diff --git a/2011/CVE-2011-2523.md b/2011/CVE-2011-2523.md index 50ab1339b2..39e933db17 100644 --- a/2011/CVE-2011-2523.md +++ b/2011/CVE-2011-2523.md @@ -73,6 +73,7 @@ vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which - https://github.com/sponkmonk/Ladon_english_update - https://github.com/sunzu94/vsftpd_2.3.4_Exploit - https://github.com/tarikemal/exploit-ftp-samba +- https://github.com/thanawut2903/Port-21-tcp-vsftpd-2.3.4-exploit - https://github.com/vaishnavucv/CVE-2011-2523 - https://github.com/vasanth-tamil/ctf-writeups - https://github.com/vmmaltsev/13.1 diff --git a/2012/CVE-2012-1823.md b/2012/CVE-2012-1823.md index 44e0c67507..23a610da0b 100644 --- a/2012/CVE-2012-1823.md +++ b/2012/CVE-2012-1823.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/0xl0k1/CVE-2012-1823 +- https://github.com/0xsyr0/OSCP - https://github.com/1060275195/Covid-v2-Botnet - https://github.com/404tk/lazyscan - https://github.com/ARPSyndicate/cvemon diff --git a/2012/CVE-2012-1876.md b/2012/CVE-2012-1876.md index 0d3eab785d..37e0e32b49 100644 --- a/2012/CVE-2012-1876.md +++ b/2012/CVE-2012-1876.md @@ -16,6 +16,7 @@ Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, does not prope #### Github - https://github.com/ExploitCN/CVE-2012-1876-win7_x86_and_win7x64 - https://github.com/WizardVan/CVE-2012-1876 +- https://github.com/ernestang98/win-exploits - https://github.com/migraine-sudo/Arsenal - https://github.com/ricew4ng/BrowserSecurity - https://github.com/ser4wang/BrowserSecurity diff --git a/2013/CVE-2013-3900.md b/2013/CVE-2013-3900.md index 85968465a5..1cff57b5ba 100644 --- a/2013/CVE-2013-3900.md +++ b/2013/CVE-2013-3900.md @@ -29,6 +29,7 @@ No PoCs from references. - https://github.com/ellikt1/Vulnerability-Assessment - https://github.com/florylsk/SignatureGate - https://github.com/hiba-ahmad1/NessusVulnManagement +- https://github.com/hibahmad30/NessusVulnManagement - https://github.com/izj007/wechat - https://github.com/jason-klein/signed-nsis-exe-append-payload - https://github.com/lau1010/Packer_VMware_Win19_UEFI_secure_boot_with_Updates diff --git a/2014/CVE-2014-0130.md b/2014/CVE-2014-0130.md index a09558ebdc..070bfae5d5 100644 --- a/2014/CVE-2014-0130.md +++ b/2014/CVE-2014-0130.md @@ -15,6 +15,7 @@ Directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb #### Github - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +- https://github.com/bibin-paul-trustme/ruby_repo - https://github.com/jasnow/585-652-ruby-advisory-db - https://github.com/omarkurt/cve-2014-0130 - https://github.com/rubysec/ruby-advisory-db diff --git a/2014/CVE-2014-0160.md b/2014/CVE-2014-0160.md index 39917b3297..b76422b477 100644 --- a/2014/CVE-2014-0160.md +++ b/2014/CVE-2014-0160.md @@ -18,6 +18,7 @@ The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not p - https://hackerone.com/reports/6626 #### Github +- https://github.com/00xNetrunner/Shodan_Cheet-Sheet - https://github.com/0day404/vulnerability-poc - https://github.com/0x0d3ad/Kn0ck - https://github.com/0x90/CVE-2014-0160 diff --git a/2014/CVE-2014-0224.md b/2014/CVE-2014-0224.md index 12ee3fb014..1d06766fa4 100644 --- a/2014/CVE-2014-0224.md +++ b/2014/CVE-2014-0224.md @@ -26,6 +26,7 @@ OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not pr - https://kc.mcafee.com/corporate/index?page=content&id=SB10075 #### Github +- https://github.com/00xNetrunner/Shodan_Cheet-Sheet - https://github.com/0nopnop/qualysparser - https://github.com/1N3/MassBleed - https://github.com/84KaliPleXon3/a2sv diff --git a/2014/CVE-2014-1234.md b/2014/CVE-2014-1234.md index f8f1db12bd..604859f688 100644 --- a/2014/CVE-2014-1234.md +++ b/2014/CVE-2014-1234.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/Haifisch/dayswithoutansslexploit - https://github.com/fhightower/ioc-finder - https://github.com/guilhermeG23/manual_suricata_simples +- https://github.com/xssec/xshodan diff --git a/2014/CVE-2014-6271.md b/2014/CVE-2014-6271.md index 2ae40466a1..d43eedd914 100644 --- a/2014/CVE-2014-6271.md +++ b/2014/CVE-2014-6271.md @@ -29,6 +29,7 @@ GNU Bash through 4.3 processes trailing strings after function definitions in th - https://www.exploit-db.com/exploits/42938/ #### Github +- https://github.com/00xNetrunner/Shodan_Cheet-Sheet - https://github.com/0bfxgh0st/cve-2014-6271 - https://github.com/0x00-0x00/CVE-2014-6271 - https://github.com/0x0d3ad/Kn0ck @@ -368,6 +369,7 @@ GNU Bash through 4.3 processes trailing strings after function definitions in th - https://github.com/francisck/shellshock-cgi - https://github.com/fxschaefer/ejpt - https://github.com/gabemarshall/shocknaww +- https://github.com/gauss77/LaboratoriosHack - https://github.com/ghoneycutt/puppet-module-cve - https://github.com/gipi/cve-cemetery - https://github.com/giterlizzi/secdb-feeds @@ -542,6 +544,7 @@ GNU Bash through 4.3 processes trailing strings after function definitions in th - https://github.com/riikunn1004/oscp-cheatsheet - https://github.com/rjdj0261/-Awesome-Hacking- - https://github.com/rmetzler/ansible-shellshock-fix +- https://github.com/rodolfomarianocy/OSCP-Tricks-2023 - https://github.com/roninAPT/pentest-kit - https://github.com/rrmomaya2900/0dayWriteup-THM - https://github.com/rrreeeyyy/cve-2014-6271-spec diff --git a/2014/CVE-2014-7818.md b/2014/CVE-2014-7818.md index d3e541ca8d..bf6fc4e197 100644 --- a/2014/CVE-2014-7818.md +++ b/2014/CVE-2014-7818.md @@ -13,6 +13,7 @@ Directory traversal vulnerability in actionpack/lib/action_dispatch/middleware/s - https://puppet.com/security/cve/cve-2014-7829 #### Github +- https://github.com/bibin-paul-trustme/ruby_repo - https://github.com/jasnow/585-652-ruby-advisory-db - https://github.com/rubysec/ruby-advisory-db - https://github.com/tdunning/github-advisory-parser diff --git a/2014/CVE-2014-7829.md b/2014/CVE-2014-7829.md index 42eab7d10c..16e7d08e2d 100644 --- a/2014/CVE-2014-7829.md +++ b/2014/CVE-2014-7829.md @@ -14,6 +14,7 @@ Directory traversal vulnerability in actionpack/lib/action_dispatch/middleware/s - https://puppet.com/security/cve/cve-2014-7829 #### Github +- https://github.com/bibin-paul-trustme/ruby_repo - https://github.com/jasnow/585-652-ruby-advisory-db - https://github.com/rubysec/ruby-advisory-db - https://github.com/zhangyongbo100/-Ruby-dl-handle.c-CVE-2009-5147- diff --git a/2015/CVE-2015-1635.md b/2015/CVE-2015-1635.md index 8e07934f86..8255dacaf3 100644 --- a/2015/CVE-2015-1635.md +++ b/2015/CVE-2015-1635.md @@ -19,6 +19,7 @@ HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Wind - https://github.com/ACIC-Africa/metasploitable3 - https://github.com/ARPSyndicate/cvemon - https://github.com/Aquilao/Toy-Box +- https://github.com/Cappricio-Securities/CVE-2015-1635 - https://github.com/H3xL00m/CVE-2015-1635 - https://github.com/H3xL00m/CVE-2015-1635-POC - https://github.com/Olysyan/MSS diff --git a/2015/CVE-2015-3104.md b/2015/CVE-2015-3104.md index 1218f90ca6..9f4675a129 100644 --- a/2015/CVE-2015-3104.md +++ b/2015/CVE-2015-3104.md @@ -17,5 +17,6 @@ No PoCs from references. - https://github.com/BLACKHAT-SSG/EXP-401-OSEE - https://github.com/HaifeiLi/HardenFlash - https://github.com/PwnAwan/EXP-401-OSEE +- https://github.com/ernestang98/win-exploits - https://github.com/gscamelo/OSEE diff --git a/2015/CVE-2015-3306.md b/2015/CVE-2015-3306.md index d763269f11..7cf41d8d1e 100644 --- a/2015/CVE-2015-3306.md +++ b/2015/CVE-2015-3306.md @@ -45,6 +45,7 @@ The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write t - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/ebantula/eHacking_LABS - https://github.com/firatesatoglu/shodanSearch +- https://github.com/gauss77/LaboratoriosHack - https://github.com/hackarada/cve-2015-3306 - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/hktalent/TOP diff --git a/2015/CVE-2015-6748.md b/2015/CVE-2015-6748.md index de87cd4bc6..9dcab375f5 100644 --- a/2015/CVE-2015-6748.md +++ b/2015/CVE-2015-6748.md @@ -16,4 +16,5 @@ Cross-site scripting (XSS) vulnerability in jsoup before 1.8.3. - https://github.com/ARPSyndicate/cvemon - https://github.com/Anonymous-Phunter/PHunter - https://github.com/CGCL-codes/PHunter +- https://github.com/epicosy/VUL4J-59 diff --git a/2015/CVE-2015-7576.md b/2015/CVE-2015-7576.md index 1d067c447e..56f4df9b05 100644 --- a/2015/CVE-2015-7576.md +++ b/2015/CVE-2015-7576.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/bibin-paul-trustme/ruby_repo - https://github.com/jasnow/585-652-ruby-advisory-db - https://github.com/rubysec/ruby-advisory-db - https://github.com/zhangyongbo100/-Ruby-dl-handle.c-CVE-2009-5147- diff --git a/2015/CVE-2015-7581.md b/2015/CVE-2015-7581.md index 7e958154d1..ee2432916b 100644 --- a/2015/CVE-2015-7581.md +++ b/2015/CVE-2015-7581.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/bibin-paul-trustme/ruby_repo - https://github.com/jasnow/585-652-ruby-advisory-db - https://github.com/rubysec/ruby-advisory-db - https://github.com/zhangyongbo100/-Ruby-dl-handle.c-CVE-2009-5147- diff --git a/2016/CVE-2016-0117.md b/2016/CVE-2016-0117.md index 0181dbe359..ac1cc93722 100644 --- a/2016/CVE-2016-0117.md +++ b/2016/CVE-2016-0117.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/0xCyberY/CVE-T4PDF - https://github.com/ARPSyndicate/cvemon - https://github.com/datntsec/WINDOWS-10-SEGMENT-HEAP-INTERNALS +- https://github.com/ernestang98/win-exploits diff --git a/2016/CVE-2016-0751.md b/2016/CVE-2016-0751.md index 996f9b7928..e8213a1d6c 100644 --- a/2016/CVE-2016-0751.md +++ b/2016/CVE-2016-0751.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/bibin-paul-trustme/ruby_repo - https://github.com/jasnow/585-652-ruby-advisory-db - https://github.com/rubysec/ruby-advisory-db - https://github.com/vulsio/go-cve-dictionary diff --git a/2016/CVE-2016-0752.md b/2016/CVE-2016-0752.md index c6c2611819..f2f82fb618 100644 --- a/2016/CVE-2016-0752.md +++ b/2016/CVE-2016-0752.md @@ -18,6 +18,7 @@ Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22. - https://github.com/NzKoff/shift_summer_2019 - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +- https://github.com/bibin-paul-trustme/ruby_repo - https://github.com/dachidahu/CVE-2016-0752 - https://github.com/forced-request/rails-rce-cve-2016-0752 - https://github.com/jasnow/585-652-ruby-advisory-db diff --git a/2016/CVE-2016-5678.md b/2016/CVE-2016-5678.md index a05b037af7..5cd1d152c5 100644 --- a/2016/CVE-2016-5678.md +++ b/2016/CVE-2016-5678.md @@ -14,5 +14,5 @@ NUUO NVRmini 2 1.0.0 through 3.0.0 and NUUO NVRsolo 1.0.0 through 3.0.0 have har - https://www.exploit-db.com/exploits/40200/ #### Github -No PoCs found on GitHub currently. +- https://github.com/xssec/xshodan diff --git a/2017/CVE-2017-4905.md b/2017/CVE-2017-4905.md index 7ab5a890ad..b861f5d8f8 100644 --- a/2017/CVE-2017-4905.md +++ b/2017/CVE-2017-4905.md @@ -16,4 +16,5 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/ernestang98/win-exploits diff --git a/2017/CVE-2017-6090.md b/2017/CVE-2017-6090.md index f60e673ded..71620b9b3d 100644 --- a/2017/CVE-2017-6090.md +++ b/2017/CVE-2017-6090.md @@ -17,5 +17,6 @@ Unrestricted file upload vulnerability in clients/editclient.php in PhpCollab 2. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/asaotomo/FofaMap - https://github.com/jlk/exploit-CVE-2017-6090 diff --git a/2018/CVE-2018-17463.md b/2018/CVE-2018-17463.md index f42555e8b4..cf316a5097 100644 --- a/2018/CVE-2018-17463.md +++ b/2018/CVE-2018-17463.md @@ -18,6 +18,7 @@ Incorrect side effect annotation in V8 in Google Chrome prior to 70.0.3538.64 al - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/Uniguri/CVE-1day - https://github.com/changelog2020/JSEChalls +- https://github.com/ernestang98/win-exploits - https://github.com/hwiwonl/dayone - https://github.com/jhalon/CVE-2018-17463 - https://github.com/kdmarti2/CVE-2018-17463 diff --git a/2018/CVE-2018-20250.md b/2018/CVE-2018-20250.md index f2cc9d4136..1b7b6deef5 100644 --- a/2018/CVE-2018-20250.md +++ b/2018/CVE-2018-20250.md @@ -83,6 +83,7 @@ In WinRAR versions prior to and including 5.61, There is path traversal vulnerab - https://github.com/eastmountyxz/NetworkSecuritySelf-study - https://github.com/eastmountyxz/SystemSecurity-ReverseAnalysis - https://github.com/githuberxu/Safety-Books +- https://github.com/gnusec/soapffzblogposts_backup - https://github.com/googleprojectzero/winafl - https://github.com/gyaansastra/Red-Team-Toolkit - https://github.com/hardik05/winafl-powermopt diff --git a/2018/CVE-2018-9948.md b/2018/CVE-2018-9948.md index 982baa06c2..2aa285950b 100644 --- a/2018/CVE-2018-9948.md +++ b/2018/CVE-2018-9948.md @@ -15,6 +15,7 @@ This vulnerability allows remote attackers to disclose sensitive information on #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/ernestang98/win-exploits - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/manojcode/Foxit-Reader-RCE-with-virualalloc-and-shellcode-for-CVE-2018-9948-and-CVE-2018-9958 - https://github.com/orangepirate/cve-2018-9948-9958-exp diff --git a/2018/CVE-2018-9958.md b/2018/CVE-2018-9958.md index 566c459ed9..657ed74d38 100644 --- a/2018/CVE-2018-9958.md +++ b/2018/CVE-2018-9958.md @@ -17,6 +17,7 @@ This vulnerability allows remote attackers to execute arbitrary code on vulnerab #### Github - https://github.com/0xT11/CVE-POC - https://github.com/ARPSyndicate/cvemon +- https://github.com/ernestang98/win-exploits - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/manojcode/Foxit-Reader-RCE-with-virualalloc-and-shellcode-for-CVE-2018-9948-and-CVE-2018-9958 - https://github.com/t3rabyt3-zz/CVE-2018-9958--Exploit diff --git a/2019/CVE-2019-0567.md b/2019/CVE-2019-0567.md index 36d2284d36..5209637fab 100644 --- a/2019/CVE-2019-0567.md +++ b/2019/CVE-2019-0567.md @@ -20,6 +20,7 @@ A remote code execution vulnerability exists in the way that the Chakra scriptin - https://github.com/EanNewton/Awesome-Reading-List - https://github.com/NatteeSetobol/Chakra-CVE-2019-0567 - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/ernestang98/win-exploits - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/lnick2023/nicenice - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2019/CVE-2019-11358.md b/2019/CVE-2019-11358.md index e641d46082..ee4109ad9f 100644 --- a/2019/CVE-2019-11358.md +++ b/2019/CVE-2019-11358.md @@ -3134,6 +3134,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/harshidk/MilleniumFalcons2022-2023OLD - https://github.com/harshidk/viperftclibrary-cpp - https://github.com/hashgupta/StaticDischargeCode +- https://github.com/hatchetAx/14887FTC - https://github.com/hatchetAxing/14887FTC - https://github.com/heatedmonkeytrousers/powerplay - https://github.com/heavydriver/ftc_jasper diff --git a/2019/CVE-2019-13764.md b/2019/CVE-2019-13764.md index ddfb3e0896..323b183461 100644 --- a/2019/CVE-2019-13764.md +++ b/2019/CVE-2019-13764.md @@ -20,6 +20,7 @@ No PoCs from references. - https://github.com/KotenAngered/ZTE-Blade-A5-2019-Nae-Nae-List - https://github.com/OpposedDeception/ZTE-Blade-A5-2019-Nae-Nae-List - https://github.com/Self-Study-Committee/Skr_Learning +- https://github.com/ernestang98/win-exploits - https://github.com/jfmcoronel/eevee - https://github.com/sslab-gatech/DIE - https://github.com/taielab/awesome-hacking-lists diff --git a/2019/CVE-2019-13768.md b/2019/CVE-2019-13768.md index b6d6b084b2..7f731cb360 100644 --- a/2019/CVE-2019-13768.md +++ b/2019/CVE-2019-13768.md @@ -16,6 +16,7 @@ No PoCs from references. - https://github.com/ARPSyndicate/cvemon - https://github.com/ZwCreatePhoton/CVE-2019-5782_CVE-2019-13768 - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/ernestang98/win-exploits - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/wh1ant/vulnjs - https://github.com/yuvaly0/exploits diff --git a/2019/CVE-2019-18683.md b/2019/CVE-2019-18683.md index 207d596ab5..e1fdc3dfa5 100644 --- a/2019/CVE-2019-18683.md +++ b/2019/CVE-2019-18683.md @@ -22,6 +22,7 @@ An issue was discovered in drivers/media/platform/vivid in the Linux kernel thro - https://github.com/IdanBanani/Linux-Kernel-VR-Exploitation - https://github.com/Limesss/cve-2019-18683 - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/fkie-cad/nvd-json-data-feeds - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/kdn111/linux-kernel-exploitation - https://github.com/khanhdn111/linux-kernel-exploitation diff --git a/2020/CVE-2020-0674.md b/2020/CVE-2020-0674.md index a0775d8980..704b38a9fb 100644 --- a/2020/CVE-2020-0674.md +++ b/2020/CVE-2020-0674.md @@ -49,6 +49,7 @@ A remote code execution vulnerability exists in the way that the scripting engin - https://github.com/binaryfigments/CVE-2020-0674 - https://github.com/cyberanand1337x/bug-bounty-2022 - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/ernestang98/win-exploits - https://github.com/forrest-orr/DoubleStar - https://github.com/hasee2018/Penetration_Testing_POC - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2020/CVE-2020-0796.md b/2020/CVE-2020-0796.md index 1ffc6d7d67..d94a5d8d2f 100644 --- a/2020/CVE-2020-0796.md +++ b/2020/CVE-2020-0796.md @@ -209,6 +209,7 @@ A remote code execution vulnerability exists in the way that the Microsoft Serve - https://github.com/gabimarti/SMBScanner - https://github.com/giterlizzi/secdb-feeds - https://github.com/githuberxu/Safety-Books +- https://github.com/gnusec/soapffzblogposts_backup - https://github.com/h7ml/h7ml - https://github.com/hack-parthsharma/WinPwn - https://github.com/halsten/CVE-2020-0796 diff --git a/2020/CVE-2020-16040.md b/2020/CVE-2020-16040.md index d70ed68aaf..8a7d084893 100644 --- a/2020/CVE-2020-16040.md +++ b/2020/CVE-2020-16040.md @@ -21,6 +21,7 @@ Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowe - https://github.com/anvbis/chrome_v8_ndays - https://github.com/anvbis/trivialize - https://github.com/dongAxis/to_be_a_v8_master +- https://github.com/ernestang98/win-exploits - https://github.com/hktalent/bug-bounty - https://github.com/joydo/CVE-Writeups - https://github.com/maldev866/ChExp_CVE_2020_16040 diff --git a/2020/CVE-2020-6368.md b/2020/CVE-2020-6368.md new file mode 100644 index 0000000000..19089be115 --- /dev/null +++ b/2020/CVE-2020-6368.md @@ -0,0 +1,17 @@ +### [CVE-2020-6368](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6368) +![](https://img.shields.io/static/v1?label=Product&message=SAP%20Business%20Planning%20and%20Consolidation&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C750%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Cross%20Site%20Scripting&color=brighgreen) + +### Description + +SAP Business Planning and Consolidation, versions - 750, 751, 752, 753, 754, 755, 810, 100, 200, can be abused by an attacker, allowing them to modify displayed application content without authorization, and to potentially obtain authentication information from other legitimate users, leading to Cross Site Scripting. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ernestang98/win-exploits + diff --git a/2021/CVE-2021-26084.md b/2021/CVE-2021-26084.md index 08b6952dbe..057edf42ef 100644 --- a/2021/CVE-2021-26084.md +++ b/2021/CVE-2021-26084.md @@ -71,6 +71,7 @@ In affected versions of Confluence Server and Data Center, an OGNL injection vul - https://github.com/S3cur3Th1sSh1t/Pentest-Tools - https://github.com/SYRTI/POC_to_review - https://github.com/Sma11New/PocList +- https://github.com/SummerSec/SpringExploit - https://github.com/TesterCC/exp_poc_library - https://github.com/TheclaMcentire/CVE-2021-26084_Confluence - https://github.com/Threekiii/Awesome-POC diff --git a/2021/CVE-2021-33564.md b/2021/CVE-2021-33564.md index 3f9ec18657..1ff5ec2a82 100644 --- a/2021/CVE-2021-33564.md +++ b/2021/CVE-2021-33564.md @@ -27,6 +27,7 @@ An argument injection vulnerability in the Dragonfly gem before 1.4.0 for Ruby a - https://github.com/markevans/dragonfly - https://github.com/mlr0p/CVE-2021-33564 - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/rodolfomarianocy/OSCP-Tricks-2023 - https://github.com/soosmile/POC - https://github.com/trhacknon/Pocingit - https://github.com/zecool/cve diff --git a/2021/CVE-2021-34473.md b/2021/CVE-2021-34473.md index 3462e293eb..cf4db9c306 100644 --- a/2021/CVE-2021-34473.md +++ b/2021/CVE-2021-34473.md @@ -33,6 +33,7 @@ Microsoft Exchange Server Remote Code Execution Vulnerability - https://github.com/CVEDB/PoC-List - https://github.com/CVEDB/awesome-cve-repo - https://github.com/CVEDB/top +- https://github.com/Dheerajmadhukar/karma_v2 - https://github.com/DiedB/caldera-precomp - https://github.com/FDlucifer/Proxy-Attackchain - https://github.com/GhostTroops/TOP diff --git a/2021/CVE-2021-38003.md b/2021/CVE-2021-38003.md index 7a66432ee6..86226c25f0 100644 --- a/2021/CVE-2021-38003.md +++ b/2021/CVE-2021-38003.md @@ -18,6 +18,7 @@ No PoCs from references. - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/SpiralBL0CK/Chrome-V8-RCE-CVE-2021-38003 - https://github.com/anvbis/chrome_v8_ndays +- https://github.com/ernestang98/win-exploits - https://github.com/kestryix/tisc-2023-writeups - https://github.com/numencyber/Vulnerability_PoC - https://github.com/wh1ant/vulnjs diff --git a/2021/CVE-2021-43798.md b/2021/CVE-2021-43798.md index 28e4ac7b4f..a2173c2595 100644 --- a/2021/CVE-2021-43798.md +++ b/2021/CVE-2021-43798.md @@ -77,6 +77,7 @@ Grafana is an open-source platform for monitoring and observability. Grafana ver - https://github.com/anonymous364872/Rapier_Tool - https://github.com/apif-review/APIF_tool_2024 - https://github.com/asaotomo/CVE-2021-43798-Grafana-Exp +- https://github.com/asaotomo/FofaMap - https://github.com/aymenbouferroum/CVE-2021-43798_exploit - https://github.com/b4zinga/Raphael - https://github.com/bigblackhat/oFx diff --git a/2022/CVE-2022-0149.md b/2022/CVE-2022-0149.md index 26799605a3..921555f374 100644 --- a/2022/CVE-2022-0149.md +++ b/2022/CVE-2022-0149.md @@ -15,4 +15,5 @@ The WooCommerce Stored Exporter WordPress plugin before 2.7.1 was affected by a #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/asaotomo/FofaMap diff --git a/2022/CVE-2022-1134.md b/2022/CVE-2022-1134.md index 28fcc24a0f..cfbd1e931a 100644 --- a/2022/CVE-2022-1134.md +++ b/2022/CVE-2022-1134.md @@ -13,5 +13,5 @@ Type confusion in V8 in Google Chrome prior to 100.0.4896.60 allowed a remote at - http://packetstormsecurity.com/files/172851/Chrome-Renderer-Type-Confusion-Remote-Code-Execution.html #### Github -No PoCs found on GitHub currently. +- https://github.com/ernestang98/win-exploits diff --git a/2022/CVE-2022-1388.md b/2022/CVE-2022-1388.md index 3bf62f6197..9a49fae77e 100644 --- a/2022/CVE-2022-1388.md +++ b/2022/CVE-2022-1388.md @@ -78,6 +78,7 @@ On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5. - https://github.com/Stonzyy/Exploit-F5-CVE-2022-1388 - https://github.com/Str1am/my-nuclei-templates - https://github.com/SudeepaShiranthaka/F5-BIG-IP-Remote-Code-Execution-Vulnerability-CVE-2022-1388-A-Case-Study +- https://github.com/SummerSec/SpringExploit - https://github.com/Threekiii/Awesome-POC - https://github.com/TomArni680/CVE-2022-1388-POC - https://github.com/TomArni680/CVE-2022-1388-RCE diff --git a/2022/CVE-2022-22947.md b/2022/CVE-2022-22947.md index aede5d5bc8..b0b3dd1812 100644 --- a/2022/CVE-2022-22947.md +++ b/2022/CVE-2022-22947.md @@ -74,6 +74,7 @@ In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are v - https://github.com/Sec-Fork/mullet2 - https://github.com/SiJiDo/CVE-2022-22947 - https://github.com/Summer177/Spring-Cloud-Gateway-CVE-2022-22947 +- https://github.com/SummerSec/SpringExploit - https://github.com/SummerSec/learning-codeql - https://github.com/Tas9er/SpringCloudGatewayRCE - https://github.com/Threekiii/Awesome-Exploit diff --git a/2022/CVE-2022-22963.md b/2022/CVE-2022-22963.md index 81cf65bba6..709f71730e 100644 --- a/2022/CVE-2022-22963.md +++ b/2022/CVE-2022-22963.md @@ -68,6 +68,7 @@ In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, w - https://github.com/SirElmard/ethical_hacking - https://github.com/SnailDev/github-hot-hub - https://github.com/SourM1lk/CVE-2022-22963-Exploit +- https://github.com/SummerSec/SpringExploit - https://github.com/Threekiii/Awesome-Exploit - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/Awesome-Redteam diff --git a/2022/CVE-2022-22965.md b/2022/CVE-2022-22965.md index 065306f309..b43bd434d6 100644 --- a/2022/CVE-2022-22965.md +++ b/2022/CVE-2022-22965.md @@ -97,6 +97,7 @@ A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable t - https://github.com/Snip3R69/spring-shell-vuln - https://github.com/Sparrow-Co-Ltd/real_cve_examples - https://github.com/SummerSec/BlogPapers +- https://github.com/SummerSec/SpringExploit - https://github.com/SummerSec/SummerSec - https://github.com/TheGejr/SpringShell - https://github.com/Threekiii/Awesome-Exploit diff --git a/2022/CVE-2022-26134.md b/2022/CVE-2022-26134.md index 2833fdf255..d61a635dfd 100644 --- a/2022/CVE-2022-26134.md +++ b/2022/CVE-2022-26134.md @@ -48,6 +48,7 @@ In affected versions of Confluence Server and Data Center, an OGNL injection vul - https://github.com/CatAnnaDev/CVE-2022-26134 - https://github.com/Chocapikk/CVE-2022-26134 - https://github.com/ColdFusionX/CVE-2022-26134 +- https://github.com/CuriousLearnerDev/Full-Scanner - https://github.com/CyberDonkyx0/CVE-2022-26134 - https://github.com/DARKSTUFF-LAB/-CVE-2022-26134 - https://github.com/DallasWmk/censys_takehome @@ -88,6 +89,7 @@ In affected versions of Confluence Server and Data Center, an OGNL injection vul - https://github.com/Sakura-nee/CVE-2022-26134 - https://github.com/SirElmard/ethical_hacking - https://github.com/StarCrossPortal/scalpel +- https://github.com/SummerSec/SpringExploit - https://github.com/Sylon001/Common-tool - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/Awesome-Redteam diff --git a/2022/CVE-2022-28739.md b/2022/CVE-2022-28739.md index 1bd99b0ece..85d9f84d79 100644 --- a/2022/CVE-2022-28739.md +++ b/2022/CVE-2022-28739.md @@ -16,6 +16,7 @@ There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x befor #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/bibin-paul-trustme/ruby_repo - https://github.com/jasnow/585-652-ruby-advisory-db - https://github.com/lifeparticle/Ruby-Cheatsheet - https://github.com/rubysec/ruby-advisory-db diff --git a/2022/CVE-2022-4968.md b/2022/CVE-2022-4968.md new file mode 100644 index 0000000000..8fd644bf39 --- /dev/null +++ b/2022/CVE-2022-4968.md @@ -0,0 +1,17 @@ +### [CVE-2022-4968](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4968) +![](https://img.shields.io/static/v1?label=Product&message=Netplan&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=0%3C%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-200&color=brighgreen) + +### Description + +netplan leaks the private key of wireguard to local users. A security fix will be released soon. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2023/CVE-2023-0098.md b/2023/CVE-2023-0098.md new file mode 100644 index 0000000000..0375934e32 --- /dev/null +++ b/2023/CVE-2023-0098.md @@ -0,0 +1,17 @@ +### [CVE-2023-0098](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0098) +![](https://img.shields.io/static/v1?label=Product&message=Simple%20URLs&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=0%3C%20115%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +The Simple URLs WordPress plugin before 115 does not escape some parameters before using them in various SQL statements used by AJAX actions available by any authenticated users, leading to a SQL injection exploitable by low privilege users such as subscriber. + +### POC + +#### Reference +- https://wpscan.com/vulnerability/db0b3275-40df-404e-aa8d-53558f0122d8 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-0841.md b/2023/CVE-2023-0841.md index a01c3e0812..b8a0ce9a42 100644 --- a/2023/CVE-2023-0841.md +++ b/2023/CVE-2023-0841.md @@ -10,6 +10,7 @@ A vulnerability, which was classified as critical, has been found in GPAC 2.3-DE ### POC #### Reference +- https://github.com/gpac/gpac/issues/2396 - https://github.com/qianshuidewajueji/poc/blob/main/gpac/mp3_dmx_process_poc3 #### Github diff --git a/2023/CVE-2023-20938.md b/2023/CVE-2023-20938.md new file mode 100644 index 0000000000..9db9f3fbd3 --- /dev/null +++ b/2023/CVE-2023-20938.md @@ -0,0 +1,17 @@ +### [CVE-2023-20938](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20938) +![](https://img.shields.io/static/v1?label=Product&message=Android&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20privilege&color=brighgreen) + +### Description + +In binder_transaction_buffer_release of binder.c, there is a possible use after free due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-257685302References: Upstream kernel + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/IamAlch3mist/Awesome-Android-Vulnerability-Research + diff --git a/2023/CVE-2023-22795.md b/2023/CVE-2023-22795.md index 3a4c2d45bf..3cb016a8e0 100644 --- a/2023/CVE-2023-22795.md +++ b/2023/CVE-2023-22795.md @@ -13,6 +13,7 @@ A regular expression based DoS vulnerability in Action Dispatch <6.1.7.1 and <7. No PoCs from references. #### Github +- https://github.com/bibin-paul-trustme/ruby_repo - https://github.com/jasnow/585-652-ruby-advisory-db - https://github.com/rubysec/ruby-advisory-db diff --git a/2023/CVE-2023-26484.md b/2023/CVE-2023-26484.md new file mode 100644 index 0000000000..67f70b8d33 --- /dev/null +++ b/2023/CVE-2023-26484.md @@ -0,0 +1,17 @@ +### [CVE-2023-26484](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26484) +![](https://img.shields.io/static/v1?label=Product&message=kubevirt&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%3D%200.59.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-863%3A%20Incorrect%20Authorization&color=brighgreen) + +### Description + +KubeVirt is a virtual machine management add-on for Kubernetes. In versions 0.59.0 and prior, if a malicious user has taken over a Kubernetes node where virt-handler (the KubeVirt node-daemon) is running, the virt-handler service account can be used to modify all node specs. This can be misused to lure-in system-level-privileged components which can, for instance, read all secrets on the cluster, or can exec into pods on other nodes. This way, a compromised node can be used to elevate privileges beyond the node until potentially having full privileged access to the whole cluster. The simplest way to exploit this, once a user could compromise a specific node, is to set with the virt-handler service account all other nodes to unschedulable and simply wait until system-critical components with high privileges appear on its node. No patches are available as of time of publication. As a workaround, gatekeeper users can add a webhook which will block the `virt-handler` service account to modify the spec of a node. + +### POC + +#### Reference +- https://github.com/kubevirt/kubevirt/issues/9109 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-26756.md b/2023/CVE-2023-26756.md index 5a8797962c..cb776c6f29 100644 --- a/2023/CVE-2023-26756.md +++ b/2023/CVE-2023-26756.md @@ -12,6 +12,7 @@ #### Reference - https://googleinformationsworld.blogspot.com/2023/04/revive-adserver-541-vulnerable-to-brute.html - https://www.esecforte.com/login-page-brute-force-attack/ +- https://www.revive-adserver.com/security/response-to-cve-2023-26756/ #### Github No PoCs found on GitHub currently. diff --git a/2023/CVE-2023-27652.md b/2023/CVE-2023-27652.md new file mode 100644 index 0000000000..2377af8550 --- /dev/null +++ b/2023/CVE-2023-27652.md @@ -0,0 +1,17 @@ +### [CVE-2023-27652](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27652) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue found in Ego Studio SuperClean v.1.1.9 and v.1.1.5 allows an attacker to gain privileges cause a denial of service via the update_info field of the _default_.xml file. + +### POC + +#### Reference +- https://github.com/LianKee/SODA/blob/main/CVEs/CVE-2023-27652/CVE%20detail.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-29747.md b/2023/CVE-2023-29747.md new file mode 100644 index 0000000000..9be62bd49d --- /dev/null +++ b/2023/CVE-2023-29747.md @@ -0,0 +1,17 @@ +### [CVE-2023-29747](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29747) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Story Saver for Instragram - Video Downloader 1.0.6 for Android exists exposed component, the component provides the method to modify the SharedPreference file. The attacker can use the method to modify the data in any SharedPreference file, these data will be loaded into the memory when the application is opened. Depending on how the data is used, this can result in various attack consequences, such as ad display exceptions. + +### POC + +#### Reference +- https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29747/CVE%20detail.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-29751.md b/2023/CVE-2023-29751.md new file mode 100644 index 0000000000..2835f61766 --- /dev/null +++ b/2023/CVE-2023-29751.md @@ -0,0 +1,17 @@ +### [CVE-2023-29751](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29751) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue found in Yandex Navigator v.6.60 for Android allows unauthorized apps to cause a persistent denial of service by manipulating the SharedPreference files. + +### POC + +#### Reference +- https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29751/CVE%20detailed.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-29758.md b/2023/CVE-2023-29758.md new file mode 100644 index 0000000000..77b9a58e7a --- /dev/null +++ b/2023/CVE-2023-29758.md @@ -0,0 +1,17 @@ +### [CVE-2023-29758](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29758) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue found in Blue Light Filter v.1.5.5 for Android allows unauthorized apps to cause a persistent denial of service by manipulating the SharedPreference files. + +### POC + +#### Reference +- https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29758/CVE%20detailed.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-29767.md b/2023/CVE-2023-29767.md new file mode 100644 index 0000000000..70fb8de49a --- /dev/null +++ b/2023/CVE-2023-29767.md @@ -0,0 +1,17 @@ +### [CVE-2023-29767](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29767) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue found in CrossX v.1.15.3 for Android allows a local attacker to cause a persistent denial of service via the database files. + +### POC + +#### Reference +- https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29767/CVE%20detailed.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-31468.md b/2023/CVE-2023-31468.md index 95763d8018..b04cc56359 100644 --- a/2023/CVE-2023-31468.md +++ b/2023/CVE-2023-31468.md @@ -11,7 +11,9 @@ An issue was discovered in Inosoft VisiWin 7 through 2022-2.1 (Runtime RT7.3 RC3 #### Reference - http://packetstormsecurity.com/files/174268/Inosoft-VisiWin-7-2022-2.1-Insecure-Permissions-Privilege-Escalation.html +- https://www.cisa.gov/news-events/ics-advisories/icsa-24-151-03 - https://www.exploit-db.com/exploits/51682 +- https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H #### Github No PoCs found on GitHub currently. diff --git a/2023/CVE-2023-31492.md b/2023/CVE-2023-31492.md index 09654b8eea..b4a4f2b26b 100644 --- a/2023/CVE-2023-31492.md +++ b/2023/CVE-2023-31492.md @@ -11,6 +11,7 @@ Zoho ManageEngine ADManager Plus version 7182 and prior disclosed the default pa #### Reference - http://packetstormsecurity.com/files/177091/ManageEngine-ADManager-Plus-Recovery-Password-Disclosure.html +- https://github.com/passtheticket/vulnerability-research/blob/main/manage-engine-apps/admanager-recovery-password-disclosure.md #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2023/CVE-2023-36121.md b/2023/CVE-2023-36121.md index e88a5144a2..8a637ec252 100644 --- a/2023/CVE-2023-36121.md +++ b/2023/CVE-2023-36121.md @@ -10,6 +10,7 @@ Cross Site Scripting vulnerability in e107 v.2.3.2 allows a remote attacker to e ### POC #### Reference +- https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/e107%20v2.3.2.md - https://www.chtsecurity.com/news/0a4743a5-491e-4685-95ee-df8316ab5284 - https://www.exploit-db.com/exploits/51449 diff --git a/2023/CVE-2023-36644.md b/2023/CVE-2023-36644.md index 19ae41b49e..d303084d85 100644 --- a/2023/CVE-2023-36644.md +++ b/2023/CVE-2023-36644.md @@ -10,7 +10,7 @@ Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to r ### POC #### Reference -No PoCs from references. +- https://github.com/caffeinated-labs/CVE-2023-36644 #### Github - https://github.com/caffeinated-labs/CVE-2023-36644 diff --git a/2023/CVE-2023-3797.md b/2023/CVE-2023-3797.md new file mode 100644 index 0000000000..63f0965254 --- /dev/null +++ b/2023/CVE-2023-3797.md @@ -0,0 +1,17 @@ +### [CVE-2023-3797](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3797) +![](https://img.shields.io/static/v1?label=Product&message=Four%20Mountain%20Torrent%20Disaster%20Prevention%20and%20Control%20of%20Monitoring%20and%20Early%20Warning%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%2020230712%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload&color=brighgreen) + +### Description + +A vulnerability, which was classified as critical, was found in Gen Technology Four Mountain Torrent Disaster Prevention and Control of Monitoring and Early Warning System up to 20230712. This affects an unknown part of the file /Duty/AjaxHandle/UploadFloodPlanFileUpdate.ashx. The manipulation of the argument Filedata leads to unrestricted upload. The exploit has been disclosed to the public and may be used. The identifier VDB-235065 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. + +### POC + +#### Reference +- https://github.com/segonse/cve/blob/main/sichuang/sichuang.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-3798.md b/2023/CVE-2023-3798.md new file mode 100644 index 0000000000..21100b0164 --- /dev/null +++ b/2023/CVE-2023-3798.md @@ -0,0 +1,17 @@ +### [CVE-2023-3798](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3798) +![](https://img.shields.io/static/v1?label=Product&message=Flash%20Flood%20Disaster%20Monitoring%20and%20Warning%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%202.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload&color=brighgreen) + +### Description + +A vulnerability has been found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0 and classified as critical. This vulnerability affects unknown code of the file /App_Resource/UEditor/server/upload.aspx. The manipulation of the argument file leads to unrestricted upload. The exploit has been disclosed to the public and may be used. VDB-235066 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. + +### POC + +#### Reference +- https://github.com/RCEraser/cve/blob/main/wanjiang.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-3802.md b/2023/CVE-2023-3802.md index e8a788e61e..dae2623a4c 100644 --- a/2023/CVE-2023-3802.md +++ b/2023/CVE-2023-3802.md @@ -10,6 +10,7 @@ A vulnerability was found in Chengdu Flash Flood Disaster Monitoring and Warning ### POC #### Reference +- https://github.com/GUIqizsq/cve/blob/main/upload_1.md - https://vuldb.com/?id.235070 #### Github diff --git a/2023/CVE-2023-3804.md b/2023/CVE-2023-3804.md new file mode 100644 index 0000000000..bb318bb30b --- /dev/null +++ b/2023/CVE-2023-3804.md @@ -0,0 +1,17 @@ +### [CVE-2023-3804](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3804) +![](https://img.shields.io/static/v1?label=Product&message=Flash%20Flood%20Disaster%20Monitoring%20and%20Warning%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%202.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload&color=brighgreen) + +### Description + +A vulnerability classified as problematic was found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This vulnerability affects unknown code of the file /Service/FileHandler.ashx. The manipulation of the argument userFile leads to unrestricted upload. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-235072. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. + +### POC + +#### Reference +- https://github.com/yueying638/cve/blob/main/upload.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-38870.md b/2023/CVE-2023-38870.md new file mode 100644 index 0000000000..e6c8ed0e61 --- /dev/null +++ b/2023/CVE-2023-38870.md @@ -0,0 +1,17 @@ +### [CVE-2023-38870](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38870) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A SQL injection vulnerability exists in gugoan Economizzer commit 3730880 (April 2023) and v.0.9-beta1. The cash book has a feature to list accomplishments by category, and the 'category_id' parameter is vulnerable to SQL Injection. + +### POC + +#### Reference +- https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38870 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-38872.md b/2023/CVE-2023-38872.md new file mode 100644 index 0000000000..c374248735 --- /dev/null +++ b/2023/CVE-2023-38872.md @@ -0,0 +1,17 @@ +### [CVE-2023-38872](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38872) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An Insecure Direct Object Reference (IDOR) vulnerability in gugoan Economizzer commit 3730880 (April 2023) and v.0.9-beta1 allows any unauthenticated attacker to access cash book entry attachments of any other user, if they know the Id of the attachment. + +### POC + +#### Reference +- https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38872 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-38874.md b/2023/CVE-2023-38874.md new file mode 100644 index 0000000000..1b1d8de573 --- /dev/null +++ b/2023/CVE-2023-38874.md @@ -0,0 +1,17 @@ +### [CVE-2023-38874](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38874) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A remote code execution (RCE) vulnerability via an insecure file upload exists in gugoan's Economizzer v.0.9-beta1 and commit 3730880 (April 2023). A malicious attacker can upload a PHP web shell as an attachment when adding a new cash book entry. Afterwards, the attacker may visit the web shell and execute arbitrary commands. + +### POC + +#### Reference +- https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38874 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-38876.md b/2023/CVE-2023-38876.md new file mode 100644 index 0000000000..68bcd82159 --- /dev/null +++ b/2023/CVE-2023-38876.md @@ -0,0 +1,17 @@ +### [CVE-2023-38876](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38876) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A reflected cross-site scripting (XSS) vulnerability in msaad1999's PHP-Login-System 2.0.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'selector' parameter in '/reset-password'. + +### POC + +#### Reference +- https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38876 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-38879.md b/2023/CVE-2023-38879.md new file mode 100644 index 0000000000..cea822f5e2 --- /dev/null +++ b/2023/CVE-2023-38879.md @@ -0,0 +1,17 @@ +### [CVE-2023-38879](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38879) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +The Community Edition version 9.0 of OS4ED's openSIS Classic allows remote attackers to read arbitrary files via a directory traversal vulnerability in the 'filename' parameter of 'DownloadWindow.php'. + +### POC + +#### Reference +- https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38879 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-38882.md b/2023/CVE-2023-38882.md new file mode 100644 index 0000000000..503beff678 --- /dev/null +++ b/2023/CVE-2023-38882.md @@ -0,0 +1,17 @@ +### [CVE-2023-38882](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38882) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A reflected cross-site scripting (XSS) vulnerability in the Community Edition version 9.0 of OS4ED's openSIS Classic allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'include' parameter in 'ForExport.php' + +### POC + +#### Reference +- https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38882 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-38973.md b/2023/CVE-2023-38973.md new file mode 100644 index 0000000000..c4c9efc2b2 --- /dev/null +++ b/2023/CVE-2023-38973.md @@ -0,0 +1,17 @@ +### [CVE-2023-38973](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38973) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A stored cross-site scripting (XSS) vulnerability in the Add Tag function of Badaso v2.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title parameter. + +### POC + +#### Reference +- https://github.com/anh91/uasoft-indonesia--badaso/blob/main/xss5.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-39551.md b/2023/CVE-2023-39551.md index 005618ec53..12741f0ab0 100644 --- a/2023/CVE-2023-39551.md +++ b/2023/CVE-2023-39551.md @@ -10,6 +10,7 @@ PHPGurukul Online Security Guards Hiring System v.1.0 is vulnerable to SQL Injec ### POC #### Reference +- https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/Online%20Security%20Guards%20Hiring%20System%201.0.md - https://www.chtsecurity.com/news/0dbe8e1d-0a6c-4604-9cf1-778ddc86a8c1 #### Github diff --git a/2023/CVE-2023-40280.md b/2023/CVE-2023-40280.md index 776dc90136..6d393de637 100644 --- a/2023/CVE-2023-40280.md +++ b/2023/CVE-2023-40280.md @@ -10,7 +10,7 @@ An issue was discovered in OpenClinic GA 5.247.01. An attacker can perform a dir ### POC #### Reference -No PoCs from references. +- https://github.com/BugBountyHunterCVE/CVE-2023-40280/blob/main/CVE-2023-40280_Authenticated-Directory-Path-Traversal_OpenClinic-GA_5.247.01_Report.md #### Github - https://github.com/BugBountyHunterCVE/CVE-2023-40280 diff --git a/2023/CVE-2023-41036.md b/2023/CVE-2023-41036.md index 22ab8ef762..0aa6144594 100644 --- a/2023/CVE-2023-41036.md +++ b/2023/CVE-2023-41036.md @@ -10,7 +10,7 @@ Macvim is a text editor for MacOS. Prior to version 178, Macvim makes use of an ### POC #### Reference -No PoCs from references. +- https://github.com/macvim-dev/macvim/security/advisories/GHSA-9jgj-jfwg-99fv #### Github - https://github.com/NaInSec/CVE-LIST diff --git a/2023/CVE-2023-41334.md b/2023/CVE-2023-41334.md index 8bd69f9a24..9503d4e9c7 100644 --- a/2023/CVE-2023-41334.md +++ b/2023/CVE-2023-41334.md @@ -10,7 +10,7 @@ Astropy is a project for astronomy in Python that fosters interoperability betwe ### POC #### Reference -No PoCs from references. +- https://github.com/astropy/astropy/security/advisories/GHSA-h2x6-5jx5-46hf #### Github - https://github.com/NaInSec/CVE-LIST diff --git a/2023/CVE-2023-41443.md b/2023/CVE-2023-41443.md new file mode 100644 index 0000000000..5d6f3b497c --- /dev/null +++ b/2023/CVE-2023-41443.md @@ -0,0 +1,17 @@ +### [CVE-2023-41443](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41443) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +SQL injection vulnerability in Novel-Plus v.4.1.0 allows a remote attacker to execute arbitrary code via a crafted script to the sort parameter in /sys/menu/list. + +### POC + +#### Reference +- https://github.com/Deng-JunFeng/cve-lists/tree/main/novel-plus/vuln + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-4165.md b/2023/CVE-2023-4165.md index e14465cba9..b610cd903c 100644 --- a/2023/CVE-2023-4165.md +++ b/2023/CVE-2023-4165.md @@ -10,7 +10,7 @@ A vulnerability, which was classified as critical, was found in Tongda OA. This ### POC #### Reference -No PoCs from references. +- https://github.com/nagenanhai/cve/blob/main/sql.md #### Github - https://github.com/d4n-sec/d4n-sec.github.io diff --git a/2023/CVE-2023-4171.md b/2023/CVE-2023-4171.md new file mode 100644 index 0000000000..b02e07647a --- /dev/null +++ b/2023/CVE-2023-4171.md @@ -0,0 +1,17 @@ +### [CVE-2023-4171](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4171) +![](https://img.shields.io/static/v1?label=Product&message=Flash%20Flood%20Disaster%20Monitoring%20and%20Warning%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%202.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-24%20Path%20Traversal%3A%20'..%2Ffiledir'&color=brighgreen) + +### Description + +A vulnerability classified as problematic was found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This vulnerability affects unknown code of the file \Service\FileDownload.ashx. The manipulation of the argument Files leads to path traversal: '../filedir'. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-236206 is the identifier assigned to this vulnerability. + +### POC + +#### Reference +- https://github.com/nagenanhai/cve/blob/main/duqu.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-42286.md b/2023/CVE-2023-42286.md new file mode 100644 index 0000000000..905e8bcd23 --- /dev/null +++ b/2023/CVE-2023-42286.md @@ -0,0 +1,17 @@ +### [CVE-2023-42286](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42286) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +There is a PHP file inclusion vulnerability in the template configuration of eyoucms v1.6.4, allowing attackers to execute code or system commands through a carefully crafted malicious payload. + +### POC + +#### Reference +- https://github.com/Nacl122/CVEReport/blob/main/CVE-2023-42286/CVE-2023-42286.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-4414.md b/2023/CVE-2023-4414.md index 0e94ab57c7..8d9e3fd0e8 100644 --- a/2023/CVE-2023-4414.md +++ b/2023/CVE-2023-4414.md @@ -10,7 +10,7 @@ A vulnerability was found in Byzoro Smart S85F Management Platform up to 2023080 ### POC #### Reference -No PoCs from references. +- https://github.com/RCEraser/cve/blob/main/S85F.md #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2023/CVE-2023-44253.md b/2023/CVE-2023-44253.md new file mode 100644 index 0000000000..73c192c8f8 --- /dev/null +++ b/2023/CVE-2023-44253.md @@ -0,0 +1,18 @@ +### [CVE-2023-44253](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44253) +![](https://img.shields.io/static/v1?label=Product&message=FortiAnalyzer&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=FortiManager&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=7.4.0%3C%3D%207.4.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20disclosure&color=brighgreen) + +### Description + +An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in Fortinet FortiManager version 7.4.0 through 7.4.1 and before 7.2.5, FortiAnalyzer version 7.4.0 through 7.4.1 and before 7.2.5 and FortiAnalyzer-BigData before 7.2.5 allows an adom administrator to enumerate other adoms and device names via crafted HTTP or HTTPS requests. + +### POC + +#### Reference +- https://github.com/orangecertcc/security-research/security/advisories/GHSA-25j8-69h7-83h2 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-44693.md b/2023/CVE-2023-44693.md index 5d5ff10eb8..93f8616065 100644 --- a/2023/CVE-2023-44693.md +++ b/2023/CVE-2023-44693.md @@ -10,7 +10,7 @@ D-Link Online behavior audit gateway DAR-7000 V31R02B1413C is vulnerable to SQL ### POC #### Reference -No PoCs from references. +- https://github.com/llixixi/cve/blob/main/D-LINK-DAR-7000_sql_%20importexport.md #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2023/CVE-2023-4543.md b/2023/CVE-2023-4543.md new file mode 100644 index 0000000000..6e44e08ddc --- /dev/null +++ b/2023/CVE-2023-4543.md @@ -0,0 +1,17 @@ +### [CVE-2023-4543](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4543) +![](https://img.shields.io/static/v1?label=Product&message=OA&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%204.5.5%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability was found in IBOS OA 4.5.5. It has been declared as critical. This vulnerability affects unknown code of the file ?r=recruit/contact/export&contactids=x. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-238048. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. + +### POC + +#### Reference +- https://github.com/spcck/cve/blob/main/sql.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-46012.md b/2023/CVE-2023-46012.md new file mode 100644 index 0000000000..3d73bcad9e --- /dev/null +++ b/2023/CVE-2023-46012.md @@ -0,0 +1,17 @@ +### [CVE-2023-46012](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46012) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Buffer Overflow vulnerability LINKSYS EA7500 3.0.1.207964 allows a remote attacker to execute arbitrary code via an HTTP request to the IGD UPnP. + +### POC + +#### Reference +- https://github.com/dest-3/CVE-2023-46012/tree/main + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-46060.md b/2023/CVE-2023-46060.md new file mode 100644 index 0000000000..35bb176fdf --- /dev/null +++ b/2023/CVE-2023-46060.md @@ -0,0 +1,17 @@ +### [CVE-2023-46060](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46060) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A Buffer Overflow vulnerability in Tenda AC500 v.2.0.1.9 allows a remote attacker to cause a denial of service via the port parameter at the goform/setVlanInfo component. + +### POC + +#### Reference +- https://github.com/peris-navince/founded-0-days/blob/main/Tenda/ac500/fromSetVlanInfo/1.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-46426.md b/2023/CVE-2023-46426.md new file mode 100644 index 0000000000..34139aabc9 --- /dev/null +++ b/2023/CVE-2023-46426.md @@ -0,0 +1,17 @@ +### [CVE-2023-46426](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46426) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Heap-based Buffer Overflow vulnerability in gpac version 2.3-DEV-rev588-g7edc40fee-master, allows remote attackers to execute arbitrary code and cause a denial of service (DoS) via gf_fwrite component in at utils/os_file.c. + +### POC + +#### Reference +- https://github.com/gpac/gpac/issues/2642 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-46427.md b/2023/CVE-2023-46427.md new file mode 100644 index 0000000000..07db69b1e4 --- /dev/null +++ b/2023/CVE-2023-46427.md @@ -0,0 +1,17 @@ +### [CVE-2023-46427](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46427) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in gpac version 2.3-DEV-rev588-g7edc40fee-master, allows remote attackers to execute arbitrary code, cause a denial of service (DoS), and obtain sensitive information via null pointer deference in gf_dash_setup_period component in media_tools/dash_client.c. + +### POC + +#### Reference +- https://github.com/gpac/gpac/issues/2641 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-46442.md b/2023/CVE-2023-46442.md index e9ab37ed7f..0c6eb0fd21 100644 --- a/2023/CVE-2023-46442.md +++ b/2023/CVE-2023-46442.md @@ -10,7 +10,7 @@ An infinite loop in the retrieveActiveBody function of Soot before v4.4.1 under ### POC #### Reference -No PoCs from references. +- https://github.com/JAckLosingHeart/CVE-2023-46442_POC/tree/main #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2023/CVE-2023-46694.md b/2023/CVE-2023-46694.md new file mode 100644 index 0000000000..598cbcc958 --- /dev/null +++ b/2023/CVE-2023-46694.md @@ -0,0 +1,17 @@ +### [CVE-2023-46694](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46694) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Vtenext 21.02 allows an authenticated attacker to upload arbitrary files, potentially enabling them to execute remote commands. This flaw exists due to the application's failure to enforce proper authentication controls when accessing the Ckeditor file manager functionality. + +### POC + +#### Reference +- https://github.com/invisiblebyte/CVE-2023-46694 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-46950.md b/2023/CVE-2023-46950.md index f31870f833..b355ba2cbf 100644 --- a/2023/CVE-2023-46950.md +++ b/2023/CVE-2023-46950.md @@ -10,7 +10,7 @@ Cross Site Scripting vulnerability in Contribsys Sidekiq v.6.5.8 allows a remote ### POC #### Reference -No PoCs from references. +- https://github.com/mhenrixon/sidekiq-unique-jobs/security/advisories/GHSA-cmh9-rx85-xj38 #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2023/CVE-2023-46951.md b/2023/CVE-2023-46951.md index 44e7bfaf4f..eea6dbe37f 100644 --- a/2023/CVE-2023-46951.md +++ b/2023/CVE-2023-46951.md @@ -10,7 +10,7 @@ Cross Site Scripting vulnerability in Contribsys Sidekiq v.6.5.8 allows a remote ### POC #### Reference -No PoCs from references. +- https://github.com/mhenrixon/sidekiq-unique-jobs/security/advisories/GHSA-cmh9-rx85-xj38 #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2023/CVE-2023-4850.md b/2023/CVE-2023-4850.md index d8665bfa10..304c6b24b0 100644 --- a/2023/CVE-2023-4850.md +++ b/2023/CVE-2023-4850.md @@ -10,6 +10,7 @@ A vulnerability, which was classified as critical, was found in IBOS OA 4.5.5. T ### POC #### Reference +- https://github.com/RCEraser/cve/blob/main/sql_inject_2.md - https://vuldb.com/?id.239259 #### Github diff --git a/2023/CVE-2023-48859.md b/2023/CVE-2023-48859.md new file mode 100644 index 0000000000..4c2ba22ccc --- /dev/null +++ b/2023/CVE-2023-48859.md @@ -0,0 +1,17 @@ +### [CVE-2023-48859](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48859) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +TOTOLINK A3002RU version 2.0.0-B20190902.1958 has a post-authentication RCE due to incorrect access control, allows attackers to bypass front-end security restrictions and execute arbitrary code. + +### POC + +#### Reference +- https://github.com/xieqiang11/security_research/blob/main/TOTOLINK-A3002RU-RCE.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-49275.md b/2023/CVE-2023-49275.md new file mode 100644 index 0000000000..40990c31e4 --- /dev/null +++ b/2023/CVE-2023-49275.md @@ -0,0 +1,17 @@ +### [CVE-2023-49275](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49275) +![](https://img.shields.io/static/v1?label=Product&message=wazuh&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3E%3D%203.2.0%2C%20%3C%204.7.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-476%3A%20NULL%20Pointer%20Dereference&color=brighgreen) + +### Description + +Wazuh is a free and open source platform used for threat prevention, detection, and response. A NULL pointer dereference was detected during fuzzing of the analysis engine, allowing malicious clients to DoS the analysis engine. The bug occurs when `analysisd` receives a syscollector message with the `hotfix` `msg_type` but lacking a `timestamp`. It uses `cJSON_GetObjectItem()` to get the `timestamp` object item and dereferences it without checking for a `NULL` value. A malicious client can DoS the analysis engine. This vulnerability is fixed in 4.7.1. + +### POC + +#### Reference +- https://github.com/wazuh/wazuh/security/advisories/GHSA-4mq7-w9r6-9975 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-49484.md b/2023/CVE-2023-49484.md new file mode 100644 index 0000000000..b3d2239976 --- /dev/null +++ b/2023/CVE-2023-49484.md @@ -0,0 +1,17 @@ +### [CVE-2023-49484](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49484) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Dreamer CMS v4.1.3 was discovered to contain a cross-site scripting (XSS) vulnerability in the article management department. + +### POC + +#### Reference +- https://github.com/jiaofj/cms/blob/main/There%20is%20a%20storage%20based%20XSS%20in%20the%20article%20management%20department.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-49550.md b/2023/CVE-2023-49550.md new file mode 100644 index 0000000000..599bc7268a --- /dev/null +++ b/2023/CVE-2023-49550.md @@ -0,0 +1,17 @@ +### [CVE-2023-49550](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49550) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs+0x4ec508 component. + +### POC + +#### Reference +- https://github.com/cesanta/mjs/issues/252 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-49990.md b/2023/CVE-2023-49990.md new file mode 100644 index 0000000000..0d106161dc --- /dev/null +++ b/2023/CVE-2023-49990.md @@ -0,0 +1,17 @@ +### [CVE-2023-49990](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49990) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Espeak-ng 1.52-dev was discovered to contain a buffer-overflow via the function SetUpPhonemeTable at synthdata.c. + +### POC + +#### Reference +- https://github.com/espeak-ng/espeak-ng/issues/1824 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-50015.md b/2023/CVE-2023-50015.md new file mode 100644 index 0000000000..1e8c0b7012 --- /dev/null +++ b/2023/CVE-2023-50015.md @@ -0,0 +1,17 @@ +### [CVE-2023-50015](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50015) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in Grandstream GXP14XX 1.0.8.9 and GXP16XX 1.0.7.13, allows remote attackers to escalate privileges via incorrect access control using an end-user session-identity token. + +### POC + +#### Reference +- https://github.com/n0obit4/Vulnerability_Disclosure/tree/main/CVE-2023-50015 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-50137.md b/2023/CVE-2023-50137.md new file mode 100644 index 0000000000..e68b3f0a5c --- /dev/null +++ b/2023/CVE-2023-50137.md @@ -0,0 +1,17 @@ +### [CVE-2023-50137](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50137) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +JFinalcms 5.0.0 is vulnerable to Cross Site Scripting (XSS) in the site management office. + +### POC + +#### Reference +- https://github.com/yukino-hiki/CVE/blob/main/3/There%20is%20a%20storage%20type%20xss%20in%20the%20site%20management%20office.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-5019.md b/2023/CVE-2023-5019.md new file mode 100644 index 0000000000..248f9696de --- /dev/null +++ b/2023/CVE-2023-5019.md @@ -0,0 +1,17 @@ +### [CVE-2023-5019](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5019) +![](https://img.shields.io/static/v1?label=Product&message=OA&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20n%2Fa%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability classified as critical was found in Tongda OA. This vulnerability affects unknown code of the file general/hr/manage/staff_reinstatement/delete.php. The manipulation of the argument REINSTATEMENT_ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-239860. + +### POC + +#### Reference +- https://github.com/ggg48966/cve/blob/main/sql.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-5023.md b/2023/CVE-2023-5023.md new file mode 100644 index 0000000000..26cd7daf26 --- /dev/null +++ b/2023/CVE-2023-5023.md @@ -0,0 +1,17 @@ +### [CVE-2023-5023](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5023) +![](https://img.shields.io/static/v1?label=Product&message=OA&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%202017%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability was found in Tongda OA 2017 and classified as critical. Affected by this issue is some unknown functionality of the file general/hr/manage/staff_relatives/delete.php. The manipulation of the argument RELATIVES_ID leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-239864. + +### POC + +#### Reference +- https://github.com/RCEraser/cve/blob/main/sql_inject_3.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-50260.md b/2023/CVE-2023-50260.md new file mode 100644 index 0000000000..0e8bb2ac18 --- /dev/null +++ b/2023/CVE-2023-50260.md @@ -0,0 +1,17 @@ +### [CVE-2023-50260](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50260) +![](https://img.shields.io/static/v1?label=Product&message=wazuh&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3E%3D%204.2.0%2C%20%3C%204.7.2%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-94%3A%20Improper%20Control%20of%20Generation%20of%20Code%20('Code%20Injection')&color=brighgreen) + +### Description + +Wazuh is a free and open source platform used for threat prevention, detection, and response. A wrong validation in the `host_deny` script allows to write any string in the `hosts.deny` file, which can end in an arbitrary command execution on the target system. This vulnerability is part of the active response feature, which can automatically triggers actions in response to alerts. By default, active responses are limited to a set of pre defined executables. This is enforced by only allowing executables stored under `/var/ossec/active-response/bin` to be run as an active response. However, the `/var/ossec/active-response/bin/host_deny` can be exploited. `host_deny` is used to add IP address to the `/etc/hosts.deny` file to block incoming connections on a service level by using TCP wrappers. Attacker can inject arbitrary command into the `/etc/hosts.deny` file and execute arbitrary command by using the spawn directive. The active response can be triggered by writing events either to the local `execd` queue on server or to the `ar` queue which forwards the events to agents. So, it can leads to LPE on server as root and RCE on agent as root. This vulnerability is fixed in 4.7.2. + +### POC + +#### Reference +- https://github.com/wazuh/wazuh/security/advisories/GHSA-mjq2-xf8g-68vw + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-5030.md b/2023/CVE-2023-5030.md new file mode 100644 index 0000000000..c266fd6354 --- /dev/null +++ b/2023/CVE-2023-5030.md @@ -0,0 +1,17 @@ +### [CVE-2023-5030](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5030) +![](https://img.shields.io/static/v1?label=Product&message=OA&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%2011.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability has been found in Tongda OA up to 11.10 and classified as critical. This vulnerability affects unknown code of the file general/hr/recruit/plan/delete.php. The manipulation of the argument PLAN_ID leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-239872. + +### POC + +#### Reference +- https://github.com/husterdjx/cve/blob/main/sql1.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-50685.md b/2023/CVE-2023-50685.md new file mode 100644 index 0000000000..7c2fb4dbc3 --- /dev/null +++ b/2023/CVE-2023-50685.md @@ -0,0 +1,17 @@ +### [CVE-2023-50685](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50685) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue in Hipcam Cameras RealServer v.1.0 allows a remote attacker to cause a denial of service via a crafted script to the client_port parameter. + +### POC + +#### Reference +- https://github.com/UnderwaterCoder/Hipcam-RTSP-Format-Validation-Vulnerability + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-50914.md b/2023/CVE-2023-50914.md index 640195dcef..cd286d5e4d 100644 --- a/2023/CVE-2023-50914.md +++ b/2023/CVE-2023-50914.md @@ -10,6 +10,8 @@ A Privilege Escalation issue in the inter-process communication procedure from G ### POC #### Reference +- https://github.com/anvilsecure/gog-galaxy-app-research +- https://github.com/anvilsecure/gog-galaxy-app-research/blob/main/advisories/CVE-2023-50914%20-%20LPE.md - https://www.positronsecurity.com/blog/2020-08-13-gog-galaxy_client-local-privilege-escalation_deuce/ #### Github diff --git a/2023/CVE-2023-50915.md b/2023/CVE-2023-50915.md index 8561c1c778..05a3ba4aff 100644 --- a/2023/CVE-2023-50915.md +++ b/2023/CVE-2023-50915.md @@ -10,7 +10,8 @@ An issue exists in GalaxyClientService.exe in GOG Galaxy (Beta) 2.0.67.2 through ### POC #### Reference -No PoCs from references. +- https://github.com/anvilsecure/gog-galaxy-app-research +- https://github.com/anvilsecure/gog-galaxy-app-research/blob/main/advisories/CVE-2023-50915%20-%20DoS.md #### Github - https://github.com/anvilsecure/gog-galaxy-app-research diff --git a/2023/CVE-2023-50966.md b/2023/CVE-2023-50966.md index 3580ad8f8a..69d9a85f81 100644 --- a/2023/CVE-2023-50966.md +++ b/2023/CVE-2023-50966.md @@ -10,7 +10,7 @@ erlang-jose (aka JOSE for Erlang and Elixir) through 1.11.6 allow attackers to c ### POC #### Reference -No PoCs from references. +- https://github.com/P3ngu1nW/CVE_Request/blob/main/erlang-jose.md #### Github - https://github.com/NaInSec/CVE-LIST diff --git a/2023/CVE-2023-51006.md b/2023/CVE-2023-51006.md index 6747b7237a..aa156128fa 100644 --- a/2023/CVE-2023-51006.md +++ b/2023/CVE-2023-51006.md @@ -10,7 +10,7 @@ An issue in the openFile method of Chinese Perpetual Calendar v9.0.0 allows atta ### POC #### Reference -No PoCs from references. +- https://github.com/firmianay/security-issues/tree/main/app/cn.etouch.ecalendar #### Github - https://github.com/firmianay/security-issues diff --git a/2023/CVE-2023-51059.md b/2023/CVE-2023-51059.md new file mode 100644 index 0000000000..7984759954 --- /dev/null +++ b/2023/CVE-2023-51059.md @@ -0,0 +1,17 @@ +### [CVE-2023-51059](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51059) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue in MOKO TECHNOLOGY LTD MOKOSmart MKGW1 BLE Gateway v.1.1.1 and before allows a remote attacker to escalate privileges via the session management component of the administrative web interface. + +### POC + +#### Reference +- https://github.com/sbaresearch/advisories/tree/public/2022/SBA-ADV-20220120-01_MOKOSmart_MKGW1_Gateway_Improper_Session_Management + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-51062.md b/2023/CVE-2023-51062.md new file mode 100644 index 0000000000..3496edf792 --- /dev/null +++ b/2023/CVE-2023-51062.md @@ -0,0 +1,17 @@ +### [CVE-2023-51062](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51062) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An unauthenticated log file read in the component log-smblog-save of QStar Archive Solutions RELEASE_3-0 Build 7 Patch 0 allows attackers to disclose the SMB Log contents via executing a crafted command. + +### POC + +#### Reference +- https://github.com/Oracle-Security/CVEs/blob/main/QStar%20Archive%20Solutions/CVE-2023-51062.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-51064.md b/2023/CVE-2023-51064.md new file mode 100644 index 0000000000..b0a271c104 --- /dev/null +++ b/2023/CVE-2023-51064.md @@ -0,0 +1,17 @@ +### [CVE-2023-51064](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51064) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 was discovered to contain a DOM Based reflected XSS vulnerability within the component qnme-ajax?method=tree_table. + +### POC + +#### Reference +- https://github.com/Oracle-Security/CVEs/blob/main/QStar%20Archive%20Solutions/CVE-2023-51064.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-51065.md b/2023/CVE-2023-51065.md new file mode 100644 index 0000000000..6eed8599fa --- /dev/null +++ b/2023/CVE-2023-51065.md @@ -0,0 +1,17 @@ +### [CVE-2023-51065](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51065) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Incorrect access control in QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 allows unauthenticated attackers to obtain system backups and other sensitive information from the QStar Server. + +### POC + +#### Reference +- https://github.com/Oracle-Security/CVEs/blob/main/QStar%20Archive%20Solutions/CVE-2023-51065.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-51067.md b/2023/CVE-2023-51067.md new file mode 100644 index 0000000000..6d86666c78 --- /dev/null +++ b/2023/CVE-2023-51067.md @@ -0,0 +1,17 @@ +### [CVE-2023-51067](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51067) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An unauthenticated reflected cross-site scripting (XSS) vulnerability in QStar Archive Solutions Release RELEASE_3-0 Build 7 allows attackers to execute arbitrary javascript on a victim's browser via a crafted link. + +### POC + +#### Reference +- https://github.com/Oracle-Security/CVEs/blob/main/QStar%20Archive%20Solutions/CVE-2023-51067.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-51071.md b/2023/CVE-2023-51071.md new file mode 100644 index 0000000000..cdfcbd95b3 --- /dev/null +++ b/2023/CVE-2023-51071.md @@ -0,0 +1,17 @@ +### [CVE-2023-51071](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51071) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An access control issue in QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 allows unauthenticated attackers to arbitrarily disable the SMB service on a victim's Qstar instance by executing a specific command in a link. + +### POC + +#### Reference +- https://github.com/Oracle-Security/CVEs/blob/main/QStar%20Archive%20Solutions/CVE-2023-51071.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-51090.md b/2023/CVE-2023-51090.md new file mode 100644 index 0000000000..9c00756b59 --- /dev/null +++ b/2023/CVE-2023-51090.md @@ -0,0 +1,17 @@ +### [CVE-2023-51090](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51090) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function formGetWeiXinConfig. + +### POC + +#### Reference +- https://github.com/GD008/TENDA/blob/main/M3/getWeiXinConfig/M3_getWeiXinConfig.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-51092.md b/2023/CVE-2023-51092.md new file mode 100644 index 0000000000..e06012e7b6 --- /dev/null +++ b/2023/CVE-2023-51092.md @@ -0,0 +1,17 @@ +### [CVE-2023-51092](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51092) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function upgrade. + +### POC + +#### Reference +- https://github.com/GD008/TENDA/blob/main/M3/upgrade/M3_upgrade.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-51099.md b/2023/CVE-2023-51099.md new file mode 100644 index 0000000000..1ea2f84ef1 --- /dev/null +++ b/2023/CVE-2023-51099.md @@ -0,0 +1,17 @@ +### [CVE-2023-51099](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51099) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a command injection vulnerability via the function formexeCommand . + +### POC + +#### Reference +- https://github.com/GD008/TENDA/blob/main/W9/W9_execommand/W9_execommand.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-51100.md b/2023/CVE-2023-51100.md new file mode 100644 index 0000000000..b7566f3cea --- /dev/null +++ b/2023/CVE-2023-51100.md @@ -0,0 +1,17 @@ +### [CVE-2023-51100](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51100) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a command injection vulnerability via the function formGetDiagnoseInfo . + +### POC + +#### Reference +- https://github.com/GD008/TENDA/blob/main/W9/W9_getDiagnoseInfo/W9_getDiagnoseInfo.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-51101.md b/2023/CVE-2023-51101.md new file mode 100644 index 0000000000..a4fe511833 --- /dev/null +++ b/2023/CVE-2023-51101.md @@ -0,0 +1,17 @@ +### [CVE-2023-51101](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51101) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a stack overflow via the function formSetUplinkInfo. + +### POC + +#### Reference +- https://github.com/GD008/TENDA/blob/main/W9/W9_setUplinkInfo/W9_setUplinkInfo.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-51126.md b/2023/CVE-2023-51126.md index dd1133357d..ffdc4b8f71 100644 --- a/2023/CVE-2023-51126.md +++ b/2023/CVE-2023-51126.md @@ -10,7 +10,7 @@ Command injection vulnerability in /usr/www/res.php in FLIR AX8 up to 1.46.16 al ### POC #### Reference -No PoCs from references. +- https://github.com/risuxx/CVE-2023-51126 #### Github - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2023/CVE-2023-51141.md b/2023/CVE-2023-51141.md index d93ceeb991..4f8265d355 100644 --- a/2023/CVE-2023-51141.md +++ b/2023/CVE-2023-51141.md @@ -10,7 +10,7 @@ An issue in ZKTeko BioTime v.8.5.4 and before allows a remote attacker to obtain ### POC #### Reference -No PoCs from references. +- https://gist.github.com/ipxsec/1680d29c49fe368be81b037168175b10 #### Github - https://github.com/NaInSec/CVE-LIST diff --git a/2023/CVE-2023-51142.md b/2023/CVE-2023-51142.md index 89d2b1c6d6..e814d77804 100644 --- a/2023/CVE-2023-51142.md +++ b/2023/CVE-2023-51142.md @@ -10,7 +10,7 @@ An issue in ZKTeco BioTime v.8.5.4 and before allows a remote attacker to obtain ### POC #### Reference -No PoCs from references. +- https://gist.github.com/ipxsec/b20383620c9e1d5300f7716e62e8a82f #### Github - https://github.com/NaInSec/CVE-LIST diff --git a/2023/CVE-2023-51146.md b/2023/CVE-2023-51146.md new file mode 100644 index 0000000000..422a33970e --- /dev/null +++ b/2023/CVE-2023-51146.md @@ -0,0 +1,17 @@ +### [CVE-2023-51146](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51146) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Buffer Overflow vulnerability in TRENDnet AC1200 TEW-821DAP with firmware version 3.00b06 allows an attacker to execute arbitrary code via the adm_add_user action. + +### POC + +#### Reference +- https://github.com/SpikeReply/advisories/blob/main/cve/trendnet/cve-2023-51146.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-51147.md b/2023/CVE-2023-51147.md new file mode 100644 index 0000000000..0108956865 --- /dev/null +++ b/2023/CVE-2023-51147.md @@ -0,0 +1,17 @@ +### [CVE-2023-51147](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51147) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Buffer Overflow vulnerability in TRENDnet Trendnet AC1200 TEW-821DAP with firmware version 3.00b06 allows an attacker to execute arbitrary code via the adm_mod_pwd action. + +### POC + +#### Reference +- https://github.com/SpikeReply/advisories/blob/main/cve/trendnet/cve-2023-51147.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-51148.md b/2023/CVE-2023-51148.md new file mode 100644 index 0000000000..168c65ccf6 --- /dev/null +++ b/2023/CVE-2023-51148.md @@ -0,0 +1,17 @@ +### [CVE-2023-51148](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51148) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue in TRENDnet Trendnet AC1200 Dual Band PoE Indoor Wireless Access Point TEW-821DAP v.3.00b06 allows an attacker to execute arbitrary code via the 'mycli' command-line interface component. + +### POC + +#### Reference +- https://github.com/SpikeReply/advisories/blob/main/cve/trendnet/cve-2023-51148.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-51219.md b/2023/CVE-2023-51219.md new file mode 100644 index 0000000000..969b2cf916 --- /dev/null +++ b/2023/CVE-2023-51219.md @@ -0,0 +1,17 @@ +### [CVE-2023-51219](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51219) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A deep link validation issue in KakaoTalk 10.4.3 allowed a remote adversary to direct users to run any attacker-controller JavaScript within a WebView. The impact was further escalated by triggering another WebView that leaked its access token in a HTTP request header. Ultimately, this access token could be used to takeover another user's account and read her/his chat messages. + +### POC + +#### Reference +- https://stulle123.github.io/posts/kakaotalk-account-takeover/ + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-51258.md b/2023/CVE-2023-51258.md new file mode 100644 index 0000000000..ff9465899d --- /dev/null +++ b/2023/CVE-2023-51258.md @@ -0,0 +1,17 @@ +### [CVE-2023-51258](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51258) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A memory leak issue discovered in YASM v.1.3.0 allows a local attacker to cause a denial of service via the new_Token function in the modules/preprocs/nasm/nasm-pp:1512. + +### POC + +#### Reference +- https://github.com/hanxuer/crashes/blob/main/yasm/04/readme.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-51387.md b/2023/CVE-2023-51387.md new file mode 100644 index 0000000000..e89aa128fd --- /dev/null +++ b/2023/CVE-2023-51387.md @@ -0,0 +1,17 @@ +### [CVE-2023-51387](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51387) +![](https://img.shields.io/static/v1?label=Product&message=hertzbeat&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%201.4.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-94%3A%20Improper%20Control%20of%20Generation%20of%20Code%20('Code%20Injection')&color=brighgreen) + +### Description + +Hertzbeat is an open source, real-time monitoring system. Hertzbeat uses aviatorscript to evaluate alert expressions. The alert expressions are supposed to be some simple expressions. However, due to improper sanitization for alert expressions in version prior to 1.4.1, a malicious user can use a crafted alert expression to execute any command on hertzbeat server. A malicious user who has access to alert define function can execute any command in hertzbeat instance. This issue is fixed in version 1.4.1. + +### POC + +#### Reference +- https://github.com/dromara/hertzbeat/security/advisories/GHSA-4576-m8px-w9qj + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-5143.md b/2023/CVE-2023-5143.md new file mode 100644 index 0000000000..b2a6ae80fb --- /dev/null +++ b/2023/CVE-2023-5143.md @@ -0,0 +1,17 @@ +### [CVE-2023-5143](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5143) +![](https://img.shields.io/static/v1?label=Product&message=DAR-7000&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%2020151231%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Privilege%20Escalation&color=brighgreen) + +### Description + +** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found in D-Link DAR-7000 up to 20151231. This issue affects some unknown processing of the file /log/webmailattach.php. The manipulation of the argument table_name leads to an unknown weakness. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-240239. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced. + +### POC + +#### Reference +- https://github.com/ggg48966/cve/blob/main/D-LINK%20-DAR-7000_rce_%20webmailattach.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-5144.md b/2023/CVE-2023-5144.md new file mode 100644 index 0000000000..4fa56aa2d9 --- /dev/null +++ b/2023/CVE-2023-5144.md @@ -0,0 +1,18 @@ +### [CVE-2023-5144](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5144) +![](https://img.shields.io/static/v1?label=Product&message=DAR-7000&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DAR-8000&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%2020151231%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload&color=brighgreen) + +### Description + +** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DAR-7000 and DAR-8000 up to 20151231. Affected is an unknown function of the file /sysmanage/updateos.php. The manipulation of the argument file_upload leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-240240. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced. + +### POC + +#### Reference +- https://github.com/llixixi/cve/blob/main/D-LINK-DAR-8000-10_upload_%20updateos.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-51444.md b/2023/CVE-2023-51444.md index e372cea662..bda96f20c7 100644 --- a/2023/CVE-2023-51444.md +++ b/2023/CVE-2023-51444.md @@ -11,6 +11,7 @@ GeoServer is an open source software server written in Java that allows users to ### POC #### Reference +- https://github.com/geoserver/geoserver/security/advisories/GHSA-9v5q-2gwq-q9hq - https://osgeo-org.atlassian.net/browse/GEOS-11176 #### Github diff --git a/2023/CVE-2023-51445.md b/2023/CVE-2023-51445.md index 77a5b8f41f..c4003a7f25 100644 --- a/2023/CVE-2023-51445.md +++ b/2023/CVE-2023-51445.md @@ -10,6 +10,7 @@ GeoServer is an open source software server written in Java that allows users to ### POC #### Reference +- https://github.com/geoserver/geoserver/security/advisories/GHSA-fh7p-5f6g-vj2w - https://osgeo-org.atlassian.net/browse/GEOS-11148 #### Github diff --git a/2023/CVE-2023-51448.md b/2023/CVE-2023-51448.md index eea010dfe1..7348c69009 100644 --- a/2023/CVE-2023-51448.md +++ b/2023/CVE-2023-51448.md @@ -10,7 +10,7 @@ Cacti provides an operational monitoring and fault management framework. Version ### POC #### Reference -No PoCs from references. +- https://github.com/Cacti/cacti/security/advisories/GHSA-w85f-7c4w-7594 #### Github - https://github.com/gg0h/gg0h diff --git a/2023/CVE-2023-5147.md b/2023/CVE-2023-5147.md new file mode 100644 index 0000000000..73cfc430d0 --- /dev/null +++ b/2023/CVE-2023-5147.md @@ -0,0 +1,17 @@ +### [CVE-2023-5147](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5147) +![](https://img.shields.io/static/v1?label=Product&message=DAR-7000&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%2020151231%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload&color=brighgreen) + +### Description + +** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DAR-7000 up to 20151231. It has been classified as critical. This affects an unknown part of the file /sysmanage/updateos.php. The manipulation of the argument 1_file_upload leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-240243. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced. + +### POC + +#### Reference +- https://github.com/llixixi/cve/blob/main/D-LINK-DAR-7000_upload_%20updateos.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-5148.md b/2023/CVE-2023-5148.md new file mode 100644 index 0000000000..06f1cf4c97 --- /dev/null +++ b/2023/CVE-2023-5148.md @@ -0,0 +1,18 @@ +### [CVE-2023-5148](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5148) +![](https://img.shields.io/static/v1?label=Product&message=DAR-7000&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DAR-8000&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%2020151231%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload&color=brighgreen) + +### Description + +** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DAR-7000 and DAR-8000 up to 20151231. It has been declared as critical. This vulnerability affects unknown code of the file /Tool/uploadfile.php. The manipulation of the argument file_upload leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-240244. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced. + +### POC + +#### Reference +- https://github.com/llixixi/cve/blob/main/D-LINK-DAR-8000-10_upload_%20uploadfile.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-5150.md b/2023/CVE-2023-5150.md new file mode 100644 index 0000000000..ed97eef870 --- /dev/null +++ b/2023/CVE-2023-5150.md @@ -0,0 +1,18 @@ +### [CVE-2023-5150](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5150) +![](https://img.shields.io/static/v1?label=Product&message=DAR-7000&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DAR-8000&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%2020151231%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload&color=brighgreen) + +### Description + +** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical has been found in D-Link DAR-7000 and DAR-8000 up to 20151231. Affected is an unknown function of the file /useratte/web.php. The manipulation of the argument file_upload leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-240246 is the identifier assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced. + +### POC + +#### Reference +- https://github.com/llixixi/cve/blob/main/D-LINK-DAR-8000-10_upload_%20web.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-51650.md b/2023/CVE-2023-51650.md new file mode 100644 index 0000000000..f99dd0d5bf --- /dev/null +++ b/2023/CVE-2023-51650.md @@ -0,0 +1,17 @@ +### [CVE-2023-51650](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51650) +![](https://img.shields.io/static/v1?label=Product&message=hertzbeat&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%201.4.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-862%3A%20Missing%20Authorization&color=brighgreen) + +### Description + +Hertzbeat is an open source, real-time monitoring system. Prior to version 1.4.1, Spring Boot permission configuration issues caused unauthorized access vulnerabilities to three interfaces. This could result in disclosure of sensitive server information. Version 1.4.1 fixes this issue. + +### POC + +#### Reference +- https://github.com/dromara/hertzbeat/security/advisories/GHSA-rrc5-qpxr-5jm2 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-51698.md b/2023/CVE-2023-51698.md index 336fe0381b..b3045941b6 100644 --- a/2023/CVE-2023-51698.md +++ b/2023/CVE-2023-51698.md @@ -10,7 +10,7 @@ Atril is a simple multi-page document viewer. Atril is vulnerable to a critical ### POC #### Reference -No PoCs from references. +- https://github.com/mate-desktop/atril/security/advisories/GHSA-34rr-j8v9-v4p2 #### Github - https://github.com/febinrev/atril_cbt-inject-exploit diff --git a/2023/CVE-2023-51790.md b/2023/CVE-2023-51790.md new file mode 100644 index 0000000000..8a6f3b9e0d --- /dev/null +++ b/2023/CVE-2023-51790.md @@ -0,0 +1,18 @@ +### [CVE-2023-51790](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51790) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Cross Site Scripting vulnerability in piwigo v.14.0.0 allows a remote attacker to obtain sensitive information via the lang parameter in the Admin Tools plug-in component. + +### POC + +#### Reference +- https://github.com/Piwigo/AdminTools/issues/21 +- https://github.com/Piwigo/Piwigo/issues/2069 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-51792.md b/2023/CVE-2023-51792.md new file mode 100644 index 0000000000..f986347b9b --- /dev/null +++ b/2023/CVE-2023-51792.md @@ -0,0 +1,17 @@ +### [CVE-2023-51792](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51792) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Buffer Overflow vulnerability in libde265 v1.0.12 allows a local attacker to cause a denial of service via the allocation size exceeding the maximum supported size of 0x10000000000. + +### POC + +#### Reference +- https://github.com/strukturag/libde265/issues/427 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-51810.md b/2023/CVE-2023-51810.md index 4de2101706..12c2a805ce 100644 --- a/2023/CVE-2023-51810.md +++ b/2023/CVE-2023-51810.md @@ -10,7 +10,7 @@ SQL injection vulnerability in StackIdeas EasyDiscuss v.5.0.5 and fixed in v.5.0 ### POC #### Reference -No PoCs from references. +- https://github.com/Pastea/CVE-2023-51810 #### Github - https://github.com/Pastea/CVE-2023-51810 diff --git a/2023/CVE-2023-51813.md b/2023/CVE-2023-51813.md new file mode 100644 index 0000000000..f864fb1d61 --- /dev/null +++ b/2023/CVE-2023-51813.md @@ -0,0 +1,17 @@ +### [CVE-2023-51813](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51813) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Cross Site Request Forgery (CSRF) vulnerability in Free Open-Source Inventory Management System v.1.0 allows a remote attacker to execute arbitrary code via the staff_list parameter in the index.php component. + +### POC + +#### Reference +- https://github.com/xxxxfang/CVE-Apply/blob/main/csrf-1.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-51820.md b/2023/CVE-2023-51820.md index eac24d4b5a..ad9c3af8c3 100644 --- a/2023/CVE-2023-51820.md +++ b/2023/CVE-2023-51820.md @@ -10,6 +10,7 @@ An issue in Blurams Lumi Security Camera (A31C) v.2.3.38.12558 allows a physical ### POC #### Reference +- https://github.com/roman-mueller/PoC/tree/master/CVE-2023-51820 - https://infosec.rm-it.de/2024/02/01/blurams-lumi-security-camera-analysis/ #### Github diff --git a/2023/CVE-2023-52039.md b/2023/CVE-2023-52039.md new file mode 100644 index 0000000000..5aab07aa70 --- /dev/null +++ b/2023/CVE-2023-52039.md @@ -0,0 +1,17 @@ +### [CVE-2023-52039](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52039) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue discovered in TOTOLINK X6000R v9.4.0cu.852_B20230719 allows attackers to run arbitrary commands via the sub_415AA4 function. + +### POC + +#### Reference +- https://github.com/Beckaf/vunl/blob/main/TOTOLINK/X6000R/2/2.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-5221.md b/2023/CVE-2023-5221.md index 6dcec049bc..e69b8e6e4c 100644 --- a/2023/CVE-2023-5221.md +++ b/2023/CVE-2023-5221.md @@ -10,6 +10,7 @@ A vulnerability classified as critical has been found in ForU CMS. This affects ### POC #### Reference +- https://github.com/Fovker8/cve/blob/main/rce.md - https://vuldb.com/?id.240363 #### Github diff --git a/2023/CVE-2023-5267.md b/2023/CVE-2023-5267.md new file mode 100644 index 0000000000..debc5f7490 --- /dev/null +++ b/2023/CVE-2023-5267.md @@ -0,0 +1,17 @@ +### [CVE-2023-5267](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5267) +![](https://img.shields.io/static/v1?label=Product&message=OA%202017&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20n%2Fa%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability has been found in Tongda OA 2017 and classified as critical. This vulnerability affects unknown code of the file general/hr/recruit/hr_pool/delete.php. The manipulation of the argument EXPERT_ID leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-240880. + +### POC + +#### Reference +- https://github.com/kpz-wm/cve/blob/main/sql.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-5489.md b/2023/CVE-2023-5489.md new file mode 100644 index 0000000000..51800dd366 --- /dev/null +++ b/2023/CVE-2023-5489.md @@ -0,0 +1,17 @@ +### [CVE-2023-5489](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5489) +![](https://img.shields.io/static/v1?label=Product&message=Smart%20S45F%20Multi-Service%20Secure%20Gateway%20Intelligent%20Management%20Platform&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%2020230928%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload&color=brighgreen) + +### Description + +A vulnerability classified as critical has been found in Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230928. This affects an unknown part of the file /Tool/uploadfile.php. The manipulation of the argument file_upload leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-241641 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. + +### POC + +#### Reference +- https://github.com/llixixi/cve/blob/main/s45_upload_%20uploadfile.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-5490.md b/2023/CVE-2023-5490.md new file mode 100644 index 0000000000..309550fedc --- /dev/null +++ b/2023/CVE-2023-5490.md @@ -0,0 +1,17 @@ +### [CVE-2023-5490](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5490) +![](https://img.shields.io/static/v1?label=Product&message=Smart%20S45F%20Multi-Service%20Secure%20Gateway%20Intelligent%20Management%20Platform&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%2020230928%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload&color=brighgreen) + +### Description + +A vulnerability classified as critical was found in Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230928. This vulnerability affects unknown code of the file /useratte/userattestation.php. The manipulation of the argument web_img leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-241642 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. + +### POC + +#### Reference +- https://github.com/llixixi/cve/blob/main/s45_upload_%20userattestation.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-5491.md b/2023/CVE-2023-5491.md new file mode 100644 index 0000000000..2b46b15baf --- /dev/null +++ b/2023/CVE-2023-5491.md @@ -0,0 +1,17 @@ +### [CVE-2023-5491](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5491) +![](https://img.shields.io/static/v1?label=Product&message=Smart%20S45F%20Multi-Service%20Secure%20Gateway%20Intelligent%20Management%20Platform&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%2020230928%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload&color=brighgreen) + +### Description + +A vulnerability, which was classified as critical, has been found in Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230928. This issue affects some unknown processing of the file /sysmanage/updatelib.php. The manipulation of the argument file_upload leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-241643. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. + +### POC + +#### Reference +- https://github.com/llixixi/cve/blob/main/s45_upload_changelogo.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-5492.md b/2023/CVE-2023-5492.md index 4314275154..9b0719591e 100644 --- a/2023/CVE-2023-5492.md +++ b/2023/CVE-2023-5492.md @@ -10,6 +10,7 @@ A vulnerability, which was classified as critical, was found in Byzoro Smart S45 ### POC #### Reference +- https://github.com/llixixi/cve/blob/main/s45_upload_licence.md - https://vuldb.com/?id.241644 #### Github diff --git a/2023/CVE-2023-5493.md b/2023/CVE-2023-5493.md new file mode 100644 index 0000000000..428028ae99 --- /dev/null +++ b/2023/CVE-2023-5493.md @@ -0,0 +1,17 @@ +### [CVE-2023-5493](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5493) +![](https://img.shields.io/static/v1?label=Product&message=Smart%20S45F%20Multi-Service%20Secure%20Gateway%20Intelligent%20Management%20Platform&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%2020230928%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload&color=brighgreen) + +### Description + +A vulnerability has been found in Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230928 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /useratte/web.php. The manipulation of the argument file_upload leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-241645 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. + +### POC + +#### Reference +- https://github.com/llixixi/cve/blob/main/s45_upload_web.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-5494.md b/2023/CVE-2023-5494.md new file mode 100644 index 0000000000..c71ca195cc --- /dev/null +++ b/2023/CVE-2023-5494.md @@ -0,0 +1,17 @@ +### [CVE-2023-5494](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5494) +![](https://img.shields.io/static/v1?label=Product&message=Smart%20S45F%20Multi-Service%20Secure%20Gateway%20Intelligent%20Management%20Platform&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%2020230928%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-78%20OS%20Command%20Injection&color=brighgreen) + +### Description + +A vulnerability was found in Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230928 and classified as critical. Affected by this issue is some unknown functionality of the file /log/download.php. The manipulation of the argument file leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-241646 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. + +### POC + +#### Reference +- https://github.com/7332all/cve/blob/main/rce_1.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-5497.md b/2023/CVE-2023-5497.md new file mode 100644 index 0000000000..8a14ab3aa7 --- /dev/null +++ b/2023/CVE-2023-5497.md @@ -0,0 +1,17 @@ +### [CVE-2023-5497](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5497) +![](https://img.shields.io/static/v1?label=Product&message=OA%202017&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%2011.10%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability classified as critical has been found in Tongda OA 2017 11.10. Affected is an unknown function of the file general/hr/salary/welfare_manage/delete.php. The manipulation of the argument WELFARE_ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-241650 is the identifier assigned to this vulnerability. + +### POC + +#### Reference +- https://github.com/RCEraser/cve/blob/main/sql_inject_4.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-5682.md b/2023/CVE-2023-5682.md new file mode 100644 index 0000000000..098b637b57 --- /dev/null +++ b/2023/CVE-2023-5682.md @@ -0,0 +1,17 @@ +### [CVE-2023-5682](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5682) +![](https://img.shields.io/static/v1?label=Product&message=OA&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%202017%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability has been found in Tongda OA 2017 and classified as critical. This vulnerability affects unknown code of the file general/hr/training/record/delete.php. The manipulation of the argument RECORD_ID leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. VDB-243058 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. + +### POC + +#### Reference +- https://github.com/Godfather-onec/cve/blob/main/sql.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-5700.md b/2023/CVE-2023-5700.md new file mode 100644 index 0000000000..4ed34c2c30 --- /dev/null +++ b/2023/CVE-2023-5700.md @@ -0,0 +1,17 @@ +### [CVE-2023-5700](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5700) +![](https://img.shields.io/static/v1?label=Product&message=NS-ASG%20Application%20Security%20Gateway&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%206.3%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability, which was classified as critical, was found in Netentsec NS-ASG Application Security Gateway 6.3. Affected is an unknown function of the file /protocol/iscgwtunnel/uploadiscgwrouteconf.php. The manipulation of the argument GWLinkId leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-243138 is the identifier assigned to this vulnerability. + +### POC + +#### Reference +- https://github.com/istlnight/cve/blob/main/NS-ASG-sql-uploadiscgwrouteconf.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-5724.md b/2023/CVE-2023-5724.md index b7c6833bb2..5084e6de91 100644 --- a/2023/CVE-2023-5724.md +++ b/2023/CVE-2023-5724.md @@ -14,7 +14,7 @@ Drivers are not always robust to extremely large draw calls and in some cases th ### POC #### Reference -No PoCs from references. +- https://bugzilla.mozilla.org/show_bug.cgi?id=1836705 #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2023/CVE-2023-5725.md b/2023/CVE-2023-5725.md index 8cd36c7d33..bc8e437af5 100644 --- a/2023/CVE-2023-5725.md +++ b/2023/CVE-2023-5725.md @@ -14,7 +14,7 @@ A malicious installed WebExtension could open arbitrary URLs, which under the ri ### POC #### Reference -No PoCs from references. +- https://bugzilla.mozilla.org/show_bug.cgi?id=1845739 #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2023/CVE-2023-5779.md b/2023/CVE-2023-5779.md new file mode 100644 index 0000000000..fd5311a13c --- /dev/null +++ b/2023/CVE-2023-5779.md @@ -0,0 +1,17 @@ +### [CVE-2023-5779](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5779) +![](https://img.shields.io/static/v1?label=Product&message=Zephyr&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%203.5%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-787%20Out-of-bounds%20Write&color=brighgreen) + +### Description + +can: out of bounds in remove_rx_filter function + +### POC + +#### Reference +- https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7cmj-963q-jj47 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-5780.md b/2023/CVE-2023-5780.md new file mode 100644 index 0000000000..c38ac2b378 --- /dev/null +++ b/2023/CVE-2023-5780.md @@ -0,0 +1,17 @@ +### [CVE-2023-5780](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5780) +![](https://img.shields.io/static/v1?label=Product&message=OA%202017&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%2011.10%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability classified as critical was found in Tongda OA 2017 11.10. This vulnerability affects unknown code of the file general/system/approve_center/flow_guide/flow_type/set_print/delete.php. The manipulation of the argument DELETE_STR leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-243586 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. + +### POC + +#### Reference +- https://github.com/RCEraser/cve/blob/main/sql_inject_5.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-5783.md b/2023/CVE-2023-5783.md new file mode 100644 index 0000000000..a38820e191 --- /dev/null +++ b/2023/CVE-2023-5783.md @@ -0,0 +1,17 @@ +### [CVE-2023-5783](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5783) +![](https://img.shields.io/static/v1?label=Product&message=OA%202017&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%2011.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability has been found in Tongda OA 2017 up to 11.9 and classified as critical. Affected by this vulnerability is an unknown functionality of the file general/system/approve_center/flow_sort/flow/delete.php. The manipulation of the argument id/sort_parent leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-243589 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. + +### POC + +#### Reference +- https://github.com/halleyakina/cve/blob/main/sql.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-5959.md b/2023/CVE-2023-5959.md index 228f5a0f23..1954207ed2 100644 --- a/2023/CVE-2023-5959.md +++ b/2023/CVE-2023-5959.md @@ -10,7 +10,7 @@ A vulnerability, which was classified as problematic, was found in Byzoro Smart ### POC #### Reference -No PoCs from references. +- https://github.com/Changboqian/cve/blob/main/reset_password_improperly.md #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2023/CVE-2023-6053.md b/2023/CVE-2023-6053.md index 1d224cc443..ec128c8bae 100644 --- a/2023/CVE-2023-6053.md +++ b/2023/CVE-2023-6053.md @@ -10,6 +10,7 @@ A vulnerability, which was classified as critical, has been found in Tongda OA 2 ### POC #### Reference +- https://github.com/Conan0313/cve/blob/main/sql.md - https://vuldb.com/?id.244874 #### Github diff --git a/2023/CVE-2023-6054.md b/2023/CVE-2023-6054.md index 6a15ea5b59..2fa77d371a 100644 --- a/2023/CVE-2023-6054.md +++ b/2023/CVE-2023-6054.md @@ -10,6 +10,7 @@ A vulnerability, which was classified as critical, was found in Tongda OA 2017 u ### POC #### Reference +- https://github.com/TinkAnet/cve/blob/main/sql2.md - https://vuldb.com/?id.244875 #### Github diff --git a/2023/CVE-2023-6165.md b/2023/CVE-2023-6165.md index 18cb3e8cb6..af1a2d2933 100644 --- a/2023/CVE-2023-6165.md +++ b/2023/CVE-2023-6165.md @@ -10,6 +10,7 @@ The Restrict Usernames Emails Characters WordPress plugin before 3.1.4 does not ### POC #### Reference +- https://github.com/youki992/youki992.github.io/blob/master/others/apply2.md - https://wpscan.com/vulnerability/aba62286-9a82-4d5b-9b47-1fddde5da487/ #### Github diff --git a/2023/CVE-2023-6207.md b/2023/CVE-2023-6207.md new file mode 100644 index 0000000000..e462c9f2e7 --- /dev/null +++ b/2023/CVE-2023-6207.md @@ -0,0 +1,21 @@ +### [CVE-2023-6207](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6207) +![](https://img.shields.io/static/v1?label=Product&message=Firefox%20ESR&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Firefox&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Thunderbird&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=unspecified%3C%20115.5%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=unspecified%3C%20115.5.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=unspecified%3C%20120%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Use-after-free%20in%20ReadableByteStreamQueueEntry%3A%3ABuffer&color=brighgreen) + +### Description + +Ownership mismanagement led to a use-after-free in ReadableByteStreams This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5. + +### POC + +#### Reference +- https://bugzilla.mozilla.org/show_bug.cgi?id=1861344 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-6209.md b/2023/CVE-2023-6209.md index de137bdbc2..2c3de18e4b 100644 --- a/2023/CVE-2023-6209.md +++ b/2023/CVE-2023-6209.md @@ -14,7 +14,7 @@ Relative URLs starting with three slashes were incorrectly parsed, and a path-tr ### POC #### Reference -No PoCs from references. +- https://bugzilla.mozilla.org/show_bug.cgi?id=1858570 #### Github - https://github.com/punggawacybersecurity/CVE-List diff --git a/2023/CVE-2023-6276.md b/2023/CVE-2023-6276.md index 46eff9ac28..53e3f93a99 100644 --- a/2023/CVE-2023-6276.md +++ b/2023/CVE-2023-6276.md @@ -10,7 +10,7 @@ A vulnerability classified as critical has been found in Tongda OA 2017 up to 11 ### POC #### Reference -No PoCs from references. +- https://github.com/YXuanZ1216/cve/blob/main/sql.md #### Github - https://github.com/tanjiti/sec_profile diff --git a/2023/CVE-2023-6301.md b/2023/CVE-2023-6301.md index 7d61558bf4..7653bf5d8b 100644 --- a/2023/CVE-2023-6301.md +++ b/2023/CVE-2023-6301.md @@ -10,6 +10,7 @@ A vulnerability has been found in SourceCodester Best Courier Management System ### POC #### Reference +- https://github.com/BigTiger2020/2023/blob/main/best-courier-management-system/best-courier-management-system-reflected%20xss2.md - https://vuldb.com/?id.246127 #### Github diff --git a/2023/CVE-2023-6305.md b/2023/CVE-2023-6305.md new file mode 100644 index 0000000000..20ea752385 --- /dev/null +++ b/2023/CVE-2023-6305.md @@ -0,0 +1,17 @@ +### [CVE-2023-6305](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6305) +![](https://img.shields.io/static/v1?label=Product&message=Free%20and%20Open%20Source%20Inventory%20Management%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability was found in SourceCodester Free and Open Source Inventory Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file ample/app/ajax/suppliar_data.php. The manipulation of the argument columns leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-246131. + +### POC + +#### Reference +- https://github.com/BigTiger2020/2023/blob/main/Free%20and%20Open%20Source%20inventory%20management%20system/Free%20and%20Open%20Source%20inventory%20management%20system.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-6491.md b/2023/CVE-2023-6491.md new file mode 100644 index 0000000000..80db8d6731 --- /dev/null +++ b/2023/CVE-2023-6491.md @@ -0,0 +1,17 @@ +### [CVE-2023-6491](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6491) +![](https://img.shields.io/static/v1?label=Product&message=Strong%20Testimonials&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%203.1.12%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-284%20Improper%20Access%20Control&color=brighgreen) + +### Description + +The Strong Testimonials plugin for WordPress is vulnerable to unauthorized modification of data due to an improper capability check on the wpmtst_save_view_sticky function in all versions up to, and including, 3.1.12. This makes it possible for authenticated attackers, with contributor access and above, to modify favorite views. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2023/CVE-2023-6574.md b/2023/CVE-2023-6574.md index bafb96658f..46fc3965df 100644 --- a/2023/CVE-2023-6574.md +++ b/2023/CVE-2023-6574.md @@ -10,7 +10,7 @@ A vulnerability was found in Byzoro Smart S20 up to 20231120 and classified as c ### POC #### Reference -No PoCs from references. +- https://github.com/flyyue2001/cve/blob/main/smart_sql_updateos.md #### Github - https://github.com/tanjiti/sec_profile diff --git a/2023/CVE-2023-6576.md b/2023/CVE-2023-6576.md new file mode 100644 index 0000000000..3c2f2cef26 --- /dev/null +++ b/2023/CVE-2023-6576.md @@ -0,0 +1,17 @@ +### [CVE-2023-6576](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6576) +![](https://img.shields.io/static/v1?label=Product&message=S210&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%2020231123%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload&color=brighgreen) + +### Description + +A vulnerability was found in Byzoro S210 up to 20231123. It has been declared as critical. This vulnerability affects unknown code of the file /Tool/uploadfile.php of the component HTTP POST Request Handler. The manipulation of the argument file_upload leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-247156. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. + +### POC + +#### Reference +- https://github.com/willchen0011/cve/blob/main/upload.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-6580.md b/2023/CVE-2023-6580.md new file mode 100644 index 0000000000..0d425c2556 --- /dev/null +++ b/2023/CVE-2023-6580.md @@ -0,0 +1,17 @@ +### [CVE-2023-6580](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6580) +![](https://img.shields.io/static/v1?label=Product&message=DIR-846&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20FW100A53DBR%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%20Deserialization&color=brighgreen) + +### Description + +A vulnerability, which was classified as critical, was found in D-Link DIR-846 FW100A53DBR. This affects an unknown part of the file /HNAP1/ of the component QoS POST Handler. The manipulation of the argument smartqos_express_devices/smartqos_normal_devices leads to deserialization. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-247161 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. + +### POC + +#### Reference +- https://github.com/c2dc/cve-reported/blob/main/CVE-2023-6580/CVE-2023-6580.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-6753.md b/2023/CVE-2023-6753.md index 54d2da1bd9..80696c881f 100644 --- a/2023/CVE-2023-6753.md +++ b/2023/CVE-2023-6753.md @@ -10,6 +10,7 @@ Path Traversal in GitHub repository mlflow/mlflow prior to 2.9.2. ### POC #### Reference +- https://github.com/mlflow/mlflow/commit/1c6309f884798fbf56017a3cc808016869ee8de4 - https://huntr.com/bounties/b397b83a-527a-47e7-b912-a12a17a6cfb4 #### Github diff --git a/2023/CVE-2023-6766.md b/2023/CVE-2023-6766.md new file mode 100644 index 0000000000..7e8768d90e --- /dev/null +++ b/2023/CVE-2023-6766.md @@ -0,0 +1,17 @@ +### [CVE-2023-6766](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6766) +![](https://img.shields.io/static/v1?label=Product&message=Teacher%20Subject%20Allocation%20Management%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-352%20Cross-Site%20Request%20Forgery&color=brighgreen) + +### Description + +A vulnerability classified as problematic has been found in PHPGurukul Teacher Subject Allocation Management System 1.0. Affected is an unknown function of the file /admin/course.php of the component Delete Course Handler. The manipulation of the argument delid leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-247896. + +### POC + +#### Reference +- https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/csrf_delete_course.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-6861.md b/2023/CVE-2023-6861.md index 1a67e57928..0593b3cdb6 100644 --- a/2023/CVE-2023-6861.md +++ b/2023/CVE-2023-6861.md @@ -13,7 +13,7 @@ The `nsWindow::PickerOpen(void)` method was susceptible to a heap buffer overflo ### POC #### Reference -No PoCs from references. +- https://bugzilla.mozilla.org/show_bug.cgi?id=1864118 #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2023/CVE-2023-6885.md b/2023/CVE-2023-6885.md new file mode 100644 index 0000000000..3b39e08ecd --- /dev/null +++ b/2023/CVE-2023-6885.md @@ -0,0 +1,17 @@ +### [CVE-2023-6885](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6885) +![](https://img.shields.io/static/v1?label=Product&message=OA%202017&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%2011.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability was found in Tongda OA 2017 up to 11.10. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file general/vote/manage/delete.php. The manipulation of the argument DELETE_STR leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-248245 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. + +### POC + +#### Reference +- https://github.com/Martinzb/cve/blob/main/sql.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-6888.md b/2023/CVE-2023-6888.md index e99ced8471..5093e6b49c 100644 --- a/2023/CVE-2023-6888.md +++ b/2023/CVE-2023-6888.md @@ -11,6 +11,7 @@ A vulnerability classified as critical was found in PHZ76 RtspServer 1.0.0. This #### Reference - http://www.huiyao.love/2023/12/08/rtspserver-stackoverflow-vulnerability/ +- https://github.com/hu1y40/PoC/blob/main/rtspserver_stackoverflow_poc.py #### Github No PoCs found on GitHub currently. diff --git a/2023/CVE-2023-7100.md b/2023/CVE-2023-7100.md index 48f4f58bee..10d1c355ad 100644 --- a/2023/CVE-2023-7100.md +++ b/2023/CVE-2023-7100.md @@ -11,6 +11,7 @@ A vulnerability, which was classified as critical, was found in PHPGurukul Resta #### Reference - https://medium.com/@2839549219ljk/restaurant-table-booking-system-sql-injection-vulnerability-30708cfabe03 +- https://vuldb.com/?id.248952 #### Github No PoCs found on GitHub currently. diff --git a/2023/CVE-2023-7180.md b/2023/CVE-2023-7180.md new file mode 100644 index 0000000000..c56e99329c --- /dev/null +++ b/2023/CVE-2023-7180.md @@ -0,0 +1,17 @@ +### [CVE-2023-7180](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-7180) +![](https://img.shields.io/static/v1?label=Product&message=OA%202017&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%2011.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability has been found in Tongda OA 2017 up to 11.9 and classified as critical. Affected by this vulnerability is an unknown functionality of the file general/project/proj/delete.php. The manipulation of the argument PROJ_ID_STR leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-249367. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. + +### POC + +#### Reference +- https://github.com/Bobjones7/cve/blob/main/sql.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-0252.md b/2024/CVE-2024-0252.md index 06946fe83e..e34138d487 100644 --- a/2024/CVE-2024-0252.md +++ b/2024/CVE-2024-0252.md @@ -1,7 +1,7 @@ ### [CVE-2024-0252](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0252) ![](https://img.shields.io/static/v1?label=Product&message=ADSelfService%20Plus&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) -![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-94%20Improper%20Control%20of%20Generation%20of%20Code%20('Code%20Injection')&color=brighgreen) ### Description diff --git a/2024/CVE-2024-0253.md b/2024/CVE-2024-0253.md index 7588c2301b..a495746847 100644 --- a/2024/CVE-2024-0253.md +++ b/2024/CVE-2024-0253.md @@ -1,7 +1,7 @@ ### [CVE-2024-0253](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0253) ![](https://img.shields.io/static/v1?label=Product&message=ADAudit%20Plus&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) -![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20SQL%20Command%20('SQL%20Injection')&color=brighgreen) ### Description diff --git a/2024/CVE-2024-0269.md b/2024/CVE-2024-0269.md index 57257314fe..221f06ceef 100644 --- a/2024/CVE-2024-0269.md +++ b/2024/CVE-2024-0269.md @@ -1,7 +1,7 @@ ### [CVE-2024-0269](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0269) ![](https://img.shields.io/static/v1?label=Product&message=ADAudit%20Plus&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) -![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20SQL%20Command%20('SQL%20Injection')&color=brighgreen) ### Description diff --git a/2024/CVE-2024-1507.md b/2024/CVE-2024-1507.md index a2ccca9469..e514df12e0 100644 --- a/2024/CVE-2024-1507.md +++ b/2024/CVE-2024-1507.md @@ -10,7 +10,7 @@ The Prime Slider – Addons For Elementor plugin for WordPress is vulnerable to ### POC #### Reference -No PoCs from references. +- https://www.wordfence.com/threat-intel/vulnerabilities/id/09f2cb22-07e2-4fe5-8c2a-9d4420ee26ed?source=cve #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-21775.md b/2024/CVE-2024-21775.md index f8d0228f88..2cb7db6042 100644 --- a/2024/CVE-2024-21775.md +++ b/2024/CVE-2024-21775.md @@ -1,7 +1,7 @@ ### [CVE-2024-21775](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21775) ![](https://img.shields.io/static/v1?label=Product&message=Exchange%20Reporter%20Plus&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) -![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20SQL%20Command%20('SQL%20Injection')&color=brighgreen) ### Description diff --git a/2024/CVE-2024-27310.md b/2024/CVE-2024-27310.md index d7e59c10aa..c15d279595 100644 --- a/2024/CVE-2024-27310.md +++ b/2024/CVE-2024-27310.md @@ -1,7 +1,7 @@ ### [CVE-2024-27310](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27310) ![](https://img.shields.io/static/v1?label=Product&message=ADSelfService%20Plus&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=0%3C%206401%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-400%20Uncontrolled%20Resource%20Consumption&color=brighgreen) ### Description diff --git a/2024/CVE-2024-2961.md b/2024/CVE-2024-2961.md index 48bac6bab0..79d1d167e4 100644 --- a/2024/CVE-2024-2961.md +++ b/2024/CVE-2024-2961.md @@ -27,5 +27,6 @@ No PoCs from references. - https://github.com/tanjiti/sec_profile - https://github.com/tarlepp/links-of-the-week - https://github.com/testing-felickz/docker-scout-demo +- https://github.com/wjlin0/wjlin0 - https://github.com/zhaoxiaoha/github-trending diff --git a/2024/CVE-2024-3288.md b/2024/CVE-2024-3288.md new file mode 100644 index 0000000000..8d57624b35 --- /dev/null +++ b/2024/CVE-2024-3288.md @@ -0,0 +1,17 @@ +### [CVE-2024-3288](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3288) +![](https://img.shields.io/static/v1?label=Product&message=Logo%20Slider%20&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=0%3C%204.0.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Cross-Site%20Scripting%20(XSS)&color=brighgreen) + +### Description + +The Logo Slider WordPress plugin before 4.0.0 does not validate and escape some of its Slider Settings before outputting them back in attributes, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks + +### POC + +#### Reference +- https://wpscan.com/vulnerability/4ef99f54-68df-4353-8fc0-9b09ac0df7ba/ + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-3592.md b/2024/CVE-2024-3592.md new file mode 100644 index 0000000000..37cc5e8c4d --- /dev/null +++ b/2024/CVE-2024-3592.md @@ -0,0 +1,17 @@ +### [CVE-2024-3592](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3592) +![](https://img.shields.io/static/v1?label=Product&message=Quiz%20and%20Survey%20Master%20(QSM)%20%E2%80%93%20Easy%20Quiz%20and%20Survey%20Maker&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%209.0.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20SQL%20Command%20('SQL%20Injection')&color=brighgreen) + +### Description + +The Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress plugin for WordPress is vulnerable to SQL Injection via the 'question_id' parameter in all versions up to, and including, 9.0.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-4042.md b/2024/CVE-2024-4042.md new file mode 100644 index 0000000000..2c2ad25a44 --- /dev/null +++ b/2024/CVE-2024-4042.md @@ -0,0 +1,17 @@ +### [CVE-2024-4042](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4042) +![](https://img.shields.io/static/v1?label=Product&message=Gutenberg%20Blocks%2C%20Page%20Builder%20%E2%80%93%20ComboBlocks&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%202.2.80%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen) + +### Description + +The Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel – Combo Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class' attribute of the menu-wrap-item block in all versions up to, and including, 2.2.80 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-4354.md b/2024/CVE-2024-4354.md new file mode 100644 index 0000000000..54d9d58d10 --- /dev/null +++ b/2024/CVE-2024-4354.md @@ -0,0 +1,17 @@ +### [CVE-2024-4354](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4354) +![](https://img.shields.io/static/v1?label=Product&message=TablePress%20%E2%80%93%20Tables%20in%20WordPress%20made%20easy&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%202.3.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-918%20Server-Side%20Request%20Forgery%20(SSRF)&color=brighgreen) + +### Description + +The TablePress – Tables in WordPress made easy plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.3 via the get_files_to_import() function. This makes it possible for authenticated attackers, with author-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. Due to the complex nature of protecting against DNS rebind attacks in WordPress software, we settled on the developer simply restricting the usage of the URL import functionality to just administrators. While this is not optimal, we feel this poses a minimal risk to most site owners and ideally WordPress core would correct this issue in wp_safe_remote_get() and other functions. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-4451.md b/2024/CVE-2024-4451.md new file mode 100644 index 0000000000..918d793f05 --- /dev/null +++ b/2024/CVE-2024-4451.md @@ -0,0 +1,17 @@ +### [CVE-2024-4451](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4451) +![](https://img.shields.io/static/v1?label=Product&message=Colibri%20Page%20Builder&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%201.0.276%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen) + +### Description + +The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's colibri_video_player shortcode in all versions up to, and including, 1.0.276 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-4488.md b/2024/CVE-2024-4488.md new file mode 100644 index 0000000000..1dd9d7923d --- /dev/null +++ b/2024/CVE-2024-4488.md @@ -0,0 +1,17 @@ +### [CVE-2024-4488](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4488) +![](https://img.shields.io/static/v1?label=Product&message=Royal%20Elementor%20Addons%20and%20Templates&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%201.3.976%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen) + +### Description + +The Royal Elementor Addons and Templates for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘inline_list’ parameter in versions up to, and including, 1.3.976 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-4489.md b/2024/CVE-2024-4489.md new file mode 100644 index 0000000000..1c0e14f40e --- /dev/null +++ b/2024/CVE-2024-4489.md @@ -0,0 +1,17 @@ +### [CVE-2024-4489](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4489) +![](https://img.shields.io/static/v1?label=Product&message=Royal%20Elementor%20Addons%20and%20Templates&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%201.3.976%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen) + +### Description + +The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘custom_upload_mimes’ function in versions up to, and including, 1.3.976 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-4620.md b/2024/CVE-2024-4620.md new file mode 100644 index 0000000000..c711a7e75d --- /dev/null +++ b/2024/CVE-2024-4620.md @@ -0,0 +1,17 @@ +### [CVE-2024-4620](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4620) +![](https://img.shields.io/static/v1?label=Product&message=ARForms%20-%20Premium%20WordPress%20Form%20Builder%20Plugin&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=0%3C%206.6%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-94%20Improper%20Control%20of%20Generation%20of%20Code%20('Code%20Injection')&color=brighgreen) + +### Description + +The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.6 allows unauthenticated users to modify uploaded files in such a way that PHP code can be uploaded when an upload file input is included on a form + +### POC + +#### Reference +- https://wpscan.com/vulnerability/dc34dc2d-d5a1-4e28-8507-33f659ead647/ + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-4621.md b/2024/CVE-2024-4621.md new file mode 100644 index 0000000000..dc004c77df --- /dev/null +++ b/2024/CVE-2024-4621.md @@ -0,0 +1,17 @@ +### [CVE-2024-4621](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4621) +![](https://img.shields.io/static/v1?label=Product&message=ARForms%20-%20Premium%20WordPress%20Form%20Builder%20Plugin&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=0%3C%206.6%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Cross-Site%20Scripting%20(XSS)&color=brighgreen) + +### Description + +The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) + +### POC + +#### Reference +- https://wpscan.com/vulnerability/33a366d9-6c81-4957-a101-768487aae735/ + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-4756.md b/2024/CVE-2024-4756.md new file mode 100644 index 0000000000..6ccdd4c4e1 --- /dev/null +++ b/2024/CVE-2024-4756.md @@ -0,0 +1,17 @@ +### [CVE-2024-4756](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4756) +![](https://img.shields.io/static/v1?label=Product&message=WP%20Backpack&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Cross-Site%20Scripting%20(XSS)&color=brighgreen) + +### Description + +The WP Backpack WordPress plugin through 2.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) + +### POC + +#### Reference +- https://wpscan.com/vulnerability/ce4688b6-6713-43b5-aa63-8a3b036bd332/ + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-5003.md b/2024/CVE-2024-5003.md new file mode 100644 index 0000000000..f543e68b5b --- /dev/null +++ b/2024/CVE-2024-5003.md @@ -0,0 +1,18 @@ +### [CVE-2024-5003](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5003) +![](https://img.shields.io/static/v1?label=Product&message=WP%20Stacker&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-352%20Cross-Site%20Request%20Forgery%20(CSRF)&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Cross-Site%20Scripting%20(XSS)&color=brighgreen) + +### Description + +The WP Stacker WordPress plugin through 1.8.5 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack + +### POC + +#### Reference +- https://wpscan.com/vulnerability/1d7d0372-bbc5-40b2-a668-253c819415c4/ + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/github.txt b/github.txt index 97553a41ce..bbdabe3908 100644 --- a/github.txt +++ b/github.txt @@ -107,6 +107,7 @@ CVE-1999-0898 - https://github.com/clearbluejar/cve-markdown-charts CVE-1999-0899 - https://github.com/clearbluejar/cve-markdown-charts CVE-1999-1010 - https://github.com/phx/cvescan CVE-1999-1057 - https://github.com/joscanoga/Reto-python-CRM +CVE-1999-1060 - https://github.com/cmilanf/docker-tetrinetx CVE-1999-1115 - https://github.com/joscanoga/Reto-python-CRM CVE-1999-1122 - https://github.com/joscanoga/Reto-python-CRM CVE-1999-1197 - https://github.com/joscanoga/Reto-python-CRM @@ -6940,6 +6941,7 @@ CVE-2011-2523 - https://github.com/slxwzk/slxwzkBotnet CVE-2011-2523 - https://github.com/sponkmonk/Ladon_english_update CVE-2011-2523 - https://github.com/sunzu94/vsftpd_2.3.4_Exploit CVE-2011-2523 - https://github.com/tarikemal/exploit-ftp-samba +CVE-2011-2523 - https://github.com/thanawut2903/Port-21-tcp-vsftpd-2.3.4-exploit CVE-2011-2523 - https://github.com/vaishnavucv/CVE-2011-2523 CVE-2011-2523 - https://github.com/vasanth-tamil/ctf-writeups CVE-2011-2523 - https://github.com/vmmaltsev/13.1 @@ -8200,6 +8202,7 @@ CVE-2012-1734 - https://github.com/Live-Hack-CVE/CVE-2012-1734 CVE-2012-1756 - https://github.com/Live-Hack-CVE/CVE-2012-1756 CVE-2012-1757 - https://github.com/Live-Hack-CVE/CVE-2012-1757 CVE-2012-1823 - https://github.com/0xl0k1/CVE-2012-1823 +CVE-2012-1823 - https://github.com/0xsyr0/OSCP CVE-2012-1823 - https://github.com/1060275195/Covid-v2-Botnet CVE-2012-1823 - https://github.com/404tk/lazyscan CVE-2012-1823 - https://github.com/ARPSyndicate/cvemon @@ -8254,6 +8257,7 @@ CVE-2012-1856 - https://github.com/houjingyi233/office-exploit-case-study CVE-2012-1856 - https://github.com/qiantu88/office-cve CVE-2012-1876 - https://github.com/ExploitCN/CVE-2012-1876-win7_x86_and_win7x64 CVE-2012-1876 - https://github.com/WizardVan/CVE-2012-1876 +CVE-2012-1876 - https://github.com/ernestang98/win-exploits CVE-2012-1876 - https://github.com/migraine-sudo/Arsenal CVE-2012-1876 - https://github.com/ricew4ng/BrowserSecurity CVE-2012-1876 - https://github.com/ser4wang/BrowserSecurity @@ -10385,6 +10389,7 @@ CVE-2013-3900 - https://github.com/The-Education-and-Skills-Partnership/WinVerif CVE-2013-3900 - https://github.com/ellikt1/Vulnerability-Assessment CVE-2013-3900 - https://github.com/florylsk/SignatureGate CVE-2013-3900 - https://github.com/hiba-ahmad1/NessusVulnManagement +CVE-2013-3900 - https://github.com/hibahmad30/NessusVulnManagement CVE-2013-3900 - https://github.com/izj007/wechat CVE-2013-3900 - https://github.com/jason-klein/signed-nsis-exe-append-payload CVE-2013-3900 - https://github.com/lau1010/Packer_VMware_Win19_UEFI_secure_boot_with_Updates @@ -11144,6 +11149,7 @@ CVE-2014-0118 - https://github.com/smabramov/Vulnerabilities-and-attacks-on-info CVE-2014-0118 - https://github.com/zzzWTF/db-13-01 CVE-2014-0130 - https://github.com/Ostorlab/KEV CVE-2014-0130 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +CVE-2014-0130 - https://github.com/bibin-paul-trustme/ruby_repo CVE-2014-0130 - https://github.com/jasnow/585-652-ruby-advisory-db CVE-2014-0130 - https://github.com/omarkurt/cve-2014-0130 CVE-2014-0130 - https://github.com/rubysec/ruby-advisory-db @@ -11158,6 +11164,7 @@ CVE-2014-0141 - https://github.com/auditt7708/rhsecapi CVE-2014-0144 - https://github.com/Live-Hack-CVE/CVE-2014-0144 CVE-2014-0147 - https://github.com/Live-Hack-CVE/CVE-2014-0147 CVE-2014-0148 - https://github.com/Live-Hack-CVE/CVE-2014-0148 +CVE-2014-0160 - https://github.com/00xNetrunner/Shodan_Cheet-Sheet CVE-2014-0160 - https://github.com/0day404/vulnerability-poc CVE-2014-0160 - https://github.com/0x0d3ad/Kn0ck CVE-2014-0160 - https://github.com/0x90/CVE-2014-0160 @@ -11813,6 +11820,7 @@ CVE-2014-0221 - https://github.com/chnzzh/OpenSSL-CVE-lib CVE-2014-0221 - https://github.com/hrbrmstr/internetdb CVE-2014-0221 - https://github.com/jumanjihouse/oval CVE-2014-0221 - https://github.com/jumanjihouse/wormhole +CVE-2014-0224 - https://github.com/00xNetrunner/Shodan_Cheet-Sheet CVE-2014-0224 - https://github.com/0nopnop/qualysparser CVE-2014-0224 - https://github.com/1N3/MassBleed CVE-2014-0224 - https://github.com/84KaliPleXon3/a2sv @@ -12070,6 +12078,7 @@ CVE-2014-1203 - https://github.com/ARPSyndicate/kenzer-templates CVE-2014-1234 - https://github.com/Haifisch/dayswithoutansslexploit CVE-2014-1234 - https://github.com/fhightower/ioc-finder CVE-2014-1234 - https://github.com/guilhermeG23/manual_suricata_simples +CVE-2014-1234 - https://github.com/xssec/xshodan CVE-2014-12345 - https://github.com/lauravoicu/Vulnerabilities CVE-2014-123456 - https://github.com/ARPSyndicate/cvemon CVE-2014-123456 - https://github.com/openvex/spec @@ -13608,6 +13617,7 @@ CVE-2014-6071 - https://github.com/PentestinGxRoot/pysploit CVE-2014-6195 - https://github.com/Live-Hack-CVE/CVE-2014-6195 CVE-2014-6230 - https://github.com/Live-Hack-CVE/CVE-2014-6230 CVE-2014-6230 - https://github.com/lesterchan/wp-ban +CVE-2014-6271 - https://github.com/00xNetrunner/Shodan_Cheet-Sheet CVE-2014-6271 - https://github.com/0bfxgh0st/cve-2014-6271 CVE-2014-6271 - https://github.com/0x00-0x00/CVE-2014-6271 CVE-2014-6271 - https://github.com/0x0d3ad/Kn0ck @@ -13947,6 +13957,7 @@ CVE-2014-6271 - https://github.com/foobarto/redteam-notebook CVE-2014-6271 - https://github.com/francisck/shellshock-cgi CVE-2014-6271 - https://github.com/fxschaefer/ejpt CVE-2014-6271 - https://github.com/gabemarshall/shocknaww +CVE-2014-6271 - https://github.com/gauss77/LaboratoriosHack CVE-2014-6271 - https://github.com/ghoneycutt/puppet-module-cve CVE-2014-6271 - https://github.com/gipi/cve-cemetery CVE-2014-6271 - https://github.com/giterlizzi/secdb-feeds @@ -14121,6 +14132,7 @@ CVE-2014-6271 - https://github.com/ricedu/bash-4.2-patched CVE-2014-6271 - https://github.com/riikunn1004/oscp-cheatsheet CVE-2014-6271 - https://github.com/rjdj0261/-Awesome-Hacking- CVE-2014-6271 - https://github.com/rmetzler/ansible-shellshock-fix +CVE-2014-6271 - https://github.com/rodolfomarianocy/OSCP-Tricks-2023 CVE-2014-6271 - https://github.com/roninAPT/pentest-kit CVE-2014-6271 - https://github.com/rrmomaya2900/0dayWriteup-THM CVE-2014-6271 - https://github.com/rrreeeyyy/cve-2014-6271-spec @@ -14624,11 +14636,13 @@ CVE-2014-7809 - https://github.com/tmpgit3000/victims CVE-2014-7809 - https://github.com/victims/maven-security-versions CVE-2014-7816 - https://github.com/ilmila/J2EEScan CVE-2014-7816 - https://github.com/ronoski/j2ee-rscan +CVE-2014-7818 - https://github.com/bibin-paul-trustme/ruby_repo CVE-2014-7818 - https://github.com/jasnow/585-652-ruby-advisory-db CVE-2014-7818 - https://github.com/rubysec/ruby-advisory-db CVE-2014-7818 - https://github.com/tdunning/github-advisory-parser CVE-2014-7818 - https://github.com/zhangyongbo100/-Ruby-dl-handle.c-CVE-2009-5147- CVE-2014-7819 - https://github.com/tdunning/github-advisory-parser +CVE-2014-7829 - https://github.com/bibin-paul-trustme/ruby_repo CVE-2014-7829 - https://github.com/jasnow/585-652-ruby-advisory-db CVE-2014-7829 - https://github.com/rubysec/ruby-advisory-db CVE-2014-7829 - https://github.com/zhangyongbo100/-Ruby-dl-handle.c-CVE-2009-5147- @@ -15992,6 +16006,7 @@ CVE-2015-1635 - https://github.com/20142995/pocsuite3 CVE-2015-1635 - https://github.com/ACIC-Africa/metasploitable3 CVE-2015-1635 - https://github.com/ARPSyndicate/cvemon CVE-2015-1635 - https://github.com/Aquilao/Toy-Box +CVE-2015-1635 - https://github.com/Cappricio-Securities/CVE-2015-1635 CVE-2015-1635 - https://github.com/H3xL00m/CVE-2015-1635 CVE-2015-1635 - https://github.com/H3xL00m/CVE-2015-1635-POC CVE-2015-1635 - https://github.com/Olysyan/MSS @@ -16795,6 +16810,7 @@ CVE-2015-3104 - https://github.com/ARPSyndicate/cvemon CVE-2015-3104 - https://github.com/BLACKHAT-SSG/EXP-401-OSEE CVE-2015-3104 - https://github.com/HaifeiLi/HardenFlash CVE-2015-3104 - https://github.com/PwnAwan/EXP-401-OSEE +CVE-2015-3104 - https://github.com/ernestang98/win-exploits CVE-2015-3104 - https://github.com/gscamelo/OSEE CVE-2015-3105 - https://github.com/ARPSyndicate/cvemon CVE-2015-3105 - https://github.com/Advisory-Emulations/APT-37 @@ -17009,6 +17025,7 @@ CVE-2015-3306 - https://github.com/davidtavarez/CVE-2015-3306 CVE-2015-3306 - https://github.com/developer3000S/PoC-in-GitHub CVE-2015-3306 - https://github.com/ebantula/eHacking_LABS CVE-2015-3306 - https://github.com/firatesatoglu/shodanSearch +CVE-2015-3306 - https://github.com/gauss77/LaboratoriosHack CVE-2015-3306 - https://github.com/hackarada/cve-2015-3306 CVE-2015-3306 - https://github.com/hectorgie/PoC-in-GitHub CVE-2015-3306 - https://github.com/hktalent/TOP @@ -17426,6 +17443,7 @@ CVE-2015-4495 - https://github.com/vincd/CVE-2015-4495 CVE-2015-4499 - https://github.com/ARPSyndicate/cvemon CVE-2015-4519 - https://github.com/ARPSyndicate/cvemon CVE-2015-4553 - https://github.com/ARPSyndicate/cvemon +CVE-2015-4582 - https://github.com/dinosn/weblogic CVE-2015-4582 - https://github.com/safe6Sec/wlsEnv CVE-2015-4588 - https://github.com/andir/nixos-issue-db-example CVE-2015-4590 - https://github.com/mrash/afl-cve @@ -18419,6 +18437,7 @@ CVE-2015-6673 - https://github.com/andir/nixos-issue-db-example CVE-2015-6748 - https://github.com/ARPSyndicate/cvemon CVE-2015-6748 - https://github.com/Anonymous-Phunter/PHunter CVE-2015-6748 - https://github.com/CGCL-codes/PHunter +CVE-2015-6748 - https://github.com/epicosy/VUL4J-59 CVE-2015-6749 - https://github.com/andir/nixos-issue-db-example CVE-2015-6755 - https://github.com/ARPSyndicate/cvemon CVE-2015-6755 - https://github.com/lnick2023/nicenice @@ -18898,6 +18917,7 @@ CVE-2015-7575 - https://github.com/ARPSyndicate/cvemon CVE-2015-7575 - https://github.com/RedHatSatellite/satellite-host-cve CVE-2015-7575 - https://github.com/igurel/cryptography-101 CVE-2015-7576 - https://github.com/ARPSyndicate/cvemon +CVE-2015-7576 - https://github.com/bibin-paul-trustme/ruby_repo CVE-2015-7576 - https://github.com/jasnow/585-652-ruby-advisory-db CVE-2015-7576 - https://github.com/rubysec/ruby-advisory-db CVE-2015-7576 - https://github.com/zhangyongbo100/-Ruby-dl-handle.c-CVE-2009-5147- @@ -18906,6 +18926,7 @@ CVE-2015-7578 - https://github.com/ARPSyndicate/cvemon CVE-2015-7579 - https://github.com/ARPSyndicate/cvemon CVE-2015-7580 - https://github.com/ARPSyndicate/cvemon CVE-2015-7581 - https://github.com/ARPSyndicate/cvemon +CVE-2015-7581 - https://github.com/bibin-paul-trustme/ruby_repo CVE-2015-7581 - https://github.com/jasnow/585-652-ruby-advisory-db CVE-2015-7581 - https://github.com/rubysec/ruby-advisory-db CVE-2015-7581 - https://github.com/zhangyongbo100/-Ruby-dl-handle.c-CVE-2009-5147- @@ -19949,6 +19970,7 @@ CVE-2016-0108 - https://github.com/ARPSyndicate/cvemon CVE-2016-0117 - https://github.com/0xCyberY/CVE-T4PDF CVE-2016-0117 - https://github.com/ARPSyndicate/cvemon CVE-2016-0117 - https://github.com/datntsec/WINDOWS-10-SEGMENT-HEAP-INTERNALS +CVE-2016-0117 - https://github.com/ernestang98/win-exploits CVE-2016-0118 - https://github.com/0xCyberY/CVE-T4PDF CVE-2016-0118 - https://github.com/ARPSyndicate/cvemon CVE-2016-0122 - https://github.com/ARPSyndicate/cvemon @@ -20333,6 +20355,7 @@ CVE-2016-0749 - https://github.com/ARPSyndicate/cvemon CVE-2016-0749 - https://github.com/kn0630/vulssimulator_ds CVE-2016-0750 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2016-0751 - https://github.com/ARPSyndicate/cvemon +CVE-2016-0751 - https://github.com/bibin-paul-trustme/ruby_repo CVE-2016-0751 - https://github.com/jasnow/585-652-ruby-advisory-db CVE-2016-0751 - https://github.com/rubysec/ruby-advisory-db CVE-2016-0751 - https://github.com/vulsio/go-cve-dictionary @@ -20342,6 +20365,7 @@ CVE-2016-0752 - https://github.com/CoolerVoid/master_librarian CVE-2016-0752 - https://github.com/NzKoff/shift_summer_2019 CVE-2016-0752 - https://github.com/Ostorlab/KEV CVE-2016-0752 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +CVE-2016-0752 - https://github.com/bibin-paul-trustme/ruby_repo CVE-2016-0752 - https://github.com/dachidahu/CVE-2016-0752 CVE-2016-0752 - https://github.com/forced-request/rails-rce-cve-2016-0752 CVE-2016-0752 - https://github.com/jasnow/585-652-ruby-advisory-db @@ -26577,6 +26601,7 @@ CVE-2016-5649 - https://github.com/ARPSyndicate/kenzer-templates CVE-2016-5669 - https://github.com/ARPSyndicate/cvemon CVE-2016-5669 - https://github.com/chnzzh/OpenSSL-CVE-lib CVE-2016-5673 - https://github.com/0x3a/stargate +CVE-2016-5678 - https://github.com/xssec/xshodan CVE-2016-5679 - https://github.com/ARPSyndicate/cvemon CVE-2016-5680 - https://github.com/ARPSyndicate/cvemon CVE-2016-5682 - https://github.com/ARPSyndicate/cvemon @@ -31394,7 +31419,10 @@ CVE-2017-1002102 - https://github.com/hacking-kubernetes/hacking-kubernetes.info CVE-2017-1002150 - https://github.com/ARPSyndicate/cvemon CVE-2017-1002157 - https://github.com/ARPSyndicate/cvemon CVE-2017-1002999 - https://github.com/CVEProject/cvelist +CVE-2017-1002999 - https://github.com/CVEProject/cvelist-dev +CVE-2017-1002999 - https://github.com/CVEProject/cvelist-int CVE-2017-1002999 - https://github.com/dims/cvelist-public +CVE-2017-1002999 - https://github.com/jpattrendmicro/cvelist CVE-2017-1002999 - https://github.com/mpmiller37/nvdTest CVE-2017-1002999 - https://github.com/nvdgit/nvdTest CVE-2017-10033 - https://github.com/ARPSyndicate/cvemon @@ -32855,6 +32883,7 @@ CVE-2017-12424 - https://github.com/yfoelling/yair CVE-2017-12426 - https://github.com/sm-paul-schuette/CVE-2017-12426 CVE-2017-12427 - https://github.com/zhouat/poc_IM CVE-2017-12439 - https://github.com/ret2eax/ret2eax +CVE-2017-1244 - https://github.com/markuschaaf/minidjvu CVE-2017-12441 - https://github.com/andir/nixos-issue-db-example CVE-2017-12442 - https://github.com/andir/nixos-issue-db-example CVE-2017-12443 - https://github.com/andir/nixos-issue-db-example @@ -36972,6 +37001,7 @@ CVE-2017-4901 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-4901 - https://github.com/xiaoZ-hc/redtool CVE-2017-4901 - https://github.com/yut0u/RedTeam-BlackBox CVE-2017-4905 - https://github.com/ARPSyndicate/cvemon +CVE-2017-4905 - https://github.com/ernestang98/win-exploits CVE-2017-4914 - https://github.com/ARPSyndicate/cvemon CVE-2017-4914 - https://github.com/lnick2023/nicenice CVE-2017-4914 - https://github.com/qazbnm456/awesome-cve-poc @@ -38714,6 +38744,7 @@ CVE-2017-6079 - https://github.com/MostafaSoliman/CVE-2017-6079-Blind-Command-In CVE-2017-6079 - https://github.com/Ondrik8/byPass_AV CVE-2017-6090 - https://github.com/ARPSyndicate/cvemon CVE-2017-6090 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2017-6090 - https://github.com/asaotomo/FofaMap CVE-2017-6090 - https://github.com/jlk/exploit-CVE-2017-6090 CVE-2017-6095 - https://github.com/El-Palomo/SYMFONOS CVE-2017-6095 - https://github.com/VTFoundation/vulnerablewp @@ -48811,6 +48842,7 @@ CVE-2018-17463 - https://github.com/Ostorlab/KEV CVE-2018-17463 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors CVE-2018-17463 - https://github.com/Uniguri/CVE-1day CVE-2018-17463 - https://github.com/changelog2020/JSEChalls +CVE-2018-17463 - https://github.com/ernestang98/win-exploits CVE-2018-17463 - https://github.com/hwiwonl/dayone CVE-2018-17463 - https://github.com/jhalon/CVE-2018-17463 CVE-2018-17463 - https://github.com/kdmarti2/CVE-2018-17463 @@ -50013,6 +50045,7 @@ CVE-2018-20250 - https://github.com/eastmountyxz/CVE-2018-20250-WinRAR CVE-2018-20250 - https://github.com/eastmountyxz/NetworkSecuritySelf-study CVE-2018-20250 - https://github.com/eastmountyxz/SystemSecurity-ReverseAnalysis CVE-2018-20250 - https://github.com/githuberxu/Safety-Books +CVE-2018-20250 - https://github.com/gnusec/soapffzblogposts_backup CVE-2018-20250 - https://github.com/googleprojectzero/winafl CVE-2018-20250 - https://github.com/gyaansastra/Red-Team-Toolkit CVE-2018-20250 - https://github.com/hardik05/winafl-powermopt @@ -56226,6 +56259,7 @@ CVE-2018-9919 - https://github.com/SexyBeast233/SecBooks CVE-2018-9926 - https://github.com/anquanquantao/iwantacve CVE-2018-9927 - https://github.com/anquanquantao/iwantacve CVE-2018-9948 - https://github.com/0xT11/CVE-POC +CVE-2018-9948 - https://github.com/ernestang98/win-exploits CVE-2018-9948 - https://github.com/hectorgie/PoC-in-GitHub CVE-2018-9948 - https://github.com/manojcode/Foxit-Reader-RCE-with-virualalloc-and-shellcode-for-CVE-2018-9948-and-CVE-2018-9958 CVE-2018-9948 - https://github.com/orangepirate/cve-2018-9948-9958-exp @@ -56237,6 +56271,7 @@ CVE-2018-9951 - https://github.com/hectorgie/PoC-in-GitHub CVE-2018-9951 - https://github.com/sharmasandeepkr/cve-2018-9951 CVE-2018-9958 - https://github.com/0xT11/CVE-POC CVE-2018-9958 - https://github.com/ARPSyndicate/cvemon +CVE-2018-9958 - https://github.com/ernestang98/win-exploits CVE-2018-9958 - https://github.com/hectorgie/PoC-in-GitHub CVE-2018-9958 - https://github.com/manojcode/Foxit-Reader-RCE-with-virualalloc-and-shellcode-for-CVE-2018-9948-and-CVE-2018-9958 CVE-2018-9958 - https://github.com/t3rabyt3-zz/CVE-2018-9958--Exploit @@ -56785,6 +56820,7 @@ CVE-2019-0567 - https://github.com/ARPSyndicate/cvemon CVE-2019-0567 - https://github.com/EanNewton/Awesome-Reading-List CVE-2019-0567 - https://github.com/NatteeSetobol/Chakra-CVE-2019-0567 CVE-2019-0567 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2019-0567 - https://github.com/ernestang98/win-exploits CVE-2019-0567 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-0567 - https://github.com/lnick2023/nicenice CVE-2019-0567 - https://github.com/nomi-sec/PoC-in-GitHub @@ -62446,6 +62482,7 @@ CVE-2019-11358 - https://github.com/harshidk/Millenium-Falcons2022-2023NEW CVE-2019-11358 - https://github.com/harshidk/MilleniumFalcons2022-2023OLD CVE-2019-11358 - https://github.com/harshidk/viperftclibrary-cpp CVE-2019-11358 - https://github.com/hashgupta/StaticDischargeCode +CVE-2019-11358 - https://github.com/hatchetAx/14887FTC CVE-2019-11358 - https://github.com/hatchetAxing/14887FTC CVE-2019-11358 - https://github.com/heatedmonkeytrousers/powerplay CVE-2019-11358 - https://github.com/heavydriver/ftc_jasper @@ -65621,6 +65658,7 @@ CVE-2019-13764 - https://github.com/Kiprey/Skr_Learning CVE-2019-13764 - https://github.com/KotenAngered/ZTE-Blade-A5-2019-Nae-Nae-List CVE-2019-13764 - https://github.com/OpposedDeception/ZTE-Blade-A5-2019-Nae-Nae-List CVE-2019-13764 - https://github.com/Self-Study-Committee/Skr_Learning +CVE-2019-13764 - https://github.com/ernestang98/win-exploits CVE-2019-13764 - https://github.com/jfmcoronel/eevee CVE-2019-13764 - https://github.com/sslab-gatech/DIE CVE-2019-13764 - https://github.com/taielab/awesome-hacking-lists @@ -65632,6 +65670,7 @@ CVE-2019-13767 - https://github.com/allpaca/chrome-sbx-db CVE-2019-13768 - https://github.com/ARPSyndicate/cvemon CVE-2019-13768 - https://github.com/ZwCreatePhoton/CVE-2019-5782_CVE-2019-13768 CVE-2019-13768 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2019-13768 - https://github.com/ernestang98/win-exploits CVE-2019-13768 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-13768 - https://github.com/wh1ant/vulnjs CVE-2019-13768 - https://github.com/yuvaly0/exploits @@ -69065,6 +69104,7 @@ CVE-2019-18683 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp CVE-2019-18683 - https://github.com/IdanBanani/Linux-Kernel-VR-Exploitation CVE-2019-18683 - https://github.com/Limesss/cve-2019-18683 CVE-2019-18683 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2019-18683 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2019-18683 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-18683 - https://github.com/kdn111/linux-kernel-exploitation CVE-2019-18683 - https://github.com/khanhdn111/linux-kernel-exploitation @@ -75894,6 +75934,7 @@ CVE-2020-0674 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-0674 - https://github.com/binaryfigments/CVE-2020-0674 CVE-2020-0674 - https://github.com/cyberanand1337x/bug-bounty-2022 CVE-2020-0674 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2020-0674 - https://github.com/ernestang98/win-exploits CVE-2020-0674 - https://github.com/forrest-orr/DoubleStar CVE-2020-0674 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2020-0674 - https://github.com/hectorgie/PoC-in-GitHub @@ -76575,6 +76616,7 @@ CVE-2020-0796 - https://github.com/firatesatoglu/shodanSearch CVE-2020-0796 - https://github.com/gabimarti/SMBScanner CVE-2020-0796 - https://github.com/giterlizzi/secdb-feeds CVE-2020-0796 - https://github.com/githuberxu/Safety-Books +CVE-2020-0796 - https://github.com/gnusec/soapffzblogposts_backup CVE-2020-0796 - https://github.com/h7ml/h7ml CVE-2020-0796 - https://github.com/hack-parthsharma/WinPwn CVE-2020-0796 - https://github.com/halsten/CVE-2020-0796 @@ -83628,6 +83670,7 @@ CVE-2020-16040 - https://github.com/Wi1L-Y/News CVE-2020-16040 - https://github.com/anvbis/chrome_v8_ndays CVE-2020-16040 - https://github.com/anvbis/trivialize CVE-2020-16040 - https://github.com/dongAxis/to_be_a_v8_master +CVE-2020-16040 - https://github.com/ernestang98/win-exploits CVE-2020-16040 - https://github.com/hktalent/bug-bounty CVE-2020-16040 - https://github.com/joydo/CVE-Writeups CVE-2020-16040 - https://github.com/maldev866/ChExp_CVE_2020_16040 @@ -92147,6 +92190,7 @@ CVE-2020-6361 - https://github.com/404notf0und/CVE-Flow CVE-2020-6364 - https://github.com/ARPSyndicate/cvemon CVE-2020-6364 - https://github.com/Onapsis/vulnerability_advisories CVE-2020-6364 - https://github.com/gquere/CVE-2020-6364 +CVE-2020-6368 - https://github.com/ernestang98/win-exploits CVE-2020-6369 - https://github.com/ARPSyndicate/cvemon CVE-2020-6369 - https://github.com/Onapsis/vulnerability_advisories CVE-2020-6371 - https://github.com/Live-Hack-CVE/CVE-2020-6371 @@ -101671,6 +101715,7 @@ CVE-2021-26084 - https://github.com/Reclu3a/CVE-2021-26084-Confluence-OGNL CVE-2021-26084 - https://github.com/S3cur3Th1sSh1t/Pentest-Tools CVE-2021-26084 - https://github.com/SYRTI/POC_to_review CVE-2021-26084 - https://github.com/Sma11New/PocList +CVE-2021-26084 - https://github.com/SummerSec/SpringExploit CVE-2021-26084 - https://github.com/TesterCC/exp_poc_library CVE-2021-26084 - https://github.com/TheclaMcentire/CVE-2021-26084_Confluence CVE-2021-26084 - https://github.com/Threekiii/Awesome-POC @@ -107294,6 +107339,7 @@ CVE-2021-33564 - https://github.com/harsh-bothra/learn365 CVE-2021-33564 - https://github.com/markevans/dragonfly CVE-2021-33564 - https://github.com/mlr0p/CVE-2021-33564 CVE-2021-33564 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-33564 - https://github.com/rodolfomarianocy/OSCP-Tricks-2023 CVE-2021-33564 - https://github.com/soosmile/POC CVE-2021-33564 - https://github.com/trhacknon/Pocingit CVE-2021-33564 - https://github.com/zecool/cve @@ -107780,6 +107826,7 @@ CVE-2021-34473 - https://github.com/Atem1988/Starred CVE-2021-34473 - https://github.com/CVEDB/PoC-List CVE-2021-34473 - https://github.com/CVEDB/awesome-cve-repo CVE-2021-34473 - https://github.com/CVEDB/top +CVE-2021-34473 - https://github.com/Dheerajmadhukar/karma_v2 CVE-2021-34473 - https://github.com/DiedB/caldera-precomp CVE-2021-34473 - https://github.com/FDlucifer/Proxy-Attackchain CVE-2021-34473 - https://github.com/GhostTroops/TOP @@ -110100,6 +110147,7 @@ CVE-2021-38003 - https://github.com/Ostorlab/KEV CVE-2021-38003 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors CVE-2021-38003 - https://github.com/SpiralBL0CK/Chrome-V8-RCE-CVE-2021-38003 CVE-2021-38003 - https://github.com/anvbis/chrome_v8_ndays +CVE-2021-38003 - https://github.com/ernestang98/win-exploits CVE-2021-38003 - https://github.com/kestryix/tisc-2023-writeups CVE-2021-38003 - https://github.com/numencyber/Vulnerability_PoC CVE-2021-38003 - https://github.com/wh1ant/vulnjs @@ -114961,6 +115009,7 @@ CVE-2021-43798 - https://github.com/allblue147/Grafana CVE-2021-43798 - https://github.com/anonymous364872/Rapier_Tool CVE-2021-43798 - https://github.com/apif-review/APIF_tool_2024 CVE-2021-43798 - https://github.com/asaotomo/CVE-2021-43798-Grafana-Exp +CVE-2021-43798 - https://github.com/asaotomo/FofaMap CVE-2021-43798 - https://github.com/aymenbouferroum/CVE-2021-43798_exploit CVE-2021-43798 - https://github.com/b4zinga/Raphael CVE-2021-43798 - https://github.com/bigblackhat/oFx @@ -118719,6 +118768,7 @@ CVE-2022-0148 - https://github.com/ARPSyndicate/kenzer-templates CVE-2022-0148 - https://github.com/Marcuccio/kevin CVE-2022-0149 - https://github.com/ARPSyndicate/cvemon CVE-2022-0149 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2022-0149 - https://github.com/asaotomo/FofaMap CVE-2022-0150 - https://github.com/ARPSyndicate/cvemon CVE-2022-0150 - https://github.com/ARPSyndicate/kenzer-templates CVE-2022-0155 - https://github.com/ARPSyndicate/cvemon @@ -120539,6 +120589,7 @@ CVE-2022-1119 - https://github.com/zecool/cve CVE-2022-1122 - https://github.com/mzs555557/SosReverterbench CVE-2022-1128 - https://github.com/ARPSyndicate/cvemon CVE-2022-1129 - https://github.com/ARPSyndicate/cvemon +CVE-2022-1134 - https://github.com/ernestang98/win-exploits CVE-2022-1137 - https://github.com/ARPSyndicate/cvemon CVE-2022-1138 - https://github.com/ARPSyndicate/cvemon CVE-2022-1139 - https://github.com/ARPSyndicate/cvemon @@ -120830,6 +120881,7 @@ CVE-2022-1388 - https://github.com/SkyBelll/CVE-PoC CVE-2022-1388 - https://github.com/Stonzyy/Exploit-F5-CVE-2022-1388 CVE-2022-1388 - https://github.com/Str1am/my-nuclei-templates CVE-2022-1388 - https://github.com/SudeepaShiranthaka/F5-BIG-IP-Remote-Code-Execution-Vulnerability-CVE-2022-1388-A-Case-Study +CVE-2022-1388 - https://github.com/SummerSec/SpringExploit CVE-2022-1388 - https://github.com/Threekiii/Awesome-POC CVE-2022-1388 - https://github.com/TomArni680/CVE-2022-1388-POC CVE-2022-1388 - https://github.com/TomArni680/CVE-2022-1388-RCE @@ -123902,6 +123954,7 @@ CVE-2022-22947 - https://github.com/SYRTI/POC_to_review CVE-2022-22947 - https://github.com/Sec-Fork/mullet2 CVE-2022-22947 - https://github.com/SiJiDo/CVE-2022-22947 CVE-2022-22947 - https://github.com/Summer177/Spring-Cloud-Gateway-CVE-2022-22947 +CVE-2022-22947 - https://github.com/SummerSec/SpringExploit CVE-2022-22947 - https://github.com/SummerSec/learning-codeql CVE-2022-22947 - https://github.com/Tas9er/SpringCloudGatewayRCE CVE-2022-22947 - https://github.com/Threekiii/Awesome-Exploit @@ -124258,6 +124311,7 @@ CVE-2022-22963 - https://github.com/SealPaPaPa/SpringCloudFunction-Research CVE-2022-22963 - https://github.com/SirElmard/ethical_hacking CVE-2022-22963 - https://github.com/SnailDev/github-hot-hub CVE-2022-22963 - https://github.com/SourM1lk/CVE-2022-22963-Exploit +CVE-2022-22963 - https://github.com/SummerSec/SpringExploit CVE-2022-22963 - https://github.com/Threekiii/Awesome-Exploit CVE-2022-22963 - https://github.com/Threekiii/Awesome-POC CVE-2022-22963 - https://github.com/Threekiii/Awesome-Redteam @@ -124441,6 +124495,7 @@ CVE-2022-22965 - https://github.com/SnailDev/github-hot-hub CVE-2022-22965 - https://github.com/Snip3R69/spring-shell-vuln CVE-2022-22965 - https://github.com/Sparrow-Co-Ltd/real_cve_examples CVE-2022-22965 - https://github.com/SummerSec/BlogPapers +CVE-2022-22965 - https://github.com/SummerSec/SpringExploit CVE-2022-22965 - https://github.com/SummerSec/SummerSec CVE-2022-22965 - https://github.com/TheGejr/SpringShell CVE-2022-22965 - https://github.com/Threekiii/Awesome-Exploit @@ -128152,6 +128207,7 @@ CVE-2022-26134 - https://github.com/CLincat/vulcat CVE-2022-26134 - https://github.com/CatAnnaDev/CVE-2022-26134 CVE-2022-26134 - https://github.com/Chocapikk/CVE-2022-26134 CVE-2022-26134 - https://github.com/ColdFusionX/CVE-2022-26134 +CVE-2022-26134 - https://github.com/CuriousLearnerDev/Full-Scanner CVE-2022-26134 - https://github.com/CyberDonkyx0/CVE-2022-26134 CVE-2022-26134 - https://github.com/DARKSTUFF-LAB/-CVE-2022-26134 CVE-2022-26134 - https://github.com/DallasWmk/censys_takehome @@ -128192,6 +128248,7 @@ CVE-2022-26134 - https://github.com/SYRTI/POC_to_review CVE-2022-26134 - https://github.com/Sakura-nee/CVE-2022-26134 CVE-2022-26134 - https://github.com/SirElmard/ethical_hacking CVE-2022-26134 - https://github.com/StarCrossPortal/scalpel +CVE-2022-26134 - https://github.com/SummerSec/SpringExploit CVE-2022-26134 - https://github.com/Sylon001/Common-tool CVE-2022-26134 - https://github.com/Threekiii/Awesome-POC CVE-2022-26134 - https://github.com/Threekiii/Awesome-Redteam @@ -130507,6 +130564,7 @@ CVE-2022-28737 - https://github.com/vathpela/shim-review CVE-2022-28738 - https://github.com/ARPSyndicate/cvemon CVE-2022-28738 - https://github.com/lifeparticle/Ruby-Cheatsheet CVE-2022-28739 - https://github.com/ARPSyndicate/cvemon +CVE-2022-28739 - https://github.com/bibin-paul-trustme/ruby_repo CVE-2022-28739 - https://github.com/jasnow/585-652-ruby-advisory-db CVE-2022-28739 - https://github.com/lifeparticle/Ruby-Cheatsheet CVE-2022-28739 - https://github.com/rubysec/ruby-advisory-db @@ -141621,6 +141679,7 @@ CVE-2023-20933 - https://github.com/Trinadh465/frameworks_av_CVE-2023-20933 CVE-2023-20933 - https://github.com/hshivhare67/platform_frameworks_av_AOSP10_r33_CVE-2023-20933 CVE-2023-20933 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-20937 - https://github.com/ARPSyndicate/cvemon +CVE-2023-20938 - https://github.com/IamAlch3mist/Awesome-Android-Vulnerability-Research CVE-2023-2094 - https://github.com/1-tong/vehicle_cves CVE-2023-2094 - https://github.com/Vu1nT0tal/Vehicle-Security CVE-2023-2094 - https://github.com/VulnTotal-Team/Vehicle-Security @@ -142464,6 +142523,7 @@ CVE-2023-22743 - https://github.com/ARPSyndicate/cvemon CVE-2023-22743 - https://github.com/KK-Designs/UpdateHub CVE-2023-22792 - https://github.com/ARPSyndicate/cvemon CVE-2023-22794 - https://github.com/ARPSyndicate/cvemon +CVE-2023-22795 - https://github.com/bibin-paul-trustme/ruby_repo CVE-2023-22795 - https://github.com/jasnow/585-652-ruby-advisory-db CVE-2023-22795 - https://github.com/rubysec/ruby-advisory-db CVE-2023-22796 - https://github.com/ARPSyndicate/cvemon @@ -153376,6 +153436,7 @@ CVE-2023-6465 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-6478 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-6481 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-6484 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2023-6491 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-6499 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-6501 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-6505 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -164191,6 +164252,7 @@ CVE-2024-2961 - https://github.com/sampsonv/github-trending CVE-2024-2961 - https://github.com/tanjiti/sec_profile CVE-2024-2961 - https://github.com/tarlepp/links-of-the-week CVE-2024-2961 - https://github.com/testing-felickz/docker-scout-demo +CVE-2024-2961 - https://github.com/wjlin0/wjlin0 CVE-2024-2961 - https://github.com/zhaoxiaoha/github-trending CVE-2024-29637 - https://github.com/SQU4NCH/SQU4NCH CVE-2024-29638 - https://github.com/SQU4NCH/SQU4NCH @@ -165221,6 +165283,7 @@ CVE-2024-32867 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-32872 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-32874 - https://github.com/Sim4n6/Sim4n6 CVE-2024-32879 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-3288 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-32880 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-32884 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-32886 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -165747,6 +165810,7 @@ CVE-2024-35856 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-35857 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-35858 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-35859 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-3592 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-36036 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-36037 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-36049 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -165788,6 +165852,7 @@ CVE-2024-3661 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3661 - https://github.com/giterlizzi/secdb-feeds CVE-2024-3661 - https://github.com/leviathansecurity/TunnelVision CVE-2024-3661 - https://github.com/tanjiti/sec_profile +CVE-2024-36673 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-36795 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3686 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3687 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -165927,6 +165992,7 @@ CVE-2024-4040 - https://github.com/wjlin0/poc-doc CVE-2024-4040 - https://github.com/wy876/POC CVE-2024-4040 - https://github.com/wy876/wiki CVE-2024-4040 - https://github.com/zgimszhd61/cve-exploit-collection-scanner +CVE-2024-4042 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4058 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4059 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4060 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -165996,6 +166062,7 @@ CVE-2024-4346 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4349 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4352 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-4352 - https://github.com/truonghuuphuc/CVE-2024-4352-Poc +CVE-2024-4354 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4357 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4358 - https://github.com/GhostTroops/TOP CVE-2024-4358 - https://github.com/nomi-sec/PoC-in-GitHub @@ -166035,7 +166102,10 @@ CVE-2024-4443 - https://github.com/wy876/POC CVE-2024-4444 - https://github.com/JohnnyBradvo/CVE-2024-4444 CVE-2024-4444 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-4445 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-4451 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4473 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-4488 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-4489 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4493 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4494 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4501 - https://github.com/tanjiti/sec_profile @@ -166067,6 +166137,8 @@ CVE-2024-4559 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4561 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4562 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4568 - https://github.com/bladchan/bladchan +CVE-2024-4577 - https://github.com/0xsyr0/OSCP +CVE-2024-4577 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-4582 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4583 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4584 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -166088,8 +166160,11 @@ CVE-2024-4601 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4603 - https://github.com/chnzzh/OpenSSL-CVE-lib CVE-2024-4603 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4609 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-4610 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4611 - https://github.com/chnzzh/OpenSSL-CVE-lib CVE-2024-4618 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-4620 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-4621 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4622 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4624 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4636 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -166115,6 +166190,7 @@ CVE-2024-4701 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-4702 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4718 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4734 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-4756 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4760 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4761 - https://github.com/dan-mba/python-selenium-news CVE-2024-4761 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -166198,6 +166274,7 @@ CVE-2024-4985 - https://github.com/Ostorlab/KEV CVE-2024-4985 - https://github.com/absholi7ly/Bypass-authentication-GitHub-Enterprise-Server CVE-2024-4998 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4999 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-5003 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5023 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5042 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5044 - https://github.com/tanjiti/sec_profile @@ -166235,17 +166312,24 @@ CVE-2024-5378 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5379 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5380 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5381 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-5382 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5383 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5384 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5385 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5390 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5391 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-54321 - https://github.com/runwuf/clickhouse-test +CVE-2024-5438 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5522 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2024-5542 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5555 - https://github.com/JohnnyBradvo/CVE-2024-5555 CVE-2024-5555 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2024-5599 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-5637 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5678 - https://github.com/Dashrath158/CVE-Management-App-using-Flask CVE-2024-5678 - https://github.com/bergel07/FinalProject +CVE-2024-5733 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-5734 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-6271 - https://github.com/Jokergazaa/zero-click-exploits CVE-2024-65230 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-6666 - https://github.com/JohnnyBradvo/CVE-2024-6666 diff --git a/references.txt b/references.txt index 6e5ba5e7e0..7407804567 100644 --- a/references.txt +++ b/references.txt @@ -87799,6 +87799,7 @@ CVE-2023-0094 - https://wpscan.com/vulnerability/1453471f-164d-4487-a736-8cea086 CVE-2023-0095 - https://wpscan.com/vulnerability/009ca72e-e8fa-4fdc-ab2d-4210f8f4710f CVE-2023-0096 - https://wpscan.com/vulnerability/b28150e7-214b-4bcd-85c0-e819c4223484 CVE-2023-0097 - https://wpscan.com/vulnerability/19379f08-d667-4b1e-a774-0f4a17ad7bff +CVE-2023-0098 - https://wpscan.com/vulnerability/db0b3275-40df-404e-aa8d-53558f0122d8 CVE-2023-0099 - http://packetstormsecurity.com/files/176983/WordPress-Simple-URLs-Cross-Site-Scripting.html CVE-2023-0099 - https://wpscan.com/vulnerability/fd50f2d6-e420-4220-b485-73f33227e8f8 CVE-2023-0106 - https://huntr.dev/bounties/5c0809cb-f4ff-4447-bed6-b5625fb374bb @@ -88160,6 +88161,7 @@ CVE-2023-0820 - https://wpscan.com/vulnerability/b93d9f9d-0fd9-49b8-b465-d32b953 CVE-2023-0823 - https://wpscan.com/vulnerability/83f23a9f-9ace-47d2-a5f3-a4915129b16c CVE-2023-0824 - https://wpscan.com/vulnerability/48a3a542-9130-4524-9d19-ff9eccecb148/ CVE-2023-0827 - https://huntr.dev/bounties/75bc7d07-46a7-4ed9-a405-af4fc47fb422 +CVE-2023-0841 - https://github.com/gpac/gpac/issues/2396 CVE-2023-0841 - https://github.com/qianshuidewajueji/poc/blob/main/gpac/mp3_dmx_process_poc3 CVE-2023-0844 - https://wpscan.com/vulnerability/8d8e5852-3787-47f9-9931-8308bb81beb1 CVE-2023-0848 - https://vuldb.com/?id.221147 @@ -89881,6 +89883,7 @@ CVE-2023-26469 - https://github.com/Orange-Cyberdefense/CVE-repository/tree/mast CVE-2023-2647 - https://github.com/sunyixuan1228/cve/blob/main/weaver%20exec.md CVE-2023-26475 - https://jira.xwiki.org/browse/XWIKI-20360 CVE-2023-2648 - https://github.com/sunyixuan1228/cve/blob/main/weaver.md +CVE-2023-26484 - https://github.com/kubevirt/kubevirt/issues/9109 CVE-2023-26485 - https://github.com/github/cmark-gfm/security/advisories/GHSA-r8vr-c48j-fcc5 CVE-2023-26486 - https://github.com/vega/vega/security/advisories/GHSA-4vq7-882g-wcg4 CVE-2023-26487 - https://github.com/vega/vega/security/advisories/GHSA-w5m3-xh75-mp55 @@ -89942,6 +89945,7 @@ CVE-2023-26750 - https://github.com/yiisoft/yii2/issues/19755#issuecomment-15053 CVE-2023-26750 - https://github.com/yiisoft/yii2/issues/19755#issuecomment-1505560351 CVE-2023-26756 - https://googleinformationsworld.blogspot.com/2023/04/revive-adserver-541-vulnerable-to-brute.html CVE-2023-26756 - https://www.esecforte.com/login-page-brute-force-attack/ +CVE-2023-26756 - https://www.revive-adserver.com/security/response-to-cve-2023-26756/ CVE-2023-26758 - https://www.swascan.com/it/security-advisory-sme-up-erp/ CVE-2023-26759 - https://www.swascan.com/it/security-advisory-sme-up-erp/ CVE-2023-2676 - https://github.com/xinzhihen06/dxq-cve/blob/main/h3cr160.md @@ -90192,6 +90196,7 @@ CVE-2023-27649 - https://github.com/LianKee/SODA/blob/main/CVEs/CVE-2023-27649/C CVE-2023-2765 - https://github.com/eckert-lcc/cve/blob/main/Weaver%20oa.md CVE-2023-2765 - https://vuldb.com/?id.229270 CVE-2023-27651 - https://github.com/LianKee/SODA/blob/main/CVEs/CVE-2023-27651/CVE%20detail.md +CVE-2023-27652 - https://github.com/LianKee/SODA/blob/main/CVEs/CVE-2023-27652/CVE%20detail.md CVE-2023-27655 - https://forum.xpdfreader.com/viewtopic.php?t=42398 CVE-2023-27655 - https://github.com/keepinggg/poc/blob/main/poc_of_xpdf/id2 CVE-2023-27655 - https://github.com/keepinggg/poc/tree/main/poc_of_xpdf @@ -90595,11 +90600,15 @@ CVE-2023-29742 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-2974 CVE-2023-29743 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29743/CVE%20detail.md CVE-2023-29745 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29745/CVE%20detail.md CVE-2023-29746 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29746/CVE%20detail.md +CVE-2023-29747 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29747/CVE%20detail.md CVE-2023-29748 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29748/CVE%20detail.md +CVE-2023-29751 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29751/CVE%20detailed.md CVE-2023-29753 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29753/CVE%20detailed.md CVE-2023-29756 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29756/CVE%20detailed.md +CVE-2023-29758 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29758/CVE%20detailed.md CVE-2023-29759 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29759/CVE%20detailed.md CVE-2023-29766 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29766/CVE%20detailed.md +CVE-2023-29767 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29767/CVE%20detailed.md CVE-2023-29770 - https://github.com/sapplica/sentrifugo/issues/384 CVE-2023-2978 - https://popalltheshells.medium.com/multiple-cves-affecting-pydio-cells-4-2-0-321e7e4712be CVE-2023-2979 - https://popalltheshells.medium.com/multiple-cves-affecting-pydio-cells-4-2-0-321e7e4712be @@ -90933,7 +90942,9 @@ CVE-2023-3146 - https://github.com/Peanut886/Vulnerability/blob/main/webray.com. CVE-2023-31465 - https://github.com/CapgeminiCisRedTeam/Disclosure/blob/main/CVE%20PoC/CVE-2023-31465.md CVE-2023-31466 - https://github.com/CapgeminiCisRedTeam/Disclosure/blob/main/CVE%20PoC/CVE-2023-31466.md CVE-2023-31468 - http://packetstormsecurity.com/files/174268/Inosoft-VisiWin-7-2022-2.1-Insecure-Permissions-Privilege-Escalation.html +CVE-2023-31468 - https://www.cisa.gov/news-events/ics-advisories/icsa-24-151-03 CVE-2023-31468 - https://www.exploit-db.com/exploits/51682 +CVE-2023-31468 - https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-3147 - https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/Online%20Discussion%20Forum%20Site%20-%20multiple%20vulnerabilities.md#7sql-injection-vulnerability-in-admincategoriesview_categoryphp CVE-2023-31471 - https://github.com/gl-inet/CVE-issues/blob/main/3.215/Abuse_of_Functionality_leads_to_RCE.md CVE-2023-31472 - https://github.com/gl-inet/CVE-issues/blob/main/3.215/Arbitrary_File_Creation.md @@ -90950,6 +90961,7 @@ CVE-2023-31489 - https://github.com/FRRouting/frr/issues/13098 CVE-2023-3149 - https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/Online%20Discussion%20Forum%20Site%20-%20multiple%20vulnerabilities.md#4sql-injection-vulnerability-in-adminusermanage_userphp CVE-2023-31490 - https://github.com/FRRouting/frr/issues/13099 CVE-2023-31492 - http://packetstormsecurity.com/files/177091/ManageEngine-ADManager-Plus-Recovery-Password-Disclosure.html +CVE-2023-31492 - https://github.com/passtheticket/vulnerability-research/blob/main/manage-engine-apps/admanager-recovery-password-disclosure.md CVE-2023-31497 - https://github.com/0xInfection/EPScalate CVE-2023-31498 - https://gist.github.com/captain-noob/aff11542477ddd0a92ad8b94ec75f832 CVE-2023-3150 - https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/Online%20Discussion%20Forum%20Site%20-%20multiple%20vulnerabilities.md @@ -91755,6 +91767,7 @@ CVE-2023-36109 - https://github.com/Limesss/CVE-2023-36109/tree/main CVE-2023-36118 - http://packetstormsecurity.com/files/172672/Faculty-Evaluation-System-1.0-Shell-Upload.html CVE-2023-36118 - https://www.chtsecurity.com/news/4ffbe017-70e1-4789-bfe6-4d6fb0d1a0b7 CVE-2023-36119 - https://nvd.nist.gov/vuln/detail/CVE-2023-0527 +CVE-2023-36121 - https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/e107%20v2.3.2.md CVE-2023-36121 - https://www.chtsecurity.com/news/0a4743a5-491e-4685-95ee-df8316ab5284 CVE-2023-36121 - https://www.exploit-db.com/exploits/51449 CVE-2023-36123 - https://github.com/9Bakabaka/CVE-2023-36123 @@ -91845,6 +91858,7 @@ CVE-2023-36630 - https://github.com/yunaranyancat/poc-dump/blob/main/cloudpanel/ CVE-2023-36631 - https://www.bencteux.fr/posts/malwarebytes_wfc/ CVE-2023-36632 - https://github.com/Daybreak2019/PoC_python3.9_Vul/blob/main/RecursionError-email.utils.parseaddr.py CVE-2023-3664 - https://wpscan.com/vulnerability/d59e6eac-3ebf-40e0-800c-8cbef345423f +CVE-2023-36644 - https://github.com/caffeinated-labs/CVE-2023-36644 CVE-2023-3665 - https://kcm.trellix.com/corporate/index?page=content&id=SB10405 CVE-2023-36656 - https://github.com/jaegertracing/jaeger-ui/security/advisories/GHSA-vv24-rm95-q56r CVE-2023-36665 - https://www.code-intelligence.com/blog/cve-protobufjs-prototype-pollution-cve-2023-36665 @@ -92087,12 +92101,16 @@ CVE-2023-37918 - https://github.com/dapr/dapr/security/advisories/GHSA-59m6-82qm CVE-2023-37927 - https://bugprove.com/knowledge-hub/cve-2023-37927-and-cve-2023-37928-multiple-post-auth-blind-os-command-and-python-code-injection-vulnerabilities-in-zyxel-s-nas-326-devices/ CVE-2023-37928 - https://bugprove.com/knowledge-hub/cve-2023-37927-and-cve-2023-37928-multiple-post-auth-blind-os-command-and-python-code-injection-vulnerabilities-in-zyxel-s-nas-326-devices/ CVE-2023-37941 - http://packetstormsecurity.com/files/175094/Apache-Superset-2.0.0-Remote-Code-Execution.html +CVE-2023-3797 - https://github.com/segonse/cve/blob/main/sichuang/sichuang.md CVE-2023-37979 - http://packetstormsecurity.com/files/173983/WordPress-Ninja-Forms-3.6.25-Cross-Site-Scripting.html +CVE-2023-3798 - https://github.com/RCEraser/cve/blob/main/wanjiang.md CVE-2023-37988 - http://packetstormsecurity.com/files/174896/WordPress-Contact-Form-Generator-2.5.5-Cross-Site-Scripting.html CVE-2023-3801 - https://vuldb.com/?id.235069 +CVE-2023-3802 - https://github.com/GUIqizsq/cve/blob/main/upload_1.md CVE-2023-3802 - https://vuldb.com/?id.235070 CVE-2023-38022 - https://jovanbulck.github.io/files/ccs19-tale.pdf CVE-2023-38035 - http://packetstormsecurity.com/files/174643/Ivanti-Sentry-Authentication-Bypass-Remote-Code-Execution.html +CVE-2023-3804 - https://github.com/yueying638/cve/blob/main/upload.md CVE-2023-38043 - https://northwave-cybersecurity.com/vulnerability-notice/arbitrary-kernel-function-call-in-ivanti-secure-access-client CVE-2023-3811 - https://vuldb.com/?id.235079 CVE-2023-38127 - https://talosintelligence.com/vulnerability_reports/TALOS-2023-1808 @@ -92214,6 +92232,12 @@ CVE-2023-38864 - https://github.com/TTY-flag/my_iot_vul/tree/main/COMFAST/CF-XR1 CVE-2023-38865 - https://github.com/TTY-flag/my_iot_vul/tree/main/COMFAST/CF-XR11/Command_Inject5 CVE-2023-38866 - https://github.com/TTY-flag/my_iot_vul/tree/main/COMFAST/CF-XR11/Command_Inject2 CVE-2023-3887 - https://vuldb.com/?id.235249 +CVE-2023-38870 - https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38870 +CVE-2023-38872 - https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38872 +CVE-2023-38874 - https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38874 +CVE-2023-38876 - https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38876 +CVE-2023-38879 - https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38879 +CVE-2023-38882 - https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38882 CVE-2023-38886 - https://akerva.com/wp-content/uploads/2023/09/AKERVA_Security-Advisory_CVE-2023-38886_Dolibarr_RCE-1.pdf CVE-2023-38888 - https://akerva.com/wp-content/uploads/2023/09/AKERVA_Security-Advisory_CVE-2023-38888_Dolibarr_XSS.pdf CVE-2023-38890 - https://github.com/akshadjoshi/CVE-2023-38890 @@ -92238,6 +92262,7 @@ CVE-2023-38969 - https://panda002.hashnode.dev/badaso-version-297-has-an-xss-vul CVE-2023-3897 - http://packetstormsecurity.com/files/177179/SureMDM-On-Premise-CAPTCHA-Bypass-User-Enumeration.html CVE-2023-38970 - https://panda002.hashnode.dev/badaso-version-297-has-an-xss-vulnerability-in-new-member CVE-2023-38971 - https://panda002.hashnode.dev/badaso-version-297-has-xss-vulnerability-in-add-ranks +CVE-2023-38973 - https://github.com/anh91/uasoft-indonesia--badaso/blob/main/xss5.md CVE-2023-38975 - https://github.com/qdrant/qdrant/issues/2268 CVE-2023-38996 - https://gist.github.com/RNPG/53b579da330ba896aa8dc2d901e5e400 CVE-2023-38997 - https://logicaltrust.net/blog/2023/08/opnsense.html @@ -92340,6 +92365,7 @@ CVE-2023-39523 - https://github.com/nexB/scancode.io/security/advisories/GHSA-2g CVE-2023-39534 - https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-fcr6-x23w-94wp CVE-2023-3954 - https://wpscan.com/vulnerability/b463ccbb-2dc1-479f-bc88-becd204b2dc0 CVE-2023-39542 - https://talosintelligence.com/vulnerability_reports/TALOS-2023-1832 +CVE-2023-39551 - https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/Online%20Security%20Guards%20Hiring%20System%201.0.md CVE-2023-39551 - https://www.chtsecurity.com/news/0dbe8e1d-0a6c-4604-9cf1-778ddc86a8c1 CVE-2023-39558 - https://github.com/CapgeminiCisRedTeam/Disclosure/blob/main/CVE%20PoC/CVE-2023-39558.md CVE-2023-39559 - https://github.com/CapgeminiCisRedTeam/Disclosure/blob/main/CVE%20PoC/CVE-2023-39559.md @@ -92462,6 +92488,7 @@ CVE-2023-4022 - https://wpscan.com/vulnerability/c4ac0b19-58b1-4620-b3b7-fbe6dd6 CVE-2023-4023 - https://wpscan.com/vulnerability/682c0226-28bd-4051-830d-8b679626213d CVE-2023-40238 - https://binarly.io/posts/finding_logofail_the_dangers_of_image_parsing_during_system_boot/index.html CVE-2023-40274 - https://github.com/getzola/zola/issues/2257 +CVE-2023-40280 - https://github.com/BugBountyHunterCVE/CVE-2023-40280/blob/main/CVE-2023-40280_Authenticated-Directory-Path-Traversal_OpenClinic-GA_5.247.01_Report.md CVE-2023-40283 - http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSN-0098-1.html CVE-2023-40283 - http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html CVE-2023-40291 - https://autohack.in/2023/07/26/dude-its-my-car-how-to-develop-intimacy-with-your-car/ @@ -92564,6 +92591,7 @@ CVE-2023-41000 - https://github.com/gpac/gpac/issues/2550 CVE-2023-41011 - https://github.com/te5tb99/For-submitting/wiki/Command-Execution-Vulnerability-in-China-Mobile-Intelligent-Home-Gateway-HG6543C4 CVE-2023-41012 - https://github.com/te5tb99/For-submitting/wiki/Command-Execution-Vulnerability-in-China-Mobile-Intelligent-Home-Gateway-HG6543C4-Identity-verification-has-design-flaws CVE-2023-41013 - https://medium.com/@katikitala.sushmitha078/cve-2023-41013-789841dcad91 +CVE-2023-41036 - https://github.com/macvim-dev/macvim/security/advisories/GHSA-9jgj-jfwg-99fv CVE-2023-4104 - https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7110 CVE-2023-41040 - https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c CVE-2023-41041 - https://github.com/Graylog2/graylog2-server/security/advisories/GHSA-3fqm-frhg-7c85 @@ -92606,6 +92634,7 @@ CVE-2023-41316 - https://github.com/tolgee/tolgee-platform/security/advisories/G CVE-2023-41325 - https://github.com/OP-TEE/optee_os/security/advisories/GHSA-jrw7-63cq-7vhm CVE-2023-41330 - https://github.com/KnpLabs/snappy/security/advisories/GHSA-92rv-4j2h-8mjj CVE-2023-41330 - https://github.com/KnpLabs/snappy/security/advisories/GHSA-gq6w-q6wh-jggc +CVE-2023-41334 - https://github.com/astropy/astropy/security/advisories/GHSA-h2x6-5jx5-46hf CVE-2023-41336 - https://symfony.com/bundles/ux-autocomplete/current/index.html#usage-in-a-form-with-ajax CVE-2023-4136 - http://packetstormsecurity.com/files/174304/CrafterCMS-4.0.2-Cross-Site-Scripting.html CVE-2023-41362 - https://blog.sorcery.ie/posts/mybb_acp_rce/ @@ -92615,6 +92644,7 @@ CVE-2023-41387 - https://seredynski.com/articles/exploiting-ios-apps-to-extract- CVE-2023-41425 - https://gist.github.com/prodigiousMind/fc69a79629c4ba9ee88a7ad526043413 CVE-2023-41436 - https://github.com/sromanhu/CSZ-CMS-Stored-XSS---Pages-Content/blob/main/README.md CVE-2023-41442 - https://writeups.ayyappan.me/v/tor-iot-mqtt/ +CVE-2023-41443 - https://github.com/Deng-JunFeng/cve-lists/tree/main/novel-plus/vuln CVE-2023-41444 - https://blog.dru1d.ninja/windows-driver-exploit-development-irec-sys-a5eb45093945 CVE-2023-41444 - https://gist.github.com/dru1d-foofus/1af21179f253879f101c3a8d4f718bf0 CVE-2023-41445 - https://gist.github.com/RNPG/84cac1b949bab0e4c587a668385b052d @@ -92658,6 +92688,7 @@ CVE-2023-41640 - https://github.com/CapgeminiCisRedTeam/Disclosure/blob/main/CVE CVE-2023-41642 - https://github.com/CapgeminiCisRedTeam/Disclosure/blob/f7aafa9fcd4efa30071c7f77d3e9e6b14e92302b/CVE%20PoC/CVE-2023-41642%20%7C%20RealGimm%20%20-%20Reflected%20Cross-site%20Scripting.md CVE-2023-41642 - https://github.com/CapgeminiCisRedTeam/Disclosure/blob/main/CVE%20PoC/CVE-ID%20%7C%20RealGimm%20%20-%20Reflected%20Cross-site%20Scripting.md CVE-2023-41646 - https://github.com/tristao-marinho/CVE-2023-41646/ +CVE-2023-4165 - https://github.com/nagenanhai/cve/blob/main/sql.md CVE-2023-4168 - http://packetstormsecurity.com/files/174015/Adlisting-Classified-Ads-2.14.0-Information-Disclosure.html CVE-2023-4169 - https://vuldb.com/?id.236185 CVE-2023-41703 - http://packetstormsecurity.com/files/177130/OX-App-Suite-7.10.6-Cross-Site-Scirpting-Denial-Of-Service.html @@ -92666,6 +92697,7 @@ CVE-2023-41705 - http://packetstormsecurity.com/files/177130/OX-App-Suite-7.10.6 CVE-2023-41706 - http://packetstormsecurity.com/files/177130/OX-App-Suite-7.10.6-Cross-Site-Scirpting-Denial-Of-Service.html CVE-2023-41707 - http://packetstormsecurity.com/files/177130/OX-App-Suite-7.10.6-Cross-Site-Scirpting-Denial-Of-Service.html CVE-2023-41708 - http://packetstormsecurity.com/files/177130/OX-App-Suite-7.10.6-Cross-Site-Scirpting-Denial-Of-Service.html +CVE-2023-4171 - https://github.com/nagenanhai/cve/blob/main/duqu.md CVE-2023-41710 - http://packetstormsecurity.com/files/176422/OX-App-Suite-7.10.6-Access-Control-Cross-Site-Scripting.html CVE-2023-41717 - https://github.com/federella/CVE-2023-41717 CVE-2023-4172 - https://vuldb.com/?id.236207 @@ -92735,6 +92767,7 @@ CVE-2023-42278 - https://github.com/dromara/hutool/issues/3289 CVE-2023-42282 - https://cosmosofcyberspace.github.io/npm_ip_cve/npm_ip_cve.html CVE-2023-42283 - https://github.com/andreysanyuk/CVE-2023-42283 CVE-2023-42284 - https://github.com/andreysanyuk/CVE-2023-42284 +CVE-2023-42286 - https://github.com/Nacl122/CVEReport/blob/main/CVE-2023-42286/CVE-2023-42286.md CVE-2023-42295 - https://github.com/OpenImageIO/oiio/issues/3947 CVE-2023-42298 - https://github.com/gpac/gpac/issues/2567 CVE-2023-42299 - https://github.com/OpenImageIO/oiio/issues/3840 @@ -93024,6 +93057,7 @@ CVE-2023-44048 - https://github.com/xcodeOn1/xcode0x-CVEs/blob/main/CVE/CVE-2023 CVE-2023-44061 - https://github.com/soundarkutty/File-upload-Restriction-bypass/blob/main/poc.md CVE-2023-4407 - http://packetstormsecurity.com/files/174244/Credit-Lite-1.5.4-SQL-Injection.html CVE-2023-4409 - https://vuldb.com/?id.237512 +CVE-2023-4414 - https://github.com/RCEraser/cve/blob/main/S85F.md CVE-2023-44216 - https://arstechnica.com/security/2023/09/gpus-from-all-major-suppliers-are-vulnerable-to-new-pixel-stealing-attack/ CVE-2023-44216 - https://github.com/UT-Security/gpu-zip CVE-2023-44216 - https://news.ycombinator.com/item?id=37663159 @@ -93032,6 +93066,7 @@ CVE-2023-44216 - https://www.hertzbleed.com/gpu.zip/ CVE-2023-44216 - https://www.hertzbleed.com/gpu.zip/GPU-zip.pdf CVE-2023-4422 - https://huntr.dev/bounties/2e12b773-b6a2-48da-a4bb-55d5d1307d2e CVE-2023-44249 - https://github.com/orangecertcc/security-research/security/advisories/GHSA-x8rp-jfwc-gqqj +CVE-2023-44253 - https://github.com/orangecertcc/security-research/security/advisories/GHSA-25j8-69h7-83h2 CVE-2023-44256 - https://github.com/orangecertcc/security-research/security/advisories/GHSA-2hc5-p5mc-8vrh CVE-2023-4427 - http://packetstormsecurity.com/files/174951/Chrome-ReduceJSLoadPropertyWithEnumeratedKey-Out-Of-Bounds-Access.html CVE-2023-44275 - https://www.x41-dsec.de/lab/advisories/x41-2023-001-opnsense @@ -93097,6 +93132,7 @@ CVE-2023-4466 - https://github.com/modzero/MZ-23-01-Poly-VoIP-Devices CVE-2023-4466 - https://vuldb.com/?id.249259 CVE-2023-4467 - https://github.com/modzero/MZ-23-01-Poly-VoIP-Devices CVE-2023-4468 - https://github.com/modzero/MZ-23-01-Poly-VoIP-Devices +CVE-2023-44693 - https://github.com/llixixi/cve/blob/main/D-LINK-DAR-7000_sql_%20importexport.md CVE-2023-44694 - https://github.com/llixixi/cve/blob/main/D-LINK-DAR-7000_rce_%20mailrecvview.md CVE-2023-44709 - https://github.com/sammycage/plutosvg/issues/7 CVE-2023-4473 - https://bugprove.com/knowledge-hub/cve-2023-4473-and-cve-2023-4474-authentication-bypass-and-multiple-blind-os-command-injection-vulnerabilities-in-zyxel-s-nas-326-devices/ @@ -93195,6 +93231,7 @@ CVE-2023-45376 - https://security.friendsofpresta.org/modules/2023/10/19/hicarou CVE-2023-45386 - https://security.friendsofpresta.org/modules/2023/10/12/extratabspro.html CVE-2023-45396 - https://github.com/strik3r0x1/Vulns/blob/main/(IDOR)%20leads%20to%20events%20profiles%20access%20-%20Elenos.md CVE-2023-4542 - https://github.com/PumpkinBridge/cve/blob/main/rce.md +CVE-2023-4543 - https://github.com/spcck/cve/blob/main/sql.md CVE-2023-4544 - https://vuldb.com/?id.238049 CVE-2023-45463 - https://github.com/adhikara13/CVE/blob/main/netis_N3/buffer%20overflow%20in%20hostname%20parameter%20leads%20to%20DOS.md CVE-2023-45464 - https://github.com/adhikara13/CVE/blob/main/netis_N3/buffer%20overflow%20in%20servDomain%20parameter%20leads%20to%20DOS.md @@ -93286,6 +93323,7 @@ CVE-2023-46006 - https://github.com/zerrr0/Zerrr0_Vulnerability/blob/main/Best%2 CVE-2023-46007 - https://github.com/zerrr0/Zerrr0_Vulnerability/blob/main/Best%20Courier%20Management%20System%201.0/SQL-Injection-Vulnerability-3.md CVE-2023-46009 - https://github.com/kohler/gifsicle/issues/196 CVE-2023-46010 - https://blog.csdn.net/DGS666/article/details/133795200?spm=1001.2014.3001.5501 +CVE-2023-46012 - https://github.com/dest-3/CVE-2023-46012/tree/main CVE-2023-46014 - https://github.com/ersinerenler/CVE-2023-46014-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability CVE-2023-46015 - https://github.com/ersinerenler/CVE-2023-46015-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability CVE-2023-46016 - https://github.com/ersinerenler/CVE-2023-46016-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability @@ -93305,6 +93343,7 @@ CVE-2023-46052 - https://gitlab.com/sane-project/backends/-/issues/709 CVE-2023-46055 - https://gist.github.com/GroundCTL2MajorTom/eef0d55f5df77cc911d84392acdbf625 CVE-2023-46058 - https://github.com/CrownZTX/vulnerabilities/blob/main/geeklog/Stored_XSS_in_group.php.md CVE-2023-46059 - https://github.com/CrownZTX/vulnerabilities/blob/main/geeklog/reflected_XSS_in_editservice.md +CVE-2023-46060 - https://github.com/peris-navince/founded-0-days/blob/main/Tenda/ac500/fromSetVlanInfo/1.md CVE-2023-46116 - https://github.com/tutao/tutanota/security/advisories/GHSA-mxgj-pq62-f644 CVE-2023-46118 - https://github.com/rabbitmq/rabbitmq-server/security/advisories/GHSA-w6cq-9cf4-gqpg CVE-2023-46120 - https://github.com/rabbitmq/rabbitmq-java-client/issues/1062 @@ -93348,7 +93387,10 @@ CVE-2023-46389 - http://packetstormsecurity.com/files/175952/Loytec-L-INX-Automa CVE-2023-46402 - https://gist.github.com/6en6ar/7c2424c93e7fbf2b6fc44e7fb9acb95d CVE-2023-46404 - https://github.com/windecks/CVE-2023-46404 CVE-2023-4642 - https://wpscan.com/vulnerability/6f481d34-6feb-4af2-914c-1f3288f69207 +CVE-2023-46426 - https://github.com/gpac/gpac/issues/2642 +CVE-2023-46427 - https://github.com/gpac/gpac/issues/2641 CVE-2023-4643 - https://wpscan.com/vulnerability/d9125604-2236-435c-a67c-07951a1fc5b1 +CVE-2023-46442 - https://github.com/JAckLosingHeart/CVE-2023-46442_POC/tree/main CVE-2023-46445 - http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html CVE-2023-46445 - https://github.com/advisories/GHSA-cfc2-wr2v-gxm5 CVE-2023-46445 - https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst @@ -93404,6 +93446,7 @@ CVE-2023-46667 - https://www.elastic.co/community/security CVE-2023-46668 - https://www.elastic.co/community/security CVE-2023-46672 - https://www.elastic.co/community/security CVE-2023-46673 - https://www.elastic.co/community/security +CVE-2023-46694 - https://github.com/invisiblebyte/CVE-2023-46694 CVE-2023-46722 - https://github.com/pimcore/admin-ui-classic-bundle/security/advisories/GHSA-jfxw-6c5v-c42f CVE-2023-46730 - https://github.com/Intermesh/groupoffice/security/advisories/GHSA-vw6c-h82w-mvfv CVE-2023-46736 - https://github.com/espocrm/espocrm/security/advisories/GHSA-g955-rwxx-jvf6 @@ -93445,6 +93488,8 @@ CVE-2023-46930 - https://github.com/gpac/gpac/issues/2666 CVE-2023-46931 - https://github.com/gpac/gpac/issues/2664 CVE-2023-46932 - https://github.com/gpac/gpac/issues/2669 CVE-2023-46935 - https://github.com/weng-xianhu/eyoucms/issues/55 +CVE-2023-46950 - https://github.com/mhenrixon/sidekiq-unique-jobs/security/advisories/GHSA-cmh9-rx85-xj38 +CVE-2023-46951 - https://github.com/mhenrixon/sidekiq-unique-jobs/security/advisories/GHSA-cmh9-rx85-xj38 CVE-2023-4696 - https://huntr.dev/bounties/4747a485-77c3-4bb5-aab0-21253ef303ca CVE-2023-4697 - https://huntr.dev/bounties/3ff3325a-1dcb-4da7-894d-81a9cf726d81 CVE-2023-46974 - https://github.com/yte121/CVE-2023-46974/ @@ -93674,6 +93719,7 @@ CVE-2023-4836 - https://wpscan.com/vulnerability/c17f2534-d791-4fe3-b45b-8757775 CVE-2023-48418 - http://packetstormsecurity.com/files/176446/Android-DeviceVersionFragment.java-Privilege-Escalation.html CVE-2023-4847 - https://skypoc.wordpress.com/2023/09/04/sourcecodester-simple-book-catalog-app-v1-0-has-multiple-vulnerabilities/ CVE-2023-4848 - https://skypoc.wordpress.com/2023/09/04/sourcecodester-simple-book-catalog-app-v1-0-has-multiple-vulnerabilities/ +CVE-2023-4850 - https://github.com/RCEraser/cve/blob/main/sql_inject_2.md CVE-2023-4850 - https://vuldb.com/?id.239259 CVE-2023-4858 - https://github.com/nightcloudos/bug_report/blob/main/vendors/poc2.md CVE-2023-4858 - https://wpscan.com/vulnerability/ef8029e0-9282-401a-a77d-10b6656adaa6 @@ -93734,6 +93780,7 @@ CVE-2023-48840 - http://packetstormsecurity.com/files/176056 CVE-2023-48841 - http://packetstormsecurity.com/files/176058 CVE-2023-48849 - https://github.com/delsploit/CVE-2023-48849 CVE-2023-48858 - https://github.com/Shumerez/CVE-2023-48858 +CVE-2023-48859 - https://github.com/xieqiang11/security_research/blob/main/TOTOLINK-A3002RU-RCE.md CVE-2023-48861 - https://github.com/xieqiang11/POC4/blob/main/README.md CVE-2023-48866 - https://nitipoom-jar.github.io/CVE-2023-48866/ CVE-2023-48886 - https://github.com/luxiaoxun/NettyRpc/issues/53 @@ -93816,6 +93863,7 @@ CVE-2023-4922 - https://wpscan.com/vulnerability/968d87c0-af60-45ea-b34e-8551313 CVE-2023-49231 - https://www.schutzwerk.com/advisories/SCHUTZWERK-SA-2023-003.txt CVE-2023-49231 - https://www.schutzwerk.com/blog/schutzwerk-sa-2023-003/ CVE-2023-4925 - https://wpscan.com/vulnerability/0b094cba-9288-4c9c-87a9-bdce286fe8b6 +CVE-2023-49275 - https://github.com/wazuh/wazuh/security/advisories/GHSA-4mq7-w9r6-9975 CVE-2023-49276 - https://github.com/louislam/uptime-kuma/security/advisories/GHSA-v4v2-8h88-65qj CVE-2023-4928 - https://huntr.dev/bounties/cb72cc17-5a0d-4392-9a5f-a13aa773de9e CVE-2023-49287 - http://packetstormsecurity.com/files/176060/TinyDir-1.2.5-Buffer-Overflow.html @@ -93885,6 +93933,7 @@ CVE-2023-49465 - https://github.com/strukturag/libde265/issues/435 CVE-2023-49467 - https://github.com/strukturag/libde265/issues/434 CVE-2023-49468 - https://github.com/strukturag/libde265/issues/432 CVE-2023-49471 - https://github.com/zunak/CVE-2023-49471 +CVE-2023-49484 - https://github.com/jiaofj/cms/blob/main/There%20is%20a%20storage%20based%20XSS%20in%20the%20article%20management%20department.md CVE-2023-49492 - https://github.com/Hebing123/cve/issues/2 CVE-2023-49493 - https://github.com/Hebing123/cve/issues/2 CVE-2023-49494 - https://github.com/Hebing123/cve/issues/3 @@ -93895,6 +93944,7 @@ CVE-2023-49502 - https://trac.ffmpeg.org/ticket/10688 CVE-2023-49528 - https://trac.ffmpeg.org/ticket/10691 CVE-2023-49544 - https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/07-Input_Validation_Testing/11.1-Testing_for_Local_File_Inclusion CVE-2023-49549 - https://github.com/cesanta/mjs/issues/251 +CVE-2023-49550 - https://github.com/cesanta/mjs/issues/252 CVE-2023-49551 - https://github.com/cesanta/mjs/issues/257 CVE-2023-49553 - https://github.com/cesanta/mjs/issues/253 CVE-2023-49554 - https://github.com/yasm/yasm/issues/249 @@ -93940,6 +93990,7 @@ CVE-2023-49950 - https://github.com/shrikeinfosec/cve-2023-49950/blob/main/cve-2 CVE-2023-49964 - https://github.com/mbadanoiu/CVE-2023-49964 CVE-2023-49965 - https://hackintoanetwork.com/blog/2023-starlink-router-gen2-xss-eng/ CVE-2023-49967 - https://github.com/typecho/typecho/issues/1648 +CVE-2023-49990 - https://github.com/espeak-ng/espeak-ng/issues/1824 CVE-2023-49991 - https://github.com/espeak-ng/espeak-ng/issues/1825 CVE-2023-49992 - https://github.com/espeak-ng/espeak-ng/issues/1827 CVE-2023-49993 - https://github.com/espeak-ng/espeak-ng/issues/1826 @@ -93955,6 +94006,7 @@ CVE-2023-50009 - https://trac.ffmpeg.org/ticket/10699 CVE-2023-50010 - https://ffmpeg.org/ CVE-2023-50010 - https://trac.ffmpeg.org/ticket/10702 CVE-2023-50011 - https://packetstormsecurity.com/files/175924/PopojiCMS-2.0.1-Remote-Command-Execution.html +CVE-2023-50015 - https://github.com/n0obit4/Vulnerability_Disclosure/tree/main/CVE-2023-50015 CVE-2023-50017 - https://github.com/849200701/cms/blob/main/CSRF%20exists%20in%20the%20backup%20and%20restore%20location.md CVE-2023-50027 - https://security.friendsofpresta.org/modules/2023/12/19/baproductzoommagnifier.html CVE-2023-5003 - https://wpscan.com/vulnerability/91f4e500-71f3-4ef6-9cc7-24a7c12a5748 @@ -93976,8 +94028,11 @@ CVE-2023-50126 - https://www.secura.com/services/iot/consumer-products/security- CVE-2023-50127 - https://www.secura.com/services/iot/consumer-products/security-concerns-in-popular-smart-home-devices CVE-2023-50128 - https://www.secura.com/services/iot/consumer-products/security-concerns-in-popular-smart-home-devices CVE-2023-50129 - https://www.secura.com/services/iot/consumer-products/security-concerns-in-popular-smart-home-devices +CVE-2023-50137 - https://github.com/yukino-hiki/CVE/blob/main/3/There%20is%20a%20storage%20type%20xss%20in%20the%20site%20management%20office.md CVE-2023-50164 - http://packetstormsecurity.com/files/176157/Struts-S2-066-File-Upload-Remote-Code-Execution.html CVE-2023-50172 - https://talosintelligence.com/vulnerability_reports/TALOS-2023-1897 +CVE-2023-5019 - https://github.com/ggg48966/cve/blob/main/sql.md +CVE-2023-5023 - https://github.com/RCEraser/cve/blob/main/sql_inject_3.md CVE-2023-5024 - https://youtu.be/evdhcUlD1EQ CVE-2023-50245 - https://github.com/afichet/openexr-viewer/security/advisories/GHSA-99jg-r3f4-rpxj CVE-2023-50246 - https://github.com/jqlang/jq/security/advisories/GHSA-686w-5m7m-54vc @@ -93992,12 +94047,14 @@ CVE-2023-50258 - https://github.com/pymedusa/Medusa/security/advisories/GHSA-3hp CVE-2023-50258 - https://securitylab.github.com/advisories/GHSL-2023-201_GHSL-2023-202_Medusa/ CVE-2023-50259 - https://github.com/pymedusa/Medusa/security/advisories/GHSA-8mcr-vffr-jwxv CVE-2023-50259 - https://securitylab.github.com/advisories/GHSL-2023-201_GHSL-2023-202_Medusa/ +CVE-2023-50260 - https://github.com/wazuh/wazuh/security/advisories/GHSA-mjq2-xf8g-68vw CVE-2023-50262 - https://github.com/dompdf/dompdf/security/advisories/GHSA-3qx2-6f78-w2j2 CVE-2023-50264 - https://securitylab.github.com/advisories/GHSL-2023-192_GHSL-2023-194_bazarr/ CVE-2023-50265 - https://securitylab.github.com/advisories/GHSL-2023-192_GHSL-2023-194_bazarr/ CVE-2023-50266 - https://securitylab.github.com/advisories/GHSL-2023-192_GHSL-2023-194_bazarr/ CVE-2023-5027 - https://vuldb.com/?id.239869 CVE-2023-5028 - https://vuldb.com/?id.239870 +CVE-2023-5030 - https://github.com/husterdjx/cve/blob/main/sql1.md CVE-2023-5033 - https://vuldb.com/?id.239877 CVE-2023-50358 - https://www.bsi.bund.de/SharedDocs/Cybersicherheitswarnungen/DE/2024/2024-213941-1032 CVE-2023-5036 - https://huntr.dev/bounties/46881df7-eb41-4ce2-a78f-82de9bc4fc2d @@ -94028,6 +94085,7 @@ CVE-2023-5060 - https://huntr.dev/bounties/01b0917d-f92f-4903-9eca-bcfc46e847e3 CVE-2023-50612 - https://github.com/yaowenxiao721/CloudExplorer-Lite-v1.4.1-vulnerability-BOPLA CVE-2023-50628 - https://github.com/libming/libming/issues/289 CVE-2023-50630 - https://github.com/xiweicheng/tms/issues/19 +CVE-2023-50685 - https://github.com/UnderwaterCoder/Hipcam-RTSP-Format-Validation-Vulnerability CVE-2023-50693 - https://github.com/dom96/jester/issues/326 CVE-2023-50694 - https://github.com/dom96/httpbeast/issues/95 CVE-2023-50715 - https://github.com/home-assistant/core/security/advisories/GHSA-jqpc-rc7g-vf83 @@ -94042,16 +94100,22 @@ CVE-2023-5082 - https://wpscan.com/vulnerability/13a196ba-49c7-4575-9a49-3ef9eb2 CVE-2023-5084 - https://huntr.dev/bounties/f3340570-6e59-4c72-a7d1-d4b829b4fb45 CVE-2023-5087 - https://wpscan.com/vulnerability/3b45cc0b-7378-49f3-900e-d0e18cd4b878 CVE-2023-5089 - https://wpscan.com/vulnerability/2b547488-187b-44bc-a57d-f876a7d4c87d +CVE-2023-50914 - https://github.com/anvilsecure/gog-galaxy-app-research +CVE-2023-50914 - https://github.com/anvilsecure/gog-galaxy-app-research/blob/main/advisories/CVE-2023-50914%20-%20LPE.md CVE-2023-50914 - https://www.positronsecurity.com/blog/2020-08-13-gog-galaxy_client-local-privilege-escalation_deuce/ +CVE-2023-50915 - https://github.com/anvilsecure/gog-galaxy-app-research +CVE-2023-50915 - https://github.com/anvilsecure/gog-galaxy-app-research/blob/main/advisories/CVE-2023-50915%20-%20DoS.md CVE-2023-50916 - https://www.trustwave.com/en-us/resources/security-resources/security-advisories/ CVE-2023-50916 - https://www.trustwave.com/hubfs/Web/Library/Advisories_txt/TWSL2024-001_kyocera-v2.txt CVE-2023-50917 - http://packetstormsecurity.com/files/176273/MajorDoMo-Remote-Code-Execution.html CVE-2023-50917 - http://packetstormsecurity.com/files/176669/MajorDoMo-Command-Injection.html CVE-2023-50919 - http://packetstormsecurity.com/files/176708/GL.iNet-Unauthenticated-Remote-Command-Execution.html CVE-2023-50965 - https://github.com/starnight/MicroHttpServer/issues/5 +CVE-2023-50966 - https://github.com/P3ngu1nW/CVE_Request/blob/main/erlang-jose.md CVE-2023-5098 - https://wpscan.com/vulnerability/3167a83c-291e-4372-a42e-d842205ba722 CVE-2023-50980 - https://github.com/weidai11/cryptopp/issues/1248 CVE-2023-50982 - https://rehmeinfosec.de/labor/cve-2023-50982 +CVE-2023-51006 - https://github.com/firmianay/security-issues/tree/main/app/cn.etouch.ecalendar CVE-2023-51010 - https://github.com/firmianay/security-issues/tree/main/app/com.sdjictec.qdmetro CVE-2023-51011 - https://815yang.github.io/2023/12/11/EX1800T/TOTOlinkEX1800T_V9.1.0cu.2112_B2022031setLanConfig-lanPriDns/ CVE-2023-51012 - https://815yang.github.io/2023/12/11/EX1800T/TOTOlinkEX1800T_V9.1.0cu.2112_B2022031setLanConfig-lanGateway/ @@ -94077,48 +94141,78 @@ CVE-2023-51035 - https://815yang.github.io/2023/12/12/ex1200l/totolink_ex1200L_N CVE-2023-5104 - https://huntr.dev/bounties/1b5c6d9f-941e-4dd7-a964-42b53d6826b0 CVE-2023-51042 - https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.12 CVE-2023-5105 - https://wpscan.com/vulnerability/d40c7108-bad6-4ed3-8539-35c0f57e62cc +CVE-2023-51059 - https://github.com/sbaresearch/advisories/tree/public/2022/SBA-ADV-20220120-01_MOKOSmart_MKGW1_Gateway_Improper_Session_Management +CVE-2023-51062 - https://github.com/Oracle-Security/CVEs/blob/main/QStar%20Archive%20Solutions/CVE-2023-51062.md CVE-2023-51063 - https://github.com/Oracle-Security/CVEs/blob/main/QStar%20Archive%20Solutions/CVE-2023-51063.md +CVE-2023-51064 - https://github.com/Oracle-Security/CVEs/blob/main/QStar%20Archive%20Solutions/CVE-2023-51064.md +CVE-2023-51065 - https://github.com/Oracle-Security/CVEs/blob/main/QStar%20Archive%20Solutions/CVE-2023-51065.md CVE-2023-51066 - https://github.com/Oracle-Security/CVEs/blob/main/QStar%20Archive%20Solutions/CVE-2023-51066.md +CVE-2023-51067 - https://github.com/Oracle-Security/CVEs/blob/main/QStar%20Archive%20Solutions/CVE-2023-51067.md CVE-2023-51068 - https://github.com/Oracle-Security/CVEs/blob/main/QStar%20Archive%20Solutions/CVE-2023-51068.md CVE-2023-51070 - https://github.com/Oracle-Security/CVEs/blob/main/QStar%20Archive%20Solutions/CVE-2023-51070.md +CVE-2023-51071 - https://github.com/Oracle-Security/CVEs/blob/main/QStar%20Archive%20Solutions/CVE-2023-51071.md CVE-2023-51074 - https://github.com/json-path/JsonPath/issues/973 CVE-2023-51075 - https://github.com/dromara/hutool/issues/3421 CVE-2023-51079 - https://github.com/mvel/mvel/issues/348 CVE-2023-51079 - https://github.com/mvel/mvel/issues/348#issuecomment-1874047271 CVE-2023-5108 - https://wpscan.com/vulnerability/1b277929-e88b-4ab6-9190-526e75f5ce7a CVE-2023-51084 - https://github.com/PoppingSnack/VulReport/issues/12 +CVE-2023-51090 - https://github.com/GD008/TENDA/blob/main/M3/getWeiXinConfig/M3_getWeiXinConfig.md CVE-2023-51091 - https://github.com/GD008/TENDA/blob/main/M3/cookie/M3_cookie.md +CVE-2023-51092 - https://github.com/GD008/TENDA/blob/main/M3/upgrade/M3_upgrade.md CVE-2023-51093 - https://github.com/GD008/TENDA/blob/main/M3/setVlanInfo/M3_setVlanInfo.md CVE-2023-51094 - https://github.com/GD008/TENDA/blob/main/M3/telnet/M3_telnet.md CVE-2023-51095 - https://github.com/GD008/TENDA/blob/main/M3/delWlPolicyData/M3_delWlPolicyData.md CVE-2023-51097 - https://github.com/GD008/TENDA/blob/main/W9/W9_setAutoPing/W9_setAutoPing.md CVE-2023-51098 - https://github.com/GD008/TENDA/blob/main/W9/W9_setDiagnoseInfo/W9_setDiagnoseInfo.md +CVE-2023-51099 - https://github.com/GD008/TENDA/blob/main/W9/W9_execommand/W9_execommand.md +CVE-2023-51100 - https://github.com/GD008/TENDA/blob/main/W9/W9_getDiagnoseInfo/W9_getDiagnoseInfo.md +CVE-2023-51101 - https://github.com/GD008/TENDA/blob/main/W9/W9_setUplinkInfo/W9_setUplinkInfo.md CVE-2023-51102 - https://github.com/GD008/TENDA/blob/main/W9/W9_WifiMacFilterSet/W9_WifiMacFilterSet.md CVE-2023-51123 - https://github.com/WhereisRain/dir-815 CVE-2023-51123 - https://github.com/WhereisRain/dir-815/blob/main/README.md +CVE-2023-51126 - https://github.com/risuxx/CVE-2023-51126 +CVE-2023-51141 - https://gist.github.com/ipxsec/1680d29c49fe368be81b037168175b10 +CVE-2023-51142 - https://gist.github.com/ipxsec/b20383620c9e1d5300f7716e62e8a82f +CVE-2023-51146 - https://github.com/SpikeReply/advisories/blob/main/cve/trendnet/cve-2023-51146.md +CVE-2023-51147 - https://github.com/SpikeReply/advisories/blob/main/cve/trendnet/cve-2023-51147.md +CVE-2023-51148 - https://github.com/SpikeReply/advisories/blob/main/cve/trendnet/cve-2023-51148.md CVE-2023-5119 - https://wpscan.com/vulnerability/229207bb-8f8d-4579-a8e2-54516474ccb4 CVE-2023-51210 - https://medium.com/@nasir.synack/uncovering-critical-vulnerability-cve-2023-51210-in-prestashop-plugin-bundle-product-pack-ad7fb08bdc91 +CVE-2023-51219 - https://stulle123.github.io/posts/kakaotalk-account-takeover/ CVE-2023-5124 - https://wpscan.com/vulnerability/1ef86546-3467-432c-a863-1ca3e5c65bd4/ CVE-2023-51252 - https://github.com/sanluan/PublicCMS/issues/79 CVE-2023-51257 - https://github.com/jasper-software/jasper/issues/367 +CVE-2023-51258 - https://github.com/hanxuer/crashes/blob/main/yasm/04/readme.md CVE-2023-51277 - https://www.youtube.com/watch?v=c0nawqA_bdI CVE-2023-5133 - https://wpscan.com/vulnerability/36c30e54-75e4-4df1-b01a-60c51c0e76a3 CVE-2023-5137 - https://wpscan.com/vulnerability/79b79e9c-ea4f-4188-a1b5-61dda0b5d434 CVE-2023-51385 - https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-execution/2023/12/20/openssh-proxycommand-libssh-rce.html +CVE-2023-51387 - https://github.com/dromara/hertzbeat/security/advisories/GHSA-4576-m8px-w9qj CVE-2023-5139 - http://packetstormsecurity.com/files/175657/Zephyr-RTOS-3.x.0-Buffer-Overflows.html CVE-2023-5139 - https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-rhrc-pcxp-4453 CVE-2023-5140 - https://wpscan.com/vulnerability/ee1824e8-09a6-4763-b65e-03701dc3e171 CVE-2023-5141 - https://wpscan.com/vulnerability/9997fe8d-8027-4ae0-9885-a1f5565f2d1a CVE-2023-5142 - https://vuldb.com/?id.240238 +CVE-2023-5143 - https://github.com/ggg48966/cve/blob/main/D-LINK%20-DAR-7000_rce_%20webmailattach.md +CVE-2023-5144 - https://github.com/llixixi/cve/blob/main/D-LINK-DAR-8000-10_upload_%20updateos.md CVE-2023-51442 - https://github.com/navidrome/navidrome/security/advisories/GHSA-wq59-4q6r-635r CVE-2023-51443 - http://packetstormsecurity.com/files/176393/FreeSWITCH-Denial-Of-Service.html +CVE-2023-51444 - https://github.com/geoserver/geoserver/security/advisories/GHSA-9v5q-2gwq-q9hq CVE-2023-51444 - https://osgeo-org.atlassian.net/browse/GEOS-11176 +CVE-2023-51445 - https://github.com/geoserver/geoserver/security/advisories/GHSA-fh7p-5f6g-vj2w CVE-2023-51445 - https://osgeo-org.atlassian.net/browse/GEOS-11148 +CVE-2023-51448 - https://github.com/Cacti/cacti/security/advisories/GHSA-w85f-7c4w-7594 +CVE-2023-5147 - https://github.com/llixixi/cve/blob/main/D-LINK-DAR-7000_upload_%20updateos.md +CVE-2023-5148 - https://github.com/llixixi/cve/blob/main/D-LINK-DAR-8000-10_upload_%20uploadfile.md +CVE-2023-5150 - https://github.com/llixixi/cve/blob/main/D-LINK-DAR-8000-10_upload_%20web.md CVE-2023-5152 - https://github.com/llixixi/cve/blob/main/D-LINK-DAR-8000-10_sql_%20importexport.md CVE-2023-5153 - https://vuldb.com/?id.240249 +CVE-2023-51650 - https://github.com/dromara/hertzbeat/security/advisories/GHSA-rrc5-qpxr-5jm2 CVE-2023-51661 - https://github.com/wasmerio/wasmer/security/advisories/GHSA-4mq4-7rw3-vm5j CVE-2023-51664 - https://github.com/tj-actions/changed-files/security/advisories/GHSA-mcph-m25j-8j63 CVE-2023-5167 - https://wpscan.com/vulnerability/78ea6fe0-5fac-4923-949c-023c85fe2437 +CVE-2023-51698 - https://github.com/mate-desktop/atril/security/advisories/GHSA-34rr-j8v9-v4p2 CVE-2023-51717 - https://dataiku.com CVE-2023-5173 - https://bugzilla.mozilla.org/show_bug.cgi?id=1823172 CVE-2023-5174 - https://bugzilla.mozilla.org/show_bug.cgi?id=1848454 @@ -94133,8 +94227,11 @@ CVE-2023-5177 - https://wpscan.com/vulnerability/a67b9c21-a35a-4cdb-9627-a593233 CVE-2023-51771 - https://github.com/starnight/MicroHttpServer/issues/8 CVE-2023-51772 - https://sec-consult.com/vulnerability-lab/advisory/kiosk-escape-privilege-escalation-one-identity-password-manager-secure-password-extension/ CVE-2023-51775 - https://bitbucket.org/b_c/jose4j/issues/212 +CVE-2023-51790 - https://github.com/Piwigo/AdminTools/issues/21 +CVE-2023-51790 - https://github.com/Piwigo/Piwigo/issues/2069 CVE-2023-51791 - https://ffmpeg.org/ CVE-2023-51791 - https://trac.ffmpeg.org/ticket/10738 +CVE-2023-51792 - https://github.com/strukturag/libde265/issues/427 CVE-2023-51793 - https://ffmpeg.org/ CVE-2023-51793 - https://trac.ffmpeg.org/ticket/10743 CVE-2023-51794 - https://trac.ffmpeg.org/ticket/10746 @@ -94148,6 +94245,9 @@ CVE-2023-51798 - https://ffmpeg.org/ CVE-2023-51798 - https://trac.ffmpeg.org/ticket/10758 CVE-2023-51806 - https://github.com/ujcms/ujcms/issues/8 CVE-2023-5181 - https://wpscan.com/vulnerability/564ad2b0-6ba6-4415-98d7-8d41bc1c3d44 +CVE-2023-51810 - https://github.com/Pastea/CVE-2023-51810 +CVE-2023-51813 - https://github.com/xxxxfang/CVE-Apply/blob/main/csrf-1.md +CVE-2023-51820 - https://github.com/roman-mueller/PoC/tree/master/CVE-2023-51820 CVE-2023-51820 - https://infosec.rm-it.de/2024/02/01/blurams-lumi-security-camera-analysis/ CVE-2023-51828 - https://nexacybersecurity.blogspot.com/2024/02/journey-finding-vulnerabilities-in-pmb-library-management-system.html CVE-2023-5184 - http://packetstormsecurity.com/files/175657/Zephyr-RTOS-3.x.0-Buffer-Overflows.html @@ -94167,6 +94267,7 @@ CVE-2023-52028 - https://815yang.github.io/2023/12/04/a3700r/TOTOlink%20A3700R_s CVE-2023-5203 - https://wpscan.com/vulnerability/7f4f505b-2667-4e0f-9841-9c1cd0831932 CVE-2023-52031 - https://815yang.github.io/2023/12/04/a3700r/TOTOlink%20A3700R_UploadFirmwareFile/ CVE-2023-52032 - https://815yang.github.io/2023/12/24/cve6/EX1200T_V4.1.2cu.5232_B20210713_downloadFlile/ +CVE-2023-52039 - https://github.com/Beckaf/vunl/blob/main/TOTOLINK/X6000R/2/2.md CVE-2023-5204 - http://packetstormsecurity.com/files/175371/WordPress-AI-ChatBot-4.8.9-SQL-Injection-Traversal-File-Deletion.html CVE-2023-52041 - https://kee02p.github.io/2024/01/13/CVE-2023-52041/ CVE-2023-52042 - https://kee02p.github.io/2024/01/13/CVE-2023-52042/ @@ -94190,6 +94291,7 @@ CVE-2023-52139 - https://github.com/misskey-dev/misskey/security/advisories/GHSA CVE-2023-52153 - https://nexacybersecurity.blogspot.com/2024/02/journey-finding-vulnerabilities-in-pmb-library-management-system.html CVE-2023-52154 - https://nexacybersecurity.blogspot.com/2024/02/journey-finding-vulnerabilities-in-pmb-library-management-system.html CVE-2023-52155 - https://nexacybersecurity.blogspot.com/2024/02/journey-finding-vulnerabilities-in-pmb-library-management-system.html +CVE-2023-5221 - https://github.com/Fovker8/cve/blob/main/rce.md CVE-2023-5221 - https://vuldb.com/?id.240363 CVE-2023-5222 - https://github.com/Push3AX/vul/blob/main/viessmann/Vitogate300_HardcodedPassword.md CVE-2023-52240 - https://kantega-sso.atlassian.net/wiki/spaces/KSE/pages/1226473473/Security+Vulnerability+HTML+injection+Cross-site+scripting+in+SAML+POST+binding+Kantega+SSO+Enterprise @@ -94240,6 +94342,7 @@ CVE-2023-52555 - https://github.com/mongo-express/mongo-express/issues/1338 CVE-2023-52564 - http://www.openwall.com/lists/oss-security/2024/04/11/9 CVE-2023-5259 - https://github.com/RCEraser/cve/blob/main/ForU-CMS.md CVE-2023-5264 - https://github.com/yhy217/huakecms-vul/issues/1 +CVE-2023-5267 - https://github.com/kpz-wm/cve/blob/main/sql.md CVE-2023-5284 - https://vuldb.com/?id.240912 CVE-2023-5286 - https://github.com/xcodeOn1/XSS-Stored-Expense-Tracker-App CVE-2023-5287 - https://vuldb.com/?id.240915 @@ -94293,9 +94396,16 @@ CVE-2023-5458 - https://wpscan.com/vulnerability/47d15f1c-b9ca-494d-be8f-63c30e9 CVE-2023-5463 - https://drive.google.com/drive/folders/1mpRxWOPjxVS980r0qu1IY_Hf0irKO-cu CVE-2023-5471 - https://vuldb.com/?id.241608 CVE-2023-5488 - https://vuldb.com/?id.241640 +CVE-2023-5489 - https://github.com/llixixi/cve/blob/main/s45_upload_%20uploadfile.md +CVE-2023-5490 - https://github.com/llixixi/cve/blob/main/s45_upload_%20userattestation.md +CVE-2023-5491 - https://github.com/llixixi/cve/blob/main/s45_upload_changelogo.md +CVE-2023-5492 - https://github.com/llixixi/cve/blob/main/s45_upload_licence.md CVE-2023-5492 - https://vuldb.com/?id.241644 +CVE-2023-5493 - https://github.com/llixixi/cve/blob/main/s45_upload_web.md +CVE-2023-5494 - https://github.com/7332all/cve/blob/main/rce_1.md CVE-2023-5495 - http://packetstormsecurity.com/files/175071/Smart-School-6.4.1-SQL-Injection.html CVE-2023-5496 - https://vuldb.com/?id.241649 +CVE-2023-5497 - https://github.com/RCEraser/cve/blob/main/sql_inject_4.md CVE-2023-5498 - https://huntr.dev/bounties/ec367b1d-5ec4-4ab2-881a-caf82e4877d9 CVE-2023-5509 - https://wpscan.com/vulnerability/3b33c262-e7f0-4310-b26d-4727d7c25c9d CVE-2023-5511 - https://huntr.dev/bounties/43206801-9862-48da-b379-e55e341d78bf @@ -94349,14 +94459,18 @@ CVE-2023-5672 - https://wpscan.com/vulnerability/7c1dff5b-bed3-49f8-96cc-1bc9abe CVE-2023-5673 - https://wpscan.com/vulnerability/231f72bf-9ad0-417e-b7a0-3555875749e9 CVE-2023-5674 - https://wpscan.com/vulnerability/32a23d0d-7ece-4870-a99d-f3f344be2d67 CVE-2023-5681 - https://github.com/Wsecpro/cve1/blob/main/NS-ASG-sql-list_addr_fwresource_ip.md +CVE-2023-5682 - https://github.com/Godfather-onec/cve/blob/main/sql.md CVE-2023-5684 - https://github.com/Chef003/cve/blob/main/rce.md CVE-2023-5686 - https://huntr.com/bounties/bbfe1f76-8fa1-4a8c-909d-65b16e970be0 CVE-2023-5687 - https://huntr.com/bounties/33f95510-cdee-460e-8e61-107874962f2d CVE-2023-5688 - https://huntr.com/bounties/0ceb10e4-952b-4ca4-baf8-5b6f12e3a8a7 CVE-2023-5689 - https://huntr.com/bounties/24835833-3421-412b-bafb-1b7ea3cf60e6 CVE-2023-5690 - https://huntr.com/bounties/980c75a5-d978-4b0e-9bcc-2b2682c97e01 +CVE-2023-5700 - https://github.com/istlnight/cve/blob/main/NS-ASG-sql-uploadiscgwrouteconf.md CVE-2023-5708 - https://www.wordfence.com/threat-intel/vulnerabilities/id/d96e5986-8c89-4e7e-aa63-f41aa13eeff4?source=cve CVE-2023-5718 - https://gist.github.com/CalumHutton/bdb97077a66021ed455f87823cd7c7cb +CVE-2023-5724 - https://bugzilla.mozilla.org/show_bug.cgi?id=1836705 +CVE-2023-5725 - https://bugzilla.mozilla.org/show_bug.cgi?id=1845739 CVE-2023-5732 - https://bugzilla.mozilla.org/show_bug.cgi?id=1690979 CVE-2023-5737 - https://wpscan.com/vulnerability/c761c67c-eab8-4e1b-a332-c9a45e22bb13 CVE-2023-5738 - https://wpscan.com/vulnerability/7f935916-9a1a-40c7-b6d8-efcc46eb8eaf @@ -94371,6 +94485,9 @@ CVE-2023-5762 - https://wpscan.com/vulnerability/6ad99725-eccc-4b61-bce2-668b626 CVE-2023-5772 - https://www.wordfence.com/threat-intel/vulnerabilities/id/7e539549-1125-4b0e-aa3c-c8844041c23a?source=cve CVE-2023-5774 - https://drive.google.com/file/d/1zXWW545ktCznO36k90AN0APhTz8ky-gG/view?usp=sharing CVE-2023-5774 - https://www.wordfence.com/threat-intel/vulnerabilities/id/33c2756d-c300-479f-b3aa-8f22c3a70278?source=cve +CVE-2023-5779 - https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7cmj-963q-jj47 +CVE-2023-5780 - https://github.com/RCEraser/cve/blob/main/sql_inject_5.md +CVE-2023-5783 - https://github.com/halleyakina/cve/blob/main/sql.md CVE-2023-5784 - https://github.com/gb111d/ns-asg_poc/ CVE-2023-5784 - https://vuldb.com/?id.243590 CVE-2023-5785 - https://github.com/ggg48966/cve/blob/main/NS-ASG-sql-addaddress_interpret.md @@ -94433,6 +94550,7 @@ CVE-2023-5955 - https://wpscan.com/vulnerability/1b5fce7e-14fc-4548-8747-96fdd58 CVE-2023-5956 - https://wpscan.com/vulnerability/b3d1fbae-88c9-45d1-92c6-0a529b21e3b2/ CVE-2023-5957 - https://wpscan.com/vulnerability/70f823ff-64ad-4f05-9eb3-b69b3b79dc12 CVE-2023-5958 - https://wpscan.com/vulnerability/22fa478d-e42e-488d-9b4b-a8720dec7cee +CVE-2023-5959 - https://github.com/Changboqian/cve/blob/main/reset_password_improperly.md CVE-2023-5971 - https://wpscan.com/vulnerability/03a201d2-535e-4574-afac-791dcf23e6e1/ CVE-2023-5974 - https://wpscan.com/vulnerability/c0136057-f420-4fe7-a147-ecbec7e7a9b5 CVE-2023-5979 - https://wpscan.com/vulnerability/936934c3-5bfe-416e-b6aa-47bed4db05c4 @@ -94472,7 +94590,9 @@ CVE-2023-6049 - https://wpscan.com/vulnerability/8cfd8c1f-2834-4a94-a3fa-c0cfbe7 CVE-2023-6050 - https://wpscan.com/vulnerability/c08e0f24-bd61-4e83-a555-363568cf0e6e CVE-2023-6051 - https://gitlab.com/gitlab-org/gitlab/-/issues/431345 CVE-2023-6052 - https://vuldb.com/?id.244872 +CVE-2023-6053 - https://github.com/Conan0313/cve/blob/main/sql.md CVE-2023-6053 - https://vuldb.com/?id.244874 +CVE-2023-6054 - https://github.com/TinkAnet/cve/blob/main/sql2.md CVE-2023-6054 - https://vuldb.com/?id.244875 CVE-2023-6063 - https://wpscan.com/vulnerability/30a74105-8ade-4198-abe2-1c6f2967443e CVE-2023-6064 - https://wpscan.com/vulnerability/423c8881-628b-4380-9677-65b3f5165efe @@ -94511,6 +94631,7 @@ CVE-2023-6152 - https://github.com/grafana/bugbounty/security/advisories/GHSA-3h CVE-2023-6155 - https://wpscan.com/vulnerability/c62be802-e91a-4bcf-990d-8fd8ef7c9a28 CVE-2023-6161 - https://wpscan.com/vulnerability/ca7b6a39-a910-4b4f-b9cc-be444ec44942 CVE-2023-6163 - https://wpscan.com/vulnerability/7ed6de4d-0a37-497f-971d-b6711893c557 +CVE-2023-6165 - https://github.com/youki992/youki992.github.io/blob/master/others/apply2.md CVE-2023-6165 - https://wpscan.com/vulnerability/aba62286-9a82-4d5b-9b47-1fddde5da487/ CVE-2023-6166 - https://wpscan.com/vulnerability/e6155d9b-f6bb-4607-ad64-1976a8afe907 CVE-2023-6175 - https://gitlab.com/wireshark/wireshark/-/issues/19404 @@ -94519,6 +94640,8 @@ CVE-2023-6179 - https://www.honeywell.com/us/en/product-security CVE-2023-6188 - https://vuldb.com/?id.245735 CVE-2023-6199 - https://fluidattacks.com/advisories/imagination/ CVE-2023-6203 - https://wpscan.com/vulnerability/229273e6-e849-447f-a95a-0730969ecdae +CVE-2023-6207 - https://bugzilla.mozilla.org/show_bug.cgi?id=1861344 +CVE-2023-6209 - https://bugzilla.mozilla.org/show_bug.cgi?id=1858570 CVE-2023-6210 - https://bugzilla.mozilla.org/show_bug.cgi?id=1801501 CVE-2023-6222 - https://drive.google.com/file/d/1krgHH2NvVFr93VpErLkOjDV3L6M5yIA1/view?usp=sharing CVE-2023-6222 - https://wpscan.com/vulnerability/df892e99-c0f6-42b8-a834-fc55d1bde130 @@ -94543,6 +94666,7 @@ CVE-2023-6271 - https://wpscan.com/vulnerability/7ac217db-f332-404b-a265-6dc86fe CVE-2023-6272 - https://wpscan.com/vulnerability/a03243ea-fee7-46e4-8037-a228afc5297a CVE-2023-6274 - https://github.com/Carol7S/cve/blob/main/rce.md CVE-2023-6274 - https://vuldb.com/?id.246103 +CVE-2023-6276 - https://github.com/YXuanZ1216/cve/blob/main/sql.md CVE-2023-6277 - https://gitlab.com/libtiff/libtiff/-/issues/614 CVE-2023-6278 - https://wpscan.com/vulnerability/dfe5001f-31b9-4de2-a240-f7f5a992ac49/ CVE-2023-6279 - https://wpscan.com/vulnerability/626bbc7d-0d0f-4418-ac61-666278a1cbdb/ @@ -94555,7 +94679,9 @@ CVE-2023-6295 - https://wpscan.com/vulnerability/adc9ed9f-55b4-43a9-a79d-c712076 CVE-2023-6296 - http://packetstormsecurity.com/files/175925/osCommerce-4-Cross-Site-Scripting.html CVE-2023-6297 - https://github.com/dhabaleshwar/niv_testing_rxss/blob/main/exploit.md CVE-2023-6298 - https://vuldb.com/?id.246124 +CVE-2023-6301 - https://github.com/BigTiger2020/2023/blob/main/best-courier-management-system/best-courier-management-system-reflected%20xss2.md CVE-2023-6301 - https://vuldb.com/?id.246127 +CVE-2023-6305 - https://github.com/BigTiger2020/2023/blob/main/Free%20and%20Open%20Source%20inventory%20management%20system/Free%20and%20Open%20Source%20inventory%20management%20system.md CVE-2023-6306 - https://vuldb.com/?id.246132 CVE-2023-6308 - https://github.com/gatsby2003/Struts2-046/blob/main/Xiamen%20Four-Faith%20Communication%20Technology%20Co.,%20Ltd.%20video%20surveillance%20management%20system%20has%20a%20command%20execution%20vulnerability.md CVE-2023-6309 - https://github.com/moses-smt/mosesdecoder/issues/237 @@ -94616,8 +94742,11 @@ CVE-2023-6568 - https://huntr.com/bounties/816bdaaa-8153-4732-951e-b0d92fddf709 CVE-2023-6569 - https://huntr.com/bounties/a5d003dc-c23e-4c98-8dcf-35ba9252fa3c CVE-2023-6570 - https://huntr.com/bounties/82d6e853-013b-4029-a23f-8b50ec56602a CVE-2023-6571 - https://huntr.com/bounties/f02781e7-2a53-4c66-aa32-babb16434632 +CVE-2023-6574 - https://github.com/flyyue2001/cve/blob/main/smart_sql_updateos.md CVE-2023-6575 - https://github.com/houhuidong/cve/blob/main/rce.md +CVE-2023-6576 - https://github.com/willchen0011/cve/blob/main/upload.md CVE-2023-6579 - http://packetstormsecurity.com/files/176124/osCommerce-4-SQL-Injection.html +CVE-2023-6580 - https://github.com/c2dc/cve-reported/blob/main/CVE-2023-6580/CVE-2023-6580.md CVE-2023-6584 - https://wpscan.com/vulnerability/e528e3cd-a45c-4bf7-a37a-101f5c257acd/ CVE-2023-6585 - https://wpscan.com/vulnerability/757412f4-e4f8-4007-8e3b-639a72b33180/ CVE-2023-6591 - https://wpscan.com/vulnerability/f296de1c-b70b-4829-aba7-4afa24f64c51/ @@ -94640,7 +94769,9 @@ CVE-2023-6730 - https://huntr.com/bounties/423611ee-7a2a-442a-babb-3ed2f8385c16 CVE-2023-6732 - https://wpscan.com/vulnerability/aaf91707-f03b-4f25-bca9-9fac4945002a/ CVE-2023-6741 - https://wpscan.com/vulnerability/9debe1ea-18ad-44c4-8078-68eb66d36c4a/ CVE-2023-6750 - https://wpscan.com/vulnerability/fad9eefe-4552-4d20-a1fd-bb2e172ec8d7 +CVE-2023-6753 - https://github.com/mlflow/mlflow/commit/1c6309f884798fbf56017a3cc808016869ee8de4 CVE-2023-6753 - https://huntr.com/bounties/b397b83a-527a-47e7-b912-a12a17a6cfb4 +CVE-2023-6766 - https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/csrf_delete_course.md CVE-2023-6773 - https://drive.google.com/drive/folders/1yuc1n6tr57wD8qsT0HAFDVAuii7iibDM?usp=sharing CVE-2023-6778 - https://huntr.com/bounties/5f3fffac-0358-48e6-a500-81bac13e0e2b CVE-2023-6779 - http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html @@ -94659,11 +94790,14 @@ CVE-2023-6832 - https://huntr.com/bounties/53105a20-f4b1-45ad-a734-0349de6d7376 CVE-2023-6840 - https://gitlab.com/gitlab-org/gitlab/-/issues/435500 CVE-2023-6843 - https://wpscan.com/vulnerability/41508340-8caf-4dca-bd88-350b63b78ab0 CVE-2023-6845 - https://wpscan.com/vulnerability/cbdaf158-f277-4be4-b022-68d18dae4c55 +CVE-2023-6861 - https://bugzilla.mozilla.org/show_bug.cgi?id=1864118 CVE-2023-6866 - https://bugzilla.mozilla.org/show_bug.cgi?id=1849037 CVE-2023-6867 - https://bugzilla.mozilla.org/show_bug.cgi?id=1863863 CVE-2023-6870 - https://bugzilla.mozilla.org/show_bug.cgi?id=1823316 CVE-2023-6875 - http://packetstormsecurity.com/files/176525/WordPress-POST-SMTP-Mailer-2.8.7-Authorization-Bypass-Cross-Site-Scripting.html +CVE-2023-6885 - https://github.com/Martinzb/cve/blob/main/sql.md CVE-2023-6888 - http://www.huiyao.love/2023/12/08/rtspserver-stackoverflow-vulnerability/ +CVE-2023-6888 - https://github.com/hu1y40/PoC/blob/main/rtspserver_stackoverflow_poc.py CVE-2023-6889 - https://huntr.com/bounties/52897778-fad7-4169-bf04-a68a0646df0c CVE-2023-6890 - https://huntr.com/bounties/2cf11678-8793-4fa1-b21a-f135564a105d CVE-2023-6893 - https://github.com/willchen0011/cve/blob/main/download.md @@ -94710,6 +94844,7 @@ CVE-2023-7092 - https://drive.google.com/file/d/15Wr3EL4cpAS_H_Vp7TuIftssxAuzb4S CVE-2023-7092 - https://vuldb.com/?id.248939 CVE-2023-7095 - https://github.com/unpWn4bL3/iot-security/blob/main/2.md CVE-2023-7100 - https://medium.com/@2839549219ljk/restaurant-table-booking-system-sql-injection-vulnerability-30708cfabe03 +CVE-2023-7100 - https://vuldb.com/?id.248952 CVE-2023-7101 - https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0019.md CVE-2023-7101 - https://https://github.com/haile01/perl_spreadsheet_excel_rce_poc CVE-2023-7101 - https://security.metacpan.org/2024/02/10/vulnerable-spreadsheet-parsing-modules.html @@ -94770,6 +94905,7 @@ CVE-2023-7176 - https://vuldb.com/?id.249363 CVE-2023-7177 - https://medium.com/@heishou/libsystem-foreground-sql-injection-vulnerability-4-cadc2983eb5e CVE-2023-7178 - https://medium.com/@heishou/libsystem-foreground-sql-injection-vulnerability-5-5a761e5b73b8 CVE-2023-7179 - https://medium.com/@heishou/libsystem-foreground-sql-injection-vulnerability-a98949964faf +CVE-2023-7180 - https://github.com/Bobjones7/cve/blob/main/sql.md CVE-2023-7181 - https://vuldb.com/?id.249368 CVE-2023-7194 - https://wpscan.com/vulnerability/e20292af-939a-4cb1-91e4-5ff6aa0c7fbe CVE-2023-7198 - https://wpscan.com/vulnerability/75fbee63-d622-441f-8675-082907b0b1e6/ @@ -95054,6 +95190,7 @@ CVE-2024-1455 - https://github.com/langchain-ai/langchain/commit/727d5023ce88e18 CVE-2024-1460 - https://fluidattacks.com/advisories/mingus/ CVE-2024-1481 - https://bugzilla.redhat.com/show_bug.cgi?id=2262169 CVE-2024-1487 - https://wpscan.com/vulnerability/c028cd73-f30a-4c8b-870f-3071055f0496/ +CVE-2024-1507 - https://www.wordfence.com/threat-intel/vulnerabilities/id/09f2cb22-07e2-4fe5-8c2a-9d4420ee26ed?source=cve CVE-2024-1526 - https://wpscan.com/vulnerability/1664697e-0ea3-4d09-b2fd-153a104ec255/ CVE-2024-1564 - https://wpscan.com/vulnerability/ecb1e36f-9c6e-4754-8878-03c97194644d/ CVE-2024-1588 - https://wpscan.com/vulnerability/2772c921-d977-4150-b207-ae5ba5e2a6db/ @@ -96842,6 +96979,7 @@ CVE-2024-32866 - https://github.com/edmundhung/conform/security/advisories/GHSA- CVE-2024-32869 - https://github.com/honojs/hono/security/advisories/GHSA-3mpf-rcc7-5347 CVE-2024-32876 - https://github.com/TeamNewPipe/NewPipe/security/advisories/GHSA-wxrm-jhpf-vp6v CVE-2024-32878 - https://github.com/ggerganov/llama.cpp/security/advisories/GHSA-p5mv-gjc5-mwqv +CVE-2024-3288 - https://wpscan.com/vulnerability/4ef99f54-68df-4353-8fc0-9b09ac0df7ba/ CVE-2024-32880 - https://github.com/pyload/pyload/security/advisories/GHSA-3f7w-p8vr-4v5f CVE-2024-32881 - https://github.com/danswer-ai/danswer/security/advisories/GHSA-xr9w-3ggr-hr6j CVE-2024-32884 - https://github.com/Byron/gitoxide/security/advisories/GHSA-98p4-xjmm-8mfh @@ -97304,6 +97442,8 @@ CVE-2024-4591 - https://github.com/Hckwzh/cms/blob/main/22.md CVE-2024-4592 - https://github.com/Hckwzh/cms/blob/main/23.md CVE-2024-4593 - https://github.com/Hckwzh/cms/blob/main/24.md CVE-2024-4594 - https://github.com/Hckwzh/cms/blob/main/25.md +CVE-2024-4620 - https://wpscan.com/vulnerability/dc34dc2d-d5a1-4e28-8507-33f659ead647/ +CVE-2024-4621 - https://wpscan.com/vulnerability/33a366d9-6c81-4957-a101-768487aae735/ CVE-2024-4644 - https://github.com/yylmm/CVE/blob/main/Prison%20Management%20System/xss3.md CVE-2024-4645 - https://github.com/yylmm/CVE/blob/main/Prison%20Management%20System/xss4.md CVE-2024-4653 - https://github.com/Hefei-Coffee/cve/blob/main/sql.md @@ -97325,6 +97465,7 @@ CVE-2024-4737 - https://github.com/yylmm/CVE/blob/main/Legal%20Case%20Management CVE-2024-4738 - https://github.com/yylmm/CVE/blob/main/Legal%20Case%20Management%20System/xss_admin_appointment.md CVE-2024-4749 - https://wpscan.com/vulnerability/6cc05a33-6592-4d35-8e66-9b6a9884df7e/ CVE-2024-4750 - https://wpscan.com/vulnerability/ffbe4034-842b-43b0-97d1-208811376dea/ +CVE-2024-4756 - https://wpscan.com/vulnerability/ce4688b6-6713-43b5-aa63-8a3b036bd332/ CVE-2024-4792 - https://github.com/yylmm/CVE/blob/main/Online%20Laundry%20Management%20System/sql_action.md CVE-2024-4793 - https://github.com/yylmm/CVE/blob/main/Online%20Laundry%20Management%20System/sql_manage_laundry.md CVE-2024-4794 - https://github.com/yylmm/CVE/blob/main/Online%20Laundry%20Management%20System/sql_manage_receiving.md @@ -97370,6 +97511,7 @@ CVE-2024-4972 - https://github.com/BurakSevben/CVEs/blob/main/Simple%20Chat%20Ap CVE-2024-4973 - https://github.com/BurakSevben/CVEs/blob/main/Simple%20Chat%20App/Simple%20Chat%20App%20-%20SQL%20Injection%20-%202.md CVE-2024-4974 - https://github.com/BurakSevben/CVEs/blob/main/Simple%20Chat%20App/Simple%20Chat%20App%20-%20Cross-Site-Scripting-1.md CVE-2024-4975 - https://github.com/BurakSevben/CVEs/blob/main/Simple%20Chat%20App/Simple%20Chat%20App%20-%20Cross-Site-Scripting-2.md +CVE-2024-5003 - https://wpscan.com/vulnerability/1d7d0372-bbc5-40b2-a668-253c819415c4/ CVE-2024-5046 - https://github.com/CveSecLook/cve/issues/32 CVE-2024-5047 - https://github.com/I-Schnee-I/cev/blob/main/SourceCodester%20Student%20Management%20System%201.0%20controller.php%20Unrestricted%20Upload.md CVE-2024-5048 - https://github.com/BurakSevben/CVEs/blob/main/Budget%20Management%20App/Budget%20Management%20App%20-%20SQL%20Injection%20-%201.md @@ -97757,6 +97899,8 @@ http://blog.malerisch.net/2016/12/alcatel-omnivista-8770-unauth-rce-giop-corba.h http://blog.mindedsecurity.com/2015/09/autoloaded-file-inclusion-in-magento.html http://blog.mindedsecurity.com/2016/01/request-parameter-method-may-lead-to.html http://blog.mozilla.com/security/2007/07/10/security-issue-in-url-protocol-handling-on-windows/ +http://blog.mozilla.com/security/2009/07/14/critical-javascript-vulnerability-in-firefox-35/ +http://blog.mozilla.com/security/2009/07/19/milw0rm-9158-stack-overflow-crash-not-exploitable-cve-2009-2479/ http://blog.mozilla.com/security/2010/02/22/secunia-advisory-sa38608/ http://blog.mozilla.com/security/2010/03/18/update-on-secunia-advisory-sa38608/ http://blog.mozilla.com/security/2010/03/31/plugging-the-css-history-leak/ @@ -97769,6 +97913,7 @@ http://blog.rewolf.pl/blog/?p=1630 http://blog.rewolf.pl/blog/?p=1778 http://blog.scrt.ch/2013/06/04/mongodb-rce-by-databasespraying/ http://blog.scrt.ch/2013/07/24/vlc-abc-parsing-seems-to-be-a-ctf-challenge/ +http://blog.securelayer7.net/fb50-smart-lock-vulnerability-disclosure/ http://blog.skylined.nl/20161118002.html http://blog.skylined.nl/20161206001.html http://blog.skylined.nl/20161219001.html @@ -97855,6 +98000,7 @@ http://code610.blogspot.com/2017/11/sql-injection-in-manageengine.html http://code610.blogspot.com/2018/01/post-auth-sql-injection-in-freepbx.html http://code610.blogspot.com/2018/04/few-bugs-in-latest-nagios-xi-5413.html http://code610.blogspot.com/2018/05/make-free-vlc.html +http://code610.blogspot.com/2018/06/exploiting-cyberark-1021603.html http://code610.blogspot.com/2018/07/crashing-nmap-760.html http://code610.blogspot.com/2018/07/crashing-nmap-770.html http://code610.blogspot.com/2018/08/updating-xnview.html @@ -97883,6 +98029,7 @@ http://codevigilant.com/disclosure/wp-plugin-your-text-manager-a3-cross-site-scr http://codewhitesec.blogspot.com/2017/04/amf.html http://conference.hitb.org/hitbsecconf2010dxb/materials/D1%20-%20Laurent%20Oudot%20-%20Improving%20the%20Stealthiness%20of%20Web%20Hacking.pdf#page=74 http://console-cowboys.blogspot.com/2013/01/swann-song-dvr-insecurity.html +http://contagiodump.blogspot.com/2010/10/potential-new-adobe-flash-player-zero.html http://core.yehg.net/lab/pr0js/advisories/dll_hijacking/%5Balsee%5D_6.20.0.1_insecure_dll_hijacking http://core.yehg.net/lab/pr0js/advisories/dll_hijacking/%5Bcelframe_office%5D_2008_insecure_dll_hijacking http://core.yehg.net/lab/pr0js/advisories/dll_hijacking/%5Be-press-one_office%5D_insecure_dll_hijacking @@ -97909,6 +98056,9 @@ http://cturt.github.io/SETFKEY.html http://cturt.github.io/sendmsg.html http://cvewalkthrough.com/cve-2020-13480html-injection http://cvewalkthrough.com/variant-unauthenticated-information-disclosure-via-api/ +http://cxsecurity.com/issue/WLB-2013110059 +http://cxsecurity.com/issue/WLB-2013110149 +http://cxsecurity.com/issue/WLB-2014010087 http://cxsecurity.com/research/103 http://daniels-it-blog.blogspot.com/2020/06/when-your-anti-virus-turns-against-you.html http://daniels-it-blog.blogspot.com/2020/07/gog-galaxy-escalation-of-privileges.html @@ -97953,6 +98103,7 @@ http://eromang.zataz.com/2012/02/15/cve-2012-0209-horde-backdoor-analysis/ http://eromang.zataz.com/2012/04/10/oracle-mysql-innodb-bugs-13510739-and-63775-dos-demo/ http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf http://evilc0de.blogspot.com/2009/09/tpdugg-joomla-component-11-blind-sql.html +http://evilc0de.blogspot.com/2010/03/osdate-rfi-vuln.html http://evilc0de.blogspot.com/2010/03/pre-e-learning-portal-sql-injection.html http://evilc0de.blogspot.com/2010/04/joomla-component-redtwitter-lfi-vuln.html http://evuln.com/vulns/1/summary.html @@ -98105,6 +98256,8 @@ http://ffmpeg.org/trac/ffmpeg/ticket/780 http://firebitsbr.wordpress.com/2014/07/16/vsla-security-advisory-fire-scada-dos-2013-001-http-dos-requests-flooding-crash-device-vulnerabilities-elipse-e3-scada-plc/ http://firmware.re/vulns/acsa-2015-002.php http://firstsight.me/2017/12/lack-of-binary-protection-at-asus-vivo-baby-and-hivivo-for-android-that-could-result-of-several-security-issues +http://firstsight.me/2019/10/5000-usd-xss-issue-at-avast-desktop-antivirus-for-windows-yes-desktop/ +http://firstsight.me/2019/10/illegal-rendered-at-download-feature-in-several-apps-including-opera-mini-that-lead-to-extension-manipulation-with-rtlo/ http://forum.wampserver.com/read.php?2,144473 http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/ http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/#jenkins @@ -98119,6 +98272,7 @@ http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d114b9 http://git.videolan.org/?p=ffmpeg.git;a=commit;h=0aada30510d809bccfd539a90ea37b61188f2cb4 http://git.videolan.org/?p=ffmpeg.git;a=commit;h=47b7c68ae54560e2308bdb6be4fb076c73b93081 http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8a3221cc67a516dfc1700bdae3566ec52c7ee823 +http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-w44j-66g7-xw99 http://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.html http://greyhathackers.wordpress.com/2010/01/02/left-4-dead-stats-1-1-sql-injection-vulnerability/ http://greyhathackers.wordpress.com/2010/01/07/sniggabo-cms-v2-21-xss-vulnerability/ @@ -98210,6 +98364,7 @@ http://infosecabsurdity.wordpress.com/research/isa-2013-002/ http://infoworld.com/d/security-central/new-weaponized-virus-targets-industrial-secrets-725 http://ingehenriksen.blogspot.com/2005/11/filezilla-server-terminal-094d-dos-poc_21.html http://invisiblethingslab.com/resources/misc09/Another%20TXT%20Attack.pdf +http://isciurus.blogspot.com/2015/01/android-app-with-full-control-over-your.html http://isec.pl/vulnerabilities/isec-0008-sun-at.txt http://isec.pl/vulnerabilities/isec-0013-mremap.txt http://isec.pl/vulnerabilities/isec-0018-igmp.txt @@ -98218,11 +98373,14 @@ http://isec.pl/vulnerabilities/isec-0027-msgbox-helpfile-ie.txt http://isecpartners.github.io/fuzzing/vulnerabilities/2013/12/30/vlc-vulnerability.html http://issues.apache.org/bugzilla/show_bug.cgi?id=31975 http://issues.igniterealtime.org/browse/SMACK-410 +http://issues.liferay.com/browse/LPS-11506 http://issues.liferay.com/browse/LPS-12628 http://issues.liferay.com/browse/LPS-13250 +http://issues.liferay.com/browse/LPS-13762 http://issues.liferay.com/browse/LPS-14927 http://issues.liferay.com/browse/LPS-6034 http://issues.liferay.com/secure/ReleaseNote.jspa?version=10656&styleName=Html&projectId=10952 +http://it.slashdot.org/it/08/06/18/1919224.shtml http://jgj212.blogspot.hk/2017/04/modified-ecommerce-shopsoftware-2022.html http://jgj212.blogspot.kr/2017/05/a-reflected-xss-vulnerability-in.html http://jira.pentaho.com/browse/BISERVER-13207 @@ -98237,6 +98395,7 @@ http://kerneltrap.org/mailarchive/git/2008/7/16/2529284 http://kerneltrap.org/mailarchive/linux-kernel/2008/2/6/752194/thread http://kerneltrap.org/mailarchive/linux-netdev/2010/3/3/6271093/thread http://kerneltrap.org/mailarchive/linux-netdev/2010/5/21/6277805 +http://klikki.fi/adv/wordpress.html http://klikki.fi/adv/wpml.html http://krebsonsecurity.com/2013/01/zero-day-java-exploit-debuts-in-crimeware/ http://labs.integrity.pt/advisories/cve-2013-3319/ @@ -98282,6 +98441,7 @@ http://lists.openwall.net/full-disclosure/2018/01/10/8 http://lists.openwall.net/full-disclosure/2018/02/27/1 http://lists.openwall.net/full-disclosure/2018/02/28/1 http://lists.owasp.org/pipermail/esapi-dev/2013-August/002285.html +http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2018q3/002108.html http://lists.vtigercrm.com/pipermail/vtigercrm-developers/2019-January/037852.html http://lists.xiph.org/pipermail/icecast-dev/2015-April/002460.html http://lkml.org/lkml/2009/10/19/50 @@ -98395,39 +98555,99 @@ http://marc.info/?l=bugtraq&m=103979751818638&w=2 http://marc.info/?l=bugtraq&m=104032149026670&w=2 http://marc.info/?l=bugtraq&m=104204786206563&w=2 http://marc.info/?l=bugtraq&m=104342864418213&w=2 +http://marc.info/?l=bugtraq&m=104428700106672&w=2 http://marc.info/?l=bugtraq&m=104431622818954&w=2 +http://marc.info/?l=bugtraq&m=104490777824360&w=2 +http://marc.info/?l=bugtraq&m=104576100719090&w=2 +http://marc.info/?l=bugtraq&m=104587206702715&w=2 +http://marc.info/?l=bugtraq&m=104610337726297&w=2 http://marc.info/?l=bugtraq&m=104610380126860&w=2 http://marc.info/?l=bugtraq&m=104678739608479&w=2 +http://marc.info/?l=bugtraq&m=104716030503607&w=2 http://marc.info/?l=bugtraq&m=104739841223916&w=2 http://marc.info/?l=bugtraq&m=104818814931378&w=2 +http://marc.info/?l=bugtraq&m=104861839130254&w=2 +http://marc.info/?l=bugtraq&m=104869513822233&w=2 http://marc.info/?l=bugtraq&m=104914778303805&w=2 http://marc.info/?l=bugtraq&m=104940730819887&w=2 +http://marc.info/?l=bugtraq&m=104982175321731&w=2 http://marc.info/?l=bugtraq&m=104994309010974&w=2 http://marc.info/?l=bugtraq&m=105001663120995&w=2 +http://marc.info/?l=bugtraq&m=105103613727471&w=2 +http://marc.info/?l=bugtraq&m=105111217731583&w=2 +http://marc.info/?l=bugtraq&m=105121918523320&w=2 http://marc.info/?l=bugtraq&m=105155734411836&w=2 http://marc.info/?l=bugtraq&m=105172058404810&w=2 +http://marc.info/?l=bugtraq&m=105241224228693&w=2 +http://marc.info/?l=bugtraq&m=105259012802997&w=2 +http://marc.info/?l=bugtraq&m=105284486526310&w=2 +http://marc.info/?l=bugtraq&m=105344891005369&w=2 +http://marc.info/?l=bugtraq&m=105361879109409&w=2 +http://marc.info/?l=bugtraq&m=105370528728225&w=2 http://marc.info/?l=bugtraq&m=105405629622652&w=2 +http://marc.info/?l=bugtraq&m=105405668423102&w=2 http://marc.info/?l=bugtraq&m=105474080512376&w=2 +http://marc.info/?l=bugtraq&m=105561134624665&w=2 +http://marc.info/?l=bugtraq&m=105561189625082&w=2 http://marc.info/?l=bugtraq&m=105577912106710&w=2 +http://marc.info/?l=bugtraq&m=105585986015421&w=2 +http://marc.info/?l=bugtraq&m=105595990924165&w=2 +http://marc.info/?l=bugtraq&m=105613243117155&w=2 +http://marc.info/?l=bugtraq&m=105621758104242 http://marc.info/?l=bugtraq&m=105648385900792&w=2 +http://marc.info/?l=bugtraq&m=105664924024009&w=2 +http://marc.info/?l=bugtraq&m=105709450711395&w=2 +http://marc.info/?l=bugtraq&m=105709569312583&w=2 +http://marc.info/?l=bugtraq&m=105733145930031&w=2 +http://marc.info/?l=bugtraq&m=105733277731084&w=2 +http://marc.info/?l=bugtraq&m=105733894003737&w=2 +http://marc.info/?l=bugtraq&m=105760660928715&w=2 http://marc.info/?l=bugtraq&m=105769387706906&w=2 +http://marc.info/?l=bugtraq&m=105769805311484&w=2 +http://marc.info/?l=bugtraq&m=105785749721291&w=2 +http://marc.info/?l=bugtraq&m=105820193406838&w=2 http://marc.info/?l=bugtraq&m=105820430209748&w=2 http://marc.info/?l=bugtraq&m=105829174431769&w=2 +http://marc.info/?l=bugtraq&m=105829691405446&w=2 +http://marc.info/?l=bugtraq&m=105838519729525&w=2 +http://marc.info/?l=bugtraq&m=105838948002337&w=2 +http://marc.info/?l=bugtraq&m=105839042603476&w=2 http://marc.info/?l=bugtraq&m=105839150004682&w=2 +http://marc.info/?l=bugtraq&m=105845898003616&w=2 http://marc.info/?l=bugtraq&m=105846288808846&w=2 +http://marc.info/?l=bugtraq&m=105848106631132&w=2 +http://marc.info/?l=bugtraq&m=105880332428706&w=2 +http://marc.info/?l=bugtraq&m=105950927708272&w=2 http://marc.info/?l=bugtraq&m=105958240709302&w=2 +http://marc.info/?l=bugtraq&m=105978381618095&w=2 http://marc.info/?l=bugtraq&m=106062021711496&w=2 +http://marc.info/?l=bugtraq&m=106071059430211&w=2 http://marc.info/?l=bugtraq&m=106260760211958&w=2 http://marc.info/?l=bugtraq&m=106262077829157&w=2 +http://marc.info/?l=bugtraq&m=106304902323758&w=2 http://marc.info/?l=bugtraq&m=106364207129993&w=2 +http://marc.info/?l=bugtraq&m=106367213400313&w=2 +http://marc.info/?l=bugtraq&m=106381136115972&w=2 +http://marc.info/?l=bugtraq&m=106546044416498&w=2 +http://marc.info/?l=bugtraq&m=106547728803252&w=2 +http://marc.info/?l=bugtraq&m=106589631819348&w=2 http://marc.info/?l=bugtraq&m=106666713812158&w=2 http://marc.info/?l=bugtraq&m=106761926906781&w=2 http://marc.info/?l=bugtraq&m=106762000607681&w=2 http://marc.info/?l=bugtraq&m=106865197102041&w=2 +http://marc.info/?l=bugtraq&m=106867135830683&w=2 http://marc.info/?l=bugtraq&m=106875764826251&w=2 +http://marc.info/?l=bugtraq&m=106944220426970 http://marc.info/?l=bugtraq&m=106986437621130&w=2 +http://marc.info/?l=bugtraq&m=107004362416252&w=2 +http://marc.info/?l=bugtraq&m=107038202225587&w=2 +http://marc.info/?l=bugtraq&m=107064830206816&w=2 http://marc.info/?l=bugtraq&m=107090390002654&w=2 http://marc.info/?l=bugtraq&m=107196735102970&w=2 +http://marc.info/?l=bugtraq&m=107247236124180&w=2 +http://marc.info/?l=bugtraq&m=107273069130885&w=2 +http://marc.info/?l=bugtraq&m=107332782121916&w=2 +http://marc.info/?l=bugtraq&m=107340358402129&w=2 http://marc.info/?l=bugtraq&m=107340481804110&w=2 http://marc.info/?l=bugtraq&m=107367110805273&w=2 http://marc.info/?l=bugtraq&m=107394912715478&w=2 @@ -99068,6 +99288,7 @@ http://marc.info/?l=full-disclosure&m=120139657100513&w=2 http://marc.info/?l=full-disclosure&m=122572590212610&w=4 http://marc.info/?l=full-disclosure&m=124624413120440&w=2 http://marc.info/?l=full-disclosure&m=124627617220913&w=2 +http://marc.info/?l=full-disclosure&m=131373057621672&w=2 http://marc.info/?l=full-disclosure&m=132706457510193&w=2 http://marc.info/?l=full-disclosure&m=132852645911072&w=2 http://marc.info/?l=ntbugtraq&m=101484975231922&w=2 @@ -99075,6 +99296,8 @@ http://marc.info/?l=ntbugtraq&m=102020343728766&w=2 http://marc.info/?l=ntbugtraq&m=102256058220402&w=2 http://marc.info/?l=ntbugtraq&m=103046138631893&w=2 http://marc.info/?l=ntbugtraq&m=103470202010570&w=2 +http://marc.info/?l=ntbugtraq&m=104868285106289&w=2 +http://marc.info/?l=ntbugtraq&m=105585001905002&w=2 http://marc.info/?l=ntbugtraq&m=105838590030409&w=2 http://marc.info/?l=oss-security&m=125649553414700&w=2 http://marc.info/?l=php-internals&m=147921016724565&w=2 @@ -99082,6 +99305,7 @@ http://marc.info/?l=snort-devel&m=114909074311462&w=2 http://marc.info/?l=squirrelmail-devel&m=119765235203392&w=2 http://marc.info/?l=vuln-dev&m=102297259123103&w=2 http://marc.info/?l=vuln-dev&m=102321152215055&w=2 +http://marc.info/?l=vuln-dev&m=105241032526289&w=2 http://marc.info/?l=vuln-dev&m=107462499927040&w=2 http://marc.info/?l=vuln-dev&m=114857412916909&w=2 http://marc.info/?l=vuln-dev&m=99651044701417&w=2 @@ -101742,6 +101966,7 @@ http://packetstormsecurity.com/files/153089/CA-Risk-Strong-Authentication-Privil http://packetstormsecurity.com/files/153093/Kanboard-1.2.7-Cross-Site-Scripting.html http://packetstormsecurity.com/files/153103/VFront-0.99.5-Reflective-Cross-Site-Scripting.html http://packetstormsecurity.com/files/153104/VFront-0.99.5-Persistent-Cross-Site-Scripting.html +http://packetstormsecurity.com/files/153106/Spidermonkey-IonMonkey-JS_OPTIMIZED_OUT-Value-Leak.html http://packetstormsecurity.com/files/153112/pfSense-2.4.4-p3-Cross-Site-Scripting.html http://packetstormsecurity.com/files/153114/Microsoft-Windows-AppX-Deployment-Service-Local-Privilege-Escalation.html http://packetstormsecurity.com/files/153122/Siemens-LOGO-8-Hard-Coded-Cryptographic-Key.html @@ -103706,6 +103931,7 @@ http://packetstormsecurity.com/files/167046/SAP-BusinessObjects-Intelligence-4.3 http://packetstormsecurity.com/files/167051/ManageEngine-ADSelfService-Plus-Build-6118-NTLMv2-Hash-Exposure.html http://packetstormsecurity.com/files/167060/Anuko-Time-Tracker-1.20.0.5640-SQL-Injection.html http://packetstormsecurity.com/files/167063/Navigate-CMS-2.9.4-Server-Side-Request-Forgery.html +http://packetstormsecurity.com/files/167066/Google-Chrome-78.0.3904.70-Remote-Code-Execution.html http://packetstormsecurity.com/files/167069/PyScript-2022-05-04-Alpha-Source-Code-Disclosure.html http://packetstormsecurity.com/files/167070/DLINK-DAP-1620-A1-1.01-Directory-Traversal.html http://packetstormsecurity.com/files/167082/MyBB-1.8.29-Remote-Code-Execution.html @@ -104792,6 +105018,7 @@ http://pentest.com.tr/exploits/ATutor-2-2-4-file-manager-Remote-Code-Execution-I http://pentest.com.tr/exploits/CuteNews-2-1-2-Remote-Code-Execution-Metasploit.html http://pentest.com.tr/exploits/DEFCON-ManageEngine-APM-v14-Privilege-Escalation-Remote-Command-Execution.html http://pentest.com.tr/exploits/DEFCON-ManageEngine-OpManager-v12-4-Privilege-Escalation-Remote-Command-Execution.html +http://pentest.com.tr/exploits/DEFCON-ManageEngine-OpManager-v12-4-Unauthenticated-Remote-Command-Execution.html http://pigstarter.krebsco.de/report/2013-12-18_dir100.txt http://piotrbania.com/all/adv/quicktime-integer-overflow-h264-adv-7.1.txt http://pridels-team.blogspot.com/2007/10/odysseysuite-internet-banking-vuln.html @@ -105342,6 +105569,7 @@ http://secureyourit.co.uk/wp/2018/05/01/creating-malicious-odt-files/ http://security.gentoo.org/glsa/glsa-200403-02.xml http://security.stackexchange.com/questions/19911/crime-how-to-beat-the-beast-successor http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html +http://securityreason.com/achievement_securityalert/101 http://securityreason.com/achievement_securityalert/32 http://securityreason.com/achievement_securityalert/69 http://securityreason.com/achievement_securityalert/71 @@ -105356,6 +105584,7 @@ http://securityreason.com/achievement_securityalert/83 http://securityreason.com/achievement_securityalert/89 http://securityreason.com/achievement_securityalert/93 http://securityreason.com/achievement_securityalert/95 +http://securityreason.com/achievement_securityalert/97 http://securityreason.com/expldownload/1/7380/1 http://securityreason.com/exploitalert/5644 http://securityreason.com/exploitalert/6198 @@ -105779,6 +106008,8 @@ http://securityreason.com/securityalert/2197 http://securityreason.com/securityalert/2198 http://securityreason.com/securityalert/2199 http://securityreason.com/securityalert/2261 +http://securityreason.com/securityalert/2388 +http://securityreason.com/securityalert/2407 http://securityreason.com/securityalert/2428 http://securityreason.com/securityalert/2452 http://securityreason.com/securityalert/248 @@ -106016,8 +106247,12 @@ http://securityreason.com/securityalert/2707 http://securityreason.com/securityalert/2708 http://securityreason.com/securityalert/2733 http://securityreason.com/securityalert/2752 +http://securityreason.com/securityalert/2775 +http://securityreason.com/securityalert/2783 +http://securityreason.com/securityalert/2803 http://securityreason.com/securityalert/2817 http://securityreason.com/securityalert/2828 +http://securityreason.com/securityalert/2844 http://securityreason.com/securityalert/288 http://securityreason.com/securityalert/2880 http://securityreason.com/securityalert/2881 @@ -106051,6 +106286,8 @@ http://securityreason.com/securityalert/2988 http://securityreason.com/securityalert/2989 http://securityreason.com/securityalert/2998 http://securityreason.com/securityalert/3002 +http://securityreason.com/securityalert/3018 +http://securityreason.com/securityalert/3024 http://securityreason.com/securityalert/303 http://securityreason.com/securityalert/3030 http://securityreason.com/securityalert/3031 @@ -106074,18 +106311,23 @@ http://securityreason.com/securityalert/3056 http://securityreason.com/securityalert/3057 http://securityreason.com/securityalert/3058 http://securityreason.com/securityalert/3059 +http://securityreason.com/securityalert/3060 http://securityreason.com/securityalert/3067 http://securityreason.com/securityalert/3104 http://securityreason.com/securityalert/3140 http://securityreason.com/securityalert/3143 http://securityreason.com/securityalert/3178 +http://securityreason.com/securityalert/3181 http://securityreason.com/securityalert/3234 http://securityreason.com/securityalert/3342 http://securityreason.com/securityalert/3364 http://securityreason.com/securityalert/3370 +http://securityreason.com/securityalert/3373 http://securityreason.com/securityalert/3402 +http://securityreason.com/securityalert/3421 http://securityreason.com/securityalert/3442 http://securityreason.com/securityalert/3443 +http://securityreason.com/securityalert/3455 http://securityreason.com/securityalert/3473 http://securityreason.com/securityalert/3495 http://securityreason.com/securityalert/3502 @@ -107289,6 +107531,7 @@ http://securityreason.com/securityalert/8317 http://securityreason.com/securityalert/8324 http://securityreason.com/securityalert/8370 http://securityreason.com/securityalert/8372 +http://securityreason.com/securityalert/8374 http://securityreason.com/securityalert/8376 http://securityreason.com/securityalert/8382 http://securityreason.com/securityalert/8383 @@ -107359,6 +107602,7 @@ http://sourceforge.net/mailarchive/forum.php?thread_name=CAAoG81HL9oP8roPLLhftTS http://sourceforge.net/p/ipcop/bugs/807/ http://sourceforge.net/project/shownotes.php?group_id=140317&release_id=456313 http://sourceforge.net/tracker/?func=detail&aid=3501716&group_id=157964&atid=805929 +http://sourceforge.net/tracker/?func=detail&aid=3506818&group_id=219284&atid=1045881 http://sourceforge.net/tracker/index.php?func=detail&aid=1344032&group_id=40604&atid=428516 http://sourceforge.net/tracker/index.php?func=detail&aid=2001151&group_id=13764&atid=113764 http://spa-s3c.blogspot.com/2010/06/full-responsible-disclosurenginx-engine.html @@ -107401,13 +107645,16 @@ http://theinvisiblethings.blogspot.com/2009/01/attacking-intel-trusted-execution http://thekelleys.org.uk/dnsmasq/CHANGELOG http://thenextweb.com/insider/2013/01/28/new-vulnerability-bypasses-oracles-attempt-to-stop-malware-drive-by-downloads-via-java-applets/ http://thesauceofutterpwnage.blogspot.com/2011/01/waking-up-sleeping-dragon.html +http://threat.tevora.com/biscom-secure-file-transfer-arbitrary-file-download/ http://tlhsecurity.blogspot.com/2009/10/palm-pre-webos-11-remote-file-access.html http://tlhsecurity.blogspot.com/2009/10/palm-pre-webos-version-11-floating.html http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120912-cupxcp http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130129-upnp http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130717-cucm http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130904-webex +http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131023-struts2 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140226-pi +http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-ani http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151006-vcs http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151007-vcs @@ -107443,9 +107690,11 @@ http://unbound.nlnetlabs.nl/downloads/unbound-1.4.4.tar.gz http://uploadboy.me/cn40ne6p89t6/POC.mp4.html http://users.own-hero.net/~decoder/advisories/mvnforum-jsxss.txt http://users.own-hero.net/~decoder/advisories/sphider134-xss.txt +http://v0ids3curity.blogspot.in/2014/12/return-to-vdso-using-elf-auxiliary.html http://vapid.dhs.org/advisories/show_in_browser.html http://vapid.dhs.org/advisories/sounder-ruby-gem-cmd-inj.html http://verneet.com/cve-2019-16685/ +http://verneet.com/cve-2019-16686 http://verneet.com/cve-2019-16687 http://verneet.com/cve-2019-16688 http://vigilance.fr/vulnerability/Dotclear-file-upload-via-swfupload-swf-11396 @@ -107490,6 +107739,7 @@ http://vuln.sg/lotusnotes702sam-en.html http://vuln.sg/lotusnotes702wpd-en.html http://vuln.sg/net2ftp096-en.html http://vuln.sg/nullftpserver1107-en.html +http://vuln.sg/pagemaker701-en.html http://vuln.sg/powarc962-en.html http://vuln.sg/powarc964-en.html http://vuln.sg/powerzip706-en.html @@ -107511,6 +107761,7 @@ http://waleedassar.blogspot.com/2012/05/resource-hacker-heap-overflow.html http://web-in-security.blogspot.ca/2016/05/curious-padding-oracle-in-openssl-cve.html http://web.archive.org/web/20140204133306/http://blog.diniscruz.com/2013/12/xstream-remote-code-execution-exploit.html http://web.archive.org/web/20170701212357/http://phpunit.vulnbusters.com/ +http://web.archive.org/web/20230918084612/https://github.com/snappyJack/CVE-request-XZ-5.2.5-has-denial-of-service-vulnerability http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-006.txt http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-004.txt http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-005.txt @@ -107544,9 +107795,11 @@ http://www.7elements.co.uk/news/cve-2013-5669/ http://www.7elements.co.uk/resources/blog/cve-2013-6880-proof-concept http://www.7elements.co.uk/resources/blog/multiple-vulnerabilities-thecus-nas/ http://www.acunetix.com/blog/websecuritynews/cubecart-4-session-management-bypass-leads-to-administrator-access/ +http://www.acunetix.com/blog/websecuritynews/php-multipartform-data-denial-of-service/ http://www.agarri.fr/kom/archives/2013/11/27/compromising_an_unreachable_solr_server_with_cve-2013-6397/index.html http://www.aircrack-ng.org/doku.php?id=tkiptun-ng http://www.akitasecurity.nl/advisory.php?id=AK20090602 +http://www.andmp.com/2018/02/advisory-assigned-CVE-2018-7251-in-anchorcms.html http://www.andmp.com/2018/02/advisory-assigned-cve-2018-7308-csrf.html http://www.andreas-kurtz.de/advisories/AKADV2008-001-v1.0.txt http://www.androidpolice.com/2011/04/14/exclusive-vulnerability-in-skype-for-android-is-exposing-your-name-phone-number-chat-logs-and-a-lot-more/ @@ -107588,6 +107841,7 @@ http://www.buayacorp.com/files/wordpress/wordpress-advisory.txt http://www.buayacorp.com/files/wordpress/wordpress-mu-options-overwrite.html http://www.buayacorp.com/files/wordpress/wordpress-sql-injection-advisory.html http://www.bugtrack.almico.com/view.php?id=987 +http://www.c7zero.info/stuff/csw2017_ExploringYourSystemDeeper_updated.pdf http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-agent-fwd-overflow.html http://www.christian-schneider.net/advisories/CVE-2014-2025.txt http://www.christian-schneider.net/advisories/CVE-2014-2026.txt @@ -107775,6 +108029,10 @@ http://www.evuln.com/vulns/76/summary.html http://www.evuln.com/vulns/77/summary.html http://www.evuln.com/vulns/80/summary.html http://www.evuln.com/vulns/82/summary.html +http://www.exploit-db.com/exploits/10216 +http://www.exploit-db.com/exploits/10354 +http://www.exploit-db.com/exploits/10439 +http://www.exploit-db.com/exploits/10569 http://www.exploit-db.com/exploits/10793 http://www.exploit-db.com/exploits/10967 http://www.exploit-db.com/exploits/11141 @@ -108199,13 +108457,23 @@ http://www.exploit-db.com/exploits/36268 http://www.exploit-db.com/exploits/36304 http://www.exploit-db.com/exploits/36320 http://www.exploit-db.com/exploits/37114 +http://www.exploit-db.com/exploits/4170 +http://www.exploit-db.com/exploits/8172 http://www.exploit-db.com/exploits/8588 +http://www.exploit-db.com/exploits/8601 http://www.exploit-db.com/exploits/9033 +http://www.exploit-db.com/exploits/9110 http://www.exploit-db.com/exploits/9131 +http://www.exploit-db.com/exploits/9139 +http://www.exploit-db.com/exploits/9140 http://www.exploit-db.com/exploits/9147 +http://www.exploit-db.com/exploits/9157 http://www.exploit-db.com/exploits/9160 http://www.exploit-db.com/exploits/9198 +http://www.exploit-db.com/exploits/9271 http://www.exploit-db.com/exploits/9350 +http://www.exploit-db.com/exploits/9410 +http://www.exploit-db.com/exploits/9480 http://www.exploit-db.com/exploits/9524 http://www.exploit-db.com/exploits/9539 http://www.exploit-db.com/exploits/9640 @@ -108218,6 +108486,7 @@ http://www.exploitlabs.com/files/advisories/EXPL-A-2005-016-typsoft-ftpd.txt http://www.exploitlabs.com/files/advisories/EXPL-A-2005-017-devhound.txt http://www.exploitlabs.com/files/advisories/EXPL-A-2006-001-asptopsites.txt http://www.ffmpeg.org/releases/ffmpeg-0.7.5.changelog +http://www.ffmpeg.org/releases/ffmpeg-0.8.4.changelog http://www.foofus.net/?page_id=616 http://www.freeipa.org/page/Downloads http://www.freewebs.com/roozbeh_afrasiabi/xploit/execute.htm @@ -108268,6 +108537,7 @@ http://www.hitachi-support.com/security_e/vuls_e/HS06-005_e/index-e.html http://www.homelab.it/index.php/2014/07/18/wordpress-gallery-objects-0-4-sql-injection/#sthash.ftMVwBVK.dpbs http://www.homelab.it/index.php/2014/08/10/wordpress-gb-gallery-slideshow http://www.homelab.it/index.php/2014/11/23/wordpress-wpdatatables-sql-injection-vulnerability +http://www.huiyao.love/2023/12/08/rtspserver-stackoverflow-vulnerability/ http://www.ietf.org/mail-archive/web/tls/current/msg07553.html http://www.igniterealtime.org/issues/browse/JM-1049 http://www.igniterealtime.org/issues/browse/JM-1289 @@ -108284,6 +108554,7 @@ http://www.infoworld.com/d/security-central/critical-vulnerability-patched-in-go http://www.insinuator.net/2013/01/rails-yaml/ http://www.integraxor.com/blog/security-issue-for-activex-enabled-browser-vulnerability-note http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt +http://www.ja-sig.org/issues/browse/PHPCAS-52 http://www.jakoblell.com/blog/2013/12/13/multiple-vulnerabilities-in-smf-forum-software/ http://www.jianshu.com/p/35af80b97ee6 http://www.jianshu.com/p/41ac7ac2a7af @@ -108672,6 +108943,8 @@ http://www.madirish.net/?article=458 http://www.madirish.net/?article=460 http://www.madirish.net/?article=461 http://www.mail-archive.com/ganglia-developers@lists.sourceforge.net/msg04929.html +http://www.mantisbt.org/bugs/view.php?id=13191 +http://www.mantisbt.org/bugs/view.php?id=13281 http://www.mantisbt.org/bugs/view.php?id=9154 http://www.mathyvanhoef.com/2013/11/unmasking-spoofed-mac-address.html http://www.midnightbsd.org/security/adv/MIDNIGHTBSD-SA-20:02.txt @@ -109168,11 +109441,13 @@ http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html +http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html +http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html @@ -109243,9 +109518,11 @@ http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html http://www.securify.nl/advisory/SFY20140401/adobe_reader_for_android_exposes_insecure_javascript_interfaces.html http://www.securiteinfo.com/attaques/hacking/trackmaniados.shtml http://www.securitylab.ru/news/301422.php +http://www.securitysift.com/exploiting-ms14-066-cve-2014-6321-aka-winshock/ http://www.senseofsecurity.com.au/advisories/SOS-10-002 http://www.senseofsecurity.com.au/advisories/SOS-13-003 http://www.signalsec.com/cve-2014-1776-ie-0day-analysis/ +http://www.slideshare.net/ibmsecurity/android-keystorestackbufferoverflow http://www.slideshare.net/shawn_merdinger/we-dont-need-no-stinkin-badges-hacking-electronic-door-access-controllersquot-shawn-merdinger-carolinacon http://www.slideshare.net/wojdwo/big-problems-with-big-data-hadoop-interfaces-security http://www.splunk.com/view/SP-CAAAFGD @@ -109256,6 +109533,7 @@ http://www.splunk.com/view/SP-CAAAGTK#38585 http://www.splunk.com/view/SP-CAAAHSQ http://www.squid-cache.org/Advisories/SQUID-2016_2.txt http://www.stack.nl/~jilles/irc/charybdis-3.4.2.tbz2 +http://www.suspekt.org/2009/12/09/advisory-032009-piwik-cookie-unserialize-vulnerability/ http://www.talosintel.com/reports/TALOS-2016-0094/ http://www.talosintel.com/reports/TALOS-2016-0153/ http://www.talosintelligence.com/reports/TALOS-2015-0052/ @@ -109326,6 +109604,7 @@ http://www.theora.org/news/#libtheora-1.1.0 http://www.theregister.co.uk/2007/07/11/ie_firefox_vuln/ http://www.theregister.co.uk/2009/07/10/wyse_remote_exploit_bugs/ http://www.theregister.co.uk/2009/07/21/critical_ddwrt_router_vuln/ +http://www.theregister.co.uk/2010/12/11/exim_code_execution_peril/ http://www.theregister.co.uk/2011/04/15/skype_for_android_vulnerable/ http://www.theregister.co.uk/2011/05/06/skype_for_mac_critical_vulnerability/ http://www.theregister.co.uk/2011/05/25/microsoft_internet_explorer_cookiejacking/ @@ -109341,6 +109620,9 @@ http://www.trapkit.de/advisories/TKADV2005-11-004.txt http://www.trapkit.de/advisories/TKADV2005-12-001.txt http://www.trapkit.de/advisories/TKADV2007-001.txt http://www.turbotax.com/atr/update/ +http://www.ubuntu.com/usn/USN-1001-1 +http://www.ubuntu.com/usn/USN-1847-1 +http://www.ubuntu.com/usn/USN-2053-1 http://www.ubuntu.com/usn/USN-2495-1 http://www.ubuntu.com/usn/USN-2936-1 http://www.ubuntu.com/usn/usn-740-1 @@ -109350,6 +109632,7 @@ http://www.ush.it/team/ush/hack-jetty6x7x/jetty-adv.txt http://www.ush.it/team/ush/hack-vtigercrm_520/vtigercrm_520.txt http://www.ush.it/team/ush/hack_httpd_escape/adv.txt http://www.vanillaforums.org/discussion/comment/134729/#Comment_134729 +http://www.vapid.dhs.org/advisories/arabic-ruby-gem.html http://www.vapid.dhs.org/advisories/wordpress/plugins/MediaFileRenamer-1.7.0/index.html http://www.vapid.dhs.org/advisories/wordpress/plugins/Xcloner-v3.1.1/ http://www.vapid.dhs.org/advisories/wordpress/plugins/wp-dbmanager-2.7.1/index.html @@ -109444,6 +109727,7 @@ http://www.wisec.it/vulns.php?id=11 http://www.wisec.it/vulns.php?page=7 http://www.wisec.it/vulns.php?page=8 http://www.wisec.it/vulns.php?page=9 +http://www.x0rsecurity.com/2019/06/09/my-second-cve-linksys-wrt-acs-cve-2019-7579-or-as-i-call-it-acceptance-no-one-considers-security-by-design/ http://www.xssed.com/advisory/60/PHP-FUSION_FUSION_QUERY_Cross-Site_Scripting_Vulnerability/ http://www.youtube.com/ChristianHaiderPoC http://www.youtube.com/watch?v=3lCLE64rsc0 @@ -109507,6 +109791,7 @@ http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5169.php http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5170.php http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5186.php http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5187.php +http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5188.php http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5190.php http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5191.php http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5192.php @@ -109772,13 +110057,17 @@ https://attackerkb.com/topics/mg883Nbeva/cve-2023-0669/rapid7-analysis https://autohack.in/2023/07/26/dude-its-my-car-how-to-develop-intimacy-with-your-car/ https://awakened1712.github.io/hacking/hacking-wechat-dos/ https://awxylitol.github.io/2021/05/09/embedthis-appweb-npd-bug.html +https://azure.microsoft.com/en-us/updates/cve-2019-5736-and-runc-vulnerability/ +https://azure.microsoft.com/en-us/updates/iot-edge-fix-cve-2019-5736/ https://azuremarketplace.microsoft.com/en/marketplace/apps/penta-security-systems-inc.wapples_sa_v6?tab=Overview https://b4ny4n.github.io/network-pentest/2020/08/01/cve-2020-13151-poc-aerospike.html https://bananamafia.dev/post/r2-pwndebian/ +https://baraktawily.blogspot.fr/2018/02/how-to-dos-29-of-world-wide-websites.html https://barriersec.com/2019/06/cve-2018-20468-sahi-pro/ https://barriersec.com/2019/06/cve-2018-20469-sahi-pro/ https://barriersec.com/2019/06/cve-2018-20470-sahi-pro/ https://barriersec.com/2019/06/cve-2018-20472-sahi-pro/ +https://barriersec.com/2019/08/cve-2019-15102-sahi-pro/ https://bastijnouwendijk.com/cve-2021-24313/ https://behradtaher.dev/2021/11/05/Discovering-a-Blind-SQL-Injection-Whitebox-Approach/ https://bentl.ee/posts/cve-givewp/ @@ -109792,6 +110081,7 @@ https://bierbaumer.net/security/asuswrt/#remote-code-execution https://bierbaumer.net/security/asuswrt/#session-stealing https://bierbaumer.net/security/cve-2014-4677/ https://binarly.io/posts/finding_logofail_the_dangers_of_image_parsing_during_system_boot/index.html +https://bit.ly/2kfL7xE https://bitbucket.org/analogic/mailserver/issues/665/posteio-logs-leak https://bitbucket.org/b_c/jose4j/issues/212 https://bitbucket.org/jmarsden/jsonij/issues/7/stack-overflow-error-caused-by-jsonij @@ -109813,6 +110103,7 @@ https://blog.appicaptor.com/2019/10/04/vulnerable-library-warning-twitterkit-for https://blog.assetnote.io/2023/04/26/xss-million-websites-cpanel/ https://blog.avira.com/victure-pc530-home-insecurity-you-can-install-yourself/ https://blog.bjornweb.nl/2017/02/flash-bypassing-local-sandbox-data-exfiltration-credentials-leak/ +https://blog.burghardt.pl/2019/03/diag_tool-cgi-on-dasan-h660rm-devices-with-firmware-1-03-0022-allows-spawning-ping-processes-without-any-authorization-leading-to-information-disclosure-and-dos-attacks/ https://blog.c22.cc/advisories/cve-2013-5112-evernote-android-insecure-storage-of-pin-data-bypass-of-pin-protection/ https://blog.c22.cc/advisories/cve-2013-51135114-lastpass-android-container-pin-and-auto-wipe-security-feature-bypass/ https://blog.caller.xyz/socketio-engineio-dos/ @@ -109843,6 +110134,7 @@ https://blog.fuzzing-project.org/30-Stack-overflows-and-out-of-bounds-read-in-dp https://blog.fuzzing-project.org/31-Fuzzing-Math-miscalculations-in-OpenSSLs-BN_mod_exp-CVE-2015-3193.html https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html https://blog.gdssecurity.com/labs/2015/2/25/jetleak-vulnerability-remote-leakage-of-shared-buffers-in-je.html +https://blog.gdssecurity.com/labs/2019/6/7/rce-using-caller-id-multiple-vulnerabilities-in-fusionpbx.html https://blog.google/threat-analysis-group/government-backed-actors-exploiting-winrar-vulnerability/ https://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.html https://blog.grimm-co.com/2021/04/time-for-upgrade.html @@ -109978,6 +110270,7 @@ https://blog.xpnsec.com/total-meltdown-cve-2018-1038/ https://blog.zerdle.net/classlink/ https://blog.zerdle.net/classlink2/ https://blog.zimperium.com/cve-2018-4087-poc-escaping-sandbox-misleading-bluetoothd/ +https://blog.zimperium.com/dont-give-me-a-brake-xiaomi-scooter-hack-enables-dangerous-accelerations-and-stops-for-unsuspecting-riders/ https://blog.zimperium.com/telegram-hack/ https://blog.zimperium.com/zimperium-zlabs-is-raising-the-volume-new-vulnerability-processing-mp3mp4-media/ https://blog.zoller.lu/p/from-low-hanging-fruit-department-avira.html @@ -110112,6 +110405,7 @@ https://blogs.gentoo.org/ago/2017/05/24/ytnef-null-pointer-dereference-in-mapipr https://blogs.gentoo.org/ago/2017/06/17/lame-divide-by-zero-in-parse_wave_header-get_audio-c/ https://blogs.gentoo.org/ago/2017/06/17/lame-global-buffer-overflow-in-ii_step_one-layer2-c/ https://blogs.gentoo.org/ago/2017/06/17/lame-global-buffer-overflow-in-iii_i_stereo-layer3-c/ +https://blogs.gentoo.org/ago/2017/06/17/lame-heap-based-buffer-overflow-in-fill_buffer_resample-util-c/ https://blogs.gentoo.org/ago/2017/06/17/lame-stack-based-buffer-overflow-in-iii_dequantize_sample-layer3-c/ https://blogs.gentoo.org/ago/2017/06/17/lame-stack-based-buffer-overflow-in-iii_i_stereo-layer3-c/ https://blogs.gentoo.org/ago/2017/06/28/xar-null-pointer-dereference-in-xar_get_path-util-c/ @@ -110191,6 +110485,7 @@ https://brooklyn.apache.org/community/security/CVE-2016-8737.html https://brooklyn.apache.org/community/security/CVE-2016-8744.html https://brooklyn.apache.org/community/security/CVE-2017-3165.html https://bsg.tech/blog/cve-2022-25854-stored-xss-in-yaireo-tagify-npm-module/ +https://buer.haus/2019/10/18/a-tale-of-exploitation-in-spreadsheet-file-conversions/ https://bugbounty.zohocorp.com/bb/#/bug/101000006387693?tab=originator https://bugbounty.zohocorp.com/bb/#/bug/101000006458675?tab=originator https://bugbounty.zohocorp.com/bb/#/bug/101000006459171?tab=originator @@ -110203,20 +110498,45 @@ https://bugprove.com/knowledge-hub/cve-2023-37927-and-cve-2023-37928-multiple-po https://bugprove.com/knowledge-hub/cve-2023-4473-and-cve-2023-4474-authentication-bypass-and-multiple-blind-os-command-injection-vulnerabilities-in-zyxel-s-nas-326-devices/ https://bugs.astron.com/view.php?id=310 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590719 +https://bugs.eclipse.org/bugs/show_bug.cgi?id=458571 https://bugs.eclipse.org/bugs/show_bug.cgi?id=516765 https://bugs.eclipse.org/bugs/show_bug.cgi?id=529754 https://bugs.eclipse.org/bugs/show_bug.cgi?id=530102 https://bugs.eclipse.org/bugs/show_bug.cgi?id=538142 +https://bugs.eclipse.org/bugs/show_bug.cgi?id=548244 https://bugs.eclipse.org/bugs/show_bug.cgi?id=551596 +https://bugs.eclipse.org/bugs/show_bug.cgi?id=551747 https://bugs.eclipse.org/bugs/show_bug.cgi?id=568018 https://bugs.eclipse.org/bugs/show_bug.cgi?id=568803 https://bugs.eclipse.org/bugs/show_bug.cgi?id=575924 https://bugs.freedesktop.org/show_bug.cgi?id=100763 +https://bugs.freedesktop.org/show_bug.cgi?id=100774 +https://bugs.freedesktop.org/show_bug.cgi?id=100775 https://bugs.freedesktop.org/show_bug.cgi?id=100776 https://bugs.freedesktop.org/show_bug.cgi?id=101084 https://bugs.freedesktop.org/show_bug.cgi?id=101208 https://bugs.freedesktop.org/show_bug.cgi?id=101540 +https://bugs.freedesktop.org/show_bug.cgi?id=101547 +https://bugs.freedesktop.org/show_bug.cgi?id=102601 +https://bugs.freedesktop.org/show_bug.cgi?id=102604 +https://bugs.freedesktop.org/show_bug.cgi?id=102607 +https://bugs.freedesktop.org/show_bug.cgi?id=102687 +https://bugs.freedesktop.org/show_bug.cgi?id=102688 +https://bugs.freedesktop.org/show_bug.cgi?id=102701 +https://bugs.freedesktop.org/show_bug.cgi?id=102719 +https://bugs.freedesktop.org/show_bug.cgi?id=102854 +https://bugs.freedesktop.org/show_bug.cgi?id=102969 https://bugs.freedesktop.org/show_bug.cgi?id=103016 +https://bugs.freedesktop.org/show_bug.cgi?id=103045 +https://bugs.freedesktop.org/show_bug.cgi?id=105204 +https://bugs.freedesktop.org/show_bug.cgi?id=105205 +https://bugs.freedesktop.org/show_bug.cgi?id=105206 +https://bugs.freedesktop.org/show_bug.cgi?id=105247 +https://bugs.freedesktop.org/show_bug.cgi?id=106408 +https://bugs.freedesktop.org/show_bug.cgi?id=106981 +https://bugs.freedesktop.org/show_bug.cgi?id=28801 +https://bugs.freedesktop.org/show_bug.cgi?id=32321 +https://bugs.freedesktop.org/show_bug.cgi?id=93476 https://bugs.freedroid.org/b/issue951 https://bugs.freedroid.org/b/issue953 https://bugs.freenas.org/issues/5844 @@ -110229,9 +110549,11 @@ https://bugs.gentoo.org/show_bug.cgi?id=103555 https://bugs.gentoo.org/show_bug.cgi?id=276235 https://bugs.gentoo.org/show_bug.cgi?id=516822 https://bugs.gentoo.org/show_bug.cgi?id=858107 +https://bugs.ghostscript.com/show_bug.cgi?id=698538 https://bugs.ghostscript.com/show_bug.cgi?id=698551 https://bugs.ghostscript.com/show_bug.cgi?id=698558 https://bugs.horde.org/ticket/14926 +https://bugs.internet2.edu/jira/browse/GRP-1838 https://bugs.kde.org/show_bug.cgi?id=398096 https://bugs.kde.org/show_bug.cgi?id=404697 https://bugs.kde.org/show_bug.cgi?id=404698 @@ -110257,6 +110579,7 @@ https://bugs.launchpad.net/mahara/+bug/1057240 https://bugs.launchpad.net/mahara/+bug/1363873 https://bugs.launchpad.net/mahara/+bug/1404117 https://bugs.launchpad.net/mahara/+bug/1480329 +https://bugs.launchpad.net/mahara/+bug/1770561 https://bugs.launchpad.net/nova/+bug/1202266 https://bugs.launchpad.net/nova/+bug/1325128 https://bugs.launchpad.net/ossn/+bug/1168252 @@ -110407,11 +110730,14 @@ https://bugs.python.org/issue26171 https://bugs.python.org/issue30657 https://bugs.python.org/issue34656 https://bugs.python.org/issue35906 +https://bugs.python.org/issue36276 +https://bugs.python.org/issue38243 https://bugs.python.org/issue39421 https://bugs.python.org/issue42938 https://bugs.python.org/issue43223 https://bugs.ruby-lang.org/issues/13234 https://bugs.webkit.org/show_bug.cgi?id=164123 +https://bugs.webkit.org/show_bug.cgi?id=38922 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11982 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11983 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11984 @@ -110442,6 +110768,8 @@ https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7570 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7571 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7572 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7573 +https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8274 +https://bugzilla.freedesktop.org/show_bug.cgi?id=103238 https://bugzilla.gnome.org/show_bug.cgi?id=600741 https://bugzilla.gnome.org/show_bug.cgi?id=641802 https://bugzilla.gnome.org/show_bug.cgi?id=707905 @@ -110494,22 +110822,32 @@ https://bugzilla.libsdl.org/show_bug.cgi?id=4495 https://bugzilla.libsdl.org/show_bug.cgi?id=4496 https://bugzilla.libsdl.org/show_bug.cgi?id=4498 https://bugzilla.libsdl.org/show_bug.cgi?id=4499 +https://bugzilla.libsdl.org/show_bug.cgi?id=4522 +https://bugzilla.libsdl.org/show_bug.cgi?id=4538 https://bugzilla.libsdl.org/show_bug.cgi?id=4619 https://bugzilla.libsdl.org/show_bug.cgi?id=4620 https://bugzilla.libsdl.org/show_bug.cgi?id=4621 +https://bugzilla.libsdl.org/show_bug.cgi?id=4625 https://bugzilla.libsdl.org/show_bug.cgi?id=4626 https://bugzilla.libsdl.org/show_bug.cgi?id=4627 https://bugzilla.libsdl.org/show_bug.cgi?id=4628 +https://bugzilla.libsdl.org/show_bug.cgi?id=5200 https://bugzilla.mozilla.org/show_bug.cgi?id=1002702 +https://bugzilla.mozilla.org/show_bug.cgi?id=1012694 +https://bugzilla.mozilla.org/show_bug.cgi?id=1018234 https://bugzilla.mozilla.org/show_bug.cgi?id=1020008 +https://bugzilla.mozilla.org/show_bug.cgi?id=1020205 https://bugzilla.mozilla.org/show_bug.cgi?id=1026037 https://bugzilla.mozilla.org/show_bug.cgi?id=1036213 +https://bugzilla.mozilla.org/show_bug.cgi?id=1047831 https://bugzilla.mozilla.org/show_bug.cgi?id=1068218 https://bugzilla.mozilla.org/show_bug.cgi?id=1074812 https://bugzilla.mozilla.org/show_bug.cgi?id=1075546 https://bugzilla.mozilla.org/show_bug.cgi?id=1075578 https://bugzilla.mozilla.org/show_bug.cgi?id=1079065 https://bugzilla.mozilla.org/show_bug.cgi?id=1080987 +https://bugzilla.mozilla.org/show_bug.cgi?id=1087565 +https://bugzilla.mozilla.org/show_bug.cgi?id=1092947 https://bugzilla.mozilla.org/show_bug.cgi?id=1101158 https://bugzilla.mozilla.org/show_bug.cgi?id=1116385 https://bugzilla.mozilla.org/show_bug.cgi?id=1125013 @@ -110519,37 +110857,58 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=1146339 https://bugzilla.mozilla.org/show_bug.cgi?id=1148732 https://bugzilla.mozilla.org/show_bug.cgi?id=1149000 https://bugzilla.mozilla.org/show_bug.cgi?id=1152280 +https://bugzilla.mozilla.org/show_bug.cgi?id=1153672 +https://bugzilla.mozilla.org/show_bug.cgi?id=1175278 +https://bugzilla.mozilla.org/show_bug.cgi?id=1189082 https://bugzilla.mozilla.org/show_bug.cgi?id=1189814 https://bugzilla.mozilla.org/show_bug.cgi?id=1189860 https://bugzilla.mozilla.org/show_bug.cgi?id=1190038 +https://bugzilla.mozilla.org/show_bug.cgi?id=1193027 +https://bugzilla.mozilla.org/show_bug.cgi?id=1193093 +https://bugzilla.mozilla.org/show_bug.cgi?id=1194818 https://bugzilla.mozilla.org/show_bug.cgi?id=1194820 https://bugzilla.mozilla.org/show_bug.cgi?id=1202447 +https://bugzilla.mozilla.org/show_bug.cgi?id=1203078 https://bugzilla.mozilla.org/show_bug.cgi?id=1208339 https://bugzilla.mozilla.org/show_bug.cgi?id=1208520 +https://bugzilla.mozilla.org/show_bug.cgi?id=1215648 https://bugzilla.mozilla.org/show_bug.cgi?id=1220493 https://bugzilla.mozilla.org/show_bug.cgi?id=1221444 https://bugzilla.mozilla.org/show_bug.cgi?id=1221518 +https://bugzilla.mozilla.org/show_bug.cgi?id=1222798 https://bugzilla.mozilla.org/show_bug.cgi?id=1223743 +https://bugzilla.mozilla.org/show_bug.cgi?id=1226977 https://bugzilla.mozilla.org/show_bug.cgi?id=1227538 +https://bugzilla.mozilla.org/show_bug.cgi?id=1228590 https://bugzilla.mozilla.org/show_bug.cgi?id=1229681 https://bugzilla.mozilla.org/show_bug.cgi?id=1232785 https://bugzilla.mozilla.org/show_bug.cgi?id=1240880 +https://bugzilla.mozilla.org/show_bug.cgi?id=1243178 +https://bugzilla.mozilla.org/show_bug.cgi?id=1245264 https://bugzilla.mozilla.org/show_bug.cgi?id=1245791 https://bugzilla.mozilla.org/show_bug.cgi?id=1245795 https://bugzilla.mozilla.org/show_bug.cgi?id=1246093 https://bugzilla.mozilla.org/show_bug.cgi?id=1246944 https://bugzilla.mozilla.org/show_bug.cgi?id=1247239 +https://bugzilla.mozilla.org/show_bug.cgi?id=1247968 https://bugzilla.mozilla.org/show_bug.cgi?id=1252330 https://bugzilla.mozilla.org/show_bug.cgi?id=1253673 https://bugzilla.mozilla.org/show_bug.cgi?id=1255474 +https://bugzilla.mozilla.org/show_bug.cgi?id=1271460 +https://bugzilla.mozilla.org/show_bug.cgi?id=1273129 +https://bugzilla.mozilla.org/show_bug.cgi?id=1282430 https://bugzilla.mozilla.org/show_bug.cgi?id=1285003 https://bugzilla.mozilla.org/show_bug.cgi?id=1287266 +https://bugzilla.mozilla.org/show_bug.cgi?id=1289085 +https://bugzilla.mozilla.org/show_bug.cgi?id=1292159 https://bugzilla.mozilla.org/show_bug.cgi?id=1293463 https://bugzilla.mozilla.org/show_bug.cgi?id=1295023 +https://bugzilla.mozilla.org/show_bug.cgi?id=1299686 https://bugzilla.mozilla.org/show_bug.cgi?id=1301876 https://bugzilla.mozilla.org/show_bug.cgi?id=1315435 https://bugzilla.mozilla.org/show_bug.cgi?id=1319370 https://bugzilla.mozilla.org/show_bug.cgi?id=1321719 +https://bugzilla.mozilla.org/show_bug.cgi?id=1321814 https://bugzilla.mozilla.org/show_bug.cgi?id=1325200 https://bugzilla.mozilla.org/show_bug.cgi?id=1325511 https://bugzilla.mozilla.org/show_bug.cgi?id=1325955 @@ -110559,6 +110918,7 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=1336830 https://bugzilla.mozilla.org/show_bug.cgi?id=1336832 https://bugzilla.mozilla.org/show_bug.cgi?id=1336964 https://bugzilla.mozilla.org/show_bug.cgi?id=1336979 +https://bugzilla.mozilla.org/show_bug.cgi?id=1338637 https://bugzilla.mozilla.org/show_bug.cgi?id=1344380 https://bugzilla.mozilla.org/show_bug.cgi?id=1344415 https://bugzilla.mozilla.org/show_bug.cgi?id=1344461 @@ -110567,42 +110927,72 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=1347617 https://bugzilla.mozilla.org/show_bug.cgi?id=1348645 https://bugzilla.mozilla.org/show_bug.cgi?id=1349310 https://bugzilla.mozilla.org/show_bug.cgi?id=1352039 +https://bugzilla.mozilla.org/show_bug.cgi?id=1356596 https://bugzilla.mozilla.org/show_bug.cgi?id=1356824 +https://bugzilla.mozilla.org/show_bug.cgi?id=1356893 +https://bugzilla.mozilla.org/show_bug.cgi?id=1360842 https://bugzilla.mozilla.org/show_bug.cgi?id=1362050 https://bugzilla.mozilla.org/show_bug.cgi?id=1367531 https://bugzilla.mozilla.org/show_bug.cgi?id=1370497 https://bugzilla.mozilla.org/show_bug.cgi?id=1374047 +https://bugzilla.mozilla.org/show_bug.cgi?id=1388015 https://bugzilla.mozilla.org/show_bug.cgi?id=1390882 https://bugzilla.mozilla.org/show_bug.cgi?id=1397064 https://bugzilla.mozilla.org/show_bug.cgi?id=1399540 https://bugzilla.mozilla.org/show_bug.cgi?id=1401339 +https://bugzilla.mozilla.org/show_bug.cgi?id=1408990 https://bugzilla.mozilla.org/show_bug.cgi?id=1411708 https://bugzilla.mozilla.org/show_bug.cgi?id=1411716 +https://bugzilla.mozilla.org/show_bug.cgi?id=1418447 https://bugzilla.mozilla.org/show_bug.cgi?id=1419166 https://bugzilla.mozilla.org/show_bug.cgi?id=1421324 https://bugzilla.mozilla.org/show_bug.cgi?id=1422231 https://bugzilla.mozilla.org/show_bug.cgi?id=1422643 https://bugzilla.mozilla.org/show_bug.cgi?id=1423086 +https://bugzilla.mozilla.org/show_bug.cgi?id=1424107 https://bugzilla.mozilla.org/show_bug.cgi?id=1425224 https://bugzilla.mozilla.org/show_bug.cgi?id=1425267 https://bugzilla.mozilla.org/show_bug.cgi?id=1429379 https://bugzilla.mozilla.org/show_bug.cgi?id=1431371 https://bugzilla.mozilla.org/show_bug.cgi?id=1432624 +https://bugzilla.mozilla.org/show_bug.cgi?id=1434634 https://bugzilla.mozilla.org/show_bug.cgi?id=1437325 +https://bugzilla.mozilla.org/show_bug.cgi?id=1441468 https://bugzilla.mozilla.org/show_bug.cgi?id=1447087 +https://bugzilla.mozilla.org/show_bug.cgi?id=1450353 https://bugzilla.mozilla.org/show_bug.cgi?id=1456652 https://bugzilla.mozilla.org/show_bug.cgi?id=1457721 https://bugzilla.mozilla.org/show_bug.cgi?id=1462910 +https://bugzilla.mozilla.org/show_bug.cgi?id=1483510 https://bugzilla.mozilla.org/show_bug.cgi?id=1505973 +https://bugzilla.mozilla.org/show_bug.cgi?id=1508776 +https://bugzilla.mozilla.org/show_bug.cgi?id=1527717 https://bugzilla.mozilla.org/show_bug.cgi?id=1538006 +https://bugzilla.mozilla.org/show_bug.cgi?id=1552206 +https://bugzilla.mozilla.org/show_bug.cgi?id=1553820 +https://bugzilla.mozilla.org/show_bug.cgi?id=1555523 https://bugzilla.mozilla.org/show_bug.cgi?id=1563327 +https://bugzilla.mozilla.org/show_bug.cgi?id=1587976 +https://bugzilla.mozilla.org/show_bug.cgi?id=1596668 https://bugzilla.mozilla.org/show_bug.cgi?id=1599008 +https://bugzilla.mozilla.org/show_bug.cgi?id=1605814 +https://bugzilla.mozilla.org/show_bug.cgi?id=1610426 +https://bugzilla.mozilla.org/show_bug.cgi?id=1615471 +https://bugzilla.mozilla.org/show_bug.cgi?id=1617928 +https://bugzilla.mozilla.org/show_bug.cgi?id=1622640 https://bugzilla.mozilla.org/show_bug.cgi?id=1623633 https://bugzilla.mozilla.org/show_bug.cgi?id=1631739 https://bugzilla.mozilla.org/show_bug.cgi?id=1632387 https://bugzilla.mozilla.org/show_bug.cgi?id=1636629 +https://bugzilla.mozilla.org/show_bug.cgi?id=1636654 +https://bugzilla.mozilla.org/show_bug.cgi?id=1641487 https://bugzilla.mozilla.org/show_bug.cgi?id=1652360 +https://bugzilla.mozilla.org/show_bug.cgi?id=1653371 +https://bugzilla.mozilla.org/show_bug.cgi?id=1658881 https://bugzilla.mozilla.org/show_bug.cgi?id=1661071 +https://bugzilla.mozilla.org/show_bug.cgi?id=1663466 +https://bugzilla.mozilla.org/show_bug.cgi?id=1670358 +https://bugzilla.mozilla.org/show_bug.cgi?id=1673241 https://bugzilla.mozilla.org/show_bug.cgi?id=1675755 https://bugzilla.mozilla.org/show_bug.cgi?id=1676311 https://bugzilla.mozilla.org/show_bug.cgi?id=1677138 @@ -110610,6 +111000,7 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=1684761 https://bugzilla.mozilla.org/show_bug.cgi?id=1684837 https://bugzilla.mozilla.org/show_bug.cgi?id=1690979 https://bugzilla.mozilla.org/show_bug.cgi?id=1691153 +https://bugzilla.mozilla.org/show_bug.cgi?id=1692623 https://bugzilla.mozilla.org/show_bug.cgi?id=1692832 https://bugzilla.mozilla.org/show_bug.cgi?id=1692972 https://bugzilla.mozilla.org/show_bug.cgi?id=1694684 @@ -110618,31 +111009,40 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=1697604 https://bugzilla.mozilla.org/show_bug.cgi?id=1699077 https://bugzilla.mozilla.org/show_bug.cgi?id=1701673 https://bugzilla.mozilla.org/show_bug.cgi?id=1701684 +https://bugzilla.mozilla.org/show_bug.cgi?id=1701942 https://bugzilla.mozilla.org/show_bug.cgi?id=1702374 https://bugzilla.mozilla.org/show_bug.cgi?id=1704422 https://bugzilla.mozilla.org/show_bug.cgi?id=1706501 https://bugzilla.mozilla.org/show_bug.cgi?id=1709257 https://bugzilla.mozilla.org/show_bug.cgi?id=1719088 https://bugzilla.mozilla.org/show_bug.cgi?id=1722083 +https://bugzilla.mozilla.org/show_bug.cgi?id=1729517 https://bugzilla.mozilla.org/show_bug.cgi?id=1736886 https://bugzilla.mozilla.org/show_bug.cgi?id=1737252 https://bugzilla.mozilla.org/show_bug.cgi?id=1737722 https://bugzilla.mozilla.org/show_bug.cgi?id=1738237 +https://bugzilla.mozilla.org/show_bug.cgi?id=1739091 https://bugzilla.mozilla.org/show_bug.cgi?id=1739957 +https://bugzilla.mozilla.org/show_bug.cgi?id=1741515 https://bugzilla.mozilla.org/show_bug.cgi?id=1742334 https://bugzilla.mozilla.org/show_bug.cgi?id=1743931 https://bugzilla.mozilla.org/show_bug.cgi?id=1745566 https://bugzilla.mozilla.org/show_bug.cgi?id=1745874 https://bugzilla.mozilla.org/show_bug.cgi?id=1747388 +https://bugzilla.mozilla.org/show_bug.cgi?id=1747526 https://bugzilla.mozilla.org/show_bug.cgi?id=1750565 https://bugzilla.mozilla.org/show_bug.cgi?id=1750679 +https://bugzilla.mozilla.org/show_bug.cgi?id=1751609 +https://bugzilla.mozilla.org/show_bug.cgi?id=1751678 https://bugzilla.mozilla.org/show_bug.cgi?id=1753341 https://bugzilla.mozilla.org/show_bug.cgi?id=1753838 https://bugzilla.mozilla.org/show_bug.cgi?id=1765049 +https://bugzilla.mozilla.org/show_bug.cgi?id=1767194 https://bugzilla.mozilla.org/show_bug.cgi?id=1767590 https://bugzilla.mozilla.org/show_bug.cgi?id=1770048 https://bugzilla.mozilla.org/show_bug.cgi?id=1777800 https://bugzilla.mozilla.org/show_bug.cgi?id=1782211 +https://bugzilla.mozilla.org/show_bug.cgi?id=1783561 https://bugzilla.mozilla.org/show_bug.cgi?id=1789061 https://bugzilla.mozilla.org/show_bug.cgi?id=1789128 https://bugzilla.mozilla.org/show_bug.cgi?id=1790311 @@ -110651,9 +111051,13 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=1793551 https://bugzilla.mozilla.org/show_bug.cgi?id=1795496 https://bugzilla.mozilla.org/show_bug.cgi?id=1795815 https://bugzilla.mozilla.org/show_bug.cgi?id=1798798 +https://bugzilla.mozilla.org/show_bug.cgi?id=1800203 https://bugzilla.mozilla.org/show_bug.cgi?id=1801501 +https://bugzilla.mozilla.org/show_bug.cgi?id=1804564 https://bugzilla.mozilla.org/show_bug.cgi?id=1810143 +https://bugzilla.mozilla.org/show_bug.cgi?id=1810793 https://bugzilla.mozilla.org/show_bug.cgi?id=1813376 +https://bugzilla.mozilla.org/show_bug.cgi?id=1815062 https://bugzilla.mozilla.org/show_bug.cgi?id=1816007 https://bugzilla.mozilla.org/show_bug.cgi?id=1816059 https://bugzilla.mozilla.org/show_bug.cgi?id=1817768 @@ -110664,67 +111068,121 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=1821906 https://bugzilla.mozilla.org/show_bug.cgi?id=1823172 https://bugzilla.mozilla.org/show_bug.cgi?id=1823316 https://bugzilla.mozilla.org/show_bug.cgi?id=1823379 +https://bugzilla.mozilla.org/show_bug.cgi?id=1826622 +https://bugzilla.mozilla.org/show_bug.cgi?id=1836705 https://bugzilla.mozilla.org/show_bug.cgi?id=1837675 https://bugzilla.mozilla.org/show_bug.cgi?id=1837916 +https://bugzilla.mozilla.org/show_bug.cgi?id=1839079 +https://bugzilla.mozilla.org/show_bug.cgi?id=1840777 +https://bugzilla.mozilla.org/show_bug.cgi?id=1845739 https://bugzilla.mozilla.org/show_bug.cgi?id=1848454 https://bugzilla.mozilla.org/show_bug.cgi?id=1849037 https://bugzilla.mozilla.org/show_bug.cgi?id=1849704 +https://bugzilla.mozilla.org/show_bug.cgi?id=1858570 +https://bugzilla.mozilla.org/show_bug.cgi?id=1861344 https://bugzilla.mozilla.org/show_bug.cgi?id=1863083 https://bugzilla.mozilla.org/show_bug.cgi?id=1863863 +https://bugzilla.mozilla.org/show_bug.cgi?id=1864118 +https://bugzilla.mozilla.org/show_bug.cgi?id=1871838 https://bugzilla.mozilla.org/show_bug.cgi?id=272620 https://bugzilla.mozilla.org/show_bug.cgi?id=290036 https://bugzilla.mozilla.org/show_bug.cgi?id=295854 +https://bugzilla.mozilla.org/show_bug.cgi?id=297078 https://bugzilla.mozilla.org/show_bug.cgi?id=300246 https://bugzilla.mozilla.org/show_bug.cgi?id=313441 https://bugzilla.mozilla.org/show_bug.cgi?id=327014 +https://bugzilla.mozilla.org/show_bug.cgi?id=355569 https://bugzilla.mozilla.org/show_bug.cgi?id=355655 https://bugzilla.mozilla.org/show_bug.cgi?id=358797 https://bugzilla.mozilla.org/show_bug.cgi?id=361298 +https://bugzilla.mozilla.org/show_bug.cgi?id=367428 https://bugzilla.mozilla.org/show_bug.cgi?id=371375 +https://bugzilla.mozilla.org/show_bug.cgi?id=395399 https://bugzilla.mozilla.org/show_bug.cgi?id=408076 https://bugzilla.mozilla.org/show_bug.cgi?id=408164 https://bugzilla.mozilla.org/show_bug.cgi?id=424733 +https://bugzilla.mozilla.org/show_bug.cgi?id=433610 https://bugzilla.mozilla.org/show_bug.cgi?id=439735 https://bugzilla.mozilla.org/show_bug.cgi?id=441995 +https://bugzilla.mozilla.org/show_bug.cgi?id=443288 https://bugzilla.mozilla.org/show_bug.cgi?id=443299 https://bugzilla.mozilla.org/show_bug.cgi?id=461735 https://bugzilla.mozilla.org/show_bug.cgi?id=465615 https://bugzilla.mozilla.org/show_bug.cgi?id=469565 https://bugzilla.mozilla.org/show_bug.cgi?id=474456 https://bugzilla.mozilla.org/show_bug.cgi?id=479880 +https://bugzilla.mozilla.org/show_bug.cgi?id=481558 https://bugzilla.mozilla.org/show_bug.cgi?id=484320 https://bugzilla.mozilla.org/show_bug.cgi?id=485217 +https://bugzilla.mozilla.org/show_bug.cgi?id=493601 https://bugzilla.mozilla.org/show_bug.cgi?id=504343 +https://bugzilla.mozilla.org/show_bug.cgi?id=504862 +https://bugzilla.mozilla.org/show_bug.cgi?id=511615 +https://bugzilla.mozilla.org/show_bug.cgi?id=514554 +https://bugzilla.mozilla.org/show_bug.cgi?id=514823 +https://bugzilla.mozilla.org/show_bug.cgi?id=521461 https://bugzilla.mozilla.org/show_bug.cgi?id=526500 +https://bugzilla.mozilla.org/show_bug.cgi?id=531222 +https://bugzilla.mozilla.org/show_bug.cgi?id=532246 +https://bugzilla.mozilla.org/show_bug.cgi?id=533000 +https://bugzilla.mozilla.org/show_bug.cgi?id=536466 +https://bugzilla.mozilla.org/show_bug.cgi?id=538310 https://bugzilla.mozilla.org/show_bug.cgi?id=540100 +https://bugzilla.mozilla.org/show_bug.cgi?id=547143 +https://bugzilla.mozilla.org/show_bug.cgi?id=552216 https://bugzilla.mozilla.org/show_bug.cgi?id=552255 https://bugzilla.mozilla.org/show_bug.cgi?id=554255 https://bugzilla.mozilla.org/show_bug.cgi?id=557174 https://bugzilla.mozilla.org/show_bug.cgi?id=568148 +https://bugzilla.mozilla.org/show_bug.cgi?id=568564 +https://bugzilla.mozilla.org/show_bug.cgi?id=571106 https://bugzilla.mozilla.org/show_bug.cgi?id=572985 +https://bugzilla.mozilla.org/show_bug.cgi?id=572986 https://bugzilla.mozilla.org/show_bug.cgi?id=574059 https://bugzilla.mozilla.org/show_bug.cgi?id=576070 https://bugzilla.mozilla.org/show_bug.cgi?id=576075 +https://bugzilla.mozilla.org/show_bug.cgi?id=576447 +https://bugzilla.mozilla.org/show_bug.cgi?id=579655 https://bugzilla.mozilla.org/show_bug.cgi?id=579744 https://bugzilla.mozilla.org/show_bug.cgi?id=580445 +https://bugzilla.mozilla.org/show_bug.cgi?id=583520 +https://bugzilla.mozilla.org/show_bug.cgi?id=585815 https://bugzilla.mozilla.org/show_bug.cgi?id=587234 +https://bugzilla.mozilla.org/show_bug.cgi?id=590771 https://bugzilla.mozilla.org/show_bug.cgi?id=591165 https://bugzilla.mozilla.org/show_bug.cgi?id=599468 https://bugzilla.mozilla.org/show_bug.cgi?id=602780 https://bugzilla.mozilla.org/show_bug.cgi?id=610997 +https://bugzilla.mozilla.org/show_bug.cgi?id=615657 +https://bugzilla.mozilla.org/show_bug.cgi?id=616009 https://bugzilla.mozilla.org/show_bug.cgi?id=616659 https://bugzilla.mozilla.org/show_bug.cgi?id=621090 +https://bugzilla.mozilla.org/show_bug.cgi?id=622015 https://bugzilla.mozilla.org/show_bug.cgi?id=623998 +https://bugzilla.mozilla.org/show_bug.cgi?id=624764 https://bugzilla.mozilla.org/show_bug.cgi?id=626631 https://bugzilla.mozilla.org/show_bug.cgi?id=630919 https://bugzilla.mozilla.org/show_bug.cgi?id=634724 +https://bugzilla.mozilla.org/show_bug.cgi?id=635705 https://bugzilla.mozilla.org/show_bug.cgi?id=635977 +https://bugzilla.mozilla.org/show_bug.cgi?id=645565 +https://bugzilla.mozilla.org/show_bug.cgi?id=648065 https://bugzilla.mozilla.org/show_bug.cgi?id=648090 https://bugzilla.mozilla.org/show_bug.cgi?id=648160 +https://bugzilla.mozilla.org/show_bug.cgi?id=650001 +https://bugzilla.mozilla.org/show_bug.cgi?id=655742 +https://bugzilla.mozilla.org/show_bug.cgi?id=655987 +https://bugzilla.mozilla.org/show_bug.cgi?id=656277 +https://bugzilla.mozilla.org/show_bug.cgi?id=664009 https://bugzilla.mozilla.org/show_bug.cgi?id=665936 +https://bugzilla.mozilla.org/show_bug.cgi?id=670514 +https://bugzilla.mozilla.org/show_bug.cgi?id=672485 +https://bugzilla.mozilla.org/show_bug.cgi?id=684555 +https://bugzilla.mozilla.org/show_bug.cgi?id=687745 https://bugzilla.mozilla.org/show_bug.cgi?id=697699 https://bugzilla.mozilla.org/show_bug.cgi?id=703975 https://bugzilla.mozilla.org/show_bug.cgi?id=703983 +https://bugzilla.mozilla.org/show_bug.cgi?id=708186 https://bugzilla.mozilla.org/show_bug.cgi?id=708198 https://bugzilla.mozilla.org/show_bug.cgi?id=713926 https://bugzilla.mozilla.org/show_bug.cgi?id=714631 @@ -110753,9 +111211,14 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=775009 https://bugzilla.mozilla.org/show_bug.cgi?id=790296 https://bugzilla.mozilla.org/show_bug.cgi?id=792405 https://bugzilla.mozilla.org/show_bug.cgi?id=796866 +https://bugzilla.mozilla.org/show_bug.cgi?id=799952 https://bugzilla.mozilla.org/show_bug.cgi?id=800666 +https://bugzilla.mozilla.org/show_bug.cgi?id=813901 +https://bugzilla.mozilla.org/show_bug.cgi?id=814026 +https://bugzilla.mozilla.org/show_bug.cgi?id=814027 https://bugzilla.mozilla.org/show_bug.cgi?id=814029 https://bugzilla.mozilla.org/show_bug.cgi?id=827193 +https://bugzilla.mozilla.org/show_bug.cgi?id=840263 https://bugzilla.mozilla.org/show_bug.cgi?id=845880 https://bugzilla.mozilla.org/show_bug.cgi?id=848417 https://bugzilla.mozilla.org/show_bug.cgi?id=866915 @@ -110763,11 +111226,18 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=868267 https://bugzilla.mozilla.org/show_bug.cgi?id=870870 https://bugzilla.mozilla.org/show_bug.cgi?id=875818 https://bugzilla.mozilla.org/show_bug.cgi?id=888314 +https://bugzilla.mozilla.org/show_bug.cgi?id=888361 +https://bugzilla.mozilla.org/show_bug.cgi?id=891693 +https://bugzilla.mozilla.org/show_bug.cgi?id=910375 https://bugzilla.mozilla.org/show_bug.cgi?id=911593 https://bugzilla.mozilla.org/show_bug.cgi?id=913904 +https://bugzilla.mozilla.org/show_bug.cgi?id=916726 https://bugzilla.mozilla.org/show_bug.cgi?id=924802 +https://bugzilla.mozilla.org/show_bug.cgi?id=925747 https://bugzilla.mozilla.org/show_bug.cgi?id=950427 https://bugzilla.mozilla.org/show_bug.cgi?id=952077 +https://bugzilla.mozilla.org/show_bug.cgi?id=961676 +https://bugzilla.mozilla.org/show_bug.cgi?id=963962 https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2018-5123 https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2019-17003 https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2021-23980 @@ -110792,6 +111262,7 @@ https://bugzilla.redhat.com/show_bug.cgi?id=1377015 https://bugzilla.redhat.com/show_bug.cgi?id=1393882 https://bugzilla.redhat.com/show_bug.cgi?id=1396959 https://bugzilla.redhat.com/show_bug.cgi?id=1396962 +https://bugzilla.redhat.com/show_bug.cgi?id=1396963 https://bugzilla.redhat.com/show_bug.cgi?id=1396965 https://bugzilla.redhat.com/show_bug.cgi?id=1396967 https://bugzilla.redhat.com/show_bug.cgi?id=1396971 @@ -110800,8 +111271,10 @@ https://bugzilla.redhat.com/show_bug.cgi?id=1396978 https://bugzilla.redhat.com/show_bug.cgi?id=1396979 https://bugzilla.redhat.com/show_bug.cgi?id=1396980 https://bugzilla.redhat.com/show_bug.cgi?id=1396981 +https://bugzilla.redhat.com/show_bug.cgi?id=1429472 https://bugzilla.redhat.com/show_bug.cgi?id=1464141 https://bugzilla.redhat.com/show_bug.cgi?id=1464686 +https://bugzilla.redhat.com/show_bug.cgi?id=1464687 https://bugzilla.redhat.com/show_bug.cgi?id=1464691 https://bugzilla.redhat.com/show_bug.cgi?id=1464692 https://bugzilla.redhat.com/show_bug.cgi?id=1465756 @@ -110856,6 +111329,7 @@ https://bugzilla.redhat.com/show_bug.cgi?id=1539237 https://bugzilla.redhat.com/show_bug.cgi?id=1547879 https://bugzilla.redhat.com/show_bug.cgi?id=1547883 https://bugzilla.redhat.com/show_bug.cgi?id=1547885 +https://bugzilla.redhat.com/show_bug.cgi?id=1547889 https://bugzilla.redhat.com/show_bug.cgi?id=1547892 https://bugzilla.redhat.com/show_bug.cgi?id=1548918 https://bugzilla.redhat.com/show_bug.cgi?id=1548930 @@ -110867,6 +111341,7 @@ https://bugzilla.redhat.com/show_bug.cgi?id=1575201 https://bugzilla.redhat.com/show_bug.cgi?id=1575502 https://bugzilla.redhat.com/show_bug.cgi?id=1575851 https://bugzilla.redhat.com/show_bug.cgi?id=1576174 +https://bugzilla.redhat.com/show_bug.cgi?id=1582024 https://bugzilla.redhat.com/show_bug.cgi?id=1595689 https://bugzilla.redhat.com/show_bug.cgi?id=1595693 https://bugzilla.redhat.com/show_bug.cgi?id=1622951 @@ -110888,12 +111363,15 @@ https://bugzilla.redhat.com/show_bug.cgi?id=1652634 https://bugzilla.redhat.com/show_bug.cgi?id=1652635 https://bugzilla.redhat.com/show_bug.cgi?id=1660318 https://bugzilla.redhat.com/show_bug.cgi?id=1677794 +https://bugzilla.redhat.com/show_bug.cgi?id=1683499 https://bugzilla.redhat.com/show_bug.cgi?id=1765647 https://bugzilla.redhat.com/show_bug.cgi?id=1825762 https://bugzilla.redhat.com/show_bug.cgi?id=1917565 https://bugzilla.redhat.com/show_bug.cgi?id=1928437 https://bugzilla.redhat.com/show_bug.cgi?id=1943797 +https://bugzilla.redhat.com/show_bug.cgi?id=2052696 https://bugzilla.redhat.com/show_bug.cgi?id=2066799 +https://bugzilla.redhat.com/show_bug.cgi?id=2092427 https://bugzilla.redhat.com/show_bug.cgi?id=2120597 https://bugzilla.redhat.com/show_bug.cgi?id=214205 https://bugzilla.redhat.com/show_bug.cgi?id=2160151 @@ -110911,6 +111389,7 @@ https://bugzilla.redhat.com/show_bug.cgi?id=460966 https://bugzilla.redhat.com/show_bug.cgi?id=469667 https://bugzilla.redhat.com/show_bug.cgi?id=475070 https://bugzilla.redhat.com/show_bug.cgi?id=481560 +https://bugzilla.redhat.com/show_bug.cgi?id=481565 https://bugzilla.redhat.com/show_bug.cgi?id=481570 https://bugzilla.redhat.com/show_bug.cgi?id=484925 https://bugzilla.redhat.com/show_bug.cgi?id=493442 @@ -110929,12 +111408,14 @@ https://bugzilla.redhat.com/show_bug.cgi?id=543905 https://bugzilla.redhat.com/show_bug.cgi?id=555313 https://bugzilla.redhat.com/show_bug.cgi?id=580605 https://bugzilla.redhat.com/show_bug.cgi?id=598197 +https://bugzilla.redhat.com/show_bug.cgi?id=598537 https://bugzilla.redhat.com/show_bug.cgi?id=621980 https://bugzilla.redhat.com/show_bug.cgi?id=628040 https://bugzilla.redhat.com/show_bug.cgi?id=628328 https://bugzilla.redhat.com/show_bug.cgi?id=628660 https://bugzilla.redhat.com/show_bug.cgi?id=630460 https://bugzilla.redhat.com/show_bug.cgi?id=632200 +https://bugzilla.redhat.com/show_bug.cgi?id=651183 https://bugzilla.redhat.com/show_bug.cgi?id=659297 https://bugzilla.redhat.com/show_bug.cgi?id=659359 https://bugzilla.redhat.com/show_bug.cgi?id=659676 @@ -110942,12 +111423,19 @@ https://bugzilla.redhat.com/show_bug.cgi?id=662189 https://bugzilla.redhat.com/show_bug.cgi?id=664718 https://bugzilla.redhat.com/show_bug.cgi?id=666793 https://bugzilla.redhat.com/show_bug.cgi?id=667407 +https://bugzilla.redhat.com/show_bug.cgi?id=671122 +https://bugzilla.redhat.com/show_bug.cgi?id=676252 +https://bugzilla.redhat.com/show_bug.cgi?id=676357 https://bugzilla.redhat.com/show_bug.cgi?id=690877 +https://bugzilla.redhat.com/show_bug.cgi?id=692898 https://bugzilla.redhat.com/show_bug.cgi?id=700883 https://bugzilla.redhat.com/show_bug.cgi?id=711134 https://bugzilla.redhat.com/show_bug.cgi?id=711245 https://bugzilla.redhat.com/show_bug.cgi?id=712148 https://bugzilla.redhat.com/show_bug.cgi?id=712694 +https://bugzilla.redhat.com/show_bug.cgi?id=716825 +https://bugzilla.redhat.com/show_bug.cgi?id=716842 +https://bugzilla.redhat.com/show_bug.cgi?id=723215 https://bugzilla.redhat.com/show_bug.cgi?id=725764 https://bugzilla.redhat.com/show_bug.cgi?id=751112 https://bugzilla.redhat.com/show_bug.cgi?id=772570 @@ -110970,6 +111458,7 @@ https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2207 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3352 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3596 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3609 +https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4350 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2095 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3592 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16839 @@ -110995,6 +111484,7 @@ https://bugzilla.suse.com/show_bug.cgi?id=1155075 https://bugzilla.suse.com/show_bug.cgi?id=1155078 https://bugzilla.suse.com/show_bug.cgi?id=1157465 https://bugzilla.suse.com/show_bug.cgi?id=1157471 +https://bugzilla.suse.com/show_bug.cgi?id=1157651 https://bugzilla.suse.com/show_bug.cgi?id=1159740 https://bugzilla.suse.com/show_bug.cgi?id=1164131 https://bugzilla.suse.com/show_bug.cgi?id=1165721 @@ -111083,8 +111573,26 @@ https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.133 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.195 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.102 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.233 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.12 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.13 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.15 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.17 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.6 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.7 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.8 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.9 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.13 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.6 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.7 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.11 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.12 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.14 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.3 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.7 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.8 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.9 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.10 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.11 @@ -111092,8 +111600,20 @@ https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.13 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.14 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.2 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.4 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.13 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.6 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.10 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.12 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.15 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.6 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.8 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.11 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.13 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.17 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.3 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.10 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.11 @@ -111107,7 +111627,10 @@ https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.2 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.3 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.6 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.9 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.13 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.17 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.18 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.4 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19.15 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19.2 @@ -111131,6 +111654,14 @@ https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.6 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.7 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.8 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.1 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.12 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.14 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.16 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.17 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.2 +https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.7 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.1 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.2 @@ -111296,6 +111827,7 @@ https://consensys.net/diligence/vulnerabilities/nim-asyncftpd-crlf-injection/ https://consensys.net/diligence/vulnerabilities/nim-browsers-argument-injection/ https://consensys.net/diligence/vulnerabilities/nim-httpclient-header-crlf-injection/ https://consensys.net/diligence/vulnerabilities/nim-insecure-ssl-tls-defaults-remote-code-execution/ +https://convergetp.com/2023/11/16/crushftp-zero-day-cve-2023-43177-discovered/ https://cool-y.github.io/2021/03/02/DIR-802-OS-Command-Injection https://coreruleset.org/20200914/cve-2020-15598/ https://coreymhudson.github.io/bwa_vulnerabilties/ @@ -111338,6 +111870,7 @@ https://cwiki.apache.org/confluence/display/WW/S2-013 https://cwiki.apache.org/confluence/display/WW/S2-014 https://cwiki.apache.org/confluence/display/WW/S2-015 https://cwiki.apache.org/confluence/display/WW/S2-057 +https://cxsecurity.com/ascii/WLB-2019050283 https://cxsecurity.com/blad/WLB-2017040033 https://cxsecurity.com/blad/WLB-2017040064 https://cxsecurity.com/issue/WLB-2013040082 @@ -111357,6 +111890,12 @@ https://cxsecurity.com/issue/WLB-2017120169 https://cxsecurity.com/issue/WLB-2017120183 https://cxsecurity.com/issue/WLB-2018080003 https://cxsecurity.com/issue/WLB-2018090182 +https://cxsecurity.com/issue/WLB-2019020191 +https://cxsecurity.com/issue/WLB-2019050199 +https://cxsecurity.com/issue/WLB-2019100164 +https://cxsecurity.com/issue/WLB-2019120110 +https://cxsecurity.com/issue/WLB-2019120111 +https://cxsecurity.com/issue/WLB-2019120112 https://cxsecurity.com/issue/WLB-2020010143 https://cxsecurity.com/issue/WLB-2020010205 https://cxsecurity.com/issue/WLB-2020030150 @@ -111403,6 +111942,7 @@ https://cyberintel.es/cve/CVE-2022-48335_Buffer_Overflow_in_Widevine_PRDiagVerif https://cyberintel.es/cve/CVE-2022-48336_Buffer_Overflow_in_Widevine_PRDiagParseAndStoreData_0x5cc8/ https://cybersecurityworks.com/zerodays/cve-2015-9260-bedita.html https://cyberthoth.medium.com/fast-food-ordering-system-1-0-cross-site-scripting-7927f4b1edd6 +https://cyberworldmirror.com/nicehash-vulnerability-leaked-miners-information/ https://cybir.com/2022/cve/connectwise-control-dns-spoofing-poc/ https://cybir.com/2022/cve/hijacking-connectwise-control-and-ddos/ https://cybir.com/2023/cve/poc-repetier-server-140/ @@ -111951,10 +112491,13 @@ https://ecosystem.atlassian.net/browse/APL-1338 https://ecosystem.atlassian.net/browse/APL-1359 https://ecosystem.atlassian.net/browse/APL-1361 https://ecosystem.atlassian.net/browse/APL-1363 +https://ecosystem.atlassian.net/browse/APL-1373 +https://ecosystem.atlassian.net/browse/APL-1391 https://ecosystem.atlassian.net/browse/OAUTH-344 https://ecosystem.atlassian.net/browse/STRM-2350 https://ecosystem.atlassian.net/browse/UPM-5871 https://ecosystem.atlassian.net/browse/UPM-5964 +https://ecosystem.atlassian.net/browse/UPM-6044 https://edoverflow.com/2017/ruby-resolv-bug/ https://elbae.github.io/jekyll/update/2020/07/14/vulns-01.html https://eldstal.se/advisories/230327-magnusbilling.html @@ -111999,6 +112542,7 @@ https://ffmpeg.org/ffmpeg-filters.html#drawtext-1 https://ffmpeg.org/security.html https://ffmpeg.org/trac/ffmpeg/ticket/794 https://fibonhack.github.io/2021/desktop-telematico-mitm-to-rce +https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-40142.pdf https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2022-29865.pdf https://fireshellsecurity.team/hack-n-routers/ https://fitoxs.com/vuldb/09-exploit-perl.txt @@ -112137,69 +112681,126 @@ https://g0blin.co.uk/cve-2014-8621/ https://g0blin.co.uk/cve-2014-8758/ https://galogetlatorre.blogspot.com/2023/06/cve-2023-34096-path-traversal-thruk.html https://ganofins.com/blog/my-first-cve-2021-24176/ +https://gccybermonks.com/posts/pdfjira/ https://gerr.re/posts/cve-2022-27438/ https://ghost.org/docs/security/ https://ghost.org/docs/security/#privilege-escalation-attacks https://giongfnef.gitbook.io/giongfnef/cve/cve-2023-5311 +https://gist.github.com/0xx7/a7aaa8b0515139cf7e30c808c8d54070 https://gist.github.com/1725489 https://gist.github.com/404notf0und/ab59234d71fbf35b4926ffd646324f29 https://gist.github.com/420SmokeBigWeedHackBadDrivers/53de9ff97d95fc3e79307345fddb0a30 +https://gist.github.com/6en6ar/712a4c1eab0324f15e09232c77ea08f8 +https://gist.github.com/6en6ar/7c2424c93e7fbf2b6fc44e7fb9acb95d +https://gist.github.com/6en6ar/b118888dc739e8979038f24c8ac33611 +https://gist.github.com/9thplayer/df042fe48c314dbc1afad80ffed8387d https://gist.github.com/AhMyth/6d9c5e15d943dd092ccca19fca8d5d37 https://gist.github.com/AhMyth/b0f7e4b8244def8eb8d7d8c61fa6d4e5 +https://gist.github.com/CalumHutton/1fb89b64409570a43f89d1fd3274b231 +https://gist.github.com/CalumHutton/bdb97077a66021ed455f87823cd7c7cb https://gist.github.com/ChALkeR/415a41b561ebea9b341efbb40b802fc9 +https://gist.github.com/ChubbyZ/e1e5c1858c389334dcf581a19c741308 https://gist.github.com/Clingto/bb632c0c463f4b2c97e4f65f751c5e6d https://gist.github.com/Cossack9989/e9c1c2d2e69b773ca4251acdd77f2835 https://gist.github.com/CrimsonHamster/1aeec6db0d740de6ed4690f6a975f377 https://gist.github.com/DylanGrl/4b4e0d53bb7626b2ab3f834ec5a2b23c https://gist.github.com/Fastor01/30c6d89c842feb1865ec2cd2d3806838 https://gist.github.com/GiongfNef/8fe658dce4c7fcf3a7b4e6387e50141c +https://gist.github.com/GroundCTL2MajorTom/eef0d55f5df77cc911d84392acdbf625 +https://gist.github.com/ISHGARD-2/a95632111138fcd7ccf7432ccb145b53 https://gist.github.com/JLLeitschuh/6792947ed57d589b08c1cc8b666c7737 https://gist.github.com/JLLeitschuh/fe6784391254b58de680bbda78a04a70 +https://gist.github.com/JafarAkhondali/528fe6c548b78f454911fb866b23f66e +https://gist.github.com/Ji4n1ng/6d028709d39458f5ab95b3ea211225ef https://gist.github.com/LioTree/8d10d123d31f50db05a25586e62a87ba https://gist.github.com/LioTree/a81111fb0c598a920cb49aaf0bd64e58 https://gist.github.com/Lz1y/24a6368c7ffdc1af7292035dd16a97f5 https://gist.github.com/Lz1y/31595b060cd6a031896fdf2b3a1273f5 +https://gist.github.com/Lz1y/3388fa886a3e10edd2a7e93d3c3e5b6c https://gist.github.com/Lz1y/7ab529230c43dfc5441ac32dd13e3e5b https://gist.github.com/Lz1y/acd1bfd0cc0e0f53b8f781840e7bf368 https://gist.github.com/Lz1y/cfb2f8179003b91404ad029333508f4c https://gist.github.com/Lz1y/e82eb9cc776e629b9d1874dc689421eb +https://gist.github.com/Marshall-Hallenbeck/bf6a4a4f408bb7a5e0a47cb39dc1dbbe https://gist.github.com/MortalP0ison/5fd584b4c85fa13281fdc918913446fa https://gist.github.com/NitescuLucian/69cf22d17bf190325118304be04828e8 https://gist.github.com/Psychotropos/3e8c047cada9b1fb716e6a014a428b7f +https://gist.github.com/RNPG/062cfca2e293a0e7d24f5d55f8db3fde +https://gist.github.com/RNPG/32be1c4bae6f9378d4f382ba0c92b367 +https://gist.github.com/RNPG/458e17f24ebf7d8af3c5c4d7073347a0 +https://gist.github.com/RNPG/4bb91170f8ee50b395427f26bc96a1f2 +https://gist.github.com/RNPG/53b579da330ba896aa8dc2d901e5e400 +https://gist.github.com/RNPG/56b9fe4dcc3a248d4288bde5ffb3a5b3 https://gist.github.com/RNPG/6919286e0daebce7634d0a744e060dca +https://gist.github.com/RNPG/84cac1b949bab0e4c587a668385b052d https://gist.github.com/RNPG/b154f4b2e90340d2f39605989af06bee +https://gist.github.com/RNPG/be2ca92cb1f943d4c340c75fbfc9b783 +https://gist.github.com/RNPG/c1ae240f2acec138132aa64ce3faa2e0 https://gist.github.com/RNPG/e0d25ad51aa5c288b9005900f88a4f03 https://gist.github.com/RNPG/e10524f1781a9981b50fb27bb473b0fe +https://gist.github.com/RNPG/e11af10e1bd3606de8b568033d932589 https://gist.github.com/RNPG/ef10c0acceb650d43625a77d3472dd84 https://gist.github.com/RaJiska/c1b4521aefd77ed43b06045ca05e2591 +https://gist.github.com/ReturnHere/d0899bb03b8f5e8fae118f2b76888486 +https://gist.github.com/RootUp/3d9e90ea5ae0799305b4c7ec66e19387 https://gist.github.com/RootUp/b5de893bb2e51a4c846c5a0caa13b666 https://gist.github.com/Shinkurt/157dbb3767c9489f3d754f79b183a890 +https://gist.github.com/Sp3eD-X/22640377f96340544baf12891f708b8f https://gist.github.com/Swind1er/0c50e72428059fb72a4fd4d31c43f883 https://gist.github.com/Swind1er/ee095fbfe13f77a5b45b39a5aa82bd17 +https://gist.github.com/TJetnipat/02b3854543b7ec95d54a8de811f2e8ae https://gist.github.com/This-is-Neo/c91e1a0ed5d40fbcf0dada43ea1d7479 https://gist.github.com/This-is-Neo/cc5b08ad8a3a60cd81fd1b9c1cb573b4 https://gist.github.com/Voidager88/73c2d512a72cceb0ef84dbf87a497d10 +https://gist.github.com/WinMin/5b2bc43b517503472bb28a298981ed5a +https://gist.github.com/WinMin/6f63fd1ae95977e0e2d49bd4b5f00675 +https://gist.github.com/Xib3rR4dAr/02a21cd0ea0b7bf586131c5eebb69f1d +https://gist.github.com/Xib3rR4dAr/417a11bcb9b8da28cfe5ba1c17c44d0e +https://gist.github.com/Xib3rR4dAr/441d6bb4a5b8ad4b25074a49210a02cc https://gist.github.com/Xib3rR4dAr/4b3ea7960914e23c3a875b973a5b37a3 https://gist.github.com/Xib3rR4dAr/5dbd58b7f57a5037fe461fba8e696042 https://gist.github.com/Xib3rR4dAr/5f0accbbfdee279c68ed144da9cd8607 +https://gist.github.com/Xib3rR4dAr/6aa9e730c1d030a5ee9f9d1eae6fbd5e +https://gist.github.com/Xib3rR4dAr/6e6c6e5fa1f8818058c7f03de1eda6bf +https://gist.github.com/Xib3rR4dAr/8090a6d026d4601083cff80aa80de7eb +https://gist.github.com/Xib3rR4dAr/89fc87ea1d62348c21c99fc11a3bfd88 https://gist.github.com/Xib3rR4dAr/ab293092ffcfe3c14a3c7daf5462a50b +https://gist.github.com/Xib3rR4dAr/af90cef7867583ab2de4cccea2a8c87d +https://gist.github.com/Xib3rR4dAr/f9a4b4838154854ec6cde7d5deb76bf9 +https://gist.github.com/ZIKH26/18693c67ee7d2f8d2c60231b19194c37 https://gist.github.com/Zenexer/40d02da5e07f151adeaeeaa11af9ab36 https://gist.github.com/adeadfed/ccc834440af354a5638f889bee34bafe +https://gist.github.com/adeshkolte/983bcadd82cc1fd60333098eb646ef68 +https://gist.github.com/adeshkolte/9e60b2483d2f20d1951beac0fc917c6f +https://gist.github.com/ahpaleus/76aa81ec82644a89c2088ab3ea99f07c https://gist.github.com/alacerda/98853283be6009e75b7d94968d50b88e +https://gist.github.com/alert3/04e2d0a934001180104f846cfa00552b +https://gist.github.com/alert3/f8d33412ab0c671d3cac6a50b132a894 +https://gist.github.com/alfarom256/220cb75816ca2b5556e7fc8d8d2803a0 +https://gist.github.com/aliceicl/b2f25f3a0a3ba9973e4977f922d04008 https://gist.github.com/aliceicl/e32fb4a17277c7db9e0256185ac03dae https://gist.github.com/anonymous/16aca69b7dea27cb73ddebb0d9033b02 https://gist.github.com/anonymous/32e2894fa29176f3f32cb2b2bb7c24cb +https://gist.github.com/arkark/c1c57eaf3e0a649af1a70c2b93b17550 +https://gist.github.com/arkark/e9f5cf5782dec8321095be3e52acf5ac https://gist.github.com/arleyna/20d858e11c48984d00926fa8cc0c2722 +https://gist.github.com/b33t1e/43b26c31e895baf7e7aea2dbf9743a9a +https://gist.github.com/b33t1e/a1a0d81b1173d0d00de8f4e7958dd867 https://gist.github.com/bc0d3/6d55866a78f66569383241406e18794f +https://gist.github.com/bc0d3/cbc458f0fcbe0f897e529c7f3d77c9d6 https://gist.github.com/berkgoksel/a654c8cb661c7a27a3f763dee92016aa https://gist.github.com/berkgoksel/e97b3f3b15e2f8293f649d4ebe6a6fc9 +https://gist.github.com/bincat99/311aff295c270371dc8ee89599b016f1 https://gist.github.com/c0nrad/e92005446c480707a74a https://gist.github.com/captain-noob/aff11542477ddd0a92ad8b94ec75f832 https://gist.github.com/cure53/09a81530a44f6b8173f545accc9ed07e https://gist.github.com/cure53/df34ea68c26441f3ae98f821ba1feb9c https://gist.github.com/dazhouzhou/1a3b7400547f23fe316db303ab9b604f +https://gist.github.com/dellalibera/cebce20e51410acebff1f46afdc89808 https://gist.github.com/dhondta/b45cd41f4186110a354dc7272916feba https://gist.github.com/dhondta/f71ae7e5c4234f8edfd2f12503a5dcc7 +https://gist.github.com/dmknght/ac489cf3605ded09b3925521afee3003 +https://gist.github.com/dru1d-foofus/1af21179f253879f101c3a8d4f718bf0 https://gist.github.com/dru1d-foofus/835423de77c3522d53b9e7bdf5a28dfe https://gist.github.com/dvyukov/48ad14e84de45b0be92b7f0eda20ff1b https://gist.github.com/emboss/91696b56cd227c8a0c13 @@ -112207,46 +112808,88 @@ https://gist.github.com/erud1te-sec/5c85924cb78ba85af42e0b7b62a5ec91 https://gist.github.com/fakhrizulkifli/c7740d28efa07dafee66d4da5d857ef6 https://gist.github.com/feixuezhi/7a1b117e1a4800efb3b6fffe76ca0e97 https://gist.github.com/fxb6476/0b9883a88ff2ca40de46a8469834e16c +https://gist.github.com/gandalf4a/65705be4f84269cb7cd725a1d4ab2ffa +https://gist.github.com/gandalf4a/afeaf8cc958f95876f0ee245b8a002e8 +https://gist.github.com/gandalf4a/d7fa58f1b3418ef08ad244acccc10ba6 +https://gist.github.com/harsh-bothra/d8c86b8279b23ff6d371f832ba0a5b6b +https://gist.github.com/huanglei3/ec9090096aa92445cf0a8baa8e929084 https://gist.github.com/hybriz/63bbe2d963e531357aca353c74dd1ad5 +https://gist.github.com/ipxsec/1680d29c49fe368be81b037168175b10 +https://gist.github.com/ipxsec/b20383620c9e1d5300f7716e62e8a82f https://gist.github.com/isciurus/df4d7edd9c3efb4a0753 https://gist.github.com/izadgot/38a7dd553f8024ed3154134dae0414fd +https://gist.github.com/izadgot/3efc75f62f9c9567c8f11bad74165425 https://gist.github.com/jk1986/3b304ac6b4ae52ae667bba380c2dce19 +https://gist.github.com/kdrypr/5dac91c2d27c4dc82b1225dffa38f7a8 https://gist.github.com/keniver/f5155b42eb278ec0273b83565b64235b#file-androvideo-advan-vd-1-multiple-vulnerabilities-md +https://gist.github.com/leesh3288/381b230b04936dd4d74aaf90cc8bb244 +https://gist.github.com/leesh3288/f05730165799bf56d70391f3d9ea187c https://gist.github.com/legndery/a248350bb25b8502a03c2f407cedeb14 +https://gist.github.com/leommxj/0a32afeeaac960682c5b7c9ca8ed070d https://gist.github.com/leonjza/2244eb15510a0687ed93160c623762ab +https://gist.github.com/lirantal/0f8a48c3f5ac581ce73123abe9f7f120 https://gist.github.com/lirantal/327e9dd32686991b5a1fa6341aac2e7b +https://gist.github.com/lirantal/52debd25284726fcc2eaed9c7512975c +https://gist.github.com/lirantal/5550bcd0bdf92c1b56fbb20e141fe5bd +https://gist.github.com/lirantal/832382155e00da92bfd8bb3adea474eb +https://gist.github.com/lirantal/9ccdfda0edcb95e36d07a04b0b6c2db0 https://gist.github.com/llandeilocymro/55a61e3730cdef56ab5806a677ba0891 https://gist.github.com/llandeilocymro/7dbe3daaab6d058d609fd9a0b24301cb +https://gist.github.com/mariuszpoplwski/51604d8a6d7d78fffdf590c25e844e09 https://gist.github.com/mattwelke/b7f42424680a57b8161794ad1737cd8f https://gist.github.com/menghaining/8d424faebfe869c80eadaea12bbdd158 https://gist.github.com/menglong2234/b7bc13ae1a144f47cc3c95a7ea062428 https://gist.github.com/menglong2234/d07a65b5028145c9f4e1d1db8c4c202f +https://gist.github.com/merhawi023/a1155913df3cf0c17971b0fb7dcd8f20 +https://gist.github.com/mmmdzz/03df5177afd04b32ac190eb7907f3834 https://gist.github.com/naihsin/b96e2c5c2c81621b46557fd7aacd165f +https://gist.github.com/netspooky/61101e191afee95feda7dbd2f6b061c4 +https://gist.github.com/netspooky/bee2d07022f6350bb88eaa48e571d9b5 +https://gist.github.com/ninj4c0d3r/574d2753d469e4ba51dfe555d9c2d4fb +https://gist.github.com/ninj4c0d3r/89bdd6702bf00d768302f5e0e5bb8adc https://gist.github.com/numanturle/c1e82c47f4cba24cff214e904c227386 https://gist.github.com/omarhashem123/5f0c6f1394099b555740fdc5c7651ee2 https://gist.github.com/omarhashem123/71ec9223e90ea76a76096d777d9b945c https://gist.github.com/omarhashem123/bccdcec70ab7e8f00519d56ea2e3fd79 https://gist.github.com/oxagast/51171aa161074188a11d96cbef884bbd +https://gist.github.com/paatui/a3c7ca8cf12594b437d3854f13d76cb8 +https://gist.github.com/pak0s/05a0e517aeff4b1422d1a93f59718459 +https://gist.github.com/pedromonteirobb/a0584095b46141702c8cae0f3f1b6759 https://gist.github.com/ph4nt0mbyt3/9456312e867c10de8f808250ec0b12d3 https://gist.github.com/picar0jsu/a8e623639da34f36202ce5e436668de7 +https://gist.github.com/pietroborrello/7c5be2d1dc15349c4ffc8671f0aad04f https://gist.github.com/pouyadarabi/467d3167551fb0712d3264c72db092af +https://gist.github.com/prodigiousMind/fc69a79629c4ba9ee88a7ad526043413 https://gist.github.com/redeye5/470708bd27ed115b29d0434255b9f7a0 https://gist.github.com/redeye5/57ccafea7263efec67c82b0503c72480 https://gist.github.com/redeye5/ccbbc43330cc9821062249b78c916317 https://gist.github.com/redeye5/ebfef23f0a063b82779151f9cde8e480 +https://gist.github.com/renanavs/dcb13bb1cd618ce7eb0c80290b837245 https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f https://gist.github.com/rntcruz23/199782fb65b7dc3c4492d168770b71e5 https://gist.github.com/sedrubal/a83fa22f1091025a5c1a14aabd711ad7 +https://gist.github.com/senzee1984/ff30f0914db39d2741ab17332f0fc6e1 +https://gist.github.com/seongil-wi/2a44e082001b959bfe304b62121fb76d https://gist.github.com/shawarkhanethicalhacker/b98c5ac7491cf77732c793ecc468f465 +https://gist.github.com/shouc/a9330df817128bc4c4132abf3de09495 https://gist.github.com/sqrtrev/1f9986d4bdd1393832c60a97b56e170a +https://gist.github.com/svennergr/204038bda1849ebce9af32eea9e55038 +https://gist.github.com/svennergr/501409fbdb0ef4a8b0f07a26a2815fbb https://gist.github.com/swkim101/f473b9a60e6d4635268402a2cd2025ac https://gist.github.com/tanprathan/24cab2eb02937f86961c6380b47ce385 +https://gist.github.com/tanprathan/69fbf6fbac11988e12f44069ec5b18ea#file-cve-2020-22007-txt https://gist.github.com/tanprathan/6e8ed195a2e05b7f9d9a342dbdacb349 https://gist.github.com/tj-oconnor/16a4116050bbcb4717315f519b944f1f +https://gist.github.com/vin01/26a8bb13233acd9425e7575a7ad4c936 https://gist.github.com/wbowling/13f9f90365c171806b9ffba2c841026b +https://gist.github.com/wdormann/874198c1bd29c7dd2157d9fc1d858263 +https://gist.github.com/wealeson1/e24fc8575f4e051320d69e9a75080642 +https://gist.github.com/wes4m/e32080b02c2cd668d50eeac66613ca1d https://gist.github.com/xax007/28e7326acfae677be0b351216888e522 https://gist.github.com/xax007/94183b11bdfe579fd860a37e74cd3a8e +https://gist.github.com/yasinyilmaz/1fe3fe58dd275edb77dcbe890fce2f2c https://gist.github.com/yinfei6/56bb396f579cb67840ed1ecb77460a5b +https://gist.github.com/zaee-k/390b2f8e50407e4b199df806baa7e4ef https://gist.github.com/zeroSteiner/85daef257831d904479c https://gist.githubusercontent.com/henices/2467e7f22dcc2aa97a2453e197b55a0c/raw/7b54bccc9a129c604fb139266f4497ab7aaa94c7/gistfile1.txt https://gist.githubusercontent.com/mke1985/a21a71098f48829916dfec74eff1e24a/raw/f635b060ad03e23fd887de48a79b70040daadadb/CVE-2021-32051 @@ -112303,6 +112946,9 @@ https://gitbook.seguranca-informatica.pt/cve-and-exploits/cves/chiyu-iot-devices https://gitbook.seguranca-informatica.pt/cve-and-exploits/cves/chiyu-iot-devices#cve-2021-31641 https://gitbook.seguranca-informatica.pt/cve-and-exploits/cves/chiyu-iot-devices#cve-2021-31642 https://gitbook.seguranca-informatica.pt/cve-and-exploits/cves/chiyu-iot-devices#cve-2021-31643 +https://gitee.com/inxeduopen/inxedu/issues/I294XL +https://gitee.com/koyshe/phpshe/issues/IQ8S8 +https://gitee.com/koyshe/phpshe/issues/ITLK2 https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/ https://github.blog/2023-01-23-pwning-the-all-google-phone-with-a-non-google-bug/ https://github.blog/2023-10-09-coordinated-disclosure-1-click-rce-on-gnome-cve-2023-43641/ @@ -112310,10 +112956,14 @@ https://github.com/0katz/CVE-2019-12476 https://github.com/0pc0deFR/wordpress-sploit-framework/blob/master/exploits/Brute_Force_Login_Protection_1_3_Cross_Site_Request_Forgery https://github.com/0x09AL/CVE-2017-11882-metasploit https://github.com/0x404Ming/CVE_Hunter/blob/main/SQLi-3.md +https://github.com/0x727/ShuiZe_0x727 +https://github.com/0x727/ShuiZe_0x727/issues/160 https://github.com/0xAlmighty/Vulnerability-Research/blob/main/SourceCodester/CLMS/SourceCodester-CLMS-SQLi.md +https://github.com/0xB9/LayerBB-1.1.3-CSRF/blob/master/README.md https://github.com/0xBaz/CVE-2021-29349/issues/1 https://github.com/0xInfection/EPScalate https://github.com/0xcc-Since2016/TP-Link-WDR-Router-Command-injection_POC/blob/master/poc.py +https://github.com/0xfml/poc/blob/main/PLANET/WDRT-1800AX.md https://github.com/0xhebi/CVE-2022-34970/blob/master/report.md https://github.com/0xhebi/CVEs/blob/main/Crow/CVE-2022-38668.md https://github.com/0xrayan/CVEs/issues/1 @@ -112321,9 +112971,34 @@ https://github.com/0xrayan/CVEs/issues/2 https://github.com/0xrayan/CVEs/issues/3 https://github.com/0z09e/CVE-2022-22909 https://github.com/10TG/vulnerabilities/blob/main/Acer/CVE-2022-41415/CVE-2022-41415.md +https://github.com/10TG/vulnerabilities/blob/main/Netgear/CVE-2022-30078/CVE-2022-30078.md +https://github.com/10cksYiqiyinHangzhouTechnology/Security-Issue-Report-of-TinyTIFF +https://github.com/10cksYiqiyinHangzhouTechnology/Security-Issue-Report-of-TinyTIFF/blob/main/README.md +https://github.com/10cksYiqiyinHangzhouTechnology/Security-Issue-Report-of-TinyTIFF/blob/main/id8 +https://github.com/10cksYiqiyinHangzhouTechnology/elf-parser_segments_poc +https://github.com/10cksYiqiyinHangzhouTechnology/mp4v2_trackdump_poc +https://github.com/10cksYiqiyinHangzhouTechnology/mp4v2_trackdump_poc/blob/main/id_000005%2Csig_08%2Csrc_000166%2B000357%2Ctime_3137250%2Cexecs_3545598%2Cop_splice%2Crep_16 +https://github.com/10cksYiqiyinHangzhouTechnology/tinydngSecurityIssueReport1 +https://github.com/10cksYiqiyinHangzhouTechnology/vox2mesh_poc +https://github.com/10cksYiqiyinHangzhouTechnology/vox2png/blob/main/README.md +https://github.com/10splayaSec/CVE-Disclosures/tree/main/ChurchCRM/CVE-2023-25346 +https://github.com/10splayaSec/CVE-Disclosures/tree/main/ChurchCRM/CVE-2023-25347 +https://github.com/10splayaSec/CVE-Disclosures/tree/main/ChurchCRM/CVE-2023-26839 +https://github.com/10splayaSec/CVE-Disclosures/tree/main/ChurchCRM/CVE-2023-26841 https://github.com/10splayaSec/CVE-Disclosures/tree/main/ChurchCRM/CVE-2023-31548 https://github.com/1160300418/Vuls/blob/main/Tenda/AC/Vul_NatStaticSetting.md https://github.com/1160300418/Vuls/blob/main/Tenda/AC/Vul_expandDlnaFile.md +https://github.com/1160300418/Vuls/tree/main/D-Link/DIR-605L/01 +https://github.com/1160300418/Vuls/tree/main/D-Link/DIR-605L/02 +https://github.com/1160300418/Vuls/tree/main/D-Link/DIR-605L/03 +https://github.com/1160300418/Vuls/tree/main/D-Link/DIR-605L/curTime_Vuls/01 +https://github.com/1160300418/Vuls/tree/main/D-Link/DIR-605L/curTime_Vuls/02 +https://github.com/1160300418/Vuls/tree/main/D-Link/DIR-605L/curTime_Vuls/03 +https://github.com/1160300418/Vuls/tree/main/D-Link/DIR-605L/curTime_Vuls/04 +https://github.com/1160300418/Vuls/tree/main/D-Link/DIR-605L/webpage_Vuls/01 +https://github.com/1160300418/Vuls/tree/main/D-Link/DIR-605L/webpage_Vuls/02 +https://github.com/1160300418/Vuls/tree/main/D-Link/DIR-605L/webpage_Vuls/03 +https://github.com/14isnot40/vul_discovery/blob/06d04dbbc6f792a82321c00376d4dbf3add00f4f/poc/bit2spr%20vulnerability%20discovery.md.pdf https://github.com/14isnot40/vul_discovery/blob/master/D-Link%20COVR%2012xx%20.pdf https://github.com/1759134370/iot/blob/main/TOTOLINK/A3002R/2.md https://github.com/1759134370/iot/blob/main/TOTOLINK/A3002R/3.md @@ -112332,15 +113007,31 @@ https://github.com/1759134370/iot/blob/main/TOTOLINK/A860R/3.md https://github.com/1759134370/iot/blob/main/TOTOLINK/A860R/4.md https://github.com/1759134370/iot/blob/main/TOTOLINK/A860R/5.md https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-85cf-gj29-f555 +https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-hf7j-xj3w-87g4 +https://github.com/1Panel-dev/KubePi/security/advisories/GHSA-757p-vx43-fp9r +https://github.com/1Panel-dev/KubePi/security/advisories/GHSA-87f6-8gr7-pc6h +https://github.com/1angx/webray.com.cn/blob/main/Wavlink/Wavlink%20mesh.cgi.md https://github.com/1angx/webray.com.cn/blob/main/Wavlink/Wavlink%20touchlist_sync.cgi.md https://github.com/1d8/publications/tree/main/cve-2021-29012 +https://github.com/1dreamGN/CVE/blob/main/CVE-2023-42406.md https://github.com/1modm/petereport/issues/35 +https://github.com/1nters3ct/CVEs/blob/main/CVE-2023-26255.md +https://github.com/202ecommerce/security-advisories/security/advisories/GHSA-hg7m-23j3-rf56 https://github.com/21Gun5/my_cve/blob/main/tenda/bypass_auth.md +https://github.com/2205794866/Tenda/blob/main/AC15/1.md +https://github.com/2205794866/Tenda/blob/main/AC15/10.md +https://github.com/2205794866/Tenda/blob/main/AC15/5.md +https://github.com/2205794866/Tenda/blob/main/AC15/7.md +https://github.com/2205794866/Tenda/blob/main/AC15/9.md +https://github.com/2205794866/Tenda/blob/main/AC5/1.md https://github.com/3ndG4me/AdTran-Personal-Phone-Manager-Vulns/blob/main/CVE-2021-25680.md https://github.com/3ndG4me/AdTran-Personal-Phone-Manager-Vulns/blob/main/CVE-2021-25681.md +https://github.com/3ndG4me/liferay-xss-7.2.1GA2-poc-report-CVE-2020-7934 +https://github.com/418sec/huntr/pull/102 https://github.com/418sec/huntr/pull/1329 https://github.com/4LPH4-NL/CVEs https://github.com/4images/4images/issues/3 +https://github.com/4ra1n/super-xray/releases/tag/0.2-beta https://github.com/4ra1n/super-xray/releases/tag/0.3-beta https://github.com/4ra1n/super-xray/security/advisories/GHSA-39pv-4vmj-c4fr https://github.com/4websecurity/CVE-2022-38553/blob/main/README.md @@ -112350,25 +113041,49 @@ https://github.com/726232111/VulIoT/tree/main/D-Link/DIR823G%20V1.0.2B05/HNAP1 https://github.com/726232111/VulIoT/tree/main/D-Link/DIR823G%20V1.0.2B05/HNAP1/SetMultipleActions https://github.com/726232111/VulIoT/tree/main/D-Link/DIR823G%20V1.0.2B05/HNAP1/SetParentsControlInfo https://github.com/726232111/VulIoT/tree/main/D-Link/DIR823G%20V1.0.2B05/HNAP1/boSetPasswdSettings +https://github.com/7332all/cve/blob/main/rce_1.md +https://github.com/779789571/zzcms/blob/main/README.md https://github.com/7akahash1/POC/blob/main/1.md +https://github.com/849200701/cms/blob/main/CSRF%20exists%20in%20the%20backup%20and%20restore%20location.md +https://github.com/876054426/vul/blob/master/ljcms_sql.md +https://github.com/9001/copyparty/security/advisories/GHSA-f54q-j679-p9hh +https://github.com/96xiaopang/Vulnerabilities/blob/main/zzzcms%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0_en.md +https://github.com/9Bakabaka/CVE-2023-36123 https://github.com/9lyph/CVE-2019-12836/blob/master/README.md +https://github.com/ABB-EL/external-vulnerability-disclosures/security/advisories/GHSA-9gqg-pp5p-q9hg https://github.com/ADOdb/ADOdb/issues/274 https://github.com/ARM-software/astc-encoder/issues/294 +https://github.com/ARMmbed/mbedtls/issues/1561 https://github.com/Abyss-W4tcher/ab4yss-wr4iteups/blob/ffa980faa9e3598d49d6fb7def4f7a67cfb5f427/SPIP%20-%20Pentest/SPIP%204.1.2/SPIP_4.1.2_AUTH_RCE/SPIP_4.1.2_AUTH_RCE_Abyss_Watcher_12_07_22.md +https://github.com/AcademySoftwareFoundation/openexr/blob/master/SECURITY.md https://github.com/AcademySoftwareFoundation/openexr/issues/1680 +https://github.com/AcademySoftwareFoundation/openexr/issues/491 +https://github.com/AcademySoftwareFoundation/openexr/issues/493 +https://github.com/AcademySoftwareFoundation/openexr/issues/494 https://github.com/Admidio/admidio/issues/612 +https://github.com/AetherBlack/CVE/tree/main/PMB https://github.com/AgainstTheLight/CVE-2022-37201/blob/main/README.md https://github.com/AgainstTheLight/CVE-2022-37202/blob/main/README.md +https://github.com/AgainstTheLight/CVE-2022-37203/blob/main/README.md https://github.com/AgainstTheLight/CVE-2022-37204/blob/main/README.md +https://github.com/AgainstTheLight/CVE-2022-37205/blob/main/README.md https://github.com/AgainstTheLight/CVE-2022-37207/blob/main/README.md https://github.com/AgainstTheLight/CVE-2022-37209/tree/main https://github.com/AgainstTheLight/someEXP_of_jfinal_cms/blob/main/jfinal_cms/sql1.md https://github.com/AgainstTheLight/someEXP_of_jfinal_cms/blob/main/jfinal_cms/sql10.md https://github.com/AgainstTheLight/someEXP_of_jfinal_cms/blob/main/jfinal_cms/sql3.md +https://github.com/AgainstTheLight/someEXP_of_jfinal_cms/blob/main/jfinal_cms/sql4.md https://github.com/AgainstTheLight/someEXP_of_jfinal_cms/blob/main/jfinal_cms/sql5.md https://github.com/AgainstTheLight/someEXP_of_jfinal_cms/blob/main/jfinal_cms/sql7.md https://github.com/AgainstTheLight/someEXP_of_jfinal_cms/blob/main/jfinal_cms/sql8.md https://github.com/AgainstTheLight/someEXP_of_jfinal_cms/blob/main/jfinal_cms/sql9.md +https://github.com/Ahwxorg/LibreY/security/advisories/GHSA-p4f9-h8x8-mpwf +https://github.com/Ahwxorg/LibreY/security/advisories/GHSA-xfj6-4vp9-8rgc +https://github.com/Ainevsia/CVE-Request/tree/main/Ricoh/1 +https://github.com/Ainevsia/CVE-Request/tree/main/Solana/1 +https://github.com/Alkatraz97/CVEs/blob/main/CVE-2023-33754.md +https://github.com/Alluxio/alluxio/issues/10552 +https://github.com/Am1ngl/ttt/tree/main/12 https://github.com/Am1ngl/ttt/tree/main/13 https://github.com/Am1ngl/ttt/tree/main/14 https://github.com/Am1ngl/ttt/tree/main/15 @@ -112376,16 +113091,40 @@ https://github.com/Am1ngl/ttt/tree/main/16 https://github.com/Am1ngl/ttt/tree/main/160 https://github.com/Am1ngl/ttt/tree/main/161 https://github.com/Am1ngl/ttt/tree/main/17 +https://github.com/Am1ngl/ttt/tree/main/19 +https://github.com/Am1ngl/ttt/tree/main/20 +https://github.com/Am1ngl/ttt/tree/main/22 +https://github.com/Am1ngl/ttt/tree/main/23 +https://github.com/Am1ngl/ttt/tree/main/29 +https://github.com/Am1ngl/ttt/tree/main/30 +https://github.com/Am1ngl/ttt/tree/main/31 +https://github.com/Am1ngl/ttt/tree/main/32 +https://github.com/Am1ngl/ttt/tree/main/37 +https://github.com/AndreGNogueira/CVE-2023-39063 https://github.com/AndyRixon/LayerBB/issues/51 +https://github.com/AnotherN/cvv/blob/main/imgs/Lost%20and%20Found%20Information%20System%20-%20multiple%20vulnerabilities.md#4sql-injection-vulnerability-in-admininquiriesview_inquiryphp +https://github.com/AnotherN/cvv/blob/main/imgs/Lost%20and%20Found%20Information%20System%20-%20multiple%20vulnerabilities.md#7sql-injection-vulnerability-in-adminusermanage_userphp +https://github.com/AntSwordProject/antSword/issues/147 https://github.com/Antho59/wp-jobhunt-exploit +https://github.com/AntonKueltz/fastecdsa/issues/52 +https://github.com/Anza2001/IOT_VULN/blob/main/Tenda/AX1803/formAddMacfilterRule.md +https://github.com/Anza2001/IOT_VULN/blob/main/Tenda/AX1806/fromSetWirelessRepeat.md +https://github.com/Anza2001/IOT_VULN/blob/main/Tenda/AX1806/setSchedWifi.md https://github.com/ArianeBlow/exploit-eyesofnetwork5.3.10/blob/main/PoC-BruteForceID-arbitraty-file-upload-RCE-PrivEsc.py https://github.com/Athlon1600/php-proxy-app/issues/134 +https://github.com/AuroraHaaash/vul_report/blob/main/TOTOLINK%20A3300R-Command%20Injection/readme.md +https://github.com/AuroraHaaash/vul_report/blob/main/TOTOLINK%20A3300R/readme.md +https://github.com/Aurorainfinity/Poc/tree/master/jerryscript/NULL-dereference-ecma_get_lex_env_type +https://github.com/Aurorainfinity/Poc/tree/master/pdf2json +https://github.com/Aurorainfinity/Poc/tree/master/pdf2xml +https://github.com/AutismJH/damicms/issues/5 https://github.com/Automattic/mongoose/issues/8222 https://github.com/Awilum/monstra-cms/issues/351 https://github.com/B2eFly/CVE/blob/main/totolink/CP900/2/2.md https://github.com/B2eFly/CVE/blob/main/totolink/CP900/3/3.md https://github.com/B2eFly/CVE/blob/main/totolink/CP900/5/5.md https://github.com/B3Bo1d/CVE-2019-13403/ +https://github.com/BLL-l/vulnerability_wiki/blob/main/zzcms/user_manage_xss.md https://github.com/Balasys/dheater https://github.com/Barakat/CVE-2019-16098 https://github.com/BastilleResearch/CableTap/blob/master/doc/advisories/bastille-17.public-wifi-theft-impersonation.txt @@ -112412,14 +113151,36 @@ https://github.com/BastilleResearch/CableTap/blob/master/doc/advisories/bastille https://github.com/BastilleResearch/CableTap/blob/master/doc/advisories/bastille-40.ethernet-snmp.txt https://github.com/BastilleResearch/CableTap/blob/master/doc/advisories/bastille-41.root-command-execution.txt https://github.com/BastilleResearch/CableTap/blob/master/doc/advisories/bastille-42.remote-OTA.txt +https://github.com/Beckaf/vunl/blob/main/TOTOLINK/X6000R/2/2.md https://github.com/BigNerd95/Chimay-Red +https://github.com/BigTiger2020/2023/blob/main/Free%20and%20Open%20Source%20inventory%20management%20system/Free%20and%20Open%20Source%20inventory%20management%20system.md +https://github.com/BigTiger2020/2023/blob/main/XSS.md +https://github.com/BigTiger2020/2023/blob/main/best-courier-management-system/best-courier-management-system-reflected%20xss2.md +https://github.com/BigTiger2020/74cms-rce/blob/main/README.md https://github.com/BigTiger2020/Seat-Reservation-System +https://github.com/BigTiger2020/Victor-CMS-/blob/main/README.md https://github.com/BlackCatDevelopment/BlackCatCMS/issues/373 +https://github.com/BlackCatDevelopment/BlackCatCMS/issues/389 https://github.com/BlackFan/client-side-prototype-pollution/blob/master/pp/jquery-deparam.md https://github.com/BlackFan/client-side-prototype-pollution/blob/master/pp/mootools-more.md https://github.com/Blck4/blck4/blob/master/Gxlcms%20POC.php https://github.com/BloodHoundAD/BloodHound/issues/267 +https://github.com/BloodHoundAD/BloodHound/issues/338 https://github.com/Bo0oM/CVE-2017-5124 +https://github.com/BobTheShoplifter/CVE-2023-52251-POC +https://github.com/Bobjones7/cve/blob/main/sql.md +https://github.com/Bonfee/CVE-2022-25636 +https://github.com/BreakALegCml/try/blob/main/SinSiuEnterpriseWebsiteSystem +https://github.com/BretMcDanel/CVE/blob/main/CVE-2023-25366.md +https://github.com/BretMcDanel/CVE/blob/main/CVE-2023-25367.md +https://github.com/BretMcDanel/CVE/blob/main/CVE-2023-25368.md +https://github.com/BretMcDanel/CVE/blob/main/CVE-2023-25369.md +https://github.com/BrotherOfJhonny/grafana +https://github.com/BrotherOfJhonny/grafana/blob/main/README.md +https://github.com/BrunoTeixeira1996/CVE-2023-36250/blob/main/README.md +https://github.com/Bubka/2FAuth/security/advisories/GHSA-cwhq-2mcq-pp9q +https://github.com/Budibase/budibase/security/advisories/GHSA-9xg2-9mcv-985p +https://github.com/BugBountyHunterCVE/CVE-2023-40280/blob/main/CVE-2023-40280_Authenticated-Directory-Path-Traversal_OpenClinic-GA_5.247.01_Report.md https://github.com/BurakSevben/CVEs/blob/main/Interactive%20Map%20App/Interactive%20Map%20App%20-%20Cross-Site-Scripting.md https://github.com/BurakSevben/CVEs/blob/main/Interactive%20Map%20App/Interactive%20Map%20App%20-%20SQL%20Injection.md https://github.com/BurakSevben/CVEs/blob/main/News%20Portal/News%20Portal%20-%20SQL%20Injection%20-%203.md @@ -112440,6 +113201,7 @@ https://github.com/BurakSevben/CVEs/blob/main/Student%20Record%20System%203.20/S https://github.com/ByteHackr/389-ds-base https://github.com/ByteHackr/unzip_poc https://github.com/C0der1iu/Nexusphppoc/blob/master/xss2.txt +https://github.com/CCCCCrash/POCs/tree/master/Bin/Tools-gettext-0.19.8.1/doublefree https://github.com/CCCCCrash/POCs/tree/master/Bin/Tools-gettext-0.19.8.1/heapcorruption https://github.com/CCCCCrash/POCs/tree/master/Bin/Tools-libansilove-1.0.0 https://github.com/CCCCCrash/POCs/tree/master/Web/gitnote @@ -112448,6 +113210,8 @@ https://github.com/CCCCCrash/POCs/tree/master/Web/showdoc/IncorrectAccessControl https://github.com/CCCCCrash/POCs/tree/master/Web/showdoc/csrf https://github.com/CDACesec/CVE-2022-31901 https://github.com/CDACesec/CVE-2022-31902 +https://github.com/CESNET/libyang/issues/1453 +https://github.com/CLP-team/Vigor-Commond-Injection https://github.com/CNK2100/VFuzz-public https://github.com/COVESA/vsomeip/files/14904610/details.zip https://github.com/COVESA/vsomeip/issues/663 @@ -112468,48 +113232,114 @@ https://github.com/CPSeek/Router-vuls/blob/main/Tenda/W20E/formDelDhcpRule.md https://github.com/CPSeek/Router-vuls/blob/main/Tenda/W20E/formIPMacBindDel.md https://github.com/CPSeek/Router-vuls/blob/main/Tenda/W20E/formSetPortMapping.md https://github.com/CPSeek/Router-vuls/blob/main/Tenda/W20E/setDebugCfg.md +https://github.com/CQURE/CVEs/blob/main/CVE-2023-37607/README.md +https://github.com/CTurt/shogihax https://github.com/Cacti/cacti/issues/1057 https://github.com/Cacti/cacti/issues/1071 https://github.com/Cacti/cacti/issues/1882 +https://github.com/Cacti/cacti/security/advisories/GHSA-24w4-4hp2-3j8h +https://github.com/Cacti/cacti/security/advisories/GHSA-4pjv-rmrp-r59x +https://github.com/Cacti/cacti/security/advisories/GHSA-5hpr-4hhc-8q42 +https://github.com/Cacti/cacti/security/advisories/GHSA-6hrc-2cfc-8hm7 +https://github.com/Cacti/cacti/security/advisories/GHSA-6jhp-mgqg-fhqg +https://github.com/Cacti/cacti/security/advisories/GHSA-6r43-q2fw-5wrg +https://github.com/Cacti/cacti/security/advisories/GHSA-77rf-774j-6h3p +https://github.com/Cacti/cacti/security/advisories/GHSA-9fj7-8f2j-2rw2 https://github.com/Cacti/cacti/security/advisories/GHSA-cx8g-hvq8-p2rv +https://github.com/Cacti/cacti/security/advisories/GHSA-g6ff-58cj-x3cp https://github.com/Cacti/cacti/security/advisories/GHSA-gj3f-p326-gh8r https://github.com/Cacti/cacti/security/advisories/GHSA-gj95-7xr8-9p7g +https://github.com/Cacti/cacti/security/advisories/GHSA-gx8c-xvjh-9qh4 +https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h https://github.com/Cacti/cacti/security/advisories/GHSA-jrxg-8wh8-943x https://github.com/Cacti/cacti/security/advisories/GHSA-p4ch-7hjw-6m87 https://github.com/Cacti/cacti/security/advisories/GHSA-q4wh-3f9w-836h +https://github.com/Cacti/cacti/security/advisories/GHSA-q7g7-gcf6-wh4x https://github.com/Cacti/cacti/security/advisories/GHSA-r8qq-88g3-hmgv https://github.com/Cacti/cacti/security/advisories/GHSA-rf5w-pq3f-9876 https://github.com/Cacti/cacti/security/advisories/GHSA-rqc8-78cm-85j3 +https://github.com/Cacti/cacti/security/advisories/GHSA-rwhh-xxm6-vcrv +https://github.com/Cacti/cacti/security/advisories/GHSA-v5w7-hww7-2f22 https://github.com/Cacti/cacti/security/advisories/GHSA-vjph-r677-6pcc +https://github.com/Cacti/cacti/security/advisories/GHSA-vqcc-5v63-g9q7 +https://github.com/Cacti/cacti/security/advisories/GHSA-w85f-7c4w-7594 +https://github.com/Cacti/cacti/security/advisories/GHSA-wc73-r2vw-59pr +https://github.com/Cacti/cacti/security/advisories/GHSA-xwqc-7jc4-xm73 https://github.com/CalfCrusher/CVE-2023-31851 https://github.com/CalfCrusher/CVE-2023-31852 https://github.com/CalfCrusher/CVE-2023-31853 +https://github.com/CapgeminiCisRedTeam/Disclosure/blob/f7aafa9fcd4efa30071c7f77d3e9e6b14e92302b/CVE%20PoC/CVE-2023-41635%20%7C%20RealGimm%20-%20XML%20External%20Entity%20Injection.md +https://github.com/CapgeminiCisRedTeam/Disclosure/blob/f7aafa9fcd4efa30071c7f77d3e9e6b14e92302b/CVE%20PoC/CVE-2023-41636%20%7C%20RealGimm%20-%20SQL%20Injection(1).md +https://github.com/CapgeminiCisRedTeam/Disclosure/blob/f7aafa9fcd4efa30071c7f77d3e9e6b14e92302b/CVE%20PoC/CVE-2023-41637%20%7C%20RealGimm%20-%20Stored%20Cross-site%20Scripting.md +https://github.com/CapgeminiCisRedTeam/Disclosure/blob/f7aafa9fcd4efa30071c7f77d3e9e6b14e92302b/CVE%20PoC/CVE-2023-41638%20%7C%20RealGimm%20-%20RCE%20via%20Unrestricted%20File%20Upload.md +https://github.com/CapgeminiCisRedTeam/Disclosure/blob/f7aafa9fcd4efa30071c7f77d3e9e6b14e92302b/CVE%20PoC/CVE-2023-41640%20%7C%20RealGimm%20-%20Information%20disclosure.md +https://github.com/CapgeminiCisRedTeam/Disclosure/blob/f7aafa9fcd4efa30071c7f77d3e9e6b14e92302b/CVE%20PoC/CVE-2023-41642%20%7C%20RealGimm%20%20-%20Reflected%20Cross-site%20Scripting.md https://github.com/CapgeminiCisRedTeam/Disclosure/blob/main/CVE%20PoC/CVE-2023-31465.md https://github.com/CapgeminiCisRedTeam/Disclosure/blob/main/CVE%20PoC/CVE-2023-31466.md +https://github.com/CapgeminiCisRedTeam/Disclosure/blob/main/CVE%20PoC/CVE-2023-39558.md +https://github.com/CapgeminiCisRedTeam/Disclosure/blob/main/CVE%20PoC/CVE-2023-39559.md +https://github.com/CapgeminiCisRedTeam/Disclosure/blob/main/CVE%20PoC/CVE-ID%20%7C%20RealGimm%20%20-%20Reflected%20Cross-site%20Scripting.md +https://github.com/CapgeminiCisRedTeam/Disclosure/blob/main/CVE%20PoC/CVE-ID%20%7C%20RealGimm%20-%20Information%20disclosure.md +https://github.com/CapgeminiCisRedTeam/Disclosure/blob/main/CVE%20PoC/CVE-ID%20%7C%20RealGimm%20-%20RCE%20via%20Unrestricted%20File%20Upload.md +https://github.com/CapgeminiCisRedTeam/Disclosure/blob/main/CVE%20PoC/CVE-ID%20%7C%20RealGimm%20-%20SQL%20Injection(1).md +https://github.com/CapgeminiCisRedTeam/Disclosure/blob/main/CVE%20PoC/CVE-ID%20%7C%20RealGimm%20-%20Stored%20Cross-site%20Scripting.md +https://github.com/CapgeminiCisRedTeam/Disclosure/blob/main/CVE%20PoC/CVE-ID%20%7C%20RealGimm%20-%20XML%20External%20Entity%20Injection.md +https://github.com/Carol7S/cve/blob/main/rce.md https://github.com/CauldronDevelopmentLLC/cbang/issues/115 https://github.com/Cedric1314/CVE-2022-44870/blob/main/README.md https://github.com/ChanStormstout/Pocs/blob/master/gpac_POC/id%3A000000%2Csig%3A06%2Csrc%3A003771%2Ctime%3A328254%2Cexecs%3A120473%2Cop%3Ahavoc%2Crep%3A8 https://github.com/ChandlerChin/Dlink_vuls/blob/master/A%20hard%20coded%20telnet%20user%20was%20discovered%20in%20multiple%20Dlink%20routers.pdf +https://github.com/Changboqian/cve/blob/main/reset_password_improperly.md https://github.com/Chanzhaoyu/chatgpt-web/issues/2001 +https://github.com/Chef003/cve/blob/main/rce.md +https://github.com/Cherry-toto/jizhicms/issues/28 +https://github.com/Cherry-toto/jizhicms/issues/29 https://github.com/Cherry-toto/jizhicms/issues/75 https://github.com/Cherry-toto/jizhicms/issues/76 +https://github.com/Cherry-toto/jizhicms/issues/77 +https://github.com/Cherry-toto/jizhicms/issues/85 +https://github.com/ChijinZ/security_advisories/tree/master/webkitgtk-2.36.0 https://github.com/Chocapikk/CVE-2024-31819 +https://github.com/ChrisL0tus/CVE-2023-34924 +https://github.com/ChurchCRM/CRM/issues/5477 +https://github.com/ChurchCRM/CRM/issues/6450 https://github.com/ChurchCRM/CRM/issues/6471 +https://github.com/ChurchCRM/CRM/issues/6474 +https://github.com/Ciber-Mike/BigTree_CMS-Stored_XSS-Developer_Settings/blob/main/README.md +https://github.com/CleverStupidDog/yf-exam/issues/2 https://github.com/ClipperCMS/ClipperCMS/issues/487 https://github.com/ClipperCMS/ClipperCMS/issues/488 https://github.com/ClipperCMS/ClipperCMS/issues/494 +https://github.com/CoColizdf/CVE/issues/1 +https://github.com/CoColizdf/CVE/issues/2 +https://github.com/Codiad/Codiad/issues/1122 https://github.com/Codiad/Codiad/issues/584 +https://github.com/Conan0313/cve/blob/main/sql.md https://github.com/ConfusedChenSir/VulnerabilityProjectRecords/blob/main/formSetAutoPing_ping1/formSetAutoPing_ping1.md https://github.com/ConfusedChenSir/VulnerabilityProjectRecords/blob/main/fromSysToolReboot/fromSysToolReboot.md https://github.com/ConfusedChenSir/VulnerabilityProjectRecords/blob/main/fromSysToolRestoreSet/fromSysToolRestoreSet.md +https://github.com/Contrast-Security-OSS/yamlbeans/blob/main/SECURITY.md +https://github.com/Cossack9989/Vulns/blob/master/IoT/CVE-2020-14473.md +https://github.com/Cotonti/Cotonti/issues/1660 +https://github.com/Cotonti/Cotonti/issues/1661 +https://github.com/CrownZTX/vulnerabilities/blob/main/geeklog/Stored_XSS_in_group.php.md +https://github.com/CrownZTX/vulnerabilities/blob/main/geeklog/reflected_XSS_in_editservice.md +https://github.com/Crypt0Cr33py/monicahqvuln +https://github.com/Cubi123123123/cve/blob/main/NS-ASG-sql-list_onlineuser.md https://github.com/CunningLogic/PixelDump_CVE-2016-8462 +https://github.com/CuppaCMS/CuppaCMS/issues/12 https://github.com/CuppaCMS/CuppaCMS/issues/17 https://github.com/CuppaCMS/CuppaCMS/issues/20 +https://github.com/CuppaCMS/CuppaCMS/issues/23 +https://github.com/CuppaCMS/CuppaCMS/issues/24 +https://github.com/CuppaCMS/CuppaCMS/issues/28 https://github.com/CuppaCMS/CuppaCMS/issues/3 https://github.com/CuppaCMS/CuppaCMS/issues/30 https://github.com/CuppaCMS/CuppaCMS/issues/31 https://github.com/CuppaCMS/CuppaCMS/issues/33 https://github.com/CuppaCMS/CuppaCMS/issues/34 +https://github.com/CuppaCMS/CuppaCMS/issues/7 +https://github.com/Cutegod/CMS_0_day/issues/2 https://github.com/CveSecLook/cve/issues/1 https://github.com/CveSecLook/cve/issues/10 https://github.com/CveSecLook/cve/issues/11 @@ -112525,26 +113355,68 @@ https://github.com/CveSecLook/cve/issues/41 https://github.com/CveSecLook/cve/issues/42 https://github.com/CveSecLook/cve/issues/6 https://github.com/Cvjark/Poc/blob/main/advancecomp/CVE-2022-35014.md +https://github.com/Cvjark/Poc/blob/main/advancecomp/CVE-2022-35015.md +https://github.com/Cvjark/Poc/blob/main/advancecomp/CVE-2022-35016.md +https://github.com/Cvjark/Poc/blob/main/advancecomp/CVE-2022-35017.md +https://github.com/Cvjark/Poc/blob/main/advancecomp/CVE-2022-35019.md https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35021.md https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35023.md https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35024.md +https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35025.md https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35026.md https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35029.md +https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35030.md +https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35031.md https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35032.md +https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35034.md +https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35035.md https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35036.md +https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35037.md +https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35039.md +https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35040.md +https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35045.md +https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35046.md https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35047.md +https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35048.md +https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35049.md https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35050.md +https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35051.md https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35053.md +https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35054.md https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35055.md +https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35056.md +https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35058.md +https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35059.md +https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35060.md https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35061.md +https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35062.md https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35063.md +https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35064.md +https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35065.md +https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35066.md https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35069.md +https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35070.md +https://github.com/Cvjark/Poc/blob/main/swftools/gif2swf/CVE-2022-35085.md +https://github.com/Cvjark/Poc/blob/main/swftools/gif2swf/CVE-2022-35086.md +https://github.com/Cvjark/Poc/blob/main/swftools/gif2swf/CVE-2022-35087.md +https://github.com/Cvjark/Poc/blob/main/swftools/gif2swf/CVE-2022-35088.md +https://github.com/Cvjark/Poc/blob/main/swftools/pdf2swf/CVE-2022-35091.md +https://github.com/Cvjark/Poc/blob/main/swftools/pdf2swf/CVE-2022-35092.md +https://github.com/Cvjark/Poc/blob/main/swftools/pdf2swf/CVE-2022-35093.md https://github.com/Cvjark/Poc/blob/main/swftools/pdf2swf/CVE-2022-35094.md +https://github.com/Cvjark/Poc/blob/main/swftools/pdf2swf/CVE-2022-35095.md https://github.com/Cvjark/Poc/blob/main/swftools/pdf2swf/CVE-2022-35096.md https://github.com/Cvjark/Poc/blob/main/swftools/pdf2swf/CVE-2022-35097.md +https://github.com/Cvjark/Poc/blob/main/swftools/pdf2swf/CVE-2022-35099.md +https://github.com/Cvjark/Poc/blob/main/swftools/png2swf/CVE-2022-35080.md +https://github.com/Cvjark/Poc/blob/main/swftools/png2swf/CVE-2022-35081.md +https://github.com/Cyber-Wo0dy/report/blob/main/microweber/v2.0.4/microweber_unrestricted_upload https://github.com/CyberThoth/CVE/blob/83c243538386cd0761025f85eb747eab7cae5c21/CVE/Simple%20e-Learning%20System/Cross%20Site%20Scripting(Stored)/POC.md https://github.com/CyberThoth/CVE/blob/8c6b66919be1bd66a54c16cc27cbdd9793221d3e/CVE/Clinic's%20Patient%20Management%20System/Unrestricted%20file%20upload%20(RCE)/POC.md +https://github.com/CyberThoth/CVE/blob/a203e5c7b3ac88a5a0bc7200324f2b24716e8fc2/CVE/Hotel%20Management%20system/Cross%20Site%20Scripting(Refelected)/POC.md https://github.com/CyberThoth/CVE/blob/a203e5c7b3ac88a5a0bc7200324f2b24716e8fc2/CVE/Hotel%20Management%20system/Cross%20Site%20Scripting(Stored)/POC.md +https://github.com/CyberThoth/CVE/blob/a203e5c7b3ac88a5a0bc7200324f2b24716e8fc2/CVE/Simple%20Sales%20Management%20System/Cross%20Site%20Scripting(Stored)/POC.md +https://github.com/CyberThoth/CVE/blob/eea3090b960da014312f7ad4b09aa58d23966d77/CVE/Simple%20Parking%20Management%20System/Cross%20Site%20Scripting(Refelected)/POC.md https://github.com/CyberThoth/CVE/blob/eea3090b960da014312f7ad4b09aa58d23966d77/CVE/Simple%20Parking%20Management%20System/Cross%20Site%20Scripting(Stored)/POC.md https://github.com/CyberThoth/CVE/blob/main/CVE/Library%20Management%20System%20with%20QR%20code%20Attendance/Cross%20Site%20Scripting(Stored)/POC.md https://github.com/D0neMkj/POC_BSOD/tree/master/2345%20security%20guard/0x00222018 @@ -112591,7 +113463,9 @@ https://github.com/D0neMkj/POC_BSOD/tree/master/Windows%20Optimization%20master/ https://github.com/D0neMkj/POC_BSOD/tree/master/Windows%20Optimization%20master/0xf1002841 https://github.com/D0neMkj/POC_BSOD/tree/master/Windows%20Optimization%20master/0xf1002849 https://github.com/D0neMkj/POC_BSOD/tree/master/Windows%20Optimization%20master/0xf100284c +https://github.com/D23K4N/CVE/blob/main/CVE-2023-30285.md https://github.com/D2y6p/CVE/blob/2bac2c96e24229fa99e0254eaac1b8809e424b4b/Totolink/CVE-2023-31729/CVE-2023-31729.md +https://github.com/D2y6p/CVE/blob/main/Netgear/CVE-2023-34563/EN.md https://github.com/D4rkP0w4r/AeroCMS-Add_Posts-Stored_XSS-Poc https://github.com/D4rkP0w4r/AeroCMS-Comment-Stored_XSS-Poc https://github.com/D4rkP0w4r/AeroCMS-Unrestricted-File-Upload-POC @@ -112611,30 +113485,52 @@ https://github.com/D4rkP0w4r/Full-Ecommece-Website-Slides-Unrestricted-File-Uplo https://github.com/D4rkP0w4r/Musical-World-Unrestricted-File-Upload-RCE-POC https://github.com/D4rkP0w4r/sms-Add_Student-Stored_XSS-POC https://github.com/D4rkP0w4r/sms-Unrestricted-File-Upload-RCE-POC +https://github.com/DDizzzy79/Tenda-CVE/blob/main/AC8V4.0/N1/README.md +https://github.com/DDizzzy79/Tenda-CVE/blob/main/AC8V4.0/N3/README.md +https://github.com/DDizzzy79/Tenda-CVE/blob/main/AC8V4.0/N4/README.md +https://github.com/DDizzzy79/Tenda-CVE/blob/main/AC8V4.0/N5/README.md +https://github.com/DDizzzy79/Tenda-CVE/blob/main/AC8V4.0/N6/README.md +https://github.com/DDizzzy79/Tenda-CVE/tree/main/AC8V4.0/N1 +https://github.com/DDizzzy79/Tenda-CVE/tree/main/AC8V4.0/N3 +https://github.com/DDizzzy79/Tenda-CVE/tree/main/AC8V4.0/N5 +https://github.com/DDizzzy79/Tenda-CVE/tree/main/AC8V4.0/N6 https://github.com/DIPlib/diplib/issues/80 https://github.com/DIYgod/RSSHub/issues/10045 +https://github.com/DaDong-G/Vulnerability_info/blob/main/TOTOLINK/lr350/4/README.md https://github.com/DaisyPo/fuzzing-vulncollect/blob/main/yasm/SEGV/nasm-pp.c:4008%20in%20expand_mmac_params/README.md +https://github.com/DaisyPo/fuzzing-vulncollect/files/11343936/poc-file.zip https://github.com/DaisyPo/fuzzing-vulncollect/tree/main/yasm/SEGV/nasm-pp.c:3570%20in%20do_directive https://github.com/DaisyPo/fuzzing-vulncollect/tree/main/yasm/heap-use-after-free/nasm-pp.c:3878%20in%20expand_mmac_params +https://github.com/Daniel-itsec/AdvancedSystemCare https://github.com/Darry-lang1/vuln/blob/main/H3C/GR3200/1/readme.md https://github.com/Darry-lang1/vuln/blob/main/H3C/H3C%20B5Mini/10/readme.md https://github.com/Darry-lang1/vuln/blob/main/H3C/H3C%20B5Mini/11/readme.md +https://github.com/Darry-lang1/vuln/blob/main/H3C/H3C%20B5Mini/12/readme.md https://github.com/Darry-lang1/vuln/blob/main/H3C/H3C%20B5Mini/6/readme.md https://github.com/Darry-lang1/vuln/blob/main/H3C/H3C%20B5Mini/7/readme.md https://github.com/Darry-lang1/vuln/blob/main/H3C/H3C%20B5Mini/8/readme.md https://github.com/Darry-lang1/vuln/blob/main/H3C/H3C%20B5Mini/9/readme.md https://github.com/Darry-lang1/vuln/blob/main/TOTOLINK/A3600R/1/readme.md +https://github.com/Darry-lang1/vuln/blob/main/TOTOLINK/A3700R/10/readme.md +https://github.com/Darry-lang1/vuln/blob/main/TOTOLINK/A3700R/2/readme.md https://github.com/Darry-lang1/vuln/blob/main/TOTOLINK/A3700R/3/readme.md https://github.com/Darry-lang1/vuln/blob/main/TOTOLINK/A3700R/4/readme.md https://github.com/Darry-lang1/vuln/blob/main/TOTOLINK/A3700R/5/readme.md +https://github.com/Darry-lang1/vuln/blob/main/TOTOLINK/A3700R/6/readme.md +https://github.com/Darry-lang1/vuln/blob/main/TOTOLINK/A3700R/7/readme.md +https://github.com/Darry-lang1/vuln/blob/main/TOTOLINK/A3700R/8/readme.md +https://github.com/Darry-lang1/vuln/blob/main/TOTOLINK/A3700R/9/readme.md https://github.com/Darry-lang1/vuln/tree/main/H3C/1 https://github.com/Darry-lang1/vuln/tree/main/H3C/10 https://github.com/Darry-lang1/vuln/tree/main/H3C/11 https://github.com/Darry-lang1/vuln/tree/main/H3C/12 +https://github.com/Darry-lang1/vuln/tree/main/H3C/2 https://github.com/Darry-lang1/vuln/tree/main/H3C/3 https://github.com/Darry-lang1/vuln/tree/main/H3C/4 https://github.com/Darry-lang1/vuln/tree/main/H3C/5 https://github.com/Darry-lang1/vuln/tree/main/H3C/6 +https://github.com/Darry-lang1/vuln/tree/main/H3C/7 +https://github.com/Darry-lang1/vuln/tree/main/H3C/8 https://github.com/Darry-lang1/vuln/tree/main/H3C/9 https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/1 https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/10 @@ -112649,10 +113545,16 @@ https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/18 https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/19 https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/2 https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/3 +https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/4 +https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/5 +https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/7 +https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/8 https://github.com/Darry-lang1/vuln/tree/main/H3C/GR-1200W/9 https://github.com/Darry-lang1/vuln/tree/main/H3C/GR2200/1 +https://github.com/Darry-lang1/vuln/tree/main/H3C/H200/1 https://github.com/Darry-lang1/vuln/tree/main/H3C/H200/10 https://github.com/Darry-lang1/vuln/tree/main/H3C/H200/11 +https://github.com/Darry-lang1/vuln/tree/main/H3C/H200/12 https://github.com/Darry-lang1/vuln/tree/main/H3C/H200/13 https://github.com/Darry-lang1/vuln/tree/main/H3C/H200/14 https://github.com/Darry-lang1/vuln/tree/main/H3C/H200/15 @@ -112664,8 +113566,10 @@ https://github.com/Darry-lang1/vuln/tree/main/H3C/H200/6 https://github.com/Darry-lang1/vuln/tree/main/H3C/H200/7 https://github.com/Darry-lang1/vuln/tree/main/H3C/H200/8 https://github.com/Darry-lang1/vuln/tree/main/H3C/H200/9 +https://github.com/Darry-lang1/vuln/tree/main/H3C/H3C%20B5Mini/2/readme.md https://github.com/Darry-lang1/vuln/tree/main/H3C/H3C%20B5Mini/3/readme.md https://github.com/Darry-lang1/vuln/tree/main/H3C/H3C%20B5Mini/4/readme.md +https://github.com/Darry-lang1/vuln/tree/main/H3C/H3C%20B5Mini/5/readme.md https://github.com/Darry-lang1/vuln/tree/main/H3C/H3C%20NX18%20Plus/1 https://github.com/Darry-lang1/vuln/tree/main/H3C/H3C%20NX18%20Plus/10 https://github.com/Darry-lang1/vuln/tree/main/H3C/H3C%20NX18%20Plus/11 @@ -112677,9 +113581,13 @@ https://github.com/Darry-lang1/vuln/tree/main/H3C/H3C%20NX18%20Plus/16 https://github.com/Darry-lang1/vuln/tree/main/H3C/H3C%20NX18%20Plus/17 https://github.com/Darry-lang1/vuln/tree/main/H3C/H3C%20NX18%20Plus/18 https://github.com/Darry-lang1/vuln/tree/main/H3C/H3C%20NX18%20Plus/19 +https://github.com/Darry-lang1/vuln/tree/main/H3C/H3C%20NX18%20Plus/2 https://github.com/Darry-lang1/vuln/tree/main/H3C/H3C%20NX18%20Plus/20 https://github.com/Darry-lang1/vuln/tree/main/H3C/H3C%20NX18%20Plus/3 +https://github.com/Darry-lang1/vuln/tree/main/H3C/H3C%20NX18%20Plus/4 https://github.com/Darry-lang1/vuln/tree/main/H3C/H3C%20NX18%20Plus/5 +https://github.com/Darry-lang1/vuln/tree/main/H3C/H3C%20NX18%20Plus/6 +https://github.com/Darry-lang1/vuln/tree/main/H3C/H3C%20NX18%20Plus/7 https://github.com/Darry-lang1/vuln/tree/main/H3C/H3C%20NX18%20Plus/8 https://github.com/Darry-lang1/vuln/tree/main/H3C/H3C%20NX18%20Plus/9 https://github.com/Darry-lang1/vuln/tree/main/TOTOLINK/A7000R/1 @@ -112696,7 +113604,10 @@ https://github.com/Darry-lang1/vuln/tree/main/TOTOLINK/N350RT/1 https://github.com/Darry-lang1/vuln/tree/main/TOTOLINK/N350RT/10 https://github.com/Darry-lang1/vuln/tree/main/TOTOLINK/N350RT/2 https://github.com/Darry-lang1/vuln/tree/main/TOTOLINK/N350RT/3 +https://github.com/Darry-lang1/vuln/tree/main/TOTOLINK/N350RT/4 https://github.com/Darry-lang1/vuln/tree/main/TOTOLINK/N350RT/5 +https://github.com/Darry-lang1/vuln/tree/main/TOTOLINK/N350RT/6 +https://github.com/Darry-lang1/vuln/tree/main/TOTOLINK/N350RT/7 https://github.com/Darry-lang1/vuln/tree/main/TOTOLINK/N350RT/8 https://github.com/Darry-lang1/vuln/tree/main/TOTOLINK/N350RT/9 https://github.com/Darry-lang1/vuln/tree/main/Tenda/AC1206/1 @@ -112712,25 +113623,45 @@ https://github.com/Darry-lang1/vuln/tree/main/Tenda/AC1206/18 https://github.com/Darry-lang1/vuln/tree/main/Tenda/AC1206/19 https://github.com/Darry-lang1/vuln/tree/main/Tenda/AC1206/2 https://github.com/Darry-lang1/vuln/tree/main/Tenda/AC1206/3 +https://github.com/Darry-lang1/vuln/tree/main/Tenda/AC1206/4 https://github.com/Darry-lang1/vuln/tree/main/Tenda/AC1206/5 https://github.com/Darry-lang1/vuln/tree/main/Tenda/AC1206/6 +https://github.com/Darry-lang1/vuln/tree/main/Tenda/AC1206/7 +https://github.com/Darry-lang1/vuln/tree/main/Tenda/AC1206/8 +https://github.com/Darry-lang1/vuln/tree/main/Tenda/AC1206/9 https://github.com/Darry-lang1/vuln/tree/main/Tenda/AX1803/1 https://github.com/Darry-lang1/vuln/tree/main/Tenda/AX1803/2 +https://github.com/Darry-lang1/vuln/tree/main/Tenda/AX1803/4 https://github.com/Darry-lang1/vuln/tree/main/Tenda/AX1803/5 +https://github.com/Darry-lang1/vuln/tree/main/Tenda/AX1803/6 https://github.com/Darry-lang1/vuln/tree/main/Tenda/AX1803/7 +https://github.com/Darry-lang1/vuln/tree/main/Tenda/AX1803/8 +https://github.com/DataDog/guarddog/security/advisories/GHSA-78m5-jpmf-ch7v https://github.com/DaveGamble/cJSON/issues/30 +https://github.com/DaveGamble/cJSON/issues/803 https://github.com/DaveGamble/cJSON/issues/839 +https://github.com/Daybreak2019/PoC_python3.9_Vul/blob/main/RecursionError-email.utils.parseaddr.py +https://github.com/DedSecInside/TorBot/security/advisories/GHSA-72qw-p7hh-m3ff +https://github.com/DelspoN/CVE/tree/master/CVE-2018-18695 https://github.com/DelspoN/CVE/tree/master/CVE-2019-18929 https://github.com/DelspoN/CVE/tree/master/CVE-2019-18930 https://github.com/DelspoN/CVE/tree/master/CVE-2019-18931 +https://github.com/Deng-JunFeng/cve-lists/tree/main/novel-plus/vuln +https://github.com/DengyigeFeng/vuln/issues/1 +https://github.com/Dheeraj-Deshmukh/stored-xss-in-Hospital-s-Patient-Records-Management-System https://github.com/DisguisedRoot/Exploit/blob/main/Persistent%20XSS/PoC https://github.com/DisguisedRoot/Exploit/blob/main/SQLInj/POC +https://github.com/Dmitriy-area51/Exploit/tree/master/CVE-2020-24038 https://github.com/Dodge-MPTC/CVE-2023-31445-Unprivileged-Information-Disclosure https://github.com/Dogfalo/materialize/issues/6286 +https://github.com/DojoSecurity/BMC-Control-M-Unauthenticated-SQL-Injection +https://github.com/DojoSecurity/Enterprise-Architect-SQL-Injection +https://github.com/Dolibarr/dolibarr/issues/20237 https://github.com/Dolibarr/dolibarr/issues/2857 https://github.com/Dolibarr/dolibarr/issues/4341 https://github.com/Dolibarr/dolibarr/issues/8000 https://github.com/DonnchaC/ubuntu-apport-exploitation +https://github.com/Double-q1015/CVE-vulns/blob/main/Tenda/i21/formAddSysLogRule/readme.md https://github.com/Double-q1015/CVE-vulns/blob/main/Tenda/i21/formSetDiagnoseInfo/readme.md https://github.com/Double-q1015/CVE-vulns/blob/main/Tenda/i21/formSetSnmpInfo/readme.md https://github.com/Double-q1015/CVE-vulns/blob/main/Tenda/i21/formSetSysPwd/readme.md @@ -112743,19 +113674,30 @@ https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/formSetDeviceName/ https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/formSetFirewallCfg/formSetFirewallCfg.md https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/formSetMacFilterCfg/formSetMacFilterCfg.md https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/formSetPPTPServer_endIp/formSetPPTPServer_endIp.md +https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/formSetVirtualSer/formSetVirtualSer.md https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/form_fast_setting_wifi_set_ssid/form_fast_setting_wifi_set_ssid.md +https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/form_fast_setting_wifi_set_timeZone/form_fast_setting_wifi_set_timeZone.md https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/fromSetIpMacBind/fromSetIpMacBind.md https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/fromSetSysTime/fromSetSysTime.md https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/fromSetWirelessRepeat/fromSetWirelessRepeat.md https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/setSchedWifi_schedEndTime/setSchedWifi_schedEndTime.md https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/setSchedWifi_schedStartTime/setSchedWifi_schedStartTime.md +https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/setSmartPowerManagement/setSmartPowerManagement.md https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6v1.0_vuln/Tenda%20AC6V1.0%20V15.03.05.19%20Stack%20overflow%20vulnerability.md +https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_f1203/GetParentControlInfo/GetParentControlInfo.md +https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_f1203/addWifiMacFilter_deviceMac/addWifiMacFilter_deviceMac.md +https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_f1203/formSetClientState_limitSpeedUp/formSetClientState_limitSpeedUp.md +https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_f1203/form_fast_setting_wifi_set/form_fast_setting_wifi_set.md +https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_f1203/fromAddressNat_page/fromAddressNat_page.md +https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_f1203/saveParentControlInfo_urls/saveParentControlInfo_urls.md https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_i22/formSetAppFilterRule/formSetAppFilterRule.md https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_i22/formSetCfm/formWifiMacFilterSet.md https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_i22/formWifiMacFilterSet/formWifiMacFilterSet.md https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_i22/formwrlSSIDget/formWifiMacFilterGet.md https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_i22/fromSysToolReboot/fromSysToolReboot.md https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_i22/fromSysToolRestoreSet/fromSysToolRestoreSet.md +https://github.com/Double-q1015/CVE-vulns/blob/main/totolink_t8/recvSlaveCloudCheckStatus_ip/recvSlaveCloudCheckStatus_ip.md +https://github.com/Double-q1015/CVE-vulns/blob/main/totolink_t8/recvSlaveCloudCheckStatus_version/recvSlaveCloudCheckStatus.md https://github.com/DoubleLabyrinth/SdoKeyCrypt-sys-local-privilege-elevation https://github.com/Doufox/Doufox/issues/7 https://github.com/DozerMapper/dozer/issues/217 @@ -112767,13 +113709,44 @@ https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-12409-RCE%20Vu https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-1332-Cross-Site%20Scripting-Microsoft%20SQL%20Server%20Reporting%20Services https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-14678-Unsafe%20XML%20Parsing-SAS%20XML%20Mapper https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-7656-PrivEscal-Wowza +https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2020-12625-Cross%20Site-Scripting%20via%20Malicious%20HTML%20Attachment-Roundcube +https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2020-12640-PHP%20Local%20File%20Inclusion-Roundcube +https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2020-12641-Command%20Injection-Roundcube +https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2020-13965-Cross%20Site-Scripting%20via%20Malicious%20XML%20Attachment-Roundcube +https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2020-14021-Arbitrary%20File%20Read-Ozeki%20SMS%20Gateway +https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2020-14022-Dangerous%20File%20Upload-Ozeki%20SMS%20Gateway +https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2020-14023-Server%20Side%20Request%20Forgery-Ozeki%20SMS%20Gateway +https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2020-14024-Multiple%20XSS-Ozeki%20SMS%20Gateway +https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2020-14025-Cross-Site%20Request%20Forgery-Ozeki%20SMS%20Gateway +https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2020-14026-Formula%20Injection-Ozeki%20SMS%20Gateway +https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2020-14027-MySQL%20LOAD%20DATA%20LOCAL%20INFILE%20Attack-Ozeki%20SMS%20Gateway +https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2020-14028-Arbitary%20File%20Write-Ozeki%20SMS%20Gateway +https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2020-14029-XXE-Ozeki%20SMS%20Gateway +https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2020-14030-RCE%20via%20.NET%20Deserialization-Ozeki%20SMS%20Gateway +https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2020-14031-Arbitary%20File%20Delete-Ozeki%20SMS%20Gateway https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2021-42558-Multiple%20XSS-MITRE%20Caldera https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2021-42560-Unsafe%20XML%20Parsing-MITRE%20Caldera https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2021-42561-Command%20Injection%20Via%20the%20Human%20Plugin-MITRE%20Caldera https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2021-42562-Improper%20Access%20Control-MITRE%20Caldera +https://github.com/Durian1546/vul/blob/main/webray.com.cn/Modbus%20Poll/poc/poc.mbp +https://github.com/Durian1546/vul/blob/main/webray.com.cn/Modbus%20Slave/Modbus%20Slave%20(version%207.5.1%20and%20earlier)%20mbs%20file%20has%20a%20buffer%20overflow%20vulnerability.md +https://github.com/Durian1546/vul/blob/main/webray.com.cn/Modbus%20Slave/poc/poc.mbs +https://github.com/Dyrandy/BugBounty/blob/main/pms/cve-2022-32393.md +https://github.com/Dyrandy/BugBounty/blob/main/pms/cve-2022-32394.md +https://github.com/Dyrandy/BugBounty/blob/main/pms/cve-2022-32395.md +https://github.com/Dyrandy/BugBounty/blob/main/pms/cve-2022-32396.md +https://github.com/Dyrandy/BugBounty/blob/main/pms/cve-2022-32397.md https://github.com/Dyrandy/BugBounty/blob/main/pms/cve-2022-32398.md +https://github.com/Dyrandy/BugBounty/blob/main/pms/cve-2022-32399.md https://github.com/Dyrandy/BugBounty/blob/main/pms/cve-2022-32401.md +https://github.com/Dyrandy/BugBounty/blob/main/pms/cve-2022-32402.md +https://github.com/Dyrandy/BugBounty/blob/main/pms/cve-2022-32404.md https://github.com/Dyrandy/BugBounty/blob/main/pms/cve-2022-32405.md +https://github.com/E1tex/CVE-2023-48104 +https://github.com/EagleTube/CloudPanel +https://github.com/Edubr2020/RP_DCP_Code_Exec +https://github.com/Edubr2020/RP_Import_RCE +https://github.com/Edubr2020/RealPlayer_G2_RCE https://github.com/Edward-L/fuzzing-pocs/tree/master/md4c https://github.com/ElberTavares/routers-exploit/tree/master/tp-link https://github.com/Elias-Black/Landing-CMS/issues/8 @@ -112784,10 +113757,13 @@ https://github.com/EmreOvunc/FHEM-6.0-Local-File-Inclusion-LFI-Vulnerability https://github.com/EmreOvunc/FileRun-Vulnerabilities/ https://github.com/EmreOvunc/FileRun-Vulnerabilities/issues/3 https://github.com/EmreOvunc/Medintux-V2.16.000-Reflected-XSS-Vulnerability +https://github.com/EmreOvunc/Nagios-Log-Server-2.1.7-Persistent-Cross-Site-Scripting +https://github.com/EmreOvunc/Nagios-XI-Reflected-XSS https://github.com/EmreOvunc/OpenEMR_Vulnerabilities https://github.com/EmreOvunc/OpenSource-ERP-SQL-Injection https://github.com/EmreOvunc/Vtiger-CRM-Vulnerabilities/ https://github.com/EmreOvunc/WebPort-v1.19.1-Reflected-XSS/ +https://github.com/Erebua/CVE/blob/main/Edimax.md https://github.com/Erebua/CVE/blob/main/N300_BR-6428nS%20V4/2/Readme.md https://github.com/Erebua/CVE/blob/main/N300_BR-6428nS%20V4/3/Readme.md https://github.com/Erebua/CVE/blob/main/N300_BR-6428nS%20V4/4/Readme.md @@ -112795,6 +113771,7 @@ https://github.com/Ers4tz/vuln/blob/master/74cms_5.2.8_SQLI.md https://github.com/Ers4tz/vuln/blob/master/qibosoft/qibosoft_v7_remote_code_execution.md https://github.com/Ettercap/ettercap/issues/782 https://github.com/Exiv2/exiv2/commit/a82098f4f90cd86297131b5663c3dec6a34470e8 +https://github.com/Exiv2/exiv2/commit/e884a0955359107f4031c74a07406df7e99929a5 https://github.com/Exiv2/exiv2/issues/1011 https://github.com/Exiv2/exiv2/issues/1019 https://github.com/Exiv2/exiv2/issues/187 @@ -112812,9 +113789,15 @@ https://github.com/Exiv2/exiv2/issues/428 https://github.com/Exiv2/exiv2/issues/561 https://github.com/Exiv2/exiv2/issues/711 https://github.com/Exiv2/exiv2/issues/712 +https://github.com/Exiv2/exiv2/issues/741 +https://github.com/Exiv2/exiv2/issues/742 +https://github.com/Exiv2/exiv2/issues/756 +https://github.com/Exiv2/exiv2/issues/759 +https://github.com/Exiv2/exiv2/issues/760 https://github.com/Exiv2/exiv2/issues/789 https://github.com/Exiv2/exiv2/issues/790 https://github.com/Exiv2/exiv2/issues/791 +https://github.com/Exiv2/exiv2/issues/828 https://github.com/Exiv2/exiv2/issues/841 https://github.com/Exiv2/exiv2/issues/843 https://github.com/Exiv2/exiv2/issues/845 @@ -112827,12 +113810,17 @@ https://github.com/Exiv2/exiv2/pull/1536 https://github.com/Exiv2/exiv2/pull/1657 https://github.com/Exiv2/exiv2/pull/518 https://github.com/Exiv2/exiv2/security/policy +https://github.com/Exopteron/BiblioRCE +https://github.com/F-ZhaoYang/jhead/security/advisories/GHSA-7pr6-xq4f-qhgc https://github.com/F0und-icu/CVEIDs/tree/main/TendaAC9 https://github.com/F0und-icu/TempName/tree/main/Dlink-823pro https://github.com/F0und-icu/TempName/tree/main/TendaAX18 +https://github.com/FCncdn/Appsmith-Js-Injection-POC +https://github.com/FCncdn/MybatisPlusTenantPluginSQLInjection-POC/blob/master/Readme.en.md https://github.com/FFmpeg/FFmpeg/blob/n6.1.1/libavcodec/cbs_h266_syntax_template.c#L2048 https://github.com/FFmpeg/FFmpeg/commit/22aa37c0fedf14531783189a197542a055959b6c https://github.com/FFmpeg/FFmpeg/commit/296debd213bd6dce7647cedd34eb64e5b94cdc92 +https://github.com/FFmpeg/FFmpeg/commit/4565747056a11356210ed8edcecb920105e40b60 https://github.com/FFmpeg/FFmpeg/commit/54655623a82632e7624714d7b2a3e039dc5faa7e https://github.com/FFmpeg/FFmpeg/commit/96349da5ec8eda9f0368446e557fe0c8ba0e66b7 https://github.com/FFmpeg/FFmpeg/commit/9ccc633068c6fe76989f487c8932bd11886ad65b @@ -112841,41 +113829,110 @@ https://github.com/FFmpeg/FFmpeg/commit/ba4beaf6149f7241c8bd85fe853318c2f6837ad0 https://github.com/FFmpeg/FFmpeg/commit/c42a1388a6d1bfd8001bf6a4241d8ca27e49326d https://github.com/FFmpeg/FFmpeg/commit/e724bd1dd9efea3abb8586d6644ec07694afceae https://github.com/FFmpeg/FFmpeg/commit/f31fc4755f69ab26bf6e8be47875b7dcede8e29e +https://github.com/FGasper/p5-Crypt-Perl/issues/14 https://github.com/FLIF-hub/FLIF/issues/501 https://github.com/FLIF-hub/FLIF/issues/541 https://github.com/FRRouting/frr/issues/11698 https://github.com/FRRouting/frr/issues/13098 https://github.com/FRRouting/frr/issues/13099 +https://github.com/Fanli2012/nbnbk/issues/5 https://github.com/FasterXML/jackson-databind/issues/2462 https://github.com/FasterXML/jackson-databind/issues/3972 https://github.com/FeMiner/wms/issues/12 +https://github.com/FedericoHeichou/DSL-N14U-XSS https://github.com/FireFart/HashCollision-DOS-POC/blob/master/HashtablePOC.py +https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/fromNatStaticSetting/report.md +https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/fromP2pListFilter/report.md +https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/fromSafeMacFilter/report.md +https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/fromqossetting/report.md +https://github.com/FirmRec/IoT-Vulns/tree/main/tenda/saveParentControlInfo https://github.com/FiyoCMS/FiyoCMS/issues/10 https://github.com/FiyoCMS/FiyoCMS/issues/11 https://github.com/FiyoCMS/FiyoCMS/issues/7 https://github.com/FiyoCMS/FiyoCMS/issues/9 +https://github.com/FlameNET/FlameCMS/issues/26 https://github.com/Flask-Middleware/flask-security/security/advisories/GHSA-6qmf-fj6m-686c https://github.com/FlaviuPopescu/CVE-2022-28986 https://github.com/FlaviuPopescu/Spigit-PoC https://github.com/Foddy/node-red-contrib-huemagic/issues/217 +https://github.com/Fovker8/cve/blob/main/rce.md +https://github.com/Frank-Z7/z-vulnerabilitys/blob/main/covid-19-vaccination-poc/covid-19-vaccination.md +https://github.com/Frank-Z7/z-vulnerabilitys/blob/main/jbig2dec-SEGV/jbig2dec-SEGV.md +https://github.com/FredrikNoren/ungit/pull/1510 +https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-422p-gj6x-93cw +https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-c3r2-pxxp-f8r6 +https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-c6vw-92h9-5w9v +https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-gc34-mw6m-g42x https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-hg53-9j9h-3c8f +https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-hm8c-rcjg-c8qp +https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-pwf9-v5p9-ch4f +https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q5v5-qhj5-mh6m +https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q9x9-cqjc-rgwq +https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rrrv-3w42-pffh +https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-whwr-qcf2-2mvj +https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-x3x5-r7jm-5pq2 +https://github.com/FreeTAKTeam/UI/issues/27 https://github.com/FreshRSS/FreshRSS/security/advisories/GHSA-8vvv-jxg6-8578 +https://github.com/FreySolarEye/CVE/blob/master/Battle%20Net%20Launcher%20Local%20Privilege%20Escalation +https://github.com/FreySolarEye/CVE/blob/master/Guild%20Wars%202%20-%20Local%20Privilege%20Escalation https://github.com/Frichetten/CVE-2019-5736-PoC +https://github.com/Frichetten/CVE-2020-11108-PoC +https://github.com/FrontAccountingERP/FA/issues/37 https://github.com/FrontAccountingERP/FA/issues/38 +https://github.com/Funcy33/Vluninfo_Repo/tree/main/CNVDs/104 +https://github.com/Funcy33/Vluninfo_Repo/tree/main/CNVDs/113_1 +https://github.com/Funcy33/Vluninfo_Repo/tree/main/CNVDs/113_2 https://github.com/Future-Depth/IMS/issues/1 https://github.com/Future-Depth/IMS/issues/2 https://github.com/Fysac/CVE-2019-20326 https://github.com/G37SYS73M/Advisory_G37SYS73M/blob/main/CVE-2022-36193/POC.md +https://github.com/G37SYS73M/CVE-2023-27742 https://github.com/GAO-UNO/cve/blob/main/sql.md +https://github.com/GD008/TENDA/blob/main/AX3/tenda_AX3_setBlackRule/AX3-setBlackRule.md +https://github.com/GD008/TENDA/blob/main/M3/cookie/M3_cookie.md +https://github.com/GD008/TENDA/blob/main/M3/delWlPolicyData/M3_delWlPolicyData.md +https://github.com/GD008/TENDA/blob/main/M3/getWeiXinConfig/M3_getWeiXinConfig.md +https://github.com/GD008/TENDA/blob/main/M3/setVlanInfo/M3_setVlanInfo.md +https://github.com/GD008/TENDA/blob/main/M3/telnet/M3_telnet.md +https://github.com/GD008/TENDA/blob/main/M3/upgrade/M3_upgrade.md +https://github.com/GD008/TENDA/blob/main/W9/W9_WifiMacFilterSet/W9_WifiMacFilterSet.md +https://github.com/GD008/TENDA/blob/main/W9/W9_execommand/W9_execommand.md +https://github.com/GD008/TENDA/blob/main/W9/W9_getDiagnoseInfo/W9_getDiagnoseInfo.md +https://github.com/GD008/TENDA/blob/main/W9/W9_setAutoPing/W9_setAutoPing.md +https://github.com/GD008/TENDA/blob/main/W9/W9_setDiagnoseInfo/W9_setDiagnoseInfo.md +https://github.com/GD008/TENDA/blob/main/W9/W9_setUplinkInfo/W9_setUplinkInfo.md +https://github.com/GD008/TENDA/blob/main/w30e/tenda_w30e_localMsg/w30e_localMsg.md +https://github.com/GD008/TENDA/blob/main/w30e/tenda_w30e_rebootMesh/w30e_rebootMesh.md +https://github.com/GD008/TENDA/blob/main/w30e/tenda_w30e_setFixTools/w30e_setFixTools.md +https://github.com/GD008/TENDA/blob/main/w30e/tenda_w30e_setIPv6Status/w30e_setIPv6Status.md +https://github.com/GENIVI/dlt-daemon/issues/274 +https://github.com/GUIqizsq/cve/blob/main/upload_1.md https://github.com/Galapag0s/Trendnet_TW100-S4W1CA/blob/main/writeup_XSS.txt +https://github.com/Gallopsled/pwntools/issues/1427 https://github.com/GetSimpleCMS/GetSimpleCMS/issues/1295 +https://github.com/Gi0rgi0R/xss_frontend_settings_blackcat_cms_1.4.1 +https://github.com/Gi0rgi0R/xss_installation_blackcat_cms_1.4.1 +https://github.com/GilaCMS/gila/issues/51 https://github.com/GilaCMS/gila/issues/57 +https://github.com/GleamingEyes/vul/blob/main/tenda_ac8/ac8_1.md https://github.com/Gnoxter/mountain_goat +https://github.com/GodEpic/JuQingCMS/issues/1 +https://github.com/GodEpic/Vulnerability-detection/blob/master/feifeicms/FeiFeiCMS_4.1_csrf.doc +https://github.com/GodEpic/Vulnerability-detection/blob/master/feifeicms/poc +https://github.com/GodEpic/chaojicms/issues/3 +https://github.com/GodEpic/chaojicms/issues/5 +https://github.com/GodEpic/chaojicms/issues/6 +https://github.com/Godfather-onec/cve/blob/main/sql.md +https://github.com/Graylog2/graylog2-server/security/advisories/GHSA-3fqm-frhg-7c85 +https://github.com/Graylog2/graylog2-server/security/advisories/GHSA-g96c-x7rh-99r3 https://github.com/GreenCMS/GreenCMS/issues/110 https://github.com/GreenCMS/GreenCMS/issues/114 +https://github.com/GreenCMS/GreenCMS/issues/115 https://github.com/GreycLab/CImg/issues/343 +https://github.com/GuillaumePetit84/CVE-2020-35488 https://github.com/HF9/yxcms-code-audit/blob/master/Any%20PHP%20Code%20Execution https://github.com/HH1F/KbaseDoc-v1.0-Arbitrary-file-deletion-vulnerability/blob/main/README.md +https://github.com/Ha0Liu/cveAdd/blob/developer/dst-admin%201.5.0%E5%90%8E%E5%8F%B0kickPlayer%E6%8E%A5%E5%8F%A3%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C/Dst-admin%201.5.0%20background%20kickPlayer%20interface%20remote%20command%20execution.md https://github.com/Ha0Team/crash-of-sqlite3/blob/master/poc.md https://github.com/Hack-Me/Pocs_for_Multi_Versions/tree/main/CVE-2015-9101 https://github.com/Hack-Me/Pocs_for_Multi_Versions/tree/main/CVE-2016-10092 @@ -112885,10 +113942,13 @@ https://github.com/Hack-Me/Pocs_for_Multi_Versions/tree/main/CVE-2016-9560 https://github.com/Hack-Me/Pocs_for_Multi_Versions/tree/main/CVE-2017-15045 https://github.com/Hack-Me/Pocs_for_Multi_Versions/tree/main/CVE-2017-6831 https://github.com/Hack-Me/Pocs_for_Multi_Versions/tree/main/CVE-2018-12900 +https://github.com/Hack-Me/Pocs_for_Multi_Versions/tree/main/CVE-2018-18557 https://github.com/Hack-Me/Pocs_for_Multi_Versions/tree/main/CVE-2018-6381 https://github.com/HackAllSec/CVEs/tree/main/Jan%20AFR%20vulnerability https://github.com/HackAllSec/CVEs/tree/main/Jan%20Arbitrary%20File%20Upload%20vulnerability https://github.com/Hackdwerg/CVE-2021-30109/blob/main/README.md +https://github.com/HadiMed/KINGSOFT-WPS-Office-LPE +https://github.com/HadiMed/firmware-analysis/blob/main/DSL-2750U%20(firmware%20version%201.6)/README.md https://github.com/Hakcoder/Simple-Online-Public-Access-Catalog-OPAC---SQL-injection/blob/main/POC https://github.com/Hanfu-l/POC-Exp/blob/main/The%20Human%20Resource%20Management%20System%20ci%20parameter%20is%20injected.pdf https://github.com/Hanfu-l/POC-Exp/blob/main/The%20Human%20Resource%20Management%20System%20cityedit%20parameter%20is%20injected.pdf @@ -112909,6 +113969,9 @@ https://github.com/Hckwzh/cms/blob/main/22.md https://github.com/Hckwzh/cms/blob/main/23.md https://github.com/Hckwzh/cms/blob/main/24.md https://github.com/Hckwzh/cms/blob/main/25.md +https://github.com/Hebing123/cve/issues/2 +https://github.com/Hebing123/cve/issues/28 +https://github.com/Hebing123/cve/issues/29 https://github.com/Hefei-Coffee/cve/blob/main/csrf.md https://github.com/Hefei-Coffee/cve/blob/main/sql.md https://github.com/Hefei-Coffee/cve/blob/main/sql2.md @@ -112933,7 +113996,14 @@ https://github.com/HerrLeStrate/CVE-2022-44276-PoC https://github.com/HolaAsuka/CVE/issues/1 https://github.com/HotelsDotCom/styx/security/advisories/GHSA-6v7p-v754-j89v https://github.com/HouqiyuA/k8s-rbac-poc +https://github.com/HtmlUnit/htmlunit/security/advisories/GHSA-37vq-hr2f-g7h7 https://github.com/HuangPayoung/CVE-request/tree/main/DLink/vuln2 +https://github.com/HuangYuHsiangPhone/CVEs/tree/main/TestLink/CVE-2022-35193 +https://github.com/HuangYuHsiangPhone/CVEs/tree/main/TestLink/CVE-2022-35194 +https://github.com/HuangYuHsiangPhone/CVEs/tree/main/TestLink/CVE-2022-35196 +https://github.com/HumanSignal/label-studio/security/advisories/GHSA-6hjj-gq77-j4qw +https://github.com/HumanSignal/label-studio/security/advisories/GHSA-p59w-9gqw-wj8r +https://github.com/HumanSignal/label-studio/security/advisories/GHSA-q68h-xwq5-mm7x https://github.com/HuskyHacks/CVE-2021-38699-Reflected-XSS https://github.com/HuskyHacks/CVE-2021-38699-Stored-XSS https://github.com/I-Schnee-I/cev/blob/main/D-LINK-DAR-8000-10_rce_importhtml.md @@ -112948,6 +114018,8 @@ https://github.com/ISCAS-Vulab/PoC_Nebula-Capsule-Pro-Wifi https://github.com/IbrahimEkimIsik/CVE-2022-28099/blob/main/SQL%20Injection%20For%20Poultry%20Farm%20Management%20system%201.0 https://github.com/Ickarah/CVE-2019-25137-Version-Research https://github.com/ImageMagick/ImageMagick/commit/30ccf9a0da1f47161b5935a95be854fe84e6c2a2 +https://github.com/ImageMagick/ImageMagick/commit/6ee5059cd3ac8d82714a1ab1321399b88539abf0 +https://github.com/ImageMagick/ImageMagick/commit/aa673b2e4defc7cad5bec16c4fc8324f71e531f1 https://github.com/ImageMagick/ImageMagick/issues/1009 https://github.com/ImageMagick/ImageMagick/issues/1020 https://github.com/ImageMagick/ImageMagick/issues/1025 @@ -112955,6 +114027,9 @@ https://github.com/ImageMagick/ImageMagick/issues/1072 https://github.com/ImageMagick/ImageMagick/issues/1149 https://github.com/ImageMagick/ImageMagick/issues/1177 https://github.com/ImageMagick/ImageMagick/issues/1178 +https://github.com/ImageMagick/ImageMagick/issues/1335 +https://github.com/ImageMagick/ImageMagick/issues/1336 +https://github.com/ImageMagick/ImageMagick/issues/1337 https://github.com/ImageMagick/ImageMagick/issues/1523 https://github.com/ImageMagick/ImageMagick/issues/1532 https://github.com/ImageMagick/ImageMagick/issues/1533 @@ -112965,8 +114040,11 @@ https://github.com/ImageMagick/ImageMagick/issues/1561 https://github.com/ImageMagick/ImageMagick/issues/1562 https://github.com/ImageMagick/ImageMagick/issues/1610 https://github.com/ImageMagick/ImageMagick/issues/1641 +https://github.com/ImageMagick/ImageMagick/issues/1723 +https://github.com/ImageMagick/ImageMagick/issues/1723#issuecomment-718275153 https://github.com/ImageMagick/ImageMagick/issues/1791 https://github.com/ImageMagick/ImageMagick/issues/1895 +https://github.com/ImageMagick/ImageMagick/issues/2624 https://github.com/ImageMagick/ImageMagick/issues/298 https://github.com/ImageMagick/ImageMagick/issues/347 https://github.com/ImageMagick/ImageMagick/issues/348 @@ -112974,6 +114052,7 @@ https://github.com/ImageMagick/ImageMagick/issues/350 https://github.com/ImageMagick/ImageMagick/issues/354 https://github.com/ImageMagick/ImageMagick/issues/3540 https://github.com/ImageMagick/ImageMagick/issues/362 +https://github.com/ImageMagick/ImageMagick/issues/4446 https://github.com/ImageMagick/ImageMagick/issues/466 https://github.com/ImageMagick/ImageMagick/issues/467 https://github.com/ImageMagick/ImageMagick/issues/469 @@ -113067,16 +114146,40 @@ https://github.com/ImageMagick/ImageMagick/issues/920 https://github.com/ImageMagick/ImageMagick/issues/921 https://github.com/ImageMagick/ImageMagick/issues/927 https://github.com/ImageMagick/ImageMagick/issues/998 +https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-j96m-mjp6-99xr https://github.com/ImageMagick/ImageMagick6/commit/1aea203eb36409ce6903b9e41fe7cb70030e8750 https://github.com/ImaizumiYui/bug_report/blob/main/vendors/oretnom23/Human%20Resource%20Management%20System/XSS-1.md +https://github.com/Indexhibit/indexhibit/issues/17 +https://github.com/Indexhibit/indexhibit/issues/18 +https://github.com/Indexhibit/indexhibit/issues/19 +https://github.com/Indexhibit/indexhibit/issues/21 +https://github.com/Indexhibit/indexhibit/issues/22 +https://github.com/InductiveComputerScience/pbJson/issues/2 https://github.com/InitRoot/CVE-2022-23342 https://github.com/IntellectualSites/FastAsyncWorldEdit/security/advisories/GHSA-whj9-m24x-qhhp +https://github.com/Intermesh/groupoffice/security/advisories/GHSA-vw6c-h82w-mvfv +https://github.com/InternationalColorConsortium/DemoIccMAX/issues/54 +https://github.com/InternationalColorConsortium/DemoIccMAX/pull/53 +https://github.com/InternationalColorConsortium/DemoIccMAX/pull/58 https://github.com/Iolop/Poc/tree/master/Router/Tenda https://github.com/IvanCql/vulnerability/blob/master/An%20NULL%20pointer%20dereference(DoS)%20Vulnerability%20was%20found%20in%20function%20%20aubio_source_avcodec_readframe%20of%20aubio.md https://github.com/IvanCql/vulnerability/blob/master/An%20NULL%20pointer%20dereference(DoS)%20Vulnerability%20was%20found%20in%20function%20swri_audio_convert%20of%20ffmpeg%20libswresample.md +https://github.com/J3rryBl4nks/CUPSEasyExploits +https://github.com/J3rryBl4nks/CandidATS/blob/master/AddAdminUserCSRF.md +https://github.com/J3rryBl4nks/IceHRM/blob/master/AddNewUserCSRF.md +https://github.com/J3rryBl4nks/IceHRM/blob/master/ChangeUserPasswordCSRF.md +https://github.com/J3rryBl4nks/PHPMyChatPlus/blob/master/SQLi.md +https://github.com/J3rryBl4nks/SOPlanning/blob/master/AddUserCSRF.md +https://github.com/J3rryBl4nks/SOPlanning/blob/master/AdminPasswordChangeCSRF.md +https://github.com/J3rryBl4nks/SOPlanning/blob/master/InjectionIcalShell.md +https://github.com/J3rryBl4nks/SchoolERPCSRF https://github.com/J6451/CVE-2023-31726 +https://github.com/JAckLosingHeart/CVE-2023-46442_POC/tree/main https://github.com/JBalanza/CVE-2022-44215 +https://github.com/JHHAX/CVE-2020-17453-PoC https://github.com/JLLeitschuh/security-research/security/advisories/GHSA-vpcc-9rh2-8jfp +https://github.com/JP1016/Markdown-Electron/issues/3 +https://github.com/JPeer264/node-git-commit-info/issues/24 https://github.com/JackDoan/TP-Link-ArcherC5-RCE https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/11xiaoli https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/360class.jansenhm @@ -113189,6 +114292,8 @@ https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/tinyse https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/tmock https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/wangguojing123 https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/zwserver +https://github.com/Jacky-Y/vuls/blob/main/vul6.md +https://github.com/JackyG0/Online-Accreditation-Management-System-v1.0-SQLi https://github.com/JameelNabbo/exploits/blob/master/IceWarp%20%3C%3D10.4.4%20local%20file%20include.txt https://github.com/JameelNabbo/exploits/blob/master/Maconomy%20Erp%20local%20file%20include.txt https://github.com/JameelNabbo/exploits/blob/master/nagiosxi%20username%20sql%20injection.txt @@ -113197,31 +114302,77 @@ https://github.com/JamesIT/vuln-advisories-/blob/master/EE-4GEE-Multiple-Vulns/C https://github.com/JamesIT/vuln-advisories-/blob/master/EE-4GEE-Multiple-Vulns/CSRF/CSRFPocRedirectSMS.html https://github.com/JamesIT/vuln-advisories-/blob/master/EE-4GEE-Multiple-Vulns/CSRF/CSRFPocResetDefaults.html https://github.com/JamesIT/vuln-advisories-/blob/master/EE-4GEE-Multiple-Vulns/CSRF/uploadBinarySettingsCSRFPoC.html +https://github.com/Jfox816/TOTOLINK-720R/blob/177ee39a5a8557a6bd19586731b0e624548b67ee/totolink%20720%20RCode%20Execution2.md https://github.com/Jfox816/TOTOLINK-720R/blob/fb6ba109ba9c5bd1b0d8e22c88ee14bdc4a75e6b/TOTOLINK%20720%20RCode%20Execution.md +https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33822.md https://github.com/JinYiTong/poc https://github.com/JiuBanSec/CVE/blob/main/VictorCMS%20SQL.md https://github.com/JojoCMS/Jojo-CMS/issues/30 +https://github.com/JunFengDeng/Cve-List/blob/main/novel-plus/20231027/vuln/readme.md https://github.com/Juniper/libslax/issues/51 https://github.com/Juniper/libslax/issues/52 https://github.com/KINGSABRI/CVE-in-Ruby/tree/master/CVE-2018-0833 https://github.com/KPN-CISO/CVE-2019-9745/blob/master/README.md +https://github.com/KamasuOri/publicResearch/tree/master/poc/irfanview/1 +https://github.com/KamasuOri/publicResearch/tree/master/poc/irfanview/2 +https://github.com/KamasuOri/publicResearch/tree/master/poc/irfanview/3 +https://github.com/Kazamayc/vuln/tree/main/TOTOLINK/X5000R/2 +https://github.com/Kazamayc/vuln/tree/main/TOTOLINK/X5000R/3 +https://github.com/Kazamayc/vuln/tree/main/TOTOLINK/X5000R/4 +https://github.com/Kazamayc/vuln/tree/main/TOTOLINK/X5000R/5 https://github.com/Kenun99/CVE-batdappboomx +https://github.com/Keyvanhardani/Exploit-eShop-Multipurpose-Ecommerce-Store-Website-3.0.4-Cross-Site-Scripting-XSS/blob/main/README.md https://github.com/KingBridgeSS/Online_Driving_School_Project_In_PHP_With_Source_Code_Vulnerabilities/blob/main/arbitrary_file_upload.md https://github.com/KingBridgeSS/Online_Driving_School_Project_In_PHP_With_Source_Code_Vulnerabilities/blob/main/sql_injection.md https://github.com/Kirin-say/Vulnerabilities/blob/master/CVE-2019-17266_POC.md +https://github.com/Kitesky/KiteCMS/issues/1 +https://github.com/Kitesky/KiteCMS/issues/10 +https://github.com/Kitesky/KiteCMS/issues/3 https://github.com/Kitsun3Sec/exploits/blob/master/cms/ovidentia/exploitSQLIOvidentia.txt https://github.com/Kitsun3Sec/exploits/blob/master/cms/ovidentia/exploitXSSOvidentia.txt https://github.com/Kliqqi-CMS/Kliqqi-CMS/issues/261 +https://github.com/KnowageLabs/Knowage-Server/security/advisories/GHSA-7mjh-73q3-c3fc +https://github.com/KnpLabs/snappy/security/advisories/GHSA-92rv-4j2h-8mjj +https://github.com/KnpLabs/snappy/security/advisories/GHSA-gq6w-q6wh-jggc https://github.com/Kotti/Kotti/issues/551 +https://github.com/Kubozz/rukovoditel-3.2.1/issues/2 https://github.com/Kyhvedn/CVE_Description/blob/master/CVE-2018-7720_Description.md https://github.com/Kyhvedn/CVE_Description/blob/master/Cobub_Razor_0.8.0_SQL_injection_description.md https://github.com/L1ziang/Vulnerability/blob/main/formAddMacfilterRule.md +https://github.com/LDAPAccountManager/lam/issues/170 +https://github.com/LLK/scratch-vm/pull/2476 +https://github.com/LMP88959/NTSC-CRT/issues/32 https://github.com/Le1a/CVE-2022-30040 +https://github.com/Le1a/Tenda-AX1803-Denial-of-service +https://github.com/Leeyangee/leeya_bug/blob/main/%5BWarning%5DSQL%20Injection%20in%20abupy%20%3C=%20v0.4.0.md https://github.com/LetUsFsck/PoC-Exploit-Mirror/tree/master/CVE-2017-16944 https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2022-47028/CVE%20detailed.md +https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2022-47029/CVE%20detailed.md +https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29733/CVE%20detail.md +https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29747/CVE%20detail.md +https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29751/CVE%20detailed.md +https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29758/CVE%20detailed.md +https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29767/CVE%20detailed.md https://github.com/LianKee/SODA/blob/main/CVEs/CVE-2022-47027/CVE%20detail.md +https://github.com/LianKee/SODA/blob/main/CVEs/CVE-2023-27645/CVE%20detail.md +https://github.com/LianKee/SODA/blob/main/CVEs/CVE-2023-27647/CVE%20detail.md +https://github.com/LianKee/SODA/blob/main/CVEs/CVE-2023-27648/CVE%20detail.md +https://github.com/LianKee/SODA/blob/main/CVEs/CVE-2023-27652/CVE%20detail.md +https://github.com/LibRaw/LibRaw/issues/269 +https://github.com/LibRaw/LibRaw/issues/270 +https://github.com/LibRaw/LibRaw/issues/271 +https://github.com/LibRaw/LibRaw/issues/272 +https://github.com/LibRaw/LibRaw/issues/273 +https://github.com/LibRaw/LibRaw/issues/279 +https://github.com/LibRaw/LibRaw/issues/283 +https://github.com/LibRaw/LibRaw/issues/301 +https://github.com/LibRaw/LibRaw/issues/330 +https://github.com/LibRaw/LibRaw/issues/334 +https://github.com/LibRaw/LibRaw/issues/335 https://github.com/LibRaw/LibRaw/issues/400 +https://github.com/LibRaw/LibRaw/issues/557 https://github.com/LibVNC/libvncserver/pull/137 +https://github.com/LibreCAD/LibreCAD/issues/1481 https://github.com/LibreDWG/libredwg/issues/176 https://github.com/LibreDWG/libredwg/issues/176#issue-541977765 https://github.com/LibreDWG/libredwg/issues/176#issuecomment-568643028 @@ -113232,52 +114383,119 @@ https://github.com/LibreDWG/libredwg/issues/176#issuecomment-568643383 https://github.com/LibreDWG/libredwg/issues/176#issuecomment-568643439 https://github.com/LibreDWG/libredwg/issues/178 https://github.com/LibreDWG/libredwg/issues/179#issue-544834443 +https://github.com/LibreDWG/libredwg/issues/179#issuecomment-570447025 +https://github.com/LibreDWG/libredwg/issues/179#issuecomment-570447068 https://github.com/LibreDWG/libredwg/issues/179#issuecomment-570447120 https://github.com/LibreDWG/libredwg/issues/179#issuecomment-570447169 https://github.com/LibreDWG/libredwg/issues/179#issuecomment-570447190 https://github.com/LibreDWG/libredwg/issues/179#issuecomment-570447223 +https://github.com/LibreDWG/libredwg/issues/182#issue-547887727 +https://github.com/LibreDWG/libredwg/issues/182#issuecomment-572890865 +https://github.com/LibreDWG/libredwg/issues/182#issuecomment-572890932 +https://github.com/LibreDWG/libredwg/issues/182#issuecomment-572890969 +https://github.com/LibreDWG/libredwg/issues/182#issuecomment-572891083 +https://github.com/LibreDWG/libredwg/issues/183 +https://github.com/LibreDWG/libredwg/issues/186 +https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574492468 +https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574492707 +https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574492816 +https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493046 +https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493134 +https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493364 +https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493607 +https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493684 +https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493775 +https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493857 +https://github.com/LibreDWG/libredwg/issues/190 +https://github.com/LibreDWG/libredwg/issues/248 https://github.com/LibreDWG/libredwg/issues/251 https://github.com/LibreDWG/libredwg/issues/252 https://github.com/LibreDWG/libredwg/issues/255 https://github.com/LibreDWG/libredwg/issues/256 https://github.com/LibreDWG/libredwg/issues/258 https://github.com/LibreDWG/libredwg/issues/262 +https://github.com/LibreDWG/libredwg/issues/324 +https://github.com/LibreDWG/libredwg/issues/325 https://github.com/LibreDWG/libredwg/issues/350 https://github.com/LibreDWG/libredwg/issues/351 https://github.com/LibreDWG/libredwg/issues/484 +https://github.com/LibreDWG/libredwg/issues/487 +https://github.com/LibreDWG/libredwg/issues/488 https://github.com/LibreDWG/libredwg/issues/489 +https://github.com/LibreDWG/libredwg/issues/490 +https://github.com/LibreDWG/libredwg/issues/492 https://github.com/LibreDWG/libredwg/issues/493 +https://github.com/LibreDWG/libredwg/issues/494 +https://github.com/LibreDWG/libredwg/issues/497 https://github.com/LibreDWG/libredwg/issues/524 +https://github.com/LibreDWG/libredwg/issues/615 +https://github.com/LibreDWG/libredwg/issues/677#BUG1 +https://github.com/LibreDWG/libredwg/issues/677#BUG2 +https://github.com/LibreDWG/libredwg/issues/681#BUG1 +https://github.com/LibreDWG/libredwg/issues/681#BUG2 +https://github.com/LibreHealthIO/lh-ehr/issues/1223 +https://github.com/Limesss/CVE-2023-36109/tree/main +https://github.com/Ling-Yizhou/zendframework3-/blob/main/zend%20framework3%20%E5%8F%8D%E5%BA%8F%E5%88%97%E5%8C%96%20rce.md https://github.com/LiodAir/images/blob/master/csrf.md https://github.com/Liyou-ZY/POC/issues/1 +https://github.com/Lnkvct/IoT-poc/tree/master/D-Link-DIR809/vuln02 https://github.com/Lnkvct/IoT-poc/tree/master/D-Link-DIR809/vuln03 +https://github.com/Lnkvct/IoT-poc/tree/master/D-Link-DIR809/vuln04 +https://github.com/Lnkvct/IoT-poc/tree/master/D-Link-DIR809/vuln11 https://github.com/LoRexxar/CVE_Request/tree/master/wordpress%20plugin%20updraftplus%20vulnerablity#authenticated--upload-file-and-php-code-execution https://github.com/LoRexxar/CVE_Request/tree/master/wordpress%20plugin%20updraftplus%20vulnerablity#authenticated-ssrf +https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#skinsclassicviewscontrolcapphp-reflected-xss +https://github.com/LuaJIT/LuaJIT/issues/601 +https://github.com/LuaJIT/LuaJIT/issues/603 https://github.com/LuaJIT/LuaJIT/pull/526 https://github.com/LucaBarile/CVE-2022-38604 +https://github.com/LucaBarile/CVE-2022-43293 +https://github.com/LucidUnicorn/CVE-2020-10560-Key-Recovery https://github.com/LyLme/lylme_spage/issues/91 https://github.com/LyLme/lylme_spage/issues/92 +https://github.com/Lyc-heng/routers/blob/main/routers/rce1.md +https://github.com/Lyc-heng/routers/blob/main/routers/stack1.md https://github.com/Lyc-heng/routers/blob/main/routers/stack2.md https://github.com/Lyc-heng/routers/blob/main/routers/stack3.md https://github.com/Lyc-heng/routers/blob/main/routers/stack4.md https://github.com/Lyrebirds/Fast8690-exploit +https://github.com/Lyther/VulnDiscover/blob/master/Web/ThinkPHP_InfoLeak.md +https://github.com/M0NsTeRRR/CVE-2020-24033 +https://github.com/M0NsTeRRR/S3900-24T4S-CSRF-vulnerability +https://github.com/M4DM0e/m4dm0e.github.io/blob/gh-pages/_posts/2020-12-07-ipeak-cms-sqli.md +https://github.com/M4DM0e/m4dm0e.github.io/blob/gh-pages/_posts/2021-01-04-mikrotik-xss-reflected.md https://github.com/MRdoulestar/CodeAnalyse/issues/2 https://github.com/MacDownApp/macdown/issues/1050 https://github.com/MacDownApp/macdown/issues/1076 +https://github.com/MacherCS/CVE_Evoh_Contract +https://github.com/MaherAzzouzi/CVE-2022-37703 https://github.com/MaherAzzouzi/CVE-2022-37704 https://github.com/MaherAzzouzi/CVE-2022-37705 https://github.com/MaherAzzouzi/CVE-2022-37706-LPE-exploit +https://github.com/MailCleaner/MailCleaner/issues/53 https://github.com/MalFuzzer/Vulnerability-Research/blob/master/TL-WR1043ND%20V2%20-%20TP-LINK/TL-WR1043ND_PoC.pdf https://github.com/ManhNDd/CVE-2019-19203 https://github.com/ManhNDd/CVE-2019-19204 +https://github.com/MarginResearch/FOISted +https://github.com/Martinzb/cve/blob/main/sql.md https://github.com/Marynk/JavaScript-vulnerability-detection/blob/main/minimist%20PoC.zip https://github.com/Marynk/JavaScript-vulnerability-detection/blob/main/sailsJS%20PoC.zip +https://github.com/MatJosephs/CVEs/tree/main/CVE-2023-48929 +https://github.com/MateusTesser/CVE-2023-43284 https://github.com/Matheus-Garbelini/esp32_esp8266_attacks https://github.com/Matroska-Org/foundation-source/issues/24 +https://github.com/Matroska-Org/libebml/issues/74 +https://github.com/Matthias-Wandel/jhead/issues/15 +https://github.com/Matthias-Wandel/jhead/issues/16 +https://github.com/Matthias-Wandel/jhead/issues/17 +https://github.com/Matthias-Wandel/jhead/issues/33 https://github.com/Matthias-Wandel/jhead/issues/36 +https://github.com/Matthias-Wandel/jhead/issues/7 https://github.com/MauroEldritch/VanCleef https://github.com/MauroEldritch/lempo +https://github.com/MegaTKC/AeroCMS/issues/11 https://github.com/MegaTKC/AeroCMS/issues/3 +https://github.com/Meizhi-hua/cve/blob/main/upload_file.md https://github.com/Mesh3l911/CVE-2021-31760 https://github.com/Mesh3l911/CVE-2021-31761 https://github.com/Mesh3l911/CVE-2021-31762 @@ -113288,15 +114506,25 @@ https://github.com/Mesh3l911/CVE-2021-32159 https://github.com/Mesh3l911/CVE-2021-32160 https://github.com/Mesh3l911/CVE-2021-32161 https://github.com/Mesh3l911/CVE-2021-32162 +https://github.com/Mesh3l911/Disource https://github.com/Mindwerks/wildmidi/issues/178 +https://github.com/MinoTauro2020/CVE-2023-43147/ https://github.com/Mint60/PHP/issues/1 https://github.com/MirahezeBots/sopel-channelmgnt/security/advisories/GHSA-23c7-6444-399m https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/166 +https://github.com/Moddable-OpenSource/moddable/issues/351 +https://github.com/Moddable-OpenSource/moddable/issues/431 +https://github.com/Moddable-OpenSource/moddable/issues/432 +https://github.com/Moddable-OpenSource/moddable/issues/440 +https://github.com/Moddable-OpenSource/moddable/issues/441 +https://github.com/Moddable-OpenSource/moddable/issues/442 https://github.com/Moddable-OpenSource/moddable/issues/580 https://github.com/Moddable-OpenSource/moddable/issues/585 https://github.com/Moddable-OpenSource/moddable/issues/586 https://github.com/Moddable-OpenSource/moddable/issues/587 https://github.com/Moddable-OpenSource/moddable/issues/896 +https://github.com/MoeMion233/cve/blob/main/1.md +https://github.com/MoeMion233/cve/blob/main/2.md https://github.com/Moeditor/Moeditor/issues/156 https://github.com/Mohitkumar0786/CVE/blob/main/CVE-2024-31648.md https://github.com/Mohitkumar0786/CVE/blob/main/CVE-2024-31649.md @@ -113310,39 +114538,83 @@ https://github.com/Mohitkumar0786/CVE/blob/main/CVE-2024-33305.md https://github.com/Mohitkumar0786/CVE/blob/main/CVE-2024-33306.md https://github.com/Mohitkumar0786/CVE/blob/main/CVE-2024-33307.md https://github.com/MonikaBrzica/scm/issues/1 +https://github.com/Motion-Project/motion/issues/1227#issuecomment-715927776 https://github.com/Mount4in/Mount4in.github.io/blob/master/poc.py +https://github.com/Mr-n0b3dy/CVE-2023-42362 https://github.com/MrTuxracer/advisories/blob/master/CVEs/CVE-2022-3747.txt https://github.com/MrTuxracer/advisories/blob/master/CVEs/CVE-2022-3861.txt https://github.com/MrTuxracer/advisories/blob/master/CVEs/CVE-2023-22620.txt https://github.com/MrTuxracer/advisories/blob/master/CVEs/CVE-2023-22897.txt https://github.com/MucahitSaratar/endian_firewall_authenticated_rce +https://github.com/MucahitSaratar/zencart_auth_rce_poc +https://github.com/NC3-LU/TestingPlatform/security/advisories/GHSA-9fhc-f3mr-w6h6 +https://github.com/NC3-LU/TestingPlatform/security/advisories/GHSA-mmpf-rw6c-67mm https://github.com/NSSCYCTFER/SRC-CVE +https://github.com/Nacl122/CVEReport/blob/main/CVE-2023-42286/CVE-2023-42286.md https://github.com/NagVis/nagvis/issues/91 +https://github.com/NanKeXXX/selfVuln_poc/blob/main/whaleal%3Aicefrog/icefrog_1.1.8_RCE.md https://github.com/NationalSecurityAgency/ghidra/issues/4869 https://github.com/NationalSecurityAgency/ghidra/issues/71 https://github.com/NationalSecurityAgency/ghidra/issues/943 https://github.com/NaturalIntelligence/wp-thumb-post/issues/1 +https://github.com/Neeke/HongCMS/issues/15 https://github.com/Neeke/HongCMS/issues/4 +https://github.com/Nhoya/MycroftAI-RCE +https://github.com/Ni9htMar3/vulnerability/blob/master/PLC/DCCE/DCCE%20MAC1100%20PLC_DOS.md +https://github.com/Ni9htMar3/vulnerability/blob/master/PLC/DCCE/DCCE%20MAC1100%20PLC_leak.md +https://github.com/Ni9htMar3/vulnerability/blob/master/PLC/DCCE/DCCE%20MAC1100%20PLC_leak2.md +https://github.com/Ni9htMar3/vulnerability/blob/master/PLC/DCCE/DCCE%20MAC1100%20PLC_read.md +https://github.com/Ni9htMar3/vulnerability/blob/master/PLC/DCCE/DCCE%20MAC1100%20PLC_start-stop.md +https://github.com/Ni9htMar3/vulnerability/blob/master/PLC/DCCE/DCCE%20MAC1100%20PLC_upload.md https://github.com/Ni9htMar3/vulnerability/blob/master/zzcms_8.2/adv2.php.md https://github.com/Ni9htMar3/vulnerability/blob/master/zzcms_8.2/install.md https://github.com/Ni9htMar3/vulnerability/blob/master/zzcms_8.2/licence_save.php.md https://github.com/Ni9htMar3/vulnerability/blob/master/zzcms_8.2/manage.php.md https://github.com/Ni9htMar3/vulnerability/blob/master/zzcms_8.2/ppsave.php.md +https://github.com/NoneShell/Vulnerabilities/blob/main/NETGEAR/WNR2000v4-1.0.0.70-Authorized-Command-Injection.md https://github.com/NtRaiseHardError/Antimalware-Research/blob/master/K7%20Security/Local%20Privilege%20Escalation/v16.0.0120/README.md https://github.com/NucleusCMS/NucleusCMS/issues/83 +https://github.com/OP-TEE/optee_os/security/advisories/GHSA-jrw7-63cq-7vhm https://github.com/OS4ED/openSIS-Classic/issues/158 https://github.com/OS4ED/openSIS-Classic/issues/248 +https://github.com/OYyunshen/Poc/blob/main/Novel-PlusSqli1.pdf +https://github.com/OYyunshen/Poc/blob/main/Novel-PlusV3.6.2Sqli.pdf https://github.com/Off3nS3c/CVE-2022-29932/blob/main/Proof-of-Concept.md +https://github.com/OffensiveOceloot/advisories/blob/main/CVE-2020-17381.md https://github.com/Ombi-app/Ombi/security/advisories/GHSA-28j3-84m7-gpjp https://github.com/OoLs5/VulDiscovery/blob/main/monstra_xss.pdf https://github.com/OoLs5/VulDiscovery/blob/main/poc.docx https://github.com/OpenAPITools/openapi-generator/issues/2253 +https://github.com/OpenImageIO/oiio/issues/3871 +https://github.com/OpenImageIO/oiio/issues/3947 +https://github.com/OpenMage/magento-lts/security/advisories/GHSA-9358-cpvx-c2qp +https://github.com/OpenPrinting/cups/security/advisories/GHSA-cxc6-w2g7-69p7 +https://github.com/OpenPrinting/cups/security/advisories/GHSA-pf5r-86w9-678h +https://github.com/OpenPrinting/libppd/security/advisories/GHSA-4f65-6ph5-qwh6 +https://github.com/OpenRefine/OpenRefine/security/advisories/GHSA-p3r5-x3hr-gpg5 +https://github.com/OpenRefine/OpenRefine/security/advisories/GHSA-qqh2-wvmv-h72m +https://github.com/OpenSC/OpenSC/issues/2792#issuecomment-1674806651 +https://github.com/OpenTSDB/opentsdb/commit/07c4641471c6f5c2ab5aab615969e97211eb50d9 +https://github.com/OpenTSDB/opentsdb/issues/2051 +https://github.com/OpenXiangShan/XiangShan/issues/2534 +https://github.com/Oracle-Security/CVEs/blob/main/FloorsightSoftware/CVE-2023-45892.md +https://github.com/Oracle-Security/CVEs/blob/main/QStar%20Archive%20Solutions/CVE-2023-51062.md +https://github.com/Oracle-Security/CVEs/blob/main/QStar%20Archive%20Solutions/CVE-2023-51063.md +https://github.com/Oracle-Security/CVEs/blob/main/QStar%20Archive%20Solutions/CVE-2023-51064.md +https://github.com/Oracle-Security/CVEs/blob/main/QStar%20Archive%20Solutions/CVE-2023-51065.md +https://github.com/Oracle-Security/CVEs/blob/main/QStar%20Archive%20Solutions/CVE-2023-51066.md +https://github.com/Oracle-Security/CVEs/blob/main/QStar%20Archive%20Solutions/CVE-2023-51067.md +https://github.com/Oracle-Security/CVEs/blob/main/QStar%20Archive%20Solutions/CVE-2023-51068.md +https://github.com/Oracle-Security/CVEs/blob/main/QStar%20Archive%20Solutions/CVE-2023-51071.md +https://github.com/OraclePi/repo/blob/main/totolink%20A3700R/1/A3700R%20%20V9.1.2u.6165_20211012%20vuln.md https://github.com/Orange-Cyberdefense/CVE-repository https://github.com/Orange-Cyberdefense/CVE-repository/blob/master/PoCs/POC_CVE-2021-44032_Kevin.md https://github.com/Orange-Cyberdefense/CVE-repository/blob/master/PoCs/poc_geomatika_isigeoweb.md https://github.com/Orange-Cyberdefense/CVE-repository/tree/master https://github.com/Oudaorui/bug_report/blob/main/vendors/oretnom23/Food%20Ordering%20Management%20System/XSS-1.md +https://github.com/Outpost24/Pyrescom-Termod-PoC https://github.com/Overv/Open.GL/issues/56 +https://github.com/P3ngu1nW/CVE_Request/blob/main/erlang-jose.md https://github.com/PAGalaxyLab/VulInfo/blob/master/D-Link/DIR-816/edit_sys_account/README.md https://github.com/PAGalaxyLab/VulInfo/blob/master/D-Link/DIR-816/edit_web_and_sys_account/README.md https://github.com/PAGalaxyLab/VulInfo/blob/master/D-Link/DIR-816/remote_cmd_exec_0/README.md @@ -113353,16 +114625,67 @@ https://github.com/PAGalaxyLab/VulInfo/blob/master/TP-Link/WR886N/inetd_task_dos https://github.com/PAGalaxyLab/VulInfo/tree/master/D-Link/DIR-816/cmd_injection_1 https://github.com/PAGalaxyLab/VulInfo/tree/master/D-Link/DIR-816/cmd_injection_2 https://github.com/PAGalaxyLab/VulInfo/tree/master/D-Link/DIR-816/stack_overflow_1 +https://github.com/PHPFusion/PHPFusion/issues/2314 https://github.com/PX4/PX4-Autopilot/issues/17062 +https://github.com/PX4/PX4-Autopilot/security/advisories/GHSA-5hvv-q2r5-rppw +https://github.com/PX4/PX4-Autopilot/security/advisories/GHSA-qpw7-65ww-wj82 https://github.com/PabloMK7/ENLBufferPwn +https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-001.md +https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-002.md +https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-003.md +https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-004.md +https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-005.md +https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-006.md +https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-007.md +https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-009.md +https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-011.md +https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-014.md +https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-017.md +https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-019.md +https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-021.md +https://github.com/Pandora1m2/zzcms201910/issues/1 https://github.com/PaquitoSoft/Notimoo/issues/3 +https://github.com/Pastea/CVE-2023-51810 +https://github.com/Paxa/postbird/issues/132 +https://github.com/Paxa/postbird/issues/133 +https://github.com/Paxa/postbird/issues/134 +https://github.com/Pbootcms/Pbootcms/issues/8 +https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/NFine-Rapid-development-platform-has-weak-password-vulnerability.md +https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/Online%20Discussion%20Forum%20Site%20-%20multiple%20vulnerabilities.md +https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/Online%20Discussion%20Forum%20Site%20-%20multiple%20vulnerabilities.md#10xss-vulnerability-in-adminpostsmanage_postphptitle +https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/Online%20Discussion%20Forum%20Site%20-%20multiple%20vulnerabilities.md#11xss-vulnerability-in-adminpostsmanage_postphpcontent +https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/Online%20Discussion%20Forum%20Site%20-%20multiple%20vulnerabilities.md#4sql-injection-vulnerability-in-adminusermanage_userphp +https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/Online%20Discussion%20Forum%20Site%20-%20multiple%20vulnerabilities.md#5sql-injection-vulnerability-in-adminpostsview_postphp +https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/Online%20Discussion%20Forum%20Site%20-%20multiple%20vulnerabilities.md#6sql-injection-vulnerability-in-adminpostsmanage_postphp +https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/Online%20Discussion%20Forum%20Site%20-%20multiple%20vulnerabilities.md#7sql-injection-vulnerability-in-admincategoriesview_categoryphp +https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/Online%20Discussion%20Forum%20Site%20-%20multiple%20vulnerabilities.md#8sql-injection-vulnerability-in-admincategoriesmanage_categoryphp +https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/Online%20Discussion%20Forum%20Site%20-%20multiple%20vulnerabilities.md#9sql-injection-vulnerability-in-classesusersphppost +https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/Service%20Provider%20Management%20System%20-%20multiple%20vulnerabilities.md +https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/The%20NFine%20rapid%20development%20platform%20Organize-GetTreeGridJson%20has%20unauthorized%20access%20vulnerability.md +https://github.com/Peppermint-Lab/peppermint/issues/171 +https://github.com/PinaeOS/py-xml/issues/2 https://github.com/Pingkon/HMS-PHP/issues/1 +https://github.com/Piwigo/AdminTools/issues/21 +https://github.com/Piwigo/Piwigo/issues/1157 +https://github.com/Piwigo/Piwigo/issues/1158 https://github.com/Piwigo/Piwigo/issues/1605 +https://github.com/Piwigo/Piwigo/issues/1908 +https://github.com/Piwigo/Piwigo/issues/2069 https://github.com/Piwigo/Piwigo/issues/721 https://github.com/Piwigo/Piwigo/issues/804 https://github.com/Piwigo/Piwigo/issues/839 +https://github.com/Piwigo/Piwigo/security/advisories/GHSA-qg85-957m-7vgg +https://github.com/PopojiCMS/PopojiCMS/issues/13 +https://github.com/PopojiCMS/PopojiCMS/issues/14 +https://github.com/PopojiCMS/PopojiCMS/issues/16 +https://github.com/PopojiCMS/PopojiCMS/issues/23 +https://github.com/PopojiCMS/PopojiCMS/issues/31 +https://github.com/PoppingSnack/VulReport/issues/12 +https://github.com/PrivateBin/PrivateBin/security/advisories/GHSA-8j72-p2wm-6738 https://github.com/PrivateBin/PrivateBin/security/advisories/GHSA-cqcc-mm6x-vmvw https://github.com/ProxymanApp/Proxyman/issues/364 +https://github.com/PumpkinBridge/cve/blob/main/rce.md +https://github.com/Push3AX/vul/blob/main/viessmann/Vitogate300_HardcodedPassword.md https://github.com/QQ704568679/YXcms-Code-audit/blob/master/Yxcms%20Code%20audit https://github.com/Qrayyy/CVE/blob/main/Dairy%20Farm%20Shop%20Management%20System/sales-report-ds-sql(CVE-2022-40944).md https://github.com/Quadron-Research-Lab/Hardware-IoT/blob/main/d-link_dir-825_R2.pdf @@ -113370,9 +114693,22 @@ https://github.com/Quadron-Research-Lab/Hardware-IoT/blob/main/tp-link%20tl-wr84 https://github.com/Quadron-Research-Lab/Hardware-IoT/blob/main/tp-link%20tl-wr840n_X_TP_ClonedMACAddress%3D.pdf https://github.com/Quadron-Research-Lab/Hardware-IoT/blob/main/tp-link%20tl-wr840n_httpRemotePort%3D.pdf https://github.com/Quadron-Research-Lab/Hardware-IoT/blob/main/tp-link%20tl-wr840n_minAddress%3D.pdf +https://github.com/QuantConnect/Lean/issues/3537 +https://github.com/RCEraser/cve/blob/main/ForU-CMS.md +https://github.com/RCEraser/cve/blob/main/S85F.md +https://github.com/RCEraser/cve/blob/main/rce.md +https://github.com/RCEraser/cve/blob/main/sql_inject_2.md +https://github.com/RCEraser/cve/blob/main/sql_inject_3.md +https://github.com/RCEraser/cve/blob/main/sql_inject_4.md +https://github.com/RCEraser/cve/blob/main/sql_inject_5.md +https://github.com/RCEraser/cve/blob/main/tongda.md +https://github.com/RCEraser/cve/blob/main/wanjiang.md https://github.com/RO6OTXX/pescms_vulnerability https://github.com/Ramansh123454/POCs/blob/main/CSMS_RCE https://github.com/Ramansh123454/POCs/blob/main/POC +https://github.com/Ramikan/Vulnerabilities/blob/master/GoAhead%20Web%20server%20HTTP%20Header%20Injection +https://github.com/Ramikan/Vulnerabilities/blob/master/SCO%20Openserver%20OS%20Command%20Injection%20Vulnerability +https://github.com/Ramikan/Vulnerabilities/blob/master/SCO%20Openserver%20XSS%20%26%20HTML%20Injection%20vulnerability https://github.com/RashidKhanPathan/CVE-2022-38813 https://github.com/RashidKhanPathan/CVE-2022-40471 https://github.com/RashidKhanPathan/CVE-2022-41445 @@ -113380,20 +114716,46 @@ https://github.com/RashidKhanPathan/CVE-2022-41446 https://github.com/RashidKhanPathan/CVE-2022-43117 https://github.com/RashidKhanPathan/CVE-2022-44830 https://github.com/RashidKhanPathan/WindowsPrivilegeEscalation/blob/main/DLL%20Hijacking/CVE-2022-44939/Research.txt +https://github.com/ReCryptLLC/CVE-2022-42045/tree/main +https://github.com/ReFirmLabs/binwalk/pull/617 https://github.com/RealLinkers/CVE-2019-17427 https://github.com/RealLinkers/CVE-2019-18890 +https://github.com/RedisGraph/RedisGraph/issues/3178 +https://github.com/RhinoSecurityLabs/CVEs +https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2018-20621 +https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2018-5757 +https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2019-16864 https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2019-9757 https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2019-9758 https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2019-9926 +https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47320 +https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47321 +https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47322 +https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47323 +https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47324 +https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47325 +https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47326 +https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47327 +https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2024-23724 +https://github.com/RichTrouble/mp4v2_mp4track_poc/blob/main/id_000000%2Csig_08%2Csrc_001076%2Ctime_147809374%2Cexecs_155756872%2Cop_havoc%2Crep_8 +https://github.com/Richard1266/aikcms/issues/2 https://github.com/RiieCco/write-ups/tree/master/CVE-2019-9659 +https://github.com/RioIsDown/TC7337 +https://github.com/RisingStack/protect/issues/16 https://github.com/RobertDra/CVE-2021-31862/blob/main/README.md https://github.com/RootUp/PersonalStuff/blob/master/Telegram_Privacy.pdf +https://github.com/Ruia-ruia/Exploits/blob/master/DFX11details.txt +https://github.com/RustCrypto/AEADs/security/advisories/GHSA-423w-p2w9-r7vq +https://github.com/S1lkys/CVE-2020-29669 +https://github.com/S1lkys/CVE-2023-30367-mRemoteNG-password-dumper https://github.com/S4nshine/CVE-2023-23169 https://github.com/SECFORCE/CVE-2018-8941 https://github.com/SQSamir/CVE-2021-27328 https://github.com/SadFud/Exploits/tree/master/Real%20World/SCADA%20-%20IOT%20Systems/CVE-2018-7812 https://github.com/SadFud/Exploits/tree/master/Real%20World/Suites/cir-pwn-life https://github.com/SakuraSamuraii/ez-iRZ +https://github.com/Samsung/mTower/issues/83 +https://github.com/Samuel-Tyler/fast_ber/issues/30 https://github.com/SaumyajeetDas/POC-of-CVE-2022-36271 https://github.com/ScottyBauer/Android_Kernel_CVE_POCs/blob/master/CVE-2017-8260.c https://github.com/Seagate/cortx-s3server/issues/1037 @@ -113401,15 +114763,21 @@ https://github.com/SecureAuthCorp/impacket/releases https://github.com/SecuriTrust/CVEsLab/tree/main/CVE-2022-2551 https://github.com/SecuriTrust/CVEsLab/tree/main/CVE-2022-2552 https://github.com/Security-AVS/CVE-2019-13633 +https://github.com/Security-AVS/CVE-2020-16270 +https://github.com/SegfaultMasters/covering360/blob/master/tcpreplay/README.md#use-after-free-in-post_args https://github.com/Sentinal920/WPanel4-Authenticated-RCE +https://github.com/Serhatcck/cves/blob/main/CVE-2023-48016-restaurant-table-booking-system-SQLInjection.md https://github.com/ShielderSec/cve-2017-18635 +https://github.com/Shumerez/CVE-2023-48858 https://github.com/Sigil-Ebook/flightcrew/issues/52 https://github.com/Sigil-Ebook/flightcrew/issues/52#issuecomment-505967936 https://github.com/Sigil-Ebook/flightcrew/issues/52#issuecomment-505997355 https://github.com/SimbCo/httpster/pull/36 https://github.com/SinGooCMS/SinGooCMSUtility/issues/1 +https://github.com/SlashXzerozero/Injection-vulnerability-in-Paradox-Security-Systems-IPR512 https://github.com/Slovejoy/dnsmasq-pre2.76 https://github.com/Snowty/myCVE/blob/master/CraftCMS-2.6.3000/README.md +https://github.com/SomeBottle/OBottle/issues/6 https://github.com/Sospiro014/zday1/blob/main/Execution_After_Redirect.md https://github.com/Sospiro014/zday1/blob/main/Image_Accordion_Gallery.md https://github.com/Sospiro014/zday1/blob/main/Laboratory_Management_System.md @@ -113420,14 +114788,30 @@ https://github.com/Sospiro014/zday1/blob/main/xss_1.md https://github.com/SouhailHammou/Exploits/blob/master/CVE-2019-14694%20-%20Comodo%20AV%20Sandbox%20Race%20Condition%20UAF/comodo_av_uaf_poc.c https://github.com/SouhailHammou/Panda-Antivirus-LPE https://github.com/SpengeSec/CVE-2019-19699 +https://github.com/SpikeReply/advisories/blob/main/cve/trendnet/cve-2023-51146.md +https://github.com/SpikeReply/advisories/blob/main/cve/trendnet/cve-2023-51147.md +https://github.com/SpikeReply/advisories/blob/main/cve/trendnet/cve-2023-51148.md +https://github.com/Squidex/squidex/security/advisories/GHSA-xfr4-qg2v-7v5m https://github.com/StarCitizenTools/mediawiki-skins-Citizen/security/advisories/GHSA-jhm6-qjhq-5mf9 https://github.com/Starcounter-Jack/JSON-Patch/pull/262 +https://github.com/Stevenbaga/fengsha/blob/main/H3C/GR-1200W/SetTftpUpgrad.md +https://github.com/Stevenbaga/fengsha/blob/main/H3C/GR-1200W/aVersionSet.md +https://github.com/Stevenbaga/fengsha/blob/main/W20E/formIPMacBindModify.md +https://github.com/Stevenbaga/fengsha/blob/main/W20E/formSetStaticRoute.md https://github.com/Stitch3612/cve/blob/main/rce.md +https://github.com/StolidWaffle/AVer-PTZApp2 https://github.com/Stranger6667/pyanyapi/issues/41 https://github.com/Studio-42/elFinder/issues/3295 https://github.com/SukaraLin/php_code_audit_project/blob/master/dedecms/dedecms%20v5.7%20sp2%20%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1.md https://github.com/SxB64/mxgraph-xss-vul/wiki https://github.com/Sylon001/NVS-365-Camera/tree/master/NVS365%20Network%20Video%20Server%20Password%20Information%20Unauthorized%20Access%20Vulnerability +https://github.com/TAPESH-TEAM/CVE-2020-17456-Seowon-SLR-120S42G-RCE-Exploit-Unauthenticated +https://github.com/TTY-flag/my_iot_vul/tree/main/COMFAST/CF-XR11/Command_Inject1 +https://github.com/TTY-flag/my_iot_vul/tree/main/COMFAST/CF-XR11/Command_Inject3 +https://github.com/TTY-flag/my_iot_vul/tree/main/COMFAST/CF-XR11/Command_Inject4 +https://github.com/TTY-flag/my_iot_vul/tree/main/COMFAST/CF-XR11/Command_Inject5 +https://github.com/TTY-flag/my_iot_vul/tree/main/WAVLINK/WL-WN575A3 +https://github.com/Tanguy-Boisset/CVE/blob/master/CVE-2023-52059/README.md https://github.com/Tardis07/CVE_GO/blob/master/zzzphp_code_execution_v1.7.3.md https://github.com/Tatsh/pngdefry/issues/1 https://github.com/TeamEasy/EasyCMS/issues/8 @@ -113440,18 +114824,31 @@ https://github.com/TeamSeri0us/pocs/tree/master/faad https://github.com/TeamSeri0us/pocs/tree/master/gerbv https://github.com/TeamSeri0us/pocs/tree/master/libofx https://github.com/TeamSeri0us/pocs/tree/master/lmdb/FPE +https://github.com/TeamSeri0us/pocs/tree/master/lmdb/lmdb%20initialization%20vuln +https://github.com/TeamSeri0us/pocs/tree/master/lmdb/lmdb%20memcpy%20illegal%20dst https://github.com/TeamSeri0us/pocs/tree/master/lmdb/lmdb%20memory%20corruption%20vuln +https://github.com/TeamSeri0us/pocs/tree/master/lmdb/lmdb%20write%20to%20illegal%20address +https://github.com/TeamSeri0us/pocs/tree/master/mupdf https://github.com/TeamSeri0us/pocs/tree/master/mupdf/20181203 +https://github.com/TeamSeri0us/pocs/tree/master/pdfalto https://github.com/TeamSeri0us/pocs/tree/master/recutils https://github.com/TeamSeri0us/pocs/tree/master/recutils/bug-report-recutils/rec2csv https://github.com/TeamSeri0us/pocs/tree/master/recutils/bug-report-recutils/recfix https://github.com/TeamSeri0us/pocs/tree/master/xpdf https://github.com/TeamSeri0us/pocs/tree/master/xpdf/2018_10_16/pdftoppm https://github.com/TeamSeri0us/pocs/tree/master/xpdf/4.01.01 +https://github.com/TechSmith/mp4v2/issues/74 +https://github.com/Tencent/vConsole/issues/616 +https://github.com/TestLinkOpenSourceTRMS/testlink-code/pull/357 https://github.com/The-Itach1/IOT-CVE/tree/master/Tenda/AX12/1 +https://github.com/The-Itach1/IOT-CVE/tree/master/Tenda/AX12/2 +https://github.com/The-Itach1/IOT-CVE/tree/master/Tenda/AX12/3 https://github.com/The-Itach1/IOT-CVE/tree/master/Tenda/AX12/4 https://github.com/The-Itach1/IOT-CVE/tree/master/Tenda/AX12/6 +https://github.com/TheCyberGeek/CVE-2020-5844 +https://github.com/TheGetch/CVE-2022-23378 https://github.com/TheGetch/CVE-2022-29597 +https://github.com/TheGetch/CVE-2022-29598 https://github.com/TheHackingRabbi/CVE-2021-42662 https://github.com/TheHackingRabbi/CVE-2021-42663 https://github.com/TheHackingRabbi/CVE-2021-42665 @@ -113461,44 +114858,88 @@ https://github.com/TheHackingRabbi/CVE-2021-42668 https://github.com/TheHackingRabbi/CVE-2021-42669 https://github.com/TheHackingRabbi/CVE-2021-42670 https://github.com/TheHackingRabbi/CVE-2021-42671 +https://github.com/Thecosy/IceCMS/issues/8 https://github.com/Thinstation/thinstation/issues/427 +https://github.com/Thirukrishnan/CVE-2023-33408 +https://github.com/Thirukrishnan/CVE-2023-33409 +https://github.com/Thirukrishnan/CVE-2023-33410 https://github.com/This-is-Y/baijiacms-RCE https://github.com/Thomas-Tsai/partclone/issues/71 https://github.com/Thomas-Tsai/partclone/issues/82 +https://github.com/Tiamat-ron/cms/blob/main/The%20deletion%20function%20of%20the%20Article%20Management%20Office%20exists%20in%20CSRF.md +https://github.com/Tiamat-ron/cms/blob/main/There%20is%20a%20csrf%20in%20the%20article%20management%20modification%20section.md https://github.com/Timorlover/CVE-2023-23333 https://github.com/Timorlover/SolarView_Compact_6.0_rce_via_network_test.php +https://github.com/TinkAnet/cve/blob/main/sql2.md +https://github.com/TishaManandhar/Superstore-sql-poc/blob/main/SQL +https://github.com/TishaManandhar/Webmin_xss_POC/blob/main/XSS +https://github.com/To-LingJing/CVE-Issues/blob/main/baijiacms/upload_file.md https://github.com/ToughRunner/Open5gs_bugreport https://github.com/ToughRunner/Open5gs_bugreport2 https://github.com/ToughRunner/Open5gs_bugreport3 https://github.com/ToughRunner/Open5gs_bugreport4 +https://github.com/Toxich4/CVE-2022-32199 +https://github.com/Toxich4/CVE-2023-30459 +https://github.com/Toxich4/CVE-2023-33253 +https://github.com/TplusSs/PbootCMS/issues/1 +https://github.com/Tr0e/CVE_Hunter/blob/main/RCE-2.md https://github.com/Tr0e/CVE_Hunter/blob/main/RCE-3.md https://github.com/Tr0e/CVE_Hunter/blob/main/SQLi-3.md https://github.com/Tr0e/CVE_Hunter/blob/main/XSS-1.md https://github.com/Tr0e/CVE_Hunter/blob/main/XSS-2.md https://github.com/Tr0e/CVE_Hunter/blob/main/XSS-3.md https://github.com/Tr0e/CVE_Hunter/blob/main/XSS-5.md +https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/Online%20Security%20Guards%20Hiring%20System%201.0.md +https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/e107%20v2.3.2.md https://github.com/Tsiming/Vulnerabilities/blob/main/SQLite/CVE-2021-31239 +https://github.com/TycheSoftwares/woocommerce-abandoned-cart/pull/885#issuecomment-1601813615 https://github.com/TyeYeah/DIR-890L-1.20-RCE https://github.com/TyeYeah/othercveinfo/blob/main/wavlink/README.md#command-injection-occurs-when-adding-blacklist-in-wavlink-router-ac1200-page-cli_black_listshtml-in-firewallcgi https://github.com/TyeYeah/othercveinfo/blob/main/wavlink/README.md#command-injection-occurs-when-deleting-blacklist-in-wavlink-router-ac1200-page-cli_black_listshtml-in-firewallcgi +https://github.com/TyeYeah/othercveinfo/blob/main/wavlink/README.md#wavlink-router-ac1200-page-ledonoffshtml-command-injection-in-admcgi +https://github.com/TyeYeah/othercveinfo/blob/main/wavlink/README.md#wavlink-router-ac1200-page-ledonoffshtml-hidden-parameter-ufconf-command-injection-in-apicgi +https://github.com/TyeYeah/othercveinfo/blob/main/wavlink/README.md#wavlink-router-ac1200-page-loginshtml-command-injection-in-logincgi +https://github.com/TyeYeah/othercveinfo/blob/main/wavlink/README.md#wavlink-router-ac1200-page-man_securityshtml-command-injection-in-firewallcgi +https://github.com/TyeYeah/othercveinfo/blob/main/wavlink/README.md#wavlink-router-ac1200-page-nas_diskshtml-command-injection-in-nascgi +https://github.com/TyeYeah/othercveinfo/blob/main/wavlink/README.md#wavlink-router-ac1200-page-wanshtml-command-injection-in-admcgi +https://github.com/TyeYeah/othercveinfo/blob/main/wavlink/README.md#wavlink-router-ac1200-page-wizard_repshtml-command-injection-in-admcgi +https://github.com/TyeYeah/othercveinfo/blob/main/wavlink/README.md#wavlink-router-ac1200-page-wizard_router_meshshtml-command-injection-in-admcgi +https://github.com/TyeYeah/othercveinfo/tree/main/wavlink#command-injection-occurs-when-adding-extender-in-wavlink-router-ac1200-page-wifi_meshshtml-in-wirelesscgi +https://github.com/TyeYeah/othercveinfo/tree/main/wavlink#command-injection-occurs-when-clicking-the-button-in-wavlink-router-ac1200-page-wifi_meshshtml-in-wirelesscgi +https://github.com/TyeYeah/othercveinfo/tree/main/wavlink#wavlink-router-ac1200-page-qosshtml-command-injection-in-qoscgi +https://github.com/Typesetter/Typesetter/issues/674 +https://github.com/Typesetter/Typesetter/issues/697 +https://github.com/UT-Security/gpu-zip https://github.com/UditChavda/Udit-Chavda-CVE/blob/main/CVE-2022-36736 https://github.com/UltramanGaia/Xiaomi_Mi_WiFi_R3G_Vulnerability_POC/blob/master/arbitrary_file_read_vulnerability.py https://github.com/UltramanGaia/Xiaomi_Mi_WiFi_R3G_Vulnerability_POC/blob/master/remote_command_execution_vulnerability.py +https://github.com/UnderwaterCoder/Hipcam-RTSP-Format-Validation-Vulnerability https://github.com/UniSharp/laravel-filemanager/issues/1150 https://github.com/UniSharp/laravel-filemanager/issues/1150#issuecomment-1320186966 https://github.com/UniSharp/laravel-filemanager/issues/1150#issuecomment-1825310417 +https://github.com/V1n1v131r4/CSRF-on-ArGoSoft-Mail-Server/blob/master/README.md https://github.com/V1n1v131r4/Exploiting-Postie-WordPress-Plugin-/blob/master/README.md +https://github.com/V1n1v131r4/Exploiting-WP-Database-Backup-WordPress-Plugin/blob/master/README.md +https://github.com/V1n1v131r4/Exploiting-WP-Htaccess-by-BestWebSoft-Plugin/blob/master/README.md https://github.com/V1n1v131r4/HGB10R-2 https://github.com/V1n1v131r4/MIME-Confusion-Attack-on-Midori-Browser/blob/master/README.md https://github.com/V3locidad/GLPI_POC_Plugins_Shell +https://github.com/VauP/CVE-IDs/blob/main/proof_of_concept.md https://github.com/Venan24/SCMS/issues/2 +https://github.com/Venus-WQLab/bug_report/blob/main/Tenda/CVE-2023-24212.md https://github.com/VerSprite/research/blob/master/advisories/VS-2017-007.md https://github.com/VerSprite/research/blob/master/advisories/VS-2018-014.md https://github.com/Verytops/verydows/issues/10 +https://github.com/Verytops/verydows/issues/17 +https://github.com/VictorAlagwu/CMSsite/issues/15 +https://github.com/VijayT007/Vulnerability-Database/blob/master/Telegram-CVE-2020-17448 +https://github.com/VijayT007/Vulnerability-Database/blob/master/Telegram:CVE-2020-12474 https://github.com/VirusTotal/yara/issues/1178 https://github.com/VirusTotal/yara/issues/891 https://github.com/VirusTotal/yara/issues/999 +https://github.com/VivekPanday12/CVE-/issues/2 https://github.com/VivekPanday12/CVE-/issues/3 +https://github.com/VoidSec/Exploit-Development/blob/master/windows/x86/local/IBM_ITSM_Administrator_Client_v.5.2.0.1/IBM_TSM_v.5.2.0.1_exploit.py https://github.com/VulDetailsPublication/Poc/tree/master/Tenda/AC9 https://github.com/WPO-Foundation/webpagetest/issues/820 https://github.com/WPO-Foundation/webpagetest/issues/830 @@ -113511,6 +114952,8 @@ https://github.com/WPO-Foundation/webpagetest/issues/836 https://github.com/WPO-Foundation/webpagetest/issues/837 https://github.com/WPO-Foundation/webpagetest/issues/838 https://github.com/WULINPIN/CVE/blob/main/JForum/poc.html +https://github.com/WWBN/AVideo/security/advisories/GHSA-2mhh-27v7-3vcx +https://github.com/WWBN/AVideo/security/advisories/GHSA-xr9h-p2rc-rpqm https://github.com/WebAssembly/binaryen/issues/1863 https://github.com/WebAssembly/binaryen/issues/1864 https://github.com/WebAssembly/binaryen/issues/1865 @@ -113521,34 +114964,63 @@ https://github.com/WebAssembly/binaryen/issues/1876 https://github.com/WebAssembly/binaryen/issues/1879 https://github.com/WebAssembly/binaryen/issues/1880 https://github.com/WebAssembly/binaryen/issues/1881 +https://github.com/WebAssembly/binaryen/issues/1900 https://github.com/WebAssembly/binaryen/issues/2288 +https://github.com/WebAssembly/wabt/issues/1938 https://github.com/WebAssembly/wabt/issues/1981 https://github.com/WebAssembly/wabt/issues/1982 https://github.com/WebAssembly/wabt/issues/1983 https://github.com/WebAssembly/wabt/issues/1985 +https://github.com/WebAssembly/wabt/issues/1989 +https://github.com/WebAssembly/wabt/issues/1992 +https://github.com/WebAssembly/wabt/issues/2310 +https://github.com/WebAssembly/wabt/issues/2311 https://github.com/Webklex/php-imap/security/advisories/GHSA-47p7-xfcc-4pv9 https://github.com/Wh04m1001/CVE https://github.com/WhatCD/Gazelle/issues/111 https://github.com/WhatCD/Gazelle/issues/112 https://github.com/WhatCD/Gazelle/issues/113 https://github.com/WhatCD/Gazelle/issues/114 +https://github.com/WhereisRain/dir-815 +https://github.com/WhereisRain/dir-815/blob/main/README.md https://github.com/WhoisZkuan/TOTOlink-A700RU https://github.com/WithSecureLabs/megafeis-palm/tree/main/CVE-2022-45634 https://github.com/WithSecureLabs/megafeis-palm/tree/main/CVE-2022-45635 +https://github.com/WithSecureLabs/megafeis-palm/tree/main/CVE-2022-45636 https://github.com/WithSecureLabs/megafeis-palm/tree/main/CVE-2022-45637 https://github.com/WizardMac/ReadStat/issues/108 https://github.com/Wocanilo/CVE-2019-14537 +https://github.com/WodenSec/CVE-2022-46485 https://github.com/WordPress/WordPress/commit/4482f9207027de8f36630737ae085110896ea849 +https://github.com/Wsecpro/cve1/blob/main/NS-ASG-sql-list_addr_fwresource_ip.md https://github.com/X-C3LL/PoC-CVEs/blob/master/Aircam-DoS/Aircam-DoS.py https://github.com/X-C3LL/PoC-CVEs/blob/master/CVE-2022-26952%20%26%20CVE-2022-26953/readme.md https://github.com/XC9409/CVE-2023-31634/blob/main/PoC https://github.com/XOOPS/XoopsCore25/issues/523 +https://github.com/Xh4H/Satellian-CVE-2020-7980 https://github.com/XiphosResearch/exploits/tree/master/suiteshell +https://github.com/Xithrius/twitch-tui/security/advisories/GHSA-779w-xvpm-78jx https://github.com/Xtraball/SiberianCMS/issues/217 +https://github.com/Xunflash/IOT/tree/main/Tenda_AC8_V4/2 +https://github.com/Xunflash/IOT/tree/main/Tenda_AC8_V4/3 https://github.com/Xyntax/POC-T/blob/2.0/script/fiyo2.0.7-getshell.py https://github.com/Y1LD1R1M-1337/Limesurvey-RCE +https://github.com/YAFNET/YAFNET/security/advisories/GHSA-4hwx-678w-9cp5 +https://github.com/YAFNET/YAFNET/security/advisories/GHSA-mg6p-jjff-7g5m https://github.com/YMFE/yapi/issues/2745 +https://github.com/YTrick/vuln/blob/main/DIR-619L%20Buffer%20Overflow_1.md +https://github.com/YXuanZ1216/cve/blob/main/sql.md https://github.com/YavuzSahbaz/Red-Planet-Laundry-Management-System-1.0-is-vulnerable-to-SQL +https://github.com/Yesec/-Doctor-s-Appointment-System/blob/main/SQL%20Injection%20in%20login.php/vuln.md +https://github.com/Yesec/Free-Hospital-Management-System-for-Small-Practices/blob/main/SQL%20Injection%20in%20doctors.php/vuln.md +https://github.com/Yesec/Free-Hospital-Management-System-for-Small-Practices/blob/main/SQL%20Injection%20in%20login.php/vuln.md +https://github.com/Yesec/Free-Hospital-Management-System-for-Small-Practices/blob/main/vertical%20privilege%20escalation/vuln.md +https://github.com/Yesec/Inventory-Management-System/blob/main/SQL%20Injection%20in%20catagory_data.php/vuln.md +https://github.com/Yesec/Inventory-Management-System/blob/main/SQL%20Injection%20in%20ex_catagory_data.php/vuln.md +https://github.com/Yesec/Inventory-Management-System/blob/main/SQL%20Injection%20in%20product_data.php/vuln.md +https://github.com/Yesec/Resort-Reservation-System/blob/main/SQL%20Injection%20in%20manage_user.php/vuln.md +https://github.com/Yesec/Resort-Reservation-System/blob/main/SQL%20Injection%20in%20view_fee.php/vuln.md +https://github.com/Yesec/Resort-Reservation-System/blob/main/local%20file%20inclusion/vuln.md https://github.com/Yomguithereal/baobab/pull/511 https://github.com/YouPHPTube/YouPHPTube/issues/2202 https://github.com/Yozarseef95/CVE-2023-31594 @@ -113558,12 +115030,25 @@ https://github.com/Yu1e/vuls/blob/main/Byzro%20Networks%20Smart%20S80%20manageme https://github.com/YuboZhaoo/IoT/blob/main/D-Link/DIR-619L/20240424.md https://github.com/Z3Prover/z3/issues/3363 https://github.com/ZIllR0/Routers/blob/master/PHICOMM +https://github.com/ZIllR0/Routers/blob/master/Tenda/heapoverflow1.md https://github.com/ZIllR0/Routers/blob/master/Tenda/stack1.md +https://github.com/ZIllR0/Routers/blob/master/Tenda/stack2.md +https://github.com/ZIllR0/Routers/blob/master/Tenda/stack4.md +https://github.com/ZLMediaKit/ZLMediaKit/issues/1839 +https://github.com/Zarathustra-L/IoT_Vul/tree/main/D-Link/DIR-869 +https://github.com/Zarathustra-L/IoT_Vul/tree/main/D-Link/DIR-879 https://github.com/ZerBea/hcxtools/issues/155 +https://github.com/ZhenKaiHe/bug_report/blob/main/vendors/onetnom23/clinics-patient-management-system/XSS-1.md https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Micropoint_POC/tree/master/mp110005/80000038 https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Micropoint_POC/tree/master/mp110005/80000110 +https://github.com/ZipArchive/ZipArchive/issues/680 https://github.com/ZoneMinder/ZoneMinder/issues/1797 +https://github.com/ZxDecide/Nginx-variants/blob/master/%E9%99%84%E4%BB%B6(Tengine).docx https://github.com/a2u/CVE-2018-7600 +https://github.com/a932278490/ebcms/issues/1 +https://github.com/aaronsvk +https://github.com/aaronsvk/CVE-2020-3956 +https://github.com/aaronsvk/CVE-2022-30075 https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC10U/v1.V15.03.06.48/more/formSetSambaConf.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC10U/v1.V15.03.06.49/more/formWriteFacMac.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC10U/v1.V15.03.06.49/more/setSchedWifi_start.md @@ -113648,9 +115133,12 @@ https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/i/i21/formwrlSSIDg https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/i/i21/formwrlSSIDset.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/i/i21/fromDhcpSetSer.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/i/i22/formSetUrlFilterRule.md +https://github.com/abeluck/stegdetect/issues/10 https://github.com/abhiunix/Bus-Pass-Management-System-v1.0/blob/master/Directory%20listing/Report_Directory%20listing.pdf https://github.com/abhiunix/Bus-Pass-Management-System-v1.0/tree/master/Directory%20listing +https://github.com/aclements/libelfin/issues/52 https://github.com/actions/runner/pull/2108 +https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-002.md https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-004.md https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-005.md https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-006.md @@ -113659,30 +115147,133 @@ https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-008.md https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-010.md https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-011.md https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-012.md +https://github.com/active-labs/Advisories/blob/master/2020/ACTIVE-2020-001.md +https://github.com/active-labs/Advisories/blob/master/2020/ACTIVE-2020-003.md +https://github.com/active-labs/Advisories/blob/master/2020/ACTIVE-2020-004.md +https://github.com/active-labs/Advisories/blob/master/2020/ACTIVE-2020-005.md +https://github.com/active-labs/Advisories/blob/master/2021/ACTIVE-2021-001.md https://github.com/active-labs/Advisories/blob/master/ACTIVE-2019-009.md +https://github.com/actuator/com.altamirano.fabricio.tvbrowser/blob/main/AFC-POC.apk +https://github.com/actuator/com.altamirano.fabricio.tvbrowser/blob/main/CWE-94.md +https://github.com/actuator/com.altamirano.fabricio.tvbrowser/blob/main/TVBrowserDemo.gif +https://github.com/actuator/com.bdrm.superreboot/blob/main/CWE-925.md +https://github.com/actuator/com.cutestudio.colordialer/blob/main/CWE-284.md +https://github.com/actuator/com.eypcnnapps.quickreboot/blob/main/CWE-925.md +https://github.com/actuator/com.full.dialer.top.secure.encrypted +https://github.com/actuator/com.full.dialer.top.secure.encrypted/blob/main/dial.gif +https://github.com/actuator/com.full.dialer.top.secure.encrypted/blob/main/poc.apk +https://github.com/actuator/com.gurry.kvbrowser/blob/main/CWE-94.md +https://github.com/actuator/com.phlox.tvwebbrowser +https://github.com/actuator/com.phlox.tvwebbrowser/blob/main/CWE-94.md +https://github.com/actuator/com.phlox.tvwebbrowser/blob/main/poc.apk +https://github.com/actuator/com.simplemobiletools.dialer/blob/main/CWE-928.md +https://github.com/actuator/com.tcl.browser/blob/main/CWE-94.md +https://github.com/actuator/cve/blob/main/CVE-2023-42469 +https://github.com/actuator/cve/blob/main/CVE-2023-42470 +https://github.com/actuator/cve/blob/main/CVE-2023-42471 +https://github.com/actuator/imou/blob/main/com.dahua.imou.go-V1.0.11.md +https://github.com/actuator/imou/blob/main/poc.apk +https://github.com/actuator/wave.ai.browser/blob/main/CWE-94.md +https://github.com/actuator/wave.ai.browser/blob/main/poc.apk +https://github.com/actuator/yi/blob/main/CWE-319.md +https://github.com/adeoluwa-adebiyi/Mikrotik-Router-Monitoring-System/issues/4 +https://github.com/adhikara13/CVE-2023-38829-NETIS-WF2409E +https://github.com/adhikara13/CVE/blob/main/netis_N3/Improper%20Authentication%20Mechanism%20Leading%20to%20Denial-of-Service%20(DoS).md +https://github.com/adhikara13/CVE/blob/main/netis_N3/blind%20command%20injection%20in%20ddnsDomainName%20parameter%20in%20Dynamic%20DNS%20setting.md +https://github.com/adhikara13/CVE/blob/main/netis_N3/blind%20command%20injection%20in%20hostname%20parameter%20in%20wan%20settings.md +https://github.com/adhikara13/CVE/blob/main/netis_N3/blind%20command%20injection%20in%20ntpServIP%20parameter%20in%20Time%20Settings%20.md +https://github.com/adhikara13/CVE/blob/main/netis_N3/blind%20command%20injection%20in%20pin_host%20parameter%20in%20wps%20setting.md +https://github.com/adhikara13/CVE/blob/main/netis_N3/buffer%20overflow%20in%20hostname%20parameter%20leads%20to%20DOS.md https://github.com/adiapera/xss_language_cmsimple_5.15 https://github.com/adiapera/xss_language_cmsimple_5.15/blob/main/README.md https://github.com/adilkhan7/CVE-2023-31664 https://github.com/advisories/GHSA-2m57-hf25-phgg +https://github.com/advisories/GHSA-66m2-493m-crh2 +https://github.com/advisories/GHSA-8jxm-xp43-qh3q +https://github.com/advisories/GHSA-c35q-ffpf-5qpm +https://github.com/advisories/GHSA-cfc2-wr2v-gxm5 https://github.com/advisories/GHSA-qg8p-v9q4-gh34 +https://github.com/advisto/peel-shopping/issues/1 https://github.com/advisto/peel-shopping/issues/4#issuecomment-953461611 +https://github.com/ae6e361b/taocms-XSS https://github.com/afaq1337/CVE-2021-35296 https://github.com/afaq1337/CVE-2022-36200 https://github.com/affix/CVE-2022-36231 +https://github.com/afichet/openexr-viewer/security/advisories/GHSA-99jg-r3f4-rpxj +https://github.com/agentejo/cockpit/issues/1310 +https://github.com/agl/jbig2enc/issues/84 +https://github.com/agl/jbig2enc/issues/85 https://github.com/ahmedalroky/CVEs/tree/cellinx https://github.com/ahmedalroky/Disclosures/blob/main/apesystems/Insufficient_Verification_of_Data_Authenticity.MD +https://github.com/ahrixia/CVE-2023-43323 +https://github.com/ahrixia/CVE-2023-44811 +https://github.com/ahrixia/CVE-2023-44812 +https://github.com/ahrixia/CVE-2023-44813 +https://github.com/ahrixia/CVE-2023-45542 +https://github.com/ahrixia/CVE-2023-50072 +https://github.com/aio-libs/aiohttp-session/issues/272 +https://github.com/aio-libs/aiohttp-session/issues/325 +https://github.com/aio-libs/aiohttp/issues/6772 +https://github.com/aio-libs/aiohttp/security/advisories/GHSA-gfw2-4jvh-wgfg +https://github.com/aio-libs/aiohttp/security/advisories/GHSA-qvrw-v9rv-5rjx +https://github.com/aio-libs/aiohttp/security/advisories/GHSA-xx9p-xxvh-7g8j https://github.com/airbnb/knowledge-repo/issues/431 +https://github.com/aircrack-ng/rtl8812au/issues/730 +https://github.com/aixiao0621/Tenda/blob/main/AC10/0.md +https://github.com/aixiao0621/Tenda/blob/main/AC10U/0/0.md +https://github.com/aixiao0621/Tenda/blob/main/AC10U/1/0.md +https://github.com/aixiao0621/Tenda/blob/main/AC10U/10/0.md +https://github.com/aixiao0621/Tenda/blob/main/AC10U/2/0.md +https://github.com/aixiao0621/Tenda/blob/main/AC10U/3/0.md +https://github.com/aixiao0621/Tenda/blob/main/AC10U/7/0.md +https://github.com/aixiao0621/Tenda/blob/main/AC10U/8/0.md +https://github.com/aixiao0621/Tenda/blob/main/AC10U/9/0.md https://github.com/akrennmair/newsbeuter/commit/96e9506ae9e252c548665152d1b8968297128307 https://github.com/akrennmair/newsbeuter/issues/591 +https://github.com/akshadjoshi/CVE-2023-38890 +https://github.com/al3zx/csz_cms_1_3_0_xss_in_install_page/blob/main/README.md +https://github.com/al3zx/xss_languages_subrion_4.2.1 https://github.com/albandes/helpdezk/issues/2 https://github.com/alexazhou/VeryNginx/issues/218 +https://github.com/alexlang24/bloofoxCMS/issues/10 +https://github.com/alexlang24/bloofoxCMS/issues/11 +https://github.com/alexlang24/bloofoxCMS/issues/8 +https://github.com/alexlang24/bloofoxCMS/issues/9 https://github.com/alibaba/nacos/issues/4463 https://github.com/alipay/sofa-hessian/issues/34 +https://github.com/alixiaowei/cve_test/issues/2 +https://github.com/alixiaowei/cve_test/issues/3 +https://github.com/ally-petitt/CVE-2023-40362 +https://github.com/alorfm/vuln/blob/master/qibosoft_cross_Site_Scripting.md https://github.com/alt3kx/CVE-2019-10685 +https://github.com/alwentiu/COVIDSafe-CVE-2020-12856/blob/master/README.md +https://github.com/aman05382/movie_ticket_booking_system_php/issues/2 https://github.com/aman05382/movie_ticket_booking_system_php/issues/3 https://github.com/aman05382/movie_ticket_booking_system_php/issues/4 https://github.com/amdsyad/poc-dump/blob/main/Stored%20XSS%20in%20name%20parameter%20in%20Centreon%20version%2022.04.0 +https://github.com/amplafi/htmlcleaner/issues/13 +https://github.com/an0ry/advisories/blob/main/CVE-2020-17381.md https://github.com/andreas83/SocialNetwork/issues/84 +https://github.com/andreysanyuk/CVE-2023-42283 +https://github.com/andreysanyuk/CVE-2023-42284 +https://github.com/andsnw/sockjs-dos-py +https://github.com/anh91/uasoft-indonesia--badaso/blob/main/xss5.md +https://github.com/anhdq201/netbox/issues/1 +https://github.com/anhdq201/netbox/issues/10 +https://github.com/anhdq201/netbox/issues/11 +https://github.com/anhdq201/netbox/issues/12 +https://github.com/anhdq201/netbox/issues/13 +https://github.com/anhdq201/netbox/issues/14 +https://github.com/anhdq201/netbox/issues/15 +https://github.com/anhdq201/netbox/issues/16 +https://github.com/anhdq201/netbox/issues/2 +https://github.com/anhdq201/netbox/issues/3 +https://github.com/anhdq201/netbox/issues/4 +https://github.com/anhdq201/netbox/issues/5 +https://github.com/anhdq201/netbox/issues/6 +https://github.com/anhdq201/netbox/issues/7 +https://github.com/anhdq201/netbox/issues/8 +https://github.com/anhdq201/netbox/issues/9 https://github.com/anhdq201/rukovoditel/issues/1 https://github.com/anhdq201/rukovoditel/issues/10 https://github.com/anhdq201/rukovoditel/issues/11 @@ -113693,6 +115284,9 @@ https://github.com/anhdq201/rukovoditel/issues/15 https://github.com/anhdq201/rukovoditel/issues/16 https://github.com/anhdq201/rukovoditel/issues/2 https://github.com/anhdq201/rukovoditel/issues/3 +https://github.com/anhdq201/rukovoditel/issues/4 +https://github.com/anhdq201/rukovoditel/issues/5 +https://github.com/anhdq201/rukovoditel/issues/6 https://github.com/anhdq201/rukovoditel/issues/7 https://github.com/anhdq201/rukovoditel/issues/8 https://github.com/anhdq201/rukovoditel/issues/9 @@ -113706,6 +115300,7 @@ https://github.com/anhdq201/webtareas/issues/4 https://github.com/anhdq201/webtareas/issues/5 https://github.com/anhdq201/webtareas/issues/6 https://github.com/anhdq201/webtareas/issues/7 +https://github.com/anhdq201/webtareas/issues/8 https://github.com/anhkgg/poc/tree/master/2345%20security%20guard/2345BdPcSafe.sys-x64-0x002220e0 https://github.com/anhkgg/poc/tree/master/2345%20security%20guard/2345BdPcSafe.sys-x64-0x00222548 https://github.com/anhkgg/poc/tree/master/2345%20security%20guard/2345NsProtect.sys-x64-0x80002019 @@ -113717,7 +115312,9 @@ https://github.com/ant-design/ant-design-pro/pull/5461 https://github.com/antirez/kilo/issues/60 https://github.com/antirez/redis/blob/3.2/00-RELEASENOTES https://github.com/antirez/redis/issues/2855 +https://github.com/antirez/redis/pull/6875 https://github.com/anvilsecure/garmin-ciq-app-research/blob/main/advisories/CVE-2023-23298.md +https://github.com/anvilsecure/garmin-ciq-app-research/blob/main/advisories/CVE-2023-23299.md https://github.com/anvilsecure/garmin-ciq-app-research/blob/main/advisories/CVE-2023-23300.md https://github.com/anvilsecure/garmin-ciq-app-research/blob/main/advisories/CVE-2023-23301.md https://github.com/anvilsecure/garmin-ciq-app-research/blob/main/advisories/CVE-2023-23302.md @@ -113725,12 +115322,21 @@ https://github.com/anvilsecure/garmin-ciq-app-research/blob/main/advisories/CVE- https://github.com/anvilsecure/garmin-ciq-app-research/blob/main/advisories/CVE-2023-23304.md https://github.com/anvilsecure/garmin-ciq-app-research/blob/main/advisories/CVE-2023-23305.md https://github.com/anvilsecure/garmin-ciq-app-research/blob/main/advisories/CVE-2023-23306.md +https://github.com/anvilsecure/gog-galaxy-app-research +https://github.com/anvilsecure/gog-galaxy-app-research/blob/main/advisories/CVE-2023-50914%20-%20LPE.md +https://github.com/anvilsecure/gog-galaxy-app-research/blob/main/advisories/CVE-2023-50915%20-%20DoS.md +https://github.com/anx0ing/CVE_demo/blob/main/2022/Apartment%20Visitor%20Management%20System-SQL%20injections.md +https://github.com/anx0ing/CVE_demo/blob/main/2022/Library%20Management%20System%20with%20QR%20code%20Attendance%20and%20Auto%20Generate%20Library%20Card%20-%20SQL%20injections.md https://github.com/anx0ing/CVE_demo/blob/main/2022/Simple%20Food%20Ordering%20System-XSS.md https://github.com/apexcharts/apexcharts.js/pull/2158 https://github.com/appneta/tcpreplay/issues/278 https://github.com/appneta/tcpreplay/issues/536 https://github.com/appneta/tcpreplay/issues/537 https://github.com/appneta/tcpreplay/issues/538 +https://github.com/appneta/tcpreplay/issues/556 +https://github.com/appneta/tcpreplay/issues/576 +https://github.com/appneta/tcpreplay/issues/616 +https://github.com/appneta/tcpreplay/issues/617 https://github.com/appneta/tcpreplay/issues/716 https://github.com/appneta/tcpreplay/issues/717 https://github.com/appneta/tcpreplay/issues/718 @@ -113738,17 +115344,30 @@ https://github.com/appneta/tcpreplay/issues/719 https://github.com/appneta/tcpreplay/issues/734 https://github.com/appneta/tcpreplay/issues/735 https://github.com/appneta/tcpreplay/issues/736 +https://github.com/appneta/tcpreplay/issues/787 +https://github.com/appneta/tcpreplay/issues/813 +https://github.com/arachnys/cabot/pull/694 https://github.com/argoproj/argo-cd/security/advisories/GHSA-9766-5277-j5hr +https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 +https://github.com/armink/struct2json/issues/13 https://github.com/arrow-kt/ank/issues/35 https://github.com/arrow-kt/arrow/issues/1310 +https://github.com/artdarek/go-unzip/pull/2 https://github.com/artkond/cisco-snmp-rce +https://github.com/arvandy/CVE/blob/main/CVE-2023-24788/CVE-2023-24788.md +https://github.com/arvandy/CVE/blob/main/NotrinosERP/POC.md https://github.com/arvidn/libtorrent/issues/2099 +https://github.com/aslanemre/CVE-2020-29364/blob/main/CVE-2020-29364 https://github.com/assimp/assimp/issues/4286 https://github.com/assimp/assimp/issues/4662 +https://github.com/astropy/astropy/security/advisories/GHSA-h2x6-5jx5-46hf +https://github.com/atredispartners/advisories/blob/master/ATREDIS-2020-0004.md https://github.com/atredispartners/advisories/blob/master/ATREDIS-2022-0001.md +https://github.com/atredispartners/advisories/blob/master/ATREDIS-2023-0003.md https://github.com/atutor/ATutor/issues/129 https://github.com/atutor/ATutor/issues/135 https://github.com/auth0/node-jsonwebtoken/commit/e1fa9dcc12054a8681db4e6373da1b30cf7016e3 +https://github.com/avo-hq/avo/security/advisories/GHSA-86h2-2g4g-29qx https://github.com/awake1t/linglong https://github.com/axiomatic-systems/Bento4/files/9640968/Bug_1_POC.zip https://github.com/axiomatic-systems/Bento4/files/9653209/poc_Bento4.zip @@ -113780,18 +115399,21 @@ https://github.com/axiomatic-systems/Bento4/issues/363 https://github.com/axiomatic-systems/Bento4/issues/364 https://github.com/axiomatic-systems/Bento4/issues/366 https://github.com/axiomatic-systems/Bento4/issues/374 +https://github.com/axiomatic-systems/Bento4/issues/408 https://github.com/axiomatic-systems/Bento4/issues/413 https://github.com/axiomatic-systems/Bento4/issues/414 https://github.com/axiomatic-systems/Bento4/issues/415 https://github.com/axiomatic-systems/Bento4/issues/416 https://github.com/axiomatic-systems/Bento4/issues/417 https://github.com/axiomatic-systems/Bento4/issues/418 +https://github.com/axiomatic-systems/Bento4/issues/422 https://github.com/axiomatic-systems/Bento4/issues/434 https://github.com/axiomatic-systems/Bento4/issues/435 https://github.com/axiomatic-systems/Bento4/issues/436 https://github.com/axiomatic-systems/Bento4/issues/437 https://github.com/axiomatic-systems/Bento4/issues/461 https://github.com/axiomatic-systems/Bento4/issues/462 +https://github.com/axiomatic-systems/Bento4/issues/540 https://github.com/axiomatic-systems/Bento4/issues/545 https://github.com/axiomatic-systems/Bento4/issues/615 https://github.com/axiomatic-systems/Bento4/issues/616 @@ -113805,13 +115427,17 @@ https://github.com/axiomatic-systems/Bento4/issues/755 https://github.com/axiomatic-systems/Bento4/issues/756 https://github.com/axiomatic-systems/Bento4/issues/757 https://github.com/axiomatic-systems/Bento4/issues/758 +https://github.com/axiomatic-systems/Bento4/issues/766 https://github.com/axiomatic-systems/Bento4/issues/767 +https://github.com/axiomatic-systems/Bento4/issues/768 https://github.com/axiomatic-systems/Bento4/issues/770 https://github.com/axiomatic-systems/Bento4/issues/772 https://github.com/axiomatic-systems/Bento4/issues/773 +https://github.com/axiomatic-systems/Bento4/issues/775 https://github.com/axiomatic-systems/Bento4/issues/776 https://github.com/axiomatic-systems/Bento4/issues/779 https://github.com/axiomatic-systems/Bento4/issues/780 +https://github.com/axiomatic-systems/Bento4/issues/784 https://github.com/axiomatic-systems/Bento4/issues/792 https://github.com/axiomatic-systems/Bento4/issues/793 https://github.com/axiomatic-systems/Bento4/issues/794 @@ -113819,17 +115445,28 @@ https://github.com/axiomatic-systems/Bento4/issues/800 https://github.com/axiomatic-systems/Bento4/issues/802 https://github.com/axiomatic-systems/Bento4/issues/806 https://github.com/axiomatic-systems/Bento4/issues/812 +https://github.com/axiomatic-systems/Bento4/issues/840 +https://github.com/axiomatic-systems/Bento4/issues/842 https://github.com/axiomatic-systems/Bento4/issues/939 https://github.com/axiomatic-systems/Bento4/issues/941 https://github.com/axiomatic-systems/bento4/issues/408 https://github.com/axiomatic-systems/bento4/issues/409 +https://github.com/azukaar/Cosmos-Server/security/advisories/GHSA-hpvm-x7m8-3c6x +https://github.com/b17fr13nds/MPlayer_cve_poc +https://github.com/b1ackc4t/MarsCTF/issues/10 +https://github.com/badboycxcc/SolarView_Compact_6.0_xss +https://github.com/badboycxcc/nuuo-xss/blob/main/README.md https://github.com/badru8612/CuppaCMS-Authenticated-LFI-Vulnerability https://github.com/bagesoft/bagecms/issues/5 https://github.com/baigoStudio/baigoCMS/issues/7 https://github.com/baigoStudio/baigoCMS/issues/8 https://github.com/baigoStudio/baigoCMS/issues/9 +https://github.com/baigoStudio/baigoSSO/issues/13 https://github.com/baijiacms/baijiacmsV4/issues/2 +https://github.com/baker221/poc-xpdf https://github.com/balderdashy/sails/issues/7209 +https://github.com/balloonwj/flamingo/issues/47 +https://github.com/balloonwj/flamingo/issues/48 https://github.com/barneycarroll/npm-dependency-versions/issues/6 https://github.com/bazad/ctl_ctloutput-leak https://github.com/bbatsov/rubocop/issues/4336 @@ -113838,6 +115475,8 @@ https://github.com/bcit-ci/CodeIgniter/issues/4020 https://github.com/bcit-ci/CodeIgniter/issues/4963 https://github.com/beego/beego/issues/4484 https://github.com/beekeeper-studio/beekeeper-studio/issues/1393 +https://github.com/beerpwn/CVE/blob/master/cms_made_simple_2021/file_upload_RCE/File_upload_to_RCE.md +https://github.com/beerpwn/CVE/blob/master/cms_made_simple_2021/sqli_order_by/CMS-MS-SQLi-report.md https://github.com/beerpwn/ctf/blob/master/CVE/CVE-2019-13571/report.pdf https://github.com/beerpwn/ctf/tree/master/CVE/CVE-2019-13571 https://github.com/bellard/quickjs/issues/178 @@ -113846,11 +115485,15 @@ https://github.com/bernardofsr/CVEs-With-PoC/blob/main/PoCs/Form%20Tools/README. https://github.com/bettershop/LaikeTui/issues/8 https://github.com/beyond7176/njiandan-cms/issues/1 https://github.com/bg5sbk/MiniCMS/issues/14 +https://github.com/bg5sbk/MiniCMS/issues/20 https://github.com/bg5sbk/MiniCMS/issues/29 https://github.com/bg5sbk/MiniCMS/issues/31 https://github.com/bg5sbk/MiniCMS/issues/32 https://github.com/bg5sbk/MiniCMS/issues/45 +https://github.com/bhaveshkush007/CVEs/blob/main/CVE-2023-27073.txt https://github.com/bi7s/CVE/blob/master/CVE-2019-15943/README.md +https://github.com/bi7s/CVE/tree/master/CVE-2019-16294 +https://github.com/bigb0x/CVEs/blob/main/Inout-Homestay-2-2-sqli.md https://github.com/bigbigbigbaby/cms2/blob/main/1.md https://github.com/bigric3/poc https://github.com/bigric3/poc2 @@ -113869,14 +115512,34 @@ https://github.com/bigtreecms/BigTree-CMS/issues/296 https://github.com/bigtreecms/BigTree-CMS/issues/297 https://github.com/bigtreecms/BigTree-CMS/issues/298 https://github.com/bigtreecms/BigTree-CMS/issues/323 +https://github.com/bigtreecms/BigTree-CMS/issues/364 +https://github.com/bigtreecms/BigTree-CMS/issues/392 https://github.com/bitfu/sricam-gsoap2.8-dos-exploit https://github.com/bitovi/launchpad/pull/124 https://github.com/bitwarden/jslib/issues/52 https://github.com/blackarrowsec/advisories/tree/master/2019/CVE-2019-18956 +https://github.com/blackarrowsec/advisories/tree/master/2020/CVE-2020-12606 +https://github.com/blackarrowsec/advisories/tree/master/2020/CVE-2020-28657 +https://github.com/blackarrowsec/advisories/tree/master/2020/CVE-2020-35577 +https://github.com/blackarrowsec/advisories/tree/master/2021/CVE-2021-33208 https://github.com/blackarrowsec/advisories/tree/master/2022/CVE-2022-43216 +https://github.com/blackjliuyun/cvetest/issues/1 https://github.com/blacksmithgu/obsidian-dataview/issues/615 +https://github.com/blakduk/Advisories/blob/main/ChurchCRM/README.md +https://github.com/blakduk/Advisories/blob/main/Mojoportal/README.md +https://github.com/blakeblackshear/frigate/security/advisories/GHSA-qp3h-4q62-p428 +https://github.com/blakeblackshear/frigate/security/advisories/GHSA-xq49-hv88-jr6h +https://github.com/blindkey/DedeCMSv5/issues/1 +https://github.com/blindkey/cve_like/issues/10 +https://github.com/blindkey/cve_like/issues/11 +https://github.com/blindkey/cve_like/issues/12 +https://github.com/blindkey/cve_like/issues/13 +https://github.com/blindkey/cve_like/issues/4 +https://github.com/blindkey/cve_like/issues/6 +https://github.com/bludit/bludit/issues/1132 https://github.com/bludit/bludit/issues/1369#issuecomment-940806199 https://github.com/bludit/bludit/issues/1509 +https://github.com/bludit/bludit/issues/812 https://github.com/bludit/bludit/pull/1090 https://github.com/bluecity/CMS/blob/master/niushop%20v1.1-upload/Niushop%20Multi-business%20V1.11-en.md https://github.com/bluecity/CMS/blob/master/niushop%20v1.11-passwd/Niushop%20V1.11.md @@ -113902,45 +115565,89 @@ https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19814 https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19815 https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19816 https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19927 +https://github.com/boiteasite/cmsuno/issues/15 +https://github.com/boku7/CVE-2020-23839 https://github.com/brackeen/ok-file-formats/issues/11 https://github.com/brackeen/ok-file-formats/issues/12 https://github.com/brackeen/ok-file-formats/issues/15 https://github.com/brackeen/ok-file-formats/issues/17 https://github.com/brackeen/ok-file-formats/issues/18 https://github.com/brackeen/ok-file-formats/issues/19 +https://github.com/brackeen/ok-file-formats/issues/7 +https://github.com/brackeen/ok-file-formats/issues/8 +https://github.com/brandon-t-elliott/CVE-2023-49438 https://github.com/brave/browser-laptop/issues/5006 https://github.com/brave/browser-laptop/issues/5007 https://github.com/breaktoprotect/CVE-2017-12615 https://github.com/breaktoprotect/CVE-2017-16778-Intercom-DTMF-Injection +https://github.com/brechtsanders/xlsxio/issues/121 +https://github.com/brendan-duncan/archive/issues/266 https://github.com/brianmario/yajl-ruby/issues/176 https://github.com/bsmali4/cve/blob/master/CMS%20Made%20Simple%20Stored%20XSS.md https://github.com/bsmali4/cve/blob/master/CMS%20Made%20Simple%20UPLOAD%20FILE%20XSS.md https://github.com/butterflyhack/anchorcms-0.12.7-CSRF +https://github.com/buxu/bug/issues/2 +https://github.com/bytecodealliance/wasm-micro-runtime/issues/2726 +https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23345 https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23346 +https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23347 https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23348 https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23349 +https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23350 https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23352 https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-26281 +https://github.com/c0n5n3d/CVE-2021-43657/blob/main/Info.txt +https://github.com/c2dc/cve-reported/blob/main/CVE-2023-6580/CVE-2023-6580.md +https://github.com/c53elyas/CVE-2023-33733 +https://github.com/c610/free/ https://github.com/c610/tmp/blob/master/aRtiCE.py +https://github.com/c610/tmp/blob/master/zenload4patreons.zip https://github.com/cBioPortal/cbioportal/issues/8680 https://github.com/cacalabs/libcaca/issues/54 https://github.com/cacalabs/libcaca/issues/65 +https://github.com/cachethq/cachet/security/advisories/GHSA-hv79-p62r-wg3p +https://github.com/caffeinated-labs/CVE-2023-36644 +https://github.com/caoyebo/CVE/tree/main/Dlink%20816%20-%20CVE-2023-24331 +https://github.com/caoyebo/CVE/tree/main/TENDA%20AC23%20-%20CVE-2023-24334 +https://github.com/caoyebo/CVE/tree/main/Tenda%20AC6%20-%20CVE-2023-24332 +https://github.com/caoyebo/CVE/tree/main/dlink%20882%20-%20CVE-2023-24330 +https://github.com/cardgate/magento2/issues/54 +https://github.com/cardgate/woocommerce/issues/18 https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-cf3w-g86h-35x4 https://github.com/casdoor/casdoor/issues/1171 https://github.com/casdoor/casdoor/issues/439 +https://github.com/casdoor/casdoor/pull/442 https://github.com/casgate/casgate/security/advisories/GHSA-mj5q-rc67-h56c +https://github.com/cby234/cve_request/issues/1 +https://github.com/cby234/cve_request/issues/2 https://github.com/cby234/zzcms/issues/1 https://github.com/cby234/zzcms/issues/2 https://github.com/cby234/zzcms/issues/3 https://github.com/cby234/zzcms/issues/4 https://github.com/cby234/zzcms/issues/5 https://github.com/cc-crack/router/blob/master/CNVD-2018-04521.py +https://github.com/cc-crack/router/blob/master/motocx2.md +https://github.com/cc-tweaked/CC-Tweaked/security/advisories/GHSA-7p4w-mv69-2wm2 https://github.com/cccaaasser/1CRM-CVE/blob/master/CVE-2019-14221.md +https://github.com/ccxvii/mujs/issues/133 +https://github.com/ccxvii/mujs/issues/134 +https://github.com/ccxvii/mujs/issues/136 https://github.com/ccxvii/mujs/issues/161 +https://github.com/cebe/markdown/issues/166 +https://github.com/cebe/markdown/issues/166#issuecomment-508230493 +https://github.com/ceng-yildirim/LFI-processwire https://github.com/centreon/centreon/security/policy https://github.com/cesanta/mjs/issues/135 https://github.com/cesanta/mjs/issues/136 +https://github.com/cesanta/mjs/issues/158 +https://github.com/cesanta/mjs/issues/160 https://github.com/cesanta/mjs/issues/161 +https://github.com/cesanta/mjs/issues/165 +https://github.com/cesanta/mjs/issues/240 +https://github.com/cesanta/mjs/issues/241 +https://github.com/cesanta/mjs/issues/250 +https://github.com/cesanta/mjs/issues/252 +https://github.com/cesanta/mjs/issues/257 https://github.com/ch0ing/vul/blob/main/WebRay.com.cn/Badminton%20Center%20Management%20System(XSS).md https://github.com/ch0ing/vul/blob/main/WebRay.com.cn/Company%20Website%20CMS(XSS).md https://github.com/ch0ing/vul/blob/main/WebRay.com.cn/Company%20Website%20CMS--.md @@ -113949,8 +115656,12 @@ https://github.com/ch0ing/vul/blob/main/WebRay.com.cn/Garage%20Management%20Syst https://github.com/ch0ing/vul/blob/main/WebRay.com.cn/Prison%20Management%20System(SQLI).md https://github.com/ch0ing/vul/blob/main/WebRay.com.cn/Prison%20Management%20System(XSS).md https://github.com/ch0ing/vul/blob/main/WebRay.com.cn/Prison%20Management%20System--.md +https://github.com/chaijs/get-func-name/security/advisories/GHSA-4q6p-r6v2-jvc5 https://github.com/chainguard-dev/apko/security/advisories/GHSA-v6mg-7f7p-qmqp +https://github.com/chakra-core/ChakraCore/issues/6887 +https://github.com/chakra-core/ChakraCore/issues/6888 https://github.com/chbrown/rfc6902/pull/76 +https://github.com/che-my/fastadmin-tp6/issues/2 https://github.com/chekun/DiliCMS/issues/59 https://github.com/chekun/DiliCMS/issues/60 https://github.com/chenan224/webchess_sqli_poc @@ -113970,6 +115681,8 @@ https://github.com/cherokee/webserver/issues/1226 https://github.com/cherokee/webserver/issues/1227 https://github.com/cherryla/zzcms/blob/master/adv.php.md https://github.com/chjj/marked/issues/937 +https://github.com/chocolate-doom/chocolate-doom/issues/1293 +https://github.com/choregus/puppyCMS/issues/13 https://github.com/chshcms/cscms/issues/12#issue-1170440183 https://github.com/chshcms/cscms/issues/2 https://github.com/chshcms/cscms/issues/20#issue-1207634969 @@ -113993,11 +115706,19 @@ https://github.com/chshcms/cscms/issues/36#issue-1209060196 https://github.com/chshcms/cscms/issues/37 https://github.com/chshcms/cscms/issues/4 https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt +https://github.com/chunklhit/cve/blob/master/TRENDNet/TEW-820AP/01/README.md +https://github.com/chunklhit/cve/blob/master/TRENDNet/TEW-820AP/05/README.md +https://github.com/chunklhit/cve/blob/master/TRENDNet/TEW-820AP/07/README.md https://github.com/cilan2/iot/blob/main/4.md +https://github.com/ciph0x01/poc/blob/main/poc.html +https://github.com/ciur/papermerge/issues/228 +https://github.com/cjvnjde/google-translate-api-browser/security/advisories/GHSA-4233-7q5q-m7p6 https://github.com/ckolivas/lrzip/issues/108 +https://github.com/ckolivas/lrzip/issues/163 https://github.com/ckolivas/lrzip/issues/164 https://github.com/ckolivas/lrzip/issues/165 https://github.com/ckolivas/lrzip/issues/206 +https://github.com/ckolivas/lrzip/issues/246 https://github.com/ckolivas/lrzip/issues/66 https://github.com/ckolivas/lrzip/issues/67 https://github.com/ckolivas/lrzip/issues/68 @@ -114007,33 +115728,87 @@ https://github.com/ckolivas/lrzip/issues/71 https://github.com/ckolivas/lrzip/issues/93 https://github.com/cl0udz/vulnerabilities/blob/master/cezerin-manipulate_order_information/README.md https://github.com/cl0udz/vulnerabilities/tree/master/pomelo-critical-state-manipulation +https://github.com/clarkgrubb/data-tools/issues/7 https://github.com/claudiodangelis/qrcp/issues/223 https://github.com/claviska/simple-php-captcha/issues/16 +https://github.com/clickbar/dot-diver/security/advisories/GHSA-9w5f-mw3p-pj47 https://github.com/cloudflare/golz4/commit/199f5f7878062ca17a98e079f2dbe1205e2ed898 https://github.com/cloudwebsoft/ywoa/issues/25 https://github.com/cloudwu/pbc/issues/158 https://github.com/cnvs/canvas/issues/331 +https://github.com/cobbler/cobbler/issues/1917 https://github.com/cobub/razor/issues/168 +https://github.com/cockpit-project/cockpit/issues/15077 +https://github.com/codenotary/immudb/tree/master/docs/security/vulnerabilities/linear-fake https://github.com/coincoin7/Wireless-Router-Vulnerability/blob/master/Asus_DeleteOfflineClientOverflow.txt +https://github.com/colorlight/mikrotik_poc/blob/master/two_vulns.md +https://github.com/combust/mleap/pull/866#issuecomment-1738032225 https://github.com/concrete5/concrete5-legacy/issues/1948 +https://github.com/congcong9184-123/congcong9184-123.github.io/blob/master/74cms.docx +https://github.com/congcong9184-123/congcong9184-123.github.io/blob/master/douphp_xss.docx +https://github.com/contentful/the-example-app.py/issues/44 https://github.com/convisoappsec/advisories/blob/master/2017/CONVISO-17-003.txt +https://github.com/convos-chat/convos/issues/623 https://github.com/cooltey/C.P.Sub/issues/2 https://github.com/cooltey/C.P.Sub/issues/3 +https://github.com/corazawaf/coraza/security/advisories/GHSA-c2pj-v37r-2p6h +https://github.com/corelight/callstranger-detector https://github.com/coreos/etcd/issues/9353 +https://github.com/coreruleset/coreruleset/pull/1793 +https://github.com/cozis/xHTTP/issues/1 +https://github.com/cpeggg/Netgear-upnpd-poc +https://github.com/cq674350529/pocs_slides/blob/master/advisory/MikroTik/CVE-2020-20217/README.md +https://github.com/cq674350529/pocs_slides/blob/master/advisory/MikroTik/CVE-2020-20230/README.md +https://github.com/cq674350529/pocs_slides/blob/master/advisory/MikroTik/CVE-2020-20231/README.md +https://github.com/cq674350529/pocs_slides/blob/master/advisory/MikroTik/CVE-2020-20249/README.md +https://github.com/cq674350529/pocs_slides/blob/master/advisory/MikroTik/CVE-2020-20250/README.md +https://github.com/cq674350529/pocs_slides/blob/master/advisory/MikroTik/CVE-2020-20252/README.md https://github.com/cq674350529/pocs_slides/blob/master/advisory/MikroTik/CVE-2022-36522/README.md https://github.com/cq674350529/pocs_slides/blob/master/advisory/MikroTik/CVE-2022-45313/README.md https://github.com/cq674350529/pocs_slides/blob/master/advisory/MikroTik/CVE-2022-45315/README.md +https://github.com/cq674350529/pocs_slides/blob/master/pocs/MikroTik/vul_dot1x/README.md +https://github.com/cq674350529/pocs_slides/blob/master/pocs/MikroTik/vul_ipsec/README.md +https://github.com/cq674350529/pocs_slides/blob/master/pocs/MikroTik/vul_lcdstat_2/README.md +https://github.com/cq674350529/pocs_slides/blob/master/pocs/MikroTik/vul_lcdstat_4/README.md +https://github.com/cq674350529/pocs_slides/blob/master/pocs/MikroTik/vul_netwatch/README.md +https://github.com/craftcms/cms/security/advisories/GHSA-3wxg-w96j-8hq9 +https://github.com/craftcms/cms/security/advisories/GHSA-6qjx-787v-6pxr +https://github.com/craftcms/cms/security/advisories/GHSA-cjmm-x9x9-m2w5 https://github.com/craftcms/cms/security/advisories/GHSA-qcrj-6ffc-v7hq +https://github.com/craftcms/cms/security/advisories/GHSA-qpgm-gjgf-8c2x +https://github.com/craftcms/cms/security/advisories/GHSA-vqxf-r9ph-cc9c +https://github.com/crater-invoice/crater/issues/1267 https://github.com/creditease-sec/insight/issues/42 https://github.com/cri-o/cri-o/security/advisories/GHSA-2cgq-h8xw-2v5j +https://github.com/crmeb/CRMEB/issues/22 +https://github.com/cryptomator/cryptomator/security/advisories/GHSA-62gx-54j7-mjh3 +https://github.com/cryptomator/cryptomator/security/advisories/GHSA-9c9p-c3mg-hpjq +https://github.com/cryptonotefoundation/cryptonote/issues/172 https://github.com/cskaza/cszcms/issues/17 +https://github.com/cskaza/cszcms/issues/28 https://github.com/cskaza/cszcms/issues/29 https://github.com/ctflearner/Android_Findings/blob/main/AndroidWeatherApp/Android_backup.md https://github.com/ctflearner/Android_Findings/blob/main/Musicshelf/Musicshelf_Manifest_issue.md https://github.com/ctflearner/Android_Findings/blob/main/Replify-Messenger/Backup.md https://github.com/ctflearner/Android_Findings/blob/main/Smartalarm/Backup.md +https://github.com/ctflearner/Vulnerability/blob/main/Bank_Locker_Management_System/BLMS_XSS_IN_ADMIN_BROWSER.md +https://github.com/ctflearner/Vulnerability/blob/main/Bank_Locker_Management_System/Bank%20Locker%20Management%20System-SQL%20.md +https://github.com/ctflearner/Vulnerability/blob/main/Canteen%20Management%20System/Canteen_Management_System_XSS_IN_Add_Customer.md +https://github.com/ctflearner/Vulnerability/blob/main/Employee%20Leaves%20Management%20System/ELMS.md +https://github.com/ctflearner/Vulnerability/blob/main/MINICAL/minical.md +https://github.com/ctflearner/Vulnerability/blob/main/Online-Security-guard-POC.md +https://github.com/ctflearner/Vulnerability/blob/main/PHPIPAM/Open_Redirect.md +https://github.com/ctflearner/Vulnerability/blob/main/Sales_Tracker_Management_System/stms.md +https://github.com/ctflearner/Vulnerability/blob/main/Teacher_Record_Management_System/trms.md +https://github.com/ctflearner/Vulnerability/blob/main/WALLABAG/NAME-LIMIT.md https://github.com/ctripcorp/apollo/issues/2103 +https://github.com/cugerQDHJ/cve/blob/main/rce.md +https://github.com/cui2shark/cms/blob/main/CSRF%20exists%20at%20the%20creation%20location%20of%20the%20custom%20table.md +https://github.com/cui2shark/security/blob/main/Added%20CSRF%20in%20Role%20Controller.md https://github.com/curlyboi/hashtopus/issues/63 +https://github.com/cve-vul/vul/blob/master/FTPShell/FTPShell_Server_6.83_DOS.md +https://github.com/cxong/tinydir/security/advisories/GHSA-jf5r-wgf4-qhxf +https://github.com/cyb3r-n3rd/cve-request/blob/main/cve-poc-payload https://github.com/cybersecurityworks/Disclosed/issues/1 https://github.com/cybersecurityworks/Disclosed/issues/11 https://github.com/cybersecurityworks/Disclosed/issues/12 @@ -114066,19 +115841,35 @@ https://github.com/d1tto/IoT-vuln/blob/main/Tenda/AX1806/GetParentControlInfo/re https://github.com/d1tto/IoT-vuln/blob/main/Tenda/AX1806/form_fast_setting_wifi_set/readme.md https://github.com/d1tto/IoT-vuln/blob/main/Tenda/AX1806/fromAdvSetMacMtuWan/readme.md https://github.com/d1tto/IoT-vuln/blob/main/Tenda/AX1806/fromSetIpMacBind/readme.md +https://github.com/d1tto/IoT-vuln/tree/main/Tenda/A18/formAddMacfilterRule +https://github.com/d1tto/IoT-vuln/tree/main/Tenda/AX1806/formSetVirtualSer +https://github.com/d1tto/IoT-vuln/tree/main/Tenda/AX1806/fromSetRouteStatic https://github.com/d1tto/IoT-vuln/tree/main/Tenda/AX1806/fromSetWifiGusetBasic +https://github.com/d1tto/IoT-vuln/tree/main/Tenda/M3/formGetPassengerAnalyseData +https://github.com/d1tto/IoT-vuln/tree/main/Tenda/M3/formMasterMng https://github.com/d1tto/IoT-vuln/tree/main/Tenda/M3/formSetAPCfg +https://github.com/d1tto/IoT-vuln/tree/main/Tenda/M3/formSetAccessCodeInfo +https://github.com/d1tto/IoT-vuln/tree/main/Tenda/M3/formSetStoreWeb https://github.com/d1tto/IoT-vuln/tree/main/Tenda/M3/formdelMasteraclist +https://github.com/d1tto/IoT-vuln/tree/main/Tenda/M3/fromDhcpListClient https://github.com/d1tto/IoT-vuln/tree/main/Totolink/1.setWiFiAclAddConfig https://github.com/d1tto/IoT-vuln/tree/main/Totolink/2.setPortForwardRules https://github.com/d1tto/IoT-vuln/tree/main/Totolink/3.setIpQosRules https://github.com/d1tto/IoT-vuln/tree/main/Totolink/4.setMacFilterRules +https://github.com/d1tto/IoT-vuln/tree/main/Totolink/5.setStaticDhcpConfig https://github.com/d1tto/IoT-vuln/tree/main/Totolink/6.setWiFiRepeaterConfig https://github.com/d1tto/IoT-vuln/tree/main/Totolink/7.UploadCustomModule https://github.com/d1tto/IoT-vuln/tree/main/Totolink/8.setIpPortFilterRules https://github.com/d1tto/IoT-vuln/tree/main/Totolink/9.setUrlFilterRules +https://github.com/d1tto/IoT-vuln/tree/main/Totolink/T6-v2/1.setIpPortFilterRules https://github.com/d1tto/IoT-vuln/tree/main/Totolink/T6-v2/10.setTracerouteCfg +https://github.com/d1tto/IoT-vuln/tree/main/Totolink/T6-v2/2.setParentalRules +https://github.com/d1tto/IoT-vuln/tree/main/Totolink/T6-v2/3.setWiFiAclRules +https://github.com/d1tto/IoT-vuln/tree/main/Totolink/T6-v2/4.setWiFiScheduleCfg https://github.com/d1tto/IoT-vuln/tree/main/Totolink/T6-v2/6.setWizardCfg +https://github.com/d1tto/IoT-vuln/tree/main/Totolink/T6-v2/7.setUrlFilterRules +https://github.com/d1tto/IoT-vuln/tree/main/Totolink/T6-v2/8.setMacFilterRules +https://github.com/d1tto/IoT-vuln/tree/main/Totolink/T6-v2/9.setWanCfg https://github.com/d34dun1c02n/CVE-2023-31705 https://github.com/d4wner/Vulnerabilities-Report/blob/master/Advanced%20Real%20Estate%20Script.md https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md @@ -114095,6 +115886,7 @@ https://github.com/d4wner/Vulnerabilities-Report/blob/master/Single-Theater-Book https://github.com/d4wner/Vulnerabilities-Report/blob/master/Vanguard.md https://github.com/d4wner/Vulnerabilities-Report/blob/master/piwigo.md https://github.com/d4wner/Vulnerabilities-Report/blob/master/ready-made-job-site-script.md +https://github.com/d7x/CVE-2020-12432 https://github.com/da271133/cms/blob/main/29/csrf.md https://github.com/da271133/cms/blob/main/30/csrf.md https://github.com/da271133/cms/blob/main/31/csrf.md @@ -114105,37 +115897,76 @@ https://github.com/daaaalllii/cve-s/blob/main/CVE-2022-40841/poc.txt https://github.com/daaaalllii/cve-s/blob/main/CVE-2022-40842/poc.txt https://github.com/daaaalllii/cve-s/blob/main/CVE-2022-44897/poc.txt https://github.com/dahua966/Routers-vuls/blob/master/DAP-1320/vuls_poc.md +https://github.com/dahua966/Routers-vuls/blob/master/DIR-846/GuestWLanSetting_RCE.md https://github.com/dahua966/Routers-vuls/blob/master/DIR-846/vuls_info.md https://github.com/danieljiang0415/android_kernel_crash_poc +https://github.com/daodaoshao/vul_tenda_i6_1 +https://github.com/daodaoshao/vul_tenda_i6_2 +https://github.com/darkmentorllc/jackbnimble/blob/master/host/pocs/silabs_efr32_extadv_dos.py +https://github.com/darkmentorllc/jackbnimble/blob/master/host/pocs/silabs_efr32_extadv_rce.py https://github.com/darkmentorllc/jackbnimble/blob/master/host/pocs/ti_wl18xx_adv_rce.py https://github.com/datackmy/FallingSkies-CVE-2023-35885 +https://github.com/datadancer/HIAFuzz/blob/master/360%20Phone%20N6%20Pro%20Kernel%20Vuln.md https://github.com/datadancer/HIAFuzz/blob/master/CVE-2018-11020.md +https://github.com/datahub-project/datahub/security/advisories/GHSA-75p8-rgh2-r9mx +https://github.com/datahub-project/datahub/security/advisories/GHSA-fg9x-wvqw-6gmw +https://github.com/datahub-project/datahub/security/advisories/GHSA-vj59-23ww-p6c8 +https://github.com/davea42/libdwarf-code/issues/116 +https://github.com/davea42/libdwarf-code/issues/119 https://github.com/davea42/libdwarf-code/issues/132 +https://github.com/davesteele/gnome-gmail/issues/84 https://github.com/davidhalter/parso/issues/75 +https://github.com/daylightstudio/FUEL-CMS/issues/559 +https://github.com/daylightstudio/FUEL-CMS/issues/561 +https://github.com/daylightstudio/FUEL-CMS/issues/575 +https://github.com/daylightstudio/FUEL-CMS/issues/576 +https://github.com/daylightstudio/FUEL-CMS/issues/578 https://github.com/daylightstudio/FUEL-CMS/issues/584 https://github.com/daylightstudio/FUEL-CMS/issues/595 https://github.com/dayrui/xunruicms/issues/1 https://github.com/dbry/WavPack/issues/121 https://github.com/dbry/WavPack/issues/26 https://github.com/dbry/WavPack/issues/28 +https://github.com/dbry/WavPack/issues/91 https://github.com/dbt-labs/dbt-core/security/advisories/GHSA-pmrx-695r-4349 https://github.com/dbyio/cve-2022-37298 https://github.com/delta/pragyan/issues/228 https://github.com/derrekr/android_security/commit/0dd1a733e60cf5239c0a185d4219ba2ef1118a8b +https://github.com/desencrypt/CVE/blob/main/CVE-2023-38910/Readme.md +https://github.com/desencrypt/CVE/blob/main/CVE-2023-38911/Readme.md +https://github.com/desencrypt/CVE/blob/main/CVE-2023-39599/Readme.md +https://github.com/dest-3/CVE-2023-46012/tree/main https://github.com/devryan/GamePanelX-V3/issues/161 +https://github.com/dexterone/Vigor-poc +https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/csrf_add_sub.md +https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/csrf_delete_course.md https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/csrf_delete_notes.md https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/csrf_profile_notes.md https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/eahp_csrf.md +https://github.com/dhabaleshwar/niv_testing_csrf/blob/main/exploit.md +https://github.com/dhabaleshwar/niv_testing_rxss/blob/main/exploit.md https://github.com/dhammon/pfBlockerNg-CVE-2022-40624 https://github.com/dhananjay-bajaj/E107-v2.1.8-XSS-POC +https://github.com/didi-zhiyuan/vuln/blob/main/iot/Tenda/W15EV1/formDelDnsForward.md +https://github.com/didi-zhiyuan/vuln/blob/main/iot/Tenda/W15EV1/formDelWewifiPic.md +https://github.com/didi-zhiyuan/vuln/blob/main/iot/Tenda/W15EV1/formWifiFilterRulesModify.md https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs +https://github.com/disintegration/imaging/issues/165 +https://github.com/django-ses/django-ses/blob/3d627067935876487f9938310d5e1fbb249a7778/CVE/001-cert-url-signature-verification.md +https://github.com/djcsdy/swfmill/issues/56 https://github.com/djcsdy/swfmill/issues/57 https://github.com/djcsdy/swfmill/issues/58 +https://github.com/djcsdy/swfmill/issues/61 https://github.com/djcsdy/swfmill/issues/62 https://github.com/djcsdy/swfmill/issues/63 https://github.com/djcsdy/swfmill/issues/64 +https://github.com/djcsdy/swfmill/issues/65 +https://github.com/docsifyjs/docsify/issues/1126 https://github.com/dokuwiki/dokuwiki/issues/4267 +https://github.com/dom96/httpbeast/issues/95 +https://github.com/dom96/jester/issues/326 https://github.com/domainmod/domainmod/issues/66 +https://github.com/domainmod/domainmod/issues/80 https://github.com/domainmod/domainmod/issues/81 https://github.com/domainmod/domainmod/issues/82 https://github.com/domainmod/domainmod/issues/83 @@ -114143,48 +115974,92 @@ https://github.com/domainmod/domainmod/issues/84 https://github.com/domainmod/domainmod/issues/86 https://github.com/domainmod/domainmod/issues/87 https://github.com/dompdf/dompdf/security/advisories/GHSA-3cw5-7cxw-v5qg +https://github.com/dompdf/dompdf/security/advisories/GHSA-3qx2-6f78-w2j2 +https://github.com/dompdf/php-svg-lib/security/advisories/GHSA-ff5x-7qg5-vwf2 +https://github.com/dompdf/php-svg-lib/security/advisories/GHSA-jq98-9543-m4cr +https://github.com/doramart/DoraCMS/issues/256 https://github.com/dotCMS/core/issues/12131 +https://github.com/dotnetcore/AgileConfig/issues/91 https://github.com/doublefast/yunucms/issues/1 https://github.com/doudoudedi/main-DIR-816_A1_Command-injection/blob/main/injection_A1.md https://github.com/doudoudedi/main-DIR-816_A2_Command-injection/blob/main/injection.md +https://github.com/dpuenteramirez/XSS-ReferenceID-Subrion_4.2.1 +https://github.com/draco1725/POC/blob/main/Exploit/Password%20Storage%20Application/XSS +https://github.com/draco1725/POC/blob/main/Exploit/Simple%20Online%20Men's%20Salon%20Management%20System/SQL%20Injection +https://github.com/draco1725/POC/blob/main/Exploit/Simple%20Online%20Men's%20Salon%20Management%20System/Stored%20XSS https://github.com/draco1725/POC/blob/main/Exploit/Simple%20Online%20Public%20Access%20Catalog/XSS https://github.com/draco1725/POC/blob/main/Exploit/Stored%20Xss https://github.com/draco1725/POC/blob/main/Exploit/Train%20Scheduler%20App/XSS https://github.com/draco1725/Stored-XSS/blob/main/poc https://github.com/draco1725/localpriv/blob/main/poc +https://github.com/draco1725/vloggers/blob/main/poc https://github.com/drbye78/libgig/issues/1 https://github.com/drewlong/vbully https://github.com/drewnoakes/metadata-extractor/issues/561 +https://github.com/dromara/hertzbeat/security/advisories/GHSA-4576-m8px-w9qj +https://github.com/dromara/hertzbeat/security/advisories/GHSA-rrc5-qpxr-5jm2 +https://github.com/dromara/hutool/issues/3289 https://github.com/dropbox/lepton/issues/154 +https://github.com/dtorp06/jymusic/issues/1 https://github.com/dtschump/CImg/issues/184 +https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38870 +https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38872 +https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38874 +https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38876 +https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38879 +https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38882 https://github.com/dumpling-soup/Online-Catering-Reservation-DT/blob/main/README.md https://github.com/dumpling-soup/Online-Catering-Reservation/blob/main/README.md https://github.com/dumpling-soup/Simple-Image-Gallery-Web-App/blob/main/README.md https://github.com/dutchcoders/transfer.sh/issues/500 +https://github.com/duy-31/CVE-2023-51764 https://github.com/dweeves/magmi-git/issues/522 https://github.com/dwisiswant0/advisory/issues/18 https://github.com/dwisiswant0/advisory/issues/3 https://github.com/dwisiswant0/advisory/issues/5 https://github.com/dzflack/exploits/blob/master/unix/monit_buffer_overread.py https://github.com/eBPF-Research/eBPF-Attack/blob/main/PoC.md#attack-requirements +https://github.com/eProsima/Fast-DDS/issues/3236 +https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-2rq6-8j7x-frr9 +https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-3jv9-j9x3-95cg +https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-fcr6-x23w-94wp +https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-gq8g-fj58-22gm +https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-j297-rg6j-m7hx +https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-mf55-5747-c4pv +https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-v5r6-8mvh-cp98 +https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-x9pj-vrgf-f68f +https://github.com/earth2sky/Disclosed/blob/main/CVE-2022-30519 +https://github.com/easysoft/zentaopms/issues/40 https://github.com/ebel34/bpg-web-encoder/issues/1 https://github.com/ebel34/bpg-web-encoder/issues/2 +https://github.com/eclecticiq/OpenTAXII/issues/176 https://github.com/eclipse-ee4j/mojarra/files/3039198/advisory.txt https://github.com/eclipse-ee4j/mojarra/issues/4556 +https://github.com/eclipse-theia/theia/issues/7283 +https://github.com/eclipse-theia/theia/issues/8794 https://github.com/eclipse/buildship/issues/855 +https://github.com/eclipse/jetty.project/issues/10679 https://github.com/eclipse/xtext-xtend/issues/759 https://github.com/eclypsium/USBAnywhere +https://github.com/ectouch/ectouch/issues/5 https://github.com/eddietcc/CVEnotes/blob/master/MyWebSQL/CSRF/readme.md +https://github.com/edirc-wong/record/blob/main/deserialization_vulnerability_report.md https://github.com/edmarmoretti/i3geo/issues/3 +https://github.com/edmarmoretti/i3geo/issues/5 +https://github.com/eeenvik1/CVE-2023-51764 +https://github.com/efchatz/easy-exploits/tree/main/Web/TP-Link/Offline-decryption https://github.com/efchatz/easy-exploits/tree/main/Web/TP-Link/Replay +https://github.com/ehtec/phpipam-exploit https://github.com/ejdhssh/IOT_Vul https://github.com/ekultek/cve-2019-7216 https://github.com/ele7enxxh/poc-exp/tree/master/CVE-2016-5346 https://github.com/electronicbots/CVE-2021-31760 https://github.com/electronicbots/CVE-2021-31761 https://github.com/electronicbots/CVE-2021-31762 +https://github.com/elementalSec/CVE-Disclosures/blob/main/ZentaoPMS/CVE-2023-46475/CVE-2023-46475%20-%20Cross-Site%20Scripting%20(Stored).md https://github.com/elvanderb/TCP-32764 https://github.com/embedi/CVE-2017-11882 +https://github.com/emirhanerdogu/CVE-2023-47014-Sticky-Notes-App-Using-PHP-with-Source-Code-v1.0-CSRF-to-CORS/blob/main/README.md https://github.com/emirhanmtl/vuln-research/blob/main/SQLi-2-Computer-Laboratory-Management-System-PoC.md https://github.com/emirhanmtl/vuln-research/blob/main/SQLi-3-Computer-Laboratory-Management-System-PoC.md https://github.com/emirhanmtl/vuln-research/blob/main/SQLi-4-Computer-Laboratory-Management-System-PoC.md @@ -114193,45 +116068,93 @@ https://github.com/emlog/emlog/issues/195 https://github.com/emlog/emlog/issues/48 https://github.com/emlog/emlog/issues/49 https://github.com/emoncms/emoncms/issues/1652 +https://github.com/emoncms/emoncms/issues/1856 +https://github.com/emqx/nanomq/issues/1153 +https://github.com/emqx/nanomq/issues/1154 +https://github.com/emqx/nanomq/issues/1155 +https://github.com/emqx/nanomq/issues/1164 +https://github.com/emqx/nanomq/issues/1165#issue-1668648319 +https://github.com/emqx/nanomq/issues/1181 https://github.com/emremulazimoglu/cve/blob/main/CWE330-TL-WA850RE-v6.md +https://github.com/encode/starlette/security/advisories/GHSA-v5gw-mw7f-84px +https://github.com/enferex/pdfresurrect/issues/14 +https://github.com/enferex/pdfresurrect/issues/17 +https://github.com/enferex/pdfresurrect/issues/8 +https://github.com/engelsystem/engelsystem/security/advisories/GHSA-jj9g-75wf-6ppf +https://github.com/ensdomains/ens-contracts/security/advisories/GHSA-rrxv-q8m4-wch3 https://github.com/entropic-dev/entropic/issues/251 https://github.com/envoyproxy/envoy/security/advisories/GHSA-3xvf-4396-cj46 +https://github.com/envoyproxy/envoy/security/advisories/GHSA-5375-pq35-hf2g https://github.com/envoyproxy/envoy/security/advisories/GHSA-69vr-g55c-v2v4 https://github.com/envoyproxy/envoy/security/advisories/GHSA-75hv-2jjj-89hh https://github.com/envoyproxy/envoy/security/advisories/GHSA-7mhv-gr67-hq55 https://github.com/envoyproxy/envoy/security/advisories/GHSA-gxvv-x4p2-rppp https://github.com/envoyproxy/envoy/security/advisories/GHSA-h45c-2f94-prxh https://github.com/envoyproxy/envoy/security/advisories/GHSA-jfxv-29pc-x22r +https://github.com/envoyproxy/envoy/security/advisories/GHSA-m4j9-86g3-8f49 https://github.com/envoyproxy/envoy/security/advisories/GHSA-mc6h-6j9x-v3gq https://github.com/envoyproxy/envoy/security/advisories/GHSA-pvgm-7jpg-pw5g https://github.com/envoyproxy/envoy/security/advisories/GHSA-rm2p-qvf6-pvr6 https://github.com/envoyproxy/envoy/security/advisories/GHSA-rww6-8h7g-8jf6 +https://github.com/envoyproxy/envoy/security/advisories/GHSA-w5w5-487h-qv8q https://github.com/envoyproxy/envoy/security/advisories/GHSA-x74r-f4mw-c32h https://github.com/envoyproxy/envoy/security/advisories/GHSA-xcx5-93pw-jw2w +https://github.com/enzo1982/mp4v2/issues/30 +https://github.com/enzo1982/mp4v2/issues/36 +https://github.com/enzo1982/mp4v2/issues/37 https://github.com/ephort/laravel-user-enumeration-demo +https://github.com/epiphyt/embed-privacy/security/advisories/GHSA-3wv9-4rvf-w37g +https://github.com/epistemophilia/CVEs/blob/master/Epson-WorkForce-WF2861/CVE-2018-18960/poc-cve-2018-18960.py https://github.com/epistemophilia/CVEs/blob/master/Epson-WorkForce-WF2861/CVE-2018-19232/poc-cve-2018-19232.py https://github.com/epistemophilia/CVEs/blob/master/Epson-WorkForce-WF2861/CVE-2018-19248/poc-cve-2018-19248.py https://github.com/epistemophilia/CVEs/blob/master/LG-GAMP-Routers/CVE-2019-7404/poc-cve-2019-7404.py https://github.com/erberkan/SonLogger-vulns +https://github.com/erberkan/fortilogger_arbitrary_fileupload https://github.com/ereisr00/bagofbugz/blob/master/010Editor https://github.com/ereisr00/bagofbugz/blob/master/010Editor/SubStr.bt https://github.com/ereisr00/bagofbugz/blob/master/010Editor/WSubStr.bt https://github.com/ereisr00/bagofbugz/blob/master/010Editor/strcat_heap_overflow.bt https://github.com/ereisr00/bagofbugz/tree/master/CorelPaintShop2019 +https://github.com/erengozaydin/College-Management-System-course_code-SQL-Injection-Authenticated https://github.com/erengozaydin/Microfinance-Management-System-V1.0-SQL-Injection-Vulnerability-Unauthenticated https://github.com/erengozaydin/Royal-Event-Management-System-todate-SQL-Injection-Authenticated https://github.com/erikd/libsamplerate/issues/11 https://github.com/erikd/libsndfile/issues/427 https://github.com/erikd/libsndfile/issues/429 https://github.com/erikd/libsndfile/issues/456 +https://github.com/erinxocon/requests-xml/issues/7 https://github.com/erohtar/Dasherr/security/advisories/GHSA-6rgc-2x44-7phq https://github.com/erpscanteam/CVE-2018-2380 https://github.com/erpscanteam/CVE-2018-2636 +https://github.com/ersinerenler/CVE-2023-46014-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability +https://github.com/ersinerenler/CVE-2023-46015-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability +https://github.com/ersinerenler/CVE-2023-46016-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability +https://github.com/ersinerenler/CVE-2023-46017-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability +https://github.com/ersinerenler/CVE-2023-46018-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability +https://github.com/ersinerenler/CVE-2023-46019-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability +https://github.com/ersinerenler/CVE-2023-46020-Code-Projects-Blood-Bank-1.0-Stored-Cross-Site-Scripting-Vulnerability +https://github.com/ersinerenler/CVE-2023-46021-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability +https://github.com/ersinerenler/CVE-2023-46022-Code-Projects-Blood-Bank-1.0-OOB-SQL-Injection-Vulnerability +https://github.com/ersinerenler/Code-Projects-Inventory-Management-1.0/blob/main/CVE-2023-46580-Code-Projects-Inventory-Management-1.0-Stored-Cross-Site-Scripting-Vulnerability.md +https://github.com/ersinerenler/Code-Projects-Inventory-Management-1.0/blob/main/CVE-2023-46581-Code-Projects-Inventory-Management-1.0-SQL-Injection-Vulnerability.md +https://github.com/ersinerenler/Code-Projects-Inventory-Management-1.0/blob/main/CVE-2023-46582-Code-Projects-Inventory-Management-1.0-SQL-Injection-Vulnerability.md +https://github.com/ersinerenler/Code-Projects-Simple-Task-List-1.0/blob/main/CVE-2023-46023-Code-Projects-Simple-Task-List-1.0-SQL-Injection-Vulnerability.md +https://github.com/ersinerenler/phpgurukul-Teacher-Subject-Allocation-Management-System-1.0/blob/main/CVE-2023-46024-phpgurukul-Teacher-Subject-Allocation-Management-System-1.0-SQL-Injection-Vulnerability.md +https://github.com/ersinerenler/phpgurukul-Teacher-Subject-Allocation-Management-System-1.0/blob/main/CVE-2023-46025-phpgurukul-Teacher-Subject-Allocation-Management-System-1.0-SQL-Injection-Vulnerability.md +https://github.com/ersinerenler/phpgurukul-Teacher-Subject-Allocation-Management-System-1.0/blob/main/CVE-2023-46026-PHPGurukul-Teacher-Subject-Allocation-Management-System-1.0-Stored-Cross-Site-Scripting-Vulnerability.md +https://github.com/esasadam06/Simple-CRUD-Functionality-SQLi-POC +https://github.com/esnet/iperf/issues/1542 +https://github.com/espeak-ng/espeak-ng/issues/1824 +https://github.com/espeak-ng/espeak-ng/issues/1826 https://github.com/espocrm/espocrm/issues/1349 https://github.com/espocrm/espocrm/issues/1356 https://github.com/espocrm/espocrm/issues/1357 https://github.com/espocrm/espocrm/issues/1358 +https://github.com/espocrm/espocrm/security/advisories/GHSA-g955-rwxx-jvf6 https://github.com/espruino/Espruino/issues/1684 +https://github.com/espruino/Espruino/issues/1799 +https://github.com/espruino/Espruino/issues/1820 +https://github.com/espruino/Espruino/issues/2142 https://github.com/ethancunt/CVE-2022-45599 https://github.com/ethancunt/CVE-2022-45600 https://github.com/ethereum/go-ethereum/pull/16891 @@ -114255,6 +116178,11 @@ https://github.com/eyoucms/eyoucms/issues/19 https://github.com/eyoucms/eyoucms/issues/22 https://github.com/eyoucms/eyoucms/issues/24 https://github.com/eyoucms/eyoucms/issues/4 +https://github.com/eyoucms/eyoucms/issues/5 +https://github.com/eyoucms/eyoucms/issues/8 +https://github.com/eyoucms/eyoucms/issues/9 +https://github.com/facebook/proxygen/pull/466 +https://github.com/facelessuser/pymdown-extensions/security/advisories/GHSA-jh85-wwv9-24hv https://github.com/fail2ban/fail2ban/security/advisories/GHSA-m985-3f3v-cwmm https://github.com/faizzaidi/Admidio-3.2.8-CSRF-POC-by-Provensec-llc https://github.com/faizzaidi/Blackcat-cms-v1.2-xss-POC-by-Provensec-llc @@ -114263,15 +116191,22 @@ https://github.com/faizzaidi/Wolfcms-v0.8.3.1-xss-POC-by-Provensec-llc https://github.com/faizzaidi/Zurmo-Stable-3.1.1-XSS-By-Provensec-LLC https://github.com/fangqyi/cpiopwn https://github.com/farliy-hacker/Doufoxcms/issues/1 +https://github.com/fatcerberus/minisphere/commit/252c1ca184cb38e1acb917aa0e451c5f08519996 +https://github.com/fatcerberus/minisphere/pull/268 https://github.com/fbkcs/CVE-2021-35975 https://github.com/fdbao/UsualToolCMS/issues/1 +https://github.com/federella/CVE-2023-41717 https://github.com/feric/Findings/tree/main/Hiby/Web%20Server/File%20uploading https://github.com/feross/bittorrent-dht/issues/87 https://github.com/fex-team/kityminder/issues/345 https://github.com/ff4j/ff4j/issues/624 +https://github.com/fhlip0/JopinXSS https://github.com/fibonascii/CVE-2004-0558 https://github.com/filebrowser/filebrowser/issues/2570 https://github.com/filipi86/ConnectBoxDOCSIS-3.0 +https://github.com/filipkarc/PoC-ubuntutouch-pin-privesc +https://github.com/fireblocks-labs/safeheron-gg20-exploit-poc +https://github.com/fireblocks-labs/zengo-lindell17-exploit-poc https://github.com/fireeye/Vulnerability-Disclosures/blob/master/FEYE-2019-0005/FEYE-2019-0005.md https://github.com/fireeye/Vulnerability-Disclosures/blob/master/FEYE-2019-0006/FEYE-2019-0006.md https://github.com/fireeye/Vulnerability-Disclosures/blob/master/FEYE-2019-0007/FEYE-2019-0007.md @@ -114285,6 +116220,11 @@ https://github.com/firefly-iii/firefly-iii/issues/2363 https://github.com/firefly-iii/firefly-iii/issues/2364 https://github.com/firefly-iii/firefly-iii/issues/2365 https://github.com/firefly-iii/firefly-iii/issues/2366 +https://github.com/firmianay/security-issues/tree/main/app/cn.etouch.ecalendar +https://github.com/firmianay/security-issues/tree/main/app/com.sdjictec.qdmetro +https://github.com/firsov/onlyoffice +https://github.com/firsov/onlyoffice/blob/main/CVE-2023-34939-PoC.md +https://github.com/fit2cloud/rackshift/issues/79 https://github.com/fixitc/cve/blob/main/sql.md https://github.com/flankerhqd/vendor-android-cves/tree/master/SMT-CVE-2019-16253 https://github.com/flatCore/flatCore-CMS/issues/27 @@ -114292,6 +116232,7 @@ https://github.com/flatCore/flatCore-CMS/issues/39 https://github.com/flatCore/flatCore-CMS/issues/52 https://github.com/flatCore/flatCore-CMS/issues/53 https://github.com/flatCore/flatCore-CMS/issues/69 +https://github.com/fleetcaptain/integria-takeover https://github.com/flexpaper/pdf2json/issues/24 https://github.com/flexpaper/pdf2json/issues/25 https://github.com/flexpaper/pdf2json/issues/26 @@ -114305,11 +116246,19 @@ https://github.com/flexpaper/pdf2json/issues/33 https://github.com/flexpaper/pdf2json/issues/34 https://github.com/flexpaper/pdf2json/issues/35 https://github.com/flexpaper/pdf2json/issues/36 +https://github.com/flexpaper/pdf2json/issues/44 +https://github.com/flexpaper/pdf2json/issues/45 +https://github.com/flipped-aurora/gin-vue-admin/security/advisories/GHSA-5g92-6hpp-w425 https://github.com/flipped-aurora/gin-vue-admin/security/advisories/GHSA-gv3w-m57p-3wc4 +https://github.com/flipped-aurora/gin-vue-admin/security/advisories/GHSA-wrmq-4v4c-gxp2 https://github.com/flipperdevices/flipperzero-firmware/pull/1697 +https://github.com/flyyue2001/cve/blob/main/D-LINK%20-DAR-7000%E5%AD%98%E5%9C%A8sql%E6%B3%A8%E5%85%A5:sysmanage:edit_manageadmin.php.md +https://github.com/flyyue2001/cve/blob/main/D-LINK%20-DAR-7000_sql_:sysmanage:editrole.php.md +https://github.com/flyyue2001/cve/blob/main/smart_sql_updateos.md https://github.com/fmsdwifull/tp5cms/issues/6 https://github.com/fmsdwifull/tp5cms/issues/8 https://github.com/fmsh-seclab/TesMla +https://github.com/follow-redirects/follow-redirects/issues/235 https://github.com/fontforge/fontforge/issues/3087 https://github.com/fontforge/fontforge/issues/3088 https://github.com/fontforge/fontforge/issues/3089 @@ -114321,6 +116270,7 @@ https://github.com/fontforge/fontforge/issues/3096 https://github.com/fontforge/fontforge/issues/3097 https://github.com/fontforge/fontforge/issues/3098 https://github.com/forgeekscn/sftnow/issues/6 +https://github.com/fortest-1/vuln/blob/main/MonoCMS%20Blog/MonoCMS%20Blog%201.0_remote_code_execution.md https://github.com/fourcube/security-advisories/blob/main/security-advisories/20220320-tooljet.md https://github.com/fourcube/security-advisories/blob/main/security-advisories/20220321-tooljet-xss.md https://github.com/fragrant10/cve/tree/master/dbhcms1.2.0#1 @@ -114338,8 +116288,16 @@ https://github.com/fragrant10/cve/tree/master/dbhcms1.2.0#6 https://github.com/fragrant10/cve/tree/master/dbhcms1.2.0#7 https://github.com/fragrant10/cve/tree/master/dbhcms1.2.0#8 https://github.com/fragrant10/cve/tree/master/dbhcms1.2.0#9 +https://github.com/free5gc/free5gc/issues/482 +https://github.com/free5gc/free5gc/issues/483 +https://github.com/free5gc/free5gc/issues/496 +https://github.com/free5gc/free5gc/issues/501 https://github.com/freedomofpress/securedrop/issues/2238 https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-8599-x7rq-fr54 +https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-rm4c-ccvf-ff9c +https://github.com/fribidi/fribidi/issues/181 +https://github.com/friends-of-presta/security-advisories/blob/main/_posts/2023-11-09-newsletterpop.md +https://github.com/froala/wysiwyg-editor/issues/3880 https://github.com/frostming/rediswrapper/pull/1 https://github.com/fs0c-sh/nagios-xi-5.7.5-bugs/blob/main/README.md https://github.com/fs0c131y/ESFileExplorerOpenPortVuln @@ -114347,58 +116305,115 @@ https://github.com/fs0c131y/SamsungLocker https://github.com/fudforum/FUDforum/issues/2 https://github.com/fudforum/FUDforum/issues/23 https://github.com/fudforum/FUDforum/issues/24 +https://github.com/fuge/cms/issues/3 +https://github.com/funadmin/funadmin/issues/12 +https://github.com/funadmin/funadmin/issues/4 +https://github.com/funadmin/funadmin/issues/6 +https://github.com/funadmin/funadmin/issues/8 +https://github.com/funadmin/funadmin/issues/9 +https://github.com/funny-mud-peee/IoT-vuls/blob/main/dir822+/2/readme.md +https://github.com/funny-mud-peee/IoT-vuls/tree/main/dir822%2B/2 https://github.com/fuzzlove/ATutor-2.2.4-Language-Exploit https://github.com/fuzzlove/ATutor-Instructor-Backup-Arbitrary-File https://github.com/fuzzywalls/CVE-2019-10999 https://github.com/fxc233/iot-vul/blob/main/WAVLINK/WN575A3/Readme.md +https://github.com/fxc233/iot-vul/tree/main/D-Link/DIR-645 https://github.com/fxc233/iot-vul/tree/main/Tenda/IPC https://github.com/g0rx/CVE-2018-7600-Drupal-RCE +https://github.com/g1an123/POC/blob/main/README.md +https://github.com/g1an123/POC/blob/main/Unauthorized%20file%20deletion.md https://github.com/g1an123/POC/blob/main/Unauthorized%20file%20overwrite.md https://github.com/g1an123/POC/blob/main/Unauthorized%20file%20read.md +https://github.com/galaxyproject/galaxy/security/advisories/GHSA-vf5q-r8p9-35xh +https://github.com/galoget/Thruk-CVE-2023-34096 +https://github.com/gamonoid/icehrm/issues/284 +https://github.com/gamonoid/icehrm/issues/285 https://github.com/ganga-devs/ganga/commit/730e7aba192407d35eb37dd7938d49071124be8c +https://github.com/gaozhifeng/PHPMyWind/issues/11 https://github.com/gaozhifeng/PHPMyWind/issues/15 https://github.com/gaozhifeng/PHPMyWind/issues/9 https://github.com/garboa/cve_3/blob/main/Upload2.md https://github.com/garboa/cve_3/blob/main/file_put_content.md +https://github.com/gatsby2003/Shenzhen-Youkate-Industrial-Co.-Ltd/blob/main/Shenzhen%20Youkate%20Industrial%20Co.%2C%20Ltd.md +https://github.com/gatsby2003/Struts2-046/blob/main/Xiamen%20Four-Faith%20Communication%20Technology%20Co.,%20Ltd.%20video%20surveillance%20management%20system%20has%20a%20command%20execution%20vulnerability.md +https://github.com/gb111d/ns-asg_poc/ https://github.com/gdraheim/zziplib/issues/17 https://github.com/gdraheim/zziplib/issues/39 https://github.com/gdraheim/zziplib/issues/40 https://github.com/gdraheim/zziplib/issues/41 +https://github.com/gdraheim/zziplib/issues/68 +https://github.com/gdraheim/zziplib/issues/69 +https://github.com/geffner/CVE-2020-8289/blob/master/README.md +https://github.com/geffner/CVE-2020-8290/blob/master/README.md +https://github.com/geoserver/geoserver/security/advisories/GHSA-9v5q-2gwq-q9hq +https://github.com/geoserver/geoserver/security/advisories/GHSA-fh7p-5f6g-vj2w +https://github.com/gerbv/gerbv/commit/5517e22250e935dc7f86f64ad414aeae3dbcb36a +https://github.com/gerbv/gerbv/issues/191 +https://github.com/gerr-re/cve-2022-24644/blob/main/cve-2022-24644_public-advisory.pdf https://github.com/gerwout/CVE-2019-9596-and-CVE-2019-9597/blob/master/poc.html +https://github.com/getgrav/grav/commit/2eae104c7a4bf32bc26cb8073d5c40464bfda3f7 +https://github.com/getgrav/grav/security/advisories/GHSA-f9jf-4cp4-4fq5 +https://github.com/getgrav/grav/security/advisories/GHSA-xcr8-cc2j-62fc +https://github.com/ggb0n/CVE-2023-44962 https://github.com/ggfzx/OCP-Security-Misconfiguration/tree/main +https://github.com/ggg48966/cve/blob/main/D-LINK%20-DAR-7000_rce_%20webmailattach.md +https://github.com/ggg48966/cve/blob/main/NS-ASG-sql-addaddress_interpret.md +https://github.com/ggg48966/cve/blob/main/sql.md +https://github.com/gin-gonic/gin/issues/3555 https://github.com/git-for-windows/git/issues/944 https://github.com/github/cmark-gfm/security/advisories/GHSA-24f7-9frr-5h2r https://github.com/github/cmark-gfm/security/advisories/GHSA-29g3-96g3-jg6c +https://github.com/github/cmark-gfm/security/advisories/GHSA-66g8-4hjf-77xh https://github.com/github/cmark-gfm/security/advisories/GHSA-c944-cv5f-hpvr https://github.com/github/cmark-gfm/security/advisories/GHSA-r572-jvj2-3m8p https://github.com/github/securitylab/issues/669#issuecomment-1117265726 +https://github.com/github123abc123/bird/issues/1 +https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c +https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-wfm5-v35h-vwf4 https://github.com/gl-inet/CVE-issues/blob/main/3.215/Abuse_of_Functionality_leads_to_RCE.md +https://github.com/gl-inet/CVE-issues/blob/main/3.215/Arbitrary%20File%20Read%20through%20file%20share.md https://github.com/gl-inet/CVE-issues/blob/main/3.215/Arbitrary_File_Creation.md https://github.com/gl-inet/CVE-issues/blob/main/3.215/Arbitrary_File_Read.md https://github.com/gl-inet/CVE-issues/blob/main/3.215/Buffer_Overflow.md https://github.com/gl-inet/CVE-issues/blob/main/3.215/Directory_Listing.md https://github.com/gl-inet/CVE-issues/blob/main/3.215/GL-MV1000_Arbitrary_File_Creation.md https://github.com/gl-inet/CVE-issues/blob/main/3.215/SSID_Key_Disclosure.md +https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Arbitrary%20File%20Creation%20Through%20API%20upload.md https://github.com/glFusion/glfusion/issues/486 https://github.com/glennrp/libpng/issues/269 https://github.com/glennrp/libpng/issues/307 https://github.com/glennrp/libpng/issues/307#issuecomment-544779431 https://github.com/glpi-project/glpi/issues/1047 +https://github.com/gnat/nc-cms/issues/11 +https://github.com/goauthentik/authentik/security/advisories/GHSA-9qwp-jf7p-vr7h https://github.com/godotengine/godot/pull/45701 https://github.com/godotengine/godot/pull/45701/commits/403e4fd08b0b212e96f53d926e6273e0745eaa5a https://github.com/godotengine/godot/pull/45702 https://github.com/godotengine/godot/pull/45702/files +https://github.com/gogs/gogs/issues/5926 +https://github.com/goharbor/harbor/security/advisories/GHSA-mq6f-5xh5-hgcf https://github.com/golang/go/issues/23867 +https://github.com/gomarkdown/markdown/security/advisories/GHSA-m9xq-6h2j-65r2 https://github.com/gongfuxiang/schoolcms/issues/1 https://github.com/goodrain-apps/chanzhieps/issues/1 https://github.com/google/sa360-webquery-bigquery/pull/15 +https://github.com/google/security-research/security/advisories/GHSA-6vq3-w69p-w63m +https://github.com/google/security-research/security/advisories/GHSA-7f33-f4f5-xwgw +https://github.com/google/security-research/security/advisories/GHSA-9x5g-vmxf-4qj8 +https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9 +https://github.com/google/security-research/security/advisories/GHSA-g69r-8jwh-2462 https://github.com/google/security-research/security/advisories/GHSA-gg9x-v835-m48q +https://github.com/google/security-research/security/advisories/GHSA-jg27-jx6w-xwph +https://github.com/google/security-research/security/advisories/GHSA-mj4w-6495-6crx https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2 +https://github.com/gopro/gpmf-parser/issues/43 https://github.com/gopro/gpmf-parser/issues/60 https://github.com/gopro/gpmf-parser/issues/74 https://github.com/gopro/gpmf-parser/issues/75 https://github.com/gopro/gpmf-parser/issues/76 https://github.com/gopro/gpmf-parser/issues/77 +https://github.com/goreleaser/nfpm/security/advisories/GHSA-w7jw-q4fg-qc4c +https://github.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh https://github.com/gottburgm/Exploits/tree/master/CVE-2017-12149 https://github.com/gottburgm/Exploits/tree/master/CVE-2017-3169 https://github.com/gottburgm/Exploits/tree/master/CVE-2017-7679 @@ -114428,16 +116443,41 @@ https://github.com/gpac/gpac/issues/1333 https://github.com/gpac/gpac/issues/1334 https://github.com/gpac/gpac/issues/1335 https://github.com/gpac/gpac/issues/1337 +https://github.com/gpac/gpac/issues/1338 +https://github.com/gpac/gpac/issues/1339 +https://github.com/gpac/gpac/issues/1341 +https://github.com/gpac/gpac/issues/1342 +https://github.com/gpac/gpac/issues/1344 +https://github.com/gpac/gpac/issues/1345 +https://github.com/gpac/gpac/issues/1346 https://github.com/gpac/gpac/issues/1348 https://github.com/gpac/gpac/issues/1377 https://github.com/gpac/gpac/issues/1378 +https://github.com/gpac/gpac/issues/1406 +https://github.com/gpac/gpac/issues/1423 +https://github.com/gpac/gpac/issues/1440 +https://github.com/gpac/gpac/issues/1479 +https://github.com/gpac/gpac/issues/1481 +https://github.com/gpac/gpac/issues/1564 +https://github.com/gpac/gpac/issues/1565 +https://github.com/gpac/gpac/issues/1566 +https://github.com/gpac/gpac/issues/1567 +https://github.com/gpac/gpac/issues/1568 +https://github.com/gpac/gpac/issues/1569 https://github.com/gpac/gpac/issues/1574 https://github.com/gpac/gpac/issues/1586 https://github.com/gpac/gpac/issues/1587 +https://github.com/gpac/gpac/issues/1659 +https://github.com/gpac/gpac/issues/1660 +https://github.com/gpac/gpac/issues/1661 +https://github.com/gpac/gpac/issues/1662 +https://github.com/gpac/gpac/issues/1702 https://github.com/gpac/gpac/issues/1769 https://github.com/gpac/gpac/issues/1770 https://github.com/gpac/gpac/issues/1772 https://github.com/gpac/gpac/issues/1774 +https://github.com/gpac/gpac/issues/1838 +https://github.com/gpac/gpac/issues/1840 https://github.com/gpac/gpac/issues/1957 https://github.com/gpac/gpac/issues/1959 https://github.com/gpac/gpac/issues/1964 @@ -114456,30 +116496,76 @@ https://github.com/gpac/gpac/issues/2163 https://github.com/gpac/gpac/issues/2165 https://github.com/gpac/gpac/issues/2173 https://github.com/gpac/gpac/issues/2175 +https://github.com/gpac/gpac/issues/2179 https://github.com/gpac/gpac/issues/2216 +https://github.com/gpac/gpac/issues/2218 https://github.com/gpac/gpac/issues/2220 +https://github.com/gpac/gpac/issues/2223 +https://github.com/gpac/gpac/issues/2276 https://github.com/gpac/gpac/issues/2277 https://github.com/gpac/gpac/issues/2278 https://github.com/gpac/gpac/issues/2280 +https://github.com/gpac/gpac/issues/2281 https://github.com/gpac/gpac/issues/2282 +https://github.com/gpac/gpac/issues/2284 +https://github.com/gpac/gpac/issues/2285 +https://github.com/gpac/gpac/issues/2295 https://github.com/gpac/gpac/issues/2296 https://github.com/gpac/gpac/issues/2307 +https://github.com/gpac/gpac/issues/2315 +https://github.com/gpac/gpac/issues/2327 https://github.com/gpac/gpac/issues/2328 +https://github.com/gpac/gpac/issues/2337 https://github.com/gpac/gpac/issues/2338 https://github.com/gpac/gpac/issues/2339 https://github.com/gpac/gpac/issues/2340 +https://github.com/gpac/gpac/issues/2343 https://github.com/gpac/gpac/issues/2344 https://github.com/gpac/gpac/issues/2345 +https://github.com/gpac/gpac/issues/2346 https://github.com/gpac/gpac/issues/2347 +https://github.com/gpac/gpac/issues/2349 +https://github.com/gpac/gpac/issues/2350 https://github.com/gpac/gpac/issues/2353 https://github.com/gpac/gpac/issues/2354 https://github.com/gpac/gpac/issues/2355 https://github.com/gpac/gpac/issues/2356 https://github.com/gpac/gpac/issues/2357 +https://github.com/gpac/gpac/issues/2358 +https://github.com/gpac/gpac/issues/2359 https://github.com/gpac/gpac/issues/2360 +https://github.com/gpac/gpac/issues/2386 +https://github.com/gpac/gpac/issues/2388 +https://github.com/gpac/gpac/issues/2396 +https://github.com/gpac/gpac/issues/2516 https://github.com/gpac/gpac/issues/2537 +https://github.com/gpac/gpac/issues/2550 +https://github.com/gpac/gpac/issues/2567 +https://github.com/gpac/gpac/issues/2611 +https://github.com/gpac/gpac/issues/2629 +https://github.com/gpac/gpac/issues/2641 +https://github.com/gpac/gpac/issues/2642 +https://github.com/gpac/gpac/issues/2652 +https://github.com/gpac/gpac/issues/2657 +https://github.com/gpac/gpac/issues/2658 +https://github.com/gpac/gpac/issues/2661 +https://github.com/gpac/gpac/issues/2662 +https://github.com/gpac/gpac/issues/2664 +https://github.com/gpac/gpac/issues/2666 +https://github.com/gpac/gpac/issues/2669 +https://github.com/gpac/gpac/issues/2672 +https://github.com/gpac/gpac/issues/2679 +https://github.com/gpac/gpac/issues/2689 +https://github.com/gpac/gpac/issues/2698 https://github.com/gpac/gpac/issues/997 https://github.com/gpertea/gclib/issues/11 +https://github.com/gphper/ginadmin/issues/8 +https://github.com/gphper/ginadmin/issues/9 +https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f +https://github.com/grafana/bugbounty/security/advisories/GHSA-cvm3-pp2j-chr3 +https://github.com/grafana/bugbounty/security/advisories/GHSA-gxh2-6vvc-rrgp +https://github.com/grafana/bugbounty/security/advisories/GHSA-qrrg-gw7w-vp76 +https://github.com/grafana/grafana/issues/13667 https://github.com/grails/grails-core/issues/11250 https://github.com/grame-cncm/faust/issues/482 https://github.com/graphql-rust/juniper/security/advisories/GHSA-4rx6-g5vg-5f3j @@ -114488,11 +116574,27 @@ https://github.com/gravitational/teleport/releases/tag/v4.4.11 https://github.com/gravitational/teleport/releases/tag/v5.2.4 https://github.com/gravitational/teleport/releases/tag/v6.2.12 https://github.com/gravitational/teleport/releases/tag/v7.1.1 +https://github.com/grayfullbuster0804/netbox/issues/1 https://github.com/grobmeier/jjson/issues/2 https://github.com/gscamelo/TP-Link-Archer-AX10-V1/blob/main/README.md https://github.com/gteissier/CVE-2016-6271 https://github.com/gunet/openeclass/issues/11 +https://github.com/gunet/openeclass/issues/39 +https://github.com/guy-liu/yith-giftdrop +https://github.com/gventuri/pandas-ai/issues/399 +https://github.com/gventuri/pandas-ai/issues/410 https://github.com/h3llraiser/CVE-2019-15120 +https://github.com/h3llraiser/CVE-2020-25398 +https://github.com/h3llraiser/CVE-2020-25399 +https://github.com/h3xduck/TripleCross/issues/40 +https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34928.md +https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34929.md +https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34931.md +https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34932.md +https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34933.md +https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34934.md +https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34936.md +https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34937.md https://github.com/h4md153v63n/CVE-2022-40347_Intern-Record-System-phone-V1.0-SQL-Injection-Vulnerability-Unauthenticated https://github.com/h4md153v63n/CVE-2022-40348_Intern-Record-System-Cross-site-Scripting-V1.0-Vulnerability-Unauthenticated https://github.com/h4md153v63n/CVEs/blob/main/Automated_Voting_System/Automated_Voting_System-SQL_Injection-1.md @@ -114526,25 +116628,45 @@ https://github.com/hackerlib/hackerlib-vul/tree/master/potrace/heap-buffer-overf https://github.com/hackerlib/hackerlib-vul/tree/master/tcpdump-vul/heap-buffer-overflow/print-pim https://github.com/hackerlib/hackerlib-vul/tree/master/tcpdump-vul/heap-buffer-overflow/util-print https://github.com/hackmdio/codimd/issues/1263 +https://github.com/hackmdio/codimd/issues/1630 https://github.com/hackmdio/codimd/issues/1648 +https://github.com/hacksparrow/safe-eval/issues/19 +https://github.com/hacksparrow/safe-eval/issues/26 https://github.com/hacksparrow/safe-eval/issues/5 +https://github.com/hacky1997/CVE-2020-8825 https://github.com/haile01/perl_spreadsheet_excel_rce_poc https://github.com/haile01/perl_spreadsheet_excel_rce_poc/blob/main/parse_xlsx_bomb.md +https://github.com/haiwen/seafile-client/issues/1309 https://github.com/hakivvi/CVE-2022-29464 https://github.com/halfbitteam/POCs/tree/master/libtiff-4.08_tiff2ps_heap_overflow +https://github.com/halleyakina/cve/blob/main/sql.md +https://github.com/halo-dev/halo/issues/1575 https://github.com/halostatue/minitar/issues/16 https://github.com/hamkovic/Admidio-3.2.5-SQLi +https://github.com/hamm0nz/CVE-2020-18324 +https://github.com/hamm0nz/CVE-2020-18325 +https://github.com/hamm0nz/CVE-2020-18326 https://github.com/hannob/optionsbleed +https://github.com/hanxuer/crashes/blob/main/yasm/04/readme.md +https://github.com/hap-wi/roxy-wi/security/advisories/GHSA-7qqj-xhvr-46fv https://github.com/hapijs/hapi/issues/3466 +https://github.com/harry935/CVE-2023-45992 https://github.com/havok89/Hoosk/issues/63 +https://github.com/hawtio/hawtio/issues/2832 https://github.com/haxpunk1337/MDaemon-/blob/main/MDaemon%20XSS%20at%20BCC%20endpoint https://github.com/haxpunk1337/MDaemon-/blob/main/MDaemon%20XSS%20at%20CC%20endpoint https://github.com/haxpunk1337/Microstrategy-Poc/blob/main/poc +https://github.com/hedgedoc/hedgedoc/security/advisories/GHSA-7494-7hcf-vxpg https://github.com/hedgedoc/hedgedoc/security/advisories/GHSA-p528-555r-pf87 https://github.com/hedgedoc/hedgedoc/security/advisories/GHSA-pxxg-px9v-6qf3 https://github.com/heidashuai5588/cve/blob/main/upload.md https://github.com/heimdal/heimdal/issues/353 https://github.com/helloxz/imgurl/issues/75 +https://github.com/hemantsolo/CVE-Reference/blob/main/CVE-2020-29228.md +https://github.com/hemantsolo/CVE-Reference/blob/main/CVE-2020-29230.md +https://github.com/hemantsolo/CVE-Reference/blob/main/CVE-2020-29231.md +https://github.com/hemantsolo/CVE-Reference/blob/main/CVE-2020-35240.md +https://github.com/hemantsolo/CVE-Reference/blob/main/CVE-2020-35241.md https://github.com/hessandrew/CVE-2019-17124 https://github.com/hfiref0x/LightFTP/issues/5 https://github.com/hfp/libxsmm/issues/398 @@ -114552,12 +116674,24 @@ https://github.com/hfp/libxsmm/issues/402 https://github.com/hhhhu8045759/619L_upnpd_heapoverflow https://github.com/hhhhu8045759/dir_619l-buffer-overflow https://github.com/hhhhu8045759/dlink-619l-buffer_overflow +https://github.com/hhxsv5/laravel-s/issues/437 https://github.com/hi-KK/CVE-Hunter/blob/master/3.md +https://github.com/hillerlin/bycms/issues/1 +https://github.com/hillerlin/bycms/issues/3 +https://github.com/hisiphp/hisiphp/issues/10 https://github.com/hisiphp/hisiphp/issues/3 +https://github.com/hisiphp/hisiphp/issues/7 +https://github.com/hitIer/web_test/tree/master/hotel +https://github.com/hjson/hjson-java/issues/24 +https://github.com/hjson/hjson-java/issues/27 +https://github.com/hnsecurity/vulns/blob/main/HNS-2022-01-dtprintinfo.txt https://github.com/hoene/libmysofa/issues/67 https://github.com/hoene/libmysofa/issues/83 https://github.com/hoene/libmysofa/issues/84 +https://github.com/hoene/libmysofa/issues/96 https://github.com/holychang/maccms8/blob/master/xss2 +https://github.com/hongliuliao/ehttp/commit/17405b975948abc216f6a085d2d027ec1cfd5766 +https://github.com/hoppscotch/hoppscotch/security/advisories/GHSA-qpx8-wq6q-r833 https://github.com/horde/horde/commit/eb3afd14c22c77ae0d29e2848f5ac726ef6e7c5b https://github.com/horizon3ai/CVE-2022-47966 https://github.com/housamz/php-mysql-admin-panel-generator/issues/19 @@ -114566,17 +116700,29 @@ https://github.com/htacg/tidy-html5/issues/656 https://github.com/httl/httl/issues/224 https://github.com/httl/httl/issues/225 https://github.com/httpvoid/writeups/blob/main/Apple-RCE.md +https://github.com/hu1y40/PoC/blob/main/rtspserver_stackoverflow_poc.py +https://github.com/huanglei3/lrzip-next-poc/tree/main +https://github.com/huanglei3/lrzip_poc/tree/main/lrzip_heap_overflow https://github.com/hubertfarnsworth12/Generex-CS141-Authenticated-Remote-Command-Execution https://github.com/hucmosin/Python_Small_Tool/blob/master/other/DVR_POC.py +https://github.com/hundanchen69/bug_report/blob/main/vendors/janobe/Online%20Reviewer%20Management%20System/XSS-1.md https://github.com/hundredrabbits/Left/issues/167 https://github.com/hundredrabbits/Left/issues/168 https://github.com/hunzi0/VulInfo/tree/main/D-Link/DIR-816/form2IPQoSTcAdd https://github.com/hunzi0/VulInfo/tree/main/D-Link/DIR-816/form2WizardStep4 +https://github.com/hunzi0/VulInfo/tree/main/D-Link/DIR-816/form2WizardStep54 https://github.com/hunzi0/VulInfo/tree/main/D-Link/DIR-816/setRepeaterSecurity +https://github.com/hunzi0/VulInfo/tree/main/D-Link/DIR-816/setSecurity +https://github.com/hunzi0/VulInfo/tree/main/D-Link/DIR-816/setSysAdm https://github.com/hurricane618/my_cves/blob/master/router/totolink/A720R_cookie_overflow.md https://github.com/hurricane618/my_cves/blob/master/router/totolink/A720R_default_telnet_info.md https://github.com/hurricane618/my_cves/blob/master/router/totolink/A720R_leak_config_file.md https://github.com/hurricane618/my_cves/blob/master/router/totolink/A720R_login_bypass.md +https://github.com/husterdjx/cve/blob/main/sql1.md +https://github.com/hyperledger/fabric/security/advisories/GHSA-v9w2-543f-h69m +https://github.com/hyperledger/indy-node/blob/master/CHANGELOG.md#1123 +https://github.com/hyperledger/indy-node/blob/master/CHANGELOG.md#1124 +https://github.com/hyperledger/indy-node/security/advisories/GHSA-wh2w-39f4-rpv2 https://github.com/hyyyp/HYBBS2/issues/3 https://github.com/hyyyp/HYBBS2/issues/33 https://github.com/hyyyp/HYBBS2/issues/34 @@ -114585,12 +116731,25 @@ https://github.com/i3umi3iei3ii/CentOS-Control-Web-Panel-CVE/blob/master/CVE-201 https://github.com/ibey0nd/CVE/blob/master/CMS%20Made%20Simple%20Stored%20XSS%202.md https://github.com/ibey0nd/CVE/blob/master/CMS%20Made%20Simple%20Stored%20XSS.md https://github.com/icepng/PoC/tree/master/PoC1 +https://github.com/iceyjchen/VulnerabilityProjectRecords/blob/main/setPasswordCfg_admpass/setPasswordCfg_admpass.md https://github.com/icon-project/loopchain/issues/231 +https://github.com/idcos/Cloudboot/issues/22 https://github.com/illagrenan/django-make-app/issues/5 https://github.com/ilsani/rd/tree/master/security-advisories/faststone/maxview-cve-2017-6078 +https://github.com/imapsync/imapsync/issues/399 https://github.com/imp0wd3r/vuln-papers/tree/master/zencart-155e-auth-rce https://github.com/imsebao/404team/blob/master/zorovavi-blog-sql-injection.md +https://github.com/indutny/elliptic/issues/226 +https://github.com/inflixim4be/Brute-Force-on-Umanni-RH +https://github.com/inflixim4be/CVE-2020-15367 +https://github.com/inflixim4be/CVE-2020-15392 +https://github.com/inflixim4be/User-Enumeration-on-Umanni-RH https://github.com/informalsystems/tendermint-rs/security/advisories/GHSA-xqqc-c5gw-c5r5 +https://github.com/input-output-hk/hydra/blob/master/CHANGELOG.md#0120---2023-08-18 +https://github.com/input-output-hk/hydra/blob/master/CHANGELOG.md#0130---2023-10-03 +https://github.com/input-output-hk/hydra/security/advisories/GHSA-6x9v-7x5r-w8w6 +https://github.com/input-output-hk/hydra/security/advisories/GHSA-9m8q-7wxv-v65p +https://github.com/input-output-hk/hydra/security/advisories/GHSA-mgcx-6p7h-5996 https://github.com/instantsoft/icms2/security/advisories/GHSA-6v3c-p92q-prfq https://github.com/instantsoft/icms2/security/advisories/GHSA-qx95-w566-73fw https://github.com/intelliants/subrion/issues/467 @@ -114598,45 +116757,67 @@ https://github.com/intelliants/subrion/issues/479 https://github.com/intelliants/subrion/issues/570 https://github.com/intelliants/subrion/issues/638 https://github.com/intelliants/subrion/issues/762 +https://github.com/intelliants/subrion/issues/817 https://github.com/intelliants/subrion/issues/821 https://github.com/intelliants/subrion/issues/845 https://github.com/intridea/omniauth-oauth2/pull/25 +https://github.com/invernyx/smartcars-3-bugs/security/advisories/GHSA-hx8p-f8h7-5h78 +https://github.com/invisiblebyte/CVE-2023-46694 https://github.com/invoiceninja/invoiceninja/issues/1727 +https://github.com/iohex/ZZCMS/blob/master/zzcms2019_login_xss.md https://github.com/ionize/ionize/issues/393 https://github.com/iot-firmeware/-Router-vulnerability/tree/main/AX12 https://github.com/iot-firmeware/-Router-vulnerability/tree/main/Tenda%20AC9 +https://github.com/ipython/ipython/security/advisories/GHSA-29gw-9793-fvw7 +https://github.com/ipython/ipython/security/advisories/GHSA-pq7m-3gw7-gq5x https://github.com/ireader/media-server/issues/235 https://github.com/irontec/sngrep/issues/430 https://github.com/irontec/sngrep/issues/431 https://github.com/irql0/CVE-2021-31728/blob/master/CVE-2021-31727.md https://github.com/irql0/CVE-2021-31728/blob/master/CVE-2021-31728.md https://github.com/irsl/ADB-Backup-APK-Injection/ +https://github.com/irsl/CVE-2020-1967 https://github.com/irsl/gnu-patch-vulnerabilities https://github.com/irsl/jackson-rce-via-spel/ https://github.com/irsl/knc-memory-exhaustion/ https://github.com/isBigChen/iot/blob/main/tenda/formSetSafeWanWebMan.md https://github.com/ismailerkek/CVEs/blob/main/CVE-2020-19762-RESERVED.md +https://github.com/istlnight/cve/blob/main/NS-ASG-sql-uploadiscgwrouteconf.md https://github.com/itext/itext7/pull/78 https://github.com/itext/itext7/pull/78#issuecomment-1089279222 https://github.com/itext/itext7/pull/78#issuecomment-1089282165 https://github.com/itext/itext7/pull/78#issuecomment-1089287808 +https://github.com/itodaro/WhiteSharkSystem_cve https://github.com/itodaro/cve/blob/master/README.md https://github.com/itodaro/doorGets_cve +https://github.com/itssixtyn3in/CVE-2023-42222 +https://github.com/itzmehedi/Hostel-searching-project-using-PHP-Mysql/issues/1 https://github.com/ivoschyk-cs/CVE-s/blob/master/Email%20Subscribers%20%26%20Newsletters%20Wordpress%20Plugin%20(XSS) https://github.com/ixSly/CVE-2022-41401 https://github.com/jacobwb/hashover-next/issues/152 +https://github.com/jact/openclinic/issues/8 https://github.com/jadacheng/vulnerability/blob/master/Metinfo6.x/MetInfo.md +https://github.com/jaegertracing/jaeger-ui/security/advisories/GHSA-vv24-rm95-q56r https://github.com/jakgibb/nagiosxi-root-rce-exploit +https://github.com/jamesagnew/hapi-fhir/issues/2026 +https://github.com/janino-compiler/janino/issues/201 https://github.com/jarradseers/config-handler/issues/1 https://github.com/jasonjoh/php-calendar/issues/4 https://github.com/jasper-software/jasper/commit/41f214b121b837fa30d9ca5f2430212110f5cd9b +https://github.com/jasper-software/jasper/issues/252 +https://github.com/jasper-software/jasper/issues/259 https://github.com/jasper-software/jasper/issues/264 https://github.com/jasper-software/jasper/issues/265 +https://github.com/jasper-software/jasper/issues/338 +https://github.com/jasper-software/jasper/issues/367 https://github.com/jasper-software/jasper/issues/381 +https://github.com/javadelight/delight-nashorn-sandbox/issues/135 +https://github.com/jaygreig86/dmitry/issues/4 https://github.com/jayus0821/insight/blob/master/ClipperCMS%20SSRF.md https://github.com/jayus0821/insight/blob/master/ClipperCMS%20SSRF2.md https://github.com/jayus0821/insight/blob/master/iCMS%20SSRF.md https://github.com/jayus0821/uai-poc/blob/main/ASUS/RT-N53/command%20injection.md +https://github.com/jayus0821/uai-poc/blob/main/Netgear/WNAP320/unauth.md https://github.com/jayus0821/uai-poc/blob/main/Trendnet/IP-110wn/xss1.md https://github.com/jayus0821/uai-poc/blob/main/Trendnet/IP-110wn/xss2.md https://github.com/jbaines-r7/theway @@ -114645,17 +116826,31 @@ https://github.com/jbeder/yaml-cpp/issues/657 https://github.com/jbeder/yaml-cpp/issues/660 https://github.com/jboogie15/CVE-2021-38149 https://github.com/jcarabantes/Bus-Vulnerabilities +https://github.com/jcubic/jquery.terminal/issues/727 +https://github.com/je6k/ctf-challenges/blob/master/poc.txt https://github.com/jeecgboot/jeecg-boot/issues/4125 https://github.com/jeecgboot/jeecg-boot/issues/4126 https://github.com/jeecgboot/jeecg-boot/issues/4127 https://github.com/jeecgboot/jeecg-boot/issues/4128 https://github.com/jeffssh/CVE-2021-30860 +https://github.com/jenaye/KumbiaPHP- https://github.com/jenaye/PMB +https://github.com/jenaye/aapanel +https://github.com/jenaye/cve/blob/master/readme.MD +https://github.com/jenaye/pligg/blob/master/README.md +https://github.com/jensregel/Advisories/tree/master/CVE-2020-12608 https://github.com/jerryhanjj/ERP/issues/3 https://github.com/jerryscript-project/jerryscript/issues/2008 https://github.com/jerryscript-project/jerryscript/issues/2140 +https://github.com/jerryscript-project/jerryscript/issues/3785 +https://github.com/jerryscript-project/jerryscript/issues/3804 +https://github.com/jerryscript-project/jerryscript/issues/3976 +https://github.com/jerryscript-project/jerryscript/issues/3977 https://github.com/jerryscript-project/jerryscript/issues/4445 https://github.com/jerryscript-project/jerryscript/issues/4793 +https://github.com/jerryscript-project/jerryscript/issues/4847 +https://github.com/jerryscript-project/jerryscript/issues/4871 +https://github.com/jerryscript-project/jerryscript/issues/4872 https://github.com/jerryscript-project/jerryscript/issues/4875 https://github.com/jerryscript-project/jerryscript/issues/4876 https://github.com/jerryscript-project/jerryscript/issues/4882 @@ -114663,6 +116858,7 @@ https://github.com/jerryscript-project/jerryscript/issues/4890 https://github.com/jerryscript-project/jerryscript/issues/4891 https://github.com/jerryscript-project/jerryscript/issues/4894 https://github.com/jerryscript-project/jerryscript/issues/4895 +https://github.com/jerryscript-project/jerryscript/issues/4901 https://github.com/jerryscript-project/jerryscript/issues/4916 https://github.com/jerryscript-project/jerryscript/issues/5061 https://github.com/jerryscript-project/jerryscript/issues/5062 @@ -114673,6 +116869,8 @@ https://github.com/jerryscript-project/jerryscript/issues/5069 https://github.com/jerryscript-project/jerryscript/issues/5070 https://github.com/jerryscript-project/jerryscript/issues/5073 https://github.com/jerryscript-project/jerryscript/issues/5076 +https://github.com/jerryscript-project/jerryscript/issues/5084 +https://github.com/jerryscript-project/jerryscript/issues/5092 https://github.com/jerryscript-project/jerryscript/issues/5114 https://github.com/jerryscript-project/jerryscript/issues/5132 https://github.com/jerryscript-project/jerryscript/issues/5133 @@ -114680,9 +116878,14 @@ https://github.com/jerryscript-project/jerryscript/issues/5135 https://github.com/jet-pentest/CVE-2022-39838 https://github.com/jettison-json/jettison/issues/52 https://github.com/jettison-json/jettison/issues/54 +https://github.com/jflyfox/jfinal_cms/issues/54 https://github.com/jhipster/generator-jhipster/issues/10401 https://github.com/jhipster/jhipster-kotlin/issues/183 +https://github.com/jianyan74/TinyShop/issues/14 +https://github.com/jiaofj/cms/blob/main/There%20is%20a%20storage%20based%20XSS%20in%20the%20article%20management%20department.md +https://github.com/jmrozanec/cron-utils/issues/461 https://github.com/jmurty/java-xmlbuilder/issues/6 +https://github.com/joaquimserafim/json-web-token/security/advisories/GHSA-4xw9-cx39-r355 https://github.com/jofpin/trape/issues/168 https://github.com/jofpin/trape/issues/169 https://github.com/johnawm/vulner-box/blob/master/TRENDNet/TEW-820AP/02/README.md @@ -114691,15 +116894,21 @@ https://github.com/joinia/webray.com.cn/blob/main/Canteen-Management-System/Cant https://github.com/joinia/webray.com.cn/blob/main/Canteen-Management-System/Canteensql2.md https://github.com/joinia/webray.com.cn/blob/main/Clinic's-Patient-Management-System/cpms.md https://github.com/joinia/webray.com.cn/blob/main/Clinic's-Patient-Management-System/cpmssql.md +https://github.com/joinia/webray.com.cn/blob/main/Loan-Management-System/lmssql%20-%20deleteuser.md https://github.com/joinia/webray.com.cn/blob/main/URVE/URVE%20Web%20Manager%20upload.php%20File%20upload%20vulnerability.md https://github.com/joinia/webray.com.cn/blob/main/URVE/URVE%20Web%20Manager%20uploader.php%20%20File%20upload%20vulnerability.md +https://github.com/joinia/webray.com.cn/blob/main/lead-management-system/leadmanasql.md https://github.com/joinia/webray.com.cn/blob/main/php-bank/phpbanksql.md https://github.com/jollheef/libreoffice-remote-arbitrary-file-disclosure https://github.com/jonschlinkert/remarkable/issues/331 +https://github.com/josdejong/jsoneditor/issues/1029 https://github.com/josdejong/mathjs/blob/master/HISTORY.md#2017-11-18-version-3170 +https://github.com/jpadilla/pyjwt/security/advisories/GHSA-ffqj-6fqr-9h24 +https://github.com/jqlang/jq/security/advisories/GHSA-686w-5m7m-54vc https://github.com/jqueryfiletree/jqueryfiletree/issues/66 https://github.com/jra89/CVE-2019-19576 https://github.com/jra89/CVE-2019-19634 +https://github.com/jselliott/CVE-2023-38891 https://github.com/jshafer817/Eaglesoft https://github.com/jsmitty12/phpWhois/blob/master/CHANGELOG.md https://github.com/json-c/json-c/issues/654 @@ -114708,8 +116917,12 @@ https://github.com/jsummers/imageworsener/issues/15 https://github.com/jsummers/imageworsener/issues/30 https://github.com/jsummers/imageworsener/issues/34 https://github.com/jtdowney/private_address_check/issues/1 +https://github.com/jtesta/gog_galaxy_client_service_poc +https://github.com/jtesta/gog_galaxy_client_service_poc/issues/1#issuecomment-926932218 +https://github.com/jucktnich/meldekarten-generator/security/advisories/GHSA-f2gp-85cr-vgj7 https://github.com/julio-cfa/CVE-2024-33438 https://github.com/jumpycastle/xmlrpc.net-poc +https://github.com/junrar/junrar/issues/73 https://github.com/jusstSahil/CSRF-/blob/main/POC https://github.com/justdan96/tsMuxer/issues/395 https://github.com/justdan96/tsMuxer/issues/423 @@ -114719,9 +116932,15 @@ https://github.com/justdan96/tsMuxer/issues/427 https://github.com/justdan96/tsMuxer/issues/428 https://github.com/justdan96/tsMuxer/issues/432 https://github.com/justdan96/tsMuxer/issues/436 +https://github.com/justdan96/tsMuxer/issues/641 +https://github.com/justdan96/tsMuxer/issues/778 +https://github.com/justdan96/tsMuxer/issues/780 +https://github.com/justinas/nosurf/pull/60 https://github.com/justinhunt/moodle-filter_poodll/issues/23 https://github.com/justinsteven/advisories/blob/master/2017_rbenv_ruby_version_directory_traversal.md https://github.com/justinsteven/advisories/blob/master/2017_rvm_cd_command_execution.md +https://github.com/juweihuitao/MpOperationLogs/ +https://github.com/k-takata/Onigmo/issues/132 https://github.com/k-takata/Onigmo/issues/139 https://github.com/k0keoyo/CVE-2017-0038-EXP-C-JS https://github.com/k0keoyo/Driver-Loaded-PoC/tree/master/IKARUS-Antivirus/Memory_Corruption_1_0x83000084 @@ -114748,30 +116967,58 @@ https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/purchase-order- https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/purchase-order-management-system/SQLi-1.md https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/purchase-order-management-system/SQLi-2.md https://github.com/kagancapar/CVE-2022-29072 +https://github.com/kaisersource/kaisersource.github.io/blob/main/_posts/2021-01-17-dsl-n14u.md +https://github.com/kalcaddle/KodExplorer/issues/482 https://github.com/kaltura/server/issues/5303 +https://github.com/kanboard/kanboard/security/advisories/GHSA-8qvf-9847-gpc9 +https://github.com/kanboard/kanboard/security/advisories/GHSA-9gvq-78jp-jxcx +https://github.com/kanboard/kanboard/security/advisories/GHSA-gf8r-4p6m-v8vr +https://github.com/kanboard/kanboard/security/advisories/GHSA-r36m-44gg-wxg2 +https://github.com/kanboard/kanboard/security/advisories/GHSA-wfch-8rhv-v286 https://github.com/kanboard/kanboard/security/advisories/GHSA-x8v7-3ghx-65cv +https://github.com/kaoudis/advisories/blob/main/0-2021.md https://github.com/kashimAstro/SimpleNetwork/issues/22 +https://github.com/kbgsft/vuln-dext5upload/wiki/File-Download-Vulnerability-in-DEXT5Upload-2.7.1262310-by-xcuter https://github.com/kbni/owlky +https://github.com/keepassxreboot/keepassxc/discussions/9433 +https://github.com/keepinggg/poc/blob/main/poc_of_swfdump/poc https://github.com/keepinggg/poc/tree/main/poc_of_lunasvg +https://github.com/keepinggg/poc/tree/main/poc_of_swfdump +https://github.com/keheying/onekeyadmin/issues/8 https://github.com/kekingcn/kkFileView/issues/347 https://github.com/kekingcn/kkFileView/issues/366 https://github.com/kekingcn/kkFileView/issues/370 https://github.com/kekingcn/kkFileView/issues/389 https://github.com/kekingcn/kkFileView/issues/392 +https://github.com/kermitt2/pdf2xml/issues/10 +https://github.com/kermitt2/pdf2xml/issues/11 +https://github.com/kermitt2/pdf2xml/issues/14 +https://github.com/kermitt2/pdf2xml/issues/15 https://github.com/kermitt2/pdfalto/issues/46 https://github.com/kevinboone/epub2txt2/issues/22 https://github.com/kevins1022/cve/blob/master/wordpress-Easy-Testimonials.md https://github.com/kevins1022/cve/blob/master/wordpress-event-list.md https://github.com/kevins1022/cve/blob/master/wordpress-product-catalog.md +https://github.com/kevva/decompress/issues/71 https://github.com/keycloak/keycloak/issues/9247 https://github.com/khmk2k/CVE-2023-31753/ +https://github.com/kimai/kimai/security/advisories/GHSA-fjhg-96cp-6fcw +https://github.com/kindsoft/kindeditor/issues/321 https://github.com/kings-way/deepinhack/blob/master/dde_daemon_poc.py https://github.com/kirillwow/ids_bypass https://github.com/kishan0725/Hospital-Management-System/issues/17 +https://github.com/kishan0725/Hospital-Management-System/issues/22 https://github.com/kishan0725/Hospital-Management-System/issues/23 +https://github.com/kiwitcms/Kiwi/security/advisories/GHSA-cw6r-6ccx-5hwx +https://github.com/kjur/jsrsasign/issues/437 +https://github.com/kjur/jsrsasign/issues/438 +https://github.com/kjur/jsrsasign/issues/439 https://github.com/kk98kk0/exploit/issues/1 https://github.com/kk98kk0/exploit/issues/2 +https://github.com/kk98kk0/exploit/issues/3 https://github.com/kkent030315/CVE-2022-42046 +https://github.com/kkent030315/evil-mhyprot-cli +https://github.com/kkos/oniguruma/issues/147 https://github.com/kkos/oniguruma/issues/162 https://github.com/kkos/oniguruma/issues/163 https://github.com/kkos/oniguruma/issues/164 @@ -114793,8 +117040,13 @@ https://github.com/knik0/faad2/issues/58 https://github.com/knik0/faad2/issues/59 https://github.com/knik0/faad2/issues/60 https://github.com/knik0/faad2/issues/62 +https://github.com/kobezzza/Collection/issues/27 https://github.com/kohler/gifsicle/issues/140 +https://github.com/kohler/gifsicle/issues/196 +https://github.com/kohler/gifsicle/issues/65 +https://github.com/korzio/djv/pull/98/files https://github.com/koto/exceed-mitm +https://github.com/kpz-wm/cve/blob/main/sql.md https://github.com/krb5/krb5/commit/102bb6ebf20f9174130c85c3b052ae104e5073ec https://github.com/krb5/krb5/commit/3db8dfec1ef50ddd78d6ba9503185995876a39fd https://github.com/krb5/krb5/commit/524688ce87a15fc75f87efc8c039ba4c7d5c197b @@ -114812,6 +117064,11 @@ https://github.com/krb5/krb5/commit/e6ae703ae597d798e310368d52b8f38ee11c6a73 https://github.com/krb5/krb5/commit/f0c094a1b745d91ef2f9a4eae2149aac026a5789 https://github.com/krb5/krb5/commit/f18ddf5d82de0ab7591a36e465bc24225776940f https://github.com/kubernetes/kubernetes/issues/61297 +https://github.com/kubernetes/kubernetes/issues/92914 +https://github.com/kubernetes/kubernetes/issues/97076 +https://github.com/kubevirt/kubevirt/issues/9109 +https://github.com/kvz/locutus/pull/418/ +https://github.com/kyl3song/CVE/tree/main/CVE-2022-23332 https://github.com/kyrie403/Vuln/blob/master/74cms/74cms%20v5.0.1%20remote%20code%20execution.md https://github.com/kyrie403/Vuln/blob/master/Cobub%20Razor/Cobub%20Razor%20-%20file%20upload%20vulnerability.md https://github.com/kyrie403/Vuln/blob/master/zzzcms/zzzphp%20v1.6.3%20write%20file%20with%20dangerous%20type.md @@ -114819,36 +117076,70 @@ https://github.com/kyz/libmspack/commit/2f084136cfe0d05e5bf5703f3e83c6d955234b4d https://github.com/kyz/libmspack/issues/27 https://github.com/l0nax/CVE-2019-15053 https://github.com/l0nax/CVE-2019-15233 +https://github.com/l3m0nade/IOTvul/blob/master/compare_parentcontrol_time.md +https://github.com/l3m0nade/IOTvul/blob/master/fromSetWifiGusetBasic.md +https://github.com/l3m0nade/IOTvul/blob/master/get_parentControl_list_Info.md +https://github.com/l3m0nade/IOTvul/blob/master/sub_47D878.md +https://github.com/l3m0nade/IOTvul/blob/master/sub_49E098.md +https://github.com/l4rRyxz/CVE-Disclosures/blob/main/CVE-2023-33268.md +https://github.com/l4rRyxz/CVE-Disclosures/blob/main/CVE-2023-33269.md +https://github.com/l4rRyxz/CVE-Disclosures/blob/main/CVE-2023-33270.md +https://github.com/l4rRyxz/CVE-Disclosures/blob/main/CVE-2023-33271.md +https://github.com/l4rRyxz/CVE-Disclosures/blob/main/CVE-2023-33272.md +https://github.com/l4rRyxz/CVE-Disclosures/blob/main/CVE-2023-33273.md https://github.com/labapart/gattlib/issues/81 https://github.com/labapart/gattlib/issues/82 +https://github.com/labring/laf/security/advisories/GHSA-g9c8-wh35-g75f +https://github.com/labring/laf/security/advisories/GHSA-hv2g-gxx4-fwxp +https://github.com/labring/sealos/security/advisories/GHSA-74j8-w7f9-pp62 +https://github.com/labring/sealos/security/advisories/GHSA-vpxf-q44g-w34w https://github.com/labstack/echo/pull/1718 https://github.com/ladybirdweb/faveo-helpdesk/issues/446 https://github.com/lakshaya0557/POCs/blob/main/POC https://github.com/landley/toybox/issues/346 +https://github.com/lane711/sonicjs/pull/183 +https://github.com/langchain-ai/langchain/issues/7700 +https://github.com/langchain-ai/langchain/issues/8363 https://github.com/langhsu/mblog/issues/27 https://github.com/laoquanshi/Chic-Vulnerability- https://github.com/laotun-s/POC/blob/main/CVE-2022-31382.txt https://github.com/laotun-s/POC/blob/main/CVE-2022-31383.txt https://github.com/laotun-s/POC/blob/main/CVE-2022-31384.txt +https://github.com/laotun-s/POC/blob/main/CVE-2022-32993.txt +https://github.com/laurent22/joplin/commit/9c20d5947d1fa4678a8b640792ff3d31224f0adf +https://github.com/laurent22/joplin/issues/500 https://github.com/laurent22/joplin/issues/6004 https://github.com/laurent22/joplin/releases/tag/v2.9.17 https://github.com/lazyphp/PESCMS-TEAM/issues/7 https://github.com/lazyphp/PESCMS-TEAM/issues/7, +https://github.com/lcyfrank/VulnRepo/tree/master/IoT/Tenda/1 https://github.com/lcyfrank/VulnRepo/tree/master/IoT/Tenda/3 +https://github.com/lcyfrank/VulnRepo/tree/master/IoT/Tenda/4 +https://github.com/lcyfrank/VulnRepo/tree/master/IoT/Tenda/5 https://github.com/lcyfrank/VulnRepo/tree/master/IoT/Tenda/6 +https://github.com/ldarren/QuickJS/issues/11 https://github.com/ldenoue/pdftojson/issues/3 https://github.com/ldenoue/pdftojson/issues/4 https://github.com/learnsec6/test/issues/1 +https://github.com/leecybersec/bug-report/tree/main/sourcecodester/oretnom23/hrm/employee-view-xss https://github.com/leecybersec/bug-report/tree/main/sourcecodester/oretnom23/hrm/employeeadd-sqli +https://github.com/leekenghwa/CVE-2023-33817---SQL-Injection-found-in-HotelDruid-3.0.5 +https://github.com/leerina/vulnerability/blob/master/Fuel%20CMS%201.4.8%20SQLi%20vulnerability.txt https://github.com/leesavide/abcm2ps/issues/84 https://github.com/leesavide/abcm2ps/issues/85 https://github.com/lemon666/vuln/blob/master/MetInfo5.3.md +https://github.com/lemon666/vuln/blob/master/Phpshe1.7_sql1.md https://github.com/leonW7/D-Link/blob/master/Vul_1.md https://github.com/leonW7/D-Link/blob/master/Vul_2.md https://github.com/leonW7/D-Link/blob/master/Vul_3.md https://github.com/leonW7/D-Link/blob/master/Vul_4.md https://github.com/leonW7/D-Link/blob/master/Vul_5.md https://github.com/leonW7/D-Link/blob/master/Vul_6.md +https://github.com/leona4040/PSG-6528VM-xss/blob/master/README.md +https://github.com/leonardobg/CVE-2022-24654 +https://github.com/leonardobg/CVE-2023-36143 +https://github.com/leonardobg/CVE-2023-36144 +https://github.com/leonardobg/CVE-2023-36146/#readme https://github.com/leonhad/pdftools/issues/1 https://github.com/leonhad/pdftools/issues/2 https://github.com/leonhad/pdftools/issues/3 @@ -114857,15 +117148,24 @@ https://github.com/leonhad/pdftools/issues/6 https://github.com/leonzhao7/vulnerability/blob/master/An%20Out-of-Bounds%20Read%20%28DoS%29%20Vulnerability%20in%20hevc.c%20of%20libbpg.md https://github.com/leonzhao7/vulnerability/blob/master/An%20integer%20underflow%20vulnerability%20in%20sao_filter_CTB%20of%20libbpg.md https://github.com/lexborisov/myhtml/issues/175 +https://github.com/li-yu320/cms/blob/main/There%20is%20a%20CSRF%20present%20at%20the%20new%20location%20of%20the%20rotation%20image.md https://github.com/liang-junkai/Fault-injection-of-ML-DSA +https://github.com/liang-junkai/Relic-bbs-fault-injection +https://github.com/libarchive/libarchive/issues/1754 https://github.com/libarchive/libarchive/issues/834 https://github.com/libarchive/libarchive/issues/835 +https://github.com/libass/libass/issues/422 +https://github.com/libass/libass/issues/422#issuecomment-806002919 +https://github.com/libass/libass/issues/423 +https://github.com/libass/libass/issues/431 https://github.com/libconfuse/libconfuse/issues/163 https://github.com/libevent/libevent/commit/329acc18a0768c21ba22522f01a5c7f46cacc4d5 https://github.com/libevent/libevent/commit/ec65c42052d95d2c23d1d837136d1cf1d9ecef9e https://github.com/libevent/libevent/issues/318 https://github.com/libevent/libevent/issues/332 https://github.com/libexif/exif/issues/4 +https://github.com/libexpat/libexpat/pull/558 +https://github.com/libexpat/libexpat/pull/559 https://github.com/libgd/libgd/issues/215 https://github.com/libgd/libgd/issues/248 https://github.com/libgd/libgd/issues/308 @@ -114877,9 +117177,12 @@ https://github.com/libimobiledevice/libplist/issues/95 https://github.com/libimobiledevice/libplist/issues/98 https://github.com/libimobiledevice/libplist/issues/99 https://github.com/libjpeg-turbo/libjpeg-turbo/issues/167 +https://github.com/libjpeg-turbo/libjpeg-turbo/issues/392 https://github.com/libjxl/libjxl/issues/1477 +https://github.com/libjxl/libjxl/issues/422 https://github.com/liblouis/liblouis/issues/1171 https://github.com/liblouis/liblouis/issues/1214 +https://github.com/liblouis/liblouis/issues/1301 https://github.com/libming/libming/issues/109 https://github.com/libming/libming/issues/110 https://github.com/libming/libming/issues/111 @@ -114906,6 +117209,8 @@ https://github.com/libming/libming/issues/173 https://github.com/libming/libming/issues/178 https://github.com/libming/libming/issues/190 https://github.com/libming/libming/issues/191 +https://github.com/libming/libming/issues/196 +https://github.com/libming/libming/issues/197 https://github.com/libming/libming/issues/201 https://github.com/libming/libming/issues/202 https://github.com/libming/libming/issues/203 @@ -114914,16 +117219,26 @@ https://github.com/libming/libming/issues/205 https://github.com/libming/libming/issues/218 https://github.com/libming/libming/issues/235 https://github.com/libming/libming/issues/236 +https://github.com/libming/libming/issues/267 +https://github.com/libming/libming/issues/268 +https://github.com/libming/libming/issues/273 https://github.com/libming/libming/issues/85 https://github.com/libming/libming/issues/86 https://github.com/libming/libming/issues/97 https://github.com/libofx/libofx/issues/22 +https://github.com/librenms/librenms/issues/9170 +https://github.com/librenms/librenms/security/advisories/GHSA-rq42-58qf-v3qx +https://github.com/libsndfile/libsndfile/issues/687 https://github.com/libsndfile/libsndfile/issues/731 +https://github.com/libsndfile/libsndfile/issues/789 https://github.com/libtom/libtomcrypt/issues/507 https://github.com/libxls/libxls/issues/94 +https://github.com/libyal/libexe/issues/1 https://github.com/libyal/libfwsi/issues/13 https://github.com/libyal/liblnk/issues/38 https://github.com/libyal/liblnk/issues/40 +https://github.com/libyal/libpff/issues/61 +https://github.com/libyal/libpff/issues/62 https://github.com/lichti/shodan-portainer/ https://github.com/lief-project/LIEF/issues/1038 https://github.com/lief-project/LIEF/issues/449 @@ -114934,7 +117249,12 @@ https://github.com/lief-project/LIEF/issues/766 https://github.com/lief-project/LIEF/issues/767 https://github.com/lief-project/LIEF/issues/781 https://github.com/lief-project/LIEF/issues/782 +https://github.com/liftoff/GateOne/issues/736 https://github.com/lihonghuyang/vulnerability/blob/master/dl_sendsms.php.md +https://github.com/linchuzhu/Dedecms-v5.7.101-RCE +https://github.com/linuxdeepin/developer-center/security/advisories/GHSA-q9jr-726g-9495 +https://github.com/linuxdeepin/developer-center/security/advisories/GHSA-rw5r-8p9h-3gp2 +https://github.com/linzc21/bug-reports/blob/main/reports/jq/1.7-37-g88f01a7/heap-buffer-overflow/CVE-2023-49355.md https://github.com/liong007/ZZCMS/issues/2 https://github.com/liong007/Zed-3/issues/1 https://github.com/liske/needrestart/releases/tag/v3.6 @@ -114942,45 +117262,89 @@ https://github.com/litespeedtech/openlitespeed/issues/117 https://github.com/litespeedtech/openlitespeed/issues/217 https://github.com/lithonn/bug-report/tree/main/vendors/oretnom23/bsms_ci/stored-xss https://github.com/liu21st/onethink/issues/40 +https://github.com/liufee/cms/issues/43 +https://github.com/liufee/cms/issues/45 https://github.com/liufee/cms/issues/57 https://github.com/liufee/feehicms/issues/4 https://github.com/livehybrid/poc-cribl-rce https://github.com/liyansong2018/CVE/tree/main/2021/CVE-2021-34201 https://github.com/liyansong2018/CVE/tree/main/2021/CVE-2021-34202 https://github.com/liyansong2018/CVE/tree/main/2021/CVE-2021-34203 +https://github.com/liyansong2018/elfspirit/issues/1 https://github.com/lizhipay/faka/issues/22 +https://github.com/llixixi/cve/blob/main/D-LINK-DAR-7000_rce_%20mailrecvview.md +https://github.com/llixixi/cve/blob/main/D-LINK-DAR-7000_sql_%20importexport.md +https://github.com/llixixi/cve/blob/main/D-LINK-DAR-7000_upload_%20updateos.md +https://github.com/llixixi/cve/blob/main/D-LINK-DAR-8000-10_sql_%20importexport.md +https://github.com/llixixi/cve/blob/main/D-LINK-DAR-8000-10_upload_%20updateos.md +https://github.com/llixixi/cve/blob/main/D-LINK-DAR-8000-10_upload_%20uploadfile.md +https://github.com/llixixi/cve/blob/main/D-LINK-DAR-8000-10_upload_%20web.md +https://github.com/llixixi/cve/blob/main/s45_upload_%20uploadfile.md +https://github.com/llixixi/cve/blob/main/s45_upload_%20userattestation.md +https://github.com/llixixi/cve/blob/main/s45_upload_changelogo.md +https://github.com/llixixi/cve/blob/main/s45_upload_licence.md +https://github.com/llixixi/cve/blob/main/s45_upload_web.md https://github.com/llvm/llvm-project/issues/80287 +https://github.com/lntrx/CVE-2021-28663 +https://github.com/lock-upme/OPMS/issues/25 https://github.com/lodestone-security/CVEs/blob/master/CVE-2019-16404/README.md +https://github.com/lodestone-security/CVEs/blob/master/CVE-2019-16862/README.md https://github.com/lodestone-security/CVEs/blob/master/CVE-2019-17179/README.md https://github.com/lodestone-security/CVEs/blob/master/CVE-2019-17409/README.md +https://github.com/lodestone-security/CVEs/tree/master/CVE-2020-13168 https://github.com/lodi-g/CVE-2019-13361/ +https://github.com/login-securite/CVE/blob/main/CVE-2020-16194.md https://github.com/lohith19/CVE-2022-3518/blob/main/POC https://github.com/lolo-pop/poc/tree/master/Segmentation%20fault%20in%20convert-test(exiv2) https://github.com/looCiprian/Responsible-Vulnerability-Disclosure/blob/main/CVE-2022-28051/README.md https://github.com/looCiprian/Responsible-Vulnerability-Disclosure/tree/main/CVE-2022-28051 https://github.com/looCiprian/Responsible-Vulnerability-Disclosure/tree/main/CVE-2022-28478 https://github.com/looCiprian/Responsible-Vulnerability-Disclosure/tree/main/CVE-2022-28479 +https://github.com/louislam/uptime-kuma/security/advisories/GHSA-553g-fcpf-m3wp +https://github.com/louislam/uptime-kuma/security/advisories/GHSA-7grx-f945-mj96 +https://github.com/louislam/uptime-kuma/security/advisories/GHSA-g9v2-wqcj-j99g +https://github.com/louislam/uptime-kuma/security/advisories/GHSA-vr8x-74pm-6vj7 +https://github.com/louislam/uptime-kuma/security/advisories/GHSA-wh8j-xr66-f296 +https://github.com/lscjl/lsi.webray.com.cn/blob/main/CVE-project/Book%20Borrower%20System%20Cross%20site%20scripting.md https://github.com/lsh123/xmlsec/issues/43 https://github.com/lst-oss/Vulnerability/tree/main/Tenda/A18/formAddMacfilterRule https://github.com/lst-oss/Vulnerability/tree/main/Tenda/A18/formWifiBasicSet +https://github.com/lst-oss/Vulnerability/tree/main/Tenda/A18/fromSetWirelessRepeat +https://github.com/lst-oss/Vulnerability/tree/main/Tenda/AC23/compare_parentcontrol_time https://github.com/lua/lua/commit/42d40581dd919fb134c07027ca1ce0844c670daf https://github.com/lucasgcilento/CVE/blob/master/Dolibarr_CSRF +https://github.com/lucxssouza/CVE-2020-13886 +https://github.com/luelueking/Beetl-3.15.0-vuln-poc +https://github.com/luelueking/ruoyi-4.7.5-vuln-poc +https://github.com/luin/medis/issues/109 +https://github.com/luvsn/OdZoo/tree/main/exploits/odoo-biometric-attendance +https://github.com/luvsn/OdZoo/tree/main/exploits/pdm/2 +https://github.com/luvsn/OdZoo/tree/main/exploits/website_search_blog +https://github.com/luxiaoxun/NettyRpc/issues/53 +https://github.com/lvandeve/lodepng/issues/177 https://github.com/lvu/rtf2html/issues/11 +https://github.com/lwindolf/liferea/commit/8d8b5b963fa64c7a2122d1bbfbb0bed46e813e59 +https://github.com/ly1g3/Joplin-CVE-2022-35131 https://github.com/ly1g3/Mailcow-CVE-2022-31138 https://github.com/ly1g3/Mailcow-CVE-2022-31245 https://github.com/lzlzh2016/CVE/blob/master/XSS.md https://github.com/lzlzh2016/CraftedWeb/blob/master/xss.md https://github.com/m4b/bingrep/issues/30 https://github.com/m4sk0ff/CVE-2021-38819/blob/main/CVE-2021-38819.md +https://github.com/macvim-dev/macvim/security/advisories/GHSA-9jgj-jfwg-99fv +https://github.com/maddingo/sojo/issues/15 https://github.com/madler/zlib/commit/d1d577490c15a0c6862473d7576352a9f18ef811 +https://github.com/magicblack/maccms10/issues/76 https://github.com/majic-banana/vulnerability/blob/main/POC/WUZHICMS4.1.0-Captcha%20bypass%20(logic%20vulnerability).md https://github.com/majic-banana/vulnerability/blob/main/POC/taocms-3.0.2%20Arbitrary%20File%20Writing%20Vulnerability.md https://github.com/malerisch/omnivista-8770-unauth-rce https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0019.md +https://github.com/mansuf/mangadex-downloader/security/advisories/GHSA-r9x7-2xmr-v8fw https://github.com/mantisbt/mantisbt/pull/1094 https://github.com/manuelz120 https://github.com/manuelz120/CVE-2021-45041 https://github.com/manuelz120/CVE-2021-45897 +https://github.com/manvel-khnkoyan/jpv/issues/10 https://github.com/marc-q/libwav/issues/24 https://github.com/marc-q/libwav/issues/29 https://github.com/marcobambini/gravity/issues/123 @@ -114992,7 +117356,18 @@ https://github.com/marcobambini/gravity/issues/314 https://github.com/marcobambini/gravity/issues/315 https://github.com/marcobambini/gravity/issues/319 https://github.com/marcobambini/gravity/issues/321 +https://github.com/marcovntr/CVE/blob/main/2023/CVE-2023-24721/CVE-2023-24721.md +https://github.com/marcovntr/CVE/blob/main/2023/CVE-2023-27775/CVE-2023-27775.md +https://github.com/markedjs/marked/security/advisories/GHSA-5v2h-r2cx-5xgj +https://github.com/markedjs/marked/security/advisories/GHSA-rrrm-qjm4-v8hf https://github.com/markgruffer/markgruffer.github.io/blob/master/_posts/2019-07-19-adaptive-images-for-wordpress-0-6-66-lfi-rce-file-deletion.markdown +https://github.com/marktext/marktext/issues/2360 +https://github.com/marktext/marktext/issues/3575 +https://github.com/markuta/bw-dump +https://github.com/marmelab/react-admin/pull/8644 +https://github.com/martinfrancois/CVE-2018-1000529 +https://github.com/mate-desktop/atril/security/advisories/GHSA-34rr-j8v9-v4p2 +https://github.com/mate-desktop/atril/security/advisories/GHSA-6mf6-mxpc-jc37 https://github.com/matt-/nunjucks_test https://github.com/matthiaskramm/swftools/issues/100 https://github.com/matthiaskramm/swftools/issues/101 @@ -115023,12 +117398,15 @@ https://github.com/matthiaskramm/swftools/issues/168 https://github.com/matthiaskramm/swftools/issues/169 https://github.com/matthiaskramm/swftools/issues/170 https://github.com/matthiaskramm/swftools/issues/171 +https://github.com/matthiaskramm/swftools/issues/172 https://github.com/matthiaskramm/swftools/issues/173 https://github.com/matthiaskramm/swftools/issues/174 https://github.com/matthiaskramm/swftools/issues/175 https://github.com/matthiaskramm/swftools/issues/176 https://github.com/matthiaskramm/swftools/issues/177 https://github.com/matthiaskramm/swftools/issues/188 +https://github.com/matthiaskramm/swftools/issues/197 +https://github.com/matthiaskramm/swftools/issues/198 https://github.com/matthiaskramm/swftools/issues/21 https://github.com/matthiaskramm/swftools/issues/210 https://github.com/matthiaskramm/swftools/issues/211 @@ -115058,12 +117436,16 @@ https://github.com/matthiaskramm/swftools/issues/52 https://github.com/matthiaskramm/swftools/issues/57 https://github.com/matthiaskramm/swftools/issues/97 https://github.com/matthiaskramm/swftools/issues/98 +https://github.com/matthiasmaes/CVE-2020-27688 https://github.com/matthieu-hackwitharts/claroline-CVEs/blob/main/calendar_xss/calendar_xss.md https://github.com/matthieu-hackwitharts/claroline-CVEs/blob/main/csrf/csrf.md https://github.com/matthieu-hackwitharts/claroline-CVEs/blob/main/rce/rce_file_upload.md https://github.com/matthieu-hackwitharts/claroline-CVEs/blob/main/svg_xss/svg_xss.md https://github.com/mautic/mautic/security/advisories/GHSA-x7g2-wrrp-r6h3 https://github.com/maxsite/cms/issues/430 +https://github.com/maxsite/cms/issues/487 +https://github.com/mclab-hbrs/BBB-POC +https://github.com/mcorybillington/SuiteCRM-RCE https://github.com/mcw0/PoC/blob/master/Reolink-IPC-RCE.py https://github.com/mdadams/jasper/issues/112 https://github.com/mdadams/jasper/issues/113 @@ -115071,29 +117453,47 @@ https://github.com/mdadams/jasper/issues/114 https://github.com/mdadams/jasper/issues/147 https://github.com/mdadams/jasper/issues/172 https://github.com/mdadams/jasper/issues/173 +https://github.com/mdadams/jasper/issues/184 https://github.com/mdadams/jasper/issues/188 https://github.com/mdadams/jasper/issues/93 https://github.com/mdadams/jasper/issues/94 +https://github.com/mdanzaruddin/CVE-2021-33558. +https://github.com/mdanzaruddin/CVE-2021-33558./issues/1 +https://github.com/mde/ejs/issues/720 +https://github.com/mde/utilities/issues/29 +https://github.com/meetecho/janus-gateway/blob/v0.10.0/plugins/janus_streaming.c#L6166 https://github.com/memononen/nanosvg/issues/136 https://github.com/menghaining/PoC/blob/main/PublicCMS/publishCMS--PoC.md https://github.com/menghaining/PoC/blob/main/gin-vue-admin/gin-vue-admin--PoC.md https://github.com/mermaid-js/mermaid/security/advisories/GHSA-x3vm-38hw-55wf +https://github.com/merrychap/CVEs/tree/master/janus-webrtc/CVE-2020-13898 https://github.com/merrychap/poc_exploits/tree/master/ONLYOFFICE/CVE-2021-25829 https://github.com/merrychap/poc_exploits/tree/master/ONLYOFFICE/CVE-2021-25830 https://github.com/merrychap/poc_exploits/tree/master/ONLYOFFICE/CVE-2021-25831 https://github.com/merrychap/poc_exploits/tree/master/ONLYOFFICE/CVE-2021-25832 https://github.com/merrychap/poc_exploits/tree/master/ONLYOFFICE/CVE-2021-25833 +https://github.com/merrychap/poc_exploits/tree/master/janus-webrtc/CVE-2020-13899 +https://github.com/merrychap/poc_exploits/tree/master/janus-webrtc/CVE-2020-13900 +https://github.com/merrychap/poc_exploits/tree/master/janus-webrtc/CVE-2020-13901 https://github.com/metaStor/Vuls/blob/main/gitblit/gitblit%20V1.9.3%20path%20traversal/gitblit%20V1.9.3%20path%20traversal.md +https://github.com/metaStor/Vuls/blob/main/zzzcms/zzzphp%20V2.1.0%20RCE/zzzphp%20V2.1.0%20RCE.md https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-546v-59j5-g95q https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-7344-4pg9-qf45 https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-85gw-pchc-4rf3 https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-8cw3-6r98-g7cw +https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-9v93-3qpc-hxj9 https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-hxg8-4r3q-p9rv https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-p295-2jh6-g6g4 https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-vgvw-6xcf-qqfc +https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-whc6-2989-42xm +https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf https://github.com/metersphere/metersphere/security/advisories/GHSA-5mwp-xw7p-5j27 https://github.com/metersphere/metersphere/security/advisories/GHSA-7xj3-qrx5-524r +https://github.com/metersphere/metersphere/security/advisories/GHSA-fwc3-5h55-mh2j +https://github.com/metersphere/metersphere/security/advisories/GHSA-qffq-8gf8-mhq7 https://github.com/metersphere/metersphere/security/advisories/GHSA-qxx2-p3w2-w4r6 +https://github.com/metersphere/metersphere/security/advisories/GHSA-vrv6-cg45-rmjj +https://github.com/mhenrixon/sidekiq-unique-jobs/security/advisories/GHSA-cmh9-rx85-xj38 https://github.com/mholt/archiver/pull/65 https://github.com/michaelrsweet/htmldoc/issues/413 https://github.com/michaelrsweet/htmldoc/issues/414 @@ -115101,6 +117501,7 @@ https://github.com/michaelrsweet/htmldoc/issues/415 https://github.com/michaelrsweet/htmldoc/issues/416 https://github.com/michaelrsweet/htmldoc/issues/417 https://github.com/michaelrsweet/htmldoc/issues/418 +https://github.com/michaelrsweet/htmldoc/issues/425 https://github.com/michaelrsweet/htmldoc/issues/431 https://github.com/michaelrsweet/htmldoc/issues/433 https://github.com/michaelrsweet/htmldoc/issues/461 @@ -115109,14 +117510,27 @@ https://github.com/michaelrsweet/htmldoc/issues/470 https://github.com/michaelrsweet/htmldoc/issues/471 https://github.com/michaelrsweet/htmldoc/issues/480 https://github.com/michaelrsweet/mxml/issues/286 +https://github.com/michaelrsweet/pdfio/security/advisories/GHSA-68x8-9phf-j7jf +https://github.com/michaelrsweet/pdfio/security/advisories/GHSA-cjc4-x96x-fvgf +https://github.com/micrictor/http2-rst-stream https://github.com/micromatch/braces/issues/35 https://github.com/micromatch/braces/pull/37 https://github.com/micromatch/micromatch/issues/243 +https://github.com/micronaut-projects/micronaut-security/security/advisories/GHSA-qw22-8w9r-864h https://github.com/micropython/micropython/issues/13007 +https://github.com/microsoft/CBL-Mariner/pull/6381 +https://github.com/microweber/microweber/issues/1042 https://github.com/microweber/microweber/issues/484 https://github.com/micwallace/wallacepos/issues/84 +https://github.com/migraine-sudo/D_Link_Vuln/tree/main/Permanent%20DDOS%20vulnerability%20in%20emailInfo +https://github.com/migraine-sudo/D_Link_Vuln/tree/main/cmd%20Inject%20In%20tools_AccountName +https://github.com/migraine-sudo/D_Link_Vuln/tree/main/cmd%20Inject%20in%20pingV4Msg +https://github.com/migraine-sudo/D_Link_Vuln/tree/main/cmd%20inject%20in%20IPAddress https://github.com/migraine-sudo/D_Link_Vuln/tree/main/cmd%20inject%20in%20Netmask +https://github.com/migraine-sudo/D_Link_Vuln/tree/main/stackoverflow%20%20in%20reserveDHCP_HostName_1.1.1.0 +https://github.com/migraine-sudo/D_Link_Vuln/tree/main/stackoverflow%20cancelPing https://github.com/miguelhamal/CVE-2019-19393 +https://github.com/migueltarga/CVE-2020-9380 https://github.com/mikedamm/CVEs/blob/master/CVE-2019-11688.md https://github.com/mikelbring/tinyissue/issues/237 https://github.com/millken/doyocms/issues/1 @@ -115127,28 +117541,51 @@ https://github.com/miniupnp/ngiflib/issues/11 https://github.com/miniupnp/ngiflib/issues/12 https://github.com/miniupnp/ngiflib/issues/15 https://github.com/miniupnp/ngiflib/issues/16 +https://github.com/miniupnp/ngiflib/issues/29 https://github.com/miniupnp/ngiflib/issues/5 https://github.com/mirchr/security-research/blob/master/vulnerabilities/F5/CVE-2019-6617.txt https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE-2019-12573.txt https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE-2019-12574.txt https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE-2019-12576.txt https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE-2019-12577.txt +https://github.com/miroslavpejic85/mirotalk/issues/139 https://github.com/miruser/Roche-CVEs/blob/master/CVE-2017-11175.md https://github.com/miruser/Roche-CVEs/blob/master/CVE-2019-12834.md +https://github.com/missing0x00/CVE-2020-26061 +https://github.com/misskey-dev/misskey/security/advisories/GHSA-3f39-6537-3cgc +https://github.com/misskey-dev/misskey/security/advisories/GHSA-7pxq-6xx9-xpgm https://github.com/mity/md4c/issues/41 https://github.com/mity/md4c/issues/42 +https://github.com/mkucej/i-librarian/issues/116 +https://github.com/mkucej/i-librarian/issues/119 +https://github.com/mkucej/i-librarian/issues/120 +https://github.com/mkucej/i-librarian/issues/121 https://github.com/mkucej/i-librarian/issues/138 https://github.com/mkucej/i-librarian/issues/139 +https://github.com/mkucej/i-librarian/issues/155 https://github.com/mkucej/i-librarian/issues/155#issue-1501906608 +https://github.com/mlflow/mlflow/commit/1c6309f884798fbf56017a3cc808016869ee8de4 https://github.com/mlgualtieri/CSS-Exfil-Protection/issues/41 https://github.com/mlogclub/bbs-go/issues/112 +https://github.com/mlr0p/CVE-2021-33564 https://github.com/mmp/pbrt-v3/issues/296 +https://github.com/mnbvcxz131421/douhaocms/blob/main/README.md +https://github.com/mntn0x/POC/blob/master/S-CMS/S-CMS-SQL%E6%B3%A8%E5%85%A5.md +https://github.com/modzero/MZ-20-02-NETGEAR-Orbi-Security +https://github.com/modzero/MZ-23-01-Poly-VoIP-Devices +https://github.com/moehw/poc_exploits/tree/master/CVE-2021-3199/poc_uploadImageFile.py https://github.com/moehw/poc_exploits/tree/master/CVE-2022-29776 https://github.com/moehw/poc_exploits/tree/master/CVE-2022-29777 +https://github.com/moehw/poc_exploits/tree/master/CVE-2023-28488 +https://github.com/monero-project/monero-gui/issues/3142#issuecomment-705940446 https://github.com/monicahq/monica/issues/4888 https://github.com/monicahq/monica/pull/4543 https://github.com/monkey/monkey/issues/92 https://github.com/monoxgas/mailorder +https://github.com/moonlight-stream/moonlight-common-c/security/advisories/GHSA-4927-23jw-rq62 +https://github.com/moov-io/signedxml/issues/23 +https://github.com/moses-smt/mosesdecoder/issues/237 +https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7110 https://github.com/mozilla/mozjpeg/issues/268 https://github.com/mozilla/ssl-config-generator/issues/162 https://github.com/mpdavis/python-jose/issues/344 @@ -115166,16 +117603,28 @@ https://github.com/mpruett/audiofile/issues/39 https://github.com/mpruett/audiofile/issues/40 https://github.com/mpruett/audiofile/issues/41 https://github.com/mpruett/audiofile/issues/54 +https://github.com/mpruett/audiofile/issues/56 https://github.com/mpruett/audiofile/issues/60 +https://github.com/mr-xmen786/CVE-2023-46478/tree/main https://github.com/mrojz/rconfig-exploit/blob/main/CVE-2021-29004-POC-req.txt https://github.com/mrojz/rconfig-exploit/blob/main/CVE-2021-29006-POC.py +https://github.com/mrojz/rconfig-exploit/blob/main/CVE-2023-24366.md https://github.com/mrojz/rconfig-exploit/blob/main/README.md +https://github.com/mrojz/rconfig-exploit/blob/main/rconfigV6_Local_File_Disclosure.md +https://github.com/mruby/mruby/issues/4926 https://github.com/mruby/mruby/issues/4927 +https://github.com/mruby/mruby/issues/4929 +https://github.com/mruby/mruby/issues/5042 +https://github.com/mrvautin/expressCart/issues/120 +https://github.com/mskocik/svelecte/security/advisories/GHSA-7h45-grc5-89wq https://github.com/mspaling/mbam-exclusions-poc- https://github.com/mspaling/mbam-exclusions-poc-/blob/master/mbam-whitelist-poc.txt https://github.com/mssalvatore/CVE-2019-14751_PoC https://github.com/mudassiruddin/CVE-2022-43144-Stored-XSS https://github.com/munin-monitoring/munin/blob/2.0.18/ChangeLog +https://github.com/mvel/mvel/issues/348 +https://github.com/mvel/mvel/issues/348#issuecomment-1874047271 +https://github.com/mwarning/KadNode/issues/79 https://github.com/mwrlabs/CVE-2016-7255 https://github.com/mwrlabs/CVE-2018-4121 https://github.com/mz-automation/libiec61850/issues/193 @@ -115183,10 +117632,38 @@ https://github.com/mz-automation/libiec61850/issues/194 https://github.com/mz-automation/libiec61850/issues/196 https://github.com/mz-automation/libiec61850/issues/197 https://github.com/mz-automation/libiec61850/issues/198 +https://github.com/mz-automation/libiec61850/issues/200 +https://github.com/n0obit4/Vulnerability_Disclosure/tree/main/CVE-2023-50015 +https://github.com/n3gox/Stored-XSS-on-SCM-Manager-1.60 https://github.com/n8tz/CVE-2022-24999 +https://github.com/nagenanhai/cve/blob/main/duqu.md +https://github.com/nagenanhai/cve/blob/main/sql.md +https://github.com/naihsin/IoT/blob/main/D-Link/DIR-600/cmd%20injection/README.md +https://github.com/naihsin/IoT/blob/main/D-Link/DIR-600/overflow/README.md +https://github.com/naihsin/IoT/tree/main/D-Link/DIR-600/cmd%20injection +https://github.com/naihsin/IoT/tree/main/D-Link/DIR-600/overflow +https://github.com/naihsin/IoT/tree/main/D-Link/DIR-619L/overflow https://github.com/nam3lum/msi-central_privesc +https://github.com/nangge/noneCms/issues/30 +https://github.com/nangge/noneCms/issues/32 +https://github.com/nangge/noneCms/issues/33 +https://github.com/nangge/noneCms/issues/35 +https://github.com/nasroabd/vulns/tree/main/XnView/2.51.5 +https://github.com/navaidzansari/CVE_Demo/blob/main/2023/Auto%20Dealer%20Management%20System%20-%20Broken%20Access%20Control.md +https://github.com/navaidzansari/CVE_Demo/blob/main/2023/Auto%20Dealer%20Management%20System%20-%20SQL%20Injection%20-%203.md +https://github.com/navaidzansari/CVE_Demo/blob/main/2023/Employee%20Task%20Management%20System%20-%20Broken%20Authentication.md +https://github.com/navaidzansari/CVE_Demo/blob/main/2023/Employee%20Task%20Management%20System%20-%20SQL%20Injection%20-%202.md +https://github.com/navaidzansari/CVE_Demo/blob/main/2023/Employee%20Task%20Management%20System%20-%20SQL%20Injection.md +https://github.com/navaidzansari/CVE_Demo/blob/main/2023/Music%20Gallery%20Site%20-%20Broken%20Access%20Control.md +https://github.com/navaidzansari/CVE_Demo/blob/main/2023/Music%20Gallery%20Site%20-%20SQL%20Injection%201.md +https://github.com/navaidzansari/CVE_Demo/blob/main/2023/Music%20Gallery%20Site%20-%20SQL%20Injection%202.md +https://github.com/navaidzansari/CVE_Demo/blob/main/2023/Music%20Gallery%20Site%20-%20SQL%20Injection%203.md +https://github.com/navaidzansari/CVE_Demo/blob/main/2023/Simple%20Food%20Ordering%20System%20-%20Authenticated%20Reflected%20XSS.md +https://github.com/navidrome/navidrome/security/advisories/GHSA-wq59-4q6r-635r +https://github.com/nearform/fast-jwt/security/advisories/GHSA-c2ff-88x2-x9pg https://github.com/nektos/act/security/advisories/GHSA-pc99-qmg4-rcff https://github.com/nelhage/virtunoid +https://github.com/neocotic/convert-svg/issues/81 https://github.com/neocotic/convert-svg/issues/84 https://github.com/neocotic/convert-svg/issues/86 https://github.com/nepenthe0320/cve_poc/blob/master/CVE-2019-11367 @@ -115201,58 +117678,108 @@ https://github.com/netsecfish/tbk_dvr_command_injection https://github.com/netsecfish/xiongmai_incorrect_access_control https://github.com/netsecfish/xiongmai_incorrect_access_control/blob/main/pocCheck3-en.py https://github.com/newbee-ltd/newbee-mall/issues/1 +https://github.com/nexB/scancode.io/security/advisories/GHSA-2ggp-cmvm-f62f +https://github.com/nexis-nexis/Searchor-2.4.0-POC-Exploit- https://github.com/nextauthjs/next-auth/security/advisories/GHSA-pg53-56cg-4m8q https://github.com/nextcloud/cookbook/security/advisories/GHSA-c5pc-mf2f-xq8h +https://github.com/ngallagher/simplexml/issues/18 +https://github.com/nghttp2/nghttp2/pull/1961 +https://github.com/nghttp2/nghttp2/security/advisories/GHSA-q5wr-xfw9-q7xr https://github.com/nginx/njs/issues/174 https://github.com/nginx/njs/issues/187 https://github.com/nginx/njs/issues/188 +https://github.com/nginx/njs/issues/322 +https://github.com/nginx/njs/issues/323 +https://github.com/nginx/njs/issues/324 +https://github.com/nginx/njs/issues/325 +https://github.com/nginx/njs/issues/451 https://github.com/nginx/njs/issues/467 https://github.com/nginx/njs/issues/469 https://github.com/nginx/njs/issues/470 https://github.com/nginx/njs/issues/471 +https://github.com/nginx/njs/issues/480 https://github.com/nginx/njs/issues/481 https://github.com/nginx/njs/issues/482 +https://github.com/nginx/njs/issues/483 +https://github.com/nginx/njs/issues/485 +https://github.com/nginx/njs/issues/486 +https://github.com/nginx/njs/issues/504 https://github.com/nginx/njs/issues/506 https://github.com/nginx/njs/issues/522 https://github.com/nginx/njs/issues/523 https://github.com/nginx/njs/issues/524 https://github.com/nginx/njs/issues/529 https://github.com/nginx/njs/issues/533 +https://github.com/nginx/njs/issues/540 https://github.com/nginx/njs/issues/569 +https://github.com/nginx/njs/issues/615 +https://github.com/nginx/njs/issues/619 +https://github.com/nhtri2003gmail/CVE_report/blob/master/CVE-2023-38823.md +https://github.com/nightcloudos/bug_report/blob/main/vendors/jkev/Dental%20Clinic%20Appointment%20Reservation%20System/SQLi-1.md +https://github.com/nightcloudos/bug_report/blob/main/vendors/jkev/Dental%20Clinic%20Appointment%20Reservation%20System/XSS-1.md +https://github.com/nightcloudos/bug_report/blob/main/vendors/poc2.md +https://github.com/nightcloudos/cve/blob/main/CSRF.md +https://github.com/nightcloudos/new_cms/blob/main/CSRF%20exists%20at%20the%20deletion%20point%20of%20column%20management.md +https://github.com/nightcloudos/new_cms/blob/main/CSRF%20exists%20at%20the%20newly%20added%20section%20of%20column%20management.md +https://github.com/nightcloudos/new_cms/blob/main/CSRF%20exists%20in%20the%20column%20management%20modification%20section.md https://github.com/nih-at/libzip/issues/5 +https://github.com/nikeshtiwari1/House-Rental-System/issues/6 https://github.com/nikeshtiwari1/House-Rental-System/issues/8 https://github.com/nikhil-aniill/Small-CRM-CVE +https://github.com/nikn0laty/Exploit-for-Searchor-2.4.0-Arbitrary-CMD-Injection +https://github.com/nim-lang/zip/issues/54 https://github.com/nipunsomani/Opencart-3.x.x-Authenticated-Stored-XSS/blob/master/README.md +https://github.com/niteosoft/simplejobscript/issues/10 +https://github.com/niteosoft/simplejobscript/issues/7 +https://github.com/niteosoft/simplejobscript/issues/9 +https://github.com/nitinp1232/cms-corephp/issues/1 https://github.com/njhartwell/pw3nage https://github.com/nmap/nmap/issues/1568 https://github.com/no-security/sqlalchemy_test https://github.com/no1rr/Vulnerability/tree/master/Tenda/TX9Pro/1 https://github.com/node-saml/passport-saml/pull/595 +https://github.com/node-swig/swig-templates/issues/88 +https://github.com/node-swig/swig-templates/issues/89 https://github.com/noear/solon/issues/145 +https://github.com/noear/solon/issues/226 +https://github.com/noirotm/flvmeta/issues/19 https://github.com/nokiatech/heif/issues/85 https://github.com/nokiatech/heif/issues/86 https://github.com/nokiatech/heif/issues/87 +https://github.com/nola-milkin/poc_exploits/blob/master/CVE-2021-3199/poc_uploadImageFile.py https://github.com/nonamecoder/CVE-2022-27254 https://github.com/nonamecoder/CVE-2023-22906 https://github.com/nopSolutions/nopCommerce/issues/5322 https://github.com/noperator/CVE-2019-18935 https://github.com/noraj/Umbraco-RCE +https://github.com/nothings/stb/issues/1108 https://github.com/nothings/stb/issues/1166 https://github.com/nothings/stb/issues/1224 https://github.com/nothings/stb/issues/1225 +https://github.com/nothings/stb/issues/1286 https://github.com/nothings/stb/issues/790 +https://github.com/nothings/stb/issues/863 https://github.com/nothings/stb/issues/864 https://github.com/nothings/stb/issues/865 https://github.com/nothings/stb/issues/866 https://github.com/nothings/stb/issues/867 https://github.com/nothings/stb/issues/868 https://github.com/nothings/stb/issues/869 +https://github.com/notkisi/CVE-s/blob/master/CVE-2018-18912.py https://github.com/nowsecure/samsung-ime-rce-poc/ +https://github.com/nrb547/kernel-exploitation/blob/main/cve-2021-3609/cve-2021-3609.md +https://github.com/nsbogam/CVE-2022-26269/blob/main/README.md +https://github.com/nsbogam/ebike +https://github.com/nsbogam/ebike-jammer +https://github.com/nsbogam/ebike-jammer/blob/main/README.md +https://github.com/nu11secur1ty/CVE-mitre/tree/main/2022/CVE-2022-23366 https://github.com/nu11secur1ty/CVE-mitre/tree/main/2022/CVE-2022-24263 https://github.com/nu11secur1ty/CVE-mitre/tree/main/2022/CVE-2022-25003 https://github.com/nu11secur1ty/CVE-mitre/tree/main/2022/CVE-2022-26613 https://github.com/nu11secur1ty/CVE-mitre/tree/main/2022/CVE-2022-28452 +https://github.com/nu11secur1ty/CVE-mitre/tree/main/2022/CVE-2022-31325 https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-35458 +https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-36624 https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-42224 https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-42665 https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-42667 @@ -115270,14 +117797,24 @@ https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/Md-Saiful-Isl https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/PHPGURUKUL/ANUJ%20KUMAR/Employee-Record-Management-System https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/PHPGURUKUL/ANUJ%20KUMAR/Employee-Record-Management-System-SQL-Injection https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/PHPGURUKUL/ANUJ%20KUMAR/Employee-Record-Management-System-SQL-Injection-Bypass-Authentication +https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/Piwigo/2022/12.3.0 +https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/PuneethReddyHC/event-management-1.0 +https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/acetech/2022/Home-Clean-Service-System https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/campcodes.com/Bank-Management-System https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/code-projects/Pharmacy-Management https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/janobe/CVE-nu11-101321 +https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/janobe/CVE-nu11-101821 https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/janobe/Multi%20Restaurant%20Table%20Reservation%20System https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/janobe/Online-Enrollment-Management-System https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/mayuri_k/2022/Garage-Management-System-1.0-SFU +https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/mayuri_k/2022/Orange-Station-1.0 https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Accounting-Journal-Management https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Air-Cargo-Management-System +https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Cosmetics-and-Beauty-Product-Online-Store +https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Cosmetics-and-Beauty-Product-Online-Store/SQL-Injection +https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Covid-19-Travel-Pass-Management +https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Home-Owners-Collection-Management +https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Online-Fire-Reporting https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Payroll-Management-System https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Simple-Mobile-Comparison-Website https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Simple-Student-Information @@ -115289,27 +117826,43 @@ https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/MSM https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/Simple-Logistic-Hub-Parcels-Management https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/unyasoft/CTMS https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/vetbossel.in/2022/Matrimony +https://github.com/nu774/fdkaac/issues/52 +https://github.com/nugmubs/chronoforums-cve/wiki/Stored-XSS-Vulnerability-in-Chronoforum-v2.0.11-(Joomla-plugin) https://github.com/numirias/security/blob/master/doc/2019-06-04_ace-vim-neovim.md https://github.com/o2platform/DefCon_RESTing/tree/master/Live-Demos/Neo4j https://github.com/oauthlib/oauthlib/security/advisories/GHSA-3pgj-pg6c-r5p7 +https://github.com/oblac/jodd-http/issues/9 https://github.com/oblac/jodd/issues/787 https://github.com/octobercms/october/issues/1302 https://github.com/offalltn/CVE-2022-45299 +https://github.com/ohler55/agoo/issues/88 https://github.com/ohler55/ox/issues/194 https://github.com/ohler55/ox/issues/195 +https://github.com/olmax99/helm-flask-celery/commit/28c985d712d7ac26893433e8035e2e3678fcae9f https://github.com/omarhashem123/Security-Research/blob/main/CVE-2022-38627/CVE-2022-38627.txt https://github.com/omarhashem123/Security-Research/blob/main/CVE-2022-38627/CVE-2022-38627.yaml https://github.com/omarhashem123/Security-Research/blob/main/CVE-2022-38628/CVE-2022-38628.txt https://github.com/omarhashem123/Security-Research/blob/main/CVE-2022-42710/CVE-2022-42710.txt https://github.com/omeka/Omeka/issues/935 +https://github.com/omershaik0/Handmade_Exploits/tree/main/SISQUALWFM-Host-Header-Injection-CVE-2023-36085 +https://github.com/omnitaint/Vulnerability-Reports/blob/2211ea4712f24d20b7f223fb737910fdfb041edb/reports/rails-routes-to-json/report.md +https://github.com/onEpAth936/cve/blob/master/bug_e/edoc-doctor-appointment-system/Multiple%20SQL%20injection.md +https://github.com/onionshare/onionshare/issues/1389 +https://github.com/onionshare/onionshare/security/advisories/GHSA-jh82-c5jw-pxpc https://github.com/onkyoworm/poc/blob/master/laobancms/poc.md https://github.com/onlaj/Piano-LED-Visualizer/issues/350 https://github.com/onlaj/Piano-LED-Visualizer/pull/351 https://github.com/onlaj/Piano-LED-Visualizer/security/advisories/GHSA-g78x-q3x8-r6m4 +https://github.com/onnx/onnx/issues/3991 https://github.com/open-telemetry/opentelemetry-collector/security/advisories/GHSA-c74f-6mfw-mm4v +https://github.com/open-telemetry/opentelemetry-go-contrib/security/advisories/GHSA-8pgv-569h-w5rw https://github.com/open-telemetry/opentelemetry-java-instrumentation/security/advisories/GHSA-hghr-r469-gfq6 +https://github.com/open-zaak/open-zaak/blob/master/CHANGELOG.rst#133-2020-12-17 https://github.com/open5gs/open5gs/issues/1247 +https://github.com/openSUSE/libsolv/issues/416 +https://github.com/openSUSE/libsolv/issues/417 https://github.com/openSUSE/libsolv/issues/425 +https://github.com/opencontainers/runc/issues/2128 https://github.com/opencontainers/runc/issues/2197 https://github.com/opencontainers/runc/issues/2197#issuecomment-1437617334 https://github.com/opencv/opencv/issues/10351 @@ -115320,9 +117873,11 @@ https://github.com/opencv/opencv/issues/9371 https://github.com/opencv/opencv/issues/9372 https://github.com/opencv/opencv/issues/9723 https://github.com/opendocman/opendocman/issues/163 +https://github.com/openemr/openemr/issues/1781 https://github.com/openemr/openemr/issues/1782 https://github.com/openemr/openemr/issues/498 https://github.com/openexr/openexr/issues/248 +https://github.com/openexr/openexr/issues/351 https://github.com/openid/ruby-openid/pull/43 https://github.com/openlink/virtuoso-opensource/issues/1118 https://github.com/openlink/virtuoso-opensource/issues/1119 @@ -115348,8 +117903,18 @@ https://github.com/openlink/virtuoso-opensource/issues/1138 https://github.com/openlink/virtuoso-opensource/issues/1139 https://github.com/openlink/virtuoso-opensource/issues/1140 https://github.com/openlink/virtuoso-opensource/issues/1141 +https://github.com/openlink/virtuoso-opensource/issues/1173 +https://github.com/openlink/virtuoso-opensource/issues/1176 +https://github.com/openlink/virtuoso-opensource/issues/1177 +https://github.com/openlink/virtuoso-opensource/issues/1178 +https://github.com/openreplay/openreplay/security/advisories/GHSA-xpfv-454c-3fj4 +https://github.com/openscad/openscad/issues/4043 +https://github.com/orangecertcc/security-research/security/advisories/GHSA-25j8-69h7-83h2 +https://github.com/orangecertcc/security-research/security/advisories/GHSA-2hc5-p5mc-8vrh https://github.com/orangecertcc/security-research/security/advisories/GHSA-34f2-7h57-rg7p +https://github.com/orangecertcc/security-research/security/advisories/GHSA-77vw-2pmg-q492 https://github.com/orangecertcc/security-research/security/advisories/GHSA-7xfm-92p7-qc57 +https://github.com/orangecertcc/security-research/security/advisories/GHSA-8v5w-4fhm-gqxj https://github.com/orangecertcc/security-research/security/advisories/GHSA-f49v-45qp-cv53 https://github.com/orangecertcc/security-research/security/advisories/GHSA-f73m-fvj3-m2pm https://github.com/orangecertcc/security-research/security/advisories/GHSA-gq88-gqmj-7v24 @@ -115358,19 +117923,29 @@ https://github.com/orangecertcc/security-research/security/advisories/GHSA-h332- https://github.com/orangecertcc/security-research/security/advisories/GHSA-hhfw-6cm2-v3w5 https://github.com/orangecertcc/security-research/security/advisories/GHSA-hrpq-384f-vrpg https://github.com/orangecertcc/security-research/security/advisories/GHSA-j94f-5cg6-6j9j +https://github.com/orangecertcc/security-research/security/advisories/GHSA-mc3w-rv8p-f9xf https://github.com/orangecertcc/security-research/security/advisories/GHSA-p2fq-9h5j-x6w5 +https://github.com/orangecertcc/security-research/security/advisories/GHSA-px2c-q384-5wxc +https://github.com/orangecertcc/security-research/security/advisories/GHSA-q5pq-8666-j8fr +https://github.com/orangecertcc/security-research/security/advisories/GHSA-qpv8-g6qv-rf8p https://github.com/orangecertcc/security-research/security/advisories/GHSA-qx9c-49m4-f3vj https://github.com/orangecertcc/security-research/security/advisories/GHSA-r259-5p5p-2q47 https://github.com/orangecertcc/security-research/security/advisories/GHSA-r32j-xgg3-w2rw +https://github.com/orangecertcc/security-research/security/advisories/GHSA-v56f-9gq3-rx3g https://github.com/orangecertcc/security-research/security/advisories/GHSA-vrf9-cjcp-rwcr https://github.com/orangecertcc/security-research/security/advisories/GHSA-vw54-f9mw-g46r https://github.com/orangecertcc/security-research/security/advisories/GHSA-wjp8-8qf6-vqmc https://github.com/orangecertcc/security-research/security/advisories/GHSA-wmjv-552v-pxjc +https://github.com/orangecertcc/security-research/security/advisories/GHSA-wwq2-pxrj-v62r https://github.com/orangecertcc/security-research/security/advisories/GHSA-x2r6-4m45-m4jp https://github.com/orangecertcc/security-research/security/advisories/GHSA-xfw3-pgp3-5j2p https://github.com/ossec/ossec-hids/issues/1585 +https://github.com/ossec/ossec-hids/issues/1953 https://github.com/ossec/ossec-hids/releases/tag/2.8.1 +https://github.com/oswetto/LoboEvolution/issues/38 https://github.com/otavioarj/SIOCtl +https://github.com/owlike/genson/issues/191 +https://github.com/oxen-io/session-android/pull/897 https://github.com/oyeahtime/test/issues/3 https://github.com/p1Kk/vuln/blob/main/totolink_ex1200t_NoticeUrl_rce4.md https://github.com/p1Kk/vuln/blob/main/totolink_ex1200t_devicemac_rce.md @@ -115385,6 +117960,8 @@ https://github.com/p1Kk/vuln/blob/main/totolink_ex1200t_login_bypass.md https://github.com/p1Kk/vuln/blob/main/totolink_ex1200t_reboot.md https://github.com/p1Kk/vuln/blob/main/totolink_ex1200t_sysstatus_leak.md https://github.com/p1Kk/vuln/blob/main/totolink_ex1200t_telnet_default.md +https://github.com/p1ckzi/CVE-2022-35513 +https://github.com/p1n93r/SpringBootAdmin-thymeleaf-SSTI https://github.com/p8w/akcms/issues/1 https://github.com/p8w/akcms/issues/2 https://github.com/palantir/security-bulletins/blob/main/PLTRSEC-2022-01.md @@ -115400,17 +117977,46 @@ https://github.com/pandao/editor.md/issues/700 https://github.com/pandao/editor.md/issues/709 https://github.com/pang0lin/CVEproject/blob/main/wordpress_SP-Project_fileupload.md https://github.com/panghusec/exploit/issues/8 +https://github.com/paradessia/cve/blob/main/Ipack-Scada-Automation.txt +https://github.com/paragbagul111/CVE-2023-30145 https://github.com/paramiko/paramiko/blob/master/sites/www/changelog.rst https://github.com/parisneo/lollms-webui/commit/1e17df01e01d4d33599db2afaafe91d90b6f0189 +https://github.com/passtheticket/vulnerability-research/blob/main/manage-engine-apps/admanager-recovery-password-disclosure.md https://github.com/patrickhener/CVE-2023-22855/blob/main/advisory/advisory.md https://github.com/patriksimek/vm2/issues/197 https://github.com/patriksimek/vm2/issues/467 +https://github.com/patriksimek/vm2/issues/515 +https://github.com/patriksimek/vm2/security/advisories/GHSA-7jxr-cg7f-gpgv +https://github.com/patriksimek/vm2/security/advisories/GHSA-ch3r-j5x3-6q2m +https://github.com/patriksimek/vm2/security/advisories/GHSA-p5gc-c584-jj6v +https://github.com/patriksimek/vm2/security/advisories/GHSA-whpj-8f3w-67p5 +https://github.com/patriksimek/vm2/security/advisories/GHSA-xj72-wvfv-8985 https://github.com/pawelmalak/snippet-box/issues/57 https://github.com/payatu/QuickHeal https://github.com/pbgt/CVEs/blob/main/CVE-2021-39285.md +https://github.com/pcmacdon/jsish/issues/10 +https://github.com/pcmacdon/jsish/issues/100 +https://github.com/pcmacdon/jsish/issues/101 +https://github.com/pcmacdon/jsish/issues/12 +https://github.com/pcmacdon/jsish/issues/13 +https://github.com/pcmacdon/jsish/issues/14 +https://github.com/pcmacdon/jsish/issues/16 +https://github.com/pcmacdon/jsish/issues/5 +https://github.com/pcmacdon/jsish/issues/51 +https://github.com/pcmacdon/jsish/issues/52 +https://github.com/pcmacdon/jsish/issues/53 +https://github.com/pcmacdon/jsish/issues/54 +https://github.com/pcmacdon/jsish/issues/55 +https://github.com/pcmacdon/jsish/issues/57 https://github.com/pcmt/superMicro-CMS/issues/1 https://github.com/pcmt/superMicro-CMS/issues/2 +https://github.com/pdm-project/pdm/security/advisories/GHSA-j44v-mmf2-xvm9 +https://github.com/peanuts62/TP-Link-poc +https://github.com/pear/Archive_Tar/issues/33 https://github.com/pedrib/PoC/blob/master/advisories/ManageEngine/me_dc9_admin.txt +https://github.com/pedrib/PoC/blob/master/advisories/NUUO/nuuo_nvrmini_round2.mkd +https://github.com/pedrib/PoC/blob/master/advisories/Pwn2Own/Tokyo_2019/lao_bomb/lao_bomb.md +https://github.com/pedrib/PoC/blob/master/advisories/Pwn2Own/Tokyo_2020/minesweeper.md https://github.com/pedrib/PoC/blob/master/advisories/bmc-track-it-11.4.txt https://github.com/pedrib/PoC/blob/master/advisories/webnms-5.2-sp1-pwn.txt https://github.com/pedrib/PoC/blob/master/generic/impresscms-1.3.5.txt @@ -115418,6 +118024,10 @@ https://github.com/pedrib/PoC/blob/master/lorexActivex/lorex-report.txt https://github.com/pedrib/PoC/blob/master/lorexActivex/lorex-testcase.html https://github.com/pedrib/PoC/blob/master/pimcore-2.1.0.txt https://github.com/pentestingforfunandprofit/research/tree/master/dozer-rce +https://github.com/peris-navince/founded-0-days/blob/main/Dlink/816/form2Dhcpip_cgi/1.md +https://github.com/peris-navince/founded-0-days/blob/main/Dlink/816/form2IPQoSTcDel/1.md +https://github.com/peris-navince/founded-0-days/blob/main/Dlink/823G/SetWifiDownSettings/1.md +https://github.com/peris-navince/founded-0-days/blob/main/Tenda/ac500/fromSetVlanInfo/1.md https://github.com/petewarden/catdoc/issues/9 https://github.com/pghuanghui/CVE_Request/blob/main/AERIAL%20X%201200_Command%20Execution%20Vulnerability.md https://github.com/pghuanghui/CVE_Request/blob/main/WAVLINK%20AC1200.md @@ -115427,23 +118037,47 @@ https://github.com/pghuanghui/CVE_Request/blob/main/WAVLINK%20WN535%20G3_Sensiti https://github.com/pghuanghui/CVE_Request/blob/main/WAVLINK%20WN535%20G3__check_live.md https://github.com/pghuanghui/CVE_Request/blob/main/WAVLINK%20WN535%20G3__live_mfg.md https://github.com/pghuanghui/CVE_Request/blob/main/WAVLINK%20WN579%20X3__Sensitive%20information%20leakage.md +https://github.com/pghuanghui/CVE_Request/blob/main/WAVLINK%20WN579%20X3__messages.md https://github.com/pghuanghui/CVE_Request/blob/main/WiFi-Repeater/WiFi-Repeater_Tftpd32.assets/WiFi-Repeater_Tftpd32.md https://github.com/pghuanghui/CVE_Request/blob/main/WiFi-Repeater/WiFi-Repeater_fctest.assets/WiFi-Repeater_fctest.md +https://github.com/pghuanghui/CVE_Request/blob/main/WiFi-Repeater/WiFi-Repeater_mb_wifibasic.assets/WiFi-Repeater_mb_wifibasic.md https://github.com/pghuanghui/CVE_Request/blob/main/WiFi-Repeater/WiFi-Repeater_syslog.shtml.assets/WiFi-Repeater_syslog.shtml.md https://github.com/pghuanghui/CVE_Request/blob/main/WiFi-Repeater/WiFi-Repeater_syslog.shtml.assets/WiFi-Repeater_tftp.md +https://github.com/ph0nkybit/proof-of-concepts/tree/main/Use_Of_Hardcoded_Password_In_ALF-BanCO_8.2.x https://github.com/phantom0301/vulns/blob/master/Metinfo.md https://github.com/phantom0301/vulns/blob/master/Metinfo2.md +https://github.com/phax/ph-commons/issues/35 https://github.com/php/php-src/commit/1a23ebc1fff59bf480ca92963b36eba5c1b904c4 https://github.com/php/php-src/commit/6a7cc8ff85827fa9ac715b3a83c2d9147f33cd43?w=1 +https://github.com/php/php-src/security/advisories/GHSA-3qrf-m4j2-pcrr +https://github.com/php/php-src/security/advisories/GHSA-76gg-c692-v2mw +https://github.com/php/php-src/security/advisories/GHSA-7fj2-8x79-rjf4 https://github.com/php/php-src/security/advisories/GHSA-h746-cjrr-wfmr +https://github.com/php/php-src/security/advisories/GHSA-jqcx-ccgc-xwhv https://github.com/php/php-src/security/advisories/GHSA-wpj3-hf5j-x4v4 +https://github.com/phpList/phplist3/issues/660 +https://github.com/phpList/phplist3/issues/665 +https://github.com/phpList/phplist3/issues/666 +https://github.com/phpList/phplist3/issues/669 +https://github.com/phpList/phplist3/issues/672 +https://github.com/phpfusion/PHPFusion/issues/2329 https://github.com/phpipam/phpipam/issues/2327 +https://github.com/phpipam/phpipam/issues/2344 +https://github.com/phpipam/phpipam/issues/3025 https://github.com/phpipam/phpipam/issues/3351 https://github.com/phpipam/phpipam/issues/992 +https://github.com/phpmyadmin/phpmyadmin/issues/16056 https://github.com/pi-engine/pi/issues/1523 https://github.com/pi-hole/AdminLTE/security/advisories/GHSA-33w4-xf7m-f82m https://github.com/pi-hole/AdminLTE/security/advisories/GHSA-5cm9-6p3m-v259 +https://github.com/pi-hole/AdminLTE/security/advisories/GHSA-6qh8-6rrj-7497 +https://github.com/piccolo-orm/piccolo/security/advisories/GHSA-h7cm-mrvq-wcfr +https://github.com/piccolo-orm/piccolo/security/advisories/GHSA-xq59-7jf3-rjc6 +https://github.com/pimcore/admin-ui-classic-bundle/security/advisories/GHSA-jfxw-6c5v-c42f +https://github.com/pimcore/pimcore/security/advisories/GHSA-72hh-xf79-429p https://github.com/pingcap/tidb/issues/52159 +https://github.com/piuppi/Proof-of-Concepts/blob/main/AudimexEE/README.md +https://github.com/piuppi/Proof-of-Concepts/blob/main/AudimexEE/Reflected-XSS.md https://github.com/piuppi/Proof-of-Concepts/blob/main/Engineering/CSTI-KnowageSuite7-3.md https://github.com/piuppi/Proof-of-Concepts/blob/main/Engineering/SQLi-KnowageSuite.md https://github.com/piuppi/Proof-of-Concepts/blob/main/Engineering/Stored-XSS-KnowageSuite7-3-notes.md @@ -115452,31 +118086,49 @@ https://github.com/piuppi/Proof-of-Concepts/blob/main/Engineering/XSS-KnowageSui https://github.com/piuppi/Proof-of-Concepts/blob/main/Engineering/XSS-KnowageSuite7-3_unauth.md https://github.com/piuppi/Proof-of-Concepts/blob/main/Engineering/XSSI-KnowageSuite.md https://github.com/piuppi/Proof-of-Concepts/blob/main/Syracom/SecureLogin2FA-OpenRedirect.md +https://github.com/piuppi/Proof-of-Concepts/blob/main/WSO2/CVE-2020-25516.md https://github.com/pixelimity/pixelimity/issues/19 +https://github.com/pixelimity/pixelimity/issues/20 https://github.com/pixelimity/pixelimity/issues/21 https://github.com/pixelimity/pixelimity/issues/23 https://github.com/pjlantz/optee-qemu/blob/main/README.md +https://github.com/pkuvcl/davs2/issues/29 https://github.com/plack/Plack/issues/405 https://github.com/pllrry/Tenda-AC9-V15.03.2.21_cn-Command-Execution-Vulnerability/tree/main/Tenda-AC9 https://github.com/pluck-cms/pluck/issues/69 https://github.com/pluck-cms/pluck/issues/70 +https://github.com/pluck-cms/pluck/issues/81 https://github.com/pluck-cms/pluck/issues/98 +https://github.com/pluginsGLPI/formcreator/security/advisories/GHSA-777g-3848-8r3g +https://github.com/pluxml/PluXml/issues/320 +https://github.com/pluxml/PluXml/issues/321 https://github.com/pmachapman/unrar/commit/2ecab6bb5ac4f3b88f270218445496662020205f#diff-ca3086f578522062d7e390ed2cd7e10f646378a8b8cbf287a6e4db5966df68ee +https://github.com/podofo/podofo/files/11260976/poc-file.zip https://github.com/podofo/podofo/issues/66 https://github.com/podofo/podofo/issues/67 +https://github.com/podofo/podofo/issues/69 https://github.com/podofo/podofo/issues/70 https://github.com/podofo/podofo/issues/71 https://github.com/podofo/podofo/issues/72 https://github.com/polaris0x1/CVE/issues/1 +https://github.com/poropro/kuaifan/issues/3 https://github.com/portainer/portainer/issues/2475 https://github.com/pr0v3rbs/CVE/tree/master/CVE-2018-19986%20-%2019990 https://github.com/pr0v3rbs/CVE/tree/master/CVE-2019-20082 https://github.com/pr0v3rbs/CVE/tree/master/CVE-2019-6258 https://github.com/pradeepjairamani/TYPO3-XSS-POC +https://github.com/pramodmahato/BlogCMS/issues/1 https://github.com/pravednik/xmlBundle/issues/2 https://github.com/prismbreak/vulnerabilities/issues/2 +https://github.com/prismbreak/vulnerabilities/issues/3 +https://github.com/prismbreak/vulnerabilities/issues/4 +https://github.com/prismbreak/vulnerabilities/issues/5 +https://github.com/processing/processing/issues/5706 +https://github.com/proftpd/proftpd/issues/903 https://github.com/progfay/scrapbox-parser/pull/519 https://github.com/progfay/scrapbox-parser/pull/539 +https://github.com/projectcapsule/capsule-proxy/security/advisories/GHSA-fpvw-6m5v-hqfp +https://github.com/projectworldsofficial/Assets-management-system-in-php/issues/2 https://github.com/projectworldsofficial/online-book-store-project-in-php/issues/10 https://github.com/projectworldsofficial/online-book-store-project-in-php/issues/11 https://github.com/projectworldsofficial/online-book-store-project-in-php/issues/12 @@ -115484,6 +118136,7 @@ https://github.com/projectworldsofficial/online-book-store-project-in-php/issues https://github.com/projectworldsofficial/online-book-store-project-in-php/issues/15 https://github.com/projectworldsofficial/online-book-store-project-in-php/issues/8 https://github.com/projectworldsofficial/online-book-store-project-in-php/issues/9 +https://github.com/projectworldsofficial/online-shopping-webvsite-in-php/issues/2 https://github.com/proofofcalc/cve-2019-6453-poc https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-8gq9-2x98-w8hf https://github.com/psi-4ward/psitransfer/security/advisories/GHSA-2p2x-p7wj-j5h2 @@ -115505,26 +118158,42 @@ https://github.com/pts/sam2p/issues/41 https://github.com/pts/sam2p/issues/66 https://github.com/pts/sam2p/issues/67 https://github.com/punkave/sanitize-html/issues/100 +https://github.com/pupnp/pupnp/issues/249 https://github.com/purpleracc00n/CVE-2019-16941 https://github.com/purpleracc00n/Exploits-and-PoC/blob/master/XXE%20in%20YAJSW%E2%80%99s%20JnlpSupport%20affects%20Ghidra%20Server.md https://github.com/pwndoc/pwndoc/issues/401 +https://github.com/pyload/pyload/security/advisories/GHSA-h73m-pcfw-25h2 +https://github.com/pymedusa/Medusa/security/advisories/GHSA-3hph-6586-qv9g +https://github.com/pymedusa/Medusa/security/advisories/GHSA-6589-x6f5-cgg9 +https://github.com/pymedusa/Medusa/security/advisories/GHSA-8mcr-vffr-jwxv https://github.com/pypa/pip/issues/425 https://github.com/pypa/pip/issues/6413 https://github.com/pytest-dev/py/issues/287 +https://github.com/python/cpython/issues/103824 https://github.com/python/cpython/pull/25099 https://github.com/pytroll/donfig/issues/5 https://github.com/q3k/cve-2019-5736-poc +https://github.com/qdrant/qdrant/issues/2268 https://github.com/qemm/joomlasqli +https://github.com/qianshuidewajueji/poc/blob/main/gpac/mp3_dmx_process_poc3 https://github.com/qinggan/phpok/issues/12 https://github.com/qinggan/phpok/issues/5 https://github.com/qinming99/dst-admin/issues/28 https://github.com/qiubaoyang/CVEs/blob/master/zzcms/zzcms.md +https://github.com/qoli/Merlin.PHP/issues/26 https://github.com/qpdf/qpdf/issues/146 https://github.com/qpdf/qpdf/issues/202 +https://github.com/qpdf/qpdf/issues/243 https://github.com/qpdf/qpdf/issues/492 https://github.com/qq956801985/cve/blob/main/sql.md +https://github.com/quartz-scheduler/quartz/issues/943 +https://github.com/quilljs/quill/issues/3364 https://github.com/qurbat/CVE-2022-0236 +https://github.com/qurbat/gpon +https://github.com/r0ck3t1973/xss_payload/issues/6 https://github.com/r1b/CVE-2017-13089 +https://github.com/rabbitmq/rabbitmq-java-client/security/advisories/GHSA-mm8h-8587-p46h +https://github.com/rabbitmq/rabbitmq-server/security/advisories/GHSA-w6cq-9cf4-gqpg https://github.com/radare/radare2/issues/8731 https://github.com/radare/radare2/issues/8742 https://github.com/radare/radare2/issues/8743 @@ -115535,51 +118204,106 @@ https://github.com/radare/radare2/issues/9727 https://github.com/radare/radare2/releases/tag/3.7.0 https://github.com/radareorg/radare2/commit/10517e3ff0e609697eb8cde60ec8dc999ee5ea24 https://github.com/radareorg/radare2/issues/15543 +https://github.com/radareorg/radare2/issues/17383 +https://github.com/radareorg/radare2/issues/17431 https://github.com/radareorg/radare2/issues/20336 https://github.com/radareorg/radare2/issues/20354 +https://github.com/radareorg/radare2/issues/22333 +https://github.com/radareorg/radare2/issues/22334 +https://github.com/radareorg/radare2/issues/22349 https://github.com/rails/rails/issues/46244 +https://github.com/ralap-z/rpcms/issues/1 +https://github.com/ralap-z/rpcms/issues/2 +https://github.com/ralap-z/rpcms/issues/3 https://github.com/ramda/ramda/pull/3192 +https://github.com/rand0mIdas/randomideas/blob/main/ShimoVPN.md https://github.com/randshell/vulnerability-research/tree/main/CVE-2024-33436 https://github.com/randshell/vulnerability-research/tree/main/CVE-2024-33437 +https://github.com/rapid7/metasploit-framework/issues/13026 +https://github.com/rapid7/metasploit-framework/issues/14015 https://github.com/rapid7/metasploit-framework/issues/8064 +https://github.com/rapid7/metasploit-framework/pull/14365 +https://github.com/rapid7/metasploit-framework/pull/16044 https://github.com/rapid7/metasploit-framework/pull/16989 https://github.com/rapid7/metasploit-framework/pull/1834 +https://github.com/rauc/rauc/security/advisories/GHSA-cgf3-h62j-w9vv https://github.com/rauschecker/CVEs/tree/main/CVE-2021-25277 https://github.com/rauschecker/CVEs/tree/main/CVE-2021-34675 https://github.com/rauschecker/CVEs/tree/main/CVE-2021-34676 +https://github.com/rauschecker/CVEs/tree/main/CVE-2023-33761 +https://github.com/rauschecker/CVEs/tree/main/CVE-2023-33763 +https://github.com/rauschecker/CVEs/tree/main/CVE-2023-33764 +https://github.com/rawchen/sims/issues/7 +https://github.com/rawchen/sims/issues/8 https://github.com/rdincel1/Bolt-CMS-3.6.2---Cross-Site-Scripting +https://github.com/rdomanski/Exploits_and_Advisories/blob/master/advisories/Pwn2Own/Tokyo2019/lao_bomb.md +https://github.com/rdomanski/Exploits_and_Advisories/blob/master/advisories/Pwn2Own/Tokyo2020/minesweeper.md https://github.com/realistic-security/CVE-2017-16524 https://github.com/reasoncms/reasoncms/issues/264 +https://github.com/redaxo/redaxo4/issues/422 +https://github.com/redblueteam/CVE-2023-41507/ +https://github.com/redblueteam/CVE-2023-41508/ https://github.com/reevesrs24/CVE/blob/master/Netgear_WNDR2400v3/upnp_stack_overflow/upnp_stack_overflow.md +https://github.com/refi64/CVE-2020-25265-25266 +https://github.com/relative/synchrony/security/advisories/GHSA-jg82-xh3w-rhxx https://github.com/relic-toolkit/relic/issues/154 +https://github.com/relic-toolkit/relic/issues/155 +https://github.com/relic-toolkit/relic/issues/284 +https://github.com/remix30303/AirBoxAPNLeaks +https://github.com/remoteclinic/RemoteClinic/issues/23 +https://github.com/remoteclinic/RemoteClinic/issues/24 https://github.com/renmizo/CVE-2022-41412 +https://github.com/renmizo/CVE-2022-41413 https://github.com/request/request/issues/1904 https://github.com/restify/node-restify/issues/1018 https://github.com/rgaufman/live555/issues/19 https://github.com/rhymix/rhymix/issues/1088 https://github.com/rhysd/Shiba/issues/42 +https://github.com/richardgirges/express-fileupload/issues/236 https://github.com/richgel999/miniz/issues/90 +https://github.com/rickxy/Stock-Management-System/issues/2 +https://github.com/rickxy/Stock-Management-System/issues/3 https://github.com/rickytriky/NWPU_Projct/tree/main/Tenda/AC18/1 https://github.com/rickytriky/NWPU_Projct/tree/main/Tenda/AC18/3 https://github.com/rickytriky/NWPU_Projct/tree/main/Tenda/AC18/4 https://github.com/rickytriky/NWPU_Projct/tree/main/Tenda/AC18/5 +https://github.com/rickytriky/NWPU_Projct/tree/main/Tenda/AC18/6 https://github.com/riscv-boom/riscv-boom/issues/577 +https://github.com/rishaldwivedi/Public_Disclosure/blob/master/README.md#msi-dragon-center-eop +https://github.com/risuxx/CVE-2023-51126 +https://github.com/riteshgohil/My_CVE/blob/main/CVE-2020-35852.md +https://github.com/rizinorg/rizin/pull/1313 https://github.com/rjbs/Email-MIME/issues/66 https://github.com/rjt-gupta/CVE-2021-29337 +https://github.com/rmccarth/cve-2021-3164 https://github.com/robertchrk/zmanda_exploit https://github.com/rockcarry/ffjpeg/issues/10 https://github.com/rockcarry/ffjpeg/issues/11 https://github.com/rockcarry/ffjpeg/issues/12 https://github.com/rockcarry/ffjpeg/issues/13 https://github.com/rockcarry/ffjpeg/issues/14 +https://github.com/rockcarry/ffjpeg/issues/25 +https://github.com/rockcarry/ffjpeg/issues/26 +https://github.com/rockcarry/ffjpeg/issues/27 +https://github.com/rockcarry/ffjpeg/issues/28 https://github.com/rockcarry/ffjpeg/issues/36 https://github.com/rockcarry/ffjpeg/issues/43 https://github.com/rockcarry/ffjpeg/issues/44 https://github.com/rockcarry/ffjpeg/issues/49 https://github.com/rohe/pysaml2/issues/366 +https://github.com/rohit0x5/poc/blob/main/cve_2 https://github.com/rohit0x5/poc/blob/main/idor +https://github.com/roman-mueller/PoC/tree/master/CVE-2023-50488 +https://github.com/roman-mueller/PoC/tree/master/CVE-2023-51820 +https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst +https://github.com/ronf/asyncssh/security/advisories/GHSA-cfc2-wr2v-gxm5 +https://github.com/roughb8722/CVE-2021-3122-Details/blob/main/CVE-2021-3122 +https://github.com/roundcube/roundcubemail/pull/7302 https://github.com/rrainn/PortProcesses/security/advisories/GHSA-vm67-7vmg-66vm https://github.com/rsrahulsingh05/POC/blob/main/Stored%20XSS +https://github.com/rsyslog/libfastjson/issues/161 +https://github.com/rt122001/CVES/blob/main/CVE-2023-37684.txt +https://github.com/rt122001/CVES/blob/main/CVE-2023-37685.txt https://github.com/rtomayko/rack-cache/blob/master/CHANGES https://github.com/ruby/ruby/pull/1777 https://github.com/rubyfly/IKARUS_POC/tree/master/0x83000058 @@ -115609,11 +118333,17 @@ https://github.com/rubyfly/Vir.IT-explorer_POC/tree/master/8.5.65/0x8273E060 https://github.com/rubyfly/Vir.IT-explorer_POC/tree/master/8.5.65/0x8273E080 https://github.com/rubygems/rubygems/commit/8d91516fb7037ecfb27622f605dc40245e0f8d32 https://github.com/rubyzip/rubyzip/issues/315 +https://github.com/rubyzip/rubyzip/issues/369 https://github.com/rubyzip/rubyzip/pull/403 +https://github.com/rust-lang/rust/issues/44800 https://github.com/rust-lang/rust/issues/83618 +https://github.com/rustsec/advisory-db/pull/1798 https://github.com/rxwx/CVE-2017-11882 https://github.com/rxwx/CVE-2017-8570 https://github.com/s-cart/s-cart/issues/102 +https://github.com/s-cart/s-cart/issues/52 +https://github.com/s0tr/CVE-2023-33781 +https://github.com/s0tr/CVE-2023-33782 https://github.com/s1kr10s/EasyChatServer-DOS https://github.com/s3131212/allendisk/issues/16 https://github.com/s3131212/allendisk/issues/21 @@ -115621,6 +118351,9 @@ https://github.com/s3inlc/hashtopussy/issues/241 https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/totolink%20LR350/NTPSyncWithHost/README.md https://github.com/sT0wn-nl/CVEs/blob/master/README.md#nagios-xi https://github.com/saaramar/execve_exploit +https://github.com/safe-b/CVE/issues/1 +https://github.com/safe-b/CVE/issues/1#issue-1817133689 +https://github.com/sagemath/FlintQS/issues/3 https://github.com/sagemathinc/cocalc/security/advisories/GHSA-8w44-hggw-p5rf https://github.com/sahaRatul/sela/issues/25 https://github.com/sahaRatul/sela/issues/26 @@ -115629,6 +118362,7 @@ https://github.com/sahaRatul/sela/issues/28 https://github.com/sahaRatul/sela/issues/29 https://github.com/sahaRatul/sela/issues/30 https://github.com/sahaRatul/sela/issues/31 +https://github.com/sahellebusch/flattenizer/pull/13 https://github.com/sahildari/cve/blob/master/CVE-2024-31061.md https://github.com/sahildari/cve/blob/master/CVE-2024-31062.md https://github.com/sahildari/cve/blob/master/CVE-2024-31063.md @@ -115638,6 +118372,7 @@ https://github.com/sahildari/cve/blob/master/CVE-2024-31502.md https://github.com/sahildhar/sahildhar.github.io/blob/master/research/reports/Piwigo_2.9.2/Cross%20Site%20Request%20Forgery%20in%20Piwigo%202.9.2.md https://github.com/sahildhar/sahildhar.github.io/blob/master/research/reports/Piwigo_2.9.2/Multiple%20SQL%20Injection%20Vulnerabilities%20in%20Piwigo%202.9.2.md https://github.com/sahildhar/sahildhar.github.io/blob/master/research/reports/Piwigo_2.9.2/Stored%20XSS%20Vulnerabilities%20in%20Piwigo%202.9.2.md +https://github.com/sahiloj/CVE-2023-37596/blob/main/README.md https://github.com/sahilop123/-CVE-2022-48150 https://github.com/saitamang/CVE-2021-35475/blob/main/README.md https://github.com/saitamang/POC-DUMP/blob/main/Garage%20Management%20System/README.md @@ -115645,15 +118380,18 @@ https://github.com/saitamang/POC-DUMP/blob/main/Hospital%20Information%20System/ https://github.com/saitamang/POC-DUMP/blob/main/Loan%20Management%20System/README.md https://github.com/saitamang/POC-DUMP/tree/main/Hospital%20Information%20System https://github.com/saitamang/POC-DUMP/tree/main/PayMoney +https://github.com/saitoha/libsixel/blob/master/ChangeLog https://github.com/saitoha/libsixel/issues/108 https://github.com/saitoha/libsixel/issues/109 https://github.com/saitoha/libsixel/issues/110 https://github.com/saitoha/libsixel/issues/120 https://github.com/saitoha/libsixel/issues/121 https://github.com/saitoha/libsixel/issues/122 +https://github.com/saitoha/libsixel/issues/123 https://github.com/saitoha/libsixel/issues/125 https://github.com/saitoha/libsixel/issues/126 https://github.com/saitoha/libsixel/issues/127 +https://github.com/saitoha/libsixel/issues/134 https://github.com/saitoha/libsixel/issues/136 https://github.com/saitoha/libsixel/issues/143 https://github.com/saitoha/libsixel/issues/156 @@ -115661,13 +118399,25 @@ https://github.com/saitoha/libsixel/issues/157 https://github.com/saitoha/libsixel/issues/163 https://github.com/saitoha/libsixel/issues/165 https://github.com/saitoha/libsixel/issues/166 +https://github.com/saitoha/libsixel/issues/73 +https://github.com/saitoha/libsixel/issues/74 +https://github.com/saitoha/libsixel/issues/75 https://github.com/saitoha/libsixel/issues/85 +https://github.com/sajaljat/CVE-2023-46449/tree/main +https://github.com/sajaljat/CVE-2023-46451 +https://github.com/sajaljat/CVE-2023-46980/tree/main +https://github.com/salesagility/SuiteCRM-Core/security/advisories/GHSA-fxww-jqfv-9rrr https://github.com/salesagility/SuiteCRM/issues/333 https://github.com/saltstack/salt/commits/master https://github.com/samboy/MaraDNS/security/advisories/GHSA-58m7-826v-9c3c https://github.com/samuelhuntley/Moxa_AWK_1121/blob/master/Moxa_AWK_1121 +https://github.com/samyk/slipstream +https://github.com/sandyre/libopencad/issues/43 https://github.com/sanluan/PublicCMS/issues/12 +https://github.com/sanluan/PublicCMS/issues/79 https://github.com/sansanyun/mipcms5/issues/4 +https://github.com/sansanyun/mipcms5/issues/5 +https://github.com/sapplica/sentrifugo/issues/384 https://github.com/sass/libsass/issues/2661 https://github.com/sass/libsass/issues/2662 https://github.com/sass/libsass/issues/2814 @@ -115679,6 +118429,7 @@ https://github.com/sass/libsass/issues/3001 https://github.com/sass/libsass/issues/3174 https://github.com/sass/libsass/issues/3177 https://github.com/sass/libsass/issues/3178 +https://github.com/saysky/ForestBlog/issues/20 https://github.com/sazanrjb/InventoryManagementSystem/issues/14 https://github.com/sbaresearch/advisories/tree/public/2015/Polycom_20150513 https://github.com/sbaresearch/advisories/tree/public/2015/RXTEC_20150513 @@ -115691,18 +118442,45 @@ https://github.com/sbaresearch/advisories/tree/public/2019/SBA-ADV-20190913-01_W https://github.com/sbaresearch/advisories/tree/public/2019/SBA-ADV-20190913-02_WordPress_Plugin_Broken_Link_Checker https://github.com/sbaresearch/advisories/tree/public/2019/SBA-ADV-20190913-03_WordPress_Plugin_Events_Manager https://github.com/sbaresearch/advisories/tree/public/2019/SBA-ADV-20190913-04_WordPress_Plugin_All_in_One_SEO_Pack +https://github.com/sbaresearch/advisories/tree/public/2019/SBA-ADV-20191203-01_Monsta_FTP_Arbitrary_File_Read_and_Write +https://github.com/sbaresearch/advisories/tree/public/2019/SBA-ADV-20191203-02_Monsta_FTP_Server-Side_Request_Forgery +https://github.com/sbaresearch/advisories/tree/public/2019/SBA-ADV-20191211-01_Monsta_FTP_Stored_XSS +https://github.com/sbaresearch/advisories/tree/public/2020/SBA-ADV-20200707-01_CloudLinux_CageFS_Token_Disclosure https://github.com/sbaresearch/advisories/tree/public/2020/SBA-ADV-20200707-02_CloudLinux_CageFS_Insufficiently_Restricted_Proxy_Commands +https://github.com/sbaresearch/advisories/tree/public/2022/SBA-ADV-20220120-01_MOKOSmart_MKGW1_Gateway_Improper_Session_Management https://github.com/sbaresearch/advisories/tree/public/2022/SBA-ADV-20220127-01_Shibboleth_IdP_OIDC_OP_Plugin_SSRF +https://github.com/sbaresearch/advisories/tree/public/2022/SBA-ADV-20220328-01_Vtiger_CRM_Stored_Cross-Site_Scripting https://github.com/scarvell/grandstream_exploits https://github.com/scausoft/cve/blob/main/rce.md https://github.com/scausoft/cve/blob/main/sql.md https://github.com/schettino72/sqla_yaml_fixtures/issues/20 +https://github.com/scikit-learn/scikit-learn/issues/18891 +https://github.com/scipy/scipy/issues/14713 +https://github.com/scipy/scipy/issues/14713#issuecomment-1629468565 +https://github.com/scorelab/OpenMF/issues/262 https://github.com/screetsec/VDD/tree/main/Automad%20CMS/Cross-Site%20Request%20Forgery%20(CSRF) https://github.com/seacms-com/seacms/issues/23 +https://github.com/sec-bin/IoT-CVE/tree/main/Tenda/AX12/4 +https://github.com/sec-bin/IoT-CVE/tree/main/Tenda/AX12/5 +https://github.com/sec-bin/IoT-CVE/tree/main/Tenda/AX12/6 +https://github.com/sec-bin/IoT-CVE/tree/main/Tenda/AX1806/10 +https://github.com/sec-bin/IoT-CVE/tree/main/Tenda/AX1806/11 +https://github.com/sec-bin/IoT-CVE/tree/main/Tenda/AX1806/12 +https://github.com/sec-bin/IoT-CVE/tree/main/Tenda/AX1806/13 +https://github.com/sec-bin/IoT-CVE/tree/main/Tenda/AX1806/2 +https://github.com/sec-bin/IoT-CVE/tree/main/Tenda/AX1806/4 +https://github.com/sec-bin/IoT-CVE/tree/main/Tenda/AX1806/6 +https://github.com/sec-bin/IoT-CVE/tree/main/Tenda/AX1806/8 https://github.com/sec-bin/IoT-CVE/tree/main/Tenda/AX3/7 https://github.com/seccome/Ehoney/issues/59 +https://github.com/secf0ra11/secf0ra11.github.io/blob/main/Shopro_SQL_injection.md +https://github.com/secoats/cve/tree/master/CVE-2020-27543_dos_restify-paginate https://github.com/secoats/cve/tree/master/CVE-2022-38488_sqli_logrocket-oauth2-example +https://github.com/secure-77/CVE-2022-31262 +https://github.com/seedis/Z-BlogPHP/blob/master/Z-BlogPHP_stored_xss.md https://github.com/seedis/zzcms/blob/master/SQL%20injection.md +https://github.com/segonse/cve/blob/main/sichuang/sichuang.md +https://github.com/sek1th/iot/blob/master/DIR-816L_XSS.md https://github.com/semplon/GeniXCMS/issues/62 https://github.com/semplon/GeniXCMS/issues/64 https://github.com/semplon/GeniXCMS/issues/65 @@ -115711,20 +118489,30 @@ https://github.com/semplon/GeniXCMS/issues/68 https://github.com/semplon/GeniXCMS/issues/69 https://github.com/semplon/GeniXCMS/issues/70 https://github.com/semplon/GeniXCMS/issues/71 +https://github.com/seopanel/Seo-Panel/issues/201 +https://github.com/seopanel/Seo-Panel/issues/202 +https://github.com/seopanel/Seo-Panel/issues/206 +https://github.com/seopanel/Seo-Panel/issues/207 +https://github.com/seopanel/Seo-Panel/issues/208 +https://github.com/seopanel/Seo-Panel/issues/209 https://github.com/seopanel/Seo-Panel/issues/211 https://github.com/seopanel/Seo-Panel/issues/212 +https://github.com/sergeKashkin/Simple-RAT/pull/11 https://github.com/serializingme/cve-2016-9192 https://github.com/shadowsock5/ThinkCMF-5.0.190111/blob/master/README.md https://github.com/shadowsocks/shadowsocks-libev/issues/1734 +https://github.com/shahzaibak96/CVE-2023-46480 https://github.com/sharathc213/CVE-2023-7172 https://github.com/sharathc213/CVE-2023-7173 https://github.com/sharemice/phpcms_xss/blob/master/index.html +https://github.com/sharpred/deepHas/commit/2fe011713a6178c50f7deb6f039a8e5435981e20 https://github.com/shashankmangal2/Exploits/blob/master/ThinVNC-RemoteAccess/POC.py https://github.com/shd101wyy/vscode-markdown-preview-enhanced/issues/639 https://github.com/shd101wyy/vscode-markdown-preview-enhanced/issues/640 https://github.com/sheehan/grails-console/issues/54 https://github.com/sheehan/grails-console/issues/55 https://github.com/shellpei/TOTOLINK-Unauthorized/blob/main/CVE-2023-23064 +https://github.com/shellshok3/Cross-Site-Scripting-XSS/blob/main/Bus%20Pass%20Management%20System%201.0.md https://github.com/shenzhim/aaptjs/issues/2 https://github.com/shijin0925/IOT/blob/master/TOTOLINK%20A3100R/2.md https://github.com/shijin0925/IOT/blob/master/TOTOLINK%20A3100R/3.md @@ -115732,8 +118520,20 @@ https://github.com/shijin0925/IOT/blob/master/TOTOLINK%20A3100R/4.md https://github.com/shijin0925/IOT/blob/master/TOTOLINK%20A3100R/5.md https://github.com/shijin0925/IOT/blob/master/TOTOLINK%20A3100R/6.md https://github.com/shijin0925/IOT/blob/master/TOTOLINK%20A3100R/9.md +https://github.com/shinypolaris/vuln-reports/blob/master/TOTOLINK%20A3300R/1/README.md +https://github.com/shinypolaris/vuln-reports/blob/master/TOTOLINK%20LR1200GB/1/README.md +https://github.com/shinypolaris/vuln-reports/blob/master/TOTOLINK%20X6000R/1/README.md +https://github.com/shinypolaris/vuln-reports/blob/master/TOTOLINK%20X6000R/2/README.md +https://github.com/shirasagi/shirasagi/security/advisories/GHSA-xr45-c2jv-2v9r https://github.com/shish/shimmie2/issues/597 +https://github.com/shreyansh225/Sports-Club-Management-System/issues/6 +https://github.com/shubhamjain/svg-loader/security/advisories/GHSA-xc2r-jf2x-gjr8 +https://github.com/shulao2020/cve/blob/main/Flying%20Fish.md https://github.com/shyiko/ktlint/pull/332 +https://github.com/sickcodes/security/blob/master/advisories/SICK-2020-002.md +https://github.com/sickcodes/security/blob/master/advisories/SICK-2020-004.md +https://github.com/sickcodes/security/blob/master/advisories/SICK-2020-009.md +https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-011.md https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-014.md https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-015.md https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-018.md @@ -115743,9 +118543,13 @@ https://github.com/sigubbs/cms/blob/main/34/csrf.md https://github.com/sigubbs/cms/blob/main/35/csrf.md https://github.com/sigubbs/cms/blob/main/36/csrf.md https://github.com/silnrsi/graphite/issues/22 +https://github.com/simplcommerce/SimplCommerce/issues/943 +https://github.com/simplcommerce/SimplCommerce/issues/969 +https://github.com/simsong/tcpflow/issues/195 https://github.com/sinemsahn/POC/blob/main/Create%20Clansphere%202011.4%20%22username%22%20xss.md https://github.com/siriuswhiter/VulnHub/blob/main/Flir/02-FLIR-AX8%20palette.php%20%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E/FLIR-AX8%20palette.php%20%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E1.md https://github.com/siteserver/cms/issues/1858 +https://github.com/siteserver/cms/issues/3492 https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Reflected%20XSS%20-%20home.php.md https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/SQL%20Injection%20-%20bookdate.php.md https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/SQL%20Injection%20-%20update-rooms.php.md @@ -115759,8 +118563,12 @@ https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/keerti19 https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/keerti1924%20Online-Book-Store-Website/StoredXSS%20Signup/Stored%20XSS%20signup.php%20.md https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/keerti1924%20PHP-MYSQL-User-Login-System/SQLI%20Auth.md https://github.com/skoranga/node-dns-sync/issues/5 +https://github.com/skvadrik/re2c/commit/c4603ba5ce229db83a2a4fb93e6d4b4e3ec3776a +https://github.com/skysafe/reblog/tree/main/cve-2023-45866 https://github.com/skysider/openexif_vulnerabilities https://github.com/sl4cky/LumisXP-XXE---POC/blob/main/poc.txt +https://github.com/sleepyvv/vul_report/blob/main/C-data/BrokenAccessControl.md +https://github.com/sleepyvv/vul_report/blob/main/WAVLINK/WAVLINK-WN579X3-RCE.md https://github.com/sleuthkit/sleuthkit/issues/1264 https://github.com/sleuthkit/sleuthkit/issues/1265 https://github.com/sleuthkit/sleuthkit/issues/1575 @@ -115770,25 +118578,79 @@ https://github.com/slims/slims7_cendana/issues/50 https://github.com/slims/slims8_akasia/issues/103 https://github.com/slims/slims8_akasia/issues/48 https://github.com/slims/slims8_akasia/issues/49 +https://github.com/slims/slims9_bulian/issues/186 +https://github.com/slims/slims9_bulian/issues/204 +https://github.com/slims/slims9_bulian/issues/209 +https://github.com/slims/slims9_bulian/issues/217 +https://github.com/smriti548/CVE/blob/main/CVE-2021-3275 +https://github.com/snappyJack/CVE-request-XZ-5.2.5-has-denial-of-service-vulnerability +https://github.com/sni/Thruk/security/advisories/GHSA-vhqc-649h-994h +https://github.com/socketio/socket.io/issues/3671 +https://github.com/software-mansion/react-native-reanimated/pull/3382 https://github.com/software-mansion/react-native-reanimated/pull/3382/commits/7adf06d0c59382d884a04be86a96eede3d0432fa https://github.com/sonicdoe/ced/security/advisories/GHSA-27wq-qx3q-fxm9 https://github.com/sonicdoe/detect-character-encoding/security/advisories/GHSA-5rwj-j5m3-3chj https://github.com/sony/nnabla/issues/209 https://github.com/soruly/whatanime.ga/issues/8 +https://github.com/soundarkutty/File-upload-Restriction-bypass/blob/main/poc.md +https://github.com/soundarkutty/HTML-Injection/blob/main/POC.md +https://github.com/soundarkutty/Stored-xss/blob/main/poc https://github.com/souravkr529/CSRF-in-Cold-Storage-Management-System/blob/main/PoC +https://github.com/source-hunter/espcms/issues/1 https://github.com/source-trace/beescms/issues/4 +https://github.com/source-trace/beescms/issues/5 +https://github.com/source-trace/yunucms/issues/2 +https://github.com/source-trace/yunucms/issues/3 +https://github.com/source-trace/yunucms/issues/4 +https://github.com/source-trace/yunucms/issues/5 +https://github.com/source-trace/yunucms/issues/6 +https://github.com/source-trace/yunucms/issues/7 +https://github.com/source-trace/yunucms/issues/8 https://github.com/sourceincite/randy +https://github.com/soy-oreocato/CVE-2023-46998/ +https://github.com/soy-oreocato/CVE-Advisories/tree/main/PapiQuieroPollo00 +https://github.com/spcck/cve/blob/main/sql.md https://github.com/spejman/festivaltts4r/issues/1 https://github.com/splitbrain/dokuwiki/issues/2061 https://github.com/splitbrain/dokuwiki/issues/2080 https://github.com/splitbrain/dokuwiki/issues/2081 +https://github.com/spotipy-dev/spotipy/security/advisories/GHSA-q764-g6fm-555v https://github.com/spwpun/pocs https://github.com/spwpun/pocs/blob/main/frr-bgpd.md https://github.com/sqlalchemy/sqlalchemy/issues/4481 https://github.com/sqlalchemy/sqlalchemy/issues/4481#issuecomment-461204518 +https://github.com/squid-cache/squid/pull/585 +https://github.com/sromanhu/CMSmadesimple-Stored-XSS---File-Picker-extension +https://github.com/sromanhu/CSZ-CMS-Stored-XSS---Pages-Content/blob/main/README.md +https://github.com/sromanhu/CVE-2023-43339-CMSmadesimple-Reflected-XSS---Installation/blob/main/README.md +https://github.com/sromanhu/CVE-2023-43341-Evolution-Reflected-XSS---Installation-Connection- +https://github.com/sromanhu/CVE-2023-43352-CMSmadesimple-SSTI--Content +https://github.com/sromanhu/CVE-2023-43353-CMSmadesimple-Stored-XSS---News---Extra +https://github.com/sromanhu/CVE-2023-43359-CMSmadesimple-Stored-XSS----Content-Manager +https://github.com/sromanhu/CVE-2023-43360-CMSmadesimple-Stored-XSS---File-Picker-extension +https://github.com/sromanhu/CVE-2023-43871-WBCE-Arbitrary-File-Upload--XSS---Media/blob/main/README.md +https://github.com/sromanhu/CVE-2023-43875-Subrion-CMS-Reflected-XSS---Installation/blob/main/README.md +https://github.com/sromanhu/CVE-2023-43878-RiteCMS-Stored-XSS---MainMenu/blob/main/README.md +https://github.com/sromanhu/CVE-2023-44769_ZenarioCMS--Reflected-XSS---Alias/tree/main +https://github.com/sromanhu/ConcreteCMS-Arbitrary-file-upload-Thumbnail +https://github.com/sromanhu/ConcreteCMS-Reflected-XSS---Tags +https://github.com/sromanhu/ConcreteCMS-Stored-XSS---Associations +https://github.com/sromanhu/ConcreteCMS-Stored-XSS---Forms +https://github.com/sromanhu/ConcreteCMS-Stored-XSS---Site_Installation +https://github.com/sromanhu/Evolution-Reflected-XSS---Installation-Connection- +https://github.com/sromanhu/RiteCMS-Stored-XSS---MainMenu/blob/main/README.md +https://github.com/sromanhu/Subrion-CMS-Reflected-XSS---Installation/blob/main/README.md +https://github.com/sromanhu/WBCE-File-Upload--XSS---Media/blob/main/README.md +https://github.com/sromanhu/ZenarioCMS--Reflected-XSS---Alias/tree/main +https://github.com/sromanhu/ZenarioCMS--Stored-XSS---Page-Layout +https://github.com/sromanhu/e107-CMS-Stored-XSS---Manage/blob/main/README.md https://github.com/srsec/-srsec-/issues/1 https://github.com/ss122-0ss/School/blob/main/readme.md https://github.com/ss122-0ss/semcms/blob/main/README.md +https://github.com/stampit-org/supermixer/issues/9 +https://github.com/starnight/MicroHttpServer/issues/5 +https://github.com/starnight/MicroHttpServer/issues/8 +https://github.com/statamic/cms/security/advisories/GHSA-6r5g-cq4q-327g https://github.com/staufnic/CVE/tree/master/CVE-2019-18794 https://github.com/staufnic/CVE/tree/master/CVE-2019-18795 https://github.com/staufnic/CVE/tree/master/CVE-2019-18796 @@ -115797,10 +118659,19 @@ https://github.com/stephane/libmodbus/issues/614 https://github.com/stephane/libmodbus/issues/748 https://github.com/stephane/libmodbus/issues/749 https://github.com/stephane/libmodbus/issues/750 +https://github.com/stepmania/stepmania/issues/1890 +https://github.com/steveukx/properties/issues/40 https://github.com/sthierolf/security/blob/main/CVE-2021-35061.md https://github.com/sthierolf/security/blob/main/CVE-2021-35062.md https://github.com/stleary/JSON-java/issues/654 https://github.com/stleary/JSON-java/issues/708 +https://github.com/stleary/JSON-java/issues/758 +https://github.com/stong/CVE-2020-15368?tab=readme-ov-file +https://github.com/strapi/strapi/security/advisories/GHSA-24q2-59hm-rh9r +https://github.com/strapi/strapi/security/advisories/GHSA-9xg4-3qfm-9w8f +https://github.com/strapi/strapi/security/advisories/GHSA-v8gg-4mq2-88q4 +https://github.com/strik3r0x1/Vulns/blob/35fe4fb3d5945b5df2a87aab0cf9ec6137bcf976/Insufficient%20Session%20Expiration%20-%20Elenos.md +https://github.com/strik3r0x1/Vulns/blob/main/(IDOR)%20leads%20to%20events%20profiles%20access%20-%20Elenos.md https://github.com/strik3r0x1/Vulns/blob/main/CSRF_Clavister-E80,E10.md https://github.com/strik3r0x1/Vulns/blob/main/Clavister_E80-RXSS.md https://github.com/strik3r0x1/Vulns/blob/main/SolarView%20Compact%20XSS%20up%20to%207.0.md @@ -115808,6 +118679,13 @@ https://github.com/strik3r0x1/Vulns/blob/main/Unrestricted%20File%20Upload_%20So https://github.com/strik3r0x1/Vulns/blob/main/WAVLINK_WN533A8.md https://github.com/strik3r0x1/Vulns/blob/main/Wavlink%20WL-WN531G3.md https://github.com/strik3r0x1/Vulns/blob/main/ZTC_GK420d-SXSS.md +https://github.com/strukturag/libde265/issues/232 +https://github.com/strukturag/libde265/issues/233 +https://github.com/strukturag/libde265/issues/234 +https://github.com/strukturag/libde265/issues/235 +https://github.com/strukturag/libde265/issues/237 +https://github.com/strukturag/libde265/issues/240 +https://github.com/strukturag/libde265/issues/242 https://github.com/strukturag/libde265/issues/298 https://github.com/strukturag/libde265/issues/335 https://github.com/strukturag/libde265/issues/336 @@ -115824,25 +118702,55 @@ https://github.com/strukturag/libde265/issues/346 https://github.com/strukturag/libde265/issues/347 https://github.com/strukturag/libde265/issues/348 https://github.com/strukturag/libde265/issues/349 +https://github.com/strukturag/libde265/issues/352 https://github.com/strukturag/libde265/issues/367 https://github.com/strukturag/libde265/issues/368 https://github.com/strukturag/libde265/issues/369 +https://github.com/strukturag/libde265/issues/378 +https://github.com/strukturag/libde265/issues/379 +https://github.com/strukturag/libde265/issues/383 +https://github.com/strukturag/libde265/issues/384 +https://github.com/strukturag/libde265/issues/385 +https://github.com/strukturag/libde265/issues/388 +https://github.com/strukturag/libde265/issues/418 +https://github.com/strukturag/libde265/issues/426 +https://github.com/strukturag/libde265/issues/427 +https://github.com/strukturag/libde265/issues/435 +https://github.com/strukturag/libheif/issues/1042 +https://github.com/strukturag/libheif/issues/1046 https://github.com/strukturag/libheif/issues/138 https://github.com/strukturag/libheif/issues/139 +https://github.com/strukturag/libheif/issues/207 +https://github.com/strukturag/libheif/issues/794 https://github.com/stsaz/phiola/issues/27 https://github.com/stsaz/phiola/issues/29 https://github.com/stsaz/phiola/issues/30 https://github.com/sungjungk/fp-img-key-crack https://github.com/sungjungk/fp-scanner-hacking https://github.com/sungjungk/keyring_crack +https://github.com/sungjungk/whoopsie_killer +https://github.com/sungjungk/whoopsie_killer2/blob/master/README.md +https://github.com/sungjungk/whoopsie_killer2/blob/master/whoopsie_killer2.py https://github.com/sunkaifei/FlyCms/issues/1 https://github.com/sunkaifei/FlyCms/issues/8 +https://github.com/sunktitanic/Injection-vulnerability-in-Paradox-Security-Systems-IPR512 +https://github.com/sunyixuan1228/cve/blob/main/weaver.md https://github.com/superkojiman/vulnerabilities/blob/master/AvantFAX-3.3.7/README.md https://github.com/svanderburg/libiff/issues/10 https://github.com/svgpp/svgpp/issues/70 +https://github.com/swoole/swoole-src/pull/3539 +https://github.com/sword1991912/metinfo/issues/1 +https://github.com/swzhouu/CVE-2020-26732 +https://github.com/swzhouu/CVE-2020-26733 +https://github.com/swzhouu/CVE-2020-27368 https://github.com/swzhouu/CVE-2022-48311 +https://github.com/sybrenstuvel/python-rsa/issues/146 +https://github.com/sybrenstuvel/python-rsa/issues/146#issuecomment-641845667 https://github.com/syedsohaibkarim/PoC-BrokenAuth-AppSpace6.2.4 https://github.com/syedsohaibkarim/PoC-StoredXSS-Appspace6.2.4 +https://github.com/symless/synergy-core/security/advisories/GHSA-chfm-333q-gfpp +https://github.com/sympa-community/sympa/issues/943#issuecomment-704842235 +https://github.com/syoyo/tinydng/issues/28 https://github.com/syoyo/tinyexr/issues/124 https://github.com/syoyo/tinyexr/issues/167 https://github.com/syoyo/tinyexr/issues/169 @@ -115850,44 +118758,80 @@ https://github.com/syoyo/tinygltf/issues/368 https://github.com/sysenter-eip/CVE-2022-26629 https://github.com/sysstat/sysstat/issues/196 https://github.com/sysstat/sysstat/issues/199 +https://github.com/sysstat/sysstat/issues/230 https://github.com/systemd/systemd/issues/4234 https://github.com/systemd/systemd/issues/4234#issuecomment-250441246 https://github.com/systemd/systemd/issues/7986 https://github.com/systemd/systemd/issues/9397 https://github.com/systemd/systemd/pull/28885 https://github.com/syuilo/misskey/security/advisories/GHSA-6qw9-6jxq-xj3p +https://github.com/tacetool/TACE#cve-2023-48161 https://github.com/tadashi-aikawa/owlmixin/issues/12 +https://github.com/tangent65536/Slivjacker https://github.com/tanghaibao/jcvi/security/advisories/GHSA-x49m-3cw7-gq5q +https://github.com/taogogo/taocms/issues/15 https://github.com/taogogo/taocms/issues/5 https://github.com/taogogo/taocms/issues/6 https://github.com/taogogo/taocms/issues/8 +https://github.com/taosdata/TDengine/security/advisories/GHSA-w23f-r2fm-27hf +https://github.com/taosdata/grafanaplugin/security/advisories/GHSA-23wp-p848-hcgr +https://github.com/taosir/wtcms/issues/10 +https://github.com/taosir/wtcms/issues/11 +https://github.com/taosir/wtcms/issues/8 +https://github.com/taosir/wtcms/issues/9 https://github.com/tarantula-team/CSS-injection-in-Swagger-UI https://github.com/tarantula-team/CVE-2019-12949 https://github.com/tarantula-team/CVE-2019-19012 https://github.com/tarantula-team/CVE-2019-19203 https://github.com/tarantula-team/CVE-2019-19204 +https://github.com/tats/w3m/issues/242 +https://github.com/tats/w3m/issues/268 +https://github.com/tats/w3m/issues/270 +https://github.com/tats/w3m/issues/271 https://github.com/tbeu/matio/issues/121 https://github.com/tbeu/matio/issues/127 https://github.com/tbeu/matio/issues/129 https://github.com/tbeu/matio/issues/130 https://github.com/tbeu/matio/issues/131 https://github.com/tboothman/imdbphp/issues/88 +https://github.com/tchenu/CVE-2020-12112 +https://github.com/te5tb99/For-submitting/wiki/Command-Execution-Vulnerability-in-China-Mobile-Intelligent-Home-Gateway-HG6543C4 +https://github.com/te5tb99/For-submitting/wiki/Command-Execution-Vulnerability-in-China-Mobile-Intelligent-Home-Gateway-HG6543C4-Identity-verification-has-design-flaws https://github.com/teameasy/EasyCMS/issues/3 https://github.com/teknoraver/aacplusenc/issues/1 https://github.com/tenable/poc/tree/master/netatalk/cve_2018_1160/ https://github.com/tenable/routeros/tree/master/poc/cve_2019_15055 +https://github.com/tensorflow/tensorflow/security/advisories/GHSA-jq6x-99hj-q636 +https://github.com/termanix/PHPGrukul-Pre-School-Enrollment-System-v1.0/blob/main/CVE-2023-47445%20PHPGurukul-Pre-School-Enrollment-System-v1.0%20SQL%20Injection.md +https://github.com/termanix/PHPGrukul-Pre-School-Enrollment-System-v1.0/blob/main/CVE-2023-47446%20PHPGurukul-Pre-School-Enrollment-System-v1.0%20Stored%20XSS%20Vulnerability.md +https://github.com/tezeb/accfly/blob/master/Readme.md https://github.com/tgp-top/DAP-1360/blob/main/README.md https://github.com/thanethomson/MLAlchemy/issues/1 +https://github.com/the-girl-who-lived/CVE-2020-11539/ +https://github.com/the-girl-who-lived/CVE-2020-25498 +https://github.com/the-girl-who-lived/CVE-2020-35262 https://github.com/the-tcpdump-group/tcpdump/issues/645 +https://github.com/theart42/cves/blob/master/CVE-2021-28079/CVE-2021-28079.md https://github.com/thecasual/CVE-2022-41358 +https://github.com/thedigicraft/Atom.CMS/issues/256 +https://github.com/thedigicraft/Atom.CMS/issues/257 https://github.com/theguly/CVE-2017-14105 https://github.com/thehackingverse/Stored-xss-/blob/main/Poc +https://github.com/thelastede/FreeImage-cve-poc/tree/master/CVE-2023-47992 +https://github.com/thelastede/FreeImage-cve-poc/tree/master/CVE-2023-47993 +https://github.com/thelastede/FreeImage-cve-poc/tree/master/CVE-2023-47994 +https://github.com/thelastede/FreeImage-cve-poc/tree/master/CVE-2023-47995 +https://github.com/thelastede/FreeImage-cve-poc/tree/master/CVE-2023-47996 +https://github.com/thelastede/FreeImage-cve-poc/tree/master/CVE-2023-47997 https://github.com/theonedev/onedev/security/advisories/GHSA-5q3q-f373-2jv8 https://github.com/theonedev/onedev/security/advisories/GHSA-9mmq-fm8c-q4fv https://github.com/theori-io/chakra-2016-11 https://github.com/thinkcmf/cmfx/issues/26 +https://github.com/thinkcmf/thinkcmf/issues/675 https://github.com/thinkcmf/thinkcmf/issues/736 https://github.com/thinkcmf/thinkcmf/issues/737 +https://github.com/thinkgad/Bugs/blob/main/emlog%20v5.3.1%20has%20Full%20Path%20Disclosure%20vulnerability.md +https://github.com/thinksaas/ThinkSAAS/issues/24 https://github.com/thinksaas/ThinkSAAS/issues/34 https://github.com/thinksaas/ThinkSAAS/issues/35 https://github.com/tholum/crm42/issues/1 @@ -115899,9 +118843,17 @@ https://github.com/thorfdbg/libjpeg/issues/37 https://github.com/thorfdbg/libjpeg/issues/42 https://github.com/thorfdbg/libjpeg/issues/70 https://github.com/thorfdbg/libjpeg/issues/71 +https://github.com/thorfdbg/libjpeg/issues/73 https://github.com/thorfdbg/libjpeg/issues/74 +https://github.com/thorfdbg/libjpeg/issues/75 +https://github.com/thorfdbg/libjpeg/issues/77 https://github.com/thorfdbg/libjpeg/issues/78 https://github.com/thorfdbg/libjpeg/issues/79 +https://github.com/tht1997/CVE_2023/blob/main/Lost%20and%20Found%20Information%20System/CVE-2023-2671.md +https://github.com/tht1997/CVE_2023/blob/main/Lost%20and%20Found%20Information%20System/CVE-2023-2672.md +https://github.com/tht1997/CVE_2023/blob/main/online_exam/kelasdosen.md +https://github.com/tht1997/WhiteBox/blob/main/PHPKOBO/ajax_pool_script.md +https://github.com/tiann/KernelSU/security/advisories/GHSA-86cp-3prf-pwqq https://github.com/tidwall/gjson/issues/195 https://github.com/tifaweb/Dswjcms/issues/4 https://github.com/tifaweb/Dswjcms/issues/5 @@ -115920,16 +118872,21 @@ https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-16929 https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-16930 https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-18016 https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-8798 +https://github.com/tintinweb/pub/tree/master/pocs/cve-2020-15690 https://github.com/tinymce/tinymce/issues/4394 +https://github.com/tj-actions/changed-files/security/advisories/GHSA-mcph-m25j-8j63 https://github.com/tlfyyds/EQ +https://github.com/tolgee/tolgee-platform/security/advisories/GHSA-gx3w-rwh5-w5cg https://github.com/tonini/alchemist-server/issues/14 https://github.com/tootsuite/mastodon/pull/9381 +https://github.com/torres14852/cve/blob/main/upload.md https://github.com/torvalds/linux/commit/04bf464a5dfd9ade0dda918e44366c2c61fce80b https://github.com/torvalds/linux/commit/05ab8f2647e4221cbdb3856dd7d32bd5407316b3 https://github.com/torvalds/linux/commit/189b0ddc245139af81198d1a3637cac74f96e13a https://github.com/torvalds/linux/commit/9a59029bc218b48eff8b5d4dde5662fd79d3e1a8 https://github.com/torvalds/linux/commit/9cc02ede696272c5271a401e4f27c262359bc2f6 https://github.com/torvalds/linux/commit/b1bb5b49373b61bf9d2c73a4d30058ba6f069e4c +https://github.com/torvalds/linux/commit/b561275d633bcd8e0e8055ab86f1a13df75a0269 https://github.com/torvalds/linux/commit/b66c5984017533316fd1951770302649baf1aa33 https://github.com/torvalds/linux/commit/d114b9fe78c8d6fc6e70808c2092aa307c36dc8e https://github.com/torvalds/linux/commit/d270453a0d9ec10bb8a802a142fb1b3601a83098 @@ -115937,25 +118894,54 @@ https://github.com/totaljs/cms/issues/35 https://github.com/tothi/pwn-hisilicon-dvr/blob/master/pwn_hisilicon_dvr.py https://github.com/toyydsBT123/One_of_my_take_on_SourceCodester/blob/main/Best-Student-Result-Management-System_1.0.poc.md https://github.com/traccar/traccar/security/advisories/GHSA-3gxq-f2qj-c8v9 +https://github.com/traefik/traefik/security/advisories/GHSA-6fwg-jrfw-ff7p +https://github.com/traefik/traefik/security/advisories/GHSA-fvhj-4qfh-q2hm https://github.com/trampgeek/jobe/issues/39 +https://github.com/tramyardg/hotel-mgmt-system/issues/21 https://github.com/tramyardg/hotel-mgmt-system/issues/22 https://github.com/transcendent-group/advisories/blob/main/CVE-2022-27192.md https://github.com/tremwil/ds3-nrssr-rce +https://github.com/trentm/json/issues/144 +https://github.com/trentm/python-markdown2/issues/348 https://github.com/tristao-marinho/CVE-2022-45544/blob/main/README.md +https://github.com/tristao-marinho/CVE-2023-27842 +https://github.com/tristao-marinho/CVE-2023-27842/blob/main/README.md +https://github.com/tristao-marinho/CVE-2023-41646/ +https://github.com/tritonmc/Triton/security/advisories/GHSA-8vj5-jccf-q25r +https://github.com/trusteddomainproject/OpenDMARC/issues/64 +https://github.com/tsingsee/EasyPlayerPro-Win/pull/24 https://github.com/tsruban/HHIMS/issues/1 +https://github.com/ttimot24/HorizontCMS/issues/43 +https://github.com/tutao/tutanota/security/advisories/GHSA-mxgj-pq62-f644 https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-6mv4-4v73-xw58 +https://github.com/twignet/splicecom https://github.com/two-kisses/pescms_vulnerability https://github.com/two-kisses/pescms_vulnerability, +https://github.com/twothink/twothink/issues/1 +https://github.com/typecho/typecho/issues/1523 +https://github.com/typecho/typecho/issues/1536 +https://github.com/typecho/typecho/issues/1539 +https://github.com/typecho/typecho/issues/1546 https://github.com/typestack/class-validator/issues/438 https://github.com/typestack/class-validator/issues/438#issuecomment-964728471 https://github.com/typora/typora-issues/issues/2129 