Update Thu Apr 11 10:04:41 UTC 2024

2018/CVE-2018-14417.md

@@ -11,6 +11,7 @@ A command injection vulnerability was found in the web administration console in
 
 #### Reference
 - http://seclists.org/fulldisclosure/2018/Jul/85
+- https://docs.softnas.com/display/SD/Release+Notes
 - https://www.coresecurity.com/advisories/softnas-cloud-os-command-injection
 - https://www.exploit-db.com/exploits/45097/
 

2019/CVE-2019-11085.md

@@ -10,7 +10,7 @@ Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics fo
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://usn.ubuntu.com/4068-1/
 
 #### Github
 - https://github.com/ARPSyndicate/cvemon

2019/CVE-2019-11815.md

@@ -12,6 +12,7 @@ An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kerne
 #### Reference
 - http://packetstormsecurity.com/files/153799/Kernel-Live-Patch-Security-Notice-LSN-0053-1.html
 - https://seclists.org/bugtraq/2019/Jun/26
+- https://usn.ubuntu.com/4068-1/
 
 #### Github
 - https://github.com/Sec20-Paper310/Paper310

2019/CVE-2019-11833.md

@@ -12,6 +12,7 @@ fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused
 #### Reference
 - http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html
 - https://seclists.org/bugtraq/2019/Jun/26
+- https://usn.ubuntu.com/4068-1/
 - https://usn.ubuntu.com/4076-1/
 
 #### Github

2019/CVE-2019-11884.md

@@ -11,6 +11,7 @@ The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel
 
 #### Reference
 - https://seclists.org/bugtraq/2019/Jun/26
+- https://usn.ubuntu.com/4068-1/
 - https://usn.ubuntu.com/4076-1/
 
 #### Github

2021/CVE-2021-20873.md

@@ -0,0 +1,17 @@
+### [CVE-2021-20873](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20873)
+![](https://img.shields.io/static/v1?label=Product&message=Yappli&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=Improper%20Authorization%20in%20Handler%20for%20Custom%20URL%20Scheme&color=brighgreen)
+
+### Description
+
+Yappli is an application development platform which provides the function to access a requested URL using Custom URL Scheme. When Android apps are developed with Yappli versions since v7.3.6 and prior to v9.30.0, they are vulnerable to improper authorization in Custom URL Scheme handler, and may be directed to unintended sites via a specially crafted URL.
+
+### POC
+
+#### Reference
+- https://support.yappli.co.jp/hc/ja/articles/4410249902745
+
+#### Github
+No PoCs found on GitHub currently.
+

2021/CVE-2021-27097.md

@@ -0,0 +1,17 @@
+### [CVE-2021-27097](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27097)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The boot loader in Das U-Boot before 2021.04-rc2 mishandles a modified FIT.
+
+### POC
+
+#### Reference
+- https://github.com/u-boot/u-boot/commit/b6f4c757959f8850e1299a77c8e5713da78e8ec0
+
+#### Github
+No PoCs found on GitHub currently.
+

2021/CVE-2021-27138.md

@@ -0,0 +1,17 @@
+### [CVE-2021-27138](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27138)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The boot loader in Das U-Boot before 2021.04-rc2 mishandles use of unit addresses in a FIT.
+
+### POC
+
+#### Reference
+- https://github.com/u-boot/u-boot/commit/b6f4c757959f8850e1299a77c8e5713da78e8ec0
+
+#### Github
+No PoCs found on GitHub currently.
+

2021/CVE-2021-44228.md

@@ -773,6 +773,7 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12
 - https://github.com/fardeen-ahmed/Bug-bounty-Writeups
 - https://github.com/fathzer/cve-reporter-core
 - https://github.com/fbiville/neo4j-impersonation-demo
+- https://github.com/fdx-xdf/log4j2_demo
 - https://github.com/fdxsec/log4j2_demo
 - https://github.com/felipe8398/ModSec-log4j2
 - https://github.com/felixslama/log4shell-minecraft-demo

2021/CVE-2021-45638.md

@@ -0,0 +1,17 @@
+### [CVE-2021-45638](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45638)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.68, D6400 before 1.0.0.102, D7000v2 before 1.0.0.74, D8500 before 1.0.3.60, DC112A before 1.0.0.56, R6300v2 before 1.0.4.50, R6400 before 1.0.1.68, R7000 before 1.0.11.116, R7100LG before 1.0.0.70, RBS40V before 2.6.2.8, RBW30 before 2.6.2.2, RS400 before 1.5.1.80, R7000P before 1.3.2.132, and R6900P before 1.3.2.132.
+
+### POC
+
+#### Reference
+- https://kb.netgear.com/000064496/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-PSV-2020-0464
+
+#### Github
+No PoCs found on GitHub currently.
+

