-
Notifications
You must be signed in to change notification settings - Fork 781
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
a4d3132
commit efb0cfb
Showing
16 changed files
with
147 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
### [CVE-2021-45535](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45535) | ||
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) | ||
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) | ||
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) | ||
|
||
### Description | ||
|
||
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RAX200 before 1.0.3.106, RAX80 before 1.0.3.106, RAX75 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6. | ||
|
||
### POC | ||
|
||
#### Reference | ||
- https://kb.netgear.com/000064457/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0052 | ||
|
||
#### Github | ||
No PoCs found on GitHub currently. | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
### [CVE-2024-20670](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20670) | ||
![](https://img.shields.io/static/v1?label=Product&message=Outlook%20for%20Windows&color=blue) | ||
![](https://img.shields.io/static/v1?label=Version&message=1.0.0%3C%201.2023.0322.0100%20&color=brighgreen) | ||
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%3A%20Improper%20Input%20Validation&color=brighgreen) | ||
|
||
### Description | ||
|
||
Outlook for Windows Spoofing Vulnerability | ||
|
||
### POC | ||
|
||
#### Reference | ||
No PoCs from references. | ||
|
||
#### Github | ||
- https://github.com/tanjiti/sec_profile | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
### [CVE-2024-22363](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22363) | ||
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) | ||
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) | ||
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) | ||
|
||
### Description | ||
|
||
SheetJS Community Edition before 0.20.2 is vulnerable.to Regular Expression Denial of Service (ReDoS). | ||
|
||
### POC | ||
|
||
#### Reference | ||
No PoCs from references. | ||
|
||
#### Github | ||
- https://github.com/francoatmega/francoatmega | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
### [CVE-2024-24862](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24862) | ||
![](https://img.shields.io/static/v1?label=Product&message=Linux%20kernel&color=blue) | ||
![](https://img.shields.io/static/v1?label=Version&message=v6.2%3C%20v6.9-rc3%20&color=brighgreen) | ||
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-476%20NULL%20Pointer%20Dereference&color=brighgreen) | ||
|
||
### Description | ||
|
||
In function pci1xxxx_spi_probe, there is a potential null pointer thatmay be caused by a failed memory allocation by the function devm_kzalloc.Hence, a null pointer check needs to be added to prevent null pointerdereferencing later in the code.To fix this issue, spi_bus->spi_int[iter] should be checked. The memoryallocated by devm_kzalloc will be automatically released, so just directlyreturn -ENOMEM without worrying about memory leaks. | ||
|
||
### POC | ||
|
||
#### Reference | ||
No PoCs from references. | ||
|
||
#### Github | ||
- https://github.com/fkie-cad/nvd-json-data-feeds | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
### [CVE-2024-24863](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24863) | ||
![](https://img.shields.io/static/v1?label=Product&message=Linux%20kernel&color=blue) | ||
![](https://img.shields.io/static/v1?label=Version&message=v4.19-rc1%3C%20v6.9-rc2%20&color=brighgreen) | ||
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-476%20NULL%20Pointer%20Dereference&color=brighgreen) | ||
|
||
### Description | ||
|
||
In malidp_mw_connector_reset, new memory is allocated with kzalloc, but no check is performed. In order to prevent null pointer dereferencing, ensure that mw_state is checked before calling __drm_atomic_helper_connector_reset. | ||
|
||
### POC | ||
|
||
#### Reference | ||
No PoCs from references. | ||
|
||
#### Github | ||
- https://github.com/fkie-cad/nvd-json-data-feeds | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
### [CVE-2024-26817](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26817) | ||
![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue) | ||
![](https://img.shields.io/static/v1?label=Version&message=1da177e4c3f4%3C%20e6721ea845fc%20&color=brighgreen) | ||
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) | ||
|
||
### Description | ||
|
||
In the Linux kernel, the following vulnerability has been resolved:amdkfd: use calloc instead of kzalloc to avoid integer overflowThis uses calloc instead of doing the multiplication which mightoverflow. | ||
|
||
### POC | ||
|
||
#### Reference | ||
No PoCs from references. | ||
|
||
#### Github | ||
- https://github.com/MaherAzzouzi/CVE-2024-26817-amdkfd | ||
- https://github.com/nomi-sec/PoC-in-GitHub | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
### [CVE-2024-27462](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27462) | ||
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) | ||
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) | ||
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=blue) | ||
|
||
### Description | ||
|
||
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | ||
|
||
### POC | ||
|
||
#### Reference | ||
No PoCs from references. | ||
|
||
#### Github | ||
- https://github.com/Alaatk/CVE-2024-27462 | ||
- https://github.com/nomi-sec/PoC-in-GitHub | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters