Skip to content

Commit

Permalink
Update Fri Mar 29 18:02:59 UTC 2024
Browse files Browse the repository at this point in the history
  • Loading branch information
@trickest-workflows
trickest-workflows committed Mar 29, 2024
1 parent d3630e9 commit a4770ee
Show file tree
Hide file tree
Showing 13 changed files with 168 additions and 2 deletions.
17 changes: 17 additions & 0 deletions 2011/CVE-2011-0421.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
### [CVE-2011-0421](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0421)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argument, which might allow context-dependent attackers to cause a denial of service (NULL pointer dereference) via an empty ZIP archive that is processed with a (1) locateName or (2) statName operation.

### POC

#### Reference
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:052

#### Github
No PoCs found on GitHub currently.

1 change: 1 addition & 0 deletions 2011/CVE-2011-0708.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an
- http://openwall.com/lists/oss-security/2011/02/16/7
- http://securityreason.com/securityalert/8114
- http://www.exploit-db.com/exploits/16261/
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:052

#### Github
- https://github.com/Live-Hack-CVE/CVE-2011-4566
Expand Down
2 changes: 1 addition & 1 deletion 2011/CVE-2011-1092.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows context-depende
### POC

#### Reference
No PoCs from references.
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:052

#### Github
- https://github.com/mudongliang/LinuxFlaw
Expand Down
17 changes: 17 additions & 0 deletions 2011/CVE-2011-1153.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
### [CVE-2011-1153](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1153)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20n%2Fa%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Multiple format string vulnerabilities in phar_object.c in the phar extension in PHP 5.3.5 and earlier allow context-dependent attackers to obtain sensitive information from process memory, cause a denial of service (memory corruption), or possibly execute arbitrary code via format string specifiers in an argument to a class method, leading to an incorrect zend_throw_exception_ex call.

### POC

#### Reference
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:052

#### Github
No PoCs found on GitHub currently.

17 changes: 17 additions & 0 deletions 2011/CVE-2011-1464.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
### [CVE-2011-1464](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1464)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Buffer overflow in the strval function in PHP before 5.3.6, when the precision configuration option has a large value, might allow context-dependent attackers to cause a denial of service (application crash) via a small numerical value in the argument.

### POC

#### Reference
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:052

#### Github
No PoCs found on GitHub currently.

17 changes: 17 additions & 0 deletions 2011/CVE-2011-1466.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
### [CVE-2011-1466](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1466)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Integer overflow in the SdnToJulian function in the Calendar extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via a large integer in the first argument to the cal_from_jd function.

### POC

#### Reference
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:052

#### Github
No PoCs found on GitHub currently.

17 changes: 17 additions & 0 deletions 2011/CVE-2011-1467.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
### [CVE-2011-1467](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1467)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Unspecified vulnerability in the NumberFormatter::setSymbol (aka numfmt_set_symbol) function in the Intl extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via an invalid argument, a related issue to CVE-2010-4409.

### POC

#### Reference
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:052

#### Github
No PoCs found on GitHub currently.

17 changes: 17 additions & 0 deletions 2011/CVE-2011-1469.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
### [CVE-2011-1469](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1469)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Unspecified vulnerability in the Streams component in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) by accessing an ftp:// URL during use of an HTTP proxy with the FTP wrapper.

### POC

#### Reference
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:052

#### Github
No PoCs found on GitHub currently.

17 changes: 17 additions & 0 deletions 2011/CVE-2011-1470.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
### [CVE-2011-1470](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1470)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

The Zip extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via a ziparchive stream that is not properly handled by the stream_get_contents function.