2022/CVE-2022-0847.md

@@ -300,6 +300,7 @@ A flaw was found in the way the "flags" member of the new pipe buffer structure
 - https://github.com/stfnw/Debugging_Dirty_Pipe_CVE-2022-0847
 - https://github.com/taielab/awesome-hacking-lists
 - https://github.com/talent-x90c/cve_list
+- https://github.com/tanjiti/sec_profile
 - https://github.com/teamssix/container-escape-check
 - https://github.com/terabitSec/dirtyPipe-automaticRoot
 - https://github.com/theo-goetzinger/TP_be_root

2022/CVE-2022-34598.md

@@ -15,5 +15,6 @@ No PoCs from references.
 #### Github
 - https://github.com/ARPSyndicate/cvemon
 - https://github.com/ilovekeer/IOT_Vul
+- https://github.com/wy876/POC
 - https://github.com/zhefox/IOT_Vul
 

2024/CVE-2024-1481.md

@@ -0,0 +1,21 @@
+### [CVE-2024-1481](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1481)
+![](https://img.shields.io/static/v1?label=Product&message=Fedora&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%207&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%208&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%209&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=freeipa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=Improper%20Input%20Validation&color=brighgreen)
+
+### Description
+
+A flaw was found in FreeIPA. This issue may allow a remote attacker to craft a HTTP request with parameters that can be interpreted as command arguments to kinit on the FreeIPA server, which can lead to a denial of service.
+
+### POC
+
+#### Reference
+- https://bugzilla.redhat.com/show_bug.cgi?id=2262169
+
+#### Github
+No PoCs found on GitHub currently.
+

2024/CVE-2024-21508.md

@@ -0,0 +1,17 @@
+### [CVE-2024-21508](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21508)
+![](https://img.shields.io/static/v1?label=Product&message=mysql2&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=0%3C%203.9.4%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution%20(RCE)&color=brighgreen)
+
+### Description
+
+Versions of the package mysql2 before 3.9.4 are vulnerable to Remote Code Execution (RCE) via the readCodeFor function due to improper validation of the supportBigNumbers and bigNumberStrings values.
+
+### POC
+
+#### Reference
+- https://security.snyk.io/vuln/SNYK-JS-MYSQL2-6591085
+
+#### Github
+No PoCs found on GitHub currently.
+

2024/CVE-2024-24576.md

@@ -14,11 +14,13 @@ Rust is a programming language. The Rust Security Response WG was notified that
 No PoCs from references.
 
 #### Github
+- https://github.com/WoodManGitHub/CVE-Research
 - https://github.com/aydinnyunus/CVE-2024-24576-Exploit
 - https://github.com/brains93/CVE-2024-24576-PoC-Python
 - https://github.com/fkie-cad/nvd-json-data-feeds
 - https://github.com/frostb1ten/CVE-2024-24576-PoC
 - https://github.com/kherrick/lobsters
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/securitycipher/daily-bugbounty-writeups
+- https://github.com/tanjiti/sec_profile
 

2024/CVE-2024-2511.md

@@ -13,5 +13,6 @@ Issue summary: Some non-default TLS server configurations can cause unboundedmem
 No PoCs from references.
 
 #### Github
+- https://github.com/chnzzh/OpenSSL-CVE-lib
 - https://github.com/fkie-cad/nvd-json-data-feeds
 

2024/CVE-2024-25572.md

@@ -0,0 +1,17 @@
+### [CVE-2024-25572](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25572)
+![](https://img.shields.io/static/v1?label=Product&message=Ninja%20Forms&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20prior%20to%203.4.31%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=Cross-site%20request%20forgery%20(CSRF)&color=brighgreen)
+
+### Description
+
+Cross-site request forgery (CSRF) vulnerability exists in Ninja Forms prior to 3.4.31. If a website administrator views a malicious page while logging in, unintended operations may be performed.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+

2024/CVE-2024-25850.md

@@ -14,4 +14,5 @@ Netis WF2780 v2.1.40144 was discovered to contain a command injection vulnerabil
 
