Update Sun Feb 18 18:10:05 UTC 2024

2011/CVE-2011-4582.md

@@ -0,0 +1,17 @@
+### [CVE-2011-4582](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4582)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20n%2Fa%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Open redirect vulnerability in the Calendar set page in Moodle 2.1.x before 2.1.3 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a redirection URL.
+
+### POC
+
+#### Reference
+- http://moodle.org/mod/forum/discuss.php?d=191748
+
+#### Github
+No PoCs found on GitHub currently.
+

2013/CVE-2013-1060.md

@@ -0,0 +1,17 @@
+### [CVE-2013-1060](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1060)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+A certain Ubuntu build procedure for perf, as distributed in the Linux kernel packages in Ubuntu 10.04 LTS, 12.04 LTS, 12.10, 13.04, and 13.10, sets the HOME environment variable to the ~buildd directory and consequently reads the system configuration file from the ~buildd directory, which allows local users to gain privileges by leveraging control over the buildd account.
+
+### POC
+
+#### Reference
+- http://www.ubuntu.com/usn/USN-1938-1
+
+#### Github
+No PoCs found on GitHub currently.
+

2013/CVE-2013-2140.md

@@ -0,0 +1,17 @@
+### [CVE-2013-2140](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2140)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20n%2Fa%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The dispatch_discard_io function in drivers/block/xen-blkback/blkback.c in the Xen blkback implementation in the Linux kernel before 3.10.5 allows guest OS users to cause a denial of service (data loss) via filesystem write operations on a read-only disk that supports the (1) BLKIF_OP_DISCARD (aka discard or TRIM) or (2) SCSI UNMAP feature.
+
+### POC
+
+#### Reference
+- http://www.ubuntu.com/usn/USN-1938-1
+
+#### Github
+No PoCs found on GitHub currently.
+

2013/CVE-2013-2232.md

@@ -0,0 +1,17 @@
+### [CVE-2013-2232](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2232)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20n%2Fa%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The ip6_sk_dst_check function in net/ipv6/ip6_output.c in the Linux kernel before 3.10 allows local users to cause a denial of service (system crash) by using an AF_INET6 socket for a connection to an IPv4 interface.
+
+### POC
+
+#### Reference
+- http://www.ubuntu.com/usn/USN-1938-1
+
+#### Github
+No PoCs found on GitHub currently.
+

2013/CVE-2013-2234.md

@@ -0,0 +1,17 @@
+### [CVE-2013-2234](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2234)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20n%2Fa%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The (1) key_notify_sa_flush and (2) key_notify_policy_flush functions in net/key/af_key.c in the Linux kernel before 3.10 do not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify interface of an IPSec key_socket.
+
+### POC
+
+#### Reference
+- http://www.ubuntu.com/usn/USN-1938-1
+
+#### Github
+No PoCs found on GitHub currently.
+

2013/CVE-2013-4162.md

@@ -0,0 +1,17 @@
+### [CVE-2013-4162](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4162)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20n%2Fa%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The udp_v6_push_pending_frames function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel through 3.10.3 makes an incorrect function call for pending data, which allows local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call.
+
+### POC
+
+#### Reference
+- http://www.ubuntu.com/usn/USN-1938-1
+
+#### Github
+No PoCs found on GitHub currently.
+

2013/CVE-2013-4163.md

@@ -0,0 +1,17 @@
+### [CVE-2013-4163](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4163)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20n%2Fa%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The ip6_append_data_mtu function in net/ipv6/ip6_output.c in the IPv6 implementation in the Linux kernel through 3.10.3 does not properly maintain information about whether the IPV6_MTU setsockopt option had been specified, which allows local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call.
+
+### POC
+
+#### Reference
+- http://www.ubuntu.com/usn/USN-1938-1
+
+#### Github
+No PoCs found on GitHub currently.
+

2018/CVE-2018-20681.md

@@ -0,0 +1,17 @@
+### [CVE-2018-20681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20681)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+mate-screensaver before 1.20.2 in MATE Desktop Environment allows physically proximate attackers to view screen content and possibly control applications. By unplugging and re-plugging or power-cycling external output devices (such as additionally attached graphical outputs via HDMI, VGA, DVI, etc.) the content of a screensaver-locked session can be revealed. In some scenarios, the attacker can execute applications, such as by clicking with a mouse.
+
+### POC
+
+#### Reference
+- https://github.com/mate-desktop/mate-screensaver/issues/155
+
+#### Github
+No PoCs found on GitHub currently.
+

