From 8932a8488dd21e852071ba599ad31c417dc6b90a Mon Sep 17 00:00:00 2001 From: 0xMarcio Date: Sat, 8 Jun 2024 09:32:58 +0000 Subject: [PATCH] Update CVE sources 2024-06-08 09:32 --- 2002/CVE-2002-1614.md | 1 + 2012/CVE-2012-1156.md | 17 + 2012/CVE-2012-4567.md | 17 + 2012/CVE-2012-4568.md | 17 + 2012/CVE-2012-4569.md | 17 + 2012/CVE-2012-4570.md | 17 + 2016/CVE-2016-5195.md | 1 + 2016/CVE-2016-9299.md | 1 + 2017/CVE-2017-0143.md | 1 + 2018/CVE-2018-1273.md | 1 + 2018/CVE-2018-25034.md | 17 + 2019/CVE-2019-11043.md | 1 + 2019/CVE-2019-11358.md | 36 + 2019/CVE-2019-12757.md | 1 + 2019/CVE-2019-13272.md | 1 + 2019/CVE-2019-1388.md | 1 + 2019/CVE-2019-14287.md | 1 + 2019/CVE-2019-15666.md | 1 + 2019/CVE-2019-18634.md | 1 + 2019/CVE-2019-2890.md | 1 + 2019/CVE-2019-7609.md | 1 + 2020/CVE-2020-0601.md | 1 + 2020/CVE-2020-1362.md | 1 + 2020/CVE-2020-13942.md | 1 + 2020/CVE-2020-1472.md | 1 + 2020/CVE-2020-1488.md | 1 + 2020/CVE-2020-14882.md | 1 + 2020/CVE-2020-16846.md | 1 + 2020/CVE-2020-16875.md | 1 + 2020/CVE-2020-16939.md | 1 + 2020/CVE-2020-17049.md | 1 + 2020/CVE-2020-19294.md | 17 + 2020/CVE-2020-3452.md | 1 + 2020/CVE-2020-4450.md | 1 + 2020/CVE-2020-5902.md | 1 + 2020/CVE-2020-8012.md | 1 + 2021/CVE-2021-22555.md | 1 + 2021/CVE-2021-3156.md | 1 + 2021/CVE-2021-3560.md | 1 + 2021/CVE-2021-4034.md | 1 + 2022/CVE-2022-0487.md | 1 + 2022/CVE-2022-0847.md | 1 + 2022/CVE-2022-22916.md | 1 + 2022/CVE-2022-24760.md | 1 + 2022/CVE-2022-30203.md | 1 + 2022/CVE-2022-34721.md | 1 + 2022/CVE-2022-39396.md | 1 + 2022/CVE-2022-41878.md | 18 + 2022/CVE-2022-41879.md | 17 + 2023/CVE-2023-2033.md | 1 + 2023/CVE-2023-2136.md | 1 + 2023/CVE-2023-21560.md | 55 + 2023/CVE-2023-23917.md | 17 + 2023/CVE-2023-26793.md | 17 + 2023/CVE-2023-28205.md | 1 + 2023/CVE-2023-28206.md | 1 + 2023/CVE-2023-28249.md | 43 + 2023/CVE-2023-28269.md | 43 + 2023/CVE-2023-28432.md | 1 + 2023/CVE-2023-29725.md | 17 + 2023/CVE-2023-29737.md | 17 + 2023/CVE-2023-29739.md | 1 + 2023/CVE-2023-29740.md | 1 + 2023/CVE-2023-29749.md | 17 + 2023/CVE-2023-29752.md | 17 + 2023/CVE-2023-29757.md | 17 + 2023/CVE-2023-3079.md | 1 + 2023/CVE-2023-31414.md | 1 + 2023/CVE-2023-31415.md | 2 +- 2023/CVE-2023-3215.md | 1 + 2023/CVE-2023-32315.md | 1 + 2023/CVE-2023-32409.md | 1 + 2023/CVE-2023-33063.md | 1 + 2023/CVE-2023-33106.md | 1 + 2023/CVE-2023-33107.md | 1 + 2023/CVE-2023-33733.md | 1 + 2023/CVE-2023-3446.md | 1 + 2023/CVE-2023-36258.md | 1 + 2023/CVE-2023-36475.md | 17 + 2023/CVE-2023-40424.md | 21 + 2023/CVE-2023-41061.md | 1 + 2023/CVE-2023-41064.md | 1 + 2023/CVE-2023-41991.md | 1 + 2023/CVE-2023-41992.md | 1 + 2023/CVE-2023-41993.md | 1 + 2023/CVE-2023-4211.md | 1 + 2023/CVE-2023-42363.md | 17 + 2023/CVE-2023-42364.md | 17 + 2023/CVE-2023-42365.md | 17 + 2023/CVE-2023-42366.md | 17 + 2023/CVE-2023-42916.md | 1 + 2023/CVE-2023-42917.md | 1 + 2023/CVE-2023-43208.md | 2 + 2023/CVE-2023-43318.md | 2 +- 2023/CVE-2023-46604.md | 1 + 2023/CVE-2023-48022.md | 2 +- 2023/CVE-2023-49231.md | 1 + 2023/CVE-2023-5217.md | 1 + 2023/CVE-2023-5585.md | 17 + 2023/CVE-2023-5729.md | 17 + 2023/CVE-2023-5836.md | 17 + 2023/CVE-2023-6702.md | 1 + 2023/CVE-2023-6860.md | 2 +- 2023/CVE-2023-7024.md | 1 + 2023/CVE-2023-7261.md | 17 + 2024/CVE-2024-0039.md | 1 + 2024/CVE-2024-0043.md | 17 + 2024/CVE-2024-0235.md | 1 + 2024/CVE-2024-0444.md | 17 + 2024/CVE-2024-0901.md | 1 + 2024/CVE-2024-1086.md | 4 + 2024/CVE-2024-1208.md | 1 + 2024/CVE-2024-1212.md | 1 + 2024/CVE-2024-1234.md | 1 + 2024/CVE-2024-1252.md | 1 + 2024/CVE-2024-1347.md | 17 + 2024/CVE-2024-1694.md | 17 + 2024/CVE-2024-1708.md | 1 + 2024/CVE-2024-1800.md | 1 + 2024/CVE-2024-20356.md | 1 + 2024/CVE-2024-20767.md | 1 + 2024/CVE-2024-21006.md | 1 + 2024/CVE-2024-21111.md | 1 + 2024/CVE-2024-21338.md | 1 + 2024/CVE-2024-21410.md | 1 + 2024/CVE-2024-21512.md | 1 + 2024/CVE-2024-21677.md | 1 + 2024/CVE-2024-21683.md | 1 + 2024/CVE-2024-22492.md | 2 +- 2024/CVE-2024-22891.md | 1 + 2024/CVE-2024-23052.md | 3 +- 2024/CVE-2024-23108.md | 2 + 2024/CVE-2024-2333.md | 1 + 2024/CVE-2024-23334.md | 1 + 2024/CVE-2024-2389.md | 1 + 2024/CVE-2024-24060.md | 17 + 2024/CVE-2024-24157.md | 17 + 2024/CVE-2024-24294.md | 17 + 2024/CVE-2024-24520.md | 2 +- 2024/CVE-2024-24919.md | 47 + 2024/CVE-2024-2546.md | 1 + 2024/CVE-2024-25515.md | 17 + 2024/CVE-2024-25522.md | 2 +- 2024/CVE-2024-25525.md | 17 + 2024/CVE-2024-25529.md | 2 +- 2024/CVE-2024-25532.md | 2 +- 2024/CVE-2024-2559.md | 1 + 2024/CVE-2024-2560.md | 1 + 2024/CVE-2024-25600.md | 4 + 2024/CVE-2024-25641.md | 2 +- 2024/CVE-2024-2581.md | 1 + 2024/CVE-2024-26026.md | 1 + 2024/CVE-2024-26304.md | 1 + 2024/CVE-2024-26471.md | 2 +- 2024/CVE-2024-2704.md | 1 + 2024/CVE-2024-27130.md | 1 + 2024/CVE-2024-27198.md | 1 + 2024/CVE-2024-27348.md | 4 + 2024/CVE-2024-27622.md | 2 +- 2024/CVE-2024-27804.md | 1 + 2024/CVE-2024-27931.md | 17 + 2024/CVE-2024-27956.md | 1 + 2024/CVE-2024-28219.md | 18 + 2024/CVE-2024-28255.md | 1 + 2024/CVE-2024-2853.md | 1 + 2024/CVE-2024-2854.md | 1 + 2024/CVE-2024-28547.md | 1 + 2024/CVE-2024-2879.md | 1 + 2024/CVE-2024-2891.md | 1 + 2024/CVE-2024-2905.md | 20 + 2024/CVE-2024-29269.md | 1 + 2024/CVE-2024-29415.md | 2 +- 2024/CVE-2024-2961.md | 4 + 2024/CVE-2024-29857.md | 17 + 2024/CVE-2024-29895.md | 1 + 2024/CVE-2024-30043.md | 1 + 2024/CVE-2024-30163.md | 17 + 2024/CVE-2024-30171.md | 17 + 2024/CVE-2024-30172.md | 17 + 2024/CVE-2024-30268.md | 17 + 2024/CVE-2024-30645.md | 1 + 2024/CVE-2024-30840.md | 2 +- 2024/CVE-2024-30849.md | 17 + 2024/CVE-2024-30889.md | 17 + 2024/CVE-2024-3094.md | 2 + 2024/CVE-2024-31136.md | 1 + 2024/CVE-2024-32002.md | 14 + 2024/CVE-2024-32020.md | 2 +- 2024/CVE-2024-32113.md | 1 + 2024/CVE-2024-32315.md | 17 + 2024/CVE-2024-32320.md | 2 +- 2024/CVE-2024-32369.md | 2 +- 2024/CVE-2024-32647.md | 17 + 2024/CVE-2024-32651.md | 1 + 2024/CVE-2024-32652.md | 17 + 2024/CVE-2024-32655.md | 18 + 2024/CVE-2024-3272.md | 1 + 2024/CVE-2024-3273.md | 2 + 2024/CVE-2024-32886.md | 2 +- 2024/CVE-2024-32888.md | 1 + 2024/CVE-2024-3293.md | 1 + 2024/CVE-2024-32966.md | 18 + 2024/CVE-2024-32974.md | 17 + 2024/CVE-2024-32975.md | 17 + 2024/CVE-2024-32976.md | 17 + 2024/CVE-2024-32983.md | 17 + 2024/CVE-2024-33666.md | 17 + 2024/CVE-2024-3400.md | 2 + 2024/CVE-2024-34062.md | 17 + 2024/CVE-2024-34199.md | 17 + 2024/CVE-2024-34213.md | 17 + 2024/CVE-2024-34219.md | 17 + 2024/CVE-2024-34222.md | 2 +- 2024/CVE-2024-34223.md | 2 +- 2024/CVE-2024-34257.md | 2 +- 2024/CVE-2024-34273.md | 2 +- 2024/CVE-2024-34362.md | 17 + 2024/CVE-2024-34363.md | 17 + 2024/CVE-2024-34391.md | 1 + 2024/CVE-2024-34448.md | 2 +- 2024/CVE-2024-34470.md | 1 + 2024/CVE-2024-34582.md | 2 +- 2024/CVE-2024-34710.md | 17 + 2024/CVE-2024-34715.md | 18 + 2024/CVE-2024-3477.md | 2 +- 2024/CVE-2024-34832.md | 1 + 2024/CVE-2024-34852.md | 17 + 2024/CVE-2024-34854.md | 17 + 2024/CVE-2024-34905.md | 3 +- 2024/CVE-2024-34906.md | 17 + 2024/CVE-2024-34913.md | 17 + 2024/CVE-2024-34919.md | 17 + 2024/CVE-2024-34921.md | 17 + 2024/CVE-2024-3495.md | 2 + 2024/CVE-2024-34952.md | 22 + 2024/CVE-2024-34957.md | 3 +- 2024/CVE-2024-34958.md | 3 +- 2024/CVE-2024-34974.md | 2 +- 2024/CVE-2024-34987.md | 17 + 2024/CVE-2024-34997.md | 17 + 2024/CVE-2024-35039.md | 2 +- 2024/CVE-2024-35057.md | 17 + 2024/CVE-2024-35109.md | 2 +- 2024/CVE-2024-35110.md | 17 + 2024/CVE-2024-35175.md | 17 + 2024/CVE-2024-35183.md | 18 + 2024/CVE-2024-35186.md | 17 + 2024/CVE-2024-35187.md | 2 +- 2024/CVE-2024-35189.md | 18 + 2024/CVE-2024-35190.md | 2 +- 2024/CVE-2024-35195.md | 1 + 2024/CVE-2024-35196.md | 17 + 2024/CVE-2024-35197.md | 17 + 2024/CVE-2024-35222.md | 17 + 2024/CVE-2024-35231.md | 2 +- 2024/CVE-2024-35232.md | 17 + 2024/CVE-2024-35236.md | 17 + 2024/CVE-2024-35333.md | 1 + 2024/CVE-2024-35361.md | 17 + 2024/CVE-2024-35362.md | 17 + 2024/CVE-2024-35384.md | 17 + 2024/CVE-2024-35385.md | 17 + 2024/CVE-2024-35386.md | 17 + 2024/CVE-2024-35387.md | 17 + 2024/CVE-2024-35388.md | 17 + 2024/CVE-2024-35399.md | 17 + 2024/CVE-2024-35400.md | 17 + 2024/CVE-2024-35403.md | 17 + 2024/CVE-2024-35428.md | 17 + 2024/CVE-2024-35429.md | 17 + 2024/CVE-2024-35430.md | 17 + 2024/CVE-2024-35431.md | 17 + 2024/CVE-2024-35432.md | 17 + 2024/CVE-2024-35433.md | 17 + 2024/CVE-2024-35434.md | 17 + 2024/CVE-2024-35468.md | 3 +- 2024/CVE-2024-35469.md | 3 +- 2024/CVE-2024-35475.md | 3 +- 2024/CVE-2024-35492.md | 17 + 2024/CVE-2024-35511.md | 2 +- 2024/CVE-2024-35548.md | 17 + 2024/CVE-2024-35550.md | 17 + 2024/CVE-2024-35551.md | 17 + 2024/CVE-2024-35552.md | 17 + 2024/CVE-2024-35553.md | 17 + 2024/CVE-2024-35554.md | 17 + 2024/CVE-2024-35555.md | 17 + 2024/CVE-2024-35556.md | 17 + 2024/CVE-2024-35557.md | 17 + 2024/CVE-2024-35558.md | 17 + 2024/CVE-2024-35559.md | 17 + 2024/CVE-2024-35560.md | 17 + 2024/CVE-2024-35561.md | 17 + 2024/CVE-2024-35570.md | 17 + 2024/CVE-2024-35581.md | 1 + 2024/CVE-2024-35582.md | 1 + 2024/CVE-2024-35583.md | 1 + 2024/CVE-2024-35591.md | 2 +- 2024/CVE-2024-36104.md | 2 + 2024/CVE-2024-36428.md | 1 + 2024/CVE-2024-3661.md | 1 + 2024/CVE-2024-36673.md | 17 + 2024/CVE-2024-36773.md | 17 + 2024/CVE-2024-37017.md | 17 + 2024/CVE-2024-37160.md | 17 + 2024/CVE-2024-3837.md | 2 +- 2024/CVE-2024-3875.md | 2 +- 2024/CVE-2024-3876.md | 2 +- 2024/CVE-2024-3931.md | 1 + 2024/CVE-2024-4064.md | 2 +- 2024/CVE-2024-4236.md | 1 + 2024/CVE-2024-4239.md | 2 +- 2024/CVE-2024-4295.md | 1 + 2024/CVE-2024-4323.md | 1 + 2024/CVE-2024-4358.md | 5 + 2024/CVE-2024-4367.md | 2 + 2024/CVE-2024-4443.md | 2 + 2024/CVE-2024-4610.md | 18 + 2024/CVE-2024-4820.md | 2 +- 2024/CVE-2024-4835.md | 1 + 2024/CVE-2024-4947.md | 18 + 2024/CVE-2024-4956.md | 8 + 2024/CVE-2024-5084.md | 1 + 2024/CVE-2024-5326.md | 1 + 2024/CVE-2024-5350.md | 17 + 2024/CVE-2024-5351.md | 17 + 2024/CVE-2024-5352.md | 17 + 2024/CVE-2024-5353.md | 17 + 2024/CVE-2024-5354.md | 17 + 2024/CVE-2024-5355.md | 17 + 2024/CVE-2024-5356.md | 17 + 2024/CVE-2024-5363.md | 17 + 2024/CVE-2024-5364.md | 17 + 2024/CVE-2024-5365.md | 17 + 2024/CVE-2024-5366.md | 17 + 2024/CVE-2024-5377.md | 17 + 2024/CVE-2024-5378.md | 2 +- 2024/CVE-2024-5381.md | 2 +- 2024/CVE-2024-5382.md | 17 + 2024/CVE-2024-5390.md | 2 +- 2024/CVE-2024-5391.md | 2 +- 2024/CVE-2024-5392.md | 17 + 2024/CVE-2024-5393.md | 17 + 2024/CVE-2024-5394.md | 17 + 2024/CVE-2024-5395.md | 17 + 2024/CVE-2024-5396.md | 17 + 2024/CVE-2024-5397.md | 17 + 2024/CVE-2024-5428.md | 17 + 2024/CVE-2024-5437.md | 17 + 2024/CVE-2024-5438.md | 17 + 2024/CVE-2024-5515.md | 17 + 2024/CVE-2024-5516.md | 17 + 2024/CVE-2024-5517.md | 17 + 2024/CVE-2024-5518.md | 17 + 2024/CVE-2024-5519.md | 17 + 2024/CVE-2024-5542.md | 17 + 2024/CVE-2024-5588.md | 17 + 2024/CVE-2024-5599.md | 17 + 2024/CVE-2024-5635.md | 17 + 2024/CVE-2024-5636.md | 17 + 2024/CVE-2024-5637.md | 17 + 2024/CVE-2024-5657.md | 17 + 2024/CVE-2024-5658.md | 17 + 2024/CVE-2024-5733.md | 17 + 2024/CVE-2024-5734.md | 17 + 2024/CVE-2024-5745.md | 17 + github.txt | 351 ++++++ references.txt | 2631 ++++++++++++++++++++++++++++++++++++++++ 368 files changed, 6184 insertions(+), 50 deletions(-) create mode 100644 2012/CVE-2012-1156.md create mode 100644 2012/CVE-2012-4567.md create mode 100644 2012/CVE-2012-4568.md create mode 100644 2012/CVE-2012-4569.md create mode 100644 2012/CVE-2012-4570.md create mode 100644 2018/CVE-2018-25034.md create mode 100644 2020/CVE-2020-19294.md create mode 100644 2022/CVE-2022-41878.md create mode 100644 2022/CVE-2022-41879.md create mode 100644 2023/CVE-2023-21560.md create mode 100644 2023/CVE-2023-23917.md create mode 100644 2023/CVE-2023-26793.md create mode 100644 2023/CVE-2023-28249.md create mode 100644 2023/CVE-2023-28269.md create mode 100644 2023/CVE-2023-29725.md create mode 100644 2023/CVE-2023-29737.md create mode 100644 2023/CVE-2023-29749.md create mode 100644 2023/CVE-2023-29752.md create mode 100644 2023/CVE-2023-29757.md create mode 100644 2023/CVE-2023-36475.md create mode 100644 2023/CVE-2023-40424.md create mode 100644 2023/CVE-2023-42363.md create mode 100644 2023/CVE-2023-42364.md create mode 100644 2023/CVE-2023-42365.md create mode 100644 2023/CVE-2023-42366.md create mode 100644 2023/CVE-2023-5585.md create mode 100644 2023/CVE-2023-5729.md create mode 100644 2023/CVE-2023-5836.md create mode 100644 2023/CVE-2023-7261.md create mode 100644 2024/CVE-2024-0043.md create mode 100644 2024/CVE-2024-0444.md create mode 100644 2024/CVE-2024-1347.md create mode 100644 2024/CVE-2024-1694.md create mode 100644 2024/CVE-2024-24060.md create mode 100644 2024/CVE-2024-24157.md create mode 100644 2024/CVE-2024-24294.md create mode 100644 2024/CVE-2024-25515.md create mode 100644 2024/CVE-2024-25525.md create mode 100644 2024/CVE-2024-27931.md create mode 100644 2024/CVE-2024-28219.md create mode 100644 2024/CVE-2024-2905.md create mode 100644 2024/CVE-2024-29857.md create mode 100644 2024/CVE-2024-30163.md create mode 100644 2024/CVE-2024-30171.md create mode 100644 2024/CVE-2024-30172.md create mode 100644 2024/CVE-2024-30268.md create mode 100644 2024/CVE-2024-30849.md create mode 100644 2024/CVE-2024-30889.md create mode 100644 2024/CVE-2024-32315.md create mode 100644 2024/CVE-2024-32647.md create mode 100644 2024/CVE-2024-32652.md create mode 100644 2024/CVE-2024-32655.md create mode 100644 2024/CVE-2024-32966.md create mode 100644 2024/CVE-2024-32974.md create mode 100644 2024/CVE-2024-32975.md create mode 100644 2024/CVE-2024-32976.md create mode 100644 2024/CVE-2024-32983.md create mode 100644 2024/CVE-2024-33666.md create mode 100644 2024/CVE-2024-34062.md create mode 100644 2024/CVE-2024-34199.md create mode 100644 2024/CVE-2024-34213.md create mode 100644 2024/CVE-2024-34219.md create mode 100644 2024/CVE-2024-34362.md create mode 100644 2024/CVE-2024-34363.md create mode 100644 2024/CVE-2024-34710.md create mode 100644 2024/CVE-2024-34715.md create mode 100644 2024/CVE-2024-34852.md create mode 100644 2024/CVE-2024-34854.md create mode 100644 2024/CVE-2024-34906.md create mode 100644 2024/CVE-2024-34913.md create mode 100644 2024/CVE-2024-34919.md create mode 100644 2024/CVE-2024-34921.md create mode 100644 2024/CVE-2024-34952.md create mode 100644 2024/CVE-2024-34987.md create mode 100644 2024/CVE-2024-34997.md create mode 100644 2024/CVE-2024-35057.md create mode 100644 2024/CVE-2024-35110.md create mode 100644 2024/CVE-2024-35175.md create mode 100644 2024/CVE-2024-35183.md create mode 100644 2024/CVE-2024-35186.md create mode 100644 2024/CVE-2024-35189.md create mode 100644 2024/CVE-2024-35196.md create mode 100644 2024/CVE-2024-35197.md create mode 100644 2024/CVE-2024-35222.md create mode 100644 2024/CVE-2024-35232.md create mode 100644 2024/CVE-2024-35236.md create mode 100644 2024/CVE-2024-35361.md create mode 100644 2024/CVE-2024-35362.md create mode 100644 2024/CVE-2024-35384.md create mode 100644 2024/CVE-2024-35385.md create mode 100644 2024/CVE-2024-35386.md create mode 100644 2024/CVE-2024-35387.md create mode 100644 2024/CVE-2024-35388.md create mode 100644 2024/CVE-2024-35399.md create mode 100644 2024/CVE-2024-35400.md create mode 100644 2024/CVE-2024-35403.md create mode 100644 2024/CVE-2024-35428.md create mode 100644 2024/CVE-2024-35429.md create mode 100644 2024/CVE-2024-35430.md create mode 100644 2024/CVE-2024-35431.md create mode 100644 2024/CVE-2024-35432.md create mode 100644 2024/CVE-2024-35433.md create mode 100644 2024/CVE-2024-35434.md create mode 100644 2024/CVE-2024-35492.md create mode 100644 2024/CVE-2024-35548.md create mode 100644 2024/CVE-2024-35550.md create mode 100644 2024/CVE-2024-35551.md create mode 100644 2024/CVE-2024-35552.md create mode 100644 2024/CVE-2024-35553.md create mode 100644 2024/CVE-2024-35554.md create mode 100644 2024/CVE-2024-35555.md create mode 100644 2024/CVE-2024-35556.md create mode 100644 2024/CVE-2024-35557.md create mode 100644 2024/CVE-2024-35558.md create mode 100644 2024/CVE-2024-35559.md create mode 100644 2024/CVE-2024-35560.md create mode 100644 2024/CVE-2024-35561.md create mode 100644 2024/CVE-2024-35570.md create mode 100644 2024/CVE-2024-36673.md create mode 100644 2024/CVE-2024-36773.md create mode 100644 2024/CVE-2024-37017.md create mode 100644 2024/CVE-2024-37160.md create mode 100644 2024/CVE-2024-4610.md create mode 100644 2024/CVE-2024-4947.md create mode 100644 2024/CVE-2024-5350.md create mode 100644 2024/CVE-2024-5351.md create mode 100644 2024/CVE-2024-5352.md create mode 100644 2024/CVE-2024-5353.md create mode 100644 2024/CVE-2024-5354.md create mode 100644 2024/CVE-2024-5355.md create mode 100644 2024/CVE-2024-5356.md create mode 100644 2024/CVE-2024-5363.md create mode 100644 2024/CVE-2024-5364.md create mode 100644 2024/CVE-2024-5365.md create mode 100644 2024/CVE-2024-5366.md create mode 100644 2024/CVE-2024-5377.md create mode 100644 2024/CVE-2024-5382.md create mode 100644 2024/CVE-2024-5392.md create mode 100644 2024/CVE-2024-5393.md create mode 100644 2024/CVE-2024-5394.md create mode 100644 2024/CVE-2024-5395.md create mode 100644 2024/CVE-2024-5396.md create mode 100644 2024/CVE-2024-5397.md create mode 100644 2024/CVE-2024-5428.md create mode 100644 2024/CVE-2024-5437.md create mode 100644 2024/CVE-2024-5438.md create mode 100644 2024/CVE-2024-5515.md create mode 100644 2024/CVE-2024-5516.md create mode 100644 2024/CVE-2024-5517.md create mode 100644 2024/CVE-2024-5518.md create mode 100644 2024/CVE-2024-5519.md create mode 100644 2024/CVE-2024-5542.md create mode 100644 2024/CVE-2024-5588.md create mode 100644 2024/CVE-2024-5599.md create mode 100644 2024/CVE-2024-5635.md create mode 100644 2024/CVE-2024-5636.md create mode 100644 2024/CVE-2024-5637.md create mode 100644 2024/CVE-2024-5657.md create mode 100644 2024/CVE-2024-5658.md create mode 100644 2024/CVE-2024-5733.md create mode 100644 2024/CVE-2024-5734.md create mode 100644 2024/CVE-2024-5745.md diff --git a/2002/CVE-2002-1614.md b/2002/CVE-2002-1614.md index 9cda7cfabc..eedbe65db7 100644 --- a/2002/CVE-2002-1614.md +++ b/2002/CVE-2002-1614.md @@ -15,6 +15,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/CVEDB/PoC-List +- https://github.com/DrewSC13/Linpeas - https://github.com/cedelasen/htb-laboratory - https://github.com/chorankates/Irked - https://github.com/siddicky/Boiler_CTF diff --git a/2012/CVE-2012-1156.md b/2012/CVE-2012-1156.md new file mode 100644 index 0000000000..7fbdf7beab --- /dev/null +++ b/2012/CVE-2012-1156.md @@ -0,0 +1,17 @@ +### [CVE-2012-1156](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1156) +![](https://img.shields.io/static/v1?label=Product&message=Moodle&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%202.2%20to%202.2.1%2B%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=UNKNOWN_TYPE&color=brighgreen) + +### Description + +Moodle before 2.2.2 has users' private files included in course backups + +### POC + +#### Reference +- https://moodle.org/mod/forum/discuss.php?d=198623 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2012/CVE-2012-4567.md b/2012/CVE-2012-4567.md new file mode 100644 index 0000000000..d9d504ef5d --- /dev/null +++ b/2012/CVE-2012-4567.md @@ -0,0 +1,17 @@ +### [CVE-2012-4567](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4567) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Multiple cross-site scripting (XSS) vulnerabilities in LetoDMS (formerly MyDMS) before 3.3.8 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in (1) inc/inc.ClassUI.php or (2) out/out.DocumentNotify.php. + +### POC + +#### Reference +- http://sourceforge.net/p/mydms/code/HEAD/tree/trunk/CHANGELOG + +#### Github +No PoCs found on GitHub currently. + diff --git a/2012/CVE-2012-4568.md b/2012/CVE-2012-4568.md new file mode 100644 index 0000000000..b5126a53f6 --- /dev/null +++ b/2012/CVE-2012-4568.md @@ -0,0 +1,17 @@ +### [CVE-2012-4568](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4568) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Multiple cross-site request forgery (CSRF) vulnerabilities in LetoDMS (formerly MyDMS) before 3.3.8 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors. + +### POC + +#### Reference +- http://sourceforge.net/p/mydms/code/HEAD/tree/trunk/CHANGELOG + +#### Github +No PoCs found on GitHub currently. + diff --git a/2012/CVE-2012-4569.md b/2012/CVE-2012-4569.md new file mode 100644 index 0000000000..c6c8cbeff9 --- /dev/null +++ b/2012/CVE-2012-4569.md @@ -0,0 +1,17 @@ +### [CVE-2012-4569](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4569) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Multiple cross-site scripting (XSS) vulnerabilities in out/out.UsrMgr.php in LetoDMS (formerly MyDMS) before 3.3.9 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. + +### POC + +#### Reference +- http://sourceforge.net/p/mydms/code/HEAD/tree/trunk/CHANGELOG + +#### Github +No PoCs found on GitHub currently. + diff --git a/2012/CVE-2012-4570.md b/2012/CVE-2012-4570.md new file mode 100644 index 0000000000..628bc4ce79 --- /dev/null +++ b/2012/CVE-2012-4570.md @@ -0,0 +1,17 @@ +### [CVE-2012-4570](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4570) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +SQL injection vulnerability in LetoDMS_Core/Core/inc.ClassDMS.php in LetoDMS (formerly MyDMS) before 3.3.8 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. + +### POC + +#### Reference +- http://sourceforge.net/p/mydms/code/HEAD/tree/trunk/CHANGELOG + +#### Github +No PoCs found on GitHub currently. + diff --git a/2016/CVE-2016-5195.md b/2016/CVE-2016-5195.md index 51ca8e251f..714aca6526 100644 --- a/2016/CVE-2016-5195.md +++ b/2016/CVE-2016-5195.md @@ -263,6 +263,7 @@ Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allo - https://github.com/k0mi-tg/OSCP - https://github.com/k0mi-tg/OSCP-note - https://github.com/kai5263499/awesome-container-security +- https://github.com/karanlvm/DirtyPipe-Exploit - https://github.com/katlol/stars - https://github.com/kcgthb/RHEL6.x-COW - https://github.com/kdn111/linux-kernel-exploitation diff --git a/2016/CVE-2016-9299.md b/2016/CVE-2016-9299.md index 856294326c..8d9ac094b7 100644 --- a/2016/CVE-2016-9299.md +++ b/2016/CVE-2016-9299.md @@ -10,6 +10,7 @@ The remoting module in Jenkins before 2.32 and LTS before 2.19.3 allows remote a ### POC #### Reference +- http://www.slideshare.net/codewhitesec/java-deserialization-vulnerabilities-the-forgotten-bug-class-deepsec-edition - https://groups.google.com/forum/#!original/jenkinsci-advisories/-fc-w9tNEJE/GRvEzWoJBgAJ - https://www.cloudbees.com/jenkins-security-advisory-2016-11-16 - https://www.exploit-db.com/exploits/44642/ diff --git a/2017/CVE-2017-0143.md b/2017/CVE-2017-0143.md index 133b63c7f8..fd18249527 100644 --- a/2017/CVE-2017-0143.md +++ b/2017/CVE-2017-0143.md @@ -128,6 +128,7 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 - https://github.com/rosonsec/Exploits - https://github.com/seeu-inspace/easyg - https://github.com/sponkmonk/Ladon_english_update +- https://github.com/stormblack/smbvuln - https://github.com/substing/blue_ctf - https://github.com/sunylife24/TryHackMe2 - https://github.com/sunzu94/AD-Attack-Defense diff --git a/2018/CVE-2018-1273.md b/2018/CVE-2018-1273.md index f9484b7531..ab53000975 100644 --- a/2018/CVE-2018-1273.md +++ b/2018/CVE-2018-1273.md @@ -39,6 +39,7 @@ Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older - https://github.com/Threekiii/Vulhub-Reproduce - https://github.com/Tim1995/FINAL - https://github.com/Whoopsunix/PPPVULNS +- https://github.com/XTeam-Wing/RedTeaming2020 - https://github.com/Z0fhack/Goby_POC - https://github.com/Zero094/Vulnerability-verification - https://github.com/asa1997/topgear_test diff --git a/2018/CVE-2018-25034.md b/2018/CVE-2018-25034.md new file mode 100644 index 0000000000..1d7e8a10f1 --- /dev/null +++ b/2018/CVE-2018-25034.md @@ -0,0 +1,17 @@ +### [CVE-2018-25034](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25034) +![](https://img.shields.io/static/v1?label=Product&message=TCW710&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20ST5D.10.05%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-80%20Basic%20Cross%20Site%20Scripting&color=brighgreen) + +### Description + +A vulnerability, which was classified as problematic, has been found in Thomson TCW710 ST5D.10.05. This issue affects some unknown processing of the file /goform/wlanPrimaryNetwork. The manipulation of the argument ServiceSetIdentifier with the input > as part of POST Request leads to basic cross site scripting (Persistent). The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-126695. + +### POC + +#### Reference +- https://vuldb.com/?id.126695 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2019/CVE-2019-11043.md b/2019/CVE-2019-11043.md index c3a50cf168..03d5cae8a3 100644 --- a/2019/CVE-2019-11043.md +++ b/2019/CVE-2019-11043.md @@ -48,6 +48,7 @@ In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/Vulhub-Reproduce - https://github.com/Tyro-Shan/gongkaishouji +- https://github.com/XTeam-Wing/RedTeaming2020 - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/aaron3238/phpfpmexploit diff --git a/2019/CVE-2019-11358.md b/2019/CVE-2019-11358.md index ee4109ad9f..1d8c94720f 100644 --- a/2019/CVE-2019-11358.md +++ b/2019/CVE-2019-11358.md @@ -161,6 +161,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/8097-Botcats/23-24-master - https://github.com/8097-Botcats/NEWrobotSDK - https://github.com/8101Metalmorphosis/Powerplay-2023 +- https://github.com/8696-Trobotix/template - https://github.com/87it/ftc-vc-demo - https://github.com/8872/centerstage - https://github.com/8872/tinycmd @@ -200,6 +201,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/ATurico26/201-Centerstage-2023-Aidan-code - https://github.com/Aar2d2006/ftc-non-sped-build-fuckery-go-kys - https://github.com/Aarav188/FTC +- https://github.com/AaronHero03/FTCTeleOperate - https://github.com/AaronTreeCan/WashingtonCodersCode - https://github.com/AbbeySieg/ftc-4962-rocketts-2023 - https://github.com/AbbyW89/something-real @@ -223,6 +225,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/Al-Tex/RobotController7.1 - https://github.com/AlCadrone8588/Center-Stage - https://github.com/Alabala492/FtcRobotControllerCenter +- https://github.com/AldenWohlgemuth/road-runner-quickstart-master - https://github.com/Alec7-prog/RoweboticCliquePowerPlay - https://github.com/AlejandroE25/FTC_POWER_PLAY - https://github.com/AlejandroE25/TNT-Robot-Controller @@ -237,6 +240,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/Alexander-Maples/FTCRobotController - https://github.com/Alisa1098/CenterStage4326 - https://github.com/Alitma5094/Howard-Robotics-17394-Team-Code +- https://github.com/AllNew101/Test_Intothedeep - https://github.com/AllysonAB/allysonab - https://github.com/AllysonAB/ftcCenterStage_Allison - https://github.com/Alokxmathur/Center-Stage---Giraffe @@ -314,6 +318,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/AsianKoala/FTC_14607_new - https://github.com/AsianKoala/koawalib_quickstart - https://github.com/AsianKoala/robotroopers_koawalib +- https://github.com/Asvaka/XDriveChallenge - https://github.com/Atlas-CNB/centerstage-2024 - https://github.com/Atlas-CNB/powerplay-2023 - https://github.com/AtomicRobotics3805/2024-Centerstage @@ -372,6 +377,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/Bargain18/7172-Portfolio - https://github.com/Bargain18/Power-Play - https://github.com/Bargain18/Test +- https://github.com/BaronClaps/PedroBot - https://github.com/BaronClaps/TomorrowTeamCode - https://github.com/Bartimus03/RoboticsCode - https://github.com/BaryonsFTC5119/Baryons_Power_Play @@ -424,6 +430,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/BossBots/PowerPlay - https://github.com/BossBots/PowerPlay-Use-this-one- - https://github.com/BossBots/Tutorials +- https://github.com/BotNotFound/XDriveChallenge - https://github.com/BotcatsSoftware/Ultimate-Goal-SDK - https://github.com/BotcatsSoftware/Ultimate-Goal-SDK-master - https://github.com/BotcatsSoftware/VirtualRobotMaster2020 @@ -1031,7 +1038,9 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/FlapJack20221/fuzzy-tribble - https://github.com/Floofyer/FtcRobotController - https://github.com/FlourishAndBots/PowerPlayReal +- https://github.com/ForceCEITI/SDK-FTC - https://github.com/FreehandBlock51/FTCRobot2023 +- https://github.com/FreehandBlock51/XDriveChallenge - https://github.com/Friends-Robotics/freight-frenzy-robot-repo - https://github.com/Friends-Robotics/main-robot-repo - https://github.com/Friends-Robotics/powerplay-robot-repo @@ -1107,6 +1116,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/GramGra07/FTC-RobotController-2021-10448 - https://github.com/GramGra07/FtcRobotController-10448-2022-23 - https://github.com/GramGra07/FtcRobotController-10448-2022-23_priv-V2 +- https://github.com/GramGra07/FtcRobotController_2024-25_5115 - https://github.com/GramGra07/OLD_FTC-RobotController202110448 - https://github.com/GramGra07/OLD_FtcRobotController-10448-2022-23 - https://github.com/GrangerMaherjava/FtcRobotController-master-2 @@ -1128,6 +1138,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/Hackercats/Ultimate-Goal - https://github.com/HamzaEbeida/MarvelsOfVRIC - https://github.com/HamzaEbeida/offseason-ftc +- https://github.com/Harsha23871/HarshaPractieBot_5_24_24 - https://github.com/Harshiv15/FGC2023-TeamGB - https://github.com/Hav0k42/FTC-2020-Ultimate-Goal - https://github.com/HazenRobotics/center-stage @@ -1164,6 +1175,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/HiveMindRobotics/RobotController - https://github.com/HiveMindRobotics/RobotController-2022 - https://github.com/Homosapiens-RO109/2024-CenterStage +- https://github.com/Homosapiens-RO109/Centerstage2024 - https://github.com/Hopkins-Robotics-Gray-12377/freight-frenzy-12377 - https://github.com/HotchkissEFXGearcats/MecanumST2023 - https://github.com/HotchkissEFXGearcats/OctobotST2023 @@ -1349,10 +1361,12 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/KeeganPren/Dukes-CenterStage - https://github.com/KennedyRoboEagles/FTC2021-FreightFrenzy - https://github.com/Kenneth-Olibrice/State-of-Mind-2022-2023 +- https://github.com/KeshavAnandCode/Offseason-FtcRobotController - https://github.com/KevinYang2021/centerstage-ftc - https://github.com/KeyboardSpam815/11723-PowerPlay2 - https://github.com/KilianCollins/23871PracBot11223 - https://github.com/KilianCollins/HEEEEEEEEE +- https://github.com/KilianCollins/PracticeRobot_5_23_24 - https://github.com/KilianCollins/TEST11018023 - https://github.com/Kimzs/FirstT - https://github.com/KineticCodeabots/Codeabot-TeamCode @@ -1588,6 +1602,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/NDCLRobotics/2022-FreightFrenzy - https://github.com/NDCLRobotics/2023-PowerPlay - https://github.com/NDRoboknights/FTC-UG-2021 +- https://github.com/NDS3K/FtcRobotController-master - https://github.com/NKKFu/bootz-code-2021 - https://github.com/NKKFu/roboot-ftc-code-2021 - https://github.com/NKKFu/tpx-2022 @@ -1614,6 +1629,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/Ne-k/10332-PowerPlay - https://github.com/NebuDev14/base-example - https://github.com/NedMihnea/CODU-FREIGHT-FRENZY +- https://github.com/NeelM1123/ftc2024 - https://github.com/Nekarone/FTC-19280-Freight-Frenzy-Code - https://github.com/NelsonWong2026/FTC-CenterStage-24132 - https://github.com/NemesisX09/T265-TEST @@ -1653,6 +1669,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/NipunNagendra/6210centerstage - https://github.com/Niskayuna-RoboWarriors/ftc-2021 - https://github.com/Nitr0gue/RadicalRaidersPowerPlay +- https://github.com/NoName1dea/18458-Zenith-ItD - https://github.com/NoahBlaut/SnakeByte2022 - https://github.com/NoblesRobotics/ftc - https://github.com/NoblesRobotics/robbie @@ -1889,6 +1906,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/RoboRacers/FtcRobotControllerCenterstage - https://github.com/RoboRacers/FtcRobotControllerVeer - https://github.com/RoboRacers/RoboRacersCenterstage +- https://github.com/RoboRacers/RoboRacersIntoTheDeep - https://github.com/RoboSapiens-Programare/cod-powerplay-2022-2023 - https://github.com/RoboSapiens2021/SathvikMovement - https://github.com/RoboSapiens2021/ftc-2022-2023 @@ -2092,9 +2110,12 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/SuperstellarHannah/WISER - https://github.com/Suvan8806/15024 - https://github.com/Suvan8806/FtcRobotController-master-15024 +- https://github.com/SvenXD/Personal-ToolBox - https://github.com/Swampbots/FreightFrenzy - https://github.com/Swampbots/UltimateGoal - https://github.com/Swampbots/UltimateGoal6.0 +- https://github.com/Symple25125/ProjectArm +- https://github.com/Symple25125/centerStage2024 - https://github.com/T-Code07/FTC-LRCA-Joshua - https://github.com/T-Lind/POWER-PLAY - https://github.com/TBHGodPro/FTC-24729-2023 @@ -2286,6 +2307,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/Tundrabots7083/7083-robot-code-2021-2022 - https://github.com/Tundrabots7083/delta-bots-robot-code-2021-2022 - https://github.com/Turbo-V8-14259/14259-Center-Stage +- https://github.com/Tyler-Stocks/FTCLibTest - https://github.com/Tyler-Stocks/Ftc-Testing - https://github.com/Type-C-5526/Centerstage - https://github.com/Tysty/FTC-Software-Training-2023-2024 @@ -2688,6 +2710,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/brotherhobo/2022-2023-FTC - https://github.com/brotherhobo/FTC-2022-2023 - https://github.com/brotherhobo/Monocular-Visual-Odometry-FTC +- https://github.com/brotherhobo/Pedro-Pathing-Quickstart - https://github.com/bruhyz07/2022_Ecliptic - https://github.com/bryancross/2021-Controller - https://github.com/bsoist/FreightFrenzy @@ -2829,6 +2852,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/dtomkoFRC/ftc-template - https://github.com/ducati-red916/Centerstage_2023-24 - https://github.com/duckstroms/Web-CTF-Cheatsheet +- https://github.com/duckyduckies/CENTERSTAGE - https://github.com/dushantpanchbhai/Agastya_FTC_2023 - https://github.com/dushantpanchbhai/TIS_Salaam_Bombay - https://github.com/dushantpanchbhai/TIS_UpACreek @@ -2968,6 +2992,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/ftc13100/FreightFrenzy-2022 - https://github.com/ftc13100/Practice-For-Programming - https://github.com/ftc13100/Programming-Practice-2023 +- https://github.com/ftc13100/Rising-Tides - https://github.com/ftc13100/UltimateGoal-2021 - https://github.com/ftc14103/robot - https://github.com/ftc14158/FreightFrenzy2 @@ -3056,6 +3081,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/ftcwaylandmi/2023-22154-RR - https://github.com/fungloonchong/ict3203_lab_quiz_1_notes - https://github.com/fwprobotics/3507-ultimategoal-rc +- https://github.com/fzzytronics/ain - https://github.com/gagne-3/DRSS_20_21_Road_Runner_Testing - https://github.com/gagne-3/DRSS_20_21_Season_Auto_Update - https://github.com/gagne-3/DRSS_20_21_Season_Auto_Update_OLD @@ -3190,12 +3216,14 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/ishaspatil/pre-season-ftc-sdk - https://github.com/its3D56/Power-Play - https://github.com/ivas-does-bugs/FTC-Ultimate-Goal-ABSOTech +- https://github.com/ivyw0426/XDrivePractice - https://github.com/ixInvalid/FTCRobotController - https://github.com/ixInvalid/FTCRobotController-v8.1.1 - https://github.com/ixInvalid/Fibby - https://github.com/j4igupta/ftc-2023 - https://github.com/j4igupta/ftc-tachyonics-2023 - https://github.com/j4igupta/ftc-tachyonics-2023-init +- https://github.com/j5155/testftc1 - https://github.com/jaanvic25/GeneralRelativity21-22 - https://github.com/jabernat/jabernaut1 - https://github.com/jacen214/Jack2020 @@ -3282,6 +3310,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/kausalyap/FTC_PowerPlay_OpenCV - https://github.com/kchrobotics/tubularcode2020ultimategoal - https://github.com/kennedyrobotics1/FtcRobotController-master +- https://github.com/kennedyrobotics1/RoadRunnerOffseason - https://github.com/kennhung/FTC_2021_Playground - https://github.com/kermodes19767/freightfrenzy - https://github.com/kevinthegreat1/FTC-2021-2022-Team-15943 @@ -3315,6 +3344,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/kroisssant/bjkbbkbjk - https://github.com/kronbot/powerplayv2 - https://github.com/krusche-sensetence/jquery-2.2.4-patched +- https://github.com/kuek64/20077_Centerstage_Pedro - https://github.com/kuek64/TheTomorrowTeam - https://github.com/kuek64/TomorrowTeamMeep - https://github.com/kunhantsai/FtcRobotController @@ -3495,6 +3525,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/panthera2021/FtcRobotController - https://github.com/panthera2021/Ultimate-Goal-6.1 - https://github.com/paparul29/CenterStage-mecanum +- https://github.com/paparul29/Road-To-Global-2024 - https://github.com/papereater42/FireRoboticsMockSeason2023 - https://github.com/par26/FtcRobotController-master - https://github.com/parallelepiped2718/Team-2993-base @@ -3747,6 +3778,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/sms-robotics/UltimateGoal2020 - https://github.com/smvoigt/STEM_ftc - https://github.com/sofiaalfenito/FtcRobotController +- https://github.com/sofiafurman/OdomNew - https://github.com/soniakhanvilkar/alpacas_ug_2020 - https://github.com/soph002/KarmaRobotics-TV - https://github.com/soph002/KarmaRobotics-main @@ -3890,6 +3922,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/titans17576/SummerWithVidyoot - https://github.com/titans17576/UltimateGoalMeet1 - https://github.com/tizso/ftc-startech-2024 +- https://github.com/tjunga/final-2023-2024 - https://github.com/tjunga/pc-code - https://github.com/tmetelev/Error404_23 - https://github.com/tmetelev/FtcRobotController-master @@ -3907,6 +3940,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/trc492/Ftc2022FreightFrenzy - https://github.com/trc492/Ftc2023PowerPlay - https://github.com/trc492/Ftc2024CenterStage +- https://github.com/trc492/FtcTemplate - https://github.com/trevorkw7/first-tech-challenge-2020-2021 - https://github.com/trialandterror-16800/Robot-Controller - https://github.com/trinayhari/final0s1s @@ -3922,6 +3956,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/tudor-Spaima/FTCRobotController - https://github.com/tundrabots/2021-2022-Robot-Code - https://github.com/turbokazax/NyxPardus-FtcRobotController-master +- https://github.com/turtle4831/14708-offseason - https://github.com/turtle4831/DogBytes-CenterStage - https://github.com/turtlewalkers/freightfrenzy - https://github.com/udayamaddi/9686-CenterStage @@ -4011,6 +4046,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/xCellenceRobotics/robotics-ftc - https://github.com/xRoALex/ProgrammingLessons - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +- https://github.com/xboxman234/ANDRIOD-STUIDO-FOR-LE-EPIC-ROBOTICS-THEAM-NO-CAP-FR-FR - https://github.com/xiangqianyou/Example - https://github.com/xtremejames1/15118_2022-23 - https://github.com/yablockoo/FTC2023 diff --git a/2019/CVE-2019-12757.md b/2019/CVE-2019-12757.md index 1981ca9de8..7b289e403e 100644 --- a/2019/CVE-2019-12757.md +++ b/2019/CVE-2019-12757.