Update Thu Apr 18 18:05:39 UTC 2024

2002/CVE-2002-0241.md

@@ -0,0 +1,17 @@
+### [CVE-2002-0241](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0241)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+NDSAuth.DLL in Cisco Secure Authentication Control Server (ACS) 3.0.1 does not check the Expired or Disabled state of users in the Novell Directory Services (NDS), which could allow those users to authenticate to the server.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/ciscosecure-acs-nds-authentication-vuln-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+

2006/CVE-2006-6870.md

@@ -0,0 +1,17 @@
+### [CVE-2006-6870](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6870)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The consume_labels function in avahi-core/dns.c in Avahi before 0.6.16 allows remote attackers to cause a denial of service (infinite loop) via a crafted compressed DNS response with a label that points to itself.
+
+### POC
+
+#### Reference
+- http://www.ubuntu.com/usn/usn-402-1
+
+#### Github
+No PoCs found on GitHub currently.
+

2013/CVE-2013-1640.md

@@ -0,0 +1,17 @@
+### [CVE-2013-1640](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1640)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The (1) template and (2) inline_template functions in the master server in Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2 allows remote authenticated users to execute arbitrary code via a crafted catalog request.
+
+### POC
+
+#### Reference
+- http://ubuntu.com/usn/usn-1759-1
+
+#### Github
+No PoCs found on GitHub currently.
+

2013/CVE-2013-1652.md

@@ -0,0 +1,17 @@
+### [CVE-2013-1652](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1652)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2 allows remote authenticated users with a valid certificate and private key to read arbitrary catalogs or poison the master's cache via unspecified vectors.
+
+### POC
+
+#### Reference
+- http://ubuntu.com/usn/usn-1759-1
+
+#### Github
+No PoCs found on GitHub currently.
+

2013/CVE-2013-1653.md

@@ -0,0 +1,17 @@
+### [CVE-2013-1653](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1653)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2, when listening for incoming connections is enabled and allowing access to the "run" REST endpoint is allowed, allows remote authenticated users to execute arbitrary code via a crafted HTTP request.
+
+### POC
+
+#### Reference
+- http://ubuntu.com/usn/usn-1759-1
+
+#### Github
+No PoCs found on GitHub currently.
+

2013/CVE-2013-1654.md

@@ -0,0 +1,17 @@
+### [CVE-2013-1654](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1654)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, and Puppet Enterprise 2.7.x before 2.7.2, does not properly negotiate the SSL protocol between client and master, which allows remote attackers to conduct SSLv2 downgrade attacks against SSLv3 sessions via unspecified vectors.
+
+### POC
+
+#### Reference
+- http://ubuntu.com/usn/usn-1759-1
+
+#### Github
+No PoCs found on GitHub currently.
+

2013/CVE-2013-1655.md

@@ -0,0 +1,17 @@
+### [CVE-2013-1655](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1655)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, when running Ruby 1.9.3 or later, allows remote attackers to execute arbitrary code via vectors related to "serialized attributes."
+
+### POC
+
+#### Reference
+- http://ubuntu.com/usn/usn-1759-1
+
+#### Github
+No PoCs found on GitHub currently.
+

2013/CVE-2013-2275.md

@@ -0,0 +1,17 @@
+### [CVE-2013-2275](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2275)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The default configuration for puppet masters 0.25.0 and later in Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2, allows remote authenticated nodes to submit reports for other nodes via unspecified vectors.
+
+### POC
+
+#### Reference
+- http://ubuntu.com/usn/usn-1759-1
+
+#### Github
+No PoCs found on GitHub currently.
+

2019/CVE-2019-15052.md

@@ -0,0 +1,17 @@
+### [CVE-2019-15052](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15052)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The HTTP client in Gradle before 5.6 sends authentication credentials originally destined for the configured host. If that host returns a 30x redirect, Gradle also sends those credentials to all subsequent hosts that the request redirects to. This is similar to CVE-2018-1000007.
+
+### POC
+
+#### Reference
+- https://github.com/gradle/gradle/pull/10176
+
+#### Github
+No PoCs found on GitHub currently.
+

2019/CVE-2019-6163.md

@@ -0,0 +1,17 @@
+### [CVE-2019-6163](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6163)
+![](https://img.shields.io/static/v1?label=Product&message=System%20Update&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=privilege%20escalation&color=brighgreen)
+
+### Description
+
+A denial of service vulnerability was reported in Lenovo System Update before version 5.07.0084 that could allow service log files to be written to non-standard locations.
+
+### POC
+
+#### Reference
+- https://support.lenovo.com/solutions/LEN-27348
+
+#### Github
+No PoCs found on GitHub currently.
+

2020/CVE-2020-13404.md

@@ -10,6 +10,7 @@ The ATOS/Sips (aka Atos-Magento) community module 3.0.0 to 3.0.5 for Magento all
 ### POC
 
