diff --git a/2017/CVE-2017-17727.md b/2017/CVE-2017-17727.md new file mode 100644 index 0000000000..396f6c88b7 --- /dev/null +++ b/2017/CVE-2017-17727.md @@ -0,0 +1,17 @@ +### [CVE-2017-17727](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17727) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +DedeCMS through 5.6 allows arbitrary file upload and PHP code execution by embedding the PHP code in a .jpg file, which is used in the templet parameter to member/article_edit.php. + +### POC + +#### Reference +- https://www.seebug.org/vuldb/ssvid-20050 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-17888.md b/2017/CVE-2017-17888.md new file mode 100644 index 0000000000..a0be104754 --- /dev/null +++ b/2017/CVE-2017-17888.md @@ -0,0 +1,17 @@ +### [CVE-2017-17888](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17888) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +cgi-bin/write.cgi in Anti-Web through 3.8.7, as used on NetBiter / HMS, Ouman EH-net, Alliance System WS100 --> AWU 500, Sauter ERW100F001, Carlo Gavazzi SIU-DLG, AEDILIS SMART-1, SYXTHSENSE WebBiter, ABB SREA, and ASCON DY WebServer devices, allows remote authenticated users to execute arbitrary OS commands via crafted multipart/form-data content, a different vulnerability than CVE-2017-9097. + +### POC + +#### Reference +- https://www.seebug.org/vuldb/ssvid-96555 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2018/CVE-2018-2893.md b/2018/CVE-2018-2893.md index a3ff9abd8c..87727cd8aa 100644 --- a/2018/CVE-2018-2893.md +++ b/2018/CVE-2018-2893.md @@ -47,6 +47,7 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - https://github.com/ZTK-009/RedTeamer - https://github.com/aiici/weblogicAllinone - https://github.com/angeloqmartin/Vulnerability-Assessment +- https://github.com/artofwar344/CVE-2018-2893 - https://github.com/awake1t/Awesome-hacking-tools - https://github.com/awsassets/weblogic_exploit - https://github.com/bigsizeme/CVE-2018-2893 diff --git a/2019/CVE-2019-0708.md b/2019/CVE-2019-0708.md index a81fb09e00..23ec763802 100644 --- a/2019/CVE-2019-0708.md +++ b/2019/CVE-2019-0708.md @@ -393,6 +393,7 @@ A remote code execution vulnerability exists in Remote Desktop Services formerly - https://github.com/victor0013/CVE-2019-0708 - https://github.com/vincentfer/PENTESTING-BIBLE- - https://github.com/viszsec/CyberSecurity-Playground +- https://github.com/vs4vijay/exploits - https://github.com/vulsio/go-msfdb - https://github.com/wateroot/poc-exp - https://github.com/wdfcc/CVE-2019-0708 diff --git a/2019/CVE-2019-16889.md b/2019/CVE-2019-16889.md index 22c916b483..d2e28438c5 100644 --- a/2019/CVE-2019-16889.md +++ b/2019/CVE-2019-16889.md @@ -15,6 +15,7 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/grampae/CVE-2019-16889-poc - https://github.com/grampae/meep - https://github.com/grampae/meep2 - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2020/CVE-2020-0796.md b/2020/CVE-2020-0796.md index cd5aac1579..b8658309aa 100644 --- a/2020/CVE-2020-0796.md +++ b/2020/CVE-2020-0796.md @@ -335,6 +335,7 @@ A remote code execution vulnerability exists in the way that the Microsoft Serve - https://github.com/tripledd/cve-2020-0796-vuln - https://github.com/txuswashere/OSCP - https://github.com/uhub/awesome-c +- https://github.com/vs4vijay/exploits - https://github.com/vsai94/ECE9069_SMBGhost_Exploit_CVE-2020-0796- - https://github.com/vysecurity/CVE-2020-0796 - https://github.com/w1ld3r/SMBGhost_Scanner diff --git a/2020/CVE-2020-1472.md b/2020/CVE-2020-1472.md index 95a5ec0a1a..3b27c8f20c 100644 --- a/2020/CVE-2020-1472.md +++ b/2020/CVE-2020-1472.md @@ -357,6 +357,7 @@ An elevation of privilege vulnerability exists when an attacker establishes a vu - https://github.com/vecnathewhisperd/ZeroLogin - https://github.com/victim10wq3/CVE-2020-1472 - https://github.com/voker2311/Infra-Security-101 +- https://github.com/vs4vijay/exploits - https://github.com/weeka10/-hktalent-TOP - https://github.com/whitfieldsdad/epss - https://github.com/whoami-chmod777/ZeroLogon-Testing-Script diff --git a/2020/CVE-2020-16898.md b/2020/CVE-2020-16898.md index ee963db377..da27c463f4 100644 --- a/2020/CVE-2020-16898.md +++ b/2020/CVE-2020-16898.md @@ -83,6 +83,7 @@ No PoCs from references. - https://github.com/todb-r7/dwflist - https://github.com/tzwlhack/Vulnerability - https://github.com/uhub/awesome-lua +- https://github.com/vs4vijay/exploits - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/xuetusummer/Penetration_Testing_POC - https://github.com/ycdxsb/WindowsPrivilegeEscalation diff --git a/2020/CVE-2020-17382.md b/2020/CVE-2020-17382.md index e3c440f139..06bca3635b 100644 --- a/2020/CVE-2020-17382.md +++ b/2020/CVE-2020-17382.md @@ -29,6 +29,7 @@ The MSI AmbientLink MsIo64 driver 1.0.0.8 has a Buffer Overflow (0x80102040, 0x8 - https://github.com/soosmile/POC - https://github.com/taielab/awesome-hacking-lists - https://github.com/uf0o/CVE-2020-17382 +- https://github.com/vs4vijay/exploits - https://github.com/xbl2022/awesome-hacking-lists - https://github.com/zeze-zeze/2023iThome diff --git a/2020/CVE-2020-7915.md b/2020/CVE-2020-7915.md new file mode 100644 index 0000000000..7ed00b1185 --- /dev/null +++ b/2020/CVE-2020-7915.md @@ -0,0 +1,17 @@ +### [CVE-2020-7915](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7915) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered on Eaton 5P 850 devices. The Ubicacion SAI field allows XSS attacks by an administrator. + +### POC + +#### Reference +- https://sku11army.blogspot.com/2020/01/eaton-authenticated-stored-cross-site.html + +#### Github +No PoCs found on GitHub currently. + diff --git a/2020/CVE-2020-9206.md b/2020/CVE-2020-9206.md new file mode 100644 index 0000000000..b2e140b3fd --- /dev/null +++ b/2020/CVE-2020-9206.md @@ -0,0 +1,17 @@ +### [CVE-2020-9206](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9206) +![](https://img.shields.io/static/v1?label=Product&message=eUDC660&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Improper%20Resource%20Management&color=brighgreen) + +### Description + +The eUDC660 product has a resource management vulnerability. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper resource management of the device, as a result, the key file can be obtained and data can be decrypted, affecting confidentiality, integrity, and availability of the device. + +### POC + +#### Reference +- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210203-01-resourcemanagement-en + +#### Github +No PoCs found on GitHub currently. + diff --git a/2021/CVE-2021-22716.md b/2021/CVE-2021-22716.md new file mode 100644 index 0000000000..121b44e55f --- /dev/null +++ b/2021/CVE-2021-22716.md @@ -0,0 +1,17 @@ +### [CVE-2021-22716](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22716) +![](https://img.shields.io/static/v1?label=Product&message=C-Bus%20Toolkit&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=V%3C%201.15.9%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-732%20Incorrect%20Permission%20Assignment%20for%20Critical%20Resource&color=brighgreen) + +### Description + +A CWE-732: Incorrect Permission Assignment for Critical Resource vulnerability exists that could allow remote code execution when an unprivileged user modifies a file. Affected Product: C-Bus Toolkit (V1.15.9 and prior) + +### POC + +#### Reference +- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-103-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2021-103-01_C-Bus_Toolkit_C-Gate_Server_Security_Notification.pdf + +#### Github +No PoCs found on GitHub currently. + diff --git a/2021/CVE-2021-41320.md b/2021/CVE-2021-41320.md new file mode 100644 index 0000000000..6294451c40 --- /dev/null +++ b/2021/CVE-2021-41320.md @@ -0,0 +1,17 @@ +### [CVE-2021-41320](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41320) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +** DISPUTED ** A technical user has hardcoded credentials in Wallstreet Suite TRM 7.4.83 (64-bit edition) with higher privilege than the average authenticated user. NOTE: the vendor disputes this because the password is not hardcoded (it can be changed during installation or at any later time). + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2021/CVE-2021-44228.md b/2021/CVE-2021-44228.md index 491aceac15..b4a304ce16 100644 --- a/2021/CVE-2021-44228.md +++ b/2021/CVE-2021-44228.md @@ -1464,6 +1464,7 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12 - https://github.com/voditelnloo/jmeterjustb4 - https://github.com/vorburger/Learning-Log4j2 - https://github.com/vorburger/Log4j_CVE-2021-44228 +- https://github.com/vs4vijay/exploits - https://github.com/vsdeng/java-gradle-demo-app - https://github.com/vsegdacocacola/Log4jExploitPayloadExtractor - https://github.com/vulcan-apptest2/log4shell-vulnerable-app diff --git a/2022/CVE-2022-22947.md b/2022/CVE-2022-22947.md index f3d6cf96c0..d0b45f9bac 100644 --- a/2022/CVE-2022-22947.md +++ b/2022/CVE-2022-22947.md @@ -38,6 +38,7 @@ In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are v - https://github.com/Awrrays/FrameVul - https://github.com/Axx8/CVE-2022-22947_Rce_Exp - https://github.com/B0rn2d/Spring-Cloud-Gateway-Nacos +- https://github.com/BBD-YZZ/GUI-TOOLS - https://github.com/BerMalBerIst/CVE-2022-22947 - https://github.com/CLincat/vulcat - https://github.com/CVEDB/PoC-List diff --git a/2022/CVE-2022-22963.md b/2022/CVE-2022-22963.md index 6ae346d298..6b2ecdfcf8 100644 --- a/2022/CVE-2022-22963.md +++ b/2022/CVE-2022-22963.md @@ -34,6 +34,7 @@ In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, w - https://github.com/AabyssZG/SpringBoot-Scan - https://github.com/AayushmanThapaMagar/CVE-2022-22963 - https://github.com/Anogota/Inject +- https://github.com/BBD-YZZ/GUI-TOOLS - https://github.com/BearClaw96/CVE-2022-22963-Poc-Bearcules - https://github.com/CLincat/vulcat - https://github.com/CVEDB/PoC-List diff --git a/2022/CVE-2022-22965.md b/2022/CVE-2022-22965.md index d2bcb0706f..b8906a7793 100644 --- a/2022/CVE-2022-22965.md +++ b/2022/CVE-2022-22965.md @@ -34,6 +34,7 @@ A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable t - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/AabyssZG/SpringBoot-Scan - https://github.com/Axx8/SpringFramework_CVE-2022-22965_RCE +- https://github.com/BBD-YZZ/GUI-TOOLS - https://github.com/BC-SECURITY/Moriarty - https://github.com/BKLockly/CVE-2022-22965 - https://github.com/Bl0omZ/JAVAExploitStudy diff --git a/2024/CVE-2024-0220.md b/2024/CVE-2024-0220.md index ce87d6efb5..d8597f9bd7 100644 --- a/2024/CVE-2024-0220.md +++ b/2024/CVE-2024-0220.md @@ -10,7 +10,7 @@ ### Description -B&R Automation Studio Upgrade Service and B&R Technology Guarding use insufficient cryptography for communication to the upgrade and the licensing servers. A network-based attacker could exploit the vulnerability to execute arbitrary code on the products or sniff sensitive data.Missing Encryption of Sensitive Data, Cleartext Transmission of Sensitive Information, Improper Control of Generation of Code ('Code Injection'), Inadequate Encryption Strength vulnerability in B&R Industrial Automation B&R Automation Studio (Upgrade Service modules), B&R Industrial Automation Technology Guarding.This issue affects B&R Automation Studio: <4.6; Technology Guarding: <1.4.0. +B&R Automation Studio Upgrade Service and B&R Technology Guarding use insufficient cryptography for communication to the upgrade and the licensing servers. A network-based attacker could exploit the vulnerability to execute arbitrary code on the products or sniff sensitive data. ### POC diff --git a/2024/CVE-2024-0323.md b/2024/CVE-2024-0323.md index 6b1874d95d..1faef59338 100644 --- a/2024/CVE-2024-0323.md +++ b/2024/CVE-2024-0323.md @@ -5,7 +5,7 @@ ### Description -Use of a Broken or Risky Cryptographic Algorithm vulnerability in B&R Industrial Automation Automation Runtime (SDM modules).The FTP server used on the B&RAutomation Runtime supports unsecure encryption mechanisms, such as SSLv3,TLSv1.0 and TLS1.1. An network-based attacker can exploit the flaws to conductman-in-the-middle attacks or to decrypt communications between the affected productclients.  This issue affects Automation Runtime: from 14.0 before 14.93. +The FTP server used on the B&RAutomation Runtime supports unsecure encryption mechanisms, such as SSLv3,TLSv1.0 and TLS1.1. An network-based attacker can exploit the flaws to conductman-in-the-middle attacks or to decrypt communications between the affected productclients. ### POC diff --git a/2024/CVE-2024-0851.md b/2024/CVE-2024-0851.md new file mode 100644 index 0000000000..474c5da0f1 --- /dev/null +++ b/2024/CVE-2024-0851.md @@ -0,0 +1,17 @@ +### [CVE-2024-0851](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0851) +![](https://img.shields.io/static/v1?label=Product&message=Smartpower&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=0%3C%3D%20V24.05.27%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20SQL%20Command%20('SQL%20Injection')&color=brighgreen) + +### Description + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Grup Arge Energy and Control Systems Smartpower allows SQL Injection.This issue affects Smartpower: through V24.05.27. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-21306.md b/2024/CVE-2024-21306.md index 9dd7c24041..e9da5c875a 100644 --- a/2024/CVE-2024-21306.md +++ b/2024/CVE-2024-21306.md @@ -27,6 +27,7 @@ No PoCs from references. #### Github - https://github.com/NaInSec/CVE-LIST +- https://github.com/PhucHauDeveloper/BadBlue - https://github.com/PhucHauDeveloper/BadbBlue - https://github.com/d4rks1d33/C-PoC-for-CVE-2024-21306 - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-21683.md b/2024/CVE-2024-21683.md index 6f4394786e..546e8d9d4e 100644 --- a/2024/CVE-2024-21683.md +++ b/2024/CVE-2024-21683.md @@ -23,6 +23,7 @@ No PoCs from references. - https://github.com/jafshare/GithubTrending - https://github.com/johe123qwe/github-trending - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/phucrio/CVE-2024-21683-RCE - https://github.com/r00t7oo2jm/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server - https://github.com/sampsonv/github-trending - https://github.com/tanjiti/sec_profile diff --git a/2024/CVE-2024-23995.md b/2024/CVE-2024-23995.md new file mode 100644 index 0000000000..49f92fe901 --- /dev/null +++ b/2024/CVE-2024-23995.md @@ -0,0 +1,17 @@ +### [CVE-2024-23995](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23995) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Cross Site Scripting (XSS) in Beekeeper Studio 4.1.13 and earlier allows remote attackers to execute arbitrary code in the column name of a database table in tabulator-popup-container. + +### POC + +#### Reference +- https://github.com/EQSTLab/PoC/blob/main/2024/RCE/CVE-2024-23995/README.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-27842.md b/2024/CVE-2024-27842.md new file mode 100644 index 0000000000..fe0fdc03bd --- /dev/null +++ b/2024/CVE-2024-27842.md @@ -0,0 +1,17 @@ +### [CVE-2024-27842](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27842) +![](https://img.shields.io/static/v1?label=Product&message=macOS&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=unspecified%3C%2014.5%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=An%20app%20may%20be%20able%20to%20execute%20arbitrary%20code%20with%20kernel%20privileges&color=brighgreen) + +### Description + +The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5. An app may be able to execute arbitrary code with kernel privileges. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/tanjiti/sec_profile + diff --git a/2024/CVE-2024-2961.md b/2024/CVE-2024-2961.md index f9b0e3e144..7c45e1f399 100644 --- a/2024/CVE-2024-2961.md +++ b/2024/CVE-2024-2961.md @@ -13,6 +13,7 @@ The iconv() function in the GNU C Library versions 2.39 and older may overflow t No PoCs from references. #### Github +- https://github.com/ambionics/cnext-exploits - https://github.com/mattaperkins/FIX-CVE-2024-2961 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/rvizx/CVE-2024-2961 diff --git a/2024/CVE-2024-30056.md b/2024/CVE-2024-30056.md index 57e9f4c19b..6ff508337c 100644 --- a/2024/CVE-2024-30056.md +++ b/2024/CVE-2024-30056.md @@ -13,5 +13,7 @@ Microsoft Edge (Chromium-based) Information Disclosure Vulnerability No PoCs from references. #### Github +- https://github.com/absholi7ly/Microsoft-Edge-Information-Disclosure - https://github.com/fkie-cad/nvd-json-data-feeds +- https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2024/CVE-2024-3205.md b/2024/CVE-2024-3205.md index cd56efdcd5..d9a16e85b0 100644 --- a/2024/CVE-2024-3205.md +++ b/2024/CVE-2024-3205.md @@ -13,5 +13,5 @@ A vulnerability was found in yaml libyaml up to 0.2.5 and classified as critical - https://vuldb.com/?submit.304561 #### Github -No PoCs found on GitHub currently. +- https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-3381.md b/2024/CVE-2024-3381.md new file mode 100644 index 0000000000..d4043e0adb --- /dev/null +++ b/2024/CVE-2024-3381.md @@ -0,0 +1,17 @@ +### [CVE-2024-3381](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3381) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=blue) + +### Description + +** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/stayfesch/Get-PANOS-Advisories + diff --git a/2024/CVE-2024-34477.md b/2024/CVE-2024-34477.md new file mode 100644 index 0000000000..c884b56049 --- /dev/null +++ b/2024/CVE-2024-34477.md @@ -0,0 +1,17 @@ +### [CVE-2024-34477](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34477) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +configureNFS in lib/common/functions.sh in FOG through 1.5.10 allows local users to gain privileges by mounting a crafted NFS share (because of no_root_squash and insecure). In order to exploit the vulnerability, someone needs to mount an NFS share in order to add an executable file as root. In addition, the SUID bit must be added to this file. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-3495.md b/2024/CVE-2024-3495.md index 6609cbbe17..42844f2aec 100644 --- a/2024/CVE-2024-3495.md +++ b/2024/CVE-2024-3495.md @@ -14,5 +14,6 @@ No PoCs from references. #### Github - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/tanjiti/sec_profile - https://github.com/truonghuuphuc/CVE-2024-3495-Poc diff --git a/2024/CVE-2024-3939.md b/2024/CVE-2024-3939.md new file mode 100644 index 0000000000..625eb7130e --- /dev/null +++ b/2024/CVE-2024-3939.md @@ -0,0 +1,17 @@ +### [CVE-2024-3939](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3939) +![](https://img.shields.io/static/v1?label=Product&message=Ditty%20&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=0%3C%203.1.36%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Cross-Site%20Scripting%20(XSS)&color=brighgreen) + +### Description + +The Ditty WordPress plugin before 3.1.36 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) + +### POC + +#### Reference +- https://wpscan.com/vulnerability/80a9eb3a-2cb1-4844-9004-ba2554b2d46c/ + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-4367.md b/2024/CVE-2024-4367.md index ec27b57777..c46bfe2478 100644 --- a/2024/CVE-2024-4367.md +++ b/2024/CVE-2024-4367.md @@ -18,6 +18,7 @@ No PoCs from references. #### Github - https://github.com/LOURC0D3/CVE-2024-4367-PoC - https://github.com/Threekiii/Awesome-POC +- https://github.com/avalahEE/pdfjs_disable_eval - https://github.com/google/fishy-pdf - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/s4vvysec/CVE-2024-4367-POC diff --git a/2024/CVE-2024-4529.md b/2024/CVE-2024-4529.md new file mode 100644 index 0000000000..9393fc0c57 --- /dev/null +++ b/2024/CVE-2024-4529.md @@ -0,0 +1,17 @@ +### [CVE-2024-4529](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4529) +![](https://img.shields.io/static/v1?label=Product&message=Business%20Card&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-352%20Cross-Site%20Request%20Forgery%20(CSRF)&color=brighgreen) + +### Description + +The Business Card WordPress plugin through 1.0.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions such as deleting card categories via CSRF attacks + +### POC + +#### Reference +- https://wpscan.com/vulnerability/082ff0b8-2ecd-4292-832d-0a79e1ba8cb3/ + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-4530.md b/2024/CVE-2024-4530.md new file mode 100644 index 0000000000..e531bdae25 --- /dev/null +++ b/2024/CVE-2024-4530.md @@ -0,0 +1,17 @@ +### [CVE-2024-4530](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4530) +![](https://img.shields.io/static/v1?label=Product&message=Business%20Card&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-352%20Cross-Site%20Request%20Forgery%20(CSRF)&color=brighgreen) + +### Description + +The Business Card WordPress plugin through 1.0.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions such as editing card categories via CSRF attacks + +### POC + +#### Reference +- https://wpscan.com/vulnerability/952f6b5c-7728-4c87-8826-6b493f51a979/ + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-4531.md b/2024/CVE-2024-4531.md new file mode 100644 index 0000000000..7dedbb3c65 --- /dev/null +++ b/2024/CVE-2024-4531.md @@ -0,0 +1,17 @@ +### [CVE-2024-4531](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4531) +![](https://img.shields.io/static/v1?label=Product&message=Business%20Card&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-352%20Cross-Site%20Request%20Forgery%20(CSRF)&color=brighgreen) + +### Description + +The Business Card WordPress plugin through 1.0.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions such as editing cards via CSRF attacks + +### POC + +#### Reference +- https://wpscan.com/vulnerability/18c1b3bb-9998-416f-a972-c4a51643579c/ + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-4532.md b/2024/CVE-2024-4532.md new file mode 100644 index 0000000000..e31429f2b8 --- /dev/null +++ b/2024/CVE-2024-4532.md @@ -0,0 +1,17 @@ +### [CVE-2024-4532](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4532) +![](https://img.shields.io/static/v1?label=Product&message=Business%20Card&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-352%20Cross-Site%20Request%20Forgery%20(CSRF)&color=brighgreen) + +### Description + +The Business Card WordPress plugin through 1.0.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions such as deleting cards via CSRF attacks + +### POC + +#### Reference +- https://wpscan.com/vulnerability/64cf5f95-bbf0-4c5f-867b-62f1b7f6a42e/ + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-4533.md b/2024/CVE-2024-4533.md new file mode 100644 index 0000000000..e9c1ea4db5 --- /dev/null +++ b/2024/CVE-2024-4533.md @@ -0,0 +1,17 @@ +### [CVE-2024-4533](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4533) +![](https://img.shields.io/static/v1?label=Product&message=KKProgressbar2%20Free%20&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +The KKProgressbar2 Free WordPress plugin through 1.1.4.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admin users to perform SQL injection attacks + +### POC + +#### Reference +- https://wpscan.com/vulnerability/c3406236-aaee-480a-8931-79c867252f11/ + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-4534.md b/2024/CVE-2024-4534.md new file mode 100644 index 0000000000..e894166918 --- /dev/null +++ b/2024/CVE-2024-4534.md @@ -0,0 +1,18 @@ +### [CVE-2024-4534](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4534) +![](https://img.shields.io/static/v1?label=Product&message=KKProgressbar2%20Free%20&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-352%20Cross-Site%20Request%20Forgery%20(CSRF)&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Cross-Site%20Scripting%20(XSS)&color=brighgreen) + +### Description + +The KKProgressbar2 Free WordPress plugin through 1.1.4.2 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack + +### POC + +#### Reference +- https://wpscan.com/vulnerability/7b0046d4-cf95-4307-95a5-9b823f2daaaa/ + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-4535.md b/2024/CVE-2024-4535.md new file mode 100644 index 0000000000..bbe6518fec --- /dev/null +++ b/2024/CVE-2024-4535.md @@ -0,0 +1,17 @@ +### [CVE-2024-4535](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4535) +![](https://img.shields.io/static/v1?label=Product&message=KKProgressbar2%20Free%20&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-352%20Cross-Site%20Request%20Forgery%20(CSRF)&color=brighgreen) + +### Description + +The KKProgressbar2 Free WordPress plugin through 1.1.4.2 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks + +### POC + +#### Reference +- https://wpscan.com/vulnerability/d4980886-da10-4bbc-a84a-fe071ab3b755/ + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-4956.md b/2024/CVE-2024-4956.md index e2e734bec1..6f24a1831b 100644 --- a/2024/CVE-2024-4956.md +++ b/2024/CVE-2024-4956.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/Threekiii/Awesome-POC +- https://github.com/X1r0z/JettyFuzz - https://github.com/banditzCyber0x/CVE-2024-4956 - https://github.com/codeb0ss/CVE-2024-4956-PoC - https://github.com/fkie-cad/nvd-json-data-feeds @@ -21,6 +22,7 @@ No PoCs from references. - https://github.com/ifconfig-me/CVE-2024-4956-Bulk-Scanner - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/tanjiti/sec_profile +- https://github.com/thinhap/CVE-2024-4956-PoC - https://github.com/wjlin0/poc-doc - https://github.com/wy876/POC - https://github.com/wy876/wiki diff --git a/github.txt b/github.txt index baa294cd45..b953de59ab 100644 --- a/github.txt +++ b/github.txt @@ -2,16 +2,11 @@ CVE-0000-0000 - https://github.com/HackWithSumit/TryHackMe-ice-Walkthrough CVE-0000-0000 - https://github.com/KINGSABRI/CVE-in-Ruby CVE-0000-0000 - https://github.com/Konstantinos-Papanagnou/CMSpit CVE-0000-0000 - https://github.com/Simonpe1/xray-custom-integration-demo -CVE-0000-0000 - https://github.com/dimondevceo/reverse_shell_javascript -CVE-0000-00000 - https://github.com/err0r4o3/err0r4o3 -CVE-0123-4567 - https://github.com/splunk-soar-connectors/dataminrpulse CVE-1234-5678 - https://github.com/openvex/vexctl CVE-1990-0000 - https://github.com/tecnobabble/vulnfeed_2_tenb -CVE-1999-0001 - https://github.com/MarcusGutierrez/complex-vulnerabilities CVE-1999-0001 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-1999-0001 - https://github.com/flowground/anchore-io-connector CVE-1999-0001 - https://github.com/jimmyislive/gocve -CVE-1999-0001 - https://github.com/morpheuslord/CVE-llm_dataset CVE-1999-0001 - https://github.com/quentinmayo/get_nvd_data_from_online_to_csv CVE-1999-0002 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-1999-0002 - https://github.com/jimmyislive/gocve @@ -21,6 +16,7 @@ CVE-1999-0004 - https://github.com/jimmyislive/gocve CVE-1999-0005 - https://github.com/jimmyislive/gocve CVE-1999-0016 - https://github.com/ascendantlogic/opensims CVE-1999-0019 - https://github.com/Heretyc/inntinn +CVE-1999-0067 - https://github.com/lauravoicu/Vulnerabilities CVE-1999-0070 - https://github.com/starnightcyber/vul-info-collect CVE-1999-0078 - https://github.com/AnyMaster/EQGRP CVE-1999-0078 - https://github.com/CKmaenn/EQGRP @@ -108,11 +104,8 @@ CVE-1999-0678 - https://github.com/starnightcyber/vul-info-collect CVE-1999-0691 - https://github.com/truefinder/truefinder CVE-1999-0898 - https://github.com/clearbluejar/cve-markdown-charts CVE-1999-0899 - https://github.com/clearbluejar/cve-markdown-charts -CVE-1999-0999 - https://github.com/morpheuslord/CVE-llm_dataset -CVE-1999-1000 - https://github.com/morpheuslord/CVE-llm_dataset CVE-1999-1010 - https://github.com/phx/cvescan CVE-1999-1057 - https://github.com/joscanoga/Reto-python-CRM -CVE-1999-1060 - https://github.com/cmilanf/docker-tetrinetx CVE-1999-1115 - https://github.com/joscanoga/Reto-python-CRM CVE-1999-1122 - https://github.com/joscanoga/Reto-python-CRM CVE-1999-1197 - https://github.com/joscanoga/Reto-python-CRM @@ -120,7 +113,6 @@ CVE-1999-1198 - https://github.com/joscanoga/Reto-python-CRM CVE-1999-1211 - https://github.com/joscanoga/Reto-python-CRM CVE-1999-1212 - https://github.com/joscanoga/Reto-python-CRM CVE-1999-1258 - https://github.com/joscanoga/Reto-python-CRM -CVE-1999-1322 - https://github.com/Leonardo-hf/nvd-cli CVE-1999-1322 - https://github.com/righel/ms-exchange-version-nse CVE-1999-1376 - https://github.com/notsag-dev/hacking-tools-for-web-developers CVE-1999-1391 - https://github.com/joscanoga/Reto-python-CRM @@ -133,7 +125,6 @@ CVE-1999-1471 - https://github.com/joscanoga/Reto-python-CRM CVE-1999-1506 - https://github.com/joscanoga/Reto-python-CRM CVE-1999-1554 - https://github.com/joscanoga/Reto-python-CRM CVE-1999-1587 - https://github.com/0xdea/exploits -CVE-1999-1598 - https://github.com/morpheuslord/CVE-llm_dataset CVE-1999-5656 - https://github.com/becrevex/Kampai CVE-1999-99999 - https://github.com/MrSeccubus/jekyll-secinfo CVE-2000-0001 - https://github.com/joocer/ytf @@ -12053,6 +12044,7 @@ CVE-2014-1203 - https://github.com/ARPSyndicate/kenzer-templates CVE-2014-1234 - https://github.com/Haifisch/dayswithoutansslexploit CVE-2014-1234 - https://github.com/fhightower/ioc-finder CVE-2014-1234 - https://github.com/guilhermeG23/manual_suricata_simples +CVE-2014-12345 - https://github.com/lauravoicu/Vulnerabilities CVE-2014-123456 - https://github.com/ARPSyndicate/cvemon CVE-2014-123456 - https://github.com/openvex/spec CVE-2014-123456 - https://github.com/openvex/vexctl @@ -13250,6 +13242,7 @@ CVE-2014-4287 - https://github.com/Live-Hack-CVE/CVE-2014-4287 CVE-2014-4321 - https://github.com/CVEDB/awesome-cve-repo CVE-2014-4321 - https://github.com/CVEDB/top CVE-2014-4321 - https://github.com/I-Prashanth-S/CybersecurityTIFAC +CVE-2014-4321 - https://github.com/android-rooting-tools/libmsm_vfe_read_exploit CVE-2014-4321 - https://github.com/cyberanand1337x/bug-bounty-2022 CVE-2014-4321 - https://github.com/jbmihoub/all-poc CVE-2014-4321 - https://github.com/tangsilian/android-vuln @@ -14577,6 +14570,15 @@ CVE-2014-7281 - https://github.com/anquanquantao/iwantacve CVE-2014-7285 - https://github.com/CongyingXU/inconsistency_detection_tool CVE-2014-7285 - https://github.com/pinkymm/inconsistency_detection CVE-2014-7285 - https://github.com/yingdongucas/inconsistency_detection +CVE-2014-7305 - https://github.com/Section9Labs/advisories +CVE-2014-7306 - https://github.com/Section9Labs/advisories +CVE-2014-7654321 - https://github.com/actions-marketplace-validations/alexjurkiewicz_ecr-scan-image +CVE-2014-7654321 - https://github.com/actions-marketplace-validations/gluehbirnenkopf_gha-ecr +CVE-2014-7654321 - https://github.com/actions-marketplace-validations/sanskarirandi_ecr-scan +CVE-2014-7654321 - https://github.com/alexjurkiewicz/ecr-scan-image +CVE-2014-7654321 - https://github.com/gluehbirnenkopf/gha-ecr +CVE-2014-7654321 - https://github.com/richardhendricksen/ecr-scan-image +CVE-2014-7654321 - https://github.com/sanskarirandi/ecr-scan CVE-2014-7809 - https://github.com/alexsh88/victims CVE-2014-7809 - https://github.com/h3xstream/struts-csrf-cracker CVE-2014-7809 - https://github.com/klee94/maven-security-versions-Travis @@ -14786,6 +14788,7 @@ CVE-2014-8682 - https://github.com/ARPSyndicate/kenzer-templates CVE-2014-8682 - https://github.com/nihal1306/gogs CVE-2014-8687 - https://github.com/dino213dz/sbar CVE-2014-8722 - https://github.com/Hacker5preme/Exploits +CVE-2014-8729 - https://github.com/inso-/TORQUE-Resource-Manager-2.5.x-2.5.13-stack-based-buffer-overflow-exploit-CVE-2014-8729-CVE-2014-878 CVE-2014-8730 - https://github.com/n13l/measurements CVE-2014-8731 - https://github.com/sbani/CVE-2014-8731-PoC CVE-2014-8739 - https://github.com/alex-h4cker/jQuery-vulnrability @@ -14793,6 +14796,7 @@ CVE-2014-8756 - https://github.com/abhav/nvd_scrapper CVE-2014-8757 - https://github.com/irsl/lgosp-poc CVE-2014-8768 - https://github.com/mudongliang/LinuxFlaw CVE-2014-8768 - https://github.com/oneoy/cve- +CVE-2014-8787 - https://github.com/inso-/TORQUE-Resource-Manager-2.5.x-2.5.13-stack-based-buffer-overflow-exploit-CVE-2014-8729-CVE-2014-878 CVE-2014-8799 - https://github.com/ARPSyndicate/kenzer-templates CVE-2014-8816 - https://github.com/0xCyberY/CVE-T4PDF CVE-2014-8816 - https://github.com/ARPSyndicate/cvemon @@ -17379,7 +17383,6 @@ CVE-2015-4495 - https://github.com/vincd/CVE-2015-4495 CVE-2015-4499 - https://github.com/ARPSyndicate/cvemon CVE-2015-4519 - https://github.com/ARPSyndicate/cvemon CVE-2015-4553 - https://github.com/ARPSyndicate/cvemon -CVE-2015-4582 - https://github.com/dinosn/weblogic CVE-2015-4582 - https://github.com/safe6Sec/wlsEnv CVE-2015-4588 - https://github.com/andir/nixos-issue-db-example CVE-2015-4590 - https://github.com/mrash/afl-cve @@ -27858,6 +27861,7 @@ CVE-2016-7644 - https://github.com/i-o-s/CVE-2016-4669 CVE-2016-7644 - https://github.com/kazaf0322/jailbreak10 CVE-2016-7644 - https://github.com/uroboro/mach_portal CVE-2016-7651 - https://github.com/JuZhu1978/AboutMe +CVE-2016-7654321 - https://github.com/lauravoicu/Vulnerabilities CVE-2016-7661 - https://github.com/alessaba/mach_portal CVE-2016-7661 - https://github.com/kazaf0322/jailbreak10 CVE-2016-7661 - https://github.com/uroboro/mach_portal @@ -31317,10 +31321,7 @@ CVE-2017-1002102 - https://github.com/hacking-kubernetes/hacking-kubernetes.info CVE-2017-1002150 - https://github.com/ARPSyndicate/cvemon CVE-2017-1002157 - https://github.com/ARPSyndicate/cvemon CVE-2017-1002999 - https://github.com/CVEProject/cvelist -CVE-2017-1002999 - https://github.com/CVEProject/cvelist-dev -CVE-2017-1002999 - https://github.com/CVEProject/cvelist-int CVE-2017-1002999 - https://github.com/dims/cvelist-public -CVE-2017-1002999 - https://github.com/jpattrendmicro/cvelist CVE-2017-1002999 - https://github.com/mpmiller37/nvdTest CVE-2017-1002999 - https://github.com/nvdgit/nvdTest CVE-2017-10033 - https://github.com/ARPSyndicate/cvemon @@ -32774,7 +32775,6 @@ CVE-2017-12424 - https://github.com/yfoelling/yair CVE-2017-12426 - https://github.com/sm-paul-schuette/CVE-2017-12426 CVE-2017-12427 - https://github.com/zhouat/poc_IM CVE-2017-12439 - https://github.com/ret2eax/ret2eax -CVE-2017-1244 - https://github.com/markuschaaf/minidjvu CVE-2017-12441 - https://github.com/andir/nixos-issue-db-example CVE-2017-12442 - https://github.com/andir/nixos-issue-db-example CVE-2017-12443 - https://github.com/andir/nixos-issue-db-example @@ -34450,7 +34450,6 @@ CVE-2017-15681 - https://github.com/ARPSyndicate/cvemon CVE-2017-15683 - https://github.com/ARPSyndicate/cvemon CVE-2017-15688 - https://github.com/SexyBeast233/SecBooks CVE-2017-15689 - https://github.com/WangYihang/Codiad-Remote-Code-Execute-Exploit -CVE-2017-15689 - https://github.com/hidog123/Codiad-CVE-2018-14009 CVE-2017-15692 - https://github.com/AdeliaNitzsche/Java-Deserialization-Cheat-Sheet CVE-2017-15692 - https://github.com/BrittanyKuhn/javascript-tutorial CVE-2017-15692 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet @@ -34681,7 +34680,6 @@ CVE-2017-16030 - https://github.com/ARPSyndicate/cvemon CVE-2017-16030 - https://github.com/ossf-cve-benchmark/CVE-2017-16030 CVE-2017-16031 - https://github.com/PalindromeLabs/awesome-websocket-security CVE-2017-16031 - https://github.com/ossf-cve-benchmark/CVE-2017-16031 -CVE-2017-16034 - https://github.com/ossf-cve-benchmark/CVE-2017-16034 CVE-2017-16035 - https://github.com/ARPSyndicate/cvemon CVE-2017-16036 - https://github.com/ARPSyndicate/cvemon CVE-2017-16037 - https://github.com/ARPSyndicate/cvemon @@ -34717,7 +34715,6 @@ CVE-2017-16082 - https://github.com/ossf-cve-benchmark/CVE-2017-16082 CVE-2017-16083 - https://github.com/ossf-cve-benchmark/CVE-2017-16083 CVE-2017-16084 - https://github.com/ossf-cve-benchmark/CVE-2017-16084 CVE-2017-16086 - https://github.com/ARPSyndicate/cvemon -CVE-2017-16087 - https://github.com/ossf-cve-benchmark/CVE-2017-16087 CVE-2017-16088 - https://github.com/ARPSyndicate/cvemon CVE-2017-16088 - https://github.com/Flyy-yu/CVE-2017-16088 CVE-2017-16088 - https://github.com/hacksparrow/safe-eval @@ -34828,8 +34825,6 @@ CVE-2017-16231 - https://github.com/fokypoky/places-list CVE-2017-16231 - https://github.com/followboy1999/cve CVE-2017-16231 - https://github.com/garethr/snykout CVE-2017-16232 - https://github.com/followboy1999/cve -CVE-2017-16245 - https://github.com/AOCorsaire/CVE-2017-16245 -CVE-2017-16246 - https://github.com/AOCorsaire/CVE-2017-16245 CVE-2017-16249 - https://github.com/ARPSyndicate/cvemon CVE-2017-16251 - https://github.com/ARPSyndicate/cvemon CVE-2017-16251 - https://github.com/twosevenzero/shoretel-mitel-rce @@ -44693,15 +44688,7 @@ CVE-2018-11372 - https://github.com/hi-KK/CVE-Hunter CVE-2018-11373 - https://github.com/hi-KK/CVE-Hunter CVE-2018-11386 - https://github.com/cs278/composer-audit CVE-2018-11396 - https://github.com/RootUp/BFuzz -CVE-2018-11397 - https://github.com/DSKPutra/Buggy-ERC20-Tokens -CVE-2018-11397 - https://github.com/SruthiPriya11/audit -CVE-2018-11397 - https://github.com/devmania1223/awesome-buggy-erc20-tokens -CVE-2018-11397 - https://github.com/mitnickdev/buggy-erc20-standard-token CVE-2018-11397 - https://github.com/sec-bit/awesome-buggy-erc20-tokens -CVE-2018-11398 - https://github.com/DSKPutra/Buggy-ERC20-Tokens -CVE-2018-11398 - https://github.com/SruthiPriya11/audit -CVE-2018-11398 - https://github.com/devmania1223/awesome-buggy-erc20-tokens -CVE-2018-11398 - https://github.com/mitnickdev/buggy-erc20-standard-token CVE-2018-11398 - https://github.com/sec-bit/awesome-buggy-erc20-tokens CVE-2018-11403 - https://github.com/anquanquantao/iwantacve CVE-2018-11404 - https://github.com/anquanquantao/iwantacve @@ -45114,25 +45101,9 @@ CVE-2018-11797 - https://github.com/CGCL-codes/PHunter CVE-2018-11798 - https://github.com/ossf-cve-benchmark/CVE-2018-11798 CVE-2018-11805 - https://github.com/Live-Hack-CVE/CVE-2019-19920 CVE-2018-11808 - https://github.com/kactrosN/publicdisclosures -CVE-2018-11809 - https://github.com/DSKPutra/Buggy-ERC20-Tokens -CVE-2018-11809 - https://github.com/SruthiPriya11/audit -CVE-2018-11809 - https://github.com/devmania1223/awesome-buggy-erc20-tokens -CVE-2018-11809 - https://github.com/mitnickdev/buggy-erc20-standard-token CVE-2018-11809 - https://github.com/sec-bit/awesome-buggy-erc20-tokens -CVE-2018-11810 - https://github.com/DSKPutra/Buggy-ERC20-Tokens -CVE-2018-11810 - https://github.com/SruthiPriya11/audit -CVE-2018-11810 - https://github.com/devmania1223/awesome-buggy-erc20-tokens -CVE-2018-11810 - https://github.com/mitnickdev/buggy-erc20-standard-token CVE-2018-11810 - https://github.com/sec-bit/awesome-buggy-erc20-tokens -CVE-2018-11811 - https://github.com/DSKPutra/Buggy-ERC20-Tokens -CVE-2018-11811 - https://github.com/SruthiPriya11/audit -CVE-2018-11811 - https://github.com/devmania1223/awesome-buggy-erc20-tokens -CVE-2018-11811 - https://github.com/mitnickdev/buggy-erc20-standard-token CVE-2018-11811 - https://github.com/sec-bit/awesome-buggy-erc20-tokens -CVE-2018-11812 - https://github.com/DSKPutra/Buggy-ERC20-Tokens -CVE-2018-11812 - https://github.com/SruthiPriya11/audit -CVE-2018-11812 - https://github.com/devmania1223/awesome-buggy-erc20-tokens -CVE-2018-11812 - https://github.com/mitnickdev/buggy-erc20-standard-token CVE-2018-11812 - https://github.com/sec-bit/awesome-buggy-erc20-tokens CVE-2018-11813 - https://github.com/ZhengMinghui1234/enfuzzer CVE-2018-11813 - https://github.com/sardChen/enfuzzer @@ -48646,8 +48617,6 @@ CVE-2018-17254 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-17254 - https://github.com/MataKucing-OFC/CVE-2018-17254 CVE-2018-17254 - https://github.com/Nickguitar/Joomla-JCK-Editor-6.4.4-SQL-Injection CVE-2018-17282 - https://github.com/Marsman1996/pocs -CVE-2018-17290 - https://github.com/jiguangsdf/jiguangsdf -CVE-2018-17291 - https://github.com/jiguangsdf/jiguangsdf CVE-2018-17300 - https://github.com/0xT11/CVE-POC CVE-2018-17301 - https://github.com/0xT11/CVE-POC CVE-2018-17302 - https://github.com/0xT11/CVE-POC @@ -48992,7 +48961,6 @@ CVE-2018-18559 - https://github.com/ARPSyndicate/cvemon CVE-2018-18570 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-18572 - https://github.com/RajatSethi2001/FUSE CVE-2018-18572 - https://github.com/WSP-LAB/FUSE -CVE-2018-18574 - https://github.com/RajatSethi2001/FUSE CVE-2018-18574 - https://github.com/WSP-LAB/FUSE CVE-2018-18581 - https://github.com/ZhengMinghui1234/enfuzzer CVE-2018-18581 - https://github.com/sardChen/enfuzzer @@ -49017,7 +48985,6 @@ CVE-2018-18619 - https://github.com/xsudoxx/OSCP CVE-2018-18628 - https://github.com/PAGalaxyLab/VulInfo CVE-2018-18628 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2018-18629 - https://github.com/mirchr/security-research -CVE-2018-18637 - https://github.com/RajatSethi2001/FUSE CVE-2018-18637 - https://github.com/WSP-LAB/FUSE CVE-2018-18649 - https://github.com/0xT11/CVE-POC CVE-2018-18649 - https://github.com/Snowming04/CVE-2018-18649 @@ -49198,7 +49165,6 @@ CVE-2018-19052 - https://github.com/iveresk/cve-2018-19052 CVE-2018-19057 - https://github.com/ARPSyndicate/cvemon CVE-2018-19057 - https://github.com/AnandChowdhary/gitwriter CVE-2018-19058 - https://github.com/Live-Hack-CVE/CVE-2018-19058 -CVE-2018-19062 - https://github.com/RajatSethi2001/FUSE CVE-2018-19062 - https://github.com/WSP-LAB/FUSE CVE-2018-19084 - https://github.com/DownWithUp/CVE-Stockpile CVE-2018-19085 - https://github.com/DownWithUp/CVE-Stockpile @@ -49241,7 +49207,6 @@ CVE-2018-19136 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-19137 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-19146 - https://github.com/RajatSethi2001/FUSE CVE-2018-19146 - https://github.com/WSP-LAB/FUSE -CVE-2018-19172 - https://github.com/RajatSethi2001/FUSE CVE-2018-19172 - https://github.com/WSP-LAB/FUSE CVE-2018-19184 - https://github.com/ZhengMinghui1234/enfuzzer CVE-2018-19184 - https://github.com/demining/Solidity-Forcibly-Send-Ether-Vulnerability @@ -49371,7 +49336,6 @@ CVE-2018-19409 - https://github.com/adminlove520/SEC-GPT CVE-2018-19409 - https://github.com/sechelper/awesome-chatgpt-prompts-cybersecurity CVE-2018-19410 - https://github.com/A1vinSmith/CVE-2018-9276 CVE-2018-19410 - https://github.com/himash/CVE-2018-19410-POC -CVE-2018-19419 - https://github.com/RajatSethi2001/FUSE CVE-2018-19419 - https://github.com/WSP-LAB/FUSE CVE-2018-19420 - https://github.com/RajatSethi2001/FUSE CVE-2018-19420 - https://github.com/WSP-LAB/FUSE @@ -50713,6 +50677,7 @@ CVE-2018-2893 - https://github.com/Weik1/Artillery CVE-2018-2893 - https://github.com/ZTK-009/RedTeamer CVE-2018-2893 - https://github.com/aiici/weblogicAllinone CVE-2018-2893 - https://github.com/angeloqmartin/Vulnerability-Assessment +CVE-2018-2893 - https://github.com/artofwar344/CVE-2018-2893 CVE-2018-2893 - https://github.com/awake1t/Awesome-hacking-tools CVE-2018-2893 - https://github.com/awsassets/weblogic_exploit CVE-2018-2893 - https://github.com/bigsizeme/CVE-2018-2893 @@ -57265,6 +57230,7 @@ CVE-2019-0708 - https://github.com/varjo/rdp CVE-2019-0708 - https://github.com/victor0013/CVE-2019-0708 CVE-2019-0708 - https://github.com/vincentfer/PENTESTING-BIBLE- CVE-2019-0708 - https://github.com/viszsec/CyberSecurity-Playground +CVE-2019-0708 - https://github.com/vs4vijay/exploits CVE-2019-0708 - https://github.com/vulsio/go-msfdb CVE-2019-0708 - https://github.com/wateroot/poc-exp CVE-2019-0708 - https://github.com/wdfcc/CVE-2019-0708 @@ -67661,7 +67627,6 @@ CVE-2019-16781 - https://github.com/El-Palomo/DerpNStink CVE-2019-16781 - https://github.com/El-Palomo/SYMFONOS CVE-2019-16781 - https://github.com/Live-Hack-CVE/CVE-2019-16781 CVE-2019-16781 - https://github.com/namhikelo/Symfonos1-Vulnhub-CEH -CVE-2019-16783 - https://github.com/Ckrielle/CVE-2019-16784-POC CVE-2019-16784 - https://github.com/0xT11/CVE-POC CVE-2019-16784 - https://github.com/AlterSolutions/PyInstallerPrivEsc CVE-2019-16784 - https://github.com/Ckrielle/CVE-2019-16784-POC @@ -67711,6 +67676,7 @@ CVE-2019-16884 - https://github.com/source-xu/docker-vuls CVE-2019-16884 - https://github.com/ssst0n3/docker_archive CVE-2019-16889 - https://github.com/0xT11/CVE-POC CVE-2019-16889 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2019-16889 - https://github.com/grampae/CVE-2019-16889-poc CVE-2019-16889 - https://github.com/grampae/meep CVE-2019-16889 - https://github.com/grampae/meep2 CVE-2019-16889 - https://github.com/hectorgie/PoC-in-GitHub @@ -67853,7 +67819,6 @@ CVE-2019-17003 - https://github.com/sreechws/Bou_Bounty_Writeups CVE-2019-17003 - https://github.com/webexplo1t/BugBounty CVE-2019-17003 - https://github.com/xbl3/Awesome-Bugbounty-Writeups_devanshbatham CVE-2019-17004 - https://github.com/Fa1c0n35/Awesome-Bugbounty-Writeups -CVE-2019-17004 - https://github.com/Prabirrimi/Awesome-Bugbounty-Writeups CVE-2019-17004 - https://github.com/Prodrious/writeups CVE-2019-17004 - https://github.com/R3dg0/writeups CVE-2019-17004 - https://github.com/Saidul-M-Khan/Awesome-Bugbounty-Writeups @@ -67866,8 +67831,6 @@ CVE-2019-17004 - https://github.com/bugrider/devanshbatham-repo CVE-2019-17004 - https://github.com/choudharyrajritu1/Bug_Bounty-POC CVE-2019-17004 - https://github.com/devanshbatham/Awesome-Bugbounty-Writeups CVE-2019-17004 - https://github.com/dipesh259/Writeups -CVE-2019-17004 - https://github.com/piyushimself/Bugbounty_Writeups -CVE-2019-17004 - https://github.com/webexplo1t/BugBounty CVE-2019-17004 - https://github.com/xbl3/Awesome-Bugbounty-Writeups_devanshbatham CVE-2019-17006 - https://github.com/ARPSyndicate/cvemon CVE-2019-17006 - https://github.com/project-zot/project-zot.github.io @@ -71507,6 +71470,7 @@ CVE-2019-5096 - https://github.com/ianxtianxt/CVE-2019-5096-GoAhead-Web-Server-D CVE-2019-5096 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2019-5112 - https://github.com/ARPSyndicate/cvemon CVE-2019-5112 - https://github.com/adityatrivedi2/Threat-Modeling-for-LMS +CVE-2019-5118 - https://github.com/kailing0220/CVE-2019-5418 CVE-2019-5126 - https://github.com/0xCyberY/CVE-T4PDF CVE-2019-5126 - https://github.com/ARPSyndicate/cvemon CVE-2019-5127 - https://github.com/ARPSyndicate/kenzer-templates @@ -73003,7 +72967,6 @@ CVE-2019-7393 - https://github.com/ARPSyndicate/cvemon CVE-2019-7394 - https://github.com/ARPSyndicate/cvemon CVE-2019-7400 - https://github.com/ARPSyndicate/cvemon CVE-2019-7400 - https://github.com/JavierOlmedo/JavierOlmedo -CVE-2019-7406 - https://github.com/Alonzozzz/alonzzzo CVE-2019-7438 - https://github.com/ARPSyndicate/cvemon CVE-2019-7439 - https://github.com/ARPSyndicate/cvemon CVE-2019-7442 - https://github.com/ARPSyndicate/cvemon @@ -76471,6 +76434,7 @@ CVE-2020-0796 - https://github.com/trganda/starrlist CVE-2020-0796 - https://github.com/tripledd/cve-2020-0796-vuln CVE-2020-0796 - https://github.com/txuswashere/OSCP CVE-2020-0796 - https://github.com/uhub/awesome-c +CVE-2020-0796 - https://github.com/vs4vijay/exploits CVE-2020-0796 - https://github.com/vsai94/ECE9069_SMBGhost_Exploit_CVE-2020-0796- CVE-2020-0796 - https://github.com/vysecurity/CVE-2020-0796 CVE-2020-0796 - https://github.com/w1ld3r/SMBGhost_Scanner @@ -81966,6 +81930,7 @@ CVE-2020-1472 - https://github.com/val0ur/CVE CVE-2020-1472 - https://github.com/vecnathewhisperd/ZeroLogin CVE-2020-1472 - https://github.com/victim10wq3/CVE-2020-1472 CVE-2020-1472 - https://github.com/voker2311/Infra-Security-101 +CVE-2020-1472 - https://github.com/vs4vijay/exploits CVE-2020-1472 - https://github.com/weeka10/-hktalent-TOP CVE-2020-1472 - https://github.com/whitfieldsdad/epss CVE-2020-1472 - https://github.com/whoami-chmod777/ZeroLogon-Testing-Script @@ -83718,6 +83683,7 @@ CVE-2020-16898 - https://github.com/soosmile/POC CVE-2020-16898 - https://github.com/todb-r7/dwflist CVE-2020-16898 - https://github.com/tzwlhack/Vulnerability CVE-2020-16898 - https://github.com/uhub/awesome-lua +CVE-2020-16898 - https://github.com/vs4vijay/exploits CVE-2020-16898 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2020-16898 - https://github.com/xuetusummer/Penetration_Testing_POC CVE-2020-16898 - https://github.com/ycdxsb/WindowsPrivilegeEscalation @@ -84043,6 +84009,7 @@ CVE-2020-17382 - https://github.com/readloud/Awesome-Stars CVE-2020-17382 - https://github.com/soosmile/POC CVE-2020-17382 - https://github.com/taielab/awesome-hacking-lists CVE-2020-17382 - https://github.com/uf0o/CVE-2020-17382 +CVE-2020-17382 - https://github.com/vs4vijay/exploits CVE-2020-17382 - https://github.com/xbl2022/awesome-hacking-lists CVE-2020-17382 - https://github.com/zeze-zeze/2023iThome CVE-2020-17405 - https://github.com/404notf0und/CVE-Flow @@ -112141,6 +112108,7 @@ CVE-2021-41304 - https://github.com/elpe-pinillo/JiraExploits CVE-2021-4131 - https://github.com/ARPSyndicate/cvemon CVE-2021-4131 - https://github.com/ChamalBandara/CVEs CVE-2021-4131 - https://github.com/khanhchauminh/khanhchauminh +CVE-2021-41320 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2021-41326 - https://github.com/ARPSyndicate/cvemon CVE-2021-41326 - https://github.com/Zigrin-Security/CakeFuzzer CVE-2021-41326 - https://github.com/dawid-czarnecki/public-vulnerabilities @@ -116398,6 +116366,7 @@ CVE-2021-44228 - https://github.com/vlkl-sap/log-injection-demo CVE-2021-44228 - https://github.com/voditelnloo/jmeterjustb4 CVE-2021-44228 - https://github.com/vorburger/Learning-Log4j2 CVE-2021-44228 - https://github.com/vorburger/Log4j_CVE-2021-44228 +CVE-2021-44228 - https://github.com/vs4vijay/exploits CVE-2021-44228 - https://github.com/vsdeng/java-gradle-demo-app CVE-2021-44228 - https://github.com/vsegdacocacola/Log4jExploitPayloadExtractor CVE-2021-44228 - https://github.com/vulcan-apptest2/log4shell-vulnerable-app @@ -123483,6 +123452,7 @@ CVE-2022-22947 - https://github.com/Arrnitage/CVE-2022-22947_exp CVE-2022-22947 - https://github.com/Awrrays/FrameVul CVE-2022-22947 - https://github.com/Axx8/CVE-2022-22947_Rce_Exp CVE-2022-22947 - https://github.com/B0rn2d/Spring-Cloud-Gateway-Nacos +CVE-2022-22947 - https://github.com/BBD-YZZ/GUI-TOOLS CVE-2022-22947 - https://github.com/BerMalBerIst/CVE-2022-22947 CVE-2022-22947 - https://github.com/CLincat/vulcat CVE-2022-22947 - https://github.com/CVEDB/PoC-List @@ -123838,6 +123808,7 @@ CVE-2022-22963 - https://github.com/ARPSyndicate/kenzer-templates CVE-2022-22963 - https://github.com/AabyssZG/SpringBoot-Scan CVE-2022-22963 - https://github.com/AayushmanThapaMagar/CVE-2022-22963 CVE-2022-22963 - https://github.com/Anogota/Inject +CVE-2022-22963 - https://github.com/BBD-YZZ/GUI-TOOLS CVE-2022-22963 - https://github.com/BearClaw96/CVE-2022-22963-Poc-Bearcules CVE-2022-22963 - https://github.com/CLincat/vulcat CVE-2022-22963 - https://github.com/CVEDB/PoC-List @@ -123990,6 +123961,7 @@ CVE-2022-22965 - https://github.com/ARPSyndicate/cvemon CVE-2022-22965 - https://github.com/ARPSyndicate/kenzer-templates CVE-2022-22965 - https://github.com/AabyssZG/SpringBoot-Scan CVE-2022-22965 - https://github.com/Axx8/SpringFramework_CVE-2022-22965_RCE +CVE-2022-22965 - https://github.com/BBD-YZZ/GUI-TOOLS CVE-2022-22965 - https://github.com/BC-SECURITY/Moriarty CVE-2022-22965 - https://github.com/BKLockly/CVE-2022-22965 CVE-2022-22965 - https://github.com/Bl0omZ/JAVAExploitStudy @@ -140757,6 +140729,7 @@ CVE-2023-1829 - https://github.com/EGI-Federation/SVG-advisories CVE-2023-1829 - https://github.com/N1ghtu/RWCTF6th-RIPTC CVE-2023-1829 - https://github.com/Threekiii/CVE CVE-2023-1829 - https://github.com/lanleft/CVE2023-1829 +CVE-2023-1829 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-1829 - https://github.com/star-sg/CVE CVE-2023-1829 - https://github.com/xairy/linux-kernel-exploitation CVE-2023-1841 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -143317,7 +143290,6 @@ CVE-2023-26137 - https://github.com/dellalibera/dellalibera CVE-2023-26138 - https://github.com/dellalibera/dellalibera CVE-2023-26142 - https://github.com/dellalibera/dellalibera CVE-2023-26144 - https://github.com/nomi-sec/PoC-in-GitHub -CVE-2023-26144 - https://github.com/tadhglewis/apollo-koa-minimal CVE-2023-26144 - https://github.com/tadhglewis/tadhglewis CVE-2023-26146 - https://github.com/dellalibera/dellalibera CVE-2023-26146 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -144738,7 +144710,6 @@ CVE-2023-29489 - https://github.com/thecybertix/One-Liner-Collections CVE-2023-29489 - https://github.com/tucommenceapousser/CVE-2023-29489 CVE-2023-29489 - https://github.com/tucommenceapousser/CVE-2023-29489.py CVE-2023-29489 - https://github.com/tucommenceapousser/Oneliner-Bugbounty2 -CVE-2023-29489 - https://github.com/tucommenceapousser/XSS_1312 CVE-2023-29489 - https://github.com/tucommenceapousser/XSS_1915 CVE-2023-29489 - https://github.com/whalebone7/EagleEye CVE-2023-29489 - https://github.com/xKore123/cPanel-CVE-2023-29489 @@ -147566,7 +147537,6 @@ CVE-2023-38146 - https://github.com/Threekiii/CVE CVE-2023-38146 - https://github.com/ZonghaoLi777/githubTrending CVE-2023-38146 - https://github.com/aneasystone/github-trending CVE-2023-38146 - https://github.com/ankitosh/temp -CVE-2023-38146 - https://github.com/exploits-forsale/themebleed CVE-2023-38146 - https://github.com/gabe-k/themebleed CVE-2023-38146 - https://github.com/johe123qwe/github-trending CVE-2023-38146 - https://github.com/nomi-sec/PoC-in-GitHub @@ -147935,7 +147905,6 @@ CVE-2023-38821 - https://github.com/TraiLeR2/CoD-MW-Warzone-2---CVE-2023-38821 CVE-2023-38821 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-38822 - https://github.com/TraiLeR2/Corsair---DLL-Planting-CVE-2023-38822 CVE-2023-38822 - https://github.com/nomi-sec/PoC-in-GitHub -CVE-2023-38825 - https://github.com/ntrampham/REDCap CVE-2023-38829 - https://github.com/Luwak-IoT-Security/CVEs CVE-2023-38829 - https://github.com/adhikara13/CVE-2023-38829-NETIS-WF2409E CVE-2023-38829 - https://github.com/nomi-sec/PoC-in-GitHub @@ -150274,6 +150243,7 @@ CVE-2023-45866 - https://github.com/pentestfunctions/BlueDucky CVE-2023-45866 - https://github.com/sampsonv/github-trending CVE-2023-45866 - https://github.com/shirin-ehtiram/hi_my_name_is_keyboard CVE-2023-45866 - https://github.com/tanjiti/sec_profile +CVE-2023-45866 - https://github.com/vs4vijay/exploits CVE-2023-45866 - https://github.com/zhaoxiaoha/github-trending CVE-2023-4587 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-45887 - https://github.com/MikeIsAStar/DS-Wireless-Communication-Remote-Code-Execution @@ -151844,6 +151814,7 @@ CVE-2023-50968 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-50969 - https://github.com/Ostorlab/KEV CVE-2023-50969 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-50974 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2023-50977 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-50982 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-5100 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-51000 - https://github.com/Team-Byerus/CVE-2023-51000 @@ -158354,6 +158325,7 @@ CVE-2024-0844 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-0846 - https://github.com/0x9567b/CVE-2024-0846 CVE-2024-0846 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-0849 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-0851 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-0853 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-0853 - https://github.com/paulgibert/gryft CVE-2024-0854 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -159411,6 +159383,7 @@ CVE-2024-21305 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-21305 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-21305 - https://github.com/tandasat/CVE-2024-21305 CVE-2024-21306 - https://github.com/NaInSec/CVE-LIST +CVE-2024-21306 - https://github.com/PhucHauDeveloper/BadBlue CVE-2024-21306 - https://github.com/PhucHauDeveloper/BadbBlue CVE-2024-21306 - https://github.com/d4rks1d33/C-PoC-for-CVE-2024-21306 CVE-2024-21306 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -159745,6 +159718,7 @@ CVE-2024-21683 - https://github.com/fireinrain/github-trending CVE-2024-21683 - https://github.com/jafshare/GithubTrending CVE-2024-21683 - https://github.com/johe123qwe/github-trending CVE-2024-21683 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2024-21683 - https://github.com/phucrio/CVE-2024-21683-RCE CVE-2024-21683 - https://github.com/r00t7oo2jm/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server CVE-2024-21683 - https://github.com/sampsonv/github-trending CVE-2024-21683 - https://github.com/tanjiti/sec_profile @@ -162046,7 +162020,6 @@ CVE-2024-26282 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-26283 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-26284 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-26287 - https://github.com/fkie-cad/nvd-json-data-feeds -CVE-2024-26289 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-2629 - https://github.com/NaInSec/CVE-LIST CVE-2024-2629 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-26294 - https://github.com/kaje11/CVEs @@ -162542,7 +162515,7 @@ CVE-2024-27297 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-27297 - https://github.com/mrdev023/nixos CVE-2024-27298 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-27306 - https://github.com/fkie-cad/nvd-json-data-feeds -CVE-2024-27314 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-27310 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-27316 - https://github.com/Ampferl/poc_http2-continuation-flood CVE-2024-27316 - https://github.com/DrewskyDev/H2Flood CVE-2024-27316 - https://github.com/Vos68/HTTP2-Continuation-Flood-PoC @@ -162734,6 +162707,7 @@ CVE-2024-2780 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-27804 - https://github.com/GhostTroops/TOP CVE-2024-27804 - https://github.com/R00tkitSMM/CVE-2024-27804 CVE-2024-27804 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2024-27842 - https://github.com/tanjiti/sec_profile CVE-2024-27900 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-27902 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-27905 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -163537,6 +163511,7 @@ CVE-2024-29399 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-2940 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-29401 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-2941 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-29415 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-29417 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-29419 - https://github.com/NaInSec/CVE-LIST CVE-2024-29419 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -163587,6 +163562,7 @@ CVE-2024-29499 - https://github.com/NaInSec/CVE-LIST CVE-2024-2950 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-2951 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-29513 - https://github.com/dru1d-foofus/briscKernelDriver +CVE-2024-2961 - https://github.com/ambionics/cnext-exploits CVE-2024-2961 - https://github.com/mattaperkins/FIX-CVE-2024-2961 CVE-2024-2961 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-2961 - https://github.com/rvizx/CVE-2024-2961 @@ -163749,7 +163725,9 @@ CVE-2024-3003 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3004 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-30040 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-30050 - https://github.com/angelov-1080/CVE_Checker +CVE-2024-30056 - https://github.com/absholi7ly/Microsoft-Edge-Information-Disclosure CVE-2024-30056 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-30056 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-3006 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3007 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3008 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -163901,9 +163879,7 @@ CVE-2024-30621 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-30645 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-30656 - https://github.com/Yashodhanvivek/Firebolt-wristphone-vulnerability CVE-2024-30656 - https://github.com/nomi-sec/PoC-in-GitHub -CVE-2024-30657 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-30657 - https://github.com/yashpatelphd/CVE-2024-30657 -CVE-2024-30658 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-30658 - https://github.com/yashpatelphd/CVE-2024-30658 CVE-2024-30659 - https://github.com/yashpatelphd/CVE-2024-30659 CVE-2024-30661 - https://github.com/yashpatelphd/CVE-2024-30661 @@ -164460,6 +164436,7 @@ CVE-2024-32018 - https://github.com/hnsecurity/vulns CVE-2024-3203 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3204 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-32049 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-3205 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3208 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3209 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3210 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -164947,6 +164924,7 @@ CVE-2024-34472 - https://github.com/osvaldotenorio/CVE-2024-34472 CVE-2024-34474 - https://github.com/Alaatk/CVE-2024-34474 CVE-2024-34474 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-34474 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2024-34477 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3448 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-34483 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-34484 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -164993,7 +164971,9 @@ CVE-2024-3488 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-34897 - https://github.com/murataydemir/CVE-2024-23897 CVE-2024-34905 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-34914 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-34923 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3495 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2024-3495 - https://github.com/tanjiti/sec_profile CVE-2024-3495 - https://github.com/truonghuuphuc/CVE-2024-3495-Poc CVE-2024-34950 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-34954 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -165018,6 +164998,8 @@ CVE-2024-3516 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-35176 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-35176 - https://github.com/lifeparticle/Ruby-Cheatsheet CVE-2024-35179 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-35181 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-35182 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-35185 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-35187 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-35190 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -165027,6 +165009,7 @@ CVE-2024-3521 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3522 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3523 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-35231 - https://github.com/Sim4n6/Sim4n6 +CVE-2024-35238 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3524 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3525 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3526 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -165061,6 +165044,8 @@ CVE-2024-35511 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-35517 - https://github.com/AnixPasBesoin/AnixPasBesoin CVE-2024-35518 - https://github.com/AnixPasBesoin/AnixPasBesoin CVE-2024-35519 - https://github.com/AnixPasBesoin/AnixPasBesoin +CVE-2024-3552 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2024-3552 - https://github.com/truonghuuphuc/CVE-2024-3552-Poc CVE-2024-35520 - https://github.com/AnixPasBesoin/AnixPasBesoin CVE-2024-35522 - https://github.com/AnixPasBesoin/AnixPasBesoin CVE-2024-35523 - https://github.com/AnixPasBesoin/AnixPasBesoin @@ -165096,6 +165081,8 @@ CVE-2024-35856 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-35857 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-35858 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-35859 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-36036 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-36037 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-36049 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-36053 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-36054 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -165108,6 +165095,7 @@ CVE-2024-36063 - https://github.com/actuator/cve CVE-2024-36064 - https://github.com/actuator/cve CVE-2024-36079 - https://github.com/DxRvs/vaultize_CVE-2024-36079 CVE-2024-36079 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2024-36105 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3614 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3616 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3617 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -165214,9 +165202,7 @@ CVE-2024-3897 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3914 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3931 - https://github.com/cisagov/vulnrichment CVE-2024-3931 - https://github.com/storbeck/vulnrichment-cli -CVE-2024-3933 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3936 - https://github.com/fkie-cad/nvd-json-data-feeds -CVE-2024-3939 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3942 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3951 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3957 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -165333,6 +165319,7 @@ CVE-2024-4357 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4363 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4367 - https://github.com/LOURC0D3/CVE-2024-4367-PoC CVE-2024-4367 - https://github.com/Threekiii/Awesome-POC +CVE-2024-4367 - https://github.com/avalahEE/pdfjs_disable_eval CVE-2024-4367 - https://github.com/google/fishy-pdf CVE-2024-4367 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-4367 - https://github.com/s4vvysec/CVE-2024-4367-POC @@ -165380,13 +165367,6 @@ CVE-2024-4525 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4526 