From adbdd80d4e6076ab3d211827b851282f5a0dd017 Mon Sep 17 00:00:00 2001 From: trickest-workflows Date: Tue, 31 Dec 2024 04:18:52 +0000 Subject: [PATCH] Update Tue Dec 31 04:18:51 UTC 2024 --- 2002/CVE-2002-1265.md | 17 +++++++++++++++++ 2003/CVE-2003-0697.md | 17 +++++++++++++++++ 2019/CVE-2019-10664.md | 1 + 2019/CVE-2019-5994.md | 1 + 2019/CVE-2019-5995.md | 1 + 2019/CVE-2019-5998.md | 1 + 2019/CVE-2019-5999.md | 1 + 2019/CVE-2019-6000.md | 1 + 2019/CVE-2019-6001.md | 1 + 2020/CVE-2020-16849.md | 1 + 2023/CVE-2023-29749.md | 17 +++++++++++++++++ 2023/CVE-2023-29755.md | 17 +++++++++++++++++ 2023/CVE-2023-29761.md | 17 +++++++++++++++++ 2024/CVE-2024-10073.md | 17 +++++++++++++++++ 2024/CVE-2024-47745.md | 2 +- references.txt | 15 +++++++++++++++ 16 files changed, 126 insertions(+), 1 deletion(-) create mode 100644 2002/CVE-2002-1265.md create mode 100644 2003/CVE-2003-0697.md create mode 100644 2023/CVE-2023-29749.md create mode 100644 2023/CVE-2023-29755.md create mode 100644 2023/CVE-2023-29761.md create mode 100644 2024/CVE-2024-10073.md diff --git a/2002/CVE-2002-1265.md b/2002/CVE-2002-1265.md new file mode 100644 index 0000000000..9a60c378cf --- /dev/null +++ b/2002/CVE-2002-1265.md @@ -0,0 +1,17 @@ +### [CVE-2002-1265](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1265) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows remote attackers to cause a denial of service (hang). + +### POC + +#### Reference +- http://www-1.ibm.com/services/continuity/recover1.nsf/mss/MSS-OAR-E01-2004.0800.1 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2003/CVE-2003-0697.md b/2003/CVE-2003-0697.md new file mode 100644 index 0000000000..8d246e25ca --- /dev/null +++ b/2003/CVE-2003-0697.md @@ -0,0 +1,17 @@ +### [CVE-2003-0697](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0697) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Format string vulnerability in lpd in the bos.rte.printers fileset for AIX 4.3 through 5.2, with debug enabled, allows local users to cause a denial of service (crash) or gain root privileges. + +### POC + +#### Reference +- http://www-1.ibm.com/services/continuity/recover1.nsf/mss/MSS-OAR-E01-2003.1605.1 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2019/CVE-2019-10664.md b/2019/CVE-2019-10664.md index 8959a32bd6..d825038352 100644 --- a/2019/CVE-2019-10664.md +++ b/2019/CVE-2019-10664.md @@ -11,6 +11,7 @@ Domoticz before 4.10578 allows SQL Injection via the idx parameter in CWebServer #### Reference - http://packetstormsecurity.com/files/152678/Domoticz-4.10577-Unauthenticated-Remote-Command-Execution.html +- https://github.com/domoticz/domoticz/commit/ee70db46f81afa582c96b887b73bcd2a86feda00 - https://www.exploit-db.com/exploits/46773/ #### Github diff --git a/2019/CVE-2019-5994.md b/2019/CVE-2019-5994.md index 11ada6abbc..446f185e58 100644 --- a/2019/CVE-2019-5994.md +++ b/2019/CVE-2019-5994.md @@ -11,6 +11,7 @@ Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras #### Reference - https://research.checkpoint.com/say-cheese-ransomware-ing-a-dslr-camera/ +- https://www.canon-europe.com/support/product-security/ #### Github No PoCs found on GitHub currently. diff --git a/2019/CVE-2019-5995.md b/2019/CVE-2019-5995.md index d8a4afb198..b821a5cf71 100644 --- a/2019/CVE-2019-5995.md +++ b/2019/CVE-2019-5995.md @@ -11,6 +11,7 @@ Missing authorization vulnerability exists in EOS series digital cameras (EOS-1D #### Reference - https://research.checkpoint.com/say-cheese-ransomware-ing-a-dslr-camera/ +- https://www.canon-europe.com/support/product-security/ #### Github No PoCs found on GitHub currently. diff --git a/2019/CVE-2019-5998.md b/2019/CVE-2019-5998.md index ba3327cbee..0c7242c969 100644 --- a/2019/CVE-2019-5998.md +++ b/2019/CVE-2019-5998.md @@ -11,6 +11,7 @@ Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras #### Reference - https://research.checkpoint.com/say-cheese-ransomware-ing-a-dslr-camera/ +- https://www.canon-europe.com/support/product-security/ #### Github No PoCs found on GitHub currently. diff --git a/2019/CVE-2019-5999.md b/2019/CVE-2019-5999.md index 2fedf401ed..bf9c1ab580 100644 --- a/2019/CVE-2019-5999.md +++ b/2019/CVE-2019-5999.md @@ -11,6 +11,7 @@ Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras #### Reference - https://research.checkpoint.com/say-cheese-ransomware-ing-a-dslr-camera/ +- https://www.canon-europe.com/support/product-security/ #### Github No PoCs found on GitHub currently. diff --git a/2019/CVE-2019-6000.md b/2019/CVE-2019-6000.md index 802b876ad0..bfd9c803a6 100644 --- a/2019/CVE-2019-6000.md +++ b/2019/CVE-2019-6000.md @@ -11,6 +11,7 @@ Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras #### Reference - https://research.checkpoint.com/say-cheese-ransomware-ing-a-dslr-camera/ +- https://www.canon-europe.com/support/product-security/ #### Github No PoCs found on GitHub currently. diff --git a/2019/CVE-2019-6001.md b/2019/CVE-2019-6001.md index a7ba3dfaf9..0d03e2ac49 100644 --- a/2019/CVE-2019-6001.md +++ b/2019/CVE-2019-6001.md @@ -11,6 +11,7 @@ Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras #### Reference - https://research.checkpoint.com/say-cheese-ransomware-ing-a-dslr-camera/ +- https://www.canon-europe.com/support/product-security/ #### Github No PoCs found on GitHub currently. diff --git a/2020/CVE-2020-16849.md b/2020/CVE-2020-16849.md index 0325c0d736..ce4c3ce8ab 100644 --- a/2020/CVE-2020-16849.md +++ b/2020/CVE-2020-16849.md @@ -11,6 +11,7 @@ An issue was discovered on Canon MF237w 06.07 devices. An "Improper Handling of #### Reference - https://blog.scadafence.com/vulnerability-report-cve-2020-16849 +- https://www.canon-europe.com/support/product-security/ #### Github No PoCs found on GitHub currently. diff --git a/2023/CVE-2023-29749.md b/2023/CVE-2023-29749.md new file mode 100644 index 0000000000..feefc5ec64 --- /dev/null +++ b/2023/CVE-2023-29749.md @@ -0,0 +1,17 @@ +### [CVE-2023-29749](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29749) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue found in Yandex Navigator v.6.60 for Android allows unauthorized apps to cause escalation of privilege attacks by manipulating the SharedPreference files. + +### POC + +#### Reference +- https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29749/CVE%20detailed.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-29755.md b/2023/CVE-2023-29755.md new file mode 100644 index 0000000000..b201032016 --- /dev/null +++ b/2023/CVE-2023-29755.md @@ -0,0 +1,17 @@ +### [CVE-2023-29755](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29755) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue found in Twilight v.13.3 for Android allows unauthorized apps to cause escalation of privilege attacks by manipulating the SharedPreference files. + +### POC + +#### Reference +- https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29755/CVE%20detailed.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-29761.md b/2023/CVE-2023-29761.md new file mode 100644 index 0000000000..aa6576cca5 --- /dev/null +++ b/2023/CVE-2023-29761.md @@ -0,0 +1,17 @@ +### [CVE-2023-29761](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29761) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue found in Sleep v.20230303 for Android allows unauthorized apps to cause a persistent denial of service by manipulating the SharedPreference files. + +### POC + +#### Reference +- https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29761/CVE%20detailed.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-10073.md b/2024/CVE-2024-10073.md new file mode 100644 index 0000000000..1dcf78538c --- /dev/null +++ b/2024/CVE-2024-10073.md @@ -0,0 +1,17 @@ +### [CVE-2024-10073](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10073) +![](https://img.shields.io/static/v1?label=Product&message=flair&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%200.14.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Code%20Injection&color=brighgreen) + +### Description + +A vulnerability, which was classified as critical, was found in flairNLP flair 0.14.0. Affected is the function ClusteringModel of the file flair\models\clustering.py of the component Mode File Loader. The manipulation leads to code injection. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. + +### POC + +#### Reference +- https://vuldb.com/?submit.420055 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-47745.md b/2024/CVE-2024-47745.md index 6dc38dad24..91aad4395e 100644 --- a/2024/CVE-2024-47745.md +++ b/2024/CVE-2024-47745.md @@ -10,7 +10,7 @@ In the Linux kernel, the following vulnerability has been resolved:mm: call the ### POC #### Reference -No PoCs from references. +- https://git.kernel.org/stable/c/49d3a4ad57c57227c3b0fd6cd4188b2a5ebd6178 #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/references.txt b/references.txt index 9c94d5e1ad..f9014cebb9 100644 --- a/references.txt +++ b/references.txt @@ -388,6 +388,7 @@ CVE-2002-1217 - http://marc.info/?l=bugtraq&m=103470310417576&w=2 CVE-2002-1217 - http://marc.info/?l=ntbugtraq&m=103470202010570&w=2 CVE-2002-1222 - http://www.cisco.com/warp/public/707/catos-http-overflow-vuln.shtml CVE-2002-1254 - http://marc.info/?l=bugtraq&m=103530131201191&w=2 +CVE-2002-1265 - http://www-1.ibm.com/services/continuity/recover1.nsf/mss/MSS-OAR-E01-2004.0800.1 CVE-2002-1317 - http://www.securityfocus.com/bid/6241 CVE-2002-1337 - http://marc.info/?l=bugtraq&m=104678739608479&w=2 CVE-2002-1338 - http://marc.info/?l=bugtraq&m=101830175621193&w=2 @@ -604,6 +605,7 @@ CVE-2003-0655 - http://marc.info/?l=bugtraq&m=105978381618095&w=2 CVE-2003-0685 - http://marc.info/?l=bugtraq&m=106071059430211&w=2 CVE-2003-0686 - https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A469 CVE-2003-0693 - http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/010135.html +CVE-2003-0697 - http://www-1.ibm.com/services/continuity/recover1.nsf/mss/MSS-OAR-E01-2003.1605.1 CVE-2003-0699 - http://www.redhat.com/support/errata/RHSA-2003-239.html CVE-2003-0717 - http://marc.info/?l=bugtraq&m=106666713812158&w=2 CVE-2003-0719 - https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A903 @@ -60590,6 +60592,7 @@ CVE-2019-10662 - https://github.com/scarvell/grandstream_exploits CVE-2019-10662 - https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=23920&dl=1 CVE-2019-10663 - https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=23920&dl=1 CVE-2019-10664 - http://packetstormsecurity.com/files/152678/Domoticz-4.10577-Unauthenticated-Remote-Command-Execution.html +CVE-2019-10664 - https://github.com/domoticz/domoticz/commit/ee70db46f81afa582c96b887b73bcd2a86feda00 CVE-2019-10664 - https://www.exploit-db.com/exploits/46773/ CVE-2019-10669 - http://packetstormsecurity.com/files/154391/LibreNMS-Collectd-Command-Injection.html CVE-2019-10673 - http://packetstormsecurity.com/files/152315/WordPress-Ultimate-Member-2.0.38-Cross-Site-Request-Forgery.html @@ -66679,12 +66682,18 @@ CVE-2019-5980 - https://wpvulndb.com/vulnerabilities/9336 CVE-2019-5983 - https://wpvulndb.com/vulnerabilities/9438 CVE-2019-5984 - https://wpvulndb.com/vulnerabilities/9439 CVE-2019-5994 - https://research.checkpoint.com/say-cheese-ransomware-ing-a-dslr-camera/ +CVE-2019-5994 - https://www.canon-europe.com/support/product-security/ CVE-2019-5995 - https://research.checkpoint.com/say-cheese-ransomware-ing-a-dslr-camera/ +CVE-2019-5995 - https://www.canon-europe.com/support/product-security/ CVE-2019-5997 - http://downloadvi.com/downloads/IPServer/v7.6/760272/v760272RN.pdf CVE-2019-5998 - https://research.checkpoint.com/say-cheese-ransomware-ing-a-dslr-camera/ +CVE-2019-5998 - https://www.canon-europe.com/support/product-security/ CVE-2019-5999 - https://research.checkpoint.com/say-cheese-ransomware-ing-a-dslr-camera/ +CVE-2019-5999 - https://www.canon-europe.com/support/product-security/ CVE-2019-6000 - https://research.checkpoint.com/say-cheese-ransomware-ing-a-dslr-camera/ +CVE-2019-6000 - https://www.canon-europe.com/support/product-security/ CVE-2019-6001 - https://research.checkpoint.com/say-cheese-ransomware-ing-a-dslr-camera/ +CVE-2019-6001 - https://www.canon-europe.com/support/product-security/ CVE-2019-6009 - https://github.com/shirasagi/shirasagi/commit/6016948ea535e51b16535888af13df064a1a15d3 CVE-2019-6009 - https://github.com/shirasagi/shirasagi/commit/6016948ea535e51b16535888af13df064a1a15d3.patch CVE-2019-6109 - https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf @@ -70880,6 +70889,7 @@ CVE-2020-16845 - https://www.oracle.com/security-alerts/cpuApr2021.html CVE-2020-16846 - http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html CVE-2020-16846 - https://github.com/saltstack/salt/releases CVE-2020-16849 - https://blog.scadafence.com/vulnerability-report-cve-2020-16849 +CVE-2020-16849 - https://www.canon-europe.com/support/product-security/ CVE-2020-16850 - https://blog.scadafence.com/vulnerability-in-mitsubishi-electric-melsec-iq-r-series CVE-2020-16875 - http://packetstormsecurity.com/files/159210/Microsoft-Exchange-Server-DlpUtils-AddTenantDlpPolicy-Remote-Code-Execution.html CVE-2020-1693 - https://zeroauth.ltd/blog/2020/02/18/proof-of-concept-exploit-for-cve-2020-1693-spacewalk/ @@ -97285,12 +97295,15 @@ CVE-2023-29745 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-2974 CVE-2023-29746 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29746/CVE%20detail.md CVE-2023-29747 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29747/CVE%20detail.md CVE-2023-29748 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29748/CVE%20detail.md +CVE-2023-29749 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29749/CVE%20detailed.md CVE-2023-29751 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29751/CVE%20detailed.md CVE-2023-29752 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29752/CVE%20detailed.md CVE-2023-29753 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29753/CVE%20detailed.md +CVE-2023-29755 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29755/CVE%20detailed.md CVE-2023-29756 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29756/CVE%20detailed.md CVE-2023-29758 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29758/CVE%20detailed.md CVE-2023-29759 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29759/CVE%20detailed.md +CVE-2023-29761 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29761/CVE%20detailed.md CVE-2023-29766 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29766/CVE%20detailed.md CVE-2023-29767 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29767/CVE%20detailed.md CVE-2023-29770 - https://github.com/sapplica/sentrifugo/issues/384 @@ -101915,6 +101928,7 @@ CVE-2024-10010 - https://wpscan.com/vulnerability/8a258d33-a354-4cbb-bfcb-31b7f1 CVE-2024-10024 - https://gist.github.com/higordiego/b0083f7f12dee245c2fbe7102e31d9a4 CVE-2024-10025 - https://www.first.org/cvss/calculator/3.1 CVE-2024-10027 - https://wpscan.com/vulnerability/a94c7b64-720a-47f1-a74a-691c3a9ed3a1/ +CVE-2024-10073 - https://vuldb.com/?submit.420055 CVE-2024-1008 - https://vuldb.com/?id.252277 CVE-2024-1009 - https://youtu.be/oL98TSjy89Q?si=_T6YkJZlbn7SJ4Gn CVE-2024-1010 - https://github.com/jomskiller/Employee-Management-System---Stored-XSS @@ -106205,6 +106219,7 @@ CVE-2024-4759 - https://wpscan.com/vulnerability/1c7547fa-539a-4890-a94d-c57b3d0 CVE-2024-4768 - https://bugzilla.mozilla.org/show_bug.cgi?id=1886082 CVE-2024-4769 - https://bugzilla.mozilla.org/show_bug.cgi?id=1886108 CVE-2024-4773 - https://bugzilla.mozilla.org/show_bug.cgi?id=1875248 +CVE-2024-47745 - https://git.kernel.org/stable/c/49d3a4ad57c57227c3b0fd6cd4188b2a5ebd6178 CVE-2024-4775 - https://bugzilla.mozilla.org/show_bug.cgi?id=1887332 CVE-2024-47765 - https://github.com/jgniecki/MinecraftMotdParser/security/advisories/GHSA-q898-frwq-f3qp CVE-2024-47769 - https://github.com/idurar/idurar-erp-crm/security/advisories/GHSA-948g-2vm7-mfv7