 #### Reference
+- https://github.com/quadra-informatique/Atos-Magento/releases
 - https://sysdream.com/news/lab/
 - https://sysdream.com/news/lab/2020-06-09-cve-2020-13404-remote-system-command-injection-in-atos-magento-module/
 

2024/CVE-2024-1676.md

@@ -10,7 +10,7 @@ Inappropriate implementation in Navigation in Google Chrome prior to 122.0.6261.
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://issues.chromium.org/issues/40944847
 
 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds

2024/CVE-2024-3446.md

@@ -11,7 +11,7 @@
 
 ### Description
 
-A double free vulnerability was found in QEMU virtio devices (virtio-gpu, virtio-serial-bus, virtio-crypto), where the mem_reentrancy_guard flag insufficiently protects against DMA reentrancy issues. This issue could allow a malicious privileged guest to crash the QEMU process on the host, resulting in a denial of service or allow arbitrary code execution within the context of the QEMU process on the host.
+A double free vulnerability was found in QEMU virtio devices (virtio-gpu, virtio-serial-bus, virtio-crypto), where the mem_reentrancy_guard flag insufficiently protects against DMA reentrancy issues. This issue could allow a malicious privileged guest user to crash the QEMU process on the host, resulting in a denial of service or allow arbitrary code execution within the context of the QEMU process on the host.
 
 ### POC
 

2024/CVE-2024-3932.md

@@ -0,0 +1,17 @@
+### [CVE-2024-3932](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3932)
+![](https://img.shields.io/static/v1?label=Product&message=LMS&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%2018.0.1%20Build%2020231128.01%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-352%20Cross-Site%20Request%20Forgery&color=brighgreen)
+
+### Description
+
+A vulnerability classified as problematic has been found in Totara LMS 18.0.1 Build 20231128.01. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-261369 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
+
+### POC
+
+#### Reference
+- https://vuldb.com/?submit.314381
+
+#### Github
+No PoCs found on GitHub currently.
+