https://github.com/typora/typora-issues/issues/2131 https://github.com/typora/typora-issues/issues/2166 +https://github.com/typora/typora-issues/issues/2204 +https://github.com/typora/typora-issues/issues/2289 https://github.com/typora/typora-issues/issues/2505 +https://github.com/typora/typora-issues/issues/2959 https://github.com/typora/typora-issues/issues/3124 +https://github.com/uBlockOrigin/uBlock-issues/issues/1992 https://github.com/uclouvain/openjpeg/blob/master/CHANGELOG.md https://github.com/uclouvain/openjpeg/issues/1178 +https://github.com/uclouvain/openjpeg/issues/1228 +https://github.com/uclouvain/openjpeg/issues/1231 +https://github.com/uclouvain/openjpeg/issues/1261 +https://github.com/uclouvain/openjpeg/issues/1283 https://github.com/uclouvain/openjpeg/issues/1338 +https://github.com/uclouvain/openjpeg/issues/1347 +https://github.com/uclouvain/openjpeg/issues/1368 https://github.com/uclouvain/openjpeg/issues/731 https://github.com/uclouvain/openjpeg/issues/732 https://github.com/uclouvain/openjpeg/issues/733 @@ -115994,7 +118980,10 @@ https://github.com/uclouvain/openjpeg/pull/809 https://github.com/ud2/advisories/tree/master/android/samsung/nocve-2015-0001 https://github.com/ud2/advisories/tree/master/android/samsung/nocve-2016-0004 https://github.com/udima-university/moodle-mod_jitsi/issues/67 +https://github.com/ujcms/ujcms/issues/8 https://github.com/ukoethe/vigra/issues/494 +https://github.com/umlet/umlet/issues/500 +https://github.com/uncmath25/easy-parse/issues/3 https://github.com/underprotection/CVE-2019-19550/ https://github.com/unh3x/just4cve/issues/1 https://github.com/unh3x/just4cve/issues/10 @@ -116011,6 +119000,8 @@ https://github.com/unicorn-engine/unicorn/issues/1578 https://github.com/unicorn-engine/unicorn/issues/1586 https://github.com/unicorn-engine/unicorn/issues/1588 https://github.com/unicorn-engine/unicorn/issues/1595 +https://github.com/unknown00759/CVE-2023-36158/blob/main/CVE-2023-36158.md +https://github.com/unpWn4bL3/iot-security/blob/main/1.md https://github.com/unpWn4bL3/iot-security/blob/main/13.md https://github.com/unpWn4bL3/iot-security/blob/main/2.md https://github.com/upasvi/CVE-/issues/1 @@ -116021,6 +119012,17 @@ https://github.com/upx/upx/issues/287 https://github.com/upx/upx/issues/313 https://github.com/upx/upx/issues/314 https://github.com/upx/upx/issues/315 +https://github.com/upx/upx/issues/331 +https://github.com/upx/upx/issues/332 +https://github.com/upx/upx/issues/333 +https://github.com/upx/upx/issues/388 +https://github.com/upx/upx/issues/390 +https://github.com/upx/upx/issues/391 +https://github.com/upx/upx/issues/392 +https://github.com/upx/upx/issues/393 +https://github.com/upx/upx/issues/394 +https://github.com/upx/upx/issues/395 +https://github.com/upx/upx/issues/396 https://github.com/upx/upx/issues/485 https://github.com/upx/upx/issues/631 https://github.com/upx/upx/issues/632 @@ -116029,57 +119031,109 @@ https://github.com/uvoteam/libdoc/issues/5 https://github.com/uvoteam/libdoc/issues/6 https://github.com/vaadin/flow/pull/10577 https://github.com/vah13/OracleCVE/tree/master/CVE-2017-10147 +https://github.com/vah13/OracleCVE/tree/master/CVE-2017-10148 https://github.com/vah13/SAP_exploit https://github.com/vanitashtml/CVE-Dumps/blob/main/RCE%20via%20Arbitrary%20File%20Upload%20in%20Mobile%20Management%20Store.md https://github.com/vanitashtml/CVE-Dumps/blob/main/Stored%20XSS%20Daily%20Habit%20Tracker.md https://github.com/vanitashtml/CVE-Dumps/blob/main/Unauthenticated%20SQL%20Injection%20-%20Mobile%20Management%20Store.md https://github.com/varangamin/CVE-2017-6206 +https://github.com/vdohney/keepass-password-dumper +https://github.com/vedees/wcms/issues/10 +https://github.com/vedees/wcms/issues/12 https://github.com/vedees/wcms/issues/15 https://github.com/vedees/wcms/issues/2 https://github.com/vedees/wcms/issues/3 +https://github.com/vedees/wcms/issues/8 +https://github.com/vedees/wcms/issues/9 https://github.com/vercel/ms/pull/89 https://github.com/verdammelt/tnef/issues/23 https://github.com/verf1sh/Poc/blob/master/asan_report_giflib.png https://github.com/verf1sh/Poc/blob/master/giflib_poc https://github.com/verf1sh/Poc/blob/master/pic_ppm.png https://github.com/verf1sh/Poc/blob/master/poc_ppm +https://github.com/vert-x3/vertx-web/security/advisories/GHSA-53jx-vvf9-4x38 +https://github.com/veyon/veyon/issues/657 +https://github.com/vi3t1/qq-tim-elevation +https://github.com/vim/vim/commit/3bd7fa12e146c6051490d048a4acbfba974eeb04 +https://github.com/vim/vim/commit/41e6f7d6ba67b61d911f9b1d76325cd79224753d +https://github.com/vim/vim/commit/ced2c7394aafdc90fb7845e09b3a3fee23d48cb1 https://github.com/vim/vim/commit/d0b5138ba4bccff8a744c99836041ef6322ed39a +https://github.com/vim/vim/commit/e1dc9a627536304bc4f738c21e909ad9fcf3974c +https://github.com/vim/vim/commit/ee9166eb3b41846661a39b662dc7ebe8b5e15139 +https://github.com/vim/vim/commit/f6d28fe2c95c678cc3202cc5dc825a3fcc709e93 +https://github.com/vim/vim/commit/fc68299d436cf87453e432daa77b6d545df4d7ed +https://github.com/vim/vim/issues/12528 +https://github.com/vim/vim/issues/5041 +https://github.com/vim/vim/issues/7674 +https://github.com/vim/vim/security/advisories/GHSA-c8qm-x72m-q53q +https://github.com/vim/vim/security/advisories/GHSA-q22m-h7m2-9mgm +https://github.com/vinnie1717/CVE-2023-46344/blob/main/Solar-Log%20XSS https://github.com/viperbluff/Novastar-VNNOX-iCare-Privilege-Escalation https://github.com/vipinxsec/Alfresco_XSS/blob/master/README.md +https://github.com/vitejs/vite/issues/8498 +https://github.com/vitejs/vite/security/advisories/GHSA-353f-5xf4-qw67 +https://github.com/vitejs/vite/security/advisories/GHSA-92r3-m2mg-pj97 +https://github.com/vitorespf/Advisories/blob/master/DLINK-DIR-841-command-injection.txt https://github.com/vitorespf/Advisories/blob/master/Intelbras-switch.txt https://github.com/vitorespf/Advisories/blob/master/Pelco_Digital_Sentry_Server-RSTPLive555%20Activex%20Buffer%20overflow.txt https://github.com/vitorespf/Advisories/blob/master/Pelco_Digital_Sentry_Server.txt https://github.com/vitorespf/Advisories/blob/master/Pelco_Digital_Sentry_Server_AFW.txt https://github.com/viz-rs/nano-id/security/advisories/GHSA-9hc7-6w9r-wj94 +https://github.com/vlm/asn1c/issues/396 https://github.com/vulf/Peel-Shopping-cart-9.4.0-Stored-XSS +https://github.com/vulnbe/poc-rebar3.git +https://github.com/vulnbe/poc-yaws-cgi-shell-injection +https://github.com/vulnbe/poc-yaws-dav-xxe https://github.com/vulreport3r/cve-reports/blob/main/Ncast_Yingshi_has_RCE_vulnerabilities/report.md +https://github.com/vuongdq54/RedCap https://github.com/vysec/CVE-2018-4878 https://github.com/w3c/resource-timing/issues/29 +https://github.com/w3irdo001/demo/blob/master/1.html +https://github.com/w3irdo001/demo/blob/master/3.html https://github.com/w4fz5uck5/FTPGetter/blob/master/xpl.py +https://github.com/wagnerdracha/ProofOfConcept/blob/main/i3geo_proof_of_concept.txt +https://github.com/wagnerdracha/ProofOfConcept/blob/main/i3geo_proof_of_concept.txt#L23 +https://github.com/wagnerdracha/ProofOfConcept/blob/main/i3geo_proof_of_concept.txt#L44 https://github.com/wagnerdracha/ProofOfConcept/blob/main/i3geo_proof_of_concept.txt#L65 +https://github.com/walinejs/waline/issues/785 +https://github.com/walmartlabs/concord/issues/22 +https://github.com/wanghaiwei/xiuno-docker/issues/5 https://github.com/want1997/SEMCMS_VUL/blob/main/Download_sql_vul.md https://github.com/want1997/SEMCMS_VUL/blob/main/Download_sql_vul_2.md https://github.com/warmachine-57/CVE-2021-44117/blob/main/CSRF%20in%20FuelCMS +https://github.com/warp-tech/warpgate/security/advisories/GHSA-c94j-vqr5-3mxr https://github.com/warringaa/CVEs#glory-systems-rbw-100 https://github.com/wasm3/wasm3/issues/320 https://github.com/wasm3/wasm3/issues/323 https://github.com/wasm3/wasm3/issues/337 +https://github.com/wazuh/wazuh/security/advisories/GHSA-4mq7-w9r6-9975 +https://github.com/wazuh/wazuh/security/advisories/GHSA-mjq2-xf8g-68vw +https://github.com/wbowm15/jubilant-enigma/blob/main/writeup.md +https://github.com/wclimb/Koa2-blog/issues/40 https://github.com/we1h0/SiteServer-CMS-Remote-download-Getshell https://github.com/webbukkit/dynmap/issues/2474 https://github.com/webpack/loader-utils/issues/212 https://github.com/webpack/loader-utils/issues/212#issuecomment-1319192884 https://github.com/websockets/ws/commit/00c425ec77993773d823f018f64a5c44e17023ff https://github.com/websockets/ws/security/advisories/GHSA-6fc8-4gx4-v693 +https://github.com/weidai11/cryptopp/issues/1248 https://github.com/weison-tech/yii2-cms/issues/2 +https://github.com/wellcms/wellcms/issues/11 https://github.com/wendell1224/O2OA-POC/blob/main/POC.md +https://github.com/weng-xianhu/eyoucms/issues/26 https://github.com/weng-xianhu/eyoucms/issues/33 https://github.com/weng-xianhu/eyoucms/issues/34 https://github.com/weng-xianhu/eyoucms/issues/35 https://github.com/weng-xianhu/eyoucms/issues/36 +https://github.com/weng-xianhu/eyoucms/issues/37 +https://github.com/weng-xianhu/eyoucms/issues/38 https://github.com/weng-xianhu/eyoucms/issues/41 +https://github.com/weng-xianhu/eyoucms/issues/44 +https://github.com/weng-xianhu/eyoucms/issues/55 https://github.com/westes/flex/issues/414 https://github.com/wgm/cerb/commit/12de87ff9961a4f3ad2946c8f47dd0c260607144 https://github.com/whitehatl/Vulnerability/blob/main/web/dedebiz/6.0.0/sys_info.poc.md +https://github.com/whitehatl/Vulnerability/blob/main/web/dedecms/5.7.93/Login.poc.md https://github.com/whitehatl/Vulnerability/blob/main/web/dedecms/5.7.94/member_toadmin.poc.md https://github.com/whiter6666/CVE/blob/main/TOTOLINK_A810R/downloadFile.md https://github.com/whiter6666/CVE/blob/main/TOTOLINK_T6_V3/setStaticDhcpRules_1.md @@ -116087,50 +119141,104 @@ https://github.com/whiter6666/CVE/blob/main/TOTOLINK_T6_V3/setWiFiWpsStart_1.md https://github.com/whiter6666/CVE/blob/main/TOTOLINK_T6_V3/setWiFiWpsStart_2.md https://github.com/whiter6666/CVE/blob/main/Tenda_RX9_Pro/SetNetControlList.md https://github.com/whiter6666/CVE/blob/main/Tenda_RX9_Pro/setIPv6Status.md +https://github.com/whiter6666/CVE/blob/main/Tenda_RX9_Pro/setMacFilterCfg.md https://github.com/whiter6666/CVE/blob/main/Tenda_TX9pro/SetNetControlList.md https://github.com/will121351/wenqin.webray.com.cn/blob/main/CVE-project/school-visitors-log-e-book.md +https://github.com/will121351/wenqin.webray.com.cn/blob/main/CVE-project/url-shortener.md +https://github.com/willchen0011/cve/blob/main/HongJing-sql.md +https://github.com/willchen0011/cve/blob/main/upload.md https://github.com/willchen0011/cve/blob/main/upload2.md +https://github.com/win3zz/CVE-2023-43261 +https://github.com/wind-cyber/DamiCMS-v6.0.0-have-csrf-and-xss-Vulnerabilities-/blob/master/README.md +https://github.com/windecks/CVE-2023-46404 +https://github.com/wiremock/wiremock/security/advisories/GHSA-676j-xrv3-73vc https://github.com/wizlab-it/anviz-m3-rfid-cve-2019-11523-poc https://github.com/wkeyi0x1/vul-report/issues/2 https://github.com/wkeyuan/DWSurvey/issues/47 https://github.com/wkeyuan/DWSurvey/issues/48 https://github.com/wkeyuan/DWSurvey/issues/81 +https://github.com/wlx65003/HZNUOJ/issues/17 https://github.com/woduq1414/munhak-moa/commit/e8f800373b20cb22de70c7a994325b8903877da0 https://github.com/woider/ArticleCMS/issues/5 https://github.com/wollardj/simple-plist/issues/60 +https://github.com/wpay65249519/cve/blob/main/SQL_injection.md +https://github.com/wrongsid3/Sysax-MultiServer-6.90-Multiple-Vulnerabilities/blob/master/README.md https://github.com/wshepherd0010/advisories/blob/master/CVE-2017-14702.md https://github.com/wshepherd0010/advisories/blob/master/CVE-2018-8974.md https://github.com/wshepherd0010/advisories/blob/master/CVE-2018-9113.md https://github.com/wshidamowang/Router/blob/main/Tenda/AC18/RCE_1.md +https://github.com/wssgcsc58/CVEs/tree/master/baidurustsgxsdk_enclaveid_race +https://github.com/wsummerhill/BSA-Radar_CVE-Vulnerabilities/blob/master/CVE-2020-14943%20-%20Stored%20XSS.md +https://github.com/wsummerhill/BSA-Radar_CVE-Vulnerabilities/blob/master/CVE-2020-14944%20-%20Access%20Control%20Vulnerabilities.md +https://github.com/wsummerhill/BSA-Radar_CVE-Vulnerabilities/blob/master/CVE-2020-14945%20-%20Privilege%20Escalation.md +https://github.com/wsummerhill/BSA-Radar_CVE-Vulnerabilities/blob/master/CVE-2020-14946%20-%20Local%20File%20Inclusion.md https://github.com/wuzhicms/wuzhicms/issues/128 https://github.com/wuzhicms/wuzhicms/issues/131 https://github.com/wuzhicms/wuzhicms/issues/134 https://github.com/wuzhicms/wuzhicms/issues/141 +https://github.com/wuzhicms/wuzhicms/issues/156 +https://github.com/wuzhicms/wuzhicms/issues/157 +https://github.com/wuzhicms/wuzhicms/issues/158 https://github.com/wuzhicms/wuzhicms/issues/169 https://github.com/wuzhicms/wuzhicms/issues/170 https://github.com/wuzhicms/wuzhicms/issues/171 https://github.com/wuzhicms/wuzhicms/issues/172 https://github.com/wuzhicms/wuzhicms/issues/173 +https://github.com/wuzhicms/wuzhicms/issues/174 https://github.com/wuzhicms/wuzhicms/issues/183 +https://github.com/wuzhicms/wuzhicms/issues/188 +https://github.com/wuzhicms/wuzhicms/issues/191 +https://github.com/wuzhicms/wuzhicms/issues/192 https://github.com/wuzhicms/wuzhicms/issues/200 +https://github.com/wuzhicms/wuzhicms/issues/205#issue-1635153937 +https://github.com/wuzhicms/wuzhicms/issues/208 https://github.com/wy876/cve/issues/3 +https://github.com/x-f1v3/ForCve/issues/5 https://github.com/xCss/Valine/issues/127 https://github.com/xairy/kernel-exploits/tree/master/CVE-2016-2384 https://github.com/xairy/kernel-exploits/tree/master/CVE-2016-9793 https://github.com/xairy/kernel-exploits/tree/master/CVE-2017-1000112 https://github.com/xbmc/xbmc/issues/20305 https://github.com/xbmc/xbmc/pull/20306 +https://github.com/xcodeOn1/SQLI-TollTax/blob/main/README.md +https://github.com/xcodeOn1/XSS-Stored-Expense-Tracker-App +https://github.com/xcodeOn1/XSS-Stored-Expense-Tracker-App/tree/main +https://github.com/xcodeOn1/xcode0x-CVEs/blob/main/CVE/CVE-2023-44047.md +https://github.com/xcodeOn1/xcode0x-CVEs/blob/main/CVE/CVE-2023-44048.md https://github.com/xebd/accel-ppp/issues/158 +https://github.com/xerial/snappy-java/security/advisories/GHSA-55g7-9cwv-5qfv +https://github.com/xiahao90/CVEproject/blob/main/DolphinPHPV1.5.0_xss.md +https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/AC-Repair-and-Services-System---SQL-injections.md +https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Garage-Management-System.md +https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Lost-and-Found-Information-System---Multiple-SQL-injections.md +https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Lost-and-Found-Information-System---Multiple-SQL-injections.md#2classesmasterphpfdelete_item +https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Online-Computer-and-Laptop-Store---Multiple-vulnerabilities.md#1xss-vulnerability-in-productsphp +https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Online-Computer-and-Laptop-Store---Multiple-vulnerabilities.md#2sql-injection-vulnerability-in-productsphp +https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Online-Computer-and-Laptop-Store---Multiple-vulnerabilities.md#3sql-injection-vulnerability-in-view_productphp +https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Online-Computer-and-Laptop-Store---Multiple-vulnerabilities.md#4sql-injection-vulnerability-in-view_categoriesphp +https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Serviced-Providerd-Managementd-Systemd--d-SQLd-injections.md https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Simple-E-Learning-System.md https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Simple-E-Learning-System.md#search.php +https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/emlog%3C=pro-1.2.2%20Stored%20Cross-Site%20Scripting(XSS).md https://github.com/xiangbulala/CVE/blob/main/totlink.md https://github.com/xiangxiaobo/poc_and_report/tree/master/podofo_heapoverflow_PdfParser.ReadObjects https://github.com/xiaoqx/pocs/blob/master/exiv2/readme.md https://github.com/xiaoqx/pocs/blob/master/netpbm https://github.com/xiaoqx/pocs/tree/master/exiv2 https://github.com/xiaoqx/pocs/tree/master/libtiff +https://github.com/xiaosed/CVE-2023-29919/ https://github.com/xiayulei/open_source_bms/issues/33 +https://github.com/xieqiang11/poc-1/tree/main +https://github.com/xieqiang11/poc-2/tree/main +https://github.com/xieqiang11/poc-3/tree/main +https://github.com/xieqiang11/security_research/blob/main/TOTOLINK-A3002RU-RCE.md +https://github.com/xinzhihen06/ac23tenda/blob/main/tendaAC23.md +https://github.com/xinzhihen06/dxq-cve/blob/main/h3cr160.md +https://github.com/xiph/vorbis-tools/issues/41 +https://github.com/xiweicheng/tms/issues/19 +https://github.com/xmldom/xmldom/issues/436 https://github.com/xmldom/xmldom/issues/436#issuecomment-1319412826 +https://github.com/xmldom/xmldom/issues/436#issuecomment-1327776560 https://github.com/xoffense/POC/blob/main/Account%20takeover%20(Chaining%20session%20fixation%20%2B%20reflected%20Cross%20Site%20Scripting)%20in%20ICE%20Hrm%20Version%2029.0.0.OS.md https://github.com/xoffense/POC/blob/main/Account%20takeover%20using%20CSRF%20in%20ICE%20Hrm%20Version%2029.0.0.OS.md https://github.com/xoffense/POC/blob/main/Clansphere%202011.4%20%22language%22%20xss.md @@ -116143,19 +119251,38 @@ https://github.com/xoffense/POC/blob/main/DynPG%204.9.2%20XSS%20via%20refID%20pa https://github.com/xoffense/POC/blob/main/DynPG%204.9.2%20XSS%20via%20valueID%20parameter https://github.com/xoffense/POC/blob/main/Ilch%202.1.42%20Open%20redirect https://github.com/xoffense/POC/blob/main/Multiple%20URI%20Based%20XSS%20in%20Bitweaver%203.1.0.md +https://github.com/xoffense/POC/blob/main/Session%20Fixation%20in%20Cubecart%206.4.2.md https://github.com/xoffense/POC/blob/main/Stored%20XSS%20via%20malicious%20file%20upload%20in%20ICE%20Hrm%20Version%2029.0.0.OS.md +https://github.com/xtr4nge/FruityWifi/issues/277 https://github.com/xuanluansec/vul/issues/5 +https://github.com/xuhuisheng/lemon/issues/198 +https://github.com/xuhuisheng/lemon/issues/199 +https://github.com/xuxueli/xxl-job/issues/1866 +https://github.com/xuxueli/xxl-job/issues/1921 +https://github.com/xuxueli/xxl-job/issues/2083 https://github.com/xuxueli/xxl-job/issues/2821 https://github.com/xuxueli/xxl-job/issues/2836 https://github.com/xuxueli/xxl-job/issues/3002 https://github.com/xuxueli/xxl-job/issues/3391 +https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-9pc2-x9qf-7j2q +https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-c5f4-p5wv-2475 +https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-qx9h-c5v6-ghqh +https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-qxjg-jhgw-qhrv +https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-x764-ff8r-9hpx +https://github.com/xwlrbh/Catfish/issues/5 +https://github.com/xxxxfang/CVE-Apply/blob/main/csrf-1.md +https://github.com/xxy1126/Vuln/blob/main/Draytek/1.md +https://github.com/xxy1126/Vuln/blob/main/Draytek/2.md +https://github.com/xxy1126/Vuln/blob/main/Draytek/3.md https://github.com/xxy1126/Vuln/tree/main/Tenda%20AC21/1 https://github.com/xxy1126/Vuln/tree/main/Tenda%20AC21/10 https://github.com/xxy1126/Vuln/tree/main/Tenda%20AC21/2 https://github.com/xxy1126/Vuln/tree/main/Tenda%20AC21/3 https://github.com/xxy1126/Vuln/tree/main/Tenda%20AC21/4 https://github.com/xxy1126/Vuln/tree/main/Tenda%20AC21/5 +https://github.com/xxy1126/Vuln/tree/main/Tenda%20AC21/6 https://github.com/xxy1126/Vuln/tree/main/Tenda%20AC21/7 +https://github.com/xxy1126/Vuln/tree/main/Tenda%20AC21/8 https://github.com/xxy1126/Vuln/tree/main/Tenda%20AC21/9 https://github.com/xxy1126/Vuln/tree/main/Tenda%20M3/formDelAd https://github.com/xxy1126/Vuln/tree/main/Tenda%20M3/formDelPushedAd @@ -116169,26 +119296,54 @@ https://github.com/xxy1126/Vuln/tree/main/Tenda%20M3/formSetGuideListItem https://github.com/xxy1126/Vuln/tree/main/Tenda%20M3/formSetPicListItem https://github.com/xyaly163/cms/blob/main/2.md https://github.com/yanbushuang/CVE/blob/main/TendaAC5.md +https://github.com/yangfan6888/PoC +https://github.com/yangfan6888/PoC/blob/main/PoC.cpp https://github.com/yangfar/CVE/blob/main/CVE-2022-40884.md +https://github.com/yangfar/CVE/blob/main/Reference%20of%20Binbloom.md +https://github.com/yangjiageng/PoC/blob/master/PoC_cflow_uaf_parser_line1284 +https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/PoC-testcase_read-2334 https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/resolve_dependencies-1940 https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/resolve_dependencies-1995 +https://github.com/yaniswang/xhEditor/issues/37 +https://github.com/yaowenxiao721/CloudExplorer-Lite-v1.4.1-vulnerability-BOPLA +https://github.com/yargs/y18n/issues/96 +https://github.com/yasinyildiz26/Badminton-Center-Management-System +https://github.com/yasm/yasm/issues/161 +https://github.com/yasm/yasm/issues/163 +https://github.com/yasm/yasm/issues/166 +https://github.com/yasm/yasm/issues/168 +https://github.com/yasm/yasm/issues/172 +https://github.com/yasm/yasm/issues/206 https://github.com/yasm/yasm/issues/207 https://github.com/yasm/yasm/issues/208 https://github.com/yasm/yasm/issues/209 +https://github.com/yasm/yasm/issues/214 +https://github.com/yasm/yasm/issues/216 +https://github.com/yasm/yasm/issues/217 https://github.com/yasm/yasm/issues/220 https://github.com/yasm/yasm/issues/221 https://github.com/yasm/yasm/issues/222 https://github.com/yaxuan404/OTCMS_3.2 https://github.com/ycxdzj/CVE_Hunter/blob/main/SQL-7.md +https://github.com/yetingli/PoCs/blob/main/CVE-2020-27511/Prototype.md https://github.com/yetingli/PoCs/blob/main/CVE-2021-29059/IS-SVG.md https://github.com/yetingli/PoCs/blob/main/CVE-2021-29061/Vfsjfilechooser2.md https://github.com/yetingli/PoCs/blob/main/CVE-2021-29063/Mpmath.md https://github.com/yetingli/SaveResults/blob/main/md/vfsjfilechooser2.md https://github.com/yeyinshi/tuzicms/issues/11 +https://github.com/yeyinshi/tuzicms/issues/12 +https://github.com/yeyinshi/tuzicms/issues/13 https://github.com/yeyinshi/tuzicms/issues/7 https://github.com/yeyinshi/tuzicms/issues/8 https://github.com/yeyinshi/tuzicms/issues/9 +https://github.com/yhirose/cpp-httplib/issues/425 +https://github.com/yhirose/cpp-peglib/issues/121 +https://github.com/yhirose/cpp-peglib/issues/122 +https://github.com/yhy217/huakecms-vul/issues/1 +https://github.com/yi-ge/unzip/pull/1 +https://github.com/yiisoft/yii2/issues/19755#issuecomment-1426155955 https://github.com/yikesoftware/exp_and_poc_archive/tree/main/CVE/CVE-2022-40469 +https://github.com/yilezhu/Czar.Cms/issues/6 https://github.com/yinfeidi/Vuls/blob/main/TRENDnet%20TV-IP110WN/CVE-2021-31655.md https://github.com/yj94/Yj_learning/blob/main/Week16/D-LINK-POC.md https://github.com/ymkyu/CVE/tree/main/CVE-2024-33788 @@ -116196,8 +119351,17 @@ https://github.com/ymkyu/CVE/tree/main/CVE-2024-33789 https://github.com/ymkyu/CVE/tree/main/CVE-2024-33792 https://github.com/ymkyu/CVE/tree/main/CVE-2024-33793 https://github.com/yogeshshe1ke/CVE/blob/master/2019-7690/mobaxterm_exploit.py +https://github.com/youki992/youki992.github.io/blob/master/others/apply2.md https://github.com/youngerheart/nodeserver/pull/6 https://github.com/yourkevin/NiterForum/issues/25 +https://github.com/ysuzhangbin/cms/blob/main/CSRF%20exists%20at%20the%20deletion%20point%20of%20navigation%20management.md +https://github.com/yte121/-CVE-2023-46450/ +https://github.com/yte121/CVE-2023-46974/ +https://github.com/yueying638/cve/blob/main/upload.md +https://github.com/yukar1z0e/temp/blob/main/README.md +https://github.com/yukino-hiki/CVE/blob/main/3/There%20is%20a%20storage%20type%20xss%20in%20the%20site%20management%20office.md +https://github.com/yunaranyancat/poc-dump/blob/main/cloudpanel/README.md +https://github.com/yunaranyancat/poc-dump/blob/main/simplecollegewebsite/sqli_rce.py https://github.com/yunaranyancat/poc-dump/tree/main/MultiRestaurantReservationSystem/1.0 https://github.com/yupoxiong/BearAdmin/issues/5 https://github.com/yylmm/CVE/blob/main/Legal%20Case%20Management%20System/xss_admin_appointment.md @@ -116242,9 +119406,17 @@ https://github.com/yzmcms/yzmcms/issues/14 https://github.com/yzmcms/yzmcms/issues/27 https://github.com/yzmcms/yzmcms/issues/28 https://github.com/yzmcms/yzmcms/issues/43 +https://github.com/yzmcms/yzmcms/issues/45 +https://github.com/yzmcms/yzmcms/issues/46 +https://github.com/yzmcms/yzmcms/issues/47 +https://github.com/yzmcms/yzmcms/issues/55 +https://github.com/yzmcms/yzmcms/issues/59 https://github.com/yzmcms/yzmcms/issues/60 https://github.com/yzmcms/yzmcms/issues/7 +https://github.com/yzmcms/yzmcms/issues/9 +https://github.com/yzskyt/Vuln/blob/main/Go-RT-AC750/Go-RT-AC750.md https://github.com/z1pwn/bug_report/blob/main/vendors/kingbhob02/library-management-system/XSS-1.md +https://github.com/z1r00/IOT_Vul/blob/main/Tenda/A18/TendaTelnet/readme.md https://github.com/z1r00/IOT_Vul/blob/main/Tenda/A18/formWifiBasicSet/readme.md https://github.com/z1r00/IOT_Vul/blob/main/Tenda/AC10/addWifiMacFilter/readme.md https://github.com/z1r00/IOT_Vul/blob/main/Tenda/AC10/formSetClientState/readme.md @@ -116255,6 +119427,7 @@ https://github.com/z1r00/IOT_Vul/blob/main/Tenda/AC10/formWifiWpsStart/readme.md https://github.com/z1r00/IOT_Vul/blob/main/Tenda/AC10/fromNatStaticSetting/readme.md https://github.com/z1r00/IOT_Vul/blob/main/Tenda/AC10/fromSetIpMacBind/readme.md https://github.com/z1r00/IOT_Vul/blob/main/Tenda/AC10/saveParentControlInfo/readme.md +https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W30E/CertListInfo/readme.md https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W30E/IPSECsave/readme.md https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W30E/L7Im/readme.md https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W30E/NatStaticSetting/readme.md @@ -116270,6 +119443,7 @@ https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W30E/addressNat/readme.md https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W30E/delFileName/readme.md https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W30E/editFileName/readme.md https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W30E/editUserName/readme.md +https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W30E/exeCommand/readme.md https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W6-S/SysToolReboot/readme.md https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W6-S/SysToolRestoreSet/readme.md https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W6-S/WifiMacFilterGet/readme.md @@ -116281,8 +119455,20 @@ https://github.com/z1r00/IOT_Vul/blob/main/dlink/Dir816/addRouting/readme.md https://github.com/z1r00/IOT_Vul/blob/main/dlink/Dir816/doReboot/readme.md https://github.com/z1r00/IOT_Vul/blob/main/dlink/Dir816/form2Wan_cgi/readme.md https://github.com/z1r00/IOT_Vul/blob/main/dlink/Dir816/form2userconfig_cgi/readme.md +https://github.com/z1r00/IOT_Vul/blob/main/dlink/Dir816/setmac/readme.md https://github.com/z1r00/IOT_Vul/blob/main/dlink/Dir816/wizard_end/readme.md https://github.com/z1r00/IOT_Vul/tree/main/dlink/Dir816/form2systime_cgi +https://github.com/z1r00/fuzz_vuln/blob/main/Bento4/mp42aac/readme.md +https://github.com/z1r00/fuzz_vuln/blob/main/Bento4/mp4decrypt/sigv/readme.md +https://github.com/z1r00/fuzz_vuln/blob/main/Bento4/mp4info/readme.md +https://github.com/z1r00/fuzz_vuln/blob/main/mjs/SEGV/mjs_ffi/readme.md +https://github.com/z1r00/fuzz_vuln/blob/main/mjs/SEGV/mjs_fii2/readme.md +https://github.com/z1r00/fuzz_vuln/blob/main/mjs/SEGV/mjs_gc/readme.md +https://github.com/z1r00/fuzz_vuln/blob/main/mp4v2/heap-buffer-overflow/MP4GetVideoProfileLevel/readme.md +https://github.com/z1r00/fuzz_vuln/blob/main/mp4v2/heap-buffer-overflow/mp4property.cpp/readme.md +https://github.com/z1r00/fuzz_vuln/blob/main/yasm/segv/delete_Token/readme.md +https://github.com/z1r00/fuzz_vuln/blob/main/yasm/stack-buffer-overflow/yasm/readmd.md +https://github.com/z1r00/fuzz_vuln/blob/main/yasm/stack-overflow/parse_expr1/readme.md https://github.com/zadewg/RIUS https://github.com/zakee94/online-banking-system/issues/11 https://github.com/zakee94/online-banking-system/issues/12 @@ -116293,12 +119479,27 @@ https://github.com/zakee94/online-banking-system/issues/16 https://github.com/zakee94/online-banking-system/issues/17 https://github.com/zakee94/online-banking-system/issues/19 https://github.com/zalando/skipper/releases/tag/v0.13.218 +https://github.com/zblogcn/zblogphp/issues/209 https://github.com/zblogcn/zblogphp/issues/336 https://github.com/zchuanzhao/jeesns/issues/6 https://github.com/zchuanzhao/jeesns/issues/9 https://github.com/zencart/zencart/issues/1431 https://github.com/zenspider/ruby_parser-legacy/issues/1 +https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-2g3m-p6c7-8rr3 +https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-4vgv-5r6q-r6xh +https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-56p9-5p3v-hhrc +https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7cmj-963q-jj47 +https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-853q-q69w-gf5j +https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8x3p-q3r5-xh9g +https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-98mc-rj7w-7rpv +https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-9xj8-6989-r549 https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fjc8-223c-qgqr +https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-gghm-c696-f4j4 +https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-gj27-862r-55wh +https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hmpr-px56-rvww +https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-rf6q-rhhp-pqhf +https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-rgx6-3w4j-gf5j +https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-rhrc-pcxp-4453 https://github.com/zer0yu/CVE_Request/blob/master/MonstaFTP/MonstaFTP_v2_10_3_SSRF.md https://github.com/zer0yu/CVE_Request/blob/master/WAVLINK/WAVLINK_AC1200_unauthorized_access_vulnerability_first.md https://github.com/zer0yu/CVE_Request/blob/master/WAVLINK/WAVLINK_AC1200_unauthorized_access_vulnerability_second.md @@ -116309,8 +119510,42 @@ https://github.com/zer0yu/CVE_Request/blob/master/netgear/Netgear_W104_unauthori https://github.com/zer0yu/CVE_Request/blob/master/netgear/Netgear_web_interface_exists_authentication_bypass.md https://github.com/zer0yu/CVE_Request/blob/master/netgear/netgear_cgi_unauthorized_access_vulnerability.md https://github.com/zer0yu/CVE_Request/blob/master/rConfig/rConfig_%20ajaxGetFileByPath.md +https://github.com/zer0yu/CVE_Request/blob/master/rConfig/rConfig_path_a.md +https://github.com/zer0yu/CVE_Request/blob/master/rConfig/rConfig_path_b.md https://github.com/zerohax/RedmineUP-XSS/blob/master/vcard-upload-xss +https://github.com/zerrr0/Zerrr0_Vulnerability/blob/main/Best%20Courier%20Management%20System%201.0/Arbitrary-File-Upload-Vulnerability.md +https://github.com/zerrr0/Zerrr0_Vulnerability/blob/main/Best%20Courier%20Management%20System%201.0/SQL-Injection-Vulnerability-3.md +https://github.com/zerrr0/Zerrr0_Vulnerability/blob/main/Best%20Courier%20Management%20System%201.0/SQL-Injection-Vulnerability.md https://github.com/zerrr0/Zerrr0_Vulnerability/blob/main/Garage-Management-System/Arbitrary-File-Upload-Vulnerability.md +https://github.com/zerrr0/Zerrr0_Vulnerability/blob/main/Online-Ordering-System/Arbitrary-File-Upload-Vulnerability.md +https://github.com/zerrr0/Zerrr0_Vulnerability/blob/main/Online-Ordering-System/SQL-Injection-Vulnerability.md +https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-0908 +https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1007 +https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1186 +https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1187 +https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1188 +https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1189 +https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1369 +https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1443 +https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1444 +https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1446 +https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1453 +https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1488 +https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1489 +https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1490 +https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1491 +https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1492 +https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1493 +https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1629 +https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1630 +https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1638 +https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1639 +https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1640 +https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1641 +https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1642 +https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1643 +https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1678 +https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1679 https://github.com/zhangqiquan/shopxian_cms/issues/4 https://github.com/zhaojh329/rttys/issues/117 https://github.com/zhizhuoshuma/cve_info_data/blob/ccaed4b94ba762eb8a8e003bfa762a7754b8182e/Vuln/Vuln/DIR-820L/command_execution_0/README.md @@ -116319,18 +119554,29 @@ https://github.com/zhlu32/cve/blob/main/tplink/wr886n/Tplink-wr886n-V3-Ping-DOS. https://github.com/zhuxianjin/vuln_repo/blob/master/chaojicms_stored_xss.md https://github.com/zhuzhuyule/HexoEditor/issues/3 https://github.com/zikula/core/issues/3237 +https://github.com/zj3t/Automotive-vulnerabilities/tree/main/VW/jetta2021 https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc1.md +https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc2.md https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc3.md https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc4.md https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc5.md https://github.com/zlgxzswjy/BUI-select-xss +https://github.com/zlib-ng/minizip-ng/issues/739 +https://github.com/zmanda/amanda/security/advisories/GHSA-crrw-v393-h5q3 https://github.com/zn9988/publications/tree/main/1.TP-Link%20Tapo%20C100%20-%20HTTP%20Denial-Of-Service https://github.com/znc/znc/issues/1459 +https://github.com/zongdeiqianxing/cve-reports/issues/2 +https://github.com/zorlan/skycaiji/issues/13 https://github.com/zorlan/skycaiji/issues/9 https://github.com/zoujingli/ThinkAdmin/issues/173 +https://github.com/zoujingli/ThinkAdmin/issues/238 +https://github.com/zoujingli/ThinkAdmin/issues/255 +https://github.com/zouyang0714/cms/blob/main/2.md +https://github.com/zouyang0714/cms/blob/main/3.md https://github.com/zrax/pycdc/issues/291 https://github.com/zrax/pycdc/issues/295 https://github.com/zxlie/FeHelper/issues/63 +https://github.com/zxsssd/TotoLink- https://github.com/zyairelai/CVE-submissions/blob/main/kortex-activate_case-sqli.md https://github.com/zyairelai/CVE-submissions/blob/main/kortex-addcase_stage-sqli.md https://github.com/zyairelai/CVE-submissions/blob/main/kortex-adds-sqli.md @@ -116340,6 +119586,8 @@ https://github.com/zyairelai/CVE-submissions/blob/main/prison-xss.md https://github.com/zyx0814/dzzoffice/issues/183 https://github.com/zyx0814/dzzoffice/issues/223 https://github.com/zzh-newlearner/record/blob/main/luowice.md +https://github.com/zzh-newlearner/record/blob/main/luowice_warning.md +https://github.com/zzh-newlearner/record/blob/main/macrovideo_share.md https://github.com/zzh-newlearner/record/blob/main/yingshi_devicekey.md https://github.com/zzh-newlearner/record/blob/main/yingshi_privacy.md https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749 @@ -116354,16 +119602,29 @@ https://gitlab.com/francoisjacquet/rosariosis/-/issues/328 https://gitlab.com/gitlab-org/gitaly/-/issues/3948 https://gitlab.com/gitlab-org/gitlab-ce/issues/25064 https://gitlab.com/gitlab-org/gitlab-ce/issues/41757 +https://gitlab.com/gitlab-org/gitlab-ce/issues/41838 +https://gitlab.com/gitlab-org/gitlab-ce/issues/42028 https://gitlab.com/gitlab-org/gitlab-ce/issues/47793 +https://gitlab.com/gitlab-org/gitlab-ce/issues/48617 https://gitlab.com/gitlab-org/gitlab-ce/issues/49133 +https://gitlab.com/gitlab-org/gitlab-ce/issues/50744 +https://gitlab.com/gitlab-org/gitlab-ce/issues/50995 https://gitlab.com/gitlab-org/gitlab-ce/issues/51142 +https://gitlab.com/gitlab-org/gitlab-ce/issues/51581 +https://gitlab.com/gitlab-org/gitlab-ce/issues/52212 https://gitlab.com/gitlab-org/gitlab-ce/issues/52444 +https://gitlab.com/gitlab-org/gitlab-ce/issues/52522 https://gitlab.com/gitlab-org/gitlab-ce/issues/53037 https://gitlab.com/gitlab-org/gitlab-ce/issues/54220 +https://gitlab.com/gitlab-org/gitlab-ce/issues/54795 https://gitlab.com/gitlab-org/gitlab-ce/issues/55200 https://gitlab.com/gitlab-org/gitlab-ce/issues/55469 +https://gitlab.com/gitlab-org/gitlab-ce/issues/55653 +https://gitlab.com/gitlab-org/gitlab-ce/issues/57556 https://gitlab.com/gitlab-org/gitlab-ce/issues/59003 +https://gitlab.com/gitlab-org/gitlab-ce/issues/63959 https://gitlab.com/gitlab-org/gitlab-ee/issues/7696 +https://gitlab.com/gitlab-org/gitlab-ee/issues/8167 https://gitlab.com/gitlab-org/gitlab-pages/-/issues/262 https://gitlab.com/gitlab-org/gitlab-runner/-/issues/27386 https://gitlab.com/gitlab-org/gitlab-vscode-extension/-/issues/325 @@ -116432,9 +119693,11 @@ https://gitlab.com/gitlab-org/gitlab/-/issues/406235 https://gitlab.com/gitlab-org/gitlab/-/issues/407166 https://gitlab.com/gitlab-org/gitlab/-/issues/407374 https://gitlab.com/gitlab-org/gitlab/-/issues/407783 +https://gitlab.com/gitlab-org/gitlab/-/issues/407830 https://gitlab.com/gitlab-org/gitlab/-/issues/408359 https://gitlab.com/gitlab-org/gitlab/-/issues/410433 https://gitlab.com/gitlab-org/gitlab/-/issues/414367 +https://gitlab.com/gitlab-org/gitlab/-/issues/416161 https://gitlab.com/gitlab-org/gitlab/-/issues/416252 https://gitlab.com/gitlab-org/gitlab/-/issues/416945 https://gitlab.com/gitlab-org/gitlab/-/issues/416957 @@ -116456,9 +119719,11 @@ https://gitlab.com/gitlab-org/gitlab/-/issues/431345 https://gitlab.com/gitlab-org/gitlab/-/issues/435500 https://gitlab.com/gitlab-org/gitlab/-/issues/439240 https://gitlab.com/gitlab-org/gitlab/issues/30017 +https://gitlab.com/gitlab-org/gitlab/issues/31536 https://gitlab.com/gitlab-org/omnibus-gitlab/issues/4380 https://gitlab.com/gnutls/libtasn1/issues/4 https://gitlab.com/graphviz/graphviz/issues/1512 +https://gitlab.com/graphviz/graphviz/issues/1517 https://gitlab.com/libtiff/libtiff/-/issues/277 https://gitlab.com/libtiff/libtiff/-/issues/278 https://gitlab.com/libtiff/libtiff/-/issues/319 @@ -116496,6 +119761,7 @@ https://gitlab.com/libtiff/libtiff/-/issues/495 https://gitlab.com/libtiff/libtiff/-/issues/496 https://gitlab.com/libtiff/libtiff/-/issues/497 https://gitlab.com/libtiff/libtiff/-/issues/498 +https://gitlab.com/libtiff/libtiff/-/issues/499 https://gitlab.com/libtiff/libtiff/-/issues/500 https://gitlab.com/libtiff/libtiff/-/issues/501 https://gitlab.com/libtiff/libtiff/-/issues/518 @@ -116526,6 +119792,7 @@ https://gitlab.com/wireshark/wireshark/-/issues/17813 https://gitlab.com/wireshark/wireshark/-/issues/17840 https://gitlab.com/wireshark/wireshark/-/issues/18378 https://gitlab.com/wireshark/wireshark/-/issues/19085 +https://gitlab.com/wireshark/wireshark/-/issues/19086 https://gitlab.com/wireshark/wireshark/-/issues/19087 https://gitlab.com/wireshark/wireshark/-/issues/19144 https://gitlab.com/wireshark/wireshark/-/issues/19229 @@ -116558,11 +119825,18 @@ https://gitlab.freedesktop.org/poppler/poppler/-/issues/1278 https://gitlab.freedesktop.org/poppler/poppler/-/issues/1282 https://gitlab.freedesktop.org/poppler/poppler/-/issues/1399 https://gitlab.freedesktop.org/poppler/poppler/issues/654 +https://gitlab.freedesktop.org/poppler/poppler/issues/659 https://gitlab.freedesktop.org/poppler/poppler/issues/661 https://gitlab.freedesktop.org/poppler/poppler/issues/706 +https://gitlab.freedesktop.org/poppler/poppler/issues/728 +https://gitlab.freedesktop.org/poppler/poppler/issues/730 +https://gitlab.freedesktop.org/poppler/poppler/issues/731 +https://gitlab.freedesktop.org/poppler/poppler/issues/741 https://gitlab.freedesktop.org/poppler/poppler/issues/742 https://gitlab.freedesktop.org/poppler/poppler/issues/748 https://gitlab.freedesktop.org/poppler/poppler/issues/750 +https://gitlab.freedesktop.org/poppler/poppler/issues/752 +https://gitlab.freedesktop.org/poppler/poppler/issues/802 https://gitlab.gnome.org/GNOME/epiphany/-/issues/1612 https://gitlab.gnome.org/GNOME/evolution/issues/784 https://gitlab.gnome.org/GNOME/file-roller/-/issues/108 @@ -116640,6 +119914,7 @@ https://gkaim.com/cve-2019-7438-xss-vikas-chaudhary/ https://gkaim.com/cve-2019-7439-vikas-chaudhary/ https://gkaim.com/cve-2019-7440-vikas-chaudhary/ https://gkaim.com/cve-2019-7441-vikas-chaudhary/ +https://gnats.netbsd.org/cgi-bin/query-pr-single.pl?number=51682 https://googleinformationsworld.blogspot.com/2023/04/revive-adserver-541-vulnerable-to-brute.html https://googleonlinesecurity.blogspot.com/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html https://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.html @@ -116651,6 +119926,7 @@ https://greenshot.atlassian.net/browse/BUG-3061 https://griffinbyatt.com/2019/08/02/Das-Vulnerabilities.html https://grimhacker.com/exploiting-xdlocalstorage-localstorage-and-postmessage/#Missing-Origin-Client https://grimhacker.com/exploiting-xdlocalstorage-localstorage-and-postmessage/#Missing-Origin-Magic-iframe +https://grimhacker.com/exploiting-xdlocalstorage-localstorage-and-postmessage/#Missing-TargetOrigin-Client https://grimhacker.com/exploiting-xdlocalstorage-localstorage-and-postmessage/#Missing-TargetOrigin-Magic-iframe https://grimthereaperteam.medium.com/backdrop-cms-1-22-0-unrestricted-file-upload-themes-ad42a599561c https://grimthereaperteam.medium.com/cve-2022-42094-backdrop-xss-at-cards-84266b5250f1 @@ -116665,6 +119941,7 @@ https://groups.google.com/d/msg/syzkaller/pCswO77gRlM/VHuPOftgAwAJ https://groups.google.com/g/deluge-dev/c/e5zh7wT0rEg https://groups.google.com/u/1/g/hugin-ptx/c/gLtz2vweD74 https://guidovranken.wordpress.com/2015/10/07/cve-2015-5291/ +https://gurelahmet.com/cve-2018-11538-csrf-privilege-escalation-creation-of-an-administrator-account-on-searchblox-8-6-6/ https://gurelahmet.com/searchblox-8-6-7-out-of-band-xml-external-entity-oob-xxe-cve-2018-11586/ https://gynvael.coldwind.pl/?id=740 https://gynvael.coldwind.pl/?id=741 @@ -116693,9 +119970,12 @@ https://hackerone.com/reports/446593 https://hackerone.com/reports/471739 https://hackerone.com/reports/490946 https://hackerone.com/reports/588239 +https://hackerone.com/reports/588562 +https://hackerone.com/reports/651518 https://hackerone.com/reports/681617 https://hackerone.com/reports/775693 https://hackerone.com/reports/792895 +https://hackerone.com/reports/986365 https://hackings8n.blogspot.com/2018/06/cve-2018-12705-digisol-wireless-router.html https://hackings8n.blogspot.com/2018/06/cve-2018-12706-digisol-dg-br4000ng.html https://hackings8n.blogspot.com/2018/07/cve-2018-13065-modsecurity-300-has-xss.html @@ -116711,6 +119991,7 @@ https://hackpuntes.com/cve-2018-18478-libre-nms-1-43-cross-site-scripting-persis https://hackpuntes.com/cve-2018-18922-ticketly-1-0-escalacion-de-privilegios-crear-cuenta-administrador/ https://hackpuntes.com/cve-2018-18923-ticketly-1-0-multiples-sql-injections/ https://hackpuntes.com/cve-2018-19828-integria-ims-5-0-83-cross-site-scripting-reflejado/ +https://hackpuntes.com/cve-2018-19829-integria-ims-5-0-83-cross-site-request-forgery/ https://hackpuntes.com/cve-2019-14347-escalacion-de-privilegios-en-adive/ https://hackpuntes.com/cve-2019-7400-rukovoditel-erp-crm-2-4-1-cross-site-scripting-reflejado/ https://hacks.mozilla.org/2011/06/cross-domain-webgl-textures-disabled-in-firefox-5/ @@ -116723,6 +120004,7 @@ https://heegong.github.io/posts/Local-privilege-escalation-in-Panda-Dome-VPN-for https://heitorgouvea.me/2019/09/17/CVE-2019-15033 https://help.okta.com/en-us/Content/Topics/Directory/ad-agent-update.htm https://help.passbolt.com/incidents/pwned-password-service-information-leak +https://herolab.usd.de/en/security-advisories/usd-2019-0053/ https://herolab.usd.de/en/security-advisories/usd-2021-0006 https://herolab.usd.de/en/security-advisories/usd-2021-0007/ https://herolab.usd.de/en/security-advisories/usd-2022-0002/ @@ -116745,7 +120027,12 @@ https://herolab.usd.de/en/security-advisories/usd-2022-0060/ https://herolab.usd.de/en/security-advisories/usd-2022-0061/ https://herolab.usd.de/en/security-advisories/usd-2022-0066/ https://herolab.usd.de/en/security-advisories/usd-2023-0015/ +https://herolab.usd.de/security-advisories/usd-2019-0016/ +https://herolab.usd.de/security-advisories/usd-2019-0046/ +https://herolab.usd.de/security-advisories/usd-2019-0049/ +https://herolab.usd.de/security-advisories/usd-2019-0051/ https://herolab.usd.de/security-advisories/usd-2019-0052/ +https://herolab.usd.de/security-advisories/usd-2019-0054/ https://herolab.usd.de/security-advisories/usd-2019-0069/ https://herolab.usd.de/security-advisories/usd-2019-0070/ https://herolab.usd.de/security-advisories/usd-2019-0072/ @@ -116970,9 +120257,11 @@ https://issues.liferay.com/browse/LPE-17593 https://issues.liferay.com/browse/LPE-17595 https://issues.liferay.com/browse/LPE-17607 https://issues.liferay.com/browse/LPE-17632 +https://issues.liferay.com/browse/LPS-64547 https://issues.liferay.com/browse/LPS-7087 https://issues.liferay.com/browse/LPS-72307 https://issues.shibboleth.net/jira/browse/SSPCPP-874 +https://issues.shibboleth.net/jira/browse/SSPCPP-927 https://issuetracker.google.com/issues/231026247 https://it-sec.de/schwachstelle-in-archivista-dms/ https://jdr2021.github.io/2021/10/14/CmsEasy_7.7.5_20211012%E5%AD%98%E5%9C%A8%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E5%86%99%E5%85%A5%E5%92%8C%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96%E6%BC%8F%E6%B4%9E/ @@ -117175,6 +120464,7 @@ https://labs.nettitude.com/blog/escaping-avast-sandbox-using-single-ioctl-cve-20 https://labs.nettitude.com/blog/exploiting-onlyoffice-web-sockets-for-unauthenticated-remote-code-execution/ https://labs.nettitude.com/blog/solarwinds-cve-2018-12897-dameware-mini-remote-control-local-seh-buffer-overflow/ https://labs.secforce.com/posts/progress-moveit-transfer-2020.1-stored-xss-cve-2020-28647/ +https://labs.sentinelone.com/click-from-the-backyard-cve-2020-9332/ https://labs.sentinelone.com/hotcobalt-new-cobalt-strike-dos-vulnerability-that-lets-you-halt-operations/ https://labs.withsecure.com/advisories/insecure-authorization-scheme-for-api-requests-in-dbd--mobile-co https://labs.withsecure.com/advisories/opentext-archive-center-administration-client-xxe-vulnerability @@ -117188,6 +120478,7 @@ https://launchpad.net/bugs/1175661 https://launchpad.net/bugs/1175691 https://launchpad.net/bugs/1449062 https://launchpad.net/bugs/1678676 +https://launchpad.net/bugs/1700573 https://launchpad.net/bugs/1726372 https://launchpad.net/bugs/1793458 https://launchpad.net/bugs/1822013 @@ -117318,10 +120609,18 @@ https://m3n0sd0n4ld.blogspot.com/2022/11/scada-lts-privilege-escalation-cve-2022 https://m3n0sd0n4ld.github.io/patoHackventuras/cve-2023-31505 https://m4dm0e.github.io/2020/12/07/ipeak-cms-sqli.html https://m4dm0e.github.io/2021/01/04/mikrotik-xss-reflected.html +https://mantisbt.org/bugs/view.php?id=21611 https://mantisbt.org/bugs/view.php?id=22816 +https://mantisbt.org/bugs/view.php?id=27056 +https://mantisbt.org/bugs/view.php?id=27275 +https://mantisbt.org/bugs/view.php?id=27304 +https://mantisbt.org/bugs/view.php?id=27357 +https://mantisbt.org/bugs/view.php?id=27370 https://mantisbt.org/bugs/view.php?id=29135 https://mantisbt.org/bugs/view.php?id=30384 +https://marc.info/?l=git&m=152761328506724&w=2 https://marc.info/?l=linux-netdev&m=154661373531512&w=2 +https://marc.info/?l=oss-security&m=167879021709955&w=2 https://marcograss.github.io/security/android/cve/2016/01/15/cve-2015-7292-amazon-kernel-stack-buffer-overflow.html https://marketplace.atlassian.com/apps/1212129/saml-single-sign-on-sso-confluence?hosting=server&tab=overview https://markgruffer.github.io/2019/07/19/adaptive-images-for-wordpress-0-6-66-lfi-rce-file-deletion.html @@ -117333,6 +120632,7 @@ https://matheus-garbelini.github.io/home/post/esp32-esp8266-eap-crash/ https://matheus-garbelini.github.io/home/post/esp8266-beacon-frame-crash/ https://matheus-garbelini.github.io/home/post/zero-pmk-installation/ https://matthias.sdfeu.org/misp-poc.py +https://mattschmidt.net/2020/11/10/dundas-persistent-xss/ https://mattschmidt.net/2021/04/14/review-board-xss-discovered/ https://mayaseven.com/cve-2019-12562-stored-cross-site-scripting-in-dotnetnuke-dnn-version-v9-3-2/ https://mayaseven.com/nimble-directory-traversal-in-nimble-streamer-version-3-0-2-2-to-3-5-4-9/ @@ -117361,6 +120661,7 @@ https://medium.com/@BaYinMin/cve-2017-12778-qbittorrent-ui-lock-authentication-b https://medium.com/@J03KR/cve-2021-40577-ec96a831ba71 https://medium.com/@Pablo0xSantiago/cve-2019-14343-ebc120800053 https://medium.com/@Pablo0xSantiago/cve-2019-14344-tematres-3-0-cross-site-scripting-reflected-xss-3826a23c7fff +https://medium.com/@Pablo0xSantiago/cve-2019-14345-ff6f6d9fd30f https://medium.com/@Pablo0xSantiago/cve-2019-20178-peel-shopping-ecommerce-shopping-cart-9-2-1-cross-site-request-forgery-17fc49ab5a65 https://medium.com/@Pablo0xSantiago/cve-2019-20179-so-planning-1-45-sql-injection-5f0050ad81d1 https://medium.com/@Pablo0xSantiago/cve-2019-20180-tablepress-version-1-9-2-csv-injection-65309fcc8be8 @@ -117385,6 +120686,7 @@ https://medium.com/@arielbreisacher/my-chart-fx-7-software-investigation-journey https://medium.com/@ayaan.saikia91/formula-injection-vulnerability-on-solarwinds-webhelpdesk-12-7-1-37569cd4cdc1 https://medium.com/@brannondorsey/attacking-private-networks-from-the-internet-with-dns-rebinding-ea7098a2d325 https://medium.com/@bugsbunnyy1107/the-tell-tale-of-cve-in-oneplus-phones-91e97342a8b5 +https://medium.com/@c4pt41nnn/cve-2019-18396-command-injection-in-technicolor-router-da5dd2134052 https://medium.com/@charlielabs101/cve-2020-12872-df315411aa70 https://medium.com/@crhenr/cve-2019-7634-my-first-cve-61db875dc94a https://medium.com/@cupc4k3/privilege-scalation-in-bludit-cms-dcf86c41107 @@ -117421,6 +120723,8 @@ https://medium.com/@igor.lrgomes/cve-2019-11877-credentials-stealing-through-xss https://medium.com/@ismael0x00/multiple-vulnerabilities-in-raspap-3c35e78809f2 https://medium.com/@jalee0606/how-i-found-my-first-one-click-account-takeover-via-deeplink-in-ryde-5406010c36d8 https://medium.com/@janirudransh/security-disclosure-of-vulnerability-cve-2023-23336-4429d416f826 +https://medium.com/@javarmutt/rapid4-local-file-inclusion-0day-151c830ac74a +https://medium.com/@javierolmedo/cve-2018-18922-ticketly-1-0-privilege-escalation-add-admin-4d1b3696f367 https://medium.com/@jetnipat.tho/cve-2023-24044-10e48ab940d8 https://medium.com/@jraiv02/cve-2023-37734-buffer-overflow-in-mp3-audio-converter-318fd8271911 https://medium.com/@julianpedrobraga/router-hacking-destrinchando-o-elo-mais-fraco-de-uma-rede-4d0e7fcfbd9e @@ -117434,6 +120738,7 @@ https://medium.com/@lijohnjefferson/multiple-sql-injection-unauthenticated-in-su https://medium.com/@luanherrera/xs-searching-googles-bug-tracker-to-find-out-vulnerable-source-code-50d8135b7549 https://medium.com/@mdavis332/higher-ed-erp-portal-vulnerability-auth-bypass-to-login-any-account-f1aeef438f80 https://medium.com/@mfortinsec/multiple-vulnerabilities-in-phpjabbers-part-3-40fc3565982f +https://medium.com/@mohnishdhage/sql-injection-vtiger-crm-v7-1-0-cve-2019-11057-245f84fc5c2c https://medium.com/@muthumohanprasath.r/open-redirection-vulnerability-on-icewarp-webclient-product-cve-2023-40779-61176503710 https://medium.com/@muthumohanprasath.r/reflected-cross-site-scripting-on-icewarp-webclient-product-cve-2023-39598-9598b92da49c https://medium.com/@muthumohanprasath.r/reflected-cross-site-scripting-on-icewarp-webclient-product-cve-2023-43319-c2ad758ac2bc @@ -117454,6 +120759,7 @@ https://medium.com/@rsantos_14778/remote-control-cve-2019-20004-21f77e976715 https://medium.com/@s1kr10s/av-when-a-friend-becomes-an-enemy-55f41aba42b1 https://medium.com/@s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-en-d94b47a15104 https://medium.com/@s1kr10s/d-link-dir-859-rce-unauthenticated-cve-2019-20216-cve-2019-20217-en-6bca043500ae +https://medium.com/@s1kr10s/d-link-dir-859-unauthenticated-information-disclosure-en-faf1a9a13f3f https://medium.com/@s1kr10s/velotismart-0day-ca5056bcdcac https://medium.com/@sarapremashish/osticket-1-10-1-unauthenticated-stored-xss-allows-an-attacker-to-gain-admin-privileges-6a0348761a3a https://medium.com/@shanunirwan/cve-2024-30979-stored-cross-site-scripting-xss-in-cyber-cafe-management-system-project-ccms-1-44b10f50817b @@ -117476,6 +120782,7 @@ https://medium.com/@tobiasgyoerfi/ea-origin-10-5-55-33574-createdirectory-arbitr https://medium.com/@tomerp_77017/exploiting-iotransfer-insecure-api-cve-2022-24562-a2c4a3f9149d https://medium.com/@tomerp_77017/wondershell-a82372914f26 https://medium.com/@tomhulme_74888/persistent-cross-site-scripting-leading-to-full-account-takeover-on-galaxkey-v5-6-11-4-8bf96be35b54 +https://medium.com/@v.roberthoutenbrink/commscope-vulnerability-authentication-bypass-in-arris-tr4400-firmware-version-a1-00-004-180301-4a90aa8e7570 https://medium.com/@venkatajayaram.yalla/whitesource-log-injection-vulnerability-cve-2020-5304-e543b7943c2b https://medium.com/@victor_14768/replay-attacks-en-autos-206481dcfee1 https://medium.com/@vificatem/cve-2023-39683-dom-xss-on-json-source-code-panel-in-zalify-easy-email-3fa08f3e0d49 @@ -117560,6 +120867,8 @@ https://n4nj0.github.io/advisories/wordpress-plugin-wp-file-manager-i/ https://n4nj0.github.io/advisories/wordpress-plugin-wpdatatables-i/ https://n4nj0.github.io/advisories/wordpress-plugin-wpdatatables-ii/ https://n4nj0.github.io/advisories/wowza-streaming-engine-i/ +https://nablarch.atlassian.net/browse/NAB-313 +https://nablarch.atlassian.net/projects/NAB/issues/NAB-295 https://naku-ratti.medium.com/doctor-appointment-system-1-0-authenticated-sql-dios-7689b1d30f5f https://nandynarwhals.org/CVE-2017-14994/ https://nathandavison.com/blog/haproxy-http-request-smuggling @@ -117567,6 +120876,8 @@ https://navixia.com/storage/app/media/uploaded-files/CVE/cve-2017-521415.txt https://ndmcyb.hashnode.dev/bloofox-v0521-was-discovered-to-contain-many-sql-injection-vulnerability https://nealpoole.com/blog/2012/05/xss-and-csrf-via-swf-applets-swfupload-plupload/ https://nealpoole.com/blog/2013/06/code-execution-via-yaml-in-js-yaml-nodejs-module/ +https://nealpoole.com/blog/2013/07/code-execution-via-f5-networks-java-applet/ +https://nealpoole.com/blog/2013/07/codeigniter-21-xss-clean-filter-bypass/ https://neetech18.blogspot.com/2019/03/cross-site-request-forgery-smartvista.html https://neetech18.blogspot.com/2019/03/error-based-sql-injection-vulnerability.html https://neetech18.blogspot.com/2019/03/incorrect-access-control-smart-vista.html @@ -118549,10 +121860,16 @@ https://peps.python.org/pep-0440/#post-release-spelling https://perchsecurity.com/perch-news/cve-spotlight-mobileiron-rce-cve-2020-15505/ https://peter.website/meow-hash-cryptanalysis https://peterka.tech/blog/posts/cve-2021-28684/ +https://phabricator.wikimedia.org/T108198 https://phabricator.wikimedia.org/T151735 +https://phabricator.wikimedia.org/T239209 https://phabricator.wikimedia.org/T259210 +https://phabricator.wikimedia.org/T265810 https://phabricator.wikimedia.org/T269718 +https://phabricator.wikimedia.org/T323651 https://phabricator.wikimedia.org/T326952 +https://phabricator.wikimedia.org/T339111 +https://phabricator.wikimedia.org/T64685 https://phabricator.wikimedia.org/T85113 https://phoenhex.re/2017-06-09/pwn2own-diskarbitrationd-privesc https://pierrekim.github.io/blog/2016-09-28-dlink-dwr-932b-lte-routers-vulnerabilities.html @@ -118578,6 +121895,7 @@ https://podalirius.net/en/publications/grehack-2021-optimizing-ssti-payloads-for https://portswigger.net/daily-swig/blind-tcp-ip-hijacking-is-resurrected-for-windows-7 https://portswigger.net/daily-swig/multiple-vulnerabilities-in-pandora-fms-could-trigger-remote-execution-attack https://portswigger.net/daily-swig/researcher-discloses-alleged-zero-day-vulnerabilities-in-nuuo-nvrmini2-recording-device +https://portswigger.net/research/bypassing-csp-using-polyglot-jpegs https://portswigger.net/research/http2 https://portswigger.net/web-security/cross-site-scripting https://portswigger.net/web-security/cross-site-scripting/reflected @@ -118596,6 +121914,7 @@ https://profundis-labs.com/advisories/CVE-2015-7676.txt https://profundis-labs.com/advisories/CVE-2015-7679.txt https://profundis-labs.com/advisories/CVE-2015-7680.txt https://prolink2u.com/product/prs1841/ +https://prophecyinternational.atlassian.net/wiki/spaces/SC7/pages/158760961/Release+Notes+for+Snare+Central+v7.4.5 https://prosody.im/security/advisory_20220113/ https://prosody.im/security/advisory_20220113/1.patch https://public-exposure.inform.social/post/integrity-checking/ @@ -118726,20 +122045,36 @@ https://research.jfrog.com/vulnerabilities/uri-template-lite-redos-xray-211351/ https://research.jfrog.com/vulnerabilities/vanna-prompt-injection-rce-jfsa-2024-001034449/ https://research.jfrog.com/vulnerabilities/vector-admin-filter-bypass/ https://research.loginsoft.com/bugs/1501/ +https://research.loginsoft.com/bugs/1508/ +https://research.loginsoft.com/bugs/a-heap-buffer-overflow-vulnerability-in-the-function-ap4_bitstreamreadbytes-bento4-1-5-1-628/ +https://research.loginsoft.com/bugs/heap-based-buffer-underwrite-in-imagestreamgetline-poppler-0-74-0/ https://research.loginsoft.com/bugs/heap-buffer-overflow-in-h5olayout-c-hdf5-1-13-0/ https://research.loginsoft.com/bugs/heap-overflow-in-decompress-c-hdf5-1-13-0/ +https://research.loginsoft.com/bugs/invalid-memory-access-in-adv_png_unfilter_8-advancecomp/ https://research.loginsoft.com/bugs/invalid-memory-access-in-gatomiccounter-gatomicincrement-xpdf-4-01/ https://research.loginsoft.com/bugs/invalid-memory-access-in-gfxindexedcolorspacemapcolortobase-pdfalto-0-2/ https://research.loginsoft.com/bugs/invalid-memory-access-in-textpagefindgaps-xpdf-4-01/ +https://research.loginsoft.com/bugs/invalid-memory-access-vulnerability-in-function-do_checksum-tcpreplay-4-3-1/ https://research.loginsoft.com/bugs/multiple-vulnerabilities-discovered-in-the-d-link-firmware-dir-816l/ +https://research.loginsoft.com/bugs/null-pointer-dereference-in-function-agroot/ https://research.loginsoft.com/bugs/null-pointer-dereference-in-h5ac-c-hdf5-1-13-0/ https://research.loginsoft.com/bugs/null-pointer-dereference-in-h5fquery-c-hdf5-1-13-0/ https://research.loginsoft.com/bugs/null-pointer-dereference-vulnerability-in-crop_page-podofo-0-9-6/ +https://research.loginsoft.com/bugs/null-pointer-dereference-vulnerability-in-function-ap4_listfind-bento4-1-5-1-628/ +https://research.loginsoft.com/bugs/null-pointer-dereference-vulnerability-in-function-ap4_trackgetsampleindexfortimestampms-bento4-1-5-1-628/ +https://research.loginsoft.com/bugs/null-pointer-dereference-vulnerability-in-function-get_ipv6_l4proto-tcpreplay-4-3-1/ +https://research.loginsoft.com/bugs/null-pointer-dereference-vulnerability-in-function-get_layer4_v6-tcpreplay-4-3-1/ +https://research.loginsoft.com/bugs/null-pointer-dereference-vulnerability-in-function-psoutputdevsetupresources-xpdf-4-01/ https://research.loginsoft.com/bugs/null-pointer-dereference-vulnerability-in-pdftranslatorsettarget-podofo-0-9-6/ +https://research.loginsoft.com/bugs/null-pointer-dereference-vulnerability-in-setsource-podofo-0-9-6-trunk-r1967/ +https://research.loginsoft.com/bugs/null-pointer-dereference-vulnerability-in-the-function-be_uint32_read-advancecomp/ +https://research.loginsoft.com/bugs/out-of-bounds-write-in-function-ap4_cttstableentryap4_cttstableentry-bento4-1-5-1-0/ https://research.loginsoft.com/bugs/recursive-function-call-in-function-jbig2streamreadgenericbitmap-poppler-0-74-0/ +https://research.loginsoft.com/bugs/recursive-function-call-in-function-jbig2streamreadtextregion-poppler-0-74-0/ https://research.loginsoft.com/bugs/stack-based-buffer-overflow-vulnerability-in-function-md5round1-xpdf-4-01/ https://research.loginsoft.com/bugs/stack-based-buffer-overflows-in-dictfind-poppler-0-74-0/ https://research.loginsoft.com/bugs/stack-buffer-overflow-in-function-agclose-graphviz/ +https://research.loginsoft.com/bugs/uncontrolled-recursion-loop-in-exiv2anonymous-namespacebigtiffimageprintifd-exiv2-0-27/ https://research.loginsoft.com/bugs/uncontrolled-recursion-loop-in-exiv2imageprinttiffstructure-exiv2-0-27/ https://research.nccgroup.com/2020/02/11/technical-advisory-playsms-pre-authentication-remote-code-execution-cve-2020-8644/ https://research.nccgroup.com/2020/05/26/research-report-zephyr-and-mcuboot-security-assessment @@ -118794,6 +122129,7 @@ https://rodelllemit.medium.com/stored-xss-in-neo-cms-8-3-3-9bd1cb973c5b https://rotem-bar.com/hacking-65-million-websites-greater-cve-2022-29455-elementor https://rstforums.com/forum/88810-csrf-vbulletin-modcp.rst https://rt.perl.org/Public/Bug/Display.html?id=131665 +https://rt.perl.org/Public/Bug/Display.html?id=133423 https://rtx.meta.security/exploitation/2024/01/30/Android-vendors-APEX-test-keys.html https://rtx.meta.security/exploitation/2024/03/04/Android-run-as-forgery.html https://ruby.sh/helpspot-disclosure-20180206.txt @@ -118814,6 +122150,7 @@ https://s3curityb3ast.github.io/KSA-Dev-009.txt https://s3curityb3ast.github.io/KSA-Dev-011.md https://s3curityb3ast.github.io/KSA-Dev-012.md https://s3curityb3ast.github.io/KSA-Dev-013.md +https://safebreach.com/Post/Forcepoint-VPN-Client-for-Windows-Unquoted-Search-Path-and-Potential-Abuses-CVE-2019-6145 https://sahildhar.github.io/blogpost/Django-CMS-Reflected-XSS-Vulnerability/ https://sahildhar.github.io/blogpost/GdkPixbuf-Heap-Buffer-Overflow-in-lzw_decoder_new/ https://sahildhar.github.io/blogpost/Zoho-ManageEngine-CloudSecurityPlus-Remote-Code-Execution-via-Security-Misconfiguration/ @@ -118823,6 +122160,7 @@ https://salvatoresecurity.com/zip-slip-in-nltk-cve-2019-14751/ https://samcurry.net/analysis-of-cve-2019-14994/ https://samy.pl/slipstream/ https://sandstorm.io/news/2017-03-02-security-review +https://sangomakb.atlassian.net/wiki/spaces/DVC/pages/45351279/Natural+Access+Software+Download https://saplingwoodchipper.github.io https://satoshihunter1.blogspot.com/2023/06/the-bitcoin-app-is-vulnerable-to-hackers.html https://savannah.gnu.org/bugs/?52264 @@ -118831,6 +122169,7 @@ https://savannah.gnu.org/bugs/?59897 https://savannah.gnu.org/bugs/?62387 https://savannah.gnu.org/bugs/?62977 https://savannah.gnu.org/bugs/index.php?53566 +https://savannah.gnu.org/bugs/index.php?56683 https://savannah.gnu.org/bugs/index.php?63000 https://savannah.gnu.org/bugs/index.php?64503 https://savannah.nongnu.org/bugs/?46346 @@ -118893,6 +122232,7 @@ https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/ci https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-LOeKsNmO https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-bLuPcb https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-mUx4c5AJ +https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-q8DThCy https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-rNwNEEee https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-dos-4Ag3yWbD https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-injection-g6MbwH2 @@ -118903,6 +122243,7 @@ https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/ci https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-7Q4TNYUx https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-access-contol-EeufSUCx https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-jabber-xmpp-Ne9SCM +https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rdocker-uATbukKn https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-wap-inject-bHStWgXO https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sg-web-multi-S9g4Nkgv @@ -120230,6 +123571,7 @@ https://starlabs.sg/advisories/23/23-4226 https://starlabs.sg/blog/2022/12-multiple-vulnerabilites-in-proxmox-ve--proxmox-mail-gateway/ https://startrekdude.github.io/arqbackup.html https://startrekdude.github.io/mailbird.html +https://static.tp-link.com/2020/202012/20201214/wa901ndv5_eu_3_16_9_up_boot(201211).zip https://stigward.github.io/posts/fiio-m6-exploit/ https://stiltsoft.atlassian.net/browse/VD-1 https://stiltsoft.atlassian.net/browse/VD-2 @@ -120237,12 +123579,14 @@ https://stiltsoft.atlassian.net/browse/VD-3 https://str0ng4le.github.io/jekyll/update/2023/05/12/fastgate-bof-cve-2022-30114/ https://straightblast.medium.com/all-your-secrets-are-belong-to-us-a-delinea-secret-server-authn-authz-bypass-adc26c800ad3 https://strapi.io/blog/security-disclosure-of-vulnerabilities-cve +https://stulle123.github.io/posts/kakaotalk-account-takeover/ https://sudoat.blogspot.in/2017/03/path-traversal-vulnerability-in-emli.html https://sudoat.blogspot.in/2017/04/xss-vulnerability-in-multiple-emli.html https://suid.ch/research/CVE-2019-25023.html https://suku90.wordpress.com/2018/12/13/php-b2b-script-stored-xss/ https://summitinfosec.com/blog/x-ray-vision-identifying-cve-2023-25199-and-cve-2023-25200-in-manufacturing-equipment/ https://sumukh30.blogspot.com/2020/01/cross-site-scripting-vulnerability-in.html +https://sumukh30.blogspot.com/2020/01/normal-0-false-false-false-en-us-x-none.html?m=1 https://support.1password.com/kb/202010/ https://support.k7computing.com/index.php?/selfhelp/view-article/Advisory-issued-on-6th-January-2021 https://support.norton.com/sp/static/external/tools/security-advisories.html @@ -120267,6 +123611,7 @@ https://syhack.wordpress.com/2019/09/29/ilch-content-management-system-v-2-1-22- https://syhack.wordpress.com/2020/04/18/pnotes-insecure-file-upload-vulnerability-code-execution/ https://syhack.wordpress.com/2020/04/21/rapid-scada-local-privilege-escalation-vulnerability/ https://syntegris-sec.github.io/filerun-advisory +https://sysdig.com/blog/cve-2019-8339-falco-vulnerability/ https://syst1m.cn/2024/01/22/U%E9%AA%8C%E8%AF%81%E7%BD%91%E7%BB%9C%E7%94%A8%E6%88%B7%E7%AE%A1%E7%90%86%E7%B3%BB%E7%BB%9F_%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96%E6%BC%8F%E6%B4%9E/ https://systemoverlord.com/2017/12/18/cve-2017-17704-broken-cryptography-in-istar-ultra-ip-acm-by-software-house.html https://systemweakness.com/critical-csrf-to-rce-in-filebrowser-865a3c34b8e7 @@ -120661,6 +124006,7 @@ https://tenable.com/security/research/TRA-2022-35 https://tenable.com/security/research/tra-2023-16 https://tenable.com/security/research/tra-2023-33 https://tenable.com/security/research/tra-2023-36 +https://tenable.com/security/research/tra-2023-43 https://tetraburst.com/ https://thanatosxingyu.github.io/ https://thanhlocpanda.wordpress.com/2021/07/31/file-upload-bypass-suitecrm-7-11-18/ @@ -120814,7 +124160,9 @@ https://untrustednetwork.net/en/2019/02/20/open-redirection-vulnerability-in-bab https://updates.mailmate-app.com/2.0/release_notes https://updates.mailmate-app.com/release_notes https://us-cert.cisa.gov/ics/alerts/ICS-ALERT-15-224-01 +https://us-cert.cisa.gov/ics/alerts/ICS-ALERT-15-288-01 https://user-images.githubusercontent.com/75008428/163742517-ecc1c787-1ef6-4df9-bdf2-407b2b31e111.png +https://usn.ubuntu.com/3738-1/ https://usn.ubuntu.com/4118-1/ https://vavkamil.cz/2021/11/25/wordpress-plugin-confusion-update-can-get-you-pwned/ https://verneet.com/cve-2022-40711/ @@ -120849,6 +124197,8 @@ https://voidsec.com/vpn-leak/ https://volse.net/~haraldei/infosec/disclosures/hubzilla-before-7-2-multiple-vulnerabilities/ https://vrls.ws/posts/2021/08/samourai-wallet-bitcoin-pin-authentication-bypass-crypto/ https://vuldb.com/?id.1022 +https://vuldb.com/?id.159430 +https://vuldb.com/?id.164510 https://vuldb.com/?id.203178 https://vuldb.com/?id.205820 https://vuldb.com/?id.205831 @@ -120859,7 +124209,9 @@ https://vuldb.com/?id.206486 https://vuldb.com/?id.206688 https://vuldb.com/?id.206845 https://vuldb.com/?id.220638 +https://vuldb.com/?id.248952 https://vuldb.com/?id.249356 +https://vuldb.com/?id.250446 https://vuldb.com/?id.250716 https://vuldb.com/?submit.307752 https://vuldb.com/?submit.307761 @@ -120903,6 +124255,7 @@ https://web.archive.org/web/20130817120539/http://www.otrs.com/de/open-source/co https://web.archive.org/web/20150423041900/http://labs.davidsopas.com/2013/10/how-salesman-could-hack-prestashop.html https://web.archive.org/web/20160317182930/http://www.cloudscan.me/2013/03/cve-2012-1903-stored-xss-javascript.html https://web.archive.org/web/20181104111128/https://embedi.com/blog/skeleton-closet-ms-office-vulnerability-you-didnt-know-about/ +https://web.archive.org/web/20211204031301/https://www.godeye.club/2021/05/20/001-disclosure-mhyprot.html https://web.archive.org/web/20230315181013/https://github.com/sadwwcxz/Vul https://web.archive.org/web/20240208140218/https://gotham-security.com/screenconnect-cve-2023-47256 https://websec.nl/blog/61b2b37a43a1155c848f3b08/developing%20a%20remote%20code%20execution%20exploit%20for%20a%20popular%20media%20box @@ -120925,6 +124278,7 @@ https://whitehatck01.blogspot.com/2018/11/charles-427-xml-external-entity.html https://whitehatck01.blogspot.com/2020/06/dockers-latest-version-of-privilege.html https://whitehub.net/submissions/1516 https://whitehub.net/submissions/1517 +https://whitehub.net/submissions/1518 https://whitehub.net/submissions/2968 https://whiterosezex.blogspot.com/2021/01/cve-2020-23826-rce-vulnerability-in.html https://wid.cert-bund.de/.well-known/csaf/white/2022/bsi-2022-0003.json @@ -121336,6 +124690,7 @@ https://wpscan.com/vulnerability/1d489b05-296e-4268-8082-9737608f9b41 https://wpscan.com/vulnerability/1d4a2f0e-a371-4e27-98de-528e070f41b0/ https://wpscan.com/vulnerability/1d53fbe5-a879-42ca-a9d3-768a80018382 https://wpscan.com/vulnerability/1d748f91-773b-49d6-8f68-a27d397713c3 +https://wpscan.com/vulnerability/1d7d0372-bbc5-40b2-a668-253c819415c4/ https://wpscan.com/vulnerability/1d8bf5bb-5a17-49b7-a5ba-5f2866e1f8a3 https://wpscan.com/vulnerability/1d9d5516-f1c3-4134-b6bf-7f2f890533c4 https://wpscan.com/vulnerability/1dbe0f24-b757-49fe-846f-7c259df9f361 @@ -121601,6 +124956,7 @@ https://wpscan.com/vulnerability/33705003-1f82-4b0c-9b4b-d4de75da309c https://wpscan.com/vulnerability/33765da5-c56e-42c1-83dd-fcaad976b402 https://wpscan.com/vulnerability/337ee7ed-9ade-4567-b976-88386cbcf036 https://wpscan.com/vulnerability/3396b734-9a10-4070-802d-f9d01cc6eb74/ +https://wpscan.com/vulnerability/33a366d9-6c81-4957-a101-768487aae735/ https://wpscan.com/vulnerability/33ab1fe2-6611-4f43-91ba-52c56f02ed56 https://wpscan.com/vulnerability/33b52dd7-613f-46e4-b8ee-beddd31689eb https://wpscan.com/vulnerability/33dddaec-a32a-4fce-89d6-164565be13e1 @@ -121917,6 +125273,7 @@ https://wpscan.com/vulnerability/4e5d993f-cc20-4b5f-b4c8-c13004151828 https://wpscan.com/vulnerability/4ea0127e-afef-41bf-a005-c57432f9f58c https://wpscan.com/vulnerability/4eafe111-8874-4560-83ff-394abe7a803b https://wpscan.com/vulnerability/4ed8296e-1306-481f-9a22-723b051122c0 +https://wpscan.com/vulnerability/4ef99f54-68df-4353-8fc0-9b09ac0df7ba/ https://wpscan.com/vulnerability/4efd2a4d-89bd-472f-ba5a-f9944fd4dd16/ https://wpscan.com/vulnerability/4f1d45bc-d3bd-472c-959d-05abeff32765 https://wpscan.com/vulnerability/4f5597f9-ab27-42d2-847c-14455b7d0849 @@ -123462,6 +126819,7 @@ https://wpscan.com/vulnerability/cdcd3c2c-cb29-4b21-8d3d-7eafbc1d3098 https://wpscan.com/vulnerability/ce12437a-d440-4c4a-9247-95a8f39d00b9 https://wpscan.com/vulnerability/ce2e3503-9a06-4f5c-ae0f-f40e7dfb2903 https://wpscan.com/vulnerability/ce467a2e-081e-4a6c-bfa4-29e4447ebd3b +https://wpscan.com/vulnerability/ce4688b6-6713-43b5-aa63-8a3b036bd332/ https://wpscan.com/vulnerability/ce4ac9c4-d293-4464-b6a0-82ddf8d4860b/ https://wpscan.com/vulnerability/ce564628-3d15-4bc5-8b8e-60b71786ac19 https://wpscan.com/vulnerability/ce5fac6e-8da1-4042-9cf8-7988613f92a5 @@ -123628,6 +126986,7 @@ https://wpscan.com/vulnerability/daa9b6c1-1ee1-434c-9f88-fd273b7e20bb https://wpscan.com/vulnerability/daad48df-6a25-493f-9d1d-17b897462576 https://wpscan.com/vulnerability/dac32ed4-d3df-420a-a2eb-9e7d2435826a https://wpscan.com/vulnerability/daf12b85-f5ad-4261-ab39-be6840ad3cdc +https://wpscan.com/vulnerability/db0b3275-40df-404e-aa8d-53558f0122d8 https://wpscan.com/vulnerability/db0b9480-2ff4-423c-a745-68e983ffa12b https://wpscan.com/vulnerability/db3c3c78-1724-4791-9ab6-ebb2e8a4c8b8 https://wpscan.com/vulnerability/db3e4336-117c-47f2-9b43-2ca115525297 @@ -123646,6 +127005,7 @@ https://wpscan.com/vulnerability/dbe6cf09-971f-42e9-b744-9339454168c7 https://wpscan.com/vulnerability/dbea2dc2-83f6-4e70-b044-a68a4c9b9c39 https://wpscan.com/vulnerability/dc1507c1-8894-4ab6-b25f-c5e26a425b03 https://wpscan.com/vulnerability/dc2ce546-9da1-442c-8ee2-cd660634501f +https://wpscan.com/vulnerability/dc34dc2d-d5a1-4e28-8507-33f659ead647/ https://wpscan.com/vulnerability/dc368484-f2fe-4c76-ba3d-e00e7f633719 https://wpscan.com/vulnerability/dc3a841d-a95b-462e-be4b-acaa44e77264 https://wpscan.com/vulnerability/dc44d85f-afe8-4824-95b0-11b9abfb04d8/ @@ -124140,11 +127500,22 @@ https://www.checkmarx.com/blog/vulnerabilities-discovered-in-mozilla-bleach https://www.chtsecurity.com/news/0a4743a5-491e-4685-95ee-df8316ab5284 https://www.chudamax.com/posts/multiple-vulnerabilities-in-belloo-dating-script/ https://www.cirosec.de/fileadmin/1._Unternehmen/1.4._Unsere_Kompetenzen/Security_Advisory_AudioCodes_Mediant_family.pdf +https://www.cisa.gov/news-events/ics-advisories/icsa-23-033-05 +https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-05 +https://www.cisa.gov/news-events/ics-advisories/icsa-23-264-01 +https://www.cisa.gov/news-events/ics-advisories/icsa-23-299-07 +https://www.cisa.gov/news-events/ics-advisories/icsa-23-299-08 +https://www.cisa.gov/news-events/ics-advisories/icsa-23-306-04 +https://www.cisa.gov/news-events/ics-advisories/icsa-23-353-05 +https://www.cisa.gov/news-events/ics-advisories/icsa-24-025-02 https://www.cisa.gov/news-events/ics-advisories/icsa-24-081-01 +https://www.cisa.gov/news-events/ics-advisories/icsa-24-151-03 https://www.cisa.gov/uscert/ics/advisories/icsa-22-284-01 https://www.cisa.gov/uscert/ics/advisories/icsa-23-010-01 +https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-04 https://www.cnblogs.com/Rainy-Day/p/18061399 https://www.cnblogs.com/echod/articles/10380909.html +https://www.cnblogs.com/tr3e/p/9662324.html https://www.coalfire.com/The-Coalfire-Blog/August-2019/Getting-more-from-a-compliance-test https://www.code-intelligence.com/blog/cve-protobufjs-prototype-pollution-cve-2023-36665 https://www.compass-security.com/fileadmin/Datein/Research/Advisories/CSNC-2018-002_totemo_json_hijacking.txt @@ -124191,6 +127562,7 @@ https://www.coresecurity.com/core-labs/advisories/pandora-fms-community-multiple https://www.coresecurity.com/core-labs/advisories/parallels-ras-os-command-execution https://www.coresecurity.com/core-labs/advisories/pydio-cells-204-multiple-vulnerabilities https://www.coresecurity.com/core-labs/advisories/unified-office-total-connect-sql-injection +https://www.criticalstart.com/f5-big-ip-remote-code-execution-exploit/ https://www.crn.com/news/managed-services/solarwinds-rmm-tool-has-open-zero-day-exploit-huntress-labs https://www.cryptnetix.com/blog/2022/09/14/Edge-Nexus-Vulnerability-Disclosure.html https://www.cryptnetix.com/blog/2023/01/19/Polycom-Trio-Vulnerability-Disclosure.html @@ -124278,6 +127650,7 @@ https://www.espressif.com/en/news/Security_Advisory_Concerning_Fault_Injection_a https://www.esri.com/arcgis-blog/products/arcgis-earth/administration/arcgis-earth-security-update https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/security-advisory-e21-03-server-sql/ https://www.esri.com/arcgis-blog/products/product/uncategorized/portal-for-arcgis-quick-capture-security-patch-is-now-available +https://www.esri.com/arcgis-blog/products/trust-arcgis/announcements/arcgis-server-map-and-feature-service-security-2023-update-1-patch/ https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28007-LFDIR.txt https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28008-SPDIR.txt https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28009-STDIN.txt @@ -133219,6 +136592,7 @@ https://www.fastly.com/blog/anatomy-of-a-command-injection-cve-2021-25296-7-8-wi https://www.fatalerrors.org/a/analysis-of-the-snakeyaml-deserialization-in-java-security.html https://www.fireblocks.com/blog/gg18-and-gg20-paillier-key-vulnerability-technical-report/ https://www.fireblocks.com/blog/lindell17-abort-vulnerability-technical-report/ +https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H https://www.flamingspork.com/blog/2019/01/23/cve-2019-6260:-gaining-control-of-bmc-from-the-host-processor/ https://www.fortinet.com/blog/threat-research/fortiguard-labs-discovers-vulnerability-in--d-link-router-dir868.html https://www.futureweb.at/security/CVE-2015-9253/ @@ -133271,7 +136645,9 @@ https://www.imagemagick.org/script/changelog.php https://www.immuniweb.com/advisory/HTB22913 https://www.immuniweb.com/advisory/HTB23039 https://www.immuniweb.com/advisory/HTB23169 +https://www.infosecsanyam.blogspot.com/2019/12/d-link-dir-615-wireless-routervertical.html https://www.inputzero.io/2018/09/telegram-share-password-in-cleartext.html +https://www.inputzero.io/2019/02/fuzzing-webkit.html https://www.inputzero.io/2019/09/telegram-privacy-fails-again.html https://www.inputzero.io/2020/12/telegram-privacy-fails-again.html https://www.intrinsec.com/publications/ @@ -133288,6 +136664,7 @@ https://www.ise.io/research/studies-and-papers/netgear_wndr4700/ https://www.ise.io/research/studies-and-papers/netgear_wnr3500/ https://www.ise.io/wp-content/uploads/2017/06/soho_defcon21.pdf https://www.ise.io/wp-content/uploads/2017/07/soho_techreport.pdf +https://www.jfrog.com/jira/browse/RTFACT-17004 https://www.jianshu.com/p/219755c047a1 https://www.jinsonvarghese.com/unrestricted-file-upload-in-contact-form-7/ https://www.jsof-tech.com/ripple20/ @@ -133432,6 +136809,7 @@ https://www.linkedin.com/pulse/cve-2021-43609-write-up-division5-security-4lgwe https://www.linkedin.com/pulse/yamcs-vulnerability-assessment-visionspace-technologies https://www.logonbox.com/en/ https://www.magnitude.com/products/data-connectivity +https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1695025.html https://www.mail-archive.com/fulldisclosure@seclists.org/msg07139.html https://www.mail-archive.com/fulldisclosure@seclists.org/msg07140.html https://www.mail-archive.com/netdev@vger.kernel.org/msg186255.html @@ -133479,6 +136857,7 @@ https://www.nussko.com/advisories/advisory-2021-08-01.txt https://www.nussko.com/advisories/advisory-2021-08-02.txt https://www.okta.com/security-blog/2018/06/issues-around-third-party-apple-code-signing-checks/ https://www.on-x.com/wp-content/uploads/2023/01/ON-X-Security-Advisory-Ip-label-Ekara-Newtest-CVE-2022-23334.pdf +https://www.on-x.com/wp-content/uploads/2023/01/on-x_-_security_advisory_-_sage_frp_1000_-_cve-2019-25053.pdf https://www.onapsis.com/blog/onapsis-publishes-15-advisories-sap-hana-and-building-components https://www.onapsis.com/blog/oracle-fixes-record-276-vulnerabilities-july-2016 https://www.onvio.nl/nieuws/research-day-discovering-vulnerabilities-in-wordpress-plugins @@ -133582,6 +136961,8 @@ https://www.openwall.com/lists/oss-security/2024/03/27/5 https://www.openwall.com/lists/oss-security/2024/05/16/3 https://www.oppositionsecurity.com/imagenow-7-1-4-dos/ https://www.optiv.com/explore-optiv-insights/source-zero/netwrix-account-lockout-examiner-41-disclosure-vulnerability +https://www.oracle.com/security-alerts/cpujan2022.html +https://www.oracle.com/us/assets/lifetime-support-middleware-069163.pdf https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF) https://www.oxeye.io/blog/vm2-sandbreak-vulnerability-cve-2022-36067 https://www.papercut.com/kb/Main/CommonSecurityQuestions/ @@ -133611,6 +136992,7 @@ https://www.pizzapower.me/2022/06/30/the-incredibly-insecure-weather-station/ https://www.pizzapower.me/2022/10/11/guitar-pro-directory-traversal-and-filename-xss/ https://www.playframework.com/security/vulnerability/CVE-2015-2156-HttpOnlyBypass https://www.porlockz.com/A-arbitrary-file-upload-vulnerability-in-jizhicms-v1-5/ +https://www.porlockz.com/A-arbitrary-file-write-vulnerability-in-RGCMS-V1-06/ https://www.porlockz.com/A-xss-vulnerability-in-RGCMS-V1-06/ https://www.positronsecurity.com/blog/2020-04-28-gog-galaxy-client-local-privilege-escalation/ https://www.positronsecurity.com/blog/2020-08-13-gog-galaxy_client-local-privilege-escalation_deuce/ @@ -133642,9 +137024,11 @@ https://www.r29k.com/articles/bb/stored-xss-in-deskpro#anchor1 https://www.r29k.com/articles/bb/stored-xss-in-deskpro#anchor2 https://www.rafaybaloch.com/2020/10/multiple-address-bar-spoofing-vulnerabilities.html https://www.rapid7.com/blog/post/2021/06/02/untitled-cve-2021-3198-and-cve-2021-3540-mobileiron-shell-escape-privilege-escalation-vulnerabilities/ +https://www.rapid7.com/blog/post/2021/07/27/multiple-open-source-web-app-vulnerabilities-fixed/ https://www.rapid7.com/blog/post/2022/03/29/cve-2022-1026-kyocera-net-view-address-book-exposure/ https://www.rapid7.com/blog/post/2022/04/14/cve-2022-28810-manageengine-adselfservice-plus-authenticated-command-execution-fixed/ https://www.rapid7.com/blog/post/2022/06/14/cve-2022-32230-windows-smb-denial-of-service-vulnerability-fixed/ +https://www.rapid7.com/blog/post/2023/03/29/multiple-vulnerabilities-in-rocket-software-unirpc-server-fixed/ https://www.rapid7.com/blog/post/2023/10/16/multiple-vulnerabilities-in-south-river-technologies-titan-mft-and-titan-sftp-fixed/ https://www.rapid7.com/blog/post/2024/04/23/etr-unauthenticated-crushftp-zero-day-enables-complete-server-compromise/ https://www.rcesecurity.com/2013/07/winamp-v5-64-fixes-several-code-execution-vulnerabilities-cve-2013-4694-cve-2013-4695 @@ -133690,6 +137074,7 @@ https://www.redteam-pentesting.de/en/advisories/rt-sa-2023-003/-pydio-cells-unau https://www.redteam-pentesting.de/en/advisories/rt-sa-2023-006/-d-link-dap-x1860-remote-command-injection https://www.redteam-pentesting.de/en/advisories/rt-sa-2023-007/ https://www.redteam.tips/mango-vulnerability-disclosure-report/ +https://www.revive-adserver.com/security/response-to-cve-2023-26756/ https://www.riverloopsecurity.com/blog/2020/09/nitf-extract75-cve-2020-13995/ https://www.rodrigofavarini.com.br/cybersecurity/multiple-xss-on-api-manager-3-1-0/ https://www.rootshellsecurity.net/remote-heap-corruption-bug-discovery-minidlna/ @@ -133724,7 +137109,46 @@ https://www.secforce.com/blog/2017/04/cve-2017-3599-pre-auth-mysql-remote-dos/ https://www.secura.com/services/iot/consumer-products/security-concerns-in-popular-smart-home-devices https://www.secureauth.com/labs/advisories/gigabyte-drivers-elevation-privilege-vulnerabilities https://www.securesystems.de/blog/advisory-and-exploitation-the-melag-ftp-server/ +https://www.secureworks.com/research/swrx-2014-006 +https://www.securifera.com/advisories/ +https://www.securifera.com/advisories/CVE-2016-2345 +https://www.securifera.com/advisories/CVE-2018-6546/ +https://www.securifera.com/advisories/CVE-2018-6547/ +https://www.securifera.com/advisories/CVE-2019-8352/ +https://www.securifera.com/advisories/CVE-2022-40021/ +https://www.securifera.com/advisories/CVE-2022-40022/ +https://www.securifera.com/advisories/cve-2015-8277 https://www.securifera.com/advisories/cve-2016-3147/ +https://www.securifera.com/advisories/cve-2018-16156/ +https://www.securifera.com/advisories/cve-2018-20052-20053/ +https://www.securifera.com/advisories/cve-2021-27198/ +https://www.securifera.com/advisories/cve-2021-32089/ +https://www.securifera.com/advisories/cve-2022-48580/ +https://www.securifera.com/advisories/cve-2022-48581/ +https://www.securifera.com/advisories/cve-2022-48582/ +https://www.securifera.com/advisories/cve-2022-48583/ +https://www.securifera.com/advisories/cve-2022-48584/ +https://www.securifera.com/advisories/cve-2022-48585/ +https://www.securifera.com/advisories/cve-2022-48586/ +https://www.securifera.com/advisories/cve-2022-48587/ +https://www.securifera.com/advisories/cve-2022-48588/ +https://www.securifera.com/advisories/cve-2022-48589/ +https://www.securifera.com/advisories/cve-2022-48590/ +https://www.securifera.com/advisories/cve-2022-48591/ +https://www.securifera.com/advisories/cve-2022-48592/ +https://www.securifera.com/advisories/cve-2022-48593/ +https://www.securifera.com/advisories/cve-2022-48594/ +https://www.securifera.com/advisories/cve-2022-48595/ +https://www.securifera.com/advisories/cve-2022-48596/ +https://www.securifera.com/advisories/cve-2022-48597/ +https://www.securifera.com/advisories/cve-2022-48598/ +https://www.securifera.com/advisories/cve-2022-48599/ +https://www.securifera.com/advisories/cve-2022-48600/ +https://www.securifera.com/advisories/cve-2022-48601/ +https://www.securifera.com/advisories/cve-2022-48602/ +https://www.securifera.com/advisories/cve-2022-48603/ +https://www.securifera.com/advisories/cve-2022-48604/ +https://www.securifera.com/advisories/sec-2017-0001/ https://www.securify.nl/advisory/SFY20140805/citrix_nitro_sdk_xen_hotfix_page_is_vulnerable_to_cross_site_scripting.html https://www.securify.nl/advisory/SFY20140806/command_injection_vulnerability_in_citrix_nitro_sdk_xen_hotfix_page.html https://www.securify.nl/advisory/SFY20140904/websense_data_security_dlp_incident_forensics_preview_is_vulnerable_to_cross_site_scripting.html @@ -133748,6 +137172,7 @@ https://www.securityweek.com/recently-patched-teamcity-vulnerability-exploited-t https://www.seebug.org/vuldb/ssvid-97939 https://www.seekurity.com/blog/general/cve-2017-17713-and-cve-2017-17714-multiple-sql-injections-and-xss-vulnerabilities-found-in-the-hackers-tracking-tool-trape-boxug/ https://www.seekurity.com/blog/general/metasploit-web-project-kill-all-running-tasks-csrf-CVE-2017-5244/ +https://www.seekurity.com/blog/general/multiple-cross-site-scripting-vulnerabilities-in-crea8social-social-network-script/ https://www.seekurity.com/blog/general/reflected-xss-vulnerability-in-simplerisk/ https://www.sektioneins.de/advisories/advisory-012013-php-openssl_x509_parse-memory-corruption-vulnerability.html https://www.sektioneins.de/en/advisories/advisory-012014-drupal-pre-auth-sql-injection-vulnerability.html @@ -134214,6 +137639,7 @@ https://www.tarlogic.com/en/blog/vulnerabilities-in-ampache/ https://www.tarlogic.com/en/blog/vulnerabilities-in-ocs-inventory-2-4-1/ https://www.telekom.com/en/company/data-privacy-and-security/news/advisories-504842 https://www.telekom.com/en/corporate-responsibility/data-protection-data-security/security/details/advisories-504842 +https://www.telekom.com/resource/blob/566546/276aaa2eab781729f2544d62edecf002/dl-190322-remote-buffer-overflow-in-a-axtls-data.pdf https://www.tenable.com/blog/cve-2020-12695-callstranger-vulnerability-in-universal-plug-and-play-upnp-puts-billions-of https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487 https://www.tenable.com/blog/frequently-asked-questions-cve-2024-3094-supply-chain-backdoor-in-xz-utils @@ -134503,6 +137929,7 @@ https://www.vdoo.com/blog/security-issues-discovered-in-miniupnp https://www.vdoo.com/blog/working-with-the-community-%E2%80%93-significant-vulnerabilities-in-reolink-cameras/ https://www.veracode.com/blog/research/anatomy-cross-site-scripting-flaw-telerik-reporting-module https://www.vfxcomputing.com/?CVE-2018-19588 +https://www.vfxcomputing.com/?CVE-2019-9657 https://www.vg247.com/2019/04/17/ea-origin-security-flaw-run-malicious-code-fixed/ https://www.vicarius.io/vsociety/vulnerabilities/cve-2024-3094 https://www.vice.com/en/article/y3p35w/hackers-are-using-anti-cheat-in-genshin-impact-to-ransom-victims @@ -134728,11 +138155,13 @@ https://www.wordfence.com/blog/2021/03/recently-patched-vulnerability-in-thrive- https://www.wordfence.com/blog/2021/05/sql-injection-vulnerability-patched-in-cleantalk-antispam-plugin/ https://www.wordfence.com/blog/2021/06/critical-0-day-in-fancy-product-designer-under-active-attack/ https://www.wordfence.com/blog/2023/03/vulnerability-patched-in-cozmolabs-profile-builder-plugin-information-disclosure-leads-to-account-takeover/ +https://www.wordfence.com/threat-intel/vulnerabilities/id/09f2cb22-07e2-4fe5-8c2a-9d4420ee26ed?source=cve https://www.wordfence.com/threat-intel/vulnerabilities/id/33c2756d-c300-479f-b3aa-8f22c3a70278?source=cve https://www.wordfence.com/threat-intel/vulnerabilities/id/7e539549-1125-4b0e-aa3c-c8844041c23a?source=cve https://www.wordfence.com/threat-intel/vulnerabilities/id/a5da021c-3835-4251-a3e5-3b5aaa11ea14?source=cve https://www.wordfence.com/threat-intel/vulnerabilities/id/c20c674f-54b5-470f-b470-07a63501eb4d?source=cve https://www.wordfence.com/threat-intel/vulnerabilities/id/ca564941-4780-4da2-b937-c9bd45966d81?source=cve +https://www.wpsecurityauditlog.com/plugin-change-log/ https://www.x41-dsec.de/lab/advisories/x41-2016-001-libotr/ https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/ https://www.x41-dsec.de/lab/advisories/x41-2017-010-shadowsocks-libev/ @@ -134755,6 +138184,7 @@ https://www.youtube.com/watch?v=4WJqcseH5qk https://www.youtube.com/watch?v=5z_PEZ5PyeA https://www.youtube.com/watch?v=6dAWGH0-6TY https://www.youtube.com/watch?v=6iZnIQbRf5M +https://www.youtube.com/watch?v=88qeaLq98Gc https://www.youtube.com/watch?v=8GZg1IuSfCs https://www.youtube.com/watch?v=9c9Q4VZQOUk https://www.youtube.com/watch?v=BOPLYnveBqk @@ -134784,10 +138214,13 @@ https://www.youtube.com/watch?v=SkTKt1nV57I https://www.youtube.com/watch?v=SonmmgQlLzg https://www.youtube.com/watch?v=TRTpRlkU3Hc https://www.youtube.com/watch?v=Txp6IwR24jY +https://www.youtube.com/watch?v=VAlbkvOm_DU https://www.youtube.com/watch?v=VYKsfgox-bs https://www.youtube.com/watch?v=X1PY7kMFkVg https://www.youtube.com/watch?v=Xy9_hmpvvA4&ab_channel=0ta +https://www.youtube.com/watch?v=ZA7R001kE2w https://www.youtube.com/watch?v=ZqqR89vzZ_I +https://www.youtube.com/watch?v=_ha7XBT_Omo https://www.youtube.com/watch?v=aPKPUDmmYpc https://www.youtube.com/watch?v=b5vPDmMtzwQ https://www.youtube.com/watch?v=bIFot3a-58I @@ -134796,6 +138229,7 @@ https://www.youtube.com/watch?v=efmvL235S-8 https://www.youtube.com/watch?v=ev0VXbiduuQ https://www.youtube.com/watch?v=fkESBVhIdIA https://www.youtube.com/watch?v=gnSMrvV5e9w +https://www.youtube.com/watch?v=jZr2JhDd_S8 https://www.youtube.com/watch?v=kAeJvY6BBps https://www.youtube.com/watch?v=kCqAVYyahLc https://www.youtube.com/watch?v=kiLfSvc1SYY @@ -134810,6 +138244,7 @@ https://www.youtube.com/watch?v=rNQn--9xR1Q https://www.youtube.com/watch?v=sIONzwQAngU https://www.youtube.com/watch?v=sT1cvbu7ZTA https://www.youtube.com/watch?v=t3nYuhAHOMg +https://www.youtube.com/watch?v=vOb9Fyg3iVo https://www.youtube.com/watch?v=vsg9YgvGBec https://www.youtube.com/watch?v=wwHuXfYS8yQ https://www.youtube.com/watch?v=x-r4lnWPdzY @@ -134918,6 +138353,7 @@ https://youtu.be/Xh6LPCiLMa8 https://youtu.be/cPhYW5FzA9A https://youtu.be/cSileV8YbsQ?t=1028 https://youtu.be/cSileV8YbsQ?t=655 +https://youtu.be/ffvKH3gwyRE https://youtu.be/ouwud0PlHkE https://youtu.be/qCvEXwyaF5U https://youtu.be/t5K745dBsT0 @@ -134947,6 +138383,7 @@ https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-35 https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-36 https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-37 https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-55 +https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-75 https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-78 https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-84 https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-85