Update Sat Apr 27 18:00:46 UTC 2024

2004/CVE-2004-0574.md

@@ -12,6 +12,7 @@ The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Serv
 #### Reference
 - http://marc.info/?l=bugtraq&m=109761632831563&w=2
 - https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-036
+- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4392
 
 #### Github
 No PoCs found on GitHub currently.

2017/CVE-2017-5856.md

@@ -0,0 +1,17 @@
+### [CVE-2017-5856](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5856)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20n%2Fa%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) via MegaRAID Firmware Interface (MFI) commands with the sglist size set to a value over 2 Gb.
+
+### POC
+
+#### Reference
+- https://bugzilla.redhat.com/show_bug.cgi?id=1418342
+
+#### Github
+No PoCs found on GitHub currently.
+

2021/CVE-2021-3808.md

@@ -0,0 +1,17 @@
+### [CVE-2021-3808](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3808)
+![](https://img.shields.io/static/v1?label=Product&message=HP%20PC%20BIOS&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20See%20HP%20Security%20Bulletin%20reference%20for%20affected%20versions.%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Potential security vulnerabilities have been identified in the BIOS (UEFI Firmware) for certain HP PC products, which might allow arbitrary code execution. HP is releasing firmware updates to mitigate these potential vulnerabilities.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Jolx77/TP3_SISTCOMP
+

2021/CVE-2021-3809.md

@@ -0,0 +1,17 @@
+### [CVE-2021-3809](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3809)
+![](https://img.shields.io/static/v1?label=Product&message=HP%20PC%20BIOS&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20See%20HP%20Security%20Bulletin%20reference%20for%20affected%20versions.%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Potential security vulnerabilities have been identified in the BIOS (UEFI Firmware) for certain HP PC products, which might allow arbitrary code execution. HP is releasing firmware updates to mitigate these potential vulnerabilities.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Jolx77/TP3_SISTCOMP
+

2022/CVE-2022-34598.md

@@ -17,5 +17,6 @@ No PoCs from references.
 - https://github.com/ilovekeer/IOT_Vul
 - https://github.com/wjlin0/poc-doc
 - https://github.com/wy876/POC
+- https://github.com/wy876/wiki
 - https://github.com/zhefox/IOT_Vul
 

2022/CVE-2022-36763.md

@@ -13,5 +13,6 @@ EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable() function, al
 No PoCs from references.
 
 #### Github
+- https://github.com/Jolx77/TP3_SISTCOMP
 - https://github.com/fkie-cad/nvd-json-data-feeds
 

2022/CVE-2022-36764.md

@@ -13,5 +13,6 @@ EDK2 is susceptible to a vulnerability in the Tcg2MeasurePeImage() function, all
 No PoCs from references.
 
 #### Github
+- https://github.com/Jolx77/TP3_SISTCOMP
 - https://github.com/fkie-cad/nvd-json-data-feeds
 

2022/CVE-2022-41741.md

@@ -18,4 +18,5 @@ No PoCs from references.
 
 #### Github
 - https://github.com/ARPSyndicate/cvemon
+- https://github.com/dumbbutt0/evilMP4
 

2024/CVE-2024-2258.md

@@ -0,0 +1,17 @@
+### [CVE-2024-2258](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2258)
+![](https://img.shields.io/static/v1?label=Product&message=Form%20Maker%20by%2010Web%20%E2%80%93%20Mobile-Friendly%20Drag%20%26%20Drop%20Contact%20Form%20Builder&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%201.15.24%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a user's display name autofilled into forms in all versions up to, and including, 1.15.24 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+

2024/CVE-2024-2389.md

@@ -21,4 +21,5 @@ No PoCs from references.
 - https://github.com/tanjiti/sec_profile
 - https://github.com/wjlin0/poc-doc
 - https://github.com/wy876/POC
+- https://github.com/wy876/wiki
 

2024/CVE-2024-25260.md

@@ -10,7 +10,7 @@ elfutils v0.189 was discovered to contain a NULL pointer dereference via the han
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://sourceware.org/bugzilla/show_bug.cgi?id=31058
 
 #### Github
 - https://github.com/fokypoky/places-list

2024/CVE-2024-25852.md

@@ -15,4 +15,5 @@ No PoCs from references.
 #### Github
 - https://github.com/wjlin0/poc-doc
 - https://github.com/wy876/POC
+- https://github.com/wy876/wiki
 

