Skip to content

Commit

Permalink
Update Mon Dec 30 04:13:45 UTC 2024
Browse files Browse the repository at this point in the history
  • Loading branch information
@trickest-workflows
trickest-workflows committed Dec 30, 2024
1 parent 763e9ec commit 9796ddb
Show file tree
Hide file tree
Showing 4 changed files with 54 additions and 0 deletions.
17 changes: 17 additions & 0 deletions 2017/CVE-2017-18790.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
### [CVE-2017-18790](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18790)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R6700 before 1.0.1.26, R7000 before 1.0.9.10, R7100LG before 1.0.0.32, R7900 before 1.0.1.18, R8000 before 1.0.3.54, and R8500 before 1.0.2.100.

### POC

#### Reference
- https://kb.netgear.com/000049372/Security-Advisory-for-Sensitive-Information-Disclosure-Vulnerability-on-Some-Routers-PSV-2017-0317

#### Github
No PoCs found on GitHub currently.

17 changes: 17 additions & 0 deletions 2019/CVE-2019-19601.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
### [CVE-2019-19601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19601)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

OpenDetex 2.8.5 has a Buffer Overflow in TexOpen in detex.l because of an incorrect sprintf.

### POC

#### Reference
- https://github.com/pkubowicz/opendetex/issues/60

#### Github
No PoCs found on GitHub currently.

17 changes: 17 additions & 0 deletions 2020/CVE-2020-7465.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
### [CVE-2020-7465](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7465)
![](https://img.shields.io/static/v1?label=Product&message=MPD%3A%20FreeBSD%20PPP%20daemon&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-787%3A%20Out-of-bounds%20Write&color=brighgreen)

### Description

The L2TP implementation of MPD before 5.9 allows a remote attacker who can send specifically crafted L2TP control packet with AVP Q.931 Cause Code to execute arbitrary code or cause a denial of service (memory corruption).

### POC

#### Reference
- https://sourceforge.net/p/mpd/svn/2377/

#### Github
No PoCs found on GitHub currently.

3 changes: 3 additions & 0 deletions references.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48218,6 +48218,7 @@ CVE-2017-18783 - https://kb.netgear.com/000049536/Security-Advisory-for-Cross-Si
CVE-2017-18784 - https://kb.netgear.com/000049535/Security-Advisory-for-Cross-Site-Scripting-on-Some-Routers-PSV-2017-2951
CVE-2017-18785 - https://kb.netgear.com/000049534/Security-Advisory-for-Cross-Site-Scripting-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2950
CVE-2017-18788 - https://kb.netgear.com/000049527/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2947
CVE-2017-18790 - https://kb.netgear.com/000049372/Security-Advisory-for-Sensitive-Information-Disclosure-Vulnerability-on-Some-Routers-PSV-2017-0317
CVE-2017-18793 - https://kb.netgear.com/000049369/Security-Advisory-for-Command-Injection-Vulnerability-on-R7800-PSV-2017-0618
CVE-2017-18798 - https://kb.netgear.com/000049358/Security-Advisory-for-Security-Misconfiguration-Vulnerability-on-Some-Routers-and-Some-DSL-Modem-Routers-PSV-2017-2159
CVE-2017-18800 - https://kb.netgear.com/000049356/Security-Advisory-for-Reflected-Cross-Site-Scripting-Vulnerability-on-R6700v2-and-R6800-PSV-2017-2162
Expand Down Expand Up @@ -64411,6 +64412,7 @@ CVE-2019-19594 - https://ia-informatica.com/it/CVE-2019-19594
CVE-2019-19595 - https://ia-informatica.com/it/CVE-2019-19595
CVE-2019-19597 - https://chung96vn.wordpress.com/2019/11/15/d-link-dap-1860-vulnerabilities/
CVE-2019-19598 - https://chung96vn.wordpress.com/2019/11/15/d-link-dap-1860-vulnerabilities/
CVE-2019-19601 - https://github.com/pkubowicz/opendetex/issues/60
CVE-2019-19602 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.2
CVE-2019-19603 - https://www.oracle.com/security-alerts/cpuapr2020.html
CVE-2019-19603 - https://www.sqlite.org/
Expand Down Expand Up @@ -75498,6 +75500,7 @@ CVE-2020-7377 - https://github.com/rapid7/metasploit-framework/issues/14015
CVE-2020-7384 - http://packetstormsecurity.com/files/160004/Rapid7-Metasploit-Framework-msfvenom-APK-Template-Command-Injection.html
CVE-2020-7384 - http://packetstormsecurity.com/files/161200/Metasploit-Framework-6.0.11-Command-Injection.html
CVE-2020-7457 - http://packetstormsecurity.com/files/158695/FreeBSD-ip6_setpktopt-Use-After-Free-Privilege-Escalation.html
CVE-2020-7465 - https://sourceforge.net/p/mpd/svn/2377/
CVE-2020-7470 - https://sku11army.blogspot.com/2020/01/sonoff-sonoff-th-module-vuln-xss.html
CVE-2020-7483 - https://www.se.com/ww/en/download/document/SESB-2020-105-01
CVE-2020-7484 - https://www.se.com/ww/en/download/document/SESB-2020-105-01
Expand Down

0 comments on commit 9796ddb

Please sign in to comment.