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/XTeam-Wing/RedTeaming2020 diff --git a/2019/CVE-2019-13272.md b/2019/CVE-2019-13272.md index 73d9dd429f..8196450187 100644 --- a/2019/CVE-2019-13272.md +++ b/2019/CVE-2019-13272.md @@ -35,6 +35,7 @@ In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the - https://github.com/CnHack3r/Penetration_PoC - https://github.com/Cyc1eC/CVE-2019-13272 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp +- https://github.com/DrewSC13/Linpeas - https://github.com/EchoGin404/- - https://github.com/EchoGin404/gongkaishouji - https://github.com/Getshell/LinuxTQ diff --git a/2019/CVE-2019-1388.md b/2019/CVE-2019-1388.md index 20d1ad89f0..160bc5ae28 100644 --- a/2019/CVE-2019-1388.md +++ b/2019/CVE-2019-1388.md @@ -46,6 +46,7 @@ No PoCs from references. - https://github.com/SofianeHamlaoui/Conti-Clear - https://github.com/TCM-Course-Resources/Windows-Privilege-Escalation-Resources - https://github.com/Tyro-Shan/gongkaishouji +- https://github.com/XTeam-Wing/RedTeaming2020 - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/YgorAlberto/Ethical-Hacker - https://github.com/YgorAlberto/ygoralberto.github.io diff --git a/2019/CVE-2019-14287.md b/2019/CVE-2019-14287.md index ba0aa5240d..f9d74f9cf0 100644 --- a/2019/CVE-2019-14287.md +++ b/2019/CVE-2019-14287.md @@ -61,6 +61,7 @@ In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can - https://github.com/TCM-Course-Resources/Linux-Privilege-Escalation-Resources - https://github.com/Tharana/Exploiting-a-Linux-kernel-vulnerability - https://github.com/Tharana/vulnerability-exploitation +- https://github.com/XTeam-Wing/RedTeaming2020 - https://github.com/ZeusBanda/Linux_Priv-Esc_Cheatsheet - https://github.com/a-nonymou-s/Agent-Sudo - https://github.com/aWtlcm9h/Memo diff --git a/2019/CVE-2019-15666.md b/2019/CVE-2019-15666.md index f17ec0f79e..88dff043b6 100644 --- a/2019/CVE-2019-15666.md +++ b/2019/CVE-2019-15666.md @@ -15,6 +15,7 @@ An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bo #### Github - https://github.com/Al1ex/LinuxEelvation - https://github.com/De4dCr0w/Linux-kernel-EoP-exp +- https://github.com/DrewSC13/Linpeas - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits - https://github.com/bsauce/kernel-exploit-factory - https://github.com/bsauce/kernel-security-learning diff --git a/2019/CVE-2019-18634.md b/2019/CVE-2019-18634.md index dddcadabd5..5b9b939375 100644 --- a/2019/CVE-2019-18634.md +++ b/2019/CVE-2019-18634.md @@ -27,6 +27,7 @@ In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigg - https://github.com/DarkFunct/CVE_Exploits - https://github.com/Dinesh-999/Hacking_contents - https://github.com/Drakfunc/CVE_Exploits +- https://github.com/DrewSC13/Linpeas - https://github.com/InesMartins31/iot-cves - https://github.com/Ly0nt4r/OSCP - https://github.com/N1et/CVE-2019-18634 diff --git a/2019/CVE-2019-2890.md b/2019/CVE-2019-2890.md index b13d0cee9a..3a9aae9946 100644 --- a/2019/CVE-2019-2890.md +++ b/2019/CVE-2019-2890.md @@ -37,6 +37,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - https://github.com/SukaraLin/CVE-2019-2890 - https://github.com/Waseem27-art/ART-TOOLKIT - https://github.com/Weik1/Artillery +- https://github.com/XTeam-Wing/RedTeaming2020 - https://github.com/YellowVeN0m/Pentesters-toolbox - https://github.com/ZO1RO/CVE-2019-2890 - https://github.com/aiici/weblogicAllinone diff --git a/2019/CVE-2019-7609.md b/2019/CVE-2019-7609.md index 1db1dc92bc..1750f0275f 100644 --- a/2019/CVE-2019-7609.md +++ b/2019/CVE-2019-7609.md @@ -29,6 +29,7 @@ Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw - https://github.com/EchoGin404/gongkaishouji - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/GhostTroops/TOP +- https://github.com/KTH-LangSec/server-side-prototype-pollution - https://github.com/LandGrey/CVE-2019-7609 - https://github.com/Mehedi-Babu/web_security_cyber - https://github.com/Mr-xn/Penetration_Testing_POC diff --git a/2020/CVE-2020-0601.md b/2020/CVE-2020-0601.md index 664d243e8b..1f99fd8b2b 100644 --- a/2020/CVE-2020-0601.md +++ b/2020/CVE-2020-0601.md @@ -72,6 +72,7 @@ A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) valid - https://github.com/SherlockSec/CVE-2020-0601 - https://github.com/Threekiii/Awesome-POC - https://github.com/Tyro-Shan/gongkaishouji +- https://github.com/XTeam-Wing/RedTeaming2020 - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/Yamato-Security/EnableWindowsLogSettings - https://github.com/YoannDqr/CVE-2020-0601 diff --git a/2020/CVE-2020-1362.md b/2020/CVE-2020-1362.md index ce6d988ee0..f8928971b4 100644 --- a/2020/CVE-2020-1362.md +++ b/2020/CVE-2020-1362.md @@ -39,6 +39,7 @@ No PoCs from references. - https://github.com/NetW0rK1le3r/awesome-hacking-lists - https://github.com/Q4n/CVE-2020-1362 - https://github.com/Tyro-Shan/gongkaishouji +- https://github.com/XTeam-Wing/RedTeaming2020 - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/cyberanand1337x/bug-bounty-2022 diff --git a/2020/CVE-2020-13942.md b/2020/CVE-2020-13942.md index 25fb5c9bae..9f5150383a 100644 --- a/2020/CVE-2020-13942.md +++ b/2020/CVE-2020-13942.md @@ -25,6 +25,7 @@ No PoCs from references. - https://github.com/SouthWind0/southwind0.github.io - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/Vulhub-Reproduce +- https://github.com/XTeam-Wing/RedTeaming2020 - https://github.com/Z0fhack/Goby_POC - https://github.com/alphaSeclab/sec-daily-2020 - https://github.com/apachecn-archive/Middleware-Vulnerability-detection diff --git a/2020/CVE-2020-1472.md b/2020/CVE-2020-1472.md index 93e9147289..ae365dcb9d 100644 --- a/2020/CVE-2020-1472.md +++ b/2020/CVE-2020-1472.md @@ -171,6 +171,7 @@ An elevation of privilege vulnerability exists when an attacker establishes a vu - https://github.com/WiIs0n/Zerologon_CVE-2020-1472 - https://github.com/WillOram/ADReset - https://github.com/XTeam-Wing/Hunting-Active-Directory +- https://github.com/XTeam-Wing/RedTeaming2020 - https://github.com/XiaoliChan/zerologon-Shot - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/YangSirrr/YangsirStudyPlan diff --git a/2020/CVE-2020-1488.md b/2020/CVE-2020-1488.md index 3465ab7705..f208aed6f2 100644 --- a/2020/CVE-2020-1488.md +++ b/2020/CVE-2020-1488.md @@ -37,5 +37,6 @@ An elevation of privilege vulnerability exists when the Windows AppX Deployment No PoCs from references. #### Github +- https://github.com/XTeam-Wing/RedTeaming2020 - https://github.com/gitaramos/links diff --git a/2020/CVE-2020-14882.md b/2020/CVE-2020-14882.md index 6757ac24b4..a38224b144 100644 --- a/2020/CVE-2020-14882.md +++ b/2020/CVE-2020-14882.md @@ -74,6 +74,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - https://github.com/Umarovm/-Patched-McMaster-University-Blind-Command-Injection - https://github.com/Weik1/Artillery - https://github.com/XTeam-Wing/CVE-2020-14882 +- https://github.com/XTeam-Wing/RedTeaming2020 - https://github.com/Yang0615777/PocList - https://github.com/Z0fhack/Goby_POC - https://github.com/Zero094/Vulnerability-verification diff --git a/2020/CVE-2020-16846.md b/2020/CVE-2020-16846.md index 5c4d08975a..ec5ad02673 100644 --- a/2020/CVE-2020-16846.md +++ b/2020/CVE-2020-16846.md @@ -30,6 +30,7 @@ An issue was discovered in SaltStack Salt through 3002. Sending crafted web requ - https://github.com/SexyBeast233/SecBooks - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/Vulhub-Reproduce +- https://github.com/XTeam-Wing/RedTeaming2020 - https://github.com/Z0fhack/Goby_POC - https://github.com/bakery312/Vulhub-Reproduce - https://github.com/d4n-sec/d4n-sec.github.io diff --git a/2020/CVE-2020-16875.md b/2020/CVE-2020-16875.md index c3c5cc2e8a..4fbe18dc1f 100644 --- a/2020/CVE-2020-16875.md +++ b/2020/CVE-2020-16875.md @@ -25,6 +25,7 @@ - https://github.com/FDlucifer/Proxy-Attackchain - https://github.com/HackingCost/AD_Pentest - https://github.com/SexyBeast233/SecBooks +- https://github.com/XTeam-Wing/RedTeaming2020 - https://github.com/alphaSeclab/sec-daily-2020 - https://github.com/hktalent/bug-bounty - https://github.com/laoqin1234/https-github.com-HackingCost-AD_Pentest diff --git a/2020/CVE-2020-16939.md b/2020/CVE-2020-16939.md index cde3a493e4..6e1bac5256 100644 --- a/2020/CVE-2020-16939.md +++ b/2020/CVE-2020-16939.md @@ -47,6 +47,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/XTeam-Wing/RedTeaming2020 - https://github.com/alphaSeclab/sec-daily-2020 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2020/CVE-2020-17049.md b/2020/CVE-2020-17049.md index e80c362e41..4d92955851 100644 --- a/2020/CVE-2020-17049.md +++ b/2020/CVE-2020-17049.md @@ -51,6 +51,7 @@ No PoCs from references. - https://github.com/Strokekilla/Rubeus - https://github.com/Whiteh4tWolf/Attack-Defense - https://github.com/XTeam-Wing/Hunting-Active-Directory +- https://github.com/XTeam-Wing/RedTeaming2020 - https://github.com/ZyberPatrol/Active-Directory - https://github.com/alphaSeclab/sec-daily-2020 - https://github.com/aymankhder/AD-attack-defense diff --git a/2020/CVE-2020-19294.md b/2020/CVE-2020-19294.md new file mode 100644 index 0000000000..be95c57ab4 --- /dev/null +++ b/2020/CVE-2020-19294.md @@ -0,0 +1,17 @@ +### [CVE-2020-19294](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-19294) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A stored cross-site scripting (XSS) vulnerability in the /article/comment component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the article comments section. + +### POC + +#### Reference +- https://www.seebug.org/vuldb/ssvid-97952 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2020/CVE-2020-3452.md b/2020/CVE-2020-3452.md index c202cc3d68..952b4ebd67 100644 --- a/2020/CVE-2020-3452.md +++ b/2020/CVE-2020-3452.md @@ -66,6 +66,7 @@ A vulnerability in the web services interface of Cisco Adaptive Security Applian - https://github.com/Tyro-Shan/gongkaishouji - https://github.com/Veids/CVE-2020-3452_auto - https://github.com/XDev05/CVE-2020-3452-PoC +- https://github.com/XTeam-Wing/RedTeaming2020 - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/Z0fhack/Goby_POC - https://github.com/ZTK-009/Penetration_PoC diff --git a/2020/CVE-2020-4450.md b/2020/CVE-2020-4450.md index 9f29967c52..475b9e139a 100644 --- a/2020/CVE-2020-4450.md +++ b/2020/CVE-2020-4450.md @@ -20,6 +20,7 @@ No PoCs from references. - https://github.com/HimmelAward/Goby_POC - https://github.com/PalindromeLabs/Java-Deserialization-CVEs - https://github.com/SexyBeast233/SecBooks +- https://github.com/XTeam-Wing/RedTeaming2020 - https://github.com/Z0fhack/Goby_POC - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2020/CVE-2020-5902.md b/2020/CVE-2020-5902.md index 5a17b4da0d..0c01846fdb 100644 --- a/2020/CVE-2020-5902.md +++ b/2020/CVE-2020-5902.md @@ -105,6 +105,7 @@ In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12. - https://github.com/Un4gi/CVE-2020-5902 - https://github.com/Waseem27-art/ART-TOOLKIT - https://github.com/WingsSec/Meppo +- https://github.com/XTeam-Wing/RedTeaming2020 - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/YellowVeN0m/Pentesters-toolbox - https://github.com/Ygodsec/- diff --git a/2020/CVE-2020-8012.md b/2020/CVE-2020-8012.md index f525ed1b90..8ac5a1063e 100644 --- a/2020/CVE-2020-8012.md +++ b/2020/CVE-2020-8012.md @@ -21,6 +21,7 @@ CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and be - https://github.com/CVEDB/top - https://github.com/GhostTroops/TOP - https://github.com/JERRY123S/all-poc +- https://github.com/XTeam-Wing/RedTeaming2020 - https://github.com/cyberanand1337x/bug-bounty-2022 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2021/CVE-2021-22555.md b/2021/CVE-2021-22555.md index edfcdc916d..615c5d843e 100644 --- a/2021/CVE-2021-22555.md +++ b/2021/CVE-2021-22555.md @@ -32,6 +32,7 @@ A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in n - https://github.com/Ch4nc3n/PublicExploitation - https://github.com/ChoKyuWon/exploit_articles - https://github.com/Dikens88/hopp +- https://github.com/DrewSC13/Linpeas - https://github.com/EGI-Federation/SVG-advisories - https://github.com/Ha0-Y/LinuxKernelExploits - https://github.com/Ha0-Y/kernel-exploit-cve diff --git a/2021/CVE-2021-3156.md b/2021/CVE-2021-3156.md index 46990b7336..332bba19e1 100644 --- a/2021/CVE-2021-3156.md +++ b/2021/CVE-2021-3156.md @@ -61,6 +61,7 @@ Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based - https://github.com/DanielShmu/OSCP-Cheat-Sheet - https://github.com/DarkFunct/CVE_Exploits - https://github.com/Drakfunc/CVE_Exploits +- https://github.com/DrewSC13/Linpeas - https://github.com/EGI-Federation/SVG-advisories - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/EvilAnne/2021-Read-article diff --git a/2021/CVE-2021-3560.md b/2021/CVE-2021-3560.md index b4cf46d1f4..d7dfd149ac 100644 --- a/2021/CVE-2021-3560.md +++ b/2021/CVE-2021-3560.md @@ -28,6 +28,7 @@ It was found that polkit could be tricked into bypassing the credential checks f - https://github.com/BizarreLove/CVE-2021-3560 - https://github.com/CharonDefalt/linux-exploit - https://github.com/Desm0ndChan/OSCP-cheatsheet +- https://github.com/DrewSC13/Linpeas - https://github.com/EGI-Federation/SVG-advisories - https://github.com/GibzB/THM-Captured-Rooms - https://github.com/HadessCS/Awesome-Privilege-Escalation diff --git a/2021/CVE-2021-4034.md b/2021/CVE-2021-4034.md index 550f8ed135..23c52454bd 100644 --- a/2021/CVE-2021-4034.md +++ b/2021/CVE-2021-4034.md @@ -66,6 +66,7 @@ A local privilege escalation vulnerability was found on polkit's pkexec utility. - https://github.com/DavidSerre/Pwnkit - https://github.com/Desm0ndChan/OSCP-cheatsheet - https://github.com/DosAmp/pkwned +- https://github.com/DrewSC13/Linpeas - https://github.com/EstamelGG/CVE-2021-4034-NoGCC - https://github.com/Ethical-Dyl/gamingserver-writeup - https://github.com/Ethical-Dyl/road-writeup diff --git a/2022/CVE-2022-0487.md b/2022/CVE-2022-0487.md index 85d6cb45c5..ca24a3a0eb 100644 --- a/2022/CVE-2022-0487.md +++ b/2022/CVE-2022-0487.md @@ -14,5 +14,6 @@ A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/me #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/karanlvm/DirtyPipe-Exploit - https://github.com/si1ent-le/CVE-2022-0847 diff --git a/2022/CVE-2022-0847.md b/2022/CVE-2022-0847.md index 81c74a3110..56a16edcf1 100644 --- a/2022/CVE-2022-0847.md +++ b/2022/CVE-2022-0847.md @@ -222,6 +222,7 @@ A flaw was found in the way the "flags" member of the new pipe buffer structure - https://github.com/jxpsx/CVE-2022-0847-DirtyPipe-Exploits - https://github.com/k0mi-tg/CVE-POC - https://github.com/kaosagnt/ansible-everyday +- https://github.com/karanlvm/DirtyPipe-Exploit - https://github.com/karimhabush/cyberowl - https://github.com/kdn111/linux-kernel-exploitation - https://github.com/kgwanjala/oscp-cheatsheet diff --git a/2022/CVE-2022-22916.md b/2022/CVE-2022-22916.md index 777a73fc75..a4ef406141 100644 --- a/2022/CVE-2022-22916.md +++ b/2022/CVE-2022-22916.md @@ -25,6 +25,7 @@ O2OA v6.4.7 was discovered to contain a remote code execution (RCE) vulnerabilit - https://github.com/trhacknon/Pocingit - https://github.com/whoforget/CVE-POC - https://github.com/wy876/POC +- https://github.com/wy876/wiki - https://github.com/youwizard/CVE-POC - https://github.com/zecool/cve diff --git a/2022/CVE-2022-24760.md b/2022/CVE-2022-24760.md index cb00be1e7c..da4fb8fbd9 100644 --- a/2022/CVE-2022-24760.md +++ b/2022/CVE-2022-24760.md @@ -14,6 +14,7 @@ Parse Server is an open source http web server backend. In versions prior to 4.1 #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/KTH-LangSec/server-side-prototype-pollution - https://github.com/NaInSec/CVE-PoC-in-GitHub - https://github.com/SYRTI/POC_to_review - https://github.com/WhooAmii/POC_to_review diff --git a/2022/CVE-2022-30203.md b/2022/CVE-2022-30203.md index c22aacfeb6..c3e56409a8 100644 --- a/2022/CVE-2022-30203.md +++ b/2022/CVE-2022-30203.md @@ -50,4 +50,5 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/Wack0/dubiousdisk diff --git a/2022/CVE-2022-34721.md b/2022/CVE-2022-34721.md index f493a9145f..061919b0c2 100644 --- a/2022/CVE-2022-34721.md +++ b/2022/CVE-2022-34721.md @@ -50,5 +50,6 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/Haera/NTCrawler +- https://github.com/haera/NTCrawler - https://github.com/tanjiti/sec_profile diff --git a/2022/CVE-2022-39396.md b/2022/CVE-2022-39396.md index 29b1c1af72..6120578d71 100644 --- a/2022/CVE-2022-39396.md +++ b/2022/CVE-2022-39396.md @@ -14,5 +14,6 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/KTH-LangSec/server-side-prototype-pollution - https://github.com/tanjiti/sec_profile diff --git a/2022/CVE-2022-41878.md b/2022/CVE-2022-41878.md new file mode 100644 index 0000000000..20ac908f9d --- /dev/null +++ b/2022/CVE-2022-41878.md @@ -0,0 +1,18 @@ +### [CVE-2022-41878](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41878) +![](https://img.shields.io/static/v1?label=Product&message=parse-server&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-1321%3A%20Improperly%20Controlled%20Modification%20of%20Object%20Prototype%20Attributes%20('Prototype%20Pollution')&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-74%3A%20Improper%20Neutralization%20of%20Special%20Elements%20in%20Output%20Used%20by%20a%20Downstream%20Component%20('Injection')&color=brighgreen) + +### Description + +Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In versions prior to 5.3.2 or 4.10.19, keywords that are specified in the Parse Server option `requestKeywordDenylist` can be injected via Cloud Code Webhooks or Triggers. This will result in the keyword being saved to the database, bypassing the `requestKeywordDenylist` option. This issue is fixed in versions 4.10.19, and 5.3.2. If upgrade is not possible, the following Workarounds may be applied: Configure your firewall to only allow trusted servers to make request to the Parse Server Cloud Code Webhooks API, or block the API completely if you are not using the feature. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/KTH-LangSec/server-side-prototype-pollution + diff --git a/2022/CVE-2022-41879.md b/2022/CVE-2022-41879.md new file mode 100644 index 0000000000..089538e775 --- /dev/null +++ b/2022/CVE-2022-41879.md @@ -0,0 +1,17 @@ +### [CVE-2022-41879](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41879) +![](https://img.shields.io/static/v1?label=Product&message=parse-server&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-1321%3A%20Improperly%20Controlled%20Modification%20of%20Object%20Prototype%20Attributes%20('Prototype%20Pollution')&color=brighgreen) + +### Description + +Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In versions prior to 5.3.3 or 4.10.20, a compromised Parse Server Cloud Code Webhook target endpoint allows an attacker to use prototype pollution to bypass the Parse Server `requestKeywordDenylist` option. This issue has been patched in versions 5.3.3 and 4.10.20. There are no known workarounds. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/KTH-LangSec/server-side-prototype-pollution + diff --git a/2023/CVE-2023-2033.md b/2023/CVE-2023-2033.md index 881b7cfad3..f39043864c 100644 --- a/2023/CVE-2023-2033.md +++ b/2023/CVE-2023-2033.md @@ -18,6 +18,7 @@ No PoCs from references. - https://github.com/NexovaDev/UpdateHub - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +- https://github.com/RENANZG/My-Forensics - https://github.com/Threekiii/CVE - https://github.com/WalccDev/CVE-2023-2033 - https://github.com/dan-mba/python-selenium-news diff --git a/2023/CVE-2023-2136.md b/2023/CVE-2023-2136.md index a509be5cfe..e5b5e06125 100644 --- a/2023/CVE-2023-2136.md +++ b/2023/CVE-2023-2136.md @@ -16,6 +16,7 @@ No PoCs from references. - https://github.com/ARPSyndicate/cvemon - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +- https://github.com/RENANZG/My-Forensics - https://github.com/Threekiii/CVE - https://github.com/ayman-m/rosetta - https://github.com/karimhabush/cyberowl diff --git a/2023/CVE-2023-21560.md b/2023/CVE-2023-21560.md new file mode 100644 index 0000000000..43c1c9e8ed --- /dev/null +++ b/2023/CVE-2023-21560.md @@ -0,0 +1,55 @@ +### [CVE-2023-21560](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21560) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2020H2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2021H2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2022H2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202022&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.10240.19685%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.14393.5648%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.17763.3887%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.19042.2486%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.19044.2486%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.19045.2486%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1487%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21872%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26321%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26321%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24075%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20778%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-122%3A%20Heap-based%20Buffer%20Overflow&color=brighgreen) + +### Description + +Windows Boot Manager Security Feature Bypass Vulnerability + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Wack0/dubiousdisk +- https://github.com/nomi-sec/PoC-in-GitHub + diff --git a/2023/CVE-2023-23917.md b/2023/CVE-2023-23917.md new file mode 100644 index 0000000000..5cbff807a8 --- /dev/null +++ b/2023/CVE-2023-23917.md @@ -0,0 +1,17 @@ +### [CVE-2023-23917](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23917) +![](https://img.shields.io/static/v1?label=Product&message=Rocket.chat&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Command%20Injection%20-%20Generic%20(CWE-77)&color=brighgreen) + +### Description + +A prototype pollution vulnerability exists in Rocket.Chat server <5.2.0 that could allow an attacker to a RCE under the admin account. Any user can create their own server in your cloud and become an admin so this vulnerability could affect the cloud infrastructure. This attack vector also may increase the impact of XSS to RCE which is dangerous for self-hosted users as well. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/KTH-LangSec/server-side-prototype-pollution + diff --git a/2023/CVE-2023-26793.md b/2023/CVE-2023-26793.md new file mode 100644 index 0000000000..cb6f44874a --- /dev/null +++ b/2023/CVE-2023-26793.md @@ -0,0 +1,17 @@ +### [CVE-2023-26793](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26793) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +libmodbus v3.1.10 has a heap-based buffer overflow vulnerability in read_io_status function in src/modbus.c. + +### POC + +#### Reference +- https://github.com/stephane/libmodbus/issues/683 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-28205.md b/2023/CVE-2023-28205.md index 4dbb5fb85a..32df1d64a8 100644 --- a/2023/CVE-2023-28205.md +++ b/2023/CVE-2023-28205.md @@ -19,6 +19,7 @@ No PoCs from references. #### Github - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +- https://github.com/RENANZG/My-Forensics - https://github.com/jake-44/Research - https://github.com/karimhabush/cyberowl diff --git a/2023/CVE-2023-28206.md b/2023/CVE-2023-28206.md index b72323a662..f6f6c16ed0 100644 --- a/2023/CVE-2023-28206.md +++ b/2023/CVE-2023-28206.md @@ -19,6 +19,7 @@ No PoCs from references. - https://github.com/C4ndyF1sh/CrashControl - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +- https://github.com/RENANZG/My-Forensics - https://github.com/ZZY3312/CVE-2023-28206 - https://github.com/acceleratortroll/acceleratortroll - https://github.com/jake-44/Research diff --git a/2023/CVE-2023-28249.md b/2023/CVE-2023-28249.md new file mode 100644 index 0000000000..97d8ceffb3 --- /dev/null +++ b/2023/CVE-2023-28249.md @@ -0,0 +1,43 @@ +### [CVE-2023-28249](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28249) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2020H2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2021H2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2022H2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202022&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.10240.19869%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.14393.5850%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.17763.4252%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.19042.2846%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.19044.2846%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.19045.2846%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1668%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1817%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1555%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24216%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20919%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Security%20Feature%20Bypass&color=brighgreen) + +### Description + +Windows Boot Manager Security Feature Bypass Vulnerability + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Wack0/dubiousdisk + diff --git a/2023/CVE-2023-28269.md b/2023/CVE-2023-28269.md new file mode 100644 index 0000000000..254d140ce5 --- /dev/null +++ b/2023/CVE-2023-28269.md @@ -0,0 +1,43 @@ +### [CVE-2023-28269](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28269) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2020H2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2021H2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2022H2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202022&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.10240.19869%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.14393.5850%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.17763.4252%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.19042.2846%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.19044.2846%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.19045.2846%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1668%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1817%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1555%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24216%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20919%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-122%3A%20Heap-based%20Buffer%20Overflow&color=brighgreen) + +### Description + +Windows Boot Manager Security Feature Bypass Vulnerability + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Wack0/dubiousdisk + diff --git a/2023/CVE-2023-28432.md b/2023/CVE-2023-28432.md index b03116179a..de0b741b35 100644 --- a/2023/CVE-2023-28432.md +++ b/2023/CVE-2023-28432.md @@ -66,6 +66,7 @@ No PoCs from references. - https://github.com/unam4/CVE-2023-28432-minio_update_rce - https://github.com/whoami13apt/files2 - https://github.com/wy876/POC +- https://github.com/wy876/wiki - https://github.com/xk-mt/CVE-2023-28432 - https://github.com/yTxZx/CVE-2023-28432 - https://github.com/yuyongxr/minio_cve-2023-28432 diff --git a/2023/CVE-2023-29725.md b/2023/CVE-2023-29725.md new file mode 100644 index 0000000000..785e1a7874 --- /dev/null +++ b/2023/CVE-2023-29725.md @@ -0,0 +1,17 @@ +### [CVE-2023-29725](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29725) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +The BT21 x BTS Wallpaper app 12 for Android allows unauthorized applications to actively request permission to insert data into the database that records information about a user's personal preferences and will be loaded into memory to be read and used when the application is opened. By injecting data, the attacker can force the application to load malicious image URLs and display them in the UI. As the amount of data increases, it will eventually cause the application to trigger an OOM error and crash, resulting in a persistent denial of service attack. + +### POC + +#### Reference +- https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29725/CVE%20detail.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-29737.md b/2023/CVE-2023-29737.md new file mode 100644 index 0000000000..14b54d0d5b --- /dev/null +++ b/2023/CVE-2023-29737.md @@ -0,0 +1,17 @@ +### [CVE-2023-29737](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29737) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue found in Wave Animated Keyboard Emoji v.1.70.7 for Android allows a local attacker to cause a denial of service via the database files. + +### POC + +#### Reference +- https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29737/CVE%20detail.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-29739.md b/2023/CVE-2023-29739.md index 606b50c157..9dc1abe330 100644 --- a/2023/CVE-2023-29739.md +++ b/2023/CVE-2023-29739.md @@ -10,6 +10,7 @@ An issue found in Alarm Clock for Heavy Sleepers v.5.3.2 for Android allows unau ### POC #### Reference +- https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29739/CVE%20detail.md - https://play.google.com/store/apps/details?id=com.amdroidalarmclock.amdroid #### Github diff --git a/2023/CVE-2023-29740.md b/2023/CVE-2023-29740.md index 90d0f6ed8a..4c882972bf 100644 --- a/2023/CVE-2023-29740.md +++ b/2023/CVE-2023-29740.md @@ -10,6 +10,7 @@ An issue found in Alarm Clock for Heavy Sleepers v.5.3.2 for Android allows unau ### POC #### Reference +- https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29740/CVE%20detail.md - https://play.google.com/store/apps/details?id=com.amdroidalarmclock.amdroid #### Github diff --git a/2023/CVE-2023-29749.md b/2023/CVE-2023-29749.md new file mode 100644 index 0000000000..feefc5ec64 --- /dev/null +++ b/2023/CVE-2023-29749.md @@ -0,0 +1,17 @@ +### [CVE-2023-29749](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29749) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue found in Yandex Navigator v.6.60 for Android allows unauthorized apps to cause escalation of privilege attacks by manipulating the SharedPreference files. + +### POC + +#### Reference +- https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29749/CVE%20detailed.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-29752.md b/2023/CVE-2023-29752.md new file mode 100644 index 0000000000..fc7c24fc2d --- /dev/null +++ b/2023/CVE-2023-29752.md @@ -0,0 +1,17 @@ +### [CVE-2023-29752](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29752) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue found in Facemoji Emoji Keyboard v.2.9.1.2 for Android allows unauthorized apps to cause escalation of privilege attacks by manipulating the component. + +### POC + +#### Reference +- https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29752/CVE%20detailed.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-29757.md b/2023/CVE-2023-29757.md new file mode 100644 index 0000000000..ac0c98e081 --- /dev/null +++ b/2023/CVE-2023-29757.md @@ -0,0 +1,17 @@ +### [CVE-2023-29757](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29757) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue found in Blue Light Filter v.1.5.5 for Android allows unauthorized apps to cause escalation of privilege attacks by manipulating the SharedPreference files. + +### POC + +#### Reference +- https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29757/CVE%20detailed.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-3079.md b/2023/CVE-2023-3079.md index 583d6e19cb..a884ff53c8 100644 --- a/2023/CVE-2023-3079.md +++ b/2023/CVE-2023-3079.md @@ -16,6 +16,7 @@ Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote a #### Github - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +- https://github.com/RENANZG/My-Forensics - https://github.com/Threekiii/CVE - https://github.com/Uniguri/CVE-1day - https://github.com/ZonghaoLi777/githubTrending diff --git a/2023/CVE-2023-31414.md b/2023/CVE-2023-31414.md index 3ab22e40ec..1804476fb5 100644 --- a/2023/CVE-2023-31414.md +++ b/2023/CVE-2023-31414.md @@ -14,4 +14,5 @@ Kibana versions 8.0.0 through 8.7.0 contain an arbitrary code execution flaw. An #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/KTH-LangSec/server-side-prototype-pollution diff --git a/2023/CVE-2023-31415.md b/2023/CVE-2023-31415.md index d275a20e76..8bd13a246a 100644 --- a/2023/CVE-2023-31415.md +++ b/2023/CVE-2023-31415.md @@ -13,5 +13,5 @@ Kibana version 8.7.0 contains an arbitrary code execution flaw. An attacker with - https://www.elastic.co/community/security/ #### Github -No PoCs found on GitHub currently. +- https://github.com/KTH-LangSec/server-side-prototype-pollution diff --git a/2023/CVE-2023-3215.md b/2023/CVE-2023-3215.md index 238337d7ae..2381de299a 100644 --- a/2023/CVE-2023-3215.md +++ b/2023/CVE-2023-3215.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/em1ga3l/cve-msrc-extractor +- https://github.com/theryeguy92/HTB-Solar-Lab diff --git a/2023/CVE-2023-32315.md b/2023/CVE-2023-32315.md index 4482c29c9c..ab4ebc0bc4 100644 --- a/2023/CVE-2023-32315.md +++ b/2023/CVE-2023-32315.md @@ -51,4 +51,5 @@ Openfire is an XMPP server licensed under the Open Source Apache License. Openfi - https://github.com/ohnonoyesyes/CVE-2023-32315 - https://github.com/pinguimfu/kinsing-killer - https://github.com/tangxiaofeng7/CVE-2023-32315-Openfire-Bypass +- https://github.com/theryeguy92/HTB-Solar-Lab diff --git a/2023/CVE-2023-32409.md b/2023/CVE-2023-32409.md index 1915ea09af..75257561ad 100644 --- a/2023/CVE-2023-32409.md +++ b/2023/CVE-2023-32409.md @@ -22,4 +22,5 @@ No PoCs from references. #### Github - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +- https://github.com/RENANZG/My-Forensics diff --git a/2023/CVE-2023-33063.md b/2023/CVE-2023-33063.md index 56823f4954..f045f06ac4 100644 --- a/2023/CVE-2023-33063.md +++ b/2023/CVE-2023-33063.md @@ -15,5 +15,6 @@ No PoCs from references. #### Github - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +- https://github.com/RENANZG/My-Forensics - https://github.com/xairy/linux-kernel-exploitation diff --git a/2023/CVE-2023-33106.md b/2023/CVE-2023-33106.md index 5e5b1e6c89..459db5f157 100644 --- a/2023/CVE-2023-33106.md +++ b/2023/CVE-2023-33106.md @@ -15,5 +15,6 @@ No PoCs from references. #### Github - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +- https://github.com/RENANZG/My-Forensics - https://github.com/xairy/linux-kernel-exploitation diff --git a/2023/CVE-2023-33107.md b/2023/CVE-2023-33107.md index 5c7bb2205b..56d9883b36 100644 --- a/2023/CVE-2023-33107.md +++ b/2023/CVE-2023-33107.md @@ -15,5 +15,6 @@ No PoCs from references. #### Github - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +- https://github.com/RENANZG/My-Forensics - https://github.com/xairy/linux-kernel-exploitation diff --git a/2023/CVE-2023-33733.md b/2023/CVE-2023-33733.md index f8a2ecaed0..2edb51c056 100644 --- a/2023/CVE-2023-33733.md +++ b/2023/CVE-2023-33733.md @@ -20,4 +20,5 @@ Reportlab up to v3.6.12 allows attackers to execute arbitrary code via supplying - https://github.com/onion2203/Lab_Reportlab - https://github.com/sahiloj/CVE-2023-33732 - https://github.com/tanjiti/sec_profile +- https://github.com/theryeguy92/HTB-Solar-Lab diff --git a/2023/CVE-2023-3446.md b/2023/CVE-2023-3446.md index 304d275c62..894f4b7527 100644 --- a/2023/CVE-2023-3446.md +++ b/2023/CVE-2023-3446.md @@ -18,4 +18,5 @@ No PoCs from references. - https://github.com/fkie-cad/nvd-json-data-feeds - https://github.com/seal-community/patches - https://github.com/testing-felickz/docker-scout-demo +- https://github.com/zgimszhd61/openai-sec-test-cve-quickstart diff --git a/2023/CVE-2023-36258.md b/2023/CVE-2023-36258.md index 4fd9636054..4ecc6ce150 100644 --- a/2023/CVE-2023-36258.md +++ b/2023/CVE-2023-36258.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/fkie-cad/nvd-json-data-feeds +- https://github.com/zgimszhd61/openai-security-app-quickstart diff --git a/2023/CVE-2023-36475.md b/2023/CVE-2023-36475.md new file mode 100644 index 0000000000..0f09b61d4a --- /dev/null +++ b/2023/CVE-2023-36475.md @@ -0,0 +1,17 @@ +### [CVE-2023-36475](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36475) +![](https://img.shields.io/static/v1?label=Product&message=parse-server&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%205.5.2%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-1321%3A%20Improperly%20Controlled%20Modification%20of%20Object%20Prototype%20Attributes%20('Prototype%20Pollution')&color=brighgreen) + +### Description + +Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 5.5.2 and 6.2.1, an attacker can use a prototype pollution sink to trigger a remote code execution through the MongoDB BSON parser. A patch is available in versions 5.5.2 and 6.2.1. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/KTH-LangSec/server-side-prototype-pollution + diff --git a/2023/CVE-2023-40424.md b/2023/CVE-2023-40424.md new file mode 100644 index 0000000000..2740f48246 --- /dev/null +++ b/2023/CVE-2023-40424.md @@ -0,0 +1,21 @@ +### [CVE-2023-40424](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40424) +![](https://img.shields.io/static/v1?label=Product&message=iOS%20and%20iPadOS&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=macOS&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=watchOS&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=unspecified%3C%2010%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=unspecified%3C%2014%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=unspecified%3C%2017%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=An%20app%20may%20be%20able%20to%20access%20user-sensitive%20data&color=brighgreen) + +### Description + +The issue was addressed with improved checks. This issue is fixed in iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. An app may be able to access user-sensitive data. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/zgimszhd61/openai-sec-test-cve-quickstart + diff --git a/2023/CVE-2023-41061.md b/2023/CVE-2023-41061.md index 0f5b065b14..2cbbd47df4 100644 --- a/2023/CVE-2023-41061.md +++ b/2023/CVE-2023-41061.md @@ -17,5 +17,6 @@ No PoCs from references. #### Github - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +- https://github.com/RENANZG/My-Forensics - https://github.com/houjingyi233/macOS-iOS-system-security diff --git a/2023/CVE-2023-41064.md b/2023/CVE-2023-41064.md index c8c57b4a1e..a1b7bd8989 100644 --- a/2023/CVE-2023-41064.md +++ b/2023/CVE-2023-41064.md @@ -19,6 +19,7 @@ No PoCs from references. - https://github.com/MrR0b0t19/vulnerabilidad-LibWebP-CVE-2023-41064 - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +- https://github.com/RENANZG/My-Forensics - https://github.com/alsaeroth/CVE-2023-41064-POC - https://github.com/apt0factury/CVE-2023-41064 - https://github.com/caoweiquan322/NotEnough diff --git a/2023/CVE-2023-41991.md b/2023/CVE-2023-41991.md index 8a892fa552..618c93116d 100644 --- a/2023/CVE-2023-41991.md +++ b/2023/CVE-2023-41991.md @@ -17,6 +17,7 @@ No PoCs from references. #### Github - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +- https://github.com/RENANZG/My-Forensics - https://github.com/XLsn0w/Cydia - https://github.com/XLsn0w/Cydiapps - https://github.com/XLsn0w/TrollStore2 diff --git a/2023/CVE-2023-41992.md b/2023/CVE-2023-41992.md index 5e7e65717e..1e2a66cfe1 100644 --- a/2023/CVE-2023-41992.md +++ b/2023/CVE-2023-41992.md @@ -17,4 +17,5 @@ No PoCs from references. #### Github - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +- https://github.com/RENANZG/My-Forensics diff --git a/2023/CVE-2023-41993.md b/2023/CVE-2023-41993.md index c9daaed538..aba54e413f 100644 --- a/2023/CVE-2023-41993.md +++ b/2023/CVE-2023-41993.md @@ -19,6 +19,7 @@ No PoCs from references. - https://github.com/J3Ss0u/CVE-2023-41993 - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +- https://github.com/RENANZG/My-Forensics - https://github.com/ZonghaoLi777/githubTrending - https://github.com/aneasystone/github-trending - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2023/CVE-2023-4211.md b/2023/CVE-2023-4211.md index b5bff7fcac..bd49aebf55 100644 --- a/2023/CVE-2023-4211.md +++ b/2023/CVE-2023-4211.md @@ -22,5 +22,6 @@ No PoCs from references. - https://github.com/Moonshieldgru/Moonshieldgru - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +- https://github.com/RENANZG/My-Forensics - https://github.com/xairy/linux-kernel-exploitation diff --git a/2023/CVE-2023-42363.md b/2023/CVE-2023-42363.md new file mode 100644 index 0000000000..2e5569722d --- /dev/null +++ b/2023/CVE-2023-42363.md @@ -0,0 +1,17 @@ +### [CVE-2023-42363](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42363) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A use-after-free vulnerability was discovered in xasprintf function in xfuncs_printf.c:344 in BusyBox v.1.36.1. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/cdupuis/aspnetapp + diff --git a/2023/CVE-2023-42364.md b/2023/CVE-2023-42364.md new file mode 100644 index 0000000000..48f44b56e0 --- /dev/null +++ b/2023/CVE-2023-42364.md @@ -0,0 +1,17 @@ +### [CVE-2023-42364](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42364) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate function. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/cdupuis/aspnetapp + diff --git a/2023/CVE-2023-42365.md b/2023/CVE-2023-42365.md new file mode 100644 index 0000000000..bcec755a25 --- /dev/null +++ b/2023/CVE-2023-42365.md @@ -0,0 +1,17 @@ +### [CVE-2023-42365](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42365) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A use-after-free vulnerability was discovered in BusyBox v.1.36.1 via a crafted awk pattern in the awk.c copyvar function. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/cdupuis/aspnetapp + diff --git a/2023/CVE-2023-42366.md b/2023/CVE-2023-42366.md new file mode 100644 index 0000000000..8c8b1407f8 --- /dev/null +++ b/2023/CVE-2023-42366.md @@ -0,0 +1,17 @@ +### [CVE-2023-42366](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42366) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the next_token function at awk.c:1159. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/cdupuis/aspnetapp + diff --git a/2023/CVE-2023-42916.md b/2023/CVE-2023-42916.md index a01ac4d698..7051e6a539 100644 --- a/2023/CVE-2023-42916.md +++ b/2023/CVE-2023-42916.md @@ -18,4 +18,5 @@ No PoCs from references. #### Github - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +- https://github.com/RENANZG/My-Forensics diff --git a/2023/CVE-2023-42917.md b/2023/CVE-2023-42917.md index e9a596e580..4be349f6bf 100644 --- a/2023/CVE-2023-42917.md +++ b/2023/CVE-2023-42917.md @@ -18,4 +18,5 @@ No PoCs from references. #### Github - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +- https://github.com/RENANZG/My-Forensics diff --git a/2023/CVE-2023-43208.md b/2023/CVE-2023-43208.md index 163a7746f7..3775215efb 100644 --- a/2023/CVE-2023-43208.md +++ b/2023/CVE-2023-43208.md @@ -22,5 +22,7 @@ NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthent - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/nvn1729/advisories - https://github.com/tanjiti/sec_profile +- https://github.com/wjlin0/poc-doc - https://github.com/wy876/POC +- https://github.com/wy876/wiki diff --git a/2023/CVE-2023-43318.md b/2023/CVE-2023-43318.md index f9d6fbf9e7..f563d65ec6 100644 --- a/2023/CVE-2023-43318.md +++ b/2023/CVE-2023-43318.md @@ -10,7 +10,7 @@ TP-Link JetStream Smart Switch TL-SG2210P 5.0 Build 20211201 allows attackers to ### POC #### Reference -No PoCs from references. +- https://seclists.org/fulldisclosure/2024/Mar/9 #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2023/CVE-2023-46604.md b/2023/CVE-2023-46604.md index 430f291e9a..2dcb8322ea 100644 --- a/2023/CVE-2023-46604.md +++ b/2023/CVE-2023-46604.md @@ -12,6 +12,7 @@ The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. Th #### Reference - http://packetstormsecurity.com/files/175676/Apache-ActiveMQ-Unauthenticated-Remote-Code-Execution.html +- http://seclists.org/fulldisclosure/2024/Apr/18 - https://packetstormsecurity.com/files/175676/Apache-ActiveMQ-Unauthenticated-Remote-Code-Execution.html #### Github diff --git a/2023/CVE-2023-48022.md b/2023/CVE-2023-48022.md index 63b05e849a..c7133c2f24 100644 --- a/2023/CVE-2023-48022.md +++ b/2023/CVE-2023-48022.md @@ -10,7 +10,7 @@ ### POC #### Reference -No PoCs from references. +- https://www.vicarius.io/vsociety/posts/shadowray-cve-2023-48022-exploit #### Github - https://github.com/0x656565/CVE-2023-48022 diff --git a/2023/CVE-2023-49231.md b/2023/CVE-2023-49231.md index 6efbe4caff..fe2ea68f56 100644 --- a/2023/CVE-2023-49231.md +++ b/2023/CVE-2023-49231.md @@ -10,6 +10,7 @@ An authentication bypass vulnerability was found in Stilog Visual Planning 8. It ### POC #### Reference +- http://seclists.org/fulldisclosure/2024/Apr/1 - https://www.schutzwerk.com/advisories/SCHUTZWERK-SA-2023-003.txt - https://www.schutzwerk.com/blog/schutzwerk-sa-2023-003/ diff --git a/2023/CVE-2023-5217.md b/2023/CVE-2023-5217.md index 9b42304947..beb81394f6 100644 --- a/2023/CVE-2023-5217.md +++ b/2023/CVE-2023-5217.md @@ -19,6 +19,7 @@ No PoCs from references. - https://github.com/Keeper-Security/gitbook-release-notes - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +- https://github.com/RENANZG/My-Forensics - https://github.com/Threekiii/CVE - https://github.com/Trinadh465/platform_external_libvpx_v1.4.0_CVE-2023-5217 - https://github.com/Trinadh465/platform_external_libvpx_v1.8.0_CVE-2023-5217 diff --git a/2023/CVE-2023-5585.md b/2023/CVE-2023-5585.md new file mode 100644 index 0000000000..0458cca4b5 --- /dev/null +++ b/2023/CVE-2023-5585.md @@ -0,0 +1,17 @@ +### [CVE-2023-5585](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5585) +![](https://img.shields.io/static/v1?label=Product&message=Online%20Motorcycle%20Rental%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Cross%20Site%20Scripting&color=brighgreen) + +### Description + +A vulnerability was found in SourceCodester Online Motorcycle Rental System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/?page=bike of the component Bike List. The manipulation of the argument Model with the input "> leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-242170 is the identifier assigned to this vulnerability. + +### POC + +#### Reference +- https://vuldb.com/?id.242170 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-5729.md b/2023/CVE-2023-5729.md new file mode 100644 index 0000000000..b7c6bc3d9e --- /dev/null +++ b/2023/CVE-2023-5729.md @@ -0,0 +1,17 @@ +### [CVE-2023-5729](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5729) +![](https://img.shields.io/static/v1?label=Product&message=Firefox&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=unspecified%3C%20119%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Fullscreen%20notification%20dialog%20could%20have%20been%20obscured%20by%20WebAuthn%20prompts&color=brighgreen) + +### Description + +A malicious web site can enter fullscreen mode while simultaneously triggering a WebAuthn prompt. This could have obscured the fullscreen notification and could have been leveraged in a spoofing attack. This vulnerability affects Firefox < 119. + +### POC + +#### Reference +- https://bugzilla.mozilla.org/show_bug.cgi?id=1823720 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-5836.md b/2023/CVE-2023-5836.md new file mode 100644 index 0000000000..b0bdd98816 --- /dev/null +++ b/2023/CVE-2023-5836.md @@ -0,0 +1,17 @@ +### [CVE-2023-5836](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5836) +![](https://img.shields.io/static/v1?label=Product&message=Task%20Reminder%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability was found in SourceCodester Task Reminder System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file classes/Users.php?f=delete. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The identifier of this vulnerability is VDB-243800. + +### POC + +#### Reference +- https://vuldb.com/?id.243800 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-6702.md b/2023/CVE-2023-6702.md index fdb39bb078..ce8bfadffa 100644 --- a/2023/CVE-2023-6702.md +++ b/2023/CVE-2023-6702.md @@ -13,5 +13,6 @@ Type confusion in V8 in Google Chrome prior to 120.0.6099.109 allowed a remote a No PoCs from references. #### Github +- https://github.com/kaist-hacking/CVE-2023-6702 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2023/CVE-2023-6860.md b/2023/CVE-2023-6860.md index 1a9548b535..f32e38dd94 100644 --- a/2023/CVE-2023-6860.md +++ b/2023/CVE-2023-6860.md @@ -13,7 +13,7 @@ The `VideoBridge` allowed any content process to use textures produced by remote ### POC #### Reference -No PoCs from references. +- https://bugzilla.mozilla.org/show_bug.cgi?id=1854669 #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2023/CVE-2023-7024.md b/2023/CVE-2023-7024.md index bbb1c47775..62cc3e9012 100644 --- a/2023/CVE-2023-7024.md +++ b/2023/CVE-2023-7024.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/Ostorlab/KEV +- https://github.com/RENANZG/My-Forensics diff --git a/2023/CVE-2023-7261.md b/2023/CVE-2023-7261.md new file mode 100644 index 0000000000..4cc2fe4659 --- /dev/null +++ b/2023/CVE-2023-7261.md @@ -0,0 +1,17 @@ +### [CVE-2023-7261](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-7261) +![](https://img.shields.io/static/v1?label=Product&message=Omaha&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=1.3.36.271%3C%201.3.36.271%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Inappropriate%20implementation&color=brighgreen) + +### Description + +Inappropriate implementation in Google Updator prior to 1.3.36.351 in Google Chrome allowed a local attacker to perform privilege escalation via a malicious file. (Chromium security severity: High) + +### POC + +#### Reference +- https://issues.chromium.org/issues/40064602 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-0039.md b/2024/CVE-2024-0039.md index 33d2dbb865..cd3cf2da8f 100644 --- a/2024/CVE-2024-0039.md +++ b/2024/CVE-2024-0039.md @@ -13,5 +13,6 @@ In attp_build_value_cmd of att_protocol.cc, there is a possible out of bounds wr No PoCs from references. #### Github +- https://github.com/41yn14/CVE-2024-0039-Exploit - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2024/CVE-2024-0043.md b/2024/CVE-2024-0043.md new file mode 100644 index 0000000000..cfb4f2f6fd --- /dev/null +++ b/2024/CVE-2024-0043.md @@ -0,0 +1,17 @@ +### [CVE-2024-0043](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0043) +![](https://img.shields.io/static/v1?label=Product&message=Android&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%2014%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20privilege&color=brighgreen) + +### Description + +In multiple locations, there is a possible notification listener grant to an app running in the work profile due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/cisagov/vulnrichment + diff --git a/2024/CVE-2024-0235.md b/2024/CVE-2024-0235.md index 4846977658..32fe66957f 100644 --- a/2024/CVE-2024-0235.md +++ b/2024/CVE-2024-0235.md @@ -13,6 +13,7 @@ The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 - https://wpscan.com/vulnerability/e370b99a-f485-42bd-96a3-60432a15a4e9/ #### Github +- https://github.com/Cappricio-Securities/CVE-2024-0235 - https://github.com/fkie-cad/nvd-json-data-feeds - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2024/CVE-2024-0444.md b/2024/CVE-2024-0444.md new file mode 100644 index 0000000000..2c0161aa3b --- /dev/null +++ b/2024/CVE-2024-0444.md @@ -0,0 +1,17 @@ +### [CVE-2024-0444](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0444) +![](https://img.shields.io/static/v1?label=Product&message=GStreamer&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20ea6d602ccacee5f4bdf45b9f58eb0dc5320f3c07%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-121%3A%20Stack-based%20Buffer%20Overflow&color=brighgreen) + +### Description + +GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.The specific flaw exists within the parsing of tile list data within AV1-encoded video files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22873. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-0901.md b/2024/CVE-2024-0901.md index 5aacbd19f3..7c14527e47 100644 --- a/2024/CVE-2024-0901.md +++ b/2024/CVE-2024-0901.md @@ -13,6 +13,7 @@ Remotely executed SEGV and out of bounds read allows malicious packet sender to No PoCs from references. #### Github +- https://github.com/byan-2/wolfssl - https://github.com/lego-pirates/wolfssl - https://github.com/wolfSSL/Arduino-wolfSSL - https://github.com/wolfSSL/wolfssl diff --git a/2024/CVE-2024-1086.md b/2024/CVE-2024-1086.md index 736c9c419a..2bcfa599c3 100644 --- a/2024/CVE-2024-1086.md +++ b/2024/CVE-2024-1086.md @@ -26,6 +26,7 @@ A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables compon - https://github.com/Notselwyn/exploits - https://github.com/Notselwyn/notselwyn - https://github.com/Snoopy-Sec/Localroot-ALL-CVE +- https://github.com/TigerIsMyPet/KernelExploit - https://github.com/YgorAlberto/ygoralberto.github.io - https://github.com/Zombie-Kaiser/Zombie-Kaiser - https://github.com/aneasystone/github-trending @@ -40,10 +41,13 @@ A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables compon - https://github.com/giterlizzi/secdb-feeds - https://github.com/iakat/stars - https://github.com/jafshare/GithubTrending +- https://github.com/jetblk/Flipper-Zero-JavaScript - https://github.com/johe123qwe/github-trending +- https://github.com/kevcooper/CVE-2024-1086-checker - https://github.com/makoto56/penetration-suite-toolkit - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/phixion/phixion +- https://github.com/rootkalilocalhost/CVE-2024-1086 - https://github.com/seekerzz/MyRSSSync - https://github.com/tanjiti/sec_profile - https://github.com/uhub/awesome-c diff --git a/2024/CVE-2024-1208.md b/2024/CVE-2024-1208.md index 3d7398246c..c370e559b9 100644 --- a/2024/CVE-2024-1208.md +++ b/2024/CVE-2024-1208.md @@ -13,6 +13,7 @@ The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Ex No PoCs from references. #### Github +- https://github.com/Cappricio-Securities/CVE-2024-1208 - https://github.com/fkie-cad/nvd-json-data-feeds - https://github.com/karlemilnikka/CVE-2024-1208-and-CVE-2024-1210 - https://github.com/karlemilnikka/CVE-2024-1209 diff --git a/2024/CVE-2024-1212.md b/2024/CVE-2024-1212.md index 0f04029812..55c8adefa5 100644 --- a/2024/CVE-2024-1212.md +++ b/2024/CVE-2024-1212.md @@ -17,6 +17,7 @@ No PoCs from references. - https://github.com/Ostorlab/KEV - https://github.com/RhinoSecurityLabs/CVEs - https://github.com/XRSec/AWVS-Update +- https://github.com/YN1337/Kemp-LoadMaster- - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/tanjiti/sec_profile diff --git a/2024/CVE-2024-1234.md b/2024/CVE-2024-1234.md index 0c72ec6742..b149458dee 100644 --- a/2024/CVE-2024-1234.md +++ b/2024/CVE-2024-1234.md @@ -19,6 +19,7 @@ No PoCs from references. - https://github.com/West-wise/nuclei_template_generater - https://github.com/chinocchio/EthicalHacking - https://github.com/dumpnidadai/Ethical_Final +- https://github.com/mingyeongbae93/mingyeongbae93 - https://github.com/mncbndy/Final-Project---Ethical-Hacking-Report - https://github.com/nattino9/Ethical-Hacking-Finals-Project diff --git a/2024/CVE-2024-1252.md b/2024/CVE-2024-1252.md index ac1d1a25df..bd1e536fa5 100644 --- a/2024/CVE-2024-1252.md +++ b/2024/CVE-2024-1252.md @@ -10,6 +10,7 @@ A vulnerability classified as critical was found in Tongda OA 2017 up to 11.9. A ### POC #### Reference +- https://github.com/b51s77/cve/blob/main/sql.md - https://vuldb.com/?id.252991 #### Github diff --git a/2024/CVE-2024-1347.md b/2024/CVE-2024-1347.md new file mode 100644 index 0000000000..6e630975ca --- /dev/null +++ b/2024/CVE-2024-1347.md @@ -0,0 +1,17 @@ +### [CVE-2024-1347](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1347) +![](https://img.shields.io/static/v1?label=Product&message=GitLab&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=0.0%3C%2016.9.6%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-287%3A%20Improper%20Authentication&color=brighgreen) + +### Description + +An issue has been discovered in GitLab CE/EE affecting all versions before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1. Under certain conditions, an attacker through a crafted email address may be able to bypass domain based restrictions on an instance or a group. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/cisagov/vulnrichment + diff --git a/2024/CVE-2024-1694.md b/2024/CVE-2024-1694.md new file mode 100644 index 0000000000..f3d2004a87 --- /dev/null +++ b/2024/CVE-2024-1694.md @@ -0,0 +1,17 @@ +### [CVE-2024-1694](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1694) +![](https://img.shields.io/static/v1?label=Product&message=Omaha&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=1.3.36.351%3C%201.3.36.351%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Inappropriate%20implementation&color=brighgreen) + +### Description + +Inappropriate implementation in Google Updator prior to 1.3.36.351 in Google Chrome allowed a local attacker to bypass discretionary access control via a malicious file. (Chromium security severity: High) + +### POC + +#### Reference +- https://issues.chromium.org/issues/40946325 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-1708.md b/2024/CVE-2024-1708.md index f4f701400e..d295c8fc66 100644 --- a/2024/CVE-2024-1708.md +++ b/2024/CVE-2024-1708.md @@ -16,6 +16,7 @@ ConnectWise ScreenConnect 23.9.7 and prior are affected by path-traversal vulner - https://github.com/W01fh4cker/ScreenConnect-AuthBypass-RCE - https://github.com/cjybao/CVE-2024-1709-and-CVE-2024-1708 - https://github.com/fkie-cad/nvd-json-data-feeds +- https://github.com/netlas-io/netlas-dorks - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/tr1pl3ight/POCv2.0-for-CVE-2024-1709 - https://github.com/watchtowrlabs/connectwise-screenconnect_auth-bypass-add-user-poc diff --git a/2024/CVE-2024-1800.md b/2024/CVE-2024-1800.md index d7018aeb96..91991b62cb 100644 --- a/2024/CVE-2024-1800.md +++ b/2024/CVE-2024-1800.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/GhostTroops/TOP +- https://github.com/Harydhk7/CVE-2024-4358 - https://github.com/NaInSec/CVE-LIST - https://github.com/fkie-cad/nvd-json-data-feeds - https://github.com/sinsinology/CVE-2024-4358 diff --git a/2024/CVE-2024-20356.md b/2024/CVE-2024-20356.md index 59f7cef199..15062036f3 100644 --- a/2024/CVE-2024-20356.md +++ b/2024/CVE-2024-20356.md @@ -17,6 +17,7 @@ A vulnerability in the web-based management interface of Cisco Integrated Manage #### Github - https://github.com/SherllyNeo/CVE_2024_20356 - https://github.com/fkie-cad/nvd-json-data-feeds +- https://github.com/netlas-io/netlas-dorks - https://github.com/nettitude/CVE-2024-20356 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2024/CVE-2024-20767.md b/2024/CVE-2024-20767.md index a09f5ff63c..48cb89325d 100644 --- a/2024/CVE-2024-20767.md +++ b/2024/CVE-2024-20767.md @@ -21,6 +21,7 @@ No PoCs from references. - https://github.com/XRSec/AWVS-Update - https://github.com/huyqa/cve-2024-20767 - https://github.com/m-cetin/CVE-2024-20767 +- https://github.com/netlas-io/netlas-dorks - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/tanjiti/sec_profile - https://github.com/trganda/starrlist diff --git a/2024/CVE-2024-21006.md b/2024/CVE-2024-21006.md index 4130f42d96..8d87476267 100644 --- a/2024/CVE-2024-21006.md +++ b/2024/CVE-2024-21006.md @@ -14,6 +14,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware #### Github - https://github.com/momika233/CVE-2024-21006 +- https://github.com/netlas-io/netlas-dorks - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/tanjiti/sec_profile diff --git a/2024/CVE-2024-21111.md b/2024/CVE-2024-21111.md index db04865a7e..57d410095a 100644 --- a/2024/CVE-2024-21111.md +++ b/2024/CVE-2024-21111.md @@ -20,4 +20,5 @@ Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (comp - https://github.com/mansk1es/CVE-2024-21111 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/tanjiti/sec_profile +- https://github.com/x0rsys/CVE-2024-21111 diff --git a/2024/CVE-2024-21338.md b/2024/CVE-2024-21338.md index e790441b02..f3df628227 100644 --- a/2024/CVE-2024-21338.md +++ b/2024/CVE-2024-21338.md @@ -33,6 +33,7 @@ Windows Kernel Elevation of Privilege Vulnerability - https://github.com/GhostTroops/TOP - https://github.com/UMU618/CVE-2024-21338 - https://github.com/Zombie-Kaiser/CVE-2024-21338-x64-build- +- https://github.com/Zombie-Kaiser/Zombie-Kaiser - https://github.com/aneasystone/github-trending - https://github.com/crackmapEZec/CVE-2024-21338-POC - https://github.com/fireinrain/github-trending diff --git a/2024/CVE-2024-21410.md b/2024/CVE-2024-21410.md index 51086828b0..7785b5752a 100644 --- a/2024/CVE-2024-21410.md +++ b/2024/CVE-2024-21410.md @@ -20,6 +20,7 @@ No PoCs from references. - https://github.com/JohnBordon/CVE-2024-21410-poc - https://github.com/Ostorlab/KEV - https://github.com/fkie-cad/nvd-json-data-feeds +- https://github.com/netlas-io/netlas-dorks - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/tanjiti/sec_profile diff --git a/2024/CVE-2024-21512.md b/2024/CVE-2024-21512.md index dd91b5aa47..97a8005114 100644 --- a/2024/CVE-2024-21512.md +++ b/2024/CVE-2024-21512.md @@ -17,4 +17,5 @@ Versions of the package mysql2 before 3.9.8 are vulnerable to Prototype Pollutio #### Github - https://github.com/wy876/POC +- https://github.com/wy876/wiki diff --git a/2024/CVE-2024-21677.md b/2024/CVE-2024-21677.md index 75d6817034..33d2583ba9 100644 --- a/2024/CVE-2024-21677.md +++ b/2024/CVE-2024-21677.md @@ -14,5 +14,6 @@ No PoCs from references. #### Github - https://github.com/NaInSec/CVE-LIST +- https://github.com/netlas-io/netlas-dorks - https://github.com/tanjiti/sec_profile diff --git a/2024/CVE-2024-21683.md b/2024/CVE-2024-21683.md index 5173cdc1de..f6f70fb45b 100644 --- a/2024/CVE-2024-21683.md +++ b/2024/CVE-2024-21683.md @@ -31,5 +31,6 @@ No PoCs from references. - https://github.com/wjlin0/poc-doc - https://github.com/wy876/POC - https://github.com/wy876/wiki +- https://github.com/xh4vm/CVE-2024-21683 - https://github.com/zhaoxiaoha/github-trending diff --git a/2024/CVE-2024-22492.md b/2024/CVE-2024-22492.md index e8ada57c29..c68b131787 100644 --- a/2024/CVE-2024-22492.md +++ b/2024/CVE-2024-22492.md @@ -10,7 +10,7 @@ A stored XSS vulnerability exists in JFinalcms 5.0.0 via the /gusetbook/save con ### POC #### Reference -No PoCs from references. +- https://github.com/cui2shark/security/blob/main/(JFinalcms%20contact%20para)A%20stored%20cross-site%20scripting%20(XSS)%20vulnerability%20was%20discovered%20in%20Jfinalcms%20contact%20para.md #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-22891.md b/2024/CVE-2024-22891.md index f83986bc76..bcfe7c204d 100644 --- a/2024/CVE-2024-22891.md +++ b/2024/CVE-2024-22891.md @@ -13,5 +13,6 @@ Nteract v.0.28.0 was discovered to contain a remote code execution (RCE) vulnera - https://github.com/EQSTLab/PoC/tree/main/2024/RCE/CVE-2024-22891 #### Github +- https://github.com/CS-EVAL/CS-Eval - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-23052.md b/2024/CVE-2024-23052.md index 3c075ab370..4856dfd1f7 100644 --- a/2024/CVE-2024-23052.md +++ b/2024/CVE-2024-23052.md @@ -13,5 +13,6 @@ An issue in WuKongOpenSource WukongCRM v.72crm_9.0.1_20191202 allows a remote at - https://github.com/WuKongOpenSource/WukongCRM-9.0-JAVA/issues/28 #### Github -No PoCs found on GitHub currently. +- https://github.com/wy876/POC +- https://github.com/wy876/wiki diff --git a/2024/CVE-2024-23108.md b/2024/CVE-2024-23108.md index cad6f6ba0d..b73a4491af 100644 --- a/2024/CVE-2024-23108.md +++ b/2024/CVE-2024-23108.md @@ -14,5 +14,7 @@ No PoCs from references. #### Github - https://github.com/fkie-cad/nvd-json-data-feeds +- https://github.com/hitem/CVE-2024-23108 +- https://github.com/horizon3ai/CVE-2024-23108 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2024/CVE-2024-2333.md b/2024/CVE-2024-2333.md index e715ce586d..06e791b450 100644 --- a/2024/CVE-2024-2333.md +++ b/2024/CVE-2024-2333.md @@ -14,4 +14,5 @@ A vulnerability classified as critical has been found in CodeAstro Membership Ma #### Github - https://github.com/fkie-cad/nvd-json-data-feeds +- https://github.com/password123456/nvd-cve-database diff --git a/2024/CVE-2024-23334.md b/2024/CVE-2024-23334.md index ec2983146c..bca8d81329 100644 --- a/2024/CVE-2024-23334.md +++ b/2024/CVE-2024-23334.md @@ -18,6 +18,7 @@ aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. - https://github.com/ggPonchik/Tinkoff-CTF-2024-lohness - https://github.com/jhonnybonny/CVE-2024-23334 - https://github.com/marl-ot/DevSecOps-2024 +- https://github.com/netlas-io/netlas-dorks - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/ox1111/CVE-2024-23334 - https://github.com/sxyrxyy/aiohttp-exploit-CVE-2024-23334-certstream diff --git a/2024/CVE-2024-2389.md b/2024/CVE-2024-2389.md index 2399f07688..2ce9377b00 100644 --- a/2024/CVE-2024-2389.md +++ b/2024/CVE-2024-2389.md @@ -15,6 +15,7 @@ No PoCs from references. #### Github - https://github.com/Ostorlab/KEV - https://github.com/RhinoSecurityLabs/CVEs +- https://github.com/YN1337/exploit - https://github.com/adhikara13/CVE-2024-2389 - https://github.com/getdrive/PoC - https://github.com/mayur-esh/vuln-liners diff --git a/2024/CVE-2024-24060.md b/2024/CVE-2024-24060.md new file mode 100644 index 0000000000..f298f18a3e --- /dev/null +++ b/2024/CVE-2024-24060.md @@ -0,0 +1,17 @@ +### [CVE-2024-24060](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24060) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +springboot-manager v1.6 is vulnerable to Cross Site Scripting (XSS) via /sys/user. + +### POC + +#### Reference +- https://github.com/By-Yexing/Vulnerability_JAVA/blob/main/2024/springboot-manager.md#11-stored-cross-site-scripting-sysuser + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-24157.md b/2024/CVE-2024-24157.md new file mode 100644 index 0000000000..47253e7a84 --- /dev/null +++ b/2024/CVE-2024-24157.md @@ -0,0 +1,17 @@ +### [CVE-2024-24157](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24157) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Gnuboard g6 / https://github.com/gnuboard/g6 commit c2cc1f5069e00491ea48618d957332d90f6d40e4 is vulnerable to Cross Site Scripting (XSS) via board.py. + +### POC + +#### Reference +- https://github.com/gnuboard/g6/issues/314 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-24294.md b/2024/CVE-2024-24294.md new file mode 100644 index 0000000000..f5ff3d3e00 --- /dev/null +++ b/2024/CVE-2024-24294.md @@ -0,0 +1,17 @@ +### [CVE-2024-24294](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24294) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A Prototype Pollution issue in Blackprint @blackprint/engine v.0.9.0 allows an attacker to execute arbitrary code via the _utils.setDeepProperty function of engine.min.js. + +### POC + +#### Reference +- https://gist.github.com/mestrtee/d1eb6e1f7c6dd60d8838c3e56cab634d + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-24520.md b/2024/CVE-2024-24520.md index 954a3cd22c..473b3b1a7f 100644 --- a/2024/CVE-2024-24520.md +++ b/2024/CVE-2024-24520.md @@ -10,7 +10,7 @@ An issue in Lepton CMS v.7.0.0 allows a local attacker to execute arbitrary code ### POC #### Reference -No PoCs from references. +- https://packetstormsecurity.com/files/176647/Lepton-CMS-7.0.0-Remote-Code-Execution.html #### Github - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2024/CVE-2024-24919.md b/2024/CVE-2024-24919.md index f692295842..5fcc05f333 100644 --- a/2024/CVE-2024-24919.md +++ b/2024/CVE-2024-24919.md @@ -13,9 +13,56 @@ Potentially allowing an attacker to read certain information on Check Point Secu No PoCs from references. #### Github +- https://github.com/0nin0hanz0/CVE-2024-24919-PoC +- https://github.com/0x3f3c/CVE-2024-24919 +- https://github.com/0xans/CVE-2024-24919 +- https://github.com/3UR/CVE-2024-24919 +- https://github.com/B1naryo/CVE-2024-24919-POC +- https://github.com/Bytenull00/CVE-2024-24919 +- https://github.com/Cappricio-Securities/CVE-2024-24919 +- https://github.com/Expl0itD0g/CVE-2024-24919---Poc +- https://github.com/GlobalsecureAcademy/CVE-2024-24919 +- https://github.com/GoatSecurity/CVE-2024-24919 +- https://github.com/GuayoyoCyber/CVE-2024-24919 +- https://github.com/J4F9S5D2Q7/CVE-2024-24919 +- https://github.com/LucasKatashi/CVE-2024-24919 +- https://github.com/MohamedWagdy7/CVE-2024-24919 - https://github.com/Ostorlab/KEV +- https://github.com/Praison001/CVE-2024-24919-Check-Point-Remote-Access-VPN +- https://github.com/RevoltSecurities/CVE-2024-24919 +- https://github.com/Rug4lo/CVE-2024-24919-Exploit +- https://github.com/Tim-Hoekstra/CVE-2024-24919 +- https://github.com/Vulnpire/CVE-2024-24919 +- https://github.com/YN1337/CVE-2024-24919 +- https://github.com/am-eid/CVE-2024-24919 +- https://github.com/bigb0x/CVE-2024-24919-Sniper +- https://github.com/birdlex/cve-2024-24919-checker +- https://github.com/c3rrberu5/CVE-2024-24919 +- https://github.com/emanueldosreis/CVE-2024-24919 +- https://github.com/eoslvs/CVE-2024-24919 +- https://github.com/fernandobortotti/CVE-2024-24919 +- https://github.com/gurudattch/CVE-2024-24919 +- https://github.com/hendprw/CVE-2024-24919 +- https://github.com/ifconfig-me/CVE-2024-24919-Bulk-Scanner +- https://github.com/lirantal/cve-cvss-calculator +- https://github.com/mr-kasim-mehar/CVE-2024-24919-Exploit +- https://github.com/netlas-io/netlas-dorks +- https://github.com/nexblade12/CVE-2024-24919 - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/nullcult/CVE-2024-24919-Exploit - https://github.com/numencyber/Vulnerability_PoC +- https://github.com/pewc0/CVE-2024-24919 +- https://github.com/r4p3c4/CVE-2024-24919-Checkpoint-Firewall-VPN-Check +- https://github.com/r4p3c4/CVE-2024-24919-Exploit-PoC-Checkpoint-Firewall-VPN +- https://github.com/satriarizka/CVE-2024-24919 +- https://github.com/seed1337/CVE-2024-24919-POC +- https://github.com/sep2limited/CheckPoint_Query_Py +- https://github.com/smackerdodi/CVE-2024-24919-nuclei-templater +- https://github.com/starlox0/CVE-2024-24919-POC - https://github.com/tanjiti/sec_profile +- https://github.com/un9nplayer/CVE-2024-24919 +- https://github.com/wjlin0/poc-doc - https://github.com/wy876/POC +- https://github.com/wy876/wiki +- https://github.com/zam89/CVE-2024-24919 diff --git a/2024/CVE-2024-2546.md b/2024/CVE-2024-2546.md index bb41e00bfa..abfd66e09f 100644 --- a/2024/CVE-2024-2546.md +++ b/2024/CVE-2024-2546.md @@ -15,4 +15,5 @@ A vulnerability has been found in Tenda AC18 15.13.07.09 and classified as criti #### Github - https://github.com/NaInSec/CVE-LIST - https://github.com/fkie-cad/nvd-json-data-feeds +- https://github.com/helloyhrr/IoT_vulnerability diff --git a/2024/CVE-2024-25515.md b/2024/CVE-2024-25515.md new file mode 100644 index 0000000000..cfb54e7197 --- /dev/null +++ b/2024/CVE-2024-25515.md @@ -0,0 +1,17 @@ +### [CVE-2024-25515](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25515) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the sys_file_storage_id parameter at /WorkFlow/wf_work_finish_file_down.aspx. + +### POC + +#### Reference +- https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#wf_work_finish_file_downaspx + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-25522.md b/2024/CVE-2024-25522.md index dcb21944b2..75e15ff09c 100644 --- a/2024/CVE-2024-25522.md +++ b/2024/CVE-2024-25522.md @@ -13,5 +13,5 @@ RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerabilit - https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#wf_work_form_saveaspx #### Github -No PoCs found on GitHub currently. +- https://github.com/cisagov/vulnrichment diff --git a/2024/CVE-2024-25525.md b/2024/CVE-2024-25525.md new file mode 100644 index 0000000000..7a7663438b --- /dev/null +++ b/2024/CVE-2024-25525.md @@ -0,0 +1,17 @@ +### [CVE-2024-25525](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25525) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the filename parameter at /WorkFlow/OfficeFileDownload.aspx. + +### POC + +#### Reference +- https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#officefiledownloadaspx + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-25529.md b/2024/CVE-2024-25529.md index 13e957195e..32e6afe07d 100644 --- a/2024/CVE-2024-25529.md +++ b/2024/CVE-2024-25529.md @@ -10,7 +10,7 @@ RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerabilit ### POC #### Reference -No PoCs from references. +- https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#wf_office_file_history_showaspx #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-25532.md b/2024/CVE-2024-25532.md index 48617d10bc..b27fb10b33 100644 --- a/2024/CVE-2024-25532.md +++ b/2024/CVE-2024-25532.md @@ -10,7 +10,7 @@ RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerabilit ### POC #### Reference -No PoCs from references. +- https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#get_dictaspx #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-2559.md b/2024/CVE-2024-2559.md index cbc9befa12..dc847cb784 100644 --- a/2024/CVE-2024-2559.md +++ b/2024/CVE-2024-2559.md @@ -14,4 +14,5 @@ A vulnerability classified as problematic has been found in Tenda AC18 15.03.05. #### Github - https://github.com/NaInSec/CVE-LIST +- https://github.com/helloyhrr/IoT_vulnerability diff --git a/2024/CVE-2024-2560.md b/2024/CVE-2024-2560.md index 0c04b7751e..8ebc132d5a 100644 --- a/2024/CVE-2024-2560.md +++ b/2024/CVE-2024-2560.md @@ -14,4 +14,5 @@ A vulnerability classified as problematic was found in Tenda AC18 15.03.05.05. A #### Github - https://github.com/NaInSec/CVE-LIST +- https://github.com/helloyhrr/IoT_vulnerability diff --git a/2024/CVE-2024-25600.md b/2024/CVE-2024-25600.md index abc8b91ac9..85d8917df6 100644 --- a/2024/CVE-2024-25600.md +++ b/2024/CVE-2024-25600.md @@ -10,6 +10,8 @@ Improper Control of Generation of Code ('Code Injection') vulnerability in Codee ### POC #### Reference +- https://github.com/Chocapikk/CVE-2024-25600 +- https://github.com/K3ysTr0K3R/CVE-2024-25600-EXPLOIT - https://snicco.io/vulnerability-disclosure/bricks/unauthenticated-rce-in-bricks-1-9-6 #### Github @@ -22,6 +24,7 @@ Improper Control of Generation of Code ('Code Injection') vulnerability in Codee - https://github.com/RHYru9/CVE-2024-25600-mass - https://github.com/Threekiii/CVE - https://github.com/Tornad0007/CVE-2024-25600-Bricks-Builder-plugin-for-WordPress +- https://github.com/WanLiChangChengWanLiChang/CVE-2024-25600 - https://github.com/X-Projetion/WORDPRESS-CVE-2024-25600-EXPLOIT-RCE - https://github.com/ZonghaoLi777/githubTrending - https://github.com/aneasystone/github-trending @@ -29,6 +32,7 @@ Improper Control of Generation of Code ('Code Injection') vulnerability in Codee - https://github.com/gobysec/Goby - https://github.com/hy011121/CVE-2024-25600-wordpress-Exploit-RCE - https://github.com/johe123qwe/github-trending +- https://github.com/k3lpi3b4nsh33/CVE-2024-25600 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/sampsonv/github-trending diff --git a/2024/CVE-2024-25641.md b/2024/CVE-2024-25641.md index 39d1a019f5..625982570f 100644 --- a/2024/CVE-2024-25641.md +++ b/2024/CVE-2024-25641.md @@ -10,7 +10,7 @@ Cacti provides an operational monitoring and fault management framework. Prior t ### POC #### Reference -No PoCs from references. +- https://github.com/Cacti/cacti/security/advisories/GHSA-7cmj-g5qc-pj88 #### Github - https://github.com/tanjiti/sec_profile diff --git a/2024/CVE-2024-2581.md b/2024/CVE-2024-2581.md index 835b60eaa0..347110420d 100644 --- a/2024/CVE-2024-2581.md +++ b/2024/CVE-2024-2581.md @@ -15,4 +15,5 @@ A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. #### Github - https://github.com/NaInSec/CVE-LIST - https://github.com/fkie-cad/nvd-json-data-feeds +- https://github.com/helloyhrr/IoT_vulnerability diff --git a/2024/CVE-2024-26026.md b/2024/CVE-2024-26026.md index 7eda3f6856..27715328f1 100644 --- a/2024/CVE-2024-26026.md +++ b/2024/CVE-2024-26026.md @@ -15,6 +15,7 @@ No PoCs from references. #### Github - https://github.com/GRTMALDET/Big-IP-Next-CVE-2024-26026 - https://github.com/Threekiii/CVE +- https://github.com/netlas-io/netlas-dorks - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/passwa11/CVE-2024-26026 - https://github.com/wjlin0/poc-doc diff --git a/2024/CVE-2024-26304.md b/2024/CVE-2024-26304.md index 16536cc148..79a850fe2a 100644 --- a/2024/CVE-2024-26304.md +++ b/2024/CVE-2024-26304.md @@ -15,6 +15,7 @@ No PoCs from references. #### Github - https://github.com/Roud-Roud-Agency/CVE-2024-26304-RCE-exploits - https://github.com/fkie-cad/nvd-json-data-feeds +- https://github.com/netlas-io/netlas-dorks - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/wjlin0/poc-doc - https://github.com/wy876/POC diff --git a/2024/CVE-2024-26471.md b/2024/CVE-2024-26471.md index 9e8600f330..f420541a21 100644 --- a/2024/CVE-2024-26471.md +++ b/2024/CVE-2024-26471.md @@ -10,7 +10,7 @@ A reflected cross-site scripting (XSS) vulnerability in zhimengzhe iBarn v1.5 al ### POC #### Reference -No PoCs from references. +- https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2024-26471 #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-2704.md b/2024/CVE-2024-2704.md index a246b73b58..3dd7bca6e4 100644 --- a/2024/CVE-2024-2704.md +++ b/2024/CVE-2024-2704.md @@ -15,4 +15,5 @@ A vulnerability classified as critical was found in Tenda AC10U 15.03.06.49. Aff #### Github - https://github.com/NaInSec/CVE-LIST - https://github.com/fkie-cad/nvd-json-data-feeds +- https://github.com/helloyhrr/IoT_vulnerability diff --git a/2024/CVE-2024-27130.md b/2024/CVE-2024-27130.md index cb079dbc1b..266e771837 100644 --- a/2024/CVE-2024-27130.md +++ b/2024/CVE-2024-27130.md @@ -22,4 +22,5 @@ No PoCs from references. - https://github.com/wjlin0/poc-doc - https://github.com/wy876/POC - https://github.com/wy876/wiki +- https://github.com/zgimszhd61/openai-sec-test-cve-quickstart diff --git a/2024/CVE-2024-27198.md b/2024/CVE-2024-27198.md index 2e4d68c702..eb2377cd25 100644 --- a/2024/CVE-2024-27198.md +++ b/2024/CVE-2024-27198.md @@ -36,6 +36,7 @@ No PoCs from references. - https://github.com/juev/links - https://github.com/labesterOct/CVE-2024-27198 - https://github.com/marl-ot/DevSecOps-2024 +- https://github.com/netlas-io/netlas-dorks - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/passwa11/CVE-2024-27198-RCE - https://github.com/rampantspark/CVE-2024-27198 diff --git a/2024/CVE-2024-27348.md b/2024/CVE-2024-27348.md index df061a569d..b19ac9d700 100644 --- a/2024/CVE-2024-27348.md +++ b/2024/CVE-2024-27348.md @@ -14,6 +14,10 @@ No PoCs from references. #### Github - https://github.com/Ostorlab/KEV +- https://github.com/Zeyad-Azima/CVE-2024-27348 - https://github.com/fkie-cad/nvd-json-data-feeds +- https://github.com/kljunowsky/CVE-2024-27348 - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/wy876/POC +- https://github.com/wy876/wiki diff --git a/2024/CVE-2024-27622.md b/2024/CVE-2024-27622.md index b455be27dc..e6b63308fb 100644 --- a/2024/CVE-2024-27622.md +++ b/2024/CVE-2024-27622.md @@ -10,7 +10,7 @@ A remote code execution vulnerability has been identified in the User Defined Ta ### POC #### Reference -No PoCs from references. +- https://packetstormsecurity.com/files/177241/CMS-Made-Simple-2.2.19-Remote-Code-Execution.html #### Github - https://github.com/capture0x/My-CVE diff --git a/2024/CVE-2024-27804.md b/2024/CVE-2024-27804.md index 852f397948..762fdf1b71 100644 --- a/2024/CVE-2024-27804.md +++ b/2024/CVE-2024-27804.md @@ -20,5 +20,6 @@ No PoCs from references. #### Github - https://github.com/GhostTroops/TOP - https://github.com/R00tkitSMM/CVE-2024-27804 +- https://github.com/SnoopyTools/Rootkit-cve2024 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2024/CVE-2024-27931.md b/2024/CVE-2024-27931.md new file mode 100644 index 0000000000..87b99c5455 --- /dev/null +++ b/2024/CVE-2024-27931.md @@ -0,0 +1,17 @@ +### [CVE-2024-27931](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27931) +![](https://img.shields.io/static/v1?label=Product&message=deno&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%201.41.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%3A%20Improper%20Input%20Validation&color=brighgreen) + +### Description + +Deno is a JavaScript, TypeScript, and WebAssembly runtime with secure defaults. Insufficient validation of parameters in `Deno.makeTemp*` APIs would allow for creation of files outside of the allowed directories. This may allow the user to overwrite important files on the system that may affect other systems. A user may provide a prefix or suffix to a `Deno.makeTemp*` API containing path traversal characters. This is fixed in Deno 1.41.1. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/KTH-LangSec/server-side-prototype-pollution + diff --git a/2024/CVE-2024-27956.md b/2024/CVE-2024-27956.md index ef19c2b912..15e1cd85b0 100644 --- a/2024/CVE-2024-27956.md +++ b/2024/CVE-2024-27956.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/AiGptCode/WordPress-Auto-Admin-Account-and-Reverse-Shell-cve-2024-27956 +- https://github.com/Cappricio-Securities/CVE-2024-27956 - https://github.com/FoxyProxys/CVE-2024-27956 - https://github.com/NaInSec/CVE-LIST - https://github.com/Ostorlab/KEV diff --git a/2024/CVE-2024-28219.md b/2024/CVE-2024-28219.md new file mode 100644 index 0000000000..5a4532de49 --- /dev/null +++ b/2024/CVE-2024-28219.md @@ -0,0 +1,18 @@ +### [CVE-2024-28219](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28219) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/egilewski/29381 +- https://github.com/egilewski/29381-1 + diff --git a/2024/CVE-2024-28255.md b/2024/CVE-2024-28255.md index 8a0aba2c4c..f7ca6cc1ef 100644 --- a/2024/CVE-2024-28255.md +++ b/2024/CVE-2024-28255.md @@ -17,6 +17,7 @@ OpenMetadata is a unified platform for discovery, observability, and governance - https://github.com/Ostorlab/KEV - https://github.com/XRSec/AWVS-Update - https://github.com/YongYe-Security/CVE-2024-28255 +- https://github.com/jakabakos/OpenMetadata-Auth-bypass - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/tanjiti/sec_profile - https://github.com/wjlin0/poc-doc diff --git a/2024/CVE-2024-2853.md b/2024/CVE-2024-2853.md index e2e061c3ea..bb432e1beb 100644 --- a/2024/CVE-2024-2853.md +++ b/2024/CVE-2024-2853.md @@ -15,4 +15,5 @@ A vulnerability was found in Tenda AC10U 15.03.06.48/15.03.06.49. It has been ra #### Github - https://github.com/NaInSec/CVE-LIST - https://github.com/fkie-cad/nvd-json-data-feeds +- https://github.com/helloyhrr/IoT_vulnerability diff --git a/2024/CVE-2024-2854.md b/2024/CVE-2024-2854.md index 0a1a6e872c..a8eec2e55a 100644 --- a/2024/CVE-2024-2854.md +++ b/2024/CVE-2024-2854.md @@ -15,4 +15,5 @@ A vulnerability classified as critical has been found in Tenda AC18 15.03.05.05. #### Github - https://github.com/NaInSec/CVE-LIST - https://github.com/fkie-cad/nvd-json-data-feeds +- https://github.com/helloyhrr/IoT_vulnerability diff --git a/2024/CVE-2024-28547.md b/2024/CVE-2024-28547.md index 0b3d9a6fbe..4cdeff3b10 100644 --- a/2024/CVE-2024-28547.md +++ b/2024/CVE-2024-28547.md @@ -15,4 +15,5 @@ Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the firewallEn par #### Github - https://github.com/NaInSec/CVE-LIST - https://github.com/fkie-cad/nvd-json-data-feeds +- https://github.com/helloyhrr/IoT_vulnerability diff --git a/2024/CVE-2024-2879.md b/2024/CVE-2024-2879.md index 97518740ad..3550555b20 100644 --- a/2024/CVE-2024-2879.md +++ b/2024/CVE-2024-2879.md @@ -17,6 +17,7 @@ No PoCs from references. - https://github.com/Ostorlab/KEV - https://github.com/RansomGroupCVE/CVE-2024-22328-POC - https://github.com/herculeszxc/CVE-2024-2879 +- https://github.com/netlas-io/netlas-dorks - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/wjlin0/poc-doc - https://github.com/wy876/POC diff --git a/2024/CVE-2024-2891.md b/2024/CVE-2024-2891.md index 90ab4b2627..1726556755 100644 --- a/2024/CVE-2024-2891.md +++ b/2024/CVE-2024-2891.md @@ -14,4 +14,5 @@ A vulnerability, which was classified as critical, was found in Tenda AC7 15.03. #### Github - https://github.com/fkie-cad/nvd-json-data-feeds +- https://github.com/helloyhrr/IoT_vulnerability diff --git a/2024/CVE-2024-2905.md b/2024/CVE-2024-2905.md new file mode 100644 index 0000000000..4c59052416 --- /dev/null +++ b/2024/CVE-2024-2905.md @@ -0,0 +1,20 @@ +### [CVE-2024-2905](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2905) +![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%208&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%209&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%209.2%20Extended%20Update%20Support&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20OpenShift%20Container%20Platform%204&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Incorrect%20Permission%20Assignment%20for%20Critical%20Resource&color=brighgreen) + +### Description + +A security vulnerability has been discovered within rpm-ostree, pertaining to the /etc/shadow file in default builds having the world-readable bit enabled. This issue arises from the default permissions being set at a higher level than recommended, potentially exposing sensitive authentication data to unauthorized access. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/cisagov/vulnrichment + diff --git a/2024/CVE-2024-29269.md b/2024/CVE-2024-29269.md index bb7fc3b608..a805e6d549 100644 --- a/2024/CVE-2024-29269.md +++ b/2024/CVE-2024-29269.md @@ -22,4 +22,5 @@ No PoCs from references. - https://github.com/wutalent/CVE-2024-29269 - https://github.com/wy876/POC - https://github.com/wy876/wiki +- https://github.com/zgimszhd61/openai-sec-test-cve-quickstart diff --git a/2024/CVE-2024-29415.md b/2024/CVE-2024-29415.md index 5d64b541bd..a89e66437d 100644 --- a/2024/CVE-2024-29415.md +++ b/2024/CVE-2024-29415.md @@ -10,7 +10,7 @@ The ip package through 2.0.1 for Node.js might allow SSRF because some IP addres ### POC #### Reference -No PoCs from references. +- https://github.com/indutny/node-ip/issues/150 #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-2961.md b/2024/CVE-2024-2961.md index 79d1d167e4..2c60774044 100644 --- a/2024/CVE-2024-2961.md +++ b/2024/CVE-2024-2961.md @@ -16,10 +16,13 @@ No PoCs from references. - https://github.com/EGI-Federation/SVG-advisories - https://github.com/Threekiii/Awesome-POC - https://github.com/ZonghaoLi777/githubTrending +- https://github.com/absolutedesignltd/iconvfix - https://github.com/ambionics/cnext-exploits - https://github.com/aneasystone/github-trending - https://github.com/bollwarm/SecToolSet +- https://github.com/exfil0/test_iconv - https://github.com/johe123qwe/github-trending +- https://github.com/kjdfklha/CVE-2024-2961_poc - https://github.com/mattaperkins/FIX-CVE-2024-2961 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/rvizx/CVE-2024-2961 @@ -27,6 +30,7 @@ No PoCs from references. - https://github.com/tanjiti/sec_profile - https://github.com/tarlepp/links-of-the-week - https://github.com/testing-felickz/docker-scout-demo +- https://github.com/tnishiox/cve-2024-2961 - https://github.com/wjlin0/wjlin0 - https://github.com/zhaoxiaoha/github-trending diff --git a/2024/CVE-2024-29857.md b/2024/CVE-2024-29857.md new file mode 100644 index 0000000000..b8abac8fb5 --- /dev/null +++ b/2024/CVE-2024-29857.md @@ -0,0 +1,17 @@ +### [CVE-2024-29857](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29857) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java) before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C# .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/cdupuis/aspnetapp + diff --git a/2024/CVE-2024-29895.md b/2024/CVE-2024-29895.md index dfbf90e615..b1361652e8 100644 --- a/2024/CVE-2024-29895.md +++ b/2024/CVE-2024-29895.md @@ -16,6 +16,7 @@ Cacti provides an operational monitoring and fault management framework. A comma - https://github.com/Ostorlab/KEV - https://github.com/Rubioo02/CVE-2024-29895 - https://github.com/Stuub/CVE-2024-29895-CactiRCE-PoC +- https://github.com/netlas-io/netlas-dorks - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/secunnix/CVE-2024-29895 - https://github.com/ticofookfook/CVE-2024-29895.py diff --git a/2024/CVE-2024-30043.md b/2024/CVE-2024-30043.md index eb7921f65b..a7a1de2477 100644 --- a/2024/CVE-2024-30043.md +++ b/2024/CVE-2024-30043.md @@ -17,6 +17,7 @@ Microsoft SharePoint Server Information Disclosure Vulnerability No PoCs from references. #### Github +- https://github.com/W01fh4cker/CVE-2024-30043-XXE - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/tanjiti/sec_profile diff --git a/2024/CVE-2024-30163.md b/2024/CVE-2024-30163.md new file mode 100644 index 0000000000..5b3e9dbab4 --- /dev/null +++ b/2024/CVE-2024-30163.md @@ -0,0 +1,17 @@ +### [CVE-2024-30163](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30163) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Invision Community before 4.7.16 allow SQL injection via the applications/nexus/modules/front/store/store.php IPS\nexus\modules\front\store\_store::_categoryView() method, where user input passed through the filter request parameter is not properly sanitized before being used to execute SQL queries. This can be exploited by unauthenticated attackers to carry out Blind SQL Injection attacks. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/1Softworks/IPS-SQL-Injection + diff --git a/2024/CVE-2024-30171.md b/2024/CVE-2024-30171.md new file mode 100644 index 0000000000..56b2a42403 --- /dev/null +++ b/2024/CVE-2024-30171.md @@ -0,0 +1,17 @@ +### [CVE-2024-30171](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30171) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/cdupuis/aspnetapp + diff --git a/2024/CVE-2024-30172.md b/2024/CVE-2024-30172.md new file mode 100644 index 0000000000..184d9ac9f4 --- /dev/null +++ b/2024/CVE-2024-30172.md @@ -0,0 +1,17 @@ +### [CVE-2024-30172](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30172) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in Bouncy Castle Java Cryptography APIs before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/cdupuis/aspnetapp + diff --git a/2024/CVE-2024-30268.md b/2024/CVE-2024-30268.md new file mode 100644 index 0000000000..d0b91c907b --- /dev/null +++ b/2024/CVE-2024-30268.md @@ -0,0 +1,17 @@ +### [CVE-2024-30268](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30268) +![](https://img.shields.io/static/v1?label=Product&message=cacti&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3D%201.3.x%20DEV%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%3A%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen) + +### Description + +Cacti provides an operational monitoring and fault management framework. A reflected cross-site scripting vulnerability on the 1.3.x DEV branch allows attackers to obtain cookies of administrator and other users and fake their login using obtained cookies. This issue is fixed in commit a38b9046e9772612fda847b46308f9391a49891e. + +### POC + +#### Reference +- https://github.com/Cacti/cacti/security/advisories/GHSA-9m3v-whmr-pc2q + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-30645.md b/2024/CVE-2024-30645.md index 1aed692e4b..3bfd5cc1f1 100644 --- a/2024/CVE-2024-30645.md +++ b/2024/CVE-2024-30645.md @@ -14,4 +14,5 @@ Tenda AC15V1.0 V15.03.20_multi has a command injection vulnerability via the dev #### Github - https://github.com/fkie-cad/nvd-json-data-feeds +- https://github.com/helloyhrr/IoT_vulnerability diff --git a/2024/CVE-2024-30840.md b/2024/CVE-2024-30840.md index dca27463ae..7f9a3be752 100644 --- a/2024/CVE-2024-30840.md +++ b/2024/CVE-2024-30840.md @@ -13,5 +13,5 @@ A Stack Overflow vulnerability in Tenda AC15 v15.03.05.18 allows attackers to ca - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC15/V15.03.05.18/fromDhcpListClient_list1.md #### Github -No PoCs found on GitHub currently. +- https://github.com/helloyhrr/IoT_vulnerability diff --git a/2024/CVE-2024-30849.md b/2024/CVE-2024-30849.md new file mode 100644 index 0000000000..1149493929 --- /dev/null +++ b/2024/CVE-2024-30849.md @@ -0,0 +1,17 @@ +### [CVE-2024-30849](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30849) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Arbitrary file upload vulnerability in Sourcecodester Complete E-Commerce Site v1.0, allows remote attackers to execute arbitrary code via filename parameter in admin/products_photo.php. + +### POC + +#### Reference +- https://github.com/wkeyi0x1/vul-report/issues/3 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-30889.md b/2024/CVE-2024-30889.md new file mode 100644 index 0000000000..7f6c317a63 --- /dev/null +++ b/2024/CVE-2024-30889.md @@ -0,0 +1,17 @@ +### [CVE-2024-30889](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30889) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Cross Site Scripting vulnerability in audimex audimexEE v.15.1.2 and fixed in 15.1.3.9 allows a remote attacker to execute arbitrary code via the service, method, widget_type, request_id, payload parameters. + +### POC + +#### Reference +- https://github.com/robymontyz/pocs/blob/main/AudimexEE/ReflectedXSS.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-3094.md b/2024/CVE-2024-3094.md index 443e2fea7e..395d644c59 100644 --- a/2024/CVE-2024-3094.md +++ b/2024/CVE-2024-3094.md @@ -28,6 +28,7 @@ Malicious code was discovered in the upstream tarballs of xz, starting with vers - https://github.com/CyberGuard-Foundation/CVE-2024-3094 - https://github.com/EGI-Federation/SVG-advisories - https://github.com/FabioBaroni/CVE-2024-3094-checker +- https://github.com/Fatal016/xz_lab - https://github.com/Fractal-Tess/CVE-2024-3094 - https://github.com/Getshell/xzDoor - https://github.com/GhostTroops/TOP @@ -77,6 +78,7 @@ Malicious code was discovered in the upstream tarballs of xz, starting with vers - https://github.com/dah4k/CVE-2024-3094 - https://github.com/devjanger/CVE-2024-3094-XZ-Backdoor-Detector - https://github.com/donmccaughey/xz_pkg +- https://github.com/dparksports/detect_intrusion - https://github.com/drdry2/CVE-2024-3094-EXPLOIT - https://github.com/duytruongpham/duytruongpham - https://github.com/emirkmo/xz-backdoor-github diff --git a/2024/CVE-2024-31136.md b/2024/CVE-2024-31136.md index a4eb307b18..93f9cf9e5e 100644 --- a/2024/CVE-2024-31136.md +++ b/2024/CVE-2024-31136.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/fkie-cad/nvd-json-data-feeds +- https://github.com/netlas-io/netlas-dorks diff --git a/2024/CVE-2024-32002.md b/2024/CVE-2024-32002.md index e7d4ef2736..33f8740051 100644 --- a/2024/CVE-2024-32002.md +++ b/2024/CVE-2024-32002.md @@ -22,6 +22,10 @@ No PoCs from references. - https://github.com/10cks/CVE-2024-32002-submod - https://github.com/10cks/hook - https://github.com/1mxml/CVE-2024-32002-poc +- https://github.com/431m/rcetest +- https://github.com/AD-Appledog/CVE-2024-32002 +- https://github.com/AD-Appledog/wakuwaku +- https://github.com/Basyaact/CVE-2024-32002-PoC_Chinese - https://github.com/CrackerCat/CVE-2024-32002_EXP - https://github.com/GhostTroops/TOP - https://github.com/Goplush/CVE-2024-32002-git-rce @@ -37,8 +41,12 @@ No PoCs from references. - https://github.com/WOOOOONG/hook - https://github.com/WOOOOONG/submod - https://github.com/YuanlooSec/CVE-2024-32002-poc +- https://github.com/Zhang-Yiiliin/test_cve_2024_32002 +- https://github.com/Zombie-Kaiser/Zombie-Kaiser - https://github.com/aitorcastel/poc_CVE-2024-32002 - https://github.com/aitorcastel/poc_CVE-2024-32002_submodule +- https://github.com/ak-phyo/gitrce_poc +- https://github.com/alimuhammedkose/CVE-2024-32002-linux-smash - https://github.com/amalmurali47/demo_git_rce - https://github.com/amalmurali47/demo_hook - https://github.com/amalmurali47/git_rce @@ -47,6 +55,9 @@ No PoCs from references. - https://github.com/bfengj/CVE-2024-32002-Exploit - https://github.com/bfengj/CVE-2024-32002-hook - https://github.com/bfengj/Security-Paper-Learing +- https://github.com/coffeescholar/ReplaceAllGit +- https://github.com/cojoben/git_rce +- https://github.com/dzx825/32002 - https://github.com/fadhilthomas/hook - https://github.com/fadhilthomas/poc-cve-2024-32002 - https://github.com/jafshare/GithubTrending @@ -66,6 +77,8 @@ No PoCs from references. - https://github.com/seekerzz/MyRSSSync - https://github.com/tanjiti/sec_profile - https://github.com/testing-felickz/docker-scout-demo +- https://github.com/tobelight/cve_2024_32002 +- https://github.com/tobelight/cve_2024_32002_hook - https://github.com/vincepsh/CVE-2024-32002 - https://github.com/vincepsh/CVE-2024-32002-hook - https://github.com/wjlin0/poc-doc @@ -73,5 +86,6 @@ No PoCs from references. - https://github.com/wy876/wiki - https://github.com/ycdxsb/CVE-2024-32002-hulk - https://github.com/ycdxsb/CVE-2024-32002-submod +- https://github.com/zgimszhd61/openai-sec-test-cve-quickstart - https://github.com/zhaoxiaoha/github-trending diff --git a/2024/CVE-2024-32020.md b/2024/CVE-2024-32020.md index 875dd36425..98d8108a6c 100644 --- a/2024/CVE-2024-32020.md +++ b/2024/CVE-2024-32020.md @@ -10,7 +10,7 @@ Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42 ### POC #### Reference -No PoCs from references. +- https://github.com/git/git/security/advisories/GHSA-5rfh-556j-fhgj #### Github - https://github.com/testing-felickz/docker-scout-demo diff --git a/2024/CVE-2024-32113.md b/2024/CVE-2024-32113.md index cf9175cf9c..2abd76d02b 100644 --- a/2024/CVE-2024-32113.md +++ b/2024/CVE-2024-32113.md @@ -13,6 +13,7 @@ Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') v No PoCs from references. #### Github +- https://github.com/Mr-xn/CVE-2024-32113 - https://github.com/Ostorlab/KEV - https://github.com/Threekiii/CVE - https://github.com/absholi7ly/Apache-OFBiz-Directory-Traversal-exploit diff --git a/2024/CVE-2024-32315.md b/2024/CVE-2024-32315.md new file mode 100644 index 0000000000..b7abc7ca86 --- /dev/null +++ b/2024/CVE-2024-32315.md @@ -0,0 +1,17 @@ +### [CVE-2024-32315](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32315) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Tenda FH1202 v1.2.0.14(408) firmware has a stack overflow vulnerability via the adslPwd parameter in the formWanParameterSetting function. + +### POC + +#### Reference +- https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1202/formWanParameterSetting.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-32320.md b/2024/CVE-2024-32320.md index 186c972ce7..535c0d9e93 100644 --- a/2024/CVE-2024-32320.md +++ b/2024/CVE-2024-32320.md @@ -13,5 +13,5 @@ Tenda AC500 V2.0.1.9(1307) firmware has a stack overflow vulnerability via the t - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC500/formSetTimeZone.md #### Github -No PoCs found on GitHub currently. +- https://github.com/helloyhrr/IoT_vulnerability diff --git a/2024/CVE-2024-32369.md b/2024/CVE-2024-32369.md index 7817cd48e2..b597784578 100644 --- a/2024/CVE-2024-32369.md +++ b/2024/CVE-2024-32369.md @@ -10,7 +10,7 @@ SQL Injection vulnerability in HSC Cybersecurity HC Mailinspector 5.2.17-3 throu ### POC #### Reference -No PoCs from references. +- https://github.com/chucrutis/CVE-2024-32369 #### Github - https://github.com/chucrutis/CVE-2024-32369 diff --git a/2024/CVE-2024-32647.md b/2024/CVE-2024-32647.md new file mode 100644 index 0000000000..21d2f76713 --- /dev/null +++ b/2024/CVE-2024-32647.md @@ -0,0 +1,17 @@ +### [CVE-2024-32647](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32647) +![](https://img.shields.io/static/v1?label=Product&message=vyper&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%3D%200.3.10%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-95%3A%20Improper%20Neutralization%20of%20Directives%20in%20Dynamically%20Evaluated%20Code%20('Eval%20Injection')&color=brighgreen) + +### Description + +Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, using the `create_from_blueprint` builtin can result in a double eval vulnerability when `raw_args=True` and the `args` argument has side-effects. It can be seen that the `_build_create_IR` function of the `create_from_blueprint` builtin doesn't cache the mentioned `args` argument to the stack. As such, it can be evaluated multiple times (instead of retrieving the value from the stack). No vulnerable production contracts were found. Additionally, double evaluation of side-effects should be easily discoverable in client tests. As such, the impact is low. As of time of publication, no fixed versions exist. + +### POC + +#### Reference +- https://github.com/vyperlang/vyper/security/advisories/GHSA-3whq-64q2-qfj6 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-32651.md b/2024/CVE-2024-32651.md index 9933642e6a..29cb7185a7 100644 --- a/2024/CVE-2024-32651.md +++ b/2024/CVE-2024-32651.md @@ -10,6 +10,7 @@ changedetection.io is an open source web page change detection, website watcher, ### POC #### Reference +- https://blog.hacktivesecurity.com/index.php/2024/05/08/cve-2024-32651-server-side-template-injection-changedetection-io/ - https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-4r7v-whpg-8rx3 #### Github diff --git a/2024/CVE-2024-32652.md b/2024/CVE-2024-32652.md new file mode 100644 index 0000000000..f44426df27 --- /dev/null +++ b/2024/CVE-2024-32652.md @@ -0,0 +1,17 @@ +### [CVE-2024-32652](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32652) +![](https://img.shields.io/static/v1?label=Product&message=node-server&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3E%3D%201.3.0%2C%20%3C%201.10.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-755%3A%20Improper%20Handling%20of%20Exceptional%20Conditions&color=brighgreen) + +### Description + +The adapter @hono/node-server allows you to run your Hono application on Node.js. Prior to 1.10.1, the application hangs when receiving a Host header with a value that `@hono/node-server` can't handle well. Invalid values are those that cannot be parsed by the `URL` as a hostname such as an empty string, slashes `/`, and other strings. The version 1.10.1 includes the fix for this issue. + +### POC + +#### Reference +- https://github.com/honojs/node-server/issues/159 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-32655.md b/2024/CVE-2024-32655.md new file mode 100644 index 0000000000..70dd496e5c --- /dev/null +++ b/2024/CVE-2024-32655.md @@ -0,0 +1,18 @@ +### [CVE-2024-32655](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32655) +![](https://img.shields.io/static/v1?label=Product&message=npgsql&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3E%3D%204.0.0%2C%20%3C%204.0.14%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-190%3A%20Integer%20Overflow%20or%20Wraparound&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%3A%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20SQL%20Command%20('SQL%20Injection')&color=brighgreen) + +### Description + +Npgsql is the .NET data provider for PostgreSQL. The `WriteBind()` method in `src/Npgsql/Internal/NpgsqlConnector.FrontendMessages.cs` uses `int` variables to store the message length and the sum of parameter lengths. Both variables overflow when the sum of parameter lengths becomes too large. This causes Npgsql to write a message size that is too small when constructing a Postgres protocol message to send it over the network to the database. When parsing the message, the database will only read a small number of bytes and treat any following bytes as new messages while they belong to the old message. Attackers can abuse this to inject arbitrary Postgres protocol messages into the connection, leading to the execution of arbitrary SQL statements on the application's behalf. This vulnerability is fixed in 4.0.14, 4.1.13, 5.0.18, 6.0.11, 7.0.7, and 8.0.3. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/cdupuis/aspnetapp + diff --git a/2024/CVE-2024-3272.md b/2024/CVE-2024-3272.md index 8a98fbc6f0..8dad66738c 100644 --- a/2024/CVE-2024-3272.md +++ b/2024/CVE-2024-3272.md @@ -17,6 +17,7 @@ No PoCs from references. #### Github - https://github.com/OIivr/Turvan6rkus-CVE-2024-3273 +- https://github.com/WanLiChangChengWanLiChang/WanLiChangChengWanLiChang - https://github.com/aliask/dinkleberry - https://github.com/fkie-cad/nvd-json-data-feeds - https://github.com/nickswink/D-Link-NAS-Devices-Unauthenticated-RCE diff --git a/2024/CVE-2024-3273.md b/2024/CVE-2024-3273.md index c38b349116..943d790a26 100644 --- a/2024/CVE-2024-3273.md +++ b/2024/CVE-2024-3273.md @@ -23,9 +23,11 @@ No PoCs from references. - https://github.com/OIivr/Turvan6rkus-CVE-2024-3273 - https://github.com/Ostorlab/KEV - https://github.com/ThatNotEasy/CVE-2024-3273 +- https://github.com/WanLiChangChengWanLiChang/WanLiChangChengWanLiChang - https://github.com/adhikara13/CVE-2024-3273 - https://github.com/fkie-cad/nvd-json-data-feeds - https://github.com/mrrobot0o/CVE-2024-3273- +- https://github.com/netlas-io/netlas-dorks - https://github.com/nickswink/D-Link-NAS-Devices-Unauthenticated-RCE - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/tanjiti/sec_profile diff --git a/2024/CVE-2024-32886.md b/2024/CVE-2024-32886.md index 948a2cf10f..83d115df0b 100644 --- a/2024/CVE-2024-32886.md +++ b/2024/CVE-2024-32886.md @@ -10,7 +10,7 @@ Vitess is a database clustering system for horizontal scaling of MySQL. When exe ### POC #### Reference -No PoCs from references. +- https://github.com/vitessio/vitess/security/advisories/GHSA-649x-hxfx-57j2 #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-32888.md b/2024/CVE-2024-32888.md index 012d88a1e9..d5fe0c6bbe 100644 --- a/2024/CVE-2024-32888.md +++ b/2024/CVE-2024-32888.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/fkie-cad/nvd-json-data-feeds +- https://github.com/zgimszhd61/openai-sec-test-cve-quickstart diff --git a/2024/CVE-2024-3293.md b/2024/CVE-2024-3293.md index 3439a33121..7b5f847c69 100644 --- a/2024/CVE-2024-3293.md +++ b/2024/CVE-2024-3293.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/fkie-cad/nvd-json-data-feeds - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/tanjiti/sec_profile +- https://github.com/truonghuuphuc/CVE-2024-3293-Poc diff --git a/2024/CVE-2024-32966.md b/2024/CVE-2024-32966.md new file mode 100644 index 0000000000..3d859d7231 --- /dev/null +++ b/2024/CVE-2024-32966.md @@ -0,0 +1,18 @@ +### [CVE-2024-32966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32966) +![](https://img.shields.io/static/v1?label=Product&message=static-web-server&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%202.30.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%3A%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-80%3A%20Improper%20Neutralization%20of%20Script-Related%20HTML%20Tags%20in%20a%20Web%20Page%20(Basic%20XSS)&color=brighgreen) + +### Description + +Static Web Server (SWS) is a tiny and fast production-ready web server suitable to serve static web files or assets. In affected versions if directory listings are enabled for a directory that an untrusted user has upload privileges for, a malicious file name like `.txt` will allow JavaScript code execution in the context of the web server’s domain. SWS generally does not perform escaping of HTML entities on any values inserted in the directory listing. At the very least `file_name` and `current_path` could contain malicious data however. `file_uri` could also be malicious but the relevant scenarios seem to be all caught by hyper. For any web server that allow users to upload files or create directories under a name of their choosing this becomes a stored Cross-site Scripting vulnerability. Users are advised to upgrade. There are no known workarounds for this vulnerability. + +### POC + +#### Reference +- https://github.com/static-web-server/static-web-server/security/advisories/GHSA-rwfq-v4hq-h7fg + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-32974.md b/2024/CVE-2024-32974.md new file mode 100644 index 0000000000..01e876bf53 --- /dev/null +++ b/2024/CVE-2024-32974.md @@ -0,0 +1,17 @@ +### [CVE-2024-32974](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32974) +![](https://img.shields.io/static/v1?label=Product&message=envoy&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3E%3D%201.30.0%2C%20%3C%3D%2011.30.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) + +### Description + +Envoy is a cloud-native, open source edge and service proxy. A crash was observed in `EnvoyQuicServerStream::OnInitialHeadersComplete()` with following call stack. It is a use-after-free caused by QUICHE continuing push request headers after `StopReading()` being called on the stream. As after `StopReading()`, the HCM's `ActiveStream` might have already be destroyed and any up calls from QUICHE could potentially cause use after free. + +### POC + +#### Reference +- https://github.com/envoyproxy/envoy/security/advisories/GHSA-mgxp-7hhp-8299 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-32975.md b/2024/CVE-2024-32975.md new file mode 100644 index 0000000000..eecc6f81ff --- /dev/null +++ b/2024/CVE-2024-32975.md @@ -0,0 +1,17 @@ +### [CVE-2024-32975](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32975) +![](https://img.shields.io/static/v1?label=Product&message=envoy&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3E%3D%201.30.0%2C%20%3C%3D%2011.30.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-191%3A%20Integer%20Underflow%20(Wrap%20or%20Wraparound)&color=brighgreen) + +### Description + +Envoy is a cloud-native, open source edge and service proxy. There is a crash at `QuicheDataReader::PeekVarInt62Length()`. It is caused by integer underflow in the `QuicStreamSequencerBuffer::PeekRegion()` implementation. + +### POC + +#### Reference +- https://github.com/envoyproxy/envoy/security/advisories/GHSA-g9mq-6v96-cpqc + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-32976.md b/2024/CVE-2024-32976.md new file mode 100644 index 0000000000..0370f3d7a3 --- /dev/null +++ b/2024/CVE-2024-32976.md @@ -0,0 +1,17 @@ +### [CVE-2024-32976](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32976) +![](https://img.shields.io/static/v1?label=Product&message=envoy&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3E%3D%201.30.0%2C%20%3C%3D%2011.30.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-835%3A%20Loop%20with%20Unreachable%20Exit%20Condition%20('Infinite%20Loop')&color=brighgreen) + +### Description + +Envoy is a cloud-native, open source edge and service proxy. Envoyproxy with a Brotli filter can get into an endless loop during decompression of Brotli data with extra input. + +### POC + +#### Reference +- https://github.com/envoyproxy/envoy/security/advisories/GHSA-7wp5-c2vq-4f8m + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-32983.md b/2024/CVE-2024-32983.md new file mode 100644 index 0000000000..bbb85c013a --- /dev/null +++ b/2024/CVE-2024-32983.md @@ -0,0 +1,17 @@ +### [CVE-2024-32983](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32983) +![](https://img.shields.io/static/v1?label=Product&message=misskey&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%202024.5.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-863%3A%20Incorrect%20Authorization&color=brighgreen) + +### Description + +Misskey is an open source, decentralized microblogging platform. Misskey doesn't perform proper normalization on the JSON structures of incoming signed ActivityPub activity objects before processing them, allowing threat actors to spoof the contents of signed activities and impersonate the authors of the original activities. This vulnerability is fixed in 2024.5.0. + +### POC + +#### Reference +- https://github.com/misskey-dev/misskey/security/advisories/GHSA-2vxv-pv3m-3wvj + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-33666.md b/2024/CVE-2024-33666.md new file mode 100644 index 0000000000..af3354ce83 --- /dev/null +++ b/2024/CVE-2024-33666.md @@ -0,0 +1,17 @@ +### [CVE-2024-33666](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33666) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in Zammad before 6.3.0. Users with customer access to a ticket could have accessed time accounting details of this ticket via the API. This data should be available only to agents. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/cisagov/vulnrichment + diff --git a/2024/CVE-2024-3400.md b/2024/CVE-2024-3400.md index b6fec8d86d..db88513dd9 100644 --- a/2024/CVE-2024-3400.md +++ b/2024/CVE-2024-3400.md @@ -55,8 +55,10 @@ A command injection as a result of arbitrary file creation vulnerability in the - https://github.com/k4nfr3/nmap-scripts - https://github.com/kerberoshacker/CVE-2024-3400-POC - https://github.com/kerberoshacker2/CVE-2024-3400-POC +- https://github.com/lirantal/cve-cvss-calculator - https://github.com/marconesler/CVE-2024-3400 - https://github.com/momika233/CVE-2024-3400 +- https://github.com/netlas-io/netlas-dorks - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/phantomradar/cve-2024-3400-poc - https://github.com/pwnj0hn/CVE-2024-3400 diff --git a/2024/CVE-2024-34062.md b/2024/CVE-2024-34062.md new file mode 100644 index 0000000000..744bf18007 --- /dev/null +++ b/2024/CVE-2024-34062.md @@ -0,0 +1,17 @@ +### [CVE-2024-34062](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34062) +![](https://img.shields.io/static/v1?label=Product&message=tqdm&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3E%3D%204.4.0%2C%20%3C%204.66.3%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-74%3A%20Improper%20Neutralization%20of%20Special%20Elements%20in%20Output%20Used%20by%20a%20Downstream%20Component%20('Injection')&color=brighgreen) + +### Description + +tqdm is an open source progress bar for Python and CLI. Any optional non-boolean CLI arguments (e.g. `--delim`, `--buf-size`, `--manpath`) are passed through python's `eval`, allowing arbitrary code execution. This issue is only locally exploitable and had been addressed in release version 4.66.3. All users are advised to upgrade. There are no known workarounds for this vulnerability. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/CopperEagle/CopperEagle + diff --git a/2024/CVE-2024-34199.md b/2024/CVE-2024-34199.md new file mode 100644 index 0000000000..3f11e90a65 --- /dev/null +++ b/2024/CVE-2024-34199.md @@ -0,0 +1,17 @@ +### [CVE-2024-34199](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34199) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +TinyWeb 1.94 and below allows unauthenticated remote attackers to cause a denial of service (Buffer Overflow) when sending excessively large elements in the request line. + +### POC + +#### Reference +- https://github.com/DMCERTCE/PoC_Tiny_Overflow + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-34213.md b/2024/CVE-2024-34213.md new file mode 100644 index 0000000000..a241693b5f --- /dev/null +++ b/2024/CVE-2024-34213.md @@ -0,0 +1,17 @@ +### [CVE-2024-34213](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34213) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the SetPortForwardRules function. + +### POC + +#### Reference +- https://github.com/n0wstr/IOTVuln/tree/main/CP450/SetPortForwardRules + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-34219.md b/2024/CVE-2024-34219.md new file mode 100644 index 0000000000..f9066b51ce --- /dev/null +++ b/2024/CVE-2024-34219.md @@ -0,0 +1,17 @@ +### [CVE-2024-34219](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34219) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +TOTOLINK CP450 V4.1.0cu.747_B20191224 was discovered to contain a vulnerability in the SetTelnetCfg function, which allows attackers to log in through telnet. + +### POC + +#### Reference +- https://github.com/n0wstr/IOTVuln/tree/main/CP450/SetTelnetCfg + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-34222.md b/2024/CVE-2024-34222.md index aa1d3c1397..a2bc20704a 100644 --- a/2024/CVE-2024-34222.md +++ b/2024/CVE-2024-34222.md @@ -10,7 +10,7 @@ Sourcecodester Human Resource Management System 1.0 is vulnerable to SQL Injecti ### POC #### Reference -No PoCs from references. +- https://github.com/dovankha/CVE-2024-34222 #### Github - https://github.com/dovankha/CVE-2024-34222 diff --git a/2024/CVE-2024-34223.md b/2024/CVE-2024-34223.md index 2ccf874967..916afe6f2a 100644 --- a/2024/CVE-2024-34223.md +++ b/2024/CVE-2024-34223.md @@ -10,7 +10,7 @@ Insecure permission vulnerability in /hrm/leaverequest.php in SourceCodester Hum ### POC #### Reference -No PoCs from references. +- https://github.com/dovankha/CVE-2024-34223 #### Github - https://github.com/dovankha/CVE-2024-34223 diff --git a/2024/CVE-2024-34257.md b/2024/CVE-2024-34257.md index 368e6c8225..9d0e8cd35f 100644 --- a/2024/CVE-2024-34257.md +++ b/2024/CVE-2024-34257.md @@ -10,7 +10,7 @@ TOTOLINK EX1800T V9.1.0cu.2112_B20220316 has a vulnerability in the apcliEncrypT ### POC #### Reference -No PoCs from references. +- https://github.com/ZackSecurity/VulnerReport/blob/cve/totolink/EX1800T/1.md #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-34273.md b/2024/CVE-2024-34273.md index e17d94edfc..bcd43ea805 100644 --- a/2024/CVE-2024-34273.md +++ b/2024/CVE-2024-34273.md @@ -10,7 +10,7 @@ njwt up to v0.4.0 was discovered to contain a prototype pollution in the Parser. ### POC #### Reference -No PoCs from references. +- https://github.com/chrisandoryan/vuln-advisory/blob/main/nJwt/CVE-2024-34273.md #### Github - https://github.com/chrisandoryan/vuln-advisory diff --git a/2024/CVE-2024-34362.md b/2024/CVE-2024-34362.md new file mode 100644 index 0000000000..ecdb662a35 --- /dev/null +++ b/2024/CVE-2024-34362.md @@ -0,0 +1,17 @@ +### [CVE-2024-34362](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34362) +![](https://img.shields.io/static/v1?label=Product&message=envoy&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3E%3D%201.30.0%2C%20%3C%3D%2011.30.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) + +### Description + +Envoy is a cloud-native, open source edge and service proxy. There is a use-after-free in `HttpConnectionManager` (HCM) with `EnvoyQuicServerStream` that can crash Envoy. An attacker can exploit this vulnerability by sending a request without `FIN`, then a `RESET_STREAM` frame, and then after receiving the response, closing the connection. + +### POC + +#### Reference +- https://github.com/envoyproxy/envoy/security/advisories/GHSA-hww5-43gv-35jv + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-34363.md b/2024/CVE-2024-34363.md new file mode 100644 index 0000000000..2c2ca8fd1b --- /dev/null +++ b/2024/CVE-2024-34363.md @@ -0,0 +1,17 @@ +### [CVE-2024-34363](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34363) +![](https://img.shields.io/static/v1?label=Product&message=envoy&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3E%3D%201.30.0%2C%20%3C%3D%2011.30.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-248%3A%20Uncaught%20Exception&color=brighgreen) + +### Description + +Envoy is a cloud-native, open source edge and service proxy. Due to how Envoy invoked the nlohmann JSON library, the library could throw an uncaught exception from downstream data if incomplete UTF-8 strings were serialized. The uncaught exception would cause Envoy to crash. + +### POC + +#### Reference +- https://github.com/envoyproxy/envoy/security/advisories/GHSA-g979-ph9j-5gg4 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-34391.md b/2024/CVE-2024-34391.md index a4abf110f7..cabe6b8ecd 100644 --- a/2024/CVE-2024-34391.md +++ b/2024/CVE-2024-34391.md @@ -10,6 +10,7 @@ libxmljs is vulnerable to a type confusion vulnerability when parsing a speciall ### POC #### Reference +- https://github.com/libxmljs/libxmljs/issues/645 - https://research.jfrog.com/vulnerabilities/libxmljs-attrs-type-confusion-rce-jfsa-2024-001033988/ #### Github diff --git a/2024/CVE-2024-34448.md b/2024/CVE-2024-34448.md index 1444b44f9e..f40ae8526c 100644 --- a/2024/CVE-2024-34448.md +++ b/2024/CVE-2024-34448.md @@ -10,7 +10,7 @@ Ghost before 5.82.0 allows CSV Injection during a member CSV export. ### POC #### Reference -No PoCs from references. +- https://github.com/phulelouch/CVEs/blob/main/CVE-2024-34448.md #### Github - https://github.com/phulelouch/CVEs diff --git a/2024/CVE-2024-34470.md b/2024/CVE-2024-34470.md index df276483a5..6c2b3ce74f 100644 --- a/2024/CVE-2024-34470.md +++ b/2024/CVE-2024-34470.md @@ -17,4 +17,5 @@ An issue was discovered in HSC Mailinspector 5.2.17-3 through v.5.2.18. An Unaut - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/osvaldotenorio/CVE-2024-34470 - https://github.com/wy876/POC +- https://github.com/wy876/wiki diff --git a/2024/CVE-2024-34582.md b/2024/CVE-2024-34582.md index 3c688f822b..30edffc307 100644 --- a/2024/CVE-2024-34582.md +++ b/2024/CVE-2024-34582.md @@ -10,7 +10,7 @@ Sunhillo SureLine through 8.10.0 on RICI 5000 devices allows cgi/usrPasswd.cgi u ### POC #### Reference -No PoCs from references. +- https://github.com/silent6trinity/CVE-2024-34582 #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-34710.md b/2024/CVE-2024-34710.md new file mode 100644 index 0000000000..e6fcda2f80 --- /dev/null +++ b/2024/CVE-2024-34710.md @@ -0,0 +1,17 @@ +### [CVE-2024-34710](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34710) +![](https://img.shields.io/static/v1?label=Product&message=wiki&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%3D%202.5.302%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-1336%3A%20Improper%20Neutralization%20of%20Special%20Elements%20Used%20in%20a%20Template%20Engine&color=brighgreen) + +### Description + +Wiki.js is al wiki app built on Node.js. Client side template injection was discovered, that could allow an attacker to inject malicious JavaScript into the content section of pages that would execute once a victim loads the page that contains the payload. This was possible through the injection of a invalid HTML tag with a template injection payload on the next line. This vulnerability is fixed in 2.5.303. + +### POC + +#### Reference +- https://github.com/requarks/wiki/security/advisories/GHSA-xjcj-p2qv-q3rf + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-34715.md b/2024/CVE-2024-34715.md new file mode 100644 index 0000000000..6236f83501 --- /dev/null +++ b/2024/CVE-2024-34715.md @@ -0,0 +1,18 @@ +### [CVE-2024-34715](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34715) +![](https://img.shields.io/static/v1?label=Product&message=fides&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%202.37.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-116%3A%20Improper%20Encoding%20or%20Escaping%20of%20Output&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-532%3A%20Insertion%20of%20Sensitive%20Information%20into%20Log%20File&color=brighgreen) + +### Description + +Fides is an open-source privacy engineering platform. The Fides webserver requires a connection to a hosted PostgreSQL database for persistent storage of application data. If the password used by the webserver for this database connection includes special characters such as `@` and `$`, webserver startup fails and the part of the password following the special character is exposed in webserver error logs. This is caused by improper escaping of the SQLAlchemy password string. As a result users are subject to a partial exposure of hosted database password in webserver logs. The vulnerability has been patched in Fides version `2.37.0`. Users are advised to upgrade to this version or later to secure their systems against this threat. There are no known workarounds for this vulnerability. + +### POC + +#### Reference +- https://github.com/ethyca/fides/security/advisories/GHSA-8cm5-jfj2-26q7 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-3477.md b/2024/CVE-2024-3477.md index 5720f440f5..1901951011 100644 --- a/2024/CVE-2024-3477.md +++ b/2024/CVE-2024-3477.md @@ -13,5 +13,5 @@ The Popup Box WordPress plugin before 2.2.7 does not have CSRF checks in some b - https://wpscan.com/vulnerability/ca5e59e6-c500-4129-997b-391cdf9aa9c7/ #### Github -No PoCs found on GitHub currently. +- https://github.com/cisagov/vulnrichment diff --git a/2024/CVE-2024-34832.md b/2024/CVE-2024-34832.md index 8f2cac2d48..596ab861b4 100644 --- a/2024/CVE-2024-34832.md +++ b/2024/CVE-2024-34832.md @@ -13,5 +13,6 @@ Directory Traversal vulnerability in CubeCart v.6.5.5 and before allows an attac No PoCs from references. #### Github +- https://github.com/julio-cfa/CVE-2024-34832 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2024/CVE-2024-34852.md b/2024/CVE-2024-34852.md new file mode 100644 index 0000000000..e4573d3922 --- /dev/null +++ b/2024/CVE-2024-34852.md @@ -0,0 +1,17 @@ +### [CVE-2024-34852](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34852) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +F-logic DataCube3 v1.0 is affected by command injection due to improper string filtering at the command execution point in the ./admin/transceiver_schedule.php file. An unauthenticated remote attacker can exploit this vulnerability by sending a file name containing command injection. Successful exploitation of this vulnerability may allow the attacker to execute system commands. + +### POC + +#### Reference +- https://github.com/Yang-Nankai/Vulnerabilities/blob/main/DataCube3%20Shell%20Code%20Injection.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-34854.md b/2024/CVE-2024-34854.md new file mode 100644 index 0000000000..c74415f87f --- /dev/null +++ b/2024/CVE-2024-34854.md @@ -0,0 +1,17 @@ +### [CVE-2024-34854](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34854) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +F-logic DataCube3 v1.0 is vulnerable to File Upload via `/admin/transceiver_schedule.php.` + +### POC + +#### Reference +- https://github.com/Yang-Nankai/Vulnerabilities/blob/main/DataCube3%20Shell%20Code%20Injection.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-34905.md b/2024/CVE-2024-34905.md index 6ca7fef286..58a8a64788 100644 --- a/2024/CVE-2024-34905.md +++ b/2024/CVE-2024-34905.md @@ -10,8 +10,9 @@ FlyFish v3.0.0 was discovered to contain a buffer overflow via the password para ### POC #### Reference -No PoCs from references. +- https://github.com/CloudWise-OpenSource/FlyFish/issues/191 #### Github - https://github.com/fkie-cad/nvd-json-data-feeds +- https://github.com/lirantal/cve-cvss-calculator diff --git a/2024/CVE-2024-34906.md b/2024/CVE-2024-34906.md new file mode 100644 index 0000000000..19aec5b686 --- /dev/null +++ b/2024/CVE-2024-34906.md @@ -0,0 +1,17 @@ +### [CVE-2024-34906](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34906) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An arbitrary file upload vulnerability in dootask v0.30.13 allows attackers to execute arbitrary code via uploading a crafted PDF file. + +### POC + +#### Reference +- https://github.com/kuaifan/dootask/issues/210 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-34913.md b/2024/CVE-2024-34913.md new file mode 100644 index 0000000000..c44a12b92c --- /dev/null +++ b/2024/CVE-2024-34913.md @@ -0,0 +1,17 @@ +### [CVE-2024-34913](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34913) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An arbitrary file upload vulnerability in r-pan-scaffolding v5.0 and below allows attackers to execute arbitrary code via uploading a crafted PDF file. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/lirantal/cve-cvss-calculator + diff --git a/2024/CVE-2024-34919.md b/2024/CVE-2024-34919.md new file mode 100644 index 0000000000..3ede58bc76 --- /dev/null +++ b/2024/CVE-2024-34919.md @@ -0,0 +1,17 @@ +### [CVE-2024-34919](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34919) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An arbitrary file upload vulnerability in the component \modstudent\controller.php of Pisay Online E-Learning System using PHP/MySQL v1.0 allows attackers to execute arbitrary code via uploading a crafted file. + +### POC + +#### Reference +- https://github.com/CveSecLook/cve/issues/20 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-34921.md b/2024/CVE-2024-34921.md new file mode 100644 index 0000000000..c4a1a13414 --- /dev/null +++ b/2024/CVE-2024-34921.md @@ -0,0 +1,17 @@ +### [CVE-2024-34921](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34921) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +TOTOLINK X5000R v9.1.0cu.2350_B20230313 was discovered to contain a command injection via the disconnectVPN function. + +### POC + +#### Reference +- https://github.com/cainiao159357/x5000r_poc/blob/main/README.