### POC

#### Reference
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:052

#### Github
No PoCs found on GitHub currently.

2 changes: 1 addition & 1 deletion 2011/CVE-2011-1471.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ Integer signedness error in zip_stream.c in the Zip extension in PHP before 5.3.
### POC

#### Reference
No PoCs from references.
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:052

#### Github
- https://github.com/Live-Hack-CVE/CVE-2011-1471
Expand Down
17 changes: 17 additions & 0 deletions 2020/CVE-2020-35830.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
### [CVE-2020-35830](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35830)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.74, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBK20 before 2.3.5.26, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK40 before 2.3.5.30, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

### POC

#### Reference
- https://kb.netgear.com/000062672/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-WiFi-Systems-PSV-2018-0507

#### Github
No PoCs found on GitHub currently.

17 changes: 17 additions & 0 deletions 2024/CVE-2024-27935.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
### [CVE-2024-27935](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27935)
![](https://img.shields.io/static/v1?label=Product&message=deno&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3E%3D%201.35.1%2C%20%3C%201.36.3%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-488%3A%20Exposure%20of%20Data%20Element%20to%20Wrong%20Session&color=brighgreen)

### Description

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Starting in version 1.35.1 and prior to version 1.36.3, a vulnerability in Deno's Node.js compatibility runtime allows for cross-session data contamination during simultaneous asynchronous reads from Node.js streams sourced from sockets or files. The issue arises from the re-use of a global buffer (BUF) in stream_wrap.ts used as a performance optimization to limit allocations during these asynchronous read operations. This can lead to data intended for one session being received by another session, potentially resulting in data corruption and unexpected behavior. This affects all users of Deno that use the node.js compatibility layer for network communication or other streams, including packages that may require node.js libraries indirectly. Version 1.36.3 contains a patch for this issue.

