Update CVE sources 2024-06-10 07:22

2003/CVE-2003-0172.md

@@ -14,5 +14,6 @@ No PoCs from references.
 
 #### Github
 - https://github.com/ARPSyndicate/cvemon
+- https://github.com/CVEDB/awesome-cve-repo
 - https://github.com/cyberdesu/Remote-Buffer-overflow-CVE-2003-0172
 

2003/CVE-2003-0201.md

@@ -19,6 +19,7 @@ No PoCs from references.
 - https://github.com/Badbug6/EQGRP
 - https://github.com/CKmaenn/EQGRP
 - https://github.com/CVEDB/PoC-List
+- https://github.com/CVEDB/awesome-cve-repo
 - https://github.com/CybernetiX-S3C/EQGRP_Linux
 - https://github.com/Drift-Security/Shadow_Brokers-Vs-NSA
 - https://github.com/IHA114/EQGRP

2003/CVE-2003-0222.md

@@ -15,5 +15,6 @@ No PoCs from references.
 #### Github
 - https://github.com/ARPSyndicate/cvemon
 - https://github.com/CVEDB/PoC-List
+- https://github.com/CVEDB/awesome-cve-repo
 - https://github.com/phamthanhsang280477/CVE-2003-0222
 

2003/CVE-2003-0264.md

@@ -17,6 +17,7 @@ Multiple buffer overflows in SLMail 5.1.0.4420 allows remote attackers to execut
 - https://github.com/0x4D5352/rekall-penetration-test
 - https://github.com/ARPSyndicate/cvemon
 - https://github.com/CVEDB/PoC-List
+- https://github.com/CVEDB/awesome-cve-repo
 - https://github.com/SxNade/CVE-2003-0264_EXPLOIT
 - https://github.com/adenkiewicz/CVE-2003-0264
 - https://github.com/cytopia/fuzza

2003/CVE-2003-0282.md

@@ -15,6 +15,7 @@ No PoCs from references.
 #### Github
 - https://github.com/ARPSyndicate/cvemon
 - https://github.com/CVEDB/PoC-List
+- https://github.com/CVEDB/awesome-cve-repo
 - https://github.com/ronomon/zip
 - https://github.com/runtimed/cve-2003-0282
 - https://github.com/runtimem/cve-2003-0282

2003/CVE-2003-0358.md

@@ -17,6 +17,7 @@ No PoCs from references.
 - https://github.com/7etsuo/snowcra5h
 - https://github.com/ARPSyndicate/cvemon
 - https://github.com/CVEDB/PoC-List
+- https://github.com/CVEDB/awesome-cve-repo
 - https://github.com/fengjixuchui/CVE-2003-0358
 - https://github.com/gmh5225/CVE-2003-0358
 - https://github.com/snowcra5h/CVE-2003-0358

2009/CVE-2009-0347.md

@@ -13,5 +13,6 @@ Open redirect vulnerability in cs.html in the Autonomy (formerly Verity) Ultrase
 No PoCs from references.
 
 #### Github
+- https://github.com/CVEDB/awesome-cve-repo
 - https://github.com/Cappricio-Securities/CVE-2009-0347
 

2012/CVE-2012-1823.md

@@ -60,4 +60,5 @@ No PoCs from references.
 - https://github.com/theGreenJedi/Hacker-Guides
 - https://github.com/theykillmeslowly/CVE-2012-1823
 - https://github.com/zhibx/fscan-Intranet
+- https://github.com/zomasec/CVE-2024-4577
 

2013/CVE-2013-3900.md

@@ -26,6 +26,7 @@ No PoCs from references.
 - https://github.com/SaimSA/Vulnerability-Management-with-Nessus
 - https://github.com/Securenetology/CVE-2013-3900
 - https://github.com/The-Education-and-Skills-Partnership/WinVerifyTrust-Signature-Mitigation
+- https://github.com/ellikt1/STIG-and-SCAP-Compliance-for-Windows-10-11-VMs
 - https://github.com/ellikt1/Vulnerability-Assessment
 - https://github.com/florylsk/SignatureGate
 - https://github.com/hiba-ahmad1/NessusVulnManagement

2014/CVE-2014-3566.md

@@ -118,6 +118,7 @@ The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses
 - https://github.com/pashicop/3.9_1
 - https://github.com/puppetlabs/puppetlabs-compliance_profile
 - https://github.com/r0metheus/poodle-attack
+- https://github.com/r0metheus/poodle-attack-poc
 - https://github.com/r3p3r/1N3-MassBleed
 - https://github.com/rameezts/poodle_check
 - https://github.com/rvaralda/aws_poodle_fix