 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/tanjiti/sec_profile
 

2024/CVE-2024-26019.md

@@ -0,0 +1,17 @@
+### [CVE-2024-26019](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26019)
+![](https://img.shields.io/static/v1?label=Product&message=Ninja%20Forms&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20prior%20to%203.8.1%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=Cross-site%20scripting%20(XSS)&color=brighgreen)
+
+### Description
+
+Ninja Forms prior to 3.8.1 contains a cross-site scripting vulnerability in submit processing. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is accessing to the website using the product.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+

2024/CVE-2024-29220.md

@@ -0,0 +1,17 @@
+### [CVE-2024-29220](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29220)
+![](https://img.shields.io/static/v1?label=Product&message=Ninja%20Forms&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20prior%20to%203.8.1%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=Cross-site%20scripting%20(XSS)&color=brighgreen)
+
+### Description
+
+Ninja Forms prior to 3.8.1 contains a cross-site scripting vulnerability in custom fields for labels. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is accessing to the website using the product.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+

2024/CVE-2024-29269.md

@@ -14,5 +14,6 @@ No PoCs from references.
 
 #### Github
 - https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/tanjiti/sec_profile
 - https://github.com/wutalent/CVE-2024-29269
 

2024/CVE-2024-29399.md

@@ -0,0 +1,18 @@
+### [CVE-2024-29399](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29399)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+An issue was discovered in GNU Savane v.3.13 and before, allows a remote attacker to execute arbitrary code and escalate privileges via a crafted file to the upload.php component.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/ally-petitt/CVE-2024-29399
+- https://github.com/nomi-sec/PoC-in-GitHub
+

2024/CVE-2024-29448.md

@@ -0,0 +1,18 @@
+### [CVE-2024-29448](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29448)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+A buffer overflow vulnerability has been discovered in the C++ components of ROS2 Humble Hawksbill in ROS_VERSION 2 and ROS_PYTHON_VERSION 3, allows attackers to execute arbitrary code or cause a denial of service (DoS) via improper handling of arrays or strings.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/yashpatelphd/CVE-2024-29448
+

2024/CVE-2024-29449.md

@@ -0,0 +1,18 @@
+### [CVE-2024-29449](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29449)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+An issue was discovered in ROS2 Humble Hawksbill in ROS_VERSION 2 and ROS_PYTHON_VERSION 3, allows attackers to obtain sensitive information via man-in-the-middle attacks due to cleartext transmission of data across the ROS2 nodes' communication channels.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/yashpatelphd/CVE-2024-29449
+

2024/CVE-2024-29450.md

@@ -0,0 +1,18 @@
+### [CVE-2024-29450](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29450)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+An issue has been discovered in the permission and access control components within ROS2 Humble Hawksbill, in ROS_VERSION 2 and ROS_PYTHON_VERSION 3, allows attackers to execute arbitrary code, cause a denial of service (DoS), escalate privileges, and obtain sensitive information via the authentication system, including protocols, processes, and checks designed to verify the identities of users or devices attempting to access the ROS2 system.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/yashpatelphd/CVE-2024-29450
+

2024/CVE-2024-29452.md

@@ -0,0 +1,19 @@
+### [CVE-2024-29452](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29452)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+An insecure deserialization vulnerability has been identified in ROS2 Humble Hawksbill in ROS_VERSION 2 and ROS_PYTHON_VERSION 3, allows attackers to execute arbitrary code and obtain sensitive information via crafted input to the Data Serialization and Deserialization Components, Inter-Process Communication Mechanisms, and Network Communication Interfaces.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/yashpatelphd/CVE-2024-29452
+

2024/CVE-2024-29455.md

@@ -0,0 +1,18 @@
+### [CVE-2024-29455](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29455)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+An arbitrary file upload vulnerability has been discovered in ROS2 Humble Hawksbill in ROS_VERSION 2 and ROS_PYTHON_VERSION 3, allows attackers to execute arbitrary code, cause a denial of service (DoS), and obtain sensitive information via crafted payload to the file upload mechanism of the ROS2 system, including the server’s functionality for handling file uploads and the associated validation processes.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/yashpatelphd/CVE-2024-29455
+

2024/CVE-2024-3000.md

@@ -13,5 +13,7 @@ A vulnerability classified as critical was found in code-projects Online Book Sy
 No PoCs from references.
 
 #### Github
+- https://github.com/FoxyProxys/CVE-2024-3000
 - https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/nomi-sec/PoC-in-GitHub