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-3495.md b/2024/CVE-2024-3495.md index 6148fb8a39..98a888afc5 100644 --- a/2024/CVE-2024-3495.md +++ b/2024/CVE-2024-3495.md @@ -16,6 +16,8 @@ No PoCs from references. - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/tanjiti/sec_profile - https://github.com/truonghuuphuc/CVE-2024-3495-Poc +- https://github.com/wjlin0/poc-doc - https://github.com/wy876/POC +- https://github.com/wy876/wiki - https://github.com/zomasec/CVE-2024-3495-POC diff --git a/2024/CVE-2024-34952.md b/2024/CVE-2024-34952.md new file mode 100644 index 0000000000..5e71288051 --- /dev/null +++ b/2024/CVE-2024-34952.md @@ -0,0 +1,22 @@ +### [CVE-2024-34952](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34952) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +taurusxin ncmdump v1.3.2 was discovered to contain a segmentation violation via the NeteaseCrypt::FixMetadata() function at /src/ncmcrypt.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted .ncm file. + +### POC + +#### Reference +- https://github.com/Helson-S/FuzzyTesting/blob/master/ncmdump/dos_FixMetadata/dos_FixMetadata.assets/debug-coredump.png +- https://github.com/Helson-S/FuzzyTesting/blob/master/ncmdump/dos_FixMetadata/dos_FixMetadata.md +- https://github.com/Helson-S/FuzzyTesting/blob/master/ncmdump/dos_FixMetadata/poc/I1DWE0~U +- https://github.com/Helson-S/FuzzyTesting/tree/master/ncmdump/dos_FixMetadata +- https://github.com/Helson-S/FuzzyTesting/tree/master/ncmdump/dos_FixMetadata/poc +- https://github.com/taurusxin/ncmdump/issues/18 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-34957.md b/2024/CVE-2024-34957.md index 0913ce37cb..ac31071691 100644 --- a/2024/CVE-2024-34957.md +++ b/2024/CVE-2024-34957.md @@ -10,8 +10,9 @@ idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via t ### POC #### Reference -No PoCs from references. +- https://github.com/Gr-1m/cms/blob/main/1.md #### Github +- https://github.com/Gr-1m/CVE-2024-34958 - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-34958.md b/2024/CVE-2024-34958.md index 2bc1ef30b9..76e0a0365d 100644 --- a/2024/CVE-2024-34958.md +++ b/2024/CVE-2024-34958.md @@ -10,9 +10,10 @@ idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via t ### POC #### Reference -No PoCs from references. +- https://github.com/Gr-1m/cms/blob/main/2.md #### Github +- https://github.com/Gr-1m/CVE-2024-34958 - https://github.com/Gr-1m/CVE-2024-34958-1 - https://github.com/fkie-cad/nvd-json-data-feeds - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2024/CVE-2024-34974.md b/2024/CVE-2024-34974.md index aea3203f70..66c0337cdd 100644 --- a/2024/CVE-2024-34974.md +++ b/2024/CVE-2024-34974.md @@ -13,5 +13,5 @@ Tenda AC18 v15.03.05.19 is vulnerable to Buffer Overflow in the formSetPPTPServe - https://github.com/hunzi0/Vullnfo/tree/main/Tenda/AC18/formSetPPTPServer #### Github -No PoCs found on GitHub currently. +- https://github.com/cisagov/vulnrichment diff --git a/2024/CVE-2024-34987.md b/2024/CVE-2024-34987.md new file mode 100644 index 0000000000..784c5aea73 --- /dev/null +++ b/2024/CVE-2024-34987.md @@ -0,0 +1,17 @@ +### [CVE-2024-34987](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34987) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A SQL Injection vulnerability exists in the `ofrs/admin/index.php` script of PHPGurukul Online Fire Reporting System 1.2. The vulnerability allows attackers to bypass authentication and gain unauthorized access by injecting SQL commands into the username input field during the login process. + +### POC + +#### Reference +- https://github.com/MarkLee131/PoCs/blob/main/CVE-2024-34987.md + +#### Github +- https://github.com/MarkLee131/PoCs + diff --git a/2024/CVE-2024-34997.md b/2024/CVE-2024-34997.md new file mode 100644 index 0000000000..c93f2e05ab --- /dev/null +++ b/2024/CVE-2024-34997.md @@ -0,0 +1,17 @@ +### [CVE-2024-34997](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34997) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +joblib v1.4.2 was discovered to contain a deserialization vulnerability via the component joblib.numpy_pickle::NumpyArrayWrapper().read_array(). + +### POC + +#### Reference +- https://github.com/joblib/joblib/issues/1582 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35039.md b/2024/CVE-2024-35039.md index 96a9bc21a4..900c5d583f 100644 --- a/2024/CVE-2024-35039.md +++ b/2024/CVE-2024-35039.md @@ -10,7 +10,7 @@ idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via a ### POC #### Reference -No PoCs from references. +- https://github.com/ywf7678/cms/blob/main/1.md #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-35057.md b/2024/CVE-2024-35057.md new file mode 100644 index 0000000000..d0c9f69f9c --- /dev/null +++ b/2024/CVE-2024-35057.md @@ -0,0 +1,17 @@ +### [CVE-2024-35057](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35057) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue in NASA AIT-Core v2.5.2 allows attackers to execute arbitrary code via a crafted packet. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/cisagov/vulnrichment + diff --git a/2024/CVE-2024-35109.md b/2024/CVE-2024-35109.md index 94b36bb84d..a77de64e98 100644 --- a/2024/CVE-2024-35109.md +++ b/2024/CVE-2024-35109.md @@ -10,7 +10,7 @@ idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via t ### POC #### Reference -No PoCs from references. +- https://github.com/FirstLIF/cms/blob/main/2.md #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-35110.md b/2024/CVE-2024-35110.md new file mode 100644 index 0000000000..bcbb0e12bf --- /dev/null +++ b/2024/CVE-2024-35110.md @@ -0,0 +1,17 @@ +### [CVE-2024-35110](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35110) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A reflected XSS vulnerability has been found in YzmCMS 7.1. The vulnerability exists in yzmphp/core/class/application.class.php: when logged-in users access a malicious link, their cookies can be captured by an attacker. + +### POC + +#### Reference +- https://github.com/yzmcms/yzmcms/issues/68 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35175.md b/2024/CVE-2024-35175.md new file mode 100644 index 0000000000..de5220bd46 --- /dev/null +++ b/2024/CVE-2024-35175.md @@ -0,0 +1,17 @@ +### [CVE-2024-35175](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35175) +![](https://img.shields.io/static/v1?label=Product&message=sshpiper&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3E%3D%201.0.50%2C%20%3C%201.3.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-345%3A%20Insufficient%20Verification%20of%20Data%20Authenticity&color=brighgreen) + +### Description + +sshpiper is a reverse proxy for sshd. Starting in version 1.0.50 and prior to version 1.3.0, the way the proxy protocol listener is implemented in sshpiper can allow an attacker to forge their connecting address. Commit 2ddd69876a1e1119059debc59fe869cb4e754430 added the proxy protocol listener as the only listener in sshpiper, with no option to toggle this functionality off. This means that any connection that sshpiper is directly (or in some cases indirectly) exposed to can use proxy protocol to forge its source address. Any users of sshpiper who need logs from it for whitelisting/rate limiting/security investigations could have them become much less useful if an attacker is sending a spoofed source address. Version 1.3.0 contains a patch for the issue. + +### POC + +#### Reference +- https://github.com/tg123/sshpiper/security/advisories/GHSA-4w53-6jvp-gg52 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35183.md b/2024/CVE-2024-35183.md new file mode 100644 index 0000000000..98f5ebd18e --- /dev/null +++ b/2024/CVE-2024-35183.md @@ -0,0 +1,18 @@ +### [CVE-2024-35183](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35183) +![](https://img.shields.io/static/v1?label=Product&message=wolfictl&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%200.16.10%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-552%3A%20Files%20or%20Directories%20Accessible%20to%20External%20Parties&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-668%3A%20Exposure%20of%20Resource%20to%20Wrong%20Sphere&color=brighgreen) + +### Description + +wolfictl is a command line tool for working with Wolfi. A git authentication issue in versions prior to 0.16.10 allows a local user’s GitHub token to be sent to remote servers other than `github.com`. Most git-dependent functionality in wolfictl relies on its own `git` package, which contains centralized logic for implementing interactions with git repositories. Some of this functionality requires authentication in order to access private repositories. A central function `GetGitAuth` looks for a GitHub token in the environment variable `GITHUB_TOKEN` and returns it as an HTTP basic auth object to be used with the `github.com/go-git/go-git/v5` library. Most callers (direct or indirect) of `GetGitAuth` use the token to authenticate to github.com only; however, in some cases callers were passing this authentication without checking that the remote git repository was hosted on github.com. This behavior has existed in one form or another since commit 0d06e1578300327c212dda26a5ab31d09352b9d0 - committed January 25, 2023. This impacts anyone who ran the `wolfictl check update` commands with a Melange configuration that included a `git-checkout` directive step that referenced a git repository not hosted on github.com. This also impacts anyone who ran `wolfictl update ` with a remote URL outside of github.com. Additionally, these subcommands must have run with the `GITHUB_TOKEN` environment variable set to a valid GitHub token. Users should upgrade to version 0.16.10 to receive a patch. + +### POC + +#### Reference +- https://github.com/wolfi-dev/wolfictl/security/advisories/GHSA-8fg7-hp93-qhvr + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35186.md b/2024/CVE-2024-35186.md new file mode 100644 index 0000000000..891684b3fd --- /dev/null +++ b/2024/CVE-2024-35186.md @@ -0,0 +1,17 @@ +### [CVE-2024-35186](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35186) +![](https://img.shields.io/static/v1?label=Product&message=gitoxide&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%200.36.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-23%3A%20Relative%20Path%20Traversal&color=brighgreen) + +### Description + +gitoxide is a pure Rust implementation of Git. During checkout, `gix-worktree-state` does not verify that paths point to locations in the working tree. A specially crafted repository can, when cloned, place new files anywhere writable by the application. This vulnerability leads to a major loss of confidentiality, integrity, and availability, but creating files outside a working tree without attempting to execute code can directly impact integrity as well. This vulnerability has been patched in version(s) 0.36.0. + +### POC + +#### Reference +- https://github.com/Byron/gitoxide/security/advisories/GHSA-7w47-3wg8-547c + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35187.md b/2024/CVE-2024-35187.md index e85432a134..23ba3c6ec7 100644 --- a/2024/CVE-2024-35187.md +++ b/2024/CVE-2024-35187.md @@ -10,7 +10,7 @@ Stalwart Mail Server is an open-source mail server. Prior to version 0.8.0, atta ### POC #### Reference -No PoCs from references. +- https://github.com/stalwartlabs/mail-server/security/advisories/GHSA-rwp5-f854-ppg6 #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-35189.md b/2024/CVE-2024-35189.md new file mode 100644 index 0000000000..8ecaccf036 --- /dev/null +++ b/2024/CVE-2024-35189.md @@ -0,0 +1,18 @@ +### [CVE-2024-35189](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35189) +![](https://img.shields.io/static/v1?label=Product&message=fides&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%202.37.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-200%3A%20Exposure%20of%20Sensitive%20Information%20to%20an%20Unauthorized%20Actor&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-201%3A%20Insertion%20of%20Sensitive%20Information%20Into%20Sent%20Data&color=brighgreen) + +### Description + +Fides is an open-source privacy engineering platform. The Fides webserver has a number of endpoints that retrieve `ConnectionConfiguration` records and their associated `secrets` which _can_ contain sensitive data (e.g. passwords, private keys, etc.). These `secrets` are stored encrypted at rest (in the application database), and the associated endpoints are not meant to expose that sensitive data in plaintext to API clients, as it could be compromising. Fides's developers have available to them a Pydantic field-attribute (`sensitive`) that they can annotate as `True` to indicate that a given secret field should not be exposed via the API. The application has an internal function that uses `sensitive` annotations to mask the sensitive fields with a `"**********"` placeholder value. This vulnerability is due to a bug in that function, which prevented `sensitive` API model fields that were _nested_ below the root-level of a `secrets` object from being masked appropriately. Only the `BigQuery` connection configuration secrets meets these criteria: the secrets schema has a nested sensitive `keyfile_creds.private_key` property that is exposed in plaintext via the APIs. Connection types other than `BigQuery` with sensitive fields at the root-level that are not nested are properly masked with the placeholder and are not affected by this vulnerability. This vulnerability has been patched in Fides version 2.37.0. Users are advised to upgrade to this version or later to secure their systems against this threat. Users are also advised to rotate any Google Cloud secrets used for BigQuery integrations in their Fides deployments. There are no known workarounds for this vulnerability. + +### POC + +#### Reference +- https://github.com/ethyca/fides/security/advisories/GHSA-rcvg-jj3g-rj7c + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35190.md b/2024/CVE-2024-35190.md index 3c2bd0cf7c..2dc14ed392 100644 --- a/2024/CVE-2024-35190.md +++ b/2024/CVE-2024-35190.md @@ -12,7 +12,7 @@ Asterisk is an open source private branch exchange and telephony toolkit. After ### POC #### Reference -No PoCs from references. +- https://github.com/asterisk/asterisk/security/advisories/GHSA-qqxj-v78h-hrf9 #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-35195.md b/2024/CVE-2024-35195.md index f62d066b20..fd2bfe230a 100644 --- a/2024/CVE-2024-35195.md +++ b/2024/CVE-2024-35195.md @@ -14,5 +14,6 @@ No PoCs from references. #### Github - https://github.com/PBorocz/raindrop-io-py +- https://github.com/astellingwerf/renovate-requests-allowedVersion - https://github.com/seal-community/patches diff --git a/2024/CVE-2024-35196.md b/2024/CVE-2024-35196.md new file mode 100644 index 0000000000..cf4829d0d6 --- /dev/null +++ b/2024/CVE-2024-35196.md @@ -0,0 +1,17 @@ +### [CVE-2024-35196](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35196) +![](https://img.shields.io/static/v1?label=Product&message=sentry&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3E%3D%2024.3.0%2C%20%3C%2024.5.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-532%3A%20Insertion%20of%20Sensitive%20Information%20into%20Log%20File&color=brighgreen) + +### Description + +Sentry is a developer-first error tracking and performance monitoring platform. Sentry's Slack integration incorrectly records the incoming request body in logs. This request data can contain sensitive information, including the deprecated Slack verification token. With this verification token, it is possible under specific configurations, an attacker can forge requests and act as the Slack integration. The request body is leaked in log entries matching `event == "slack.*" && name == "sentry.integrations.slack" && request_data == *`. The deprecated slack verification token, will be found in the `request_data.token` key. **SaaS users** do not need to take any action. **Self-hosted users** should upgrade to version 24.5.0 or higher, rotate their Slack verification token, and use the Slack Signing Secret instead of the verification token. For users only using the `slack.signing-secret` in their self-hosted configuration, the legacy verification token is not used to verify the webhook payload. It is ignored. Users unable to upgrade should either set the `slack.signing-secret` instead of `slack.verification-token`. The signing secret is Slack's recommended way of authenticating webhooks. By having `slack.singing-secret` set, Sentry self-hosted will no longer use the verification token for authentication of the webhooks, regardless of whether `slack.verification-token` is set or not. Alternatively if the self-hosted instance is unable to be upgraded or re-configured to use the `slack.signing-secret`, the logging configuration can be adjusted to not generate logs from the integration. The default logging configuration can be found in `src/sentry/conf/server.py`. **Services should be restarted once the configuration change is saved.** + +### POC + +#### Reference +- https://github.com/getsentry/sentry/blob/17d2b87e39ccd57e11da4deed62971ff306253d1/src/sentry/conf/server.py#L1307 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35197.md b/2024/CVE-2024-35197.md new file mode 100644 index 0000000000..c032cda87d --- /dev/null +++ b/2024/CVE-2024-35197.md @@ -0,0 +1,17 @@ +### [CVE-2024-35197](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35197) +![](https://img.shields.io/static/v1?label=Product&message=gitoxide&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%200.36.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-67%3A%20Improper%20Handling%20of%20Windows%20Device%20Names&color=brighgreen) + +### Description + +gitoxide is a pure Rust implementation of Git. On Windows, fetching refs that clash with legacy device names reads from the devices, and checking out paths that clash with such names writes arbitrary data to the devices. This allows a repository, when cloned, to cause indefinite blocking or the production of arbitrary message that appear to have come from the application, and potentially other harmful effects under limited circumstances. If Windows is not used, or untrusted repositories are not cloned or otherwise used, then there is no impact. A minor degradation in availability may also be possible, such as with a very large file named `CON`, though the user could interrupt the application. + +### POC + +#### Reference +- https://github.com/Byron/gitoxide/security/advisories/GHSA-49jc-r788-3fc9 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35222.md b/2024/CVE-2024-35222.md new file mode 100644 index 0000000000..6f15185329 --- /dev/null +++ b/2024/CVE-2024-35222.md @@ -0,0 +1,17 @@ +### [CVE-2024-35222](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35222) +![](https://img.shields.io/static/v1?label=Product&message=tauri&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%3D%201.6.6%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-284%3A%20Improper%20Access%20Control&color=brighgreen) + +### Description + +Tauri is a framework for building binaries for all major desktop platforms. Remote origin iFrames in Tauri applications can access the Tauri IPC endpoints without being explicitly allowed in the `dangerousRemoteDomainIpcAccess` in v1 and in the `capabilities` in v2. Valid commands with potentially unwanted consequences ("delete project", "transfer credits", etc.) could be invoked by an attacker that controls the content of an iframe running inside a Tauri app. This vulnerability has been patched in versions 1.6.7 and 2.0.0-beta.19. + +### POC + +#### Reference +- https://github.com/tauri-apps/tauri/security/advisories/GHSA-57fm-592m-34r7 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35231.md b/2024/CVE-2024-35231.md index 0c6b071de3..4395b6624e 100644 --- a/2024/CVE-2024-35231.md +++ b/2024/CVE-2024-35231.md @@ -10,7 +10,7 @@ rack-contrib provides contributed rack middleware and utilities for Rack, a Ruby ### POC #### Reference -No PoCs from references. +- https://github.com/rack/rack-contrib/security/advisories/GHSA-8c8q-2xw3-j869 #### Github - https://github.com/Sim4n6/Sim4n6 diff --git a/2024/CVE-2024-35232.md b/2024/CVE-2024-35232.md new file mode 100644 index 0000000000..f31577a57a --- /dev/null +++ b/2024/CVE-2024-35232.md @@ -0,0 +1,17 @@ +### [CVE-2024-35232](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35232) +![](https://img.shields.io/static/v1?label=Product&message=facebook&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%3D%202.7.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-209%3A%20Generation%20of%20Error%20Message%20Containing%20Sensitive%20Information&color=brighgreen) + +### Description + +github.com/huandu/facebook is a Go package that fully supports the Facebook Graph API with file upload, batch request and marketing API. access_token can be exposed in error message on fail in HTTP request. This issue has been patched in version 2.7.2. + +### POC + +#### Reference +- https://github.com/huandu/facebook/security/advisories/GHSA-3f65-m234-9mxr + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35236.md b/2024/CVE-2024-35236.md new file mode 100644 index 0000000000..f268a4bc97 --- /dev/null +++ b/2024/CVE-2024-35236.md @@ -0,0 +1,17 @@ +### [CVE-2024-35236](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35236) +![](https://img.shields.io/static/v1?label=Product&message=audiobookshelf&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%202.10.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%3A%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen) + +### Description + +Audiobookshelf is a self-hosted audiobook and podcast server. Prior to version 2.10.0, opening an ebook with malicious scripts inside leads to code execution inside the browsing context. Attacking a user with high privileges (upload, creation of libraries) can lead to remote code execution (RCE) in the worst case. This was tested on version 2.9.0 on Windows, but an arbitrary file write is powerful enough as is and should easily lead to RCE on Linux, too. Version 2.10.0 contains a patch for the vulnerability. + +### POC + +#### Reference +- https://github.com/advplyr/audiobookshelf/security/advisories/GHSA-7j99-76cj-q9pg + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35333.md b/2024/CVE-2024-35333.md index 7222e01634..a606bb8a9e 100644 --- a/2024/CVE-2024-35333.md +++ b/2024/CVE-2024-35333.md @@ -13,5 +13,6 @@ A stack-buffer-overflow vulnerability exists in the read_charset_decl function o No PoCs from references. #### Github +- https://github.com/momo1239/CVE-2024-35333 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2024/CVE-2024-35361.md b/2024/CVE-2024-35361.md new file mode 100644 index 0000000000..e8467bd33c --- /dev/null +++ b/2024/CVE-2024-35361.md @@ -0,0 +1,17 @@ +### [CVE-2024-35361](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35361) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +MTab Bookmark v1.9.5 has an SQL injection vulnerability in /LinkStore/getIcon. An attacker can execute arbitrary SQL statements through this vulnerability without requiring any user rights. + +### POC + +#### Reference +- https://github.com/Hebing123/cve/issues/37 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35362.md b/2024/CVE-2024-35362.md new file mode 100644 index 0000000000..35f149db23 --- /dev/null +++ b/2024/CVE-2024-35362.md @@ -0,0 +1,17 @@ +### [CVE-2024-35362](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35362) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Ecshop 3.6 is vulnerable to Cross Site Scripting (XSS) via ecshop/article_cat.php. + +### POC + +#### Reference +- https://github.com/shopex/ecshop/issues/6 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35384.md b/2024/CVE-2024-35384.md new file mode 100644 index 0000000000..1c6bf062a9 --- /dev/null +++ b/2024/CVE-2024-35384.md @@ -0,0 +1,17 @@ +### [CVE-2024-35384](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35384) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_array_length function in the mjs.c file. + +### POC + +#### Reference +- https://github.com/cesanta/mjs/issues/287 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35385.md b/2024/CVE-2024-35385.md new file mode 100644 index 0000000000..61aac1012d --- /dev/null +++ b/2024/CVE-2024-35385.md @@ -0,0 +1,17 @@ +### [CVE-2024-35385](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35385) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_mk_ffi_sig function in the mjs.c file. + +### POC + +#### Reference +- https://github.com/cesanta/mjs/issues/288 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35386.md b/2024/CVE-2024-35386.md new file mode 100644 index 0000000000..3d6e28c5c9 --- /dev/null +++ b/2024/CVE-2024-35386.md @@ -0,0 +1,17 @@ +### [CVE-2024-35386](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35386) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_do_gc function in the mjs.c file. + +### POC + +#### Reference +- https://github.com/cesanta/mjs/issues/286 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35387.md b/2024/CVE-2024-35387.md new file mode 100644 index 0000000000..00081f5a39 --- /dev/null +++ b/2024/CVE-2024-35387.md @@ -0,0 +1,17 @@ +### [CVE-2024-35387](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35387) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the http_host parameter in the function loginAuth. + +### POC + +#### Reference +- https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/totolink%20LR350/loginAuth_http_host/README.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35388.md b/2024/CVE-2024-35388.md new file mode 100644 index 0000000000..5e2c11e2fc --- /dev/null +++ b/2024/CVE-2024-35388.md @@ -0,0 +1,17 @@ +### [CVE-2024-35388](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35388) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +TOTOLINK NR1800X v9.1.0u.6681_B20230703 was discovered to contain a stack overflow via the password parameter in the function urldecode + +### POC + +#### Reference +- https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK%20NR1800X/README.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35399.md b/2024/CVE-2024-35399.md new file mode 100644 index 0000000000..06d4d90060 --- /dev/null +++ b/2024/CVE-2024-35399.md @@ -0,0 +1,17 @@ +### [CVE-2024-35399](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35399) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the password parameter in the function loginAuth + +### POC + +#### Reference +- https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK%20CP900L/loginAuth/README.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35400.md b/2024/CVE-2024-35400.md new file mode 100644 index 0000000000..102e1cf2a5 --- /dev/null +++ b/2024/CVE-2024-35400.md @@ -0,0 +1,17 @@ +### [CVE-2024-35400](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35400) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the desc parameter in the function SetPortForwardRules + +### POC + +#### Reference +- https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK%20CP900L/SetPortForwardRules/README.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35403.md b/2024/CVE-2024-35403.md new file mode 100644 index 0000000000..b597a6ed22 --- /dev/null +++ b/2024/CVE-2024-35403.md @@ -0,0 +1,17 @@ +### [CVE-2024-35403](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35403) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the desc parameter in the function setIpPortFilterRules + +### POC + +#### Reference +- https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK%20CP900L/setIpPortFilterRules/README.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35428.md b/2024/CVE-2024-35428.md new file mode 100644 index 0000000000..a675786b7d --- /dev/null +++ b/2024/CVE-2024-35428.md @@ -0,0 +1,17 @@ +### [CVE-2024-35428](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35428) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory Traversal via BaseMediaFile. An authenticated user can delete local files from the server which can lead to DoS. + +### POC + +#### Reference +- https://github.com/mrojz/ZKT-Bio-CVSecurity/blob/main/CVE-2024-35428.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35429.md b/2024/CVE-2024-35429.md new file mode 100644 index 0000000000..5de583a3ab --- /dev/null +++ b/2024/CVE-2024-35429.md @@ -0,0 +1,17 @@ +### [CVE-2024-35429](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35429) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory Traversal via eventRecord. + +### POC + +#### Reference +- https://github.com/mrojz/ZKT-Bio-CVSecurity/blob/main/CVE-2024-35429.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35430.md b/2024/CVE-2024-35430.md new file mode 100644 index 0000000000..982d14bd4f --- /dev/null +++ b/2024/CVE-2024-35430.md @@ -0,0 +1,17 @@ +### [CVE-2024-35430](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35430) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In ZKTeco ZKBio CVSecurity v6.1.1 an authenticated user can bypass password checks while exporting data from the application. + +### POC + +#### Reference +- https://github.com/mrojz/ZKT-Bio-CVSecurity/blob/main/CVE-2024-35430.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35431.md b/2024/CVE-2024-35431.md new file mode 100644 index 0000000000..7036ad02f2 --- /dev/null +++ b/2024/CVE-2024-35431.md @@ -0,0 +1,17 @@ +### [CVE-2024-35431](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35431) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory Traversal via photoBase64. An unauthenticated user can download local files from the server. + +### POC + +#### Reference +- https://github.com/mrojz/ZKT-Bio-CVSecurity/blob/main/CVE-2024-35431.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35432.md b/2024/CVE-2024-35432.md new file mode 100644 index 0000000000..a91765520f --- /dev/null +++ b/2024/CVE-2024-35432.md @@ -0,0 +1,17 @@ +### [CVE-2024-35432](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35432) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Cross Site Scripting (XSS) via an Audio File. An authenticated user can injection malicious JavaScript code to trigger a Cross Site Scripting. + +### POC + +#### Reference +- https://github.com/mrojz/ZKT-Bio-CVSecurity/blob/main/CVE-2024-35432.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35433.md b/2024/CVE-2024-35433.md new file mode 100644 index 0000000000..9421ad19ad --- /dev/null +++ b/2024/CVE-2024-35433.md @@ -0,0 +1,17 @@ +### [CVE-2024-35433](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35433) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Incorrect Access Control. An authenticated user, without the permissions of managing users, can create a new admin user. + +### POC + +#### Reference +- https://github.com/mrojz/ZKT-Bio-CVSecurity/blob/main/CVE-2024-35433.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35434.md b/2024/CVE-2024-35434.md new file mode 100644 index 0000000000..ae93c4375a --- /dev/null +++ b/2024/CVE-2024-35434.md @@ -0,0 +1,17 @@ +### [CVE-2024-35434](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35434) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Irontec Sngrep v1.8.1 was discovered to contain a heap buffer overflow via the function rtp_check_packet at /sngrep/src/rtp.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted SIP packet. + +### POC + +#### Reference +- https://github.com/inputzero/Security-Advisories/blob/main/CVE-XXXX-XXXX.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35468.md b/2024/CVE-2024-35468.md index f790b7ca97..1f80ffbf66 100644 --- a/2024/CVE-2024-35468.md +++ b/2024/CVE-2024-35468.md @@ -10,8 +10,9 @@ A SQL injection vulnerability in /hrm/index.php in SourceCodester Human Resource ### POC #### Reference -No PoCs from references. +- https://github.com/dovankha/CVE-2024-35468 #### Github +- https://github.com/dovankha/CVE-2024-35468 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2024/CVE-2024-35469.md b/2024/CVE-2024-35469.md index 4b309f28fc..3bdde53386 100644 --- a/2024/CVE-2024-35469.md +++ b/2024/CVE-2024-35469.md @@ -10,8 +10,9 @@ A SQL injection vulnerability in /hrm/user/ in SourceCodester Human Resource Man ### POC #### Reference -No PoCs from references. +- https://github.com/dovankha/CVE-2024-35469 #### Github +- https://github.com/dovankha/CVE-2024-35469 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2024/CVE-2024-35475.md b/2024/CVE-2024-35475.md index 7bb745732e..1407e432e0 100644 --- a/2024/CVE-2024-35475.md +++ b/2024/CVE-2024-35475.md @@ -10,7 +10,8 @@ A Cross-Site Request Forgery (CSRF) vulnerability was discovered in OpenKM Commu ### POC #### Reference -No PoCs from references. +- https://github.com/carsonchan12345/CVE-2024-35475 +- https://github.com/carsonchan12345/OpenKM-CSRF-PoC #### Github - https://github.com/carsonchan12345/CVE-2024-35475 diff --git a/2024/CVE-2024-35492.md b/2024/CVE-2024-35492.md new file mode 100644 index 0000000000..24847f64a6 --- /dev/null +++ b/2024/CVE-2024-35492.md @@ -0,0 +1,17 @@ +### [CVE-2024-35492](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35492) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Cesanta Mongoose commit b316989 was discovered to contain a NULL pointer dereference via the scpy function at src/fmt.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted MQTT packet. + +### POC + +#### Reference +- https://github.com/zzh-newlearner/MQTT_Crash/blob/main/Mongoose_null_pointer.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35511.md b/2024/CVE-2024-35511.md index efd0b90426..5ab8a74e9a 100644 --- a/2024/CVE-2024-35511.md +++ b/2024/CVE-2024-35511.md @@ -10,7 +10,7 @@ phpgurukul Men Salon Management System v2.0 is vulnerable to SQL Injection via t ### POC #### Reference -No PoCs from references. +- https://github.com/efekaanakkar/CVE-2024-35511/blob/main/Men%20Salon%20Management%20System%20Using%20PHP%20and%20MySQL.md #### Github - https://github.com/efekaanakkar/CVE-2024-35511 diff --git a/2024/CVE-2024-35548.md b/2024/CVE-2024-35548.md new file mode 100644 index 0000000000..33194626ad --- /dev/null +++ b/2024/CVE-2024-35548.md @@ -0,0 +1,17 @@ +### [CVE-2024-35548](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35548) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +** DISPUTED ** A SQL injection vulnerability in Mybatis plus versions below 3.5.6 allows remote attackers to obtain database information via a Boolean blind injection. NOTE: the vendor's position is that this can only occur in a misconfigured application; the documentation discusses how to develop applications that avoid SQL injection. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/bytyme/MybatisPlusSQLInjection + diff --git a/2024/CVE-2024-35550.md b/2024/CVE-2024-35550.md new file mode 100644 index 0000000000..47c357bfcd --- /dev/null +++ b/2024/CVE-2024-35550.md @@ -0,0 +1,17 @@ +### [CVE-2024-35550](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35550) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoWeb_deal.php?mudi=rev. + +### POC + +#### Reference +- https://github.com/bearman113/1.md/blob/main/17/csrf.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35551.md b/2024/CVE-2024-35551.md new file mode 100644 index 0000000000..3d8163c564 --- /dev/null +++ b/2024/CVE-2024-35551.md @@ -0,0 +1,17 @@ +### [CVE-2024-35551](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35551) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoWeb_deal.php?mudi=add. + +### POC + +#### Reference +- https://github.com/bearman113/1.md/blob/main/16/csrf.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35552.md b/2024/CVE-2024-35552.md new file mode 100644 index 0000000000..651ad2fa3b --- /dev/null +++ b/2024/CVE-2024-35552.md @@ -0,0 +1,17 @@ +### [CVE-2024-35552](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35552) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoMove_deal.php?mudi=del&dataType=logo&dataTypeCN. + +### POC + +#### Reference +- https://github.com/bearman113/1.md/blob/main/20/csrf.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35553.md b/2024/CVE-2024-35553.md new file mode 100644 index 0000000000..43c5f9f00f --- /dev/null +++ b/2024/CVE-2024-35553.md @@ -0,0 +1,17 @@ +### [CVE-2024-35553](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35553) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoMove_deal.php?mudi=add&nohrefStr=close. + +### POC + +#### Reference +- https://github.com/bearman113/1.md/blob/main/21/csrf.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35554.md b/2024/CVE-2024-35554.md new file mode 100644 index 0000000000..5791c373e2 --- /dev/null +++ b/2024/CVE-2024-35554.md @@ -0,0 +1,17 @@ +### [CVE-2024-35554](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35554) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoWeb_deal.php?mudi=del&dataType=newsWeb&dataTypeCN. + +### POC + +#### Reference +- https://github.com/bearman113/1.md/blob/main/19/csrf.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35555.md b/2024/CVE-2024-35555.md new file mode 100644 index 0000000000..aa2e9d0151 --- /dev/null +++ b/2024/CVE-2024-35555.md @@ -0,0 +1,17 @@ +### [CVE-2024-35555](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35555) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/share_switch.php?mudi=switch&dataType=newsWeb&fieldName=state&fieldName2=state&tabName=infoWeb&dataID=40. + +### POC + +#### Reference +- https://github.com/bearman113/1.md/blob/main/18/csrf.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35556.md b/2024/CVE-2024-35556.md new file mode 100644 index 0000000000..0744fb64b2 --- /dev/null +++ b/2024/CVE-2024-35556.md @@ -0,0 +1,17 @@ +### [CVE-2024-35556](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35556) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/vpsSys_deal.php?mudi=infoSet. + +### POC + +#### Reference +- https://github.com/bearman113/1.md/blob/main/26/csrf.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35557.md b/2024/CVE-2024-35557.md new file mode 100644 index 0000000000..5fc62bb99d --- /dev/null +++ b/2024/CVE-2024-35557.md @@ -0,0 +1,17 @@ +### [CVE-2024-35557](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35557) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/vpsApi_deal.php?mudi=rev&nohrefStr=close. + +### POC + +#### Reference +- https://github.com/bearman113/1.md/blob/main/27/csrf.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35558.md b/2024/CVE-2024-35558.md new file mode 100644 index 0000000000..f65c16eb18 --- /dev/null +++ b/2024/CVE-2024-35558.md @@ -0,0 +1,17 @@ +### [CVE-2024-35558](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35558) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/ca_deal.php?mudi=rev&nohrefStr=close. + +### POC + +#### Reference +- https://github.com/bearman113/1.md/blob/main/24/csrf.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35559.md b/2024/CVE-2024-35559.md new file mode 100644 index 0000000000..aabf21093d --- /dev/null +++ b/2024/CVE-2024-35559.md @@ -0,0 +1,17 @@ +### [CVE-2024-35559](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35559) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoMove_deal.php?mudi=rev&nohrefStr=close. + +### POC + +#### Reference +- https://github.com/bearman113/1.md/blob/main/22/csrf.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35560.md b/2024/CVE-2024-35560.md new file mode 100644 index 0000000000..dd56c15d07 --- /dev/null +++ b/2024/CVE-2024-35560.md @@ -0,0 +1,17 @@ +### [CVE-2024-35560](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35560) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/ca_deal.php?mudi=del&dataType=&dataTypeCN. + +### POC + +#### Reference +- https://github.com/bearman113/1.md/blob/main/25/csrf.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35561.md b/2024/CVE-2024-35561.md new file mode 100644 index 0000000000..559c9ef918 --- /dev/null +++ b/2024/CVE-2024-35561.md @@ -0,0 +1,17 @@ +### [CVE-2024-35561](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35561) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/ca_deal.php?mudi=add&nohrefStr=close. + +### POC + +#### Reference +- https://github.com/bearman113/1.md/blob/main/23/csrf.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35570.md b/2024/CVE-2024-35570.md new file mode 100644 index 0000000000..d94c9cb68e --- /dev/null +++ b/2024/CVE-2024-35570.md @@ -0,0 +1,17 @@ +### [CVE-2024-35570](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35570) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An arbitrary file upload vulnerability in the component \controller\ImageUploadController.class of inxedu v2.0.6 allows attackers to execute arbitrary code via uploading a crafted jsp file. + +### POC + +#### Reference +- https://github.com/KakeruJ/CVE/ + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-35581.md b/2024/CVE-2024-35581.md index b883c39bd8..50161d1ac0 100644 --- a/2024/CVE-2024-35581.md +++ b/2024/CVE-2024-35581.md @@ -10,6 +10,7 @@ A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Manageme ### POC #### Reference +- https://github.com/r04i7/CVE/blob/main/CVE-2024-35581.md - https://portswigger.net/web-security/cross-site-scripting/stored #### Github diff --git a/2024/CVE-2024-35582.md b/2024/CVE-2024-35582.md index 0772932af9..b23d11b39b 100644 --- a/2024/CVE-2024-35582.md +++ b/2024/CVE-2024-35582.md @@ -10,6 +10,7 @@ A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Manageme ### POC #### Reference +- https://github.com/r04i7/CVE/blob/main/CVE-2024-35582.md - https://portswigger.net/web-security/cross-site-scripting/stored #### Github diff --git a/2024/CVE-2024-35583.md b/2024/CVE-2024-35583.md index f1e0340498..7cea0676ce 100644 --- a/2024/CVE-2024-35583.md +++ b/2024/CVE-2024-35583.md @@ -10,6 +10,7 @@ A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Manageme ### POC #### Reference +- https://github.com/r04i7/CVE/blob/main/CVE-2024-35583.md - https://portswigger.net/web-security/cross-site-scripting/stored #### Github diff --git a/2024/CVE-2024-35591.md b/2024/CVE-2024-35591.md index 30c462fba8..a397ff8c0a 100644 --- a/2024/CVE-2024-35591.md +++ b/2024/CVE-2024-35591.md @@ -10,7 +10,7 @@ An arbitrary file upload vulnerability in O2OA v8.3.8 allows attackers to execut ### POC #### Reference -No PoCs from references. +- https://github.com/o2oa/o2oa/issues/156 #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-36104.md b/2024/CVE-2024-36104.md index f8fc10387c..126bb3d8f5 100644 --- a/2024/CVE-2024-36104.md +++ b/2024/CVE-2024-36104.md @@ -14,6 +14,8 @@ No PoCs from references. #### Github - https://github.com/Co5mos/nuclei-tps +- https://github.com/Mr-xn/CVE-2024-32113 - https://github.com/tanjiti/sec_profile - https://github.com/wy876/POC +- https://github.com/wy876/wiki diff --git a/2024/CVE-2024-36428.md b/2024/CVE-2024-36428.md index a4906f9f11..257689bc6e 100644 --- a/2024/CVE-2024-36428.md +++ b/2024/CVE-2024-36428.