references.txt

@@ -163,6 +163,7 @@ CVE-2002-0193 - https://oval.cisecurity.org/repository/search/definition/oval%3A
 CVE-2002-0200 - http://marc.info/?l=bugtraq&m=101174569103289&w=2
 CVE-2002-0201 - http://marc.info/?l=bugtraq&m=101174569103289&w=2
 CVE-2002-0231 - http://marc.info/?l=bugtraq&m=101286747013955&w=2
+CVE-2002-0241 - http://www.cisco.com/warp/public/707/ciscosecure-acs-nds-authentication-vuln-pub.shtml
 CVE-2002-0244 - http://marc.info/?l=bugtraq&m=101310622531303&w=2
 CVE-2002-0252 - https://www.exploit-db.com/exploits/4673
 CVE-2002-0283 - http://marc.info/?l=bugtraq&m=101408718030099&w=2
@@ -5556,6 +5557,7 @@ CVE-2006-6865 - https://www.exploit-db.com/exploits/3046
 CVE-2006-6866 - https://www.exploit-db.com/exploits/3039
 CVE-2006-6867 - https://www.exploit-db.com/exploits/3059
 CVE-2006-6869 - https://www.exploit-db.com/exploits/3057
+CVE-2006-6870 - http://www.ubuntu.com/usn/usn-402-1
 CVE-2006-6871 - https://www.exploit-db.com/exploits/3004
 CVE-2006-6872 - https://www.exploit-db.com/exploits/3004
 CVE-2006-6873 - https://www.exploit-db.com/exploits/3004
@@ -22653,8 +22655,13 @@ CVE-2013-1630 - https://github.com/mardiros/pyshop/blob/master/CHANGES.txt
 CVE-2013-1633 - http://www.reddit.com/r/Python/comments/17rfh7/warning_dont_use_pip_in_an_untrusted_network_a/
 CVE-2013-1636 - http://packetstormsecurity.com/files/120433/WordPress-Pretty-Link-1.6.3-Cross-Site-Scripting.html
 CVE-2013-1636 - http://packetstormsecurity.com/files/121623/Joomla-Jnews-8.0.1-Cross-Site-Scripting.html
+CVE-2013-1640 - http://ubuntu.com/usn/usn-1759-1
 CVE-2013-1641 - https://www3.trustwave.com/spiderlabs/advisories/TWSL2013-030.txt
 CVE-2013-1642 - https://www3.trustwave.com/spiderlabs/advisories/TWSL2013-030.txt
+CVE-2013-1652 - http://ubuntu.com/usn/usn-1759-1
+CVE-2013-1653 - http://ubuntu.com/usn/usn-1759-1
+CVE-2013-1654 - http://ubuntu.com/usn/usn-1759-1
+CVE-2013-1655 - http://ubuntu.com/usn/usn-1759-1
 CVE-2013-1667 - http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
 CVE-2013-1668 - http://www.exploit-db.com/exploits/24629
 CVE-2013-1672 - https://bugzilla.mozilla.org/show_bug.cgi?id=850492
@@ -22857,6 +22864,7 @@ CVE-2013-2251 - http://tools.cisco.com/security/center/content/CiscoSecurityAdvi
 CVE-2013-2251 - http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
 CVE-2013-2270 - http://packetstormsecurity.com/files/120594/Airvana-HubBub-C1-600-RT-Cross-Site-Scripting.html
 CVE-2013-2271 - http://packetstormsecurity.com/files/120613/dlinkdsl2740b-bypass.txt
+CVE-2013-2275 - http://ubuntu.com/usn/usn-1759-1
 CVE-2013-2277 - http://www.ubuntu.com/usn/USN-1790-1
 CVE-2013-2294 - http://packetstormsecurity.com/files/120862/ViewGit-0.0.6-Cross-Site-Scripting.html
 CVE-2013-2294 - http://seclists.org/fulldisclosure/2013/Mar/174
@@ -56851,6 +56859,7 @@ CVE-2019-15048 - https://github.com/axiomatic-systems/bento4/issues/409
 CVE-2019-15049 - https://github.com/axiomatic-systems/bento4/issues/408
 CVE-2019-15050 - https://github.com/axiomatic-systems/bento4/issues/409
 CVE-2019-15051 - https://security.mioso.com/CVE-2019-15051-en.html
+CVE-2019-15052 - https://github.com/gradle/gradle/pull/10176
 CVE-2019-15053 - https://github.com/l0nax/CVE-2019-15053
 CVE-2019-15054 - https://startrekdude.github.io/mailbird.html
 CVE-2019-15055 - https://github.com/tenable/routeros/tree/master/poc/cve_2019_15055
@@ -60492,6 +60501,7 @@ CVE-2019-6132 - https://github.com/axiomatic-systems/Bento4/issues/357
 CVE-2019-6133 - https://usn.ubuntu.com/3901-1/
 CVE-2019-6145 - https://safebreach.com/Post/Forcepoint-VPN-Client-for-Windows-Unquoted-Search-Path-and-Potential-Abuses-CVE-2019-6145
 CVE-2019-6146 - http://packetstormsecurity.com/files/156274/Forcepoint-WebSecurity-8.5-Cross-Site-Scripting.html
+CVE-2019-6163 - https://support.lenovo.com/solutions/LEN-27348
 CVE-2019-6170 - https://support.lenovo.com/us/en/product_security/LEN-27714
 CVE-2019-6172 - https://support.lenovo.com/us/en/product_security/LEN-27714
 CVE-2019-6184 - https://support.lenovo.com/solutions/LEN-29289
@@ -63069,6 +63079,7 @@ CVE-2020-13396 - https://github.com/FreeRDP/FreeRDP/commit/48361c411e50826cb602c
 CVE-2020-13396 - https://usn.ubuntu.com/4379-1/
 CVE-2020-13397 - https://usn.ubuntu.com/4379-1/
 CVE-2020-13398 - https://usn.ubuntu.com/4379-1/
+CVE-2020-13404 - https://github.com/quadra-informatique/Atos-Magento/releases
 CVE-2020-13404 - https://sysdream.com/news/lab/
 CVE-2020-13404 - https://sysdream.com/news/lab/2020-06-09-cve-2020-13404-remote-system-command-injection-in-atos-magento-module/
 CVE-2020-13426 - https://0day.today/exploit/34496
@@ -92903,6 +92914,7 @@ CVE-2024-1660 - https://wpscan.com/vulnerability/5bd16f84-22bf-4170-b65c-08caf67
 CVE-2024-1661 - https://github.com/WoodManGitHub/MyCVEs/blob/main/2024-Totolink/X6000R-Hardcoded-Password.md
 CVE-2024-1664 - https://wpscan.com/vulnerability/fc3beca7-af38-4ab2-b05f-13b47d042b85/
 CVE-2024-1672 - https://issues.chromium.org/issues/41485789
+CVE-2024-1676 - https://issues.chromium.org/issues/40944847
 CVE-2024-1700 - https://github.com/omarexala/PHP-MYSQL-User-Login-System---Stored-XSS
 CVE-2024-1701 - https://github.com/omarexala/PHP-MYSQL-User-Login-System---Broken-Access-Control
 CVE-2024-1702 - https://github.com/omarexala/PHP-MYSQL-User-Login-System---SQL-Injection
@@ -93927,3 +93939,4 @@ CVE-2024-3660 - https://www.kb.cert.org/vuls/id/253266
 CVE-2024-3767 - https://github.com/BurakSevben/CVEs/blob/main/News%20Portal/News%20Portal%20-%20SQL%20Injection%20-%203.md
 CVE-2024-3875 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F/F1202/fromNatlimit.md
 CVE-2024-3877 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F/F1202/fromqossetting.md
+CVE-2024-3932 - https://vuldb.com/?submit.314381