### POC

#### Reference
- https://github.com/denoland/deno/security/advisories/GHSA-wrqv-pf6j-mqjp

#### Github
No PoCs found on GitHub currently.

12 changes: 12 additions & 0 deletions references.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18305,6 +18305,7 @@ CVE-2011-0419 - http://www.oracle.com/technetwork/topics/security/cpujuly2013-18
CVE-2011-0420 - http://securityreason.com/achievement_securityalert/94
CVE-2011-0420 - http://securityreason.com/securityalert/8087
CVE-2011-0420 - http://www.exploit-db.com/exploits/16182
CVE-2011-0421 - http://www.mandriva.com/security/advisories?name=MDVSA-2011:052
CVE-2011-0469 - https://bugzilla.suse.com/show_bug.cgi?id=679325
CVE-2011-0471 - https://exchange.xforce.ibmcloud.com/vulnerabilities/64662
CVE-2011-0480 - http://ffmpeg.mplayerhq.hu/
Expand Down Expand Up @@ -18378,6 +18379,7 @@ CVE-2011-0708 - http://openwall.com/lists/oss-security/2011/02/14/1
CVE-2011-0708 - http://openwall.com/lists/oss-security/2011/02/16/7
CVE-2011-0708 - http://securityreason.com/securityalert/8114
CVE-2011-0708 - http://www.exploit-db.com/exploits/16261/
CVE-2011-0708 - http://www.mandriva.com/security/advisories?name=MDVSA-2011:052
CVE-2011-0710 - http://www.vmware.com/security/advisories/VMSA-2011-0012.html
CVE-2011-0722 - http://ffmpeg.mplayerhq.hu/
CVE-2011-0723 - http://ffmpeg.mplayerhq.hu/
Expand Down Expand Up @@ -18578,6 +18580,7 @@ CVE-2011-1079 - http://packetstormsecurity.com/files/153799/Kernel-Live-Patch-Se
CVE-2011-1086 - https://www.exploit-db.com/exploits/35125
CVE-2011-1087 - http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4931.php
CVE-2011-1090 - http://www.vmware.com/security/advisories/VMSA-2011-0012.html
CVE-2011-1092 - http://www.mandriva.com/security/advisories?name=MDVSA-2011:052
CVE-2011-1095 - http://www.vmware.com/security/advisories/VMSA-2011-0012.html
CVE-2011-1096 - http://www.csoonline.com/article/692366/widely-used-encryption-standard-is-insecure-say-experts
CVE-2011-1099 - http://securityreason.com/securityalert/8121
Expand All @@ -18593,6 +18596,7 @@ CVE-2011-1141 - https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5732
CVE-2011-1150 - https://www.openwall.com/lists/oss-security/2011/03/14/20
CVE-2011-1151 - https://packetstormsecurity.com/files/101835/Joomla-1.6.0-SQL-Injection.html
CVE-2011-1151 - https://www.openwall.com/lists/oss-security/2011/03/14/21
CVE-2011-1153 - http://www.mandriva.com/security/advisories?name=MDVSA-2011:052
CVE-2011-1170 - http://securityreason.com/securityalert/8278
CVE-2011-1171 - http://securityreason.com/securityalert/8278
CVE-2011-1172 - http://securityreason.com/securityalert/8278
Expand All @@ -18616,6 +18620,12 @@ CVE-2011-1347 - https://threatpost.com/en_us/blogs/pwn2own-winner-stephen-fewer-
CVE-2011-1411 - http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
CVE-2011-1412 - http://securityreason.com/securityalert/8324
CVE-2011-1428 - http://savannah.nongnu.org/patch/index.php?7459
CVE-2011-1464 - http://www.mandriva.com/security/advisories?name=MDVSA-2011:052
CVE-2011-1466 - http://www.mandriva.com/security/advisories?name=MDVSA-2011:052
CVE-2011-1467 - http://www.mandriva.com/security/advisories?name=MDVSA-2011:052
CVE-2011-1469 - http://www.mandriva.com/security/advisories?name=MDVSA-2011:052
CVE-2011-1470 - http://www.mandriva.com/security/advisories?name=MDVSA-2011:052
CVE-2011-1471 - http://www.mandriva.com/security/advisories?name=MDVSA-2011:052
CVE-2011-1473 - http://vincent.bernat.im/en/blog/2011-ssl-dos-mitigation.html
CVE-2011-1473 - http://www.ietf.org/mail-archive/web/tls/current/msg07553.html
CVE-2011-1474 - http://seclists.org/oss-sec/2011/q1/579
Expand Down Expand Up @@ -66441,6 +66451,7 @@ CVE-2020-35817 - https://kb.netgear.com/000062668/Security-Advisory-for-Stored-C
CVE-2020-35819 - https://kb.netgear.com/000062648/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-WiFi-Systems-PSV-2018-0495
CVE-2020-35825 - https://kb.netgear.com/000062642/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-WiFi-Systems-PSV-2018-0502
CVE-2020-35826 - https://kb.netgear.com/000062647/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-WiFi-Systems-PSV-2018-0503
CVE-2020-35830 - https://kb.netgear.com/000062672/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-WiFi-Systems-PSV-2018-0507
CVE-2020-35831 - https://kb.netgear.com/000062679/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-WiFi-Systems-PSV-2018-0508
CVE-2020-35837 - https://kb.netgear.com/000062650/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-PSV-2018-0499
CVE-2020-35846 - http://packetstormsecurity.com/files/162282/Cockpit-CMS-0.11.1-NoSQL-Injection-Remote-Command-Execution.html
Expand Down Expand Up @@ -92094,6 +92105,7 @@ CVE-2024-27923 - https://github.com/getgrav/grav/security/advisories/GHSA-f6g2-h
CVE-2024-27927 - https://github.com/DIYgod/RSSHub/security/advisories/GHSA-3p3p-cgj7-vgw3
CVE-2024-27933 - https://github.com/denoland/deno/security/advisories/GHSA-6q4w-9x56-rmwq
CVE-2024-27934 - https://github.com/denoland/deno/security/advisories/GHSA-3j27-563v-28wf
CVE-2024-27935 - https://github.com/denoland/deno/security/advisories/GHSA-wrqv-pf6j-mqjp
CVE-2024-27936 - https://github.com/denoland/deno/security/advisories/GHSA-m4pq-fv2w-6hrw
CVE-2024-28088 - https://github.com/PinkDraconian/PoC-Langchain-RCE/blob/main/README.md
CVE-2024-28089 - https://github.com/actuator/cve/blob/main/Hitron/CVE-2024-28089
Expand Down

0 comments on commit a4770ee

Please sign in to comment.