2015/CVE-2015-5254.md

@@ -48,6 +48,7 @@ Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that can be seri
 - https://github.com/lnick2023/nicenice
 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet
 - https://github.com/openx-org/BLEN
+- https://github.com/orlayneta/JenkinsTests
 - https://github.com/orlayneta/activemq
 - https://github.com/password520/RedTeamer
 - https://github.com/qazbnm456/awesome-cve-poc

2015/CVE-2015-7501.md

@@ -75,6 +75,7 @@ Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG)
 - https://github.com/gredler/aegis4j
 - https://github.com/hellochunqiu/PayloadsAllTheThings
 - https://github.com/hktalent/TOP
+- https://github.com/hungslab/awd-tools
 - https://github.com/ianxtianxt/CVE-2015-7501
 - https://github.com/just0rg/Security-Interview
 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet

2016/CVE-2016-10033.md

@@ -69,6 +69,7 @@ The mailSend function in the isMail transport in PHPMailer before 5.2.18 might a
 - https://github.com/MIrfanShahid/PHPMailer
 - https://github.com/MarcioPeters/PHP
 - https://github.com/MartinDala/Envio-Simples-de-Email-com-PHPMailer-
+- https://github.com/Mona-Mishra/User-Registration-System
 - https://github.com/Mugdho55/Air_Ticket_Management_System
 - https://github.com/NCSU-DANCE-Research-Group/CDL
 - https://github.com/NikhilReddyPuli/thenikhilreddy.github.io

2016/CVE-2016-10045.md

@@ -41,6 +41,7 @@ The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to
 - https://github.com/MIrfanShahid/PHPMailer
 - https://github.com/MarcioPeters/PHP
 - https://github.com/MartinDala/Envio-Simples-de-Email-com-PHPMailer-
+- https://github.com/Mona-Mishra/User-Registration-System
 - https://github.com/Mugdho55/Air_Ticket_Management_System
 - https://github.com/NikhilReddyPuli/thenikhilreddy.github.io
 - https://github.com/PatelMisha/Online-Flight-Booking-Management-System

2016/CVE-2016-1247.md

@@ -29,6 +29,7 @@ The nginx package before 1.6.2-5+deb8u3 on Debian jessie, the nginx packages bef
 - https://github.com/SexyBeast233/SecBooks
 - https://github.com/TCM-Course-Resources/Linux-Privilege-Escalation-Resources
 - https://github.com/ZeusBanda/Linux_Priv-Esc_Cheatsheet
+- https://github.com/hungslab/awd-tools
 - https://github.com/lukeber4/usn-search
 - https://github.com/notnue/Linux-Privilege-Escalation
 - https://github.com/superfish9/pt

2016/CVE-2016-5118.md

@@ -16,5 +16,6 @@ The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick
 - http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
 
 #### Github
+- https://github.com/SudoIndividual/CVE-2023-34152
 - https://github.com/superfish9/pt
 

2016/CVE-2016-5195.md

@@ -249,6 +249,7 @@ Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allo
 - https://github.com/hj-hsu/avar2019_frida
 - https://github.com/hktalent/TOP
 - https://github.com/hktalent/bug-bounty
+- https://github.com/hungslab/awd-tools
 - https://github.com/hxlxmjxbbxs/TheDirtyPipeExploit
 - https://github.com/hyln9/VIKIROOT
 - https://github.com/iakat/stars

2016/CVE-2016-8655.md

@@ -43,6 +43,7 @@ Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allo
 - https://github.com/externalist/exploit_playground
 - https://github.com/fei9747/linux-exploit-suggester
 - https://github.com/go-bi/go-bi-soft
+- https://github.com/hungslab/awd-tools
 - https://github.com/jondonas/linux-exploit-suggester-2
 - https://github.com/kdn111/linux-kernel-exploitation
 - https://github.com/khanhdn111/linux-kernel-exploitation

2017/CVE-2017-1000367.md

@@ -51,6 +51,7 @@ Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validati
 - https://github.com/h4x0r-dz/local-root-exploit-
 - https://github.com/hktalent/bug-bounty
 - https://github.com/homjxi0e/CVE-2017-1000367
+- https://github.com/hungslab/awd-tools
 - https://github.com/kumardineshwar/linux-kernel-exploits
 - https://github.com/lnick2023/nicenice
 - https://github.com/m0mkris/linux-kernel-exploits

2017/CVE-2017-12149.md

@@ -83,6 +83,7 @@ In Jboss Application Server as shipped with Red Hat Enterprise Application Platf
 - https://github.com/hktalent/myhktools
 - https://github.com/huike007/penetration_poc
 - https://github.com/huike007/poc
+- https://github.com/hungslab/awd-tools
 - https://github.com/ianxtianxt/CVE-2015-7501
 - https://github.com/ilmila/J2EEScan
 - https://github.com/iqrok/myhktools

2017/CVE-2017-16995.md

@@ -79,6 +79,7 @@ The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4
 - https://github.com/gugronnier/CVE-2017-16995
 - https://github.com/hktalent/bug-bounty
 - https://github.com/holmes-py/King-of-the-hill
+- https://github.com/hungslab/awd-tools
 - https://github.com/integeruser/on-pwning
 - https://github.com/ivilpez/cve-2017-16995.c
 - https://github.com/jackbarbaria/THMskynet

2017/CVE-2017-5223.md

@@ -29,6 +29,7 @@ An issue was discovered in PHPMailer before 5.2.22. PHPMailer's msgHTML method a
 - https://github.com/MIrfanShahid/PHPMailer
 - https://github.com/MarcioPeters/PHP
 - https://github.com/MartinDala/Envio-Simples-de-Email-com-PHPMailer-
+- https://github.com/Mona-Mishra/User-Registration-System
 - https://github.com/Mugdho55/Air_Ticket_Management_System
 - https://github.com/NikhilReddyPuli/thenikhilreddy.github.io
 - https://github.com/PatelMisha/Online-Flight-Booking-Management-System

2017/CVE-2017-6074.md

@@ -61,6 +61,7 @@ The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel thro
 - https://github.com/ferovap/Tools
 - https://github.com/h4x0r-dz/local-root-exploit-
 - https://github.com/hktalent/bug-bounty
+- https://github.com/hungslab/awd-tools
 - https://github.com/imhunterand/hackerone-publicy-disclosed
 - https://github.com/jiayy/android_vuln_poc-exp
 - https://github.com/kaosagnt/ansible-everyday

2017/CVE-2017-7440.md

@@ -0,0 +1,17 @@
+### [CVE-2017-7440](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7440)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Kerio Connect 8.0.0 through 9.2.2, and Kerio Connect Client desktop application for Windows and Mac 9.2.0 through 9.2.2, when e-mail preview is enabled, allows remote attackers to conduct clickjacking attacks via a crafted e-mail message.
+
+### POC
+
+#### Reference
+- https://www.gfi.com/support/products/Clickjacking-vulnerability-in-Kerio-Connect-8-and-9-CVE-2017-7440
+
+#### Github
+No PoCs found on GitHub currently.
+

2017/CVE-2017-7504.md

@@ -48,6 +48,7 @@ No PoCs from references.
 - https://github.com/fengjixuchui/RedTeamer
 - https://github.com/fupinglee/JavaTools
 - https://github.com/gallopsec/JBossScan
+- https://github.com/hungslab/awd-tools
 - https://github.com/ianxtianxt/CVE-2015-7501
 - https://github.com/joaomatosf/JavaDeserH2HC
 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet

2017/CVE-2017-7921.md

@@ -54,6 +54,7 @@ No PoCs from references.
 - https://github.com/lions2012/Penetration_Testing_POC
 - https://github.com/p4tq/hikvision_CVE-2017-7921_auth_bypass_config_decryptor
 - https://github.com/rmic/hikexpl
+- https://github.com/securitycipher/daily-bugbounty-writeups
 - https://github.com/sponkmonk/Ladon_english_update
 - https://github.com/wafinfo/DecryptTools
 - https://github.com/xuetusummer/Penetration_Testing_POC

2019/CVE-2019-11358.md

@@ -397,6 +397,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan
 - https://github.com/Bargain18/7172-Portfolio
 - https://github.com/Bargain18/Power-Play
 - https://github.com/Bargain18/Test
+- https://github.com/BaronClaps/20077_Centerstage_Pedro
 - https://github.com/BaronClaps/PedroBot
 - https://github.com/BaronClaps/TomorrowTeamCode
 - https://github.com/Bartimus03/RoboticsCode
@@ -1058,6 +1059,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan
 - https://github.com/FlapJack20221/fuzzy-tribble
 - https://github.com/Floofyer/FtcRobotController
 - https://github.com/FlourishAndBots/PowerPlayReal
+- https://github.com/FluensLuna/Vision
 - https://github.com/ForceCEITI/SDK-FTC
 - https://github.com/FreehandBlock51/FTCRobot2023
 - https://github.com/FreehandBlock51/XDriveChallenge
@@ -1480,6 +1482,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan
 - https://github.com/LumenChristiRobotics/Techno-Titans-2023
 - https://github.com/Lunerwalker2/FreightFrenzy1002
 - https://github.com/Lunerwalker2/SwerveDriveTesting
+- https://github.com/LuyangC/shooter
 - https://github.com/Lydia356/Sensors
 - https://github.com/LynixPlayz/FtcRobotController
 - https://github.com/Lynx-Robotics/LynxRobotics2020-2021
@@ -1610,6 +1613,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan
 - https://github.com/Multiplyster/WOAHBots-2023-2024
 - https://github.com/Murray-Bridge-Bunyips/BunyipsFTC
 - https://github.com/MushiTea/21438_CenterStage_REPO
+- https://github.com/MushiTea/OLD_21438_CenterStage_Repo
 - https://github.com/Mythical84/Amongusasj-dfji-eajiauoipvoupvwpvtwhuvrhugvvty
 - https://github.com/Mythical84/Roboit
 - https://github.com/N-3-Robotics/FTC_POWER_PLAY
@@ -1897,6 +1901,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan
 - https://github.com/RepublicOfDanube/RODRobotController
 - https://github.com/ReverendRhyme/FTCTutorial
 - https://github.com/ReversM/ATAA-Robotics
+- https://github.com/RhinyG/BezierSTTPSR
 - https://github.com/RickyWang101/FTC10615_CenterstageRC
 - https://github.com/RikelmeMartins/FTC-PowePlay
 - https://github.com/RikelmeMartins/FTC-PowerPlay
@@ -2380,6 +2385,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan
 - https://github.com/Vision1nil/SolversFTC-2022-23-code
 - https://github.com/VivenPuthenpurayil/2020UltimateGoal
 - https://github.com/VivenPuthenpurayil/UltimateGoalStates
+- https://github.com/Viverino1/DevelopmentCode
 - https://github.com/Viverino1/TestFork
 - https://github.com/Vlad20405/Cod_Robotica_2021-22
 - https://github.com/VladimirKaznacheiev/2020-FTC-UltimateGoal-6.0
@@ -3365,6 +3371,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan
 - https://github.com/kronbot/powerplayv2
 - https://github.com/krusche-sensetence/jquery-2.2.4-patched
 - https://github.com/kuek64/20077_Centerstage_Pedro
+- https://github.com/kuek64/20077_Centerstage_Pedro_Bot
 - https://github.com/kuek64/TheTomorrowTeam
 - https://github.com/kuek64/TomorrowTeamMeep
 - https://github.com/kunhantsai/FtcRobotController
@@ -3563,6 +3570,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan
 - https://github.com/pgdev1729/FTC-Robot-Controller-Centerstage
 - https://github.com/pheitman/FreightFrenzy
 - https://github.com/pheitman/FreightFrenzy1
+- https://github.com/phm-tuyenn/fgcvn-bootcamp-team4
 - https://github.com/pingryrobotics/FTC-2021-Offseason
 - https://github.com/pingryrobotics/FTC-6069-2021
 - https://github.com/pingryrobotics/FTC-6069-2021-2022
@@ -3599,6 +3607,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan
 - https://github.com/ramalhow/ftc-ultimategoal
 - https://github.com/raresNagy/Bobitza
 - https://github.com/raresNagy/mecanum
+- https://github.com/raspiduino/Bootcamp2024
 - https://github.com/ray710mond/2022-2023_Regis_FTC_code
 - https://github.com/rayannm/5467FTCCENTERSTAGE
 - https://github.com/raymar8361/Autonomous
@@ -3847,6 +3856,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan
 - https://github.com/tacotuesrobotics/2021-freight-frenzy
 - https://github.com/taigabots/UltimateGoal
 - https://github.com/tardis5356/Centerstage
+- https://github.com/tardis5356/Centerstage-Offseason
 - https://github.com/tardis5356/FreightFrenzy
 - https://github.com/tardis5356/PowerPlay
 - https://github.com/tcrfrobotics/FTC_RobotController_TCRF_Titan

2019/CVE-2019-1322.md

@@ -51,6 +51,7 @@ An elevation of privilege vulnerability exists when Windows improperly handles a
 - https://github.com/hktalent/TOP
 - https://github.com/huike007/penetration_poc
 - https://github.com/huike007/poc
+- https://github.com/hungslab/awd-tools
 - https://github.com/jbmihoub/all-poc
 - https://github.com/k0imet/CVE-POCs
 - https://github.com/lions2012/Penetration_Testing_POC

