{ "CVE_data_type" : "CVE", "CVE_data_format" : "MITRE", "CVE_data_version" : "4.0", "CVE_data_numberOfCVEs" : "22898", "CVE_data_timestamp" : "2025-08-20T07:00Z", "CVE_Items" : [ { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0001", "ASSIGNER" : "vulnerability@ncsc.ch" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://borelenzo.github.io/stuff/2025/02/15/CVE-2025-0001.html", "name" : "https://borelenzo.github.io/stuff/2025/02/15/CVE-2025-0001.html", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Abacus ERP is versions older than 2024.210.16036, 2023.205.15833, 2022.105.15542 are affected by an authenticated arbitrary file read vulnerability." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-17T10:15Z", "lastModifiedDate" : "2025-02-17T10:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0014", "ASSIGNER" : "psirt@amd.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7037.html", "name" : "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7037.html", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Incorrect default permissions on the AMD Ryzen(TM) AI installation folder could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-04-02T17:15Z", "lastModifiedDate" : "2025-04-02T17:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0015", "ASSIGNER" : "arm-security@arm.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", "name" : "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to make improper GPU processing operations to gain access to already freed memory.This issue affects Valhall GPU Kernel Driver: from r48p0 through r49p1, from r50p0 through r52p0; Arm 5th Gen GPU Architecture Kernel Driver: from r48p0 through r49p1, from r50p0 through r52p0." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-03T11:15Z", "lastModifiedDate" : "2025-02-03T16:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0020", "ASSIGNER" : "psirt@esri.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Rejected reason: “This CVE ID is Rejected and will not be used. As the CNA of record ESRI has rejected this CVE as it is not a vulnerability”" } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-05-14T08:15Z", "lastModifiedDate" : "2025-05-19T19:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0035", "ASSIGNER" : "psirt@amd.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-9015.html", "name" : "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-9015.html", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Unquoted search path within AMD Cloud Manageability Service can allow a local attacker to escalate privileges, potentially resulting in arbitrary code execution." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-05-13T17:15Z", "lastModifiedDate" : "2025-05-13T19:35Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0036", "ASSIGNER" : "psirt@amd.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8011.html", "name" : "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8011.html", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "In AMD Versal Adaptive SoC devices, the incorrect configuration of the SSS during runtime (post-boot) cryptographic operations could cause data to be incorrectly written to and read from invalid locations as well as returning incorrect cryptographic data." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-06-10T00:15Z", "lastModifiedDate" : "2025-06-12T16:06Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0037", "ASSIGNER" : "psirt@amd.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8010.html", "name" : "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8010.html", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "In AMD Versal Adaptive SoC devices, the lack of address validation when executing PLM runtime services through the PLM firmware can allow access to isolated or protected memory spaces, resulting in the loss of integrity and confidentiality." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-06-10T00:15Z", "lastModifiedDate" : "2025-06-10T00:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0049", "ASSIGNER" : "security.reports@fortra.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-209" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.fortra.com/security/advisories/product-security/fi-2025-004", "name" : "https://www.fortra.com/security/advisories/product-security/fi-2025-004", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "When a Web User without Create permission on subfolders attempts to upload a file to a non-existent directory, the error message includes the absolute server path which may allow Fuzzing for application mapping.\nThis issue affects GoAnywhere: before 7.8.0." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:fortra:goanywhere_managed_file_transfer:*:*:*:*:*:*:*:*", "versionEndExcluding" : "7.8.0", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 4.3, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 1.4 } }, "publishedDate" : "2025-04-28T21:15Z", "lastModifiedDate" : "2025-05-10T00:55Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0050", "ASSIGNER" : "arm-security@arm.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://developer.arm.com/documentation/110435/latest/", "name" : "https://developer.arm.com/documentation/110435/latest/", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to make valid GPU processing operations, including via WebGL or WebGPU, to access a limited amount outside of buffer bounds.This issue affects Bifrost GPU Userspace Driver: from r0p0 through r49p2, from r50p0 through r51p0; Valhall GPU Userspace Driver: from r19p0 through r49p2, from r50p0 through r53p0; Arm 5th Gen GPU Architecture Userspace Driver: from r41p0 through r49p2, from r50p0 through r53p0." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-04-07T12:15Z", "lastModifiedDate" : "2025-04-08T19:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0051", "ASSIGNER" : "psirt@purestorage.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://support.purestorage.com/bundle/m_security_bulletins/page/Pure_Security/topics/concept/c_security_bulletins.html", "name" : "https://support.purestorage.com/bundle/m_security_bulletins/page/Pure_Security/topics/concept/c_security_bulletins.html", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Improper input validation performed during the authentication process of FlashArray could lead to a system Denial of Service." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-06-10T18:15Z", "lastModifiedDate" : "2025-06-10T18:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0052", "ASSIGNER" : "psirt@purestorage.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://support.purestorage.com/bundle/m_security_bulletins/page/Pure_Security/topics/concept/c_security_bulletins.html", "name" : "https://support.purestorage.com/bundle/m_security_bulletins/page/Pure_Security/topics/concept/c_security_bulletins.html", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Improper input validation performed during the authentication process of FlashBlade could lead to a system Denial of Service." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-06-10T18:15Z", "lastModifiedDate" : "2025-06-10T18:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0053", "ASSIGNER" : "cna@sap.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-209" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://me.sap.com/notes/3536461", "name" : "https://me.sap.com/notes/3536461", "refsource" : "", "tags" : [ ] }, { "url" : "https://url.sap/sapsecuritypatchday", "name" : "https://url.sap/sapsecuritypatchday", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "SAP NetWeaver Application Server for ABAP and ABAP Platform allows an attacker to gain unauthorized access to system information. By using a specific URL parameter, an unauthenticated attacker could retrieve details such as system configuration. This has a limited impact on the confidentiality of the application and may be leveraged to facilitate further attacks or exploits." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-14T01:15Z", "lastModifiedDate" : "2025-01-14T01:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0054", "ASSIGNER" : "cna@sap.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://me.sap.com/notes/3526203", "name" : "https://me.sap.com/notes/3526203", "refsource" : "", "tags" : [ ] }, { "url" : "https://url.sap/sapsecuritypatchday", "name" : "https://url.sap/sapsecuritypatchday", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "SAP NetWeaver Application Server Java does not sufficiently handle user input, resulting in a stored cross-site scripting vulnerability. The application allows attackers with basic user privileges to store a Javascript payload on the server, which could be later executed in the victim's web browser. With this the attacker might be able to read or modify information associated with the vulnerable web page." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-11T01:15Z", "lastModifiedDate" : "2025-02-18T18:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0055", "ASSIGNER" : "cna@sap.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-497" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://me.sap.com/notes/3472837", "name" : "https://me.sap.com/notes/3472837", "refsource" : "", "tags" : [ ] }, { "url" : "https://url.sap/sapsecuritypatchday", "name" : "https://url.sap/sapsecuritypatchday", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "SAP GUI for Windows stores user input on the client PC to improve usability. Under very specific circumstances an attacker with administrative privileges or access to the victim?s user directory on the Operating System level would be able to read this data. Depending on the user input provided in transactions, the disclosed data could range from non-critical data to highly sensitive data, causing high impact on confidentiality of the application." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-14T01:15Z", "lastModifiedDate" : "2025-01-14T01:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0056", "ASSIGNER" : "cna@sap.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-497" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://me.sap.com/notes/3502459", "name" : "https://me.sap.com/notes/3502459", "refsource" : "", "tags" : [ ] }, { "url" : "https://url.sap/sapsecuritypatchday", "name" : "https://url.sap/sapsecuritypatchday", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "SAP GUI for Java saves user input on the client PC to improve usability. An attacker with administrative privileges or access to the victim?s user directory on the Operating System level would be able to read this data. Depending on the user input provided in transactions, the disclosed data could range from non-critical data to highly sensitive data, causing high impact on confidentiality of the application." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-14T01:15Z", "lastModifiedDate" : "2025-01-14T01:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0057", "ASSIGNER" : "cna@sap.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-434" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://me.sap.com/notes/3514421", "name" : "https://me.sap.com/notes/3514421", "refsource" : "", "tags" : [ ] }, { "url" : "https://url.sap/sapsecuritypatchday", "name" : "https://url.sap/sapsecuritypatchday", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "SAP NetWeaver AS JAVA (User Admin Application) is vulnerable to stored cross site scripting vulnerability. An attacker posing as an admin can upload a photo with malicious JS content. When a victim visits the vulnerable component, the attacker can read and modify information within the scope of victim's web browser." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-14T01:15Z", "lastModifiedDate" : "2025-01-14T01:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0058", "ASSIGNER" : "cna@sap.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-639" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://me.sap.com/notes/3542698", "name" : "https://me.sap.com/notes/3542698", "refsource" : "", "tags" : [ ] }, { "url" : "https://url.sap/sapsecuritypatchday", "name" : "https://url.sap/sapsecuritypatchday", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "In SAP Business Workflow and SAP Flexible Workflow, an authenticated attacker can manipulate a parameter in an otherwise legitimate resource request to view sensitive information that should otherwise be restricted. The attacker does not have the ability to modify the information or to make the information unavailable." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-14T01:15Z", "lastModifiedDate" : "2025-01-14T01:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0059", "ASSIGNER" : "cna@sap.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-497" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://me.sap.com/notes/3503138", "name" : "https://me.sap.com/notes/3503138", "refsource" : "", "tags" : [ ] }, { "url" : "https://url.sap/sapsecuritypatchday", "name" : "https://url.sap/sapsecuritypatchday", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Applications based on SAP GUI for HTML in SAP NetWeaver Application Server ABAP store user input in the local browser storage to improve usability. An attacker with administrative privileges or access to the victim?s user directory on the Operating System level would be able to read this data. Depending on the user input provided in transactions, the disclosed data could range from non-critical data to highly sensitive data, causing high impact on confidentiality of the application." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-14T01:15Z", "lastModifiedDate" : "2025-01-14T01:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0060", "ASSIGNER" : "cna@sap.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-94" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://me.sap.com/notes/3474398", "name" : "https://me.sap.com/notes/3474398", "refsource" : "", "tags" : [ ] }, { "url" : "https://url.sap/sapsecuritypatchday", "name" : "https://url.sap/sapsecuritypatchday", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "SAP BusinessObjects Business Intelligence Platform allows an authenticated user with restricted access to inject malicious JS code which can read sensitive information from the server and send it to the attacker. The attacker could further use this information to impersonate as a high privileged user causing high impact on confidentiality and integrity of the application." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-14T01:15Z", "lastModifiedDate" : "2025-01-14T01:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0061", "ASSIGNER" : "cna@sap.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-497" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://me.sap.com/notes/3474398", "name" : "https://me.sap.com/notes/3474398", "refsource" : "", "tags" : [ ] }, { "url" : "https://url.sap/sapsecuritypatchday", "name" : "https://url.sap/sapsecuritypatchday", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "SAP BusinessObjects Business Intelligence Platform allows an unauthenticated attacker to perform session hijacking over the network without any user interaction, due to an information disclosure vulnerability. Attacker can access and modify all the data of the application." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-14T01:15Z", "lastModifiedDate" : "2025-01-14T01:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0062", "ASSIGNER" : "cna@sap.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://me.sap.com/notes/3557459", "name" : "https://me.sap.com/notes/3557459", "refsource" : "", "tags" : [ ] }, { "url" : "https://url.sap/sapsecuritypatchday", "name" : "https://url.sap/sapsecuritypatchday", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "SAP BusinessObjects Business Intelligence Platform allows an attacker to inject JavaScript code in Web Intelligence reports. This code is then executed in the victim's browser each time the vulnerable page is visited by the victim. On successful exploitation, an attacker could cause limited impact on confidentiality and integrity within the scope of victim?s browser. There is no impact on availability. This vulnerability occurs only when script/html execution is enabled by the administrator in Central Management Console." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "HIGH", "privilegesRequired" : "NONE", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 4.7, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 1.6, "impactScore" : 2.7 } }, "publishedDate" : "2025-03-11T01:15Z", "lastModifiedDate" : "2025-03-11T01:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0063", "ASSIGNER" : "cna@sap.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://me.sap.com/notes/3550816", "name" : "https://me.sap.com/notes/3550816", "refsource" : "", "tags" : [ ] }, { "url" : "https://url.sap/sapsecuritypatchday", "name" : "https://url.sap/sapsecuritypatchday", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "SAP NetWeaver AS ABAP and ABAP Platform does not check for authorization when a user executes some RFC function modules. This could lead to an attacker with basic user privileges to gain control over the data in Informix database, leading to complete compromise of confidentiality, integrity and availability." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-14T01:15Z", "lastModifiedDate" : "2025-01-14T01:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0064", "ASSIGNER" : "cna@sap.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-732" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://me.sap.com/notes/3525794", "name" : "https://me.sap.com/notes/3525794", "refsource" : "", "tags" : [ ] }, { "url" : "https://url.sap/sapsecuritypatchday", "name" : "https://url.sap/sapsecuritypatchday", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Under specific conditions, the Central Management Console of the SAP BusinessObjects Business Intelligence platform allows an attacker with admin rights to generate or retrieve a secret passphrase, enabling them to impersonate any user in the system. This results in a high impact on confidentiality and integrity, with no impact on availability." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-11T01:15Z", "lastModifiedDate" : "2025-02-18T18:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0065", "ASSIGNER" : "psirt@teamviewer.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2025-1001/", "name" : "https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2025-1001/", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Improper Neutralization of Argument Delimiters in the TeamViewer_service.exe component of TeamViewer Clients prior version 15.62 for Windows allows an attacker with local unprivileged access on a Windows system to elevate privileges via argument injection." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-28T11:15Z", "lastModifiedDate" : "2025-01-28T11:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0066", "ASSIGNER" : "cna@sap.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-732" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://me.sap.com/notes/3550708", "name" : "https://me.sap.com/notes/3550708", "refsource" : "", "tags" : [ ] }, { "url" : "https://url.sap/sapsecuritypatchday", "name" : "https://url.sap/sapsecuritypatchday", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Under certain conditions SAP NetWeaver AS for ABAP and ABAP Platform (Internet Communication Framework) allows an attacker to access restricted information due to weak access controls. This can have a significant impact on the confidentiality, integrity, and availability of an application" } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-14T01:15Z", "lastModifiedDate" : "2025-01-14T01:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0067", "ASSIGNER" : "cna@sap.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-862" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://me.sap.com/notes/3540108", "name" : "https://me.sap.com/notes/3540108", "refsource" : "", "tags" : [ ] }, { "url" : "https://url.sap/sapsecuritypatchday", "name" : "https://url.sap/sapsecuritypatchday", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Due to a missing authorization check on service endpoints in the SAP NetWeaver Application Server Java, an attacker with standard user role can create JCo connection entries, which are used for remote function calls from or to the application server. This could lead to low impact on confidentiality, integrity, and availability of the application." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-14T01:15Z", "lastModifiedDate" : "2025-01-14T01:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0068", "ASSIGNER" : "cna@sap.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-862" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://me.sap.com/notes/3550674", "name" : "https://me.sap.com/notes/3550674", "refsource" : "", "tags" : [ ] }, { "url" : "https://url.sap/sapsecuritypatchday", "name" : "https://url.sap/sapsecuritypatchday", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An obsolete functionality in SAP NetWeaver Application Server ABAP did not perform necessary authorization checks. Because of this, an authenticated attacker could obtain information that would otherwise be restricted. It has no impact on integrity or availability on the application." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-14T01:15Z", "lastModifiedDate" : "2025-01-14T01:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0069", "ASSIGNER" : "cna@sap.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-427" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://me.sap.com/notes/3542533", "name" : "https://me.sap.com/notes/3542533", "refsource" : "", "tags" : [ ] }, { "url" : "https://url.sap/sapsecuritypatchday", "name" : "https://url.sap/sapsecuritypatchday", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Due to DLL injection vulnerability in SAPSetup, an attacker with either local user privileges or with access to a compromised corporate user?s Windows account could gain higher privileges. With this, he could move laterally within the network and further compromise the active directory of a company. This leads to high impact on confidentiality, integrity and availability of the Windows server." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-14T01:15Z", "lastModifiedDate" : "2025-01-14T01:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0070", "ASSIGNER" : "cna@sap.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-287" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://me.sap.com/notes/3537476", "name" : "https://me.sap.com/notes/3537476", "refsource" : "", "tags" : [ ] }, { "url" : "https://url.sap/sapsecuritypatchday", "name" : "https://url.sap/sapsecuritypatchday", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "SAP NetWeaver Application Server for ABAP and ABAP Platform allows an authenticated attacker to obtain illegitimate access to the system by exploiting improper authentication checks, resulting in privilege escalation. On successful exploitation, this can result in potential security concerns. This results in a high impact on confidentiality, integrity, and availability." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-14T01:15Z", "lastModifiedDate" : "2025-01-14T01:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0071", "ASSIGNER" : "cna@sap.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-532" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://me.sap.com/notes/3558132", "name" : "https://me.sap.com/notes/3558132", "refsource" : "", "tags" : [ ] }, { "url" : "https://url.sap/sapsecuritypatchday", "name" : "https://url.sap/sapsecuritypatchday", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "SAP Web Dispatcher and Internet Communication Manager allow an attacker with administrative privileges to enable debugging trace mode with a specific parameter value. This exposes unencrypted passwords in the logs, causing a high impact on the confidentiality of the application. There is no impact on integrity or availability." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "HIGH", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 4.9, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 1.2, "impactScore" : 3.6 } }, "publishedDate" : "2025-03-11T01:15Z", "lastModifiedDate" : "2025-03-11T01:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0072", "ASSIGNER" : "arm-security@arm.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-416" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://developer.arm.com/documentation/110465/latest/", "name" : "https://developer.arm.com/documentation/110465/latest/", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU memory processing operations to gain access to already freed memory.\n\nThis issue affects Valhall GPU Kernel Driver: from r29p0 through r49p3, from r50p0 through r53p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p3, from r50p0 through r53p0." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:arm:5th_gen_gpu_architecture_kernel_driver:*:*:*:*:*:*:*:*", "versionStartIncluding" : "r41p0", "versionEndIncluding" : "r49p3", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:arm:5th_gen_gpu_architecture_kernel_driver:*:*:*:*:*:*:*:*", "versionStartIncluding" : "r50p0", "versionEndIncluding" : "r53p0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*", "versionStartIncluding" : "r29p0", "versionEndIncluding" : "r49p3", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*", "versionStartIncluding" : "r50p0", "versionEndIncluding" : "r53p0", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "LOCAL", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 7.8, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 1.8, "impactScore" : 5.9 } }, "publishedDate" : "2025-05-02T10:15Z", "lastModifiedDate" : "2025-05-12T16:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0073", "ASSIGNER" : "arm-security@arm.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://developer.arm.com/documentation/110466/latest/", "name" : "https://developer.arm.com/documentation/110466/latest/", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU memory processing operations to gain access to already freed memory.This issue affects Valhall GPU Kernel Driver: from r53p0 before r54p0; Arm 5th Gen GPU Architecture Kernel Driver: from r53p0 before r54p0." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:arm:5th_gen_gpu_architecture_kernel_driver:r53p0:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:arm:valhall_gpu_kernel_driver:r53p0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-06-02T11:15Z", "lastModifiedDate" : "2025-07-02T21:18Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0101", "ASSIGNER" : "info@cert.vde.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-190" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://cert.vde.com/en/advisories/VDE-2025-007", "name" : "https://cert.vde.com/en/advisories/VDE-2025-007", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A low privileged user can set the date of the devices to the 19th of January 2038 an therefore exceed the 32-Bit time limit. This causes some functions to work unexpected or stop working at all. Both during runtime and after a restart." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "NONE", "availabilityImpact" : "HIGH", "baseScore" : 6.5, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 3.6 } }, "publishedDate" : "2025-04-16T08:15Z", "lastModifiedDate" : "2025-04-16T13:25Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0103", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/PAN-SA-2025-0001", "name" : "https://security.paloaltonetworks.com/PAN-SA-2025-0001", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An SQL injection vulnerability in Palo Alto Networks Expedition enables an authenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. This vulnerability also enables attackers to create and read arbitrary files on the Expedition system." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-11T03:15Z", "lastModifiedDate" : "2025-01-11T03:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0104", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/PAN-SA-2025-0001", "name" : "https://security.paloaltonetworks.com/PAN-SA-2025-0001", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A reflected cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition enables attackers to execute malicious JavaScript code in the context of an authenticated Expedition user’s browser if that authenticated user clicks a malicious link that allows phishing attacks and could lead to Expedition browser-session theft." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-11T03:15Z", "lastModifiedDate" : "2025-01-11T03:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0105", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/PAN-SA-2025-0001", "name" : "https://security.paloaltonetworks.com/PAN-SA-2025-0001", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An arbitrary file deletion vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to delete arbitrary files accessible to the www-data user on the host filesystem." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-11T03:15Z", "lastModifiedDate" : "2025-01-11T03:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0106", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/PAN-SA-2025-0001", "name" : "https://security.paloaltonetworks.com/PAN-SA-2025-0001", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A wildcard expansion vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to enumerate files on the host filesystem." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-11T03:15Z", "lastModifiedDate" : "2025-01-11T03:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0107", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/PAN-SA-2025-0001", "name" : "https://security.paloaltonetworks.com/PAN-SA-2025-0001", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An OS command injection vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to run arbitrary OS commands as the www-data user in Expedition, which results in the disclosure of usernames, cleartext passwords, device configurations, and device API keys for firewalls running PAN-OS software." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-11T03:15Z", "lastModifiedDate" : "2025-01-15T23:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0108", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-306" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/iSee857/CVE-2025-0108-PoC", "name" : "https://github.com/iSee857/CVE-2025-0108-PoC", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://security.paloaltonetworks.com/CVE-2025-0108", "name" : "https://security.paloaltonetworks.com/CVE-2025-0108", "refsource" : "", "tags" : [ "Exploit", "Vendor Advisory" ] }, { "url" : "https://slcyber.io/blog/nginx-apache-path-confusion-to-auth-bypass-in-pan-os/", "name" : "https://slcyber.io/blog/nginx-apache-path-confusion-to-auth-bypass-in-pan-os/", "refsource" : "", "tags" : [ "Exploit", "Press/Media Coverage" ] }, { "url" : "https://www.bleepingcomputer.com/news/security/palo-alto-networks-tags-new-firewall-bug-as-exploited-in-attacks/", "name" : "https://www.bleepingcomputer.com/news/security/palo-alto-networks-tags-new-firewall-bug-as-exploited-in-attacks/", "refsource" : "", "tags" : [ "Press/Media Coverage", "Third Party Advisory" ] }, { "url" : "https://www.darkreading.com/remote-workforce/patch-now-cisa-researchers-warn-palo-alto-flaw-exploited-wild", "name" : "https://www.darkreading.com/remote-workforce/patch-now-cisa-researchers-warn-palo-alto-flaw-exploited-wild", "refsource" : "", "tags" : [ "Press/Media Coverage", "Third Party Advisory" ] }, { "url" : "https://www.securityweek.com/palo-alto-networks-confirms-exploitation-of-firewall-vulnerability/", "name" : "https://www.securityweek.com/palo-alto-networks-confirms-exploitation-of-firewall-vulnerability/", "refsource" : "", "tags" : [ "Press/Media Coverage", "Third Party Advisory" ] }, { "url" : "https://www.theregister.com/2025/02/19/palo_alto_firewall_attack/", "name" : "https://www.theregister.com/2025/02/19/palo_alto_firewall_attack/", "refsource" : "", "tags" : [ "Press/Media Coverage", "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts. While invoking these PHP scripts does not enable remote code execution, it can negatively impact integrity and confidentiality of PAN-OS.\n\nYou can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practices deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .\n\nThis issue does not affect Cloud NGFW or Prisma Access software." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:-:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:-:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:-:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h3:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h4:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:-:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "versionStartIncluding" : "11.2.0", "versionEndExcluding" : "11.2.4", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:-:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h3:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "versionStartIncluding" : "10.1.0", "versionEndExcluding" : "10.1.14", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:-:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h6:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h10:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h13:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h15:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h18:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h4:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h11:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h14:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h16:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h18:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h9:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h3:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h4:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h5:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h7:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h9:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h10:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:-:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:-:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h8:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "versionStartIncluding" : "10.2.0", "versionEndExcluding" : "10.2.7", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h12:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h16:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h18:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h19:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h21:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h19:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h19:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h3:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:-:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h4:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:-:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h3:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h12:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h14:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h15:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h4:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h9:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h5:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h6:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h7:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h10:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h11:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h13:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h16:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h17:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:-:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h4:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h7:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h3:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h4:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h6:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h9:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h8:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h3:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h5:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h6:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "versionStartIncluding" : "11.1.0", "versionEndExcluding" : "11.1.2", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h8:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h9:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h10:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h11:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h12:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h4:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h5:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h7:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h9:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h10:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h11:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h13:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h14:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h15:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h17:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h20:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h22:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h23:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h5:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h6:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h7:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h8:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h9:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h11:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h12:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h14:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h16:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h17:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h20:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h3:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h4:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h5:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h6:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h7:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h8:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h12:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h13:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h15:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h17:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h20:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h6:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h8:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h11:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h12:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h13:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h5:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h7:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h8:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h10:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h11:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h5:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h3:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h5:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h7:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.1.5:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "NONE", "baseScore" : 9.1, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.2 } }, "publishedDate" : "2025-02-12T21:15Z", "lastModifiedDate" : "2025-06-27T20:39Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0109", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/CVE-2024-0109", "name" : "https://security.paloaltonetworks.com/CVE-2024-0109", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An unauthenticated file deletion vulnerability in the Palo Alto Networks PAN-OS management web interface enables an unauthenticated attacker with network access to the management web interface to delete certain files as the “nobody” user; this includes limited logs and configuration files but does not include system files.\n\n\nYou can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practices deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .\n\nThis issue does not affect Cloud NGFW or Prisma Access software." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-12T21:15Z", "lastModifiedDate" : "2025-02-12T21:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0110", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/CVE-2025-0110", "name" : "https://security.paloaltonetworks.com/CVE-2025-0110", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A command injection vulnerability in the Palo Alto Networks PAN-OS OpenConfig plugin enables an authenticated administrator with the ability to make gNMI requests to the PAN-OS management web interface to bypass system restrictions and run arbitrary commands. The commands are run as the “__openconfig” user (which has the Device Administrator role) on the firewall.\n\nYou can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practices deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 ." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-12T21:15Z", "lastModifiedDate" : "2025-02-12T21:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0111", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-610" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/CVE-2025-0111", "name" : "https://security.paloaltonetworks.com/CVE-2025-0111", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user.\n\nYou can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practices deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .\n\n\n\nThis issue does not affect Cloud NGFW or Prisma Access software." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:-:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:-:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "versionStartIncluding" : "10.1.0", "versionEndExcluding" : "10.1.14", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:-:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h4:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h6:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h3:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:-:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "versionStartIncluding" : "11.2.0", "versionEndExcluding" : "11.2.4", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:-:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h8:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "versionStartIncluding" : "10.2.0", "versionEndExcluding" : "10.2.7", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h12:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h16:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h18:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h19:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h21:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h10:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h13:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h15:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h18:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h19:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h4:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h11:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h14:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h16:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h18:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h19:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h9:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "versionStartIncluding" : "10.2.10", "versionEndExcluding" : "10.2.12", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h3:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:-:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h4:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "versionStartIncluding" : "11.0.0", "versionEndExcluding" : "11.1.6", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:-:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h2:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 6.5, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 3.6 } }, "publishedDate" : "2025-02-12T21:15Z", "lastModifiedDate" : "2025-02-21T14:50Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0112", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/CVE-2025-0112", "name" : "https://security.paloaltonetworks.com/CVE-2025-0112", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows non-administrative privileges to disable the agent. This vulnerability can also be leveraged by malware to disable the Cortex XDR agent and then perform malicious activity." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-20T00:15Z", "lastModifiedDate" : "2025-02-20T00:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0113", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/CVE-2025-0113", "name" : "https://security.paloaltonetworks.com/CVE-2025-0113", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A problem with the network isolation mechanism of the Palo Alto Networks Cortex XDR Broker VM allows attackers unauthorized access to Docker containers from the host network used by Broker VM. This may allow access to read files sent for analysis and logs transmitted by the Cortex XDR Agent to the Cortex XDR server." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-12T21:15Z", "lastModifiedDate" : "2025-04-09T17:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0114", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/CVE-2025-0114", "name" : "https://security.paloaltonetworks.com/CVE-2025-0114", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software enables an unauthenticated attacker to render the service unavailable by sending a large number of specially crafted packets over a period of time. This issue affects both the GlobalProtect portal and the GlobalProtect gateway.\n\nThis issue does not apply to Cloud NGFWs or Prisma Access software." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-03-12T19:15Z", "lastModifiedDate" : "2025-03-12T19:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0115", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/CVE-2025-0115", "name" : "https://security.paloaltonetworks.com/CVE-2025-0115", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated admin on the PAN-OS CLI to read arbitrary files.\n\nThe attacker must have network access to the management interface (web, SSH, console, or telnet) and successfully authenticate to exploit this issue. You can greatly reduce the risk of this issue by restricting access to the management interface to only trusted users and internal IP addresses according to our recommended critical deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .\n\nThis issue does not affect Cloud NGFW or Prisma Access." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-03-12T19:15Z", "lastModifiedDate" : "2025-03-15T00:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0116", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/CVE-2025-0116", "name" : "https://security.paloaltonetworks.com/CVE-2025-0116", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A Denial of Service (DoS) vulnerability in Palo Alto Networks PAN-OS software causes the firewall to unexpectedly reboot when processing a specially crafted LLDP frame sent by an unauthenticated adjacent attacker. Repeated attempts to initiate this condition causes the firewall to enter maintenance mode.\n\nThis issue does not apply to Cloud NGFWs or Prisma Access software." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-03-12T19:15Z", "lastModifiedDate" : "2025-03-18T00:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0117", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/CVE-2025-0117", "name" : "https://security.paloaltonetworks.com/CVE-2025-0117", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A reliance on untrusted input for a security decision in the GlobalProtect app on Windows devices potentially enables a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\\SYSTEM.\n\nGlobalProtect App on macOS, Linux, iOS, Android, Chrome OS and GlobalProtect UWP App are not affected." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-03-12T19:15Z", "lastModifiedDate" : "2025-03-12T19:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0118", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/CVE-2025-0118", "name" : "https://security.paloaltonetworks.com/CVE-2025-0118", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a remote attacker to run ActiveX controls within the context of an authenticated Windows user. This enables the attacker to run commands as if they are a legitimate authenticated user. However, to exploit this vulnerability, the authenticated user must navigate to a malicious page during the GlobalProtect SAML login process on a Windows device.\n\nThis issue does not apply to the GlobalProtect app on other (non-Windows) platforms." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:windows:*:*", "versionStartIncluding" : "6.2.0", "versionEndExcluding" : "6.2.5", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:windows:*:*", "versionStartIncluding" : "6.0.0", "versionEndExcluding" : "6.0.11", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:windows:*:*", "versionStartIncluding" : "6.1.0", "versionEndExcluding" : "6.1.6", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:windows:*:*", "versionStartIncluding" : "6.3.0", "versionEndExcluding" : "6.3.3", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "REQUIRED", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 8.0, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 2.1, "impactScore" : 5.9 } }, "publishedDate" : "2025-03-12T19:15Z", "lastModifiedDate" : "2025-06-27T16:52Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0119", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/CVE-2025-0119", "name" : "https://security.paloaltonetworks.com/CVE-2025-0119", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A command injection vulnerability in the Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to execute arbitrary OS commands with root privileges on the host operating system running Broker VM." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-04-11T18:15Z", "lastModifiedDate" : "2025-04-15T18:39Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0120", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/CVE-2025-0120", "name" : "https://security.paloaltonetworks.com/CVE-2025-0120", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability with a privilege management mechanism in the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\\SYSTEM. However, execution requires that the local user can also successfully exploit a race condition, which makes this vulnerability difficult to exploit." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:windows:*:*", "versionStartIncluding" : "6.3.0", "versionEndExcluding" : "6.3.3", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:windows:*:*", "versionStartIncluding" : "6.0.0", "versionEndExcluding" : "6.0.12", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:windows:*:*", "versionStartIncluding" : "6.1.0", "versionEndExcluding" : "6.2.7-1077", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "LOCAL", "attackComplexity" : "HIGH", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 7.0, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 1.0, "impactScore" : 5.9 } }, "publishedDate" : "2025-04-11T02:15Z", "lastModifiedDate" : "2025-06-27T16:51Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0121", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/CVE-2025-0121", "name" : "https://security.paloaltonetworks.com/CVE-2025-0121", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A null pointer dereference vulnerability in the Palo Alto Networks Cortex® XDR agent on Windows devices allows a low-privileged local Windows user to crash the agent. Additionally, malware can use this vulnerability to perform malicious activity without Cortex XDR being able to detect it." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-04-11T02:15Z", "lastModifiedDate" : "2025-04-11T02:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0122", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/CVE-2025-0122", "name" : "https://security.paloaltonetworks.com/CVE-2025-0122", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A denial-of-service (DoS) vulnerability in Palo Alto Networks Prisma® SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to disrupt the packet processing capabilities of the device by sending a burst of crafted packets to that device." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-04-11T02:15Z", "lastModifiedDate" : "2025-04-11T02:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0123", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/CVE-2025-0123", "name" : "https://security.paloaltonetworks.com/CVE-2025-0123", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability in the Palo Alto Networks PAN-OS® software enables unlicensed administrators to view clear-text data captured using the packet capture feature https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-admin/monitoring/take-packet-captures/take-a-custom-packet-capture in decrypted HTTP/2 data streams traversing network interfaces on the firewall. HTTP/1.1 data streams are not impacted.\n\nIn normal conditions, decrypted packet captures are available to firewall administrators after they obtain and install a free Decryption Port Mirror license. The license requirement ensures that this feature can only be used after approved personnel purposefully activate the license. For more information, review how to configure decryption port mirroring https://docs.paloaltonetworks.com/network-security/decryption/administration/monitoring-decryption/configure-decryption-port-mirroring .\n\nThe administrator must obtain network access to the management interface (web, SSH, console, or telnet) and successfully authenticate to exploit this issue. Risk of this issue can be greatly reduced by restricting access to the management interface to only trusted administrators and from only internal IP addresses according to our recommended critical deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .\n\nCustomer firewall administrators do not have access to the packet capture feature in Cloud NGFW. This feature is available only to authorized Palo Alto Networks personnel permitted to perform troubleshooting.\n\nPrisma® Access is not impacted by this vulnerability." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-04-11T18:15Z", "lastModifiedDate" : "2025-04-15T18:39Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0124", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/CVE-2025-0124", "name" : "https://security.paloaltonetworks.com/CVE-2025-0124", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An authenticated file deletion vulnerability in the Palo Alto Networks PAN-OS® software enables an authenticated attacker with network access to the management web interface to delete certain files as the “nobody” user; this includes limited logs and configuration files but does not include system files.\n\nThe attacker must have network access to the management web interface to exploit this issue. You greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended critical deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .\n\nThis issue affects Cloud NGFW. However, this issue does not affect Prisma® Access software." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-04-11T02:15Z", "lastModifiedDate" : "2025-04-11T02:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0125", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/CVE-2025-0125", "name" : "https://security.paloaltonetworks.com/CVE-2025-0125", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables a malicious authenticated read-write administrator to impersonate another legitimate authenticated PAN-OS administrator.\n\n\nThe attacker must have network access to the management web interface to exploit this issue. You greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended critical deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .\n\nThis issue does not affect Cloud NGFW and all Prisma® Access instances." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-04-11T02:15Z", "lastModifiedDate" : "2025-04-11T02:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0126", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/CVE-2025-0126", "name" : "https://security.paloaltonetworks.com/CVE-2025-0126", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "When configured using SAML, a session fixation vulnerability in the GlobalProtect™ login enables an attacker to impersonate a legitimate authorized user and perform actions as that GlobalProtect user. This requires the legitimate user to first click on a malicious link provided by the attacker.\n\nThe SAML login for the PAN-OS® management interface is not affected. Additionally, this issue does not affect Cloud NGFW and all Prisma® Access instances are proactively patched." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-04-11T02:15Z", "lastModifiedDate" : "2025-04-11T02:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0127", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/CVE-2025-0127", "name" : "https://security.paloaltonetworks.com/CVE-2025-0127", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. This issue is only applicable to PAN-OS VM-Series. This issue does not affect firewalls that are already deployed.\n\nCloud NGFW and Prisma® Access are not affected by this vulnerability." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-04-11T02:15Z", "lastModifiedDate" : "2025-04-11T02:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0128", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/CVE-2025-0128", "name" : "https://security.paloaltonetworks.com/CVE-2025-0128", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A denial-of-service (DoS) vulnerability in the Simple Certificate Enrollment Protocol (SCEP) authentication feature of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode.\n\nCloud NGFW is not affected by this vulnerability. Prisma® Access software is proactively patched and protected from this issue." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-04-11T02:15Z", "lastModifiedDate" : "2025-04-11T02:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0129", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/PAN-SA-2025-0008", "name" : "https://security.paloaltonetworks.com/PAN-SA-2025-0008", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An improper exception check in Palo Alto Networks Prisma Access Browser allows a low privileged user to prevent Prisma Access Browser from applying it's Policy Rules. This enables the user to use Prisma Access Browser without any restrictions." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-04-11T23:15Z", "lastModifiedDate" : "2025-06-13T21:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0130", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/CVE-2025-0130", "name" : "https://security.paloaltonetworks.com/CVE-2025-0130", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A missing exception check in Palo Alto Networks PAN-OS® software with the web proxy feature enabled allows an unauthenticated attacker to send a burst of maliciously crafted packets that causes the firewall to become unresponsive and eventually reboot. Repeated successful attempts to trigger this condition will cause the firewall to enter maintenance mode.\n\nThis issue does not affect Cloud NGFW or Prisma Access." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-05-14T18:15Z", "lastModifiedDate" : "2025-05-14T18:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0131", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/CVE-2025-0131", "name" : "https://security.paloaltonetworks.com/CVE-2025-0131", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.opswat.com/docs/mdsdk/release-notes/cve-2025-0131", "name" : "https://www.opswat.com/docs/mdsdk/release-notes/cve-2025-0131", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An incorrect privilege management vulnerability in the OPSWAT MetaDefender Endpoint Security SDK used by the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\\SYSTEM. However, execution requires that the local user also successfully exploits a race condition, which makes this vulnerability difficult to exploit." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-05-14T19:15Z", "lastModifiedDate" : "2025-05-15T20:16Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0132", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/CVE-2025-0132", "name" : "https://security.paloaltonetworks.com/CVE-2025-0132", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A missing authentication vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an unauthenticated user to disable certain internal services on the Broker VM. \n\nThe attacker must have network access to the Broker VM to exploit this issue." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-05-14T19:15Z", "lastModifiedDate" : "2025-05-14T19:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0133", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/CVE-2025-0133", "name" : "https://security.paloaltonetworks.com/CVE-2025-0133", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect™ gateway and portal features of Palo Alto Networks PAN-OS® software enables execution of malicious JavaScript in the context of an authenticated Captive Portal user's browser when they click on a specially crafted link. The primary risk is phishing attacks that can lead to credential theft—particularly if you enabled Clientless VPN.\n\nThere is no availability impact to GlobalProtect features or GlobalProtect users. Attackers cannot use this vulnerability to tamper with or modify contents or configurations of the GlobalProtect portal or gateways. The integrity impact of this vulnerability is limited to enabling an attacker to create phishing and credential-stealing links that appear to be hosted on the GlobalProtect portal.\n\n\n\nFor GlobalProtect users with Clientless VPN enabled, there is a limited impact on confidentiality due to inherent risks of Clientless VPN that facilitate credential theft. You can read more about this risk in the informational bulletin PAN-SA-2025-0005 https://security.paloaltonetworks.com/PAN-SA-2025-0005 https://security.paloaltonetworks.com/PAN-SA-2025-0005 . There is no impact to confidentiality for GlobalProtect users if you did not enable (or you disable) Clientless VPN." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-05-14T19:15Z", "lastModifiedDate" : "2025-05-14T19:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0134", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/CVE-2025-0134", "name" : "https://security.paloaltonetworks.com/CVE-2025-0134", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A code injection vulnerability in the Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to execute arbitrary code with root privileges on the host operating system running Broker VM." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-05-14T19:15Z", "lastModifiedDate" : "2025-05-14T19:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0135", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/CVE-2025-0135", "name" : "https://security.paloaltonetworks.com/CVE-2025-0135", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS devices enables a locally authenticated non administrative user to disable the app.\n\nThe GlobalProtect app on Windows, Linux, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:macos:*:*", "versionStartIncluding" : "6.0.0", "versionEndExcluding" : "6.2.8", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:macos:*:*", "versionStartIncluding" : "6.3.0", "versionEndExcluding" : "6.3.3", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "attackVector" : "LOCAL", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "NONE", "availabilityImpact" : "LOW", "baseScore" : 3.3, "baseSeverity" : "LOW" }, "exploitabilityScore" : 1.8, "impactScore" : 1.4 } }, "publishedDate" : "2025-05-14T19:15Z", "lastModifiedDate" : "2025-06-27T16:50Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0136", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/CVE-2025-0136", "name" : "https://security.paloaltonetworks.com/CVE-2025-0136", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Using the AES-128-CCM algorithm for IPSec on certain Palo Alto Networks PAN-OS® firewalls (PA-7500, PA-5400, PA-5400f, PA-3400, PA-1600, PA-1400, and PA-400 Series) leads to unencrypted data transfer to devices that are connected to the PAN-OS firewall through IPSec.\n\nThis issue does not affect Cloud NGFWs, Prisma® Access instances, or PAN-OS VM-Series firewalls.\n\nNOTE: The AES-128-CCM encryption algorithm is not recommended for use." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-05-14T19:15Z", "lastModifiedDate" : "2025-05-14T19:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0137", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/CVE-2025-0137", "name" : "https://security.paloaltonetworks.com/CVE-2025-0137", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables a malicious authenticated read-write administrator to impersonate another legitimate authenticated PAN-OS administrator.\n\n\nThe attacker must have network access to the management web interface to exploit this issue. You greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended critical deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 ." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-05-14T19:15Z", "lastModifiedDate" : "2025-05-14T19:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0138", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/CVE-2025-0138", "name" : "https://security.paloaltonetworks.com/CVE-2025-0138", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Web sessions in the web interface of Palo Alto Networks Prisma® Cloud Compute Edition do not expire when users are deleted, which makes Prisma Cloud Compute Edition susceptible to unauthorized access.\n\nCompute in Prisma Cloud Enterprise Edition is not affected by this issue." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-05-14T19:15Z", "lastModifiedDate" : "2025-05-16T14:43Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0139", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/CVE-2025-0139", "name" : "https://security.paloaltonetworks.com/CVE-2025-0139", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An incorrect privilege assignment vulnerability in Palo Alto Networks Autonomous Digital Experience Manager allows a locally authenticated low privileged user on macOS endpoints to escalate their privileges to root." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-07-09T23:15Z", "lastModifiedDate" : "2025-07-09T23:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0140", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/CVE-2025-0140", "name" : "https://security.paloaltonetworks.com/CVE-2025-0140", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so.\n\nThe GlobalProtect app on Windows, Linux, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-07-09T23:15Z", "lastModifiedDate" : "2025-07-30T18:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0141", "ASSIGNER" : "psirt@paloaltonetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.paloaltonetworks.com/CVE-2025-0141", "name" : "https://security.paloaltonetworks.com/CVE-2025-0141", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on enables a locally authenticated non administrative user to escalate their privileges to root on macOS and Linux or NT AUTHORITY\\SYSTEM on Windows.\n\nThe GlobalProtect app on iOS, Android, Chrome OS and GlobalProtect UWP app are not affected." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-07-09T23:15Z", "lastModifiedDate" : "2025-07-10T01:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0142", "ASSIGNER" : "security@zoom.us" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.zoom.com/en/trust/security-bulletin/zsb-25001/", "name" : "https://www.zoom.com/en/trust/security-bulletin/zsb-25001/", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Cleartext storage of sensitive information in the Zoom Jenkins Marketplace plugin before version 1.4 may allow an authenticated user to conduct a disclosure of information via network access." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-30T20:15Z", "lastModifiedDate" : "2025-01-30T20:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0143", "ASSIGNER" : "security@zoom.us" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.zoom.com/en/trust/security-bulletin/zsb-25002/", "name" : "https://www.zoom.com/en/trust/security-bulletin/zsb-25002/", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Out-of-bounds write in the Zoom Workplace App for Linux before version 6.2.5 may allow an unauthorized user to conduct a denial of service via network access." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:linux:*:*", "versionEndExcluding" : "6.2.5", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:zoom:video_software_development_kit:*:*:*:*:*:linux:*:*", "versionEndExcluding" : "6.2.5", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:linux:*:*", "versionEndExcluding" : "6.2.5", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "REQUIRED", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "NONE", "availabilityImpact" : "HIGH", "baseScore" : 6.5, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 3.6 } }, "publishedDate" : "2025-01-30T20:15Z", "lastModifiedDate" : "2025-07-31T19:43Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0144", "ASSIGNER" : "security@zoom.us" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.zoom.com/en/trust/security-bulletin/zsb-25003/", "name" : "https://www.zoom.com/en/trust/security-bulletin/zsb-25003/", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Out-of-bounds write in some Zoom Workplace Apps may allow an authorized user to conduct a loss of integrity via network access." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-30T20:15Z", "lastModifiedDate" : "2025-01-30T20:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0145", "ASSIGNER" : "security@zoom.us" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.zoom.com/en/trust/security-bulletin/zsb-25004/", "name" : "https://www.zoom.com/en/trust/security-bulletin/zsb-25004/", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Untrusted search path in the installer for some Zoom Workplace Apps for Windows may allow an authorized user to conduct an escalation of privilege via local access." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-30T20:15Z", "lastModifiedDate" : "2025-01-30T20:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0146", "ASSIGNER" : "security@zoom.us" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.zoom.com/en/trust/security-bulletin/zsb-25005/", "name" : "https://www.zoom.com/en/trust/security-bulletin/zsb-25005/", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Symlink following in the installer for Zoom Workplace App for macOS before 6.2.10 may allow an authenticated user to conduct a denial of service via local access." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:zoom:rooms:*:*:*:*:*:macos:*:*", "versionEndExcluding" : "6.2.10", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:zoom:rooms_controller:*:*:*:*:*:macos:*:*", "versionEndExcluding" : "6.2.10", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:macos:*:*", "versionEndExcluding" : "6.2.10", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:macos:*:*", "versionEndExcluding" : "6.2.10", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:zoom:video_software_development_kit:*:*:*:*:*:macos:*:*", "versionEndExcluding" : "6.2.10", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", "attackVector" : "LOCAL", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "REQUIRED", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "NONE", "availabilityImpact" : "HIGH", "baseScore" : 5.0, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 1.3, "impactScore" : 3.6 } }, "publishedDate" : "2025-01-30T20:15Z", "lastModifiedDate" : "2025-08-01T01:25Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0147", "ASSIGNER" : "security@zoom.us" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.zoom.com/en/trust/security-bulletin/zsb-25006/", "name" : "https://www.zoom.com/en/trust/security-bulletin/zsb-25006/", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Type confusion in the Zoom Workplace App for Linux before 6.2.10 may allow an authorized user to conduct an escalation of privilege via network access." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:linux:*:*", "versionEndExcluding" : "6.2.10", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:zoom:video_software_development_kit:*:*:*:*:*:linux:*:*", "versionEndExcluding" : "6.2.10", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:linux:*:*", "versionEndExcluding" : "6.2.10", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-30T20:15Z", "lastModifiedDate" : "2025-08-01T01:21Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0148", "ASSIGNER" : "security@zoom.us" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.zoom.com/en/trust/security-bulletin/zsb-25007/", "name" : "https://www.zoom.com/en/trust/security-bulletin/zsb-25007/", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Missing password field masking in the Zoom Jenkins Marketplace plugin before version 1.6 may allow an unauthenticated user to conduct a disclosure of information via adjacent network access." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-03T23:15Z", "lastModifiedDate" : "2025-02-03T23:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0149", "ASSIGNER" : "security@zoom.us" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.zoom.com/en/trust/security-bulletin/zsb-25008/", "name" : "https://www.zoom.com/en/trust/security-bulletin/zsb-25008/", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Insufficient verification of data authenticity in some Zoom Workplace Apps may allow an unprivileged user to conduct a denial of service via network access." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:iphone_os:*:*", "versionEndExcluding" : "6.3.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:zoom:workplace:*:*:*:*:*:iphone_os:*:*", "versionEndExcluding" : "6.3.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:android:*:*", "versionEndExcluding" : "6.3.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:linux:*:*", "versionEndExcluding" : "6.3.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:macos:*:*", "versionEndExcluding" : "6.3.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:windows:*:*", "versionEndExcluding" : "6.3.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:windows:*:*", "versionEndExcluding" : "6.3.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:macos:*:*", "versionEndExcluding" : "6.3.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:linux:*:*", "versionEndExcluding" : "6.3.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:zoom:workplace:*:*:*:*:*:android:*:*", "versionEndExcluding" : "6.3.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:zoom:rooms_controller:*:*:*:*:*:windows:*:*", "versionEndExcluding" : "6.3.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:zoom:rooms_controller:*:*:*:*:*:macos:*:*", "versionEndExcluding" : "6.3.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:zoom:rooms_controller:*:*:*:*:*:linux:*:*", "versionEndExcluding" : "6.3.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:zoom:rooms_controller:*:*:*:*:*:android:*:*", "versionEndExcluding" : "6.3.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:zoom:rooms:*:*:*:*:*:windows:*:*", "versionEndExcluding" : "6.3.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:zoom:rooms:*:*:*:*:*:macos:*:*", "versionEndExcluding" : "6.3.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:zoom:rooms:*:*:*:*:*:android:*:*", "versionEndExcluding" : "6.3.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:zoom:rooms:*:*:*:*:*:ipados:*:*", "versionEndExcluding" : "6.3.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:zoom:workplace_virtual_desktop_infrastructure:*:*:*:*:*:windows:*:*", "versionEndExcluding" : "6.1.15", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:zoom:workplace_virtual_desktop_infrastructure:*:*:*:*:*:windows:*:*", "versionStartIncluding" : "6.1.16", "versionEndExcluding" : "6.2.10", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "NONE", "availabilityImpact" : "HIGH", "baseScore" : 7.5, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 3.9, "impactScore" : 3.6 } }, "publishedDate" : "2025-03-11T17:16Z", "lastModifiedDate" : "2025-08-19T17:38Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0150", "ASSIGNER" : "security@zoom.us" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.zoom.com/en/trust/security-bulletin/zsb-25009/", "name" : "https://www.zoom.com/en/trust/security-bulletin/zsb-25009/", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Incorrect behavior order in some Zoom Workplace Apps for iOS before version 6.3.0 may allow an authenticated user to conduct a denial of service via network access." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:iphone_os:*:*", "versionEndExcluding" : "6.3.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:zoom:workplace:*:*:*:*:*:iphone_os:*:*", "versionEndExcluding" : "6.3.0", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "NONE", "availabilityImpact" : "HIGH", "baseScore" : 6.5, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 3.6 } }, "publishedDate" : "2025-03-11T18:15Z", "lastModifiedDate" : "2025-08-01T14:33Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0151", "ASSIGNER" : "security@zoom.us" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.zoom.com/en/trust/security-bulletin/zsb-25010/", "name" : "https://www.zoom.com/en/trust/security-bulletin/zsb-25010/", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Use after free in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via network access." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-03-11T18:15Z", "lastModifiedDate" : "2025-03-11T18:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0154", "ASSIGNER" : "psirt@us.ibm.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-644" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.ibm.com/support/pages/node/7229880", "name" : "https://www.ibm.com/support/pages/node/7229880", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "IBM TXSeries for Multiplatforms 9.1 and 11.1 could disclose sensitive information to a remote attacker due to improper neutralization of HTTP headers." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:txseries_for_multiplatforms:9.1:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:txseries_for_multiplatforms:11.1:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 7.5, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 3.9, "impactScore" : 3.6 } }, "publishedDate" : "2025-04-02T16:17Z", "lastModifiedDate" : "2025-07-15T19:22Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0158", "ASSIGNER" : "psirt@us.ibm.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.ibm.com/support/pages/node/7182693", "name" : "https://www.ibm.com/support/pages/node/7182693", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "IBM EntireX 11.1 could allow a local user to cause a denial of service due to an unhandled error and fault isolation." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:entirex:11.1:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] } ] }, "impact" : { }, "publishedDate" : "2025-02-06T21:15Z", "lastModifiedDate" : "2025-07-08T20:06Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0159", "ASSIGNER" : "psirt@us.ibm.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-306" }, { "lang" : "en", "value" : "CWE-288" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.ibm.com/support/pages/node/7184182", "name" : "https://www.ibm.com/support/pages/node/7184182", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "IBM FlashSystem (IBM Storage Virtualize (8.5.0.0 through 8.5.0.13, 8.5.1.0, 8.5.2.0 through 8.5.2.3, 8.5.3.0 through 8.5.3.1, 8.5.4.0, 8.6.0.0 through 8.6.0.5, 8.6.1.0, 8.6.2.0 through 8.6.2.1, 8.6.3.0, 8.7.0.0 through 8.7.0.2, 8.7.1.0, 8.7.2.0 through 8.7.2.1) could allow a remote attacker to bypass RPCAdapter endpoint authentication by sending a specifically crafted HTTP request." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:storage_virtualize:*:*:*:*:*:*:*:*", "versionStartIncluding" : "8.5", "versionEndExcluding" : "8.5.0.14", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:storage_virtualize:*:*:*:*:*:*:*:*", "versionStartIncluding" : "8.5.2.0", "versionEndIncluding" : "8.5.2.3", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:storage_virtualize:*:*:*:*:*:*:*:*", "versionStartIncluding" : "8.6.0.0", "versionEndExcluding" : "8.6.0.6", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:storage_virtualize:*:*:*:*:*:*:*:*", "versionStartIncluding" : "8.7.0.0", "versionEndExcluding" : "8.7.0.3", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:storage_virtualize:8.5.1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:storage_virtualize:8.5.3.0:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:storage_virtualize:8.5.3.1:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:storage_virtualize:8.5.4.0:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:storage_virtualize:8.6.1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:storage_virtualize:8.6.2.0:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:storage_virtualize:8.6.2.1:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:storage_virtualize:8.6.3.0:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:storage_virtualize:8.7.1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:storage_virtualize:8.7.2.0:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:storage_virtualize:8.7.2.1:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "NONE", "baseScore" : 9.1, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.2 } }, "publishedDate" : "2025-02-28T19:15Z", "lastModifiedDate" : "2025-08-18T18:22Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0160", "ASSIGNER" : "psirt@us.ibm.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "NVD-CWE-noinfo" }, { "lang" : "en", "value" : "CWE-114" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.ibm.com/support/pages/node/7184182", "name" : "https://www.ibm.com/support/pages/node/7184182", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "IBM FlashSystem (IBM Storage Virtualize (8.5.0.0 through 8.5.0.13, 8.5.1.0, 8.5.2.0 through 8.5.2.3, 8.5.3.0 through 8.5.3.1, 8.5.4.0, 8.6.0.0 through 8.6.0.5, 8.6.1.0, 8.6.2.0 through 8.6.2.1, 8.6.3.0, 8.7.0.0 through 8.7.0.2, 8.7.1.0, 8.7.2.0 through 8.7.2.1) could allow a remote attacker with access to the system to execute arbitrary Java code due to improper restrictions in the RPCAdapter service." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:storage_virtualize:*:*:*:*:*:*:*:*", "versionStartIncluding" : "8.5", "versionEndExcluding" : "8.5.0.14", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:storage_virtualize:*:*:*:*:*:*:*:*", "versionStartIncluding" : "8.5.2.0", "versionEndIncluding" : "8.5.2.3", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:storage_virtualize:*:*:*:*:*:*:*:*", "versionStartIncluding" : "8.6.0.0", "versionEndExcluding" : "8.6.0.6", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:storage_virtualize:*:*:*:*:*:*:*:*", "versionStartIncluding" : "8.7.0.0", "versionEndExcluding" : "8.7.0.3", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:storage_virtualize:8.5.1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:storage_virtualize:8.5.3.0:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:storage_virtualize:8.5.3.1:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:storage_virtualize:8.5.4.0:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:storage_virtualize:8.6.1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:storage_virtualize:8.6.2.0:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:storage_virtualize:8.6.2.1:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:storage_virtualize:8.6.3.0:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:storage_virtualize:8.7.1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:storage_virtualize:8.7.2.0:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:storage_virtualize:8.7.2.1:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-02-28T19:15Z", "lastModifiedDate" : "2025-08-18T18:21Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0161", "ASSIGNER" : "psirt@us.ibm.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.ibm.com/support/pages/node/7183788", "name" : "https://www.ibm.com/support/pages/node/7183788", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "IBM Security Verify Access Appliance 10.0.0.0 through 10.0.0.9 and 11.0.0.0 could allow a local user to execute arbitrary code due to improper restrictions on code generation." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:security_verify_access:*:*:*:*:*:*:*:*", "versionStartIncluding" : "10.0.0", "versionEndIncluding" : "10.0.0.9", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:security_verify_access:11.0.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-02-20T16:15Z", "lastModifiedDate" : "2025-08-08T19:42Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0162", "ASSIGNER" : "psirt@us.ibm.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-611" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.ibm.com/support/pages/node/7185096", "name" : "https://www.ibm.com/support/pages/node/7185096", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "IBM Aspera Shares 1.9.9 through 1.10.0 PL7 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote authenticated attacker could exploit this vulnerability to expose sensitive information or consume memory resources." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:aspera_shares:1.10.0:patch_level2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:aspera_shares:1.10.0:patch_level1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:aspera_shares:1.10.0:-:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:aspera_shares:1.10.0:patch_level3:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:aspera_shares:1.10.0:patch_level4:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:aspera_shares:1.10.0:patch_level5:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:aspera_shares:*:*:*:*:*:*:*:*", "versionStartIncluding" : "1.9.9", "versionEndExcluding" : "1.10.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:aspera_shares:1.10.0:patch_level7:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:aspera_shares:1.10.0:patch_level6:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "NONE", "availabilityImpact" : "LOW", "baseScore" : 7.1, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 2.8, "impactScore" : 4.2 } }, "publishedDate" : "2025-03-07T17:15Z", "lastModifiedDate" : "2025-03-13T02:22Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0163", "ASSIGNER" : "psirt@us.ibm.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-204" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.ibm.com/support/pages/node/7236314", "name" : "https://www.ibm.com/support/pages/node/7236314", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "IBM Security Verify Access Appliance and Docker 10.0 through 10.0.8 could allow a remote attacker to enumerate usernames due to an observable response discrepancy of disabled accounts." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:security_verify_access:*:*:*:*:*:*:*:*", "versionStartIncluding" : "10.0.0", "versionEndExcluding" : "10.0.9", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:security_verify_access_docker:*:*:*:*:*:*:*:*", "versionStartIncluding" : "10.0.0", "versionEndExcluding" : "10.0.9", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 5.3, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 3.9, "impactScore" : 1.4 } }, "publishedDate" : "2025-06-11T15:15Z", "lastModifiedDate" : "2025-08-13T14:31Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0167", "ASSIGNER" : "cve@curl.se" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "NVD-CWE-noinfo" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://curl.se/docs/CVE-2025-0167.html", "name" : "www", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://curl.se/docs/CVE-2025-0167.json", "name" : "json", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://hackerone.com/reports/2917232", "name" : "issue", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ] }, { "url" : "https://curl.se/docs/CVE-2025-0167.html", "name" : "https://curl.se/docs/CVE-2025-0167.html", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://security.netapp.com/advisory/ntap-20250306-0008/", "name" : "https://security.netapp.com/advisory/ntap-20250306-0008/", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "When asked to use a `.netrc` file for credentials **and** to follow HTTP\nredirects, curl could leak the password used for the first host to the\nfollowed-to host under certain circumstances.\n\nThis flaw only manifests itself if the netrc file has a `default` entry that\nomits both login and password. A rare circumstance." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*", "versionStartIncluding" : "7.76.0", "versionEndExcluding" : "8.12.0", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:netapp:solidfire_\\&_hci_management_node:-:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:netapp:solidfire_\\&_hci_storage_node:-:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:netapp:ontap:9:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:netapp:ontap_tools:9:*:*:*:*:vmware_vsphere:*:*", "cpe_name" : [ ] } ] }, { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:netapp:bootstrap_os:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] }, { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] }, { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] }, { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] }, { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] }, { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:netapp:h610c_firmware:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:h:netapp:h610c:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] }, { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] }, { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:netapp:h615c_firmware:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:h:netapp:h615c:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] }, { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] } ] }, "impact" : { }, "publishedDate" : "2025-02-05T10:15Z", "lastModifiedDate" : "2025-07-30T19:41Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0168", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://github.com/UnrealdDei/cve/blob/main/sql11.md", "name" : "https://github.com/UnrealdDei/cve/blob/main/sql11.md", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.289917", "name" : "VDB-289917 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.289917", "name" : "VDB-289917 | code-projects Job Recruitment _feedback_system.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.473107", "name" : "Submit #473107 | code-projects job-recruitment-php v1.0 Sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as critical has been found in code-projects Job Recruitment 1.0. This affects an unknown part of the file /_parse/_feedback_system.php. The manipulation of the argument person leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:anisha:job_recruitment:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 7.5, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 3.9, "impactScore" : 3.6 } }, "publishedDate" : "2025-01-01T14:15Z", "lastModifiedDate" : "2025-02-25T21:26Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0169", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://themeforest.net/item/dwt-listing-directory-listing-wordpress-theme/21976132", "name" : "https://themeforest.net/item/dwt-listing-directory-listing-wordpress-theme/21976132", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/be0c29a3-0b78-4259-a514-c3674d9d5d55?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/be0c29a3-0b78-4259-a514-c3674d9d5d55?source=cve", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The DWT - Directory & Listing WordPress Theme is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 3.3.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:scriptsbundle:dwt_listing:*:*:*:*:*:wordpress:*:*", "versionEndExcluding" : "3.3.5", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 5.4, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.3, "impactScore" : 2.7 } }, "publishedDate" : "2025-02-08T23:15Z", "lastModifiedDate" : "2025-02-11T18:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0170", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://scriptsbundle.gitbook.io/dwt-directory-and-listing-wordpress-theme", "name" : "https://scriptsbundle.gitbook.io/dwt-directory-and-listing-wordpress-theme", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/d607e7c0-7812-4c77-a763-6095677b3525?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/d607e7c0-7812-4c77-a763-6095677b3525?source=cve", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The DWT - Directory & Listing WordPress Theme is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 3.3.3 due to insufficient input sanitization and output escaping on the 'sort_by' and 'token' parameters. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 6.1, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 2.7 } }, "publishedDate" : "2025-01-16T02:15Z", "lastModifiedDate" : "2025-01-16T02:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0171", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://github.com/Sinon2003/cve/blob/main/sql_inject1.md", "name" : "https://github.com/Sinon2003/cve/blob/main/sql_inject1.md", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://github.com/Sinon2003/cve/blob/main/sql_inject1.md", "name" : "https://github.com/Sinon2003/cve/blob/main/sql_inject1.md", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.289938", "name" : "VDB-289938 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.289938", "name" : "VDB-289938 | code-projects Chat System deleteuser.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.473143", "name" : "Submit #473143 | Code-projects Chat System 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as critical, was found in code-projects Chat System 1.0. Affected is an unknown function of the file /admin/deleteuser.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:code-projects:chat_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 7.5, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 3.9, "impactScore" : 3.6 } }, "publishedDate" : "2025-01-02T15:15Z", "lastModifiedDate" : "2025-04-03T14:20Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0172", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://github.com/Sinon2003/cve/blob/main/chatsystem/sql_inject2.md", "name" : "https://github.com/Sinon2003/cve/blob/main/chatsystem/sql_inject2.md", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://github.com/Sinon2003/cve/blob/main/chatsystem/sql_inject2.md", "name" : "https://github.com/Sinon2003/cve/blob/main/chatsystem/sql_inject2.md", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.289939", "name" : "VDB-289939 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.289939", "name" : "VDB-289939 | code-projects Chat System deleteroom.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.473153", "name" : "Submit #473153 | Code-projects Chat System 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability has been found in code-projects Chat System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/deleteroom.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:code-projects:chat_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 7.5, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 3.9, "impactScore" : 3.6 } }, "publishedDate" : "2025-01-02T16:15Z", "lastModifiedDate" : "2025-04-03T14:16Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0173", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/listlonely/cve/blob/main/sql.md", "name" : "https://github.com/listlonely/cve/blob/main/sql.md", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.289940", "name" : "VDB-289940 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.289940", "name" : "VDB-289940 | SourceCodester Online Eyewear Shop view_order.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.473163", "name" : "Submit #473163 | sourcecodester Online Eyewear Shop Website v1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://www.sourcecodester.com/", "name" : "https://www.sourcecodester.com/", "refsource" : "", "tags" : [ "Product" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in SourceCodester Online Eyewear Shop 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /orders/view_order.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:oretnom23:online_eyewear_shop:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 7.5, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 3.9, "impactScore" : 3.6 } }, "publishedDate" : "2025-01-02T18:15Z", "lastModifiedDate" : "2025-02-10T14:44Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0174", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://gist.github.com/Masamuneee/ca3f96ac0ec34bb7c1dd4bfd180f11bb", "name" : "https://gist.github.com/Masamuneee/ca3f96ac0ec34bb7c1dd4bfd180f11bb", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290103", "name" : "VDB-290103 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.290103", "name" : "VDB-290103 | code-projects Point of Sales and Inventory Management System Parameter search_result2.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.473330", "name" : "Submit #473330 | code-projects POS(point of sales) and Inventory System 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0. It has been classified as critical. This affects an unknown part of the file /user/search_result2.php of the component Parameter Handler. The manipulation of the argument search leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:code-projects:point_of_sales_and_inventory_management_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 6.5, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 3.6 } }, "publishedDate" : "2025-01-03T01:15Z", "lastModifiedDate" : "2025-02-25T22:42Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0175", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://gist.github.com/th4s1s/fc65dafa7237cc66a18ef6005075c31b", "name" : "https://gist.github.com/th4s1s/fc65dafa7237cc66a18ef6005075c31b", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290104", "name" : "VDB-290104 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.290104", "name" : "VDB-290104 | code-projects Online Shop view.php cross site scripting", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.473333", "name" : "Submit #473333 | code-projects Online Shop IN PHP, CSS, JavaScript, AND MYSQL 1.0 Cross Site Scripting", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in code-projects Online Shop 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /view.php. The manipulation of the argument name/details leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:anisha:online_shop:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 6.1, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 2.7 } }, "publishedDate" : "2025-01-03T01:15Z", "lastModifiedDate" : "2025-02-25T22:42Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0176", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://gist.github.com/Masamuneee/9c539b89dad40033a5037b744e394ae0", "name" : "https://gist.github.com/Masamuneee/9c539b89dad40033a5037b744e394ae0", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://gist.github.com/Masamuneee/9c539b89dad40033a5037b744e394ae0", "name" : "https://gist.github.com/Masamuneee/9c539b89dad40033a5037b744e394ae0", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290105", "name" : "VDB-290105 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.290105", "name" : "VDB-290105 | code-projects Point of Sales and Inventory Management System add_cart.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.473347", "name" : "Submit #473347 | code-projects POS(point of sales) and Inventory System 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /user/add_cart.php. The manipulation of the argument id/qty leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:code-projects:point_of_sales_and_inventory_management_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 7.5, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 3.9, "impactScore" : 3.6 } }, "publishedDate" : "2025-01-03T02:15Z", "lastModifiedDate" : "2025-04-03T14:10Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0177", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "NVD-CWE-noinfo" }, { "lang" : "en", "value" : "CWE-269" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://themeforest.net/item/javo-directory-wordpress-theme/8390513#item-description__update-history", "name" : "https://themeforest.net/item/javo-directory-wordpress-theme/8390513#item-description__update-history", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/7d636768-37b4-4343-9028-30e7b1f997f2?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/7d636768-37b4-4343-9028-30e7b1f997f2?source=cve", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The Javo Core plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.0.0.080. This is due to the plugin allowing users who are registering new accounts to set their own role. This makes it possible for unauthenticated attackers to gain elevated privileges by creating an account with the administrator role." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:javothemes:javo_core:*:*:*:*:*:wordpress:*:*", "versionEndExcluding" : "3.0.0.266", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-03-08T09:15Z", "lastModifiedDate" : "2025-03-13T13:05Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0178", "ASSIGNER" : "security@watchguard.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00003", "name" : "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00003", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Improper Input Validation vulnerability in WatchGuard Fireware OS allows an attacker to manipulate the value of the HTTP Host header in requests sent to the Web UI. An attacker could exploit this vulnerability to redirect users to malicious websites, poison the web cache, or inject malicious JavaScript into responses sent by the Web UI.\nThis issue affects Fireware OS: from 12.0 up to and including 12.11." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-14T14:15Z", "lastModifiedDate" : "2025-02-14T14:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0180", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-269" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://themeforest.net/item/food-bakery-restaurant-bakery-responsive-wordpress-theme/18970331", "name" : "https://themeforest.net/item/food-bakery-restaurant-bakery-responsive-wordpress-theme/18970331", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/d7140a6e-a528-428e-850e-5e4a481c5d7d?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/d7140a6e-a528-428e-850e-5e4a481c5d7d?source=cve", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The WP Foodbakery plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.3. This is due to the plugin not properly restricting what user meta can be updated during profile registration. This makes it possible for unauthenticated attackers to register on the site as an administrator." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-02-11T07:15Z", "lastModifiedDate" : "2025-02-11T07:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0181", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-288" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://themeforest.net/item/food-bakery-restaurant-bakery-responsive-wordpress-theme/18970331", "name" : "https://themeforest.net/item/food-bakery-restaurant-bakery-responsive-wordpress-theme/18970331", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/d722ec8d-bfca-4da1-8eb0-8d33735c5e44?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/d722ec8d-bfca-4da1-8eb0-8d33735c5e44?source=cve", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The WP Foodbakery plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.7. This is due to the plugin not properly validating a user's identity prior to setting the current user and their authentication cookie. This makes it possible for unauthenticated attackers to gain access to a target user's (e.g. administrators) account." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-02-11T07:15Z", "lastModifiedDate" : "2025-02-11T07:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0182", "ASSIGNER" : "security@huntr.dev" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-400" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://huntr.com/bounties/969b8056-b66c-4d70-8f77-04c1cbdc1d1a", "name" : "https://huntr.com/bounties/969b8056-b66c-4d70-8f77-04c1cbdc1d1a", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability in danswer-ai/danswer version 0.9.0 allows for denial of service through memory exhaustion. The issue arises from the use of a vulnerable version of the starlette package (<=0.49) via fastapi, which was patched in fastapi version 0.115.3. The vulnerability can be exploited by sending multiple requests to the /auth/saml/callback endpoint, leading to uncontrolled memory consumption and eventual denial of service." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-03-20T10:15Z", "lastModifiedDate" : "2025-03-20T10:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0183", "ASSIGNER" : "security@huntr.dev" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://huntr.com/bounties/53bced90-64a9-4ca2-8f2f-282c4ce84d1f", "name" : "https://huntr.com/bounties/53bced90-64a9-4ca2-8f2f-282c4ce84d1f", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A stored cross-site scripting (XSS) vulnerability exists in the Latex Proof-Reading Module of binary-husky/gpt_academic version 3.9.0. This vulnerability allows an attacker to inject malicious scripts into the `debug_log.html` file generated by the module. When an admin visits this debug report, the injected scripts can execute, potentially leading to unauthorized actions and data access." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:binary-husky:gpt_academic:3.90:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-03-20T10:15Z", "lastModifiedDate" : "2025-08-01T01:53Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0184", "ASSIGNER" : "security@huntr.dev" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-918" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/langgenius/dify/commit/c135ec4b08d946a1a1d3a198a1d72c1ccf47250f", "name" : "https://github.com/langgenius/dify/commit/c135ec4b08d946a1a1d3a198a1d72c1ccf47250f", "refsource" : "", "tags" : [ "Patch" ] }, { "url" : "https://huntr.com/bounties/a7eac4ae-5d5e-4ac1-894b-7a8cce5cba9b", "name" : "https://huntr.com/bounties/a7eac4ae-5d5e-4ac1-894b-7a8cce5cba9b", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A Server-Side Request Forgery (SSRF) vulnerability was identified in langgenius/dify version 0.10.2. The vulnerability occurs in the 'Create Knowledge' section when uploading DOCX files. If an external relationship exists in the DOCX file, the reltype value is requested as a URL using the 'requests' module instead of the 'ssrf_proxy', leading to an SSRF vulnerability. This issue was fixed in version 0.11.0." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:langgenius:dify:*:*:*:*:*:node.js:*:*", "versionEndExcluding" : "0.11.0", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-03-20T10:15Z", "lastModifiedDate" : "2025-07-15T15:41Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0185", "ASSIGNER" : "security@huntr.dev" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-94" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://huntr.com/bounties/7d9eb9b2-7b86-45ed-89bd-276c1350db7e", "name" : "https://huntr.com/bounties/7d9eb9b2-7b86-45ed-89bd-276c1350db7e", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ] }, { "url" : "https://huntr.com/bounties/7d9eb9b2-7b86-45ed-89bd-276c1350db7e", "name" : "https://huntr.com/bounties/7d9eb9b2-7b86-45ed-89bd-276c1350db7e", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability in the Dify Tools' Vanna module of the langgenius/dify repository allows for a Pandas Query Injection in the latest version. The vulnerability occurs in the function `vn.get_training_plan_generic(df_information_schema)`, which does not properly sanitize user inputs before executing queries using the Pandas library. This can potentially lead to Remote Code Execution (RCE) if exploited." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:dify:dify:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 8.8, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 2.8, "impactScore" : 5.9 } }, "publishedDate" : "2025-03-20T10:15Z", "lastModifiedDate" : "2025-03-27T19:18Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0187", "ASSIGNER" : "security@huntr.dev" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-400" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://huntr.com/bounties/77f3ed54-9e1c-4d9f-948f-ee6f82e2fe24", "name" : "https://huntr.com/bounties/77f3ed54-9e1c-4d9f-948f-ee6f82e2fe24", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A Denial of Service (DoS) vulnerability was discovered in the file upload feature of gradio-app/gradio version 0.39.1. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. By sending a payload with an excessively large filename, the server becomes overwhelmed and unresponsive, leading to unavailability for legitimate users." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gradio_project:gradio:0.39.1:*:*:*:*:python:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-03-20T10:15Z", "lastModifiedDate" : "2025-08-01T18:09Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0188", "ASSIGNER" : "security@huntr.dev" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-918" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://huntr.com/bounties/879d2470-eca5-49c0-b3d1-57469cfff412", "name" : "https://huntr.com/bounties/879d2470-eca5-49c0-b3d1-57469cfff412", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A Server-Side Request Forgery (SSRF) vulnerability was discovered in gaizhenbiao/chuanhuchatgpt version 20240914. The vulnerability allows an attacker to construct a response link by saving the response in a folder named after the SHA-1 hash of the target URL. This enables the attacker to access the response directly, potentially leading to unauthorized access to internal systems, data theft, service disruption, or further attacks such as port scanning and accessing metadata endpoints." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20240914:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-03-20T10:15Z", "lastModifiedDate" : "2025-07-09T18:06Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0189", "ASSIGNER" : "security@huntr.dev" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "NVD-CWE-noinfo" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://huntr.com/bounties/e4c9bf41-72cf-4d04-baaf-8f12b5b7926e", "name" : "https://huntr.com/bounties/e4c9bf41-72cf-4d04-baaf-8f12b5b7926e", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "In version 3.25.0 of aimhubio/aim, the tracking server is vulnerable to a denial of service attack. The server overrides the maximum size for websocket messages, allowing very large images to be tracked. This causes the server to become unresponsive to other requests while processing the large image, leading to a denial of service condition." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:aimstack:aim:3.25.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "NONE", "availabilityImpact" : "HIGH", "baseScore" : 7.5, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 3.9, "impactScore" : 3.6 } }, "publishedDate" : "2025-03-20T10:15Z", "lastModifiedDate" : "2025-03-28T14:31Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0190", "ASSIGNER" : "security@huntr.dev" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "NVD-CWE-Other" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://huntr.com/bounties/38d151f1-abb4-443a-86b0-6c26f0c6cb70", "name" : "https://huntr.com/bounties/38d151f1-abb4-443a-86b0-6c26f0c6cb70", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "In version 3.25.0 of aimhubio/aim, a denial of service vulnerability exists. By tracking a large number of `Text` objects and then querying them simultaneously through the web API, the Aim web server becomes unresponsive to other requests for an extended period while processing and returning these objects. This vulnerability can be exploited repeatedly, leading to a complete denial of service." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:aimstack:aim:3.25.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "NONE", "availabilityImpact" : "HIGH", "baseScore" : 7.5, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 3.9, "impactScore" : 3.6 } }, "publishedDate" : "2025-03-20T10:15Z", "lastModifiedDate" : "2025-03-28T14:28Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0191", "ASSIGNER" : "security@huntr.dev" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "NVD-CWE-noinfo" }, { "lang" : "en", "value" : "CWE-400" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://huntr.com/bounties/c89a1dfd-a733-41b3-af20-6ef6024361eb", "name" : "https://huntr.com/bounties/c89a1dfd-a733-41b3-af20-6ef6024361eb", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A Denial of Service (DoS) vulnerability exists in the file upload feature of gaizhenbiao/chuanhuchatgpt version 20240914. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. By sending a payload with an excessively large filename, the server becomes overwhelmed and unresponsive, leading to unavailability for legitimate users." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20240914:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-03-20T10:15Z", "lastModifiedDate" : "2025-07-09T18:01Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0192", "ASSIGNER" : "security@huntr.dev" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://huntr.com/bounties/5f82c722-b674-456a-8691-a6565bf90e39", "name" : "https://huntr.com/bounties/5f82c722-b674-456a-8691-a6565bf90e39", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A stored Cross-site Scripting (XSS) vulnerability exists in the latest version of wandb/openui. The vulnerability is present in the edit HTML functionality, where an attacker can inject malicious scripts. When the modified HTML is shared with another user, the XSS payload executes, potentially leading to the theft of user prompt history and other sensitive information." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-03-20T10:15Z", "lastModifiedDate" : "2025-03-20T10:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0193", "ASSIGNER" : "psirt@moxa.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-247733-cve-2025-0193-stored-cross-site-scripting-(xss)-vulnerability-in-the-mgate-5121-5122-5123-series", "name" : "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-247733-cve-2025-0193-stored-cross-site-scripting-(xss)-vulnerability-in-the-mgate-5121-5122-5123-series", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A stored Cross-site Scripting (XSS) vulnerability exists in the MGate 5121/5122/5123 Series firmware version v1.0 because of insufficient sanitization and encoding of user input in the \"Login Message\" functionality. An authenticated attacker with administrative access can exploit this vulnerability to inject malicious scripts that are continuously stored on the device. These scripts are executed when other users access the login page, potentially resulting in unauthorized actions or other impacts, depending on the user's privileges." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-15T11:15Z", "lastModifiedDate" : "2025-01-15T11:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0194", "ASSIGNER" : "cve@gitlab.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://about.gitlab.com/releases/2025/01/08/patch-release-gitlab-17-7-1-released/#possible-access-token-exposure-in-gitlab-logs", "name" : "https://about.gitlab.com/releases/2025/01/08/patch-release-gitlab-17-7-1-released/#possible-access-token-exposure-in-gitlab-logs", "refsource" : "", "tags" : [ "Release Notes" ] }, { "url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/489459", "name" : "GitLab Issue #489459", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An issue was discovered in GitLab CE/EE affecting all versions starting from 17.4 prior to 17.5.5, starting from 17.6 prior to 17.6.3, and starting from 17.7 prior to 17.7.1. Under certain conditions, access tokens may have been logged when API requests were made in a specific manner." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "versionStartIncluding" : "17.4.0", "versionEndExcluding" : "17.5.5", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "versionStartIncluding" : "17.6.0", "versionEndExcluding" : "17.6.3", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "versionStartIncluding" : "17.7.0", "versionEndExcluding" : "17.7.1", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding" : "17.4.0", "versionEndExcluding" : "17.5.5", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding" : "17.6.0", "versionEndExcluding" : "17.6.3", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding" : "17.7.0", "versionEndExcluding" : "17.7.1", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-01-08T20:15Z", "lastModifiedDate" : "2025-07-11T20:34Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0195", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://gist.github.com/Masamuneee/1ac717728823d58ef365a418c8f39810", "name" : "https://gist.github.com/Masamuneee/1ac717728823d58ef365a418c8f39810", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290132", "name" : "VDB-290132 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.290132", "name" : "VDB-290132 | code-projects Point of Sales and Inventory Management System del_product.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.473349", "name" : "Submit #473349 | code-projects POS(point of sales) and Inventory System 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /user/del_product.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:code-projects:point_of_sales_and_inventory_management_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 6.5, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 3.6 } }, "publishedDate" : "2025-01-03T18:15Z", "lastModifiedDate" : "2025-02-25T22:42Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0196", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://gist.github.com/Masamuneee/13b0a6384f0c07e8db462df9cb18fd47", "name" : "https://gist.github.com/Masamuneee/13b0a6384f0c07e8db462df9cb18fd47", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290133", "name" : "VDB-290133 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.290133", "name" : "VDB-290133 | code-projects Point of Sales and Inventory Management System plist.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.473350", "name" : "Submit #473350 | code-projects POS(point of sales) and Inventory System 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as critical has been found in code-projects Point of Sales and Inventory Management System 1.0. This affects an unknown part of the file /user/plist.php. The manipulation of the argument cat leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:code-projects:point_of_sales_and_inventory_management_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 6.5, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 3.6 } }, "publishedDate" : "2025-01-03T19:15Z", "lastModifiedDate" : "2025-02-25T22:43Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0197", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://gist.github.com/Masamuneee/07a787e5a4599954c178baf90eeb553c", "name" : "https://gist.github.com/Masamuneee/07a787e5a4599954c178baf90eeb553c", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290134", "name" : "VDB-290134 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.290134", "name" : "VDB-290134 | code-projects Point of Sales and Inventory Management System search.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.473362", "name" : "Submit #473362 | code-projects POS(point of sales) and Inventory System 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as critical was found in code-projects Point of Sales and Inventory Management System 1.0. This vulnerability affects unknown code of the file /user/search.php. The manipulation of the argument name leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:code-projects:point_of_sales_and_inventory_management_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 6.5, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 3.6 } }, "publishedDate" : "2025-01-03T20:15Z", "lastModifiedDate" : "2025-02-25T22:43Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0198", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://gist.github.com/Masamuneee/86580188bf42580c0ae70ae4d247e6df", "name" : "https://gist.github.com/Masamuneee/86580188bf42580c0ae70ae4d247e6df", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290135", "name" : "VDB-290135 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.290135", "name" : "VDB-290135 | code-projects Point of Sales and Inventory Management System search_result.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.473383", "name" : "Submit #473383 | code-projects POS(point of sales) and Inventory System 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as critical, has been found in code-projects Point of Sales and Inventory Management System 1.0. This issue affects some unknown processing of the file /user/search_result.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:code-projects:point_of_sales_and_inventory_management_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 6.5, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 3.6 } }, "publishedDate" : "2025-01-03T21:15Z", "lastModifiedDate" : "2025-02-25T22:43Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0199", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://gist.github.com/Masamuneee/eff0a0865d54305faa78624e63172a92", "name" : "https://gist.github.com/Masamuneee/eff0a0865d54305faa78624e63172a92", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290136", "name" : "VDB-290136 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.290136", "name" : "VDB-290136 | code-projects Point of Sales and Inventory Management System minus_cart.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.473384", "name" : "Submit #473384 | code-projects POS(point of sales) and Inventory System 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as critical, was found in code-projects Point of Sales and Inventory Management System 1.0. Affected is an unknown function of the file /user/minus_cart.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:code-projects:point_of_sales_and_inventory_management_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 6.5, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 3.6 } }, "publishedDate" : "2025-01-03T23:15Z", "lastModifiedDate" : "2025-02-25T22:43Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0200", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://gist.github.com/Masamuneee/f238db57d8b1947d000cadf634a8387e", "name" : "https://gist.github.com/Masamuneee/f238db57d8b1947d000cadf634a8387e", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290137", "name" : "VDB-290137 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.290137", "name" : "VDB-290137 | code-projects Point of Sales and Inventory Management System search_num.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.473386", "name" : "Submit #473386 | code-projects POS(point of sales) and Inventory System 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability has been found in code-projects Point of Sales and Inventory Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /user/search_num.php. The manipulation of the argument search leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:code-projects:point_of_sales_and_inventory_management_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 6.5, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 3.6 } }, "publishedDate" : "2025-01-04T03:15Z", "lastModifiedDate" : "2025-02-25T22:44Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0201", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://gist.github.com/Masamuneee/645d20dd1dc6389dd47a7fae0bb2cefa", "name" : "https://gist.github.com/Masamuneee/645d20dd1dc6389dd47a7fae0bb2cefa", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290138", "name" : "VDB-290138 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.290138", "name" : "VDB-290138 | code-projects Point of Sales and Inventory Management System update_account.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.473418", "name" : "Submit #473418 | code-projects POS(point of sales) and Inventory System 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /user/update_account.php. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:code-projects:point_of_sales_and_inventory_management_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 6.5, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 3.6 } }, "publishedDate" : "2025-01-04T04:15Z", "lastModifiedDate" : "2025-02-25T22:44Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0202", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://vuldb.com/?ctiid.290139", "name" : "VDB-290139 | CTI Indicators (IOB, IOC, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.290139", "name" : "VDB-290139 | TCS BaNCS REPORTS_SHOW_FILE.jsp file inclusion", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.469455", "name" : "Submit #469455 | TCS BaNCS Version 10 Local File Inclusion Vulnerability", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in TCS BaNCS 10. It has been classified as problematic. This affects an unknown part of the file /REPORTS/REPORTS_SHOW_FILE.jsp. The manipulation of the argument FilePath leads to file inclusion. The real existence of this vulnerability is still doubted at the moment." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-04T05:15Z", "lastModifiedDate" : "2025-01-22T07:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0203", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://gist.github.com/th4s1s/e8488d7e35d789581979f3b7e4c48b1f", "name" : "https://gist.github.com/th4s1s/e8488d7e35d789581979f3b7e4c48b1f", "refsource" : "", "tags" : [ "Exploit" ] }, { "url" : "https://vuldb.com/?ctiid.290140", "name" : "VDB-290140 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required" ] }, { "url" : "https://vuldb.com/?id.290140", "name" : "VDB-290140 | code-projects Student Management System DbFunction.php showSubject1 sql injection", "refsource" : "", "tags" : [ "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?submit.473410", "name" : "Submit #473410 | code-projects Student Management System 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in code-projects Student Management System 1.0. It has been declared as critical. This vulnerability affects the function showSubject1 of the file /config/DbFunction.php. The manipulation of the argument sid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:code-projects:student_management_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-04T07:15Z", "lastModifiedDate" : "2025-01-22T15:47Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0204", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://gist.github.com/th4s1s/6f0b3fcf85455238b4316d0fda7d489e", "name" : "https://gist.github.com/th4s1s/6f0b3fcf85455238b4316d0fda7d489e", "refsource" : "", "tags" : [ "Exploit" ] }, { "url" : "https://vuldb.com/?ctiid.290141", "name" : "VDB-290141 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required" ] }, { "url" : "https://vuldb.com/?id.290141", "name" : "VDB-290141 | code-projects Online Shoe Store details.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?submit.474031", "name" : "Submit #474031 | code-projects Online Shoe Store 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in code-projects Online Shoe Store 1.0. It has been rated as critical. This issue affects some unknown processing of the file /details.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:code-projects:online_shoe_store:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-04T08:15Z", "lastModifiedDate" : "2025-01-22T15:42Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0205", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://gist.github.com/th4s1s/832bc65fadd7d49894f68a75f834c7f3", "name" : "https://gist.github.com/th4s1s/832bc65fadd7d49894f68a75f834c7f3", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290142", "name" : "VDB-290142 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required" ] }, { "url" : "https://vuldb.com/?id.290142", "name" : "VDB-290142 | code-projects Online Shoe Store details2.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?submit.474032", "name" : "Submit #474032 | code-projects Online Shoe Store 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as critical has been found in code-projects Online Shoe Store 1.0. Affected is an unknown function of the file /details2.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:code-projects:online_shoe_store:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-04T09:15Z", "lastModifiedDate" : "2025-01-22T15:33Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0206", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "NVD-CWE-noinfo" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://gist.github.com/th4s1s/955b71b20235dddf30689d4b85b4d271", "name" : "https://gist.github.com/th4s1s/955b71b20235dddf30689d4b85b4d271", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290143", "name" : "VDB-290143 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required" ] }, { "url" : "https://vuldb.com/?id.290143", "name" : "VDB-290143 | code-projects Online Shoe Store index.php access control", "refsource" : "", "tags" : [ "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?submit.474033", "name" : "Submit #474033 | code-projects Online Shoe Store 1.0 Improper Access Controls", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as critical was found in code-projects Online Shoe Store 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/index.php. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:code-projects:online_shoe_store:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 8.8, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 2.8, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-04T12:15Z", "lastModifiedDate" : "2025-01-22T15:24Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0207", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://gist.github.com/th4s1s/d10dfaebae75c8dbe54ad83d63725d81", "name" : "https://gist.github.com/th4s1s/d10dfaebae75c8dbe54ad83d63725d81", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290144", "name" : "VDB-290144 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.290144", "name" : "VDB-290144 | code-projects Online Shoe Store login.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.474035", "name" : "Submit #474035 | code-projects Online Shoe Store 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as critical, has been found in code-projects Online Shoe Store 1.0. Affected by this issue is some unknown functionality of the file /function/login.php. The manipulation of the argument password leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:code-projects:online_shoe_store:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-04T13:15Z", "lastModifiedDate" : "2025-01-10T21:27Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0208", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://gist.github.com/th4s1s/24925a20d1f9336858dee1cbbb30c249", "name" : "https://gist.github.com/th4s1s/24925a20d1f9336858dee1cbbb30c249", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290145", "name" : "VDB-290145 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.290145", "name" : "VDB-290145 | code-projects Online Shoe Store summary.php sql injection", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.474038", "name" : "Submit #474038 | code-projects Online Shoe Store 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as critical, was found in code-projects Online Shoe Store 1.0. This affects an unknown part of the file /summary.php. The manipulation of the argument tid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:code-projects:online_shoe_store:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-04T13:15Z", "lastModifiedDate" : "2025-01-10T21:28Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0210", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/shaturo1337/POCs/blob/main/Blind%20SQL%20Injection%20in%20School%20Faculty%20Scheduling%20System.md", "name" : "https://github.com/shaturo1337/POCs/blob/main/Blind%20SQL%20Injection%20in%20School%20Faculty%20Scheduling%20System.md", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290155", "name" : "VDB-290155 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.290155", "name" : "VDB-290155 | Campcodes School Faculty Scheduling System ajax.php sql injection", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.474112", "name" : "Submit #474112 | CampCodes School Faculty Scheduling System 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://www.campcodes.com/", "name" : "https://www.campcodes.com/", "refsource" : "", "tags" : [ "Product" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability has been found in Campcodes School Faculty Scheduling System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/ajax.php?action=login. The manipulation of the argument username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:campcodes:school_faculty_scheduling_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-04T14:15Z", "lastModifiedDate" : "2025-01-10T21:20Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0211", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "NVD-CWE-Other" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/shaturo1337/POCs/blob/main/LFI%20in%20School%20Faculty%20Scheduling%20System.md", "name" : "https://github.com/shaturo1337/POCs/blob/main/LFI%20in%20School%20Faculty%20Scheduling%20System.md", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290156", "name" : "VDB-290156 | CTI Indicators (IOB, IOC, IOA)", "refsource" : "", "tags" : [ "Permissions Required" ] }, { "url" : "https://vuldb.com/?id.290156", "name" : "VDB-290156 | Campcodes School Faculty Scheduling System index.php file inclusion", "refsource" : "", "tags" : [ "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?submit.474115", "name" : "Submit #474115 | CampCodes School Faculty Scheduling System 1.0 File Inclusion", "refsource" : "", "tags" : [ "Third Party Advisory" ] }, { "url" : "https://www.campcodes.com/", "name" : "https://www.campcodes.com/", "refsource" : "", "tags" : [ "Product" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in Campcodes School Faculty Scheduling System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/index.php. The manipulation of the argument page leads to file inclusion. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:campcodes:school_faculty_scheduling_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-04T15:15Z", "lastModifiedDate" : "2025-01-10T19:02Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0212", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/shaturo1337/POCs/blob/main/SQL%20Injection%20in%20Student%20Grading%20System.md", "name" : "https://github.com/shaturo1337/POCs/blob/main/SQL%20Injection%20in%20Student%20Grading%20System.md", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290157", "name" : "VDB-290157 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required" ] }, { "url" : "https://vuldb.com/?id.290157", "name" : "VDB-290157 | Campcodes Student Grading System view_students.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?submit.474168", "name" : "Submit #474168 | CampCodes Student Grading System 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory" ] }, { "url" : "https://www.campcodes.com/", "name" : "https://www.campcodes.com/", "refsource" : "", "tags" : [ "Product" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in Campcodes Student Grading System 1.0. It has been classified as critical. This affects an unknown part of the file /view_students.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:campcodes:student_grading_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-04T16:15Z", "lastModifiedDate" : "2025-01-10T18:57Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0213", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-434" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/shaturo1337/POCs/blob/main/Remote%20Code%20Execution%20via%20Arbitrary%20File%20Upload%20in%20Project%20Management%20System.md", "name" : "https://github.com/shaturo1337/POCs/blob/main/Remote%20Code%20Execution%20via%20Arbitrary%20File%20Upload%20in%20Project%20Management%20System.md", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290158", "name" : "VDB-290158 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required" ] }, { "url" : "https://vuldb.com/?id.290158", "name" : "VDB-290158 | Campcodes Project Management System update_forms.php unrestricted upload", "refsource" : "", "tags" : [ "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?submit.474200", "name" : "Submit #474200 | CampCodes Project Management System 1.0 RCE via Arbitrary File Upload", "refsource" : "", "tags" : [ "Third Party Advisory" ] }, { "url" : "https://www.campcodes.com/", "name" : "https://www.campcodes.com/", "refsource" : "", "tags" : [ "Product" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in Campcodes Project Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /forms/update_forms.php?action=change_pic2&id=4. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:campcodes:project_management_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-04T17:15Z", "lastModifiedDate" : "2025-01-10T18:55Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0214", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" }, { "lang" : "en", "value" : "CWE-74" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://gist.github.com/mcdruid/ff4f29f4e7830e9e91988c7195d77039", "name" : "https://gist.github.com/mcdruid/ff4f29f4e7830e9e91988c7195d77039", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.290159", "name" : "VDB-290159 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.290159", "name" : "VDB-290159 | TMD Custom Header Menu index.php sql injection", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.474299", "name" : "Submit #474299 | TMD TMD Custom Header Menu OpenCart module 4.0.0.1 SQL Injection", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in TMD Custom Header Menu 4.0.0.1 on OpenCart. It has been rated as problematic. This issue affects some unknown processing of the file /admin/index.php. The manipulation of the argument headermenu_id leads to sql injection. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-04T17:15Z", "lastModifiedDate" : "2025-01-04T17:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0215", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://plugins.trac.wordpress.org/browser/updraftplus/tags/1.24.12/includes/updraft-admin-common.js#L4404", "name" : "https://plugins.trac.wordpress.org/browser/updraftplus/tags/1.24.12/includes/updraft-admin-common.js#L4404", "refsource" : "", "tags" : [ ] }, { "url" : "https://plugins.trac.wordpress.org/browser/updraftplus/tags/1.24.12/includes/updraft-admin-common.js#L4439", "name" : "https://plugins.trac.wordpress.org/browser/updraftplus/tags/1.24.12/includes/updraft-admin-common.js#L4439", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/af568eea-59ce-467e-ba03-625d04d3db6e?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/af568eea-59ce-467e-ba03-625d04d3db6e?source=cve", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The UpdraftPlus: WP Backup & Migration Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the showdata and initiate_restore parameters in all versions up to, and including, 1.24.12 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick an admin user into performing an action such as clicking on a link." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 6.1, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 2.7 } }, "publishedDate" : "2025-01-15T23:15Z", "lastModifiedDate" : "2025-01-15T23:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0217", "ASSIGNER" : "secure@beyondtrust.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.beyondtrust.com/trust-center/security-advisories/bt25-03", "name" : "https://www.beyondtrust.com/trust-center/security-advisories/bt25-03", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "BeyondTrust Privileged Remote Access (PRA) versions prior to 25.1 are vulnerable to a local authentication bypass. A local authenticated attacker can view the connection details of a ShellJump session that was initiated with external tools, allowing unauthorized access to connected sessions." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:beyondtrust:privileged_remote_access:*:*:*:*:*:*:*:*", "versionEndExcluding" : "25.1", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "LOCAL", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 7.8, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 1.8, "impactScore" : 5.9 } }, "publishedDate" : "2025-05-05T17:18Z", "lastModifiedDate" : "2025-08-01T21:32Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0218", "ASSIGNER" : "cna@postgresql.org" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-330" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/pgadmin-org/pgagent/commit/1ecd193a2be3a3dc9e98f369495e1a792e6d508c", "name" : "https://github.com/pgadmin-org/pgagent/commit/1ecd193a2be3a3dc9e98f369495e1a792e6d508c", "refsource" : "", "tags" : [ "Patch" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "When batch jobs are executed by pgAgent, a script is created in a temporary directory and then executed. In versions of pgAgent prior to 4.2.3, an insufficiently seeded random number generator is used when generating the directory name, leading to the possibility for a local attacker to pre-create the directory and thus prevent pgAgent from executing jobs, disrupting scheduled tasks." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:pgadmin:pgagent:*:*:*:*:*:postgresql:*:*", "versionEndExcluding" : "4.2.3", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "attackVector" : "LOCAL", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 7.1, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 1.8, "impactScore" : 5.2 } }, "publishedDate" : "2025-01-07T20:15Z", "lastModifiedDate" : "2025-02-11T21:11Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0219", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" }, { "lang" : "en", "value" : "CWE-94" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://vuldb.com/?ctiid.290198", "name" : "VDB-290198 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.290198", "name" : "VDB-290198 | Trimble SPS851 Receiver Status Identity Tab cross site scripting", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.464906", "name" : "Submit #464906 | Trimble SPS851 488.01 Cross Site Scripting", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as problematic, has been found in Trimble SPS851 488.01. Affected by this issue is some unknown functionality of the component Receiver Status Identity Tab. The manipulation of the argument System Name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-05T06:15Z", "lastModifiedDate" : "2025-01-05T06:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0220", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" }, { "lang" : "en", "value" : "CWE-94" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/renanmalafatti/CVE/blob/main/CVE-2025-0220.md", "name" : "https://github.com/renanmalafatti/CVE/blob/main/CVE-2025-0220.md", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.290199", "name" : "VDB-290199 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.290199", "name" : "VDB-290199 | Trimble SPS851 Ethernet Configuration Menu cross site scripting", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.464943", "name" : "Submit #464943 | trimble SPS851 488.01 Cross Site Scripting", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as problematic, was found in Trimble SPS851 488.01. This affects an unknown part of the component Ethernet Configuration Menu. The manipulation of the argument Hostname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-05T13:15Z", "lastModifiedDate" : "2025-01-05T13:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0221", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-476" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://shareforall.notion.site/IOBit-Protected-Folder-pffilter-0x22200C-NPD-DOS-15260437bb1e80b2a477d42396d5d06c", "name" : "https://shareforall.notion.site/IOBit-Protected-Folder-pffilter-0x22200C-NPD-DOS-15260437bb1e80b2a477d42396d5d06c", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290200", "name" : "VDB-290200 | CTI Indicators (IOB, IOC, IOA)", "refsource" : "", "tags" : [ "Permissions Required" ] }, { "url" : "https://vuldb.com/?id.290200", "name" : "VDB-290200 | IOBit Protected Folder IOCTL pffilter.sys 0x22200c null pointer dereference", "refsource" : "", "tags" : [ "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?submit.466955", "name" : "Submit #466955 | IOBit Protected Folder V1.3.0 NULL Pointer Dereference", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability has been found in IOBit Protected Folder up to 1.3.0 and classified as problematic. This vulnerability affects the function 0x22200c in the library pffilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:i0bit:protected_folder:*:*:*:*:*:*:*:*", "versionEndIncluding" : "1.3.0", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector" : "LOCAL", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "NONE", "availabilityImpact" : "HIGH", "baseScore" : 5.5, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 1.8, "impactScore" : 3.6 } }, "publishedDate" : "2025-01-05T15:15Z", "lastModifiedDate" : "2025-01-23T17:52Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0222", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-476" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://shareforall.notion.site/IOBit-Uninstaller-IUProcessFilter-0x8001E000-NPD-DOS-15260437bb1e809c81bbc484c53b17bc", "name" : "https://shareforall.notion.site/IOBit-Uninstaller-IUProcessFilter-0x8001E000-NPD-DOS-15260437bb1e809c81bbc484c53b17bc", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290201", "name" : "VDB-290201 | CTI Indicators (IOB, IOC, IOA)", "refsource" : "", "tags" : [ "Permissions Required" ] }, { "url" : "https://vuldb.com/?id.290201", "name" : "VDB-290201 | IObit Protected Folder IOCTL IUProcessFilter.sys 0x8001E004 null pointer dereference", "refsource" : "", "tags" : [ "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?submit.466956", "name" : "Submit #466956 | IOBit Uninstaller 13.6.0.5 NULL Pointer Dereference", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in IObit Protected Folder up to 13.6.0.5 and classified as problematic. This issue affects the function 0x8001E000/0x8001E004 in the library IUProcessFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:i0bit:protected_folder:*:*:*:*:*:*:*:*", "versionStartIncluding" : "13.6.0.0", "versionEndIncluding" : "13.6.0.5", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector" : "LOCAL", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "NONE", "availabilityImpact" : "HIGH", "baseScore" : 5.5, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 1.8, "impactScore" : 3.6 } }, "publishedDate" : "2025-01-05T16:15Z", "lastModifiedDate" : "2025-01-23T17:46Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0223", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-476" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://shareforall.notion.site/IOBit-Uninstaller-IURegistryFilter-0x8001E000-NPD-DOS-15260437bb1e80e482e0e3c9b22b58d0", "name" : "https://shareforall.notion.site/IOBit-Uninstaller-IURegistryFilter-0x8001E000-NPD-DOS-15260437bb1e80e482e0e3c9b22b58d0", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290202", "name" : "VDB-290202 | CTI Indicators (IOB, IOC, IOA)", "refsource" : "", "tags" : [ "Permissions Required" ] }, { "url" : "https://vuldb.com/?id.290202", "name" : "VDB-290202 | IObit Protected Folder IOCTL IURegistryFilter.sys 0x8001E010 null pointer dereference", "refsource" : "", "tags" : [ "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?submit.466963", "name" : "Submit #466963 | IOBit Uninstaller 13.6.0.5 NULL Pointer Dereference", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in IObit Protected Folder up to 13.6.0.5. It has been classified as problematic. Affected is the function 0x8001E000/0x8001E00C/0x8001E004/0x8001E010 in the library IURegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:i0bit:protected_folder:*:*:*:*:*:*:*:*", "versionStartIncluding" : "13.6.0.0", "versionEndIncluding" : "13.6.0.5", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector" : "LOCAL", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "NONE", "availabilityImpact" : "HIGH", "baseScore" : 5.5, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 1.8, "impactScore" : 3.6 } }, "publishedDate" : "2025-01-05T16:15Z", "lastModifiedDate" : "2025-01-23T17:52Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0224", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-200" }, { "lang" : "en", "value" : "CWE-284" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://netsecfish.notion.site/Sensitive-Device-Information-Disclosure-in-Provision-ISR-DVR-1626b683e67c803881befbc730a93bf6?pvs=4", "name" : "https://netsecfish.notion.site/Sensitive-Device-Information-Disclosure-in-Provision-ISR-DVR-1626b683e67c803881befbc730a93bf6?pvs=4", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.290203", "name" : "VDB-290203 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.290203", "name" : "VDB-290203 | Provision-ISR SH-4050A-2 server.js information disclosure", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.467085", "name" : "Submit #467085 | Provision-ISR SH-4050A-2, SH-4100A-2L(MM), SH-8100A-2L(MM), SH-16200A-2(1U), SH-16200A-5(1U) , NVR5-8200PX 1.2.6.0R0.B180303h.1.D00.U2(4A21S), 1.2.6.0R0.B180303h.1.D00.U2(4A21T), 1.2.6.0R0.B180303h.1.N0K.U2(8A218), 1.2.6.0R0.B180303h.1 Information Disclos", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in Provision-ISR SH-4050A-2, SH-4100A-2L(MM), SH-8100A-2L(MM), SH-16200A-2(1U), SH-16200A-5(1U) and NVR5-8200PX up to 20241220. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /server.js. The manipulation leads to information disclosure. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-05T17:15Z", "lastModifiedDate" : "2025-01-05T17:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0225", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-23" }, { "lang" : "en", "value" : "CWE-25" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/BxYQ/ld/blob/main/file_read4/poc.py", "name" : "https://github.com/BxYQ/ld/blob/main/file_read4/poc.py", "refsource" : "", "tags" : [ ] }, { "url" : "https://github.com/BxYQ/ld/tree/main/file_read4", "name" : "https://github.com/BxYQ/ld/tree/main/file_read4", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.290215", "name" : "VDB-290215 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.290215", "name" : "VDB-290215 | Tsinghua Unigroup Electronic Archives System exampleDownload.html path traversal", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.474264", "name" : "Submit #474264 | Tsinghua Unigroup Software Systems Co., Ltd. Tsinghua Electronic Archives System 3.2.210802(62532) release File and Directory Information Exposure", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as problematic was found in Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). Affected by this vulnerability is an unknown functionality of the file /setting/ClassFy/exampleDownload.html. The manipulation of the argument name leads to path traversal: '/../filedir'. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-05T17:15Z", "lastModifiedDate" : "2025-01-05T17:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0226", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-200" }, { "lang" : "en", "value" : "CWE-284" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/BxYQ/ld/blob/main/file_read2/poc.py", "name" : "https://github.com/BxYQ/ld/blob/main/file_read2/poc.py", "refsource" : "", "tags" : [ ] }, { "url" : "https://github.com/BxYQ/ld/tree/main/file_read2", "name" : "https://github.com/BxYQ/ld/tree/main/file_read2", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.290216", "name" : "VDB-290216 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.290216", "name" : "VDB-290216 | Tsinghua Unigroup Electronic Archives System downLoad.html download information disclosure", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.474265", "name" : "Submit #474265 | Tsinghua Unigroup Software Systems Co., Ltd. Tsinghua Electronic Archives System 3.2.210802(62532) release File and Directory Information Exposure", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as problematic, has been found in Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). Affected by this issue is the function download of the file /collect/PortV4/downLoad.html. The manipulation of the argument path leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-05T18:15Z", "lastModifiedDate" : "2025-01-05T18:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0227", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-200" }, { "lang" : "en", "value" : "CWE-284" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/BxYQ/ld/blob/main/file_read1/poc.py", "name" : "https://github.com/BxYQ/ld/blob/main/file_read1/poc.py", "refsource" : "", "tags" : [ ] }, { "url" : "https://github.com/BxYQ/ld/tree/main/file_read1", "name" : "https://github.com/BxYQ/ld/tree/main/file_read1", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.290217", "name" : "VDB-290217 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.290217", "name" : "VDB-290217 | Tsinghua Unigroup Electronic Archives System downLoad.html information disclosure", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.474266", "name" : "Submit #474266 | Tsinghua Unigroup Software Systems Co., Ltd. Tsinghua Electronic Archives System 3.2.210802(62532) release File and Directory Information Exposure", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as problematic, was found in Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). This affects an unknown part of the file /Logs/Annals/downLoad.html. The manipulation of the argument path leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-05T18:15Z", "lastModifiedDate" : "2025-01-05T18:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0228", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://vuldb.com/?ctiid.290218", "name" : "VDB-290218 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.290218", "name" : "VDB-290218 | code-projects Local Storage Todo App index.html cross site scripting", "refsource" : "", "tags" : [ "Permissions Required", "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.474049", "name" : "Submit #474049 | code-projects Local Storage Todo App 1 Cross Site Scripting", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability has been found in code-projects Local Storage Todo App 1.0 and classified as problematic. This vulnerability affects unknown code of the file /js-todo-app/index.html. The manipulation of the argument Add leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:code-projects:local_storage_todo_app:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "HIGH", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 4.8, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 1.7, "impactScore" : 2.7 } }, "publishedDate" : "2025-01-05T19:15Z", "lastModifiedDate" : "2025-01-10T19:39Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0229", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://github.com/Huandtx/cve/blob/main/cve/sql1.md", "name" : "https://github.com/Huandtx/cve/blob/main/cve/sql1.md", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290225", "name" : "VDB-290225 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.290225", "name" : "VDB-290225 | code-projects Travel Management System enquiry.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.474572", "name" : "Submit #474572 | Code-projects travel-management-system v1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as critical, has been found in code-projects Travel Management System 1.0. This issue affects some unknown processing of the file /enquiry.php. The manipulation of the argument pid/t1/t2/t3/t4/t5/t6/t7 leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:fabianros:travel_management_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-05T20:15Z", "lastModifiedDate" : "2025-01-10T19:45Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0230", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://github.com/Huandtx/cve/blob/main/cve/Responsive%20Hotel%20Site/sql1.md", "name" : "https://github.com/Huandtx/cve/blob/main/cve/Responsive%20Hotel%20Site/sql1.md", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290226", "name" : "VDB-290226 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.290226", "name" : "VDB-290226 | code-projects Responsive Hotel Site print.