Update Tue Apr 30 10:05:57 UTC 2024

trickest · Apr 30, 2024 · ccac585 · ccac585
1 parent 9a3a642
commit ccac585
Show file tree

Hide file tree

Showing 44 changed files with 456 additions and 0 deletions.
diff --git a/2005/CVE-2005-1983.md b/2005/CVE-2005-1983.md
@@ -10,6 +10,7 @@ Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Win
 ### POC
 
 #### Reference
+- http://www.securiteam.com/windowsntfocus/5YP0E00GKW.html
 - https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-039
 
 #### Github

diff --git a/2010/CVE-2010-1242.md b/2010/CVE-2010-1242.md
@@ -0,0 +1,17 @@
+### [CVE-2010-1242](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1242)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Multiple cross-site scripting (XSS) vulnerabilities in the IBM Web Interface for Content Management (aka WEBi) before 1.0.4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/shameekASC5/AdobePDF
+
diff --git a/2010/CVE-2010-2975.md b/2010/CVE-2010-2975.md
@@ -0,0 +1,17 @@
+### [CVE-2010-2975](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2975)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 does not properly handle multiple SSH sessions, which allows physically proximate attackers to read a password, related to an "arrow key failure," aka Bug ID CSCtg51544.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2010/CVE-2010-2976.md b/2010/CVE-2010-2976.md
@@ -0,0 +1,17 @@
+### [CVE-2010-2976](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2976)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The controller in Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 has (1) a default SNMP read-only community of public, (2) a default SNMP read-write community of private, and a value of "default" for the (3) SNMP v3 username, (4) SNMP v3 authentication password, and (5) SNMP v3 privacy password, which makes it easier for remote attackers to obtain access.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2010/CVE-2010-2977.md b/2010/CVE-2010-2977.md
@@ -0,0 +1,17 @@
+### [CVE-2010-2977](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2977)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 does not properly implement TLS and SSL, which has unspecified impact and remote attack vectors, aka Bug ID CSCtd01611.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2010/CVE-2010-2978.md b/2010/CVE-2010-2978.md
@@ -0,0 +1,17 @@
+### [CVE-2010-2978](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2978)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 does not use an adequate message-digest algorithm for a self-signed certificate, which allows remote attackers to bypass intended access restrictions via vectors involving collisions, aka Bug ID CSCtd67660.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2010/CVE-2010-2979.md b/2010/CVE-2010-2979.md
@@ -0,0 +1,17 @@
+### [CVE-2010-2979](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2979)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 5508 series controllers allows remote attackers to cause a denial of service (buffer leak and device crash) via ARP requests that trigger an ARP storm, aka Bug ID CSCte43508.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2010/CVE-2010-2980.md b/2010/CVE-2010-2980.md
@@ -0,0 +1,17 @@
+### [CVE-2010-2980](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2980)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 5508 series controllers allows remote attackers to cause a denial of service (pbuf exhaustion and device crash) via fragmented traffic, aka Bug ID CSCtd26794.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2010/CVE-2010-2981.md b/2010/CVE-2010-2981.md
@@ -0,0 +1,17 @@
+### [CVE-2010-2981](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2981)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to cause a denial of service (device crash) by pinging a virtual interface, aka Bug ID CSCte55370.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2010/CVE-2010-2982.md b/2010/CVE-2010-2982.md
@@ -0,0 +1,17 @@
+### [CVE-2010-2982](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2982)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to discover a group password via a series of SNMP requests, as demonstrated by an SNMP walk, aka Bug ID CSCtb74037.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2010/CVE-2010-2983.md b/2010/CVE-2010-2983.md
@@ -0,0 +1,17 @@
+### [CVE-2010-2983](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2983)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The workgroup bridge (aka WGB) functionality in Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to cause a denial of service (dropped connection) via a series of spoofed EAPoL-Logoff frames, related to an "EAPoL logoff attack," aka Bug ID CSCte43374.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2010/CVE-2010-2984.md b/2010/CVE-2010-2984.md
@@ -0,0 +1,17 @@
+### [CVE-2010-2984](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2984)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 4404 series controllers does not properly implement the WEBAUTH_REQD state, which allows remote attackers to bypass intended access restrictions via WLAN traffic, aka Bug ID CSCtb75305.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2010/CVE-2010-2986.md b/2010/CVE-2010-2986.md
@@ -0,0 +1,17 @@
+### [CVE-2010-2986](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2986)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cross-site scripting (XSS) vulnerability in webacs/QuickSearchAction.do in the search feature in the web interface in Cisco Wireless Control System (WCS) before 6.0(194.0) and 7.x before 7.0.164 allows remote attackers to inject arbitrary web script or HTML via the searchText parameter, aka Bug ID CSCtf14288.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2010/CVE-2010-2987.md b/2010/CVE-2010-2987.md
@@ -0,0 +1,17 @@
+### [CVE-2010-2987](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2987)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Multiple cross-site scripting (XSS) vulnerabilities in Cisco Wireless Control System (WCS) 7.x before 7.0.164, as used in Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCtg33854.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2010/CVE-2010-2988.md b/2010/CVE-2010-2988.md
@@ -0,0 +1,17 @@
+### [CVE-2010-2988](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2988)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cross-site scripting (XSS) vulnerability in Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCtf35333.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2014/CVE-2014-6270.md b/2014/CVE-2014-6270.md
@@ -0,0 +1,17 @@
+### [CVE-2014-6270](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6270)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Off-by-one error in the snmpHandleUdp function in snmp_core.cc in Squid 2.x and 3.x, when an SNMP port is configured, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted UDP SNMP request, which triggers a heap-based buffer overflow.
+
+### POC
+
+#### Reference
+- http://www.ubuntu.com/usn/USN-2921-1
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2015/CVE-2015-0801.md b/2015/CVE-2015-0801.md
@@ -11,6 +11,7 @@ Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird befor
 
 #### Reference
 - http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
+- http://www.ubuntu.com/usn/USN-2550-1
 - https://bugzilla.mozilla.org/show_bug.cgi?id=1146339
 
 #### Github

diff --git a/2015/CVE-2015-0802.md b/2015/CVE-2015-0802.md
@@ -11,6 +11,7 @@ Mozilla Firefox before 37.0 relies on docshell type information instead of page
 
 #### Reference
 - http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
+- http://www.ubuntu.com/usn/USN-2550-1
 - https://www.exploit-db.com/exploits/37958/
 
 #### Github

diff --git a/2015/CVE-2015-0803.md b/2015/CVE-2015-0803.md
@@ -11,6 +11,7 @@ The HTMLSourceElement::AfterSetAttr function in Mozilla Firefox before 37.0 does
 
 #### Reference
 - http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
+- http://www.ubuntu.com/usn/USN-2550-1
 
 #### Github
 No PoCs found on GitHub currently.

diff --git a/2015/CVE-2015-0804.md b/2015/CVE-2015-0804.md
@@ -11,6 +11,7 @@ The HTMLSourceElement::BindToTree function in Mozilla Firefox before 37.0 does n
 
 #### Reference
 - http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
+- http://www.ubuntu.com/usn/USN-2550-1
 
 #### Github
 No PoCs found on GitHub currently.

diff --git a/2015/CVE-2015-0805.md b/2015/CVE-2015-0805.md
@@ -11,6 +11,7 @@ The Off Main Thread Compositing (OMTC) implementation in Mozilla Firefox before
 
 #### Reference
 - http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
+- http://www.ubuntu.com/usn/USN-2550-1
 
 #### Github
 No PoCs found on GitHub currently.

diff --git a/2015/CVE-2015-0806.md b/2015/CVE-2015-0806.md
@@ -11,6 +11,7 @@ The Off Main Thread Compositing (OMTC) implementation in Mozilla Firefox before
 
 #### Reference
 - http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
+- http://www.ubuntu.com/usn/USN-2550-1
 
 #### Github
 No PoCs found on GitHub currently.

diff --git a/2015/CVE-2015-0807.md b/2015/CVE-2015-0807.md
@@ -11,6 +11,7 @@ The navigator.sendBeacon implementation in Mozilla Firefox before 37.0, Firefox
 
 #### Reference
 - http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
+- http://www.ubuntu.com/usn/USN-2550-1
 
 #### Github
 No PoCs found on GitHub currently.

diff --git a/2015/CVE-2015-0808.md b/2015/CVE-2015-0808.md
@@ -11,6 +11,7 @@ The webrtc::VPMContentAnalysis::Release function in the WebRTC implementation in
 
 #### Reference
 - http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
+- http://www.ubuntu.com/usn/USN-2550-1
 
 #### Github
 No PoCs found on GitHub currently.

diff --git a/2015/CVE-2015-0811.md b/2015/CVE-2015-0811.md
@@ -11,6 +11,7 @@ The QCMS implementation in Mozilla Firefox before 37.0 allows remote attackers t
 
 #### Reference
 - http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
+- http://www.ubuntu.com/usn/USN-2550-1
 
 #### Github
 No PoCs found on GitHub currently.

diff --git a/2015/CVE-2015-0812.md b/2015/CVE-2015-0812.md
@@ -11,6 +11,7 @@ Mozilla Firefox before 37.0 does not require an HTTPS session for lightweight th
 
 #### Reference
 - http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
+- http://www.ubuntu.com/usn/USN-2550-1
 - https://bugzilla.mozilla.org/show_bug.cgi?id=1128126
 
 #### Github

diff --git a/2015/CVE-2015-0813.md b/2015/CVE-2015-0813.md
@@ -11,6 +11,7 @@ Use-after-free vulnerability in the AppendElements function in Mozilla Firefox b
 
 #### Reference
 - http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
+- http://www.ubuntu.com/usn/USN-2550-1
 
 #### Github
 - https://github.com/Hwangtaewon/radamsa

diff --git a/2015/CVE-2015-0814.md b/2015/CVE-2015-0814.md
@@ -11,6 +11,7 @@ Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox be
 
 #### Reference
 - http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
+- http://www.ubuntu.com/usn/USN-2550-1
 
 #### Github
 No PoCs found on GitHub currently.

diff --git a/2015/CVE-2015-0815.md b/2015/CVE-2015-0815.md
@@ -11,6 +11,7 @@ Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox be
 
 #### Reference
 - http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
+- http://www.ubuntu.com/usn/USN-2550-1
 
 #### Github
 No PoCs found on GitHub currently.

diff --git a/2015/CVE-2015-0816.md b/2015/CVE-2015-0816.md
@@ -11,6 +11,7 @@ Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird befor
 
 #### Reference
 - http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
+- http://www.ubuntu.com/usn/USN-2550-1
 - https://www.exploit-db.com/exploits/37958/
 
 #### Github

diff --git a/2016/CVE-2016-2571.md b/2016/CVE-2016-2571.md
@@ -12,6 +12,7 @@ http.cc in Squid 3.x before 3.5.15 and 4.x before 4.0.7 proceeds with the storag
 #### Reference
 - http://www.openwall.com/lists/oss-security/2016/02/26/2
 - http://www.squid-cache.org/Advisories/SQUID-2016_2.txt
+- http://www.ubuntu.com/usn/USN-2921-1
 
 #### Github
 - https://github.com/ARPSyndicate/cvemon