-
Notifications
You must be signed in to change notification settings - Fork 794
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
c51bf53
commit 4aa8093
Showing
10 changed files
with
121 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
### [CVE-2016-6214](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6214) | ||
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) | ||
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) | ||
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) | ||
|
||
### Description | ||
|
||
gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file. | ||
|
||
### POC | ||
|
||
#### Reference | ||
- https://github.com/libgd/libgd/issues/247#issuecomment-232084241 | ||
|
||
#### Github | ||
No PoCs found on GitHub currently. | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
### [CVE-2021-45570](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45570) | ||
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) | ||
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) | ||
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) | ||
|
||
### Description | ||
|
||
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6. | ||
|
||
### POC | ||
|
||
#### Reference | ||
- https://kb.netgear.com/000064092/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0078 | ||
|
||
#### Github | ||
No PoCs found on GitHub currently. | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
### [CVE-2022-3730](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3730) | ||
![](https://img.shields.io/static/v1?label=Product&message=Ehoney&color=blue) | ||
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) | ||
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-707%20Improper%20Neutralization%20-%3E%20CWE-74%20Injection%20-%3E%20CWE-89%20SQL%20Injection&color=brighgreen) | ||
|
||
### Description | ||
|
||
A vulnerability, which was classified as critical, was found in seccome Ehoney. Affected is an unknown function of the file /api/v1/attack/falco. The manipulation of the argument Payload leads to sql injection. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-212412. | ||
|
||
### POC | ||
|
||
#### Reference | ||
- https://vuldb.com/?id.212412 | ||
|
||
#### Github | ||
No PoCs found on GitHub currently. | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
### [CVE-2024-23225](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23225) | ||
![](https://img.shields.io/static/v1?label=Product&message=iOS%20and%20iPadOS&color=blue) | ||
![](https://img.shields.io/static/v1?label=Version&message=unspecified%3C%2017.4%20&color=brighgreen) | ||
![](https://img.shields.io/static/v1?label=Vulnerability&message=An%20attacker%20with%20arbitrary%20kernel%20read%20and%20write%20capability%20may%20be%20able%20to%20bypass%20kernel%20memory%20protections.%20Apple%20is%20aware%20of%20a%20report%20that%20this%20issue%20may%20have%20been%20exploited.&color=brighgreen) | ||
|
||
### Description | ||
|
||
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited. | ||
|
||
### POC | ||
|
||
#### Reference | ||
No PoCs from references. | ||
|
||
#### Github | ||
- https://github.com/fkie-cad/nvd-json-data-feeds | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
### [CVE-2024-23296](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23296) | ||
![](https://img.shields.io/static/v1?label=Product&message=iOS%20and%20iPadOS&color=blue) | ||
![](https://img.shields.io/static/v1?label=Version&message=unspecified%3C%2017.4%20&color=brighgreen) | ||
![](https://img.shields.io/static/v1?label=Vulnerability&message=An%20attacker%20with%20arbitrary%20kernel%20read%20and%20write%20capability%20may%20be%20able%20to%20bypass%20kernel%20memory%20protections.%20Apple%20is%20aware%20of%20a%20report%20that%20this%20issue%20may%20have%20been%20exploited.&color=brighgreen) | ||
|
||
### Description | ||
|
||
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited. | ||
|
||
### POC | ||
|
||
#### Reference | ||
No PoCs from references. | ||
|
||
#### Github | ||
- https://github.com/fkie-cad/nvd-json-data-feeds | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters