Muhammad Daffa
90776cea1c
Create CVE-2020-14461.yaml
2021-07-16 18:52:12 +07:00
Regala
6aef970258
Update CVE-2020-17362.yaml
...
Added "nova-lite" matcher; massively reduce false positives.
2021-07-16 12:19:30 +01:00
Prince Chaddha
0c4a223fa0
Update CVE-2016-10960.yaml
2021-07-16 11:13:17 +05:30
Prince Chaddha
900347eeb4
Merge pull request #2044 from daffainfo/patch-72
...
Create CVE-2017-17043.yaml
2021-07-16 11:07:52 +05:30
Prince Chaddha
84223eb0b8
Merge pull request #2033 from daffainfo/patch-67
...
Create CVE-2018-11709.yaml
2021-07-16 11:07:42 +05:30
Prince Chaddha
247c964e78
Merge pull request #2034 from daffainfo/patch-68
...
Create CVE-2018-5316.yaml
2021-07-16 11:07:32 +05:30
Prince Chaddha
f977df559c
Update CVE-2018-11709.yaml
2021-07-16 11:05:11 +05:30
Prince Chaddha
cbd0d293bd
Merge pull request #2031 from daffainfo/patch-65
...
Create CVE-2019-15713.yaml
2021-07-16 11:02:45 +05:30
Prince Chaddha
19820c14d9
Merge pull request #2032 from daffainfo/patch-66
...
Create CVE-2018-20462.yaml
2021-07-16 11:02:35 +05:30
Prince Chaddha
da4b0d4da7
Update CVE-2018-20462.yaml
2021-07-16 11:01:29 +05:30
Prince Chaddha
39dbf2a36c
Merge pull request #2030 from daffainfo/patch-64
...
Create CVE-2019-16332.yaml
2021-07-16 11:00:34 +05:30
Prince Chaddha
a08eed7ce8
Update CVE-2019-15713.yaml
2021-07-16 11:00:01 +05:30
Prince Chaddha
a78e6caafc
Update CVE-2019-16332.yaml
2021-07-16 10:57:50 +05:30
Prince Chaddha
a047cd77ff
Update CVE-2017-17043.yaml
2021-07-16 10:50:55 +05:30
Prince Chaddha
ffb5edffd8
Merge pull request #2042 from daffainfo/patch-70
...
Create CVE-2017-17451.yaml
2021-07-16 10:49:33 +05:30
Prince Chaddha
c7d0efa420
Merge pull request #2043 from daffainfo/patch-71
...
Create CVE-2017-17059.yaml
2021-07-16 10:49:20 +05:30
Prince Chaddha
be7247bc77
Update CVE-2017-17059.yaml
2021-07-16 10:44:57 +05:30
Prince Chaddha
7ae1641822
Merge pull request #2041 from daffainfo/patch-69
...
Create CVE-2017-18536.yaml
2021-07-16 10:43:08 +05:30
Prince Chaddha
f0d1da0d2e
Update CVE-2017-17451.yaml
2021-07-16 10:43:04 +05:30
Prince Chaddha
a7f2472922
Update CVE-2017-18536.yaml
2021-07-16 10:41:33 +05:30
Prince Chaddha
4287359c29
Update CVE-2017-9288.yaml
2021-07-16 10:30:43 +05:30
Muhammad Daffa
03698a57ee
Create CVE-2017-9288.yaml
2021-07-16 11:28:40 +07:00
Muhammad Daffa
5be858f2d6
Create CVE-2017-17043.yaml
2021-07-16 11:27:01 +07:00
Muhammad Daffa
2a76b19a36
Create CVE-2017-17059.yaml
2021-07-16 11:25:24 +07:00
Muhammad Daffa
d07faf8034
Create CVE-2017-17451.yaml
2021-07-16 11:22:53 +07:00
Muhammad Daffa
e89607941c
Create CVE-2017-18536.yaml
2021-07-16 11:20:28 +07:00
sandeep
94ae6ea0bf
Added tag
2021-07-15 23:47:05 +05:30
sandeep
97dfd43f1e
Added tag and removed unsafe
2021-07-15 23:46:08 +05:30
Muhammad Daffa
5bee8dd716
Create CVE-2018-5316.yaml
2021-07-16 00:16:27 +07:00
Muhammad Daffa
9d84281202
Create CVE-2018-11709.yaml
2021-07-16 00:14:42 +07:00
Muhammad Daffa
367f5d225d
Create CVE-2018-20462.yaml
2021-07-16 00:12:52 +07:00
Muhammad Daffa
bf68e5060d
Create CVE-2019-15713.yaml
2021-07-16 00:09:33 +07:00
Muhammad Daffa
28278b45a2
Create CVE-2019-16332.yaml
2021-07-16 00:06:33 +07:00
Muhammad Daffa
8a28dc1935
Create CVE-2019-16525.yaml
2021-07-15 19:30:44 +07:00
Prince Chaddha
56d5386c77
Merge pull request #1939 from daffainfo/patch-22
...
Create CVE-2012-4768.yaml
2021-07-15 17:45:48 +05:30
Prince Chaddha
05be6d517c
Merge pull request #2019 from Akokonunes/patch-22
...
Create CVE-2018-9118.yaml
2021-07-15 17:42:39 +05:30
Prince Chaddha
f13d61c128
Update CVE-2018-9118.yaml
2021-07-15 17:41:16 +05:30
Prince Chaddha
42fd30dfd8
Update and rename CVE-2018-9118.yaml to cves/2018/CVE-2018-9118.yaml
2021-07-15 17:40:37 +05:30
Prince Chaddha
2081c6d259
Merge pull request #2024 from daffainfo/patch-62
...
Create CVE-2019-19134.yaml
2021-07-15 17:30:28 +05:30
Prince Chaddha
b7d2ac2843
Merge pull request #2023 from daffainfo/patch-61
...
Create CVE-2020-12054.yaml
2021-07-15 17:27:05 +05:30
Prince Chaddha
22a16b4b17
Update CVE-2019-19134.yaml
2021-07-15 17:26:55 +05:30
Prince Chaddha
89112a18d6
Update CVE-2020-12054.yaml
2021-07-15 17:25:22 +05:30
Prince Chaddha
93293c986a
Update CVE-2020-17362.yaml
2021-07-15 17:22:49 +05:30
Muhammad Daffa
f816c58bac
Create CVE-2019-19134.yaml
2021-07-15 18:40:17 +07:00
Muhammad Daffa
cb364b16c5
Update CVE-2020-12054.yaml
2021-07-15 18:30:38 +07:00
Muhammad Daffa
dc2cf528bd
Create CVE-2020-12054.yaml
2021-07-15 18:27:45 +07:00
Muhammad Daffa
6d3e02ddc1
Create CVE-2020-17362.yaml
2021-07-15 18:14:59 +07:00
Prince Chaddha
ee1719ee26
Update CVE-2012-1835.yaml
2021-07-15 15:07:53 +05:30
Prince Chaddha
321fcfdac1
Update CVE-2012-1835.yaml
2021-07-15 15:05:55 +05:30
Prince Chaddha
217ae33414
Merge pull request #1999 from daffainfo/patch-46
...
Create CVE-2015-9480.yaml
2021-07-15 15:04:45 +05:30
Prince Chaddha
36e366f0e7
Merge pull request #2002 from daffainfo/patch-47
...
Create CVE-2011-5106.yaml
2021-07-15 15:04:17 +05:30
Prince Chaddha
a13090dd4b
Update CVE-2012-1835.yaml
2021-07-15 15:01:21 +05:30
Prince Chaddha
6ba8600282
Update CVE-2011-5106.yaml
2021-07-15 14:54:35 +05:30
Prince Chaddha
7e9ba472a0
Merge pull request #2012 from daffainfo/patch-56
...
Create CVE-2011-1669.yaml
2021-07-15 14:53:20 +05:30
Prince Chaddha
456f5d6b15
Merge pull request #2014 from daffainfo/patch-57
...
Create CVE-2021-24320.yaml
2021-07-15 14:51:34 +05:30
Prince Chaddha
d00d4f37f5
Update CVE-2021-24320.yaml
2021-07-15 14:43:35 +05:30
GwanYeong Kim
f8f9f539ea
Create CVE-2020-35713.yaml
...
Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote attackers to execute arbitrary commands or set a new password via shell metacharacters to the goform/setSysAdm page.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-15 18:10:11 +09:00
Prince Chaddha
39def9b6e1
Merge pull request #2008 from daffainfo/patch-53
...
Create CVE-2021-24335.yaml
2021-07-15 14:35:27 +05:30
Prince Chaddha
e79277cef1
Merge pull request #2005 from daffainfo/patch-50
...
Create CVE-2012-4273.yaml
2021-07-15 14:35:12 +05:30
Prince Chaddha
96e8a1fb0a
Merge pull request #2011 from daffainfo/patch-55
...
Create CVE-2019-9618.yaml
2021-07-15 14:33:33 +05:30
Prince Chaddha
9e3fe02a38
Merge pull request #2007 from daffainfo/patch-52
...
Create CVE-2014-4513.yaml
2021-07-15 14:33:16 +05:30
Prince Chaddha
d73599eb3c
Merge pull request #2006 from daffainfo/patch-51
...
Create CVE-2021-24389.yaml
2021-07-15 14:32:09 +05:30
Prince Chaddha
a7b69d34f5
Update CVE-2012-4273.yaml
2021-07-15 14:31:25 +05:30
Prince Chaddha
799e7109c3
Update CVE-2021-24389.yaml
2021-07-15 14:30:23 +05:30
Prince Chaddha
75c7fa04e3
Update CVE-2014-4513.yaml
2021-07-15 14:28:58 +05:30
Prince Chaddha
7a1e276d7b
Update CVE-2021-24335.yaml
2021-07-15 14:27:55 +05:30
Prince Chaddha
fb1f67ce26
Rename CVE-2016-10960.yaml to cves/2016/CVE-2016-10960.yaml
2021-07-15 14:21:17 +05:30
Prince Chaddha
c20a208c4a
Update CVE-2019-9618.yaml
2021-07-15 14:20:42 +05:30
Prince Chaddha
5cab7d67e4
Update CVE-2011-1669.yaml
2021-07-15 14:20:03 +05:30
Prince Chaddha
caa5ceecca
Update CVE-2015-9480.yaml
2021-07-15 14:16:52 +05:30
Prince Chaddha
2f41c4de62
Update CVE-2021-24298.yaml
2021-07-15 14:15:49 +05:30
GwanYeong Kim
1c729ab1ea
Create CVE-2021-31755.yaml
...
Vulnerabilities in the web-based management interface of enda Router AC11 could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-15 15:09:26 +09:00
GwanYeong Kim
a3699d912a
Create CVE-2020-25506.yaml
...
The exploit targets a command injection vulnerability in a system_mgr.cgi component. The component does not successfully sanitize the value of the HTTP parameters f_ntp_server, which in turn leads to arbitrary command execution.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-15 14:28:14 +09:00
Muhammad Daffa
031cd24480
Create CVE-2021-24298.yaml
2021-07-15 10:52:21 +07:00
Muhammad Daffa
ca75afe52c
Create CVE-2021-24320.yaml
2021-07-15 10:38:35 +07:00
Muhammad Daffa
3c2a1cd727
Create CVE-2011-1669.yaml
2021-07-15 10:01:50 +07:00
Muhammad Daffa
3fa2bf156a
Create CVE-2019-9618.yaml
2021-07-15 09:48:59 +07:00
GwanYeong Kim
67ae44be04
Create CVE-2020-26919.yaml
...
it was found that every section of the web could be used as a valid endpoint to submit POST requests being the action defined by the submitId argument. The problem was located in the login.html webpage, that has to be publicly available to perform login requests but does not implement any restriction for executing debug actions. This will allow users execute system commands.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-15 10:54:56 +09:00
Muhammad Daffa
e34ec6c05c
Create CVE-2021-24335.yaml
2021-07-15 07:06:50 +07:00
Muhammad Daffa
1dedb2aee5
Create CVE-2014-4513.yaml
2021-07-15 06:59:13 +07:00
Muhammad Daffa
6a0d2d2b90
Create CVE-2021-24389.yaml
2021-07-15 06:54:35 +07:00
Muhammad Daffa
ad69ef25cb
Create CVE-2012-4273.yaml
2021-07-15 06:51:46 +07:00
Muhammad Daffa
b3766162cc
Create CVE-2012-1835.yaml
2021-07-15 06:19:57 +07:00
Muhammad Daffa
65166046e7
Create CVE-2011-5106.yaml
2021-07-15 06:17:43 +07:00
Muhammad Daffa
e43c3befdf
Create CVE-2015-9480.yaml
2021-07-14 21:13:26 +07:00
Prince Chaddha
f218ea12ee
Update CVE-2012-4768.yaml
2021-07-14 19:28:30 +05:30
Prince Chaddha
85a6271c20
Merge pull request #1996 from daffainfo/patch-45
...
Create CVE-2015-1000012.yaml
2021-07-14 19:27:29 +05:30
Prince Chaddha
e904f97937
Update CVE-2015-1000012.yaml
2021-07-14 19:26:20 +05:30
Prince Chaddha
6559a49a8e
Merge pull request #1972 from daffainfo/patch-33
...
Create CVE-2013-4625.yaml
2021-07-14 19:24:05 +05:30
Prince Chaddha
127b66c546
Merge pull request #1995 from daffainfo/patch-44
...
Create CVE-2016-10956.yaml
2021-07-14 19:23:54 +05:30
Prince Chaddha
ecdb1b3204
Merge pull request #1977 from daffainfo/patch-36
...
Create CVE-2011-4618.yaml
2021-07-14 19:22:35 +05:30
Prince Chaddha
336ea26181
Update CVE-2013-4625.yaml
2021-07-14 19:22:11 +05:30
Prince Chaddha
57e03632d0
Merge pull request #1971 from daffainfo/patch-32
...
Create CVE-2013-4117.yaml
2021-07-14 19:15:55 +05:30
Prince Chaddha
3f5a32b61c
Update CVE-2013-4117.yaml
2021-07-14 19:14:56 +05:30
Prince Chaddha
f76c9151e9
Merge pull request #1984 from daffainfo/patch-43
...
Create CVE-2012-5913.yaml
2021-07-14 19:09:47 +05:30
Prince Chaddha
6981caf971
Merge pull request #1983 from daffainfo/patch-42
...
Create CVE-2012-2371.yaml
2021-07-14 19:08:24 +05:30
Prince Chaddha
0af70752fc
Update CVE-2012-5913.yaml
2021-07-14 19:08:13 +05:30
Prince Chaddha
0767a5b9f3
Update CVE-2012-2371.yaml
2021-07-14 19:07:09 +05:30
Prince Chaddha
6e7d5ad05f
Merge pull request #1982 from daffainfo/patch-41
...
Create CVE-2012-0901.yaml
2021-07-14 19:06:28 +05:30
Prince Chaddha
4abd3903e7
Merge pull request #1981 from daffainfo/patch-40
...
Create CVE-2011-5265.yaml
2021-07-14 18:48:13 +05:30
Prince Chaddha
4f92a44481
Update CVE-2012-0901.yaml
2021-07-14 18:48:09 +05:30
Prince Chaddha
79881e5a53
Update CVE-2011-5265.yaml
2021-07-14 18:47:04 +05:30
Prince Chaddha
81186887f0
Merge pull request #1980 from daffainfo/patch-39
...
Create CVE-2011-5181.yaml
2021-07-14 18:45:58 +05:30
Prince Chaddha
7f210b692a
Update CVE-2011-5265.yaml
2021-07-14 18:45:47 +05:30
Prince Chaddha
aedb24576f
Merge pull request #1979 from daffainfo/patch-38
...
Create CVE-2011-5179.yaml
2021-07-14 18:40:12 +05:30
Prince Chaddha
42395f3cf0
Update CVE-2011-5181.yaml
2021-07-14 18:40:07 +05:30
Prince Chaddha
0dc763a5e2
Merge pull request #1978 from daffainfo/patch-37
...
Create CVE-2011-5107.yaml
2021-07-14 18:39:18 +05:30
Prince Chaddha
31c69d6a53
Update CVE-2011-5179.yaml
2021-07-14 18:39:10 +05:30
Prince Chaddha
b24958c966
Update CVE-2011-5107.yaml
2021-07-14 18:38:27 +05:30
Prince Chaddha
49b8f5dced
Merge pull request #1976 from daffainfo/patch-35
...
Create CVE-2011-4926.yaml
2021-07-14 18:37:31 +05:30
Prince Chaddha
4530f816e7
Update CVE-2011-4618.yaml
2021-07-14 18:37:19 +05:30
Prince Chaddha
aa49f5249c
Merge pull request #1975 from daffainfo/patch-34
...
Create CVE-2011-4624.yaml
2021-07-14 18:36:28 +05:30
Prince Chaddha
2f3470ca1f
Update CVE-2011-4926.yaml
2021-07-14 18:36:19 +05:30
Muhammad Daffa
f63f825283
Create CVE-2015-1000012.yaml
2021-07-14 18:10:41 +07:00
Muhammad Daffa
08e3f1af84
Create CVE-2016-10956.yaml
2021-07-14 18:03:54 +07:00
Prince Chaddha
74c4f507b5
Update CVE-2011-4624.yaml
2021-07-14 16:20:22 +05:30
sandeep
f7259df034
typo update
2021-07-14 15:38:56 +05:30
Geeknik Labs
fc35b4c56d
Update CVE-2017-5487.yaml
...
Fixes #1985
2021-07-13 18:58:52 +00:00
Muhammad Daffa
e2221a68f6
Create CVE-2012-5913.yaml
2021-07-14 00:15:23 +07:00
Muhammad Daffa
660d2341fb
Create CVE-2012-2371.yaml
2021-07-14 00:14:36 +07:00
Muhammad Daffa
a64856f005
Create CVE-2012-0901.yaml
2021-07-14 00:13:20 +07:00
Muhammad Daffa
52712e1738
Create CVE-2011-5265.yaml
2021-07-14 00:12:07 +07:00
Muhammad Daffa
2171814982
Update CVE-2011-5181.yaml
2021-07-14 00:10:26 +07:00
Muhammad Daffa
cdc64106ad
Create CVE-2011-5181.yaml
2021-07-14 00:08:59 +07:00
Muhammad Daffa
a6ec5edc8d
Create CVE-2011-5179.yaml
2021-07-14 00:07:06 +07:00
Muhammad Daffa
206ed76058
Create CVE-2011-5107.yaml
2021-07-14 00:05:34 +07:00
Muhammad Daffa
7b1fb46547
Create CVE-2011-4618.yaml
2021-07-14 00:03:30 +07:00
Muhammad Daffa
a165adadae
Create CVE-2011-4926.yaml
2021-07-13 23:44:37 +07:00
Muhammad Daffa
4946a5d8a7
Create CVE-2011-4624.yaml
2021-07-13 23:42:57 +07:00
sandeep
b6ec1c2abb
Added reference
2021-07-13 19:22:59 +05:30
Sandeep Singh
b4e21feadd
Rename cve-2021-24472.yaml to CVE-2021-24472.yaml
2021-07-13 19:21:21 +05:30
sandeep
6d6b30e9cf
matcher update
2021-07-13 19:20:10 +05:30
Muhammad Daffa
0871ccb042
Create CVE-2013-4625.yaml
2021-07-13 20:48:19 +07:00
Muhammad Daffa
f29b55b6cc
Create CVE-2013-4117.yaml
2021-07-13 20:45:32 +07:00
Suman Kar
9aeac41fbc
Onair2 < 3.9.9.2 & KenthaRadio < 2.0.2 - Unauthenticated RFI and SSRF
2021-07-13 18:42:05 +05:30
Sandeep Singh
51834499f8
Merge pull request #1944 from daffainfo/patch-23
...
Create CVE-2012-4242.yaml
2021-07-13 16:45:39 +05:30
Sandeep Singh
858a6b48de
Merge pull request #1946 from daffainfo/patch-25
...
Create CVE-2013-2287.yaml
2021-07-13 16:43:05 +05:30
Sandeep Singh
9a09d52520
Merge pull request #1951 from gy741/rule-add-v22
...
Create CVE-2021-33544.yaml
2021-07-13 16:30:44 +05:30
Sandeep Singh
43d4644164
Update CVE-2021-33544.yaml
2021-07-13 16:29:55 +05:30
Sandeep Singh
bb53177a74
Update CVE-2021-33544.yaml
2021-07-13 16:26:33 +05:30
Sandeep Singh
8c4f1dfe43
Merge pull request #1954 from Akokonunes/patch-18
...
Create CVE-2015-7823
2021-07-13 15:06:48 +05:30
sandeep
dfd9a2592b
moving files around
2021-07-13 15:04:42 +05:30
Sandeep Singh
89e1a8da93
Merge pull request #1962 from dwisiswant0/hotfix/CVE-2020-24148
2021-07-13 05:01:01 +05:30
Dwi Siswanto
a91516cbb5
Misplaced of CVE-2020-24148
2021-07-13 05:24:03 +07:00
Sandeep Singh
e23f378fe8
Merge pull request #1943 from gy741/rule-add-v21
...
Create CVE-2021-30497.yaml
2021-07-13 01:00:59 +05:30
Sandeep Singh
dec41b5631
Merge pull request #1950 from dwisiswant0/add/CVE-2020-24148
...
Add CVE-2020-24148
2021-07-13 00:52:08 +05:30
GwanYeong Kim
0e1e727bb1
Create CVE-2021-33544.yaml
...
Multiple vulnerabilities in the web-based management interface of Geutebruck could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.
CVE-2021-33543 : Authentication Bypass
CVE-2021-33544 : Command injection multiple parameters
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-12 13:10:31 +09:00
Dwi Siswanto
4ea2c71a3d
Add CVE-2020-24148
2021-07-12 09:24:50 +07:00
Muhammad Daffa
9788955ebd
Create CVE-2013-2287.yaml
2021-07-11 17:18:20 +07:00
Muhammad Daffa
21195f9f0e
Create CVE-2012-4242.yaml
2021-07-11 17:06:48 +07:00
GwanYeong Kim
c0f5105dcf
Create CVE-2021-30497.yaml
...
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-11 18:31:18 +09:00
sandeep
25dcb930ad
Added CVE-2021-29156
2021-07-11 14:39:41 +05:30
sandeep
3bbcb23cd0
Severity update as this directly doesn't pose any risk.
2021-07-11 13:39:21 +05:30
Muhammad Daffa
f1690ec51b
Create CVE-2012-4768.yaml
2021-07-11 13:33:29 +07:00
Prince Chaddha
aa63d1afb7
Merge pull request #1925 from daffainfo/patch-10
...
Create CVE-2020-29395.yaml
2021-07-11 10:25:06 +05:30
Prince Chaddha
bca05d61d6
Merge pull request #1926 from daffainfo/patch-11
...
Create CVE-2019-14470.yaml
2021-07-11 10:15:11 +05:30
Prince Chaddha
7f0f8beff2
Update CVE-2020-29395.yaml
2021-07-11 10:14:56 +05:30
Prince Chaddha
7c19ca873d
Update CVE-2019-14470.yaml
2021-07-11 10:12:41 +05:30
Prince Chaddha
7c0c5033e9
Update CVE-2019-14470.yaml
2021-07-11 10:11:11 +05:30
Prince Chaddha
a3c2fdee36
Merge pull request #1928 from daffainfo/patch-13
...
Create CVE-2019-15889.yaml
2021-07-11 10:09:58 +05:30
Prince Chaddha
0bae5e975e
Update CVE-2019-15889.yaml
2021-07-11 10:09:51 +05:30
Prince Chaddha
70930af523
Merge pull request #1929 from daffainfo/patch-14
...
Create CVE-2014-9094.yaml
2021-07-11 10:09:00 +05:30
Prince Chaddha
a04341ae20
Update CVE-2014-9094.yaml
2021-07-11 10:08:53 +05:30
Prince Chaddha
92e1a5feeb
Update CVE-2013-3526.yaml
2021-07-11 10:05:10 +05:30
Muhammad Daffa
53c2c47099
Create CVE-2013-3526.yaml
2021-07-11 09:00:15 +07:00
Muhammad Daffa
4773149878
Create CVE-2014-9094.yaml
2021-07-11 08:43:01 +07:00
Muhammad Daffa
009e68c627
Create CVE-2019-15889.yaml
2021-07-11 08:20:03 +07:00
Muhammad Daffa
4889efb117
Create CVE-2019-14470.yaml
2021-07-11 08:06:14 +07:00
Muhammad Daffa
da45bdf0ef
Create CVE-2020-29395.yaml
2021-07-11 07:58:31 +07:00
sandeep
01ae482fe8
Added CVE-2021-34621
2021-07-10 22:31:08 +05:30
Sandeep Singh
97023903a0
Merge pull request #1918 from gy741/rule-add-v19
...
Create Hongdian Vulnerability
2021-07-10 21:24:56 +05:30
Sandeep Singh
5ca472b43e
Merge pull request #1880 from gy741/rule-add-v13
...
Create CVE-2021-1497.yaml
2021-07-10 20:55:14 +05:30
sandeep
1cd29628aa
more reference
2021-07-10 20:54:04 +05:30
sandeep
7f37050361
Added HTTP check
2021-07-10 20:53:23 +05:30
sandeep
dd9e85a29c
Added missing condition
2021-07-10 20:47:20 +05:30
sandeep
1e8aa5288f
Update CVE-2021-1497.yaml
2021-07-10 20:45:00 +05:30
sandeep
767f173f88
minor updates
2021-07-10 18:45:09 +05:30
GwanYeong Kim
3bf1c929ed
Create Hongdian Vulnerability
...
CVE-2021-28149 : Hongdian H8922 3.0.5 devices allow Directory Traversal. The /log_download.cgi log export handler does not validate user input and allows a remote attacker with minimal privileges to download any file from the device by substituting ../ (e.g., ../../etc/passwd) This can be carried out with a web browser by changing the file name accordingly. Upon visiting log_download.cgi?type=../../etc/passwd and logging in, the web server will allow a download of the contents of the /etc/passwd file.
CVE-2021-28150 : Hongdian H8922 3.0.5 devices allow the unprivileged guest user to read cli.conf (with the administrator password and other sensitive data) via /backup2.cgi.
CVE-2021-28151 : Hongdian H8922 3.0.5 devices allow OS command injection via shell metacharacters into the ip-address (aka Destination) field to the tools.cgi ping command, which is accessible with the username guest and password guest.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-10 21:16:35 +09:00
sandeep
c2f87a94c6
Added complete RCE chain
2021-07-10 13:42:09 +05:30
Sandeep Singh
bff63b673d
Merge pull request #1896 from geeknik/patch-109
...
Create CVE-2017-16806.yaml
2021-07-07 18:40:15 +05:30
Sandeep Singh
5d034716ac
Merge pull request #1895 from geeknik/patch-108
...
Create CVE-2015-6477.yaml
2021-07-07 18:37:48 +05:30
Sandeep Singh
6963c0d669
Update CVE-2015-6477.yaml
2021-07-07 18:37:21 +05:30
Sandeep Singh
36a13094ef
Merge pull request #1894 from geeknik/patch-105
...
Create CVE-2009-4223.yaml
2021-07-07 18:35:27 +05:30
Geeknik Labs
d5cbcec079
Update CVE-2021-22214.yaml
...
dns interaction doesn't prove exploitability
2021-07-07 03:50:13 +00:00
Geeknik Labs
c8ba8e13ce
Create CVE-2017-16806.yaml
2021-07-06 19:50:32 +00:00
Geeknik Labs
6874823632
Create CVE-2015-6477.yaml
2021-07-06 19:47:44 +00:00
Geeknik Labs
1fba6ae882
Create CVE-2009-4223.yaml
2021-07-06 19:44:02 +00:00
Sandeep Singh
deab6ba62c
Merge pull request #1887 from skar4444/nrouter
...
CVE-2016-5649 - Netgear Router - Admin Password Disclosure
2021-07-06 21:36:01 +05:30
sandeep
5a818f62b8
name and template update
2021-07-06 21:34:28 +05:30
Sandeep Singh
2aa91bbf24
Rename cve-2021-24387.yaml to CVE-2021-24387.yaml
2021-07-06 20:29:47 +05:30
Suman Kar
78617f6012
Real Estate 7 WordPress Theme < 3.1.1 - Unauthenticated Reflected XSS
2021-07-06 19:51:53 +05:30
sandeep
6dd96ede94
Added additional reference
2021-07-06 12:12:09 +05:30
sandeep
fc68a95803
Template Name/ID update as per assigned CVE
2021-07-06 12:07:53 +05:30
GwanYeong Kim
71dd0de29d
Create CVE-2021-1497.yaml
...
Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-06 09:30:13 +09:00
sandeep
36a0918092
fixes
2021-07-04 16:02:51 +05:30
sandeep
13a5215bda
Update CVE-2017-9841.yaml
2021-07-04 15:50:15 +05:30
sandeep
35a8d999cb
strict matchers
2021-07-04 01:05:05 +05:30
sandeep
b137eb57d3
More edge cases
...
Only looking for DNS interaction is not reliable as few servers make DNS requests for host included in path or query parameter.
2021-07-04 00:41:57 +05:30
sandeep
acebe227a1
Update CVE-2019-13101.yaml
2021-07-04 00:12:01 +05:30
sandeep
9e9954cbab
strict matchers
2021-07-04 00:07:30 +05:30