From d9f6f5801b0d53c0ab1f613e250dc5a8a9a8f46f Mon Sep 17 00:00:00 2001 From: 0xMarcio Date: Mon, 10 Jun 2024 07:22:43 +0000 Subject: [PATCH] Update CVE sources 2024-06-10 07:22 --- 2003/CVE-2003-0172.md | 1 + 2003/CVE-2003-0201.md | 1 + 2003/CVE-2003-0222.md | 1 + 2003/CVE-2003-0264.md | 1 + 2003/CVE-2003-0282.md | 1 + 2003/CVE-2003-0358.md | 1 + 2009/CVE-2009-0347.md | 1 + 2012/CVE-2012-1823.md | 1 + 2013/CVE-2013-3900.md | 1 + 2014/CVE-2014-3566.md | 1 + 2015/CVE-2015-5254.md | 1 + 2015/CVE-2015-7501.md | 1 + 2016/CVE-2016-10033.md | 1 + 2016/CVE-2016-10045.md | 1 + 2016/CVE-2016-1247.md | 1 + 2016/CVE-2016-5118.md | 1 + 2016/CVE-2016-5195.md | 1 + 2016/CVE-2016-8655.md | 1 + 2017/CVE-2017-1000367.md | 1 + 2017/CVE-2017-12149.md | 1 + 2017/CVE-2017-16995.md | 1 + 2017/CVE-2017-5223.md | 1 + 2017/CVE-2017-6074.md | 1 + 2017/CVE-2017-7440.md | 17 +++ 2017/CVE-2017-7504.md | 1 + 2017/CVE-2017-7921.md | 1 + 2019/CVE-2019-11358.md | 10 ++ 2019/CVE-2019-1322.md | 1 + 2019/CVE-2019-1405.md | 1 + 2020/CVE-2020-1350.md | 1 + 2020/CVE-2020-2551.md | 1 + 2020/CVE-2020-2555.md | 1 + 2020/CVE-2020-25705.md | 1 + 2020/CVE-2020-2883.md | 1 + 2020/CVE-2020-6801.md | 17 +++ 2020/CVE-2020-6825.md | 21 ++++ 2021/CVE-2021-20038.md | 1 + 2021/CVE-2021-26084.md | 1 + 2021/CVE-2021-29082.md | 17 +++ 2021/CVE-2021-37617.md | 17 +++ 2021/CVE-2021-4034.md | 1 + 2022/CVE-2022-0847.md | 2 + 2022/CVE-2022-1015.md | 1 + 2022/CVE-2022-1016.md | 1 + 2022/CVE-2022-24521.md | 1 + 2022/CVE-2022-2602.md | 1 + 2022/CVE-2022-26134.md | 1 + 2022/CVE-2022-3470.md | 1 + 2022/CVE-2022-34918.md | 1 + 2022/CVE-2022-3497.md | 17 +++ 2022/CVE-2022-3582.md | 1 + 2022/CVE-2022-3670.md | 1 + 2022/CVE-2022-39227.md | 1 + 2022/CVE-2022-3944.md | 1 + 2023/CVE-2023-0179.md | 1 + 2023/CVE-2023-0386.md | 1 + 2023/CVE-2023-1326.md | 1 + 2023/CVE-2023-1829.md | 1 + 2023/CVE-2023-20048.md | 1 + 2023/CVE-2023-20073.md | 1 + 2023/CVE-2023-20117.md | 17 +++ 2023/CVE-2023-20118.md | 2 +- 2023/CVE-2023-20128.md | 17 +++ 2023/CVE-2023-21768.md | 1 + 2023/CVE-2023-22515.md | 2 + 2023/CVE-2023-22527.md | 1 + 2023/CVE-2023-22726.md | 1 + 2023/CVE-2023-23638.md | 1 + 2023/CVE-2023-23752.md | 2 + 2023/CVE-2023-24203.md | 1 + 2023/CVE-2023-24204.md | 1 + 2023/CVE-2023-25355.md | 1 + 2023/CVE-2023-25356.md | 2 +- 2023/CVE-2023-26144.md | 1 + 2023/CVE-2023-26359.md | 1 + 2023/CVE-2023-26360.md | 1 + 2023/CVE-2023-26361.md | 17 +++ 2023/CVE-2023-2640.md | 1 + 2023/CVE-2023-26604.md | 1 + 2023/CVE-2023-27524.md | 2 + 2023/CVE-2023-29017.md | 2 + 2023/CVE-2023-29199.md | 1 + 2023/CVE-2023-29489.md | 3 + 2023/CVE-2023-30253.md | 3 + 2023/CVE-2023-30547.md | 1 + 2023/CVE-2023-32313.md | 2 +- 2023/CVE-2023-32314.md | 1 + 2023/CVE-2023-32629.md | 1 + 2023/CVE-2023-32749.md | 1 + 2023/CVE-2023-33013.md | 17 +++ 2023/CVE-2023-33246.md | 1 + 2023/CVE-2023-33733.md | 1 + 2023/CVE-2023-33829.md | 1 + 2023/CVE-2023-34152.md | 1 + 2023/CVE-2023-34644.md | 1 + 2023/CVE-2023-34992.md | 1 + 2023/CVE-2023-35359.md | 1 + 2023/CVE-2023-36085.md | 1 + 2023/CVE-2023-3618.md | 1 + 2023/CVE-2023-36845.md | 1 + 2023/CVE-2023-38031.md | 17 +++ 2023/CVE-2023-38032.md | 17 +++ 2023/CVE-2023-38033.md | 17 +++ 2023/CVE-2023-38146.md | 1 + 2023/CVE-2023-38609.md | 1 + 2023/CVE-2023-38646.md | 1 + 2023/CVE-2023-38825.md | 17 +++ 2023/CVE-2023-38831.md | 1 + 2023/CVE-2023-39236.md | 17 +++ 2023/CVE-2023-39237.md | 17 +++ 2023/CVE-2023-40000.md | 1 + 2023/CVE-2023-40618.md | 17 +++ 2023/CVE-2023-40931.md | 1 + 2023/CVE-2023-40933.md | 1 + 2023/CVE-2023-4197.md | 1 + 2023/CVE-2023-42793.md | 2 + 2023/CVE-2023-43622.md | 1 + 2023/CVE-2023-45229.md | 1 + 2023/CVE-2023-45230.md | 1 + 2023/CVE-2023-45232.md | 1 + 2023/CVE-2023-45234.md | 1 + 2023/CVE-2023-45236.md | 17 +++ 2023/CVE-2023-45237.md | 17 +++ 2023/CVE-2023-45471.md | 1 + 2023/CVE-2023-45539.md | 17 +++ 2023/CVE-2023-45866.md | 3 + 2023/CVE-2023-46012.md | 2 +- 2023/CVE-2023-46442.md | 1 + 2023/CVE-2023-46604.md | 1 + 2023/CVE-2023-46694.md | 2 +- 2023/CVE-2023-46805.md | 1 + 2023/CVE-2023-4813.md | 1 + 2023/CVE-2023-4863.md | 1 + 2023/CVE-2023-48795.md | 1 + 2023/CVE-2023-49070.md | 1 + 2023/CVE-2023-49606.md | 1 + 2023/CVE-2023-50685.md | 2 +- 2023/CVE-2023-51467.md | 1 + 2023/CVE-2023-6241.md | 1 + 2023/CVE-2023-6300.md | 17 +++ 2023/CVE-2023-6611.md | 17 +++ 2024/CVE-2024-0230.md | 1 + 2024/CVE-2024-20404.md | 22 ++++ 2024/CVE-2024-20405.md | 22 ++++ 2024/CVE-2024-21748.md | 17 +++ 2024/CVE-2024-22151.md | 17 +++ 2024/CVE-2024-24919.md | 3 + 2024/CVE-2024-25092.md | 18 ++++ 2024/CVE-2024-25600.md | 1 + 2024/CVE-2024-27956.md | 1 + 2024/CVE-2024-28288.md | 2 +- 2024/CVE-2024-29269.md | 1 + 2024/CVE-2024-29415.md | 1 + 2024/CVE-2024-31621.md | 2 +- 2024/CVE-2024-31819.md | 1 + 2024/CVE-2024-32002.md | 2 + 2024/CVE-2024-32714.md | 17 +++ 2024/CVE-2024-32715.md | 17 +++ 2024/CVE-2024-32725.md | 17 +++ 2024/CVE-2024-35657.md | 17 +++ 2024/CVE-2024-35659.md | 17 +++ 2024/CVE-2024-35675.md | 17 +++ 2024/CVE-2024-35676.md | 17 +++ 2024/CVE-2024-35678.md | 17 +++ 2024/CVE-2024-3661.md | 1 + 2024/CVE-2024-4358.md | 1 + 2024/CVE-2024-4680.md | 17 +++ 2024/CVE-2024-4956.md | 1 + 2024/CVE-2024-5774.md | 17 +++ 2024/CVE-2024-5775.md | 17 +++ github.txt | 221 +++++++++++++++++++++++++++++++++++++++ references.txt | 16 +++ 172 files changed, 1054 insertions(+), 8 deletions(-) create mode 100644 2017/CVE-2017-7440.md create mode 100644 2020/CVE-2020-6801.md create mode 100644 2020/CVE-2020-6825.md create mode 100644 2021/CVE-2021-29082.md create mode 100644 2021/CVE-2021-37617.md create mode 100644 2022/CVE-2022-3497.md create mode 100644 2023/CVE-2023-20117.md create mode 100644 2023/CVE-2023-20128.md create mode 100644 2023/CVE-2023-26361.md create mode 100644 2023/CVE-2023-33013.md create mode 100644 2023/CVE-2023-38031.md create mode 100644 2023/CVE-2023-38032.md create mode 100644 2023/CVE-2023-38033.md create mode 100644 2023/CVE-2023-38825.md create mode 100644 2023/CVE-2023-39236.md create mode 100644 2023/CVE-2023-39237.md create mode 100644 2023/CVE-2023-40618.md create mode 100644 2023/CVE-2023-45236.md create mode 100644 2023/CVE-2023-45237.md create mode 100644 2023/CVE-2023-45539.md create mode 100644 2023/CVE-2023-6300.md create mode 100644 2023/CVE-2023-6611.md create mode 100644 2024/CVE-2024-20404.md create mode 100644 2024/CVE-2024-20405.md create mode 100644 2024/CVE-2024-21748.md create mode 100644 2024/CVE-2024-22151.md create mode 100644 2024/CVE-2024-25092.md create mode 100644 2024/CVE-2024-32714.md create mode 100644 2024/CVE-2024-32715.md create mode 100644 2024/CVE-2024-32725.md create mode 100644 2024/CVE-2024-35657.md create mode 100644 2024/CVE-2024-35659.md create mode 100644 2024/CVE-2024-35675.md create mode 100644 2024/CVE-2024-35676.md create mode 100644 2024/CVE-2024-35678.md create mode 100644 2024/CVE-2024-4680.md create mode 100644 2024/CVE-2024-5774.md create mode 100644 2024/CVE-2024-5775.md diff --git a/2003/CVE-2003-0172.md b/2003/CVE-2003-0172.md index 92ba3e228b..7ee195a12e 100644 --- a/2003/CVE-2003-0172.md +++ b/2003/CVE-2003-0172.md @@ -14,5 +14,6 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/CVEDB/awesome-cve-repo - https://github.com/cyberdesu/Remote-Buffer-overflow-CVE-2003-0172 diff --git a/2003/CVE-2003-0201.md b/2003/CVE-2003-0201.md index 2805cc85c4..c7c773c59b 100644 --- a/2003/CVE-2003-0201.md +++ b/2003/CVE-2003-0201.md @@ -19,6 +19,7 @@ No PoCs from references. - https://github.com/Badbug6/EQGRP - https://github.com/CKmaenn/EQGRP - https://github.com/CVEDB/PoC-List +- https://github.com/CVEDB/awesome-cve-repo - https://github.com/CybernetiX-S3C/EQGRP_Linux - https://github.com/Drift-Security/Shadow_Brokers-Vs-NSA - https://github.com/IHA114/EQGRP diff --git a/2003/CVE-2003-0222.md b/2003/CVE-2003-0222.md index ce8820291e..74a43d5060 100644 --- a/2003/CVE-2003-0222.md +++ b/2003/CVE-2003-0222.md @@ -15,5 +15,6 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/CVEDB/PoC-List +- https://github.com/CVEDB/awesome-cve-repo - https://github.com/phamthanhsang280477/CVE-2003-0222 diff --git a/2003/CVE-2003-0264.md b/2003/CVE-2003-0264.md index 118adb29dd..9cbe172459 100644 --- a/2003/CVE-2003-0264.md +++ b/2003/CVE-2003-0264.md @@ -17,6 +17,7 @@ Multiple buffer overflows in SLMail 5.1.0.4420 allows remote attackers to execut - https://github.com/0x4D5352/rekall-penetration-test - https://github.com/ARPSyndicate/cvemon - https://github.com/CVEDB/PoC-List +- https://github.com/CVEDB/awesome-cve-repo - https://github.com/SxNade/CVE-2003-0264_EXPLOIT - https://github.com/adenkiewicz/CVE-2003-0264 - https://github.com/cytopia/fuzza diff --git a/2003/CVE-2003-0282.md b/2003/CVE-2003-0282.md index 5a3cfdc952..1852d1a7cc 100644 --- a/2003/CVE-2003-0282.md +++ b/2003/CVE-2003-0282.md @@ -15,6 +15,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/CVEDB/PoC-List +- https://github.com/CVEDB/awesome-cve-repo - https://github.com/ronomon/zip - https://github.com/runtimed/cve-2003-0282 - https://github.com/runtimem/cve-2003-0282 diff --git a/2003/CVE-2003-0358.md b/2003/CVE-2003-0358.md index ba3784a223..9686089cd9 100644 --- a/2003/CVE-2003-0358.md +++ b/2003/CVE-2003-0358.md @@ -17,6 +17,7 @@ No PoCs from references. - https://github.com/7etsuo/snowcra5h - https://github.com/ARPSyndicate/cvemon - https://github.com/CVEDB/PoC-List +- https://github.com/CVEDB/awesome-cve-repo - https://github.com/fengjixuchui/CVE-2003-0358 - https://github.com/gmh5225/CVE-2003-0358 - https://github.com/snowcra5h/CVE-2003-0358 diff --git a/2009/CVE-2009-0347.md b/2009/CVE-2009-0347.md index 6fad44eebd..1b9e5b70b1 100644 --- a/2009/CVE-2009-0347.md +++ b/2009/CVE-2009-0347.md @@ -13,5 +13,6 @@ Open redirect vulnerability in cs.html in the Autonomy (formerly Verity) Ultrase No PoCs from references. #### Github +- https://github.com/CVEDB/awesome-cve-repo - https://github.com/Cappricio-Securities/CVE-2009-0347 diff --git a/2012/CVE-2012-1823.md b/2012/CVE-2012-1823.md index 23a610da0b..3da90be41e 100644 --- a/2012/CVE-2012-1823.md +++ b/2012/CVE-2012-1823.md @@ -60,4 +60,5 @@ No PoCs from references. - https://github.com/theGreenJedi/Hacker-Guides - https://github.com/theykillmeslowly/CVE-2012-1823 - https://github.com/zhibx/fscan-Intranet +- https://github.com/zomasec/CVE-2024-4577 diff --git a/2013/CVE-2013-3900.md b/2013/CVE-2013-3900.md index 1cff57b5ba..0731e77765 100644 --- a/2013/CVE-2013-3900.md +++ b/2013/CVE-2013-3900.md @@ -26,6 +26,7 @@ No PoCs from references. - https://github.com/SaimSA/Vulnerability-Management-with-Nessus - https://github.com/Securenetology/CVE-2013-3900 - https://github.com/The-Education-and-Skills-Partnership/WinVerifyTrust-Signature-Mitigation +- https://github.com/ellikt1/STIG-and-SCAP-Compliance-for-Windows-10-11-VMs - https://github.com/ellikt1/Vulnerability-Assessment - https://github.com/florylsk/SignatureGate - https://github.com/hiba-ahmad1/NessusVulnManagement diff --git a/2014/CVE-2014-3566.md b/2014/CVE-2014-3566.md index 2fea8a9c0d..1e2c41cfaf 100644 --- a/2014/CVE-2014-3566.md +++ b/2014/CVE-2014-3566.md @@ -118,6 +118,7 @@ The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses - https://github.com/pashicop/3.9_1 - https://github.com/puppetlabs/puppetlabs-compliance_profile - https://github.com/r0metheus/poodle-attack +- https://github.com/r0metheus/poodle-attack-poc - https://github.com/r3p3r/1N3-MassBleed - https://github.com/rameezts/poodle_check - https://github.com/rvaralda/aws_poodle_fix diff --git a/2015/CVE-2015-5254.md b/2015/CVE-2015-5254.md index 366cee0cd9..642956f65a 100644 --- a/2015/CVE-2015-5254.md +++ b/2015/CVE-2015-5254.md @@ -48,6 +48,7 @@ Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that can be seri - https://github.com/lnick2023/nicenice - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet - https://github.com/openx-org/BLEN +- https://github.com/orlayneta/JenkinsTests - https://github.com/orlayneta/activemq - https://github.com/password520/RedTeamer - https://github.com/qazbnm456/awesome-cve-poc diff --git a/2015/CVE-2015-7501.md b/2015/CVE-2015-7501.md index 8c9ad3608f..b0fd47313b 100644 --- a/2015/CVE-2015-7501.md +++ b/2015/CVE-2015-7501.md @@ -75,6 +75,7 @@ Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) - https://github.com/gredler/aegis4j - https://github.com/hellochunqiu/PayloadsAllTheThings - https://github.com/hktalent/TOP +- https://github.com/hungslab/awd-tools - https://github.com/ianxtianxt/CVE-2015-7501 - https://github.com/just0rg/Security-Interview - https://github.com/klausware/Java-Deserialization-Cheat-Sheet diff --git a/2016/CVE-2016-10033.md b/2016/CVE-2016-10033.md index 79c4114708..aed28d51f9 100644 --- a/2016/CVE-2016-10033.md +++ b/2016/CVE-2016-10033.md @@ -69,6 +69,7 @@ The mailSend function in the isMail transport in PHPMailer before 5.2.18 might a - https://github.com/MIrfanShahid/PHPMailer - https://github.com/MarcioPeters/PHP - https://github.com/MartinDala/Envio-Simples-de-Email-com-PHPMailer- +- https://github.com/Mona-Mishra/User-Registration-System - https://github.com/Mugdho55/Air_Ticket_Management_System - https://github.com/NCSU-DANCE-Research-Group/CDL - https://github.com/NikhilReddyPuli/thenikhilreddy.github.io diff --git a/2016/CVE-2016-10045.md b/2016/CVE-2016-10045.md index 879e2fb875..15db86888e 100644 --- a/2016/CVE-2016-10045.md +++ b/2016/CVE-2016-10045.md @@ -41,6 +41,7 @@ The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to - https://github.com/MIrfanShahid/PHPMailer - https://github.com/MarcioPeters/PHP - https://github.com/MartinDala/Envio-Simples-de-Email-com-PHPMailer- +- https://github.com/Mona-Mishra/User-Registration-System - https://github.com/Mugdho55/Air_Ticket_Management_System - https://github.com/NikhilReddyPuli/thenikhilreddy.github.io - https://github.com/PatelMisha/Online-Flight-Booking-Management-System diff --git a/2016/CVE-2016-1247.md b/2016/CVE-2016-1247.md index 639470d3d4..21f140ad02 100644 --- a/2016/CVE-2016-1247.md +++ b/2016/CVE-2016-1247.md @@ -29,6 +29,7 @@ The nginx package before 1.6.2-5+deb8u3 on Debian jessie, the nginx packages bef - https://github.com/SexyBeast233/SecBooks - https://github.com/TCM-Course-Resources/Linux-Privilege-Escalation-Resources - https://github.com/ZeusBanda/Linux_Priv-Esc_Cheatsheet +- https://github.com/hungslab/awd-tools - https://github.com/lukeber4/usn-search - https://github.com/notnue/Linux-Privilege-Escalation - https://github.com/superfish9/pt diff --git a/2016/CVE-2016-5118.md b/2016/CVE-2016-5118.md index ef7c3890e6..c8c4584f85 100644 --- a/2016/CVE-2016-5118.md +++ b/2016/CVE-2016-5118.md @@ -16,5 +16,6 @@ The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick - http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html #### Github +- https://github.com/SudoIndividual/CVE-2023-34152 - https://github.com/superfish9/pt diff --git a/2016/CVE-2016-5195.md b/2016/CVE-2016-5195.md index 68b42e5d0d..889f70d9d3 100644 --- a/2016/CVE-2016-5195.md +++ b/2016/CVE-2016-5195.md @@ -249,6 +249,7 @@ Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allo - https://github.com/hj-hsu/avar2019_frida - https://github.com/hktalent/TOP - https://github.com/hktalent/bug-bounty +- https://github.com/hungslab/awd-tools - https://github.com/hxlxmjxbbxs/TheDirtyPipeExploit - https://github.com/hyln9/VIKIROOT - https://github.com/iakat/stars diff --git a/2016/CVE-2016-8655.md b/2016/CVE-2016-8655.md index c2f4467b1a..280daf6a63 100644 --- a/2016/CVE-2016-8655.md +++ b/2016/CVE-2016-8655.md @@ -43,6 +43,7 @@ Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allo - https://github.com/externalist/exploit_playground - https://github.com/fei9747/linux-exploit-suggester - https://github.com/go-bi/go-bi-soft +- https://github.com/hungslab/awd-tools - https://github.com/jondonas/linux-exploit-suggester-2 - https://github.com/kdn111/linux-kernel-exploitation - https://github.com/khanhdn111/linux-kernel-exploitation diff --git a/2017/CVE-2017-1000367.md b/2017/CVE-2017-1000367.md index 24d53ee0b2..3d2ff379d0 100644 --- a/2017/CVE-2017-1000367.md +++ b/2017/CVE-2017-1000367.md @@ -51,6 +51,7 @@ Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validati - https://github.com/h4x0r-dz/local-root-exploit- - https://github.com/hktalent/bug-bounty - https://github.com/homjxi0e/CVE-2017-1000367 +- https://github.com/hungslab/awd-tools - https://github.com/kumardineshwar/linux-kernel-exploits - https://github.com/lnick2023/nicenice - https://github.com/m0mkris/linux-kernel-exploits diff --git a/2017/CVE-2017-12149.md b/2017/CVE-2017-12149.md index f8f9dbfb49..a4e39321b9 100644 --- a/2017/CVE-2017-12149.md +++ b/2017/CVE-2017-12149.md @@ -83,6 +83,7 @@ In Jboss Application Server as shipped with Red Hat Enterprise Application Platf - https://github.com/hktalent/myhktools - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc +- https://github.com/hungslab/awd-tools - https://github.com/ianxtianxt/CVE-2015-7501 - https://github.com/ilmila/J2EEScan - https://github.com/iqrok/myhktools diff --git a/2017/CVE-2017-16995.md b/2017/CVE-2017-16995.md index 1571ef181a..6c38adcf49 100644 --- a/2017/CVE-2017-16995.md +++ b/2017/CVE-2017-16995.md @@ -79,6 +79,7 @@ The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4 - https://github.com/gugronnier/CVE-2017-16995 - https://github.com/hktalent/bug-bounty - https://github.com/holmes-py/King-of-the-hill +- https://github.com/hungslab/awd-tools - https://github.com/integeruser/on-pwning - https://github.com/ivilpez/cve-2017-16995.c - https://github.com/jackbarbaria/THMskynet diff --git a/2017/CVE-2017-5223.md b/2017/CVE-2017-5223.md index f4aaa4b360..8c49297d68 100644 --- a/2017/CVE-2017-5223.md +++ b/2017/CVE-2017-5223.md @@ -29,6 +29,7 @@ An issue was discovered in PHPMailer before 5.2.22. PHPMailer's msgHTML method a - https://github.com/MIrfanShahid/PHPMailer - https://github.com/MarcioPeters/PHP - https://github.com/MartinDala/Envio-Simples-de-Email-com-PHPMailer- +- https://github.com/Mona-Mishra/User-Registration-System - https://github.com/Mugdho55/Air_Ticket_Management_System - https://github.com/NikhilReddyPuli/thenikhilreddy.github.io - https://github.com/PatelMisha/Online-Flight-Booking-Management-System diff --git a/2017/CVE-2017-6074.md b/2017/CVE-2017-6074.md index 6934ee7b1c..7fb5742443 100644 --- a/2017/CVE-2017-6074.md +++ b/2017/CVE-2017-6074.md @@ -61,6 +61,7 @@ The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel thro - https://github.com/ferovap/Tools - https://github.com/h4x0r-dz/local-root-exploit- - https://github.com/hktalent/bug-bounty +- https://github.com/hungslab/awd-tools - https://github.com/imhunterand/hackerone-publicy-disclosed - https://github.com/jiayy/android_vuln_poc-exp - https://github.com/kaosagnt/ansible-everyday diff --git a/2017/CVE-2017-7440.md b/2017/CVE-2017-7440.md new file mode 100644 index 0000000000..81ed2d76a8 --- /dev/null +++ b/2017/CVE-2017-7440.md @@ -0,0 +1,17 @@ +### [CVE-2017-7440](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7440) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Kerio Connect 8.0.0 through 9.2.2, and Kerio Connect Client desktop application for Windows and Mac 9.2.0 through 9.2.2, when e-mail preview is enabled, allows remote attackers to conduct clickjacking attacks via a crafted e-mail message. + +### POC + +#### Reference +- https://www.gfi.com/support/products/Clickjacking-vulnerability-in-Kerio-Connect-8-and-9-CVE-2017-7440 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-7504.md b/2017/CVE-2017-7504.md index 8055a9d5f8..743e318943 100644 --- a/2017/CVE-2017-7504.md +++ b/2017/CVE-2017-7504.md @@ -48,6 +48,7 @@ No PoCs from references. - https://github.com/fengjixuchui/RedTeamer - https://github.com/fupinglee/JavaTools - https://github.com/gallopsec/JBossScan +- https://github.com/hungslab/awd-tools - https://github.com/ianxtianxt/CVE-2015-7501 - https://github.com/joaomatosf/JavaDeserH2HC - https://github.com/klausware/Java-Deserialization-Cheat-Sheet diff --git a/2017/CVE-2017-7921.md b/2017/CVE-2017-7921.md index 5f8413ed31..3133e3530f 100644 --- a/2017/CVE-2017-7921.md +++ b/2017/CVE-2017-7921.md @@ -54,6 +54,7 @@ No PoCs from references. - https://github.com/lions2012/Penetration_Testing_POC - https://github.com/p4tq/hikvision_CVE-2017-7921_auth_bypass_config_decryptor - https://github.com/rmic/hikexpl +- https://github.com/securitycipher/daily-bugbounty-writeups - https://github.com/sponkmonk/Ladon_english_update - https://github.com/wafinfo/DecryptTools - https://github.com/xuetusummer/Penetration_Testing_POC diff --git a/2019/CVE-2019-11358.md b/2019/CVE-2019-11358.md index 60e2b546a6..7c3349e292 100644 --- a/2019/CVE-2019-11358.md +++ b/2019/CVE-2019-11358.md @@ -397,6 +397,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/Bargain18/7172-Portfolio - https://github.com/Bargain18/Power-Play - https://github.com/Bargain18/Test +- https://github.com/BaronClaps/20077_Centerstage_Pedro - https://github.com/BaronClaps/PedroBot - https://github.com/BaronClaps/TomorrowTeamCode - https://github.com/Bartimus03/RoboticsCode @@ -1058,6 +1059,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/FlapJack20221/fuzzy-tribble - https://github.com/Floofyer/FtcRobotController - https://github.com/FlourishAndBots/PowerPlayReal +- https://github.com/FluensLuna/Vision - https://github.com/ForceCEITI/SDK-FTC - https://github.com/FreehandBlock51/FTCRobot2023 - https://github.com/FreehandBlock51/XDriveChallenge @@ -1480,6 +1482,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/LumenChristiRobotics/Techno-Titans-2023 - https://github.com/Lunerwalker2/FreightFrenzy1002 - https://github.com/Lunerwalker2/SwerveDriveTesting +- https://github.com/LuyangC/shooter - https://github.com/Lydia356/Sensors - https://github.com/LynixPlayz/FtcRobotController - https://github.com/Lynx-Robotics/LynxRobotics2020-2021 @@ -1610,6 +1613,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/Multiplyster/WOAHBots-2023-2024 - https://github.com/Murray-Bridge-Bunyips/BunyipsFTC - https://github.com/MushiTea/21438_CenterStage_REPO +- https://github.com/MushiTea/OLD_21438_CenterStage_Repo - https://github.com/Mythical84/Amongusasj-dfji-eajiauoipvoupvwpvtwhuvrhugvvty - https://github.com/Mythical84/Roboit - https://github.com/N-3-Robotics/FTC_POWER_PLAY @@ -1897,6 +1901,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/RepublicOfDanube/RODRobotController - https://github.com/ReverendRhyme/FTCTutorial - https://github.com/ReversM/ATAA-Robotics +- https://github.com/RhinyG/BezierSTTPSR - https://github.com/RickyWang101/FTC10615_CenterstageRC - https://github.com/RikelmeMartins/FTC-PowePlay - https://github.com/RikelmeMartins/FTC-PowerPlay @@ -2380,6 +2385,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/Vision1nil/SolversFTC-2022-23-code - https://github.com/VivenPuthenpurayil/2020UltimateGoal - https://github.com/VivenPuthenpurayil/UltimateGoalStates +- https://github.com/Viverino1/DevelopmentCode - https://github.com/Viverino1/TestFork - https://github.com/Vlad20405/Cod_Robotica_2021-22 - https://github.com/VladimirKaznacheiev/2020-FTC-UltimateGoal-6.0 @@ -3365,6 +3371,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/kronbot/powerplayv2 - https://github.com/krusche-sensetence/jquery-2.2.4-patched - https://github.com/kuek64/20077_Centerstage_Pedro +- https://github.com/kuek64/20077_Centerstage_Pedro_Bot - https://github.com/kuek64/TheTomorrowTeam - https://github.com/kuek64/TomorrowTeamMeep - https://github.com/kunhantsai/FtcRobotController @@ -3563,6 +3570,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/pgdev1729/FTC-Robot-Controller-Centerstage - https://github.com/pheitman/FreightFrenzy - https://github.com/pheitman/FreightFrenzy1 +- https://github.com/phm-tuyenn/fgcvn-bootcamp-team4 - https://github.com/pingryrobotics/FTC-2021-Offseason - https://github.com/pingryrobotics/FTC-6069-2021 - https://github.com/pingryrobotics/FTC-6069-2021-2022 @@ -3599,6 +3607,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/ramalhow/ftc-ultimategoal - https://github.com/raresNagy/Bobitza - https://github.com/raresNagy/mecanum +- https://github.com/raspiduino/Bootcamp2024 - https://github.com/ray710mond/2022-2023_Regis_FTC_code - https://github.com/rayannm/5467FTCCENTERSTAGE - https://github.com/raymar8361/Autonomous @@ -3847,6 +3856,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/tacotuesrobotics/2021-freight-frenzy - https://github.com/taigabots/UltimateGoal - https://github.com/tardis5356/Centerstage +- https://github.com/tardis5356/Centerstage-Offseason - https://github.com/tardis5356/FreightFrenzy - https://github.com/tardis5356/PowerPlay - https://github.com/tcrfrobotics/FTC_RobotController_TCRF_Titan diff --git a/2019/CVE-2019-1322.md b/2019/CVE-2019-1322.md index 53980d56f2..3a107c8d7c 100644 --- a/2019/CVE-2019-1322.md +++ b/2019/CVE-2019-1322.md @@ -51,6 +51,7 @@ An elevation of privilege vulnerability exists when Windows improperly handles a - https://github.com/hktalent/TOP - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc +- https://github.com/hungslab/awd-tools - https://github.com/jbmihoub/all-poc - https://github.com/k0imet/CVE-POCs - https://github.com/lions2012/Penetration_Testing_POC diff --git a/2019/CVE-2019-1405.md b/2019/CVE-2019-1405.md index b2e1109ae6..3b6c21ec98 100644 --- a/2019/CVE-2019-1405.md +++ b/2019/CVE-2019-1405.md @@ -57,6 +57,7 @@ An elevation of privilege vulnerability exists when the Windows Universal Plug a - https://github.com/hlldz/dazzleUP - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc +- https://github.com/hungslab/awd-tools - https://github.com/jbmihoub/all-poc - https://github.com/k0imet/CVE-POCs - https://github.com/lawrenceamer/0xsp-Mongoose diff --git a/2020/CVE-2020-1350.md b/2020/CVE-2020-1350.md index 9fce36b2bc..2396ed2dbf 100644 --- a/2020/CVE-2020-1350.md +++ b/2020/CVE-2020-1350.md @@ -24,6 +24,7 @@ A remote code execution vulnerability exists in Windows Domain Name System serve - https://github.com/ARPSyndicate/cvemon - https://github.com/Ascotbe/Kernelhub - https://github.com/CVEDB/PoC-List +- https://github.com/CVEDB/awesome-cve-repo - https://github.com/CVEmaster/CVE-2020-1350 - https://github.com/CnHack3r/Penetration_PoC - https://github.com/Cruxer8Mech/Idk diff --git a/2020/CVE-2020-2551.md b/2020/CVE-2020-2551.md index 63bed3552e..878354f8a0 100644 --- a/2020/CVE-2020-2551.md +++ b/2020/CVE-2020-2551.md @@ -109,6 +109,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - https://github.com/hktalent/bug-bounty - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc +- https://github.com/hungslab/awd-tools - https://github.com/jared1981/More-Pentest-Tools - https://github.com/jas502n/CVE-2020-2551 - https://github.com/jbmihoub/all-poc diff --git a/2020/CVE-2020-2555.md b/2020/CVE-2020-2555.md index 5e8c86775f..b83fb0a124 100644 --- a/2020/CVE-2020-2555.md +++ b/2020/CVE-2020-2555.md @@ -116,6 +116,7 @@ Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (compo - https://github.com/hktalent/bug-bounty - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc +- https://github.com/hungslab/awd-tools - https://github.com/iceberg-N/WL_Scan_GO - https://github.com/jbmihoub/all-poc - https://github.com/kenyon-wong/JNDIExploit diff --git a/2020/CVE-2020-25705.md b/2020/CVE-2020-25705.md index 5b8c72d749..7b76753a44 100644 --- a/2020/CVE-2020-25705.md +++ b/2020/CVE-2020-25705.md @@ -18,4 +18,5 @@ No PoCs from references. - https://github.com/nanopathi/linux-4.19.72_CVE-2020-25705 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/tdwyer/CVE-2020-25705 +- https://github.com/tnishiox/kernelcare-playground diff --git a/2020/CVE-2020-2883.md b/2020/CVE-2020-2883.md index d696197347..18890f1402 100644 --- a/2020/CVE-2020-2883.md +++ b/2020/CVE-2020-2883.md @@ -83,6 +83,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - https://github.com/hktalent/bug-bounty - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc +- https://github.com/hungslab/awd-tools - https://github.com/iceberg-N/WL_Scan_GO - https://github.com/jbmihoub/all-poc - https://github.com/kenyon-wong/JNDIExploit diff --git a/2020/CVE-2020-6801.md b/2020/CVE-2020-6801.md new file mode 100644 index 0000000000..7d4850312d --- /dev/null +++ b/2020/CVE-2020-6801.md @@ -0,0 +1,17 @@ +### [CVE-2020-6801](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6801) +![](https://img.shields.io/static/v1?label=Product&message=Firefox&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2073%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Memory%20safety%20bugs%20fixed%20in%20Firefox%2073&color=brighgreen) + +### Description + +Mozilla developers reported memory safety bugs present in Firefox 72. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 73. + +### POC + +#### Reference +- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1601024%2C1601712%2C1604836%2C1606492 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2020/CVE-2020-6825.md b/2020/CVE-2020-6825.md new file mode 100644 index 0000000000..f2449cfaa4 --- /dev/null +++ b/2020/CVE-2020-6825.md @@ -0,0 +1,21 @@ +### [CVE-2020-6825](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6825) +![](https://img.shields.io/static/v1?label=Product&message=Firefox%20ESR&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Firefox&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Thunderbird&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2068.7%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2068.7.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2075%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Memory%20safety%20bugs%20fixed%20in%20Firefox%2075%20and%20Firefox%20ESR%2068.7&color=brighgreen) + +### Description + +Mozilla developers and community members Tyson Smith and Christian Holler reported memory safety bugs present in Firefox 74 and Firefox ESR 68.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.7.0, Firefox ESR < 68.7, and Firefox < 75. + +### POC + +#### Reference +- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1572541%2C1620193%2C1620203 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2021/CVE-2021-20038.md b/2021/CVE-2021-20038.md index 241ec6db8b..2472a5a862 100644 --- a/2021/CVE-2021-20038.md +++ b/2021/CVE-2021-20038.md @@ -17,6 +17,7 @@ No PoCs from references. - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/AdamCrosser/awesome-vuln-writeups - https://github.com/CVEDB/PoC-List +- https://github.com/CVEDB/awesome-cve-repo - https://github.com/ExploitPwner/CVE-2021-20038-Mass-RCE-SonicWall - https://github.com/NaInSec/CVE-PoC-in-GitHub - https://github.com/Ostorlab/KEV diff --git a/2021/CVE-2021-26084.md b/2021/CVE-2021-26084.md index ce96a939a7..c8dc021ba0 100644 --- a/2021/CVE-2021-26084.md +++ b/2021/CVE-2021-26084.md @@ -38,6 +38,7 @@ In affected versions of Confluence Server and Data Center, an OGNL injection vul - https://github.com/AnonymouID/POC - https://github.com/ArrestX/--POC - https://github.com/Awrrays/FrameVul +- https://github.com/BBD-YZZ/Confluence-RCE - https://github.com/BLACKHAT-SSG/MindMaps2 - https://github.com/BeRserKerSec/CVE-2021-26084-Nuclei-template - https://github.com/CLincat/vulcat diff --git a/2021/CVE-2021-29082.md b/2021/CVE-2021-29082.md new file mode 100644 index 0000000000..b36e6d11f7 --- /dev/null +++ b/2021/CVE-2021-29082.md @@ -0,0 +1,17 @@ +### [CVE-2021-29082](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29082) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBW30 before 2.6.1.4, RBS40V before 2.6.1.4, RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBK754 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBK854 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25. + +### POC + +#### Reference +- https://kb.netgear.com/000063005/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-WiFi-Systems-PSV-2020-0037 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2021/CVE-2021-37617.md b/2021/CVE-2021-37617.md new file mode 100644 index 0000000000..4d445a0d00 --- /dev/null +++ b/2021/CVE-2021-37617.md @@ -0,0 +1,17 @@ +### [CVE-2021-37617](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37617) +![](https://img.shields.io/static/v1?label=Product&message=security-advisories&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-426%3A%20Untrusted%20Search%20Path&color=brighgreen) + +### Description + +The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with a computer. The Nextcloud Desktop Client invokes its uninstaller script when being installed to make sure there are no remnants of previous installations. In versions 3.0.3 through 3.2.4, the Client searches the `Uninstall.exe` file in a folder that can be written by regular users. This could lead to a case where a malicious user creates a malicious `Uninstall.exe`, which would be executed with administrative privileges on the Nextcloud Desktop Client installation. This issue is fixed in Nextcloud Desktop Client version 3.3.0. As a workaround, do not allow untrusted users to create content in the `C:\` system folder and verify that there is no malicious `C:\Uninstall.exe` file on the system. + +### POC + +#### Reference +- https://github.com/nextcloud/security-advisories/security/advisories/GHSA-6q2w-v879-q24v + +#### Github +No PoCs found on GitHub currently. + diff --git a/2021/CVE-2021-4034.md b/2021/CVE-2021-4034.md index a3a0bb24c0..f686672209 100644 --- a/2021/CVE-2021-4034.md +++ b/2021/CVE-2021-4034.md @@ -263,6 +263,7 @@ A local privilege escalation vulnerability was found on polkit's pkexec utility. - https://github.com/hohn/codeql-sample-polkit - https://github.com/hugefiver/mystars - https://github.com/hugs42/infosec +- https://github.com/hungslab/awd-tools - https://github.com/hxysaury/saury-vulnhub - https://github.com/iandrade87br/OSCP - https://github.com/insurrectus/cyber-security-university diff --git a/2022/CVE-2022-0847.md b/2022/CVE-2022-0847.md index 046f2b6e33..eeae312004 100644 --- a/2022/CVE-2022-0847.md +++ b/2022/CVE-2022-0847.md @@ -320,6 +320,7 @@ A flaw was found in the way the "flags" member of the new pipe buffer structure - https://github.com/thesakibrahman/THM-Free-Room - https://github.com/tiann/DirtyPipeRoot - https://github.com/tmoneypenny/CVE-2022-0847 +- https://github.com/tnishiox/kernelcare-playground - https://github.com/trhacknon/CVE-2022-0847-DirtyPipe-Exploit - https://github.com/trhacknon/Pocingit - https://github.com/trhacknon/dirtypipez-exploit @@ -332,6 +333,7 @@ A flaw was found in the way the "flags" member of the new pipe buffer structure - https://github.com/veritas501/pipe-primitive - https://github.com/versatilexec/CVE_2022_0847 - https://github.com/vknc/vknc.github.io +- https://github.com/wechicken456/Linux-kernel - https://github.com/weeka10/-hktalent-TOP - https://github.com/whoami-chmod777/Hacking-Articles-Linux-Privilege-Escalation- - https://github.com/whoforget/CVE-POC diff --git a/2022/CVE-2022-1015.md b/2022/CVE-2022-1015.md index 64e189e581..8b58ae50f9 100644 --- a/2022/CVE-2022-1015.md +++ b/2022/CVE-2022-1015.md @@ -61,6 +61,7 @@ A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of t - https://github.com/shuttterman/bob_kern_exp1 - https://github.com/ssr-111/linux-kernel-exploitation - https://github.com/trhacknon/Pocingit +- https://github.com/wechicken456/Linux-kernel - https://github.com/whoforget/CVE-POC - https://github.com/wlswotmd/CVE-2022-1015 - https://github.com/xairy/linux-kernel-exploitation diff --git a/2022/CVE-2022-1016.md b/2022/CVE-2022-1016.md index 0cdff8e074..f540b8c743 100644 --- a/2022/CVE-2022-1016.md +++ b/2022/CVE-2022-1016.md @@ -25,6 +25,7 @@ A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_ch - https://github.com/knd06/linux-kernel-exploitation - https://github.com/ndk191/linux-kernel-exploitation - https://github.com/ssr-111/linux-kernel-exploitation +- https://github.com/wechicken456/Linux-kernel - https://github.com/xairy/linux-kernel-exploitation - https://github.com/yaobinwen/robin_on_rails - https://github.com/zanezhub/CVE-2022-1015-1016 diff --git a/2022/CVE-2022-24521.md b/2022/CVE-2022-24521.md index 64f7b8fc17..51d81dd6fb 100644 --- a/2022/CVE-2022-24521.md +++ b/2022/CVE-2022-24521.md @@ -56,6 +56,7 @@ No PoCs from references. - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/fr4nkxixi/CVE-2022-24481-POC +- https://github.com/hungslab/awd-tools - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/robotMD5/CVE-2022-24481-POC diff --git a/2022/CVE-2022-2602.md b/2022/CVE-2022-2602.md index a010bd1364..44df141101 100644 --- a/2022/CVE-2022-2602.md +++ b/2022/CVE-2022-2602.md @@ -39,6 +39,7 @@ io_uring UAF, Unix SCM garbage collection - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/ssr-111/linux-kernel-exploitation - https://github.com/th3-5had0w/CVE-2022-2602-Study +- https://github.com/wechicken456/Linux-kernel - https://github.com/whoforget/CVE-POC - https://github.com/xairy/linux-kernel-exploitation - https://github.com/youwizard/CVE-POC diff --git a/2022/CVE-2022-26134.md b/2022/CVE-2022-26134.md index 356a62a333..b2daf11a73 100644 --- a/2022/CVE-2022-26134.md +++ b/2022/CVE-2022-26134.md @@ -45,6 +45,7 @@ In affected versions of Confluence Server and Data Center, an OGNL injection vul - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/AmoloHT/CVE-2022-26134 - https://github.com/Awrrays/FrameVul +- https://github.com/BBD-YZZ/Confluence-RCE - https://github.com/BeichenDream/CVE-2022-26134-Godzilla-MEMSHELL - https://github.com/Brucetg/CVE-2022-26134 - https://github.com/CJ-0107/cve-2022-26134 diff --git a/2022/CVE-2022-3470.md b/2022/CVE-2022-3470.md index 6bec7c7bb9..070e3b470e 100644 --- a/2022/CVE-2022-3470.md +++ b/2022/CVE-2022-3470.md @@ -12,6 +12,7 @@ A vulnerability was found in SourceCodester Human Resource Management System. It #### Reference - https://github.com/Hanfu-l/POC-Exp/blob/main/The%20Human%20Resource%20Management%20System%20sc%20parameter%20is%20injected.pdf - https://github.com/Hanfu-l/POC-Exp/blob/main/The%20Human%20Resource%20Management%20System%20sc%20parameter%20is%20injected.pdf +- https://vuldb.com/?id.210714 #### Github No PoCs found on GitHub currently. diff --git a/2022/CVE-2022-34918.md b/2022/CVE-2022-34918.md index 6ab4f109de..41bf81b2bf 100644 --- a/2022/CVE-2022-34918.md +++ b/2022/CVE-2022-34918.md @@ -56,6 +56,7 @@ An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug - https://github.com/khanhnd123/linux-kernel-exploitation - https://github.com/klemakle/audit-pentest-BOX - https://github.com/knd06/linux-kernel-exploitation +- https://github.com/lanleft/CVE-2023-1829 - https://github.com/lanleft/CVE2023-1829 - https://github.com/linulinu/CVE-2022-34918 - https://github.com/lions2012/Penetration_Testing_POC diff --git a/2022/CVE-2022-3497.md b/2022/CVE-2022-3497.md new file mode 100644 index 0000000000..ff53952fa7 --- /dev/null +++ b/2022/CVE-2022-3497.md @@ -0,0 +1,17 @@ +### [CVE-2022-3497](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3497) +![](https://img.shields.io/static/v1?label=Product&message=Human%20Resource%20Management%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-707%20Improper%20Neutralization%20-%3E%20CWE-74%20Injection%20-%3E%20CWE-79%20Cross%20Site%20Scripting&color=brighgreen) + +### Description + +A vulnerability was found in SourceCodester Human Resource Management System 1.0. It has been classified as problematic. Affected is an unknown function of the component Master List. The manipulation of the argument city/state/country/position leads to cross site scripting. It is possible to launch the attack remotely. VDB-210786 is the identifier assigned to this vulnerability. + +### POC + +#### Reference +- https://vuldb.com/?id.210786 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2022/CVE-2022-3582.md b/2022/CVE-2022-3582.md index 5c115b5e4a..3211ac5352 100644 --- a/2022/CVE-2022-3582.md +++ b/2022/CVE-2022-3582.md @@ -12,6 +12,7 @@ A vulnerability has been found in SourceCodester Simple Cold Storage Management #### Reference - https://github.com/jusstSahil/CSRF-/blob/main/POC - https://github.com/jusstSahil/CSRF-/blob/main/POC +- https://vuldb.com/?id.211189 #### Github No PoCs found on GitHub currently. diff --git a/2022/CVE-2022-3670.md b/2022/CVE-2022-3670.md index 19c9ca2da7..7c7f430421 100644 --- a/2022/CVE-2022-3670.md +++ b/2022/CVE-2022-3670.md @@ -14,6 +14,7 @@ A vulnerability was found in Axiomatic Bento4. It has been classified as critica - https://github.com/axiomatic-systems/Bento4/files/9675049/Bug_3_POC.zip - https://github.com/axiomatic-systems/Bento4/issues/776 - https://github.com/axiomatic-systems/Bento4/issues/776 +- https://vuldb.com/?id.212010 #### Github No PoCs found on GitHub currently. diff --git a/2022/CVE-2022-39227.md b/2022/CVE-2022-39227.md index 1b7a621e3b..b2b4e30e32 100644 --- a/2022/CVE-2022-39227.md +++ b/2022/CVE-2022-39227.md @@ -16,6 +16,7 @@ No PoCs from references. - https://github.com/ARPSyndicate/cvemon - https://github.com/NoSpaceAvailable/CVE-2022-39227 - https://github.com/davedoesdev/python-jwt +- https://github.com/hackthebox/cyber-apocalypse-2024 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/user0x1337/CVE-2022-39227 diff --git a/2022/CVE-2022-3944.md b/2022/CVE-2022-3944.md index fcb91228e2..698a2ff743 100644 --- a/2022/CVE-2022-3944.md +++ b/2022/CVE-2022-3944.md @@ -12,6 +12,7 @@ A vulnerability was found in jerryhanjj ERP. It has been declared as critical. A #### Reference - https://github.com/jerryhanjj/ERP/issues/3 - https://github.com/jerryhanjj/ERP/issues/3 +- https://vuldb.com/?id.213451 #### Github No PoCs found on GitHub currently. diff --git a/2023/CVE-2023-0179.md b/2023/CVE-2023-0179.md index c3d80ab44d..d1fd6c3acb 100644 --- a/2023/CVE-2023-0179.md +++ b/2023/CVE-2023-0179.md @@ -36,6 +36,7 @@ A buffer overflow vulnerability was found in the Netfilter subsystem in the Linu - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/taielab/awesome-hacking-lists - https://github.com/tanjiti/sec_profile +- https://github.com/wechicken456/Linux-kernel - https://github.com/whoforget/CVE-POC - https://github.com/xairy/linux-kernel-exploitation - https://github.com/youwizard/CVE-POC diff --git a/2023/CVE-2023-0386.md b/2023/CVE-2023-0386.md index 616eb71eef..b246174017 100644 --- a/2023/CVE-2023-0386.md +++ b/2023/CVE-2023-0386.md @@ -42,6 +42,7 @@ A flaw was found in the Linux kernel, where unauthorized access to the execution - https://github.com/djytmdj/Tool_Summary - https://github.com/hktalent/TOP - https://github.com/hshivhare67/kernel_v4.19.72_CVE-2023-0386 +- https://github.com/hungslab/awd-tools - https://github.com/izj007/wechat - https://github.com/johe123qwe/github-trending - https://github.com/letsr00t/CVE-2023-0386 diff --git a/2023/CVE-2023-1326.md b/2023/CVE-2023-1326.md index 1b98d6aa59..8308168d39 100644 --- a/2023/CVE-2023-1326.md +++ b/2023/CVE-2023-1326.md @@ -19,6 +19,7 @@ A privilege escalation attack was found in apport-cli 2.26.0 and earlier which i - https://github.com/Archan6el/Devvortex-Writeup - https://github.com/Archan6el/Devvortex-Writeup-HackTheBox - https://github.com/Pol-Ruiz/CVE-2023-1326 +- https://github.com/c0d3cr4f73r/CVE-2023-1326 - https://github.com/diego-tella/CVE-2023-1326-PoC - https://github.com/jbiniek/cyberpoligon23 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2023/CVE-2023-1829.md b/2023/CVE-2023-1829.md index ab74ab2893..8e7726ecf7 100644 --- a/2023/CVE-2023-1829.md +++ b/2023/CVE-2023-1829.md @@ -17,6 +17,7 @@ A use-after-free vulnerability in the Linux Kernel traffic control index filter - https://github.com/EGI-Federation/SVG-advisories - https://github.com/N1ghtu/RWCTF6th-RIPTC - https://github.com/Threekiii/CVE +- https://github.com/lanleft/CVE-2023-1829 - https://github.com/lanleft/CVE2023-1829 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/star-sg/CVE diff --git a/2023/CVE-2023-20048.md b/2023/CVE-2023-20048.md index 4a581bf393..2d915c5868 100644 --- a/2023/CVE-2023-20048.md +++ b/2023/CVE-2023-20048.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/0zer0d4y/FuegoTest +- https://github.com/absholi7ly/Cisco-Firepower-Management-Center-Exploit - https://github.com/absholi7ly/absholi7ly - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2023/CVE-2023-20073.md b/2023/CVE-2023-20073.md index 33acd3bd1e..38eb51da15 100644 --- a/2023/CVE-2023-20073.md +++ b/2023/CVE-2023-20073.md @@ -17,4 +17,5 @@ No PoCs from references. - https://github.com/RegularITCat/CVE-2023-20073 - https://github.com/codeb0ss/CVE-2023-20073- - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/winmt/winmt diff --git a/2023/CVE-2023-20117.md b/2023/CVE-2023-20117.md new file mode 100644 index 0000000000..59d505a888 --- /dev/null +++ b/2023/CVE-2023-20117.md @@ -0,0 +1,17 @@ +### [CVE-2023-20117](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20117) +![](https://img.shields.io/static/v1?label=Product&message=Cisco%20Small%20Business%20RV%20Series%20Router%20Firmware%20&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-146&color=brighgreen) + +### Description + +Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker to inject and execute arbitrary commands on the underlying operating system of an affected device. These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by sending malicious input to an affected device. A successful exploit could allow the attacker to execute arbitrary commands as the root user on the underlying Linux operating system of the affected device. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates to address these vulnerabilities. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/winmt/winmt + diff --git a/2023/CVE-2023-20118.md b/2023/CVE-2023-20118.md index e54792f71a..ae88692e55 100644 --- a/2023/CVE-2023-20118.md +++ b/2023/CVE-2023-20118.md @@ -14,5 +14,5 @@ A vulnerability in the web-based management interface of Cisco Small Business Ro - https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5 #### Github -No PoCs found on GitHub currently. +- https://github.com/winmt/winmt diff --git a/2023/CVE-2023-20128.md b/2023/CVE-2023-20128.md new file mode 100644 index 0000000000..cb1d44457e --- /dev/null +++ b/2023/CVE-2023-20128.md @@ -0,0 +1,17 @@ +### [CVE-2023-20128](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20128) +![](https://img.shields.io/static/v1?label=Product&message=Cisco%20Small%20Business%20RV%20Series%20Router%20Firmware%20&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-146&color=brighgreen) + +### Description + +Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker to inject and execute arbitrary commands on the underlying operating system of an affected device. These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by sending malicious input to an affected device. A successful exploit could allow the attacker to execute arbitrary commands as the root user on the underlying Linux operating system of the affected device. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates to address these vulnerabilities. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/winmt/winmt + diff --git a/2023/CVE-2023-21768.md b/2023/CVE-2023-21768.md index 92fce93e05..d33c2a1427 100644 --- a/2023/CVE-2023-21768.md +++ b/2023/CVE-2023-21768.md @@ -60,6 +60,7 @@ Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerabili - https://github.com/taielab/awesome-hacking-lists - https://github.com/timeisflowing/recon2023-resources - https://github.com/txuswashere/OSCP +- https://github.com/xboxoneresearch/CVE-2023-21768-dotnet - https://github.com/xhref/OSCP - https://github.com/ycdxsb/WindowsPrivilegeEscalation - https://github.com/zoemurmure/CVE-2023-21768-AFD-for-WinSock-EoP-exploit diff --git a/2023/CVE-2023-22515.md b/2023/CVE-2023-22515.md index ab7d6b3db1..3bf707ecc9 100644 --- a/2023/CVE-2023-22515.md +++ b/2023/CVE-2023-22515.md @@ -65,10 +65,12 @@ Atlassian has been made aware of an issue reported by a handful of customers whe - https://github.com/joaoviictorti/CVE-2023-22515 - https://github.com/kh4sh3i/CVE-2023-22515 - https://github.com/mayur-esh/vuln-liners +- https://github.com/mumble99/rvision_task - https://github.com/netlas-io/netlas-dorks - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/rxerium/CVE-2023-22515 - https://github.com/rxerium/stars +- https://github.com/s1d6point7bugcrowd/CVE-2023-22515-check - https://github.com/securitycipher/daily-bugbounty-writeups - https://github.com/seyrenus/release_notification - https://github.com/sincere9/CVE-2023-22515 diff --git a/2023/CVE-2023-22527.md b/2023/CVE-2023-22527.md index 5e71097e64..963a6e8aba 100644 --- a/2023/CVE-2023-22527.md +++ b/2023/CVE-2023-22527.md @@ -18,6 +18,7 @@ A template injection vulnerability on older versions of Confluence Data Center a - https://github.com/20142995/pocsuite3 - https://github.com/20142995/sectool - https://github.com/Avento/CVE-2023-22527_Confluence_RCE +- https://github.com/BBD-YZZ/Confluence-RCE - https://github.com/Boogipop/CVE-2023-22527-Godzilla-MEMSHELL - https://github.com/C1ph3rX13/CVE-2023-22527 - https://github.com/Chocapikk/CVE-2023-22527 diff --git a/2023/CVE-2023-22726.md b/2023/CVE-2023-22726.md index 19b6979fb2..9ca4b41eff 100644 --- a/2023/CVE-2023-22726.md +++ b/2023/CVE-2023-22726.md @@ -16,5 +16,6 @@ act is a project which allows for local running of github actions. The artifact - https://securitylab.github.com/advisories/GHSL-2023-004_act/ #### Github +- https://github.com/ProxyPog/POC-CVE-2023-22726 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2023/CVE-2023-23638.md b/2023/CVE-2023-23638.md index e554fafb23..9238984049 100644 --- a/2023/CVE-2023-23638.md +++ b/2023/CVE-2023-23638.md @@ -13,6 +13,7 @@ A deserialization vulnerability existed when dubbo generic invoke, which could l No PoCs from references. #### Github +- https://github.com/3yujw7njai/CVE-2023-23638-Tools - https://github.com/ARPSyndicate/cvemon - https://github.com/Armandhe-China/ApacheDubboSerialVuln - https://github.com/Awrrays/FrameVul diff --git a/2023/CVE-2023-23752.md b/2023/CVE-2023-23752.md index 2445561a1b..97b025b187 100644 --- a/2023/CVE-2023-23752.md +++ b/2023/CVE-2023-23752.md @@ -19,6 +19,7 @@ No PoCs from references. - https://github.com/0xWhoami35/CVE-2023-23752 - https://github.com/0xWhoami35/Devvorte-Writeup - https://github.com/0xsyr0/OSCP +- https://github.com/0xx01/CVE-2023-23752 - https://github.com/20142995/Goby - https://github.com/20142995/pocsuite3 - https://github.com/ARPSyndicate/cvemon @@ -101,6 +102,7 @@ No PoCs from references. - https://github.com/luck-ying/Library-POC - https://github.com/malionnn/-Joomla-v4.2.8---Divulgation-d-informations-non-authentifi-es - https://github.com/mariovata/CVE-2023-23752-Python +- https://github.com/mil4ne/CVE-2023-23752-Joomla-v4.2.8 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/nu0y4/HScan - https://github.com/r3dston3/CVE-2023-23752 diff --git a/2023/CVE-2023-24203.md b/2023/CVE-2023-24203.md index 90c9274e20..5a501db353 100644 --- a/2023/CVE-2023-24203.md +++ b/2023/CVE-2023-24203.md @@ -13,5 +13,6 @@ Cross Site Scripting vulnerability in SourceCodester Simple Customer Relationshi No PoCs from references. #### Github +- https://github.com/momo1239/CVE-2023-24203-and-CVE-2023-24204 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2023/CVE-2023-24204.md b/2023/CVE-2023-24204.md index 3e84ef328e..1e960fd28d 100644 --- a/2023/CVE-2023-24204.md +++ b/2023/CVE-2023-24204.md @@ -13,5 +13,6 @@ SQL injection vulnerability in SourceCodester Simple Customer Relationship Manag No PoCs from references. #### Github +- https://github.com/momo1239/CVE-2023-24203-and-CVE-2023-24204 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2023/CVE-2023-25355.md b/2023/CVE-2023-25355.md index e0d1f1d5d9..eef3a40a34 100644 --- a/2023/CVE-2023-25355.md +++ b/2023/CVE-2023-25355.md @@ -15,4 +15,5 @@ CoreDial sipXcom up to and including 21.04 is vulnerable to Insecure Permissions #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/AlexLinov/sipXcom-RCE diff --git a/2023/CVE-2023-25356.md b/2023/CVE-2023-25356.md index 24ca4c31d4..05e164967c 100644 --- a/2023/CVE-2023-25356.md +++ b/2023/CVE-2023-25356.md @@ -14,5 +14,5 @@ CoreDial sipXcom up to and including 21.04 is vulnerable to Improper Neutralizat - https://seclists.org/fulldisclosure/2023/Mar/5 #### Github -No PoCs found on GitHub currently. +- https://github.com/AlexLinov/sipXcom-RCE diff --git a/2023/CVE-2023-26144.md b/2023/CVE-2023-26144.md index 46d3754c96..5d7c91d306 100644 --- a/2023/CVE-2023-26144.md +++ b/2023/CVE-2023-26144.md @@ -15,5 +15,6 @@ Versions of the package graphql from 16.3.0 and before 16.8.1 are vulnerable to #### Github - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/tadhglewis/apollo-koa-minimal - https://github.com/tadhglewis/tadhglewis diff --git a/2023/CVE-2023-26359.md b/2023/CVE-2023-26359.md index 4c8d6aad12..3dcb2368e0 100644 --- a/2023/CVE-2023-26359.md +++ b/2023/CVE-2023-26359.md @@ -16,6 +16,7 @@ No PoCs from references. - https://github.com/ARPSyndicate/cvemon - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +- https://github.com/jakabakos/CVE-2023-26360-adobe-coldfusion-rce-exploit - https://github.com/netlas-io/netlas-cookbook - https://github.com/netlas-io/netlas-dorks diff --git a/2023/CVE-2023-26360.md b/2023/CVE-2023-26360.md index f1acf23985..54e07b5278 100644 --- a/2023/CVE-2023-26360.md +++ b/2023/CVE-2023-26360.md @@ -20,6 +20,7 @@ Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and ea - https://github.com/Threekiii/Vulhub-Reproduce - https://github.com/getdrive/PoC - https://github.com/iluaster/getdrive_PoC +- https://github.com/jakabakos/CVE-2023-26360-adobe-coldfusion-rce-exploit - https://github.com/karimhabush/cyberowl - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/yosef0x01/CVE-2023-26360 diff --git a/2023/CVE-2023-26361.md b/2023/CVE-2023-26361.md new file mode 100644 index 0000000000..86a6ba185a --- /dev/null +++ b/2023/CVE-2023-26361.md @@ -0,0 +1,17 @@ +### [CVE-2023-26361](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26361) +![](https://img.shields.io/static/v1?label=Product&message=ColdFusion&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%3D%20CF2018U15%2C%20CF2021U5%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Improper%20Limitation%20of%20a%20Pathname%20to%20a%20Restricted%20Directory%20('Path%20Traversal')%20(CWE-22)&color=brighgreen) + +### Description + +Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in Arbitrary file system read. Exploitation of this issue does not require user interaction, but does require administrator privileges. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/jakabakos/CVE-2023-26360-adobe-coldfusion-rce-exploit + diff --git a/2023/CVE-2023-2640.md b/2023/CVE-2023-2640.md index 5b4d845fe4..dd6587587a 100644 --- a/2023/CVE-2023-2640.md +++ b/2023/CVE-2023-2640.md @@ -16,6 +16,7 @@ No PoCs from references. - https://github.com/0xWhoami35/root-kernel - https://github.com/0xsyr0/OSCP - https://github.com/Ev3rPalestine/Analytics-HTB-Walkthrough +- https://github.com/K5LK/CVE-2023-2640-32629 - https://github.com/Kiosec/Linux-Exploitation - https://github.com/Nkipohcs/CVE-2023-2640-CVE-2023-32629 - https://github.com/OllaPapito/gameoverlay diff --git a/2023/CVE-2023-26604.md b/2023/CVE-2023-26604.md index 079e087de3..877c6ac37b 100644 --- a/2023/CVE-2023-26604.md +++ b/2023/CVE-2023-26604.md @@ -20,6 +20,7 @@ systemd before 247 does not adequately block local privilege escalation for some - https://github.com/Pol-Ruiz/CVE-2023-1326 - https://github.com/Wetrel/HackTheBox_Sau - https://github.com/Zenmovie/CVE-2023-26604 +- https://github.com/c0d3cr4f73r/CVE-2023-1326 - https://github.com/denis-jdsouza/wazuh-vulnerability-report-maker - https://github.com/diego-tella/CVE-2023-1326-PoC - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2023/CVE-2023-27524.md b/2023/CVE-2023-27524.md index 8b0306c00d..4770e561cb 100644 --- a/2023/CVE-2023-27524.md +++ b/2023/CVE-2023-27524.md @@ -46,6 +46,8 @@ Session Validation attacks in Apache Superset versions up to and including 2.0.1 - https://github.com/hktalent/TOP - https://github.com/horizon3ai/CVE-2023-27524 - https://github.com/jakabakos/CVE-2023-27524-Apache-Superset-Auth-Bypass-and-RCE +- https://github.com/karthi-the-hacker/CVE-2023-27524 +- https://github.com/kovatechy/Cappricio - https://github.com/lions2012/Penetration_Testing_POC - https://github.com/machevalia/ButProxied - https://github.com/necroteddy/CVE-2023-27524 diff --git a/2023/CVE-2023-29017.md b/2023/CVE-2023-29017.md index f2974f9189..6e527036d3 100644 --- a/2023/CVE-2023-29017.md +++ b/2023/CVE-2023-29017.md @@ -19,8 +19,10 @@ vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in mo #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/Aduda-Shem/Semgrep_Rules - https://github.com/Kaneki-hash/CVE-2023-29017-reverse-shell - https://github.com/Threekiii/CVE +- https://github.com/jakabakos/vm2-sandbox-escape-exploits - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/passwa11/CVE-2023-29017-reverse-shell - https://github.com/seal-community/patches diff --git a/2023/CVE-2023-29199.md b/2023/CVE-2023-29199.md index 20f8dfc758..308fd0d6d6 100644 --- a/2023/CVE-2023-29199.md +++ b/2023/CVE-2023-29199.md @@ -17,6 +17,7 @@ There exists a vulnerability in source code transformer (exception sanitization #### Github - https://github.com/3mpir3Albert/HTB_Codify +- https://github.com/jakabakos/vm2-sandbox-escape-exploits - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/u-crew/vm2-test diff --git a/2023/CVE-2023-29489.md b/2023/CVE-2023-29489.md index 3db4b436dc..71c7a72141 100644 --- a/2023/CVE-2023-29489.md +++ b/2023/CVE-2023-29489.md @@ -36,7 +36,9 @@ An issue was discovered in cPanel before 11.109.9999.116. XSS can occur on the c - https://github.com/htrgouvea/spellbook - https://github.com/ipk1/CVE-2023-29489.py - https://github.com/jaiguptanick/100daysofcyber +- https://github.com/kovatechy/Cappricio - https://github.com/learnerboy88/CVE-2023-29489 +- https://github.com/md-thalal/CVE-2023-29489 - https://github.com/mdaseem03/cpanel_xss_2023 - https://github.com/mr-sami-x/XSS_1915 - https://github.com/nomi-sec/PoC-in-GitHub @@ -47,6 +49,7 @@ An issue was discovered in cPanel before 11.109.9999.116. XSS can occur on the c - https://github.com/tucommenceapousser/CVE-2023-29489 - https://github.com/tucommenceapousser/CVE-2023-29489.py - https://github.com/tucommenceapousser/Oneliner-Bugbounty2 +- https://github.com/tucommenceapousser/XSS_1312 - https://github.com/tucommenceapousser/XSS_1915 - https://github.com/whalebone7/EagleEye - https://github.com/xKore123/cPanel-CVE-2023-29489 diff --git a/2023/CVE-2023-30253.md b/2023/CVE-2023-30253.md index 42d9eeff13..10054473ab 100644 --- a/2023/CVE-2023-30253.md +++ b/2023/CVE-2023-30253.md @@ -14,5 +14,8 @@ Dolibarr before 17.0.1 allows remote code execution by an authenticated user via - https://www.swascan.com/security-advisory-dolibarr-17-0-0/ #### Github +- https://github.com/04Shivam/CVE-2023-30253-Exploit +- https://github.com/Rubikcuv5/cve-2023-30253 +- https://github.com/nikn0laty/Exploit-for-Dolibarr-17.0.0-CVE-2023-30253 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2023/CVE-2023-30547.md b/2023/CVE-2023-30547.md index bd839ae813..5c67ba922d 100644 --- a/2023/CVE-2023-30547.md +++ b/2023/CVE-2023-30547.md @@ -19,6 +19,7 @@ vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in mo - https://github.com/Af7eR9l0W/HTB-Codify - https://github.com/Cur1iosity/CVE-2023-30547 - https://github.com/Maladra/Write-Up-Codify +- https://github.com/jakabakos/vm2-sandbox-escape-exploits - https://github.com/karimhabush/cyberowl - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/rvizx/CVE-2023-30547 diff --git a/2023/CVE-2023-32313.md b/2023/CVE-2023-32313.md index cfe7063ba4..6f3b240051 100644 --- a/2023/CVE-2023-32313.md +++ b/2023/CVE-2023-32313.md @@ -16,5 +16,5 @@ vm2 is a sandbox that can run untrusted code with Node's built-in modules. In ve - https://github.com/patriksimek/vm2/security/advisories/GHSA-p5gc-c584-jj6v #### Github -No PoCs found on GitHub currently. +- https://github.com/jakabakos/vm2-sandbox-escape-exploits diff --git a/2023/CVE-2023-32314.md b/2023/CVE-2023-32314.md index 3ff31e3ddc..47a1ade094 100644 --- a/2023/CVE-2023-32314.md +++ b/2023/CVE-2023-32314.md @@ -18,5 +18,6 @@ vm2 is a sandbox that can run untrusted code with Node's built-in modules. A san #### Github - https://github.com/AdarkSt/Honeypot_Smart_Infrastructure - https://github.com/giovanni-iannaccone/vm2_3.9.17 +- https://github.com/jakabakos/vm2-sandbox-escape-exploits - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2023/CVE-2023-32629.md b/2023/CVE-2023-32629.md index 9ba3267ccb..c3d7cbad7b 100644 --- a/2023/CVE-2023-32629.md +++ b/2023/CVE-2023-32629.md @@ -17,6 +17,7 @@ Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovl_copy_up - https://github.com/0xWhoami35/root-kernel - https://github.com/0xsyr0/OSCP - https://github.com/Ev3rPalestine/Analytics-HTB-Walkthrough +- https://github.com/K5LK/CVE-2023-2640-32629 - https://github.com/Kiosec/Linux-Exploitation - https://github.com/Nkipohcs/CVE-2023-2640-CVE-2023-32629 - https://github.com/OllaPapito/gameoverlay diff --git a/2023/CVE-2023-32749.md b/2023/CVE-2023-32749.md index 5cfcbc6c14..217c10c45f 100644 --- a/2023/CVE-2023-32749.md +++ b/2023/CVE-2023-32749.md @@ -21,4 +21,5 @@ Pydio Cells allows users by default to create so-called external users in order #### Github - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/xcr-19/CVE-2023-32749 diff --git a/2023/CVE-2023-33013.md b/2023/CVE-2023-33013.md new file mode 100644 index 0000000000..fd48836f0a --- /dev/null +++ b/2023/CVE-2023-33013.md @@ -0,0 +1,17 @@ +### [CVE-2023-33013](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33013) +![](https://img.shields.io/static/v1?label=Product&message=NBG6604%20firmware&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20V1.01(ABIR.1)C0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-78%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20OS%20Command%20('OS%20Command%20Injection')&color=brighgreen) + +### Description + +A post-authentication command injection vulnerability in the NTP feature of Zyxel NBG6604 firmware version V1.01(ABIR.1)C0 could allow an authenticated attacker to execute some OS commands remotely by sending a crafted HTTP request. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/winmt/winmt + diff --git a/2023/CVE-2023-33246.md b/2023/CVE-2023-33246.md index a65836ee7c..632325b3d9 100644 --- a/2023/CVE-2023-33246.md +++ b/2023/CVE-2023-33246.md @@ -17,6 +17,7 @@ For RocketMQ versions 5.1.0 and below, under certain conditions, there is a risk - https://github.com/0day404/vulnerability-poc - https://github.com/0xKayala/CVE-2023-33246 - https://github.com/20142995/sectool +- https://github.com/3yujw7njai/CVE-2023-33246 - https://github.com/ARPSyndicate/cvemon - https://github.com/CKevens/CVE-2023-33246 - https://github.com/CVEDB/awesome-cve-repo diff --git a/2023/CVE-2023-33733.md b/2023/CVE-2023-33733.md index 935448a532..80103870fb 100644 --- a/2023/CVE-2023-33733.md +++ b/2023/CVE-2023-33733.md @@ -14,6 +14,7 @@ Reportlab up to v3.6.12 allows attackers to execute arbitrary code via supplying - https://github.com/c53elyas/CVE-2023-33733 #### Github +- https://github.com/L41KAA/CVE-2023-33733-Exploit-PoC - https://github.com/buiduchoang24/CVE-2023-33733 - https://github.com/c53elyas/CVE-2023-33733 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2023/CVE-2023-33829.md b/2023/CVE-2023-33829.md index 5c6c7d3243..b5e5a5117f 100644 --- a/2023/CVE-2023-33829.md +++ b/2023/CVE-2023-33829.md @@ -16,6 +16,7 @@ A stored cross-site scripting (XSS) vulnerability in Cloudogu GmbH SCM Manager v - https://github.com/n3gox/Stored-XSS-on-SCM-Manager-1.60 #### Github +- https://github.com/3yujw7njai/CVE-2023-33829-POC - https://github.com/CKevens/CVE-2023-33829-POC - https://github.com/n3gox/CVE-2023-33829 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2023/CVE-2023-34152.md b/2023/CVE-2023-34152.md index e08d78f761..b61f4efc59 100644 --- a/2023/CVE-2023-34152.md +++ b/2023/CVE-2023-34152.md @@ -14,6 +14,7 @@ A vulnerability was found in ImageMagick. This security flaw cause a remote code - https://github.com/ImageMagick/ImageMagick/issues/6339 #### Github +- https://github.com/SudoIndividual/CVE-2023-34152 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/overgrowncarrot1/ImageTragick_CVE-2023-34152 diff --git a/2023/CVE-2023-34644.md b/2023/CVE-2023-34644.md index c048406e00..9778456eeb 100644 --- a/2023/CVE-2023-34644.md +++ b/2023/CVE-2023-34644.md @@ -15,4 +15,5 @@ Remote code execution vulnerability in Ruijie Networks Product: RG-EW series hom #### Github - https://github.com/tanjiti/sec_profile +- https://github.com/winmt/winmt diff --git a/2023/CVE-2023-34992.md b/2023/CVE-2023-34992.md index 679a43217b..02f226647a 100644 --- a/2023/CVE-2023-34992.md +++ b/2023/CVE-2023-34992.md @@ -13,5 +13,6 @@ A improper neutralization of special elements used in an os command ('os command No PoCs from references. #### Github +- https://github.com/horizon3ai/CVE-2023-34992 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2023/CVE-2023-35359.md b/2023/CVE-2023-35359.md index 64d737cb07..3d281a3846 100644 --- a/2023/CVE-2023-35359.md +++ b/2023/CVE-2023-35359.md @@ -50,4 +50,5 @@ Windows Kernel Elevation of Privilege Vulnerability - https://github.com/Karmaz95/Karmaz95 - https://github.com/Threekiii/CVE - https://github.com/afine-com/research +- https://github.com/hungslab/awd-tools diff --git a/2023/CVE-2023-36085.md b/2023/CVE-2023-36085.md index 431bcf6349..9cf26ed084 100644 --- a/2023/CVE-2023-36085.md +++ b/2023/CVE-2023-36085.md @@ -17,4 +17,5 @@ The sisqualWFM 7.1.319.103 thru 7.1.319.111 for Android, has a host header injec #### Github - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/omershaik0/CVE-2023-36085_SISQUALWFM-Host-Header-Injection diff --git a/2023/CVE-2023-3618.md b/2023/CVE-2023-3618.md index f8457b31e6..af503655f1 100644 --- a/2023/CVE-2023-3618.md +++ b/2023/CVE-2023-3618.md @@ -21,5 +21,6 @@ No PoCs from references. - https://github.com/NaInSec/CVE-LIST - https://github.com/fkie-cad/nvd-json-data-feeds - https://github.com/jgamblin/cvelint-action +- https://github.com/khulnasoft-lab/cvelint-action - https://github.com/mprpic/cvelint diff --git a/2023/CVE-2023-36845.md b/2023/CVE-2023-36845.md index 8e84f8ecbf..91aa7601de 100644 --- a/2023/CVE-2023-36845.md +++ b/2023/CVE-2023-36845.md @@ -19,6 +19,7 @@ A PHP External Variable Modification vulnerability in J-Web of Juniper Networks #### Github - https://github.com/0xNehru/CVE-2023-36845-Juniper-Vulnerability +- https://github.com/3yujw7njai/ansible-cve-2023-36845 - https://github.com/Asbawy/Automation-for-Juniper-cve-2023-36845 - https://github.com/CKevens/ansible-cve-2023-36845 - https://github.com/CharonDefalt/Juniper-exploit-CVE-2023-36845 diff --git a/2023/CVE-2023-38031.md b/2023/CVE-2023-38031.md new file mode 100644 index 0000000000..f10e7cd9a6 --- /dev/null +++ b/2023/CVE-2023-38031.md @@ -0,0 +1,17 @@ +### [CVE-2023-38031](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38031) +![](https://img.shields.io/static/v1?label=Product&message=%20RT-AC86U&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%203.0.0.4.386.51529%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-78%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20OS%20Command%20('OS%20Command%20Injection')&color=brighgreen) + +### Description + +ASUS RT-AC86U Adaptive QoS - Web History function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/winmt/winmt + diff --git a/2023/CVE-2023-38032.md b/2023/CVE-2023-38032.md new file mode 100644 index 0000000000..e22fb3777f --- /dev/null +++ b/2023/CVE-2023-38032.md @@ -0,0 +1,17 @@ +### [CVE-2023-38032](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38032) +![](https://img.shields.io/static/v1?label=Product&message=RT-AC86U&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%09%203.0.0.4.386.51529%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-78%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20OS%20Command%20('OS%20Command%20Injection')&color=brighgreen) + +### Description + +ASUS RT-AC86U AiProtection security- related function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/winmt/winmt + diff --git a/2023/CVE-2023-38033.md b/2023/CVE-2023-38033.md new file mode 100644 index 0000000000..8532929abb --- /dev/null +++ b/2023/CVE-2023-38033.md @@ -0,0 +1,17 @@ +### [CVE-2023-38033](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38033) +![](https://img.shields.io/static/v1?label=Product&message=RT-AC86U&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%203.0.0.4.386.51529%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-78%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20OS%20Command%20('OS%20Command%20Injection')&color=brighgreen) + +### Description + +ASUS RT-AC86U unused Traffic Analyzer legacy Statistic function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/winmt/winmt + diff --git a/2023/CVE-2023-38146.md b/2023/CVE-2023-38146.md index 123f19b907..779ece20c0 100644 --- a/2023/CVE-2023-38146.md +++ b/2023/CVE-2023-38146.md @@ -24,6 +24,7 @@ Windows Themes Remote Code Execution Vulnerability - https://github.com/ZonghaoLi777/githubTrending - https://github.com/aneasystone/github-trending - https://github.com/ankitosh/temp +- https://github.com/exploits-forsale/themebleed - https://github.com/gabe-k/themebleed - https://github.com/johe123qwe/github-trending - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2023/CVE-2023-38609.md b/2023/CVE-2023-38609.md index b687218043..356853987c 100644 --- a/2023/CVE-2023-38609.md +++ b/2023/CVE-2023-38609.md @@ -13,5 +13,6 @@ An injection issue was addressed with improved input validation. This issue is f No PoCs from references. #### Github +- https://github.com/mc-17/CVE-2023-38609 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2023/CVE-2023-38646.md b/2023/CVE-2023-38646.md index 44b90affb9..6ee058b3ea 100644 --- a/2023/CVE-2023-38646.md +++ b/2023/CVE-2023-38646.md @@ -89,6 +89,7 @@ Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 all - https://github.com/shamo0/CVE-2023-38646-PoC - https://github.com/syr1ne/exploits - https://github.com/threatHNTR/CVE-2023-38646 +- https://github.com/xchg-rax-rax/CVE-2023-38646 - https://github.com/xxRON-js/Collaborator-like - https://github.com/yxl2001/CVE-2023-38646 diff --git a/2023/CVE-2023-38825.md b/2023/CVE-2023-38825.md new file mode 100644 index 0000000000..3b7fceeebe --- /dev/null +++ b/2023/CVE-2023-38825.md @@ -0,0 +1,17 @@ +### [CVE-2023-38825](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38825) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +SQL injection vulnerability in Vanderbilt REDCap before v.13.8.0 allows a remote attacker to obtain sensitive information via the password reset mechanism in MyCapMobileApp/update.php. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ntrampham/REDCap + diff --git a/2023/CVE-2023-38831.md b/2023/CVE-2023-38831.md index 7d084c8b75..074421fcd8 100644 --- a/2023/CVE-2023-38831.md +++ b/2023/CVE-2023-38831.md @@ -90,6 +90,7 @@ RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user - https://github.com/ruycr4ft/CVE-2023-38831 - https://github.com/s4m98/winrar-cve-2023-38831-poc-gen - https://github.com/sadnansakin/Winrar_0-day_RCE_Exploitation +- https://github.com/sh770/CVE-2023-38831 - https://github.com/solomon12354/VolleyballSquid-----CVE-2023-38831-and-Bypass-UAC - https://github.com/takinrom/nto2024-user4-report - https://github.com/tanjiti/sec_profile diff --git a/2023/CVE-2023-39236.md b/2023/CVE-2023-39236.md new file mode 100644 index 0000000000..5f096edf66 --- /dev/null +++ b/2023/CVE-2023-39236.md @@ -0,0 +1,17 @@ +### [CVE-2023-39236](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39236) +![](https://img.shields.io/static/v1?label=Product&message=RT-AC86U&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%203.0.0.4.386.51529%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-78%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20OS%20Command%20('OS%20Command%20Injection')&color=brighgreen) + +### Description + +ASUS RT-AC86U Traffic Analyzer - Statistic function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/winmt/winmt + diff --git a/2023/CVE-2023-39237.md b/2023/CVE-2023-39237.md new file mode 100644 index 0000000000..aeade8d9bc --- /dev/null +++ b/2023/CVE-2023-39237.md @@ -0,0 +1,17 @@ +### [CVE-2023-39237](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39237) +![](https://img.shields.io/static/v1?label=Product&message=RT-AC86U&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%203.0.0.4.386.51529%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-78%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20OS%20Command%20('OS%20Command%20Injection')&color=brighgreen) + +### Description + +ASUS RT-AC86U Traffic Analyzer - Apps analysis function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/winmt/winmt + diff --git a/2023/CVE-2023-40000.md b/2023/CVE-2023-40000.md index ded65e8857..45179d3c71 100644 --- a/2023/CVE-2023-40000.md +++ b/2023/CVE-2023-40000.md @@ -13,6 +13,7 @@ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripti No PoCs from references. #### Github +- https://github.com/iveresk/cve-2023-40000 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/rxerium/CVE-2023-40000 - https://github.com/rxerium/stars diff --git a/2023/CVE-2023-40618.md b/2023/CVE-2023-40618.md new file mode 100644 index 0000000000..301c3343ae --- /dev/null +++ b/2023/CVE-2023-40618.md @@ -0,0 +1,17 @@ +### [CVE-2023-40618](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40618) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A reflected cross-site scripting (XSS) vulnerability in OpenKnowledgeMaps Head Start versions 4, 5, 6, 7 as well as Visual Project Explorer 1.0, allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'service' parameter in 'headstart_snapshot.php'. + +### POC + +#### Reference +- https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-40618 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-40931.md b/2023/CVE-2023-40931.md index 3006d6a846..0956021d02 100644 --- a/2023/CVE-2023-40931.md +++ b/2023/CVE-2023-40931.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/sealldeveloper/CVE-2023-40931-PoC diff --git a/2023/CVE-2023-40933.md b/2023/CVE-2023-40933.md index a5c1e18919..6d334e779c 100644 --- a/2023/CVE-2023-40933.md +++ b/2023/CVE-2023-40933.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/sealldeveloper/CVE-2023-40933-PoC diff --git a/2023/CVE-2023-4197.md b/2023/CVE-2023-4197.md index 9a37fde0b7..7348dc9ef9 100644 --- a/2023/CVE-2023-4197.md +++ b/2023/CVE-2023-4197.md @@ -14,5 +14,6 @@ Improper input validation in Dolibarr ERP CRM <= v18.0.1 fails to strip certain - https://starlabs.sg/advisories/23/23-4197 #### Github +- https://github.com/alien-keric/CVE-2023-4197 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2023/CVE-2023-42793.md b/2023/CVE-2023-42793.md index 249986f8be..51e5d5d1f4 100644 --- a/2023/CVE-2023-42793.md +++ b/2023/CVE-2023-42793.md @@ -32,6 +32,7 @@ In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on T - https://github.com/UNC1739/awesome-vulnerability-research - https://github.com/WhiteOwl-Pub/PoC-JetBrains-TeamCity-CVE-2023-42793 - https://github.com/Y4tacker/JavaSec +- https://github.com/YN1337/JetBrains-TeamCity- - https://github.com/Zenmovie/CVE-2023-42793 - https://github.com/Zyad-Elsayed/CVE-2023-42793 - https://github.com/aleksey-vi/presentation-report @@ -39,6 +40,7 @@ In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on T - https://github.com/getdrive/PoC - https://github.com/hotplugin0x01/CVE-2023-42793 - https://github.com/johnossawy/CVE-2023-42793_POC +- https://github.com/junnythemarksman/CVE-2023-42793 - https://github.com/netlas-io/netlas-dorks - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/whitfieldsdad/cisa_kev diff --git a/2023/CVE-2023-43622.md b/2023/CVE-2023-43622.md index 23b1ee8299..39ab05d17c 100644 --- a/2023/CVE-2023-43622.md +++ b/2023/CVE-2023-43622.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/arsenalzp/apch-operator - https://github.com/sebastienwebdev/Vulnerability - https://github.com/sebastienwebdev/sebastienwebdev +- https://github.com/visudade/CVE-2023-43622 diff --git a/2023/CVE-2023-45229.md b/2023/CVE-2023-45229.md index b7bdf381ca..0dc2ad1469 100644 --- a/2023/CVE-2023-45229.md +++ b/2023/CVE-2023-45229.md @@ -14,5 +14,6 @@ EDK2's Network Package is susceptible to an out-of-bounds read vulnerability whe - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html #### Github +- https://github.com/1490kdrm/vuln_BIOs - https://github.com/quarkslab/pixiefail diff --git a/2023/CVE-2023-45230.md b/2023/CVE-2023-45230.md index eb767d0e97..e6be1e02fd 100644 --- a/2023/CVE-2023-45230.md +++ b/2023/CVE-2023-45230.md @@ -14,6 +14,7 @@ - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html #### Github +- https://github.com/1490kdrm/vuln_BIOs - https://github.com/fkie-cad/nvd-json-data-feeds - https://github.com/quarkslab/pixiefail diff --git a/2023/CVE-2023-45232.md b/2023/CVE-2023-45232.md index e1e8d059fb..a55997d0be 100644 --- a/2023/CVE-2023-45232.md +++ b/2023/CVE-2023-45232.md @@ -14,6 +14,7 @@ - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html #### Github +- https://github.com/1490kdrm/vuln_BIOs - https://github.com/fkie-cad/nvd-json-data-feeds - https://github.com/quarkslab/pixiefail diff --git a/2023/CVE-2023-45234.md b/2023/CVE-2023-45234.md index 263829034d..a94ddf0b20 100644 --- a/2023/CVE-2023-45234.md +++ b/2023/CVE-2023-45234.md @@ -14,6 +14,7 @@ - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html #### Github +- https://github.com/1490kdrm/vuln_BIOs - https://github.com/fkie-cad/nvd-json-data-feeds - https://github.com/quarkslab/pixiefail diff --git a/2023/CVE-2023-45236.md b/2023/CVE-2023-45236.md new file mode 100644 index 0000000000..d908b68486 --- /dev/null +++ b/2023/CVE-2023-45236.md @@ -0,0 +1,17 @@ +### [CVE-2023-45236](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45236) +![](https://img.shields.io/static/v1?label=Product&message=edk2&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20edk2-stable202308%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-200%20Exposure%20of%20Sensitive%20Information%20to%20an%20Unauthorized%20Actor&color=brighgreen) + +### Description + + EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/1490kdrm/vuln_BIOs + diff --git a/2023/CVE-2023-45237.md b/2023/CVE-2023-45237.md new file mode 100644 index 0000000000..ad0afcfd02 --- /dev/null +++ b/2023/CVE-2023-45237.md @@ -0,0 +1,17 @@ +### [CVE-2023-45237](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45237) +![](https://img.shields.io/static/v1?label=Product&message=edk2&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20edk2-stable202308%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-338%20Use%20of%20Cryptographically%20Weak%20Pseudo-Random%20Number%20Generator%20(PRNG)&color=brighgreen) + +### Description + + EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/1490kdrm/vuln_BIOs + diff --git a/2023/CVE-2023-45471.md b/2023/CVE-2023-45471.md index 6e61b065c0..581eba1336 100644 --- a/2023/CVE-2023-45471.md +++ b/2023/CVE-2023-45471.md @@ -15,5 +15,6 @@ The QAD Search Server is vulnerable to Stored Cross-Site Scripting (XSS) in vers #### Github - https://github.com/itsAptx/CVE-2023-45471 +- https://github.com/mehdibelhajamor/CVE-2023-45471 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2023/CVE-2023-45539.md b/2023/CVE-2023-45539.md new file mode 100644 index 0000000000..1e8511e406 --- /dev/null +++ b/2023/CVE-2023-45539.md @@ -0,0 +1,17 @@ +### [CVE-2023-45539](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45539) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +HAProxy before 2.8.2 accepts # as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a path_end rule, such as routing index.html#.png to a static server. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/hackthebox/cyber-apocalypse-2024 + diff --git a/2023/CVE-2023-45866.md b/2023/CVE-2023-45866.md index b03b9ab3c5..e936768fc3 100644 --- a/2023/CVE-2023-45866.md +++ b/2023/CVE-2023-45866.md @@ -14,7 +14,9 @@ Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID D - https://github.com/skysafe/reblog/tree/main/cve-2023-45866 #### Github +- https://github.com/0xbitx/DEDSEC_BKIF - https://github.com/Eason-zz/BluetoothDucky +- https://github.com/H4lo/awesome-IoT-security-article - https://github.com/V33RU/CommandInWiFi - https://github.com/V33RU/CommandInWiFi-Zeroclick - https://github.com/ZonghaoLi777/githubTrending @@ -23,6 +25,7 @@ Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID D - https://github.com/gato001k1/helt - https://github.com/jjjjjjjj987/cve-2023-45866-py - https://github.com/johe123qwe/github-trending +- https://github.com/krazystar55/BlueDucky - https://github.com/marcnewlin/hi_my_name_is_keyboard - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/pentestfunctions/BlueDucky diff --git a/2023/CVE-2023-46012.md b/2023/CVE-2023-46012.md index 3d73bcad9e..8667d03da2 100644 --- a/2023/CVE-2023-46012.md +++ b/2023/CVE-2023-46012.md @@ -13,5 +13,5 @@ Buffer Overflow vulnerability LINKSYS EA7500 3.0.1.207964 allows a remote attack - https://github.com/dest-3/CVE-2023-46012/tree/main #### Github -No PoCs found on GitHub currently. +- https://github.com/dest-3/CVE-2023-46012 diff --git a/2023/CVE-2023-46442.md b/2023/CVE-2023-46442.md index 0c6eb0fd21..bfc5ece0e3 100644 --- a/2023/CVE-2023-46442.md +++ b/2023/CVE-2023-46442.md @@ -13,5 +13,6 @@ An infinite loop in the retrieveActiveBody function of Soot before v4.4.1 under - https://github.com/JAckLosingHeart/CVE-2023-46442_POC/tree/main #### Github +- https://github.com/JAckLosingHeart/CVE-2023-46442_POC - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2023/CVE-2023-46604.md b/2023/CVE-2023-46604.md index 096471e618..a77cae155a 100644 --- a/2023/CVE-2023-46604.md +++ b/2023/CVE-2023-46604.md @@ -60,6 +60,7 @@ The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. Th - https://github.com/nitzanoligo/CVE-2023-46604-demo - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/ph-hitachi/CVE-2023-46604 +- https://github.com/pulentoski/CVE-2023-46604 - https://github.com/sampsonv/github-trending - https://github.com/seal-community/patches - https://github.com/sule01u/CVE-2023-46604 diff --git a/2023/CVE-2023-46694.md b/2023/CVE-2023-46694.md index 598cbcc958..7cbdc452de 100644 --- a/2023/CVE-2023-46694.md +++ b/2023/CVE-2023-46694.md @@ -13,5 +13,5 @@ Vtenext 21.02 allows an authenticated attacker to upload arbitrary files, potent - https://github.com/invisiblebyte/CVE-2023-46694 #### Github -No PoCs found on GitHub currently. +- https://github.com/invisiblebyte/CVE-2023-46694 diff --git a/2023/CVE-2023-46805.md b/2023/CVE-2023-46805.md index 668bf5874a..a59458f1c2 100644 --- a/2023/CVE-2023-46805.md +++ b/2023/CVE-2023-46805.md @@ -16,6 +16,7 @@ An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 2 #### Github - https://github.com/20142995/sectool +- https://github.com/Cappricio-Securities/CVE-2023-46805 - https://github.com/Chocapikk/CVE-2023-46805 - https://github.com/H4lo/awesome-IoT-security-article - https://github.com/HiS3/Ivanti-ICT-Snapshot-decryption diff --git a/2023/CVE-2023-4813.md b/2023/CVE-2023-4813.md index d87e72e9db..1cebee6d0b 100644 --- a/2023/CVE-2023-4813.md +++ b/2023/CVE-2023-4813.md @@ -21,4 +21,5 @@ No PoCs from references. - https://github.com/adegoodyer/kubernetes-admin-toolkit - https://github.com/fokypoky/places-list - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/tnishiox/kernelcare-playground diff --git a/2023/CVE-2023-4863.md b/2023/CVE-2023-4863.md index 78d3a4b4c6..72358b7ea9 100644 --- a/2023/CVE-2023-4863.md +++ b/2023/CVE-2023-4863.md @@ -50,6 +50,7 @@ Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and lib - https://github.com/cgohlke/win_arm64-wheels - https://github.com/hktalent/TOP - https://github.com/houjingyi233/awesome-fuzz +- https://github.com/huiwen-yayaya/CVE-2023-4863 - https://github.com/jiegec/awesome-stars - https://github.com/johe123qwe/github-trending - https://github.com/mistymntncop/CVE-2023-4863 diff --git a/2023/CVE-2023-48795.md b/2023/CVE-2023-48795.md index 5a7b315316..f1a3827b00 100644 --- a/2023/CVE-2023-48795.md +++ b/2023/CVE-2023-48795.md @@ -22,6 +22,7 @@ The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH bef - https://www.theregister.com/2023/12/20/terrapin_attack_ssh #### Github +- https://github.com/Dev0psSec/SSH-Terrapin-Attack - https://github.com/Dev5ec0ps/SSH-Terrapin-Attack - https://github.com/GitHubForSnap/openssh-server-gael - https://github.com/GlTIab/SSH-Terrapin-Attack diff --git a/2023/CVE-2023-49070.md b/2023/CVE-2023-49070.md index 511cc19a3a..104a135808 100644 --- a/2023/CVE-2023-49070.md +++ b/2023/CVE-2023-49070.md @@ -38,6 +38,7 @@ Pre-auth RCE in Apache Ofbiz 18.12.09.It's due to XML-RPC no longer maintained - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/slimtoolkit/slim - https://github.com/tanjiti/sec_profile +- https://github.com/tw0point/BadBizness-CVE-2023-51467 - https://github.com/txuswashere/OSCP - https://github.com/wjlin0/poc-doc - https://github.com/wy876/POC diff --git a/2023/CVE-2023-49606.md b/2023/CVE-2023-49606.md index e745660c6d..393698fd20 100644 --- a/2023/CVE-2023-49606.md +++ b/2023/CVE-2023-49606.md @@ -13,6 +13,7 @@ A use-after-free vulnerability exists in the HTTP Connection Headers parsing in - https://talosintelligence.com/vulnerability_reports/TALOS-2023-1889 #### Github +- https://github.com/d0rb/CVE-2023-49606 - https://github.com/fkie-cad/nvd-json-data-feeds - https://github.com/tanjiti/sec_profile diff --git a/2023/CVE-2023-50685.md b/2023/CVE-2023-50685.md index 7c2fb4dbc3..749e151d01 100644 --- a/2023/CVE-2023-50685.md +++ b/2023/CVE-2023-50685.md @@ -13,5 +13,5 @@ An issue in Hipcam Cameras RealServer v.1.0 allows a remote attacker to cause a - https://github.com/UnderwaterCoder/Hipcam-RTSP-Format-Validation-Vulnerability #### Github -No PoCs found on GitHub currently. +- https://github.com/UnderwaterCoder/Hipcam-RTSP-Format-Validation-Vulnerability diff --git a/2023/CVE-2023-51467.md b/2023/CVE-2023-51467.md index 0e703a88ab..e391e87322 100644 --- a/2023/CVE-2023-51467.md +++ b/2023/CVE-2023-51467.md @@ -43,6 +43,7 @@ No PoCs from references. - https://github.com/murayr/Bizness - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/tanjiti/sec_profile +- https://github.com/tw0point/BadBizness-CVE-2023-51467 - https://github.com/txuswashere/OSCP - https://github.com/vulncheck-oss/cve-2023-51467 - https://github.com/vulncheck-oss/go-exploit diff --git a/2023/CVE-2023-6241.md b/2023/CVE-2023-6241.md index 61be373785..4716714dbd 100644 --- a/2023/CVE-2023-6241.md +++ b/2023/CVE-2023-6241.md @@ -16,6 +16,7 @@ Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifro No PoCs from references. #### Github +- https://github.com/SmileTabLabo/CVE-2023-6241 - https://github.com/fkie-cad/nvd-json-data-feeds - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/xairy/linux-kernel-exploitation diff --git a/2023/CVE-2023-6300.md b/2023/CVE-2023-6300.md new file mode 100644 index 0000000000..75e16c2b4f --- /dev/null +++ b/2023/CVE-2023-6300.md @@ -0,0 +1,17 @@ +### [CVE-2023-6300](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6300) +![](https://img.shields.io/static/v1?label=Product&message=Best%20Courier%20Management%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Cross%20Site%20Scripting&color=brighgreen) + +### Description + +A vulnerability, which was classified as problematic, was found in SourceCodester Best Courier Management System 1.0. Affected is an unknown function. The manipulation of the argument page with the input leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-246126 is the identifier assigned to this vulnerability. + +### POC + +#### Reference +- https://github.com/BigTiger2020/2023/blob/main/best-courier-management-system/best-courier-management-system%20-%20reflected%20xss.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-6611.md b/2023/CVE-2023-6611.md new file mode 100644 index 0000000000..6a7da5b815 --- /dev/null +++ b/2023/CVE-2023-6611.md @@ -0,0 +1,17 @@ +### [CVE-2023-6611](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6611) +![](https://img.shields.io/static/v1?label=Product&message=OA%202017&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%2011.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability was found in Tongda OA 2017 up to 11.9. It has been declared as critical. This vulnerability affects unknown code of the file pda/pad/email/delete.php. The manipulation of the argument EMAIL_ID leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. VDB-247246 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. + +### POC + +#### Reference +- https://github.com/13223355/cve/blob/main/sql.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-0230.md b/2024/CVE-2024-0230.md index da5d0aab85..9b7911dd10 100644 --- a/2024/CVE-2024-0230.md +++ b/2024/CVE-2024-0230.md @@ -13,6 +13,7 @@ A session management issue was addressed with improved checks. This issue is fix No PoCs from references. #### Github +- https://github.com/H4lo/awesome-IoT-security-article - https://github.com/gato001k1/helt - https://github.com/keldnorman/cve-2024-0230-blue - https://github.com/marcnewlin/hi_my_name_is_keyboard diff --git a/2024/CVE-2024-20404.md b/2024/CVE-2024-20404.md new file mode 100644 index 0000000000..fb5e2eb8c4 --- /dev/null +++ b/2024/CVE-2024-20404.md @@ -0,0 +1,22 @@ +### [CVE-2024-20404](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20404) +![](https://img.shields.io/static/v1?label=Product&message=Cisco%20Finesse&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Cisco%20Packaged%20Contact%20Center%20Enterprise&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Cisco%20Unified%20Contact%20Center%20Enterprise&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Cisco%20Unified%20Contact%20Center%20Express&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%2012.6(2)%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20N%2FA%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Server-Side%20Request%20Forgery%20(SSRF)&color=brighgreen) + +### Description + +A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct an SSRF attack on an affected system. This vulnerability is due to insufficient validation of user-supplied input for specific HTTP requests that are sent to an affected system. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to obtain limited sensitive information for services that are associated to the affected device. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/AbdElRahmanEzzat1995/CVE-2024-20404 +- https://github.com/nomi-sec/PoC-in-GitHub + diff --git a/2024/CVE-2024-20405.md b/2024/CVE-2024-20405.md new file mode 100644 index 0000000000..32a41a06af --- /dev/null +++ b/2024/CVE-2024-20405.md @@ -0,0 +1,22 @@ +### [CVE-2024-20405](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20405) +![](https://img.shields.io/static/v1?label=Product&message=Cisco%20Finesse&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Cisco%20Packaged%20Contact%20Center%20Enterprise&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Cisco%20Unified%20Contact%20Center%20Enterprise&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Cisco%20Unified%20Contact%20Center%20Express&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%2012.6(2)%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20N%2FA%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Improper%20Input%20Validation&color=brighgreen) + +### Description + +A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a stored XSS attack by exploiting an RFI vulnerability. This vulnerability is due to insufficient validation of user-supplied input for specific HTTP requests that are sent to an affected device. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive information on the affected device. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/AbdElRahmanEzzat1995/CVE-2024-20405 +- https://github.com/nomi-sec/PoC-in-GitHub + diff --git a/2024/CVE-2024-21748.md b/2024/CVE-2024-21748.md new file mode 100644 index 0000000000..044ab8ba33 --- /dev/null +++ b/2024/CVE-2024-21748.md @@ -0,0 +1,17 @@ +### [CVE-2024-21748](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21748) +![](https://img.shields.io/static/v1?label=Product&message=Icegram&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-862%20Missing%20Authorization&color=brighgreen) + +### Description + +Missing Authorization vulnerability in Icegram.This issue affects Icegram: from n/a through 3.1.21. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-22151.md b/2024/CVE-2024-22151.md new file mode 100644 index 0000000000..a930289b27 --- /dev/null +++ b/2024/CVE-2024-22151.md @@ -0,0 +1,17 @@ +### [CVE-2024-22151](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22151) +![](https://img.shields.io/static/v1?label=Product&message=Import%20and%20export%20users%20and%20customers&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-862%20Missing%20Authorization&color=brighgreen) + +### Description + +Missing Authorization vulnerability in Codection Import and export users and customers.This issue affects Import and export users and customers: from n/a through 1.24.6. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-24919.md b/2024/CVE-2024-24919.md index 5fcc05f333..8b78f5ad18 100644 --- a/2024/CVE-2024-24919.md +++ b/2024/CVE-2024-24919.md @@ -54,13 +54,16 @@ No PoCs from references. - https://github.com/pewc0/CVE-2024-24919 - https://github.com/r4p3c4/CVE-2024-24919-Checkpoint-Firewall-VPN-Check - https://github.com/r4p3c4/CVE-2024-24919-Exploit-PoC-Checkpoint-Firewall-VPN +- https://github.com/satchhacker/cve-2024-24919 - https://github.com/satriarizka/CVE-2024-24919 - https://github.com/seed1337/CVE-2024-24919-POC - https://github.com/sep2limited/CheckPoint_Query_Py +- https://github.com/shilpaverma2/NEW-CHECKPOINT-CVE - https://github.com/smackerdodi/CVE-2024-24919-nuclei-templater - https://github.com/starlox0/CVE-2024-24919-POC - https://github.com/tanjiti/sec_profile - https://github.com/un9nplayer/CVE-2024-24919 +- https://github.com/verylazytech/CVE-2024-24919 - https://github.com/wjlin0/poc-doc - https://github.com/wy876/POC - https://github.com/wy876/wiki diff --git a/2024/CVE-2024-25092.md b/2024/CVE-2024-25092.md new file mode 100644 index 0000000000..6dd3bbb030 --- /dev/null +++ b/2024/CVE-2024-25092.md @@ -0,0 +1,18 @@ +### [CVE-2024-25092](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25092) +![](https://img.shields.io/static/v1?label=Product&message=NextMove%20Lite&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-862%20Missing%20Authorization&color=brighgreen) + +### Description + +Missing Authorization vulnerability in XLPlugins NextMove Lite.This issue affects NextMove Lite: from n/a through 2.17.0. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/RandomRobbieBF/CVE-2024-25092 +- https://github.com/nomi-sec/PoC-in-GitHub + diff --git a/2024/CVE-2024-25600.md b/2024/CVE-2024-25600.md index 03c276afbe..c84829b5dc 100644 --- a/2024/CVE-2024-25600.md +++ b/2024/CVE-2024-25600.md @@ -32,6 +32,7 @@ Improper Control of Generation of Code ('Code Injection') vulnerability in Codee - https://github.com/fireinrain/github-trending - https://github.com/gobysec/Goby - https://github.com/hy011121/CVE-2024-25600-wordpress-Exploit-RCE +- https://github.com/ivanbg2004/0BL1V10N-CVE-2024-25600-Bricks-Builder-plugin-for-WordPress - https://github.com/johe123qwe/github-trending - https://github.com/k3lpi3b4nsh33/CVE-2024-25600 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2024/CVE-2024-27956.md b/2024/CVE-2024-27956.md index 15e1cd85b0..654d21a8cb 100644 --- a/2024/CVE-2024-27956.md +++ b/2024/CVE-2024-27956.md @@ -24,6 +24,7 @@ No PoCs from references. - https://github.com/aneasystone/github-trending - https://github.com/diego-tella/CVE-2024-27956-RCE - https://github.com/fireinrain/github-trending +- https://github.com/itzheartzz/MASS-CVE-2024-27956 - https://github.com/johe123qwe/github-trending - https://github.com/k3ppf0r/CVE-2024-27956 - https://github.com/nancyariah4/CVE-2024-27956 diff --git a/2024/CVE-2024-28288.md b/2024/CVE-2024-28288.md index 7fba05e0dc..fac668b63b 100644 --- a/2024/CVE-2024-28288.md +++ b/2024/CVE-2024-28288.md @@ -10,7 +10,7 @@ Ruijie RG-NBR700GW 10.3(4b12) router lacks cookie verification when resetting th ### POC #### Reference -No PoCs from references. +- https://github.com/adminquit/CVE-2024-28288/blob/d8223c6d45af877669c27fa0a95adfe51924fa86/CVE-2024-28288/CVE-2024-28288.md #### Github - https://github.com/adminquit/CVE-2024-28288 diff --git a/2024/CVE-2024-29269.md b/2024/CVE-2024-29269.md index a805e6d549..169de6a61d 100644 --- a/2024/CVE-2024-29269.md +++ b/2024/CVE-2024-29269.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/Chocapikk/CVE-2024-29269 +- https://github.com/Jhonsonwannaa/CVE-2024-29269 - https://github.com/Ostorlab/KEV - https://github.com/YongYe-Security/CVE-2024-29269 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2024/CVE-2024-29415.md b/2024/CVE-2024-29415.md index e4cd15ce7a..fea53f5c1e 100644 --- a/2024/CVE-2024-29415.md +++ b/2024/CVE-2024-29415.md @@ -15,4 +15,5 @@ The ip package through 2.0.1 for Node.js might allow SSRF because some IP addres #### Github - https://github.com/fkie-cad/nvd-json-data-feeds +- https://github.com/tanjiti/sec_profile diff --git a/2024/CVE-2024-31621.md b/2024/CVE-2024-31621.md index 1985789237..f9b03ae589 100644 --- a/2024/CVE-2024-31621.md +++ b/2024/CVE-2024-31621.md @@ -14,5 +14,5 @@ An issue in FlowiseAI Inc Flowise v.1.6.2 and before allows a remote attacker to - https://www.exploit-db.com/exploits/52001 #### Github -No PoCs found on GitHub currently. +- https://github.com/komodoooo/Some-things diff --git a/2024/CVE-2024-31819.md b/2024/CVE-2024-31819.md index f96352e459..48373ea71e 100644 --- a/2024/CVE-2024-31819.md +++ b/2024/CVE-2024-31819.md @@ -18,5 +18,6 @@ An issue in WWBN AVideo v.12.4 through v.14.2 allows a remote attacker to execut #### Github - https://github.com/Chocapikk/CVE-2024-31819 - https://github.com/Chocapikk/My-CVEs +- https://github.com/Jhonsonwannaa/CVE-2024-31819 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2024/CVE-2024-32002.md b/2024/CVE-2024-32002.md index 33f8740051..5f3e301fcf 100644 --- a/2024/CVE-2024-32002.md +++ b/2024/CVE-2024-32002.md @@ -29,6 +29,8 @@ No PoCs from references. - https://github.com/CrackerCat/CVE-2024-32002_EXP - https://github.com/GhostTroops/TOP - https://github.com/Goplush/CVE-2024-32002-git-rce +- https://github.com/Hector65432/cve-2024-32002-1 +- https://github.com/Hector65432/cve-2024-32002-2 - https://github.com/JJoosh/CVE-2024-32002-Reverse-Shell - https://github.com/JakobTheDev/cve-2024-32002-poc-aw - https://github.com/JakobTheDev/cve-2024-32002-poc-rce diff --git a/2024/CVE-2024-32714.md b/2024/CVE-2024-32714.md new file mode 100644 index 0000000000..4997bf3030 --- /dev/null +++ b/2024/CVE-2024-32714.md @@ -0,0 +1,17 @@ +### [CVE-2024-32714](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32714) +![](https://img.shields.io/static/v1?label=Product&message=Academy%20LMS&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-862%20Missing%20Authorization&color=brighgreen) + +### Description + +Missing Authorization vulnerability in Academy LMS academy.This issue affects Academy LMS: from n/a through 1.9.16. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-32715.md b/2024/CVE-2024-32715.md new file mode 100644 index 0000000000..9bf2848e9f --- /dev/null +++ b/2024/CVE-2024-32715.md @@ -0,0 +1,17 @@ +### [CVE-2024-32715](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32715) +![](https://img.shields.io/static/v1?label=Product&message=Olive%20One%20Click%20Demo%20Import&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-862%20Missing%20Authorization&color=brighgreen) + +### Description + +Missing Authorization vulnerability in Olive Themes Olive One Click Demo Import.This issue affects Olive One Click Demo Import: from n/a through 1.1.1. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-32725.md b/2024/CVE-2024-32725.md new file mode 100644 index 0000000000..f52d207830 --- /dev/null +++ b/2024/CVE-2024-32725.md @@ -0,0 +1,17 @@ +### [CVE-2024-32725](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32725) +![](https://img.shields.io/static/v1?label=Product&message=5%20Stars%20Rating%20Funnel&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-862%20Missing%20Authorization&color=brighgreen) + +### Description + +Missing Authorization vulnerability in Saleswonder 5 Stars Rating Funnel.This issue affects 5 Stars Rating Funnel: from n/a through 1.2.67. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-35657.md b/2024/CVE-2024-35657.md new file mode 100644 index 0000000000..6e24cff2cb --- /dev/null +++ b/2024/CVE-2024-35657.md @@ -0,0 +1,17 @@ +### [CVE-2024-35657](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35657) +![](https://img.shields.io/static/v1?label=Product&message=WP-Recall&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa%3C%3D%2016.26.6%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-352%20Cross-Site%20Request%20Forgery%20(CSRF)&color=brighgreen) + +### Description + +Cross-Site Request Forgery (CSRF) vulnerability in Plechev Andrey WP-Recall.This issue affects WP-Recall: from n/a through 16.26.6. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-35659.md b/2024/CVE-2024-35659.md new file mode 100644 index 0000000000..06363ec873 --- /dev/null +++ b/2024/CVE-2024-35659.md @@ -0,0 +1,17 @@ +### [CVE-2024-35659](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35659) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-639%20Authorization%20Bypass%20Through%20User-Controlled%20Key&color=brighgreen) + +### Description + +Authorization Bypass Through User-Controlled Key vulnerability in KiviCare.This issue affects KiviCare: from n/a through 3.6.2. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-35675.md b/2024/CVE-2024-35675.md new file mode 100644 index 0000000000..f70d0108d8 --- /dev/null +++ b/2024/CVE-2024-35675.md @@ -0,0 +1,17 @@ +### [CVE-2024-35675](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35675) +![](https://img.shields.io/static/v1?label=Product&message=Advanced%20Woo%20Labels&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20(XSS%20or%20'Cross-site%20Scripting')&color=brighgreen) + +### Description + +Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ILLID Advanced Woo Labels allows Cross-Site Scripting (XSS).This issue affects Advanced Woo Labels: from n/a through 1.93. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-35676.md b/2024/CVE-2024-35676.md new file mode 100644 index 0000000000..f2c164952b --- /dev/null +++ b/2024/CVE-2024-35676.md @@ -0,0 +1,17 @@ +### [CVE-2024-35676](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35676) +![](https://img.shields.io/static/v1?label=Product&message=Recurring%20PayPal%20Donations&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20(XSS%20or%20'Cross-site%20Scripting')&color=brighgreen) + +### Description + +Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in wpecommerce Recurring PayPal Donations allows Stored XSS.This issue affects Recurring PayPal Donations: from n/a through 1.7. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-35678.md b/2024/CVE-2024-35678.md new file mode 100644 index 0000000000..fe2912a867 --- /dev/null +++ b/2024/CVE-2024-35678.md @@ -0,0 +1,17 @@ +### [CVE-2024-35678](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35678) +![](https://img.shields.io/static/v1?label=Product&message=Contact%20Form%20to%20DB%20by%20BestWebSoft&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20SQL%20Command%20('SQL%20Injection')&color=brighgreen) + +### Description + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BestWebSoft Contact Form to DB by BestWebSoft.This issue affects Contact Form to DB by BestWebSoft: from n/a through 1.7.2. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-3661.md b/2024/CVE-2024-3661.md index 9466d0888f..2b93ffbd21 100644 --- a/2024/CVE-2024-3661.md +++ b/2024/CVE-2024-3661.md @@ -22,6 +22,7 @@ DHCP can add routes to a client’s routing table via the classless static route - https://github.com/a1xbit/DecloakingVPN - https://github.com/apiverve/news-API - https://github.com/bollwarm/SecToolSet +- https://github.com/cyberspatiallabs/TunnelVision - https://github.com/fkie-cad/nvd-json-data-feeds - https://github.com/giterlizzi/secdb-feeds - https://github.com/leviathansecurity/TunnelVision diff --git a/2024/CVE-2024-4358.md b/2024/CVE-2024-4358.md index eafb4669aa..6efcb4826a 100644 --- a/2024/CVE-2024-4358.md +++ b/2024/CVE-2024-4358.md @@ -21,6 +21,7 @@ No PoCs from references. - https://github.com/securitycipher/daily-bugbounty-writeups - https://github.com/sinsinology/CVE-2024-4358 - https://github.com/tanjiti/sec_profile +- https://github.com/verylazytech/CVE-2024-4358 - https://github.com/wy876/POC - https://github.com/wy876/wiki diff --git a/2024/CVE-2024-4680.md b/2024/CVE-2024-4680.md new file mode 100644 index 0000000000..d4bf8dd82f --- /dev/null +++ b/2024/CVE-2024-4680.md @@ -0,0 +1,17 @@ +### [CVE-2024-4680](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4680) +![](https://img.shields.io/static/v1?label=Product&message=zenml-io%2Fzenml&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=unspecified%3C%3D%20latest%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-613%20Insufficient%20Session%20Expiration&color=brighgreen) + +### Description + +A vulnerability in zenml-io/zenml version 0.56.3 allows attackers to reuse old session credentials or session IDs due to insufficient session expiration. Specifically, the session does not expire after a password change, enabling an attacker to maintain access to a compromised account without the victim's ability to revoke this access. This issue was observed in a self-hosted ZenML deployment via Docker, where after changing the password from one browser, the session remained active and usable in another browser without requiring re-authentication. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/sev-hack/sev-hack + diff --git a/2024/CVE-2024-4956.md b/2024/CVE-2024-4956.md index 00145255c5..9e1b0c5705 100644 --- a/2024/CVE-2024-4956.md +++ b/2024/CVE-2024-4956.md @@ -34,6 +34,7 @@ No PoCs from references. - https://github.com/securitycipher/daily-bugbounty-writeups - https://github.com/tanjiti/sec_profile - https://github.com/thinhap/CVE-2024-4956-PoC +- https://github.com/verylazytech/CVE-2024-4956 - https://github.com/wjlin0/poc-doc - https://github.com/wy876/POC - https://github.com/wy876/wiki diff --git a/2024/CVE-2024-5774.md b/2024/CVE-2024-5774.md new file mode 100644 index 0000000000..77e3acee40 --- /dev/null +++ b/2024/CVE-2024-5774.md @@ -0,0 +1,17 @@ +### [CVE-2024-5774](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5774) +![](https://img.shields.io/static/v1?label=Product&message=Stock%20Management%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability has been found in SourceCodester Stock Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file index.php of the component Login. The manipulation of the argument username/password leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-267457 was assigned to this vulnerability. + +### POC + +#### Reference +- https://github.com/CveSecLook/cve/issues/43 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-5775.md b/2024/CVE-2024-5775.md new file mode 100644 index 0000000000..faa3298617 --- /dev/null +++ b/2024/CVE-2024-5775.md @@ -0,0 +1,17 @@ +### [CVE-2024-5775](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5775) +![](https://img.shields.io/static/v1?label=Product&message=Vehicle%20Management%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability was found in SourceCodester Vehicle Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file updatebill.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-267458 is the identifier assigned to this vulnerability. + +### POC + +#### Reference +- https://github.com/CveSecLook/cve/issues/44 + +#### Github +No PoCs found on GitHub currently. + diff --git a/github.txt b/github.txt index 6d6c8f745f..52ca683f10 100644 --- a/github.txt +++ b/github.txt @@ -3,12 +3,15 @@ CVE-0000-0000 - https://github.com/KINGSABRI/CVE-in-Ruby CVE-0000-0000 - https://github.com/Konstantinos-Papanagnou/CMSpit CVE-0000-0000 - https://github.com/Simonpe1/xray-custom-integration-demo CVE-0000-0000 - https://github.com/dimondevceo/reverse_shell_javascript +CVE-0000-0000 - https://github.com/readloud/CVE-in-Ruby +CVE-0123-4567 - https://github.com/splunk-soar-connectors/dataminrpulse CVE-1234-5678 - https://github.com/openvex/vexctl CVE-1990-0000 - https://github.com/tecnobabble/vulnfeed_2_tenb CVE-1999-0001 - https://github.com/MarcusGutierrez/complex-vulnerabilities CVE-1999-0001 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-1999-0001 - https://github.com/flowground/anchore-io-connector CVE-1999-0001 - https://github.com/jimmyislive/gocve +CVE-1999-0001 - https://github.com/morpheuslord/CVE-llm_dataset CVE-1999-0001 - https://github.com/quentinmayo/get_nvd_data_from_online_to_csv CVE-1999-0002 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-1999-0002 - https://github.com/jimmyislive/gocve @@ -107,6 +110,8 @@ CVE-1999-0678 - https://github.com/starnightcyber/vul-info-collect CVE-1999-0691 - https://github.com/truefinder/truefinder CVE-1999-0898 - https://github.com/clearbluejar/cve-markdown-charts CVE-1999-0899 - https://github.com/clearbluejar/cve-markdown-charts +CVE-1999-0999 - https://github.com/morpheuslord/CVE-llm_dataset +CVE-1999-1000 - https://github.com/morpheuslord/CVE-llm_dataset CVE-1999-1010 - https://github.com/phx/cvescan CVE-1999-1057 - https://github.com/joscanoga/Reto-python-CRM CVE-1999-1060 - https://github.com/cmilanf/docker-tetrinetx @@ -130,6 +135,7 @@ CVE-1999-1471 - https://github.com/joscanoga/Reto-python-CRM CVE-1999-1506 - https://github.com/joscanoga/Reto-python-CRM CVE-1999-1554 - https://github.com/joscanoga/Reto-python-CRM CVE-1999-1587 - https://github.com/0xdea/exploits +CVE-1999-1598 - https://github.com/morpheuslord/CVE-llm_dataset CVE-1999-5656 - https://github.com/becrevex/Kampai CVE-1999-99999 - https://github.com/MrSeccubus/jekyll-secinfo CVE-2000-0001 - https://github.com/joocer/ytf @@ -570,6 +576,7 @@ CVE-2003-0147 - https://github.com/ARPSyndicate/cvemon CVE-2003-0147 - https://github.com/chnzzh/OpenSSL-CVE-lib CVE-2003-0161 - https://github.com/byte-mug/cumes CVE-2003-0172 - https://github.com/ARPSyndicate/cvemon +CVE-2003-0172 - https://github.com/CVEDB/awesome-cve-repo CVE-2003-0172 - https://github.com/cyberdesu/Remote-Buffer-overflow-CVE-2003-0172 CVE-2003-0190 - https://github.com/0xdea/advisories CVE-2003-0190 - https://github.com/0xdea/exploits @@ -582,6 +589,7 @@ CVE-2003-0201 - https://github.com/AnyMaster/EQGRP CVE-2003-0201 - https://github.com/Badbug6/EQGRP CVE-2003-0201 - https://github.com/CKmaenn/EQGRP CVE-2003-0201 - https://github.com/CVEDB/PoC-List +CVE-2003-0201 - https://github.com/CVEDB/awesome-cve-repo CVE-2003-0201 - https://github.com/CybernetiX-S3C/EQGRP_Linux CVE-2003-0201 - https://github.com/Drift-Security/Shadow_Brokers-Vs-NSA CVE-2003-0201 - https://github.com/IHA114/EQGRP @@ -617,10 +625,12 @@ CVE-2003-0201 - https://github.com/x0rz/EQGRP CVE-2003-0220 - https://github.com/stevek2k/exploits CVE-2003-0222 - https://github.com/ARPSyndicate/cvemon CVE-2003-0222 - https://github.com/CVEDB/PoC-List +CVE-2003-0222 - https://github.com/CVEDB/awesome-cve-repo CVE-2003-0222 - https://github.com/phamthanhsang280477/CVE-2003-0222 CVE-2003-0264 - https://github.com/0x4D5352/rekall-penetration-test CVE-2003-0264 - https://github.com/ARPSyndicate/cvemon CVE-2003-0264 - https://github.com/CVEDB/PoC-List +CVE-2003-0264 - https://github.com/CVEDB/awesome-cve-repo CVE-2003-0264 - https://github.com/SxNade/CVE-2003-0264_EXPLOIT CVE-2003-0264 - https://github.com/adenkiewicz/CVE-2003-0264 CVE-2003-0264 - https://github.com/cytopia/fuzza @@ -634,6 +644,7 @@ CVE-2003-0264 - https://github.com/vrikodar/CVE-2003-0264_EXPLOIT CVE-2003-0264 - https://github.com/war4uthor/CVE-2003-0264 CVE-2003-0282 - https://github.com/ARPSyndicate/cvemon CVE-2003-0282 - https://github.com/CVEDB/PoC-List +CVE-2003-0282 - https://github.com/CVEDB/awesome-cve-repo CVE-2003-0282 - https://github.com/ronomon/zip CVE-2003-0282 - https://github.com/runtimed/cve-2003-0282 CVE-2003-0282 - https://github.com/runtimem/cve-2003-0282 @@ -656,6 +667,7 @@ CVE-2003-0358 - https://github.com/7etsuo/7etsuo CVE-2003-0358 - https://github.com/7etsuo/snowcra5h CVE-2003-0358 - https://github.com/ARPSyndicate/cvemon CVE-2003-0358 - https://github.com/CVEDB/PoC-List +CVE-2003-0358 - https://github.com/CVEDB/awesome-cve-repo CVE-2003-0358 - https://github.com/fengjixuchui/CVE-2003-0358 CVE-2003-0358 - https://github.com/gmh5225/CVE-2003-0358 CVE-2003-0358 - https://github.com/snowcra5h/CVE-2003-0358 @@ -3337,6 +3349,7 @@ CVE-2009-0265 - https://github.com/chnzzh/OpenSSL-CVE-lib CVE-2009-0265 - https://github.com/smabramov/Vulnerabilities-and-attacks-on-information-systems CVE-2009-0265 - https://github.com/zzzWTF/db-13-01 CVE-2009-0275 - https://github.com/gosirys/Exploits +CVE-2009-0347 - https://github.com/CVEDB/awesome-cve-repo CVE-2009-0347 - https://github.com/Cappricio-Securities/CVE-2009-0347 CVE-2009-0416 - https://github.com/lucassbeiler/linux_hardening_arsenal CVE-2009-0423 - https://github.com/gosirys/Exploits @@ -8255,6 +8268,7 @@ CVE-2012-1823 - https://github.com/tardummy01/oscp_scripts-1 CVE-2012-1823 - https://github.com/theGreenJedi/Hacker-Guides CVE-2012-1823 - https://github.com/theykillmeslowly/CVE-2012-1823 CVE-2012-1823 - https://github.com/zhibx/fscan-Intranet +CVE-2012-1823 - https://github.com/zomasec/CVE-2024-4577 CVE-2012-1835 - https://github.com/ARPSyndicate/kenzer-templates CVE-2012-1851 - https://github.com/clearbluejar/cve-markdown-charts CVE-2012-1856 - https://github.com/Ostorlab/KEV @@ -10393,6 +10407,7 @@ CVE-2013-3900 - https://github.com/PastorEmil/Vulnerability_Management CVE-2013-3900 - https://github.com/SaimSA/Vulnerability-Management-with-Nessus CVE-2013-3900 - https://github.com/Securenetology/CVE-2013-3900 CVE-2013-3900 - https://github.com/The-Education-and-Skills-Partnership/WinVerifyTrust-Signature-Mitigation +CVE-2013-3900 - https://github.com/ellikt1/STIG-and-SCAP-Compliance-for-Windows-10-11-VMs CVE-2013-3900 - https://github.com/ellikt1/Vulnerability-Assessment CVE-2013-3900 - https://github.com/florylsk/SignatureGate CVE-2013-3900 - https://github.com/hiba-ahmad1/NessusVulnManagement @@ -12788,6 +12803,7 @@ CVE-2014-3566 - https://github.com/odolezal/D-Link-DIR-655 CVE-2014-3566 - https://github.com/pashicop/3.9_1 CVE-2014-3566 - https://github.com/puppetlabs/puppetlabs-compliance_profile CVE-2014-3566 - https://github.com/r0metheus/poodle-attack +CVE-2014-3566 - https://github.com/r0metheus/poodle-attack-poc CVE-2014-3566 - https://github.com/r3p3r/1N3-MassBleed CVE-2014-3566 - https://github.com/rameezts/poodle_check CVE-2014-3566 - https://github.com/rvaralda/aws_poodle_fix @@ -17783,6 +17799,7 @@ CVE-2015-5254 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet CVE-2015-5254 - https://github.com/lnick2023/nicenice CVE-2015-5254 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2015-5254 - https://github.com/openx-org/BLEN +CVE-2015-5254 - https://github.com/orlayneta/JenkinsTests CVE-2015-5254 - https://github.com/orlayneta/activemq CVE-2015-5254 - https://github.com/password520/RedTeamer CVE-2015-5254 - https://github.com/qazbnm456/awesome-cve-poc @@ -18765,6 +18782,7 @@ CVE-2015-7501 - https://github.com/gallopsec/JBossScan CVE-2015-7501 - https://github.com/gredler/aegis4j CVE-2015-7501 - https://github.com/hellochunqiu/PayloadsAllTheThings CVE-2015-7501 - https://github.com/hktalent/TOP +CVE-2015-7501 - https://github.com/hungslab/awd-tools CVE-2015-7501 - https://github.com/ianxtianxt/CVE-2015-7501 CVE-2015-7501 - https://github.com/just0rg/Security-Interview CVE-2015-7501 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet @@ -21191,6 +21209,7 @@ CVE-2016-10033 - https://github.com/Lu183/phpmail CVE-2016-10033 - https://github.com/MIrfanShahid/PHPMailer CVE-2016-10033 - https://github.com/MarcioPeters/PHP CVE-2016-10033 - https://github.com/MartinDala/Envio-Simples-de-Email-com-PHPMailer- +CVE-2016-10033 - https://github.com/Mona-Mishra/User-Registration-System CVE-2016-10033 - https://github.com/Mugdho55/Air_Ticket_Management_System CVE-2016-10033 - https://github.com/NCSU-DANCE-Research-Group/CDL CVE-2016-10033 - https://github.com/NikhilReddyPuli/thenikhilreddy.github.io @@ -21374,6 +21393,7 @@ CVE-2016-10045 - https://github.com/Lu183/phpmail CVE-2016-10045 - https://github.com/MIrfanShahid/PHPMailer CVE-2016-10045 - https://github.com/MarcioPeters/PHP CVE-2016-10045 - https://github.com/MartinDala/Envio-Simples-de-Email-com-PHPMailer- +CVE-2016-10045 - https://github.com/Mona-Mishra/User-Registration-System CVE-2016-10045 - https://github.com/Mugdho55/Air_Ticket_Management_System CVE-2016-10045 - https://github.com/NikhilReddyPuli/thenikhilreddy.github.io CVE-2016-10045 - https://github.com/PatelMisha/Online-Flight-Booking-Management-System @@ -22195,6 +22215,7 @@ CVE-2016-1247 - https://github.com/RabitW/root CVE-2016-1247 - https://github.com/SexyBeast233/SecBooks CVE-2016-1247 - https://github.com/TCM-Course-Resources/Linux-Privilege-Escalation-Resources CVE-2016-1247 - https://github.com/ZeusBanda/Linux_Priv-Esc_Cheatsheet +CVE-2016-1247 - https://github.com/hungslab/awd-tools CVE-2016-1247 - https://github.com/lukeber4/usn-search CVE-2016-1247 - https://github.com/notnue/Linux-Privilege-Escalation CVE-2016-1247 - https://github.com/superfish9/pt @@ -25817,6 +25838,7 @@ CVE-2016-5080 - https://github.com/ARPSyndicate/cvemon CVE-2016-5091 - https://github.com/ms217/typo3_patches CVE-2016-5095 - https://github.com/IdanBanani/Linux-Kernel-VR-Exploitation CVE-2016-5104 - https://github.com/andir/nixos-issue-db-example +CVE-2016-5118 - https://github.com/SudoIndividual/CVE-2023-34152 CVE-2016-5118 - https://github.com/superfish9/pt CVE-2016-5129 - https://github.com/ARPSyndicate/cvemon CVE-2016-5129 - https://github.com/lnick2023/nicenice @@ -26054,6 +26076,7 @@ CVE-2016-5195 - https://github.com/hafizgemilang/oscp-notes CVE-2016-5195 - https://github.com/hj-hsu/avar2019_frida CVE-2016-5195 - https://github.com/hktalent/TOP CVE-2016-5195 - https://github.com/hktalent/bug-bounty +CVE-2016-5195 - https://github.com/hungslab/awd-tools CVE-2016-5195 - https://github.com/hxlxmjxbbxs/TheDirtyPipeExploit CVE-2016-5195 - https://github.com/hyln9/VIKIROOT CVE-2016-5195 - https://github.com/iakat/stars @@ -28336,6 +28359,7 @@ CVE-2016-8655 - https://github.com/chorankates/Help CVE-2016-8655 - https://github.com/externalist/exploit_playground CVE-2016-8655 - https://github.com/fei9747/linux-exploit-suggester CVE-2016-8655 - https://github.com/go-bi/go-bi-soft +CVE-2016-8655 - https://github.com/hungslab/awd-tools CVE-2016-8655 - https://github.com/jondonas/linux-exploit-suggester-2 CVE-2016-8655 - https://github.com/kdn111/linux-kernel-exploitation CVE-2016-8655 - https://github.com/khanhdn111/linux-kernel-exploitation @@ -31200,6 +31224,7 @@ CVE-2017-1000367 - https://github.com/ferovap/Tools CVE-2017-1000367 - https://github.com/h4x0r-dz/local-root-exploit- CVE-2017-1000367 - https://github.com/hktalent/bug-bounty CVE-2017-1000367 - https://github.com/homjxi0e/CVE-2017-1000367 +CVE-2017-1000367 - https://github.com/hungslab/awd-tools CVE-2017-1000367 - https://github.com/kumardineshwar/linux-kernel-exploits CVE-2017-1000367 - https://github.com/lnick2023/nicenice CVE-2017-1000367 - https://github.com/m0mkris/linux-kernel-exploits @@ -32803,6 +32828,7 @@ CVE-2017-12149 - https://github.com/hktalent/bug-bounty CVE-2017-12149 - https://github.com/hktalent/myhktools CVE-2017-12149 - https://github.com/huike007/penetration_poc CVE-2017-12149 - https://github.com/huike007/poc +CVE-2017-12149 - https://github.com/hungslab/awd-tools CVE-2017-12149 - https://github.com/ianxtianxt/CVE-2015-7501 CVE-2017-12149 - https://github.com/ilmila/J2EEScan CVE-2017-12149 - https://github.com/iqrok/myhktools @@ -35261,6 +35287,7 @@ CVE-2017-16995 - https://github.com/fengjixuchui/RedTeamer CVE-2017-16995 - https://github.com/gugronnier/CVE-2017-16995 CVE-2017-16995 - https://github.com/hktalent/bug-bounty CVE-2017-16995 - https://github.com/holmes-py/King-of-the-hill +CVE-2017-16995 - https://github.com/hungslab/awd-tools CVE-2017-16995 - https://github.com/integeruser/on-pwning CVE-2017-16995 - https://github.com/ivilpez/cve-2017-16995.c CVE-2017-16995 - https://github.com/jackbarbaria/THMskynet @@ -37363,6 +37390,7 @@ CVE-2017-5223 - https://github.com/Lu183/phpmail CVE-2017-5223 - https://github.com/MIrfanShahid/PHPMailer CVE-2017-5223 - https://github.com/MarcioPeters/PHP CVE-2017-5223 - https://github.com/MartinDala/Envio-Simples-de-Email-com-PHPMailer- +CVE-2017-5223 - https://github.com/Mona-Mishra/User-Registration-System CVE-2017-5223 - https://github.com/Mugdho55/Air_Ticket_Management_System CVE-2017-5223 - https://github.com/NikhilReddyPuli/thenikhilreddy.github.io CVE-2017-5223 - https://github.com/PatelMisha/Online-Flight-Booking-Management-System @@ -38710,6 +38738,7 @@ CVE-2017-6074 - https://github.com/fei9747/LinuxEelvation CVE-2017-6074 - https://github.com/ferovap/Tools CVE-2017-6074 - https://github.com/h4x0r-dz/local-root-exploit- CVE-2017-6074 - https://github.com/hktalent/bug-bounty +CVE-2017-6074 - https://github.com/hungslab/awd-tools CVE-2017-6074 - https://github.com/imhunterand/hackerone-publicy-disclosed CVE-2017-6074 - https://github.com/jiayy/android_vuln_poc-exp CVE-2017-6074 - https://github.com/kaosagnt/ansible-everyday @@ -39947,6 +39976,7 @@ CVE-2017-7504 - https://github.com/enomothem/PenTestNote CVE-2017-7504 - https://github.com/fengjixuchui/RedTeamer CVE-2017-7504 - https://github.com/fupinglee/JavaTools CVE-2017-7504 - https://github.com/gallopsec/JBossScan +CVE-2017-7504 - https://github.com/hungslab/awd-tools CVE-2017-7504 - https://github.com/ianxtianxt/CVE-2015-7501 CVE-2017-7504 - https://github.com/joaomatosf/JavaDeserH2HC CVE-2017-7504 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet @@ -40406,6 +40436,7 @@ CVE-2017-7921 - https://github.com/krypton612/hikivision CVE-2017-7921 - https://github.com/lions2012/Penetration_Testing_POC CVE-2017-7921 - https://github.com/p4tq/hikvision_CVE-2017-7921_auth_bypass_config_decryptor CVE-2017-7921 - https://github.com/rmic/hikexpl +CVE-2017-7921 - https://github.com/securitycipher/daily-bugbounty-writeups CVE-2017-7921 - https://github.com/sponkmonk/Ladon_english_update CVE-2017-7921 - https://github.com/wafinfo/DecryptTools CVE-2017-7921 - https://github.com/xuetusummer/Penetration_Testing_POC @@ -44838,9 +44869,13 @@ CVE-2018-11372 - https://github.com/hi-KK/CVE-Hunter CVE-2018-11373 - https://github.com/hi-KK/CVE-Hunter CVE-2018-11386 - https://github.com/cs278/composer-audit CVE-2018-11396 - https://github.com/RootUp/BFuzz +CVE-2018-11397 - https://github.com/DSKPutra/Buggy-ERC20-Tokens +CVE-2018-11397 - https://github.com/SruthiPriya11/audit CVE-2018-11397 - https://github.com/devmania1223/awesome-buggy-erc20-tokens CVE-2018-11397 - https://github.com/mitnickdev/buggy-erc20-standard-token CVE-2018-11397 - https://github.com/sec-bit/awesome-buggy-erc20-tokens +CVE-2018-11398 - https://github.com/DSKPutra/Buggy-ERC20-Tokens +CVE-2018-11398 - https://github.com/SruthiPriya11/audit CVE-2018-11398 - https://github.com/devmania1223/awesome-buggy-erc20-tokens CVE-2018-11398 - https://github.com/mitnickdev/buggy-erc20-standard-token CVE-2018-11398 - https://github.com/sec-bit/awesome-buggy-erc20-tokens @@ -44954,11 +44989,13 @@ CVE-2018-11654 - https://github.com/SadFud/Exploits CVE-2018-11657 - https://github.com/Edward-L/my-cve-list CVE-2018-11670 - https://github.com/anquanquantao/iwantacve CVE-2018-11671 - https://github.com/anquanquantao/iwantacve +CVE-2018-11672 - https://github.com/bacon-tomato-spaghetti/WinAFL-RDP CVE-2018-11672 - https://github.com/chaojianhu/winafl-intelpt CVE-2018-11672 - https://github.com/googleprojectzero/winafl CVE-2018-11672 - https://github.com/hardik05/winafl-powermopt CVE-2018-11672 - https://github.com/pranav0408/WinAFL CVE-2018-11672 - https://github.com/s0i37/winafl_inmemory +CVE-2018-11672 - https://github.com/ssumachai/CS182-Project CVE-2018-1168 - https://github.com/ExpLangcn/FuYao-Go CVE-2018-11681 - https://github.com/SadFud/Exploits CVE-2018-11682 - https://github.com/SadFud/Exploits @@ -45255,15 +45292,23 @@ CVE-2018-11797 - https://github.com/CGCL-codes/PHunter CVE-2018-11798 - https://github.com/ossf-cve-benchmark/CVE-2018-11798 CVE-2018-11805 - https://github.com/Live-Hack-CVE/CVE-2019-19920 CVE-2018-11808 - https://github.com/kactrosN/publicdisclosures +CVE-2018-11809 - https://github.com/DSKPutra/Buggy-ERC20-Tokens +CVE-2018-11809 - https://github.com/SruthiPriya11/audit CVE-2018-11809 - https://github.com/devmania1223/awesome-buggy-erc20-tokens CVE-2018-11809 - https://github.com/mitnickdev/buggy-erc20-standard-token CVE-2018-11809 - https://github.com/sec-bit/awesome-buggy-erc20-tokens +CVE-2018-11810 - https://github.com/DSKPutra/Buggy-ERC20-Tokens +CVE-2018-11810 - https://github.com/SruthiPriya11/audit CVE-2018-11810 - https://github.com/devmania1223/awesome-buggy-erc20-tokens CVE-2018-11810 - https://github.com/mitnickdev/buggy-erc20-standard-token CVE-2018-11810 - https://github.com/sec-bit/awesome-buggy-erc20-tokens +CVE-2018-11811 - https://github.com/DSKPutra/Buggy-ERC20-Tokens +CVE-2018-11811 - https://github.com/SruthiPriya11/audit CVE-2018-11811 - https://github.com/devmania1223/awesome-buggy-erc20-tokens CVE-2018-11811 - https://github.com/mitnickdev/buggy-erc20-standard-token CVE-2018-11811 - https://github.com/sec-bit/awesome-buggy-erc20-tokens +CVE-2018-11812 - https://github.com/DSKPutra/Buggy-ERC20-Tokens +CVE-2018-11812 - https://github.com/SruthiPriya11/audit CVE-2018-11812 - https://github.com/devmania1223/awesome-buggy-erc20-tokens CVE-2018-11812 - https://github.com/mitnickdev/buggy-erc20-standard-token CVE-2018-11812 - https://github.com/sec-bit/awesome-buggy-erc20-tokens @@ -59737,6 +59782,7 @@ CVE-2019-11358 - https://github.com/BaraVictor/CyberCode CVE-2019-11358 - https://github.com/Bargain18/7172-Portfolio CVE-2019-11358 - https://github.com/Bargain18/Power-Play CVE-2019-11358 - https://github.com/Bargain18/Test +CVE-2019-11358 - https://github.com/BaronClaps/20077_Centerstage_Pedro CVE-2019-11358 - https://github.com/BaronClaps/PedroBot CVE-2019-11358 - https://github.com/BaronClaps/TomorrowTeamCode CVE-2019-11358 - https://github.com/Bartimus03/RoboticsCode @@ -60398,6 +60444,7 @@ CVE-2019-11358 - https://github.com/FlapJack20221/ftc-jack-2 CVE-2019-11358 - https://github.com/FlapJack20221/fuzzy-tribble CVE-2019-11358 - https://github.com/Floofyer/FtcRobotController CVE-2019-11358 - https://github.com/FlourishAndBots/PowerPlayReal +CVE-2019-11358 - https://github.com/FluensLuna/Vision CVE-2019-11358 - https://github.com/ForceCEITI/SDK-FTC CVE-2019-11358 - https://github.com/FreehandBlock51/FTCRobot2023 CVE-2019-11358 - https://github.com/FreehandBlock51/XDriveChallenge @@ -60820,6 +60867,7 @@ CVE-2019-11358 - https://github.com/LucyHarrison/FTC2021-girlboss CVE-2019-11358 - https://github.com/LumenChristiRobotics/Techno-Titans-2023 CVE-2019-11358 - https://github.com/Lunerwalker2/FreightFrenzy1002 CVE-2019-11358 - https://github.com/Lunerwalker2/SwerveDriveTesting +CVE-2019-11358 - https://github.com/LuyangC/shooter CVE-2019-11358 - https://github.com/Lydia356/Sensors CVE-2019-11358 - https://github.com/LynixPlayz/FtcRobotController CVE-2019-11358 - https://github.com/Lynx-Robotics/LynxRobotics2020-2021 @@ -60950,6 +60998,7 @@ CVE-2019-11358 - https://github.com/MukilanKarthikeyan/FTC_Freight_Frenzy_NanoGu CVE-2019-11358 - https://github.com/Multiplyster/WOAHBots-2023-2024 CVE-2019-11358 - https://github.com/Murray-Bridge-Bunyips/BunyipsFTC CVE-2019-11358 - https://github.com/MushiTea/21438_CenterStage_REPO +CVE-2019-11358 - https://github.com/MushiTea/OLD_21438_CenterStage_Repo CVE-2019-11358 - https://github.com/Mythical84/Amongusasj-dfji-eajiauoipvoupvwpvtwhuvrhugvvty CVE-2019-11358 - https://github.com/Mythical84/Roboit CVE-2019-11358 - https://github.com/N-3-Robotics/FTC_POWER_PLAY @@ -61237,6 +61286,7 @@ CVE-2019-11358 - https://github.com/RepComm/robotctrlr CVE-2019-11358 - https://github.com/RepublicOfDanube/RODRobotController CVE-2019-11358 - https://github.com/ReverendRhyme/FTCTutorial CVE-2019-11358 - https://github.com/ReversM/ATAA-Robotics +CVE-2019-11358 - https://github.com/RhinyG/BezierSTTPSR CVE-2019-11358 - https://github.com/RickyWang101/FTC10615_CenterstageRC CVE-2019-11358 - https://github.com/RikelmeMartins/FTC-PowePlay CVE-2019-11358 - https://github.com/RikelmeMartins/FTC-PowerPlay @@ -61720,6 +61770,7 @@ CVE-2019-11358 - https://github.com/Viridian-Roboics/Viridian-Robotics-2022-2023 CVE-2019-11358 - https://github.com/Vision1nil/SolversFTC-2022-23-code CVE-2019-11358 - https://github.com/VivenPuthenpurayil/2020UltimateGoal CVE-2019-11358 - https://github.com/VivenPuthenpurayil/UltimateGoalStates +CVE-2019-11358 - https://github.com/Viverino1/DevelopmentCode CVE-2019-11358 - https://github.com/Viverino1/TestFork CVE-2019-11358 - https://github.com/Vlad20405/Cod_Robotica_2021-22 CVE-2019-11358 - https://github.com/VladimirKaznacheiev/2020-FTC-UltimateGoal-6.0 @@ -62705,6 +62756,7 @@ CVE-2019-11358 - https://github.com/kroisssant/bjkbbkbjk CVE-2019-11358 - https://github.com/kronbot/powerplayv2 CVE-2019-11358 - https://github.com/krusche-sensetence/jquery-2.2.4-patched CVE-2019-11358 - https://github.com/kuek64/20077_Centerstage_Pedro +CVE-2019-11358 - https://github.com/kuek64/20077_Centerstage_Pedro_Bot CVE-2019-11358 - https://github.com/kuek64/TheTomorrowTeam CVE-2019-11358 - https://github.com/kuek64/TomorrowTeamMeep CVE-2019-11358 - https://github.com/kunhantsai/FtcRobotController @@ -62903,6 +62955,7 @@ CVE-2019-11358 - https://github.com/petthepotat-dump/FTC-22-23-Refactored CVE-2019-11358 - https://github.com/pgdev1729/FTC-Robot-Controller-Centerstage CVE-2019-11358 - https://github.com/pheitman/FreightFrenzy CVE-2019-11358 - https://github.com/pheitman/FreightFrenzy1 +CVE-2019-11358 - https://github.com/phm-tuyenn/fgcvn-bootcamp-team4 CVE-2019-11358 - https://github.com/pingryrobotics/FTC-2021-Offseason CVE-2019-11358 - https://github.com/pingryrobotics/FTC-6069-2021 CVE-2019-11358 - https://github.com/pingryrobotics/FTC-6069-2021-2022 @@ -62939,6 +62992,7 @@ CVE-2019-11358 - https://github.com/raleighmasjid/ftc-21836-2023 CVE-2019-11358 - https://github.com/ramalhow/ftc-ultimategoal CVE-2019-11358 - https://github.com/raresNagy/Bobitza CVE-2019-11358 - https://github.com/raresNagy/mecanum +CVE-2019-11358 - https://github.com/raspiduino/Bootcamp2024 CVE-2019-11358 - https://github.com/ray710mond/2022-2023_Regis_FTC_code CVE-2019-11358 - https://github.com/rayannm/5467FTCCENTERSTAGE CVE-2019-11358 - https://github.com/raymar8361/Autonomous @@ -63187,6 +63241,7 @@ CVE-2019-11358 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers CVE-2019-11358 - https://github.com/tacotuesrobotics/2021-freight-frenzy CVE-2019-11358 - https://github.com/taigabots/UltimateGoal CVE-2019-11358 - https://github.com/tardis5356/Centerstage +CVE-2019-11358 - https://github.com/tardis5356/Centerstage-Offseason CVE-2019-11358 - https://github.com/tardis5356/FreightFrenzy CVE-2019-11358 - https://github.com/tardis5356/PowerPlay CVE-2019-11358 - https://github.com/tcrfrobotics/FTC_RobotController_TCRF_Titan @@ -65058,6 +65113,7 @@ CVE-2019-1322 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2019-1322 - https://github.com/hktalent/TOP CVE-2019-1322 - https://github.com/huike007/penetration_poc CVE-2019-1322 - https://github.com/huike007/poc +CVE-2019-1322 - https://github.com/hungslab/awd-tools CVE-2019-1322 - https://github.com/jbmihoub/all-poc CVE-2019-1322 - https://github.com/k0imet/CVE-POCs CVE-2019-1322 - https://github.com/lions2012/Penetration_Testing_POC @@ -65945,6 +66001,7 @@ CVE-2019-1405 - https://github.com/hktalent/TOP CVE-2019-1405 - https://github.com/hlldz/dazzleUP CVE-2019-1405 - https://github.com/huike007/penetration_poc CVE-2019-1405 - https://github.com/huike007/poc +CVE-2019-1405 - https://github.com/hungslab/awd-tools CVE-2019-1405 - https://github.com/jbmihoub/all-poc CVE-2019-1405 - https://github.com/k0imet/CVE-POCs CVE-2019-1405 - https://github.com/lawrenceamer/0xsp-Mongoose @@ -67785,6 +67842,8 @@ CVE-2019-1663 - https://github.com/f1tao/awesome-iot-security-resource CVE-2019-1663 - https://github.com/sereok3/buffer-overflow-writeups CVE-2019-1663 - https://github.com/welove88888/Cisco-RV130W CVE-2019-16634 - https://github.com/RoqueNight/Linux-Privilege-Escalation-Basics +CVE-2019-16634 - https://github.com/gurkylee/Linux-Privilege-Escalation-Basics +CVE-2019-16634 - https://github.com/retr0-13/Linux-Privilege-Escalation-Basics CVE-2019-1666 - https://github.com/ExpLangcn/FuYao-Go CVE-2019-1666 - https://github.com/fab1ano/rconfig-cves CVE-2019-16662 - https://github.com/0xT11/CVE-POC @@ -68128,10 +68187,12 @@ CVE-2019-17003 - https://github.com/webexplo1t/BugBounty CVE-2019-17003 - https://github.com/xbl3/Awesome-Bugbounty-Writeups_devanshbatham CVE-2019-17004 - https://github.com/Fa1c0n35/Awesome-Bugbounty-Writeups CVE-2019-17004 - https://github.com/Neelakandan-A/BugBounty_CheatSheet +CVE-2019-17004 - https://github.com/Prabirrimi/Awesome-Bugbounty-Writeups CVE-2019-17004 - https://github.com/Prodrious/writeups CVE-2019-17004 - https://github.com/R3dg0/writeups CVE-2019-17004 - https://github.com/Saidul-M-Khan/Awesome-Bugbounty-Writeups CVE-2019-17004 - https://github.com/SunDance29/for-learning +CVE-2019-17004 - https://github.com/TheBountyBox/Awesome-Writeups CVE-2019-17004 - https://github.com/abuzafarhaqq/bugBounty CVE-2019-17004 - https://github.com/ajino2k/Awesome-Bugbounty-Writeups CVE-2019-17004 - https://github.com/blitz-cmd/Bugbounty-writeups @@ -68140,6 +68201,10 @@ CVE-2019-17004 - https://github.com/bugrider/devanshbatham-repo CVE-2019-17004 - https://github.com/choudharyrajritu1/Bug_Bounty-POC CVE-2019-17004 - https://github.com/devanshbatham/Awesome-Bugbounty-Writeups CVE-2019-17004 - https://github.com/dipesh259/Writeups +CVE-2019-17004 - https://github.com/ducducuc111/Awesome-Bugbounty-Writeups +CVE-2019-17004 - https://github.com/piyushimself/Bugbounty_Writeups +CVE-2019-17004 - https://github.com/sreechws/Bou_Bounty_Writeups +CVE-2019-17004 - https://github.com/webexplo1t/BugBounty CVE-2019-17004 - https://github.com/xbl3/Awesome-Bugbounty-Writeups_devanshbatham CVE-2019-17006 - https://github.com/ARPSyndicate/cvemon CVE-2019-17006 - https://github.com/project-zot/project-zot.github.io @@ -80671,6 +80736,7 @@ CVE-2020-1350 - https://github.com/5l1v3r1/CVE-2020-1350-checker.ps1 CVE-2020-1350 - https://github.com/ARPSyndicate/cvemon CVE-2020-1350 - https://github.com/Ascotbe/Kernelhub CVE-2020-1350 - https://github.com/CVEDB/PoC-List +CVE-2020-1350 - https://github.com/CVEDB/awesome-cve-repo CVE-2020-1350 - https://github.com/CVEmaster/CVE-2020-1350 CVE-2020-1350 - https://github.com/CnHack3r/Penetration_PoC CVE-2020-1350 - https://github.com/Cruxer8Mech/Idk @@ -87011,6 +87077,7 @@ CVE-2020-2551 - https://github.com/hktalent/TOP CVE-2020-2551 - https://github.com/hktalent/bug-bounty CVE-2020-2551 - https://github.com/huike007/penetration_poc CVE-2020-2551 - https://github.com/huike007/poc +CVE-2020-2551 - https://github.com/hungslab/awd-tools CVE-2020-2551 - https://github.com/jared1981/More-Pentest-Tools CVE-2020-2551 - https://github.com/jas502n/CVE-2020-2551 CVE-2020-2551 - https://github.com/jbmihoub/all-poc @@ -87220,6 +87287,7 @@ CVE-2020-2555 - https://github.com/hktalent/TOP CVE-2020-2555 - https://github.com/hktalent/bug-bounty CVE-2020-2555 - https://github.com/huike007/penetration_poc CVE-2020-2555 - https://github.com/huike007/poc +CVE-2020-2555 - https://github.com/hungslab/awd-tools CVE-2020-2555 - https://github.com/iceberg-N/WL_Scan_GO CVE-2020-2555 - https://github.com/jbmihoub/all-poc CVE-2020-2555 - https://github.com/kenyon-wong/JNDIExploit @@ -87512,6 +87580,7 @@ CVE-2020-25705 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-25705 - https://github.com/nanopathi/linux-4.19.72_CVE-2020-25705 CVE-2020-25705 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-25705 - https://github.com/tdwyer/CVE-2020-25705 +CVE-2020-25705 - https://github.com/tnishiox/kernelcare-playground CVE-2020-25706 - https://github.com/Live-Hack-CVE/CVE-2020-25706 CVE-2020-25708 - https://github.com/Live-Hack-CVE/CVE-2020-25708 CVE-2020-25709 - https://github.com/akiraabe/myapp-container-jaxrs @@ -89160,6 +89229,7 @@ CVE-2020-2883 - https://github.com/hktalent/TOP CVE-2020-2883 - https://github.com/hktalent/bug-bounty CVE-2020-2883 - https://github.com/huike007/penetration_poc CVE-2020-2883 - https://github.com/huike007/poc +CVE-2020-2883 - https://github.com/hungslab/awd-tools CVE-2020-2883 - https://github.com/iceberg-N/WL_Scan_GO CVE-2020-2883 - https://github.com/jbmihoub/all-poc CVE-2020-2883 - https://github.com/kenyon-wong/JNDIExploit @@ -97326,6 +97396,7 @@ CVE-2021-20038 - https://github.com/ARPSyndicate/cvemon CVE-2021-20038 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-20038 - https://github.com/AdamCrosser/awesome-vuln-writeups CVE-2021-20038 - https://github.com/CVEDB/PoC-List +CVE-2021-20038 - https://github.com/CVEDB/awesome-cve-repo CVE-2021-20038 - https://github.com/ExploitPwner/CVE-2021-20038-Mass-RCE-SonicWall CVE-2021-20038 - https://github.com/NaInSec/CVE-PoC-in-GitHub CVE-2021-20038 - https://github.com/Ostorlab/KEV @@ -101751,6 +101822,7 @@ CVE-2021-26084 - https://github.com/Amar224/Pentest-Tools CVE-2021-26084 - https://github.com/AnonymouID/POC CVE-2021-26084 - https://github.com/ArrestX/--POC CVE-2021-26084 - https://github.com/Awrrays/FrameVul +CVE-2021-26084 - https://github.com/BBD-YZZ/Confluence-RCE CVE-2021-26084 - https://github.com/BLACKHAT-SSG/MindMaps2 CVE-2021-26084 - https://github.com/BeRserKerSec/CVE-2021-26084-Nuclei-template CVE-2021-26084 - https://github.com/CLincat/vulcat @@ -111452,6 +111524,7 @@ CVE-2021-4034 - https://github.com/hktalent/bug-bounty CVE-2021-4034 - https://github.com/hohn/codeql-sample-polkit CVE-2021-4034 - https://github.com/hugefiver/mystars CVE-2021-4034 - https://github.com/hugs42/infosec +CVE-2021-4034 - https://github.com/hungslab/awd-tools CVE-2021-4034 - https://github.com/hxysaury/saury-vulnhub CVE-2021-4034 - https://github.com/iandrade87br/OSCP CVE-2021-4034 - https://github.com/insurrectus/cyber-security-university @@ -120180,6 +120253,7 @@ CVE-2022-0847 - https://github.com/theo-goetzinger/TP_be_root CVE-2022-0847 - https://github.com/thesakibrahman/THM-Free-Room CVE-2022-0847 - https://github.com/tiann/DirtyPipeRoot CVE-2022-0847 - https://github.com/tmoneypenny/CVE-2022-0847 +CVE-2022-0847 - https://github.com/tnishiox/kernelcare-playground CVE-2022-0847 - https://github.com/trhacknon/CVE-2022-0847-DirtyPipe-Exploit CVE-2022-0847 - https://github.com/trhacknon/Pocingit CVE-2022-0847 - https://github.com/trhacknon/dirtypipez-exploit @@ -120192,6 +120266,7 @@ CVE-2022-0847 - https://github.com/ukmihiran/Rubber_Ducky_Payloads CVE-2022-0847 - https://github.com/veritas501/pipe-primitive CVE-2022-0847 - https://github.com/versatilexec/CVE_2022_0847 CVE-2022-0847 - https://github.com/vknc/vknc.github.io +CVE-2022-0847 - https://github.com/wechicken456/Linux-kernel CVE-2022-0847 - https://github.com/weeka10/-hktalent-TOP CVE-2022-0847 - https://github.com/whoami-chmod777/Hacking-Articles-Linux-Privilege-Escalation- CVE-2022-0847 - https://github.com/whoforget/CVE-POC @@ -120481,6 +120556,7 @@ CVE-2022-1015 - https://github.com/pr0ln/bob_kern_exp1 CVE-2022-1015 - https://github.com/shuttterman/bob_kern_exp1 CVE-2022-1015 - https://github.com/ssr-111/linux-kernel-exploitation CVE-2022-1015 - https://github.com/trhacknon/Pocingit +CVE-2022-1015 - https://github.com/wechicken456/Linux-kernel CVE-2022-1015 - https://github.com/whoforget/CVE-POC CVE-2022-1015 - https://github.com/wlswotmd/CVE-2022-1015 CVE-2022-1015 - https://github.com/xairy/linux-kernel-exploitation @@ -120501,6 +120577,7 @@ CVE-2022-1016 - https://github.com/khanhnd123/linux-kernel-exploitation CVE-2022-1016 - https://github.com/knd06/linux-kernel-exploitation CVE-2022-1016 - https://github.com/ndk191/linux-kernel-exploitation CVE-2022-1016 - https://github.com/ssr-111/linux-kernel-exploitation +CVE-2022-1016 - https://github.com/wechicken456/Linux-kernel CVE-2022-1016 - https://github.com/xairy/linux-kernel-exploitation CVE-2022-1016 - https://github.com/yaobinwen/robin_on_rails CVE-2022-1016 - https://github.com/zanezhub/CVE-2022-1015-1016 @@ -126582,6 +126659,7 @@ CVE-2022-24521 - https://github.com/AabyssZG/AWD-Guide CVE-2022-24521 - https://github.com/Ostorlab/KEV CVE-2022-24521 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors CVE-2022-24521 - https://github.com/fr4nkxixi/CVE-2022-24481-POC +CVE-2022-24521 - https://github.com/hungslab/awd-tools CVE-2022-24521 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2022-24521 - https://github.com/robotMD5/CVE-2022-24481-POC CVE-2022-24527 - https://github.com/ARPSyndicate/cvemon @@ -128208,6 +128286,7 @@ CVE-2022-2602 - https://github.com/ndk191/linux-kernel-exploitation CVE-2022-2602 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2022-2602 - https://github.com/ssr-111/linux-kernel-exploitation CVE-2022-2602 - https://github.com/th3-5had0w/CVE-2022-2602-Study +CVE-2022-2602 - https://github.com/wechicken456/Linux-kernel CVE-2022-2602 - https://github.com/whoforget/CVE-POC CVE-2022-2602 - https://github.com/xairy/linux-kernel-exploitation CVE-2022-2602 - https://github.com/youwizard/CVE-POC @@ -128280,6 +128359,7 @@ CVE-2022-26134 - https://github.com/ARPSyndicate/cvemon CVE-2022-26134 - https://github.com/ARPSyndicate/kenzer-templates CVE-2022-26134 - https://github.com/AmoloHT/CVE-2022-26134 CVE-2022-26134 - https://github.com/Awrrays/FrameVul +CVE-2022-26134 - https://github.com/BBD-YZZ/Confluence-RCE CVE-2022-26134 - https://github.com/BeichenDream/CVE-2022-26134-Godzilla-MEMSHELL CVE-2022-26134 - https://github.com/Brucetg/CVE-2022-26134 CVE-2022-26134 - https://github.com/CJ-0107/cve-2022-26134 @@ -134632,6 +134712,7 @@ CVE-2022-34918 - https://github.com/khanhhdz06/linux-kernel-exploitation CVE-2022-34918 - https://github.com/khanhnd123/linux-kernel-exploitation CVE-2022-34918 - https://github.com/klemakle/audit-pentest-BOX CVE-2022-34918 - https://github.com/knd06/linux-kernel-exploitation +CVE-2022-34918 - https://github.com/lanleft/CVE-2023-1829 CVE-2022-34918 - https://github.com/lanleft/CVE2023-1829 CVE-2022-34918 - https://github.com/linulinu/CVE-2022-34918 CVE-2022-34918 - https://github.com/lions2012/Penetration_Testing_POC @@ -136592,6 +136673,7 @@ CVE-2022-38694 - https://github.com/HikariCalyx/hmd-nokia-codename CVE-2022-38694 - https://github.com/KDXF-BOOM/studentpad-research CVE-2022-38694 - https://github.com/TomKing062/CVE-2022-38694_unlock_bootloader CVE-2022-38694 - https://github.com/c1rcle-xy/https-github.com-KDXF-BOOM-studentpad-research +CVE-2022-38694 - https://github.com/melontini/bootloader-unlock-wall-of-shame CVE-2022-38694 - https://github.com/sdgasdgahj/studentpad-research CVE-2022-38697 - https://github.com/ARPSyndicate/cvemon CVE-2022-38697 - https://github.com/pokerfacett/MY_CVE_CREDIT @@ -136936,6 +137018,7 @@ CVE-2022-39225 - https://github.com/ARPSyndicate/cvemon CVE-2022-39227 - https://github.com/ARPSyndicate/cvemon CVE-2022-39227 - https://github.com/NoSpaceAvailable/CVE-2022-39227 CVE-2022-39227 - https://github.com/davedoesdev/python-jwt +CVE-2022-39227 - https://github.com/hackthebox/cyber-apocalypse-2024 CVE-2022-39227 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2022-39227 - https://github.com/user0x1337/CVE-2022-39227 CVE-2022-39236 - https://github.com/karimhabush/cyberowl @@ -140529,6 +140612,7 @@ CVE-2023-0179 - https://github.com/manas3c/CVE-POC CVE-2023-0179 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-0179 - https://github.com/taielab/awesome-hacking-lists CVE-2023-0179 - https://github.com/tanjiti/sec_profile +CVE-2023-0179 - https://github.com/wechicken456/Linux-kernel CVE-2023-0179 - https://github.com/whoforget/CVE-POC CVE-2023-0179 - https://github.com/xairy/linux-kernel-exploitation CVE-2023-0179 - https://github.com/youwizard/CVE-POC @@ -140661,6 +140745,7 @@ CVE-2023-0386 - https://github.com/churamanib/CVE-2023-0386 CVE-2023-0386 - https://github.com/djytmdj/Tool_Summary CVE-2023-0386 - https://github.com/hktalent/TOP CVE-2023-0386 - https://github.com/hshivhare67/kernel_v4.19.72_CVE-2023-0386 +CVE-2023-0386 - https://github.com/hungslab/awd-tools CVE-2023-0386 - https://github.com/izj007/wechat CVE-2023-0386 - https://github.com/johe123qwe/github-trending CVE-2023-0386 - https://github.com/letsr00t/CVE-2023-0386 @@ -141038,6 +141123,7 @@ CVE-2023-1234 - https://github.com/RIZZZIOM/nemesis CVE-2023-1234 - https://github.com/espressif/esp-idf-sbom CVE-2023-1234 - https://github.com/srand2/Variantanalysis CVE-2023-1234 - https://github.com/synfinner/KEVin +CVE-2023-12345 - https://github.com/FreeFelix/CompTIA-security-601-project CVE-2023-12345 - https://github.com/Sgyamf/basics-guide CVE-2023-12345 - https://github.com/directcyber/playbook CVE-2023-12345 - https://github.com/openvex/go-vex @@ -141078,6 +141164,7 @@ CVE-2023-1326 - https://github.com/ARPSyndicate/cvemon CVE-2023-1326 - https://github.com/Archan6el/Devvortex-Writeup CVE-2023-1326 - https://github.com/Archan6el/Devvortex-Writeup-HackTheBox CVE-2023-1326 - https://github.com/Pol-Ruiz/CVE-2023-1326 +CVE-2023-1326 - https://github.com/c0d3cr4f73r/CVE-2023-1326 CVE-2023-1326 - https://github.com/diego-tella/CVE-2023-1326-PoC CVE-2023-1326 - https://github.com/jbiniek/cyberpoligon23 CVE-2023-1326 - https://github.com/nomi-sec/PoC-in-GitHub @@ -141327,6 +141414,7 @@ CVE-2023-1822 - https://github.com/ARPSyndicate/cvemon CVE-2023-1829 - https://github.com/EGI-Federation/SVG-advisories CVE-2023-1829 - https://github.com/N1ghtu/RWCTF6th-RIPTC CVE-2023-1829 - https://github.com/Threekiii/CVE +CVE-2023-1829 - https://github.com/lanleft/CVE-2023-1829 CVE-2023-1829 - https://github.com/lanleft/CVE2023-1829 CVE-2023-1829 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-1829 - https://github.com/star-sg/CVE @@ -141373,6 +141461,7 @@ CVE-2023-20032 - https://github.com/karimhabush/cyberowl CVE-2023-20032 - https://github.com/marekbeckmann/Clamav-Installation-Script CVE-2023-20043 - https://github.com/Live-Hack-CVE/CVE-2023-20043 CVE-2023-20048 - https://github.com/0zer0d4y/FuegoTest +CVE-2023-20048 - https://github.com/absholi7ly/Cisco-Firepower-Management-Center-Exploit CVE-2023-20048 - https://github.com/absholi7ly/absholi7ly CVE-2023-20048 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-20052 - https://github.com/ARPSyndicate/cvemon @@ -141390,6 +141479,7 @@ CVE-2023-20073 - https://github.com/CVEDB/awesome-cve-repo CVE-2023-20073 - https://github.com/RegularITCat/CVE-2023-20073 CVE-2023-20073 - https://github.com/codeb0ss/CVE-2023-20073- CVE-2023-20073 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2023-20073 - https://github.com/winmt/winmt CVE-2023-2008 - https://github.com/CVEDB/awesome-cve-repo CVE-2023-2008 - https://github.com/IdanBanani/Linux-Kernel-VR-Exploitation CVE-2023-2008 - https://github.com/Mr-xn/Penetration_Testing_POC @@ -141408,11 +141498,14 @@ CVE-2023-20110 - https://github.com/abrahim7112/Vulnerability-checking-program-f CVE-2023-20110 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-20110 - https://github.com/redfr0g/CVE-2023-20110 CVE-2023-20115 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2023-20117 - https://github.com/winmt/winmt +CVE-2023-20118 - https://github.com/winmt/winmt CVE-2023-20119 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-20124 - https://github.com/ARPSyndicate/cvemon CVE-2023-20124 - https://github.com/fxc233/iot-vul CVE-2023-20126 - https://github.com/fullspectrumdev/RancidCrisco CVE-2023-20126 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2023-20128 - https://github.com/winmt/winmt CVE-2023-20133 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-20159 - https://github.com/netlas-io/netlas-dorks CVE-2023-20178 - https://github.com/DarkFunct/CVE_Exploits @@ -142170,6 +142263,7 @@ CVE-2023-21768 - https://github.com/revanmalang/OSCP CVE-2023-21768 - https://github.com/taielab/awesome-hacking-lists CVE-2023-21768 - https://github.com/timeisflowing/recon2023-resources CVE-2023-21768 - https://github.com/txuswashere/OSCP +CVE-2023-21768 - https://github.com/xboxoneresearch/CVE-2023-21768-dotnet CVE-2023-21768 - https://github.com/xhref/OSCP CVE-2023-21768 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2023-21768 - https://github.com/zoemurmure/CVE-2023-21768-AFD-for-WinSock-EoP-exploit @@ -142457,10 +142551,12 @@ CVE-2023-22515 - https://github.com/j3seer/CVE-2023-22515-POC CVE-2023-22515 - https://github.com/joaoviictorti/CVE-2023-22515 CVE-2023-22515 - https://github.com/kh4sh3i/CVE-2023-22515 CVE-2023-22515 - https://github.com/mayur-esh/vuln-liners +CVE-2023-22515 - https://github.com/mumble99/rvision_task CVE-2023-22515 - https://github.com/netlas-io/netlas-dorks CVE-2023-22515 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-22515 - https://github.com/rxerium/CVE-2023-22515 CVE-2023-22515 - https://github.com/rxerium/stars +CVE-2023-22515 - https://github.com/s1d6point7bugcrowd/CVE-2023-22515-check CVE-2023-22515 - https://github.com/securitycipher/daily-bugbounty-writeups CVE-2023-22515 - https://github.com/seyrenus/release_notification CVE-2023-22515 - https://github.com/sincere9/CVE-2023-22515 @@ -142501,6 +142597,7 @@ CVE-2023-22524 - https://github.com/ron-imperva/CVE-2023-22524 CVE-2023-22527 - https://github.com/20142995/pocsuite3 CVE-2023-22527 - https://github.com/20142995/sectool CVE-2023-22527 - https://github.com/Avento/CVE-2023-22527_Confluence_RCE +CVE-2023-22527 - https://github.com/BBD-YZZ/Confluence-RCE CVE-2023-22527 - https://github.com/Boogipop/CVE-2023-22527-Godzilla-MEMSHELL CVE-2023-22527 - https://github.com/C1ph3rX13/CVE-2023-22527 CVE-2023-22527 - https://github.com/Chocapikk/CVE-2023-22527 @@ -142608,6 +142705,7 @@ CVE-2023-22681 - https://github.com/karimhabush/cyberowl CVE-2023-22702 - https://github.com/fardeen-ahmed/Bug-bounty-Writeups CVE-2023-22725 - https://github.com/Contrast-Security-OSS/Burptrast CVE-2023-22725 - https://github.com/demomm/burptrast +CVE-2023-22726 - https://github.com/ProxyPog/POC-CVE-2023-22726 CVE-2023-22726 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-22741 - https://github.com/ARPSyndicate/cvemon CVE-2023-22741 - https://github.com/Live-Hack-CVE/CVE-2023-22741 @@ -143017,6 +143115,7 @@ CVE-2023-23618 - https://github.com/9069332997/session-1-full-stack CVE-2023-23618 - https://github.com/ARPSyndicate/cvemon CVE-2023-23618 - https://github.com/KK-Designs/UpdateHub CVE-2023-23618 - https://github.com/ycdxsb/ycdxsb +CVE-2023-23638 - https://github.com/3yujw7njai/CVE-2023-23638-Tools CVE-2023-23638 - https://github.com/ARPSyndicate/cvemon CVE-2023-23638 - https://github.com/Armandhe-China/ApacheDubboSerialVuln CVE-2023-23638 - https://github.com/Awrrays/FrameVul @@ -143059,6 +143158,7 @@ CVE-2023-23752 - https://github.com/0xNahim/CVE-2023-23752 CVE-2023-23752 - https://github.com/0xWhoami35/CVE-2023-23752 CVE-2023-23752 - https://github.com/0xWhoami35/Devvorte-Writeup CVE-2023-23752 - https://github.com/0xsyr0/OSCP +CVE-2023-23752 - https://github.com/0xx01/CVE-2023-23752 CVE-2023-23752 - https://github.com/20142995/Goby CVE-2023-23752 - https://github.com/20142995/pocsuite3 CVE-2023-23752 - https://github.com/ARPSyndicate/cvemon @@ -143141,6 +143241,7 @@ CVE-2023-23752 - https://github.com/luck-ying/Goby2.0-POC CVE-2023-23752 - https://github.com/luck-ying/Library-POC CVE-2023-23752 - https://github.com/malionnn/-Joomla-v4.2.8---Divulgation-d-informations-non-authentifi-es CVE-2023-23752 - https://github.com/mariovata/CVE-2023-23752-Python +CVE-2023-23752 - https://github.com/mil4ne/CVE-2023-23752-Joomla-v4.2.8 CVE-2023-23752 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-23752 - https://github.com/nu0y4/HScan CVE-2023-23752 - https://github.com/r3dston3/CVE-2023-23752 @@ -143314,7 +143415,9 @@ CVE-2023-24160 - https://github.com/ARPSyndicate/cvemon CVE-2023-24160 - https://github.com/iceyjchen/VulnerabilityProjectRecords CVE-2023-24161 - https://github.com/ARPSyndicate/cvemon CVE-2023-24161 - https://github.com/iceyjchen/VulnerabilityProjectRecords +CVE-2023-24203 - https://github.com/momo1239/CVE-2023-24203-and-CVE-2023-24204 CVE-2023-24203 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2023-24204 - https://github.com/momo1239/CVE-2023-24203-and-CVE-2023-24204 CVE-2023-24204 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-24217 - https://github.com/ARPSyndicate/cvemon CVE-2023-24217 - https://github.com/karimhabush/cyberowl @@ -143674,6 +143777,8 @@ CVE-2023-25347 - https://github.com/ARPSyndicate/cvemon CVE-2023-25348 - https://github.com/10splayaSec/CVE-Disclosures CVE-2023-25348 - https://github.com/ARPSyndicate/cvemon CVE-2023-25355 - https://github.com/ARPSyndicate/cvemon +CVE-2023-25355 - https://github.com/AlexLinov/sipXcom-RCE +CVE-2023-25356 - https://github.com/AlexLinov/sipXcom-RCE CVE-2023-25365 - https://github.com/tanjiti/sec_profile CVE-2023-25366 - https://github.com/BretMcDanel/CVE CVE-2023-25367 - https://github.com/BretMcDanel/CVE @@ -143911,6 +144016,7 @@ CVE-2023-26137 - https://github.com/dellalibera/dellalibera CVE-2023-26138 - https://github.com/dellalibera/dellalibera CVE-2023-26142 - https://github.com/dellalibera/dellalibera CVE-2023-26144 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2023-26144 - https://github.com/tadhglewis/apollo-koa-minimal CVE-2023-26144 - https://github.com/tadhglewis/tadhglewis CVE-2023-26146 - https://github.com/dellalibera/dellalibera CVE-2023-26146 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -143980,6 +144086,7 @@ CVE-2023-26269 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-26309 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-2631 - https://github.com/jenkinsci/codedx-plugin CVE-2023-26311 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2023-26315 - https://github.com/winmt/winmt CVE-2023-26317 - https://github.com/H4lo/awesome-IoT-security-article CVE-2023-26318 - https://github.com/H4lo/awesome-IoT-security-article CVE-2023-26319 - https://github.com/H4lo/awesome-IoT-security-article @@ -143996,6 +144103,7 @@ CVE-2023-2635 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-26359 - https://github.com/ARPSyndicate/cvemon CVE-2023-26359 - https://github.com/Ostorlab/KEV CVE-2023-26359 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +CVE-2023-26359 - https://github.com/jakabakos/CVE-2023-26360-adobe-coldfusion-rce-exploit CVE-2023-26359 - https://github.com/netlas-io/netlas-cookbook CVE-2023-26359 - https://github.com/netlas-io/netlas-dorks CVE-2023-2636 - https://github.com/lukinneberg/CVE-2023-2636 @@ -144006,9 +144114,11 @@ CVE-2023-26360 - https://github.com/Threekiii/Awesome-POC CVE-2023-26360 - https://github.com/Threekiii/Vulhub-Reproduce CVE-2023-26360 - https://github.com/getdrive/PoC CVE-2023-26360 - https://github.com/iluaster/getdrive_PoC +CVE-2023-26360 - https://github.com/jakabakos/CVE-2023-26360-adobe-coldfusion-rce-exploit CVE-2023-26360 - https://github.com/karimhabush/cyberowl CVE-2023-26360 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-26360 - https://github.com/yosef0x01/CVE-2023-26360 +CVE-2023-26361 - https://github.com/jakabakos/CVE-2023-26360-adobe-coldfusion-rce-exploit CVE-2023-26369 - https://github.com/Ostorlab/KEV CVE-2023-26369 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors CVE-2023-26369 - https://github.com/Threekiii/CVE @@ -144018,6 +144128,7 @@ CVE-2023-26396 - https://github.com/kohnakagawa/kohnakagawa CVE-2023-2640 - https://github.com/0xWhoami35/root-kernel CVE-2023-2640 - https://github.com/0xsyr0/OSCP CVE-2023-2640 - https://github.com/Ev3rPalestine/Analytics-HTB-Walkthrough +CVE-2023-2640 - https://github.com/K5LK/CVE-2023-2640-32629 CVE-2023-2640 - https://github.com/Kiosec/Linux-Exploitation CVE-2023-2640 - https://github.com/Nkipohcs/CVE-2023-2640-CVE-2023-32629 CVE-2023-2640 - https://github.com/OllaPapito/gameoverlay @@ -144108,6 +144219,7 @@ CVE-2023-26604 - https://github.com/FerdiGul/KOUF5 CVE-2023-26604 - https://github.com/Pol-Ruiz/CVE-2023-1326 CVE-2023-26604 - https://github.com/Wetrel/HackTheBox_Sau CVE-2023-26604 - https://github.com/Zenmovie/CVE-2023-26604 +CVE-2023-26604 - https://github.com/c0d3cr4f73r/CVE-2023-1326 CVE-2023-26604 - https://github.com/denis-jdsouza/wazuh-vulnerability-report-maker CVE-2023-26604 - https://github.com/diego-tella/CVE-2023-1326-PoC CVE-2023-26604 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -144442,6 +144554,8 @@ CVE-2023-27524 - https://github.com/gobysec/Research CVE-2023-27524 - https://github.com/hktalent/TOP CVE-2023-27524 - https://github.com/horizon3ai/CVE-2023-27524 CVE-2023-27524 - https://github.com/jakabakos/CVE-2023-27524-Apache-Superset-Auth-Bypass-and-RCE +CVE-2023-27524 - https://github.com/karthi-the-hacker/CVE-2023-27524 +CVE-2023-27524 - https://github.com/kovatechy/Cappricio CVE-2023-27524 - https://github.com/lions2012/Penetration_Testing_POC CVE-2023-27524 - https://github.com/machevalia/ButProxied CVE-2023-27524 - https://github.com/necroteddy/CVE-2023-27524 @@ -145140,8 +145254,10 @@ CVE-2023-29012 - https://github.com/9069332997/session-1-full-stack CVE-2023-29012 - https://github.com/ARPSyndicate/cvemon CVE-2023-29012 - https://github.com/ycdxsb/ycdxsb CVE-2023-29017 - https://github.com/ARPSyndicate/cvemon +CVE-2023-29017 - https://github.com/Aduda-Shem/Semgrep_Rules CVE-2023-29017 - https://github.com/Kaneki-hash/CVE-2023-29017-reverse-shell CVE-2023-29017 - https://github.com/Threekiii/CVE +CVE-2023-29017 - https://github.com/jakabakos/vm2-sandbox-escape-exploits CVE-2023-29017 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-29017 - https://github.com/passwa11/CVE-2023-29017-reverse-shell CVE-2023-29017 - https://github.com/seal-community/patches @@ -145178,6 +145294,7 @@ CVE-2023-29197 - https://github.com/deliciousbrains/wp-offload-ses-lite CVE-2023-29197 - https://github.com/elifesciences/github-repo-security-alerts CVE-2023-29197 - https://github.com/karimhabush/cyberowl CVE-2023-29199 - https://github.com/3mpir3Albert/HTB_Codify +CVE-2023-29199 - https://github.com/jakabakos/vm2-sandbox-escape-exploits CVE-2023-29199 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-29199 - https://github.com/u-crew/vm2-test CVE-2023-29206 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -145332,7 +145449,9 @@ CVE-2023-29489 - https://github.com/haxor1337x/Scanner-CVE-2023-29489 CVE-2023-29489 - https://github.com/htrgouvea/spellbook CVE-2023-29489 - https://github.com/ipk1/CVE-2023-29489.py CVE-2023-29489 - https://github.com/jaiguptanick/100daysofcyber +CVE-2023-29489 - https://github.com/kovatechy/Cappricio CVE-2023-29489 - https://github.com/learnerboy88/CVE-2023-29489 +CVE-2023-29489 - https://github.com/md-thalal/CVE-2023-29489 CVE-2023-29489 - https://github.com/mdaseem03/cpanel_xss_2023 CVE-2023-29489 - https://github.com/mr-sami-x/XSS_1915 CVE-2023-29489 - https://github.com/nomi-sec/PoC-in-GitHub @@ -145343,6 +145462,7 @@ CVE-2023-29489 - https://github.com/thecybertix/One-Liner-Collections CVE-2023-29489 - https://github.com/tucommenceapousser/CVE-2023-29489 CVE-2023-29489 - https://github.com/tucommenceapousser/CVE-2023-29489.py CVE-2023-29489 - https://github.com/tucommenceapousser/Oneliner-Bugbounty2 +CVE-2023-29489 - https://github.com/tucommenceapousser/XSS_1312 CVE-2023-29489 - https://github.com/tucommenceapousser/XSS_1915 CVE-2023-29489 - https://github.com/whalebone7/EagleEye CVE-2023-29489 - https://github.com/xKore123/cPanel-CVE-2023-29489 @@ -145522,6 +145642,9 @@ CVE-2023-30212 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-30226 - https://github.com/ifyGecko/CVE-2023-30226 CVE-2023-30226 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-3024 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2023-30253 - https://github.com/04Shivam/CVE-2023-30253-Exploit +CVE-2023-30253 - https://github.com/Rubikcuv5/cve-2023-30253 +CVE-2023-30253 - https://github.com/nikn0laty/Exploit-for-Dolibarr-17.0.0-CVE-2023-30253 CVE-2023-30253 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-30256 - https://github.com/ahrixia/CVE-2023-30256 CVE-2023-30256 - https://github.com/ahrixia/ahrixia @@ -145581,6 +145704,7 @@ CVE-2023-30545 - https://github.com/drkbcn/lblfixer_cve_2023_30839 CVE-2023-30547 - https://github.com/Af7eR9l0W/HTB-Codify CVE-2023-30547 - https://github.com/Cur1iosity/CVE-2023-30547 CVE-2023-30547 - https://github.com/Maladra/Write-Up-Codify +CVE-2023-30547 - https://github.com/jakabakos/vm2-sandbox-escape-exploits CVE-2023-30547 - https://github.com/karimhabush/cyberowl CVE-2023-30547 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-30547 - https://github.com/rvizx/CVE-2023-30547 @@ -146060,8 +146184,10 @@ CVE-2023-32308 - https://github.com/indevi0us/indevi0us CVE-2023-32309 - https://github.com/MaxymVlasov/renovate-vuln-alerts CVE-2023-32309 - https://github.com/k3vg3n/MDN CVE-2023-32309 - https://github.com/renovate-reproductions/22747 +CVE-2023-32313 - https://github.com/jakabakos/vm2-sandbox-escape-exploits CVE-2023-32314 - https://github.com/AdarkSt/Honeypot_Smart_Infrastructure CVE-2023-32314 - https://github.com/giovanni-iannaccone/vm2_3.9.17 +CVE-2023-32314 - https://github.com/jakabakos/vm2-sandbox-escape-exploits CVE-2023-32314 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-32315 - https://github.com/0x783kb/Security-operation-book CVE-2023-32315 - https://github.com/20142995/pocsuite3 @@ -146222,6 +146348,7 @@ CVE-2023-32623 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-32629 - https://github.com/0xWhoami35/root-kernel CVE-2023-32629 - https://github.com/0xsyr0/OSCP CVE-2023-32629 - https://github.com/Ev3rPalestine/Analytics-HTB-Walkthrough +CVE-2023-32629 - https://github.com/K5LK/CVE-2023-2640-32629 CVE-2023-32629 - https://github.com/Kiosec/Linux-Exploitation CVE-2023-32629 - https://github.com/Nkipohcs/CVE-2023-2640-CVE-2023-32629 CVE-2023-32629 - https://github.com/OllaPapito/gameoverlay @@ -146299,6 +146426,7 @@ CVE-2023-32725 - https://github.com/tanjiti/sec_profile CVE-2023-32740 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-32740 - https://github.com/hackintoanetwork/hackintoanetwork CVE-2023-32749 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2023-32749 - https://github.com/xcr-19/CVE-2023-32749 CVE-2023-3275 - https://github.com/scumdestroy/100-RedTeam-Projects CVE-2023-32755 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-3277 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -146393,6 +146521,7 @@ CVE-2023-33009 - https://github.com/Ostorlab/KEV CVE-2023-33009 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors CVE-2023-33010 - https://github.com/Ostorlab/KEV CVE-2023-33010 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +CVE-2023-33013 - https://github.com/winmt/winmt CVE-2023-33023 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-33029 - https://github.com/Moonshieldgru/Moonshieldgru CVE-2023-33034 - https://github.com/Moonshieldgru/Moonshieldgru @@ -146478,6 +146607,7 @@ CVE-2023-33243 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-33246 - https://github.com/0day404/vulnerability-poc CVE-2023-33246 - https://github.com/0xKayala/CVE-2023-33246 CVE-2023-33246 - https://github.com/20142995/sectool +CVE-2023-33246 - https://github.com/3yujw7njai/CVE-2023-33246 CVE-2023-33246 - https://github.com/ARPSyndicate/cvemon CVE-2023-33246 - https://github.com/CKevens/CVE-2023-33246 CVE-2023-33246 - https://github.com/CVEDB/awesome-cve-repo @@ -146666,6 +146796,7 @@ CVE-2023-33731 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-33731 - https://github.com/sahiloj/CVE-2023-33731 CVE-2023-33732 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-33732 - https://github.com/sahiloj/CVE-2023-33732 +CVE-2023-33733 - https://github.com/L41KAA/CVE-2023-33733-Exploit-PoC CVE-2023-33733 - https://github.com/buiduchoang24/CVE-2023-33733 CVE-2023-33733 - https://github.com/c53elyas/CVE-2023-33733 CVE-2023-33733 - https://github.com/nomi-sec/PoC-in-GitHub @@ -146703,6 +146834,7 @@ CVE-2023-33802 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-33817 - https://github.com/ARPSyndicate/cvemon CVE-2023-33817 - https://github.com/leekenghwa/CVE-2023-33817---SQL-Injection-found-in-HotelDruid-3.0.5 CVE-2023-33817 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2023-33829 - https://github.com/3yujw7njai/CVE-2023-33829-POC CVE-2023-33829 - https://github.com/CKevens/CVE-2023-33829-POC CVE-2023-33829 - https://github.com/n3gox/CVE-2023-33829 CVE-2023-33829 - https://github.com/nomi-sec/PoC-in-GitHub @@ -146875,6 +147007,7 @@ CVE-2023-34124 - https://github.com/getdrive/PoC CVE-2023-3413 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-34149 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-34151 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2023-34152 - https://github.com/SudoIndividual/CVE-2023-34152 CVE-2023-34152 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-34152 - https://github.com/overgrowncarrot1/ImageTragick_CVE-2023-34152 CVE-2023-34164 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -147059,6 +147192,7 @@ CVE-2023-34600 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-34634 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-34634 - https://github.com/radman404/CVE-2023-34634 CVE-2023-34644 - https://github.com/tanjiti/sec_profile +CVE-2023-34644 - https://github.com/winmt/winmt CVE-2023-34659 - https://github.com/izj007/wechat CVE-2023-34659 - https://github.com/whoami13apt/files2 CVE-2023-34733 - https://github.com/1-tong/vehicle_cves @@ -147148,6 +147282,7 @@ CVE-2023-34973 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-34981 - https://github.com/ARPSyndicate/cvemon CVE-2023-34981 - https://github.com/Dzmitry-Basiachenka/dist-foreign-aliakh CVE-2023-3499 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2023-34992 - https://github.com/horizon3ai/CVE-2023-34992 CVE-2023-34992 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-35001 - https://github.com/ZonghaoLi777/githubTrending CVE-2023-35001 - https://github.com/aneasystone/github-trending @@ -147287,6 +147422,7 @@ CVE-2023-35359 - https://github.com/AabyssZG/AWD-Guide CVE-2023-35359 - https://github.com/Karmaz95/Karmaz95 CVE-2023-35359 - https://github.com/Threekiii/CVE CVE-2023-35359 - https://github.com/afine-com/research +CVE-2023-35359 - https://github.com/hungslab/awd-tools CVE-2023-3536 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-35360 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-35361 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -147483,6 +147619,7 @@ CVE-2023-36076 - https://github.com/wy876/POC CVE-2023-36076 - https://github.com/xingchennb/POC- CVE-2023-3608 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-36085 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2023-36085 - https://github.com/omershaik0/CVE-2023-36085_SISQUALWFM-Host-Header-Injection CVE-2023-36089 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-3609 - https://github.com/nidhi7598/linux-4.19.72_CVE-2023-3609 CVE-2023-36090 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -147524,6 +147661,7 @@ CVE-2023-36169 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-3618 - https://github.com/NaInSec/CVE-LIST CVE-2023-3618 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-3618 - https://github.com/jgamblin/cvelint-action +CVE-2023-3618 - https://github.com/khulnasoft-lab/cvelint-action CVE-2023-3618 - https://github.com/mprpic/cvelint CVE-2023-36210 - https://github.com/capture0x/My-CVE CVE-2023-36211 - https://github.com/capture0x/My-CVE @@ -147748,6 +147886,7 @@ CVE-2023-36844 - https://github.com/securi3ytalent/bugbounty-CVE-Report CVE-2023-36844 - https://github.com/tanjiti/sec_profile CVE-2023-36844 - https://github.com/watchtowrlabs/juniper-rce_cve-2023-36844 CVE-2023-36845 - https://github.com/0xNehru/CVE-2023-36845-Juniper-Vulnerability +CVE-2023-36845 - https://github.com/3yujw7njai/ansible-cve-2023-36845 CVE-2023-36845 - https://github.com/Asbawy/Automation-for-Juniper-cve-2023-36845 CVE-2023-36845 - https://github.com/CKevens/ansible-cve-2023-36845 CVE-2023-36845 - https://github.com/CharonDefalt/Juniper-exploit-CVE-2023-36845 @@ -148162,6 +148301,9 @@ CVE-2023-38002 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-3801 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-38029 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-38030 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2023-38031 - https://github.com/winmt/winmt +CVE-2023-38032 - https://github.com/winmt/winmt +CVE-2023-38033 - https://github.com/winmt/winmt CVE-2023-38035 - https://github.com/LeakIX/sentryexploit CVE-2023-38035 - https://github.com/Ostorlab/KEV CVE-2023-38035 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors @@ -148199,6 +148341,7 @@ CVE-2023-38146 - https://github.com/Threekiii/CVE CVE-2023-38146 - https://github.com/ZonghaoLi777/githubTrending CVE-2023-38146 - https://github.com/aneasystone/github-trending CVE-2023-38146 - https://github.com/ankitosh/temp +CVE-2023-38146 - https://github.com/exploits-forsale/themebleed CVE-2023-38146 - https://github.com/gabe-k/themebleed CVE-2023-38146 - https://github.com/johe123qwe/github-trending CVE-2023-38146 - https://github.com/nomi-sec/PoC-in-GitHub @@ -148432,6 +148575,7 @@ CVE-2023-38606 - https://github.com/Danie10/Danie10 CVE-2023-38606 - https://github.com/Ostorlab/KEV CVE-2023-38606 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors CVE-2023-38606 - https://github.com/jp-cpe/retrieve-cvss-scores +CVE-2023-38609 - https://github.com/mc-17/CVE-2023-38609 CVE-2023-38609 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-3861 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-38610 - https://github.com/didi/kemon @@ -148527,6 +148671,7 @@ CVE-2023-38646 - https://github.com/securezeron/CVE-2023-38646 CVE-2023-38646 - https://github.com/shamo0/CVE-2023-38646-PoC CVE-2023-38646 - https://github.com/syr1ne/exploits CVE-2023-38646 - https://github.com/threatHNTR/CVE-2023-38646 +CVE-2023-38646 - https://github.com/xchg-rax-rax/CVE-2023-38646 CVE-2023-38646 - https://github.com/xxRON-js/Collaborator-like CVE-2023-38646 - https://github.com/yxl2001/CVE-2023-38646 CVE-2023-3865 - https://github.com/Notselwyn/exploits @@ -148573,6 +148718,7 @@ CVE-2023-38821 - https://github.com/TraiLeR2/CoD-MW-Warzone-2---CVE-2023-38821 CVE-2023-38821 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-38822 - https://github.com/TraiLeR2/Corsair---DLL-Planting-CVE-2023-38822 CVE-2023-38822 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2023-38825 - https://github.com/ntrampham/REDCap CVE-2023-38829 - https://github.com/Luwak-IoT-Security/CVEs CVE-2023-38829 - https://github.com/adhikara13/CVE-2023-38829-NETIS-WF2409E CVE-2023-38829 - https://github.com/nomi-sec/PoC-in-GitHub @@ -148651,6 +148797,7 @@ CVE-2023-38831 - https://github.com/r1yaz/winDED CVE-2023-38831 - https://github.com/ruycr4ft/CVE-2023-38831 CVE-2023-38831 - https://github.com/s4m98/winrar-cve-2023-38831-poc-gen CVE-2023-38831 - https://github.com/sadnansakin/Winrar_0-day_RCE_Exploitation +CVE-2023-38831 - https://github.com/sh770/CVE-2023-38831 CVE-2023-38831 - https://github.com/solomon12354/VolleyballSquid-----CVE-2023-38831-and-Bypass-UAC CVE-2023-38831 - https://github.com/takinrom/nto2024-user4-report CVE-2023-38831 - https://github.com/tanjiti/sec_profile @@ -148734,6 +148881,8 @@ CVE-2023-39214 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-3922 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-39223 - https://github.com/NaInSec/CVE-LIST CVE-2023-39223 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2023-39236 - https://github.com/winmt/winmt +CVE-2023-39237 - https://github.com/winmt/winmt CVE-2023-39238 - https://github.com/ShielderSec/poc CVE-2023-39239 - https://github.com/ShielderSec/poc CVE-2023-39240 - https://github.com/ShielderSec/poc @@ -148957,6 +149106,7 @@ CVE-2023-39983 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-39985 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-39986 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-39992 - https://github.com/hackintoanetwork/hackintoanetwork +CVE-2023-40000 - https://github.com/iveresk/cve-2023-40000 CVE-2023-40000 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-40000 - https://github.com/rxerium/CVE-2023-40000 CVE-2023-40000 - https://github.com/rxerium/stars @@ -149264,7 +149414,9 @@ CVE-2023-40924 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-40930 - https://github.com/NSnidie/CVE-2023-40930 CVE-2023-40930 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-40931 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2023-40931 - https://github.com/sealldeveloper/CVE-2023-40931-PoC CVE-2023-40933 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2023-40933 - https://github.com/sealldeveloper/CVE-2023-40933-PoC CVE-2023-40943 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-4097 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-4098 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -149624,6 +149776,7 @@ CVE-2023-41948 - https://github.com/parkttule/parkttule CVE-2023-41963 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-41964 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-41968 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2023-4197 - https://github.com/alien-keric/CVE-2023-4197 CVE-2023-4197 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-41974 - https://github.com/PureKFD/PureKFD CVE-2023-41974 - https://github.com/Spoou/123 @@ -149874,6 +150027,7 @@ CVE-2023-42793 - https://github.com/Threekiii/Vulhub-Reproduce CVE-2023-42793 - https://github.com/UNC1739/awesome-vulnerability-research CVE-2023-42793 - https://github.com/WhiteOwl-Pub/PoC-JetBrains-TeamCity-CVE-2023-42793 CVE-2023-42793 - https://github.com/Y4tacker/JavaSec +CVE-2023-42793 - https://github.com/YN1337/JetBrains-TeamCity- CVE-2023-42793 - https://github.com/Zenmovie/CVE-2023-42793 CVE-2023-42793 - https://github.com/Zyad-Elsayed/CVE-2023-42793 CVE-2023-42793 - https://github.com/aleksey-vi/presentation-report @@ -149881,6 +150035,7 @@ CVE-2023-42793 - https://github.com/brun0ne/teamcity-enumeration CVE-2023-42793 - https://github.com/getdrive/PoC CVE-2023-42793 - https://github.com/hotplugin0x01/CVE-2023-42793 CVE-2023-42793 - https://github.com/johnossawy/CVE-2023-42793_POC +CVE-2023-42793 - https://github.com/junnythemarksman/CVE-2023-42793 CVE-2023-42793 - https://github.com/netlas-io/netlas-dorks CVE-2023-42793 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-42793 - https://github.com/whitfieldsdad/cisa_kev @@ -150150,6 +150305,7 @@ CVE-2023-43611 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-43622 - https://github.com/arsenalzp/apch-operator CVE-2023-43622 - https://github.com/sebastienwebdev/Vulnerability CVE-2023-43622 - https://github.com/sebastienwebdev/sebastienwebdev +CVE-2023-43622 - https://github.com/visudade/CVE-2023-43622 CVE-2023-43641 - https://github.com/0xKilty/RE-learning-resources CVE-2023-43641 - https://github.com/0xlino/0xlino CVE-2023-43641 - https://github.com/CraigTeelFugro/CraigTeelFugro @@ -150252,6 +150408,7 @@ CVE-2023-43836 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-43837 - https://github.com/bhaveshharmalkar/learn365 CVE-2023-43838 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-43838 - https://github.com/rootd4ddy/CVE-2023-43838 +CVE-2023-43840 - https://github.com/LovelyWei/clash_for_windows_1click_RCE CVE-2023-43852 - https://github.com/YjjNJUPT/AsiaCCS2024_vul_report CVE-2023-43854 - https://github.com/YjjNJUPT/AsiaCCS2024_vul_report CVE-2023-43855 - https://github.com/YjjNJUPT/AsiaCCS2024_vul_report @@ -150727,20 +150884,26 @@ CVE-2023-45222 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-45223 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-45226 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-45227 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2023-45229 - https://github.com/1490kdrm/vuln_BIOs CVE-2023-45229 - https://github.com/quarkslab/pixiefail CVE-2023-4523 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2023-45230 - https://github.com/1490kdrm/vuln_BIOs CVE-2023-45230 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-45230 - https://github.com/quarkslab/pixiefail CVE-2023-45231 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-45231 - https://github.com/quarkslab/pixiefail +CVE-2023-45232 - https://github.com/1490kdrm/vuln_BIOs CVE-2023-45232 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-45232 - https://github.com/quarkslab/pixiefail CVE-2023-45233 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-45233 - https://github.com/quarkslab/pixiefail +CVE-2023-45234 - https://github.com/1490kdrm/vuln_BIOs CVE-2023-45234 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-45234 - https://github.com/quarkslab/pixiefail CVE-2023-45235 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-45235 - https://github.com/quarkslab/pixiefail +CVE-2023-45236 - https://github.com/1490kdrm/vuln_BIOs +CVE-2023-45237 - https://github.com/1490kdrm/vuln_BIOs CVE-2023-45244 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-45244 - https://github.com/password123456/cve-collector CVE-2023-45245 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -150801,6 +150964,7 @@ CVE-2023-45466 - https://github.com/Luwak-IoT-Security/CVEs CVE-2023-45467 - https://github.com/Luwak-IoT-Security/CVEs CVE-2023-45468 - https://github.com/Luwak-IoT-Security/CVEs CVE-2023-45471 - https://github.com/itsAptx/CVE-2023-45471 +CVE-2023-45471 - https://github.com/mehdibelhajamor/CVE-2023-45471 CVE-2023-45471 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-4548 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-4549 - https://github.com/b0marek/CVE-2023-4549 @@ -150815,6 +150979,7 @@ CVE-2023-45534 - https://github.com/yangliukk/emlog CVE-2023-45535 - https://github.com/yangliukk/emlog CVE-2023-45536 - https://github.com/yangliukk/emlog CVE-2023-45537 - https://github.com/yangliukk/emlog +CVE-2023-45539 - https://github.com/hackthebox/cyber-apocalypse-2024 CVE-2023-4554 - https://github.com/cxosmo/CVEs CVE-2023-45540 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-45540 - https://github.com/soundarkutty/CVE-2023-45540 @@ -150948,7 +151113,9 @@ CVE-2023-4586 - https://github.com/Keymaster65/copper2go CVE-2023-4586 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-4586 - https://github.com/jwulf/release-note-poc-mvp CVE-2023-45864 - https://github.com/xairy/linux-kernel-exploitation +CVE-2023-45866 - https://github.com/0xbitx/DEDSEC_BKIF CVE-2023-45866 - https://github.com/Eason-zz/BluetoothDucky +CVE-2023-45866 - https://github.com/H4lo/awesome-IoT-security-article CVE-2023-45866 - https://github.com/V33RU/CommandInWiFi CVE-2023-45866 - https://github.com/V33RU/CommandInWiFi-Zeroclick CVE-2023-45866 - https://github.com/ZonghaoLi777/githubTrending @@ -150957,6 +151124,7 @@ CVE-2023-45866 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-45866 - https://github.com/gato001k1/helt CVE-2023-45866 - https://github.com/jjjjjjjj987/cve-2023-45866-py CVE-2023-45866 - https://github.com/johe123qwe/github-trending +CVE-2023-45866 - https://github.com/krazystar55/BlueDucky CVE-2023-45866 - https://github.com/marcnewlin/hi_my_name_is_keyboard CVE-2023-45866 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-45866 - https://github.com/pentestfunctions/BlueDucky @@ -150996,6 +151164,7 @@ CVE-2023-4600 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-46003 - https://github.com/leekenghwa/CVE-2023-46003 CVE-2023-46003 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-46009 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2023-46012 - https://github.com/dest-3/CVE-2023-46012 CVE-2023-46014 - https://github.com/ersinerenler/CVE-2023-46014-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability CVE-2023-46014 - https://github.com/ersinerenler/Code-Projects-Blood-Bank-1.0 CVE-2023-46014 - https://github.com/esasadam06/Simple-CRUD-Functionality-SQLi-POC @@ -151127,6 +151296,7 @@ CVE-2023-4641 - https://github.com/GrigGM/05-virt-04-docker-hw CVE-2023-4641 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-4641 - https://github.com/fokypoky/places-list CVE-2023-46428 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2023-46442 - https://github.com/JAckLosingHeart/CVE-2023-46442_POC CVE-2023-46442 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-46445 - https://github.com/RUB-NDS/Terrapin-Artifacts CVE-2023-46446 - https://github.com/RUB-NDS/Terrapin-Artifacts @@ -151224,6 +151394,7 @@ CVE-2023-46604 - https://github.com/muneebaashiq/MBProjects CVE-2023-46604 - https://github.com/nitzanoligo/CVE-2023-46604-demo CVE-2023-46604 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-46604 - https://github.com/ph-hitachi/CVE-2023-46604 +CVE-2023-46604 - https://github.com/pulentoski/CVE-2023-46604 CVE-2023-46604 - https://github.com/sampsonv/github-trending CVE-2023-46604 - https://github.com/seal-community/patches CVE-2023-46604 - https://github.com/sule01u/CVE-2023-46604 @@ -151247,6 +151418,7 @@ CVE-2023-46673 - https://github.com/muneebaashiq/MBProjects CVE-2023-46675 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-46687 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-46688 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2023-46694 - https://github.com/invisiblebyte/CVE-2023-46694 CVE-2023-46695 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-46699 - https://github.com/a-zara-n/a-zara-n CVE-2023-46701 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -151329,6 +151501,7 @@ CVE-2023-46782 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-46783 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-4680 - https://github.com/inguardians/ivanti-VPN-issues-2024-research CVE-2023-46805 - https://github.com/20142995/sectool +CVE-2023-46805 - https://github.com/Cappricio-Securities/CVE-2023-46805 CVE-2023-46805 - https://github.com/Chocapikk/CVE-2023-46805 CVE-2023-46805 - https://github.com/H4lo/awesome-IoT-security-article CVE-2023-46805 - https://github.com/HiS3/Ivanti-ICT-Snapshot-decryption @@ -151695,6 +151868,7 @@ CVE-2023-48123 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-4813 - https://github.com/adegoodyer/kubernetes-admin-toolkit CVE-2023-4813 - https://github.com/fokypoky/places-list CVE-2023-4813 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2023-4813 - https://github.com/tnishiox/kernelcare-playground CVE-2023-48161 - https://github.com/tacetool/TACE CVE-2023-48165 - https://github.com/jcifox/cve_list CVE-2023-4818 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -151789,6 +151963,7 @@ CVE-2023-4863 - https://github.com/caoweiquan322/NotEnough CVE-2023-4863 - https://github.com/cgohlke/win_arm64-wheels CVE-2023-4863 - https://github.com/hktalent/TOP CVE-2023-4863 - https://github.com/houjingyi233/awesome-fuzz +CVE-2023-4863 - https://github.com/huiwen-yayaya/CVE-2023-4863 CVE-2023-4863 - https://github.com/jiegec/awesome-stars CVE-2023-4863 - https://github.com/johe123qwe/github-trending CVE-2023-4863 - https://github.com/mistymntncop/CVE-2023-4863 @@ -151826,6 +152001,7 @@ CVE-2023-48788 - https://github.com/tanjiti/sec_profile CVE-2023-48788 - https://github.com/toxyl/lscve CVE-2023-48791 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-48791 - https://github.com/vulsio/go-cve-dictionary +CVE-2023-48795 - https://github.com/Dev0psSec/SSH-Terrapin-Attack CVE-2023-48795 - https://github.com/Dev5ec0ps/SSH-Terrapin-Attack CVE-2023-48795 - https://github.com/GitHubForSnap/openssh-server-gael CVE-2023-48795 - https://github.com/GlTIab/SSH-Terrapin-Attack @@ -151924,6 +152100,7 @@ CVE-2023-49070 - https://github.com/mintoolkit/mint CVE-2023-49070 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-49070 - https://github.com/slimtoolkit/slim CVE-2023-49070 - https://github.com/tanjiti/sec_profile +CVE-2023-49070 - https://github.com/tw0point/BadBizness-CVE-2023-51467 CVE-2023-49070 - https://github.com/txuswashere/OSCP CVE-2023-49070 - https://github.com/wjlin0/poc-doc CVE-2023-49070 - https://github.com/wy876/POC @@ -152140,6 +152317,7 @@ CVE-2023-49580 - https://github.com/tanjiti/sec_profile CVE-2023-49583 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-49598 - https://github.com/mute1008/mute1008 CVE-2023-49598 - https://github.com/mute1997/mute1997 +CVE-2023-49606 - https://github.com/d0rb/CVE-2023-49606 CVE-2023-49606 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-49606 - https://github.com/tanjiti/sec_profile CVE-2023-49607 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -152460,6 +152638,7 @@ CVE-2023-50643 - https://github.com/giovannipajeu1/CVE-2023-50643 CVE-2023-50643 - https://github.com/giovannipajeu1/giovannipajeu1 CVE-2023-50643 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-50671 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2023-50685 - https://github.com/UnderwaterCoder/Hipcam-RTSP-Format-Validation-Vulnerability CVE-2023-5070 - https://github.com/RandomRobbieBF/CVE-2023-5070 CVE-2023-5070 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-50711 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -152739,6 +152918,7 @@ CVE-2023-51467 - https://github.com/jakabakos/Apache-OFBiz-Authentication-Bypass CVE-2023-51467 - https://github.com/murayr/Bizness CVE-2023-51467 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-51467 - https://github.com/tanjiti/sec_profile +CVE-2023-51467 - https://github.com/tw0point/BadBizness-CVE-2023-51467 CVE-2023-51467 - https://github.com/txuswashere/OSCP CVE-2023-51467 - https://github.com/vulncheck-oss/cve-2023-51467 CVE-2023-51467 - https://github.com/vulncheck-oss/go-exploit @@ -153473,6 +153653,7 @@ CVE-2023-6237 - https://github.com/seal-community/patches CVE-2023-6238 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-6240 - https://github.com/NaInSec/CVE-LIST CVE-2023-6240 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2023-6241 - https://github.com/SmileTabLabo/CVE-2023-6241 CVE-2023-6241 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-6241 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-6241 - https://github.com/xairy/linux-kernel-exploitation @@ -158778,6 +158959,7 @@ CVE-2024-0225 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-0226 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-0227 - https://github.com/NaInSec/CVE-LIST CVE-2024-0229 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-0230 - https://github.com/H4lo/awesome-IoT-security-article CVE-2024-0230 - https://github.com/gato001k1/helt CVE-2024-0230 - https://github.com/keldnorman/cve-2024-0230-blue CVE-2024-0230 - https://github.com/marcnewlin/hi_my_name_is_keyboard @@ -159861,6 +160043,10 @@ CVE-2024-20359 - https://github.com/west-wind/Threat-Hunting-With-Splunk CVE-2024-20376 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-20378 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-20389 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-20404 - https://github.com/AbdElRahmanEzzat1995/CVE-2024-20404 +CVE-2024-20404 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2024-20405 - https://github.com/AbdElRahmanEzzat1995/CVE-2024-20405 +CVE-2024-20405 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-2042 - https://github.com/NaInSec/CVE-LIST CVE-2024-2042 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-2044 - https://github.com/NaInSec/CVE-LIST @@ -161697,6 +161883,8 @@ CVE-2024-24041 - https://github.com/tubakvgc/CVEs CVE-2024-24042 - https://github.com/NaInSec/CVE-LIST CVE-2024-24043 - https://github.com/NaInSec/CVE-LIST CVE-2024-24050 - https://github.com/NaInSec/CVE-LIST +CVE-2024-2408 - https://github.com/chnzzh/OpenSSL-CVE-lib +CVE-2024-2408 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-24092 - https://github.com/ASR511-OO7/CVE-2024-24092 CVE-2024-24092 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-24093 - https://github.com/ASR511-OO7/CVE-2024-24093 @@ -162116,13 +162304,16 @@ CVE-2024-24919 - https://github.com/numencyber/Vulnerability_PoC CVE-2024-24919 - https://github.com/pewc0/CVE-2024-24919 CVE-2024-24919 - https://github.com/r4p3c4/CVE-2024-24919-Checkpoint-Firewall-VPN-Check CVE-2024-24919 - https://github.com/r4p3c4/CVE-2024-24919-Exploit-PoC-Checkpoint-Firewall-VPN +CVE-2024-24919 - https://github.com/satchhacker/cve-2024-24919 CVE-2024-24919 - https://github.com/satriarizka/CVE-2024-24919 CVE-2024-24919 - https://github.com/seed1337/CVE-2024-24919-POC CVE-2024-24919 - https://github.com/sep2limited/CheckPoint_Query_Py +CVE-2024-24919 - https://github.com/shilpaverma2/NEW-CHECKPOINT-CVE CVE-2024-24919 - https://github.com/smackerdodi/CVE-2024-24919-nuclei-templater CVE-2024-24919 - https://github.com/starlox0/CVE-2024-24919-POC CVE-2024-24919 - https://github.com/tanjiti/sec_profile CVE-2024-24919 - https://github.com/un9nplayer/CVE-2024-24919 +CVE-2024-24919 - https://github.com/verylazytech/CVE-2024-24919 CVE-2024-24919 - https://github.com/wjlin0/poc-doc CVE-2024-24919 - https://github.com/wy876/POC CVE-2024-24919 - https://github.com/wy876/wiki @@ -162498,6 +162689,7 @@ CVE-2024-25600 - https://github.com/aneasystone/github-trending CVE-2024-25600 - https://github.com/fireinrain/github-trending CVE-2024-25600 - https://github.com/gobysec/Goby CVE-2024-25600 - https://github.com/hy011121/CVE-2024-25600-wordpress-Exploit-RCE +CVE-2024-25600 - https://github.com/ivanbg2004/0BL1V10N-CVE-2024-25600-Bricks-Builder-plugin-for-WordPress CVE-2024-25600 - https://github.com/johe123qwe/github-trending CVE-2024-25600 - https://github.com/k3lpi3b4nsh33/CVE-2024-25600 CVE-2024-25600 - https://github.com/nomi-sec/PoC-in-GitHub @@ -163652,6 +163844,7 @@ CVE-2024-27956 - https://github.com/ZonghaoLi777/githubTrending CVE-2024-27956 - https://github.com/aneasystone/github-trending CVE-2024-27956 - https://github.com/diego-tella/CVE-2024-27956-RCE CVE-2024-27956 - https://github.com/fireinrain/github-trending +CVE-2024-27956 - https://github.com/itzheartzz/MASS-CVE-2024-27956 CVE-2024-27956 - https://github.com/johe123qwe/github-trending CVE-2024-27956 - https://github.com/k3ppf0r/CVE-2024-27956 CVE-2024-27956 - https://github.com/nancyariah4/CVE-2024-27956 @@ -164391,6 +164584,7 @@ CVE-2024-29243 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-29244 - https://github.com/NaInSec/CVE-LIST CVE-2024-29244 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-29269 - https://github.com/Chocapikk/CVE-2024-29269 +CVE-2024-29269 - https://github.com/Jhonsonwannaa/CVE-2024-29269 CVE-2024-29269 - https://github.com/Ostorlab/KEV CVE-2024-29269 - https://github.com/YongYe-Security/CVE-2024-29269 CVE-2024-29269 - https://github.com/nomi-sec/PoC-in-GitHub @@ -164444,6 +164638,7 @@ CVE-2024-2940 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-29401 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-2941 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-29415 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-29415 - https://github.com/tanjiti/sec_profile CVE-2024-29417 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-29419 - https://github.com/NaInSec/CVE-LIST CVE-2024-29419 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -165265,6 +165460,7 @@ CVE-2024-31576 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3158 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3159 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3160 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-31621 - https://github.com/komodoooo/Some-things CVE-2024-31634 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-31636 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-31666 - https://github.com/hapa3/cms @@ -165291,6 +165487,7 @@ CVE-2024-31804 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-31818 - https://github.com/Chocapikk/My-CVEs CVE-2024-31819 - https://github.com/Chocapikk/CVE-2024-31819 CVE-2024-31819 - https://github.com/Chocapikk/My-CVEs +CVE-2024-31819 - https://github.com/Jhonsonwannaa/CVE-2024-31819 CVE-2024-31819 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-31839 - https://github.com/chebuya/CVE-2024-30850-chaos-rat-rce-poc CVE-2024-31839 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -165351,6 +165548,8 @@ CVE-2024-32002 - https://github.com/Basyaact/CVE-2024-32002-PoC_Chinese CVE-2024-32002 - https://github.com/CrackerCat/CVE-2024-32002_EXP CVE-2024-32002 - https://github.com/GhostTroops/TOP CVE-2024-32002 - https://github.com/Goplush/CVE-2024-32002-git-rce +CVE-2024-32002 - https://github.com/Hector65432/cve-2024-32002-1 +CVE-2024-32002 - https://github.com/Hector65432/cve-2024-32002-2 CVE-2024-32002 - https://github.com/JJoosh/CVE-2024-32002-Reverse-Shell CVE-2024-32002 - https://github.com/JakobTheDev/cve-2024-32002-poc-aw CVE-2024-32002 - https://github.com/JakobTheDev/cve-2024-32002-poc-rce @@ -165520,6 +165719,8 @@ CVE-2024-32679 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-32699 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-32709 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-32709 - https://github.com/truonghuuphuc/CVE-2024-32709-Poc +CVE-2024-32714 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-32715 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3272 - https://github.com/OIivr/Turvan6rkus-CVE-2024-3273 CVE-2024-3272 - https://github.com/WanLiChangChengWanLiChang/WanLiChangChengWanLiChang CVE-2024-3272 - https://github.com/aliask/dinkleberry @@ -165530,6 +165731,7 @@ CVE-2024-3272 - https://github.com/toxyl/lscve CVE-2024-3272 - https://github.com/wjlin0/poc-doc CVE-2024-3272 - https://github.com/wy876/POC CVE-2024-3272 - https://github.com/wy876/wiki +CVE-2024-32725 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-32728 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3273 - https://github.com/Chocapikk/CVE-2024-3273 CVE-2024-3273 - https://github.com/GhostTroops/TOP @@ -166195,6 +166397,7 @@ CVE-2024-36589 - https://github.com/go-compile/security-advisories CVE-2024-3661 - https://github.com/a1xbit/DecloakingVPN CVE-2024-3661 - https://github.com/apiverve/news-API CVE-2024-3661 - https://github.com/bollwarm/SecToolSet +CVE-2024-3661 - https://github.com/cyberspatiallabs/TunnelVision CVE-2024-3661 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3661 - https://github.com/giterlizzi/secdb-feeds CVE-2024-3661 - https://github.com/leviathansecurity/TunnelVision @@ -166234,7 +166437,12 @@ CVE-2024-3745 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3748 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3749 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3750 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-37569 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3757 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-37570 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-37573 - https://github.com/actuator/cve +CVE-2024-37574 - https://github.com/actuator/cve +CVE-2024-37575 - https://github.com/actuator/cve CVE-2024-3758 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3759 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3764 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -166435,6 +166643,7 @@ CVE-2024-4358 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-4358 - https://github.com/securitycipher/daily-bugbounty-writeups CVE-2024-4358 - https://github.com/sinsinology/CVE-2024-4358 CVE-2024-4358 - https://github.com/tanjiti/sec_profile +CVE-2024-4358 - https://github.com/verylazytech/CVE-2024-4358 CVE-2024-4358 - https://github.com/wy876/POC CVE-2024-4358 - https://github.com/wy876/wiki CVE-2024-4363 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -166510,8 +166719,10 @@ CVE-2024-4559 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4561 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4562 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4568 - https://github.com/bladchan/bladchan +CVE-2024-4577 - https://github.com/0x20c/CVE-2024-4577-nuclei CVE-2024-4577 - https://github.com/0xsyr0/OSCP CVE-2024-4577 - https://github.com/11whoami99/CVE-2024-4577 +CVE-2024-4577 - https://github.com/Chocapikk/CVE-2024-4577 CVE-2024-4577 - https://github.com/GhostTroops/TOP CVE-2024-4577 - https://github.com/Junp0/CVE-2024-4577 CVE-2024-4577 - https://github.com/Sysc4ll3r/CVE-2024-4577 @@ -166519,15 +166730,22 @@ CVE-2024-4577 - https://github.com/TAM-K592/CVE-2024-4577 CVE-2024-4577 - https://github.com/WanLiChangChengWanLiChang/CVE-2024-4577-RCE-EXP CVE-2024-4577 - https://github.com/Wh02m1/CVE-2024-4577 CVE-2024-4577 - https://github.com/Yukiioz/CVE-2024-4577 +CVE-2024-4577 - https://github.com/ZephrFish/CVE-2024-4577-PHP-RCE +CVE-2024-4577 - https://github.com/dbyMelina/CVE-2024-4577 +CVE-2024-4577 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4577 - https://github.com/huseyinstif/CVE-2024-4577-Nuclei-Template +CVE-2024-4577 - https://github.com/manuelinfosec/CVE-2024-4577 CVE-2024-4577 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-4577 - https://github.com/ohhhh693/CVE-2024-4577 CVE-2024-4577 - https://github.com/princew88/CVE-2024-4577 CVE-2024-4577 - https://github.com/taida957789/CVE-2024-4577 CVE-2024-4577 - https://github.com/tanjiti/sec_profile +CVE-2024-4577 - https://github.com/vwilzz/PHP-RCE-4577 CVE-2024-4577 - https://github.com/watchtowrlabs/CVE-2024-4577 CVE-2024-4577 - https://github.com/wy876/POC CVE-2024-4577 - https://github.com/wy876/wiki +CVE-2024-4577 - https://github.com/xcanwin/CVE-2024-4577-PHP-RCE +CVE-2024-4577 - https://github.com/zomasec/CVE-2024-4577 CVE-2024-4582 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4583 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4584 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -166574,6 +166792,7 @@ CVE-2024-4666 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4670 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4671 - https://github.com/apiverve/news-API CVE-2024-4671 - https://github.com/tanjiti/sec_profile +CVE-2024-4680 - https://github.com/sev-hack/sev-hack CVE-2024-4701 - https://github.com/JoeBeeton/CVE-2024-4701-POC CVE-2024-4701 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-4702 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -166663,6 +166882,7 @@ CVE-2024-4956 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-4956 - https://github.com/securitycipher/daily-bugbounty-writeups CVE-2024-4956 - https://github.com/tanjiti/sec_profile CVE-2024-4956 - https://github.com/thinhap/CVE-2024-4956-PoC +CVE-2024-4956 - https://github.com/verylazytech/CVE-2024-4956 CVE-2024-4956 - https://github.com/wjlin0/poc-doc CVE-2024-4956 - https://github.com/wy876/POC CVE-2024-4956 - https://github.com/wy876/wiki @@ -166719,6 +166939,7 @@ CVE-2024-5382 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5383 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5384 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5385 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-5389 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5390 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5391 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-54321 - https://github.com/runwuf/clickhouse-test diff --git a/references.txt b/references.txt index 85832a3d30..2ae7e3d8c9 100644 --- a/references.txt +++ b/references.txt @@ -93638,6 +93638,7 @@ CVE-2017-7412 - https://github.com/NixOS/nixpkgs/commit/fa4fe7110566d8370983fa81 CVE-2017-7412 - https://github.com/NixOS/nixpkgs/commit/fa4fe7110566d8370983fa81f2b04a833339236d CVE-2017-7415 - https://packetstormsecurity.com/files/142330/Confluence-6.0.x-Information-Disclosure.html CVE-2017-7415 - https://packetstormsecurity.com/files/142330/Confluence-6.0.x-Information-Disclosure.html +CVE-2017-7440 - https://www.gfi.com/support/products/Clickjacking-vulnerability-in-Kerio-Connect-8-and-9-CVE-2017-7440 CVE-2017-7442 - http://srcincite.io/advisories/src-2017-0005/ CVE-2017-7442 - http://srcincite.io/advisories/src-2017-0005/ CVE-2017-7442 - https://www.exploit-db.com/exploits/42418/ @@ -139179,6 +139180,7 @@ CVE-2020-6799 - https://bugzilla.mozilla.org/show_bug.cgi?id=1606596 CVE-2020-6799 - https://bugzilla.mozilla.org/show_bug.cgi?id=1606596 CVE-2020-6800 - https://usn.ubuntu.com/4328-1/ CVE-2020-6800 - https://usn.ubuntu.com/4328-1/ +CVE-2020-6801 - https://bugzilla.mozilla.org/buglist.cgi?bug_id=1601024%2C1601712%2C1604836%2C1606492 CVE-2020-6802 - https://www.checkmarx.com/blog/vulnerabilities-discovered-in-mozilla-bleach CVE-2020-6802 - https://www.checkmarx.com/blog/vulnerabilities-discovered-in-mozilla-bleach CVE-2020-6805 - https://usn.ubuntu.com/4328-1/ @@ -139203,6 +139205,7 @@ CVE-2020-6816 - https://www.checkmarx.com/blog/vulnerabilities-discovered-in-moz CVE-2020-6816 - https://www.checkmarx.com/blog/vulnerabilities-discovered-in-mozilla-bleach CVE-2020-6817 - https://bugzilla.mozilla.org/show_bug.cgi?id=1623633 CVE-2020-6817 - https://bugzilla.mozilla.org/show_bug.cgi?id=1623633 +CVE-2020-6825 - https://bugzilla.mozilla.org/buglist.cgi?bug_id=1572541%2C1620193%2C1620203 CVE-2020-6828 - https://bugzilla.mozilla.org/show_bug.cgi?id=1617928 CVE-2020-6828 - https://bugzilla.mozilla.org/show_bug.cgi?id=1617928 CVE-2020-6830 - https://bugzilla.mozilla.org/show_bug.cgi?id=1632387 @@ -148671,6 +148674,7 @@ CVE-2021-29072 - https://kb.netgear.com/000063018/Security-Advisory-for-Post-Aut CVE-2021-29072 - https://kb.netgear.com/000063018/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0493 CVE-2021-29075 - https://kb.netgear.com/000063010/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-WiFi-Systems-PSV-2020-0466 CVE-2021-29075 - https://kb.netgear.com/000063010/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-WiFi-Systems-PSV-2020-0466 +CVE-2021-29082 - https://kb.netgear.com/000063005/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-WiFi-Systems-PSV-2020-0037 CVE-2021-29099 - https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/security-advisory-e21-03-server-sql/ CVE-2021-29099 - https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/security-advisory-e21-03-server-sql/ CVE-2021-29100 - https://www.esri.com/arcgis-blog/products/arcgis-earth/administration/arcgis-earth-security-update @@ -152938,6 +152942,7 @@ CVE-2021-37606 - https://peter.website/meow-hash-cryptanalysis CVE-2021-37606 - https://peter.website/meow-hash-cryptanalysis CVE-2021-37613 - https://advisories.stormshield.eu CVE-2021-37613 - https://advisories.stormshield.eu +CVE-2021-37617 - https://github.com/nextcloud/security-advisories/security/advisories/GHSA-6q2w-v879-q24v CVE-2021-37623 - https://github.com/Exiv2/exiv2/pull/1790 CVE-2021-37623 - https://github.com/Exiv2/exiv2/pull/1790 CVE-2021-37624 - http://packetstormsecurity.com/files/164628/FreeSWITCH-1.10.6-Missing-SIP-MESSAGE-Authentication.html @@ -168851,6 +168856,7 @@ CVE-2022-3469 - https://wpscan.com/vulnerability/017ca231-e019-4694-afa2-ab7f848 CVE-2022-3469 - https://wpscan.com/vulnerability/017ca231-e019-4694-afa2-ab7f8481ae63 CVE-2022-3470 - https://github.com/Hanfu-l/POC-Exp/blob/main/The%20Human%20Resource%20Management%20System%20sc%20parameter%20is%20injected.pdf CVE-2022-3470 - https://github.com/Hanfu-l/POC-Exp/blob/main/The%20Human%20Resource%20Management%20System%20sc%20parameter%20is%20injected.pdf +CVE-2022-3470 - https://vuldb.com/?id.210714 CVE-2022-34704 - http://packetstormsecurity.com/files/168329/Windows-Credential-Guard-Non-Constant-Time-Comparison-Information-Disclosure.html CVE-2022-34704 - http://packetstormsecurity.com/files/168329/Windows-Credential-Guard-Non-Constant-Time-Comparison-Information-Disclosure.html CVE-2022-34705 - http://packetstormsecurity.com/files/168315/Windows-Credential-Guard-BCrypt-Context-Use-After-Free-Privilege-Escalation.html @@ -168965,6 +168971,7 @@ CVE-2022-34966 - https://grimthereaperteam.medium.com/cve-2022-34966-ossn-6-3-lt CVE-2022-34966 - https://grimthereaperteam.medium.com/cve-2022-34966-ossn-6-3-lts-html-injection-vulnerability-at-location-parameter-3fe791dd22c6 CVE-2022-34968 - https://jira.percona.com/browse/PS-8294 CVE-2022-34968 - https://jira.percona.com/browse/PS-8294 +CVE-2022-3497 - https://vuldb.com/?id.210786 CVE-2022-34970 - https://github.com/0xhebi/CVE-2022-34970/blob/master/report.md CVE-2022-34970 - https://github.com/0xhebi/CVE-2022-34970/blob/master/report.md CVE-2022-34972 - https://packetstormsecurity.com/files/167605/OpenCart-3.x-So-Filter-Shop-By-SQL-Injection.html @@ -169455,6 +169462,7 @@ CVE-2022-3579 - https://vuldb.com/?id.211186 CVE-2022-3579 - https://vuldb.com/?id.211186 CVE-2022-3582 - https://github.com/jusstSahil/CSRF-/blob/main/POC CVE-2022-3582 - https://github.com/jusstSahil/CSRF-/blob/main/POC +CVE-2022-3582 - https://vuldb.com/?id.211189 CVE-2022-35822 - http://packetstormsecurity.com/files/168331/Windows-Credential-Guard-TGT-Renewal-Information-Disclosure.html CVE-2022-35822 - http://packetstormsecurity.com/files/168331/Windows-Credential-Guard-TGT-Renewal-Information-Disclosure.html CVE-2022-3583 - https://github.com/joinia/webray.com.cn/blob/main/Canteen-Management-System/Canteensql1.md @@ -170037,6 +170045,7 @@ CVE-2022-3670 - https://github.com/axiomatic-systems/Bento4/files/9675049/Bug_3_ CVE-2022-3670 - https://github.com/axiomatic-systems/Bento4/files/9675049/Bug_3_POC.zip CVE-2022-3670 - https://github.com/axiomatic-systems/Bento4/issues/776 CVE-2022-3670 - https://github.com/axiomatic-systems/Bento4/issues/776 +CVE-2022-3670 - https://vuldb.com/?id.212010 CVE-2022-36736 - https://github.com/UditChavda/Udit-Chavda-CVE/blob/main/CVE-2022-36736 CVE-2022-36736 - https://github.com/UditChavda/Udit-Chavda-CVE/blob/main/CVE-2022-36736 CVE-2022-36755 - https://www.dlink.com/en/security-bulletin/ @@ -171173,6 +171182,7 @@ CVE-2022-39429 - https://www.oracle.com/security-alerts/cpujan2023.html CVE-2022-39429 - https://www.oracle.com/security-alerts/cpujan2023.html CVE-2022-3944 - https://github.com/jerryhanjj/ERP/issues/3 CVE-2022-3944 - https://github.com/jerryhanjj/ERP/issues/3 +CVE-2022-3944 - https://vuldb.com/?id.213451 CVE-2022-3945 - https://huntr.dev/bounties/55cd91b3-1d94-4d34-8d7f-86660b41fd65 CVE-2022-3945 - https://huntr.dev/bounties/55cd91b3-1d94-4d34-8d7f-86660b41fd65 CVE-2022-3946 - https://wpscan.com/vulnerability/b48e4e1d-e682-4b16-81dc-2feee78d7ed0 @@ -184769,6 +184779,7 @@ CVE-2023-40590 - https://github.com/gitpython-developers/GitPython/security/advi CVE-2023-4060 - https://wpscan.com/vulnerability/88745c9b-1c20-4004-89f6-d9ee223651f2 CVE-2023-40610 - https://github.com/orangecertcc/security-research/security/advisories/GHSA-f678-j579-4xf5 CVE-2023-40610 - https://github.com/orangecertcc/security-research/security/advisories/GHSA-f678-j579-4xf5 +CVE-2023-40618 - https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-40618 CVE-2023-40660 - http://www.openwall.com/lists/oss-security/2023/12/13/2 CVE-2023-40660 - http://www.openwall.com/lists/oss-security/2023/12/13/2 CVE-2023-40660 - https://github.com/OpenSC/OpenSC/issues/2792#issuecomment-1674806651 @@ -188733,6 +188744,7 @@ CVE-2023-6297 - https://github.com/dhabaleshwar/niv_testing_rxss/blob/main/explo CVE-2023-6297 - https://github.com/dhabaleshwar/niv_testing_rxss/blob/main/exploit.md CVE-2023-6298 - https://vuldb.com/?id.246124 CVE-2023-6298 - https://vuldb.com/?id.246124 +CVE-2023-6300 - https://github.com/BigTiger2020/2023/blob/main/best-courier-management-system/best-courier-management-system%20-%20reflected%20xss.md CVE-2023-6301 - https://github.com/BigTiger2020/2023/blob/main/best-courier-management-system/best-courier-management-system-reflected%20xss2.md CVE-2023-6301 - https://vuldb.com/?id.246127 CVE-2023-6301 - https://vuldb.com/?id.246127 @@ -188847,6 +188859,7 @@ CVE-2023-6599 - https://huntr.com/bounties/6198785c-bf60-422e-9b80-68a6e658a10e CVE-2023-6599 - https://huntr.com/bounties/6198785c-bf60-422e-9b80-68a6e658a10e CVE-2023-6607 - https://github.com/willchen0011/cve/blob/main/sql.md CVE-2023-6608 - https://github.com/willchen0011/cve/blob/main/sql2.md +CVE-2023-6611 - https://github.com/13223355/cve/blob/main/sql.md CVE-2023-6612 - https://github.com/OraclePi/repo/tree/main/totolink%20X5000R CVE-2023-6620 - https://wpscan.com/vulnerability/ab5c42ca-ee7d-4344-bd88-0d727ed3d9c4 CVE-2023-6621 - https://wpscan.com/vulnerability/b49ca336-5bc2-4d72-a9a5-b8c020057928 @@ -192152,6 +192165,7 @@ CVE-2024-28275 - https://paste.sr.ht/~edaigle/0b4a037fbd3166c8c72fee18efaa7decaf CVE-2024-28275 - https://paste.sr.ht/~edaigle/0b4a037fbd3166c8c72fee18efaa7decaf75b0ab CVE-2024-28286 - https://github.com/mz-automation/libiec61850/issues/496 CVE-2024-28286 - https://github.com/mz-automation/libiec61850/issues/496 +CVE-2024-28288 - https://github.com/adminquit/CVE-2024-28288/blob/d8223c6d45af877669c27fa0a95adfe51924fa86/CVE-2024-28288/CVE-2024-28288.md CVE-2024-28294 - https://gist.github.com/lx39214/248dc58c6d05455d4bd06c4d3df8e2d0 CVE-2024-28294 - https://gist.github.com/lx39214/248dc58c6d05455d4bd06c4d3df8e2d0 CVE-2024-28318 - https://github.com/gpac/gpac/issues/2764 @@ -194685,3 +194699,5 @@ CVE-2024-5758 - https://research.cleantalk.org/cve-2024-4305/ CVE-2024-5758 - https://research.cleantalk.org/cve-2024-4305/ CVE-2024-5758 - https://wpscan.com/vulnerability/635be98d-4c17-4e75-871f-9794d85a2eb1/ CVE-2024-5758 - https://wpscan.com/vulnerability/635be98d-4c17-4e75-871f-9794d85a2eb1/ +CVE-2024-5774 - https://github.com/CveSecLook/cve/issues/43 +CVE-2024-5775 - https://github.com/CveSecLook/cve/issues/44