2018/CVE-2018-7119.md

@@ -0,0 +1,17 @@
+### [CVE-2018-7119](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7119)
+![](https://img.shields.io/static/v1?label=Product&message=NonStop%20SAFEGAURD%20and%20NonStop%20H-series%20STDSEC-STANDARD%20SECURITY%20Product&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=Local%20Disclosure%20of%20Sensitive%20Information&color=brighgreen)
+
+### Description
+
+A Local Disclosure of Sensitive Information vulnerability was identified in HPE NonStop Safeguard earlier than version SPR T9750L01^AIC or T9750H05^AIH, and later versions when the PASSWORD-PROMPT configuration attribute is not set to BLIND; all versions on H-series. STDSEC-STANDARD SECURITY PROD All prior versions before T6533L01^ADU or T6533H05^ADW, and later versions when the PASSWORD-PROMPT configuration attribute is not set to BLIND and all versions on H-series . Note that some commands in NonStop Safeguard and NonStop Standard Security software require username and password to be passed as command line parameters, which may lead to a local disclosure of the credentials.
+
+### POC
+
+#### Reference
+- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03910en_us
+
+#### Github
+No PoCs found on GitHub currently.
+

2021/CVE-2021-25142.md

@@ -0,0 +1,17 @@
+### [CVE-2021-25142](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25142)
+![](https://img.shields.io/static/v1?label=Product&message=HPE%20Apollo%2070%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=HPE%20Apollo%2070%20system%20bmc%20firmware%20libifc.so%20webstartflash%20function%20has%20a%20buffer%20overflow%20vulnerability.&color=brighgreen)
+
+### Description
+
+The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webstartflash function.
+
+### POC
+
+#### Reference
+- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04080en_us
+
+#### Github
+No PoCs found on GitHub currently.
+

2021/CVE-2021-25168.md

@@ -0,0 +1,17 @@
+### [CVE-2021-25168](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25168)
+![](https://img.shields.io/static/v1?label=Product&message=HPE%20Apollo%2070%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=HPE%20Apollo%2070%20system%20bmc%20firmware%20libifc.so%20webupdatecomponent%20function%20has%20a%20buffer%20overflow%20vulnerability.&color=brighgreen)
+
+### Description
+
+The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webupdatecomponent function.
+
+### POC
+
+#### Reference
+- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04080en_us
+
+#### Github
+No PoCs found on GitHub currently.
+

2021/CVE-2021-25169.md

@@ -0,0 +1,17 @@
+### [CVE-2021-25169](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25169)
+![](https://img.shields.io/static/v1?label=Product&message=HPE%20Apollo%2070%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=HPE%20Apollo%2070%20system%20bmc%20firmware%20libifc.so%20websetservicecfg%20function%20has%20a%20buffer%20overflow%20vulnerability.&color=brighgreen)
+
+### Description
+
+The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so websetservicecfg function.
+
+### POC
+
+#### Reference
+- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04080en_us
+
+#### Github
+No PoCs found on GitHub currently.
+

2021/CVE-2021-25170.md

@@ -0,0 +1,17 @@
+### [CVE-2021-25170](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25170)
+![](https://img.shields.io/static/v1?label=Product&message=HPE%20Apollo%2070%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=HPE%20Apollo%2070%20system%20bmc%20firmware%20libifc.so%20websetremoteimageinfo%20function%20has%20a%20buffer%20overflow%20vulnerability.&color=brighgreen)
+
+### Description
+
+The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so websetremoteimageinfo function.
+
+### POC
+
+#### Reference
+- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04080en_us
+
+#### Github
+No PoCs found on GitHub currently.
+

2021/CVE-2021-25171.md

@@ -0,0 +1,17 @@
+### [CVE-2021-25171](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25171)
+![](https://img.shields.io/static/v1?label=Product&message=HPE%20Apollo%2070%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=HPE%20Apollo%2070%20system%20bmc%20firmware%20libifc.so%20websetlicensecfg%20function%20has%20a%20buffer%20overflow%20vulnerability.&color=brighgreen)
+
+### Description
+
+The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so websetlicensecfg function.
+
+### POC
+
+#### Reference
+- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04080en_us
+
+#### Github
+No PoCs found on GitHub currently.
+

2021/CVE-2021-25172.md

@@ -0,0 +1,17 @@
+### [CVE-2021-25172](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25172)
+![](https://img.shields.io/static/v1?label=Product&message=HPE%20Apollo%2070%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=HPE%20Apollo%2070%20system%20bmc%20firmware%20libifc.so%20websetdefaultlangcfg%20function%20has%20a%20command%20injection%20vulnerability.&color=brighgreen)
+
+### Description
+
+The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a command injection vulnerability in libifc.so websetdefaultlangcfg function.
+
+### POC
+
+#### Reference
+- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04080en_us
+
+#### Github
+No PoCs found on GitHub currently.
+