2024/CVE-2024-28255.md

@@ -20,4 +20,5 @@ OpenMetadata is a unified platform for discovery, observability, and governance
 - https://github.com/tanjiti/sec_profile
 - https://github.com/wjlin0/poc-doc
 - https://github.com/wy876/POC
+- https://github.com/wy876/wiki
 

2024/CVE-2024-2838.md

@@ -0,0 +1,17 @@
+### [CVE-2024-2838](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2838)
+![](https://img.shields.io/static/v1?label=Product&message=WPC%20Composite%20Products%20for%20WooCommerce&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%207.2.7%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+The WPC Composite Products for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wooco_components[0][name]' parameter in all versions up to, and including, 7.2.7 due to insufficient input sanitization and output escaping and missing authorization on the ajax_save_components function. This makes it possible for authenticated attackers, with subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+

2024/CVE-2024-2859.md

@@ -0,0 +1,17 @@
+### [CVE-2024-2859](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2859)
+![](https://img.shields.io/static/v1?label=Product&message=Brocade%20SANnav&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+By default, SANnav OVA is shipped with root user login enabled.  While protected by a password, access to root could expose SANnav to a remote attacker should they gain access to the root account. 
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+

2024/CVE-2024-29269.md

@@ -20,4 +20,5 @@ No PoCs from references.
 - https://github.com/wjlin0/poc-doc
 - https://github.com/wutalent/CVE-2024-29269
 - https://github.com/wy876/POC
+- https://github.com/wy876/wiki
 

2024/CVE-2024-3034.md

@@ -0,0 +1,17 @@
+### [CVE-2024-3034](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3034)
+![](https://img.shields.io/static/v1?label=Product&message=BackUpWordPress&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%203.13%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-22%20Improper%20Limitation%20of%20a%20Pathname%20to%20a%20Restricted%20Directory%20('Path%20Traversal')&color=brighgreen)
+
+### Description
+
+The BackUpWordPress plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.13 via the hmbkp_directory_browse parameter. This makes it possible for authenticated attackers, with administrator-level access and above, to traverse directories outside of the context in which the plugin should allow.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+

2024/CVE-2024-31750.md

@@ -15,4 +15,5 @@ No PoCs from references.
 #### Github
 - https://github.com/wjlin0/poc-doc
 - https://github.com/wy876/POC
+- https://github.com/wy876/wiki
 

2024/CVE-2024-32405.md

@@ -14,5 +14,5 @@ Cross Site Scripting vulnerability in inducer relate before v.2024.1 allows a re
 - https://portswigger.net/web-security/cross-site-scripting/stored
 
 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/fkie-cad/nvd-json-data-feeds
 

2024/CVE-2024-3272.md

@@ -21,4 +21,5 @@ No PoCs from references.
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/wjlin0/poc-doc
 - https://github.com/wy876/POC
+- https://github.com/wy876/wiki
 

2024/CVE-2024-3273.md

@@ -30,5 +30,6 @@ No PoCs from references.
 - https://github.com/wangjiezhe/awesome-stars
 - https://github.com/wjlin0/poc-doc
 - https://github.com/wy876/POC
+- https://github.com/wy876/wiki
 - https://github.com/yarienkiva/honeypot-dlink-CVE-2024-3273
 

2024/CVE-2024-3400.md

@@ -65,5 +65,6 @@ No PoCs from references.
 - https://github.com/vulsio/go-cve-dictionary
 - https://github.com/wjlin0/poc-doc
 - https://github.com/wy876/POC
+- https://github.com/wy876/wiki
 - https://github.com/zam89/CVE-2024-3400-pot
 

2024/CVE-2024-4247.md

@@ -0,0 +1,17 @@
+### [CVE-2024-4247](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4247)
+![](https://img.shields.io/static/v1?label=Product&message=i21&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0.0.14(4656)%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-121%20Stack-based%20Buffer%20Overflow&color=brighgreen)
+
+### Description
+
+A vulnerability has been found in Tenda i21 1.0.0.14(4656) and classified as critical. This vulnerability affects the function formQosManage_auto. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. The attack can be initiated remotely. VDB-262138 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
+
+### POC
+
+#### Reference
+- https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/i/i21/formQosManage_auto.md
+
+#### Github
+No PoCs found on GitHub currently.
+