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4527 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4528 - https://github.com/fkie-cad/nvd-json-data-feeds -CVE-2024-4529 - https://github.com/fkie-cad/nvd-json-data-feeds -CVE-2024-4530 - https://github.com/fkie-cad/nvd-json-data-feeds -CVE-2024-4531 - https://github.com/fkie-cad/nvd-json-data-feeds -CVE-2024-4532 - https://github.com/fkie-cad/nvd-json-data-feeds -CVE-2024-4533 - https://github.com/fkie-cad/nvd-json-data-feeds -CVE-2024-4534 - https://github.com/fkie-cad/nvd-json-data-feeds -CVE-2024-4535 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4536 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4537 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4538 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -165505,6 +165485,7 @@ CVE-2024-4932 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4933 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4945 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4956 - https://github.com/Threekiii/Awesome-POC +CVE-2024-4956 - https://github.com/X1r0z/JettyFuzz CVE-2024-4956 - https://github.com/banditzCyber0x/CVE-2024-4956 CVE-2024-4956 - https://github.com/codeb0ss/CVE-2024-4956-PoC CVE-2024-4956 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -165512,6 +165493,7 @@ CVE-2024-4956 - https://github.com/gmh5225/CVE-2024-4956 CVE-2024-4956 - https://github.com/ifconfig-me/CVE-2024-4956-Bulk-Scanner CVE-2024-4956 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-4956 - https://github.com/tanjiti/sec_profile +CVE-2024-4956 - https://github.com/thinhap/CVE-2024-4956-PoC CVE-2024-4956 - https://github.com/wjlin0/poc-doc CVE-2024-4956 - https://github.com/wy876/POC CVE-2024-4956 - https://github.com/wy876/wiki @@ -165548,6 +165530,7 @@ CVE-2024-5218 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5220 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5229 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5273 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-5274 - https://github.com/kip93/kip93 CVE-2024-5359 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5360 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5361 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -165560,8 +165543,6 @@ CVE-2024-5384 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5385 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5390 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5391 - https://github.com/fkie-cad/nvd-json-data-feeds -CVE-2024-5400 - https://github.com/fkie-cad/nvd-json-data-feeds -CVE-2024-5403 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-54321 - https://github.com/runwuf/clickhouse-test CVE-2024-5555 - https://github.com/JohnnyBradvo/CVE-2024-5555 CVE-2024-5555 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/references.txt b/references.txt index 6927493e30..688b163c3c 100644 --- a/references.txt +++ b/references.txt @@ -44331,6 +44331,7 @@ CVE-2017-17724 - https://github.com/Exiv2/exiv2/issues/263 CVE-2017-17724 - https://github.com/xiaoqx/pocs/blob/master/exiv2/readme.md CVE-2017-17725 - https://bugzilla.redhat.com/show_bug.cgi?id=1525055 CVE-2017-17725 - https://github.com/Exiv2/exiv2/issues/188 +CVE-2017-17727 - https://www.seebug.org/vuldb/ssvid-20050 CVE-2017-17733 - http://www.0day5.com/archives/4383/ CVE-2017-17737 - https://www.exploit-db.com/exploits/43364/ CVE-2017-17738 - https://www.exploit-db.com/exploits/43364/ @@ -44410,6 +44411,7 @@ CVE-2017-17873 - https://www.exploit-db.com/exploits/43316/ CVE-2017-17874 - https://www.exploit-db.com/exploits/43315/ CVE-2017-17875 - https://www.exploit-db.com/exploits/43393/ CVE-2017-17876 - https://www.exploit-db.com/exploits/43394/ +CVE-2017-17888 - https://www.seebug.org/vuldb/ssvid-96555 CVE-2017-1789 - https://exchange.xforce.ibmcloud.com/vulnerabilities/137034 CVE-2017-17891 - https://github.com/d4wner/Vulnerabilities-Report/blob/master/Readymade-Video-Sharing-Script.md CVE-2017-17892 - https://github.com/d4wner/Vulnerabilities-Report/blob/master/Readymade-Video-Sharing-Script.md @@ -69933,6 +69935,7 @@ CVE-2020-7794 - https://snyk.io/vuln/SNYK-JS-BUNS-1050389 CVE-2020-7795 - https://security.snyk.io/vuln/SNYK-JS-GETNPMPACKAGEVERSION-1050390 CVE-2020-7799 - http://packetstormsecurity.com/files/156102/FusionAuth-1.10-Remote-Command-Execution.html CVE-2020-7799 - https://lab.mediaservice.net/advisory/2020-03-fusionauth.txt +CVE-2020-7915 - https://sku11army.blogspot.com/2020/01/eaton-authenticated-stored-cross-site.html CVE-2020-7919 - https://www.oracle.com/security-alerts/cpuApr2021.html CVE-2020-7920 - https://jira.percona.com/browse/PMM-5232 CVE-2020-7920 - https://jira.percona.com/browse/PMM-5233 @@ -70380,6 +70383,7 @@ CVE-2020-9058 - https://github.com/CNK2100/VFuzz-public CVE-2020-9059 - https://github.com/CNK2100/VFuzz-public CVE-2020-9060 - https://github.com/CNK2100/VFuzz-public CVE-2020-9061 - https://github.com/CNK2100/VFuzz-public +CVE-2020-9206 - https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210203-01-resourcemanagement-en CVE-2020-9264 - https://blog.zoller.lu/p/tzo-11-2020-eset-generic-malformed.html CVE-2020-9265 - https://github.com/J3rryBl4nks/PHPMyChatPlus/blob/master/SQLi.md CVE-2020-9266 - https://github.com/J3rryBl4nks/SOPlanning/blob/master/AdminPasswordChangeCSRF.md @@ -71590,6 +71594,7 @@ CVE-2021-22696 - https://www.oracle.com/security-alerts/cpuapr2022.html CVE-2021-22696 - https://www.oracle.com/security-alerts/cpuoct2021.html CVE-2021-2270 - https://www.oracle.com/security-alerts/cpuapr2021.html CVE-2021-2271 - https://www.oracle.com/security-alerts/cpuapr2021.html +CVE-2021-22716 - https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-103-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2021-103-01_C-Bus_Toolkit_C-Gate_Server_Security_Notification.pdf CVE-2021-2272 - https://www.oracle.com/security-alerts/cpuapr2021.html CVE-2021-2273 - https://www.oracle.com/security-alerts/cpuapr2021.html CVE-2021-2274 - https://www.oracle.com/security-alerts/cpuapr2021.html @@ -94713,6 +94718,7 @@ CVE-2024-2391 - https://www.exploit-db.com/exploits/51153 CVE-2024-2394 - https://github.com/LiAoRJ/CVE_Hunter/blob/main/RCE-1.md CVE-2024-23940 - https://medium.com/@s1kr10s/av-when-a-friend-becomes-an-enemy-55f41aba42b1 CVE-2024-23985 - https://packetstormsecurity.com/files/176663/EzServer-6.4.017-Denial-Of-Service.html +CVE-2024-23995 - https://github.com/EQSTLab/PoC/blob/main/2024/RCE/CVE-2024-23995/README.md CVE-2024-24001 - https://github.com/jishenghua/jshERP/issues/99 CVE-2024-24002 - https://github.com/jishenghua/jshERP/issues/99 CVE-2024-24003 - https://github.com/jishenghua/jshERP/issues/99 @@ -96201,6 +96207,7 @@ CVE-2024-3918 - https://wpscan.com/vulnerability/2074d0f5-4165-4130-9391-37cb21e CVE-2024-3920 - https://wpscan.com/vulnerability/2fb28c77-3c35-4a2f-91ed-823d0d011048/ CVE-2024-3928 - https://github.com/ggfzx/OCP-Security-Misconfiguration/tree/main CVE-2024-3932 - https://vuldb.com/?submit.314381 +CVE-2024-3939 - https://wpscan.com/vulnerability/80a9eb3a-2cb1-4844-9004-ba2554b2d46c/ CVE-2024-3940 - https://wpscan.com/vulnerability/bb0245e5-8e94-4f11-9003-d6208945056c/ CVE-2024-3941 - https://wpscan.com/vulnerability/6e09e922-983c-4406-8053-747d839995d1/ CVE-2024-3948 - https://github.com/xuanluansec/vul/issues/5 @@ -96278,6 +96285,13 @@ CVE-2024-4495 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/i/ CVE-2024-4497 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/i/i21/formexeCommand.md CVE-2024-4512 - https://github.com/yylmm/CVE/blob/main/Prison%20Management%20System/xss.md CVE-2024-4528 - https://github.com/yylmm/CVE/blob/main/Prison%20Management%20System/xss2.md +CVE-2024-4529 - https://wpscan.com/vulnerability/082ff0b8-2ecd-4292-832d-0a79e1ba8cb3/ +CVE-2024-4530 - https://wpscan.com/vulnerability/952f6b5c-7728-4c87-8826-6b493f51a979/ +CVE-2024-4531 - https://wpscan.com/vulnerability/18c1b3bb-9998-416f-a972-c4a51643579c/ +CVE-2024-4532 - https://wpscan.com/vulnerability/64cf5f95-bbf0-4c5f-867b-62f1b7f6a42e/ +CVE-2024-4533 - https://wpscan.com/vulnerability/c3406236-aaee-480a-8931-79c867252f11/ +CVE-2024-4534 - https://wpscan.com/vulnerability/7b0046d4-cf95-4307-95a5-9b823f2daaaa/ +CVE-2024-4535 - https://wpscan.com/vulnerability/d4980886-da10-4bbc-a84a-fe071ab3b755/ CVE-2024-4536 - https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/198 CVE-2024-4542 - https://research.cleantalk.org/cve-2024-3548/ CVE-2024-4542 - https://wpscan.com/vulnerability/9eef8b29-2c62-4daa-ae90-467ff9be18d8/ @@ -96353,6 +96367,6 @@ CVE-2024-5135 - https://github.com/BurakSevben/CVEs/blob/main/Directory%20Manage CVE-2024-5136 - https://github.com/BurakSevben/CVEs/blob/main/Directory%20Management%20System/Directory%20Management%20System%20-%20Cross-Site-Scripting%20-%201.md CVE-2024-5137 - https://github.com/BurakSevben/CVEs/blob/main/Directory%20Management%20System/Directory%20Management%20System%20-%20Cross-Site-Scripting%20-%202.md CVE-2024-5145 - https://github.com/CveSecLook/cve/issues/38 -CVE-2024-5145 - https://github.com/CveSecLook/cve/issues/38CVE-2005-1275 - http://www.imagemagick.org/script/changelog.php +CVE-2024-5145 - https://github.com/CveSecLook/cve/issues/38CVE-2005-1275 CVE-2024-5145 - https://github.com/CveSecLook/cve/issues/38CVE-2020-7009 CVE-2024-5362 - https://github.com/CveSecLook/cve/issues/41