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.474581", "name" : "Submit #474581 | code-projects Responsive Hotel Site v1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as critical, was found in code-projects Responsive Hotel Site 1.0. Affected is an unknown function of the file /admin/print.php. The manipulation of the argument pid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:fabianros:responsive_hotel_site:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-05T21:15Z", "lastModifiedDate" : "2025-01-10T19:48Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0231", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/gh464646/CVE/issues/1", "name" : "https://github.com/gh464646/CVE/issues/1", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290227", "name" : "VDB-290227 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.290227", "name" : "VDB-290227 | Codezips Gym Management System submit_payments.php sql injection", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.474596", "name" : "Submit #474596 | Gym Management System V1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability has been found in Codezips Gym Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /dashboard/admin/submit_payments.php. The manipulation of the argument m_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:codezips:gym_management_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 8.8, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 2.8, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-05T22:15Z", "lastModifiedDate" : "2025-01-10T19:58Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0232", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/alc9700jmo/CVE/issues/7", "name" : "https://github.com/alc9700jmo/CVE/issues/7", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290228", "name" : "VDB-290228 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required" ] }, { "url" : "https://vuldb.com/?id.290228", "name" : "VDB-290228 | Codezips Blood Bank Management System successadmin.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?submit.474597", "name" : "Submit #474597 | Blood Bank Management System In PHP With Source Code V1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in Codezips Blood Bank Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /successadmin.php. The manipulation of the argument psw leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:codezips:blood_bank_management_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 8.8, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 2.8, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-05T22:15Z", "lastModifiedDate" : "2025-01-10T17:36Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0233", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/1074923869/CVE/issues/1", "name" : "https://github.com/1074923869/CVE/issues/1", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290229", "name" : "VDB-290229 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required" ] }, { "url" : "https://vuldb.com/?id.290229", "name" : "VDB-290229 | Codezips Project Management System course.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?submit.474673", "name" : "Submit #474673 | Codezips Project Management System V1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in Codezips Project Management System 1.0. It has been classified as critical. This affects an unknown part of the file /pages/forms/course.php. The manipulation of the argument course_name leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:codezips:project_management_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-05T23:15Z", "lastModifiedDate" : "2025-01-10T17:28Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0234", "ASSIGNER" : "canon@example.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://psirt.canon/advisory-information/cp2025-002/", "name" : "https://psirt.canon/advisory-information/cp2025-002/", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Out-of-bounds vulnerability in curve segmentation processing of Generic PCL6 V4 Printer Driver / Generic UFR II V4 Printer Driver / Generic LIPSLX V4 Printer Driver." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-26T08:12Z", "lastModifiedDate" : "2025-02-26T08:12Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0235", "ASSIGNER" : "canon@example.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://psirt.canon/advisory-information/cp2025-002/", "name" : "https://psirt.canon/advisory-information/cp2025-002/", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Out-of-bounds vulnerability due to improper memory release during image rendering in Generic PCL6 V4 Printer Driver / Generic UFR II V4 Printer Driver / Generic LIPSLX V4 Printer Driver." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-26T08:12Z", "lastModifiedDate" : "2025-02-26T08:12Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0236", "ASSIGNER" : "canon@example.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://psirt.canon/advisory-information/cp2025-002/", "name" : "https://psirt.canon/advisory-information/cp2025-002/", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Out-of-bounds vulnerability in slope processing during curve rendering in Generic PCL6 V4 Printer Driver / Generic UFR II V4 Printer Driver / Generic LIPSLX V4 Printer Driver." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-26T08:12Z", "lastModifiedDate" : "2025-02-26T08:12Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0237", "ASSIGNER" : "security@mozilla.org" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1915257", "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1915257", "refsource" : "", "tags" : [ "Issue Tracking", "Permissions Required" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-01/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-01/", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-02/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-02/", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-04/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-04/", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-05/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-05/", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to privilege escalation attacks. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "versionEndExcluding" : "134.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*", "versionEndExcluding" : "128.6.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "versionEndExcluding" : "128.6.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "versionStartIncluding" : "129.0", "versionEndExcluding" : "134.0", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-01-07T16:15Z", "lastModifiedDate" : "2025-04-03T16:29Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0238", "ASSIGNER" : "security@mozilla.org" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1915535", "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1915535", "refsource" : "", "tags" : [ "Issue Tracking", "Permissions Required" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-01/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-01/", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-02/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-02/", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-03/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-03/", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-04/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-04/", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-05/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-05/", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Assuming a controlled failed memory allocation, an attacker could have caused a use-after-free, leading to a potentially exploitable crash. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Firefox ESR < 115.19, Thunderbird < 134, and Thunderbird < 128.6." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "versionEndExcluding" : "134.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "versionStartIncluding" : "129.0", "versionEndExcluding" : "134.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*", "versionStartIncluding" : "116.0", "versionEndExcluding" : "128.6.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*", "versionEndExcluding" : "115.19.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "versionEndExcluding" : "128.6", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-01-07T16:15Z", "lastModifiedDate" : "2025-04-03T16:29Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0239", "ASSIGNER" : "security@mozilla.org" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1929156", "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1929156", "refsource" : "", "tags" : [ "Issue Tracking", "Permissions Required" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-01/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-01/", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-02/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-02/", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-04/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-04/", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-05/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-05/", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "versionEndExcluding" : "134.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*", "versionEndExcluding" : "128.6.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "versionEndExcluding" : "128.6.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "versionStartIncluding" : "129.0", "versionEndExcluding" : "134.0", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-01-07T16:15Z", "lastModifiedDate" : "2025-04-03T16:29Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0240", "ASSIGNER" : "security@mozilla.org" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1929623", "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1929623", "refsource" : "", "tags" : [ "Issue Tracking", "Permissions Required" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-01/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-01/", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-02/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-02/", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-04/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-04/", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-05/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-05/", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Parsing a JavaScript module as JSON could, under some circumstances, cause cross-compartment access, which may result in a use-after-free. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "versionEndExcluding" : "134.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*", "versionEndExcluding" : "128.6.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "versionEndExcluding" : "128.6.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "versionStartIncluding" : "129.0", "versionEndExcluding" : "134.0", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-01-07T16:15Z", "lastModifiedDate" : "2025-04-03T16:29Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0241", "ASSIGNER" : "security@mozilla.org" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1933023", "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1933023", "refsource" : "", "tags" : [ "Issue Tracking", "Permissions Required" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-01/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-01/", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-02/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-02/", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-04/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-04/", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-05/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-05/", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "When segmenting specially crafted text, segmentation would corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "versionEndExcluding" : "134.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*", "versionEndExcluding" : "128.6.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "versionEndExcluding" : "128.6.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "versionStartIncluding" : "129.0", "versionEndExcluding" : "134.0", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-01-07T16:15Z", "lastModifiedDate" : "2025-04-03T16:30Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0242", "ASSIGNER" : "security@mozilla.org" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1874523%2C1926454%2C1931873%2C1932169", "name" : "Memory safety bugs fixed in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6", "refsource" : "", "tags" : [ "Broken Link", "Issue Tracking" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-01/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-01/", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-02/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-02/", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-03/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-03/", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-04/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-04/", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-05/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-05/", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ESR 115.18, Firefox ESR 128.5, Thunderbird 115.18, and Thunderbird 128.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Firefox ESR < 115.19, Thunderbird < 134, and Thunderbird < 128.6." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "versionEndExcluding" : "134.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "versionEndExcluding" : "128.6.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "versionStartIncluding" : "129.0", "versionEndExcluding" : "134.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*", "versionEndIncluding" : "115.19.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*", "versionStartIncluding" : "116.0", "versionEndExcluding" : "128.6.0", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-01-07T16:15Z", "lastModifiedDate" : "2025-04-03T16:30Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0243", "ASSIGNER" : "security@mozilla.org" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-787" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1827142%2C1932783", "name" : "Memory safety bugs fixed in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6", "refsource" : "", "tags" : [ "Broken Link", "Issue Tracking" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-01/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-01/", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-02/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-02/", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-04/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-04/", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-05/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-05/", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ESR 128.5, and Thunderbird 128.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "versionEndExcluding" : "133.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*", "versionEndExcluding" : "128.6.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "versionEndExcluding" : "128.6.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "versionStartIncluding" : "129.0", "versionEndExcluding" : "134.0", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-01-07T16:15Z", "lastModifiedDate" : "2025-04-03T16:30Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0244", "ASSIGNER" : "security@mozilla.org" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1929584", "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1929584", "refsource" : "", "tags" : [ "Issue Tracking" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-01/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-01/", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "When redirecting to an invalid protocol scheme, an attacker could spoof the address bar. \n*Note: This issue only affected Android operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 134." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "versionEndExcluding" : "134.0", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-01-07T16:15Z", "lastModifiedDate" : "2025-04-03T16:30Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0245", "ASSIGNER" : "security@mozilla.org" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "NVD-CWE-noinfo" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1895342", "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1895342", "refsource" : "", "tags" : [ "Issue Tracking", "Permissions Required" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-01/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-01/", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Under certain circumstances, a user opt-in setting that Focus should require authentication before use could have been be bypassed. This vulnerability affects Firefox < 134." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "versionEndExcluding" : "134.0", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-01-07T16:15Z", "lastModifiedDate" : "2025-04-03T16:30Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0246", "ASSIGNER" : "security@mozilla.org" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "NVD-CWE-noinfo" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1912709", "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1912709", "refsource" : "", "tags" : [ "Issue Tracking", "Permissions Required" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-01/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-01/", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "When using an invalid protocol scheme, an attacker could spoof the address bar. \n*Note: This issue only affected Android operating systems. Other operating systems are unaffected.*\n*Note: This issue is a different issue from CVE-2025-0244. This vulnerability affects Firefox < 134." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "versionEndExcluding" : "134.0", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] } ] }, "impact" : { }, "publishedDate" : "2025-01-07T16:15Z", "lastModifiedDate" : "2025-04-03T16:30Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0247", "ASSIGNER" : "security@mozilla.org" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-787" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1835193%2C1910021%2C1919803%2C1931576%2C1931948%2C1932173", "name" : "Memory safety bugs fixed in Firefox 134 and Thunderbird 134", "refsource" : "", "tags" : [ "Broken Link", "Issue Tracking" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-01/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-01/", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-04/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-04/", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Memory safety bugs present in Firefox 133 and Thunderbird 133. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 134 and Thunderbird < 134." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "versionEndExcluding" : "134.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "versionEndExcluding" : "134.0", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-01-07T16:15Z", "lastModifiedDate" : "2025-04-03T16:25Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0249", "ASSIGNER" : "psirt@hcl.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0122368", "name" : "VDB-299060 | PyTorch Quantized Sigmoid Module nnq_Sigmoid initialization", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "HCL IEM is affected by an improper invalidation of access or JWT token vulnerability.  A token was not invalidated which may allow attackers to access sensitive data without authorization." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-07-25T00:15Z", "lastModifiedDate" : "2025-07-25T15:29Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0250", "ASSIGNER" : "psirt@hcl.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0122368", "name" : "VDB-299060 | PyTorch Quantized Sigmoid Module nnq_Sigmoid initialization", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "HCL IEM is affected by an authorization token sent in cookie vulnerability.  A token used for authentication and authorization is being handled in a manner that may increase its exposure to security risks." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-07-25T00:15Z", "lastModifiedDate" : "2025-07-25T15:29Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0251", "ASSIGNER" : "psirt@hcl.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0122368", "name" : "VDB-299060 | PyTorch Quantized Sigmoid Module nnq_Sigmoid initialization", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "HCL IEM is affected by a concurrent login vulnerability.  The application allows multiple concurrent sessions using the same user credentials, which may introduce security risks." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-07-25T01:15Z", "lastModifiedDate" : "2025-07-25T15:29Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0252", "ASSIGNER" : "psirt@hcl.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0122368", "name" : "VDB-299060 | PyTorch Quantized Sigmoid Module nnq_Sigmoid initialization", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "HCL IEM is affected by a password in cleartext vulnerability.  Sensitive information is transmitted without adequate protection, potentially exposing it to unauthorized access during transit." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-07-25T01:15Z", "lastModifiedDate" : "2025-07-25T15:29Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0253", "ASSIGNER" : "psirt@hcl.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0122368", "name" : "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0122368", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "HCL IEM is affected by a cookie attribute not set vulnerability due to inconsistency of certain security-related configurations which could increase exposure to potential vulnerabilities." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-07-25T01:15Z", "lastModifiedDate" : "2025-07-25T15:29Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0254", "ASSIGNER" : "psirt@hcl.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0120000", "name" : "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0120000", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "HCL Digital Experience components Ring API and dxclient may be vulnerable to man-in-the-middle (MitM) attacks prior to 9.5 CF226. An attacker could intercept and potentially alter communication between two parties." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-03-20T14:15Z", "lastModifiedDate" : "2025-03-20T15:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0255", "ASSIGNER" : "psirt@hcl.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-78" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0119060", "name" : "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0119060", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "HCL DevOps Deploy / HCL Launch could allow a remote privileged authenticated attacker to execute arbitrary commands on the system by sending specially crafted input containing special elements." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:hcltechsw:hcl_devops_deploy:*:*:*:*:*:*:*:*", "versionStartIncluding" : "8.0.0.0", "versionEndExcluding" : "8.0.1.5", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:hcltechsw:hcl_devops_deploy:8.1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:hcltechsw:hcl_launch:*:*:*:*:*:*:*:*", "versionStartIncluding" : "7.0.0.0", "versionEndExcluding" : "7.0.5.26", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:hcltechsw:hcl_launch:*:*:*:*:*:*:*:*", "versionStartIncluding" : "7.1.0.0", "versionEndExcluding" : "7.1.2.22", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:hcltechsw:hcl_launch:*:*:*:*:*:*:*:*", "versionStartIncluding" : "7.2.0.0", "versionEndExcluding" : "7.2.3.15", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:hcltechsw:hcl_launch:*:*:*:*:*:*:*:*", "versionStartIncluding" : "7.3.0.0", "versionEndExcluding" : "7.3.2.10", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "HIGH", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 7.2, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 1.2, "impactScore" : 5.9 } }, "publishedDate" : "2025-03-24T17:15Z", "lastModifiedDate" : "2025-04-11T17:40Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0256", "ASSIGNER" : "psirt@hcl.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-306" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0119059", "name" : "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0119059", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "HCL DevOps Deploy / HCL Launch could allow an authenticated user to obtain sensitive information about other users on the system due to missing authorization for a function." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:hcltechsw:hcl_devops_deploy:*:*:*:*:*:*:*:*", "versionStartIncluding" : "8.0.0.0", "versionEndExcluding" : "8.0.1.5", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:hcltechsw:hcl_devops_deploy:8.1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:hcltechsw:hcl_launch:*:*:*:*:*:*:*:*", "versionStartIncluding" : "7.0.0.0", "versionEndExcluding" : "7.0.5.26", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:hcltechsw:hcl_launch:*:*:*:*:*:*:*:*", "versionStartIncluding" : "7.1.0.0", "versionEndExcluding" : "7.1.2.22", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:hcltechsw:hcl_launch:*:*:*:*:*:*:*:*", "versionStartIncluding" : "7.2.0.0", "versionEndExcluding" : "7.2.3.15", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:hcltechsw:hcl_launch:*:*:*:*:*:*:*:*", "versionStartIncluding" : "7.3.0.0", "versionEndExcluding" : "7.3.2.10", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 6.5, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 3.6 } }, "publishedDate" : "2025-03-24T16:15Z", "lastModifiedDate" : "2025-04-11T17:38Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0257", "ASSIGNER" : "psirt@hcl.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-306" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0119061", "name" : "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0119061", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "HCL DevOps Deploy / HCL Launch could allow unauthorized access to other services or potential exposure of sensitive data due to missing authentication in its Agent Relay service." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:hcltechsw:hcl_devops_deploy:*:*:*:*:*:*:*:*", "versionStartIncluding" : "8.0.0.0", "versionEndExcluding" : "8.0.1.6", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:hcltechsw:hcl_devops_deploy:*:*:*:*:*:*:*:*", "versionStartIncluding" : "8.1.0", "versionEndExcluding" : "8.1.1", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:hcltechsw:hcl_launch:*:*:*:*:*:*:*:*", "versionStartIncluding" : "7.1.0.0", "versionEndExcluding" : "7.1.2.23", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:hcltechsw:hcl_launch:*:*:*:*:*:*:*:*", "versionStartIncluding" : "7.2.0.0", "versionEndExcluding" : "7.2.3.16", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:hcltechsw:hcl_launch:*:*:*:*:*:*:*:*", "versionStartIncluding" : "7.3.0.0", "versionEndExcluding" : "7.3.2.11", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 7.5, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 3.9, "impactScore" : 3.6 } }, "publishedDate" : "2025-04-02T22:15Z", "lastModifiedDate" : "2025-04-10T14:13Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0272", "ASSIGNER" : "psirt@hcl.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0120137", "name" : "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0120137", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "HCL DevOps Deploy / HCL Launch is vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:hcltechsw:hcl_devops_deploy:*:*:*:*:*:*:*:*", "versionStartIncluding" : "8.0.0.0", "versionEndExcluding" : "8.0.1.5", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:hcltechsw:hcl_launch:*:*:*:*:*:*:*:*", "versionStartIncluding" : "7.1.0.0", "versionEndExcluding" : "7.1.2.22", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:hcltechsw:hcl_launch:*:*:*:*:*:*:*:*", "versionStartIncluding" : "7.2.0.0", "versionEndExcluding" : "7.2.3.15", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:hcltechsw:hcl_devops_deploy:*:*:*:*:*:*:*:*", "versionStartIncluding" : "8.1.0", "versionEndExcluding" : "8.1.0.1", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:hcltechsw:hcl_launch:*:*:*:*:*:*:*:*", "versionStartIncluding" : "7.0.0.0", "versionEndIncluding" : "7.0.5.26", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:hcltechsw:hcl_launch:*:*:*:*:*:*:*:*", "versionStartIncluding" : "7.3.0.0", "versionEndIncluding" : "7.3.2.9", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 7.6, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 2.3, "impactScore" : 4.7 } }, "publishedDate" : "2025-04-03T15:15Z", "lastModifiedDate" : "2025-04-10T13:27Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0273", "ASSIGNER" : "psirt@hcl.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-532" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0120138", "name" : "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0120138", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "HCL DevOps Deploy / HCL Launch stores potentially sensitive authentication token information in log files that could be read by a local user." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:hcltechsw:hcl_devops_deploy:*:*:*:*:*:*:*:*", "versionStartIncluding" : "8.0.0.0", "versionEndExcluding" : "8.0.1.5", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:hcltechsw:hcl_launch:*:*:*:*:*:*:*:*", "versionStartIncluding" : "7.1.0.0", "versionEndExcluding" : "7.1.2.22", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:hcltechsw:hcl_launch:*:*:*:*:*:*:*:*", "versionStartIncluding" : "7.2.0.0", "versionEndExcluding" : "7.2.3.15", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:hcltechsw:hcl_devops_deploy:*:*:*:*:*:*:*:*", "versionStartIncluding" : "8.1.0", "versionEndExcluding" : "8.1.0.1", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:hcltechsw:hcl_launch:*:*:*:*:*:*:*:*", "versionStartIncluding" : "7.0.0.0", "versionEndIncluding" : "7.0.5.26", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:hcltechsw:hcl_launch:*:*:*:*:*:*:*:*", "versionStartIncluding" : "7.3.0.0", "versionEndIncluding" : "7.3.2.9", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "attackVector" : "LOCAL", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 5.5, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 1.8, "impactScore" : 3.6 } }, "publishedDate" : "2025-03-27T05:15Z", "lastModifiedDate" : "2025-04-11T16:19Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0278", "ASSIGNER" : "psirt@hcl.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0120335", "name" : "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0120335", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "HCL Traveler is affected by an internal path disclosure in a Windows application when the application inadvertently reveals internal file paths, in error messages, debug logs, or responses to user requests." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-04-03T22:15Z", "lastModifiedDate" : "2025-04-03T22:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0279", "ASSIGNER" : "psirt@hcl.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0120336", "name" : "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0120336", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "HCL Traveler generates some error messages that provide detailed information about errors and failures, such as internal paths, file names, sensitive tokens, credentials, error codes, or stack traces. Attackers could exploit this information to gain insights into the system's architecture and potentially launch targeted attacks." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-04-03T22:15Z", "lastModifiedDate" : "2025-04-03T22:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0281", "ASSIGNER" : "security@huntr.dev" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" }, { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/lunary-ai/lunary/commit/fa0fd7742ae029ed934690d282519263f5d838de", "name" : "https://github.com/lunary-ai/lunary/commit/fa0fd7742ae029ed934690d282519263f5d838de", "refsource" : "", "tags" : [ "Patch" ] }, { "url" : "https://huntr.com/bounties/b3f4a655-5b08-4fef-be2c-aac8703ad5d0", "name" : "https://huntr.com/bounties/b3f4a655-5b08-4fef-be2c-aac8703ad5d0", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A stored cross-site scripting (XSS) vulnerability exists in lunary-ai/lunary versions 1.6.7 and earlier. An attacker can inject malicious JavaScript into the SAML IdP XML metadata, which is used to generate the SAML login redirect URL. This URL is then set as the value of `window.location.href` without proper validation or sanitization. This vulnerability allows the attacker to execute arbitrary JavaScript in the context of the user's browser, potentially leading to session hijacking, data theft, or other malicious actions. The issue is fixed in version 1.7.10." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:lunary:lunary:*:*:*:*:*:*:*:*", "versionEndExcluding" : "1.7.10", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 5.4, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.3, "impactScore" : 2.7 } }, "publishedDate" : "2025-03-20T10:15Z", "lastModifiedDate" : "2025-03-28T14:22Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0282", "ASSIGNER" : "responsible.disclosure@ivanti.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-787" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://cloud.google.com/blog/topics/threat-intelligence/ivanti-connect-secure-vpn-zero-day", "name" : "https://cloud.google.com/blog/topics/threat-intelligence/ivanti-connect-secure-vpn-zero-day", "refsource" : "", "tags" : [ "Exploit", "Technical Description" ] }, { "url" : "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283", "name" : "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://github.com/sfewer-r7/CVE-2025-0282", "name" : "https://github.com/sfewer-r7/CVE-2025-0282", "refsource" : "", "tags" : [ "Exploit" ] }, { "url" : "https://labs.watchtowr.com/exploitation-walkthrough-and-techniques-ivanti-connect-secure-rce-cve-2025-0282/", "name" : "https://labs.watchtowr.com/exploitation-walkthrough-and-techniques-ivanti-connect-secure-rce-cve-2025-0282/", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://www.cisa.gov/cisa-mitigation-instructions-cve-2025-0282", "name" : "https://www.cisa.gov/cisa-mitigation-instructions-cve-2025-0282", "refsource" : "", "tags" : [ "Third Party Advisory", "US Government Resource" ] }, { "url" : "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2025-0282", "name" : "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2025-0282", "refsource" : "", "tags" : [ "Third Party Advisory", "US Government Resource" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r2.3:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r2.4:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:policy_secure:22.7:r1.2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r2.2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r2.3:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "HIGH", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "CHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.0, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 2.2, "impactScore" : 6.0 } }, "publishedDate" : "2025-01-08T23:15Z", "lastModifiedDate" : "2025-03-17T19:24Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0283", "ASSIGNER" : "responsible.disclosure@ivanti.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-787" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283", "name" : "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a local authenticated attacker to escalate their privileges." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*", "versionEndExcluding" : "9.1", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.1:r1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:9.1:r16.1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:9.1:r15.2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:9.1:r10:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:9.1:r11:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:9.1:r11.3:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:9.1:r11.4:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:21.9:r1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:21.12:r1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.1:r6:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.2:r1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:9.1:-:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:9.1:r1.0:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:9.1:r10.0:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:9.1:r10.2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:9.1:r11.0:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:9.1:r11.1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:9.1:r12.1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:9.1:r12.2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:9.1:r13.1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:9.1:r14.4:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:9.1:r17:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:9.1:r17.1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:9.1:r17.2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:9.1:r18:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:9.1:r18.1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:9.1:r18.2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:9.1:r18.3:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:-:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r2.3:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r2.4:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r2.2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r2.3:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:policy_secure:22.7:r1.2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:9.1:r18.7:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:9.1:r18.8:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:9.1:r18.9:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*", "versionStartIncluding" : "22.2", "versionEndExcluding" : "22.7", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r1.2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r1.3:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r1.4:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r1.5:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*", "versionEndExcluding" : "22.7", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.2:r4:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.2:r5:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.3:r1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.3:r4:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.4:r1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.4:r3:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.5:r1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.5:r1.2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.6:r1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.6:r1.2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.6:r1.3:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.6:r1.5:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.6:r1.6:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.6:r1.7:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r1.6:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "LOCAL", "attackComplexity" : "HIGH", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 7.0, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 1.0, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-08T23:15Z", "lastModifiedDate" : "2025-01-14T15:58Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0285", "ASSIGNER" : "cert@cert.org" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-1284" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://paragon-software.zendesk.com/hc/en-us/articles/32993902732817-IMPORTANT-Paragon-Driver-Security-Patch-for-All-Products-of-Hard-Disk-Manager-Product-Line-Biontdrv-sys", "name" : "https://paragon-software.zendesk.com/hc/en-us/articles/32993902732817-IMPORTANT-Paragon-Driver-Security-Patch-for-All-Products-of-Hard-Disk-Manager-Product-Line-Biontdrv-sys", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://www.kb.cert.org/vuls/id/726882", "name" : "https://www.kb.cert.org/vuls/id/726882", "refsource" : "", "tags" : [ "Third Party Advisory" ] }, { "url" : "https://www.paragon-software.com/support/#patches", "name" : "https://www.paragon-software.com/support/#patches", "refsource" : "", "tags" : [ "Product" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Various Paragon Software products contain an arbitrary kernel memory mapping vulnerability within biontdrv.sys that is caused by a failure to properly validate the length of user supplied data, which can allow an attacker to perform privilege escalation exploits." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paragon-software:paragon_backup_\\&_recovery:*:*:*:*:*:*:*:*", "versionStartIncluding" : "15", "versionEndIncluding" : "17.39", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paragon-software:paragon_disk_wiper:*:*:*:*:*:*:*:*", "versionStartIncluding" : "15", "versionEndIncluding" : "16", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paragon-software:paragon_drive_copy:*:*:*:*:*:*:*:*", "versionStartIncluding" : "15", "versionEndIncluding" : "16", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paragon-software:paragon_hard_disk_manager:*:*:*:*:*:*:*:*", "versionStartIncluding" : "15", "versionEndIncluding" : "17.39", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paragon-software:paragon_migrate_os_to_ssd:*:*:*:*:*:*:*:*", "versionStartIncluding" : "4", "versionEndIncluding" : "5", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paragon-software:paragon_partition_manager:*:*:*:*:*:*:*:*", "versionStartIncluding" : "15", "versionEndIncluding" : "17.39", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-03-03T17:15Z", "lastModifiedDate" : "2025-06-25T16:49Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0286", "ASSIGNER" : "cert@cert.org" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-1284" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://paragon-software.zendesk.com/hc/en-us/articles/32993902732817-IMPORTANT-Paragon-Driver-Security-Patch-for-All-Products-of-Hard-Disk-Manager-Product-Line-Biontdrv-sys", "name" : "https://paragon-software.zendesk.com/hc/en-us/articles/32993902732817-IMPORTANT-Paragon-Driver-Security-Patch-for-All-Products-of-Hard-Disk-Manager-Product-Line-Biontdrv-sys", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://www.kb.cert.org/vuls/id/726882", "name" : "https://www.kb.cert.org/vuls/id/726882", "refsource" : "", "tags" : [ "Third Party Advisory" ] }, { "url" : "https://www.paragon-software.com/support/#patches", "name" : "https://www.paragon-software.com/support/#patches", "refsource" : "", "tags" : [ "Product" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Various Paragon Software products contain an arbitrary kernel memory write vulnerability within biontdrv.sys that is caused by a failure to properly validate the length of user supplied data, which can allow an attacker to execute arbitrary code on the victim machine." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paragon-software:paragon_backup_\\&_recovery:*:*:*:*:*:*:*:*", "versionStartIncluding" : "15", "versionEndIncluding" : "17.39", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paragon-software:paragon_disk_wiper:*:*:*:*:*:*:*:*", "versionStartIncluding" : "15", "versionEndIncluding" : "16", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paragon-software:paragon_drive_copy:*:*:*:*:*:*:*:*", "versionStartIncluding" : "15", "versionEndIncluding" : "16", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paragon-software:paragon_hard_disk_manager:*:*:*:*:*:*:*:*", "versionStartIncluding" : "15", "versionEndIncluding" : "17.39", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paragon-software:paragon_migrate_os_to_ssd:*:*:*:*:*:*:*:*", "versionStartIncluding" : "4", "versionEndIncluding" : "5", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paragon-software:paragon_partition_manager:*:*:*:*:*:*:*:*", "versionStartIncluding" : "15", "versionEndIncluding" : "17.39", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-03-03T17:15Z", "lastModifiedDate" : "2025-06-25T16:49Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0287", "ASSIGNER" : "cert@cert.org" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://paragon-software.zendesk.com/hc/en-us/articles/32993902732817-IMPORTANT-Paragon-Driver-Security-Patch-for-All-Products-of-Hard-Disk-Manager-Product-Line-Biontdrv-sys", "name" : "https://paragon-software.zendesk.com/hc/en-us/articles/32993902732817-IMPORTANT-Paragon-Driver-Security-Patch-for-All-Products-of-Hard-Disk-Manager-Product-Line-Biontdrv-sys", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://www.kb.cert.org/vuls/id/726882", "name" : "https://www.kb.cert.org/vuls/id/726882", "refsource" : "", "tags" : [ "Third Party Advisory" ] }, { "url" : "https://www.paragon-software.com/support/#patches", "name" : "https://www.paragon-software.com/support/#patches", "refsource" : "", "tags" : [ "Product" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Various Paragon Software products contain a null pointer dereference vulnerability within biontdrv.sys that is caused by a lack of a valid MasterLrp structure in the input buffer, allowing an attacker to execute arbitrary code in the kernel, facilitating privilege escalation." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paragon-software:paragon_backup_\\&_recovery:*:*:*:*:*:*:*:*", "versionStartIncluding" : "15", "versionEndIncluding" : "17.39", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paragon-software:paragon_disk_wiper:*:*:*:*:*:*:*:*", "versionStartIncluding" : "15", "versionEndIncluding" : "16", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paragon-software:paragon_drive_copy:*:*:*:*:*:*:*:*", "versionStartIncluding" : "15", "versionEndIncluding" : "16", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paragon-software:paragon_hard_disk_manager:*:*:*:*:*:*:*:*", "versionStartIncluding" : "15", "versionEndIncluding" : "17.39", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paragon-software:paragon_migrate_os_to_ssd:*:*:*:*:*:*:*:*", "versionStartIncluding" : "4", "versionEndIncluding" : "5", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paragon-software:paragon_partition_manager:*:*:*:*:*:*:*:*", "versionStartIncluding" : "15", "versionEndIncluding" : "17.39", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-03-03T17:15Z", "lastModifiedDate" : "2025-06-25T16:49Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0288", "ASSIGNER" : "cert@cert.org" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "NVD-CWE-noinfo" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://paragon-software.zendesk.com/hc/en-us/articles/32993902732817-IMPORTANT-Paragon-Driver-Security-Patch-for-All-Products-of-Hard-Disk-Manager-Product-Line-Biontdrv-sys", "name" : "https://paragon-software.zendesk.com/hc/en-us/articles/32993902732817-IMPORTANT-Paragon-Driver-Security-Patch-for-All-Products-of-Hard-Disk-Manager-Product-Line-Biontdrv-sys", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://www.kb.cert.org/vuls/id/726882", "name" : "https://www.kb.cert.org/vuls/id/726882", "refsource" : "", "tags" : [ "Third Party Advisory" ] }, { "url" : "https://www.paragon-software.com/support/#patches", "name" : "https://www.paragon-software.com/support/#patches", "refsource" : "", "tags" : [ "Product" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Various Paragon Software products contain an arbitrary kernel memory vulnerability within biontdrv.sys, facilitated by the memmove function, which does not validate or sanitize user controlled input, allowing an attacker the ability to write arbitrary kernel memory and perform privilege escalation." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paragon-software:paragon_backup_\\&_recovery:*:*:*:*:*:*:*:*", "versionStartIncluding" : "15", "versionEndIncluding" : "17.39", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paragon-software:paragon_disk_wiper:*:*:*:*:*:*:*:*", "versionStartIncluding" : "15", "versionEndIncluding" : "16", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paragon-software:paragon_drive_copy:*:*:*:*:*:*:*:*", "versionStartIncluding" : "15", "versionEndIncluding" : "16", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paragon-software:paragon_hard_disk_manager:*:*:*:*:*:*:*:*", "versionStartIncluding" : "15", "versionEndIncluding" : "17.39", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paragon-software:paragon_migrate_os_to_ssd:*:*:*:*:*:*:*:*", "versionStartIncluding" : "4", "versionEndIncluding" : "5", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paragon-software:paragon_partition_manager:*:*:*:*:*:*:*:*", "versionStartIncluding" : "15", "versionEndIncluding" : "17.39", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-03-03T17:15Z", "lastModifiedDate" : "2025-06-25T16:49Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0289", "ASSIGNER" : "cert@cert.org" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "NVD-CWE-noinfo" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://paragon-software.zendesk.com/hc/en-us/articles/32993902732817-IMPORTANT-Paragon-Driver-Security-Patch-for-All-Products-of-Hard-Disk-Manager-Product-Line-Biontdrv-sys", "name" : "https://paragon-software.zendesk.com/hc/en-us/articles/32993902732817-IMPORTANT-Paragon-Driver-Security-Patch-for-All-Products-of-Hard-Disk-Manager-Product-Line-Biontdrv-sys", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://www.kb.cert.org/vuls/id/726882", "name" : "https://www.kb.cert.org/vuls/id/726882", "refsource" : "", "tags" : [ "Third Party Advisory" ] }, { "url" : "https://www.paragon-software.com/support/#patches", "name" : "https://www.paragon-software.com/support/#patches", "refsource" : "", "tags" : [ "Product" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Various Paragon Software products contain an insecure kernel resource access vulnerability facilitated by the driver not validating the MappedSystemVa pointer before passing it to HalReturnToFirmware, which can allows an attacker the ability to compromise the service." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paragon-software:paragon_backup_\\&_recovery:*:*:*:*:*:*:*:*", "versionStartIncluding" : "15", "versionEndIncluding" : "17.39", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paragon-software:paragon_disk_wiper:*:*:*:*:*:*:*:*", "versionStartIncluding" : "15", "versionEndIncluding" : "16", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paragon-software:paragon_drive_copy:*:*:*:*:*:*:*:*", "versionStartIncluding" : "15", "versionEndIncluding" : "16", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paragon-software:paragon_hard_disk_manager:*:*:*:*:*:*:*:*", "versionStartIncluding" : "15", "versionEndIncluding" : "17.39", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paragon-software:paragon_migrate_os_to_ssd:*:*:*:*:*:*:*:*", "versionStartIncluding" : "4", "versionEndIncluding" : "5", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:paragon-software:paragon_partition_manager:*:*:*:*:*:*:*:*", "versionStartIncluding" : "15", "versionEndIncluding" : "17.39", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-03-03T17:15Z", "lastModifiedDate" : "2025-06-25T16:49Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0290", "ASSIGNER" : "cve@gitlab.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "NVD-CWE-noinfo" }, { "lang" : "en", "value" : "CWE-835" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/372134", "name" : "GitLab Issue #372134", "refsource" : "", "tags" : [ "Broken Link" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.0 prior to 17.5.5, from 17.6 prior to 17.6.3, and from 17.7 prior to 17.7.1. Under certain conditions, processing of CI artifacts metadata could cause background jobs to become unresponsive." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "versionStartIncluding" : "17.6.0", "versionEndExcluding" : "17.6.3", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding" : "17.6.0", "versionEndExcluding" : "17.6.3", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "versionStartIncluding" : "15.0.0", "versionEndExcluding" : "17.5.5", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding" : "15.0.0", "versionEndExcluding" : "17.5.5", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:17.7.0:*:*:*:community:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:17.7.0:*:*:*:enterprise:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-01-28T09:15Z", "lastModifiedDate" : "2025-08-05T20:45Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0291", "ASSIGNER" : "chrome-cve-admin@google.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-843" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop.html", "name" : "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop.html", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://issues.chromium.org/issues/383356864", "name" : "https://issues.chromium.org/issues/383356864", "refsource" : "", "tags" : [ "Permissions Required" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Type Confusion in V8 in Google Chrome prior to 131.0.6778.264 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)" } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "versionEndExcluding" : "131.0.6778.264", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "REQUIRED", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 8.8, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 2.8, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-08T19:15Z", "lastModifiedDate" : "2025-02-11T15:16Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0292", "ASSIGNER" : "responsible.disclosure@ivanti.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-918" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://forums.ivanti.com/s/article/July-Security-Advisory-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Multiple-CVEs", "name" : "https://forums.ivanti.com/s/article/July-Security-Advisory-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Multiple-CVEs", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "SSRF in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated attacker with admin rights to access internal network services." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*", "versionEndExcluding" : "22.7", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r2.3:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r2.4:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*", "versionEndExcluding" : "22.7", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:policy_secure:22.7:r1.2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r2.5:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r2.6:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r2.7:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:policy_secure:22.7:r1.3:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:policy_secure:22.7:r1.4:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "HIGH", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 4.9, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 1.2, "impactScore" : 3.6 } }, "publishedDate" : "2025-07-08T16:15Z", "lastModifiedDate" : "2025-07-15T12:55Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0293", "ASSIGNER" : "responsible.disclosure@ivanti.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-93" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://forums.ivanti.com/s/article/July-Security-Advisory-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Multiple-CVEs", "name" : "https://forums.ivanti.com/s/article/July-Security-Advisory-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Multiple-CVEs", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "CLRF injection in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated attacker with admin rights to write to a protected configuration file on disk." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*", "versionEndExcluding" : "22.7", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r2.3:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r2.4:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*", "versionEndExcluding" : "22.7", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:policy_secure:22.7:r1.2:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r2.5:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r2.6:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:connect_secure:22.7:r2.7:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:policy_secure:22.7:r1.3:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ivanti:policy_secure:22.7:r1.4:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "HIGH", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 2.7, "baseSeverity" : "LOW" }, "exploitabilityScore" : 1.2, "impactScore" : 1.4 } }, "publishedDate" : "2025-07-08T16:15Z", "lastModifiedDate" : "2025-07-10T13:10Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0294", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/xiaosguang/cve/blob/main/Home%20Clean%20Services%20Management/Home%20Clean%20Services%20Management%20System%20process.php%20id%20SQL%20injection.md", "name" : "https://github.com/xiaosguang/cve/blob/main/Home%20Clean%20Services%20Management/Home%20Clean%20Services%20Management%20System%20process.php%20id%20SQL%20injection.md", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://github.com/xiaosguang/cve/blob/main/Home%20Clean%20Services%20Management/Home%20Clean%20Services%20Management%20System%20process.php%20id%20SQL%20injection.md", "name" : "https://github.com/xiaosguang/cve/blob/main/Home%20Clean%20Services%20Management/Home%20Clean%20Services%20Management%20System%20process.php%20id%20SQL%20injection.md", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290443", "name" : "VDB-290443 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.290443", "name" : "VDB-290443 | SourceCodester Home Clean Services Management System process.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.475076", "name" : "Submit #475076 | Home Clean Services Management System 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://www.sourcecodester.com/", "name" : "https://www.sourcecodester.com/", "refsource" : "", "tags" : [ "Product" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability has been found in SourceCodester Home Clean Services Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /public_html/admin/process.php. The manipulation of the argument type/length/business leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:acetech:home_clean_services_management_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 8.8, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 2.8, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-07T14:15Z", "lastModifiedDate" : "2025-04-29T20:22Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0295", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" }, { "lang" : "en", "value" : "CWE-94" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://gist.github.com/th4s1s/19d21e7fdbaf3512fccfd75df3080657", "name" : "https://gist.github.com/th4s1s/19d21e7fdbaf3512fccfd75df3080657", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290444", "name" : "VDB-290444 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.290444", "name" : "VDB-290444 | code-projects Online Book Shop booklist.php cross site scripting", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.475134", "name" : "Submit #475134 | code-projects Online Book Shop 1.0 Cross Site Scripting", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in code-projects Online Book Shop 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /booklist.php?subcatid=1. The manipulation of the argument subcatnm leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:code-projects:online_book_shop:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-01-07T15:15Z", "lastModifiedDate" : "2025-04-03T13:59Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0296", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://gist.github.com/th4s1s/4ebf1c60bbec213119f2eaac9cd29118", "name" : "https://gist.github.com/th4s1s/4ebf1c60bbec213119f2eaac9cd29118", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290445", "name" : "VDB-290445 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.290445", "name" : "VDB-290445 | code-projects Online Book Shop booklist.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.475135", "name" : "Submit #475135 | code-projects Online Book Shop 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in code-projects Online Book Shop 1.0. It has been classified as critical. This affects an unknown part of the file /booklist.php. The manipulation of the argument subcatid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:code-projects:online_book_shop:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-07T15:15Z", "lastModifiedDate" : "2025-04-03T13:52Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0297", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" }, { "lang" : "en", "value" : "CWE-74" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://gist.github.com/th4s1s/782f2e19784f48bb80e4d658a49bd680", "name" : "https://gist.github.com/th4s1s/782f2e19784f48bb80e4d658a49bd680", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290446", "name" : "VDB-290446 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.290446", "name" : "VDB-290446 | code-projects Online Book Shop detail.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.475138", "name" : "Submit #475138 | code-projects Online Book Shop 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in code-projects Online Book Shop 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /detail.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:code-projects:online_book_shop:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-01-07T16:15Z", "lastModifiedDate" : "2025-04-17T02:36Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0298", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://gist.github.com/th4s1s/5435e605e6e9f14a5b76c313483eb58a", "name" : "https://gist.github.com/th4s1s/5435e605e6e9f14a5b76c313483eb58a", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://gist.github.com/th4s1s/5435e605e6e9f14a5b76c313483eb58a", "name" : "https://gist.github.com/th4s1s/5435e605e6e9f14a5b76c313483eb58a", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290447", "name" : "VDB-290447 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.290447", "name" : "VDB-290447 | code-projects Online Book Shop process_login.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.475159", "name" : "Submit #475159 | code-projects Online Book Shop 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in code-projects Online Book Shop 1.0. It has been rated as critical. This issue affects some unknown processing of the file /process_login.php. The manipulation of the argument usernm leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:code-projects:online_book_shop:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-07T16:15Z", "lastModifiedDate" : "2025-04-07T18:52Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0299", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://gist.github.com/th4s1s/b30a06e83b98ddcbc69b9038c145d8cd", "name" : "https://gist.github.com/th4s1s/b30a06e83b98ddcbc69b9038c145d8cd", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://gist.github.com/th4s1s/b30a06e83b98ddcbc69b9038c145d8cd", "name" : "https://gist.github.com/th4s1s/b30a06e83b98ddcbc69b9038c145d8cd", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290448", "name" : "VDB-290448 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.290448", "name" : "VDB-290448 | code-projects Online Book Shop search_result.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.475285", "name" : "Submit #475285 | code-projects Online Book Shop 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as critical has been found in code-projects Online Book Shop 1.0. Affected is an unknown function of the file /search_result.php. The manipulation of the argument s leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:code-projects:online_book_shop:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-07T17:15Z", "lastModifiedDate" : "2025-04-07T18:42Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0300", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" }, { "lang" : "en", "value" : "CWE-89" }, { "lang" : "en", "value" : "CWE-74" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://gist.github.com/th4s1s/21abb650b4b70fe8392d8449445703f7", "name" : "https://gist.github.com/th4s1s/21abb650b4b70fe8392d8449445703f7", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290449", "name" : "VDB-290449 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.290449", "name" : "VDB-290449 | code-projects Online Book Shop subcat.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.475286", "name" : "Submit #475286 | code-projects Online Book Shop 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as critical was found in code-projects Online Book Shop 1.0. Affected by this vulnerability is an unknown functionality of the file /subcat.php. The manipulation of the argument cat leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:fabianros:online_book_shop:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 8.8, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 2.8, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-07T17:15Z", "lastModifiedDate" : "2025-05-28T17:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0301", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://gist.github.com/th4s1s/03262c6ce877137b61d745a2e4fe8a63", "name" : "https://gist.github.com/th4s1s/03262c6ce877137b61d745a2e4fe8a63", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290450", "name" : "VDB-290450 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.290450", "name" : "VDB-290450 | code-projects Online Book Shop subcat.php cross site scripting", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.475287", "name" : "Submit #475287 | code-projects Online Book Shop 1.0 Cross Site Scripting", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as problematic, has been found in code-projects Online Book Shop 1.0. Affected by this issue is some unknown functionality of the file /subcat.php. The manipulation of the argument catnm leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:fabianros:online_book_shop:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 6.1, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 2.7 } }, "publishedDate" : "2025-01-07T18:15Z", "lastModifiedDate" : "2025-02-26T19:42Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0302", "ASSIGNER" : "scy@openharmony.io" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-190" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2025/2025-02.md", "name" : "https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2025/2025-02.md", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "in OpenHarmony v4.1.2 and prior versions allow a local attacker cause DOS through integer overflow." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:openatom:openharmony:*:*:*:*:-:*:*:*", "versionStartIncluding" : "4.1.0", "versionEndIncluding" : "4.1.2", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector" : "LOCAL", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "NONE", "availabilityImpact" : "HIGH", "baseScore" : 5.5, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 1.8, "impactScore" : 3.6 } }, "publishedDate" : "2025-02-07T10:15Z", "lastModifiedDate" : "2025-02-11T17:25Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0303", "ASSIGNER" : "scy@openharmony.io" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-120" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2025/2025-02.md", "name" : "https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2025/2025-02.md", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "in OpenHarmony v4.1.2 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through buffer overflow." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:openatom:openharmony:*:*:*:*:-:*:*:*", "versionStartIncluding" : "4.1.0", "versionEndIncluding" : "4.1.2", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "LOCAL", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 7.8, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 1.8, "impactScore" : 5.9 } }, "publishedDate" : "2025-02-07T10:15Z", "lastModifiedDate" : "2025-02-11T17:25Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0304", "ASSIGNER" : "scy@openharmony.io" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-416" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2025/2025-02.md", "name" : "https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2025/2025-02.md", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "in OpenHarmony v4.1.2 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:openatom:openharmony:*:*:*:*:-:*:*:*", "versionStartIncluding" : "4.1.0", "versionEndIncluding" : "4.1.2", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "LOCAL", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 7.8, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 1.8, "impactScore" : 5.9 } }, "publishedDate" : "2025-02-07T10:15Z", "lastModifiedDate" : "2025-02-11T17:24Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0305", "ASSIGNER" : "cve@gitlab.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-07-05T23:15Z", "lastModifiedDate" : "2025-07-05T23:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0306", "ASSIGNER" : "secalert@redhat.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://access.redhat.com/security/cve/CVE-2025-0306", "name" : "https://access.redhat.com/security/cve/CVE-2025-0306", "refsource" : "", "tags" : [ ] }, { "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2336100", "name" : "RHBZ#2336100", "refsource" : "", "tags" : [ ] }, { "url" : "https://security.netapp.com/advisory/ntap-20250221-0009/", "name" : "https://security.netapp.com/advisory/ntap-20250221-0009/", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in Ruby. The Ruby interpreter is vulnerable to the Marvin Attack. This attack allows the attacker to decrypt previously encrypted messages or forge signatures by exchanging a large number of messages with the vulnerable service." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-09T04:15Z", "lastModifiedDate" : "2025-02-21T18:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0307", "ASSIGNER" : "cve@gitlab.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-07T18:15Z", "lastModifiedDate" : "2025-02-07T18:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0308", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.9.1/includes/core/class-member-directory.php#L1877", "name" : "https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.9.1/includes/core/class-member-directory.php#L1877", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/e3e5bb98-2652-499a-b8cd-4ebfe1c1d890?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/e3e5bb98-2652-499a-b8cd-4ebfe1c1d890?source=cve", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the search parameter in all versions up to, and including, 2.9.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ultimatemember:ultimate_member:*:*:*:*:*:wordpress:*:*", "versionEndExcluding" : "2.9.2", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 7.5, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 3.9, "impactScore" : 3.6 } }, "publishedDate" : "2025-01-18T06:15Z", "lastModifiedDate" : "2025-02-25T22:14Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0309", "ASSIGNER" : "psirt@netskope.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://blog.amberwolf.com/blog/2025/august/breaking-into-your-network-zer0-effort/", "name" : "https://blog.amberwolf.com/blog/2025/august/breaking-into-your-network-zer0-effort/", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.netskope.com/company/security-compliance-and-assurance/security-advisories-and-disclosures/netskope-security-advisory-nskpsa-2025-002", "name" : "https://www.netskope.com/company/security-compliance-and-assurance/security-advisories-and-disclosures/netskope-security-advisory-nskpsa-2025-002", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An insufficient validation on the server connection endpoint in Netskope Client allows local users to elevate privileges on the system. The insufficient validation allows Netskope Client to connect to any other server with Public Signed CA TLS certificates and send specially crafted responses to elevate privileges." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-08-14T05:15Z", "lastModifiedDate" : "2025-08-15T13:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0311", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/Codeinwp/themeisle-companion/commit/47a17c86934cebbfc3f1a812f1afcaa20515c1f7", "name" : "https://github.com/Codeinwp/themeisle-companion/commit/47a17c86934cebbfc3f1a812f1afcaa20515c1f7", "refsource" : "", "tags" : [ "Patch" ] }, { "url" : "https://github.com/Codeinwp/themeisle-companion/commit/c311050b372cf38e82d8ec9deadf4f21a8931487", "name" : "https://github.com/Codeinwp/themeisle-companion/commit/c311050b372cf38e82d8ec9deadf4f21a8931487", "refsource" : "", "tags" : [ "Patch" ] }, { "url" : "https://plugins.trac.wordpress.org/browser/themeisle-companion/trunk/obfx_modules/elementor-extra-widgets/widgets/elementor/pricing-table.php#L1024", "name" : "https://plugins.trac.wordpress.org/browser/themeisle-companion/trunk/obfx_modules/elementor-extra-widgets/widgets/elementor/pricing-table.php#L1024", "refsource" : "", "tags" : [ "Patch" ] }, { "url" : "https://plugins.trac.wordpress.org/changeset/3219568/", "name" : "https://plugins.trac.wordpress.org/changeset/3219568/", "refsource" : "", "tags" : [ "Patch" ] }, { "url" : "https://wordpress.org/plugins/themeisle-companion/#developers", "name" : "https://wordpress.org/plugins/themeisle-companion/#developers", "refsource" : "", "tags" : [ "Release Notes" ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/9d17a3a0-3c09-4d67-96d6-d97bde92f100?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/9d17a3a0-3c09-4d67-96d6-d97bde92f100?source=cve", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Pricing Table widget in all versions up to, and including, 2.10.43 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:themeisle:orbit_fox:*:*:*:*:*:wordpress:*:*", "versionEndExcluding" : "2.10.44", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 5.4, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.3, "impactScore" : 2.7 } }, "publishedDate" : "2025-01-10T07:15Z", "lastModifiedDate" : "2025-01-16T21:29Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0312", "ASSIGNER" : "security@huntr.dev" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-476" }, { "lang" : "en", "value" : "CWE-476" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://huntr.com/bounties/522c87b6-a7ac-41b2-84f3-62fd58921f21", "name" : "https://huntr.com/bounties/522c87b6-a7ac-41b2-84f3-62fd58921f21", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability in ollama/ollama versions <=0.3.14 allows a malicious user to create a customized GGUF model file that, when uploaded and created on the Ollama server, can cause a crash due to an unchecked null pointer dereference. This can lead to a Denial of Service (DoS) attack via remote network." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ollama:ollama:*:*:*:*:*:*:*:*", "versionEndIncluding" : "0.3.14", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "NONE", "availabilityImpact" : "HIGH", "baseScore" : 7.5, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 3.9, "impactScore" : 3.6 } }, "publishedDate" : "2025-03-20T10:15Z", "lastModifiedDate" : "2025-03-28T14:11Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0313", "ASSIGNER" : "security@huntr.dev" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Rejected reason: ** REJECT ** DO NOT USE THIS CVE ID NUMBER. The Rejected CVE Record is a duplicate of CVE-2024-12055. Notes: All CVE users should reference CVE-2024-12055 instead of this CVE Record. All references and descriptions in this candidate have been removed to prevent accidental usage." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-03-20T10:15Z", "lastModifiedDate" : "2025-04-15T16:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0314", "ASSIGNER" : "cve@gitlab.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/512118", "name" : "GitLab Issue #512118", "refsource" : "", "tags" : [ "Broken Link" ] }, { "url" : "https://hackerone.com/reports/2922313", "name" : "HackerOne Bug Bounty Report #2922313", "refsource" : "", "tags" : [ "Permissions Required" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.6.4, 17.7 before 17.7.3, and 17.8 before 17.8.1. Improper rendering of certain file types lead to cross-site scripting." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "versionStartIncluding" : "17.7.0", "versionEndExcluding" : "17.7.3", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding" : "17.7.0", "versionEndExcluding" : "17.7.3", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:17.8.0:*:*:*:community:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:17.8.0:*:*:*:enterprise:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "versionStartIncluding" : "17.2.0", "versionEndExcluding" : "17.6.4", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding" : "17.2.0", "versionEndExcluding" : "17.6.4", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 6.1, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 2.7 } }, "publishedDate" : "2025-01-24T03:15Z", "lastModifiedDate" : "2025-08-05T20:41Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0315", "ASSIGNER" : "security@huntr.dev" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-770" }, { "lang" : "en", "value" : "CWE-770" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://huntr.com/bounties/da414d29-b55a-496f-b135-17e0fcec67bc", "name" : "https://huntr.com/bounties/da414d29-b55a-496f-b135-17e0fcec67bc", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability in ollama/ollama <=0.3.14 allows a malicious user to create a customized GGUF model file, upload it to the Ollama server, and create it. This can cause the server to allocate unlimited memory, leading to a Denial of Service (DoS) attack." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ollama:ollama:*:*:*:*:*:*:*:*", "versionEndIncluding" : "0.3.14", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "NONE", "availabilityImpact" : "HIGH", "baseScore" : 7.5, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 3.9, "impactScore" : 3.6 } }, "publishedDate" : "2025-03-20T10:15Z", "lastModifiedDate" : "2025-04-02T16:02Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0316", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-288" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://themeforest.net/item/directory-multipurpose-wordpress-theme/10480929", "name" : "https://themeforest.net/item/directory-multipurpose-wordpress-theme/10480929", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/3ee1f412-7555-4dec-ba59-49412471a42f?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/3ee1f412-7555-4dec-ba59-49412471a42f?source=cve", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The WP Directorybox Manager plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.5. This is due to incorrect authentication in the 'wp_dp_enquiry_agent_contact_form_submit_callback' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the username." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-02-08T22:15Z", "lastModifiedDate" : "2025-02-08T22:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0317", "ASSIGNER" : "security@huntr.dev" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-369" }, { "lang" : "en", "value" : "CWE-369" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://huntr.com/bounties/a9951bca-9bd8-49b2-b143-4cd4219f9fa0", "name" : "https://huntr.com/bounties/a9951bca-9bd8-49b2-b143-4cd4219f9fa0", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability in ollama/ollama versions <=0.3.14 allows a malicious user to upload and create a customized GGUF model file on the Ollama server. This can lead to a division by zero error in the ggufPadding function, causing the server to crash and resulting in a Denial of Service (DoS) attack." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ollama:ollama:*:*:*:*:*:*:*:*", "versionEndIncluding" : "0.3.14", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "NONE", "availabilityImpact" : "HIGH", "baseScore" : 7.5, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 3.9, "impactScore" : 3.6 } }, "publishedDate" : "2025-03-20T10:15Z", "lastModifiedDate" : "2025-04-02T16:07Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0318", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "NVD-CWE-noinfo" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.9.1/includes/core/um-actions-form.php#L944", "name" : "https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.9.1/includes/core/um-actions-form.php#L944", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/4ee149bf-ffa3-4906-8be2-9c3c40b28287?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/4ee149bf-ffa3-4906-8be2-9c3c40b28287?source=cve", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.9.1 through different error messages in the responses. This makes it possible for unauthenticated attackers to exfiltrate data from wp_usermeta table." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ultimatemember:ultimate_member:*:*:*:*:*:wordpress:*:*", "versionEndExcluding" : "2.9.2", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 5.3, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 3.9, "impactScore" : 1.4 } }, "publishedDate" : "2025-01-18T06:15Z", "lastModifiedDate" : "2025-02-25T22:09Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0320", "ASSIGNER" : "secure@citrix.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "NVD-CWE-noinfo" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694724", "name" : "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694724", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Secure Access Client for Windows" } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:citrix:secure_access_client:*:*:*:*:*:*:*:*", "versionEndExcluding" : "25.5.1.15", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "LOCAL", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 7.8, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 1.8, "impactScore" : 5.9 } }, "publishedDate" : "2025-06-17T14:15Z", "lastModifiedDate" : "2025-08-06T17:35Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0321", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://wpmet.com/plugin/elementskit/", "name" : "https://wpmet.com/plugin/elementskit/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://wpmet.com/plugin/elementskit/roadmaps/", "name" : "https://wpmet.com/plugin/elementskit/roadmaps/", "refsource" : "", "tags" : [ "Issue Tracking" ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/204cfe20-9df1-4f6c-a38c-a21b43dde385?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/204cfe20-9df1-4f6c-a38c-a21b43dde385?source=cve", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The ElementsKit Pro plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and including, 3.7.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:wpmet:elementskit:*:*:*:*:pro:wordpress:*:*", "versionEndExcluding" : "3.7.9", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 5.4, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.3, "impactScore" : 2.7 } }, "publishedDate" : "2025-01-28T08:15Z", "lastModifiedDate" : "2025-01-30T17:39Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0324", "ASSIGNER" : "product-security@axis.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.axis.com/dam/public/04/f3/1c/cve-2025-0324pdf-en-US-483807.pdf", "name" : "https://www.axis.com/dam/public/04/f3/1c/cve-2025-0324pdf-en-US-483807.pdf", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The VAPIX Device Configuration framework allowed a privilege escalation, enabling a lower-privileged user to gain administrator privileges." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-06-02T08:15Z", "lastModifiedDate" : "2025-06-02T17:32Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0325", "ASSIGNER" : "product-security@axis.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.axis.com/dam/public/d0/ae/fe/cve-2025-0325pdf-en-US-483808.pdf", "name" : "https://www.axis.com/dam/public/d0/ae/fe/cve-2025-0325pdf-en-US-483808.pdf", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A Guard Tour VAPIX API parameter allowed the use of arbitrary values and can be incorrectly called, allowing an attacker to block access to the guard tour configuration page in the web interface of the Axis device." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-06-02T08:15Z", "lastModifiedDate" : "2025-06-02T17:32Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0327", "ASSIGNER" : "cpcert@se.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-269" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-042-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-042-03.pdf", "name" : "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-042-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-042-03.pdf", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "CWE-269: Improper Privilege Management vulnerability exists for two services (of which one managing audit\ntrail data and the other acting as server managing client request) that could cause a loss of Confidentiality,\nIntegrity and Availability of engineering workstation when an attacker with standard privilege modifies the\nexecutable path of the windows services. To be exploited, services need to be restarted." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-13T07:15Z", "lastModifiedDate" : "2025-02-13T07:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0328", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://note.zhaoj.in/share/ASPsoVCrLqKK", "name" : "https://note.zhaoj.in/share/ASPsoVCrLqKK", "refsource" : "", "tags" : [ ] }, { "url" : "https://note.zhaoj.in/share/ASPsoVCrLqKK", "name" : "https://note.zhaoj.in/share/ASPsoVCrLqKK", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.290792", "name" : "VDB-290792 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.290792", "name" : "VDB-290792 | KaiYuanTong ECT Platform HTTP POST Request runCode.php command injection", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.470601", "name" : "Submit #470601 | KaiYuanTong ECT platform <=2.0.0 Pre-Auth Command Execution", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as critical, has been found in KaiYuanTong ECT Platform up to 2.0.0. Affected by this issue is some unknown functionality of the file /public/server/runCode.php of the component HTTP POST Request Handler. The manipulation of the argument code leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-09T05:15Z", "lastModifiedDate" : "2025-01-09T17:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0329", "ASSIGNER" : "contact@wpscan.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://wpscan.com/vulnerability/db101819-4404-46c9-a02e-b1b1b7ace11e/", "name" : "https://wpscan.com/vulnerability/db101819-4404-46c9-a02e-b1b1b7ace11e/", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://wpscan.com/vulnerability/db101819-4404-46c9-a02e-b1b1b7ace11e/", "name" : "https://wpscan.com/vulnerability/db101819-4404-46c9-a02e-b1b1b7ace11e/", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The AI ChatBot for WordPress WordPress plugin before 6.2.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:quantumcloud:wpbot:*:*:*:*:free:wordpress:*:*", "versionEndExcluding" : "6.2.4", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-05-15T20:16Z", "lastModifiedDate" : "2025-06-12T16:35Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0330", "ASSIGNER" : "security@huntr.dev" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-1230" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://huntr.com/bounties/661b388a-44d8-4ad5-862b-4dc5b80be30a", "name" : "https://huntr.com/bounties/661b388a-44d8-4ad5-862b-4dc5b80be30a", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "In berriai/litellm version v1.52.1, an issue in proxy_server.py causes the leakage of Langfuse API keys when an error occurs while parsing team settings. This vulnerability exposes sensitive information, including langfuse_secret and langfuse_public_key, which can provide full access to the Langfuse project storing all requests." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:litellm:litellm:1.52.1:-:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-03-20T10:15Z", "lastModifiedDate" : "2025-08-01T13:58Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0331", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://note.zhaoj.in/share/DsijzdQDJSAp", "name" : "https://note.zhaoj.in/share/DsijzdQDJSAp", "refsource" : "", "tags" : [ ] }, { "url" : "https://note.zhaoj.in/share/DsijzdQDJSAp", "name" : "https://note.zhaoj.in/share/DsijzdQDJSAp", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.290819", "name" : "VDB-290819 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.290819", "name" : "VDB-290819 | YunzMall HTTP POST Request ResetpwdController.php changePwd password recovery", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.471663", "name" : "Submit #471663 | Yunzmall <=2.4.2 Arbitrary User Password Reset Vulnerability", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as critical, has been found in YunzMall up to 2.4.2. This issue affects the function changePwd of the file /app/platform/controllers/ResetpwdController.php of the component HTTP POST Request Handler. The manipulation of the argument pwd leads to weak password recovery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-09T05:15Z", "lastModifiedDate" : "2025-01-09T17:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0332", "ASSIGNER" : "security@progress.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-22" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://docs.telerik.com/devtools/winforms/knowledge-base/kb-security-path-traversal-cve-2025-0332", "name" : "https://docs.telerik.com/devtools/winforms/knowledge-base/kb-security-path-traversal-cve-2025-0332", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "In Progress® Telerik® UI for WinForms, versions prior to 2025 Q1 (2025.1.211), using the improper limitation of a target path can lead to decompressing an archive's content into a restricted directory." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:progress:telerik_ui_for_winforms:*:*:*:*:*:*:*:*", "versionEndExcluding" : "2025.1.211", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-02-12T16:15Z", "lastModifiedDate" : "2025-07-03T18:30Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0333", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/d3do-23/cvelist/blob/main/cy-fast/sqli1.md", "name" : "https://github.com/d3do-23/cvelist/blob/main/cy-fast/sqli1.md", "refsource" : "", "tags" : [ ] }, { "url" : "https://github.com/d3do-23/cvelist/blob/main/cy-fast/sqli1.md", "name" : "https://github.com/d3do-23/cvelist/blob/main/cy-fast/sqli1.md", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.290820", "name" : "VDB-290820 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.290820", "name" : "VDB-290820 | leiyuxi cy-fast listData sql injection", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.475297", "name" : "Submit #475297 | cy-fast 1.0 SQL Injection", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as critical, was found in leiyuxi cy-fast 1.0. Affected is the function listData of the file /sys/role/listData. The manipulation of the argument order leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-09T05:15Z", "lastModifiedDate" : "2025-01-09T17:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0334", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" }, { "lang" : "en", "value" : "CWE-74" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/d3do-23/cvelist/blob/main/cy-fast/sqli2.md", "name" : "https://github.com/d3do-23/cvelist/blob/main/cy-fast/sqli2.md", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.290821", "name" : "VDB-290821 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.290821", "name" : "VDB-290821 | leiyuxi cy-fast listData sql injection", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.475302", "name" : "Submit #475302 | cy-fast 1.0 SQL Injection", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability has been found in leiyuxi cy-fast 1.0 and classified as critical. Affected by this vulnerability is the function listData of the file /sys/user/listData. The manipulation of the argument order leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-09T06:15Z", "lastModifiedDate" : "2025-01-09T06:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0335", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-434" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://github.com/Huandtx/cve/blob/main/cve/Online%20Bike%20Rental%20System/File_upload1.md", "name" : "https://github.com/Huandtx/cve/blob/main/cve/Online%20Bike%20Rental%20System/File_upload1.md", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290822", "name" : "VDB-290822 | CTI Indicators (IOB, IOC, TTP)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.290822", "name" : "VDB-290822 | code-projects Online Bike Rental System Change Image unrestricted upload", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.475365", "name" : "Submit #475365 | code-projects Online Bike Rental System v1.0 Incomplete Identification of Uploaded File Variables", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in code-projects Online Bike Rental System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the component Change Image Handler. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other endpoints might be affected as well." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:fabianros:online_bike_rental_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-09T06:15Z", "lastModifiedDate" : "2025-02-26T22:08Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0336", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/fuulof/CVE/issues/1", "name" : "https://github.com/fuulof/CVE/issues/1", "refsource" : "", "tags" : [ "Exploit", "Mitigation", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290823", "name" : "VDB-290823 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.290823", "name" : "VDB-290823 | Codezips Project Management System teacher.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.475493", "name" : "Submit #475493 | Project Management System In PHP And MYSQL With Source Code V1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in Codezips Project Management System 1.0. It has been classified as critical. This affects an unknown part of the file /pages/forms/teacher.php. The manipulation of the argument name leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:codezips:project_management_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-09T07:15Z", "lastModifiedDate" : "2025-02-21T22:33Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0337", "ASSIGNER" : "psirt@servicenow.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1948695", "name" : "https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1948695", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "ServiceNow has addressed an authorization bypass vulnerability that was identified in the Washington release of the Now Platform. This vulnerability, if exploited, potentially could enable an authenticated user to access unauthorized data stored within the Now Platform that the user otherwise would not be entitled to access. \n\nThis issue is addressed in the listed patches and family release, which have been made available to hosted and self-hosted customers, as well as partners." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-03-06T17:15Z", "lastModifiedDate" : "2025-03-06T17:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0339", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://vuldb.com/?ctiid.290826", "name" : "VDB-290826 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.290826", "name" : "VDB-290826 | code-projects Online Bike Rental HTTP GET Request vehical-details.php cross site scripting", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.475731", "name" : "Submit #475731 | code-projects Online Bike Rental 1.0 Cross Site Scripting", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as problematic has been found in code-projects Online Bike Rental 1.0. Affected is an unknown function of the file /vehical-details.php of the component HTTP GET Request Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:fabianros:online_bike_rental_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 6.1, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 2.7 } }, "publishedDate" : "2025-01-09T07:15Z", "lastModifiedDate" : "2025-03-03T16:33Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0340", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://vuldb.com/?ctiid.290827", "name" : "VDB-290827 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.290827", "name" : "VDB-290827 | code-projects Cinema Seat Reservation System deleteBooking.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.476707", "name" : "Submit #476707 | code projects Cinema Seat Reservation System 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as critical was found in code-projects Cinema Seat Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/deleteBooking.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:code-projects:cinema_seat_reservation_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-09T07:15Z", "lastModifiedDate" : "2025-02-27T02:05Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0341", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-284" }, { "lang" : "en", "value" : "CWE-434" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/shaturo1337/POCs/blob/main/Remote%20Code%20Execution%20via%20Arbitrary%20File%20Upload%20in%20Computer%20Laboratory%20Management%20System.md", "name" : "https://github.com/shaturo1337/POCs/blob/main/Remote%20Code%20Execution%20via%20Arbitrary%20File%20Upload%20in%20Computer%20Laboratory%20Management%20System.md", "refsource" : "", "tags" : [ "Exploit" ] }, { "url" : "https://vuldb.com/?ctiid.290828", "name" : "VDB-290828 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.290828", "name" : "VDB-290828 | CampCodes Computer Laboratory Management System edit unrestricted upload", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.476884", "name" : "Submit #476884 | CampCodes Computer Laboratory Management System 1.0 RCE via Arbitrary File Upload", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://www.campcodes.com/", "name" : "https://www.campcodes.com/", "refsource" : "", "tags" : [ "Product" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as critical, has been found in CampCodes Computer Laboratory Management System 1.0. Affected by this issue is some unknown functionality of the file /class/edit/edit. The manipulation of the argument e_photo leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:campcodes:computer_laboratory_management_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-09T08:15Z", "lastModifiedDate" : "2025-03-04T19:30Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0342", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" }, { "lang" : "en", "value" : "CWE-94" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/shaturo1337/POCs/blob/main/Stored%20XSS%20Vulnerability%20in%20Computer%20Laboratory%20Management%20System.md", "name" : "https://github.com/shaturo1337/POCs/blob/main/Stored%20XSS%20Vulnerability%20in%20Computer%20Laboratory%20Management%20System.md", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290829", "name" : "VDB-290829 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.290829", "name" : "VDB-290829 | CampCodes Computer Laboratory Management System edit cross site scripting", "refsource" : "", "tags" : [ "VDB Entry", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?submit.476897", "name" : "Submit #476897 | CampCodes Computer Laboratory Management System 1.0 Stored Cross-Site Scripting (XSS)", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://www.campcodes.com/", "name" : "https://www.campcodes.com/", "refsource" : "", "tags" : [ "Product" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as problematic, was found in CampCodes Computer Laboratory Management System 1.0. This affects an unknown part of the file /class/edit/edit. The manipulation of the argument s_lname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:campcodes:computer_laboratory_management_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 5.4, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.3, "impactScore" : 2.7 } }, "publishedDate" : "2025-01-09T08:15Z", "lastModifiedDate" : "2025-03-03T17:42Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0343", "ASSIGNER" : "cve@forums.swift.org" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/apple/swift-asn1/security/advisories/GHSA-w8xv-rwgf-4fwh", "name" : "https://github.com/apple/swift-asn1/security/advisories/GHSA-w8xv-rwgf-4fwh", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Swift ASN.1 can be caused to crash when parsing certain BER/DER constructions. This crash is caused by a confusion in the ASN.1 library itself which assumes that certain objects can only be provided in either constructed or primitive forms, and will trigger a preconditionFailure if that constraint isn't met.\n\nImportantly, these constraints are actually required to be true in DER, but that correctness wasn't enforced on the early node parser side so it was incorrect to rely on it later on in decoding, which is what the library did.\n\nThese crashes can be triggered when parsing any DER/BER format object. There is no memory-safety issue here: the crash is a graceful one from the Swift runtime. The impact of this is that it can be used as a denial-of-service vector when parsing BER/DER data from unknown sources, e.g. when parsing TLS certificates." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-15T01:15Z", "lastModifiedDate" : "2025-03-24T16:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0344", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" }, { "lang" : "en", "value" : "CWE-74" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/d3do-23/cvelist/blob/main/cy-fast/sqli3.md", "name" : "https://github.com/d3do-23/cvelist/blob/main/cy-fast/sqli3.md", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.290857", "name" : "VDB-290857 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.290857", "name" : "VDB-290857 | leiyuxi cy-fast listData sql injection", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.475747", "name" : "Submit #475747 | cy-fast 1.0 SQL Injection", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability has been found in leiyuxi cy-fast 1.0 and classified as critical. Affected by this vulnerability is the function listData of the file /commpara/listData. The manipulation of the argument order leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-09T08:15Z", "lastModifiedDate" : "2025-01-09T08:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0345", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" }, { "lang" : "en", "value" : "CWE-74" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/d3do-23/cvelist/blob/main/cy-fast/sqli4.md", "name" : "https://github.com/d3do-23/cvelist/blob/main/cy-fast/sqli4.md", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.290858", "name" : "VDB-290858 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.290858", "name" : "VDB-290858 | leiyuxi cy-fast listData sql injection", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.475748", "name" : "Submit #475748 | cy-fast 1.0 SQL Injection", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in leiyuxi cy-fast 1.0 and classified as critical. Affected by this issue is the function listData of the file /sys/menu/listData. The manipulation of the argument order leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-09T09:15Z", "lastModifiedDate" : "2025-01-09T09:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0346", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-434" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://gist.github.com/Lytes/266e5fa6eb4506fe2c7e35166664249a", "name" : "https://gist.github.com/Lytes/266e5fa6eb4506fe2c7e35166664249a", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290859", "name" : "VDB-290859 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.290859", "name" : "VDB-290859 | code-projects Content Management System Publish News Page publishnews.php unrestricted upload", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.476728", "name" : "Submit #476728 | code-projects CONTENT MANAGEMENT SYSTEM, News-Buzz 1.0 Unrestricted Upload", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in code-projects Content Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/publishnews.php of the component Publish News Page. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:code-projects:content_management_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "HIGH", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 7.2, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 1.2, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-09T09:15Z", "lastModifiedDate" : "2025-02-27T02:05Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0347", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://github.com/Curious-L/-/issues/3", "name" : "https://github.com/Curious-L/-/issues/3", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory", "Issue Tracking" ] }, { "url" : "https://vuldb.com/?ctiid.290860", "name" : "VDB-290860 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.290860", "name" : "VDB-290860 | code-projects Admission Management System Login index.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.476898", "name" : "Submit #476898 | code-projects.org Admission Management System V1.0 sql", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in code-projects Admission Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file index.php of the component Login. The manipulation of the argument u_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:anisha:admission_management_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-09T10:15Z", "lastModifiedDate" : "2025-02-27T02:35Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0348", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" }, { "lang" : "en", "value" : "CWE-94" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/shaturo1337/POCs/blob/main/Stored%20XSS%20Vulnerability%20in%20DepEd%20Equipment%20Inventory%20System.md", "name" : "https://github.com/shaturo1337/POCs/blob/main/Stored%20XSS%20Vulnerability%20in%20DepEd%20Equipment%20Inventory%20System.md", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290861", "name" : "VDB-290861 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.290861", "name" : "VDB-290861 | CampCodes DepEd Equipment Inventory System add_employee.php cross site scripting", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.476908", "name" : "Submit #476908 | CampCodes DepEd Equipment Inventory System 1.0 Stored Cross-Site Scripting (XSS)", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://www.campcodes.com/", "name" : "https://www.campcodes.com/", "refsource" : "", "tags" : [ "Product" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in CampCodes DepEd Equipment Inventory System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /data/add_employee.php. The manipulation of the argument data leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:campcodes:deped_equipment_inventory_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 5.4, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.3, "impactScore" : 2.7 } }, "publishedDate" : "2025-01-09T10:15Z", "lastModifiedDate" : "2025-05-28T17:09Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0349", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-119" }, { "lang" : "en", "value" : "CWE-121" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/wy876/cve/issues/5", "name" : "https://github.com/wy876/cve/issues/5", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.290862", "name" : "VDB-290862 | CTI Indicators (IOB, IOC, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.290862", "name" : "VDB-290862 | Tenda AC6 GetParentControlInfo stack-based overflow", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.477048", "name" : "Submit #477048 | tenda AC6 V15.03.05.16 Buffer Overflow", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://www.tenda.com.cn/", "name" : "https://www.tenda.com.cn/", "refsource" : "", "tags" : [ "Product" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as critical has been found in Tenda AC6 15.03.05.16. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument src/mac leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:tenda:ac6_firmware:15.03.05.16:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:h:tenda:ac6:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-09T11:15Z", "lastModifiedDate" : "2025-03-22T09:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0350", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://plugins.trac.wordpress.org/browser/wow-carousel-for-divi-lite/trunk/includes/divi4/modules/ImageCarouselChild/ImageCarouselChild.php#L327", "name" : "https://plugins.trac.wordpress.org/browser/wow-carousel-for-divi-lite/trunk/includes/divi4/modules/ImageCarouselChild/ImageCarouselChild.php#L327", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://plugins.trac.wordpress.org/browser/wow-carousel-for-divi-lite/trunk/includes/divi4/modules/LogoCarouselChild/LogoCarouselChild.php#L168", "name" : "https://plugins.trac.wordpress.org/browser/wow-carousel-for-divi-lite/trunk/includes/divi4/modules/LogoCarouselChild/LogoCarouselChild.php#L168", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://plugins.trac.wordpress.org/changeset/3226742/", "name" : "https://plugins.trac.wordpress.org/changeset/3226742/", "refsource" : "", "tags" : [ "Patch" ] }, { "url" : "https://wordpress.org/plugins/wow-carousel-for-divi-lite/#developers", "name" : "https://wordpress.org/plugins/wow-carousel-for-divi-lite/#developers", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/9e57a85b-3ea8-46df-ab60-ce835268b1f6?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/9e57a85b-3ea8-46df-ab60-ce835268b1f6?source=cve", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The Divi Carousel Maker – Image, Logo, Testimonial, Post Carousel & More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Carousel and Logo Carousel in all versions up to, and including, 2.0.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:elegantthemes:carousel_maker_for_divi:*:*:*:*:*:wordpress:*:*", "versionEndExcluding" : "2.1.0", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 5.4, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.3, "impactScore" : 2.7 } }, "publishedDate" : "2025-01-25T10:15Z", "lastModifiedDate" : "2025-02-04T20:36Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0352", "ASSIGNER" : "ics-cert@hq.dhs.gov" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-639" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.cisa.gov/news-events/ics-advisories/icsa-25-051-05", "name" : "https://www.cisa.gov/news-events/ics-advisories/icsa-25-051-05", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.rrms.com/contact-us/", "name" : "https://www.rrms.com/contact-us/", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Rapid Response Monitoring My Security Account App utilizes an API that could be exploited by an attacker to modify request data, potentially causing the API to return information about other users." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-20T20:15Z", "lastModifiedDate" : "2025-02-20T20:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0353", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/FlipBox/FlipBox.php#L1053", "name" : "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/FlipBox/FlipBox.php#L1053", "refsource" : "", "tags" : [ ] }, { "url" : "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/GradientHeading/GradientHeading.php#L344", "name" : "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/GradientHeading/GradientHeading.php#L344", "refsource" : "", "tags" : [ ] }, { "url" : "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/ImageCarouselChild/ImageCarouselChild.php#L507", "name" : "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/ImageCarouselChild/ImageCarouselChild.php#L507", "refsource" : "", "tags" : [ ] }, { "url" : "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/InfoBox/InfoBox.php#L852", "name" : "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/InfoBox/InfoBox.php#L852", "refsource" : "", "tags" : [ ] }, { "url" : "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/InfoCard/InfoCard.php#L688", "name" : "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/InfoCard/InfoCard.php#L688", "refsource" : "", "tags" : [ ] }, { "url" : "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/InlineNotice/InlineNotice.php#L486", "name" : "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/InlineNotice/InlineNotice.php#L486", "refsource" : "", "tags" : [ ] }, { "url" : "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/LogoCarouselChild/LogoCarouselChild.php#L177", "name" : "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/LogoCarouselChild/LogoCarouselChild.php#L177", "refsource" : "", "tags" : [ ] }, { "url" : "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/LogoGridChild/LogoGridChild.php#L193", "name" : "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/LogoGridChild/LogoGridChild.php#L193", "refsource" : "", "tags" : [ ] }, { "url" : "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/Review/Review.php#L703", "name" : "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/Review/Review.php#L703", "refsource" : "", "tags" : [ ] }, { "url" : "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/ScrollImage/ScrollImage.php#L388", "name" : "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/ScrollImage/ScrollImage.php#L388", "refsource" : "", "tags" : [ ] }, { "url" : "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/Testimonial/Testimonial.php#L1147", "name" : "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/Testimonial/Testimonial.php#L1147", "refsource" : "", "tags" : [ ] }, { "url" : "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/VideoModal/VideoModal.php#L593", "name" : "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/VideoModal/VideoModal.php#L593", "refsource" : "", "tags" : [ ] }, { "url" : "https://plugins.trac.wordpress.org/changeset/3230743/", "name" : "https://plugins.trac.wordpress.org/changeset/3230743/", "refsource" : "", "tags" : [ ] }, { "url" : "https://wordpress.org/plugins/addons-for-divi/#developers", "name" : "https://wordpress.org/plugins/addons-for-divi/#developers", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/d5810757-1866-4788-809f-2c68e16a5156?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/d5810757-1866-4788-809f-2c68e16a5156?source=cve", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The Divi Torque Lite – Best Divi Addon, Extensions, Modules & Social Modules plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several widgets in all versions up to, and including, 4.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 6.4, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 3.1, "impactScore" : 2.7 } }, "publishedDate" : "2025-01-29T12:15Z", "lastModifiedDate" : "2025-01-29T12:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0354", "ASSIGNER" : "psirt-info@cyber.jp.nec.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://jpn.nec.com/security-info/secinfo/nv25-003_en.html", "name" : "https://jpn.nec.com/security-info/secinfo/nv25-003_en.html", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Cross-site scripting vulnerability in NEC Corporation Aterm WG2600HS Ver.1.7.2 and earlier, WG2600HP4 Ver.1.4.2 and earlier, WG2600HM4 Ver.1.4.2 and earlier, WG2600HS2 Ver.1.3.2 and earlier, WX3000HP Ver.2.4.2 and earlier and WX4200D5 Ver.1.2.4 and earlier allows a attacker to inject an arbitrary script via the network." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-15T08:15Z", "lastModifiedDate" : "2025-02-17T10:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0355", "ASSIGNER" : "psirt-info@cyber.jp.nec.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://jpn.nec.com/security-info/secinfo/nv25-003_en.html", "name" : "https://jpn.nec.com/security-info/secinfo/nv25-003_en.html", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Missing Authentication for Critical Function vulnerability in NEC Corporation Aterm WG2600HS Ver.1.7.2 and earlier, WF1200CRS Ver.1.6.0 and earlier, WG1200CRS Ver.1.5.0 and earlier, GB1200PE Ver.1.3.0 and earlier, WG2600HP4 Ver.1.4.2 and earlier, WG2600HM4 Ver.1.4.2 and earlier, WG2600HS2 Ver.1.3.2 and earlier, WX3000HP Ver.2.4.2 and earlier and WX4200D5 Ver.1.2.4 and earlier allows a attacker to get a Wi-Fi password via the network." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-15T08:15Z", "lastModifiedDate" : "2025-01-21T04:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0356", "ASSIGNER" : "psirt-info@cyber.jp.nec.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://jpn.nec.com/security-info/secinfo/nv25-003_en.html", "name" : "https://jpn.nec.com/security-info/secinfo/nv25-003_en.html", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "NEC Corporation Aterm WX1500HP Ver.1.4.2 and earlier and WX3600HP Ver.1.5.3 and earlier allows a attacker to execute arbitrary OS commands via the network." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-15T08:15Z", "lastModifiedDate" : "2025-02-17T10:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0357", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-434" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://documentation.iqonic.design/wpbookit/versions/change-log", "name" : "https://documentation.iqonic.design/wpbookit/versions/change-log", "refsource" : "", "tags" : [ "Release Notes" ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/19bf7a68-e76d-4740-9f35-b6084094f59b?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/19bf7a68-e76d-4740-9f35-b6084094f59b?source=cve", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'WPB_Profile_controller::handle_image_upload' function in versions up to, and including, 1.6.9. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:iqonic:wpbookit:*:*:*:*:pro:wordpress:*:*", "versionEndExcluding" : "1.6.10", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-25T02:15Z", "lastModifiedDate" : "2025-06-27T17:38Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0358", "ASSIGNER" : "product-security@axis.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.axis.com/dam/public/35/90/85/cve-2025-0358pdf-en-US-483809.pdf", "name" : "https://www.axis.com/dam/public/35/90/85/cve-2025-0358pdf-en-US-483809.pdf", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a flaw in the VAPIX Device Configuration framework that allowed a privilege escalation, enabling a lower-privileged user to gain administrator privileges." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-06-02T08:15Z", "lastModifiedDate" : "2025-06-02T17:32Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0359", "ASSIGNER" : "product-security@axis.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.axis.com/dam/public/68/08/c5/cve-2025-0359pdf-en-US-466885.pdf", "name" : "https://www.axis.com/dam/public/68/08/c5/cve-2025-0359pdf-en-US-466885.pdf", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a flaw in the ACAP Application framework that allowed applications to access restricted D-Bus methods within the framework. \nAxis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-03-04T06:15Z", "lastModifiedDate" : "2025-03-04T06:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0360", "ASSIGNER" : "product-security@axis.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.axis.com/dam/public/b1/fe/46/cve-2025-0360pdf-en-US-466887.pdf", "name" : "https://www.axis.com/dam/public/b1/fe/46/cve-2025-0360pdf-en-US-466887.pdf", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a flaw in the VAPIX Device Configuration framework that could lead to an incorrect user privilege level in the VAPIX service account D-Bus API." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-03-04T06:15Z", "lastModifiedDate" : "2025-03-04T06:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0361", "ASSIGNER" : "product-security@axis.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.axis.com/dam/public/f4/9b/13/cve-2025-0361pdf-en-US-474511.pdf", "name" : "https://www.axis.com/dam/public/f4/9b/13/cve-2025-0361pdf-en-US-474511.pdf", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "During an annual penetration test conducted on behalf of Axis Communications, Truesec discovered a flaw in the VAPIX Device Configuration framework that allowed for unauthenticated username enumeration through the VAPIX Device Configuration SSH Management API." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-04-08T06:15Z", "lastModifiedDate" : "2025-04-08T06:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0362", "ASSIGNER" : "cve@gitlab.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-1021" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/512425", "name" : "GitLab Issue #512425", "refsource" : "", "tags" : [ "Broken Link" ] }, { "url" : "https://hackerone.com/reports/2926425", "name" : "HackerOne Bug Bounty Report #2926425", "refsource" : "", "tags" : [ "Permissions Required" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An issue has been discovered in GitLab CE/EE affecting all versions from 7.7 before 17.8.7, 17.9 before 17.9.6, and 17.10 before 17.10.4. Under certain conditions, an attacker could potentially trick users into unintentionally authorizing sensitive actions on their behalf." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "versionStartIncluding" : "17.10.0", "versionEndExcluding" : "17.10.4", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "versionStartIncluding" : "17.9.0", "versionEndExcluding" : "17.9.6", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding" : "17.10.0", "versionEndExcluding" : "17.10.4", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding" : "17.9.0", "versionEndExcluding" : "17.9.6", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "versionStartIncluding" : "7.7.0", "versionEndExcluding" : "17.8.7", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding" : "7.7.0", "versionEndExcluding" : "17.8.7", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "REQUIRED", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "HIGH", "availabilityImpact" : "NONE", "baseScore" : 6.5, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 3.6 } }, "publishedDate" : "2025-04-10T15:16Z", "lastModifiedDate" : "2025-08-07T18:34Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0364", "ASSIGNER" : "disclosure@vulncheck.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/vulncheck-oss/cve-2025-0364", "name" : "https://github.com/vulncheck-oss/cve-2025-0364", "refsource" : "", "tags" : [ ] }, { "url" : "https://vulncheck.com/advisories/big-ant-upload-rce", "name" : "https://vulncheck.com/advisories/big-ant-upload-rce", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "BigAntSoft BigAnt Server, up to and including version 5.6.06, is vulnerable to unauthenticated remote code execution via account registration. An unauthenticated remote attacker can create an administrative user through the default exposed SaaS registration mechanism. Once an administrator, the attacker can upload and execute arbitrary PHP code using the \"Cloud Storage Addin,\" leading to unauthenticated code execution." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-04T18:15Z", "lastModifiedDate" : "2025-02-28T20:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0365", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-22" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://plugins.trac.wordpress.org/changeset/3231122/jupiterx-core/trunk/includes/extensions/raven/includes/modules/inline-svg/widgets/inline-svg.php", "name" : "https://plugins.trac.wordpress.org/changeset/3231122/jupiterx-core/trunk/includes/extensions/raven/includes/modules/inline-svg/widgets/inline-svg.php", "refsource" : "", "tags" : [ "Patch" ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/d3bc5ef7-6825-463f-a3ce-d6ab1fc0e030?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/d3bc5ef7-6825-463f-a3ce-d6ab1fc0e030?source=cve", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The Jupiter X Core plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 4.8.7 via the inline SVG feature. This makes it possible for authenticated attackers, with Contributor-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:artbees:jupiter_x_core:*:*:*:*:*:wordpress:*:*", "versionEndExcluding" : "4.8.8", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 6.5, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 3.6 } }, "publishedDate" : "2025-02-01T06:15Z", "lastModifiedDate" : "2025-02-24T15:56Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0366", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "NVD-CWE-Other" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://plugins.trac.wordpress.org/changeset/3231122/jupiterx-core/trunk/includes/extensions/raven/includes/modules/forms/classes/ajax-handler.php", "name" : "https://plugins.trac.wordpress.org/changeset/3231122/jupiterx-core/trunk/includes/extensions/raven/includes/modules/forms/classes/ajax-handler.php", "refsource" : "", "tags" : [ "Patch" ] }, { "url" : "https://plugins.trac.wordpress.org/changeset/3231122/jupiterx-core/trunk/includes/extensions/raven/includes/modules/video/widgets/video.php", "name" : "https://plugins.trac.wordpress.org/changeset/3231122/jupiterx-core/trunk/includes/extensions/raven/includes/modules/video/widgets/video.php", "refsource" : "", "tags" : [ "Patch" ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/1a20dc1d-eb7c-47ac-ad9a-ec4c0d5db62e?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/1a20dc1d-eb7c-47ac-ad9a-ec4c0d5db62e?source=cve", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The Jupiter X Core plugin for WordPress is vulnerable to Local File Inclusion to Remote Code Execution in all versions up to, and including, 4.8.7 via the get_svg() function. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution. In this specific case, an attacker can create a form that allows SVG uploads, upload an SVG file with malicious content and then include the SVG file in a post to achieve remote code execution. This means it is relatively easy to gain remote code execution as a contributor-level user and above by default." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:artbees:jupiter_x_core:*:*:*:*:*:wordpress:*:*", "versionEndExcluding" : "4.8.8", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 8.8, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 2.8, "impactScore" : 5.9 } }, "publishedDate" : "2025-02-01T06:15Z", "lastModifiedDate" : "2025-02-24T15:56Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0367", "ASSIGNER" : "prodsec@splunk.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://advisory.splunk.com/advisories/SVD-2025-0103", "name" : "https://advisory.splunk.com/advisories/SVD-2025-0103", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "In versions 3.1.0 and lower of the Splunk Supporting Add-on for Active Directory, also known as SA-ldapsearch, a vulnerable regular expression pattern could lead to a Regular Expression Denial of Service (ReDoS) attack." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-30T17:15Z", "lastModifiedDate" : "2025-01-30T17:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0368", "ASSIGNER" : "contact@wpscan.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://wpscan.com/vulnerability/6a4f7097-082b-4375-9582-945928d765b8/", "name" : "https://wpscan.com/vulnerability/6a4f7097-082b-4375-9582-945928d765b8/", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The Banner Garden Plugin for WordPress plugin through 0.1.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin or unauthenticated users." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:karacsi_maci:banner_garden:*:*:*:*:*:wordpress:*:*", "versionEndIncluding" : "0.1.3", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-02-04T06:15Z", "lastModifiedDate" : "2025-05-07T18:28Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0369", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://crocoblock.com/changelog/", "name" : "https://crocoblock.com/changelog/", "refsource" : "", "tags" : [ ] }, { "url" : "https://crocoblock.com/plugins/jetengine/", "name" : "https://crocoblock.com/plugins/jetengine/", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/f27979a8-0e68-4a45-9e3e-3667d88361d8?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/f27979a8-0e68-4a45-9e3e-3667d88361d8?source=cve", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The JetEngine plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘list_tag’ parameter in all versions up to, and including, 3.6.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 6.4, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 3.1, "impactScore" : 2.7 } }, "publishedDate" : "2025-01-18T07:15Z", "lastModifiedDate" : "2025-01-18T07:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0370", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/trunk/includes/shortcodes/lightbox.php#L75", "name" : "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/trunk/includes/shortcodes/lightbox.php#L75", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://plugins.trac.wordpress.org/changeset/3229060/", "name" : "https://plugins.trac.wordpress.org/changeset/3229060/", "refsource" : "", "tags" : [ "Patch" ] }, { "url" : "https://wordpress.org/plugins/shortcodes-ultimate/#developers", "name" : "https://wordpress.org/plugins/shortcodes-ultimate/#developers", "refsource" : "", "tags" : [ "Product", "Release Notes" ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/f0869c35-9ea8-46a5-8bba-23d7ef47355a?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/f0869c35-9ea8-46a5-8bba-23d7ef47355a?source=cve", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘src’ parameter in all versions up to, and including, 7.3.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:vanokhin:shortcodes_ultimate:*:*:*:*:*:wordpress:*:*", "versionEndExcluding" : "7.3.4", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 5.4, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.3, "impactScore" : 2.7 } }, "publishedDate" : "2025-03-04T10:15Z", "lastModifiedDate" : "2025-03-05T16:39Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0371", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://crocoblock.com/changelog/", "name" : "https://crocoblock.com/changelog/", "refsource" : "", "tags" : [ "Release Notes" ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/ded2f366-375c-4cf6-9cbd-c969a3b3d6d5?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/ded2f366-375c-4cf6-9cbd-c969a3b3d6d5?source=cve", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The JetElements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several widgets in all versions up to, and including, 2.7.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:crocoblock:jetelements:*:*:*:*:*:wordpress:*:*", "versionEndExcluding" : "2.7.3", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 5.4, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.3, "impactScore" : 2.7 } }, "publishedDate" : "2025-01-21T09:15Z", "lastModifiedDate" : "2025-01-31T20:16Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0372", "ASSIGNER" : "security@hypr.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.hypr.com/trust-center/security-advisories", "name" : "https://www.hypr.com/trust-center/security-advisories", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in HYPR Passwordless on Windows allows Privilege Escalation.This issue affects HYPR Passwordless: before 10.1." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-05-21T17:15Z", "lastModifiedDate" : "2025-05-21T20:24Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0373", "ASSIGNER" : "secteam@freebsd.org" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.freebsd.org/advisories/FreeBSD-SA-25:02.fs.asc", "name" : "https://security.freebsd.org/advisories/FreeBSD-SA-25:02.fs.asc", "refsource" : "", "tags" : [ ] }, { "url" : "https://security.netapp.com/advisory/ntap-20250207-0009/", "name" : "https://security.netapp.com/advisory/ntap-20250207-0009/", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "On 64-bit systems, the implementation of VOP_VPTOFH() in the cd9660, tarfs and ext2fs filesystems overflows the destination FID buffer by 4 bytes, a stack buffer overflow.\n\nA NFS server that exports a cd9660, tarfs, or ext2fs file system can be made to panic by mounting and accessing the export with an NFS client. Further exploitation (e.g., bypassing file permission checking or remote kernel code execution) is potentially possible, though this has not been demonstrated. In particular, release kernels are compiled with stack protection enabled, and some instances of the overflow are caught by this mechanism, causing a panic." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-30T05:15Z", "lastModifiedDate" : "2025-02-07T17:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0374", "ASSIGNER" : "secteam@freebsd.org" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.freebsd.org/advisories/FreeBSD-SA-25:03.etcupdate.asc", "name" : "https://security.freebsd.org/advisories/FreeBSD-SA-25:03.etcupdate.asc", "refsource" : "", "tags" : [ ] }, { "url" : "https://security.netapp.com/advisory/ntap-20250207-0007/", "name" : "https://security.netapp.com/advisory/ntap-20250207-0007/", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "When etcupdate encounters conflicts while merging files, it saves a version containing conflict markers in /var/db/etcupdate/conflicts. This version does not preserve the mode of the input file, and is world-readable. This applies to files that would normally have restricted visibility, such as /etc/master.passwd.\n\nAn unprivileged local user may be able to read encrypted root and user passwords from the temporary master.passwd file created in /var/db/etcupdate/conflicts. This is possible only when conflicts within the password file arise during an update, and the unprotected file is deleted when conflicts are resolved." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-30T05:15Z", "lastModifiedDate" : "2025-02-07T17:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0376", "ASSIGNER" : "cve@gitlab.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/512603", "name" : "GitLab Issue #512603", "refsource" : "", "tags" : [ "Broken Link" ] }, { "url" : "https://hackerone.com/reports/2930243", "name" : "HackerOne Bug Bounty Report #2930243", "refsource" : "", "tags" : [ "Permissions Required" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An XSS vulnerability exists in GitLab CE/EE affecting all versions from 13.3 prior to 17.6.5, 17.7 prior to 17.7.4 and 17.8 prior to 17.8.2 that allows an attacker to execute unauthorized actions via a change page." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "versionStartIncluding" : "17.7.0", "versionEndExcluding" : "17.7.4", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "versionStartIncluding" : "17.8.0", "versionEndExcluding" : "17.8.2", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding" : "17.7.0", "versionEndExcluding" : "17.7.4", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding" : "17.8.0", "versionEndExcluding" : "17.8.2", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "versionStartIncluding" : "13.3.0", "versionEndExcluding" : "17.6.5", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding" : "13.3.0", "versionEndExcluding" : "17.6.5", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 6.1, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 2.7 } }, "publishedDate" : "2025-02-12T15:15Z", "lastModifiedDate" : "2025-08-06T18:48Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0377", "ASSIGNER" : "security@hashicorp.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://discuss.hashicorp.com/t/hcsec-2025-01-hashicorp-go-slug-vulnerable-to-zip-slip-attack", "name" : "https://discuss.hashicorp.com/t/hcsec-2025-01-hashicorp-go-slug-vulnerable-to-zip-slip-attack", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "HashiCorp’s go-slug library is vulnerable to a zip-slip style attack when a non-existing user-provided path is extracted from the tar entry." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-21T16:15Z", "lastModifiedDate" : "2025-01-21T16:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0390", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-23" }, { "lang" : "en", "value" : "CWE-24" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://gitee.com/erzhongxmu/JEEWMS/issues/IBFKBM", "name" : "https://gitee.com/erzhongxmu/JEEWMS/issues/IBFKBM", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.291124", "name" : "VDB-291124 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.291124", "name" : "VDB-291124 | Guangzhou Huayi Intelligent Technology Jeewms wmOmNoticeHController.do path traversal", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as critical was found in Guangzhou Huayi Intelligent Technology Jeewms up to 20241229. This vulnerability affects unknown code of the file /wmOmNoticeHController.do. The manipulation leads to path traversal: '../filedir'. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 20250101 is able to address this issue. It is recommended to upgrade the affected component." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-11T08:15Z", "lastModifiedDate" : "2025-01-11T08:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0391", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" }, { "lang" : "en", "value" : "CWE-74" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://gitee.com/erzhongxmu/JEEWMS/issues/IBFKA8", "name" : "https://gitee.com/erzhongxmu/JEEWMS/issues/IBFKA8", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.291125", "name" : "VDB-291125 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.291125", "name" : "VDB-291125 | Guangzhou Huayi Intelligent Technology Jeewms CgFormBuildController. java saveOrUpdate sql injection", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as critical, has been found in Guangzhou Huayi Intelligent Technology Jeewms up to 20241229. This issue affects the function saveOrUpdate of the file org/jeecgframework/web/cgform/controller/build/CgFormBuildController. java. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 20250101 is able to address this issue. It is recommended to upgrade the affected component." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-11T09:15Z", "lastModifiedDate" : "2025-01-11T09:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0392", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" }, { "lang" : "en", "value" : "CWE-74" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://gitee.com/erzhongxmu/JEEWMS/issues/IBFK93", "name" : "https://gitee.com/erzhongxmu/JEEWMS/issues/IBFK93", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.291126", "name" : "VDB-291126 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.291126", "name" : "VDB-291126 | Guangzhou Huayi Intelligent Technology Jeewms graphReportController.do datagridGraph sql injection", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as critical, was found in Guangzhou Huayi Intelligent Technology Jeewms up to 20241229. Affected is the function datagridGraph of the file /graphReportController.do. The manipulation of the argument store_code leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 20250101 is able to address this issue. It is recommended to upgrade the affected component." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-11T11:15Z", "lastModifiedDate" : "2025-01-11T11:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0393", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-352" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://plugins.trac.wordpress.org/browser/royal-elementor-addons/tags/1.7.1006/classes/modules/wpr-filter-grid-posts.php#L1260", "name" : "https://plugins.trac.wordpress.org/browser/royal-elementor-addons/tags/1.7.1006/classes/modules/wpr-filter-grid-posts.php#L1260", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://plugins.trac.wordpress.org/browser/royal-elementor-addons/tags/1.7.1006/classes/modules/wpr-filter-grid-posts.php#L391", "name" : "https://plugins.trac.wordpress.org/browser/royal-elementor-addons/tags/1.7.1006/classes/modules/wpr-filter-grid-posts.php#L391", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://plugins.trac.wordpress.org/changeset/3220959/", "name" : "https://plugins.trac.wordpress.org/changeset/3220959/", "refsource" : "", "tags" : [ "Patch" ] }, { "url" : "https://wordpress.org/plugins/royal-elementor-addons/#developers", "name" : "https://wordpress.org/plugins/royal-elementor-addons/#developers", "refsource" : "", "tags" : [ "Release Notes" ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/a8e34c05-7431-4acd-91f3-aab5e66f61ad?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/a8e34c05-7431-4acd-91f3-aab5e66f61ad?source=cve", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.7.1006. This is due to missing or incorrect nonce validation on the wpr_filter_grid_posts() function. This makes it possible for unauthenticated attackers to inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:*:*:*:*:*:wordpress:*:*", "versionEndIncluding" : "1.7.1006", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 6.1, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 2.7 } }, "publishedDate" : "2025-01-14T09:15Z", "lastModifiedDate" : "2025-03-03T18:44Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0394", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-434" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://plugins.trac.wordpress.org/browser/groundhogg/tags/3.7.3.5/includes/big-file-uploader.php#L117", "name" : "https://plugins.trac.wordpress.org/browser/groundhogg/tags/3.7.3.5/includes/big-file-uploader.php#L117", "refsource" : "", "tags" : [ ] }, { "url" : "https://plugins.trac.wordpress.org/changeset/3221208/", "name" : "https://plugins.trac.wordpress.org/changeset/3221208/", "refsource" : "", "tags" : [ ] }, { "url" : "https://wordpress.org/plugins/groundhogg/#developers", "name" : "https://wordpress.org/plugins/groundhogg/#developers", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/b2cf3b85-2e2d-43dc-9877-9a740d4fd2fb?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/b2cf3b85-2e2d-43dc-9877-9a740d4fd2fb?source=cve", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the gh_big_file_upload() function in all versions up to, and including, 3.7.3.5. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 8.8, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 2.8, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-14T09:15Z", "lastModifiedDate" : "2025-01-14T09:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0395", "ASSIGNER" : "glibc-cna@sourceware.org" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "http://www.openwall.com/lists/oss-security/2025/01/22/4", "name" : "http://www.openwall.com/lists/oss-security/2025/01/22/4", "refsource" : "", "tags" : [ ] }, { "url" : "http://www.openwall.com/lists/oss-security/2025/01/23/2", "name" : "http://www.openwall.com/lists/oss-security/2025/01/23/2", "refsource" : "", "tags" : [ ] }, { "url" : "http://www.openwall.com/lists/oss-security/2025/04/13/1", "name" : "http://www.openwall.com/lists/oss-security/2025/04/13/1", "refsource" : "", "tags" : [ ] }, { "url" : "http://www.openwall.com/lists/oss-security/2025/04/24/7", "name" : "http://www.openwall.com/lists/oss-security/2025/04/24/7", "refsource" : "", "tags" : [ ] }, { "url" : "https://lists.debian.org/debian-lts-announce/2025/04/msg00039.html", "name" : "https://lists.debian.org/debian-lts-announce/2025/04/msg00039.html", "refsource" : "", "tags" : [ ] }, { "url" : "https://security.netapp.com/advisory/ntap-20250228-0006/", "name" : "https://security.netapp.com/advisory/ntap-20250228-0006/", "refsource" : "", "tags" : [ ] }, { "url" : "https://sourceware.org/bugzilla/show_bug.cgi?id=32582", "name" : "https://sourceware.org/bugzilla/show_bug.cgi?id=32582", "refsource" : "", "tags" : [ ] }, { "url" : "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2025-0001", "name" : "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2025-0001", "refsource" : "", "tags" : [ ] }, { "url" : "https://sourceware.org/pipermail/libc-announce/2025/000044.html", "name" : "https://sourceware.org/pipermail/libc-announce/2025/000044.html", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.openwall.com/lists/oss-security/2025/01/22/4", "name" : "https://www.openwall.com/lists/oss-security/2025/01/22/4", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-22T13:15Z", "lastModifiedDate" : "2025-04-30T05:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0396", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-77" }, { "lang" : "en", "value" : "CWE-74" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/exelban/stats/releases/tag/v2.11.22", "name" : "https://github.com/exelban/stats/releases/tag/v2.11.22", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.291269", "name" : "VDB-291269 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.291269", "name" : "VDB-291269 | exelban stats XPC Service shouldAcceptNewConnection command injection", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.473229", "name" : "Submit #473229 | https://github.com/exelban Stats < v2.11.22 Local Privilege Escalation", "refsource" : "", "tags" : [ ] }, { "url" : "https://winslow1984.com/books/cve-collection/page/stats-v21122-local-privilege-escalation", "name" : "https://winslow1984.com/books/cve-collection/page/stats-v21122-local-privilege-escalation", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as critical, has been found in exelban stats up to 2.11.21. This issue affects the function shouldAcceptNewConnection of the component XPC Service. The manipulation leads to command injection. It is possible to launch the attack on the local host. Upgrading to version 2.11.22 is able to address this issue. It is recommended to upgrade the affected component." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-12T12:15Z", "lastModifiedDate" : "2025-01-12T12:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0397", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" }, { "lang" : "en", "value" : "CWE-94" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/LvZCh/SPPanAdmin/issues/3", "name" : "https://github.com/LvZCh/SPPanAdmin/issues/3", "refsource" : "", "tags" : [ ] }, { "url" : "https://github.com/LvZCh/SPPanAdmin/issues/3#issue-2765450314", "name" : "https://github.com/LvZCh/SPPanAdmin/issues/3#issue-2765450314", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.291270", "name" : "VDB-291270 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.291270", "name" : "VDB-291270 | reckcn SPPanAdmin edit cross site scripting", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.473287", "name" : "Submit #473287 | reckcn SPPanAdmin 1.0 storage type XSS", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as problematic, was found in reckcn SPPanAdmin 1.0. Affected is an unknown function of the file /;/admin/role/edit. The manipulation of the argument name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-12T13:15Z", "lastModifiedDate" : "2025-01-12T13:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0398", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" }, { "lang" : "en", "value" : "CWE-94" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/longpi1/warehouse/issues/4", "name" : "https://github.com/longpi1/warehouse/issues/4", "refsource" : "", "tags" : [ ] }, { "url" : "https://github.com/longpi1/warehouse/issues/4#issue-2765524047", "name" : "https://github.com/longpi1/warehouse/issues/4#issue-2765524047", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.291271", "name" : "VDB-291271 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.291271", "name" : "VDB-291271 | longpi1 warehouse Backend updateInport cross site scripting", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.473316", "name" : "Submit #473316 | longpi1 warehouse 1.0 storage XSS", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability has been found in longpi1 warehouse 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /resources/..;/inport/updateInport of the component Backend. The manipulation of the argument remark leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-12T14:15Z", "lastModifiedDate" : "2025-01-12T14:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0399", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-284" }, { "lang" : "en", "value" : "CWE-434" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/StarSea99/starsea-mall/issues/3", "name" : "https://github.com/StarSea99/starsea-mall/issues/3", "refsource" : "", "tags" : [ ] }, { "url" : "https://github.com/StarSea99/starsea-mall/issues/3#issue-2765550309", "name" : "https://github.com/StarSea99/starsea-mall/issues/3#issue-2765550309", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.291274", "name" : "VDB-291274 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.291274", "name" : "VDB-291274 | StarSea99 starsea-mall uploadController.java UploadController unrestricted upload", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.473319", "name" : "Submit #473319 | StarSea99 starsea-mall 1.0 any file uploaded", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in StarSea99 starsea-mall 1.0. It has been declared as critical. This vulnerability affects the function UploadController of the file src/main/java/com/siro/mall/controller/common/uploadController.java. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-12T23:15Z", "lastModifiedDate" : "2025-01-12T23:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0400", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" }, { "lang" : "en", "value" : "CWE-94" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/StarSea99/starsea-mall/issues/5", "name" : "https://github.com/StarSea99/starsea-mall/issues/5", "refsource" : "", "tags" : [ ] }, { "url" : "https://github.com/StarSea99/starsea-mall/issues/5#issue-2765562635", "name" : "https://github.com/StarSea99/starsea-mall/issues/5#issue-2765562635", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.291275", "name" : "VDB-291275 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.291275", "name" : "VDB-291275 | StarSea99 starsea-mall update cross site scripting", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.473321", "name" : "Submit #473321 | StarSea99 starsea-mall 1.0 Storage XSS", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in StarSea99 starsea-mall 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /admin/categories/update. The manipulation of the argument categoryName leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-12T23:15Z", "lastModifiedDate" : "2025-01-12T23:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0401", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-22" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/1902756969/reggie/issues/1", "name" : "https://github.com/1902756969/reggie/issues/1", "refsource" : "", "tags" : [ ] }, { "url" : "https://github.com/1902756969/reggie/issues/1#issue-2765577260", "name" : "https://github.com/1902756969/reggie/issues/1#issue-2765577260", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.291276", "name" : "VDB-291276 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.291276", "name" : "VDB-291276 | 1902756969 reggie CommonController.java download path traversal", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.473322", "name" : "Submit #473322 | 1902756969 reggie 1.0 Read any file", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as critical has been found in 1902756969 reggie 1.0. Affected is the function download of the file src/main/java/com/itheima/reggie/controller/CommonController.java. The manipulation of the argument name leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-13T00:15Z", "lastModifiedDate" : "2025-01-13T00:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0402", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-284" }, { "lang" : "en", "value" : "CWE-434" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/1902756969/reggie/issues/2", "name" : "https://github.com/1902756969/reggie/issues/2", "refsource" : "", "tags" : [ ] }, { "url" : "https://github.com/1902756969/reggie/issues/2#issue-2765582342", "name" : "https://github.com/1902756969/reggie/issues/2#issue-2765582342", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.291277", "name" : "VDB-291277 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.291277", "name" : "VDB-291277 | 1902756969 reggie CommonController.java upload unrestricted upload", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.473324", "name" : "Submit #473324 | 1902756969 reggie 1.0 any file uploaded", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as critical was found in 1902756969 reggie 1.0. Affected by this vulnerability is the function upload of the file src/main/java/com/itheima/reggie/controller/CommonController.java. The manipulation of the argument file leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-13T00:15Z", "lastModifiedDate" : "2025-01-13T00:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0403", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-200" }, { "lang" : "en", "value" : "CWE-284" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/1902756969/reggie/issues/3", "name" : "https://github.com/1902756969/reggie/issues/3", "refsource" : "", "tags" : [ ] }, { "url" : "https://github.com/1902756969/reggie/issues/3#issue-2765587336", "name" : "https://github.com/1902756969/reggie/issues/3#issue-2765587336", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.291278", "name" : "VDB-291278 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.291278", "name" : "VDB-291278 | 1902756969 reggie Phone Number Validation sendMsg information disclosure", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.473325", "name" : "Submit #473325 | 1902756969 reggie 1.0 any user login", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as problematic, has been found in 1902756969 reggie 1.0. Affected by this issue is some unknown functionality of the file /user/sendMsg of the component Phone Number Validation Handler. The manipulation of the argument code leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-13T00:15Z", "lastModifiedDate" : "2025-01-13T00:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0404", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" }, { "lang" : "en", "value" : "CWE-74" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/liujianview/gymxmjpa/issues/2", "name" : "https://github.com/liujianview/gymxmjpa/issues/2", "refsource" : "", "tags" : [ ] }, { "url" : "https://github.com/liujianview/gymxmjpa/issues/2#issue-2765760967", "name" : "https://github.com/liujianview/gymxmjpa/issues/2#issue-2765760967", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.291280", "name" : "VDB-291280 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.291280", "name" : "VDB-291280 | liujianview gymxmjpa CoachController.java CoachController sql injection", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.473385", "name" : "Submit #473385 | liujianview gymxmjpa 1.0 SQL Injection", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability has been found in liujianview gymxmjpa 1.0 and classified as critical. This vulnerability affects the function CoachController of the file src/main/java/com/liujian/gymxmjpa/controller/CoachController.java. The manipulation of the argument coachName leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-13T01:15Z", "lastModifiedDate" : "2025-01-13T01:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0405", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/liujianview/gymxmjpa/issues/3", "name" : "https://github.com/liujianview/gymxmjpa/issues/3", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://github.com/liujianview/gymxmjpa/issues/3", "name" : "https://github.com/liujianview/gymxmjpa/issues/3", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://github.com/liujianview/gymxmjpa/issues/3#issue-2765770918", "name" : "https://github.com/liujianview/gymxmjpa/issues/3#issue-2765770918", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://github.com/liujianview/gymxmjpa/issues/3#issue-2765770918", "name" : "https://github.com/liujianview/gymxmjpa/issues/3#issue-2765770918", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.291281", "name" : "VDB-291281 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.291281", "name" : "VDB-291281 | liujianview gymxmjpa GoodsController.java GoodsDaoImpl sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.473411", "name" : "Submit #473411 | liujianview gymxmjpa 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in liujianview gymxmjpa 1.0 and classified as critical. This issue affects the function GoodsDaoImpl of the file src/main/java/com/liujian/gymxmjpa/controller/GoodsController.java. The manipulation of the argument goodsName leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:liujianview:gymxmjpa:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 8.8, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 2.8, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-13T01:15Z", "lastModifiedDate" : "2025-05-05T15:20Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0406", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/liujianview/gymxmjpa/issues/5", "name" : "https://github.com/liujianview/gymxmjpa/issues/5", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://github.com/liujianview/gymxmjpa/issues/5", "name" : "https://github.com/liujianview/gymxmjpa/issues/5", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://github.com/liujianview/gymxmjpa/issues/5#issue-2765786069", "name" : "https://github.com/liujianview/gymxmjpa/issues/5#issue-2765786069", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://github.com/liujianview/gymxmjpa/issues/5#issue-2765786069", "name" : "https://github.com/liujianview/gymxmjpa/issues/5#issue-2765786069", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.291282", "name" : "VDB-291282 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.291282", "name" : "VDB-291282 | liujianview gymxmjpa SubjectController.java SubjectDaoImpl sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.473417", "name" : "Submit #473417 | liujianview gymxmjpa 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in liujianview gymxmjpa 1.0. It has been classified as critical. Affected is the function SubjectDaoImpl of the file src/main/java/com/liujian/gymxmjpa/controller/SubjectController.java. The manipulation of the argument subname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:liujianview:gymxmjpa:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 8.8, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 2.8, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-13T02:15Z", "lastModifiedDate" : "2025-05-05T15:20Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0407", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/liujianview/gymxmjpa/issues/7", "name" : "https://github.com/liujianview/gymxmjpa/issues/7", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://github.com/liujianview/gymxmjpa/issues/7", "name" : "https://github.com/liujianview/gymxmjpa/issues/7", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://github.com/liujianview/gymxmjpa/issues/7#issue-2765800789", "name" : "https://github.com/liujianview/gymxmjpa/issues/7#issue-2765800789", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://github.com/liujianview/gymxmjpa/issues/7#issue-2765800789", "name" : "https://github.com/liujianview/gymxmjpa/issues/7#issue-2765800789", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.291283", "name" : "VDB-291283 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.291283", "name" : "VDB-291283 | liujianview gymxmjpa EquipmentController.java EquipmentDaoImpl sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.473422", "name" : "Submit #473422 | liujianview gymxmjpa 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in liujianview gymxmjpa 1.0. It has been declared as critical. Affected by this vulnerability is the function EquipmentDaoImpl of the file src/main/java/com/liujian/gymxmjpa/controller/EquipmentController.java. The manipulation of the argument hyname leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:liujianview:gymxmjpa:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 8.8, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 2.8, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-13T02:15Z", "lastModifiedDate" : "2025-05-05T15:21Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0408", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/liujianview/gymxmjpa/issues/8", "name" : "https://github.com/liujianview/gymxmjpa/issues/8", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://github.com/liujianview/gymxmjpa/issues/8", "name" : "https://github.com/liujianview/gymxmjpa/issues/8", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://github.com/liujianview/gymxmjpa/issues/8#issue-2765807702", "name" : "https://github.com/liujianview/gymxmjpa/issues/8#issue-2765807702", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://github.com/liujianview/gymxmjpa/issues/8#issue-2765807702", "name" : "https://github.com/liujianview/gymxmjpa/issues/8#issue-2765807702", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.291284", "name" : "VDB-291284 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.291284", "name" : "VDB-291284 | liujianview gymxmjpa LoosController.java LoosDaoImpl sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.473423", "name" : "Submit #473423 | liujianview gymxmjpa 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in liujianview gymxmjpa 1.0. It has been rated as critical. Affected by this issue is the function LoosDaoImpl of the file src/main/java/com/liujian/gymxmjpa/controller/LoosController.java. The manipulation of the argument loosName leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:liujianview:gymxmjpa:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 8.8, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 2.8, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-13T02:15Z", "lastModifiedDate" : "2025-05-05T15:21Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0409", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/liujianview/gymxmjpa/issues/9", "name" : "https://github.com/liujianview/gymxmjpa/issues/9", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://github.com/liujianview/gymxmjpa/issues/9", "name" : "https://github.com/liujianview/gymxmjpa/issues/9", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://github.com/liujianview/gymxmjpa/issues/9#issue-2765816110", "name" : "https://github.com/liujianview/gymxmjpa/issues/9#issue-2765816110", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://github.com/liujianview/gymxmjpa/issues/9#issue-2765816110", "name" : "https://github.com/liujianview/gymxmjpa/issues/9#issue-2765816110", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.291285", "name" : "VDB-291285 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.291285", "name" : "VDB-291285 | liujianview gymxmjpa MembertypeController.java MembertypeDaoImpl sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.473425", "name" : "Submit #473425 | liujianview gymxmjpa 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as critical has been found in liujianview gymxmjpa 1.0. This affects the function MembertypeDaoImpl of the file src/main/java/com/liujian/gymxmjpa/controller/MembertypeController.java. The manipulation of the argument typeName leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:liujianview:gymxmjpa:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 8.8, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 2.8, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-13T03:15Z", "lastModifiedDate" : "2025-05-05T15:21Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0410", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/liujianview/gymxmjpa/issues/10", "name" : "https://github.com/liujianview/gymxmjpa/issues/10", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://github.com/liujianview/gymxmjpa/issues/10", "name" : "https://github.com/liujianview/gymxmjpa/issues/10", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://github.com/liujianview/gymxmjpa/issues/10#issue-2765824571", "name" : "https://github.com/liujianview/gymxmjpa/issues/10#issue-2765824571", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://github.com/liujianview/gymxmjpa/issues/10#issue-2765824571", "name" : "https://github.com/liujianview/gymxmjpa/issues/10#issue-2765824571", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.291286", "name" : "VDB-291286 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.291286", "name" : "VDB-291286 | liujianview gymxmjpa MenberConntroller.java MenberDaoInpl sql injection", "refsource" : "", "tags" : [ "Permissions Required", "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.473426", "name" : "Submit #473426 | liujianview gymxmjpa 1.0 SQL Injection", "refsource" : "", "tags" : [ "Permissions Required", "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as critical was found in liujianview gymxmjpa 1.0. This vulnerability affects the function MenberDaoInpl of the file src/main/java/com/liujian/gymxmjpa/controller/MenberConntroller.java. The manipulation of the argument hyname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:liujianview:gymxmjpa:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 8.8, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 2.8, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-13T03:15Z", "lastModifiedDate" : "2025-05-05T15:21Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0411", "ASSIGNER" : "zdi-disclosures@trendmicro.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "NVD-CWE-noinfo" } ] } ] }, "references" : { "reference_data" : [ { "url" : "http://www.openwall.com/lists/oss-security/2025/01/24/6", "name" : "http://www.openwall.com/lists/oss-security/2025/01/24/6", "refsource" : "", "tags" : [ "Mailing List" ] }, { "url" : "https://security.netapp.com/advisory/ntap-20250207-0005/", "name" : "https://security.netapp.com/advisory/ntap-20250207-0005/", "refsource" : "", "tags" : [ "Third Party Advisory" ] }, { "url" : "https://www.vicarius.io/vsociety/posts/cve-2025-0411-7-zip-mitigation-vulnerability", "name" : "https://www.vicarius.io/vsociety/posts/cve-2025-0411-7-zip-mitigation-vulnerability", "refsource" : "", "tags" : [ "Mitigation" ] }, { "url" : "https://www.vicarius.io/vsociety/posts/cve-2025-0411-detection-7-zip-vulnerability", "name" : "https://www.vicarius.io/vsociety/posts/cve-2025-0411-detection-7-zip-vulnerability", "refsource" : "", "tags" : [ "Mitigation" ] }, { "url" : "https://www.zerodayinitiative.com/advisories/ZDI-25-045/", "name" : "ZDI-25-045", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "7-Zip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of archived files. When extracting files from a crafted archive that bears the Mark-of-the-Web, 7-Zip does not propagate the Mark-of-the-Web to the extracted files. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current user. Was ZDI-CAN-25456." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:7-zip:7-zip:*:*:*:*:*:*:*:*", "versionEndExcluding" : "24.09", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector" : "LOCAL", "attackComplexity" : "HIGH", "privilegesRequired" : "NONE", "userInteraction" : "REQUIRED", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 7.0, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 1.0, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-25T05:15Z", "lastModifiedDate" : "2025-02-12T18:14Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0412", "ASSIGNER" : "zdi-disclosures@trendmicro.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-119" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://download.keyshot.com/cert/lsa-960930/lsa-960930.pdf?version=1.0", "name" : "vendor-provided URL", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://www.zerodayinitiative.com/advisories/ZDI-23-1716/", "name" : "ZDI-23-1716", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Luxion KeyShot Viewer KSP File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the processing of KSP files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22139." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:luxion:keyshot:*:*:*:*:*:*:*:*", "versionEndExcluding" : "2023.3", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-01-13T04:15Z", "lastModifiedDate" : "2025-08-07T17:53Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0413", "ASSIGNER" : "zdi-disclosures@trendmicro.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-59" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://kb.parallels.com/130212", "name" : "vendor-provided URL", "refsource" : "", "tags" : [ "Release Notes" ] }, { "url" : "https://www.zerodayinitiative.com/advisories/ZDI-25-082/", "name" : "ZDI-25-082", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Parallels Desktop Technical Data Reporter Link Following Local Privilege Escalation Vulnerability. \nThis vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Technical Data Reporter component. By creating a symbolic link, an attacker can abuse the service to change the permissions of arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-25014." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:parallels:remote_application_server:*:*:*:*:*:*:*:*", "versionEndExcluding" : "19.4.3.2-25228", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:parallels:parallels:*:*:*:*:*:windows:*:*", "versionStartIncluding" : "19.0-23304", "versionEndExcluding" : "19.4.3-25221", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:parallels:parallels:*:*:*:*:*:windows:*:*", "versionStartIncluding" : "20.0-25389", "versionEndExcluding" : "20.2-25889", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-02-05T00:15Z", "lastModifiedDate" : "2025-08-15T12:45Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0415", "ASSIGNER" : "psirt@moxa.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-259491-cve-2025-0415-command-injection-leading-to-denial-of-service-(dos)", "name" : "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-259491-cve-2025-0415-command-injection-leading-to-denial-of-service-(dos)", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A remote attacker with web administrator privileges can exploit the device’s web interface to execute arbitrary system commands through the NTP settings. Successful exploitation may result in the device entering an infinite reboot loop, leading to a total or partial denial of connectivity for downstream systems that rely on its network services." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-04-02T07:15Z", "lastModifiedDate" : "2025-04-02T14:58Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0416", "ASSIGNER" : "vulncoord@ncsc.fi" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.valmet.com/about-us/about/research-and-development/vulnerabilityadvisories/cve-2025-0416/", "name" : "https://www.valmet.com/about-us/about/research-and-development/vulnerabilityadvisories/cve-2025-0416/", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Local privilege escalation through insecure DCOM configuration in Valmet DNA versions prior to C2023. The DCOM object Valmet DNA Engineering has permissions that allow it to run commands as a user with the SeImpersonatePrivilege privilege. The SeImpersonatePrivilege privilege is a Windows permission that allows a process to impersonate another user. An attacker can use this vulnerability to escalate their privileges and take complete control of the system." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-04-01T04:15Z", "lastModifiedDate" : "2025-04-01T20:26Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0417", "ASSIGNER" : "vulncoord@ncsc.fi" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.valmet.com/about-us/about/research-and-development/vulnerabilityadvisories/cve-2025-0417/", "name" : "https://www.valmet.com/about-us/about/research-and-development/vulnerabilityadvisories/cve-2025-0417/", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Lack of protection against brute force attacks in Valmet DNA visualization in DNA Operate. The possibility to make an arbitrary number of login attempts without any rate limit gives an attacker an increased chance of guessing passwords and then performing switching operations." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-04-01T04:15Z", "lastModifiedDate" : "2025-04-01T20:26Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0418", "ASSIGNER" : "vulncoord@ncsc.fi" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.valmet.com/about-us/about/research-and-development/vulnerabilityadvisories/cve-2025-0418/", "name" : "https://www.valmet.com/about-us/about/research-and-development/vulnerabilityadvisories/cve-2025-0418/", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Valmet DNA user passwords in plain text. This practice poses a security risk as attackers who gain access to local project data can read the passwords." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-04-01T04:15Z", "lastModifiedDate" : "2025-04-01T20:26Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0422", "ASSIGNER" : "vulnerability@ncsc.ch" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.cordaware.com/changelog/en/version-6_4_0_4-release-13_02_2025.html", "name" : "https://www.cordaware.com/changelog/en/version-6_4_0_4-release-13_02_2025.html", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An authenticated user in the \"bestinformed Web\" application can execute commands on the underlying server running the application. (Remote Code Execution) For this, the user must be able to create \"ScriptVars\" with the type „script\" and preview them by, for example, creating a new \"Info\". By default, admin users have those permissions, but with the granular permission system, those permissions may be assigned to other users. An attacker is able to execute commands on the server running the \"bestinformed Web\" application if an account with the correct permissions was compromised before." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-18T08:15Z", "lastModifiedDate" : "2025-02-18T08:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0423", "ASSIGNER" : "vulnerability@ncsc.ch" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.cordaware.com/changelog/en/version-6_4_0_4-release-13_02_2025.html", "name" : "https://www.cordaware.com/changelog/en/version-6_4_0_4-release-13_02_2025.html", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "In the \"bestinformed Web\" application, some user input was not properly sanitized. This leads to multiple unauthenticated stored cross-site scripting vulnerabilities. An unauthenticated attacker is able to compromise the sessions of users on the server by injecting JavaScript code into their session using an \"Unauthenticated Stored Cross-Site Scripting\". The attacker is then able to ride the session of those users and can abuse their privileges on the \"bestinformed Web\" application." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-18T08:15Z", "lastModifiedDate" : "2025-02-18T08:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0424", "ASSIGNER" : "vulnerability@ncsc.ch" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.cordaware.com/changelog/en/version-6_4_0_4-release-13_02_2025.html", "name" : "https://www.cordaware.com/changelog/en/version-6_4_0_4-release-13_02_2025.html", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "In the \"bestinformed Web\" application, some user input was not properly sanitized. This leads to multiple authenticated stored cross-site scripting vulnerabilities. An authenticated attacker is able to compromise the sessions of other users on the server by injecting JavaScript code into their session using an \"Authenticated Stored Cross-Site Scripting\". Those other users might have more privileges than the attacker, enabling a form of horizontal movement." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-18T08:15Z", "lastModifiedDate" : "2025-02-18T08:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0425", "ASSIGNER" : "vulnerability@ncsc.ch" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.cordaware.com/changelog/en/version-6_3_8_1.html", "name" : "https://www.cordaware.com/changelog/en/version-6_3_8_1.html", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Via the GUI of the \"bestinformed Infoclient\", a low-privileged user is by default able to change the server address of the \"bestinformed Server\" to which this client connects. This is dangerous as the \"bestinformed Infoclient\" runs with elevated permissions (\"nt authority\\system\"). By changing the server address to a malicious server, or a script simulating a server, the user is able to escalate his privileges by abusing certain features of the \"bestinformed Web\" server. Those features include:\n * Pushing of malicious update packages\n * Arbitrary Registry Read as \"nt authority\\system\"\n\n\nAn attacker is able to escalate his privileges to \"nt authority\\system\" on the Windows client running the \"bestinformed Infoclient\". \n\n\nThis attack is not possible if a custom configuration (\"Infoclient.ini\") containing the flags \"ShowOnTaskbar=false\" or \"DisabledItems=stPort,stAddress\" is deployed." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-18T08:15Z", "lastModifiedDate" : "2025-02-18T08:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0426", "ASSIGNER" : "security@kubernetes.io" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "http://www.openwall.com/lists/oss-security/2025/02/13/1", "name" : "http://www.openwall.com/lists/oss-security/2025/02/13/1", "refsource" : "", "tags" : [ ] }, { "url" : "https://github.com/kubernetes/kubernetes/issues/130016", "name" : "https://github.com/kubernetes/kubernetes/issues/130016", "refsource" : "", "tags" : [ ] }, { "url" : "https://groups.google.com/g/kubernetes-security-announce/c/KiODfu8i6w8", "name" : "https://groups.google.com/g/kubernetes-security-announce/c/KiODfu8i6w8", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node's disk." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-13T16:16Z", "lastModifiedDate" : "2025-02-13T17:17Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0427", "ASSIGNER" : "arm-security@arm.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-416" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://developer.arm.com/documentation/110465/latest/", "name" : "https://developer.arm.com/documentation/110465/latest/", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform valid GPU processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r8p0 through r49p3, from r50p0 through r51p0; Valhall GPU Kernel Driver: from r19p0 through r49p3, from r50p0 through r53p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p3, from r50p0 through r53p0." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:arm:5th_gen_gpu_architecture_kernel_driver:*:*:*:*:*:*:*:*", "versionStartIncluding" : "r41p0", "versionEndIncluding" : "r49p3", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:arm:5th_gen_gpu_architecture_kernel_driver:*:*:*:*:*:*:*:*", "versionStartIncluding" : "r50p0", "versionEndIncluding" : "r53p0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*", "versionStartIncluding" : "r50p0", "versionEndIncluding" : "r53p0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*", "versionStartIncluding" : "r50p0", "versionEndIncluding" : "r51p0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*", "versionStartIncluding" : "r8p0", "versionEndIncluding" : "r49p3", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*", "versionStartIncluding" : "r19p0", "versionEndIncluding" : "r49p3", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "LOCAL", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 7.8, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 1.8, "impactScore" : 5.9 } }, "publishedDate" : "2025-05-02T10:15Z", "lastModifiedDate" : "2025-05-12T16:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0428", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-502" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://plugins.trac.wordpress.org/changeset/3224162/", "name" : "https://plugins.trac.wordpress.org/changeset/3224162/", "refsource" : "", "tags" : [ "Patch" ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/66a3abc1-0508-4ce3-952b-7dbf3738879a?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/66a3abc1-0508-4ce3-952b-7dbf3738879a?source=cve", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The \"AI Power: Complete AI Pack\" plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.8.96 via deserialization of untrusted input from the $form['post_content'] variable through the wpaicg_export_prompts function. This allows authenticated attackers, with administrative privileges, to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:aipower:aipower:*:*:*:*:*:wordpress:*:*", "versionEndExcluding" : "1.8.97", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "HIGH", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 7.2, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 1.2, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-22T08:15Z", "lastModifiedDate" : "2025-01-24T20:56Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0429", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-502" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://plugins.trac.wordpress.org/changeset/3224162/", "name" : "https://plugins.trac.wordpress.org/changeset/3224162/", "refsource" : "", "tags" : [ "Patch" ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/bb927aba-a96d-47b9-ba35-60945ea5cfe5?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/bb927aba-a96d-47b9-ba35-60945ea5cfe5?source=cve", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The \"AI Power: Complete AI Pack\" plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.8.96 via deserialization of untrusted input from the $form['post_content'] variable through the wpaicg_export_ai_forms() function. This allows authenticated attackers, with administrative privileges, to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:aipower:aipower:*:*:*:*:*:wordpress:*:*", "versionEndExcluding" : "1.8.97", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "HIGH", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 7.2, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 1.2, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-22T08:15Z", "lastModifiedDate" : "2025-01-24T20:51Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0430", "ASSIGNER" : "ics-cert@hq.dhs.gov" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-476" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.cisa.gov/news-events/ics-advisories/icsa-25-014-04", "name" : "https://www.cisa.gov/news-events/ics-advisories/icsa-25-014-04", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Belledonne Communications Linphone-Desktop \n is vulnerable to a NULL Dereference vulnerability, which could allow a remote attacker to create a denial-of-service condition." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-17T18:15Z", "lastModifiedDate" : "2025-01-17T18:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0431", "ASSIGNER" : "security@proofpoint.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2025-0001", "name" : "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2025-0001", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Enterprise Protection contains a vulnerability in URL rewriting that allows an unauthenticated remote attacker to send an email which bypasses URL protections impacting the integrity of recipient's email. This occurs due to improper filtering of backslashes within URLs and affects all versions of 8.21, 8.20 and 8.18 prior to 8.21.0 patch 5115, 8.20.6 patch 5114 and 8.18.6 patch 5113 respectively." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-03-19T17:15Z", "lastModifiedDate" : "2025-03-19T17:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0432", "ASSIGNER" : "ics-cert@hq.dhs.gov" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-319" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://hmsnetworks.blob.core.windows.net/nlw/docs/default-source/products/ewon/manuals-and-guides---installation-guides/best-practices-for-a-secure-usage-of-the-ewon-solution-en.pdf?sfvrsn=37160847_4", "name" : "https://hmsnetworks.blob.core.windows.net/nlw/docs/default-source/products/ewon/manuals-and-guides---installation-guides/best-practices-for-a-secure-usage-of-the-ewon-solution-en.pdf?sfvrsn=37160847_4", "refsource" : "", "tags" : [ ] }, { "url" : "https://support.hms-networks.com/hc/en-us/articles/19393244940818-How-to-block-all-the-unused-Ewon-Flexy-Cosy131-services-on-the-LAN-WAN-and-or-VPN-interface", "name" : "https://support.hms-networks.com/hc/en-us/articles/19393244940818-How-to-block-all-the-unused-Ewon-Flexy-Cosy131-services-on-the-LAN-WAN-and-or-VPN-interface", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.cisa.gov/news-events/ics-advisories/icsa-25-023-06", "name" : "https://www.cisa.gov/news-events/ics-advisories/icsa-25-023-06", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.hms-networks.com/cyber-security", "name" : "https://www.hms-networks.com/cyber-security", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "EWON Flexy 202 transmits user credentials in clear text with no encryption when a user is added, or user credentials are changed via its webpage." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-28T16:15Z", "lastModifiedDate" : "2025-01-28T16:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0433", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://plugins.trac.wordpress.org/browser/master-addons/trunk/addons/ma-image-hover-effects/ma-image-hover-effects.php#L1117", "name" : "https://plugins.trac.wordpress.org/browser/master-addons/trunk/addons/ma-image-hover-effects/ma-image-hover-effects.php#L1117", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://plugins.trac.wordpress.org/browser/master-addons/trunk/addons/ma-tabs/ma-tabs.php#L568", "name" : "https://plugins.trac.wordpress.org/browser/master-addons/trunk/addons/ma-tabs/ma-tabs.php#L568", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://plugins.trac.wordpress.org/changeset/3243199/", "name" : "https://plugins.trac.wordpress.org/changeset/3243199/", "refsource" : "", "tags" : [ "Patch" ] }, { "url" : "https://wordpress.org/plugins/master-addons/#developers", "name" : "https://wordpress.org/plugins/master-addons/#developers", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/c693831f-fe60-4548-83aa-4ebd03d134ec?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/c693831f-fe60-4548-83aa-4ebd03d134ec?source=cve", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 2.0.7.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:master-addons:master_addons:*:*:*:*:*:wordpress:*:*", "versionEndExcluding" : "2.0.7.2", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 5.4, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.3, "impactScore" : 2.7 } }, "publishedDate" : "2025-03-04T09:15Z", "lastModifiedDate" : "2025-03-04T20:38Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0434", "ASSIGNER" : "chrome-cve-admin@google.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "name" : "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://issues.chromium.org/issues/374627491", "name" : "https://issues.chromium.org/issues/374627491", "refsource" : "", "tags" : [ "Issue Tracking", "Exploit" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)" } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "versionEndExcluding" : "132.0.6834.83", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-01-15T11:15Z", "lastModifiedDate" : "2025-04-21T17:30Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0435", "ASSIGNER" : "chrome-cve-admin@google.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "name" : "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://issues.chromium.org/issues/379652406", "name" : "https://issues.chromium.org/issues/379652406", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Inappropriate implementation in Navigation in Google Chrome on Android prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: High)" } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "versionEndExcluding" : "132.0.6834.83", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] } ] }, "impact" : { }, "publishedDate" : "2025-01-15T11:15Z", "lastModifiedDate" : "2025-04-21T17:30Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0436", "ASSIGNER" : "chrome-cve-admin@google.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-472" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "name" : "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://issues.chromium.org/issues/382786791", "name" : "https://issues.chromium.org/issues/382786791", "refsource" : "", "tags" : [ "Issue Tracking", "Exploit" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Integer overflow in Skia in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)" } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "versionEndExcluding" : "132.0.6834.83", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-01-15T11:15Z", "lastModifiedDate" : "2025-04-21T17:33Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0437", "ASSIGNER" : "chrome-cve-admin@google.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-125" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "name" : "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "refsource" : "", "tags" : [ "Release Notes" ] }, { "url" : "https://issues.chromium.org/issues/378623799", "name" : "https://issues.chromium.org/issues/378623799", "refsource" : "", "tags" : [ "Permissions Required" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Out of bounds read in Metrics in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)" } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "versionEndExcluding" : "132.0.6834.83", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "REQUIRED", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 8.8, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 2.8, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-15T11:15Z", "lastModifiedDate" : "2025-02-03T19:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0438", "ASSIGNER" : "chrome-cve-admin@google.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-121" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "name" : "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "refsource" : "", "tags" : [ "Release Notes" ] }, { "url" : "https://issues.chromium.org/issues/384186539", "name" : "https://issues.chromium.org/issues/384186539", "refsource" : "", "tags" : [ "Permissions Required" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Stack buffer overflow in Tracing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: High)" } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "versionEndExcluding" : "132.0.6834.83", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-01-15T11:15Z", "lastModifiedDate" : "2025-04-21T20:52Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0439", "ASSIGNER" : "chrome-cve-admin@google.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-362" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "name" : "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "refsource" : "", "tags" : [ "Release Notes" ] }, { "url" : "https://issues.chromium.org/issues/371247941", "name" : "https://issues.chromium.org/issues/371247941", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Race in Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)" } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "versionEndExcluding" : "132.0.6834.83", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-01-15T11:15Z", "lastModifiedDate" : "2025-04-21T20:52Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0440", "ASSIGNER" : "chrome-cve-admin@google.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "name" : "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "refsource" : "", "tags" : [ "Release Notes" ] }, { "url" : "https://issues.chromium.org/issues/40067914", "name" : "https://issues.chromium.org/issues/40067914", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Inappropriate implementation in Fullscreen in Google Chrome on Windows prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)" } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "versionEndExcluding" : "132.0.6834.83", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] } ] }, "impact" : { }, "publishedDate" : "2025-01-15T11:15Z", "lastModifiedDate" : "2025-04-21T20:53Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0441", "ASSIGNER" : "chrome-cve-admin@google.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "name" : "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "refsource" : "", "tags" : [ "Release Notes" ] }, { "url" : "https://issues.chromium.org/issues/368628042", "name" : "https://issues.chromium.org/issues/368628042", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Inappropriate implementation in Fenced Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to obtain potentially sensitive information from the system via a crafted HTML page. (Chromium security severity: Medium)" } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "versionEndExcluding" : "132.0.6834.83", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-01-15T11:15Z", "lastModifiedDate" : "2025-04-21T20:53Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0442", "ASSIGNER" : "chrome-cve-admin@google.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "name" : "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "refsource" : "", "tags" : [ "Release Notes" ] }, { "url" : "https://issues.chromium.org/issues/40940854", "name" : "https://issues.chromium.org/issues/40940854", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Inappropriate implementation in Payments in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)" } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "versionEndExcluding" : "132.0.6834.83", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-01-15T11:15Z", "lastModifiedDate" : "2025-04-21T20:53Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0443", "ASSIGNER" : "chrome-cve-admin@google.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "name" : "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "refsource" : "", "tags" : [ "Release Notes" ] }, { "url" : "https://issues.chromium.org/issues/376625003", "name" : "https://issues.chromium.org/issues/376625003", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Insufficient data validation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)" } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "versionEndExcluding" : "132.0.6834.83", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-01-15T11:15Z", "lastModifiedDate" : "2025-04-21T20:53Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0444", "ASSIGNER" : "chrome-cve-admin@google.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-416" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop.html", "name" : "https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop.html", "refsource" : "", "tags" : [ "Release Notes" ] }, { "url" : "https://issues.chromium.org/issues/390889644", "name" : "https://issues.chromium.org/issues/390889644", "refsource" : "", "tags" : [ "Issue Tracking", "Permissions Required" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Use after free in Skia in Google Chrome prior to 133.0.6943.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)" } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "versionEndExcluding" : "133.0.6943.53", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-02-04T19:15Z", "lastModifiedDate" : "2025-04-08T12:26Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0445", "ASSIGNER" : "chrome-cve-admin@google.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-416" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop.html", "name" : "https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop.html", "refsource" : "", "tags" : [ "Release Notes" ] }, { "url" : "https://issues.chromium.org/issues/392521083", "name" : "https://issues.chromium.org/issues/392521083", "refsource" : "", "tags" : [ "Issue Tracking", "Permissions Required" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Use after free in V8 in Google Chrome prior to 133.0.6943.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)" } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "versionEndExcluding" : "133.0.6943.53", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-02-04T19:15Z", "lastModifiedDate" : "2025-04-08T12:25Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0446", "ASSIGNER" : "chrome-cve-admin@google.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "name" : "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "refsource" : "", "tags" : [ "Release Notes" ] }, { "url" : "https://issues.chromium.org/issues/359949844", "name" : "https://issues.chromium.org/issues/359949844", "refsource" : "", "tags" : [ "Issue Tracking" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Inappropriate implementation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)" } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "versionEndExcluding" : "132.0.6834.83", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-01-15T11:15Z", "lastModifiedDate" : "2025-04-21T20:53Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0447", "ASSIGNER" : "chrome-cve-admin@google.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "name" : "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "refsource" : "", "tags" : [ "Release Notes" ] }, { "url" : "https://issues.chromium.org/issues/375550814", "name" : "https://issues.chromium.org/issues/375550814", "refsource" : "", "tags" : [ "Issue Tracking", "Exploit" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Inappropriate implementation in Navigation in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Low)" } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "versionEndExcluding" : "132.0.6834.83", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-01-15T11:15Z", "lastModifiedDate" : "2025-04-21T20:53Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0448", "ASSIGNER" : "chrome-cve-admin@google.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "name" : "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "refsource" : "", "tags" : [ "Release Notes" ] }, { "url" : "https://issues.chromium.org/issues/377948403", "name" : "https://issues.chromium.org/issues/377948403", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Inappropriate implementation in Compositing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)" } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "versionEndExcluding" : "132.0.6834.83", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-01-15T11:15Z", "lastModifiedDate" : "2025-04-21T20:53Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0450", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://support.muffingroup.com/changelog/", "name" : "https://support.muffingroup.com/changelog/", "refsource" : "", "tags" : [ "Release Notes" ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/340c14ea-70b9-4f60-84b3-97328432f110?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/340c14ea-70b9-4f60-84b3-97328432f110?source=cve", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The Betheme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's custom JS functionality in all versions up to, and including, 27.6.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:muffingroup:betheme:*:*:*:*:*:wordpress:*:*", "versionEndExcluding" : "27.6.2", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 5.4, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.3, "impactScore" : 2.7 } }, "publishedDate" : "2025-01-21T11:15Z", "lastModifiedDate" : "2025-06-05T14:26Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0451", "ASSIGNER" : "chrome-cve-admin@google.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop.html", "name" : "https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop.html", "refsource" : "", "tags" : [ "Release Notes" ] }, { "url" : "https://issues.chromium.org/issues/40061026", "name" : "https://issues.chromium.org/issues/40061026", "refsource" : "", "tags" : [ "Issue Tracking" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Inappropriate implementation in Extensions API in Google Chrome prior to 133.0.6943.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Medium)" } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "versionEndExcluding" : "133.0.6943.53", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-02-04T19:15Z", "lastModifiedDate" : "2025-04-08T12:25Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0452", "ASSIGNER" : "security@huntr.dev" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-73" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://huntr.com/bounties/7e854343-3d61-47d4-ad41-c4d2f356a54a", "name" : "https://huntr.com/bounties/7e854343-3d61-47d4-ad41-c4d2f356a54a", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "eosphoros-ai/DB-GPT version latest is vulnerable to arbitrary file deletion on Windows systems via the '/v1/agent/hub/update' endpoint. The application fails to properly filter the '\\' character, which is commonly used as a separator in Windows paths. This vulnerability allows attackers to delete any files on the host system by manipulating the 'plugin_repo_name' variable." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:dbgpt:db-gpt:0.6.1:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-03-20T10:15Z", "lastModifiedDate" : "2025-07-17T15:56Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0453", "ASSIGNER" : "security@huntr.dev" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "NVD-CWE-noinfo" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://huntr.com/bounties/788327ec-714a-4d5c-83aa-8df04dd7612b", "name" : "https://huntr.com/bounties/788327ec-714a-4d5c-83aa-8df04dd7612b", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://huntr.com/bounties/788327ec-714a-4d5c-83aa-8df04dd7612b", "name" : "https://huntr.com/bounties/788327ec-714a-4d5c-83aa-8df04dd7612b", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "In mlflow/mlflow version 2.17.2, the `/graphql` endpoint is vulnerable to a denial of service attack. An attacker can create large batches of queries that repeatedly request all runs from a given experiment. This can tie up all the workers allocated by MLFlow, rendering the application unable to respond to other requests. This vulnerability is due to uncontrolled resource consumption." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:lfprojects:mlflow:2.17.2:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "NONE", "availabilityImpact" : "HIGH", "baseScore" : 7.5, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 3.9, "impactScore" : 3.6 } }, "publishedDate" : "2025-03-20T10:15Z", "lastModifiedDate" : "2025-04-02T16:10Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0454", "ASSIGNER" : "security@huntr.dev" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-918" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/significant-gravitas/autogpt/commit/ff065cd24c2289878c0abdb9adbf91c305f0d70a", "name" : "https://github.com/significant-gravitas/autogpt/commit/ff065cd24c2289878c0abdb9adbf91c305f0d70a", "refsource" : "", "tags" : [ "Patch" ] }, { "url" : "https://huntr.com/bounties/0664fdee-bdc2-4650-8075-74d7b8d3e308", "name" : "https://huntr.com/bounties/0664fdee-bdc2-4650-8075-74d7b8d3e308", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A Server-Side Request Forgery (SSRF) vulnerability was identified in the Requests utility of significant-gravitas/autogpt versions prior to v0.4.0. The vulnerability arises due to a hostname confusion between the `urlparse` function from the `urllib.parse` library and the `requests` library. A malicious user can exploit this by submitting a specially crafted URL, such as `http://localhost:\\@google.com/../`, to bypass the SSRF check and perform an SSRF attack." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:agpt:autogpt_platform:*:*:*:*:*:*:*:*", "versionEndExcluding" : "0.4.0", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "HIGH", "availabilityImpact" : "NONE", "baseScore" : 7.5, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 3.9, "impactScore" : 3.6 } }, "publishedDate" : "2025-03-20T10:15Z", "lastModifiedDate" : "2025-08-05T17:04Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0455", "ASSIGNER" : "cve@cert.org.tw" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.twcert.org.tw/en/cp-139-8358-143bc-2.html", "name" : "https://www.twcert.org.tw/en/cp-139-8358-143bc-2.html", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.twcert.org.tw/tw/cp-132-8357-28308-1.html", "name" : "https://www.twcert.org.tw/tw/cp-132-8357-28308-1.html", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The airPASS from NetVision Information has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-16T02:15Z", "lastModifiedDate" : "2025-01-16T02:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0456", "ASSIGNER" : "cve@cert.org.tw" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-306" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.twcert.org.tw/en/cp-139-8360-e97b8-2.html", "name" : "https://www.twcert.org.tw/en/cp-139-8360-e97b8-2.html", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.twcert.org.tw/tw/cp-132-8359-53aa7-1.html", "name" : "https://www.twcert.org.tw/tw/cp-132-8359-53aa7-1.html", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The airPASS from NetVision Information has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to access the specific administrative functionality to retrieve * all accounts and passwords." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-16T02:15Z", "lastModifiedDate" : "2025-01-16T02:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0457", "ASSIGNER" : "cve@cert.org.tw" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-78" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.twcert.org.tw/en/cp-139-8362-efb33-2.html", "name" : "https://www.twcert.org.tw/en/cp-139-8362-efb33-2.html", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.twcert.org.tw/tw/cp-132-8361-ff3fb-1.html", "name" : "https://www.twcert.org.tw/tw/cp-132-8361-ff3fb-1.html", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The airPASS from NetVision Information has an OS Command Injection vulnerability, allowing remote attackers with regular privileges to inject and execute arbitrary OS commands." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 8.8, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 2.8, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-16T02:15Z", "lastModifiedDate" : "2025-01-16T02:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0458", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" }, { "lang" : "en", "value" : "CWE-94" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://vuldb.com/?ctiid.291475", "name" : "VDB-291475 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.291475", "name" : "VDB-291475 | Virtual Computer Vysual RH Solution Login Panel index.php cross site scripting", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.473865", "name" : "Submit #473865 | Virtual Computer SA Vysual RH Solution 2024.12.1 Reflected Cross-Site Scripting", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as problematic was found in Virtual Computer Vysual RH Solution 2024.12.1. Affected by this vulnerability is an unknown functionality of the file /index.php of the component Login Panel. The manipulation of the argument page leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-14T16:15Z", "lastModifiedDate" : "2025-01-14T16:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0459", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-426" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://vuldb.com/?ctiid.291476", "name" : "VDB-291476 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.291476", "name" : "VDB-291476 | libretro RetroArch Startup profapi.dll untrusted search path", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.474011", "name" : "Submit #474011 | retroarch 1.19.1 Command Injection", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as problematic, has been found in libretro RetroArch up to 1.19.1 on Windows. Affected by this issue is some unknown functionality in the library profapi.dll of the component Startup. The manipulation leads to untrusted search path. An attack has to be approached locally. The vendor was contacted early about this disclosure but did not respond in any way." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-14T16:15Z", "lastModifiedDate" : "2025-01-14T16:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0460", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-284" }, { "lang" : "en", "value" : "CWE-434" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://gist.github.com/mcdruid/28124198128022a1c2b4060f74d99cd6", "name" : "https://gist.github.com/mcdruid/28124198128022a1c2b4060f74d99cd6", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.291477", "name" : "VDB-291477 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.291477", "name" : "VDB-291477 | Blog Botz for Journal Theme blog_add unrestricted upload", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.474089", "name" : "Submit #474089 | BlogBotz OpenCart module 1.0 Unrestricted File Upload", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as critical, was found in Blog Botz for Journal Theme 1.0 on OpenCart. This affects an unknown part of the file /index.php?route=extension/module/blog_add. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-14T16:15Z", "lastModifiedDate" : "2025-01-14T16:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0461", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-22" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/BxYQ/ld/blob/main/downloadSocialPromotionQrcode_fileread.doc", "name" : "https://github.com/BxYQ/ld/blob/main/downloadSocialPromotionQrcode_fileread.doc", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.291478", "name" : "VDB-291478 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.291478", "name" : "VDB-291478 | Shanghai Lingdang Information Technology Lingdang CRM index.php path traversal", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.474252", "name" : "Submit #474252 | Shanghai Lingdang Information Technology Co., Ltd. Lingdang CRM <=V8.6.0.0 File and Directory Information Exposure", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability has been found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.0.0 and classified as problematic. This vulnerability affects unknown code of the file /crm/weixinmp/index.php?userid=123&module=Users&usid=1&action=UsersAjax&minipro_const_type=1&related_module=Singin. The manipulation of the argument pathfile leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-14T16:15Z", "lastModifiedDate" : "2025-01-14T16:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0462", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" }, { "lang" : "en", "value" : "CWE-74" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/BxYQ/ld/blob/main/ListView_SQL.doc", "name" : "https://github.com/BxYQ/ld/blob/main/ListView_SQL.doc", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.291479", "name" : "VDB-291479 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.291479", "name" : "VDB-291479 | Shanghai Lingdang Information Technology Lingdang CRM index.php sql injection", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.474254", "name" : "Submit #474254 | Shanghai Lingdang Information Technology Co., Ltd. Lingdang CRM <=V8.6.0.0 SQL Injection", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.0.0 and classified as critical. This issue affects some unknown processing of the file /crm/weixinmp/index.php?userid=123&module=Users&usid=1&action=UsersAjax&minipro_const_type=1. The manipulation of the argument searchcontent leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-14T17:15Z", "lastModifiedDate" : "2025-01-14T17:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0463", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-284" }, { "lang" : "en", "value" : "CWE-434" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/BxYQ/ld/blob/main/File_Upload_vul.doc", "name" : "https://github.com/BxYQ/ld/blob/main/File_Upload_vul.doc", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.291480", "name" : "VDB-291480 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.291480", "name" : "VDB-291480 | Shanghai Lingdang Information Technology Lingdang CRM index.php unrestricted upload", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.474255", "name" : "Submit #474255 | Shanghai Lingdang Information Technology Co., Ltd. Lingdang CRM <=V8.6.0.0 Unrestricted Upload", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.0.0. It has been classified as critical. Affected is an unknown function of the file /crm/weixinmp/index.php?userid=123&module=Users&usid=1&action=UsersAjax&minipro_const_type=1&related_module=Singin. The manipulation of the argument name leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-14T17:15Z", "lastModifiedDate" : "2025-01-14T17:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0464", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://vuldb.com/?ctiid.291481", "name" : "VDB-291481 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.291481", "name" : "VDB-291481 | SourceCodester Task Reminder System Maintenance Section cross site scripting", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.474280", "name" : "Submit #474280 | oretnom23 Task Reminder System 0.1 Cross Site Scripting", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://www.sourcecodester.com/", "name" : "https://www.sourcecodester.com/", "refsource" : "", "tags" : [ "Product" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in SourceCodester Task Reminder System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Maintenance Section. The manipulation of the argument System Name leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:oretnom23:task_reminder_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "HIGH", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 4.8, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 1.7, "impactScore" : 2.7 } }, "publishedDate" : "2025-01-14T17:15Z", "lastModifiedDate" : "2025-02-11T14:59Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0465", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-20" }, { "lang" : "en", "value" : "CWE-502" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://gist.github.com/PSDat123/ad7eb46550f22632aa4c229a0857f00d", "name" : "https://gist.github.com/PSDat123/ad7eb46550f22632aa4c229a0857f00d", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.291482", "name" : "VDB-291482 | CTI Indicators (IOB, IOC, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.291482", "name" : "VDB-291482 | AquilaCMS categories deserialization", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.474285", "name" : "Submit #474285 | AquilaCMS 1.412.13 Code Injection", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in AquilaCMS 1.412.13. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/v2/categories. The manipulation of the argument PostBody.populate leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-14T18:15Z", "lastModifiedDate" : "2025-01-14T18:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0466", "ASSIGNER" : "contact@wpscan.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "NVD-CWE-noinfo" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://wpscan.com/vulnerability/53ab86dc-1195-4ba0-8eda-6a0d7b45c45f/", "name" : "https://wpscan.com/vulnerability/53ab86dc-1195-4ba0-8eda-6a0d7b45c45f/", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The Sensei LMS WordPress plugin before 4.24.4 does not properly protect some its REST API routes, allowing unauthenticated attackers to leak sensei_email and sensei_message Information." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:automattic:sensei_lms:*:*:*:*:*:wordpress:*:*", "versionEndExcluding" : "4.24.4", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-02-04T06:15Z", "lastModifiedDate" : "2025-05-13T18:50Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0467", "ASSIGNER" : "security@imgtec.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", "name" : "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:imaginationtech:ddk:*:*:*:*:*:*:*:*", "versionEndIncluding" : "24.3", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-04-18T01:15Z", "lastModifiedDate" : "2025-07-11T16:27Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0468", "ASSIGNER" : "security@imgtec.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", "name" : "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages.\n\nUnder certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel and drivers running on the platform altering their behaviour." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-04-04T16:15Z", "lastModifiedDate" : "2025-04-07T15:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0469", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://plugins.trac.wordpress.org/browser/forminator/tags/1.39.2/assets/forminator-ui/js/forminator-form.js#L888", "name" : "https://plugins.trac.wordpress.org/browser/forminator/tags/1.39.2/assets/forminator-ui/js/forminator-form.js#L888", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/14043276-ba0a-4862-a1a7-00b4c372c5bc?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/14043276-ba0a-4862-a1a7-00b4c372c5bc?source=cve", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the slider template data in all versions up to, and including, 1.39.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:wpmudev:forminator_forms:*:*:*:*:free:wordpress:*:*", "versionEndExcluding" : "1.39.3", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 5.4, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.3, "impactScore" : 2.7 } }, "publishedDate" : "2025-02-27T05:15Z", "lastModifiedDate" : "2025-03-11T19:57Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0470", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" }, { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://plugins.trac.wordpress.org/browser/forminator/tags/1.38.2/requirejs/main.js", "name" : "https://plugins.trac.wordpress.org/browser/forminator/tags/1.38.2/requirejs/main.js", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3226716%40forminator%2Ftrunk&old=3222217%40forminator%2Ftrunk&sfp_email=&sfph_mail=", "name" : "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3226716%40forminator%2Ftrunk&old=3222217%40forminator%2Ftrunk&sfp_email=&sfph_mail=", "refsource" : "", "tags" : [ "Patch" ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/f5281d4b-c2cd-4972-b837-e101a8893c6e?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/f5281d4b-c2cd-4972-b837-e101a8893c6e?source=cve", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the title parameter in all versions up to, and including, 1.38.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:wpmudev:forminator_forms:*:*:*:*:free:wordpress:*:*", "versionEndExcluding" : "1.38.3", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 6.1, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 2.7 } }, "publishedDate" : "2025-01-31T04:15Z", "lastModifiedDate" : "2025-05-23T16:14Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0471", "ASSIGNER" : "cve-coordination@incibe.es" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-434" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-pmb-platform", "name" : "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-pmb-platform", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Unrestricted file upload vulnerability in the PMB platform, affecting versions 4.0.10 and above. This vulnerability could allow an attacker to upload a file to gain remote access to the machine, being able to access, modify and execute commands freely." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:sigb:pmb:*:*:*:*:*:*:*:*", "versionStartIncluding" : "4.0.10", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-16T13:15Z", "lastModifiedDate" : "2025-05-07T16:24Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0472", "ASSIGNER" : "cve-coordination@incibe.es" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-434" }, { "lang" : "en", "value" : "CWE-200" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-pmb-platform", "name" : "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-pmb-platform", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Information exposure in the PMB platform affecting versions 4.2.13 and earlier. This vulnerability allows an attacker to upload a file to the environment and enumerate the internal files of a machine by looking at the request response." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:sigb:pmb:*:*:*:*:*:*:*:*", "versionEndIncluding" : "4.2.13", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 7.5, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 3.9, "impactScore" : 3.6 } }, "publishedDate" : "2025-01-16T13:15Z", "lastModifiedDate" : "2025-05-07T16:24Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0473", "ASSIGNER" : "cve-coordination@incibe.es" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-459" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-pmb-platform", "name" : "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-pmb-platform", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Vulnerability in the PMB platform that allows an attacker to persist temporary files on the server, affecting versions 4.0.10 and above. This vulnerability exists in the file upload functionality on the ‘/pmb/authorities/import/iimport_authorities’ endpoint. When a file is uploaded via this resource, the server will create a temporary file that will be deleted after the client sends a POST request to ‘/pmb/authorities/import/iimport_authorities’. This workflow is automated by the web client, however an attacker can trap and launch the second POST request to prevent the temporary file from being deleted." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:sigb:pmb:*:*:*:*:*:*:*:*", "versionStartIncluding" : "4.0.10", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 7.5, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 3.9, "impactScore" : 3.6 } }, "publishedDate" : "2025-01-16T13:15Z", "lastModifiedDate" : "2025-05-07T16:23Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0474", "ASSIGNER" : "disclosure@vulncheck.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/invoiceninja/invoiceninja/commit/2a9bf353b432d7060e85487b617151ecbc36247d", "name" : "https://github.com/invoiceninja/invoiceninja/commit/2a9bf353b432d7060e85487b617151ecbc36247d", "refsource" : "", "tags" : [ ] }, { "url" : "https://github.com/invoiceninja/invoiceninja/compare/97ae948618230c1812f3223b80bf22dcb0382dc5..435780932fe19063001d79ba518815df62773d71", "name" : "https://github.com/invoiceninja/invoiceninja/compare/97ae948618230c1812f3223b80bf22dcb0382dc5..435780932fe19063001d79ba518815df62773d71", "refsource" : "", "tags" : [ ] }, { "url" : "https://vulncheck.com/advisories/invoice-ninja-ssrf", "name" : "https://vulncheck.com/advisories/invoice-ninja-ssrf", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Invoice Ninja is vulnerable to authenticated Server-Side Request Forgery (SSRF) allowing for arbitrary file read and network resource requests as the application user.\nThis issue affects Invoice Ninja: from 5.8.56 through 5.11.23." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-14T19:15Z", "lastModifiedDate" : "2025-01-14T19:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0475", "ASSIGNER" : "cve@gitlab.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/513142", "name" : "GitLab Issue #513142", "refsource" : "", "tags" : [ "Broken Link" ] }, { "url" : "https://hackerone.com/reports/2932309", "name" : "HackerOne Bug Bounty Report #2932309", "refsource" : "", "tags" : [ "Permissions Required" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An issue has been discovered in GitLab CE/EE affecting all versions from 15.10 prior to 17.7.6, 17.8 prior to 17.8.4, and 17.9 prior to 17.9.1. A proxy feature could potentially allow unintended content rendering leading to XSS under specific circumstances." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "versionStartIncluding" : "17.8.0", "versionEndExcluding" : "17.8.4", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding" : "17.8.0", "versionEndExcluding" : "17.8.4", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:17.9.0:*:*:*:community:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:17.9.0:*:*:*:enterprise:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "versionStartIncluding" : "15.10.0", "versionEndExcluding" : "17.7.6", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding" : "15.10.0", "versionEndExcluding" : "17.7.6", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 6.1, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 2.7 } }, "publishedDate" : "2025-03-03T11:15Z", "lastModifiedDate" : "2025-03-07T12:32Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0476", "ASSIGNER" : "responsibledisclosure@mattermost.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://mattermost.com/security-updates", "name" : "https://mattermost.com/security-updates", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Mattermost Mobile Apps versions <=2.22.0 fail to properly handle specially crafted attachment names, which allows an attacker to crash the mobile app for any user who opened a channel containing the specially crafted attachment" } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-16T00:15Z", "lastModifiedDate" : "2025-01-16T00:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0477", "ASSIGNER" : "PSIRT@rockwellautomation.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1721.html", "name" : "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1721.html", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An encryption vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation FactoryTalk® AssetCentre. The vulnerability exists due to a weak encryption methodology and could allow a threat actor to extract passwords belonging to other users of the application." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-30T18:15Z", "lastModifiedDate" : "2025-01-30T18:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0478", "ASSIGNER" : "security@imgtec.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", "name" : "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Software installed and run as a non-privileged user may conduct improper GPU system calls to issue reads and writes to arbitrary physical memory pages.\n\nUnder certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel and drivers running on the platform, altering their behaviour." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-03-24T12:15Z", "lastModifiedDate" : "2025-03-24T14:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0479", "ASSIGNER" : "vdisclose@cert-in.org.in" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-1004" }, { "lang" : "en", "value" : "CWE-614" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2025-0005", "name" : "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2025-0005", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "This vulnerability exists in the CP Plus Router due to insecure handling of cookie flags used within its web interface. A remote attacker could exploit this vulnerability by intercepting data transmissions during an HTTP session on the vulnerable system.\n \nSuccessful exploitation of this vulnerability could allow the attacker to obtain sensitive information and compromise the targeted system." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-20T12:15Z", "lastModifiedDate" : "2025-01-20T12:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0480", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-918" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/wuzhicms/wuzhicms/issues/212", "name" : "https://github.com/wuzhicms/wuzhicms/issues/212", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ] }, { "url" : "https://github.com/wuzhicms/wuzhicms/issues/212#issue-2769226216", "name" : "https://github.com/wuzhicms/wuzhicms/issues/212#issue-2769226216", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.291915", "name" : "VDB-291915 | CTI Indicators (IOB, IOC, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.291915", "name" : "VDB-291915 | wuzhicms config.php test server-side request forgery", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.474965", "name" : "Submit #474965 | wuzhicms 4.1.0 SSRF", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as problematic has been found in wuzhicms 4.1.0. This affects the function test of the file coreframe/app/search/admin/config.php. The manipulation of the argument sphinxhost/sphinxport leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:wuzhicms:wuzhicms:4.1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 4.3, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 1.4 } }, "publishedDate" : "2025-01-15T18:15Z", "lastModifiedDate" : "2025-05-13T13:39Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0481", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-200" }, { "lang" : "en", "value" : "CWE-284" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-878/dllog.md", "name" : "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-878/dllog.md", "refsource" : "", "tags" : [ "Broken Link" ] }, { "url" : "https://vuldb.com/?ctiid.291924", "name" : "VDB-291924 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.291924", "name" : "VDB-291924 | D-Link DIR-878 HTTP POST Request dllog.cgi information disclosure", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.475011", "name" : "Submit #475011 | D-Link DIR-878 HW:A1 FW:1.03 Improper Access Controls", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://www.dlink.com/", "name" : "https://www.dlink.com/", "refsource" : "", "tags" : [ "Product" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as problematic has been found in D-Link DIR-878 1.03. Affected is an unknown function of the file /dllog.cgi of the component HTTP POST Request Handler. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:dlink:dir-878_firmware:1.03:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:h:dlink:dir-878:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 7.5, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 3.9, "impactScore" : 3.6 } }, "publishedDate" : "2025-01-15T19:15Z", "lastModifiedDate" : "2025-07-16T14:56Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0482", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "NVD-CWE-Other" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/Fanli2012/native-php-cms/issues/4", "name" : "https://github.com/Fanli2012/native-php-cms/issues/4", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ] }, { "url" : "https://github.com/Fanli2012/native-php-cms/issues/4", "name" : "https://github.com/Fanli2012/native-php-cms/issues/4", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ] }, { "url" : "https://github.com/Fanli2012/native-php-cms/issues/4#issue-2769866348", "name" : "https://github.com/Fanli2012/native-php-cms/issues/4#issue-2769866348", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ] }, { "url" : "https://github.com/Fanli2012/native-php-cms/issues/4#issue-2769866348", "name" : "https://github.com/Fanli2012/native-php-cms/issues/4#issue-2769866348", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.291927", "name" : "VDB-291927 | CTI Indicators (IOB, IOC, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.291927", "name" : "VDB-291927 | Fanli2012 native-php-cms user_recoverpwd.php default credentials", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.475237", "name" : "Submit #475237 | Fanli2012 native-php-cms 1.0 logic vulnerability", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as critical, was found in Fanli2012 native-php-cms 1.0. This affects an unknown part of the file /fladmin/user_recoverpwd.php. The manipulation leads to use of default credentials. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:native-php-cms_project:native-php-cms:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "LOW", "baseScore" : 7.3, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 3.9, "impactScore" : 3.4 } }, "publishedDate" : "2025-01-15T20:15Z", "lastModifiedDate" : "2025-04-29T20:23Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0483", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" }, { "lang" : "en", "value" : "CWE-94" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/Fanli2012/native-php-cms/issues/5", "name" : "https://github.com/Fanli2012/native-php-cms/issues/5", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ] }, { "url" : "https://github.com/Fanli2012/native-php-cms/issues/5", "name" : "https://github.com/Fanli2012/native-php-cms/issues/5", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ] }, { "url" : "https://github.com/Fanli2012/native-php-cms/issues/5#issue-2769894596", "name" : "https://github.com/Fanli2012/native-php-cms/issues/5#issue-2769894596", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ] }, { "url" : "https://github.com/Fanli2012/native-php-cms/issues/5#issue-2769894596", "name" : "https://github.com/Fanli2012/native-php-cms/issues/5#issue-2769894596", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.291928", "name" : "VDB-291928 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.291928", "name" : "VDB-291928 | Fanli2012 native-php-cms jump.php cross site scripting", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.475240", "name" : "Submit #475240 | Fanli2012 native-php-cms 1.0 reflection XSS", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability has been found in Fanli2012 native-php-cms 1.0 and classified as problematic. This vulnerability affects unknown code of the file /fladmin/jump.php. The manipulation of the argument message/error leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:native-php-cms_project:native-php-cms:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "REQUIRED", "scope" : "UNCHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 4.6, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.1, "impactScore" : 2.5 } }, "publishedDate" : "2025-01-15T20:15Z", "lastModifiedDate" : "2025-05-13T13:39Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0484", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "NVD-CWE-noinfo" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/Fanli2012/native-php-cms/issues/6", "name" : "https://github.com/Fanli2012/native-php-cms/issues/6", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking" ] }, { "url" : "https://github.com/Fanli2012/native-php-cms/issues/6#issue-2769903928", "name" : "https://github.com/Fanli2012/native-php-cms/issues/6#issue-2769903928", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking" ] }, { "url" : "https://vuldb.com/?ctiid.291929", "name" : "VDB-291929 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.291929", "name" : "VDB-291929 | Fanli2012 native-php-cms Backend sysconfig_doedit.php improper authorization", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.475245", "name" : "Submit #475245 | Fanli2012 native-php-cms 1.0 unauthorized access", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in Fanli2012 native-php-cms 1.0 and classified as critical. This issue affects some unknown processing of the file /fladmin/sysconfig_doedit.php of the component Backend. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:fanli2012:native-php-cms:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "HIGH", "availabilityImpact" : "NONE", "baseScore" : 7.5, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 3.9, "impactScore" : 3.6 } }, "publishedDate" : "2025-01-15T20:15Z", "lastModifiedDate" : "2025-02-27T02:05Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0485", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/Fanli2012/native-php-cms/issues/7", "name" : "https://github.com/Fanli2012/native-php-cms/issues/7", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking" ] }, { "url" : "https://github.com/Fanli2012/native-php-cms/issues/7#issue-2769919832", "name" : "https://github.com/Fanli2012/native-php-cms/issues/7#issue-2769919832", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking" ] }, { "url" : "https://vuldb.com/?ctiid.291930", "name" : "VDB-291930 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.291930", "name" : "VDB-291930 | Fanli2012 native-php-cms sysconfig_doedit.php cross site scripting", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.475247", "name" : "Submit #475247 | Fanli2012 native-php-cms 1.0 Storage XSS", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in Fanli2012 native-php-cms 1.0. It has been classified as problematic. Affected is an unknown function of the file /fladmin/sysconfig_doedit.php. The manipulation of the argument info leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:fanli2012:native-php-cms:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 6.1, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 2.7 } }, "publishedDate" : "2025-01-15T20:15Z", "lastModifiedDate" : "2025-02-27T02:05Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0486", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/Fanli2012/native-php-cms/issues/8", "name" : "https://github.com/Fanli2012/native-php-cms/issues/8", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking" ] }, { "url" : "https://github.com/Fanli2012/native-php-cms/issues/8#issue-2769942639", "name" : "https://github.com/Fanli2012/native-php-cms/issues/8#issue-2769942639", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking" ] }, { "url" : "https://vuldb.com/?ctiid.291931", "name" : "VDB-291931 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.291931", "name" : "VDB-291931 | Fanli2012 native-php-cms login.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.475249", "name" : "Submit #475249 | Fanli2012 native-php-cms 1.0 universal password", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in Fanli2012 native-php-cms 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /fladmin/login.php. The manipulation of the argument username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:fanli2012:native-php-cms:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-15T21:15Z", "lastModifiedDate" : "2025-02-27T02:05Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0487", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/Fanli2012/native-php-cms/issues/9", "name" : "https://github.com/Fanli2012/native-php-cms/issues/9", "refsource" : "", "tags" : [ "Exploit" ] }, { "url" : "https://github.com/Fanli2012/native-php-cms/issues/9#issue-2769962332", "name" : "https://github.com/Fanli2012/native-php-cms/issues/9#issue-2769962332", "refsource" : "", "tags" : [ "Exploit" ] }, { "url" : "https://vuldb.com/?ctiid.291932", "name" : "VDB-291932 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.291932", "name" : "VDB-291932 | Fanli2012 native-php-cms cat_edit.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.475254", "name" : "Submit #475254 | Fanli2012 native-php-cms 1.0 SQL injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in Fanli2012 native-php-cms 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /fladmin/cat_edit.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:fanli2012:native-php-cms:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-15T21:15Z", "lastModifiedDate" : "2025-02-27T02:05Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0488", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/Fanli2012/native-php-cms/issues/10", "name" : "https://github.com/Fanli2012/native-php-cms/issues/10", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ] }, { "url" : "https://github.com/Fanli2012/native-php-cms/issues/10", "name" : "https://github.com/Fanli2012/native-php-cms/issues/10", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ] }, { "url" : "https://github.com/Fanli2012/native-php-cms/issues/10#issue-2769983658", "name" : "https://github.com/Fanli2012/native-php-cms/issues/10#issue-2769983658", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ] }, { "url" : "https://github.com/Fanli2012/native-php-cms/issues/10#issue-2769983658", "name" : "https://github.com/Fanli2012/native-php-cms/issues/10#issue-2769983658", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.291933", "name" : "VDB-291933 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.291933", "name" : "VDB-291933 | Fanli2012 native-php-cms product_list.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.475255", "name" : "Submit #475255 | Fanli2012 native-php-cms 1.0 SQL injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as critical has been found in Fanli2012 native-php-cms 1.0. This affects an unknown part of the file product_list.php. The manipulation of the argument cat leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:native-php-cms_project:native-php-cms:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 8.8, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 2.8, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-15T21:15Z", "lastModifiedDate" : "2025-05-05T15:19Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0489", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/Fanli2012/native-php-cms/issues/11", "name" : "https://github.com/Fanli2012/native-php-cms/issues/11", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ] }, { "url" : "https://github.com/Fanli2012/native-php-cms/issues/11", "name" : "https://github.com/Fanli2012/native-php-cms/issues/11", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ] }, { "url" : "https://github.com/Fanli2012/native-php-cms/issues/11#issue-2769999157", "name" : "https://github.com/Fanli2012/native-php-cms/issues/11#issue-2769999157", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ] }, { "url" : "https://github.com/Fanli2012/native-php-cms/issues/11#issue-2769999157", "name" : "https://github.com/Fanli2012/native-php-cms/issues/11#issue-2769999157", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.291934", "name" : "VDB-291934 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.291934", "name" : "VDB-291934 | Fanli2012 native-php-cms friendlink_dodel.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.475256", "name" : "Submit #475256 | Fanli2012 native-php-cms 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as critical was found in Fanli2012 native-php-cms 1.0. This vulnerability affects unknown code of the file /fladmin/friendlink_dodel.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:native-php-cms_project:native-php-cms:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 8.8, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 2.8, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-15T22:15Z", "lastModifiedDate" : "2025-05-05T15:19Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0490", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/Fanli2012/native-php-cms/issues/12", "name" : "https://github.com/Fanli2012/native-php-cms/issues/12", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ] }, { "url" : "https://github.com/Fanli2012/native-php-cms/issues/12", "name" : "https://github.com/Fanli2012/native-php-cms/issues/12", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ] }, { "url" : "https://github.com/Fanli2012/native-php-cms/issues/12#issue-2770013163", "name" : "https://github.com/Fanli2012/native-php-cms/issues/12#issue-2770013163", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ] }, { "url" : "https://github.com/Fanli2012/native-php-cms/issues/12#issue-2770013163", "name" : "https://github.com/Fanli2012/native-php-cms/issues/12#issue-2770013163", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.291935", "name" : "VDB-291935 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.291935", "name" : "VDB-291935 | Fanli2012 native-php-cms article_dodel.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.475258", "name" : "Submit #475258 | Fanli2012 native-php-cms 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as critical, has been found in Fanli2012 native-php-cms 1.0. This issue affects some unknown processing of the file /fladmin/article_dodel.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:native-php-cms_project:native-php-cms:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 8.8, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 2.8, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-15T22:15Z", "lastModifiedDate" : "2025-05-05T15:19Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0491", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/Fanli2012/native-php-cms/issues/13", "name" : "https://github.com/Fanli2012/native-php-cms/issues/13", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking" ] }, { "url" : "https://github.com/Fanli2012/native-php-cms/issues/13#issue-2770022466", "name" : "https://github.com/Fanli2012/native-php-cms/issues/13#issue-2770022466", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking" ] }, { "url" : "https://vuldb.com/?ctiid.291936", "name" : "VDB-291936 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.291936", "name" : "VDB-291936 | Fanli2012 native-php-cms cat_dodel.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.475260", "name" : "Submit #475260 | Fanli2012 native-php-cms 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as critical, was found in Fanli2012 native-php-cms 1.0. Affected is an unknown function of the file /fladmin/cat_dodel.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:fanli2012:native-php-cms:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-15T22:15Z", "lastModifiedDate" : "2025-02-27T02:05Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0492", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-476" }, { "lang" : "en", "value" : "CWE-404" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://tasty-foxtrot-3a8.notion.site/D-link-DIR-823X-FUN_00412244-NULL-Pointer-Dereference-1730448e619580fcb7f9d871c6e7190a", "name" : "https://tasty-foxtrot-3a8.notion.site/D-link-DIR-823X-FUN_00412244-NULL-Pointer-Dereference-1730448e619580fcb7f9d871c6e7190a", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.291937", "name" : "VDB-291937 | CTI Indicators (IOB, IOC, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.291937", "name" : "VDB-291937 | D-Link DIR-823X FUN_00412244 null pointer dereference", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.475301", "name" : "Submit #475301 | D-Link DIR-823X 240126, 240802 NULL Pointer Dereference", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.dlink.com/", "name" : "https://www.dlink.com/", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability has been found in D-Link DIR-823X 240126/240802 and classified as critical. Affected by this vulnerability is the function FUN_00412244. The manipulation leads to null pointer dereference. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-15T22:15Z", "lastModifiedDate" : "2025-01-15T22:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0493", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-22" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://plugins.trac.wordpress.org/browser/dc-woocommerce-multi-vendor/tags/4.2.14/classes/class-mvx-ajax.php#L661", "name" : "https://plugins.trac.wordpress.org/browser/dc-woocommerce-multi-vendor/tags/4.2.14/classes/class-mvx-ajax.php#L661", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://plugins.trac.wordpress.org/browser/dc-woocommerce-multi-vendor/tags/4.2.15/classes/class-mvx-ajax.php#L661", "name" : "https://plugins.trac.wordpress.org/browser/dc-woocommerce-multi-vendor/tags/4.2.15/classes/class-mvx-ajax.php#L661", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/812029d9-95d6-4bc9-98b2-700f462163b3?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/812029d9-95d6-4bc9-98b2-700f462163b3?source=cve", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to Limited Local File Inclusion in all versions up to, and including, 4.2.14 via the tabname parameter. This makes it possible for unauthenticated attackers to include PHP files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where PHP files can be uploaded and included" } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:multivendorx:multivendorx:*:*:*:*:*:wordpress:*:*", "versionEndExcluding" : "4.2.15", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-31T05:15Z", "lastModifiedDate" : "2025-05-23T16:10Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0495", "ASSIGNER" : "security@docker.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/docker/buildx", "name" : "https://github.com/docker/buildx", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Buildx is a Docker CLI plugin that extends build capabilities using BuildKit.\n\nCache backends support credentials by setting secrets directly as attribute values in cache-to/cache-from configuration. When supplied as user input, these secure values may be inadvertently captured in OpenTelemetry traces as part of the arguments and flags for the traced CLI command. OpenTelemetry traces are also saved in BuildKit daemon's history records.\n\n\nThis vulnerability does not impact secrets passed to the Github cache backend via environment variables or registry authentication." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-03-17T20:15Z", "lastModifiedDate" : "2025-03-17T20:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0497", "ASSIGNER" : "PSIRT@rockwellautomation.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1721.html", "name" : "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1721.html", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A data exposure vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation FactoryTalk® AssetCentre. The vulnerability exists due to storing credentials in the configuration file of EventLogAttachmentExtractor, ArchiveExtractor, LogCleanUp, or ArchiveLogCleanUp packages." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-30T18:15Z", "lastModifiedDate" : "2025-01-30T18:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0498", "ASSIGNER" : "PSIRT@rockwellautomation.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1721.html", "name" : "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1721.html", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A data exposure vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation FactoryTalk® AssetCentre. The vulnerability exists due to insecure storage of FactoryTalk® Security user tokens, which could allow a threat actor to steal a token and, impersonate another user." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-30T18:15Z", "lastModifiedDate" : "2025-01-30T18:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0499", "ASSIGNER" : "cve@gitlab.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-11T02:15Z", "lastModifiedDate" : "2025-02-11T02:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0500", "ASSIGNER" : "aws-security@amazon.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://aws.amazon.com/security/security-bulletins/AWS-2025-001/", "name" : "https://aws.amazon.com/security/security-bulletins/AWS-2025-001/", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An issue in the native clients for Amazon WorkSpaces (when running Amazon DCV protocol), Amazon AppStream 2.0, and Amazon DCV Clients may allow an attacker to access remote sessions via man-in-the-middle." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-15T19:15Z", "lastModifiedDate" : "2025-01-29T19:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0501", "ASSIGNER" : "aws-security@amazon.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://aws.amazon.com/security/security-bulletins/AWS-2025-001/", "name" : "https://aws.amazon.com/security/security-bulletins/AWS-2025-001/", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An issue in the native clients for Amazon WorkSpaces (when running PCoIP protocol) may allow an attacker to access remote sessions via man-in-the-middle." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-15T19:15Z", "lastModifiedDate" : "2025-01-29T19:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0502", "ASSIGNER" : "security@craftersoftware.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://craftercms.com/docs/current/security/advisory.html#cv-2025011501", "name" : "https://craftercms.com/docs/current/security/advisory.html#cv-2025011501", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Transmission of Private Resources into a New Sphere ('Resource Leak') vulnerability in CrafterCMS Engine on Linux, MacOS, x86, Windows, 64 bit, ARM allows Directory Indexing, Resource Leak Exposure.This issue affects CrafterCMS: from 4.0.0 before 4.0.8, from 4.1.0 before 4.1.6." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-15T18:15Z", "lastModifiedDate" : "2025-01-15T18:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0503", "ASSIGNER" : "responsibledisclosure@mattermost.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://mattermost.com/security-updates", "name" : "https://mattermost.com/security-updates", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Mattermost versions 9.11.x <= 9.11.6 fail to filter out DMs from the deleted channels endpoint which allows an attacker to infer user IDs and other metadata from deleted DMs if someone had manually marked DMs as deleted in the database." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-14T18:15Z", "lastModifiedDate" : "2025-02-14T18:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0505", "ASSIGNER" : "psirt@arista.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.arista.com/en/support/advisories-notices/security-advisory/21315-security-advisory-0115", "name" : "https://www.arista.com/en/support/advisories-notices/security-advisory/21315-security-advisory-0115", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "On Arista CloudVision systems (virtual or physical on-premise deployments), Zero Touch Provisioning can be used to gain admin privileges on the CloudVision system, with more permissions than necessary, which can be used to query or manipulate system state for devices under management. Note that CloudVision as-a-Service is not affected." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-05-08T19:16Z", "lastModifiedDate" : "2025-05-08T19:16Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0506", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://plugins.trac.wordpress.org/browser/rise-blocks/tags/3.6/classes/blocks/site-identity.php#L375", "name" : "https://plugins.trac.wordpress.org/browser/rise-blocks/tags/3.6/classes/blocks/site-identity.php#L375", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/2ec012e7-b997-466e-8676-8e9467473eae?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/2ec012e7-b997-466e-8676-8e9467473eae?source=cve", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The Rise Blocks – A Complete Gutenberg Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the titleTag parameter in all versions up to, and including, 3.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:eaglevisionit:rise_blocks:*:*:*:*:*:wordpress:*:*", "versionEndIncluding" : "3.6", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 5.4, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.3, "impactScore" : 2.7 } }, "publishedDate" : "2025-02-12T10:15Z", "lastModifiedDate" : "2025-02-25T19:39Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0507", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://plugins.trac.wordpress.org/browser/ploxel/tags/2.2.0/ploxel.php#L49", "name" : "https://plugins.trac.wordpress.org/browser/ploxel/tags/2.2.0/ploxel.php#L49", "refsource" : "", "tags" : [ ] }, { "url" : "https://plugins.trac.wordpress.org/changeset/3231203/", "name" : "https://plugins.trac.wordpress.org/changeset/3231203/", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/149edbdf-4a27-4d79-8dd1-b5b3efbf648b?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/149edbdf-4a27-4d79-8dd1-b5b3efbf648b?source=cve", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The Ticketmeo – Sell Tickets – Event Ticketing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 2.3.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 6.4, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 3.1, "impactScore" : 2.7 } }, "publishedDate" : "2025-01-31T05:15Z", "lastModifiedDate" : "2025-01-31T05:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0508", "ASSIGNER" : "security@huntr.dev" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-440" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/aws/sagemaker-python-sdk/commit/dcdd99f911e8b1a05d19cf1ad939b0fefae47864", "name" : "https://github.com/aws/sagemaker-python-sdk/commit/dcdd99f911e8b1a05d19cf1ad939b0fefae47864", "refsource" : "", "tags" : [ ] }, { "url" : "https://huntr.com/bounties/eb056818-5b81-466f-81ee-916058d34af2", "name" : "https://huntr.com/bounties/eb056818-5b81-466f-81ee-916058d34af2", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability in the SageMaker Workflow component of aws/sagemaker-python-sdk allows for the possibility of MD5 hash collisions in all versions. This can lead to workflows being inadvertently replaced due to the reuse of results from different configurations that produce the same MD5 hash. This issue can cause integrity problems within the pipeline, potentially leading to erroneous processing outcomes." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-03-20T10:15Z", "lastModifiedDate" : "2025-03-20T10:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0509", "ASSIGNER" : "patrick@puiterwijk.org" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/sparkle-project/Sparkle/pull/2550", "name" : "https://github.com/sparkle-project/Sparkle/pull/2550", "refsource" : "", "tags" : [ "Issue Tracking", "Patch" ] }, { "url" : "https://security.netapp.com/advisory/ntap-20250124-0008/", "name" : "https://security.netapp.com/advisory/ntap-20250124-0008/", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://sparkle-project.org/documentation/security-and-reliability/", "name" : "https://sparkle-project.org/documentation/security-and-reliability/", "refsource" : "", "tags" : [ "Patch" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A security issue was found in Sparkle before version 2.6.4. An attacker can replace an existing signed update with another payload, bypassing Sparkle’s (Ed)DSA signing checks." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:netapp:hci_compute_node:-:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:sparkle-project:sparkle:*:*:*:*:*:*:*:*", "versionEndExcluding" : "2.6.4", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:netapp:hci_compute_node:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "ADJACENT_NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "HIGH", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 6.8, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 0.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-02-04T20:15Z", "lastModifiedDate" : "2025-08-05T14:35Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0510", "ASSIGNER" : "security@mozilla.org" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "NVD-CWE-noinfo" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1940570", "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1940570", "refsource" : "", "tags" : [ "Permissions Required" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-10/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-10/", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://www.mozilla.org/security/advisories/mfsa2025-11/", "name" : "https://www.mozilla.org/security/advisories/mfsa2025-11/", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Thunderbird displayed an incorrect sender address if the From field of an email used the invalid group name syntax that is described in CVE-2024-49040. This vulnerability affects Thunderbird < 128.7 and Thunderbird < 135." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:esr:*:*:*", "versionStartIncluding" : "128.0.1", "versionEndExcluding" : "128.7.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:-:*:*:*", "versionStartIncluding" : "131.0", "versionEndExcluding" : "135.0", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "REQUIRED", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "HIGH", "availabilityImpact" : "NONE", "baseScore" : 6.5, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 3.6 } }, "publishedDate" : "2025-02-04T14:15Z", "lastModifiedDate" : "2025-02-06T21:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0511", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://plugins.trac.wordpress.org/browser/usc-e-shop/trunk/functions/settlement_func.php#L612", "name" : "https://plugins.trac.wordpress.org/browser/usc-e-shop/trunk/functions/settlement_func.php#L612", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://plugins.trac.wordpress.org/changeset/3235131/", "name" : "https://plugins.trac.wordpress.org/changeset/3235131/", "refsource" : "", "tags" : [ "Patch" ] }, { "url" : "https://wordpress.org/plugins/usc-e-shop/#developers", "name" : "https://wordpress.org/plugins/usc-e-shop/#developers", "refsource" : "", "tags" : [ "Product", "Release Notes" ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/6c26270b-a0a7-4877-aa66-bffe260003df?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/6c26270b-a0a7-4877-aa66-bffe260003df?source=cve", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The Welcart e-Commerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘name’ parameter in all versions up to, and including, 2.11.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:welcart:welcart_e-commerce:*:*:*:*:*:wordpress:*:*", "versionEndExcluding" : "2.11.10", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 6.1, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 2.7 } }, "publishedDate" : "2025-02-12T12:15Z", "lastModifiedDate" : "2025-02-20T20:35Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0512", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://plugins.trac.wordpress.org/browser/structured-content/trunk/templates/shortcodes/local-business.php#L10", "name" : "https://plugins.trac.wordpress.org/browser/structured-content/trunk/templates/shortcodes/local-business.php#L10", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://plugins.trac.wordpress.org/changeset/3248930/", "name" : "https://plugins.trac.wordpress.org/changeset/3248930/", "refsource" : "", "tags" : [ "Patch" ] }, { "url" : "https://wordpress.org/plugins/structured-content/#developers", "name" : "https://wordpress.org/plugins/structured-content/#developers", "refsource" : "", "tags" : [ "Product", "Release Notes" ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/8ac5fe69-7885-4fb7-8107-079216d6955e?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/8ac5fe69-7885-4fb7-8107-079216d6955e?source=cve", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The Structured Content (JSON-LD) #wpsc plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's sc_fs_local_business shortcode in all versions up to, and including, 6.4.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:wpsc-plugin:structured_content:*:*:*:*:*:wordpress:*:*", "versionEndExcluding" : "1.6.4", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 5.4, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.3, "impactScore" : 2.7 } }, "publishedDate" : "2025-03-04T09:15Z", "lastModifiedDate" : "2025-03-05T16:39Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0513", "ASSIGNER" : "security@octopus.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://advisories.octopus.com/post/2024/sa2025-04/", "name" : "https://advisories.octopus.com/post/2024/sa2025-04/", "refsource" : "", "tags" : [ "Broken Link" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "In affected versions of Octopus Server error messages were handled unsafely on the error page. If an adversary could control any part of the error message they could embed code which may impact the user viewing the error message." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:octopus:octopus_server:*:*:*:*:*:*:*:*", "versionStartIncluding" : "2024.3.164", "versionEndExcluding" : "2024.3.12985", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:octopus:octopus_server:*:*:*:*:*:*:*:*", "versionStartIncluding" : "2024.4.401", "versionEndExcluding" : "2024.4.6962", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 5.4, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.3, "impactScore" : 2.7 } }, "publishedDate" : "2025-02-11T11:15Z", "lastModifiedDate" : "2025-07-02T17:24Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0514", "ASSIGNER" : "security@documentfoundation.org" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.libreoffice.org/about-us/security/advisories/cve-2025-0514", "name" : "https://www.libreoffice.org/about-us/security/advisories/cve-2025-0514", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Improper Input Validation vulnerability in The Document Foundation LibreOffice allows Windows Executable hyperlink targets to be executed unconditionally on activation.This issue affects LibreOffice: from 24.8 before < 24.8.5." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-25T22:15Z", "lastModifiedDate" : "2025-02-25T22:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0515", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-862" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://themeforest.net/item/buzz-club-night-club-dj-music-festival-event-wordpress-theme/17973992", "name" : "https://themeforest.net/item/buzz-club-night-club-dj-music-festival-event-wordpress-theme/17973992", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/44ad056b-8995-4068-8b05-4fefb8d2ff0a?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/44ad056b-8995-4068-8b05-4fefb8d2ff0a?source=cve", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The Buzz Club – Night Club, DJ and Music Festival Event WordPress Theme theme for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the 'cmsmasters_hide_admin_notice' function in all versions up to, and including, 2.0.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update option values to 'hide' on the WordPress site. This can be leveraged to update an option that would create an error on the site and deny service to legitimate users or be used to set some values to true such as registration." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 4.3, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 1.4 } }, "publishedDate" : "2025-01-18T07:15Z", "lastModifiedDate" : "2025-01-18T07:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0516", "ASSIGNER" : "cve@gitlab.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-863" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/513540", "name" : "GitLab Issue #513540", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking" ] }, { "url" : "https://hackerone.com/reports/2914644", "name" : "HackerOne Bug Bounty Report #2914644", "refsource" : "", "tags" : [ "Permissions Required" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Improper Authorization in GitLab CE/EE affecting all versions from 17.7 prior to 17.7.4, 17.8 prior to 17.8.2 allow users with limited permissions to perform unauthorized actions on critical project data." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "versionStartIncluding" : "17.7.0", "versionEndExcluding" : "17.7.4", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "versionStartIncluding" : "17.8.0", "versionEndExcluding" : "17.8.2", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding" : "17.7.0", "versionEndExcluding" : "17.7.4", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding" : "17.8.0", "versionEndExcluding" : "17.8.2", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-02-12T16:15Z", "lastModifiedDate" : "2025-08-06T18:49Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0517", "ASSIGNER" : "cve@gitlab.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-08T22:15Z", "lastModifiedDate" : "2025-02-08T22:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0518", "ASSIGNER" : "CyberarkLabs@Cyberark.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/FFmpeg/FFmpeg/commit/b5b6391d64807578ab872dc58fb8aa621dcfc38a", "name" : "https://github.com/FFmpeg/FFmpeg/commit/b5b6391d64807578ab872dc58fb8aa621dcfc38a", "refsource" : "", "tags" : [ "Patch" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Unchecked Return Value, Out-of-bounds Read vulnerability in FFmpeg allows Read Sensitive Constants Within an Executable. This vulnerability is associated with program files https://github.Com/FFmpeg/FFmpeg/blob/master/libavfilter/af_pan.C .\n\nThis issue affects FFmpeg: 7.1.\n\nIssue was fixed:  https://github.com/FFmpeg/FFmpeg/commit/b5b6391d64807578ab872dc58fb8aa621dcfc38a\n\n https://github.com/FFmpeg/FFmpeg/commit/b5b6391d64807578ab872dc58fb8aa621dcfc38a This issue was discovered by: Simcha Kosman" } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ffmpeg:ffmpeg:7.1:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 5.3, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 3.9, "impactScore" : 1.4 } }, "publishedDate" : "2025-01-16T17:15Z", "lastModifiedDate" : "2025-08-05T19:54Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0520", "ASSIGNER" : "disclosure@vulncheck.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/star7th/showdoc/pull/1059", "name" : "https://github.com/star7th/showdoc/pull/1059", "refsource" : "", "tags" : [ ] }, { "url" : "https://github.com/vulhub/vulhub/tree/master/showdoc/CNVD-2020-26585", "name" : "https://github.com/vulhub/vulhub/tree/master/showdoc/CNVD-2020-26585", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.cnvd.org.cn/flaw/show/CNVD-2020-26585", "name" : "https://www.cnvd.org.cn/flaw/show/CNVD-2020-26585", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An unrestricted file upload vulnerability in ShowDoc caused by improper validation of file extension allows execution of arbitrary PHP, leading to remote code execution.This issue affects ShowDoc: before 2.8.7." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-04-29T20:15Z", "lastModifiedDate" : "2025-04-29T20:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0521", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3237626%40post-smtp%2Ftrunk&old=3229076%40post-smtp%2Ftrunk&sfp_email=&sfph_mail=", "name" : "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3237626%40post-smtp%2Ftrunk&old=3229076%40post-smtp%2Ftrunk&sfp_email=&sfph_mail=", "refsource" : "", "tags" : [ "Patch" ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/366dfbf1-870c-4ce3-abc4-a2b2f4e72175?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/366dfbf1-870c-4ce3-abc4-a2b2f4e72175?source=cve", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The Post SMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the from and subject parameter in all versions up to, and including, 3.0.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:wpexperts:post_smtp:*:*:*:*:*:wordpress:*:*", "versionEndExcluding" : "3.1.0", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 6.1, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 2.7 } }, "publishedDate" : "2025-02-18T11:15Z", "lastModifiedDate" : "2025-02-21T12:16Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0522", "ASSIGNER" : "contact@wpscan.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-352" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://wpscan.com/vulnerability/4c2eed5a-f4d8-457d-a403-7eaced36c491/", "name" : "https://wpscan.com/vulnerability/4c2eed5a-f4d8-457d-a403-7eaced36c491/", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The LikeBot WordPress plugin through 0.85 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:tommietott:likebot:*:*:*:*:*:wordpress:*:*", "versionEndIncluding" : "0.85", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-02-06T06:15Z", "lastModifiedDate" : "2025-05-23T16:49Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0524", "ASSIGNER" : "cve@gitlab.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-03-15T23:15Z", "lastModifiedDate" : "2025-03-15T23:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0525", "ASSIGNER" : "security@octopus.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://advisories.octopus.com/post/2024/sa2025-02/", "name" : "https://advisories.octopus.com/post/2024/sa2025-02/", "refsource" : "", "tags" : [ "Broken Link" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "In affected versions of Octopus Server the preview import feature could be leveraged to identify the existence of a target file. This could provide an adversary with information that may aid in further attacks against the server." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:octopus:octopus_server:*:*:*:*:*:*:*:*", "versionStartIncluding" : "2020.6.4592", "versionEndExcluding" : "2024.3.13007", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:octopus:octopus_server:*:*:*:*:*:*:*:*", "versionStartIncluding" : "2024.4.401", "versionEndExcluding" : "2024.4.6995", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 7.5, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 3.9, "impactScore" : 3.6 } }, "publishedDate" : "2025-02-11T10:15Z", "lastModifiedDate" : "2025-07-02T17:24Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0526", "ASSIGNER" : "security@octopus.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://advisories.octopus.com/post/2024/sa2025-03/", "name" : "https://advisories.octopus.com/post/2024/sa2025-03/", "refsource" : "", "tags" : [ "Broken Link" ] }, { "url" : "https://advisories.octopus.com/post/2025/sa2025-03/", "name" : "https://advisories.octopus.com/post/2025/sa2025-03/", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "In affected versions of Octopus Deploy it was possible to upload files to unexpected locations on the host using an API endpoint. The field lacked validation which could potentially result in ways to circumvent expected workflows." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:octopus:octopus_server:*:*:*:*:*:*:*:*", "versionStartIncluding" : "2022.4.791", "versionEndExcluding" : "2024.3.13097", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:octopus:octopus_server:*:*:*:*:*:*:*:*", "versionStartIncluding" : "2024.4.401", "versionEndExcluding" : "2024.4.7091", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "LOW", "availabilityImpact" : "LOW", "baseScore" : 5.4, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 2.5 } }, "publishedDate" : "2025-02-11T11:15Z", "lastModifiedDate" : "2025-07-02T17:23Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0527", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://github.com/Curious-L/-/issues/4", "name" : "https://github.com/Curious-L/-/issues/4", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory", "Issue Tracking" ] }, { "url" : "https://vuldb.com/?ctiid.292411", "name" : "VDB-292411 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.292411", "name" : "VDB-292411 | code-projects Admission Management System signupconfirm.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.477899", "name" : "Submit #477899 | code-projects.org Admission Management System V1.0 sql", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as critical was found in code-projects Admission Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /signupconfirm.php. The manipulation of the argument in_eml leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:anisha:admission_management_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-17T14:15Z", "lastModifiedDate" : "2025-03-03T15:57Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0528", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-78" }, { "lang" : "en", "value" : "CWE-77" }, { "lang" : "en", "value" : "CWE-74" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/Pr0b1em/IoT/blob/master/TendaAC10v16.03.10.20telnet.md", "name" : "https://github.com/Pr0b1em/IoT/blob/master/TendaAC10v16.03.10.20telnet.md", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://github.com/Pr0b1em/IoT/blob/master/TendaAC10v16.03.10.20telnet.md", "name" : "https://github.com/Pr0b1em/IoT/blob/master/TendaAC10v16.03.10.20telnet.md", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.292412", "name" : "VDB-292412 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.292412", "name" : "VDB-292412 | Tenda AC8/AC10/AC18 HTTP Request telnet command injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.478175", "name" : "Submit #478175 | Tenda AC10v4.0 v16.03.10.20 Command Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://www.tenda.com.cn/", "name" : "https://www.tenda.com.cn/", "refsource" : "", "tags" : [ "Product" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as critical, has been found in Tenda AC8, AC10 and AC18 16.03.10.20. Affected by this issue is some unknown functionality of the file /goform/telnet of the component HTTP Request Handler. The manipulation leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:tenda:ac8_firmware:16.03.10.20:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:h:tenda:ac8:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] }, { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:tenda:ac10_firmware:16.03.10.20:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:h:tenda:ac10:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] }, { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:tenda:ac18_firmware:16.03.10.20:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:h:tenda:ac18:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "HIGH", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 7.2, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 1.2, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-17T15:15Z", "lastModifiedDate" : "2025-05-28T14:42Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0529", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-787" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://gist.github.com/higordiego/f9943e2e6ba81a02a85dd07c742eecfc", "name" : "https://gist.github.com/higordiego/f9943e2e6ba81a02a85dd07c742eecfc", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.292413", "name" : "VDB-292413 | CTI Indicators (IOB, IOC, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.292413", "name" : "VDB-292413 | code-projects Train Ticket Reservation System Login Form stack-based overflow", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.478447", "name" : "Submit #478447 | code-projects Train Ticket Reservation System 1.0 Buffer Overflow", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as critical, was found in code-projects Train Ticket Reservation System 1.0. This affects an unknown part of the component Login Form. The manipulation of the argument username leads to stack-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:fabianros:train_ticket_reservation_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "LOCAL", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 7.8, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 1.8, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-17T15:15Z", "lastModifiedDate" : "2025-03-03T17:42Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0530", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://github.com/ha0day125/cve/blob/main/xss-ha0day.md", "name" : "https://github.com/ha0day125/cve/blob/main/xss-ha0day.md", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.292414", "name" : "VDB-292414 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.292414", "name" : "VDB-292414 | code-projects Job Recruitment _feedback_system.php cross site scripting", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.478674", "name" : "Submit #478674 | code-projects job-recruitment 1/0 php Cross Site Scripting", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability has been found in code-projects Job Recruitment 1.0 and classified as problematic. This vulnerability affects unknown code of the file /_parse/_feedback_system.php. The manipulation of the argument type leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:anisha:job_recruitment:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 8.2, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 2.8, "impactScore" : 4.7 } }, "publishedDate" : "2025-01-17T16:15Z", "lastModifiedDate" : "2025-02-21T21:20Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0531", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://github.com/LamentXU123/cve/blob/main/sql_injection2.md", "name" : "https://github.com/LamentXU123/cve/blob/main/sql_injection2.md", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.292415", "name" : "VDB-292415 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.292415", "name" : "VDB-292415 | code-projects Chat System leaveroom.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.478688", "name" : "Submit #478688 | code-projects Chat System Using PHP With Source Code 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in code-projects Chat System 1.0 and classified as critical. This issue affects some unknown processing of the file /user/leaveroom.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:fabianros:chat_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 7.5, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 3.9, "impactScore" : 3.6 } }, "publishedDate" : "2025-01-17T16:15Z", "lastModifiedDate" : "2025-03-03T17:41Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0532", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/TIANN0/CVE/issues/1", "name" : "https://github.com/TIANN0/CVE/issues/1", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory", "Issue Tracking" ] }, { "url" : "https://github.com/TIANN0/CVE/issues/1", "name" : "https://github.com/TIANN0/CVE/issues/1", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory", "Issue Tracking" ] }, { "url" : "https://vuldb.com/?ctiid.292416", "name" : "VDB-292416 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.292416", "name" : "VDB-292416 | Codezips Gym Management System new_submit.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.479100", "name" : "Submit #479100 | Codezips Gym Management System V1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in Codezips Gym Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /dashboard/admin/new_submit.php. The manipulation of the argument m_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:codezips:gym_management_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-17T18:15Z", "lastModifiedDate" : "2025-04-22T19:53Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0533", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://1000projects.org/", "name" : "https://1000projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://github.com/onupset/CVE/issues/2", "name" : "https://github.com/onupset/CVE/issues/2", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://github.com/onupset/CVE/issues/2", "name" : "https://github.com/onupset/CVE/issues/2", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.292417", "name" : "VDB-292417 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.292417", "name" : "VDB-292417 | 1000 Projects Campaign Management System Platform for Women sc_login.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.479119", "name" : "Submit #479119 | 1000 Projects Campaign Management System Platform for Women 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in 1000 Projects Campaign Management System Platform for Women 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /Code/sc_login.php. The manipulation of the argument uname leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:1000projects:campaign_management_system_platform_for_women:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-17T18:15Z", "lastModifiedDate" : "2025-04-29T20:23Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0534", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://1000projects.org/", "name" : "https://1000projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://github.com/onupset/CVE/issues/3", "name" : "https://github.com/onupset/CVE/issues/3", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://github.com/onupset/CVE/issues/3", "name" : "https://github.com/onupset/CVE/issues/3", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.292418", "name" : "VDB-292418 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Press/Media Coverage", "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.292418", "name" : "VDB-292418 | 1000 Projects Campaign Management System Platform for Women loginnew.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.479128", "name" : "Submit #479128 | 1000 Projects Campaign Management System Platform for Women 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in 1000 Projects Campaign Management System Platform for Women 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /Code/loginnew.php. The manipulation of the argument Username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:1000projects:campaign_management_system_platform_for_women:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-17T19:15Z", "lastModifiedDate" : "2025-04-29T20:23Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0535", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/lan041221/cve/blob/main/SQL_Injection_in_Gym_Management_System.md", "name" : "https://github.com/lan041221/cve/blob/main/SQL_Injection_in_Gym_Management_System.md", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://github.com/lan041221/cve/blob/main/SQL_Injection_in_Gym_Management_System.md", "name" : "https://github.com/lan041221/cve/blob/main/SQL_Injection_in_Gym_Management_System.md", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.292419", "name" : "VDB-292419 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.292419", "name" : "VDB-292419 | Codezips Gym Management System edit_mem_submit.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.479159", "name" : "Submit #479159 | Codezips Gym Management System in PHP with Source Code V1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as critical has been found in Codezips Gym Management System 1.0. This affects an unknown part of the file /dashboard/admin/edit_mem_submit.php. The manipulation of the argument uid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:codezips:gym_management_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-17T19:15Z", "lastModifiedDate" : "2025-04-22T19:45Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0536", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://1000projects.org/", "name" : "https://1000projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://github.com/lan041221/cve/blob/main/Attendance_Tracking_Management_System_SQL_Injection.md", "name" : "https://github.com/lan041221/cve/blob/main/Attendance_Tracking_Management_System_SQL_Injection.md", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.292420", "name" : "VDB-292420 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.292420", "name" : "VDB-292420 | 1000 Projects Attendance Tracking Management System edit_action.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.479251", "name" : "Submit #479251 | Attendance Tracking Management System V1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as critical was found in 1000 Projects Attendance Tracking Management System 1.0. This vulnerability affects unknown code of the file /admin/edit_action.php. The manipulation of the argument attendance_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:1000projects:attendance_tracking_management_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-17T20:15Z", "lastModifiedDate" : "2025-02-25T22:25Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0537", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://github.com/aaryan-11-x/My-CVEs/blob/main/CVE-2025-0537.md", "name" : "https://github.com/aaryan-11-x/My-CVEs/blob/main/CVE-2025-0537.md", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.292421", "name" : "VDB-292421 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.292421", "name" : "VDB-292421 | code-projects Car Rental Management System manage-pages.php cross site scripting", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.479864", "name" : "Submit #479864 | code-projects Car Rental Management System 1.0 Cross Site Scripting", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as problematic, has been found in code-projects Car Rental Management System 1.0. This issue affects some unknown processing of the file /admin/manage-pages.php. The manipulation of the argument pgdetails leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:fabianros:online_car_rental_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "HIGH", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 4.8, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 1.7, "impactScore" : 2.7 } }, "publishedDate" : "2025-01-17T20:15Z", "lastModifiedDate" : "2025-02-21T21:32Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0538", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://github.com/aaryan-11-x/My-CVEs/blob/main/CVE-2025-0538.md", "name" : "https://github.com/aaryan-11-x/My-CVEs/blob/main/CVE-2025-0538.md", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.292422", "name" : "VDB-292422 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.292422", "name" : "VDB-292422 | code-projects Tourism Management System manage-pages.php cross site scripting", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.479895", "name" : "Submit #479895 | code-projects Tourism Management System 1.0 Cross Site Scripting", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as problematic, was found in code-projects Tourism Management System 1.0. Affected is an unknown function of the file /admin/manage-pages.php. The manipulation of the argument pgedetails leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:fabianros:tourism_management_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "HIGH", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 4.8, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 1.7, "impactScore" : 2.7 } }, "publishedDate" : "2025-01-17T21:15Z", "lastModifiedDate" : "2025-02-21T21:22Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0539", "ASSIGNER" : "security@octopus.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://advisories.octopus.com/post/2025/sa2025-06", "name" : "https://advisories.octopus.com/post/2025/sa2025-06", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "In affected Microsoft Windows versions of Octopus Deploy, the server can be coerced into sending server-side requests that contain authentication material allowing a suitably positioned attacker to compromise the account running Octopus Server and potentially the host infrastructure itself." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:octopus:octopus_server:*:*:*:*:*:*:*:*", "versionStartIncluding" : "2.6.0", "versionEndExcluding" : "2024.3.13071", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:octopus:octopus_server:*:*:*:*:*:*:*:*", "versionStartIncluding" : "2024.4.401", "versionEndExcluding" : "2024.4.7065", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 8.8, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 2.8, "impactScore" : 5.9 } }, "publishedDate" : "2025-04-10T06:15Z", "lastModifiedDate" : "2025-07-02T17:23Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0540", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/magic2353112890/cve/issues/1", "name" : "https://github.com/magic2353112890/cve/issues/1", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://itsourcecode.com/", "name" : "https://itsourcecode.com/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://vuldb.com/?ctiid.292432", "name" : "VDB-292432 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.292432", "name" : "VDB-292432 | itsourcecode Tailoring Management System expadd.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.480063", "name" : "Submit #480063 | itsourcecode Tailoring Management System 1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability has been found in itsourcecode Tailoring Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /expadd.php. The manipulation of the argument expcat leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:angeljudesuarez:tailoring_management_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-17T21:15Z", "lastModifiedDate" : "2025-02-07T14:58Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0541", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/nbeisss/CVE/issues/1", "name" : "https://github.com/nbeisss/CVE/issues/1", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.292433", "name" : "VDB-292433 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.292433", "name" : "VDB-292433 | Codezips Gym Management System edit_member.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.480220", "name" : "Submit #480220 | Codezips Gym Management System in PHP with Source Code V1.0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in Codezips Gym Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /dashboard/admin/edit_member.php. The manipulation of the argument name leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:codezips:gym_management_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-17T22:15Z", "lastModifiedDate" : "2025-02-25T22:22Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0542", "ASSIGNER" : "cve-request@cirosec.de" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/nullby73/security-advisories/tree/main/CVE-2025-0542", "name" : "https://github.com/nullby73/security-advisories/tree/main/CVE-2025-0542", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Local privilege escalation due to incorrect assignment of privileges of temporary files in the update mechanism of G DATA Management Server. This vulnerability allows a local, unprivileged attacker to escalate privileges on affected installations by placing a crafted ZIP archive in a globally writable directory, which gets unpacked in the context of SYSTEM and results in arbitrary file write." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-25T17:15Z", "lastModifiedDate" : "2025-01-25T17:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0543", "ASSIGNER" : "cve-request@cirosec.de" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/nullby73/security-advisories/tree/main/CVE-2025-0543", "name" : "https://github.com/nullby73/security-advisories/tree/main/CVE-2025-0543", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Local privilege escalation in G DATA Security Client due to incorrect assignment of privileges to directories. This vulnerability allows a local, unprivileged attacker to escalate privileges on affected installations by placing an arbitrary executable in a globally writable directory resulting in execution by the SetupSVC.exe service in the context of SYSTEM." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-25T17:15Z", "lastModifiedDate" : "2025-01-25T17:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0545", "ASSIGNER" : "cve@usom.gov.tr" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.usom.gov.tr/bildirim/tr-25-0041", "name" : "https://www.usom.gov.tr/bildirim/tr-25-0041", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tekrom Technology T-Soft E-Commerce allows Cross-Site Scripting (XSS).This issue affects T-Soft E-Commerce: before v5." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "HIGH", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "LOW", "baseScore" : 4.7, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 1.2, "impactScore" : 3.4 } }, "publishedDate" : "2025-02-24T14:15Z", "lastModifiedDate" : "2025-02-24T14:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0549", "ASSIGNER" : "cve@gitlab.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-288" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/513996", "name" : "GitLab Issue #513996", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking" ] }, { "url" : "https://hackerone.com/reports/2927555", "name" : "HackerOne Bug Bounty Report #2927555", "refsource" : "", "tags" : [ "Permissions Required" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An issue has been discovered in GitLab CE/EE affecting all versions starting from 17.3 prior to 17.9.8, from 17.10 prior to 17.10.6, and from 17.11 prior to 17.11.2. A security vulnerability allows attackers to bypass Device OAuth flow protections, enabling authorization form submission through minimal user interaction." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "versionStartIncluding" : "17.10.0", "versionEndExcluding" : "17.10.6", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "versionStartIncluding" : "17.11.0", "versionEndExcluding" : "17.11.2", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding" : "17.10.0", "versionEndExcluding" : "17.10.6", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding" : "17.11.0", "versionEndExcluding" : "17.11.2", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "versionStartIncluding" : "17.3.0", "versionEndExcluding" : "17.9.8", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding" : "17.3.0", "versionEndExcluding" : "17.9.8", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-05-09T17:15Z", "lastModifiedDate" : "2025-08-08T16:54Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0554", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3217075%40podlove-podcasting-plugin-for-wordpress&new=3217075%40podlove-podcasting-plugin-for-wordpress&sfp_email=&sfph_mail=", "name" : "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3217075%40podlove-podcasting-plugin-for-wordpress&new=3217075%40podlove-podcasting-plugin-for-wordpress&sfp_email=&sfph_mail=", "refsource" : "", "tags" : [ "Patch" ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/39d41772-49f3-4bce-a170-cbe64ba99184?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/39d41772-49f3-4bce-a170-cbe64ba99184?source=cve", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The Podlove Podcast Publisher plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Feed Name value in version <= 4.1.25 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:podlove:podlove_podcast_publisher:*:*:*:*:*:wordpress:*:*", "versionEndExcluding" : "4.2.0", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "HIGH", "privilegesRequired" : "HIGH", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 4.0, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 1.0, "impactScore" : 2.7 } }, "publishedDate" : "2025-01-18T06:15Z", "lastModifiedDate" : "2025-03-19T19:53Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0555", "ASSIGNER" : "cve@gitlab.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/514004", "name" : "GitLab Issue #514004", "refsource" : "", "tags" : [ "Broken Link" ] }, { "url" : "https://hackerone.com/reports/2939833", "name" : "HackerOne Bug Bounty Report #2939833", "refsource" : "", "tags" : [ "Permissions Required" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A Cross Site Scripting (XSS) vulnerability in GitLab-EE affecting all versions from 16.6 prior to 17.7.6, 17.8 prior to 17.8.4, and 17.9 prior to 17.9.1 allows an attacker to bypass security controls and execute arbitrary scripts in a users browser under specific conditions." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding" : "16.6.0", "versionEndExcluding" : "17.7.6", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding" : "17.8.0", "versionEndExcluding" : "17.8.4", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:17.9.0:*:*:*:enterprise:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 6.1, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 2.7 } }, "publishedDate" : "2025-03-03T16:15Z", "lastModifiedDate" : "2025-03-07T21:43Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0556", "ASSIGNER" : "security@progress.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-319" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://docs.telerik.com/report-server/knowledge-base/kb-security-cleartext-transmission-cve-2025-0556", "name" : "https://docs.telerik.com/report-server/knowledge-base/kb-security-cleartext-transmission-cve-2025-0556", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "In Progress® Telerik® Report Server, versions prior to 2025 Q1 (11.0.25.211) when using the older .NET Framework implementation, communication of non-sensitive information between the service agent process and app host process occurs over an unencrypted tunnel, which can be subjected to local network traffic sniffing." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:progress:telerik_report_server:*:*:*:*:*:*:*:*", "versionEndExcluding" : "11.0.25.211", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "REQUIRED", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 6.5, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 3.6 } }, "publishedDate" : "2025-02-12T16:15Z", "lastModifiedDate" : "2025-02-20T20:41Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0557", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" }, { "lang" : "en", "value" : "CWE-94" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://vuldb.com/?ctiid.292491", "name" : "VDB-292491 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.292491", "name" : "VDB-292491 | Hyland Alfresco Community Edition URL s cross site scripting", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.474306", "name" : "Submit #474306 | Alfresco Software Alfresco Community/Enterprise 5.2.0 to 6.2.2 Cross-Site Scripting", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as problematic has been found in Hyland Alfresco Community Edition and Alfresco Enterprise Edition up to 6.2.2. This affects an unknown part of the file /share/s/ of the component URL Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 7.0 is able to address this issue. It is recommended to upgrade the affected component." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "REQUIRED", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 4.3, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 1.4 } }, "publishedDate" : "2025-01-18T09:15Z", "lastModifiedDate" : "2025-01-18T09:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0558", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" }, { "lang" : "en", "value" : "CWE-74" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/ggg48966/123123/blob/main/TDuckCloud.md", "name" : "https://github.com/ggg48966/123123/blob/main/TDuckCloud.md", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.292492", "name" : "VDB-292492 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.292492", "name" : "VDB-292492 | TDuckCloud tduck-platform QueryProThemeRequest.java QueryProThemeRequest sql injection", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.474613", "name" : "Submit #474613 | TDuckCloud tduck-platform 4.0 SQLi", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as critical was found in TDuckCloud tduck-platform up to 4.0. This vulnerability affects the function QueryProThemeRequest of the file src/main/java/com/tduck/cloud/form/request/QueryProThemeRequest.java. The manipulation of the argument color leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "LOW", "baseScore" : 6.3, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 3.4 } }, "publishedDate" : "2025-01-18T13:15Z", "lastModifiedDate" : "2025-01-18T13:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0559", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/KhukuriRimal/Vulnerabilities/blob/main/CampCodes%20-%20School%20Management%20Software%20-%20Cross%20Site%20Scripting.pdf", "name" : "https://github.com/KhukuriRimal/Vulnerabilities/blob/main/CampCodes%20-%20School%20Management%20Software%20-%20Cross%20Site%20Scripting.pdf", "refsource" : "", "tags" : [ "Exploit" ] }, { "url" : "https://vuldb.com/?ctiid.292493", "name" : "VDB-292493 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.292493", "name" : "VDB-292493 | Campcodes School Management Software Create Id Card Page create-id-card cross site scripting", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.480306", "name" : "Submit #480306 | CampCodes School Management Software 1 Cross Site Scripting", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://www.campcodes.com/", "name" : "https://www.campcodes.com/", "refsource" : "", "tags" : [ "Product" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as problematic, has been found in Campcodes School Management Software 1.0. This issue affects some unknown processing of the file /create-id-card of the component Create Id Card Page. The manipulation of the argument ID Card Title leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:campcodes:school_management_software:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "HIGH", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 4.8, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 1.7, "impactScore" : 2.7 } }, "publishedDate" : "2025-01-18T14:15Z", "lastModifiedDate" : "2025-02-28T02:02Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0560", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/KhukuriRimal/Vulnerabilities/blob/main/CampCodes%20-%20School%20Management%20Software%20-%20Stored%20Cross%20Site%20Scripting.pdf", "name" : "https://github.com/KhukuriRimal/Vulnerabilities/blob/main/CampCodes%20-%20School%20Management%20Software%20-%20Stored%20Cross%20Site%20Scripting.pdf", "refsource" : "", "tags" : [ "Exploit" ] }, { "url" : "https://vuldb.com/?ctiid.292494", "name" : "VDB-292494 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.292494", "name" : "VDB-292494 | CampCodes School Management Software Photo Gallery Page photo-gallery cross site scripting", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.480688", "name" : "Submit #480688 | CampCodes School Management Software 1.0 Cross Site Scripting", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://www.campcodes.com/", "name" : "https://www.campcodes.com/", "refsource" : "", "tags" : [ "Product" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as problematic, was found in CampCodes School Management Software 1.0. Affected is an unknown function of the file /photo-gallery of the component Photo Gallery Page. The manipulation of the argument Description leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:campcodes:school_management_software:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "HIGH", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 4.8, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 1.7, "impactScore" : 2.7 } }, "publishedDate" : "2025-01-18T15:15Z", "lastModifiedDate" : "2025-02-28T02:02Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0561", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/yunhai666/cve/issues/1", "name" : "https://github.com/yunhai666/cve/issues/1", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://itsourcecode.com/", "name" : "https://itsourcecode.com/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://vuldb.com/?ctiid.292522", "name" : "VDB-292522 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.292522", "name" : "VDB-292522 | itsourcecode Farm Management System add-pig.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.483396", "name" : "Submit #483396 | itsourcecode Farm Management System 1,0 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability has been found in itsourcecode Farm Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-pig.php. The manipulation of the argument pigno leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:angeljudesuarez:farm_management_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-19T00:15Z", "lastModifiedDate" : "2025-02-07T14:58Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0562", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/LiuSir5211314/-sir/issues/1", "name" : "https://github.com/LiuSir5211314/-sir/issues/1", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.292523", "name" : "VDB-292523 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.292523", "name" : "VDB-292523 | Codezips Gym Management System health_status_entry.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.484184", "name" : "Submit #484184 | Security Advisory CodeZips Gym Management System V1.0 sql", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in Codezips Gym Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /dashboard/admin/health_status_entry.php. The manipulation of the argument usrid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:codezips:gym_management_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-19T02:15Z", "lastModifiedDate" : "2025-02-28T02:02Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0563", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://github.com/LiuSir5211314/-sir/issues/2", "name" : "https://github.com/LiuSir5211314/-sir/issues/2", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.292524", "name" : "VDB-292524 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.292524", "name" : "VDB-292524 | code-projects Fantasy-Cricket update.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.484185", "name" : "Submit #484185 | code-projects.org Fantasy-Cricket V1.0 sql", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in code-projects Fantasy-Cricket 1.0. It has been classified as critical. Affected is an unknown function of the file /dash/update.php. The manipulation of the argument uname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:anisha:fantasy-cricket:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-19T02:15Z", "lastModifiedDate" : "2025-02-28T02:06Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0564", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://code-projects.org/", "name" : "https://code-projects.org/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://github.com/LiuSir5211314/-sir/issues/3", "name" : "https://github.com/LiuSir5211314/-sir/issues/3", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.292525", "name" : "VDB-292525 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.292525", "name" : "VDB-292525 | code-projects Fantasy-Cricket authenticate.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.484186", "name" : "Submit #484186 | code-projects.org Fantasy-Cricket V1.0 sql", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in code-projects Fantasy-Cricket 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /authenticate.php. The manipulation of the argument uname leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:anisha:fantasy-cricket:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-19T04:15Z", "lastModifiedDate" : "2025-02-28T02:03Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0565", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" }, { "lang" : "en", "value" : "CWE-89" }, { "lang" : "en", "value" : "CWE-74" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/En0t5/vul/blob/main/zzcms/zzcsm-sql-inject.md", "name" : "https://github.com/En0t5/vul/blob/main/zzcms/zzcsm-sql-inject.md", "refsource" : "", "tags" : [ "Broken Link", "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.292526", "name" : "VDB-292526 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.292526", "name" : "VDB-292526 | ZZCMS index.php sql injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.484333", "name" : "Submit #484333 | ZZCMS 2023 SQL Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in ZZCMS 2023. It has been rated as critical. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:zzcms:zzcms:2023:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-19T06:15Z", "lastModifiedDate" : "2025-04-22T19:37Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0566", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-787" }, { "lang" : "en", "value" : "CWE-119" }, { "lang" : "en", "value" : "CWE-121" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://pan.baidu.com/s/1DBDf27oCTIMkW-PSZwg02Q?pwd=tara", "name" : "https://pan.baidu.com/s/1DBDf27oCTIMkW-PSZwg02Q?pwd=tara", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.292527", "name" : "VDB-292527 | CTI Indicators (IOB, IOC, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.292527", "name" : "VDB-292527 | Tenda AC15 SetDevNetName formSetDevNetName stack-based overflow", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.484418", "name" : "Submit #484418 | Tenda Tenda A15 V15.13.07.13 V15.13.07.13 Stack-based Buffer Overflow", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://www.tenda.com.cn/", "name" : "https://www.tenda.com.cn/", "refsource" : "", "tags" : [ "Product" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as critical has been found in Tenda AC15 15.13.07.13. This affects the function formSetDevNetName of the file /goform/SetDevNetName. The manipulation of the argument mac leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:tenda:ac15_firmware:15.13.07.13:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:h:tenda:ac15:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 8.8, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 2.8, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-19T07:15Z", "lastModifiedDate" : "2025-07-01T15:11Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0567", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-426" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://vuldb.com/?ctiid.292528", "name" : "VDB-292528 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.292528", "name" : "VDB-292528 | Epic Games Launcher Installer profapi.dll untrusted search path", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.481104", "name" : "Submit #481104 | Epic Games Epic Games Launcher 17.2.1 OS Command Injection", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as problematic was found in Epic Games Launcher up to 17.2.1. This vulnerability affects unknown code in the library profapi.dll of the component Installer. The manipulation leads to untrusted search path. Attacking locally is a requirement. The complexity of an attack is rather high. The exploitation appears to be difficult." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "attackVector" : "LOCAL", "attackComplexity" : "HIGH", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "LOW", "baseScore" : 4.5, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 1.0, "impactScore" : 3.4 } }, "publishedDate" : "2025-01-19T08:15Z", "lastModifiedDate" : "2025-01-19T08:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0568", "ASSIGNER" : "zdi-disclosures@trendmicro.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-787" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.zerodayinitiative.com/advisories/ZDI-25-049/", "name" : "ZDI-25-049", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Sante PACS Server DCM File Parsing Memory Corruption Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Sante PACS Server. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the parsing of DCM files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-25302." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:santesoft:sante_pacs_server:*:*:*:*:*:*:*:*", "versionEndExcluding" : "4.0.10", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "NONE", "availabilityImpact" : "HIGH", "baseScore" : 7.5, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 3.9, "impactScore" : 3.6 } }, "publishedDate" : "2025-01-30T21:15Z", "lastModifiedDate" : "2025-02-19T19:28Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0569", "ASSIGNER" : "zdi-disclosures@trendmicro.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-787" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.zerodayinitiative.com/advisories/ZDI-25-052/", "name" : "ZDI-25-052", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Sante PACS Server DCM File Parsing Memory Corruption Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Sante PACS Server. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the parsing of DCM files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-25303." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:santesoft:sante_pacs_server:*:*:*:*:*:*:*:*", "versionEndExcluding" : "4.0.10", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "NONE", "availabilityImpact" : "HIGH", "baseScore" : 7.5, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 3.9, "impactScore" : 3.6 } }, "publishedDate" : "2025-01-30T21:15Z", "lastModifiedDate" : "2025-02-19T19:27Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0570", "ASSIGNER" : "zdi-disclosures@trendmicro.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-787" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.zerodayinitiative.com/advisories/ZDI-25-050/", "name" : "ZDI-25-050", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Sante PACS Server Web Portal DCM File Parsing Memory Corruption Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Sante PACS Server. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the parsing of DCM files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-25304." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:santesoft:sante_pacs_server:*:*:*:*:*:*:*:*", "versionEndExcluding" : "4.0.10", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "NONE", "availabilityImpact" : "HIGH", "baseScore" : 6.5, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 3.6 } }, "publishedDate" : "2025-01-30T21:15Z", "lastModifiedDate" : "2025-02-19T19:27Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0571", "ASSIGNER" : "zdi-disclosures@trendmicro.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-787" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.zerodayinitiative.com/advisories/ZDI-25-051/", "name" : "ZDI-25-051", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Sante PACS Server Web Portal DCM File Parsing Memory Corruption Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Sante PACS Server. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the parsing of DCM files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-25305." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:santesoft:sante_pacs_server:*:*:*:*:*:*:*:*", "versionEndExcluding" : "4.0.10", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "NONE", "availabilityImpact" : "HIGH", "baseScore" : 6.5, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 3.6 } }, "publishedDate" : "2025-01-30T21:15Z", "lastModifiedDate" : "2025-02-19T19:26Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0572", "ASSIGNER" : "zdi-disclosures@trendmicro.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-22" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.zerodayinitiative.com/advisories/ZDI-25-054/", "name" : "ZDI-25-054", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Sante PACS Server Web Portal DCM File Parsing Directory Traversal Arbitrary File Write Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Sante PACS Server. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the parsing of DCM files. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to write files in the context of the current user. Was ZDI-CAN-25308." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:santesoft:sante_pacs_server:*:*:*:*:*:*:*:*", "versionEndExcluding" : "4.0.10", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 4.3, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 1.4 } }, "publishedDate" : "2025-01-30T21:15Z", "lastModifiedDate" : "2025-02-19T19:27Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0573", "ASSIGNER" : "zdi-disclosures@trendmicro.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-22" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.zerodayinitiative.com/advisories/ZDI-25-053/", "name" : "ZDI-25-053", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Sante PACS Server DCM File Parsing Directory Traversal Arbitrary File Write Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Sante PACS Server. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the parsing of DCM files. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to write files in the context of the current user. Was ZDI-CAN-25309." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:santesoft:sante_pacs_server:*:*:*:*:*:*:*:*", "versionEndExcluding" : "4.0.10", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 5.3, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 3.9, "impactScore" : 1.4 } }, "publishedDate" : "2025-01-30T21:15Z", "lastModifiedDate" : "2025-02-19T19:26Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0574", "ASSIGNER" : "zdi-disclosures@trendmicro.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-787" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.zerodayinitiative.com/advisories/ZDI-25-055/", "name" : "ZDI-25-055", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Sante PACS Server URL path Memory Corruption Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Sante PACS Server. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the parsing of URLs in the web server module. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-25318." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:santesoft:sante_pacs_server:*:*:*:*:*:*:*:*", "versionEndExcluding" : "4.0.10", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "NONE", "availabilityImpact" : "HIGH", "baseScore" : 7.5, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 3.9, "impactScore" : 3.6 } }, "publishedDate" : "2025-01-30T21:15Z", "lastModifiedDate" : "2025-02-19T19:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0575", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-693" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://drive.google.com/file/d/1kIXsZoD1FFps0bXQ1pbrfoo76Wy1pL7s/view?usp=drivesdk", "name" : "https://drive.google.com/file/d/1kIXsZoD1FFps0bXQ1pbrfoo76Wy1pL7s/view?usp=drivesdk", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.292540", "name" : "VDB-292540 | CTI Indicators (IOB, IOC)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.292540", "name" : "VDB-292540 | Union Bank of India Vyom Rooting Detection protection mechanism", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.475733", "name" : "Submit #475733 | union bank of india Vyom 8.0.34 Missing Immutable Root of Trust in Hardware", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability has been found in Union Bank of India Vyom 8.0.34 on Android and classified as problematic. This vulnerability affects unknown code of the component Rooting Detection. The manipulation leads to protection mechanism failure. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "attackVector" : "LOCAL", "attackComplexity" : "HIGH", "privilegesRequired" : "HIGH", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "LOW", "baseScore" : 3.9, "baseSeverity" : "LOW" }, "exploitabilityScore" : 0.5, "impactScore" : 3.4 } }, "publishedDate" : "2025-01-19T23:15Z", "lastModifiedDate" : "2025-01-19T23:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0576", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" }, { "lang" : "en", "value" : "CWE-94" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://vuldb.com/?ctiid.292541", "name" : "VDB-292541 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.292541", "name" : "VDB-292541 | Mobotix M15 player cross site scripting", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.475602", "name" : "Submit #475602 | Mobotix M15 MX-V4.3.4.83 Reflected Cross-Site Scripting", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in Mobotix M15 4.3.4.83 and classified as problematic. This issue affects some unknown processing of the file /control/player?center&eventlist&pda&dummy_for_reload=1736177631&p_evt. The manipulation of the argument p_qual leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "REQUIRED", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 4.3, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 1.4 } }, "publishedDate" : "2025-01-20T00:15Z", "lastModifiedDate" : "2025-01-20T00:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0578", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" }, { "lang" : "en", "value" : "CWE-94" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://vuldb.com/?ctiid.292596", "name" : "VDB-292596 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.292596", "name" : "VDB-292596 | Facile Sistemas Cloud Apps Password Reset forgotpassword cross site scripting", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.476305", "name" : "Submit #476305 | Facile Cloud Apps Facile Sistemas N/A Cross Site Scripting", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in Facile Sistemas Cloud Apps up to 20250107. It has been classified as problematic. Affected is an unknown function of the file /account/forgotpassword of the component Password Reset Handler. The manipulation of the argument reterros leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "REQUIRED", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 3.5, "baseSeverity" : "LOW" }, "exploitabilityScore" : 2.1, "impactScore" : 1.4 } }, "publishedDate" : "2025-01-20T02:15Z", "lastModifiedDate" : "2025-01-20T02:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0579", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" }, { "lang" : "en", "value" : "CWE-74" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://gist.github.com/mcdruid/3c9fc9bd4e882cee21f8a37998f56fce", "name" : "https://gist.github.com/mcdruid/3c9fc9bd4e882cee21f8a37998f56fce", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.292597", "name" : "VDB-292597 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.292597", "name" : "VDB-292597 | Shiprocket Module REST API Module restapi sql injection", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.476831", "name" : "Submit #476831 | ShipRocket OpenCart module v3 and v4 SQL Injection", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in Shiprocket Module 3/4 on OpenCart. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /index.php?route=extension/shiprocket/module/restapi of the component REST API Module. The manipulation of the argument x-username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "LOW", "baseScore" : 7.3, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 3.9, "impactScore" : 3.4 } }, "publishedDate" : "2025-01-20T03:15Z", "lastModifiedDate" : "2025-01-20T03:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0580", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-285" }, { "lang" : "en", "value" : "CWE-863" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://gist.github.com/mcdruid/0d1fdbba445587639ee5da66e7abfcc9", "name" : "https://gist.github.com/mcdruid/0d1fdbba445587639ee5da66e7abfcc9", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.292598", "name" : "VDB-292598 | CTI Indicators (IOB, IOC, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.292598", "name" : "VDB-292598 | Shiprocket Module REST API Module rest_api authorization", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.476832", "name" : "Submit #476832 | ShipRocket OpenCart module v3 Incorrect Authorization", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in Shiprocket Module 3 on OpenCart. It has been rated as critical. Affected by this issue is some unknown functionality of the file /index.php?route=extension/module/rest_api&action=getOrders of the component REST API Module. The manipulation of the argument contentHash leads to incorrect authorization. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "attackVector" : "NETWORK", "attackComplexity" : "HIGH", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "LOW", "baseScore" : 5.6, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.2, "impactScore" : 3.4 } }, "publishedDate" : "2025-01-20T03:15Z", "lastModifiedDate" : "2025-01-20T03:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0581", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/KhukuriRimal/Vulnerabilities/blob/main/CampCodes%20-%20Stored%20Cross%20Site%20Scripting-%20Account%20Takeover%20Possibility.pdf", "name" : "https://github.com/KhukuriRimal/Vulnerabilities/blob/main/CampCodes%20-%20Stored%20Cross%20Site%20Scripting-%20Account%20Takeover%20Possibility.pdf", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.292599", "name" : "VDB-292599 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.292599", "name" : "VDB-292599 | CampCodes School Management Software Chat History send cross site scripting", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.484895", "name" : "Submit #484895 | CampCodes School Management Software 1.0 Cross Site Scripting", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://www.campcodes.com/", "name" : "https://www.campcodes.com/", "refsource" : "", "tags" : [ "Product" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as problematic has been found in CampCodes School Management Software 1.0. This affects an unknown part of the file /chat/group/send of the component Chat History. The manipulation of the argument message leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:campcodes:school_management_software:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 5.4, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.3, "impactScore" : 2.7 } }, "publishedDate" : "2025-01-20T03:15Z", "lastModifiedDate" : "2025-02-20T21:25Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0582", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-434" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/yunhai666/cve/issues/2", "name" : "https://github.com/yunhai666/cve/issues/2", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://itsourcecode.com/", "name" : "https://itsourcecode.com/", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://vuldb.com/?ctiid.292600", "name" : "VDB-292600 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.292600", "name" : "VDB-292600 | itsourcecode Farm Management System add-pig.php unrestricted upload", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.484909", "name" : "Submit #484909 | itsourcecode Farm Management System 1.0 Code Injection", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as critical was found in itsourcecode Farm Management System up to 1.0. This vulnerability affects unknown code of the file /add-pig.php. The manipulation of the argument pigphoto leads to unrestricted upload. The attack can be initiated remotely." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:angeljudesuarez:tailoring_management_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "HIGH", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 7.2, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 1.2, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-20T03:15Z", "lastModifiedDate" : "2025-02-07T15:01Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0583", "ASSIGNER" : "cve@cert.org.tw" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.twcert.org.tw/en/cp-139-8369-cf396-2.html", "name" : "https://www.twcert.org.tw/en/cp-139-8369-cf396-2.html", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.twcert.org.tw/tw/cp-132-8368-1e317-1.html", "name" : "https://www.twcert.org.tw/tw/cp-132-8368-1e317-1.html", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The a+HRD from aEnrich Technology has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 6.1, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 2.7 } }, "publishedDate" : "2025-01-20T02:15Z", "lastModifiedDate" : "2025-01-20T02:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0584", "ASSIGNER" : "cve@cert.org.tw" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-918" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.twcert.org.tw/en/cp-139-8371-1c17a-2.html", "name" : "https://www.twcert.org.tw/en/cp-139-8371-1c17a-2.html", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.twcert.org.tw/tw/cp-132-8370-58eb5-1.html", "name" : "https://www.twcert.org.tw/tw/cp-132-8370-58eb5-1.html", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The a+HRD from aEnrich Technology has a Server-side Request Forgery, allowing unauthenticated remote attackers to exploit this vulnerability to probe internal network." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 5.3, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 3.9, "impactScore" : 1.4 } }, "publishedDate" : "2025-01-20T03:15Z", "lastModifiedDate" : "2025-01-20T03:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0585", "ASSIGNER" : "cve@cert.org.tw" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.twcert.org.tw/en/cp-139-8373-91edc-2.html", "name" : "https://www.twcert.org.tw/en/cp-139-8373-91edc-2.html", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.twcert.org.tw/tw/cp-132-8372-19721-1.html", "name" : "https://www.twcert.org.tw/tw/cp-132-8372-19721-1.html", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The a+HRD from aEnrich Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-20T03:15Z", "lastModifiedDate" : "2025-01-20T03:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0586", "ASSIGNER" : "cve@cert.org.tw" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-502" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.twcert.org.tw/en/cp-139-8375-59abd-2.html", "name" : "https://www.twcert.org.tw/en/cp-139-8375-59abd-2.html", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.twcert.org.tw/tw/cp-132-8374-7085a-1.html", "name" : "https://www.twcert.org.tw/tw/cp-132-8374-7085a-1.html", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The a+HRD from aEnrich Technology has an Insecure Deserialization vulnerability, allowing remote attackers with database modification privileges and regular system privileges to perform arbitrary code execution." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "HIGH", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 7.2, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 1.2, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-20T03:15Z", "lastModifiedDate" : "2025-01-20T03:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0587", "ASSIGNER" : "scy@openharmony.io" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-190" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2025/2025-03.md", "name" : "https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2025/2025-03.md", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow. This vulnerability can be exploited only in restricted scenarios." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:openatom:openharmony:*:*:*:*:*:*:*:*", "versionStartIncluding" : "4.1", "versionEndIncluding" : "5.0.2", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "LOCAL", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 7.8, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 1.8, "impactScore" : 5.9 } }, "publishedDate" : "2025-03-04T04:15Z", "lastModifiedDate" : "2025-03-11T18:07Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0588", "ASSIGNER" : "security@octopus.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://advisories.octopus.com/post/2024/sa2025-05/", "name" : "https://advisories.octopus.com/post/2024/sa2025-05/", "refsource" : "", "tags" : [ "Broken Link" ] }, { "url" : "https://advisories.octopus.com/post/2024/sa2025-05/", "name" : "https://advisories.octopus.com/post/2024/sa2025-05/", "refsource" : "", "tags" : [ "Broken Link" ] }, { "url" : "https://advisories.octopus.com/post/2025/sa2025-05/", "name" : "https://advisories.octopus.com/post/2025/sa2025-05/", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "In affected versions of Octopus Server it was possible for a user with sufficient access to set custom headers in all server responses. By submitting a specifically crafted referrer header the user could ensure that all subsequent server responses would return 500 errors rendering the site mostly unusable. The user would be able to subsequently set and unset the referrer header to control the denial of service state with a valid CSRF token whilst new CSRF tokens could not be generated." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:octopus:octopus_server:*:*:*:*:*:*:*:*", "versionStartIncluding" : "2020.1.0", "versionEndExcluding" : "2024.3.13097", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:octopus:octopus_server:*:*:*:*:*:*:*:*", "versionStartIncluding" : "2024.4.401", "versionEndExcluding" : "2024.4.7091", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "HIGH", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "NONE", "availabilityImpact" : "HIGH", "baseScore" : 4.9, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 1.2, "impactScore" : 3.6 } }, "publishedDate" : "2025-02-11T12:15Z", "lastModifiedDate" : "2025-07-02T17:24Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0589", "ASSIGNER" : "security@octopus.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://advisories.octopus.com/post/2025/sa2025-01/", "name" : "https://advisories.octopus.com/post/2025/sa2025-01/", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "In affected versions of Octopus Deploy where customers are using Active Directory for authentication it was possible for an unauthenticated user to make an API request against two endpoints which would retrieve some data from the associated Active Directory. The requests when crafted correctly would return specific information from user profiles (Email address/UPN and Display name) from one endpoint and group information ( Group ID and Display name) from the other. This vulnerability does not expose data within the Octopus Server product itself." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:octopus:octopus_server:*:*:*:*:*:*:*:*", "versionStartIncluding" : "2020.3.3", "versionEndExcluding" : "2024.3.13071", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:octopus:octopus_server:*:*:*:*:*:*:*:*", "versionStartIncluding" : "2024.4.401", "versionEndExcluding" : "2024.4.7065", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 5.3, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 3.9, "impactScore" : 1.4 } }, "publishedDate" : "2025-02-11T09:15Z", "lastModifiedDate" : "2025-07-02T17:25Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0590", "ASSIGNER" : "security.tecno@tecno-mobile.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.tecno.com/SRC/blogdetail/381?lang=en_US", "name" : "https://security.tecno.com/SRC/blogdetail/381?lang=en_US", "refsource" : "", "tags" : [ ] }, { "url" : "https://security.tecno.com/SRC/securityUpdates", "name" : "https://security.tecno.com/SRC/securityUpdates", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Improper permission settings for mobile applications (com.transsion.carlcare) may lead to \n\ninformation leakage risk." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-20T07:17Z", "lastModifiedDate" : "2025-03-24T18:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0591", "ASSIGNER" : "omron@example.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2025-003_en.pdf", "name" : "https://www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2025-003_en.pdf", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.fa.omron.co.jp/product/security/assets/pdf/ja/OMSR-2025-003_ja.pdf", "name" : "https://www.fa.omron.co.jp/product/security/assets/pdf/ja/OMSR-2025-003_ja.pdf", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Out-of-bounds Read vulnerability (CWE-125) was found in CX-Programmer. Attackers may be able to read sensitive information or cause an application crash by abusing this vulnerability." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-17T00:15Z", "lastModifiedDate" : "2025-02-17T00:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0592", "ASSIGNER" : "psirt@sick.de" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF", "name" : "https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF", "refsource" : "", "tags" : [ ] }, { "url" : "https://sick.com/psirt", "name" : "https://sick.com/psirt", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices", "name" : "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.first.org/cvss/calculator/3.1", "name" : "https://www.first.org/cvss/calculator/3.1", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0002.json", "name" : "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0002.json", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0002.pdf", "name" : "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0002.pdf", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The vulnerability may allow a remote low priviledged attacker to run arbitrary shell commands by manipulating the firmware file and uploading it to the device." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-14T21:15Z", "lastModifiedDate" : "2025-02-14T21:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0593", "ASSIGNER" : "psirt@sick.de" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF", "name" : "https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF", "refsource" : "", "tags" : [ ] }, { "url" : "https://sick.com/psirt", "name" : "https://sick.com/psirt", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices", "name" : "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.first.org/cvss/calculator/3.1", "name" : "https://www.first.org/cvss/calculator/3.1", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0002.json", "name" : "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0002.json", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0002.pdf", "name" : "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0002.pdf", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The vulnerability may allow a remote low priviledged attacker to run arbitrary shell commands by using lower-level functions to interact with the device." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-14T21:15Z", "lastModifiedDate" : "2025-02-14T21:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0595", "ASSIGNER" : "3DS.Information-Security@3ds.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.3ds.com/vulnerability/advisories", "name" : "https://www.3ds.com/vulnerability/advisories", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-03-17T14:15Z", "lastModifiedDate" : "2025-03-17T14:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0596", "ASSIGNER" : "3DS.Information-Security@3ds.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.3ds.com/vulnerability/advisories", "name" : "https://www.3ds.com/vulnerability/advisories", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A stored Cross-site Scripting (XSS) vulnerability affecting Bookmark Editor in ENOVIA Collaborative Industry Innovator on Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-03-17T14:15Z", "lastModifiedDate" : "2025-03-17T14:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0598", "ASSIGNER" : "3DS.Information-Security@3ds.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.3ds.com/vulnerability/advisories", "name" : "https://www.3ds.com/vulnerability/advisories", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A stored Cross-site Scripting (XSS) vulnerability affecting Relations in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-03-17T14:15Z", "lastModifiedDate" : "2025-03-17T14:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0599", "ASSIGNER" : "3DS.Information-Security@3ds.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.3ds.com/vulnerability/advisories", "name" : "https://www.3ds.com/vulnerability/advisories", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A stored Cross-site Scripting (XSS) vulnerability affecting Document Management in ENOVIA Collaborative Industry Innovator on Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-03-17T14:15Z", "lastModifiedDate" : "2025-03-17T14:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0600", "ASSIGNER" : "3DS.Information-Security@3ds.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.3ds.com/vulnerability/advisories", "name" : "https://www.3ds.com/vulnerability/advisories", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A stored Cross-site Scripting (XSS) vulnerability affecting Product Explorer in ENOVIA Collaborative Industry Innovator on Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-03-17T14:15Z", "lastModifiedDate" : "2025-03-17T14:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0601", "ASSIGNER" : "3DS.Information-Security@3ds.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.3ds.com/vulnerability/advisories", "name" : "https://www.3ds.com/vulnerability/advisories", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A stored Cross-site Scripting (XSS) vulnerability affecting Issue Management in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-03-17T14:15Z", "lastModifiedDate" : "2025-03-17T14:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0602", "ASSIGNER" : "3DS.Information-Security@3ds.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.3ds.com/vulnerability/advisories", "name" : "https://www.3ds.com/vulnerability/advisories", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A stored Cross-site Scripting (XSS) vulnerability affecting Compare in Collaborative Industry Innovator from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-05-30T15:15Z", "lastModifiedDate" : "2025-05-30T16:31Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0604", "ASSIGNER" : "secalert@redhat.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://access.redhat.com/errata/RHSA-2025:2544", "name" : "RHSA-2025:2544", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/errata/RHSA-2025:2545", "name" : "RHSA-2025:2545", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/security/cve/CVE-2025-0604", "name" : "https://access.redhat.com/security/cve/CVE-2025-0604", "refsource" : "", "tags" : [ ] }, { "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2338993", "name" : "RHBZ#2338993", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A flaw was found in Keycloak. When an Active Directory user resets their password, the system updates it without performing an LDAP bind to validate the new credentials against AD. This vulnerability allows users whose AD accounts are expired or disabled to regain access in Keycloak, bypassing AD restrictions. The issue enables authentication bypass and could allow unauthorized access under certain conditions." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-22T15:15Z", "lastModifiedDate" : "2025-03-10T19:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0605", "ASSIGNER" : "cve@gitlab.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-287" }, { "lang" : "en", "value" : "CWE-1390" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/514204", "name" : "GitLab Issue #514204", "refsource" : "", "tags" : [ "Broken Link" ] }, { "url" : "https://hackerone.com/reports/2919391", "name" : "HackerOne Bug Bounty Report #2919391", "refsource" : "", "tags" : [ "Permissions Required" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An issue has been discovered in GitLab CE/EE affecting all versions from 16.8 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. Group access controls could allow certain users to bypass two-factor authentication requirements." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:18.0.0:*:*:*:community:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:18.0.0:*:*:*:enterprise:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "versionStartIncluding" : "17.11.0", "versionEndExcluding" : "17.11.3", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding" : "17.11.0", "versionEndExcluding" : "17.11.3", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "versionStartIncluding" : "16.8.0", "versionEndExcluding" : "17.10.7", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding" : "16.8.0", "versionEndExcluding" : "17.10.7", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 4.3, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 1.4 } }, "publishedDate" : "2025-05-22T15:16Z", "lastModifiedDate" : "2025-05-29T15:58Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0611", "ASSIGNER" : "chrome-cve-admin@google.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_22.html", "name" : "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_22.html", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://issues.chromium.org/issues/386143468", "name" : "https://issues.chromium.org/issues/386143468", "refsource" : "", "tags" : [ "Issue Tracking", "Permissions Required" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Object corruption in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)" } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "versionEndExcluding" : "132.0.6834.110", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-01-22T20:15Z", "lastModifiedDate" : "2025-04-18T02:26Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0612", "ASSIGNER" : "chrome-cve-admin@google.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_22.html", "name" : "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_22.html", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://issues.chromium.org/issues/385155406", "name" : "https://issues.chromium.org/issues/385155406", "refsource" : "", "tags" : [ "Issue Tracking" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)" } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "versionEndExcluding" : "132.0.6834.110", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-01-22T20:15Z", "lastModifiedDate" : "2025-04-18T02:26Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0613", "ASSIGNER" : "contact@wpscan.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://wpscan.com/vulnerability/22be2b44-cd42-4b02-8448-59dd2989dde1/", "name" : "https://wpscan.com/vulnerability/22be2b44-cd42-4b02-8448-59dd2989dde1/", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The Photo Gallery by 10Web WordPress plugin before 1.8.34 does not sanitised and escaped comment added on images by unauthenticated users, leading to an Unauthenticated Stored-XSS attack when comments are displayed" } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*", "versionEndExcluding" : "1.8.34", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-03-31T06:15Z", "lastModifiedDate" : "2025-05-13T13:29Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0614", "ASSIGNER" : "cve-coordination@incibe.es" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-22" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-qualifios-wheel-fortune", "name" : "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-qualifios-wheel-fortune", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Input validation vulnerability in Qualifio's Wheel of Fortune. This vulnerability could allow an attacker to modify a single email to contain upper and lower case characters in order to access the application and win prizes as many times as wanted." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-21T12:15Z", "lastModifiedDate" : "2025-01-21T12:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0615", "ASSIGNER" : "cve-coordination@incibe.es" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-22" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-qualifios-wheel-fortune", "name" : "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-qualifios-wheel-fortune", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Input validation vulnerability in Qualifio's Wheel of Fortune. This vulnerability allows an attacker to modify an email to contain the ‘+’ symbol to access the application and win prizes as many times as wanted." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-21T12:15Z", "lastModifiedDate" : "2025-01-21T12:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0617", "ASSIGNER" : "trellixpsirt@trellix.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-776" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://thrive.trellix.com/s/article/000014214", "name" : "https://thrive.trellix.com/s/article/000014214", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An attacker with access to an HX 10.0.0 and previous versions, may send specially-crafted data to the HX console. The malicious detection would then trigger file parsing containing exponential entity expansions in the consumer process thus causing a Denial of Service." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-29T11:15Z", "lastModifiedDate" : "2025-01-29T11:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0618", "ASSIGNER" : "trellixpsirt@trellix.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-94" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://thrive.trellix.com/s/article/000014456", "name" : "https://thrive.trellix.com/s/article/000014456", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A malicious third party could invoke a persistent denial of service vulnerability in FireEye EDR agent by sending a specially-crafted tamper protection event to the HX service to trigger an exception. This exception will prevent any further tamper protection events from being processed, even after a reboot of HX." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-04-23T07:15Z", "lastModifiedDate" : "2025-04-23T07:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0619", "ASSIGNER" : "security@m-files.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://product.m-files.com/security-advisories/cve-2025-0619/", "name" : "https://product.m-files.com/security-advisories/cve-2025-0619/", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Unsafe password recovery from configuration in M-Files Server before 25.1 allows a highly privileged user to recover external connector passwords" } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-23T11:15Z", "lastModifiedDate" : "2025-01-23T11:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0620", "ASSIGNER" : "secalert@redhat.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-552" } ] } ] }, "references" : { "reference_data" : [ { "url" : "http://www.openwall.com/lists/oss-security/2025/06/03/8", "name" : "http://www.openwall.com/lists/oss-security/2025/06/03/8", "refsource" : "", "tags" : [ "Mailing List", "Third Party Advisory" ] }, { "url" : "https://access.redhat.com/security/cve/CVE-2025-0620", "name" : "https://access.redhat.com/security/cve/CVE-2025-0620", "refsource" : "", "tags" : [ "Third Party Advisory" ] }, { "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2370453", "name" : "RHBZ#2370453", "refsource" : "", "tags" : [ "Issue Tracking", "Third Party Advisory" ] }, { "url" : "https://www.samba.org/samba/security/CVE-2025-0620.html", "name" : "https://www.samba.org/samba/security/CVE-2025-0620.html", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A flaw was found in Samba. The smbd service daemon does not pick up group membership changes when re-authenticating an expired SMB session. This issue can expose file shares until clients disconnect and then connect again." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*", "versionStartIncluding" : "4.21.0", "versionEndExcluding" : "4.21.6", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "HIGH", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 4.9, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 1.2, "impactScore" : 3.6 } }, "publishedDate" : "2025-06-06T14:15Z", "lastModifiedDate" : "2025-08-13T15:12Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0622", "ASSIGNER" : "secalert@redhat.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://access.redhat.com/errata/RHSA-2025:6990", "name" : "RHSA-2025:6990", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/security/cve/CVE-2025-0622", "name" : "https://access.redhat.com/security/cve/CVE-2025-0622", "refsource" : "", "tags" : [ ] }, { "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2345865", "name" : "RHBZ#2345865", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded. This flaw allows an attacker to force grub2 to call the hooks once the module that registered it was unloaded, leading to a use-after-free vulnerability. If correctly exploited, this vulnerability may result in arbitrary code execution, eventually allowing the attacker to bypass secure boot protections." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-18T20:15Z", "lastModifiedDate" : "2025-05-13T20:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0623", "ASSIGNER" : "security@watchguard.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-21T17:15Z", "lastModifiedDate" : "2025-01-21T17:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0624", "ASSIGNER" : "secalert@redhat.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://access.redhat.com/errata/RHSA-2025:2521", "name" : "RHSA-2025:2521", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/errata/RHSA-2025:2653", "name" : "RHSA-2025:2653", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/errata/RHSA-2025:2655", "name" : "RHSA-2025:2655", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/errata/RHSA-2025:2675", "name" : "RHSA-2025:2675", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/errata/RHSA-2025:2784", "name" : "RHSA-2025:2784", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/errata/RHSA-2025:2799", "name" : "RHSA-2025:2799", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/errata/RHSA-2025:2867", "name" : "RHSA-2025:2867", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/errata/RHSA-2025:2869", "name" : "RHSA-2025:2869", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/errata/RHSA-2025:3297", "name" : "RHSA-2025:3297", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/errata/RHSA-2025:3301", "name" : "RHSA-2025:3301", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/errata/RHSA-2025:3367", "name" : "RHSA-2025:3367", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/errata/RHSA-2025:3396", "name" : "RHSA-2025:3396", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/errata/RHSA-2025:3573", "name" : "RHSA-2025:3573", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/errata/RHSA-2025:3577", "name" : "RHSA-2025:3577", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/errata/RHSA-2025:3780", "name" : "RHSA-2025:3780", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/errata/RHSA-2025:4422", "name" : "RHSA-2025:4422", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/errata/RHSA-2025:7702", "name" : "RHSA-2025:7702", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/security/cve/CVE-2025-0624", "name" : "https://access.redhat.com/security/cve/CVE-2025-0624", "refsource" : "", "tags" : [ ] }, { "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2346112", "name" : "RHBZ#2346112", "refsource" : "", "tags" : [ ] }, { "url" : "https://security.netapp.com/advisory/ntap-20250516-0006/", "name" : "https://security.netapp.com/advisory/ntap-20250516-0006/", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grub_strcpy() function. During this step, it fails to consider the environment variable length when allocating the internal buffer, resulting in an out-of-bounds write. If correctly exploited, this issue may result in remote code execution through the same network segment grub is searching for the boot information, which can be used to by-pass secure boot protections." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-19T19:15Z", "lastModifiedDate" : "2025-05-21T15:16Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0625", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "NVD-CWE-noinfo" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/KhukuriRimal/Vulnerabilities/blob/main/Insecure%20Direct%20Object%20Reference%20(IDOR)%20-%20All%20Student%20Homework%20Downloadable.pdf", "name" : "https://github.com/KhukuriRimal/Vulnerabilities/blob/main/Insecure%20Direct%20Object%20Reference%20(IDOR)%20-%20All%20Student%20Homework%20Downloadable.pdf", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://github.com/KhukuriRimal/Vulnerabilities/blob/main/Insecure%20Direct%20Object%20Reference%20(IDOR)%20-%20All%20Student%20Homework%20Downloadable.pdf", "name" : "https://github.com/KhukuriRimal/Vulnerabilities/blob/main/Insecure%20Direct%20Object%20Reference%20(IDOR)%20-%20All%20Student%20Homework%20Downloadable.pdf", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.292737", "name" : "VDB-292737 | CTI Indicators (IOB, IOC)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.292737", "name" : "VDB-292737 | CampCodes School Management Software Attachment resource injection", "refsource" : "", "tags" : [ "VDB Entry", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?submit.484917", "name" : "Submit #484917 | CampCodes School Management Software 1.0 Insecure Direct Object Reference (IDOR)", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://www.campcodes.com/", "name" : "https://www.campcodes.com/", "refsource" : "", "tags" : [ "Product" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as problematic, was found in CampCodes School Management Software 1.0. This affects an unknown part of the component Attachment Handler. The manipulation leads to improper control of resource identifiers. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:campcodes:school_management_software:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-01-22T02:15Z", "lastModifiedDate" : "2025-03-28T19:14Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0626", "ASSIGNER" : "ics-cert@hq.dhs.gov" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.bleepingcomputer.com/news/security/backdoor-found-in-two-healthcare-patient-monitors-linked-to-ip-in-china/", "name" : "https://www.bleepingcomputer.com/news/security/backdoor-found-in-two-healthcare-patient-monitors-linked-to-ip-in-china/", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-030-01", "name" : "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-030-01", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.cisa.gov/resources-tools/resources/contec-cms8000-contains-backdoor", "name" : "https://www.cisa.gov/resources-tools/resources/contec-cms8000-contains-backdoor", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.fda.gov/medical-devices/safety-communications/cybersecurity-vulnerabilities-certain-patient-monitors-contec-and-epsimed-fda-safety-communication", "name" : "https://www.fda.gov/medical-devices/safety-communications/cybersecurity-vulnerabilities-certain-patient-monitors-contec-and-epsimed-fda-safety-communication", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.fda.gov/medical-devices/safety-communications/cybersecurity-vulnerabilities-certain-patient-monitors-contec-and-epsimed-fda-safety-communication", "name" : "https://www.fda.gov/medical-devices/safety-communications/cybersecurity-vulnerabilities-certain-patient-monitors-contec-and-epsimed-fda-safety-communication", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The \"monitor\" binary in the firmware of the affected product attempts to mount to a hard-coded, routable IP address, bypassing existing device network settings to do so. The function also enables the network interface of the device if it is disabled. The function is triggered by attempting to update the device from the user menu. This could serve as a backdoor to the device, and could lead to a malicious actor being able to upload and overwrite files on the device." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-30T19:15Z", "lastModifiedDate" : "2025-03-01T18:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0627", "ASSIGNER" : "contact@wpscan.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://wpscan.com/vulnerability/30fbe3c5-f190-48e8-a6bb-e8d78e001e7f/", "name" : "https://wpscan.com/vulnerability/30fbe3c5-f190-48e8-a6bb-e8d78e001e7f/", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The WordPress Tag, Category, and Taxonomy Manager WordPress plugin before 3.30.0 does not sanitise and escape some of its Widgets settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:taxopress:taxopress:*:*:*:*:*:wordpress:*:*", "versionEndExcluding" : "3.30.0", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-04-28T06:15Z", "lastModifiedDate" : "2025-04-30T18:29Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0628", "ASSIGNER" : "security@huntr.dev" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-285" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/berriai/litellm/commit/566d9354aab4215091b2e51ad0333e948125fa1b", "name" : "https://github.com/berriai/litellm/commit/566d9354aab4215091b2e51ad0333e948125fa1b", "refsource" : "", "tags" : [ ] }, { "url" : "https://huntr.com/bounties/6c0e2f75-2d03-42f9-9530-e16a973317fc", "name" : "https://huntr.com/bounties/6c0e2f75-2d03-42f9-9530-e16a973317fc", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An improper authorization vulnerability exists in the main-latest version of BerriAI/litellm. When a user with the role 'internal_user_viewer' logs into the application, they are provided with an overly privileged API key. This key can be used to access all the admin functionality of the application, including endpoints such as '/users/list' and '/users/get_users'. This vulnerability allows for privilege escalation within the application, enabling any account to become a PROXY ADMIN." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-03-20T10:15Z", "lastModifiedDate" : "2025-03-20T10:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0629", "ASSIGNER" : "contact@wpscan.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://wpscan.com/vulnerability/39c36d6d-5522-422b-b890-524e27e67f7c/", "name" : "https://wpscan.com/vulnerability/39c36d6d-5522-422b-b890-524e27e67f7c/", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://wpscan.com/vulnerability/39c36d6d-5522-422b-b890-524e27e67f7c/", "name" : "https://wpscan.com/vulnerability/39c36d6d-5522-422b-b890-524e27e67f7c/", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The Coronavirus (COVID-19) Notice Message WordPress plugin through 1.1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gallagherwebsitedesign:coronavirus_\\(covid-19\\)_notice_message:*:*:*:*:*:wordpress:*:*", "versionEndIncluding" : "1.1.2", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-03-11T06:15Z", "lastModifiedDate" : "2025-05-21T19:30Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0630", "ASSIGNER" : "ics-cert@hq.dhs.gov" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-73" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.cisa.gov/news-events/ics-advisories/icsa-25-035-01", "name" : "https://www.cisa.gov/news-events/ics-advisories/icsa-25-035-01", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Multiple Western Telematic (WTI) products contain a web interface that is vulnerable to a local file inclusion attack (LFI), where any authenticated user has privileged access to files on the device's filesystem." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-04T20:15Z", "lastModifiedDate" : "2025-02-04T20:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0631", "ASSIGNER" : "PSIRT@rockwellautomation.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1717.html", "name" : "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1717.html", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A Credential Exposure Vulnerability exists in the above-mentioned product and version. The vulnerability is due to using HTTP resulting in credentials being sent in clear text." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-28T19:15Z", "lastModifiedDate" : "2025-01-28T19:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0632", "ASSIGNER" : "cve-coordination@monash.edu" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://formulatrix.com/downloads/apps/repository/rockmaker/RockMaker%20V3/3.18/3.18.4.7/RockMakerWeb_3.18.4.7_setup.exe", "name" : "https://formulatrix.com/downloads/apps/repository/rockmaker/RockMaker%20V3/3.18/3.18.4.7/RockMakerWeb_3.18.4.7_setup.exe", "refsource" : "", "tags" : [ ] }, { "url" : "https://formulatrix.com/downloads/docs/cve/RockMaker/CVE-2025-0632_Security_Bulletin.pdf", "name" : "https://formulatrix.com/downloads/docs/cve/RockMaker/CVE-2025-0632_Security_Bulletin.pdf", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.formulatrix.com/downloads/apps/repository/rockmaker/", "name" : "https://www.formulatrix.com/downloads/apps/repository/rockmaker/", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Local File Inclusion (LFI) vulnerability in a Render function of Formulatrix Rock Maker Web (RMW) allows a remote attacker to obtain sensitive data via arbitrary code execution. A malicious actor could execute malicious scripts to automatically download configuration files in known locations to exfiltrate data including credentials, and with no rate limiting a malicious actor could enumerate the filesystem of the host machine and potentially lead to full host compromise.\n\nThis issue affects Rock Maker Web: from 3.2.1.1 and later" } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-04-21T06:15Z", "lastModifiedDate" : "2025-04-28T03:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0633", "ASSIGNER" : "PSIRT@samsung.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://gitlab.com/iniparser/iniparser/-/issues/177", "name" : "https://gitlab.com/iniparser/iniparser/-/issues/177", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Heap-based Buffer Overflow vulnerability in iniparser_dumpsection_ini() in iniparser allows attacker to read out of bound memory" } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-19T07:15Z", "lastModifiedDate" : "2025-02-19T07:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0634", "ASSIGNER" : "PSIRT@samsung.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/Samsung/rlottie/pull/571", "name" : "https://github.com/Samsung/rlottie/pull/571", "refsource" : "", "tags" : [ "Issue Tracking" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Use After Free vulnerability in Samsung Open Source rLottie allows Remote Code Inclusion.This issue affects rLottie: V0.2." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:samsung:rlottie:0.2:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-06-30T02:15Z", "lastModifiedDate" : "2025-07-08T14:19Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0635", "ASSIGNER" : "security@m-files.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://product.m-files.com/security-advisories/cve-2025-0635/", "name" : "https://product.m-files.com/security-advisories/cve-2025-0635/", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Denial of service condition in M-Files Server in versions before \n\n25.1.14445.5 allows an unauthenticated user to consume computing resources in certain conditions." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-23T11:15Z", "lastModifiedDate" : "2025-01-23T11:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0637", "ASSIGNER" : "cve-coordination@incibe.es" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-287" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.incibe.es/en/incibe-cert/notices/aviso/inadequate-access-control-beta10", "name" : "https://www.incibe.es/en/incibe-cert/notices/aviso/inadequate-access-control-beta10", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "It has been found that the Beta10 software does not provide for proper authorisation control in multiple areas of the application. This deficiency could allow a malicious actor, without authentication, to access private areas and/or areas intended for other roles. The vulnerability has been identified at least in the file or path ‘/app/tools.html’." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-23T16:15Z", "lastModifiedDate" : "2025-01-23T16:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0638", "ASSIGNER" : "sep@nlnetlabs.nl" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.nlnetlabs.nl/downloads/routinator/CVE-2025-0638.txt", "name" : "https://www.nlnetlabs.nl/downloads/routinator/CVE-2025-0638.txt", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The initial code parsing the manifest did not check the content of the file names yet later code assumed that it was checked and panicked when encountering illegal characters, resulting in a crash of Routinator." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-22T16:15Z", "lastModifiedDate" : "2025-01-22T16:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0639", "ASSIGNER" : "cve@gitlab.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-770" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/514507", "name" : "GitLab Issue #514507", "refsource" : "", "tags" : [ "Broken Link" ] }, { "url" : "https://hackerone.com/reports/2946553", "name" : "HackerOne Bug Bounty Report #2946553", "refsource" : "", "tags" : [ "Permissions Required" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An issue has been discovered affecting service availability via issue preview in GitLab CE/EE affecting all versions from 16.7 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "versionStartIncluding" : "17.10.0", "versionEndExcluding" : "17.10.5", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding" : "17.10.0", "versionEndExcluding" : "17.10.5", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:17.11.0:*:*:*:community:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:17.11.0:*:*:*:enterprise:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "versionStartIncluding" : "16.7.0", "versionEndExcluding" : "17.9.7", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding" : "16.7.0", "versionEndExcluding" : "17.9.7", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "NONE", "availabilityImpact" : "HIGH", "baseScore" : 7.5, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 3.9, "impactScore" : 3.6 } }, "publishedDate" : "2025-04-24T08:15Z", "lastModifiedDate" : "2025-08-08T16:54Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0646", "ASSIGNER" : "cve@gitlab.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-07-09T23:15Z", "lastModifiedDate" : "2025-07-09T23:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0648", "ASSIGNER" : "security@m-files.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://product.m-files.com/security-advisories/cve-2025-0648/", "name" : "https://product.m-files.com/security-advisories/cve-2025-0648/", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Unexpected server crash in database driver in M-Files Server before 25.1.14445.5 and before 24.8 LTS SR3 allows a highly privileged attacker to cause denial of service via configuration change." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-23T11:15Z", "lastModifiedDate" : "2025-02-17T13:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0649", "ASSIGNER" : "security@google.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-787" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/tensorflow/serving/commit/6cb013167d13f2ed3930aabb86dbc2c8c53f5adf", "name" : "https://github.com/tensorflow/serving/commit/6cb013167d13f2ed3930aabb86dbc2c8c53f5adf", "refsource" : "", "tags" : [ "Patch" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Incorrect JSON input stringification in Google's Tensorflow serving versions up to 2.18.0 allows for potentially unbounded recursion leading to server crash." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:google:tensorflow_serving:*:*:*:*:*:*:*:*", "versionEndIncluding" : "2.18.0", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "NONE", "availabilityImpact" : "HIGH", "baseScore" : 7.5, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 3.9, "impactScore" : 3.6 } }, "publishedDate" : "2025-05-06T21:16Z", "lastModifiedDate" : "2025-07-31T18:12Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0650", "ASSIGNER" : "secalert@redhat.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "http://www.openwall.com/lists/oss-security/2025/01/22/11", "name" : "http://www.openwall.com/lists/oss-security/2025/01/22/11", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/errata/RHSA-2025:1083", "name" : "RHSA-2025:1083", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/errata/RHSA-2025:1084", "name" : "RHSA-2025:1084", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/errata/RHSA-2025:1085", "name" : "RHSA-2025:1085", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/errata/RHSA-2025:1086", "name" : "RHSA-2025:1086", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/errata/RHSA-2025:1087", "name" : "RHSA-2025:1087", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/errata/RHSA-2025:1088", "name" : "RHSA-2025:1088", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/errata/RHSA-2025:1089", "name" : "RHSA-2025:1089", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/errata/RHSA-2025:1090", "name" : "RHSA-2025:1090", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/errata/RHSA-2025:1091", "name" : "RHSA-2025:1091", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/errata/RHSA-2025:1092", "name" : "RHSA-2025:1092", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/errata/RHSA-2025:1093", "name" : "RHSA-2025:1093", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/errata/RHSA-2025:1094", "name" : "RHSA-2025:1094", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/errata/RHSA-2025:1095", "name" : "RHSA-2025:1095", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/errata/RHSA-2025:1096", "name" : "RHSA-2025:1096", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/errata/RHSA-2025:1097", "name" : "RHSA-2025:1097", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/security/cve/CVE-2025-0650", "name" : "https://access.redhat.com/security/cve/CVE-2025-0650", "refsource" : "", "tags" : [ ] }, { "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2339537", "name" : "RHBZ#2339537", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.openwall.com/lists/oss-security/2025/01/22/5", "name" : "https://www.openwall.com/lists/oss-security/2025/01/22/5", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP packets may bypass egress access control lists (ACLs) in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized access to virtual machines and containers running on the OVN network." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-23T17:15Z", "lastModifiedDate" : "2025-02-06T09:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0651", "ASSIGNER" : "cna@cloudflare.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "NVD-CWE-noinfo" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://developers.cloudflare.com/warp-client/", "name" : "https://developers.cloudflare.com/warp-client/", "refsource" : "", "tags" : [ "Product" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Improper Privilege Management vulnerability in Cloudflare WARP on Windows allows File Manipulation.\n\nUser with a low system privileges  can create a set of symlinks inside the C:\\ProgramData\\Cloudflare\\warp-diag-partials folder. After triggering the 'Reset all settings\" option the WARP service will delete the files that the symlink was pointing to. Given the WARP service operates with System privileges this might lead to deleting files owned by the System user.\nThis issue affects WARP: before 2024.12.492.0." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:cloudflare:warp:*:*:*:*:*:windows:*:*", "versionEndExcluding" : "2024.12.492.0", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "attackVector" : "LOCAL", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 7.1, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 1.8, "impactScore" : 5.2 } }, "publishedDate" : "2025-01-22T18:15Z", "lastModifiedDate" : "2025-07-31T19:47Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0652", "ASSIGNER" : "cve@gitlab.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-863" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/514532", "name" : "GitLab Issue #514532", "refsource" : "", "tags" : [ "Broken Link" ] }, { "url" : "https://hackerone.com/reports/2947863", "name" : "HackerOne Bug Bounty Report #2947863", "refsource" : "", "tags" : [ "Permissions Required" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An issue has been discovered in GitLab EE/CE affecting all versions starting from 16.9 before 17.7.7, all versions starting from 17.8 before 17.8.5, all versions starting from 17.9 before 17.9.2 could allow unauthorized users to access confidential information intended for internal use only." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "versionStartIncluding" : "17.8.0", "versionEndExcluding" : "17.8.5", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "versionStartIncluding" : "17.9.0", "versionEndExcluding" : "17.9.2", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding" : "17.8.0", "versionEndExcluding" : "17.8.5", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding" : "17.9.0", "versionEndExcluding" : "17.9.2", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "versionStartIncluding" : "16.9.0", "versionEndExcluding" : "17.7.7", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding" : "16.9.0", "versionEndExcluding" : "17.7.7", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 6.5, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 3.6 } }, "publishedDate" : "2025-03-13T06:15Z", "lastModifiedDate" : "2025-08-08T01:09Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0654", "ASSIGNER" : "cve@gitlab.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-07-05T23:15Z", "lastModifiedDate" : "2025-07-05T23:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0655", "ASSIGNER" : "security@huntr.dev" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Rejected reason: ** REJECT ** DO NOT USE THIS CVE ID NUMBER. The Rejected CVE Record is a duplicate of CVE-2024-55890. Notes: All CVE users should reference CVE-2024-55890 instead of this CVE Record. All references and descriptions in this candidate have been removed to prevent accidental usage." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-03-20T10:15Z", "lastModifiedDate" : "2025-04-15T16:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0659", "ASSIGNER" : "PSIRT@rockwellautomation.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1715.html", "name" : "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1715.html", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A path\ntraversal vulnerability exists in the Rockwell Automation DataEdge Platform DataMosaix Private Cloud. By specifying the character\nsequence in the body of the vulnerable endpoint, it is possible to overwrite\nfiles outside of the intended directory. A threat actor with admin privileges could\nleverage this vulnerability to overwrite reports including user projects." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-28T16:15Z", "lastModifiedDate" : "2025-01-28T16:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0660", "ASSIGNER" : "security@concretecms.org" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://documentation.concretecms.org/9-x/developers/introduction/version-history/940-release-notes", "name" : "https://documentation.concretecms.org/9-x/developers/introduction/version-history/940-release-notes", "refsource" : "", "tags" : [ ] }, { "url" : "https://github.com/concretecms/bedrock/pull/370", "name" : "https://github.com/concretecms/bedrock/pull/370", "refsource" : "", "tags" : [ ] }, { "url" : "https://github.com/concretecms/concretecms/pull/12454", "name" : "https://github.com/concretecms/concretecms/pull/12454", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Concrete CMS versions 9.0.0 through 9.3.9 are affected by a stored XSS in Folder Function.The \"Add Folder\" functionality lacks input sanitization, allowing a rogue admin to inject XSS payloads as folder names.  The Concrete CMS security team gave this vulnerability a CVSS 4.0 Score of 4.8 with vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N. Versions below 9 are not affected. Thanks, Alfin Joseph for reporting." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-03-10T21:15Z", "lastModifiedDate" : "2025-03-10T21:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0661", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "NVD-CWE-noinfo" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://plugins.trac.wordpress.org/changeset/3236114/dethemekit-for-elementor/trunk/admin/includes/dep/admin-helper.php", "name" : "https://plugins.trac.wordpress.org/changeset/3236114/dethemekit-for-elementor/trunk/admin/includes/dep/admin-helper.php", "refsource" : "", "tags" : [ "Patch" ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/1e2c937c-1ff8-4bcc-913b-83bade37d754?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/1e2c937c-1ff8-4bcc-913b-83bade37d754?source=cve", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The DethemeKit For Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.36 via the duplicate_post() function due to insufficient restrictions on which posts can be duplicated. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from password protected, private, draft, or scheduled posts that they should not have access to by duplicating the post." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:detheme:dethemekit_for_elementor:*:*:*:*:*:wordpress:*:*", "versionEndExcluding" : "2.1.9", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 4.3, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 1.4 } }, "publishedDate" : "2025-02-13T07:15Z", "lastModifiedDate" : "2025-02-24T17:10Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0662", "ASSIGNER" : "secteam@freebsd.org" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://security.freebsd.org/advisories/FreeBSD-SA-25:04.ktrace.asc", "name" : "https://security.freebsd.org/advisories/FreeBSD-SA-25:04.ktrace.asc", "refsource" : "", "tags" : [ ] }, { "url" : "https://security.netapp.com/advisory/ntap-20250207-0006/", "name" : "https://security.netapp.com/advisory/ntap-20250207-0006/", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "In some cases, the ktrace facility will log the contents of kernel structures to userspace. In one such case, ktrace dumps a variable-sized sockaddr to userspace. There, the full sockaddr is copied, even when it is shorter than the full size. This can result in up to 14 uninitialized bytes of kernel memory being copied out to userspace.\n\nIt is possible for an unprivileged userspace program to leak 14 bytes of a kernel heap allocation to userspace." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-30T05:15Z", "lastModifiedDate" : "2025-02-07T17:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0664", "ASSIGNER" : "trellixpsirt@trellix.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-94" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://thrive.trellix.com/s/article/000014450", "name" : "https://thrive.trellix.com/s/article/000014450", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A locally authenticated, privileged user can craft a malicious OpenSSL configuration file, potentially leading the agent to load an arbitrary local library. This may impair endpoint defenses and allow the attacker to achieve code execution with SYSTEM-level privileges." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-07-21T07:15Z", "lastModifiedDate" : "2025-07-21T07:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0665", "ASSIGNER" : "cve@curl.se" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "http://www.openwall.com/lists/oss-security/2025/02/05/2", "name" : "http://www.openwall.com/lists/oss-security/2025/02/05/2", "refsource" : "", "tags" : [ "Mailing List", "Third Party Advisory" ] }, { "url" : "http://www.openwall.com/lists/oss-security/2025/02/05/5", "name" : "http://www.openwall.com/lists/oss-security/2025/02/05/5", "refsource" : "", "tags" : [ "Mailing List", "Third Party Advisory" ] }, { "url" : "https://curl.se/docs/CVE-2025-0665.html", "name" : "www", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://curl.se/docs/CVE-2025-0665.json", "name" : "json", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://hackerone.com/reports/2954286", "name" : "issue", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ] }, { "url" : "https://security.netapp.com/advisory/ntap-20250306-0007/", "name" : "https://security.netapp.com/advisory/ntap-20250306-0007/", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "libcurl would wrongly close the same eventfd file descriptor twice when taking\ndown a connection channel after having completed a threaded name resolve." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:haxx:curl:8.11.1:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] }, { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:netapp:bootstrap_os:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] }, { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] }, { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] }, { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] }, { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] }, { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] } ] }, "impact" : { }, "publishedDate" : "2025-02-05T10:15Z", "lastModifiedDate" : "2025-07-30T19:41Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0666", "ASSIGNER" : "vulnerability@ncsc.ch" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.compass-security.com/fileadmin/Research/Advisories/2025_01_CSNC-2025-002_BOINC_multiple_XSS.txt", "name" : "https://www.compass-security.com/fileadmin/Research/Advisories/2025_01_CSNC-2025-002_BOINC_multiple_XSS.txt", "refsource" : "", "tags" : [ "Third Party Advisory", "Exploit" ] }, { "url" : "https://www.compass-security.com/fileadmin/Research/Advisories/2025_01_CSNC-2025-002_BOINC_multiple_XSS.txt", "name" : "https://www.compass-security.com/fileadmin/Research/Advisories/2025_01_CSNC-2025-002_BOINC_multiple_XSS.txt", "refsource" : "", "tags" : [ "Third Party Advisory", "Exploit" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in BOINC Server allows Stored XSS.This issue affects BOINC Server: through 1.4.7." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:universityofcalifornia:boinc_server:*:*:*:*:*:*:*:*", "versionEndIncluding" : "1.4.7", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 5.4, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.3, "impactScore" : 2.7 } }, "publishedDate" : "2025-05-07T08:15Z", "lastModifiedDate" : "2025-07-08T16:44Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0667", "ASSIGNER" : "vulnerability@ncsc.ch" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.compass-security.com/fileadmin/Research/Advisories/2025_02_CSNC-2025-003_BOINC_stored_XSS.txt", "name" : "https://www.compass-security.com/fileadmin/Research/Advisories/2025_02_CSNC-2025-003_BOINC_stored_XSS.txt", "refsource" : "", "tags" : [ "Third Party Advisory", "Exploit" ] }, { "url" : "https://www.compass-security.com/fileadmin/Research/Advisories/2025_02_CSNC-2025-003_BOINC_stored_XSS.txt", "name" : "https://www.compass-security.com/fileadmin/Research/Advisories/2025_02_CSNC-2025-003_BOINC_stored_XSS.txt", "refsource" : "", "tags" : [ "Third Party Advisory", "Exploit" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in BOINC Server allows Stored XSS.This issue affects BOINC Server: through 1.4.7." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:universityofcalifornia:boinc_server:*:*:*:*:*:*:*:*", "versionEndIncluding" : "1.4.7", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 5.4, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.3, "impactScore" : 2.7 } }, "publishedDate" : "2025-05-07T08:15Z", "lastModifiedDate" : "2025-07-08T16:48Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0668", "ASSIGNER" : "vulnerability@ncsc.ch" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.compass-security.com/fileadmin/Research/Advisories/2025_03_CSNC-2025-004_BOINC_multiple_SQLi.txt", "name" : "https://www.compass-security.com/fileadmin/Research/Advisories/2025_03_CSNC-2025-004_BOINC_multiple_SQLi.txt", "refsource" : "", "tags" : [ "Third Party Advisory", "Exploit" ] }, { "url" : "https://www.compass-security.com/fileadmin/Research/Advisories/2025_03_CSNC-2025-004_BOINC_multiple_SQLi.txt", "name" : "https://www.compass-security.com/fileadmin/Research/Advisories/2025_03_CSNC-2025-004_BOINC_multiple_SQLi.txt", "refsource" : "", "tags" : [ "Third Party Advisory", "Exploit" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in BOINC Server allows Stored XSS.This issue affects BOINC Server: before 1.4.5." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:universityofcalifornia:boinc_server:*:*:*:*:*:*:*:*", "versionEndExcluding" : "1.4.5", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 9.8, "baseSeverity" : "CRITICAL" }, "exploitabilityScore" : 3.9, "impactScore" : 5.9 } }, "publishedDate" : "2025-05-07T08:15Z", "lastModifiedDate" : "2025-07-08T16:47Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0669", "ASSIGNER" : "vulnerability@ncsc.ch" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.compass-security.com/fileadmin/Research/Advisories/2025_04_CSNC-2025-005_BOINC_CSRF.txt", "name" : "https://www.compass-security.com/fileadmin/Research/Advisories/2025_04_CSNC-2025-005_BOINC_CSRF.txt", "refsource" : "", "tags" : [ "Third Party Advisory", "Exploit" ] }, { "url" : "https://www.compass-security.com/fileadmin/Research/Advisories/2025_04_CSNC-2025-005_BOINC_CSRF.txt", "name" : "https://www.compass-security.com/fileadmin/Research/Advisories/2025_04_CSNC-2025-005_BOINC_CSRF.txt", "refsource" : "", "tags" : [ "Third Party Advisory", "Exploit" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Cross-Site Request Forgery (CSRF) vulnerability in BOINC Server allows Cross Site Request Forgery.This issue affects BOINC Server: before 1.4.3." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:universityofcalifornia:boinc_server:*:*:*:*:*:*:*:*", "versionEndExcluding" : "1.4.3", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "REQUIRED", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 8.8, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 2.8, "impactScore" : 5.9 } }, "publishedDate" : "2025-05-07T08:15Z", "lastModifiedDate" : "2025-07-08T16:48Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0671", "ASSIGNER" : "contact@wpscan.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://wpscan.com/vulnerability/f4e04f01-31cb-4f5e-9739-12f803600e60/", "name" : "https://wpscan.com/vulnerability/f4e04f01-31cb-4f5e-9739-12f803600e60/", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The Icegram Express WordPress plugin before 5.7.50 does not sanitise and escape some of its Template settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:icegram:icegram_express:*:*:*:*:*:wordpress:*:*", "versionEndExcluding" : "5.7.50", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-04-25T06:15Z", "lastModifiedDate" : "2025-04-29T21:20Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0673", "ASSIGNER" : "cve@gitlab.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-835" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/514732", "name" : "GitLab Issue #514732", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking" ] }, { "url" : "https://hackerone.com/reports/2936949", "name" : "HackerOne Bug Bounty Report #2936949", "refsource" : "", "tags" : [ "Permissions Required" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An issue has been discovered in GitLab CE/EE affecting all versions from 17.7 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2, allow an attacker to trigger an infinite redirect loop, potentially leading to a denial of service condition." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "versionStartIncluding" : "17.11.0", "versionEndExcluding" : "17.11.4", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "versionStartIncluding" : "18.0.0", "versionEndExcluding" : "18.0.2", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding" : "17.11.0", "versionEndExcluding" : "17.11.4", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding" : "18.0.0", "versionEndExcluding" : "18.0.2", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "versionStartIncluding" : "17.7.0", "versionEndExcluding" : "17.10.8", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding" : "17.7.0", "versionEndExcluding" : "17.10.8", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-06-12T11:15Z", "lastModifiedDate" : "2025-08-08T18:21Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0674", "ASSIGNER" : "ics-cert@hq.dhs.gov" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-288" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.cisa.gov/news-events/ics-advisories/icsa-25-035-03", "name" : "https://www.cisa.gov/news-events/ics-advisories/icsa-25-035-03", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Multiple Elber products are affected by an authentication bypass \nvulnerability which allows unauthorized access to the password \nmanagement functionality. Attackers can exploit this issue by \nmanipulating the endpoint to overwrite any user's password within the \nsystem. This grants them unauthorized administrative access to protected\n areas of the application, compromising the device's system security." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-07T00:15Z", "lastModifiedDate" : "2025-02-07T00:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0675", "ASSIGNER" : "ics-cert@hq.dhs.gov" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-912" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.cisa.gov/news-events/ics-advisories/icsa-25-035-03", "name" : "https://www.cisa.gov/news-events/ics-advisories/icsa-25-035-03", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Multiple Elber products suffer from an unauthenticated device configuration and client-side hidden functionality disclosure." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-07T00:15Z", "lastModifiedDate" : "2025-02-07T00:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0676", "ASSIGNER" : "psirt@moxa.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-259491-cve-2025-0676-command-injection-leading-to-privilege-escalation", "name" : "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-259491-cve-2025-0676-command-injection-leading-to-privilege-escalation", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "This vulnerability involves command injection in tcpdump within Moxa products, enabling an authenticated attacker with console access to exploit improper input validation to inject and execute systems commands. Successful exploitation could result in privilege escalation, allowing the attacker to gain root shell access and maintain persistent control over the device, potentially disrupting network services and affecting the availability of downstream systems that rely on its connectivity." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-04-02T07:15Z", "lastModifiedDate" : "2025-04-02T14:58Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0677", "ASSIGNER" : "secalert@redhat.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://access.redhat.com/errata/RHSA-2025:6990", "name" : "RHSA-2025:6990", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/security/cve/CVE-2025-0677", "name" : "https://access.redhat.com/security/cve/CVE-2025-0677", "refsource" : "", "tags" : [ ] }, { "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2346116", "name" : "RHBZ#2346116", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A flaw was found in grub2. When performing a symlink lookup, the grub's UFS module checks the inode's data size to allocate the internal buffer to read the file content, however, it fails to check if the symlink data size has overflown. When this occurs, grub_malloc() may be called with a smaller value than needed. When further reading the data from the disk into the buffer, the grub_ufs_lookup_symlink() function will write past the end of the allocated size. An attack can leverage this by crafting a malicious filesystem, and as a result, it will corrupt data stored in the heap, allowing for arbitrary code execution used to by-pass secure boot mechanisms." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-19T19:15Z", "lastModifiedDate" : "2025-05-13T20:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0678", "ASSIGNER" : "secalert@redhat.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://access.redhat.com/security/cve/CVE-2025-0678", "name" : "https://access.redhat.com/security/cve/CVE-2025-0678", "refsource" : "", "tags" : [ "Broken Link" ] }, { "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2346118", "name" : "RHBZ#2346118", "refsource" : "", "tags" : [ "Issue Tracking" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A flaw was found in grub2. When reading data from a squash4 filesystem, grub's squash4 fs module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciously crafted filesystem may lead some of those buffer size calculations to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result, the direct_read() will perform a heap based out-of-bounds write during data reading. This flaw may be leveraged to corrupt grub's internal critical data and may result in arbitrary code execution, by-passing secure boot protections." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gnu:grub2:*:*:*:*:*:*:*:*", "versionEndIncluding" : "2.12", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-03-03T17:15Z", "lastModifiedDate" : "2025-03-25T05:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0679", "ASSIGNER" : "cve@gitlab.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "NVD-CWE-noinfo" }, { "lang" : "en", "value" : "CWE-359" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/514751", "name" : "GitLab Issue #514751", "refsource" : "", "tags" : [ "Broken Link" ] }, { "url" : "https://hackerone.com/reports/2952536", "name" : "HackerOne Bug Bounty Report #2952536", "refsource" : "", "tags" : [ "Permissions Required" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An issue has been discovered in GitLab CE/EE affecting all versions from 17.1 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. Under certain conditions un-authorised users can view full email addresses that should be partially obscured." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:18.0.0:*:*:*:community:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:18.0.0:*:*:*:enterprise:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "versionStartIncluding" : "17.11.0", "versionEndExcluding" : "17.11.3", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding" : "17.11.0", "versionEndExcluding" : "17.11.3", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "versionStartIncluding" : "17.1.0", "versionEndExcluding" : "17.10.7", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "versionStartIncluding" : "17.1.0", "versionEndExcluding" : "17.10.7", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 4.3, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 1.4 } }, "publishedDate" : "2025-05-22T15:16Z", "lastModifiedDate" : "2025-05-29T15:57Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0680", "ASSIGNER" : "ics-cert@hq.dhs.gov" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-78" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.cisa.gov/news-events/ics-advisories/icsa-25-030-02", "name" : "https://www.cisa.gov/news-events/ics-advisories/icsa-25-030-02", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.newrocktech.com/ContactUs/index.html", "name" : "https://www.newrocktech.com/ContactUs/index.html", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Affected products contain a vulnerability in the device cloud rpc command handling process that could allow remote attackers to take control over arbitrary devices connected to the cloud." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-30T19:15Z", "lastModifiedDate" : "2025-01-30T19:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0681", "ASSIGNER" : "ics-cert@hq.dhs.gov" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-155" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.cisa.gov/news-events/ics-advisories/icsa-25-030-02", "name" : "https://www.cisa.gov/news-events/ics-advisories/icsa-25-030-02", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.newrocktech.com/ContactUs/index.html", "name" : "https://www.newrocktech.com/ContactUs/index.html", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The Cloud MQTT service of the affected products supports wildcard topic \nsubscription which could allow an attacker to obtain sensitive \ninformation from tapping the service communications." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-30T19:15Z", "lastModifiedDate" : "2025-01-30T19:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0682", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-98" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://themeforest.net/item/qwery-multipurpose-business-wordpress-theme/29678687", "name" : "https://themeforest.net/item/qwery-multipurpose-business-wordpress-theme/29678687", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/15a9718f-f877-4e33-8f7a-950791c4ca85?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/15a9718f-f877-4e33-8f7a-950791c4ca85?source=cve", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The ThemeREX Addons plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.33.0 via the 'trx_sc_reviews' shortcode 'type' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where php file type can be uploaded and included." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:themerex:addons:*:*:*:*:*:wordpress:*:*", "versionEndExcluding" : "2.34.0", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 8.8, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 2.8, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-25T06:15Z", "lastModifiedDate" : "2025-08-08T02:08Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0683", "ASSIGNER" : "ics-cert@hq.dhs.gov" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.bleepingcomputer.com/news/security/backdoor-found-in-two-healthcare-patient-monitors-linked-to-ip-in-china/", "name" : "https://www.bleepingcomputer.com/news/security/backdoor-found-in-two-healthcare-patient-monitors-linked-to-ip-in-china/", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-030-01", "name" : "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-030-01", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.cisa.gov/resources-tools/resources/contec-cms8000-contains-backdoor", "name" : "https://www.cisa.gov/resources-tools/resources/contec-cms8000-contains-backdoor", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.fda.gov/medical-devices/safety-communications/cybersecurity-vulnerabilities-certain-patient-monitors-contec-and-epsimed-fda-safety-communication", "name" : "https://www.fda.gov/medical-devices/safety-communications/cybersecurity-vulnerabilities-certain-patient-monitors-contec-and-epsimed-fda-safety-communication", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.fda.gov/medical-devices/safety-communications/cybersecurity-vulnerabilities-certain-patient-monitors-contec-and-epsimed-fda-safety-communication", "name" : "https://www.fda.gov/medical-devices/safety-communications/cybersecurity-vulnerabilities-certain-patient-monitors-contec-and-epsimed-fda-safety-communication", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "In its default configuration, Contec Health CMS8000 Patient Monitor transmits plain-text \npatient data to a hard-coded public IP address when a patient is hooked \nup to the monitor. This could lead to a leakage of confidential patient \ndata to any device with that IP address or an attacker in a \nmachine-in-the-middle scenario." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-30T19:15Z", "lastModifiedDate" : "2025-01-31T18:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0684", "ASSIGNER" : "secalert@redhat.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://access.redhat.com/security/cve/CVE-2025-0684", "name" : "https://access.redhat.com/security/cve/CVE-2025-0684", "refsource" : "", "tags" : [ "Third Party Advisory" ] }, { "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2346119", "name" : "RHBZ#2346119", "refsource" : "", "tags" : [ "Issue Tracking" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A flaw was found in grub2. When performing a symlink lookup from a reiserfs filesystem, grub's reiserfs fs module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciouly crafted filesystem may lead some of those buffer size calculations to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result, the grub_reiserfs_read_symlink() will call grub_reiserfs_read_real() with a overflown length parameter, leading to a heap based out-of-bounds write during data reading. This flaw may be leveraged to corrupt grub's internal critical data and can result in arbitrary code execution, by-passing secure boot protections." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gnu:grub2:*:*:*:*:*:*:*:*", "versionEndIncluding" : "2.12", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "LOCAL", "attackComplexity" : "HIGH", "privilegesRequired" : "HIGH", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 6.4, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 0.5, "impactScore" : 5.9 } }, "publishedDate" : "2025-03-03T18:15Z", "lastModifiedDate" : "2025-07-28T17:22Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0685", "ASSIGNER" : "secalert@redhat.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://access.redhat.com/security/cve/CVE-2025-0685", "name" : "https://access.redhat.com/security/cve/CVE-2025-0685", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2346120", "name" : "RHBZ#2346120", "refsource" : "", "tags" : [ "Issue Tracking" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A flaw was found in grub2. When reading data from a jfs filesystem, grub's jfs filesystem module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciouly crafted filesystem may lead some of those buffer size calculations to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result, the grub_jfs_lookup_symlink() function will write past the internal buffer length during grub_jfs_read_file(). This issue can be leveraged to corrupt grub's internal critical data and may result in arbitrary code execution, by-passing secure boot protections." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gnu:grub2:*:*:*:*:*:*:*:*", "versionEndIncluding" : "2.12", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "LOCAL", "attackComplexity" : "HIGH", "privilegesRequired" : "HIGH", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 6.4, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 0.5, "impactScore" : 5.9 } }, "publishedDate" : "2025-03-03T18:15Z", "lastModifiedDate" : "2025-07-28T17:23Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0686", "ASSIGNER" : "secalert@redhat.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://access.redhat.com/security/cve/CVE-2025-0686", "name" : "https://access.redhat.com/security/cve/CVE-2025-0686", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2346121", "name" : "RHBZ#2346121", "refsource" : "", "tags" : [ "Issue Tracking" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A flaw was found in grub2. When performing a symlink lookup from a romfs filesystem, grub's romfs filesystem module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciously crafted filesystem may lead some of those buffer size calculations to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result, the grub_romfs_read_symlink() may cause out-of-bounds writes when the calling grub_disk_read() function. This issue may be leveraged to corrupt grub's internal critical data and can result in arbitrary code execution by-passing secure boot protections." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gnu:grub2:*:*:*:*:*:*:*:*", "versionEndIncluding" : "2.12", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "LOCAL", "attackComplexity" : "HIGH", "privilegesRequired" : "HIGH", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 6.4, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 0.5, "impactScore" : 5.9 } }, "publishedDate" : "2025-03-03T18:15Z", "lastModifiedDate" : "2025-07-28T17:23Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0687", "ASSIGNER" : "contact@wpscan.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://wpscan.com/vulnerability/3c1e21e1-32f2-4a20-9262-80e1cdab534d/", "name" : "https://wpscan.com/vulnerability/3c1e21e1-32f2-4a20-9262-80e1cdab534d/", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://wpscan.com/vulnerability/3c1e21e1-32f2-4a20-9262-80e1cdab534d/", "name" : "https://wpscan.com/vulnerability/3c1e21e1-32f2-4a20-9262-80e1cdab534d/", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The Spiritual Gifts Survey (and optional S.H.A.P.E survey) WordPress plugin through 0.9.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mynamedia:spiritual_gifts_survey_\\(and_optional_s.h.a.p.e_survey\\):*:*:*:*:*:wordpress:*:*", "versionEndIncluding" : "0.9.10", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-05-15T20:16Z", "lastModifiedDate" : "2025-05-28T15:32Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0688", "ASSIGNER" : "contact@wpscan.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://wpscan.com/vulnerability/1e2b77c3-ad45-4734-998a-c1722ebd1f4f/", "name" : "https://wpscan.com/vulnerability/1e2b77c3-ad45-4734-998a-c1722ebd1f4f/", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://wpscan.com/vulnerability/1e2b77c3-ad45-4734-998a-c1722ebd1f4f/", "name" : "https://wpscan.com/vulnerability/1e2b77c3-ad45-4734-998a-c1722ebd1f4f/", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The Spiritual Gifts Survey (and optional S.H.A.P.E survey) WordPress plugin through 0.9.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:mynamedia:spiritual_gifts_survey_\\(and_optional_s.h.a.p.e_survey\\):*:*:*:*:*:wordpress:*:*", "versionEndIncluding" : "0.9.10", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-05-15T20:16Z", "lastModifiedDate" : "2025-05-28T15:32Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0689", "ASSIGNER" : "secalert@redhat.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://access.redhat.com/security/cve/CVE-2025-0689", "name" : "https://access.redhat.com/security/cve/CVE-2025-0689", "refsource" : "", "tags" : [ "Third Party Advisory" ] }, { "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2346122", "name" : "RHBZ#2346122", "refsource" : "", "tags" : [ "Issue Tracking", "Third Party Advisory" ] }, { "url" : "https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html", "name" : "https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html", "refsource" : "", "tags" : [ "Mailing List", "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "When reading data from disk, the grub's UDF filesystem module utilizes the user controlled data length metadata to allocate its internal buffers. In certain scenarios, while iterating through disk sectors, it assumes the read size from the disk is always smaller than the allocated buffer size which is not guaranteed. A crafted filesystem image may lead to a heap-based buffer overflow resulting in critical data to be corrupted, resulting in the risk of arbitrary code execution by-passing secure boot protections." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:gnu:grub2:*:*:*:*:*:*:*:*", "versionEndIncluding" : "2.12", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "attackVector" : "LOCAL", "attackComplexity" : "HIGH", "privilegesRequired" : "LOW", "userInteraction" : "REQUIRED", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 6.7, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 0.8, "impactScore" : 5.9 } }, "publishedDate" : "2025-03-03T15:15Z", "lastModifiedDate" : "2025-08-12T14:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0690", "ASSIGNER" : "secalert@redhat.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://access.redhat.com/errata/RHSA-2025:6990", "name" : "RHSA-2025:6990", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/security/cve/CVE-2025-0690", "name" : "https://access.redhat.com/security/cve/CVE-2025-0690", "refsource" : "", "tags" : [ ] }, { "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2346123", "name" : "RHBZ#2346123", "refsource" : "", "tags" : [ ] }, { "url" : "https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html", "name" : "https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The read command is used to read the keyboard input from the user, while reads it keeps the input length in a 32-bit integer value which is further used to reallocate the line buffer to accept the next character. During this process, with a line big enough it's possible to make this variable to overflow leading to a out-of-bounds write in the heap based buffer. This flaw may be leveraged to corrupt grub's internal critical data and secure boot bypass is not discarded as consequence." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-24T08:15Z", "lastModifiedDate" : "2025-05-13T20:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0691", "ASSIGNER" : "security@devolutions.net" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "NVD-CWE-noinfo" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://devolutions.net/security/advisories/DEVO-2025-0011/", "name" : "https://devolutions.net/security/advisories/DEVO-2025-0011/", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Improper access control in permissions component in Devolutions Server 2025.1.10.0 and earlier allows an authenticated user to bypass the \"Edit permission\" permission by bypassing the client side validation." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:devolutions:devolutions_server:*:*:*:*:*:*:*:*", "versionEndIncluding" : "2025.1.10.0", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-06-05T14:15Z", "lastModifiedDate" : "2025-07-02T13:11Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0692", "ASSIGNER" : "contact@wpscan.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://wpscan.com/vulnerability/176f329b-a861-4ab0-ad1d-02f750f9b691/", "name" : "https://wpscan.com/vulnerability/176f329b-a861-4ab0-ad1d-02f750f9b691/", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The Simple Video Management System WordPress plugin through 1.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:maximize:simple_video_management_system:*:*:*:*:*:wordpress:*:*", "versionEndIncluding" : "1.0.4", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-02-13T06:15Z", "lastModifiedDate" : "2025-05-26T01:11Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0693", "ASSIGNER" : "aws-security@amazon.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://aws.amazon.com/security/security-bulletins/AWS-2025-002/", "name" : "https://aws.amazon.com/security/security-bulletins/AWS-2025-002/", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Variable response times in the AWS Sign-in IAM user login flow allowed for the use of brute force enumeration techniques to identify valid IAM usernames in an arbitrary AWS account." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-23T22:15Z", "lastModifiedDate" : "2025-01-23T22:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0694", "ASSIGNER" : "info@cert.vde.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-22" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://cert.vde.com/en/advisories/VDE-2025-015", "name" : "https://cert.vde.com/en/advisories/VDE-2025-015", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Insufficient path validation in CODESYS Control allows low privileged attackers with physical access to gain full filesystem access." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "PHYSICAL", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 6.6, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 0.7, "impactScore" : 5.9 } }, "publishedDate" : "2025-03-18T11:15Z", "lastModifiedDate" : "2025-03-18T11:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0695", "ASSIGNER" : "prodsec@nozominetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-770" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2025-0695", "name" : "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2025-0695", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An Allocation of Resources Without Limits or Throttling vulnerability in Cesanta Frozen versions less than 1.7 allows an attacker to induce a crash of the component embedding the library by supplying a maliciously crafted JSON as input." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-27T11:15Z", "lastModifiedDate" : "2025-01-27T11:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0696", "ASSIGNER" : "prodsec@nozominetworks.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-476" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2025-0696", "name" : "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2025-0696", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A NULL Pointer Dereference vulnerability in Cesanta Frozen versions less than 1.7 allows an attacker to induce a crash of the component embedding the library by supplying a maliciously crafted JSON as input." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-27T11:15Z", "lastModifiedDate" : "2025-01-27T11:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0697", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-74" }, { "lang" : "en", "value" : "CWE-707" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/bloodbile/Telstra-RHI", "name" : "https://github.com/bloodbile/Telstra-RHI", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.293223", "name" : "VDB-293223 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.293223", "name" : "VDB-293223 | Telstra Smart Modem Gen 2 HTTP Header injection", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.480045", "name" : "Submit #480045 | Telstra Smart Modem Generation 2 HTTP Response Header Injection", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as problematic, was found in Telstra Smart Modem Gen 2 up to 20250115. This affects an unknown part of the component HTTP Header Handler. The manipulation of the argument Content-Disposition leads to injection. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 5.3, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 3.9, "impactScore" : 1.4 } }, "publishedDate" : "2025-01-24T15:15Z", "lastModifiedDate" : "2025-01-24T15:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0698", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" }, { "lang" : "en", "value" : "CWE-74" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/JoeyBling/bootplus/issues/19", "name" : "https://github.com/JoeyBling/bootplus/issues/19", "refsource" : "", "tags" : [ ] }, { "url" : "https://github.com/JoeyBling/bootplus/issues/19#issue-2786879797", "name" : "https://github.com/JoeyBling/bootplus/issues/19#issue-2786879797", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.293226", "name" : "VDB-293226 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.293226", "name" : "VDB-293226 | JoeyBling bootplus list sql injection", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.480827", "name" : "Submit #480827 | JoeyBling bootplus 1.0 SQL Injection", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. It has been classified as critical. Affected is an unknown function of the file /admin/sys/menu/list. The manipulation of the argument sort/order leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "LOW", "baseScore" : 6.3, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 3.4 } }, "publishedDate" : "2025-01-24T16:15Z", "lastModifiedDate" : "2025-01-24T16:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0699", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" }, { "lang" : "en", "value" : "CWE-74" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/JoeyBling/bootplus/issues/21", "name" : "https://github.com/JoeyBling/bootplus/issues/21", "refsource" : "", "tags" : [ ] }, { "url" : "https://github.com/JoeyBling/bootplus/issues/21#issue-2786893665", "name" : "https://github.com/JoeyBling/bootplus/issues/21#issue-2786893665", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.293227", "name" : "VDB-293227 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.293227", "name" : "VDB-293227 | JoeyBling bootplus list sql injection", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.480836", "name" : "Submit #480836 | JoeyBling bootplus 1.0 SQL Injection", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/sys/role/list. The manipulation of the argument sort leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "LOW", "baseScore" : 6.3, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 3.4 } }, "publishedDate" : "2025-01-24T16:15Z", "lastModifiedDate" : "2025-01-24T16:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0700", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" }, { "lang" : "en", "value" : "CWE-74" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/JoeyBling/bootplus/issues/22", "name" : "https://github.com/JoeyBling/bootplus/issues/22", "refsource" : "", "tags" : [ ] }, { "url" : "https://github.com/JoeyBling/bootplus/issues/22#issue-2786899884", "name" : "https://github.com/JoeyBling/bootplus/issues/22#issue-2786899884", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.293228", "name" : "VDB-293228 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.293228", "name" : "VDB-293228 | JoeyBling bootplus list sql injection", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.480838", "name" : "Submit #480838 | JoeyBling bootplus 1.0 SQL Injection", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/sys/log/list. The manipulation of the argument logId leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "LOW", "baseScore" : 6.3, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 3.4 } }, "publishedDate" : "2025-01-24T17:15Z", "lastModifiedDate" : "2025-01-24T17:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0701", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" }, { "lang" : "en", "value" : "CWE-74" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/JoeyBling/bootplus/issues/23", "name" : "https://github.com/JoeyBling/bootplus/issues/23", "refsource" : "", "tags" : [ ] }, { "url" : "https://github.com/JoeyBling/bootplus/issues/23#issue-2786909921", "name" : "https://github.com/JoeyBling/bootplus/issues/23#issue-2786909921", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.293229", "name" : "VDB-293229 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.293229", "name" : "VDB-293229 | JoeyBling bootplus list sql injection", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.480839", "name" : "Submit #480839 | JoeyBling bootplus 1.0 SQL Injection", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as critical has been found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. This affects an unknown part of the file /admin/sys/user/list. The manipulation of the argument sort leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "LOW", "baseScore" : 6.3, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 3.4 } }, "publishedDate" : "2025-01-24T17:15Z", "lastModifiedDate" : "2025-01-24T17:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0702", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-284" }, { "lang" : "en", "value" : "CWE-434" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/JoeyBling/bootplus/issues/24", "name" : "https://github.com/JoeyBling/bootplus/issues/24", "refsource" : "", "tags" : [ ] }, { "url" : "https://github.com/JoeyBling/bootplus/issues/24#issue-2786919432", "name" : "https://github.com/JoeyBling/bootplus/issues/24#issue-2786919432", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.293230", "name" : "VDB-293230 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.293230", "name" : "VDB-293230 | JoeyBling bootplus SysFileController.java unrestricted upload", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.480841", "name" : "Submit #480841 | JoeyBling bootplus 1.0 upload any file", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as critical was found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. This vulnerability affects unknown code of the file src/main/java/io/github/controller/SysFileController.java. The manipulation of the argument portraitFile leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "LOW", "baseScore" : 6.3, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 3.4 } }, "publishedDate" : "2025-01-24T18:15Z", "lastModifiedDate" : "2025-01-24T18:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0703", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-22" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/JoeyBling/bootplus/issues/25", "name" : "https://github.com/JoeyBling/bootplus/issues/25", "refsource" : "", "tags" : [ ] }, { "url" : "https://github.com/JoeyBling/bootplus/issues/25#issue-2786928618", "name" : "https://github.com/JoeyBling/bootplus/issues/25#issue-2786928618", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.293231", "name" : "VDB-293231 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.293231", "name" : "VDB-293231 | JoeyBling bootplus SysFileController.java path traversal", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.480842", "name" : "Submit #480842 | JoeyBling bootplus 1.0 any file download available", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as problematic, has been found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. This issue affects some unknown processing of the file src/main/java/io/github/controller/SysFileController.java. The manipulation of the argument name leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 4.3, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 1.4 } }, "publishedDate" : "2025-01-24T19:15Z", "lastModifiedDate" : "2025-01-24T19:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0704", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-404" }, { "lang" : "en", "value" : "CWE-400" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/JoeyBling/bootplus/issues/26", "name" : "https://github.com/JoeyBling/bootplus/issues/26", "refsource" : "", "tags" : [ ] }, { "url" : "https://github.com/JoeyBling/bootplus/issues/26#issue-2786934642", "name" : "https://github.com/JoeyBling/bootplus/issues/26#issue-2786934642", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.293232", "name" : "VDB-293232 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.293232", "name" : "VDB-293232 | JoeyBling bootplus QrCodeController.java qrCode resource consumption", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.480843", "name" : "Submit #480843 | JoeyBling bootplus 1.0 DDOS", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as problematic, was found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. Affected is the function qrCode of the file src/main/java/io/github/controller/QrCodeController.java. The manipulation of the argument w/h leads to resource consumption. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "NONE", "availabilityImpact" : "LOW", "baseScore" : 5.3, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 3.9, "impactScore" : 1.4 } }, "publishedDate" : "2025-01-24T19:15Z", "lastModifiedDate" : "2025-01-24T19:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0705", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-601" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/JoeyBling/bootplus/issues/27", "name" : "https://github.com/JoeyBling/bootplus/issues/27", "refsource" : "", "tags" : [ ] }, { "url" : "https://github.com/JoeyBling/bootplus/issues/27#issue-2786941847", "name" : "https://github.com/JoeyBling/bootplus/issues/27#issue-2786941847", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.293233", "name" : "VDB-293233 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.293233", "name" : "VDB-293233 | JoeyBling bootplus QrCodeController.java qrCode redirect", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.480844", "name" : "Submit #480844 | JoeyBling bootplus 1.0 URL redirection", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability has been found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d and classified as problematic. Affected by this vulnerability is the function qrCode of the file src/main/java/io/github/controller/QrCodeController.java. The manipulation of the argument text leads to open redirect. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "REQUIRED", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 4.3, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 1.4 } }, "publishedDate" : "2025-01-24T19:15Z", "lastModifiedDate" : "2025-01-24T19:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0706", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" }, { "lang" : "en", "value" : "CWE-94" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/JoeyBling/bootplus/issues/28", "name" : "https://github.com/JoeyBling/bootplus/issues/28", "refsource" : "", "tags" : [ ] }, { "url" : "https://github.com/JoeyBling/bootplus/issues/28", "name" : "https://github.com/JoeyBling/bootplus/issues/28", "refsource" : "", "tags" : [ ] }, { "url" : "https://github.com/JoeyBling/bootplus/issues/28#issue-2786945699", "name" : "https://github.com/JoeyBling/bootplus/issues/28#issue-2786945699", "refsource" : "", "tags" : [ ] }, { "url" : "https://github.com/JoeyBling/bootplus/issues/28#issue-2786945699", "name" : "https://github.com/JoeyBling/bootplus/issues/28#issue-2786945699", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.293234", "name" : "VDB-293234 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.293234", "name" : "VDB-293234 | JoeyBling bootplus admin.html cross site scripting", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.480845", "name" : "Submit #480845 | JoeyBling bootplus 1.0 XSS", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/sys/admin.html. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "HIGH", "userInteraction" : "REQUIRED", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 2.4, "baseSeverity" : "LOW" }, "exploitabilityScore" : 0.9, "impactScore" : 1.4 } }, "publishedDate" : "2025-01-24T20:15Z", "lastModifiedDate" : "2025-01-24T20:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0707", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-426" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://vuldb.com/?ctiid.293235", "name" : "VDB-293235 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.293235", "name" : "VDB-293235 | Rise Group Rise Mode Temp CPU Startup CRYPTBASE.dll untrusted search path", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.481088", "name" : "Submit #481088 | Rise Group Rise Mode Temp CPU 2.1 OS Command Injection", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in Rise Group Rise Mode Temp CPU 2.1. It has been classified as critical. This affects an unknown part in the library CRYPTBASE.dll of the component Startup. The manipulation leads to untrusted search path. The attack needs to be approached locally." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "LOCAL", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 7.8, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 1.8, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-24T20:15Z", "lastModifiedDate" : "2025-01-24T20:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0708", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" }, { "lang" : "en", "value" : "CWE-94" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://gitee.com/fumiao/opencms/issues/IBI2XM", "name" : "https://gitee.com/fumiao/opencms/issues/IBI2XM", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.293236", "name" : "VDB-293236 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.293236", "name" : "VDB-293236 | fumiao opencms Add Model Management Page addOrUpdate cross site scripting", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.482662", "name" : "Submit #482662 | opencms CMS 2.2 XSS", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in fumiao opencms 2.2. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/model/addOrUpdate of the component Add Model Management Page. The manipulation of the argument ???? leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "REQUIRED", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 3.5, "baseSeverity" : "LOW" }, "exploitabilityScore" : 2.1, "impactScore" : 1.4 } }, "publishedDate" : "2025-01-24T20:15Z", "lastModifiedDate" : "2025-01-24T20:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0709", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" }, { "lang" : "en", "value" : "CWE-94" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/taynes-llllzt/taynes/issues/7", "name" : "https://github.com/taynes-llllzt/taynes/issues/7", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://github.com/taynes-llllzt/taynes/issues/7#issue-2792259251", "name" : "https://github.com/taynes-llllzt/taynes/issues/7#issue-2792259251", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.293237", "name" : "VDB-293237 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.293237", "name" : "VDB-293237 | Dcat-Admin Roles Page roles cross site scripting", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.483364", "name" : "Submit #483364 | Dcat Dcat-Admin v2.2.1-beta stored xss", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in Dcat-Admin 2.2.1-beta. It has been rated as problematic. This issue affects some unknown processing of the file /admin/auth/roles of the component Roles Page. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:dcatadmin:dcat_admin:2.2.1:beta:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "HIGH", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 4.8, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 1.7, "impactScore" : 2.7 } }, "publishedDate" : "2025-01-24T21:15Z", "lastModifiedDate" : "2025-05-07T20:03Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0710", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/anamika126/Stackofvulnerabilities/blob/main/Stored%20Cross%20Site%20Scripting%20-%20Notice%20Board.pdf", "name" : "https://github.com/anamika126/Stackofvulnerabilities/blob/main/Stored%20Cross%20Site%20Scripting%20-%20Notice%20Board.pdf", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://vuldb.com/?ctiid.293238", "name" : "VDB-293238 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.293238", "name" : "VDB-293238 | CampCodes School Management Software Notice Board Page notice-list cross site scripting", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.484934", "name" : "Submit #484934 | CampCodes School Management Software 1.0 Stored Cross Site Scripting Vulnerability (XSS)", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://www.campcodes.com/", "name" : "https://www.campcodes.com/", "refsource" : "", "tags" : [ "Product" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as problematic has been found in CampCodes School Management Software 1.0. Affected is an unknown function of the file /notice-list of the component Notice Board Page. The manipulation of the argument Notice leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:campcodes:school_management_software:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 5.4, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.3, "impactScore" : 2.7 } }, "publishedDate" : "2025-01-24T21:15Z", "lastModifiedDate" : "2025-02-21T21:35Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0712", "ASSIGNER" : "security@elastic.co" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://discuss.elastic.co/t/beats-windows-installer-9-1-0-security-update-esa-2025-12/380558", "name" : "https://discuss.elastic.co/t/beats-windows-installer-9-1-0-security-update-esa-2025-12/380558", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE) via Insecure Directory Permissions. The vulnerability arises from improper handling of directory permissions. An attacker with local access may exploit this flaw to move and delete arbitrary files, potentially gaining SYSTEM privileges." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-07-30T01:15Z", "lastModifiedDate" : "2025-07-30T01:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0714", "ASSIGNER" : "cve-request@cirosec.de" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.cirosec.de/sa/sa-2024-012", "name" : "https://www.cirosec.de/sa/sa-2024-012", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The vulnerability exists in the password storage of Mobateks MobaXterm in versions below 25.0. MobaXTerm uses an initialisation vector (IV) consisting only of zero bytes and a master key to encrypt each password individually. In the default configuration, on opening MobaXTerm, the user is prompted for their password. A derivative of the password is used as the master key. As both the master key and the IV are the same for each stored password, the AES CFB ciphertext depends only on the plaintext (the password). The static IV and master key make it easier to obtain sensitive information and to decrypt data when it is stored at rest." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-02-17T12:15Z", "lastModifiedDate" : "2025-02-19T09:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0716", "ASSIGNER" : "disclosures@herodevs.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://codepen.io/herodevs/pen/qEWQmpd/a86a0d29310e12c7a3756768e6c7b915", "name" : "https://codepen.io/herodevs/pen/qEWQmpd/a86a0d29310e12c7a3756768e6c7b915", "refsource" : "", "tags" : [ ] }, { "url" : "https://codepen.io/herodevs/pen/qEWQmpd/a86a0d29310e12c7a3756768e6c7b915", "name" : "https://codepen.io/herodevs/pen/qEWQmpd/a86a0d29310e12c7a3756768e6c7b915", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.herodevs.com/vulnerability-directory/cve-2025-0716", "name" : "https://www.herodevs.com/vulnerability-directory/cve-2025-0716", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.herodevs.com/vulnerability-directory/cve-2025-0716", "name" : "https://www.herodevs.com/vulnerability-directory/cve-2025-0716", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "Improper sanitization of the value of the 'href' and 'xlink:href' attributes in '' SVG elements in AngularJS allows attackers to bypass common image source restrictions. This can lead to a form of Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing  and also negatively affect the application's performance and behavior by using too large or slow-to-load images.\n\nThis issue affects all versions of AngularJS.\n\nNote:\nThe AngularJS project is End-of-Life and will not receive any updates to address this issue. For more information see here https://docs.angularjs.org/misc/version-support-status ." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-04-29T17:15Z", "lastModifiedDate" : "2025-05-02T13:53Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0717", "ASSIGNER" : "contact@wpscan.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://wpscan.com/vulnerability/31f734fc-d474-46b3-98eb-04761cab8878/", "name" : "https://wpscan.com/vulnerability/31f734fc-d474-46b3-98eb-04761cab8878/", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "To exploit the vulnerability, it is necessary:" } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-03-25T06:15Z", "lastModifiedDate" : "2025-03-25T15:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0718", "ASSIGNER" : "contact@wpscan.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://wpscan.com/vulnerability/69ddd8eb-33f1-49cf-9428-3d89262b1887/", "name" : "https://wpscan.com/vulnerability/69ddd8eb-33f1-49cf-9428-3d89262b1887/", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://wpscan.com/vulnerability/69ddd8eb-33f1-49cf-9428-3d89262b1887/", "name" : "https://wpscan.com/vulnerability/69ddd8eb-33f1-49cf-9428-3d89262b1887/", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The Nested Pages WordPress plugin before 3.2.13 does not sanitise and escape some of its settings, which could allow high privilege users such as contributors to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:kylephillips:nested_pages:*:*:*:*:*:wordpress:*:*", "versionEndExcluding" : "3.2.13", "cpe_name" : [ ] } ] } ] }, "impact" : { }, "publishedDate" : "2025-03-23T06:15Z", "lastModifiedDate" : "2025-04-02T14:09Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0719", "ASSIGNER" : "psirt@us.ibm.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.ibm.com/support/pages/node/7184173", "name" : "https://www.ibm.com/support/pages/node/7184173", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "IBM Cloud Pak for Data 4.0.0 through 4.8.5 and 5.0.0 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:cloud_pak_for_data:5.0:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ibm:cloud_pak_for_data:*:*:*:*:*:*:*:*", "versionStartIncluding" : "4.0", "versionEndIncluding" : "4.8.5", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 6.1, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 2.7 } }, "publishedDate" : "2025-02-26T14:15Z", "lastModifiedDate" : "2025-08-08T19:35Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0720", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-119" }, { "lang" : "en", "value" : "CWE-121" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://vuldb.com/?ctiid.293480", "name" : "VDB-293480 | CTI Indicators (IOB, IOC, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.293480", "name" : "VDB-293480 | Microword eScan Antivirus Folder Watch List rtscanner removeExtraSlashes stack-based overflow", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.482371", "name" : "Submit #482371 | Microword Escan Antivirus For Linux 7.0.32 Stack-based Buffer Overflow", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in Microword eScan Antivirus 7.0.32 on Linux. It has been rated as problematic. Affected by this issue is the function removeExtraSlashes of the file /opt/MicroWorld/sbin/rtscanner of the component Folder Watch List Handler. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "attackVector" : "LOCAL", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "NONE", "availabilityImpact" : "LOW", "baseScore" : 3.3, "baseSeverity" : "LOW" }, "exploitabilityScore" : 1.8, "impactScore" : 1.4 } }, "publishedDate" : "2025-01-26T23:15Z", "lastModifiedDate" : "2025-01-26T23:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0721", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://vuldb.com/?ctiid.293481", "name" : "VDB-293481 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.293481", "name" : "VDB-293481 | needyamin image_gallery view.php cross site scripting", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.482812", "name" : "Submit #482812 | needyamin image_gallery 1.0 Cross Site Scripting", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://www.websecurityinsights.my.id/2025/01/imagegallery-viewphpusername-cross-site.html", "name" : "https://www.websecurityinsights.my.id/2025/01/imagegallery-viewphpusername-cross-site.html", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as problematic has been found in needyamin image_gallery 1.0. This affects the function image_gallery of the file /view.php. The manipulation of the argument Username leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:needyamin:image_gallery_management_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "REQUIRED", "scope" : "CHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 6.1, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 2.7 } }, "publishedDate" : "2025-01-27T00:15Z", "lastModifiedDate" : "2025-04-16T12:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0722", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-434" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://vuldb.com/?ctiid.293482", "name" : "VDB-293482 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.293482", "name" : "VDB-293482 | needyamin image_gallery Cover Image gallery.php unrestricted upload", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.482822", "name" : "Submit #482822 | needyamin image_gallery 1.0 Cross Site Scripting", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://www.websecurityinsights.my.id/2025/01/imagegallery-add-gallery.html", "name" : "https://www.websecurityinsights.my.id/2025/01/imagegallery-add-gallery.html", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as critical was found in needyamin image_gallery 1.0. This vulnerability affects unknown code of the file /admin/gallery.php of the component Cover Image Handler. The manipulation of the argument image leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:needyamin:image_gallery_management_system:1.0:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "HIGH", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 7.2, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 1.2, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-27T00:15Z", "lastModifiedDate" : "2025-02-25T20:12Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0723", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-89" }, { "lang" : "en", "value" : "CWE-89" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://plugins.trac.wordpress.org/browser/profilegrid-user-profiles-groups-and-communities/tags/5.9.4.2/includes/class-profile-magic-chat-system.php#L39", "name" : "https://plugins.trac.wordpress.org/browser/profilegrid-user-profiles-groups-and-communities/tags/5.9.4.2/includes/class-profile-magic-chat-system.php#L39", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://plugins.trac.wordpress.org/browser/profilegrid-user-profiles-groups-and-communities/tags/5.9.4.2/includes/class-profile-magic-request.php#L2379", "name" : "https://plugins.trac.wordpress.org/browser/profilegrid-user-profiles-groups-and-communities/tags/5.9.4.2/includes/class-profile-magic-request.php#L2379", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/140fa6e8-4381-4df2-af62-44d40b116daf?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/140fa6e8-4381-4df2-af62-44d40b116daf?source=cve", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to blind and time-based SQL Injections via the rid and search parameters in all versions up to, and including, 5.9.4.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:metagauss:profilegrid:*:*:*:*:*:wordpress:*:*", "versionEndExcluding" : "5.9.4.8", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 6.5, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 3.6 } }, "publishedDate" : "2025-03-22T05:15Z", "lastModifiedDate" : "2025-03-27T00:47Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0724", "ASSIGNER" : "cve-request@wordfence.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-502" }, { "lang" : "en", "value" : "CWE-502" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://plugins.trac.wordpress.org/browser/profilegrid-user-profiles-groups-and-communities/tags/5.9.4.2/includes/class-profile-magic-html-generator.php#L259", "name" : "https://plugins.trac.wordpress.org/browser/profilegrid-user-profiles-groups-and-communities/tags/5.9.4.2/includes/class-profile-magic-html-generator.php#L259", "refsource" : "", "tags" : [ "Product" ] }, { "url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/6bb1de69-7bc2-4785-9789-0a2d1cf35b9b?source=cve", "name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/6bb1de69-7bc2-4785-9789-0a2d1cf35b9b?source=cve", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 5.9.4.5 via deserialization of untrusted input in the get_user_meta_fields_html function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:metagauss:profilegrid:*:*:*:*:*:wordpress:*:*", "versionEndExcluding" : "5.9.4.6", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 8.8, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 2.8, "impactScore" : 5.9 } }, "publishedDate" : "2025-03-22T05:15Z", "lastModifiedDate" : "2025-03-27T00:43Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0725", "ASSIGNER" : "cve@curl.se" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-120" } ] } ] }, "references" : { "reference_data" : [ { "url" : "http://www.openwall.com/lists/oss-security/2025/02/05/3", "name" : "http://www.openwall.com/lists/oss-security/2025/02/05/3", "refsource" : "", "tags" : [ "Mailing List" ] }, { "url" : "http://www.openwall.com/lists/oss-security/2025/02/06/2", "name" : "http://www.openwall.com/lists/oss-security/2025/02/06/2", "refsource" : "", "tags" : [ "Mailing List" ] }, { "url" : "http://www.openwall.com/lists/oss-security/2025/02/06/4", "name" : "http://www.openwall.com/lists/oss-security/2025/02/06/4", "refsource" : "", "tags" : [ "Mailing List" ] }, { "url" : "https://curl.se/docs/CVE-2025-0725.html", "name" : "www", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://curl.se/docs/CVE-2025-0725.json", "name" : "json", "refsource" : "", "tags" : [ "Vendor Advisory" ] }, { "url" : "https://github.com/curl/curl/commit/76f83f0db23846e254d940ec7", "name" : "https://github.com/curl/curl/commit/76f83f0db23846e254d940ec7", "refsource" : "", "tags" : [ "Patch" ] }, { "url" : "https://hackerone.com/reports/2956023", "name" : "issue", "refsource" : "", "tags" : [ "Exploit", "Issue Tracking" ] }, { "url" : "https://security.netapp.com/advisory/ntap-20250306-0009/", "name" : "https://security.netapp.com/advisory/ntap-20250306-0009/", "refsource" : "", "tags" : [ "Third Party Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "When libcurl is asked to perform automatic gzip decompression of\ncontent-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option,\n**using zlib 1.2.0.3 or older**, an attacker-controlled integer overflow would\nmake libcurl perform a buffer overflow." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:netapp:hci_baseboard_management_controller:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] }, { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:netapp:hci_h610s_firmware:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:h:netapp:hci_h610s:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] }, { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:netapp:hci_h610c_firmware:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:h:netapp:hci_h610c:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] }, { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:netapp:hci_h615c_firmware:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:h:netapp:hci_h615c:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:netapp:solidfire_\\&_hci_management_node:-:*:*:*:*:*:*:*", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:netapp:solidfire_\\&_hci_storage_node:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] }, { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*", "versionStartIncluding" : "7.10.5", "versionEndExcluding" : "8.12.0", "cpe_name" : [ ] }, { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", "versionStartIncluding" : "7.10.5", "versionEndExcluding" : "8.12.0", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:a:zlib:zlib:*:*:*:*:*:*:*:*", "versionEndIncluding" : "1.2.0.3", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] } ] }, "impact" : { }, "publishedDate" : "2025-02-05T10:15Z", "lastModifiedDate" : "2025-06-27T19:24Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0726", "ASSIGNER" : "security@eclipse.org" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/eclipse-threadx/netxduo/commit/c78d650be7377aae1a8704bc0ce5cc6f9f189014", "name" : "https://github.com/eclipse-threadx/netxduo/commit/c78d650be7377aae1a8704bc0ce5cc6f9f189014", "refsource" : "", "tags" : [ "Patch" ] }, { "url" : "https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-pwf8-5q9w-m763", "name" : "https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-pwf8-5q9w-m763", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before \nversion 6.4.2, an attacker can cause a denial of service by specially \ncrafted packets. The core issue is missing closing of a file in case of \nan error condition, resulting in the 404 error for each further file \nrequest. Users can work-around the issue by disabling the PUT request \nsupport." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:eclipse:threadx_netx_duo:*:*:*:*:*:*:*:*", "versionEndExcluding" : "6.4.2", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "NONE", "availabilityImpact" : "HIGH", "baseScore" : 7.5, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 3.9, "impactScore" : 3.6 } }, "publishedDate" : "2025-02-21T08:15Z", "lastModifiedDate" : "2025-07-31T16:32Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0727", "ASSIGNER" : "security@eclipse.org" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/eclipse-threadx/netxduo/commit/c78d650be7377aae1a8704bc0ce5cc6f9f189014", "name" : "https://github.com/eclipse-threadx/netxduo/commit/c78d650be7377aae1a8704bc0ce5cc6f9f189014", "refsource" : "", "tags" : [ "Patch" ] }, { "url" : "https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-jf6x-9mgc-p72w", "name" : "https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-jf6x-9mgc-p72w", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before \nversion 6.4.2, an attacker can cause an integer underflow and a \nsubsequent denial of service by writing a very large file, by specially \ncrafted packets with Content-Length in one packet smaller than the data \nrequest size of the other packet. A possible workaround is to disable \nHTTP PUT support." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:eclipse:threadx_netx_duo:*:*:*:*:*:*:*:*", "versionEndExcluding" : "6.4.2", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "NONE", "availabilityImpact" : "HIGH", "baseScore" : 7.5, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 3.9, "impactScore" : 3.6 } }, "publishedDate" : "2025-02-21T09:15Z", "lastModifiedDate" : "2025-07-31T16:33Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0728", "ASSIGNER" : "security@eclipse.org" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/eclipse-threadx/netxduo/commit/c78d650be7377aae1a8704bc0ce5cc6f9f189014", "name" : "https://github.com/eclipse-threadx/netxduo/commit/c78d650be7377aae1a8704bc0ce5cc6f9f189014", "refsource" : "", "tags" : [ "Patch" ] }, { "url" : "https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-hqp7-4q26-6wqf", "name" : "https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-hqp7-4q26-6wqf", "refsource" : "", "tags" : [ "Vendor Advisory" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before \nversion 6.4.2, an attacker can cause an integer underflow and a \nsubsequent denial of service by writing a very large file, by specially \ncrafted packets with Content-Length smaller than the data request size. A\n possible workaround is to disable HTTP PUT support." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:eclipse:threadx_netx_duo:*:*:*:*:*:*:*:*", "versionEndExcluding" : "6.4.2", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "NONE", "availabilityImpact" : "HIGH", "baseScore" : 7.5, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 3.9, "impactScore" : 3.6 } }, "publishedDate" : "2025-02-21T09:15Z", "lastModifiedDate" : "2025-07-31T16:33Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0729", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-451" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/TheCyberDiver/Public-Disclosures-CVE-/blob/main/tp-link%20clickjacking.md", "name" : "https://github.com/TheCyberDiver/Public-Disclosures-CVE-/blob/main/tp-link%20clickjacking.md", "refsource" : "", "tags" : [ ] }, { "url" : "https://static.tp-link.com/upload/beta/2025/202501/20250124/TL-SG108E(UN)%206.0_1.0.0%20Build%2020250124%20Rel.54920(Beta)_up.zip", "name" : "https://static.tp-link.com/upload/beta/2025/202501/20250124/TL-SG108E(UN)%206.0_1.0.0%20Build%2020250124%20Rel.54920(Beta)_up.zip", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?ctiid.293507", "name" : "VDB-293507 | CTI Indicators (IOB, IOC, TTP)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.293507", "name" : "VDB-293507 | TP-Link TL-SG108E clickjacking", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.478451", "name" : "Submit #478451 | tp-link TL-SG108E 1.0.0 Build 20201208 Rel.40304 Clickjacking", "refsource" : "", "tags" : [ ] }, { "url" : "https://www.tp-link.com/", "name" : "https://www.tp-link.com/", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability was found in TP-Link TL-SG108E 1.0.0 Build 20201208 Rel. 40304. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to clickjacking. The attack may be initiated remotely. Upgrading to version 1.0.0 Build 20250124 Rel. 54920(Beta) is able to address this issue. It is recommended to upgrade the affected component. The vendor was contacted early. They reacted very professional and provided a pre-fix version for their customers." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "REQUIRED", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "LOW", "availabilityImpact" : "NONE", "baseScore" : 4.3, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 2.8, "impactScore" : 1.4 } }, "publishedDate" : "2025-01-27T17:15Z", "lastModifiedDate" : "2025-01-27T17:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0730", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-598" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://github.com/TheCyberDiver/Public-Disclosures-CVE-/blob/main/tp-link%20sensitive%20info%20in%20GET.md", "name" : "https://github.com/TheCyberDiver/Public-Disclosures-CVE-/blob/main/tp-link%20sensitive%20info%20in%20GET.md", "refsource" : "", "tags" : [ "Exploit", "Third Party Advisory" ] }, { "url" : "https://static.tp-link.com/upload/beta/2025/202501/20250124/TL-SG108E(UN)%206.0_1.0.0%20Build%2020250124%20Rel.54920(Beta)_up.zip", "name" : "https://static.tp-link.com/upload/beta/2025/202501/20250124/TL-SG108E(UN)%206.0_1.0.0%20Build%2020250124%20Rel.54920(Beta)_up.zip", "refsource" : "", "tags" : [ "Broken Link" ] }, { "url" : "https://vuldb.com/?ctiid.293508", "name" : "VDB-293508 | CTI Indicators (IOB, IOC, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.293508", "name" : "VDB-293508 | TP-Link TL-SG108E HTTP GET Request usr_account_set.cgi get request method with sensitive query strings", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.478465", "name" : "Submit #478465 | tp-link TL-SG108E 1.0.0 Build 20201208 Rel.40304 Use of GET Request Method With Sensitive Query Strings", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://www.tp-link.com/", "name" : "https://www.tp-link.com/", "refsource" : "", "tags" : [ "Product" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability classified as problematic has been found in TP-Link TL-SG108E 1.0.0 Build 20201208 Rel. 40304. Affected is an unknown function of the file /usr_account_set.cgi of the component HTTP GET Request Handler. The manipulation of the argument username/password leads to use of get request method with sensitive query strings. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.0 Build 20250124 Rel. 54920(Beta) is able to address this issue. It is recommended to upgrade the affected component. The vendor was contacted early. They reacted very professional and provided a pre-fix version for their customers." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "AND", "children" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:o:tp-link:tl-sg108e_firmware:1.0.0:build_20201208_rel_40304:*:*:*:*:*:*", "cpe_name" : [ ] } ] }, { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : false, "cpe23Uri" : "cpe:2.3:h:tp-link:tl-sg108e:-:*:*:*:*:*:*:*", "cpe_name" : [ ] } ] } ], "cpe_match" : [ ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "attackVector" : "NETWORK", "attackComplexity" : "HIGH", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "NONE", "availabilityImpact" : "NONE", "baseScore" : 3.7, "baseSeverity" : "LOW" }, "exploitabilityScore" : 2.2, "impactScore" : 1.4 } }, "publishedDate" : "2025-01-27T17:15Z", "lastModifiedDate" : "2025-07-16T00:57Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0731", "ASSIGNER" : "info@cert.vde.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-434" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://cert.vde.com/en/advisories/VDE-2025-012", "name" : "https://cert.vde.com/en/advisories/VDE-2025-012", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An unauthenticated remote attacker can upload a .aspx file instead of a PV system picture through the demo account. The code can only be executed in the security context of the user." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "NONE", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "NONE", "integrityImpact" : "LOW", "availabilityImpact" : "LOW", "baseScore" : 6.5, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 3.9, "impactScore" : 2.5 } }, "publishedDate" : "2025-02-26T13:15Z", "lastModifiedDate" : "2025-02-26T13:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0732", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-426" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://vuldb.com/?ctiid.293510", "name" : "VDB-293510 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.293510", "name" : "VDB-293510 | Discord profapi.dll untrusted search path", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.481209", "name" : "Submit #481209 | Discord stable 358789 (c70705e) OS Command Injection", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as problematic, has been found in Discord up to 1.0.9177 on Windows. Affected by this issue is some unknown functionality in the library profapi.dll. The manipulation leads to untrusted search path. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult. The vendor was contacted early about this disclosure but did not respond in any way." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "attackVector" : "LOCAL", "attackComplexity" : "HIGH", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "LOW", "baseScore" : 4.5, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 1.0, "impactScore" : 3.4 } }, "publishedDate" : "2025-01-27T18:15Z", "lastModifiedDate" : "2025-01-27T18:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0733", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-426" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://vuldb.com/?ctiid.293511", "name" : "VDB-293511 | CTI Indicators (IOB, IOC, TTP, IOA)", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?id.293511", "name" : "VDB-293511 | Postman profapi.dll untrusted search path", "refsource" : "", "tags" : [ ] }, { "url" : "https://vuldb.com/?submit.481185", "name" : "Submit #481185 | Postman Postman API platform v11.20 OS Command Injection", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability, which was classified as problematic, was found in Postman up to 11.20 on Windows. This affects an unknown part in the library profapi.dll. The manipulation leads to untrusted search path. An attack has to be approached locally. The complexity of an attack is rather high. The exploitability is told to be difficult. The vendor was contacted early about this disclosure but did not respond in any way." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "attackVector" : "LOCAL", "attackComplexity" : "HIGH", "privilegesRequired" : "LOW", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "LOW", "integrityImpact" : "LOW", "availabilityImpact" : "LOW", "baseScore" : 4.5, "baseSeverity" : "MEDIUM" }, "exploitabilityScore" : 1.0, "impactScore" : 3.4 } }, "publishedDate" : "2025-01-27T18:15Z", "lastModifiedDate" : "2025-01-27T18:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0734", "ASSIGNER" : "cna@vuldb.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-502" }, { "lang" : "en", "value" : "CWE-20" }, { "lang" : "en", "value" : "CWE-502" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://gist.github.com/GSBP0/3c1b0f9dbdd2a48b8f52330cfbbc279b", "name" : "https://gist.github.com/GSBP0/3c1b0f9dbdd2a48b8f52330cfbbc279b", "refsource" : "", "tags" : [ "Broken Link" ] }, { "url" : "https://vuldb.com/?ctiid.293512", "name" : "VDB-293512 | CTI Indicators (IOB, IOC, IOA)", "refsource" : "", "tags" : [ "Permissions Required", "VDB Entry" ] }, { "url" : "https://vuldb.com/?id.293512", "name" : "VDB-293512 | y_project RuoYi Whitelist getBeanName deserialization", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] }, { "url" : "https://vuldb.com/?submit.482823", "name" : "Submit #482823 | RuoYi <= 4.8.0 could bypass white list to RCE or Arbitrary code execution", "refsource" : "", "tags" : [ "Third Party Advisory", "VDB Entry" ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A vulnerability has been found in y_project RuoYi up to 4.8.0 and classified as critical. This vulnerability affects the function getBeanName of the component Whitelist. The manipulation leads to deserialization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ { "operator" : "OR", "children" : [ ], "cpe_match" : [ { "vulnerable" : true, "cpe23Uri" : "cpe:2.3:a:ruoyi:ruoyi:*:*:*:*:*:*:*:*", "versionEndIncluding" : "4.8.0", "cpe_name" : [ ] } ] } ] }, "impact" : { "baseMetricV3" : { "cvssV3" : { "version" : "3.1", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector" : "NETWORK", "attackComplexity" : "LOW", "privilegesRequired" : "HIGH", "userInteraction" : "NONE", "scope" : "UNCHANGED", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "availabilityImpact" : "HIGH", "baseScore" : 7.2, "baseSeverity" : "HIGH" }, "exploitabilityScore" : 1.2, "impactScore" : 5.9 } }, "publishedDate" : "2025-01-27T19:15Z", "lastModifiedDate" : "2025-05-13T20:47Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0736", "ASSIGNER" : "secalert@redhat.com" }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ { "url" : "https://access.redhat.com/errata/RHSA-2025:2663", "name" : "RHSA-2025:2663", "refsource" : "", "tags" : [ ] }, { "url" : "https://access.redhat.com/security/cve/CVE-2025-0736", "name" : "https://access.redhat.com/security/cve/CVE-2025-0736", "refsource" : "", "tags" : [ ] }, { "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2342233", "name" : "RHBZ#2342233", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A flaw was found in Infinispan, when using JGroups with JDBC_PING. This issue occurs when an application inadvertently exposes sensitive information, such as configuration details or credentials, through logging mechanisms. This exposure can lead to unauthorized access and exploitation by malicious actors." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-28T09:15Z", "lastModifiedDate" : "2025-03-12T04:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0739", "ASSIGNER" : "cve-coordination@incibe.es" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-284" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-embedai", "name" : "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-embedai", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This vulnerability allows an authenticated attacker to show subscription's information of others users by changing the \"SUSCBRIPTION_ID\" param of the endpoint \"/demos/embedai/subscriptions/show/\"." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-30T11:15Z", "lastModifiedDate" : "2025-01-30T11:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0740", "ASSIGNER" : "cve-coordination@incibe.es" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-284" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-embedai", "name" : "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-embedai", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An Improper Access Control vulnerability has been found in EmbedAI\n\n 2.1 and below. This vulnerability allows an authenticated attacker to obtain chat messages belonging to other users by changing the “CHAT_ID” of the endpoint \"/embedai/chats/load_messages?chat_id=\"." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-30T11:15Z", "lastModifiedDate" : "2025-01-30T11:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0741", "ASSIGNER" : "cve-coordination@incibe.es" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-284" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-embedai", "name" : "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-embedai", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An Improper Access Control vulnerability has been found in EmbedAI\n\n 2.1 and below. This vulnerability allows an authenticated attacker to write messages into other users chat by changing the parameter \"chat_id\" of the POST request \"/embedai/chats/send_message\"." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-30T11:15Z", "lastModifiedDate" : "2025-02-18T19:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0742", "ASSIGNER" : "cve-coordination@incibe.es" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-284" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-embedai", "name" : "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-embedai", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This vulnerability allows an authenticated attacker to obtain files stored by others users by changing the \"FILE_ID\" of the endpoint \"/embedai/files/show/\"." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-30T12:15Z", "lastModifiedDate" : "2025-02-18T19:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0743", "ASSIGNER" : "cve-coordination@incibe.es" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-284" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-embedai", "name" : "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-embedai", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This vulnerability allows an authenticated attacker to leverage the endpoint \"/embedai/visits/show/\" to obtain information about the visits made by other users. The information provided by this endpoint includes IP address, userAgent and location of the user that visited the web page." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-30T12:15Z", "lastModifiedDate" : "2025-02-18T19:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0744", "ASSIGNER" : "cve-coordination@incibe.es" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-284" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-embedai", "name" : "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-embedai", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "an Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This vulnerability allows an authenticated attacker change his subscription plan without paying by making a POST request changing the parameters of the \"/demos/embedai/pmt_cash_on_delivery/pay\" endpoint." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-30T12:15Z", "lastModifiedDate" : "2025-02-18T19:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0745", "ASSIGNER" : "cve-coordination@incibe.es" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-284" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-embedai", "name" : "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-embedai", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This vulnerability allows an authenticated attacker to obtain the backups of the database by requesting the \"/embedai/app/uploads/database/\" endpoint." } ] } }, "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact" : { }, "publishedDate" : "2025-01-30T12:15Z", "lastModifiedDate" : "2025-02-18T19:15Z" }, { "cve" : { "data_type" : "CVE", "data_format" : "MITRE", "data_version" : "4.0", "CVE_data_meta" : { "ID" : "CVE-2025-0746", "ASSIGNER" : "cve-coordination@incibe.es" }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "en", "value" : "CWE-79" } ] } ] }, "references" : { "reference_data" : [ { "url" : "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-embedai", "name" : "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-embedai", "refsource" : "", "tags" : [ ] } ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : "A Reflected Cross-Site Scripting vulnerability has been found in EmbedAI 2.1 and below. This vulnerability allows an authenticated attacker to craft a malicious URL leveraging the\"/embedai/users/show/