{
+  "id": "CVE-2025-52467",
+  "sourceIdentifier": "security-advisories@github.com",
+  "published": "2025-06-19T03:15:25.870",
+  "lastModified": "2025-06-19T03:15:25.870",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "pgai is a Python library that transforms PostgreSQL into a retrieval engine for RAG and Agentic applications. Prior to commit 8eb3567, the pgai repository was vulnerable to an attack allowing the exfiltration of all secrets used in one workflow. In particular, the GITHUB_TOKEN with write permissions for the repository, allowing an attacker to tamper with all aspects of the repository, including pushing arbitrary code and releases. This issue has been patched in commit 8eb3567."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security-advisories@github.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
+          "baseScore": 9.1,
+          "baseSeverity": "CRITICAL",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 5.2
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security-advisories@github.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-200"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/timescale/pgai/commit/8eb356729c33560ce54b88b9a956960ad1e3ede8",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/timescale/pgai/pull/742",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/timescale/pgai/security/advisories/GHSA-89qq-hgvp-x37m",
+      "source": "security-advisories@github.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-524xx/CVE-2025-52474.json

@@ -0,0 +1,82 @@
+{
+  "id": "CVE-2025-52474",
+  "sourceIdentifier": "security-advisories@github.com",
+  "published": "2025-06-19T04:15:53.793",
+  "lastModified": "2025-06-19T04:15:53.793",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "WeGIA is a web manager for charitable institutions. Prior to version 3.4.2, a SQL Injection vulnerability was identified in the id parameter of the /WeGIA/controle/control.php endpoint. This vulnerability allows attacker to manipulate SQL queries and access sensitive database information, such as table names and sensitive data. This issue has been patched in version 3.4.2."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "security-advisories@github.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 8.3,
+          "baseSeverity": "HIGH",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "vulnConfidentialityImpact": "HIGH",
+          "vulnIntegrityImpact": "NONE",
+          "vulnAvailabilityImpact": "NONE",
+          "subConfidentialityImpact": "HIGH",
+          "subIntegrityImpact": "NONE",
+          "subAvailabilityImpact": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirement": "NOT_DEFINED",
+          "integrityRequirement": "NOT_DEFINED",
+          "availabilityRequirement": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
+          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
+          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
+          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
+          "modifiedSubIntegrityImpact": "NOT_DEFINED",
+          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
+          "Safety": "NOT_DEFINED",
+          "Automatable": "NOT_DEFINED",
+          "Recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security-advisories@github.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/LabRedesCefetRJ/WeGIA/commit/b6fbb3e21b8d71e50afe0395dca44acdd1ca2e29",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-rwvh-2gfh-wmcm",
+      "source": "security-advisories@github.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-52xx/CVE-2025-5234.json

@@ -0,0 +1,72 @@
+{
+  "id": "CVE-2025-5234",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2025-06-19T10:15:22.250",
+  "lastModified": "2025-06-19T10:15:22.250",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Gutenverse News plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018elementId\u2019 parameter in all versions up to, and including, 1.0.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
+          "baseScore": 6.4,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 3.1,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/gutenverse-news/tags/1.0.4/include/class/block/class-grab.php#L71",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset/3313123/",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset/3313123/gutenverse-news/trunk/include/class/block/class-grab.php",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://wordpress.org/plugins/gutenverse-news/#developers",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e8b1f60a-3a13-4679-af3e-d6f95fd83cea?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-54xx/CVE-2025-5490.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2025-5490",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2025-06-19T06:15:19.347",
+  "lastModified": "2025-06-19T06:15:19.347",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Football Pool plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.12.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
+          "baseScore": 5.5,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 2.3,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://wordpress.org/plugins/football-pool/#developers",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/16a285b1-7a20-455f-8f74-2e468dd436d3?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-55xx/CVE-2025-5524.json

@@ -0,0 +1,64 @@
+{
+  "id": "CVE-2025-5524",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2025-06-19T05:15:23.570",
+  "lastModified": "2025-06-19T05:15:23.570",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The OceanWP theme for WordPress is vulnerable to Stored Cross-Site Scripting via the Select HTML tag in all versions up to, and including, 4.0.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
+          "baseScore": 4.9,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 1.8,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://themes.trac.wordpress.org/browser/oceanwp/4.0.9/assets/js/select.min.js",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://themes.trac.wordpress.org/changeset/276114/",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/37b085f9-3b15-44aa-9ba0-de5321dfbce4?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-60xx/CVE-2025-6007.json

