Update CVE sources 2024-08-13 18:35

2013/CVE-2013-0422.md

@@ -27,6 +27,7 @@ Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attacker
 - https://github.com/Ostorlab/KEV
 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
 - https://github.com/SaitoLab/supercookie
+- https://github.com/binkeys/k8tools
 - https://github.com/filip0308/cookie
 - https://github.com/fkie-cad/nvd-json-data-feeds
 - https://github.com/gabrielbauman/evercookie-applet

2015/CVE-2015-1701.md

@@ -46,6 +46,7 @@ Win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Vist
 - https://github.com/TamilHackz/windows-exploitation
 - https://github.com/YSheldon/New
 - https://github.com/ambynotcoder/C-libraries
+- https://github.com/binkeys/k8tools
 - https://github.com/blackend/Diario-RedTem
 - https://github.com/cyberanand1337x/bug-bounty-2022
 - https://github.com/fei9747/WindowsElevation

2016/CVE-2016-8735.md

@@ -30,6 +30,7 @@ Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7
 - https://github.com/ZTK-009/RedTeamer
 - https://github.com/bibortone/Jexboss
 - https://github.com/c002/Java-Application-Exploits
+- https://github.com/ecomtech-oss/pisc
 - https://github.com/fengjixuchui/RedTeamer
 - https://github.com/gyanaa/https-github.com-joaomatosf-jexboss
 - https://github.com/ilmari666/cybsec

2017/CVE-2017-0914.md

@@ -13,5 +13,5 @@ Gitlab Community and Enterprise Editions version 10.1, 10.2, and 10.2.4 are vuln
 - https://hackerone.com/reports/298176
 
 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/EdOverflow/security-template
 

2018/CVE-2018-1123.md

@@ -16,5 +16,6 @@ procps-ng before version 3.3.15 is vulnerable to a denial of service in ps via m
 
 #### Github
 - https://github.com/aravinddathd/CVE-2018-1123
+- https://github.com/ecomtech-oss/pisc
 - https://github.com/samokat-oss/pisc
 

2018/CVE-2018-2628.md

@@ -68,6 +68,7 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar
 - https://github.com/awake1t/Awesome-hacking-tools
 - https://github.com/awsassets/weblogic_exploit
 - https://github.com/bakery312/Vulhub-Reproduce
+- https://github.com/binkeys/k8tools
 - https://github.com/cross2to/betaseclab_tools
 - https://github.com/cscadoge/weblogic-cve-2018-2628
 - https://github.com/cyberanand1337x/bug-bounty-2022

2020/CVE-2020-1337.md

@@ -47,6 +47,7 @@ An elevation of privilege vulnerability exists when the Windows Print Spooler se
 - http://packetstormsecurity.com/files/160993/Microsoft-Spooler-Local-Privilege-Elevation.html
 
 #### Github
+- https://github.com/0xMarcio/cve
 - https://github.com/0xT11/CVE-POC
 - https://github.com/ARPSyndicate/cvemon
 - https://github.com/Al1ex/WindowsElevation

2021/CVE-2021-44228.md

@@ -770,6 +770,7 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12
 - https://github.com/e-hakson/OSCP
 - https://github.com/eclipse-archived/kuksa.integration
 - https://github.com/eclipse-scout/scout.rt
+- https://github.com/ecomtech-oss/pisc
 - https://github.com/edsonjt81/log4-scanner
 - https://github.com/edsonjt81/log4j-scan
 - https://github.com/edsonjt81/nse-log4shell

2021/CVE-2021-45046.md

@@ -137,6 +137,7 @@ It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was i
 - https://github.com/docker-solr/docker-solr
 - https://github.com/doris0213/assignments
 - https://github.com/dtact/divd-2021-00038--log4j-scanner
+- https://github.com/ecomtech-oss/pisc
 - https://github.com/edsonjt81/log4-scanner
 - https://github.com/edsonjt81/log4j-scan
 - https://github.com/edsonjt81/nse-log4shell

2023/CVE-2023-1209.md

@@ -0,0 +1,17 @@
+### [CVE-2023-1209](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1209)
+![](https://img.shields.io/static/v1?label=Product&message=ServiceNow%20Records&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=0%3C%20Tokyo%20Patch%205%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+Cross-Site Scripting (XSS) vulnerabilities exist in ServiceNow records allowing an authenticated attacker to inject arbitrary scripts.
+
+### POC
+
+#### Reference
+- https://www.linkedin.com/in/osamay/
+
+#### Github
+No PoCs found on GitHub currently.
+

2023/CVE-2023-1298.md

@@ -10,7 +10,7 @@ ServiceNow has released upgrades and patches that address a Reflected Cross-Site
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://www.linkedin.com/in/osamay/
 
 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds

2023/CVE-2023-1713.md

@@ -16,4 +16,5 @@ Insecure temporary file creation in bitrix/modules/crm/lib/order/import/instagra
 - https://github.com/ForceFledgling/CVE-2023-1713
 - https://github.com/k1rurk/check_bitrix
 - https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/tanjiti/sec_profile
 

2023/CVE-2023-38969.md

@@ -10,6 +10,7 @@ Cross Site Scripting vulnerabiltiy in Badaso v.2.9.7 allows a remote attacker to
 ### POC
 
 #### Reference
+- https://github.com/anh91/uasoft-indonesia--badaso/blob/main/XSS2.md
 - https://panda002.hashnode.dev/badaso-version-297-has-an-xss-vulnerability-in-add-books
 
 #### Github

2023/CVE-2023-3897.md

@@ -14,4 +14,5 @@ Username enumeration is possible through Bypassing CAPTCHA in On-premise SureMDM
 
 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/nomi-sec/PoC-in-GitHub
 

2023/CVE-2023-46280.md

@@ -1,54 +1,11 @@
 ### [CVE-2023-46280](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46280)
-![](https://img.shields.io/static/v1?label=Product&message=S7-PCT&color=blue)
-![](https://img.shields.io/static/v1?label=Product&message=SIMATIC%20Automation%20Tool&color=blue)
-![](https://img.shields.io/static/v1?label=Product&message=SIMATIC%20BATCH%20V9.1&color=blue)
-![](https://img.shields.io/static/v1?label=Product&message=SIMATIC%20NET%20PC%20Software%20V16&color=blue)
-![](https://img.shields.io/static/v1?label=Product&message=SIMATIC%20NET%20PC%20Software%20V17&color=blue)
-![](https://img.shields.io/static/v1?label=Product&message=SIMATIC%20NET%20PC%20Software%20V18&color=blue)
-![](https://img.shields.io/static/v1?label=Product&message=SIMATIC%20PCS%207%20V9.1&color=blue)
-![](https://img.shields.io/static/v1?label=Product&message=SIMATIC%20PDM%20V9.2&color=blue)
-![](https://img.shields.io/static/v1?label=Product&message=SIMATIC%20Route%20Control%20V9.1&color=blue)
-![](https://img.shields.io/static/v1?label=Product&message=SIMATIC%20STEP%207%20V5&color=blue)
-![](https://img.shields.io/static/v1?label=Product&message=SIMATIC%20WinCC%20OA%20V3.17&color=blue)
-![](https://img.shields.io/static/v1?label=Product&message=SIMATIC%20WinCC%20OA%20V3.18&color=blue)
-![](https://img.shields.io/static/v1?label=Product&message=SIMATIC%20WinCC%20OA%20V3.19&color=blue)
-![](https://img.shields.io/static/v1?label=Product&message=SIMATIC%20WinCC%20Runtime%20Advanced&color=blue)
-![](https://img.shields.io/static/v1?label=Product&message=SIMATIC%20WinCC%20Runtime%20Professional%20V16&color=blue)
-![](https://img.shields.io/static/v1?label=Product&message=SIMATIC%20WinCC%20Runtime%20Professional%20V17&color=blue)
-![](https://img.shields.io/static/v1?label=Product&message=SIMATIC%20WinCC%20Runtime%20Professional%20V18&color=blue)
-![](https://img.shields.io/static/v1?label=Product&message=SIMATIC%20WinCC%20Runtime%20Professional%20V19&color=blue)
-![](https://img.shields.io/static/v1?label=Product&message=SIMATIC%20WinCC%20Unified%20PC%20Runtime&color=blue)
-![](https://img.shields.io/static/v1?label=Product&message=SIMATIC%20WinCC%20V7.4&color=blue)
-![](https://img.shields.io/static/v1?label=Product&message=SIMATIC%20WinCC%20V7.5&color=blue)
-![](https://img.shields.io/static/v1?label=Product&message=SIMATIC%20WinCC%20V8.0&color=blue)
-![](https://img.shields.io/static/v1?label=Product&message=SINAMICS%20Startdrive&color=blue)
-![](https://img.shields.io/static/v1?label=Product&message=SINUMERIK%20ONE%20virtual&color=blue)
-![](https://img.shields.io/static/v1?label=Product&message=SINUMERIK%20PLC%20Programming%20Tool&color=blue)
-![](https://img.shields.io/static/v1?label=Product&message=Security%20Configuration%20Tool%20(SCT)&color=blue)
-![](https://img.shields.io/static/v1?label=Product&message=TIA%20Portal%20Cloud%20Connector&color=blue)
-![](https://img.shields.io/static/v1?label=Product&message=Totally%20Integrated%20Automation%20Portal%20(TIA%20Portal)%20V15.1&color=blue)
-![](https://img.shields.io/static/v1?label=Product&message=Totally%20Integrated%20Automation%20Portal%20(TIA%20Portal)%20V16&color=blue)
-![](https://img.shields.io/static/v1?label=Product&message=Totally%20Integrated%20Automation%20Portal%20(TIA%20Portal)%20V17&color=blue)
-![](https://img.shields.io/static/v1?label=Product&message=Totally%20Integrated%20Automation%20Portal%20(TIA%20Portal)%20V18&color=blue)
-![](https://img.shields.io/static/v1?label=Product&message=Totally%20Integrated%20Automation%20Portal%20(TIA%20Portal)%20V19&color=blue)
-![](https://img.shields.io/static/v1?label=Version&message=%3D%20All%20versions%20&color=brighgreen)
-![](https://img.shields.io/static/v1?label=Version&message=0%3C%20*%20&color=brighgreen)
-![](https://img.shields.io/static/v1?label=Version&message=0%3C%20V16%20Update%206%20&color=brighgreen)
-![](https://img.shields.io/static/v1?label=Version&message=0%3C%20V18%20SP1%20&color=brighgreen)
-![](https://img.shields.io/static/v1?label=Version&message=0%3C%20V18%20Update%204%20&color=brighgreen)
-![](https://img.shields.io/static/v1?label=Version&message=0%3C%20V19%20SP1%20&color=brighgreen)
-![](https://img.shields.io/static/v1?label=Version&message=0%3C%20V19%20Update%202%20&color=brighgreen)
-![](https://img.shields.io/static/v1?label=Version&message=0%3C%20V2.0%20&color=brighgreen)
-![](https://img.shields.io/static/v1?label=Version&message=0%3C%20V3.18%20P025%20&color=brighgreen)
-![](https://img.shields.io/static/v1?label=Version&message=0%3C%20V3.19%20P010%20&color=brighgreen)
-![](https://img.shields.io/static/v1?label=Version&message=0%3C%20V6.23%20&color=brighgreen)
-![](https://img.shields.io/static/v1?label=Version&message=0%3C%20V7.5%20SP2%20Update%2017%20&color=brighgreen)
-![](https://img.shields.io/static/v1?label=Version&message=0%3C%20V8.0%20Update%205%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Product&message=SINEC%20NMS&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=0%3C%20V3.0%20&color=brighgreen)
 ![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-125%3A%20Out-of-bounds%20Read&color=brighgreen)
 
 ### Description
 
-A vulnerability has been identified in S7-PCT (All versions), Security Configuration Tool (SCT) (All versions), SIMATIC Automation Tool (All versions), SIMATIC BATCH V9.1 (All versions), SIMATIC NET PC Software V16 (All versions), SIMATIC NET PC Software V17 (All versions), SIMATIC NET PC Software V18 (All versions < V18 SP1), SIMATIC PCS 7 V9.1 (All versions), SIMATIC PDM V9.2 (All versions), SIMATIC Route Control V9.1 (All versions), SIMATIC STEP 7 V5 (All versions), SIMATIC WinCC OA V3.17 (All versions), SIMATIC WinCC OA V3.18 (All versions < V3.18 P025), SIMATIC WinCC OA V3.19 (All versions < V3.19 P010), SIMATIC WinCC Runtime Advanced (All versions), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 6), SIMATIC WinCC Runtime Professional V17 (All versions), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC Unified PC Runtime (All versions), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 17), SIMATIC WinCC V8.0 (All versions < V8.0 Update 5), SINAMICS Startdrive (All versions < V19 SP1), SINUMERIK ONE virtual (All versions < V6.23), SINUMERIK PLC Programming Tool (All versions), TIA Portal Cloud Connector (All versions < V2.0), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 4), Totally Integrated Automation Portal (TIA Portal) V19 (All versions < V19 Update 2). The affected applications contain an out of bounds read vulnerability. This could allow an attacker to cause a Blue Screen of Death (BSOD) crash of the underlying Windows kernel.
+A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected applications contain an out of bounds read vulnerability. This could allow an attacker to cause a Blue Screen of Death (BSOD) crash of the underlying Windows kernel.
 
 ### POC
 

2023/CVE-2023-48171.md

@@ -0,0 +1,17 @@
+### [CVE-2023-48171](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48171)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+An issue in OWASP DefectDojo before v.1.5.3.1 allows a remote attacker to escalate privileges via the user permissions component.
+
+### POC
+
+#### Reference
+- https://gccybermonks.com/posts/defectdojo/
+
+#### Github
+No PoCs found on GitHub currently.
+

2023/CVE-2023-4911.md

@@ -51,6 +51,7 @@ A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so whi
 - https://github.com/b4k3d/POC_CVE4911
 - https://github.com/beruangsalju/LocalPrivilegeEscalation
 - https://github.com/chaudharyarjun/LooneyPwner
+- https://github.com/ecomtech-oss/pisc
 - https://github.com/feereel/wb_soc
 - https://github.com/fiksn/security-nix
 - https://github.com/flex0geek/cves-exploits

2024/CVE-2024-21550.md

@@ -0,0 +1,17 @@
+### [CVE-2024-21550](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21550)
+![](https://img.shields.io/static/v1?label=Product&message=SteVe&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=0%3C%203.5.1%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=Stored%20Cross-site%20Scripting&color=brighgreen)
+
+### Description
+
+SteVe is an open platform that implements different version of the OCPP protocol for Electric Vehicle charge points, acting as a central server for management of registered charge points. Attackers can inject arbitrary HTML and Javascript code via WebSockets leading to persistent Cross-Site Scripting in the SteVe management interface.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+

2024/CVE-2024-21626.md

@@ -32,6 +32,7 @@ runc is a CLI tool for spawning and running containers on Linux according to the
 - https://github.com/bfengj/Cloud-Security
 - https://github.com/cdxiaodong/CVE-2024-21626
 - https://github.com/dorser/cve-2024-21626
+- https://github.com/ecomtech-oss/pisc
 - https://github.com/fireinrain/github-trending
 - https://github.com/fkie-cad/nvd-json-data-feeds
 - https://github.com/jafshare/GithubTrending

2024/CVE-2024-2177.md

@@ -0,0 +1,17 @@
+### [CVE-2024-2177](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2177)
+![](https://img.shields.io/static/v1?label=Product&message=GitLab&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=16.3%3C%2016.11.5%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-1021%3A%20Improper%20Restriction%20of%20Rendered%20UI%20Layers%20or%20Frames&color=brighgreen)
+
+### Description
+
+A Cross Window Forgery vulnerability exists within GitLab CE/EE affecting all versions from 16.3 prior to 16.11.5, 17.0 prior to 17.0.3, and 17.1 prior to 17.1.1. This condition allows for an attacker to abuse the OAuth authentication flow via a crafted payload.
+
+### POC
+
+#### Reference
+- https://gitlab.com/gitlab-org/gitlab/-/issues/444467
+
+#### Github
+No PoCs found on GitHub currently.
+

2024/CVE-2024-2259.md

@@ -0,0 +1,17 @@
+### [CVE-2024-2259](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2259)
+![](https://img.shields.io/static/v1?label=Product&message=InstaRISPACS&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%203.0.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20(XSS%20or%20'Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+This vulnerability exists in InstaRISPACS software due to insufficient validation of user supplied input for the loginTo parameter in user login module of the web interface of the application. A remote attacker could exploit this vulnerability by sending a specially crafted input to the vulnerable parameter to perform reflected Cross Site Scripting (XSS) attacks on the targeted system.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+

2024/CVE-2024-23709.md

@@ -13,5 +13,5 @@ In multiple locations, there is a possible out of bounds write due to a heap buf
 - https://android.googlesource.com/platform/external/sonivox/+/3f798575d2d39cd190797427d13471d6e7ceae4c
 
 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/nomi-sec/PoC-in-GitHub
 

2024/CVE-2024-27442.md

@@ -0,0 +1,17 @@
+### [CVE-2024-27442](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27442)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. The zmmailboxdmgr binary, a component of ZCS, is intended to be executed by the zimbra user with root privileges for specific mailbox operations. However, an attacker can escalate privileges from the zimbra user to root, because of improper handling of input arguments. An attacker can execute arbitrary commands with elevated privileges, leading to local privilege escalation.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+

2024/CVE-2024-27443.md

@@ -0,0 +1,18 @@
+### [CVE-2024-27443](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27443)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. A Cross-Site Scripting (XSS) vulnerability exists in the CalendarInvite feature of the Zimbra webmail classic user interface, because of improper input validation in the handling of the calendar header. An attacker can exploit this via an email message containing a crafted calendar header with an embedded XSS payload. When a victim views this message in the Zimbra webmail classic interface, the payload is executed in the context of the victim's session, potentially leading to execution of arbitrary JavaScript code.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/nhiephon/Research
+

2024/CVE-2024-3094.md

@@ -84,6 +84,7 @@ Malicious code was discovered in the upstream tarballs of xz, starting with vers
 - https://github.com/dparksports/detect_intrusion
 - https://github.com/drdry2/CVE-2024-3094-EXPLOIT
 - https://github.com/duytruongpham/duytruongpham
+- https://github.com/ecomtech-oss/pisc
 - https://github.com/emirkmo/xz-backdoor-github
 - https://github.com/enomothem/PenTestNote
 - https://github.com/felipecosta09/cve-2024-3094