2019/CVE-2019-1405.md

@@ -57,6 +57,7 @@ An elevation of privilege vulnerability exists when the Windows Universal Plug a
 - https://github.com/hlldz/dazzleUP
 - https://github.com/huike007/penetration_poc
 - https://github.com/huike007/poc
+- https://github.com/hungslab/awd-tools
 - https://github.com/jbmihoub/all-poc
 - https://github.com/k0imet/CVE-POCs
 - https://github.com/lawrenceamer/0xsp-Mongoose

2020/CVE-2020-1350.md

@@ -24,6 +24,7 @@ A remote code execution vulnerability exists in Windows Domain Name System serve
 - https://github.com/ARPSyndicate/cvemon
 - https://github.com/Ascotbe/Kernelhub
 - https://github.com/CVEDB/PoC-List
+- https://github.com/CVEDB/awesome-cve-repo
 - https://github.com/CVEmaster/CVE-2020-1350
 - https://github.com/CnHack3r/Penetration_PoC
 - https://github.com/Cruxer8Mech/Idk

2020/CVE-2020-2551.md

@@ -109,6 +109,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware
 - https://github.com/hktalent/bug-bounty
 - https://github.com/huike007/penetration_poc
 - https://github.com/huike007/poc
+- https://github.com/hungslab/awd-tools
 - https://github.com/jared1981/More-Pentest-Tools
 - https://github.com/jas502n/CVE-2020-2551
 - https://github.com/jbmihoub/all-poc

2020/CVE-2020-2555.md

@@ -116,6 +116,7 @@ Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (compo
 - https://github.com/hktalent/bug-bounty
 - https://github.com/huike007/penetration_poc
 - https://github.com/huike007/poc
+- https://github.com/hungslab/awd-tools
 - https://github.com/iceberg-N/WL_Scan_GO
 - https://github.com/jbmihoub/all-poc
 - https://github.com/kenyon-wong/JNDIExploit

2020/CVE-2020-25705.md

@@ -18,4 +18,5 @@ No PoCs from references.
 - https://github.com/nanopathi/linux-4.19.72_CVE-2020-25705
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/tdwyer/CVE-2020-25705
+- https://github.com/tnishiox/kernelcare-playground
 

2020/CVE-2020-2883.md

@@ -83,6 +83,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware
 - https://github.com/hktalent/bug-bounty
 - https://github.com/huike007/penetration_poc
 - https://github.com/huike007/poc
+- https://github.com/hungslab/awd-tools
 - https://github.com/iceberg-N/WL_Scan_GO
 - https://github.com/jbmihoub/all-poc
 - https://github.com/kenyon-wong/JNDIExploit

2020/CVE-2020-6801.md

@@ -0,0 +1,17 @@
+### [CVE-2020-6801](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6801)
+![](https://img.shields.io/static/v1?label=Product&message=Firefox&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3C%2073%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=Memory%20safety%20bugs%20fixed%20in%20Firefox%2073&color=brighgreen)
+
+### Description
+
+Mozilla developers reported memory safety bugs present in Firefox 72. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 73.
+
+### POC
+
+#### Reference
+- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1601024%2C1601712%2C1604836%2C1606492
+
+#### Github
+No PoCs found on GitHub currently.
+

2020/CVE-2020-6825.md

@@ -0,0 +1,21 @@
+### [CVE-2020-6825](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6825)
+![](https://img.shields.io/static/v1?label=Product&message=Firefox%20ESR&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Firefox&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Thunderbird&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3C%2068.7%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=%3C%2068.7.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=%3C%2075%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=Memory%20safety%20bugs%20fixed%20in%20Firefox%2075%20and%20Firefox%20ESR%2068.7&color=brighgreen)
+
+### Description
+
+Mozilla developers and community members Tyson Smith and Christian Holler reported memory safety bugs present in Firefox 74 and Firefox ESR 68.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.7.0, Firefox ESR < 68.7, and Firefox < 75.
+
+### POC
+
+#### Reference
+- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1572541%2C1620193%2C1620203
+
+#### Github
+No PoCs found on GitHub currently.
+

2021/CVE-2021-20038.md

@@ -17,6 +17,7 @@ No PoCs from references.
 - https://github.com/ARPSyndicate/kenzer-templates
 - https://github.com/AdamCrosser/awesome-vuln-writeups
 - https://github.com/CVEDB/PoC-List
+- https://github.com/CVEDB/awesome-cve-repo
 - https://github.com/ExploitPwner/CVE-2021-20038-Mass-RCE-SonicWall
 - https://github.com/NaInSec/CVE-PoC-in-GitHub
 - https://github.com/Ostorlab/KEV