2021/CVE-2021-26570.md

@@ -0,0 +1,17 @@
+### [CVE-2021-26570](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26570)
+![](https://img.shields.io/static/v1?label=Product&message=HPE%20Apollo%2070%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=HPE%20Apollo%2070%20system%20bmc%20firmware%20libifc.so%20webifc_setadconfig%20function%20has%20a%20buffer%20overflow%20vulnerability.&color=brighgreen)
+
+### Description
+
+The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webifc_setadconfig function.
+
+### POC
+
+#### Reference
+- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04080en_us
+
+#### Github
+No PoCs found on GitHub currently.
+

2021/CVE-2021-26571.md

@@ -0,0 +1,17 @@
+### [CVE-2021-26571](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26571)
+![](https://img.shields.io/static/v1?label=Product&message=HPE%20Apollo%2070%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=HPE%20Apollo%2070%20system%20bmc%20firmware%20libifc.so%20webgetactivexcfg%20function%20has%20a%20buffer%20overflow%20vulnerability.&color=brighgreen)
+
+### Description
+
+The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webgetactivexcfg function.
+
+### POC
+
+#### Reference
+- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04080en_us
+
+#### Github
+No PoCs found on GitHub currently.
+

2021/CVE-2021-26572.md

@@ -0,0 +1,17 @@
+### [CVE-2021-26572](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26572)
+![](https://img.shields.io/static/v1?label=Product&message=HPE%20Apollo%2070%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=HPE%20Apollo%2070%20system%20bmc%20firmware%20libifc.so%20webgetactivexcfg%20function%20has%20a%20buffer%20overflow%20vulnerability.&color=brighgreen)
+
+### Description
+
+The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webgetactivexcfg function.
+
+### POC
+
+#### Reference
+- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04080en_us
+
+#### Github
+No PoCs found on GitHub currently.
+

2021/CVE-2021-26573.md

@@ -0,0 +1,17 @@
+### [CVE-2021-26573](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26573)
+![](https://img.shields.io/static/v1?label=Product&message=HPE%20Apollo%2070%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=HPE%20Apollo%2070%20system%20bmc%20firmware%20libifc.so%20webgeneratesslcfg%20function%20has%20a%20buffer%20overflow%20vulnerability.&color=brighgreen)
+
+### Description
+
+The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webgeneratesslcfg function.
+
+### POC
+
+#### Reference
+- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04080en_us
+
+#### Github
+No PoCs found on GitHub currently.
+

2021/CVE-2021-26574.md

@@ -0,0 +1,17 @@
+### [CVE-2021-26574](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26574)
+![](https://img.shields.io/static/v1?label=Product&message=HPE%20Apollo%2070%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=HPE%20Apollo%2070%20system%20bmc%20firmware%20libifc.so%20webdeletevideofile%20function%20has%20a%20path%20traversal%20vulnerability.&color=brighgreen)
+
+### Description
+
+The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a path traversal vulnerability in libifc.so webdeletevideofile function.
+
+### POC
+
+#### Reference
+- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04080en_us
+
+#### Github
+No PoCs found on GitHub currently.
+

2021/CVE-2021-26575.md

@@ -0,0 +1,17 @@
+### [CVE-2021-26575](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26575)
+![](https://img.shields.io/static/v1?label=Product&message=HPE%20Apollo%2070%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=HPE%20Apollo%2070%20system%20bmc%20firmware%20libifc.so%20webdeletesolvideofile%20function%20has%20a%20path%20traversal%20vulnerability.&color=brighgreen)
+
+### Description
+
+The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a path traversal vulnerability in libifc.so webdeletesolvideofile function.
+
+### POC
+
+#### Reference
+- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04080en_us
+
+#### Github
+No PoCs found on GitHub currently.
+

2021/CVE-2021-26576.md

@@ -0,0 +1,17 @@
+### [CVE-2021-26576](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26576)
+![](https://img.shields.io/static/v1?label=Product&message=HPE%20Apollo%2070%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=HPE%20Apollo%2070%20system%20bmc%20firmware%20libifc.so%20uploadsshkey%20function%20has%20a%20command%20injection%20vulnerability.&color=brighgreen)
+
+### Description
+
+The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a command injection vulnerability in libifc.so uploadsshkey function.
+
+### POC
+
+#### Reference
+- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04080en_us
+
+#### Github
+No PoCs found on GitHub currently.
+