@@ -2,8 +2,8 @@
   "id": "CVE-2025-6007",
   "sourceIdentifier": "cna@vuldb.com",
   "published": "2025-06-12T02:15:27.450",
-  "lastModified": "2025-06-12T16:06:20.180",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2025-06-19T01:26:45.850",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
@@ -80,6 +80,26 @@
         },
         "exploitabilityScore": 1.2,
         "impactScore": 3.4
+      },
+      {
+        "source": "nvd@nist.gov",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
+          "baseScore": 7.2,
+          "baseSeverity": "HIGH",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 1.2,
+        "impactScore": 5.9
       }
     ],
     "cvssMetricV2": [
@@ -122,28 +142,75 @@
           "value": "CWE-89"
         }
       ]
+    },
+    {
+      "source": "nvd@nist.gov",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:kicode111:like-girl:5.2.0:*:*:*:*:*:*:*",
+              "matchCriteriaId": "2948AA51-987D-477A-9CE2-0A4C4AF7A13C"
+            }
+          ]
+        }
+      ]
     }
   ],
   "references": [
     {
       "url": "https://github.com/adminnerr/cve/issues/8",
-      "source": "cna@vuldb.com"
+      "source": "cna@vuldb.com",
+      "tags": [
+        "Exploit",
+        "Issue Tracking"
+      ]
     },
     {
       "url": "https://vuldb.com/?ctiid.312330",
-      "source": "cna@vuldb.com"
+      "source": "cna@vuldb.com",
+      "tags": [
+        "Permissions Required",
+        "VDB Entry"
+      ]
     },
     {
       "url": "https://vuldb.com/?id.312330",
-      "source": "cna@vuldb.com"
+      "source": "cna@vuldb.com",
+      "tags": [
+        "Third Party Advisory",
+        "VDB Entry"
+      ]
     },
     {
       "url": "https://vuldb.com/?submit.587569",
-      "source": "cna@vuldb.com"
+      "source": "cna@vuldb.com",
+      "tags": [
+        "Third Party Advisory",
+        "VDB Entry"
+      ]
     },
     {
       "url": "https://github.com/adminnerr/cve/issues/8",
-      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
+      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+      "tags": [
+        "Exploit",
+        "Issue Tracking"
+      ]
     }
   ]
 }

CVE-2025/CVE-2025-60xx/CVE-2025-6008.json

@@ -2,8 +2,8 @@
   "id": "CVE-2025-6008",
   "sourceIdentifier": "cna@vuldb.com",
   "published": "2025-06-12T02:15:27.647",
-  "lastModified": "2025-06-12T16:06:20.180",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2025-06-19T01:26:01.867",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
@@ -80,6 +80,26 @@
         },
         "exploitabilityScore": 1.2,
         "impactScore": 3.4
+      },
+      {
+        "source": "nvd@nist.gov",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
+          "baseScore": 7.2,
+          "baseSeverity": "HIGH",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 1.2,
+        "impactScore": 5.9
       }
     ],
     "cvssMetricV2": [
@@ -122,28 +142,75 @@
           "value": "CWE-89"
         }
       ]
+    },
+    {
+      "source": "nvd@nist.gov",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:kicode111:like-girl:5.2.0:*:*:*:*:*:*:*",
+              "matchCriteriaId": "2948AA51-987D-477A-9CE2-0A4C4AF7A13C"
+            }
+          ]
+        }
+      ]
     }
   ],
   "references": [
     {
       "url": "https://github.com/adminnerr/cve/issues/9",
-      "source": "cna@vuldb.com"
+      "source": "cna@vuldb.com",
+      "tags": [
+        "Exploit",
+        "Issue Tracking"
+      ]
     },
     {
       "url": "https://vuldb.com/?ctiid.312331",
-      "source": "cna@vuldb.com"
+      "source": "cna@vuldb.com",
+      "tags": [
+        "Permissions Required",
+        "VDB Entry"
+      ]
     },
     {
       "url": "https://vuldb.com/?id.312331",
-      "source": "cna@vuldb.com"
+      "source": "cna@vuldb.com",
+      "tags": [
+        "Third Party Advisory",
+        "VDB Entry"
+      ]
     },
     {
       "url": "https://vuldb.com/?submit.588088",
-      "source": "cna@vuldb.com"
+      "source": "cna@vuldb.com",
+      "tags": [
+        "Third Party Advisory",
+        "VDB Entry"
+      ]
     },
     {
       "url": "https://github.com/adminnerr/cve/issues/9",
-      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
+      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+      "tags": [
+        "Exploit",
+        "Issue Tracking"
+      ]
     }
   ]
 }