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/fkie-cad/nvd-json-data-feeds - https://github.com/tanjiti/sec_profile - https://github.com/wy876/POC +- https://github.com/wy876/wiki diff --git a/2024/CVE-2024-3661.md b/2024/CVE-2024-3661.md index 40d55bf439..bc558bc11a 100644 --- a/2024/CVE-2024-3661.md +++ b/2024/CVE-2024-3661.md @@ -16,6 +16,7 @@ DHCP can add routes to a client’s routing table via the classless static route - https://www.leviathansecurity.com/research/tunnelvision #### Github +- https://github.com/a1xbit/DecloakingVPN - https://github.com/apiverve/news-API - https://github.com/bollwarm/SecToolSet - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-36673.md b/2024/CVE-2024-36673.md new file mode 100644 index 0000000000..9267462e0e --- /dev/null +++ b/2024/CVE-2024-36673.md @@ -0,0 +1,17 @@ +### [CVE-2024-36673](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36673) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Sourcecodester Pharmacy/Medical Store Point of Sale System 1.0 is vulnerable SQL Injection via login.php. This vulnerability stems from inadequate validation of user inputs for the email and password parameters, allowing attackers to inject malicious SQL queries. + +### POC + +#### Reference +- https://github.com/CveSecLook/cve/issues/39 + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-36773.md b/2024/CVE-2024-36773.md new file mode 100644 index 0000000000..affa73fd06 --- /dev/null +++ b/2024/CVE-2024-36773.md @@ -0,0 +1,17 @@ +### [CVE-2024-36773](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36773) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A cross-site scripting (XSS) vulnerability in Monstra CMS v3.0.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Themes parameter at index.php. + +### POC + +#### Reference +- https://github.com/OoLs5/VulDiscovery/blob/main/cve-2024-36773.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-37017.md b/2024/CVE-2024-37017.md new file mode 100644 index 0000000000..2e223a4912 --- /dev/null +++ b/2024/CVE-2024-37017.md @@ -0,0 +1,17 @@ +### [CVE-2024-37017](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37017) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +asdcplib (aka AS-DCP Lib) 2.13.1 has a heap-based buffer over-read in ASDCP::TimedText::MXFReader::h__Reader::MD_to_TimedText_TDesc in AS_DCP_TimedText.cpp in libasdcp.so. + +### POC + +#### Reference +- https://github.com/cinecert/asdcplib/issues/138 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-37160.md b/2024/CVE-2024-37160.md new file mode 100644 index 0000000000..04c7cf8340 --- /dev/null +++ b/2024/CVE-2024-37160.md @@ -0,0 +1,17 @@ +### [CVE-2024-37160](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37160) +![](https://img.shields.io/static/v1?label=Product&message=formwork&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%201.13.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%3A%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen) + +### Description + +Formwork is a flat file-based Content Management System (CMS). An attackers (requires administrator privilege) to execute arbitrary web scripts by modifying site options via /panel/options/site. This type of attack is suitable for persistence, affecting visitors across all pages (except the dashboard). This vulnerability is fixed in 1.13.1. + +### POC + +#### Reference +- https://github.com/getformwork/formwork/security/advisories/GHSA-5pxr-7m4j-jjc6 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-3837.md b/2024/CVE-2024-3837.md index 21aa6c1fab..15c100cb77 100644 --- a/2024/CVE-2024-3837.md +++ b/2024/CVE-2024-3837.md @@ -10,7 +10,7 @@ Use after free in QUIC in Google Chrome prior to 124.0.6367.60 allowed a remote ### POC #### Reference -No PoCs from references. +- https://issues.chromium.org/issues/41491379 #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-3875.md b/2024/CVE-2024-3875.md index 308d02bc5a..fb595bde7a 100644 --- a/2024/CVE-2024-3875.md +++ b/2024/CVE-2024-3875.md @@ -13,5 +13,5 @@ A vulnerability was found in Tenda F1202 1.2.0.20(408). It has been rated as cri - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F/F1202/fromNatlimit.md #### Github -No PoCs found on GitHub currently. +- https://github.com/helloyhrr/IoT_vulnerability diff --git a/2024/CVE-2024-3876.md b/2024/CVE-2024-3876.md index 4b5849a430..5aeb40d370 100644 --- a/2024/CVE-2024-3876.md +++ b/2024/CVE-2024-3876.md @@ -13,5 +13,5 @@ A vulnerability classified as critical has been found in Tenda F1202 1.2.0.20(40 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F/F1202/fromVirtualSer.md #### Github -No PoCs found on GitHub currently. +- https://github.com/helloyhrr/IoT_vulnerability diff --git a/2024/CVE-2024-3931.md b/2024/CVE-2024-3931.md index 079a298b6b..a2902affce 100644 --- a/2024/CVE-2024-3931.md +++ b/2024/CVE-2024-3931.md @@ -13,6 +13,7 @@ A vulnerability was found in Totara LMS 18.0.1 Build 20231128.01. It has been ra No PoCs from references. #### Github +- https://github.com/2lambda123/cisagov-vulnrichment - https://github.com/cisagov/vulnrichment - https://github.com/fkie-cad/nvd-json-data-feeds - https://github.com/storbeck/vulnrichment-cli diff --git a/2024/CVE-2024-4064.md b/2024/CVE-2024-4064.md index 68800e4c00..11befc65e1 100644 --- a/2024/CVE-2024-4064.md +++ b/2024/CVE-2024-4064.md @@ -13,5 +13,5 @@ A vulnerability was found in Tenda AC8 16.03.34.09. It has been declared as crit - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC8/R7WebsSecurityHandler.md #### Github -No PoCs found on GitHub currently. +- https://github.com/helloyhrr/IoT_vulnerability diff --git a/2024/CVE-2024-4236.md b/2024/CVE-2024-4236.md index fc6ed2556b..ea8169768a 100644 --- a/2024/CVE-2024-4236.md +++ b/2024/CVE-2024-4236.md @@ -14,4 +14,5 @@ A vulnerability, which was classified as critical, has been found in Tenda AX180 #### Github - https://github.com/fkie-cad/nvd-json-data-feeds +- https://github.com/helloyhrr/IoT_vulnerability diff --git a/2024/CVE-2024-4239.md b/2024/CVE-2024-4239.md index f80b9e02d5..44e93c0b1e 100644 --- a/2024/CVE-2024-4239.md +++ b/2024/CVE-2024-4239.md @@ -13,5 +13,5 @@ A vulnerability was found in Tenda AX1806 1.0.0.1 and classified as critical. Af - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AX/AX1806/formSetRebootTimer.md #### Github -No PoCs found on GitHub currently. +- https://github.com/helloyhrr/IoT_vulnerability diff --git a/2024/CVE-2024-4295.md b/2024/CVE-2024-4295.md index 4d8e018bb8..f0cc5bd739 100644 --- a/2024/CVE-2024-4295.md +++ b/2024/CVE-2024-4295.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/truonghuuphuc/CVE-2024-4295-Poc diff --git a/2024/CVE-2024-4323.md b/2024/CVE-2024-4323.md index fd61ba6118..0c3c9aca7d 100644 --- a/2024/CVE-2024-4323.md +++ b/2024/CVE-2024-4323.md @@ -17,4 +17,5 @@ No PoCs from references. - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/skilfoy/CVE-2024-4323-Exploit-POC - https://github.com/yuansec/CVE-2024-4323-dos_poc +- https://github.com/zgimszhd61/openai-sec-test-cve-quickstart diff --git a/2024/CVE-2024-4358.md b/2024/CVE-2024-4358.md index 2836ccde47..eafb4669aa 100644 --- a/2024/CVE-2024-4358.md +++ b/2024/CVE-2024-4358.md @@ -14,8 +14,13 @@ No PoCs from references. #### Github - https://github.com/GhostTroops/TOP +- https://github.com/Harydhk7/CVE-2024-4358 +- https://github.com/RevoltSecurities/CVE-2024-4358 +- https://github.com/Sk1dr0wz/CVE-2024-4358_Mass_Exploit - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/securitycipher/daily-bugbounty-writeups - https://github.com/sinsinology/CVE-2024-4358 - https://github.com/tanjiti/sec_profile +- https://github.com/wy876/POC +- https://github.com/wy876/wiki diff --git a/2024/CVE-2024-4367.md b/2024/CVE-2024-4367.md index ce050d945d..92cee37dbb 100644 --- a/2024/CVE-2024-4367.md +++ b/2024/CVE-2024-4367.md @@ -20,9 +20,11 @@ No PoCs from references. - https://github.com/LOURC0D3/CVE-2024-4367-PoC - https://github.com/Threekiii/Awesome-POC - https://github.com/avalahEE/pdfjs_disable_eval +- https://github.com/clarkio/pdfjs-vuln-demo - https://github.com/google/fishy-pdf - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/s4vvysec/CVE-2024-4367-POC - https://github.com/spaceraccoon/detect-cve-2024-4367 - https://github.com/tanjiti/sec_profile +- https://github.com/zgimszhd61/openai-sec-test-cve-quickstart diff --git a/2024/CVE-2024-4443.md b/2024/CVE-2024-4443.md index 5e5674b9ac..73d3487013 100644 --- a/2024/CVE-2024-4443.md +++ b/2024/CVE-2024-4443.md @@ -15,5 +15,7 @@ No PoCs from references. #### Github - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/truonghuuphuc/CVE-2024-4443-Poc +- https://github.com/wjlin0/poc-doc - https://github.com/wy876/POC +- https://github.com/wy876/wiki diff --git a/2024/CVE-2024-4610.md b/2024/CVE-2024-4610.md new file mode 100644 index 0000000000..0d5c434d39 --- /dev/null +++ b/2024/CVE-2024-4610.md @@ -0,0 +1,18 @@ +### [CVE-2024-4610](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4610) +![](https://img.shields.io/static/v1?label=Product&message=Bifrost%20GPU%20Kernel%20Driver&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Valhall%20GPU%20Kernel%20Driver&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%20Use%20After%20Free&color=brighgreen) + +### Description + +Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r34p0 through r40p0; Valhall GPU Kernel Driver: from r34p0 through r40p0. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-4820.md b/2024/CVE-2024-4820.md index e3a5003bf0..b239d9c2e9 100644 --- a/2024/CVE-2024-4820.md +++ b/2024/CVE-2024-4820.md @@ -10,7 +10,7 @@ A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0 ### POC #### Reference -No PoCs from references. +- https://github.com/jxm68868/cve/blob/main/upload.md #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-4835.md b/2024/CVE-2024-4835.md index 464cd7e555..d66d1e176b 100644 --- a/2024/CVE-2024-4835.md +++ b/2024/CVE-2024-4835.md @@ -13,5 +13,6 @@ A XSS condition exists within GitLab in versions 15.11 before 16.10.6, 16.11 bef No PoCs from references. #### Github +- https://github.com/netlas-io/netlas-dorks - https://github.com/tanjiti/sec_profile diff --git a/2024/CVE-2024-4947.md b/2024/CVE-2024-4947.md new file mode 100644 index 0000000000..c1d00f170f --- /dev/null +++ b/2024/CVE-2024-4947.md @@ -0,0 +1,18 @@ +### [CVE-2024-4947](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4947) +![](https://img.shields.io/static/v1?label=Product&message=Chrome&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=125.0.6422.60%3C%20125.0.6422.60%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Type%20Confusion&color=brighgreen) + +### Description + +Type Confusion in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/cisagov/vulnrichment +- https://github.com/zgimszhd61/openai-sec-test-cve-quickstart + diff --git a/2024/CVE-2024-4956.md b/2024/CVE-2024-4956.md index eeb2c72ae8..00145255c5 100644 --- a/2024/CVE-2024-4956.md +++ b/2024/CVE-2024-4956.md @@ -13,15 +13,23 @@ Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated attacker No PoCs from references. #### Github +- https://github.com/Cappricio-Securities/CVE-2024-4956 +- https://github.com/GoatSecurity/CVE-2024-4956 - https://github.com/Ostorlab/KEV +- https://github.com/Praison001/CVE-2024-4956-Sonatype-Nexus-Repository-Manager - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/CVE +- https://github.com/TypicalModMaker/CVE-2024-4956 - https://github.com/X1r0z/JettyFuzz - https://github.com/banditzCyber0x/CVE-2024-4956 - https://github.com/codeb0ss/CVE-2024-4956-PoC +- https://github.com/fin3ss3g0d/CVE-2024-4956 +- https://github.com/fin3ss3g0d/Shiro1Extractor +- https://github.com/fin3ss3g0d/Shiro1Tools - https://github.com/fkie-cad/nvd-json-data-feeds - https://github.com/gmh5225/CVE-2024-4956 - https://github.com/ifconfig-me/CVE-2024-4956-Bulk-Scanner +- https://github.com/ifconfig-me/Path-Traversal-Scanner - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/securitycipher/daily-bugbounty-writeups - https://github.com/tanjiti/sec_profile diff --git a/2024/CVE-2024-5084.md b/2024/CVE-2024-5084.md index a58ffbae78..e8e79c96b3 100644 --- a/2024/CVE-2024-5084.md +++ b/2024/CVE-2024-5084.md @@ -15,6 +15,7 @@ No PoCs from references. #### Github - https://github.com/Chocapikk/CVE-2024-5084 - https://github.com/KTN1990/CVE-2024-5084 +- https://github.com/k3lpi3b4nsh33/CVE-2024-5084 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main diff --git a/2024/CVE-2024-5326.md b/2024/CVE-2024-5326.md index 661414779d..5f10cde3ac 100644 --- a/2024/CVE-2024-5326.md +++ b/2024/CVE-2024-5326.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/truonghuuphuc/CVE-2024-5326-Poc diff --git a/2024/CVE-2024-5350.md b/2024/CVE-2024-5350.md new file mode 100644 index 0000000000..97f9eea2fe --- /dev/null +++ b/2024/CVE-2024-5350.md @@ -0,0 +1,17 @@ +### [CVE-2024-5350](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5350) +![](https://img.shields.io/static/v1?label=Product&message=AJ-Report&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.4.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability was found in anji-plus AJ-Report up to 1.4.1. It has been classified as critical. Affected is the function pageList of the file /pageList. The manipulation of the argument p leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-266262 is the identifier assigned to this vulnerability. + +### POC + +#### Reference +- https://github.com/anji-plus/report/files/15363269/aj-report.pdf + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-5351.md b/2024/CVE-2024-5351.md new file mode 100644 index 0000000000..86aea5b5bf --- /dev/null +++ b/2024/CVE-2024-5351.md @@ -0,0 +1,17 @@ +### [CVE-2024-5351](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5351) +![](https://img.shields.io/static/v1?label=Product&message=AJ-Report&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.4.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%20Deserialization&color=brighgreen) + +### Description + +A vulnerability was found in anji-plus AJ-Report up to 1.4.1. It has been declared as critical. Affected by this vulnerability is the function getValueFromJs of the component Javascript Handler. The manipulation leads to deserialization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-266263. + +### POC + +#### Reference +- https://github.com/anji-plus/report/files/15363269/aj-report.pdf + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-5352.md b/2024/CVE-2024-5352.md new file mode 100644 index 0000000000..4749a100fd --- /dev/null +++ b/2024/CVE-2024-5352.md @@ -0,0 +1,17 @@ +### [CVE-2024-5352](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5352) +![](https://img.shields.io/static/v1?label=Product&message=AJ-Report&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.4.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%20Deserialization&color=brighgreen) + +### Description + +A vulnerability was found in anji-plus AJ-Report up to 1.4.1. It has been rated as critical. Affected by this issue is the function validationRules of the component com.anjiplus.template.gaea.business.modules.datasetparam.controller.DataSetParamController#verification. The manipulation leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-266264. + +### POC + +#### Reference +- https://github.com/anji-plus/report/files/15363269/aj-report.pdf + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-5353.md b/2024/CVE-2024-5353.md new file mode 100644 index 0000000000..88a5bebce1 --- /dev/null +++ b/2024/CVE-2024-5353.md @@ -0,0 +1,17 @@ +### [CVE-2024-5353](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5353) +![](https://img.shields.io/static/v1?label=Product&message=AJ-Report&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.4.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-22%20Path%20Traversal&color=brighgreen) + +### Description + +A vulnerability classified as critical has been found in anji-plus AJ-Report up to 1.4.1. This affects the function decompress of the component ZIP File Handler. The manipulation leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-266265 was assigned to this vulnerability. + +### POC + +#### Reference +- https://github.com/anji-plus/report/files/15363269/aj-report.pdf + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-5354.md b/2024/CVE-2024-5354.md new file mode 100644 index 0000000000..44b84afac7 --- /dev/null +++ b/2024/CVE-2024-5354.md @@ -0,0 +1,17 @@ +### [CVE-2024-5354](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5354) +![](https://img.shields.io/static/v1?label=Product&message=AJ-Report&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.4.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-200%20Information%20Disclosure&color=brighgreen) + +### Description + +A vulnerability classified as problematic was found in anji-plus AJ-Report up to 1.4.1. This vulnerability affects unknown code of the file /reportShare/detailByCode. The manipulation of the argument shareToken leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-266266 is the identifier assigned to this vulnerability. + +### POC + +#### Reference +- https://github.com/anji-plus/report/files/15363269/aj-report.pdf + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-5355.md b/2024/CVE-2024-5355.md new file mode 100644 index 0000000000..0b13469c09 --- /dev/null +++ b/2024/CVE-2024-5355.md @@ -0,0 +1,17 @@ +### [CVE-2024-5355](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5355) +![](https://img.shields.io/static/v1?label=Product&message=AJ-Report&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.4.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-77%20Command%20Injection&color=brighgreen) + +### Description + +A vulnerability, which was classified as critical, has been found in anji-plus AJ-Report up to 1.4.1. This issue affects the function IGroovyHandler. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-266267. + +### POC + +#### Reference +- https://github.com/anji-plus/report/files/15363269/aj-report.pdf + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-5356.md b/2024/CVE-2024-5356.md new file mode 100644 index 0000000000..368845c030 --- /dev/null +++ b/2024/CVE-2024-5356.md @@ -0,0 +1,17 @@ +### [CVE-2024-5356](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5356) +![](https://img.shields.io/static/v1?label=Product&message=AJ-Report&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.4.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability, which was classified as critical, was found in anji-plus AJ-Report up to 1.4.1. Affected is an unknown function of the file /dataSet/testTransform;swagger-ui. The manipulation of the argument dynSentence leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-266268. + +### POC + +#### Reference +- https://github.com/anji-plus/report/files/15363269/aj-report.pdf + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-5363.md b/2024/CVE-2024-5363.md new file mode 100644 index 0000000000..6637ec4f1b --- /dev/null +++ b/2024/CVE-2024-5363.md @@ -0,0 +1,17 @@ +### [CVE-2024-5363](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5363) +![](https://img.shields.io/static/v1?label=Product&message=Best%20House%20Rental%20Management%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability classified as critical was found in SourceCodester Best House Rental Management System up to 1.0. Affected by this vulnerability is an unknown functionality of the file manage_user.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-266275. + +### POC + +#### Reference +- https://github.com/rockersiyuan/CVE/blob/main/SourceCodester_House_Rental_Management_System_Sql_Inject-1.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-5364.md b/2024/CVE-2024-5364.md new file mode 100644 index 0000000000..1ae5c83763 --- /dev/null +++ b/2024/CVE-2024-5364.md @@ -0,0 +1,17 @@ +### [CVE-2024-5364](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5364) +![](https://img.shields.io/static/v1?label=Product&message=Best%20House%20Rental%20Management%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability, which was classified as critical, has been found in SourceCodester Best House Rental Management System up to 1.0. Affected by this issue is some unknown functionality of the file manage_tenant.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-266276. + +### POC + +#### Reference +- https://github.com/rockersiyuan/CVE/blob/main/SourceCodester_House_Rental_Management_System_Sql_Inject-2.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-5365.md b/2024/CVE-2024-5365.md new file mode 100644 index 0000000000..2be4aab3a3 --- /dev/null +++ b/2024/CVE-2024-5365.md @@ -0,0 +1,17 @@ +### [CVE-2024-5365](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5365) +![](https://img.shields.io/static/v1?label=Product&message=Best%20House%20Rental%20Management%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability, which was classified as critical, was found in SourceCodester Best House Rental Management System up to 1.0. This affects an unknown part of the file manage_payment.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-266277 was assigned to this vulnerability. + +### POC + +#### Reference +- https://github.com/rockersiyuan/CVE/blob/main/SourceCodester_House_Rental_Management_System_Sql_Inject-3.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-5366.md b/2024/CVE-2024-5366.md new file mode 100644 index 0000000000..21d73e5ea2 --- /dev/null +++ b/2024/CVE-2024-5366.md @@ -0,0 +1,17 @@ +### [CVE-2024-5366](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5366) +![](https://img.shields.io/static/v1?label=Product&message=Best%20House%20Rental%20Management%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability has been found in SourceCodester Best House Rental Management System up to 1.0 and classified as critical. This vulnerability affects unknown code of the file edit-cate.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-266278 is the identifier assigned to this vulnerability. + +### POC + +#### Reference +- https://github.com/rockersiyuan/CVE/blob/main/SourceCodester_House_Rental_Management_System_Sql_Inject-4.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-5377.md b/2024/CVE-2024-5377.md new file mode 100644 index 0000000000..f4b9acd59f --- /dev/null +++ b/2024/CVE-2024-5377.md @@ -0,0 +1,17 @@ +### [CVE-2024-5377](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5377) +![](https://img.shields.io/static/v1?label=Product&message=Vehicle%20Management%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload&color=brighgreen) + +### Description + +A vulnerability was found in SourceCodester Vehicle Management System 1.0. It has been classified as critical. This affects an unknown part of the file /newvehicle.php. The manipulation of the argument file leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-266289 was assigned to this vulnerability. + +### POC + +#### Reference +- https://github.com/yuyuliq/cve/issues/1 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-5378.md b/2024/CVE-2024-5378.md index dd6e7a8d93..0f04a53eb6 100644 --- a/2024/CVE-2024-5378.md +++ b/2024/CVE-2024-5378.md @@ -10,7 +10,7 @@ A vulnerability was found in SourceCodester School Intramurals Student Attendanc ### POC #### Reference -No PoCs from references. +- https://github.com/GAO-UNO/cve/blob/main/sql2.md #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-5381.md b/2024/CVE-2024-5381.md index 095bbdc313..ad583072a0 100644 --- a/2024/CVE-2024-5381.md +++ b/2024/CVE-2024-5381.md @@ -10,7 +10,7 @@ A vulnerability classified as critical was found in itsourcecode Student Informa ### POC #### Reference -No PoCs from references. +- https://github.com/Lanxiy7th/lx_CVE_report-/issues/2 #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-5382.md b/2024/CVE-2024-5382.md new file mode 100644 index 0000000000..d474096258 --- /dev/null +++ b/2024/CVE-2024-5382.md @@ -0,0 +1,17 @@ +### [CVE-2024-5382](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5382) +![](https://img.shields.io/static/v1?label=Product&message=Master%20Addons%20%E2%80%93%20Free%20Widgets%2C%20Hover%20Effects%2C%20Toggle%2C%20Conditions%2C%20Animations%20for%20Elementor&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%202.0.6.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-862%20Missing%20Authorization&color=brighgreen) + +### Description + +The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ma-template' REST API route in all versions up to, and including, 2.0.6.1. This makes it possible for unauthenticated attackers to create or modify existing Master Addons templates or make settings modifications related to these templates. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-5390.md b/2024/CVE-2024-5390.md index 243b9b99f9..379389435f 100644 --- a/2024/CVE-2024-5390.md +++ b/2024/CVE-2024-5390.md @@ -10,7 +10,7 @@ A vulnerability, which was classified as critical, was found in itsourcecode Onl ### POC #### Reference -No PoCs from references. +- https://github.com/Lanxiy7th/lx_CVE_report-/issues/3 #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-5391.md b/2024/CVE-2024-5391.md index 28c6a67bd8..883cb4180b 100644 --- a/2024/CVE-2024-5391.md +++ b/2024/CVE-2024-5391.md @@ -10,7 +10,7 @@ A vulnerability has been found in itsourcecode Online Student Enrollment System ### POC #### Reference -No PoCs from references. +- https://github.com/Lanxiy7th/lx_CVE_report-/issues/4 #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-5392.md b/2024/CVE-2024-5392.md new file mode 100644 index 0000000000..4b646b7454 --- /dev/null +++ b/2024/CVE-2024-5392.md @@ -0,0 +1,17 @@ +### [CVE-2024-5392](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5392) +![](https://img.shields.io/static/v1?label=Product&message=Online%20Student%20Enrollment%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability was found in itsourcecode Online Student Enrollment System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file editSubject.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-266306 is the identifier assigned to this vulnerability. + +### POC + +#### Reference +- https://github.com/Lanxiy7th/lx_CVE_report-/issues/5 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-5393.md b/2024/CVE-2024-5393.md new file mode 100644 index 0000000000..a7966f65f4 --- /dev/null +++ b/2024/CVE-2024-5393.md @@ -0,0 +1,17 @@ +### [CVE-2024-5393](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5393) +![](https://img.shields.io/static/v1?label=Product&message=Online%20Student%20Enrollment%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability was found in itsourcecode Online Student Enrollment System 1.0. It has been classified as critical. This affects an unknown part of the file listofcourse.php. The manipulation of the argument idno leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-266307. + +### POC + +#### Reference +- https://github.com/Lanxiy7th/lx_CVE_report-/issues/6 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-5394.md b/2024/CVE-2024-5394.md new file mode 100644 index 0000000000..98dafdb8bc --- /dev/null +++ b/2024/CVE-2024-5394.md @@ -0,0 +1,17 @@ +### [CVE-2024-5394](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5394) +![](https://img.shields.io/static/v1?label=Product&message=Online%20Student%20Enrollment%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability was found in itsourcecode Online Student Enrollment System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file newDept.php. The manipulation of the argument deptname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-266308. + +### POC + +#### Reference +- https://github.com/Lanxiy7th/lx_CVE_report-/issues/7 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-5395.md b/2024/CVE-2024-5395.md new file mode 100644 index 0000000000..5637af704d --- /dev/null +++ b/2024/CVE-2024-5395.md @@ -0,0 +1,17 @@ +### [CVE-2024-5395](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5395) +![](https://img.shields.io/static/v1?label=Product&message=Online%20Student%20Enrollment%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability was found in itsourcecode Online Student Enrollment System 1.0. It has been rated as critical. This issue affects some unknown processing of the file listofinstructor.php. The manipulation of the argument FullName leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-266309 was assigned to this vulnerability. + +### POC + +#### Reference +- https://github.com/Lanxiy7th/lx_CVE_report-/issues/8 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-5396.md b/2024/CVE-2024-5396.md new file mode 100644 index 0000000000..a91dd53497 --- /dev/null +++ b/2024/CVE-2024-5396.md @@ -0,0 +1,17 @@ +### [CVE-2024-5396](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5396) +![](https://img.shields.io/static/v1?label=Product&message=Online%20Student%20Enrollment%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability classified as critical has been found in itsourcecode Online Student Enrollment System 1.0. Affected is an unknown function of the file newfaculty.php. The manipulation of the argument name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-266310 is the identifier assigned to this vulnerability. + +### POC + +#### Reference +- https://github.com/Lanxiy7th/lx_CVE_report-/issues/9 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-5397.md b/2024/CVE-2024-5397.md new file mode 100644 index 0000000000..0cadc9ee92 --- /dev/null +++ b/2024/CVE-2024-5397.md @@ -0,0 +1,17 @@ +### [CVE-2024-5397](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5397) +![](https://img.shields.io/static/v1?label=Product&message=Online%20Student%20Enrollment%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability classified as critical was found in itsourcecode Online Student Enrollment System 1.0. Affected by this vulnerability is an unknown functionality of the file instructorSubjects.php. The manipulation of the argument instructorId leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-266311. + +### POC + +#### Reference +- https://github.com/Lanxiy7th/lx_CVE_report-/issues/10 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-5428.md b/2024/CVE-2024-5428.md new file mode 100644 index 0000000000..c734da3f53 --- /dev/null +++ b/2024/CVE-2024-5428.md @@ -0,0 +1,17 @@ +### [CVE-2024-5428](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5428) +![](https://img.shields.io/static/v1?label=Product&message=Simple%20Online%20Bidding%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-352%20Cross-Site%20Request%20Forgery&color=brighgreen) + +### Description + +A vulnerability classified as problematic was found in SourceCodester Simple Online Bidding System 1.0. Affected by this vulnerability is the function save_product of the file /admin/index.php?page=manage_product of the component HTTP POST Request Handler. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-266383. + +### POC + +#### Reference +- https://github.com/kaikai145154/CVE-CSRF/blob/main/SourceCodester%20Simple%20Online%20Bidding%20System%20CSRF.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-5437.md b/2024/CVE-2024-5437.md new file mode 100644 index 0000000000..0cfc0d12c2 --- /dev/null +++ b/2024/CVE-2024-5437.md @@ -0,0 +1,17 @@ +### [CVE-2024-5437](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5437) +![](https://img.shields.io/static/v1?label=Product&message=Simple%20Online%20Bidding%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Cross%20Site%20Scripting&color=brighgreen) + +### Description + +A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been classified as problematic. Affected is the function save_category of the file /admin/index.php?page=categories. The manipulation of the argument name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-266442 is the identifier assigned to this vulnerability. + +### POC + +#### Reference +- https://github.com/pijiawei/CVE/blob/pijiawei-photo/SourceCodester%20Simple%20Online%20Bidding%20System%20XSS.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-5438.md b/2024/CVE-2024-5438.md new file mode 100644 index 0000000000..d8b8320080 --- /dev/null +++ b/2024/CVE-2024-5438.md @@ -0,0 +1,17 @@ +### [CVE-2024-5438](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5438) +![](https://img.shields.io/static/v1?label=Product&message=Tutor%20LMS%20%E2%80%93%20eLearning%20and%20online%20course%20solution&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%202.7.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-639%20Authorization%20Bypass%20Through%20User-Controlled%20Key&color=brighgreen) + +### Description + +The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.7.1 via the 'attempt_delete' function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Instructor-level access and above, to delete arbitrary quiz attempts. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-5515.md b/2024/CVE-2024-5515.md new file mode 100644 index 0000000000..364af7ebab --- /dev/null +++ b/2024/CVE-2024-5515.md @@ -0,0 +1,17 @@ +### [CVE-2024-5515](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5515) +![](https://img.shields.io/static/v1?label=Product&message=Stock%20Management%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability was found in SourceCodester Stock Management System 1.0. It has been classified as critical. Affected is an unknown function of the file createBrand.php. The manipulation of the argument brandName leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-266586 is the identifier assigned to this vulnerability. + +### POC + +#### Reference +- https://github.com/HaojianWang/cve/issues/1 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-5516.md b/2024/CVE-2024-5516.md new file mode 100644 index 0000000000..dbc4d82b8d --- /dev/null +++ b/2024/CVE-2024-5516.md @@ -0,0 +1,17 @@ +### [CVE-2024-5516](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5516) +![](https://img.shields.io/static/v1?label=Product&message=Online%20Blood%20Bank%20Management%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file massage.php. The manipulation of the argument bid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-266587. + +### POC + +#### Reference +- https://github.com/ppp-src/ha/issues/3 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-5517.md b/2024/CVE-2024-5517.md new file mode 100644 index 0000000000..baae686a51 --- /dev/null +++ b/2024/CVE-2024-5517.md @@ -0,0 +1,17 @@ +### [CVE-2024-5517](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5517) +![](https://img.shields.io/static/v1?label=Product&message=Online%20Blood%20Bank%20Management%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file changepwd.php. The manipulation of the argument useremail leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-266588. + +### POC + +#### Reference +- https://github.com/ppp-src/ha/issues/4 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-5518.md b/2024/CVE-2024-5518.md new file mode 100644 index 0000000000..e695d044a6 --- /dev/null +++ b/2024/CVE-2024-5518.md @@ -0,0 +1,17 @@ +### [CVE-2024-5518](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5518) +![](https://img.shields.io/static/v1?label=Product&message=Online%20Discussion%20Forum&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload&color=brighgreen) + +### Description + +A vulnerability classified as critical has been found in itsourcecode Online Discussion Forum 1.0. This affects an unknown part of the file change_profile_picture.php. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-266589 was assigned to this vulnerability. + +### POC + +#### Reference +- https://github.com/L1OudFd8cl09/CVE/issues/1 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-5519.md b/2024/CVE-2024-5519.md new file mode 100644 index 0000000000..38be3b2369 --- /dev/null +++ b/2024/CVE-2024-5519.md @@ -0,0 +1,17 @@ +### [CVE-2024-5519](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5519) +![](https://img.shields.io/static/v1?label=Product&message=Learning%20Management%20System%20Project%20In%20PHP&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability classified as critical was found in ItsourceCode Learning Management System Project In PHP 1.0. This vulnerability affects unknown code of the file login.php. The manipulation of the argument user_email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-266590 is the identifier assigned to this vulnerability. + +### POC + +#### Reference +- https://github.com/L1OudFd8cl09/CVE/issues/2 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-5542.md b/2024/CVE-2024-5542.md new file mode 100644 index 0000000000..8c07f8bc05 --- /dev/null +++ b/2024/CVE-2024-5542.md @@ -0,0 +1,17 @@ +### [CVE-2024-5542](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5542) +![](https://img.shields.io/static/v1?label=Product&message=Master%20Addons%20%E2%80%93%20Free%20Widgets%2C%20Hover%20Effects%2C%20Toggle%2C%20Conditions%2C%20Animations%20for%20Elementor&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%202.0.6.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen) + +### Description + +The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Navigation Menu widget of the plugin's Mega Menu extension in all versions up to, and including, 2.0.6.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-5588.md b/2024/CVE-2024-5588.md new file mode 100644 index 0000000000..8accfc4180 --- /dev/null +++ b/2024/CVE-2024-5588.md @@ -0,0 +1,17 @@ +### [CVE-2024-5588](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5588) +![](https://img.shields.io/static/v1?label=Product&message=Learning%20Management%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability was found in itsourcecode Learning Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file processscore.php. The manipulation of the argument LessonID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-266839. + +### POC + +#### Reference +- https://github.com/Lanxiy7th/lx_CVE_report-/issues/12 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-5599.md b/2024/CVE-2024-5599.md new file mode 100644 index 0000000000..a8f84bc0e9 --- /dev/null +++ b/2024/CVE-2024-5599.md @@ -0,0 +1,17 @@ +### [CVE-2024-5599](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5599) +![](https://img.shields.io/static/v1?label=Product&message=FileOrganizer%20%E2%80%93%20Manage%20WordPress%20and%20Website%20Files&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%201.0.7%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-922%20Insecure%20Storage%20of%20Sensitive%20Information&color=brighgreen) + +### Description + +The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.7 via the 'fileorganizer_ajax_handler' function. This makes it possible for unauthenticated attackers to extract sensitive data including backups or other sensitive information if the files have been moved to the built-in Trash folder. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-5635.md b/2024/CVE-2024-5635.md new file mode 100644 index 0000000000..e518d51710 --- /dev/null +++ b/2024/CVE-2024-5635.md @@ -0,0 +1,17 @@ +### [CVE-2024-5635](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5635) +![](https://img.shields.io/static/v1?label=Product&message=Bakery%20Online%20Ordering%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file index.php. The manipulation of the argument txtsearch leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-267091. + +### POC + +#### Reference +- https://github.com/L1OudFd8cl09/CVE/blob/main/03_06_2024_a.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-5636.md b/2024/CVE-2024-5636.md new file mode 100644 index 0000000000..3ba29f406d --- /dev/null +++ b/2024/CVE-2024-5636.md @@ -0,0 +1,17 @@ +### [CVE-2024-5636](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5636) +![](https://img.shields.io/static/v1?label=Product&message=Bakery%20Online%20Ordering%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file report/index.php. The manipulation of the argument procduct leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-267092. + +### POC + +#### Reference +- https://github.com/L1OudFd8cl09/CVE/blob/main/03_06_2024_b.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-5637.md b/2024/CVE-2024-5637.md new file mode 100644 index 0000000000..6d3771faeb --- /dev/null +++ b/2024/CVE-2024-5637.md @@ -0,0 +1,17 @@ +### [CVE-2024-5637](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5637) +![](https://img.shields.io/static/v1?label=Product&message=Market%20Exporter&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%202.0.19%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-862%20Missing%20Authorization&color=brighgreen) + +### Description + +The Market Exporter plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'remove_files' function in all versions up to, and including, 2.0.19. This makes it possible for authenticated attackers, with Subscriber-level access and above, to use path traversal to delete arbitrary files on the server. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-5657.md b/2024/CVE-2024-5657.md new file mode 100644 index 0000000000..c6c1791da3 --- /dev/null +++ b/2024/CVE-2024-5657.md @@ -0,0 +1,17 @@ +### [CVE-2024-5657](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5657) +![](https://img.shields.io/static/v1?label=Product&message=CraftCMS%20Plugin%20-%20Two-Factor%20Authentication&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=3.3.1%3C%3D%203.3.3%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-522%20Insufficiently%20Protected%20Credentials&color=brighgreen) + +### Description + +The CraftCMS plugin Two-Factor Authentication in versions 3.3.1, 3.3.2 and 3.3.3 discloses the password hash of the currently authenticated user after submitting a valid TOTP. + +### POC + +#### Reference +- https://github.com/sbaresearch/advisories/tree/public/2024/SBA-ADV-20240202-01_CraftCMS_Plugin_Two-Factor_Authentication_Password_Hash_Disclosure + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-5658.md b/2024/CVE-2024-5658.md new file mode 100644 index 0000000000..1d2d78b37b --- /dev/null +++ b/2024/CVE-2024-5658.md @@ -0,0 +1,17 @@ +### [CVE-2024-5658](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5658) +![](https://img.shields.io/static/v1?label=Product&message=CraftCMS%20Plugin%20-%20Two-Factor%20Authentication&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=0%3C%3D%203.3.3%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-287%20Improper%20Authentication&color=brighgreen) + +### Description + +The CraftCMS plugin Two-Factor Authentication through 3.3.3 allows reuse of TOTP tokens multiple times within the validity period. + +### POC + +#### Reference +- https://github.com/sbaresearch/advisories/tree/public/2024/SBA-ADV-20240202-02_CraftCMS_Plugin_Two-Factor_Authentication_TOTP_Valid_After_Use + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-5733.md b/2024/CVE-2024-5733.md new file mode 100644 index 0000000000..fea3e661de --- /dev/null +++ b/2024/CVE-2024-5733.md @@ -0,0 +1,17 @@ +### [CVE-2024-5733](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5733) +![](https://img.shields.io/static/v1?label=Product&message=Online%20Discussion%20Forum&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability was found in itsourcecode Online Discussion Forum 1.0. It has been rated as critical. This issue affects some unknown processing of the file register_me.php. The manipulation of the argument eaddress leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-267407. + +### POC + +#### Reference +- https://github.com/kingshao0312/cve/issues/1 + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-5734.md b/2024/CVE-2024-5734.md new file mode 100644 index 0000000000..0e9706715d --- /dev/null +++ b/2024/CVE-2024-5734.md @@ -0,0 +1,17 @@ +### [CVE-2024-5734](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5734) +![](https://img.shields.io/static/v1?label=Product&message=Online%20Discussion%20Forum&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload&color=brighgreen) + +### Description + +A vulnerability classified as critical has been found in itsourcecode Online Discussion Forum 1.0. Affected is an unknown function of the file /members/poster.php. The manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-267408. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-5745.md b/2024/CVE-2024-5745.md new file mode 100644 index 0000000000..2418a7a906 --- /dev/null +++ b/2024/CVE-2024-5745.md @@ -0,0 +1,17 @@ +### [CVE-2024-5745](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5745) +![](https://img.shields.io/static/v1?label=Product&message=Bakery%20Online%20Ordering%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload&color=brighgreen) + +### Description + +A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/modules/product/controller.php?action=add. The manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-267414 is the identifier assigned to this vulnerability. + +### POC + +#### Reference +- https://github.com/L1OudFd8cl09/CVE/blob/main/07_06_2024_a.md + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/github.txt b/github.txt index bbdabe3908..6bd6d7d664 100644 --- a/github.txt +++ b/github.txt @@ -480,6 +480,7 @@ CVE-2002-1569 - https://github.com/0xCyberY/CVE-T4PDF CVE-2002-1569 - https://github.com/ARPSyndicate/cvemon CVE-2002-1614 - https://github.com/ARPSyndicate/cvemon CVE-2002-1614 - https://github.com/CVEDB/PoC-List +CVE-2002-1614 - https://github.com/DrewSC13/Linpeas CVE-2002-1614 - https://github.com/cedelasen/htb-laboratory CVE-2002-1614 - https://github.com/chorankates/Irked CVE-2002-1614 - https://github.com/siddicky/Boiler_CTF @@ -26078,6 +26079,7 @@ CVE-2016-5195 - https://github.com/jrobertson5877/TuruT CVE-2016-5195 - https://github.com/k0mi-tg/OSCP CVE-2016-5195 - https://github.com/k0mi-tg/OSCP-note CVE-2016-5195 - https://github.com/kai5263499/awesome-container-security +CVE-2016-5195 - https://github.com/karanlvm/DirtyPipe-Exploit CVE-2016-5195 - https://github.com/katlol/stars CVE-2016-5195 - https://github.com/kcgthb/RHEL6.x-COW CVE-2016-5195 - https://github.com/kdn111/linux-kernel-exploitation @@ -29480,6 +29482,7 @@ CVE-2017-0143 - https://github.com/retr0-13/AD-Attack-Defense CVE-2017-0143 - https://github.com/rosonsec/Exploits CVE-2017-0143 - https://github.com/seeu-inspace/easyg CVE-2017-0143 - https://github.com/sponkmonk/Ladon_english_update +CVE-2017-0143 - https://github.com/stormblack/smbvuln CVE-2017-0143 - https://github.com/substing/blue_ctf CVE-2017-0143 - https://github.com/sunylife24/TryHackMe2 CVE-2017-0143 - https://github.com/sunzu94/AD-Attack-Defense @@ -45825,6 +45828,7 @@ CVE-2018-1273 - https://github.com/Threekiii/Awesome-POC CVE-2018-1273 - https://github.com/Threekiii/Vulhub-Reproduce CVE-2018-1273 - https://github.com/Tim1995/FINAL CVE-2018-1273 - https://github.com/Whoopsunix/PPPVULNS +CVE-2018-1273 - https://github.com/XTeam-Wing/RedTeaming2020 CVE-2018-1273 - https://github.com/Z0fhack/Goby_POC CVE-2018-1273 - https://github.com/Zero094/Vulnerability-verification CVE-2018-1273 - https://github.com/asa1997/topgear_test @@ -59002,6 +59006,7 @@ CVE-2019-11043 - https://github.com/SexyBeast233/SecBooks CVE-2019-11043 - https://github.com/Threekiii/Awesome-POC CVE-2019-11043 - https://github.com/Threekiii/Vulhub-Reproduce CVE-2019-11043 - https://github.com/Tyro-Shan/gongkaishouji +CVE-2019-11043 - https://github.com/XTeam-Wing/RedTeaming2020 CVE-2019-11043 - https://github.com/YIXINSHUWU/Penetration_Testing_POC CVE-2019-11043 - https://github.com/ZTK-009/Penetration_PoC CVE-2019-11043 - https://github.com/aaron3238/phpfpmexploit @@ -59509,6 +59514,7 @@ CVE-2019-11358 - https://github.com/8097-Botcats/23-24 CVE-2019-11358 - https://github.com/8097-Botcats/23-24-master CVE-2019-11358 - https://github.com/8097-Botcats/NEWrobotSDK CVE-2019-11358 - https://github.com/8101Metalmorphosis/Powerplay-2023 +CVE-2019-11358 - https://github.com/8696-Trobotix/template CVE-2019-11358 - https://github.com/87it/ftc-vc-demo CVE-2019-11358 - https://github.com/8872/centerstage CVE-2019-11358 - https://github.com/8872/tinycmd @@ -59548,6 +59554,7 @@ CVE-2019-11358 - https://github.com/ATAARobotics/16596robotcode2024 CVE-2019-11358 - https://github.com/ATurico26/201-Centerstage-2023-Aidan-code CVE-2019-11358 - https://github.com/Aar2d2006/ftc-non-sped-build-fuckery-go-kys CVE-2019-11358 - https://github.com/Aarav188/FTC +CVE-2019-11358 - https://github.com/AaronHero03/FTCTeleOperate CVE-2019-11358 - https://github.com/AaronTreeCan/WashingtonCodersCode CVE-2019-11358 - https://github.com/AbbeySieg/ftc-4962-rocketts-2023 CVE-2019-11358 - https://github.com/AbbyW89/something-real @@ -59571,6 +59578,7 @@ CVE-2019-11358 - https://github.com/Akshit-Talasila/FTCPractice- CVE-2019-11358 - https://github.com/Al-Tex/RobotController7.1 CVE-2019-11358 - https://github.com/AlCadrone8588/Center-Stage CVE-2019-11358 - https://github.com/Alabala492/FtcRobotControllerCenter +CVE-2019-11358 - https://github.com/AldenWohlgemuth/road-runner-quickstart-master CVE-2019-11358 - https://github.com/Alec7-prog/RoweboticCliquePowerPlay CVE-2019-11358 - https://github.com/AlejandroE25/FTC_POWER_PLAY CVE-2019-11358 - https://github.com/AlejandroE25/TNT-Robot-Controller @@ -59585,6 +59593,7 @@ CVE-2019-11358 - https://github.com/AlexFirstRobotics/FTCDrivebaseLibrary CVE-2019-11358 - https://github.com/Alexander-Maples/FTCRobotController CVE-2019-11358 - https://github.com/Alisa1098/CenterStage4326 CVE-2019-11358 - https://github.com/Alitma5094/Howard-Robotics-17394-Team-Code +CVE-2019-11358 - https://github.com/AllNew101/Test_Intothedeep CVE-2019-11358 - https://github.com/AllysonAB/allysonab CVE-2019-11358 - https://github.com/AllysonAB/ftcCenterStage_Allison CVE-2019-11358 - https://github.com/Alokxmathur/Center-Stage---Giraffe @@ -59662,6 +59671,7 @@ CVE-2019-11358 - https://github.com/Ash-Greninja101/testing CVE-2019-11358 - https://github.com/AsianKoala/FTC_14607_new CVE-2019-11358 - https://github.com/AsianKoala/koawalib_quickstart CVE-2019-11358 - https://github.com/AsianKoala/robotroopers_koawalib +CVE-2019-11358 - https://github.com/Asvaka/XDriveChallenge CVE-2019-11358 - https://github.com/Atlas-CNB/centerstage-2024 CVE-2019-11358 - https://github.com/Atlas-CNB/powerplay-2023 CVE-2019-11358 - https://github.com/AtomicRobotics3805/2024-Centerstage @@ -59720,6 +59730,7 @@ CVE-2019-11358 - https://github.com/BaraVictor/CyberCode CVE-2019-11358 - https://github.com/Bargain18/7172-Portfolio CVE-2019-11358 - https://github.com/Bargain18/Power-Play CVE-2019-11358 - https://github.com/Bargain18/Test +CVE-2019-11358 - https://github.com/BaronClaps/PedroBot CVE-2019-11358 - https://github.com/BaronClaps/TomorrowTeamCode CVE-2019-11358 - https://github.com/Bartimus03/RoboticsCode CVE-2019-11358 - https://github.com/BaryonsFTC5119/Baryons_Power_Play @@ -59772,6 +59783,7 @@ CVE-2019-11358 - https://github.com/BossBots/FreightFrenzy CVE-2019-11358 - https://github.com/BossBots/PowerPlay CVE-2019-11358 - https://github.com/BossBots/PowerPlay-Use-this-one- CVE-2019-11358 - https://github.com/BossBots/Tutorials +CVE-2019-11358 - https://github.com/BotNotFound/XDriveChallenge CVE-2019-11358 - https://github.com/BotcatsSoftware/Ultimate-Goal-SDK CVE-2019-11358 - https://github.com/BotcatsSoftware/Ultimate-Goal-SDK-master CVE-2019-11358 - https://github.com/BotcatsSoftware/VirtualRobotMaster2020 @@ -60379,7 +60391,9 @@ CVE-2019-11358 - https://github.com/FlapJack20221/ftc-jack-2 CVE-2019-11358 - https://github.com/FlapJack20221/fuzzy-tribble CVE-2019-11358 - https://github.com/Floofyer/FtcRobotController CVE-2019-11358 - https://github.com/FlourishAndBots/PowerPlayReal +CVE-2019-11358 - https://github.com/ForceCEITI/SDK-FTC CVE-2019-11358 - https://github.com/FreehandBlock51/FTCRobot2023 +CVE-2019-11358 - https://github.com/FreehandBlock51/XDriveChallenge CVE-2019-11358 - https://github.com/Friends-Robotics/freight-frenzy-robot-repo CVE-2019-11358 - https://github.com/Friends-Robotics/main-robot-repo CVE-2019-11358 - https://github.com/Friends-Robotics/powerplay-robot-repo @@ -60455,6 +60469,7 @@ CVE-2019-11358 - https://github.com/GotRobotFTC5037/Archie---Outreach-Bot-2022 CVE-2019-11358 - https://github.com/GramGra07/FTC-RobotController-2021-10448 CVE-2019-11358 - https://github.com/GramGra07/FtcRobotController-10448-2022-23 CVE-2019-11358 - https://github.com/GramGra07/FtcRobotController-10448-2022-23_priv-V2 +CVE-2019-11358 - https://github.com/GramGra07/FtcRobotController_2024-25_5115 CVE-2019-11358 - https://github.com/GramGra07/OLD_FTC-RobotController202110448 CVE-2019-11358 - https://github.com/GramGra07/OLD_FtcRobotController-10448-2022-23 CVE-2019-11358 - https://github.com/GrangerMaherjava/FtcRobotController-master-2 @@ -60476,6 +60491,7 @@ CVE-2019-11358 - https://github.com/HackerGuy1000/Nebula-23-24 CVE-2019-11358 - https://github.com/Hackercats/Ultimate-Goal CVE-2019-11358 - https://github.com/HamzaEbeida/MarvelsOfVRIC CVE-2019-11358 - https://github.com/HamzaEbeida/offseason-ftc +CVE-2019-11358 - https://github.com/Harsha23871/HarshaPractieBot_5_24_24 CVE-2019-11358 - https://github.com/Harshiv15/FGC2023-TeamGB CVE-2019-11358 - https://github.com/Hav0k42/FTC-2020-Ultimate-Goal CVE-2019-11358 - https://github.com/HazenRobotics/center-stage @@ -60512,6 +60528,7 @@ CVE-2019-11358 - https://github.com/HiiDeff/Duck CVE-2019-11358 - https://github.com/HiveMindRobotics/RobotController CVE-2019-11358 - https://github.com/HiveMindRobotics/RobotController-2022 CVE-2019-11358 - https://github.com/Homosapiens-RO109/2024-CenterStage +CVE-2019-11358 - https://github.com/Homosapiens-RO109/Centerstage2024 CVE-2019-11358 - https://github.com/Hopkins-Robotics-Gray-12377/freight-frenzy-12377 CVE-2019-11358 - https://github.com/HotchkissEFXGearcats/MecanumST2023 CVE-2019-11358 - https://github.com/HotchkissEFXGearcats/OctobotST2023 @@ -60697,10 +60714,12 @@ CVE-2019-11358 - https://github.com/Kdhupar21/ELITEUltimategoal CVE-2019-11358 - https://github.com/KeeganPren/Dukes-CenterStage CVE-2019-11358 - https://github.com/KennedyRoboEagles/FTC2021-FreightFrenzy CVE-2019-11358 - https://github.com/Kenneth-Olibrice/State-of-Mind-2022-2023 +CVE-2019-11358 - https://github.com/KeshavAnandCode/Offseason-FtcRobotController CVE-2019-11358 - https://github.com/KevinYang2021/centerstage-ftc CVE-2019-11358 - https://github.com/KeyboardSpam815/11723-PowerPlay2 CVE-2019-11358 - https://github.com/KilianCollins/23871PracBot11223 CVE-2019-11358 - https://github.com/KilianCollins/HEEEEEEEEE +CVE-2019-11358 - https://github.com/KilianCollins/PracticeRobot_5_23_24 CVE-2019-11358 - https://github.com/KilianCollins/TEST11018023 CVE-2019-11358 - https://github.com/Kimzs/FirstT CVE-2019-11358 - https://github.com/KineticCodeabots/Codeabot-TeamCode @@ -60936,6 +60955,7 @@ CVE-2019-11358 - https://github.com/NDCLRobotics/2021-UltimateGoal CVE-2019-11358 - https://github.com/NDCLRobotics/2022-FreightFrenzy CVE-2019-11358 - https://github.com/NDCLRobotics/2023-PowerPlay CVE-2019-11358 - https://github.com/NDRoboknights/FTC-UG-2021 +CVE-2019-11358 - https://github.com/NDS3K/FtcRobotController-master CVE-2019-11358 - https://github.com/NKKFu/bootz-code-2021 CVE-2019-11358 - https://github.com/NKKFu/roboot-ftc-code-2021 CVE-2019-11358 - https://github.com/NKKFu/tpx-2022 @@ -60962,6 +60982,7 @@ CVE-2019-11358 - https://github.com/Ne-k/10332-Freight-Frenzy CVE-2019-11358 - https://github.com/Ne-k/10332-PowerPlay CVE-2019-11358 - https://github.com/NebuDev14/base-example CVE-2019-11358 - https://github.com/NedMihnea/CODU-FREIGHT-FRENZY +CVE-2019-11358 - https://github.com/NeelM1123/ftc2024 CVE-2019-11358 - https://github.com/Nekarone/FTC-19280-Freight-Frenzy-Code CVE-2019-11358 - https://github.com/NelsonWong2026/FTC-CenterStage-24132 CVE-2019-11358 - https://github.com/NemesisX09/T265-TEST @@ -61001,6 +61022,7 @@ CVE-2019-11358 - https://github.com/Ninjaneers2022/Ninjaneers_Power CVE-2019-11358 - https://github.com/NipunNagendra/6210centerstage CVE-2019-11358 - https://github.com/Niskayuna-RoboWarriors/ftc-2021 CVE-2019-11358 - https://github.com/Nitr0gue/RadicalRaidersPowerPlay +CVE-2019-11358 - https://github.com/NoName1dea/18458-Zenith-ItD CVE-2019-11358 - https://github.com/NoahBlaut/SnakeByte2022 CVE-2019-11358 - https://github.com/NoblesRobotics/ftc CVE-2019-11358 - https://github.com/NoblesRobotics/robbie @@ -61237,6 +61259,7 @@ CVE-2019-11358 - https://github.com/RoboLobobs-7258/center-stage-2024- CVE-2019-11358 - https://github.com/RoboRacers/FtcRobotControllerCenterstage CVE-2019-11358 - https://github.com/RoboRacers/FtcRobotControllerVeer CVE-2019-11358 - https://github.com/RoboRacers/RoboRacersCenterstage +CVE-2019-11358 - https://github.com/RoboRacers/RoboRacersIntoTheDeep CVE-2019-11358 - https://github.com/RoboSapiens-Programare/cod-powerplay-2022-2023 CVE-2019-11358 - https://github.com/RoboSapiens2021/SathvikMovement CVE-2019-11358 - https://github.com/RoboSapiens2021/ftc-2022-2023 @@ -61440,9 +61463,12 @@ CVE-2019-11358 - https://github.com/Supernova1212/13266- CVE-2019-11358 - https://github.com/SuperstellarHannah/WISER CVE-2019-11358 - https://github.com/Suvan8806/15024 CVE-2019-11358 - https://github.com/Suvan8806/FtcRobotController-master-15024 +CVE-2019-11358 - https://github.com/SvenXD/Personal-ToolBox CVE-2019-11358 - https://github.com/Swampbots/FreightFrenzy CVE-2019-11358 - https://github.com/Swampbots/UltimateGoal CVE-2019-11358 - https://github.com/Swampbots/UltimateGoal6.0 +CVE-2019-11358 - https://github.com/Symple25125/ProjectArm +CVE-2019-11358 - https://github.com/Symple25125/centerStage2024 CVE-2019-11358 - https://github.com/T-Code07/FTC-LRCA-Joshua CVE-2019-11358 - https://github.com/T-Lind/POWER-PLAY CVE-2019-11358 - https://github.com/TBHGodPro/FTC-24729-2023 @@ -61634,6 +61660,7 @@ CVE-2019-11358 - https://github.com/Tundrabots7083/7083-2023-2024 CVE-2019-11358 - https://github.com/Tundrabots7083/7083-robot-code-2021-2022 CVE-2019-11358 - https://github.com/Tundrabots7083/delta-bots-robot-code-2021-2022 CVE-2019-11358 - https://github.com/Turbo-V8-14259/14259-Center-Stage +CVE-2019-11358 - https://github.com/Tyler-Stocks/FTCLibTest CVE-2019-11358 - https://github.com/Tyler-Stocks/Ftc-Testing CVE-2019-11358 - https://github.com/Type-C-5526/Centerstage CVE-2019-11358 - https://github.com/Tysty/FTC-Software-Training-2023-2024 @@ -62036,6 +62063,7 @@ CVE-2019-11358 - https://github.com/brotherhobo/10158-Power-Play CVE-2019-11358 - https://github.com/brotherhobo/2022-2023-FTC CVE-2019-11358 - https://github.com/brotherhobo/FTC-2022-2023 CVE-2019-11358 - https://github.com/brotherhobo/Monocular-Visual-Odometry-FTC +CVE-2019-11358 - https://github.com/brotherhobo/Pedro-Pathing-Quickstart CVE-2019-11358 - https://github.com/bruhyz07/2022_Ecliptic CVE-2019-11358 - https://github.com/bryancross/2021-Controller CVE-2019-11358 - https://github.com/bsoist/FreightFrenzy @@ -62177,6 +62205,7 @@ CVE-2019-11358 - https://github.com/dschleuning-github/DUCKS_2023-24_v9_0_1 CVE-2019-11358 - https://github.com/dtomkoFRC/ftc-template CVE-2019-11358 - https://github.com/ducati-red916/Centerstage_2023-24 CVE-2019-11358 - https://github.com/duckstroms/Web-CTF-Cheatsheet +CVE-2019-11358 - https://github.com/duckyduckies/CENTERSTAGE CVE-2019-11358 - https://github.com/dushantpanchbhai/Agastya_FTC_2023 CVE-2019-11358 - https://github.com/dushantpanchbhai/TIS_Salaam_Bombay CVE-2019-11358 - https://github.com/dushantpanchbhai/TIS_UpACreek @@ -62316,6 +62345,7 @@ CVE-2019-11358 - https://github.com/ftc13100/CenterStage-2024 CVE-2019-11358 - https://github.com/ftc13100/FreightFrenzy-2022 CVE-2019-11358 - https://github.com/ftc13100/Practice-For-Programming CVE-2019-11358 - https://github.com/ftc13100/Programming-Practice-2023 +CVE-2019-11358 - https://github.com/ftc13100/Rising-Tides CVE-2019-11358 - https://github.com/ftc13100/UltimateGoal-2021 CVE-2019-11358 - https://github.com/ftc14103/robot CVE-2019-11358 - https://github.com/ftc14158/FreightFrenzy2 @@ -62404,6 +62434,7 @@ CVE-2019-11358 - https://github.com/ftcwaylandmi/2023-11846-RR CVE-2019-11358 - https://github.com/ftcwaylandmi/2023-22154-RR CVE-2019-11358 - https://github.com/fungloonchong/ict3203_lab_quiz_1_notes CVE-2019-11358 - https://github.com/fwprobotics/3507-ultimategoal-rc +CVE-2019-11358 - https://github.com/fzzytronics/ain CVE-2019-11358 - https://github.com/gagne-3/DRSS_20_21_Road_Runner_Testing CVE-2019-11358 - https://github.com/gagne-3/DRSS_20_21_Season_Auto_Update CVE-2019-11358 - https://github.com/gagne-3/DRSS_20_21_Season_Auto_Update_OLD @@ -62538,12 +62569,14 @@ CVE-2019-11358 - https://github.com/ishaan11311/ftc-vc-demo CVE-2019-11358 - https://github.com/ishaspatil/pre-season-ftc-sdk CVE-2019-11358 - https://github.com/its3D56/Power-Play CVE-2019-11358 - https://github.com/ivas-does-bugs/FTC-Ultimate-Goal-ABSOTech +CVE-2019-11358 - https://github.com/ivyw0426/XDrivePractice CVE-2019-11358 - https://github.com/ixInvalid/FTCRobotController CVE-2019-11358 - https://github.com/ixInvalid/FTCRobotController-v8.1.1 CVE-2019-11358 - https://github.com/ixInvalid/Fibby CVE-2019-11358 - https://github.com/j4igupta/ftc-2023 CVE-2019-11358 - https://github.com/j4igupta/ftc-tachyonics-2023 CVE-2019-11358 - https://github.com/j4igupta/ftc-tachyonics-2023-init +CVE-2019-11358 - https://github.com/j5155/testftc1 CVE-2019-11358 - https://github.com/jaanvic25/GeneralRelativity21-22 CVE-2019-11358 - https://github.com/jabernat/jabernaut1 CVE-2019-11358 - https://github.com/jacen214/Jack2020 @@ -62630,6 +62663,7 @@ CVE-2019-11358 - https://github.com/katipihi/kat-pws CVE-2019-11358 - https://github.com/kausalyap/FTC_PowerPlay_OpenCV CVE-2019-11358 - https://github.com/kchrobotics/tubularcode2020ultimategoal CVE-2019-11358 - https://github.com/kennedyrobotics1/FtcRobotController-master +CVE-2019-11358 - https://github.com/kennedyrobotics1/RoadRunnerOffseason CVE-2019-11358 - https://github.com/kennhung/FTC_2021_Playground CVE-2019-11358 - https://github.com/kermodes19767/freightfrenzy CVE-2019-11358 - https://github.com/kevinthegreat1/FTC-2021-2022-Team-15943 @@ -62663,6 +62697,7 @@ CVE-2019-11358 - https://github.com/krill11/RoboRavens-Powerplay CVE-2019-11358 - https://github.com/kroisssant/bjkbbkbjk CVE-2019-11358 - https://github.com/kronbot/powerplayv2 CVE-2019-11358 - https://github.com/krusche-sensetence/jquery-2.2.4-patched +CVE-2019-11358 - https://github.com/kuek64/20077_Centerstage_Pedro CVE-2019-11358 - https://github.com/kuek64/TheTomorrowTeam CVE-2019-11358 - https://github.com/kuek64/TomorrowTeamMeep CVE-2019-11358 - https://github.com/kunhantsai/FtcRobotController @@ -62843,6 +62878,7 @@ CVE-2019-11358 - https://github.com/pandamoniumftc/PowerPlay CVE-2019-11358 - https://github.com/panthera2021/FtcRobotController CVE-2019-11358 - https://github.com/panthera2021/Ultimate-Goal-6.1 CVE-2019-11358 - https://github.com/paparul29/CenterStage-mecanum +CVE-2019-11358 - https://github.com/paparul29/Road-To-Global-2024 CVE-2019-11358 - https://github.com/papereater42/FireRoboticsMockSeason2023 CVE-2019-11358 - https://github.com/par26/FtcRobotController-master CVE-2019-11358 - https://github.com/parallelepiped2718/Team-2993-base @@ -63095,6 +63131,7 @@ CVE-2019-11358 - https://github.com/smert-WoEN/FTCWoENPublic CVE-2019-11358 - https://github.com/sms-robotics/UltimateGoal2020 CVE-2019-11358 - https://github.com/smvoigt/STEM_ftc CVE-2019-11358 - https://github.com/sofiaalfenito/FtcRobotController +CVE-2019-11358 - https://github.com/sofiafurman/OdomNew CVE-2019-11358 - https://github.com/soniakhanvilkar/alpacas_ug_2020 CVE-2019-11358 - https://github.com/soph002/KarmaRobotics-TV CVE-2019-11358 - https://github.com/soph002/KarmaRobotics-main @@ -63238,6 +63275,7 @@ CVE-2019-11358 - https://github.com/titans17576/OdometryTester CVE-2019-11358 - https://github.com/titans17576/SummerWithVidyoot CVE-2019-11358 - https://github.com/titans17576/UltimateGoalMeet1 CVE-2019-11358 - https://github.com/tizso/ftc-startech-2024 +CVE-2019-11358 - https://github.com/tjunga/final-2023-2024 CVE-2019-11358 - https://github.com/tjunga/pc-code CVE-2019-11358 - https://github.com/tmetelev/Error404_23 CVE-2019-11358 - https://github.com/tmetelev/FtcRobotController-master @@ -63255,6 +63293,7 @@ CVE-2019-11358 - https://github.com/tpidwell1/FtcRobotController-master CVE-2019-11358 - https://github.com/trc492/Ftc2022FreightFrenzy CVE-2019-11358 - https://github.com/trc492/Ftc2023PowerPlay CVE-2019-11358 - https://github.com/trc492/Ftc2024CenterStage +CVE-2019-11358 - https://github.com/trc492/FtcTemplate CVE-2019-11358 - https://github.com/trevorkw7/first-tech-challenge-2020-2021 CVE-2019-11358 - https://github.com/trialandterror-16800/Robot-Controller CVE-2019-11358 - https://github.com/trinayhari/final0s1s @@ -63270,6 +63309,7 @@ CVE-2019-11358 - https://github.com/tsdch-robotics/Power_Play CVE-2019-11358 - https://github.com/tudor-Spaima/FTCRobotController CVE-2019-11358 - https://github.com/tundrabots/2021-2022-Robot-Code CVE-2019-11358 - https://github.com/turbokazax/NyxPardus-FtcRobotController-master +CVE-2019-11358 - https://github.com/turtle4831/14708-offseason CVE-2019-11358 - https://github.com/turtle4831/DogBytes-CenterStage CVE-2019-11358 - https://github.com/turtlewalkers/freightfrenzy CVE-2019-11358 - https://github.com/udayamaddi/9686-CenterStage @@ -63359,6 +63399,7 @@ CVE-2019-11358 - https://github.com/x16140/rc CVE-2019-11358 - https://github.com/xCellenceRobotics/robotics-ftc CVE-2019-11358 - https://github.com/xRoALex/ProgrammingLessons CVE-2019-11358 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2019-11358 - https://github.com/xboxman234/ANDRIOD-STUIDO-FOR-LE-EPIC-ROBOTICS-THEAM-NO-CAP-FR-FR CVE-2019-11358 - https://github.com/xiangqianyou/Example CVE-2019-11358 - https://github.com/xtremejames1/15118_2022-23 CVE-2019-11358 - https://github.com/yablockoo/FTC2023 @@ -64565,6 +64606,7 @@ CVE-2019-12750 - https://github.com/password520/RedTeamer CVE-2019-12750 - https://github.com/v-p-b/cve-2019-12750 CVE-2019-12751 - https://github.com/cyllective/CVEs CVE-2019-12757 - https://github.com/ARPSyndicate/cvemon +CVE-2019-12757 - https://github.com/XTeam-Wing/RedTeaming2020 CVE-2019-12760 - https://github.com/ARPSyndicate/cvemon CVE-2019-12771 - https://github.com/memN0ps/memN0ps CVE-2019-1278 - https://github.com/0xT11/CVE-POC @@ -65244,6 +65286,7 @@ CVE-2019-13272 - https://github.com/CVEDB/top CVE-2019-13272 - https://github.com/CnHack3r/Penetration_PoC CVE-2019-13272 - https://github.com/Cyc1eC/CVE-2019-13272 CVE-2019-13272 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp +CVE-2019-13272 - https://github.com/DrewSC13/Linpeas CVE-2019-13272 - https://github.com/EchoGin404/- CVE-2019-13272 - https://github.com/EchoGin404/gongkaishouji CVE-2019-13272 - https://github.com/Getshell/LinuxTQ @@ -65734,6 +65777,7 @@ CVE-2019-1388 - https://github.com/Shadowven/Vulnerability_Reproduction CVE-2019-1388 - https://github.com/SofianeHamlaoui/Conti-Clear CVE-2019-1388 - https://github.com/TCM-Course-Resources/Windows-Privilege-Escalation-Resources CVE-2019-1388 - https://github.com/Tyro-Shan/gongkaishouji +CVE-2019-1388 - https://github.com/XTeam-Wing/RedTeaming2020 CVE-2019-1388 - https://github.com/YIXINSHUWU/Penetration_Testing_POC CVE-2019-1388 - https://github.com/YgorAlberto/Ethical-Hacker CVE-2019-1388 - https://github.com/YgorAlberto/ygoralberto.github.io @@ -66086,6 +66130,7 @@ CVE-2019-14287 - https://github.com/Srinunaik000/Srinunaik000 CVE-2019-14287 - https://github.com/TCM-Course-Resources/Linux-Privilege-Escalation-Resources CVE-2019-14287 - https://github.com/Tharana/Exploiting-a-Linux-kernel-vulnerability CVE-2019-14287 - https://github.com/Tharana/vulnerability-exploitation +CVE-2019-14287 - https://github.com/XTeam-Wing/RedTeaming2020 CVE-2019-14287 - https://github.com/ZeusBanda/Linux_Priv-Esc_Cheatsheet CVE-2019-14287 - https://github.com/a-nonymou-s/Agent-Sudo CVE-2019-14287 - https://github.com/aWtlcm9h/Memo @@ -67026,6 +67071,7 @@ CVE-2019-15657 - https://github.com/ossf-cve-benchmark/CVE-2019-15657 CVE-2019-15658 - https://github.com/ossf-cve-benchmark/CVE-2019-15658 CVE-2019-15666 - https://github.com/Al1ex/LinuxEelvation CVE-2019-15666 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp +CVE-2019-15666 - https://github.com/DrewSC13/Linpeas CVE-2019-15666 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits CVE-2019-15666 - https://github.com/bsauce/kernel-exploit-factory CVE-2019-15666 - https://github.com/bsauce/kernel-security-learning @@ -69021,6 +69067,7 @@ CVE-2019-18634 - https://github.com/DDayLuong/CVE-2019-18634 CVE-2019-18634 - https://github.com/DarkFunct/CVE_Exploits CVE-2019-18634 - https://github.com/Dinesh-999/Hacking_contents CVE-2019-18634 - https://github.com/Drakfunc/CVE_Exploits +CVE-2019-18634 - https://github.com/DrewSC13/Linpeas CVE-2019-18634 - https://github.com/InesMartins31/iot-cves CVE-2019-18634 - https://github.com/Ly0nt4r/OSCP CVE-2019-18634 - https://github.com/N1et/CVE-2019-18634 @@ -71104,6 +71151,7 @@ CVE-2019-2890 - https://github.com/Shadowven/Vulnerability_Reproduction CVE-2019-2890 - https://github.com/SukaraLin/CVE-2019-2890 CVE-2019-2890 - https://github.com/Waseem27-art/ART-TOOLKIT CVE-2019-2890 - https://github.com/Weik1/Artillery +CVE-2019-2890 - https://github.com/XTeam-Wing/RedTeaming2020 CVE-2019-2890 - https://github.com/YellowVeN0m/Pentesters-toolbox CVE-2019-2890 - https://github.com/ZO1RO/CVE-2019-2890 CVE-2019-2890 - https://github.com/aiici/weblogicAllinone @@ -73350,6 +73398,7 @@ CVE-2019-7609 - https://github.com/EchoGin404/- CVE-2019-7609 - https://github.com/EchoGin404/gongkaishouji CVE-2019-7609 - https://github.com/Elsfa7-110/kenzer-templates CVE-2019-7609 - https://github.com/GhostTroops/TOP +CVE-2019-7609 - https://github.com/KTH-LangSec/server-side-prototype-pollution CVE-2019-7609 - https://github.com/LandGrey/CVE-2019-7609 CVE-2019-7609 - https://github.com/Mehedi-Babu/web_security_cyber CVE-2019-7609 - https://github.com/Mr-xn/Penetration_Testing_POC @@ -75501,6 +75550,7 @@ CVE-2020-0601 - https://github.com/ShayNehmad/twoplustwo CVE-2020-0601 - https://github.com/SherlockSec/CVE-2020-0601 CVE-2020-0601 - https://github.com/Threekiii/Awesome-POC CVE-2020-0601 - https://github.com/Tyro-Shan/gongkaishouji +CVE-2020-0601 - https://github.com/XTeam-Wing/RedTeaming2020 CVE-2020-0601 - https://github.com/YIXINSHUWU/Penetration_Testing_POC CVE-2020-0601 - https://github.com/Yamato-Security/EnableWindowsLogSettings CVE-2020-0601 - https://github.com/YoannDqr/CVE-2020-0601 @@ -80754,6 +80804,7 @@ CVE-2020-1362 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2020-1362 - https://github.com/NetW0rK1le3r/awesome-hacking-lists CVE-2020-1362 - https://github.com/Q4n/CVE-2020-1362 CVE-2020-1362 - https://github.com/Tyro-Shan/gongkaishouji +CVE-2020-1362 - https://github.com/XTeam-Wing/RedTeaming2020 CVE-2020-1362 - https://github.com/YIXINSHUWU/Penetration_Testing_POC CVE-2020-1362 - https://github.com/ZTK-009/Penetration_PoC CVE-2020-1362 - https://github.com/cyberanand1337x/bug-bounty-2022 @@ -81126,6 +81177,7 @@ CVE-2020-13942 - https://github.com/SexyBeast233/SecBooks CVE-2020-13942 - https://github.com/SouthWind0/southwind0.github.io CVE-2020-13942 - https://github.com/Threekiii/Awesome-POC CVE-2020-13942 - https://github.com/Threekiii/Vulhub-Reproduce +CVE-2020-13942 - https://github.com/XTeam-Wing/RedTeaming2020 CVE-2020-13942 - https://github.com/Z0fhack/Goby_POC CVE-2020-13942 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-13942 - https://github.com/apachecn-archive/Middleware-Vulnerability-detection @@ -82091,6 +82143,7 @@ CVE-2020-1472 - https://github.com/Whiteh4tWolf/Attack-Defense CVE-2020-1472 - https://github.com/WiIs0n/Zerologon_CVE-2020-1472 CVE-2020-1472 - https://github.com/WillOram/ADReset CVE-2020-1472 - https://github.com/XTeam-Wing/Hunting-Active-Directory +CVE-2020-1472 - https://github.com/XTeam-Wing/RedTeaming2020 CVE-2020-1472 - https://github.com/XiaoliChan/zerologon-Shot CVE-2020-1472 - https://github.com/YIXINSHUWU/Penetration_Testing_POC CVE-2020-1472 - https://github.com/YangSirrr/YangsirStudyPlan @@ -82518,6 +82571,7 @@ CVE-2020-14873 - https://github.com/lukaspustina/cve-scorer CVE-2020-14878 - https://github.com/lukaspustina/cve-scorer CVE-2020-14878 - https://github.com/retr0-13/cveScannerV2 CVE-2020-14878 - https://github.com/scmanjarrez/CVEScannerV2 +CVE-2020-1488 - https://github.com/XTeam-Wing/RedTeaming2020 CVE-2020-1488 - https://github.com/gitaramos/links CVE-2020-14882 - https://github.com/0day666/Vulnerability-verification CVE-2020-14882 - https://github.com/0thm4n3/cve-2020-14882 @@ -82577,6 +82631,7 @@ CVE-2020-14882 - https://github.com/Threekiii/Vulhub-Reproduce CVE-2020-14882 - https://github.com/Umarovm/-Patched-McMaster-University-Blind-Command-Injection CVE-2020-14882 - https://github.com/Weik1/Artillery CVE-2020-14882 - https://github.com/XTeam-Wing/CVE-2020-14882 +CVE-2020-14882 - https://github.com/XTeam-Wing/RedTeaming2020 CVE-2020-14882 - https://github.com/Yang0615777/PocList CVE-2020-14882 - https://github.com/Z0fhack/Goby_POC CVE-2020-14882 - https://github.com/Zero094/Vulnerability-verification @@ -83925,6 +83980,7 @@ CVE-2020-16846 - https://github.com/Ostorlab/known_exploited_vulnerbilities_dete CVE-2020-16846 - https://github.com/SexyBeast233/SecBooks CVE-2020-16846 - https://github.com/Threekiii/Awesome-POC CVE-2020-16846 - https://github.com/Threekiii/Vulhub-Reproduce +CVE-2020-16846 - https://github.com/XTeam-Wing/RedTeaming2020 CVE-2020-16846 - https://github.com/Z0fhack/Goby_POC CVE-2020-16846 - https://github.com/bakery312/Vulhub-Reproduce CVE-2020-16846 - https://github.com/d4n-sec/d4n-sec.github.io @@ -83970,6 +84026,7 @@ CVE-2020-16875 - https://github.com/EvilAnne/2020-Read-article CVE-2020-16875 - https://github.com/FDlucifer/Proxy-Attackchain CVE-2020-16875 - https://github.com/HackingCost/AD_Pentest CVE-2020-16875 - https://github.com/SexyBeast233/SecBooks +CVE-2020-16875 - https://github.com/XTeam-Wing/RedTeaming2020 CVE-2020-16875 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-16875 - https://github.com/hktalent/bug-bounty CVE-2020-16875 - https://github.com/laoqin1234/https-github.com-HackingCost-AD_Pentest @@ -84075,6 +84132,7 @@ CVE-2020-16938 - https://github.com/qemm/armory CVE-2020-16938 - https://github.com/soosmile/POC CVE-2020-16938 - https://github.com/taielab/awesome-hacking-lists CVE-2020-16939 - https://github.com/ARPSyndicate/cvemon +CVE-2020-16939 - https://github.com/XTeam-Wing/RedTeaming2020 CVE-2020-16939 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-16939 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-16939 - https://github.com/hectorgie/PoC-in-GitHub @@ -84147,6 +84205,7 @@ CVE-2020-17049 - https://github.com/SexyBeast233/SecBooks CVE-2020-17049 - https://github.com/Strokekilla/Rubeus CVE-2020-17049 - https://github.com/Whiteh4tWolf/Attack-Defense CVE-2020-17049 - https://github.com/XTeam-Wing/Hunting-Active-Directory +CVE-2020-17049 - https://github.com/XTeam-Wing/RedTeaming2020 CVE-2020-17049 - https://github.com/ZyberPatrol/Active-Directory CVE-2020-17049 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-17049 - https://github.com/aymankhder/AD-attack-defense @@ -89770,6 +89829,7 @@ CVE-2020-3452 - https://github.com/Threekiii/Awesome-POC CVE-2020-3452 - https://github.com/Tyro-Shan/gongkaishouji CVE-2020-3452 - https://github.com/Veids/CVE-2020-3452_auto CVE-2020-3452 - https://github.com/XDev05/CVE-2020-3452-PoC +CVE-2020-3452 - https://github.com/XTeam-Wing/RedTeaming2020 CVE-2020-3452 - https://github.com/YIXINSHUWU/Penetration_Testing_POC CVE-2020-3452 - https://github.com/Z0fhack/Goby_POC CVE-2020-3452 - https://github.com/ZTK-009/Penetration_PoC @@ -91065,6 +91125,7 @@ CVE-2020-4450 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2020-4450 - https://github.com/HimmelAward/Goby_POC CVE-2020-4450 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2020-4450 - https://github.com/SexyBeast233/SecBooks +CVE-2020-4450 - https://github.com/XTeam-Wing/RedTeaming2020 CVE-2020-4450 - https://github.com/Z0fhack/Goby_POC CVE-2020-4450 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2020-4450 - https://github.com/nomi-sec/PoC-in-GitHub @@ -91734,6 +91795,7 @@ CVE-2020-5902 - https://github.com/Tyro-Shan/gongkaishouji CVE-2020-5902 - https://github.com/Un4gi/CVE-2020-5902 CVE-2020-5902 - https://github.com/Waseem27-art/ART-TOOLKIT CVE-2020-5902 - https://github.com/WingsSec/Meppo +CVE-2020-5902 - https://github.com/XTeam-Wing/RedTeaming2020 CVE-2020-5902 - https://github.com/YIXINSHUWU/Penetration_Testing_POC CVE-2020-5902 - https://github.com/YellowVeN0m/Pentesters-toolbox CVE-2020-5902 - https://github.com/Ygodsec/- @@ -93232,6 +93294,7 @@ CVE-2020-8012 - https://github.com/CVEDB/awesome-cve-repo CVE-2020-8012 - https://github.com/CVEDB/top CVE-2020-8012 - https://github.com/GhostTroops/TOP CVE-2020-8012 - https://github.com/JERRY123S/all-poc +CVE-2020-8012 - https://github.com/XTeam-Wing/RedTeaming2020 CVE-2020-8012 - https://github.com/cyberanand1337x/bug-bounty-2022 CVE-2020-8012 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-8012 - https://github.com/hectorgie/PoC-in-GitHub @@ -99621,6 +99684,7 @@ CVE-2021-22555 - https://github.com/Bonfee/CVE-2022-0995 CVE-2021-22555 - https://github.com/Ch4nc3n/PublicExploitation CVE-2021-22555 - https://github.com/ChoKyuWon/exploit_articles CVE-2021-22555 - https://github.com/Dikens88/hopp +CVE-2021-22555 - https://github.com/DrewSC13/Linpeas CVE-2021-22555 - https://github.com/EGI-Federation/SVG-advisories CVE-2021-22555 - https://github.com/Ha0-Y/LinuxKernelExploits CVE-2021-22555 - https://github.com/Ha0-Y/kernel-exploit-cve @@ -105928,6 +105992,7 @@ CVE-2021-3156 - https://github.com/DanielAzulayy/CTF-2021 CVE-2021-3156 - https://github.com/DanielShmu/OSCP-Cheat-Sheet CVE-2021-3156 - https://github.com/DarkFunct/CVE_Exploits CVE-2021-3156 - https://github.com/Drakfunc/CVE_Exploits +CVE-2021-3156 - https://github.com/DrewSC13/Linpeas CVE-2021-3156 - https://github.com/EGI-Federation/SVG-advisories CVE-2021-3156 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-3156 - https://github.com/EvilAnne/2021-Read-article @@ -108873,6 +108938,7 @@ CVE-2021-3560 - https://github.com/BigMike-Champ/Capstone CVE-2021-3560 - https://github.com/BizarreLove/CVE-2021-3560 CVE-2021-3560 - https://github.com/CharonDefalt/linux-exploit CVE-2021-3560 - https://github.com/Desm0ndChan/OSCP-cheatsheet +CVE-2021-3560 - https://github.com/DrewSC13/Linpeas CVE-2021-3560 - https://github.com/EGI-Federation/SVG-advisories CVE-2021-3560 - https://github.com/GibzB/THM-Captured-Rooms CVE-2021-3560 - https://github.com/HadessCS/Awesome-Privilege-Escalation @@ -111183,6 +111249,7 @@ CVE-2021-4034 - https://github.com/DanielShmu/OSCP-Cheat-Sheet CVE-2021-4034 - https://github.com/DavidSerre/Pwnkit CVE-2021-4034 - https://github.com/Desm0ndChan/OSCP-cheatsheet CVE-2021-4034 - https://github.com/DosAmp/pkwned +CVE-2021-4034 - https://github.com/DrewSC13/Linpeas CVE-2021-4034 - https://github.com/EstamelGG/CVE-2021-4034-NoGCC CVE-2021-4034 - https://github.com/Ethical-Dyl/gamingserver-writeup CVE-2021-4034 - https://github.com/Ethical-Dyl/road-writeup @@ -119244,6 +119311,7 @@ CVE-2022-0486 - https://github.com/whoforget/CVE-POC CVE-2022-0486 - https://github.com/youwizard/CVE-POC CVE-2022-0486 - https://github.com/zecool/cve CVE-2022-0487 - https://github.com/ARPSyndicate/cvemon +CVE-2022-0487 - https://github.com/karanlvm/DirtyPipe-Exploit CVE-2022-0487 - https://github.com/si1ent-le/CVE-2022-0847 CVE-2022-0492 - https://github.com/ARPSyndicate/cvemon CVE-2022-0492 - https://github.com/JadenQ/Cloud-Computing-Security-ProjectPage @@ -120010,6 +120078,7 @@ CVE-2022-0847 - https://github.com/jpts/CVE-2022-0847-DirtyPipe-Container-Breako CVE-2022-0847 - https://github.com/jxpsx/CVE-2022-0847-DirtyPipe-Exploits CVE-2022-0847 - https://github.com/k0mi-tg/CVE-POC CVE-2022-0847 - https://github.com/kaosagnt/ansible-everyday +CVE-2022-0847 - https://github.com/karanlvm/DirtyPipe-Exploit CVE-2022-0847 - https://github.com/karimhabush/cyberowl CVE-2022-0847 - https://github.com/kdn111/linux-kernel-exploitation CVE-2022-0847 - https://github.com/kgwanjala/oscp-cheatsheet @@ -123879,6 +123948,7 @@ CVE-2022-22916 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2022-22916 - https://github.com/trhacknon/Pocingit CVE-2022-22916 - https://github.com/whoforget/CVE-POC CVE-2022-22916 - https://github.com/wy876/POC +CVE-2022-22916 - https://github.com/wy876/wiki CVE-2022-22916 - https://github.com/youwizard/CVE-POC CVE-2022-22916 - https://github.com/zecool/cve CVE-2022-22919 - https://github.com/ARPSyndicate/cvemon @@ -126834,6 +126904,7 @@ CVE-2022-24757 - https://github.com/karimhabush/cyberowl CVE-2022-24759 - https://github.com/ARPSyndicate/cvemon CVE-2022-24759 - https://github.com/karimhabush/cyberowl CVE-2022-24760 - https://github.com/ARPSyndicate/cvemon +CVE-2022-24760 - https://github.com/KTH-LangSec/server-side-prototype-pollution CVE-2022-24760 - https://github.com/NaInSec/CVE-PoC-in-GitHub CVE-2022-24760 - https://github.com/SYRTI/POC_to_review CVE-2022-24760 - https://github.com/WhooAmii/POC_to_review @@ -131981,6 +132052,7 @@ CVE-2022-30190 - https://github.com/zecool/cve CVE-2022-30190 - https://github.com/zerokamix/SekiganWare CVE-2022-30190 - https://github.com/zkl21hoang/msdt-follina-office-rce CVE-2022-30203 - https://github.com/ARPSyndicate/cvemon +CVE-2022-30203 - https://github.com/Wack0/dubiousdisk CVE-2022-30206 - https://github.com/ARPSyndicate/cvemon CVE-2022-30206 - https://github.com/Ascotbe/Kernelhub CVE-2022-30206 - https://github.com/Cruxer8Mech/Idk @@ -134453,6 +134525,7 @@ CVE-2022-34718 - https://github.com/youwizard/CVE-POC CVE-2022-34718 - https://github.com/zecool/cve CVE-2022-34721 - https://github.com/ARPSyndicate/cvemon CVE-2022-34721 - https://github.com/Haera/NTCrawler +CVE-2022-34721 - https://github.com/haera/NTCrawler CVE-2022-34721 - https://github.com/tanjiti/sec_profile CVE-2022-34722 - https://github.com/ARPSyndicate/cvemon CVE-2022-34724 - https://github.com/ARPSyndicate/cvemon @@ -136931,6 +137004,7 @@ CVE-2022-39395 - https://github.com/ARPSyndicate/cvemon CVE-2022-39395 - https://github.com/harry1osborn/CVE-2022-39395 CVE-2022-39395 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2022-39396 - https://github.com/ARPSyndicate/cvemon +CVE-2022-39396 - https://github.com/KTH-LangSec/server-side-prototype-pollution CVE-2022-39396 - https://github.com/tanjiti/sec_profile CVE-2022-39399 - https://github.com/ARPSyndicate/cvemon CVE-2022-39402 - https://github.com/ycdxsb/ycdxsb @@ -138069,6 +138143,8 @@ CVE-2022-4187 - https://github.com/ARPSyndicate/cvemon CVE-2022-41870 - https://github.com/karimhabush/cyberowl CVE-2022-41876 - https://github.com/Skileau/CVE-2022-41876 CVE-2022-41876 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2022-41878 - https://github.com/KTH-LangSec/server-side-prototype-pollution +CVE-2022-41879 - https://github.com/KTH-LangSec/server-side-prototype-pollution CVE-2022-41881 - https://github.com/ARPSyndicate/cvemon CVE-2022-41884 - https://github.com/ARPSyndicate/cvemon CVE-2022-41884 - https://github.com/skipfuzz/skipfuzz @@ -141445,6 +141521,7 @@ CVE-2023-2033 - https://github.com/KK-Designs/UpdateHub CVE-2023-2033 - https://github.com/NexovaDev/UpdateHub CVE-2023-2033 - https://github.com/Ostorlab/KEV CVE-2023-2033 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +CVE-2023-2033 - https://github.com/RENANZG/My-Forensics CVE-2023-2033 - https://github.com/Threekiii/CVE CVE-2023-2033 - https://github.com/WalccDev/CVE-2023-2033 CVE-2023-2033 - https://github.com/dan-mba/python-selenium-news @@ -141851,6 +141928,7 @@ CVE-2023-21344 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-2136 - https://github.com/ARPSyndicate/cvemon CVE-2023-2136 - https://github.com/Ostorlab/KEV CVE-2023-2136 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +CVE-2023-2136 - https://github.com/RENANZG/My-Forensics CVE-2023-2136 - https://github.com/Threekiii/CVE CVE-2023-2136 - https://github.com/ayman-m/rosetta CVE-2023-2136 - https://github.com/karimhabush/cyberowl @@ -141895,6 +141973,8 @@ CVE-2023-21554 - https://github.com/m4nbat/KustQueryLanguage_kql CVE-2023-21554 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-21554 - https://github.com/zoemurmure/CVE-2023-21554-PoC CVE-2023-2156 - https://github.com/xairy/linux-kernel-exploitation +CVE-2023-21560 - https://github.com/Wack0/dubiousdisk +CVE-2023-21560 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-21563 - https://github.com/ARPSyndicate/cvemon CVE-2023-21563 - https://github.com/Wack0/bitlocker-attacks CVE-2023-21567 - https://github.com/ARPSyndicate/cvemon @@ -143096,6 +143176,7 @@ CVE-2023-23916 - https://github.com/a23au/awe-base-images CVE-2023-23916 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-23916 - https://github.com/holmes-py/reports-summary CVE-2023-23916 - https://github.com/stkcat/awe-base-images +CVE-2023-23917 - https://github.com/KTH-LangSec/server-side-prototype-pollution CVE-2023-23919 - https://github.com/ARPSyndicate/cvemon CVE-2023-23919 - https://github.com/chnzzh/OpenSSL-CVE-lib CVE-2023-23924 - https://github.com/ARPSyndicate/cvemon @@ -144623,12 +144704,14 @@ CVE-2023-28204 - https://github.com/Ostorlab/KEV CVE-2023-28204 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors CVE-2023-28205 - https://github.com/Ostorlab/KEV CVE-2023-28205 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +CVE-2023-28205 - https://github.com/RENANZG/My-Forensics CVE-2023-28205 - https://github.com/jake-44/Research CVE-2023-28205 - https://github.com/karimhabush/cyberowl CVE-2023-28206 - https://github.com/ARPSyndicate/cvemon CVE-2023-28206 - https://github.com/C4ndyF1sh/CrashControl CVE-2023-28206 - https://github.com/Ostorlab/KEV CVE-2023-28206 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +CVE-2023-28206 - https://github.com/RENANZG/My-Forensics CVE-2023-28206 - https://github.com/ZZY3312/CVE-2023-28206 CVE-2023-28206 - https://github.com/acceleratortroll/acceleratortroll CVE-2023-28206 - https://github.com/jake-44/Research @@ -144661,6 +144744,7 @@ CVE-2023-28231 - https://github.com/joxeankoret/diaphora CVE-2023-28231 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-28244 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-28244 - https://github.com/sk3w/cve-2023-28244 +CVE-2023-28249 - https://github.com/Wack0/dubiousdisk CVE-2023-2825 - https://github.com/CVEDB/awesome-cve-repo CVE-2023-2825 - https://github.com/CVEDB/top CVE-2023-2825 - https://github.com/EmmanuelCruzL/CVE-2023-2825 @@ -144704,6 +144788,7 @@ CVE-2023-28260 - https://github.com/ARPSyndicate/cvemon CVE-2023-28260 - https://github.com/ycdxsb/ycdxsb CVE-2023-28261 - https://github.com/ARPSyndicate/cvemon CVE-2023-28261 - https://github.com/kohnakagawa/kohnakagawa +CVE-2023-28269 - https://github.com/Wack0/dubiousdisk CVE-2023-2828 - https://github.com/marklogic/marklogic-docker CVE-2023-28285 - https://github.com/2lambda123/CVE-mitre CVE-2023-28285 - https://github.com/ARPSyndicate/cvemon @@ -144815,6 +144900,7 @@ CVE-2023-28432 - https://github.com/trailofbits/awesome-ml-security CVE-2023-28432 - https://github.com/unam4/CVE-2023-28432-minio_update_rce CVE-2023-28432 - https://github.com/whoami13apt/files2 CVE-2023-28432 - https://github.com/wy876/POC +CVE-2023-28432 - https://github.com/wy876/wiki CVE-2023-28432 - https://github.com/xk-mt/CVE-2023-28432 CVE-2023-28432 - https://github.com/yTxZx/CVE-2023-28432 CVE-2023-28432 - https://github.com/yuyongxr/minio_cve-2023-28432 @@ -145527,6 +145613,7 @@ CVE-2023-30777 - https://github.com/xu-xiang/awesome-security-vul-llm CVE-2023-30779 - https://github.com/hackintoanetwork/hackintoanetwork CVE-2023-3079 - https://github.com/Ostorlab/KEV CVE-2023-3079 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +CVE-2023-3079 - https://github.com/RENANZG/My-Forensics CVE-2023-3079 - https://github.com/Threekiii/CVE CVE-2023-3079 - https://github.com/Uniguri/CVE-1day CVE-2023-3079 - https://github.com/ZonghaoLi777/githubTrending @@ -145634,6 +145721,8 @@ CVE-2023-3138 - https://github.com/LingmoOS/libx11 CVE-2023-3138 - https://github.com/deepin-community/libx11 CVE-2023-3138 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-31414 - https://github.com/ARPSyndicate/cvemon +CVE-2023-31414 - https://github.com/KTH-LangSec/server-side-prototype-pollution +CVE-2023-31415 - https://github.com/KTH-LangSec/server-side-prototype-pollution CVE-2023-31419 - https://github.com/muneebaashiq/MBProjects CVE-2023-31419 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-31419 - https://github.com/sqrtZeroKnowledge/Elasticsearch-Exploit-CVE-2023-31419 @@ -145863,6 +145952,7 @@ CVE-2023-32124 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-3213 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-3214 - https://github.com/em1ga3l/cve-msrc-extractor CVE-2023-3215 - https://github.com/em1ga3l/cve-msrc-extractor +CVE-2023-3215 - https://github.com/theryeguy92/HTB-Solar-Lab CVE-2023-3216 - https://github.com/em1ga3l/cve-msrc-extractor CVE-2023-32162 - https://github.com/LucaBarile/ZDI-CAN-16318 CVE-2023-32162 - https://github.com/nomi-sec/PoC-in-GitHub @@ -145992,6 +146082,7 @@ CVE-2023-32315 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-32315 - https://github.com/ohnonoyesyes/CVE-2023-32315 CVE-2023-32315 - https://github.com/pinguimfu/kinsing-killer CVE-2023-32315 - https://github.com/tangxiaofeng7/CVE-2023-32315-Openfire-Bypass +CVE-2023-32315 - https://github.com/theryeguy92/HTB-Solar-Lab CVE-2023-32324 - https://github.com/seal-community/patches CVE-2023-32351 - https://github.com/ycdxsb/ycdxsb CVE-2023-32353 - https://github.com/86x/CVE-2023-32353-PoC @@ -146028,6 +146119,7 @@ CVE-2023-32407 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2023-32407 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-32409 - https://github.com/Ostorlab/KEV CVE-2023-32409 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +CVE-2023-32409 - https://github.com/RENANZG/My-Forensics CVE-2023-3241 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-32410 - https://github.com/p1ay8y3ar/crashdatas CVE-2023-32416 - https://github.com/jp-cpe/retrieve-cvss-scores @@ -146296,6 +146388,7 @@ CVE-2023-3306 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-3306 - https://github.com/thedarknessdied/CVE-2023-4169_CVE-2023-3306_CVE-2023-4415 CVE-2023-33063 - https://github.com/Ostorlab/KEV CVE-2023-33063 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +CVE-2023-33063 - https://github.com/RENANZG/My-Forensics CVE-2023-33063 - https://github.com/xairy/linux-kernel-exploitation CVE-2023-33066 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-33078 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -146312,9 +146405,11 @@ CVE-2023-33104 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-33105 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-33106 - https://github.com/Ostorlab/KEV CVE-2023-33106 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +CVE-2023-33106 - https://github.com/RENANZG/My-Forensics CVE-2023-33106 - https://github.com/xairy/linux-kernel-exploitation CVE-2023-33107 - https://github.com/Ostorlab/KEV CVE-2023-33107 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +CVE-2023-33107 - https://github.com/RENANZG/My-Forensics CVE-2023-33107 - https://github.com/xairy/linux-kernel-exploitation CVE-2023-33110 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-33111 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -146558,6 +146653,7 @@ CVE-2023-33733 - https://github.com/onion2203/CVE-2023-33733 CVE-2023-33733 - https://github.com/onion2203/Lab_Reportlab CVE-2023-33733 - https://github.com/sahiloj/CVE-2023-33732 CVE-2023-33733 - https://github.com/tanjiti/sec_profile +CVE-2023-33733 - https://github.com/theryeguy92/HTB-Solar-Lab CVE-2023-3374 - https://github.com/ccelikanil/ccelikanil CVE-2023-33747 - https://github.com/0xWhoami35/CloudPanel-CVE-2023-33747 CVE-2023-33747 - https://github.com/EagleTube/CloudPanel @@ -146877,6 +146973,7 @@ CVE-2023-3446 - https://github.com/chnzzh/OpenSSL-CVE-lib CVE-2023-3446 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-3446 - https://github.com/seal-community/patches CVE-2023-3446 - https://github.com/testing-felickz/docker-scout-demo +CVE-2023-3446 - https://github.com/zgimszhd61/openai-sec-test-cve-quickstart CVE-2023-34468 - https://github.com/itaispiegel/infosec-workshop CVE-2023-34468 - https://github.com/mbadanoiu/CVE-2023-34468 CVE-2023-34468 - https://github.com/mbadanoiu/CVE-2023-40037 @@ -147416,6 +147513,7 @@ CVE-2023-36250 - https://github.com/BrunoTeixeira1996/CVE-2023-36250 CVE-2023-36250 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-36256 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-36258 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2023-36258 - https://github.com/zgimszhd61/openai-security-app-quickstart CVE-2023-36259 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-36260 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-36262 - https://github.com/vin01/bogus-cves @@ -147486,6 +147584,7 @@ CVE-2023-36462 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-36465 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-36466 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-36473 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2023-36475 - https://github.com/KTH-LangSec/server-side-prototype-pollution CVE-2023-36480 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-36481 - https://github.com/N3vv/N3vv CVE-2023-36481 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -148994,6 +149093,7 @@ CVE-2023-4039 - https://github.com/fokypoky/places-list CVE-2023-40403 - https://github.com/dlehgus1023/dlehgus1023 CVE-2023-4041 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-4042 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2023-40424 - https://github.com/zgimszhd61/openai-sec-test-cve-quickstart CVE-2023-40429 - https://github.com/biscuitehh/cve-2023-40429-ez-device-name CVE-2023-40429 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-4043 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -149177,11 +149277,13 @@ CVE-2023-41054 - https://github.com/ouuan/ouuan CVE-2023-41056 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-41061 - https://github.com/Ostorlab/KEV CVE-2023-41061 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +CVE-2023-41061 - https://github.com/RENANZG/My-Forensics CVE-2023-41061 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2023-41064 - https://github.com/MrR0b0t19/CVE-2023-41064 CVE-2023-41064 - https://github.com/MrR0b0t19/vulnerabilidad-LibWebP-CVE-2023-41064 CVE-2023-41064 - https://github.com/Ostorlab/KEV CVE-2023-41064 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +CVE-2023-41064 - https://github.com/RENANZG/My-Forensics CVE-2023-41064 - https://github.com/alsaeroth/CVE-2023-41064-POC CVE-2023-41064 - https://github.com/apt0factury/CVE-2023-41064 CVE-2023-41064 - https://github.com/caoweiquan322/NotEnough @@ -149515,6 +149617,7 @@ CVE-2023-41990 - https://github.com/Ostorlab/KEV CVE-2023-41990 - https://github.com/msuiche/elegant-bouncer CVE-2023-41991 - https://github.com/Ostorlab/KEV CVE-2023-41991 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +CVE-2023-41991 - https://github.com/RENANZG/My-Forensics CVE-2023-41991 - https://github.com/XLsn0w/Cydia CVE-2023-41991 - https://github.com/XLsn0w/Cydiapps CVE-2023-41991 - https://github.com/XLsn0w/TrollStore2 @@ -149525,12 +149628,14 @@ CVE-2023-41991 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-41991 - https://github.com/opa334/ChOma CVE-2023-41992 - https://github.com/Ostorlab/KEV CVE-2023-41992 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +CVE-2023-41992 - https://github.com/RENANZG/My-Forensics CVE-2023-41993 - https://github.com/0x06060606/CVE-2023-41993 CVE-2023-41993 - https://github.com/Ibinou/Ty CVE-2023-41993 - https://github.com/IvanIVGrozny/IvanIVGrozny.github.io CVE-2023-41993 - https://github.com/J3Ss0u/CVE-2023-41993 CVE-2023-41993 - https://github.com/Ostorlab/KEV CVE-2023-41993 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +CVE-2023-41993 - https://github.com/RENANZG/My-Forensics CVE-2023-41993 - https://github.com/ZonghaoLi777/githubTrending CVE-2023-41993 - https://github.com/aneasystone/github-trending CVE-2023-41993 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -149558,6 +149663,7 @@ CVE-2023-4209 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-4211 - https://github.com/Moonshieldgru/Moonshieldgru CVE-2023-4211 - https://github.com/Ostorlab/KEV CVE-2023-4211 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +CVE-2023-4211 - https://github.com/RENANZG/My-Forensics CVE-2023-4211 - https://github.com/xairy/linux-kernel-exploitation CVE-2023-42115 - https://github.com/cammclain/CVE-2023-42115 CVE-2023-42115 - https://github.com/netlas-io/netlas-dorks @@ -149592,6 +149698,10 @@ CVE-2023-42308 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-42320 - https://github.com/aixiao0621/Tenda CVE-2023-42362 - https://github.com/Mr-n0b3dy/CVE-2023-42362 CVE-2023-42362 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2023-42363 - https://github.com/cdupuis/aspnetapp +CVE-2023-42364 - https://github.com/cdupuis/aspnetapp +CVE-2023-42365 - https://github.com/cdupuis/aspnetapp +CVE-2023-42366 - https://github.com/cdupuis/aspnetapp CVE-2023-4237 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-42374 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-4238 - https://github.com/codeb0ss/CVE-2023-4238-PoC @@ -149802,8 +149912,10 @@ CVE-2023-42882 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-42886 - https://github.com/kohnakagawa/kohnakagawa CVE-2023-42916 - https://github.com/Ostorlab/KEV CVE-2023-42916 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +CVE-2023-42916 - https://github.com/RENANZG/My-Forensics CVE-2023-42917 - https://github.com/Ostorlab/KEV CVE-2023-42917 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +CVE-2023-42917 - https://github.com/RENANZG/My-Forensics CVE-2023-42920 - https://github.com/NaInSec/CVE-LIST CVE-2023-42926 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-4293 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -149870,7 +149982,9 @@ CVE-2023-43208 - https://github.com/jakabakos/CVE-2023-43208-mirth-connect-rce-p CVE-2023-43208 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-43208 - https://github.com/nvn1729/advisories CVE-2023-43208 - https://github.com/tanjiti/sec_profile +CVE-2023-43208 - https://github.com/wjlin0/poc-doc CVE-2023-43208 - https://github.com/wy876/POC +CVE-2023-43208 - https://github.com/wy876/wiki CVE-2023-43214 - https://github.com/jrm16020/roboup-mower CVE-2023-43215 - https://github.com/jrm16020/roboup-mower CVE-2023-43233 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -152809,6 +152923,7 @@ CVE-2023-5217 - https://github.com/Jereanny14/jereanny14.github.io CVE-2023-5217 - https://github.com/Keeper-Security/gitbook-release-notes CVE-2023-5217 - https://github.com/Ostorlab/KEV CVE-2023-5217 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +CVE-2023-5217 - https://github.com/RENANZG/My-Forensics CVE-2023-5217 - https://github.com/Threekiii/CVE CVE-2023-5217 - https://github.com/Trinadh465/platform_external_libvpx_v1.4.0_CVE-2023-5217 CVE-2023-5217 - https://github.com/Trinadh465/platform_external_libvpx_v1.8.0_CVE-2023-5217 @@ -153559,6 +153674,7 @@ CVE-2023-6693 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-6700 - https://github.com/RandomRobbieBF/CVE-2023-6700 CVE-2023-6700 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-6700 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2023-6702 - https://github.com/kaist-hacking/CVE-2023-6702 CVE-2023-6702 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-6710 - https://github.com/DedSec-47/CVE-2023-6710 CVE-2023-6710 - https://github.com/DedSec-47/Metasploit-Exploits-CVE-2023-6710 @@ -153700,6 +153816,7 @@ CVE-2023-7016 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-7017 - https://github.com/NaInSec/CVE-LIST CVE-2023-7017 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-7024 - https://github.com/Ostorlab/KEV +CVE-2023-7024 - https://github.com/RENANZG/My-Forensics CVE-2023-7027 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-7028 - https://github.com/0xsyr0/OSCP CVE-2023-7028 - https://github.com/Azathothas/Stars @@ -158561,9 +158678,11 @@ CVE-2024-0035 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-0036 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-0037 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-0038 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-0039 - https://github.com/41yn14/CVE-2024-0039-Exploit CVE-2024-0039 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-0040 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-0041 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-0043 - https://github.com/cisagov/vulnrichment CVE-2024-0054 - https://github.com/NaInSec/CVE-LIST CVE-2024-0055 - https://github.com/NaInSec/CVE-LIST CVE-2024-0056 - https://github.com/NaInSec/CVE-LIST @@ -158642,6 +158761,7 @@ CVE-2024-0230 - https://github.com/shirin-ehtiram/hi_my_name_is_keyboard CVE-2024-0232 - https://github.com/GrigGM/05-virt-04-docker-hw CVE-2024-0232 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-0233 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-0235 - https://github.com/Cappricio-Securities/CVE-2024-0235 CVE-2024-0235 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-0235 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-0236 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -158763,6 +158883,7 @@ CVE-2024-0420 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-0421 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-0428 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-0429 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-0444 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-0446 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-0450 - https://github.com/NaInSec/CVE-LIST CVE-2024-0450 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -158964,6 +159085,7 @@ CVE-2024-0874 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-0881 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-0882 - https://github.com/tanjiti/sec_profile CVE-2024-0895 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-0901 - https://github.com/byan-2/wolfssl CVE-2024-0901 - https://github.com/lego-pirates/wolfssl CVE-2024-0901 - https://github.com/wolfSSL/Arduino-wolfSSL CVE-2024-0901 - https://github.com/wolfSSL/wolfssl @@ -159074,6 +159196,7 @@ CVE-2024-1086 - https://github.com/Notselwyn/CVE-2024-1086 CVE-2024-1086 - https://github.com/Notselwyn/exploits CVE-2024-1086 - https://github.com/Notselwyn/notselwyn CVE-2024-1086 - https://github.com/Snoopy-Sec/Localroot-ALL-CVE +CVE-2024-1086 - https://github.com/TigerIsMyPet/KernelExploit CVE-2024-1086 - https://github.com/YgorAlberto/ygoralberto.github.io CVE-2024-1086 - https://github.com/Zombie-Kaiser/Zombie-Kaiser CVE-2024-1086 - https://github.com/aneasystone/github-trending @@ -159088,10 +159211,13 @@ CVE-2024-1086 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-1086 - https://github.com/giterlizzi/secdb-feeds CVE-2024-1086 - https://github.com/iakat/stars CVE-2024-1086 - https://github.com/jafshare/GithubTrending +CVE-2024-1086 - https://github.com/jetblk/Flipper-Zero-JavaScript CVE-2024-1086 - https://github.com/johe123qwe/github-trending +CVE-2024-1086 - https://github.com/kevcooper/CVE-2024-1086-checker CVE-2024-1086 - https://github.com/makoto56/penetration-suite-toolkit CVE-2024-1086 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-1086 - https://github.com/phixion/phixion +CVE-2024-1086 - https://github.com/rootkalilocalhost/CVE-2024-1086 CVE-2024-1086 - https://github.com/seekerzz/MyRSSSync CVE-2024-1086 - https://github.com/tanjiti/sec_profile CVE-2024-1086 - https://github.com/uhub/awesome-c @@ -159152,6 +159278,7 @@ CVE-2024-1204 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-1205 - https://github.com/NaInSec/CVE-LIST CVE-2024-1207 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-1207 - https://github.com/securitycipher/daily-bugbounty-writeups +CVE-2024-1208 - https://github.com/Cappricio-Securities/CVE-2024-1208 CVE-2024-1208 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-1208 - https://github.com/karlemilnikka/CVE-2024-1208-and-CVE-2024-1210 CVE-2024-1208 - https://github.com/karlemilnikka/CVE-2024-1209 @@ -159169,6 +159296,7 @@ CVE-2024-1212 - https://github.com/Chocapikk/CVE-2024-1212 CVE-2024-1212 - https://github.com/Ostorlab/KEV CVE-2024-1212 - https://github.com/RhinoSecurityLabs/CVEs CVE-2024-1212 - https://github.com/XRSec/AWVS-Update +CVE-2024-1212 - https://github.com/YN1337/Kemp-LoadMaster- CVE-2024-1212 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-1212 - https://github.com/tanjiti/sec_profile CVE-2024-1220 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -159188,6 +159316,7 @@ CVE-2024-1234 - https://github.com/KyJr3os/Ethical-Hacking-Technical-Report CVE-2024-1234 - https://github.com/West-wise/nuclei_template_generater CVE-2024-1234 - https://github.com/chinocchio/EthicalHacking CVE-2024-1234 - https://github.com/dumpnidadai/Ethical_Final +CVE-2024-1234 - https://github.com/mingyeongbae93/mingyeongbae93 CVE-2024-1234 - https://github.com/mncbndy/Final-Project---Ethical-Hacking-Report CVE-2024-1234 - https://github.com/nattino9/Ethical-Hacking-Finals-Project CVE-2024-12345 - https://github.com/h4sh5/cve-enricher @@ -159250,6 +159379,7 @@ CVE-2024-1333 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-1342 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-1346 - https://github.com/PeterGabaldon/CVE-2024-1346 CVE-2024-1346 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2024-1347 - https://github.com/cisagov/vulnrichment CVE-2024-1360 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-1361 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-1362 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -159321,6 +159451,7 @@ CVE-2024-1531 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-1532 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-1538 - https://github.com/NaInSec/CVE-LIST CVE-2024-1540 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-1545 - https://github.com/byan-2/wolfssl CVE-2024-1545 - https://github.com/lego-pirates/wolfssl CVE-2024-1545 - https://github.com/wolfSSL/Arduino-wolfSSL CVE-2024-1545 - https://github.com/wolfSSL/wolfssl @@ -159429,6 +159560,7 @@ CVE-2024-1701 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-1708 - https://github.com/W01fh4cker/ScreenConnect-AuthBypass-RCE CVE-2024-1708 - https://github.com/cjybao/CVE-2024-1709-and-CVE-2024-1708 CVE-2024-1708 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-1708 - https://github.com/netlas-io/netlas-dorks CVE-2024-1708 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-1708 - https://github.com/tr1pl3ight/POCv2.0-for-CVE-2024-1709 CVE-2024-1708 - https://github.com/watchtowrlabs/connectwise-screenconnect_auth-bypass-add-user-poc @@ -159496,6 +159628,7 @@ CVE-2024-1788 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-1791 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-1799 - https://github.com/NaInSec/CVE-LIST CVE-2024-1800 - https://github.com/GhostTroops/TOP +CVE-2024-1800 - https://github.com/Harydhk7/CVE-2024-4358 CVE-2024-1800 - https://github.com/NaInSec/CVE-LIST CVE-2024-1800 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-1800 - https://github.com/sinsinology/CVE-2024-4358 @@ -159691,6 +159824,7 @@ CVE-2024-20353 - https://github.com/toxyl/lscve CVE-2024-20353 - https://github.com/west-wind/Threat-Hunting-With-Splunk CVE-2024-20356 - https://github.com/SherllyNeo/CVE_2024_20356 CVE-2024-20356 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-20356 - https://github.com/netlas-io/netlas-dorks CVE-2024-20356 - https://github.com/nettitude/CVE-2024-20356 CVE-2024-20356 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-20357 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -159848,6 +159982,7 @@ CVE-2024-20767 - https://github.com/Praison001/CVE-2024-20767-Adobe-ColdFusion CVE-2024-20767 - https://github.com/XRSec/AWVS-Update CVE-2024-20767 - https://github.com/huyqa/cve-2024-20767 CVE-2024-20767 - https://github.com/m-cetin/CVE-2024-20767 +CVE-2024-20767 - https://github.com/netlas-io/netlas-dorks CVE-2024-20767 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-20767 - https://github.com/tanjiti/sec_profile CVE-2024-20767 - https://github.com/trganda/starrlist @@ -159987,6 +160122,7 @@ CVE-2024-20984 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-20985 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-20986 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-21006 - https://github.com/momika233/CVE-2024-21006 +CVE-2024-21006 - https://github.com/netlas-io/netlas-dorks CVE-2024-21006 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-21006 - https://github.com/tanjiti/sec_profile CVE-2024-21007 - https://github.com/tanjiti/sec_profile @@ -160008,6 +160144,7 @@ CVE-2024-21111 - https://github.com/fireinrain/github-trending CVE-2024-21111 - https://github.com/mansk1es/CVE-2024-21111 CVE-2024-21111 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-21111 - https://github.com/tanjiti/sec_profile +CVE-2024-21111 - https://github.com/x0rsys/CVE-2024-21111 CVE-2024-2124 - https://github.com/NaInSec/CVE-LIST CVE-2024-2129 - https://github.com/NaInSec/CVE-LIST CVE-2024-21305 - https://github.com/NaInSec/CVE-LIST @@ -160065,6 +160202,7 @@ CVE-2024-21337 - https://github.com/NaInSec/CVE-LIST CVE-2024-21338 - https://github.com/GhostTroops/TOP CVE-2024-21338 - https://github.com/UMU618/CVE-2024-21338 CVE-2024-21338 - https://github.com/Zombie-Kaiser/CVE-2024-21338-x64-build- +CVE-2024-21338 - https://github.com/Zombie-Kaiser/Zombie-Kaiser CVE-2024-21338 - https://github.com/aneasystone/github-trending CVE-2024-21338 - https://github.com/crackmapEZec/CVE-2024-21338-POC CVE-2024-21338 - https://github.com/fireinrain/github-trending @@ -160136,6 +160274,7 @@ CVE-2024-21410 - https://github.com/FreakyM0ndy/CVE-2024-21410-poc CVE-2024-21410 - https://github.com/JohnBordon/CVE-2024-21410-poc CVE-2024-21410 - https://github.com/Ostorlab/KEV CVE-2024-21410 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-21410 - https://github.com/netlas-io/netlas-dorks CVE-2024-21410 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-21410 - https://github.com/tanjiti/sec_profile CVE-2024-21411 - https://github.com/NaInSec/CVE-LIST @@ -160260,6 +160399,7 @@ CVE-2024-21508 - https://github.com/Geniorio01/CVE-2024-21508-mysql2-RCE CVE-2024-21508 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-21511 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-21512 - https://github.com/wy876/POC +CVE-2024-21512 - https://github.com/wy876/wiki CVE-2024-2152 - https://github.com/RNBBarrett/CrewAI-examples CVE-2024-2156 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-2159 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -160343,6 +160483,7 @@ CVE-2024-21672 - https://github.com/swagcrafted/CVE-2024-21672-POC CVE-2024-21673 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-21674 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-21677 - https://github.com/NaInSec/CVE-LIST +CVE-2024-21677 - https://github.com/netlas-io/netlas-dorks CVE-2024-21677 - https://github.com/tanjiti/sec_profile CVE-2024-21683 - https://github.com/Arbeys/CVE-2024-21683-PoC CVE-2024-21683 - https://github.com/GhostTroops/TOP @@ -160362,6 +160503,7 @@ CVE-2024-21683 - https://github.com/tanjiti/sec_profile CVE-2024-21683 - https://github.com/wjlin0/poc-doc CVE-2024-21683 - https://github.com/wy876/POC CVE-2024-21683 - https://github.com/wy876/wiki +CVE-2024-21683 - https://github.com/xh4vm/CVE-2024-21683 CVE-2024-21683 - https://github.com/zhaoxiaoha/github-trending CVE-2024-2169 - https://github.com/NaInSec/CVE-LIST CVE-2024-2169 - https://github.com/douglasbuzatto/G3-Loop-DoS @@ -160952,6 +161094,7 @@ CVE-2024-22889 - https://github.com/shenhav12/CVE-2024-22889-Plone-v6.0.9 CVE-2024-22890 - https://github.com/BurakSevben/CVE-2024-22890 CVE-2024-22890 - https://github.com/BurakSevben/CVEs CVE-2024-22890 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2024-22891 - https://github.com/CS-EVAL/CS-Eval CVE-2024-22891 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-22894 - https://github.com/Jaarden/AlphaInnotec-Password-Vulnerability CVE-2024-22894 - https://github.com/Jaarden/CVE-2024-22894 @@ -160998,6 +161141,8 @@ CVE-2024-22988 - https://github.com/NaInSec/CVE-LIST CVE-2024-22988 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-2304 - https://github.com/NaInSec/CVE-LIST CVE-2024-23049 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-23052 - https://github.com/wy876/POC +CVE-2024-23052 - https://github.com/wy876/wiki CVE-2024-23057 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-23058 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-23059 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -161013,6 +161158,8 @@ CVE-2024-23082 - https://github.com/vin01/bogus-cves CVE-2024-23094 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-2310 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-23108 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-23108 - https://github.com/hitem/CVE-2024-23108 +CVE-2024-23108 - https://github.com/horizon3ai/CVE-2024-23108 CVE-2024-23108 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-23109 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-23112 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -161146,6 +161293,7 @@ CVE-2024-23324 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-23325 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-23327 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-2333 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-2333 - https://github.com/password123456/nvd-cve-database CVE-2024-23331 - https://github.com/seal-community/patches CVE-2024-23331 - https://github.com/vignesh7701/CodeEditor-Beta CVE-2024-23333 - https://github.com/NaInSec/CVE-LIST @@ -161154,6 +161302,7 @@ CVE-2024-23334 - https://github.com/brian-edgar-re/poc-cve-2024-23334 CVE-2024-23334 - https://github.com/ggPonchik/Tinkoff-CTF-2024-lohness CVE-2024-23334 - https://github.com/jhonnybonny/CVE-2024-23334 CVE-2024-23334 - https://github.com/marl-ot/DevSecOps-2024 +CVE-2024-23334 - https://github.com/netlas-io/netlas-dorks CVE-2024-23334 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-23334 - https://github.com/ox1111/CVE-2024-23334 CVE-2024-23334 - https://github.com/sxyrxyy/aiohttp-exploit-CVE-2024-23334-certstream @@ -161396,6 +161545,7 @@ CVE-2024-23888 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-23889 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-2389 - https://github.com/Ostorlab/KEV CVE-2024-2389 - https://github.com/RhinoSecurityLabs/CVEs +CVE-2024-2389 - https://github.com/YN1337/exploit CVE-2024-2389 - https://github.com/adhikara13/CVE-2024-2389 CVE-2024-2389 - https://github.com/getdrive/PoC CVE-2024-2389 - https://github.com/mayur-esh/vuln-liners @@ -161898,11 +162048,58 @@ CVE-2024-24906 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-24907 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-24908 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-24912 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-24919 - https://github.com/0nin0hanz0/CVE-2024-24919-PoC +CVE-2024-24919 - https://github.com/0x3f3c/CVE-2024-24919 +CVE-2024-24919 - https://github.com/0xans/CVE-2024-24919 +CVE-2024-24919 - https://github.com/3UR/CVE-2024-24919 +CVE-2024-24919 - https://github.com/B1naryo/CVE-2024-24919-POC +CVE-2024-24919 - https://github.com/Bytenull00/CVE-2024-24919 +CVE-2024-24919 - https://github.com/Cappricio-Securities/CVE-2024-24919 +CVE-2024-24919 - https://github.com/Expl0itD0g/CVE-2024-24919---Poc +CVE-2024-24919 - https://github.com/GlobalsecureAcademy/CVE-2024-24919 +CVE-2024-24919 - https://github.com/GoatSecurity/CVE-2024-24919 +CVE-2024-24919 - https://github.com/GuayoyoCyber/CVE-2024-24919 +CVE-2024-24919 - https://github.com/J4F9S5D2Q7/CVE-2024-24919 +CVE-2024-24919 - https://github.com/LucasKatashi/CVE-2024-24919 +CVE-2024-24919 - https://github.com/MohamedWagdy7/CVE-2024-24919 CVE-2024-24919 - https://github.com/Ostorlab/KEV +CVE-2024-24919 - https://github.com/Praison001/CVE-2024-24919-Check-Point-Remote-Access-VPN +CVE-2024-24919 - https://github.com/RevoltSecurities/CVE-2024-24919 +CVE-2024-24919 - https://github.com/Rug4lo/CVE-2024-24919-Exploit +CVE-2024-24919 - https://github.com/Tim-Hoekstra/CVE-2024-24919 +CVE-2024-24919 - https://github.com/Vulnpire/CVE-2024-24919 +CVE-2024-24919 - https://github.com/YN1337/CVE-2024-24919 +CVE-2024-24919 - https://github.com/am-eid/CVE-2024-24919 +CVE-2024-24919 - https://github.com/bigb0x/CVE-2024-24919-Sniper +CVE-2024-24919 - https://github.com/birdlex/cve-2024-24919-checker +CVE-2024-24919 - https://github.com/c3rrberu5/CVE-2024-24919 +CVE-2024-24919 - https://github.com/emanueldosreis/CVE-2024-24919 +CVE-2024-24919 - https://github.com/eoslvs/CVE-2024-24919 +CVE-2024-24919 - https://github.com/fernandobortotti/CVE-2024-24919 +CVE-2024-24919 - https://github.com/gurudattch/CVE-2024-24919 +CVE-2024-24919 - https://github.com/hendprw/CVE-2024-24919 +CVE-2024-24919 - https://github.com/ifconfig-me/CVE-2024-24919-Bulk-Scanner +CVE-2024-24919 - https://github.com/lirantal/cve-cvss-calculator +CVE-2024-24919 - https://github.com/mr-kasim-mehar/CVE-2024-24919-Exploit +CVE-2024-24919 - https://github.com/netlas-io/netlas-dorks +CVE-2024-24919 - https://github.com/nexblade12/CVE-2024-24919 CVE-2024-24919 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2024-24919 - https://github.com/nullcult/CVE-2024-24919-Exploit CVE-2024-24919 - https://github.com/numencyber/Vulnerability_PoC +CVE-2024-24919 - https://github.com/pewc0/CVE-2024-24919 +CVE-2024-24919 - https://github.com/r4p3c4/CVE-2024-24919-Checkpoint-Firewall-VPN-Check +CVE-2024-24919 - https://github.com/r4p3c4/CVE-2024-24919-Exploit-PoC-Checkpoint-Firewall-VPN +CVE-2024-24919 - https://github.com/satriarizka/CVE-2024-24919 +CVE-2024-24919 - https://github.com/seed1337/CVE-2024-24919-POC +CVE-2024-24919 - https://github.com/sep2limited/CheckPoint_Query_Py +CVE-2024-24919 - https://github.com/smackerdodi/CVE-2024-24919-nuclei-templater +CVE-2024-24919 - https://github.com/starlox0/CVE-2024-24919-POC CVE-2024-24919 - https://github.com/tanjiti/sec_profile +CVE-2024-24919 - https://github.com/un9nplayer/CVE-2024-24919 +CVE-2024-24919 - https://github.com/wjlin0/poc-doc CVE-2024-24919 - https://github.com/wy876/POC +CVE-2024-24919 - https://github.com/wy876/wiki +CVE-2024-24919 - https://github.com/zam89/CVE-2024-24919 CVE-2024-24927 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-24928 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-2493 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -162206,6 +162403,7 @@ CVE-2024-25453 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-25454 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-2546 - https://github.com/NaInSec/CVE-LIST CVE-2024-2546 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-2546 - https://github.com/helloyhrr/IoT_vulnerability CVE-2024-25466 - https://github.com/FixedOctocat/CVE-2024-25466 CVE-2024-25466 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-25468 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -162215,6 +162413,7 @@ CVE-2024-2547 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-25501 - https://github.com/Drun1baby/Vul_List CVE-2024-25501 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-25502 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-25522 - https://github.com/cisagov/vulnrichment CVE-2024-25527 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-25528 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-25529 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -162242,6 +162441,7 @@ CVE-2024-25579 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-2558 - https://github.com/NaInSec/CVE-LIST CVE-2024-25580 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-2559 - https://github.com/NaInSec/CVE-LIST +CVE-2024-2559 - https://github.com/helloyhrr/IoT_vulnerability CVE-2024-25591 - https://github.com/NaInSec/CVE-LIST CVE-2024-25592 - https://github.com/NaInSec/CVE-LIST CVE-2024-25592 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -162254,6 +162454,7 @@ CVE-2024-25597 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-25598 - https://github.com/NaInSec/CVE-LIST CVE-2024-25598 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-2560 - https://github.com/NaInSec/CVE-LIST +CVE-2024-2560 - https://github.com/helloyhrr/IoT_vulnerability CVE-2024-25600 - https://github.com/0bl1v10nf0rg0773n/0BL1V10N-CVE-2024-25600-Bricks-Builder-plugin-for-WordPress CVE-2024-25600 - https://github.com/Chocapikk/CVE-2024-25600 CVE-2024-25600 - https://github.com/Christbowel/CVE-2024-25600_Nuclei-Template @@ -162263,6 +162464,7 @@ CVE-2024-25600 - https://github.com/K3ysTr0K3R/K3ysTr0K3R CVE-2024-25600 - https://github.com/RHYru9/CVE-2024-25600-mass CVE-2024-25600 - https://github.com/Threekiii/CVE CVE-2024-25600 - https://github.com/Tornad0007/CVE-2024-25600-Bricks-Builder-plugin-for-WordPress +CVE-2024-25600 - https://github.com/WanLiChangChengWanLiChang/CVE-2024-25600 CVE-2024-25600 - https://github.com/X-Projetion/WORDPRESS-CVE-2024-25600-EXPLOIT-RCE CVE-2024-25600 - https://github.com/ZonghaoLi777/githubTrending CVE-2024-25600 - https://github.com/aneasystone/github-trending @@ -162270,6 +162472,7 @@ CVE-2024-25600 - https://github.com/fireinrain/github-trending CVE-2024-25600 - https://github.com/gobysec/Goby CVE-2024-25600 - https://github.com/hy011121/CVE-2024-25600-wordpress-Exploit-RCE CVE-2024-25600 - https://github.com/johe123qwe/github-trending +CVE-2024-25600 - https://github.com/k3lpi3b4nsh33/CVE-2024-25600 CVE-2024-25600 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-25600 - https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main CVE-2024-25600 - https://github.com/sampsonv/github-trending @@ -162398,6 +162601,7 @@ CVE-2024-25809 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-25809 - https://github.com/sajaljat/CVE-2024-25809 CVE-2024-2581 - https://github.com/NaInSec/CVE-LIST CVE-2024-2581 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-2581 - https://github.com/helloyhrr/IoT_vulnerability CVE-2024-25817 - https://github.com/CuB3y0nd/CuB3y0nd CVE-2024-25817 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-25828 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -162518,6 +162722,7 @@ CVE-2024-25993 - https://github.com/NaInSec/CVE-LIST CVE-2024-26019 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-26026 - https://github.com/GRTMALDET/Big-IP-Next-CVE-2024-26026 CVE-2024-26026 - https://github.com/Threekiii/CVE +CVE-2024-26026 - https://github.com/netlas-io/netlas-dorks CVE-2024-26026 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-26026 - https://github.com/passwa11/CVE-2024-26026 CVE-2024-26026 - https://github.com/wjlin0/poc-doc @@ -162695,6 +162900,7 @@ CVE-2024-2630 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-26300 - https://github.com/kaje11/CVEs CVE-2024-26304 - https://github.com/Roud-Roud-Agency/CVE-2024-26304-RCE-exploits CVE-2024-26304 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-26304 - https://github.com/netlas-io/netlas-dorks CVE-2024-26304 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-26304 - https://github.com/wjlin0/poc-doc CVE-2024-26304 - https://github.com/wy876/POC @@ -162982,6 +163188,7 @@ CVE-2024-2703 - https://github.com/NaInSec/CVE-LIST CVE-2024-2703 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-2704 - https://github.com/NaInSec/CVE-LIST CVE-2024-2704 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-2704 - https://github.com/helloyhrr/IoT_vulnerability CVE-2024-2705 - https://github.com/NaInSec/CVE-LIST CVE-2024-2705 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-2706 - https://github.com/NaInSec/CVE-LIST @@ -163023,6 +163230,7 @@ CVE-2024-27130 - https://github.com/watchtowrlabs/CVE-2024-27130 CVE-2024-27130 - https://github.com/wjlin0/poc-doc CVE-2024-27130 - https://github.com/wy876/POC CVE-2024-27130 - https://github.com/wy876/wiki +CVE-2024-27130 - https://github.com/zgimszhd61/openai-sec-test-cve-quickstart CVE-2024-27132 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-27133 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-27138 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -163071,6 +163279,7 @@ CVE-2024-27198 - https://github.com/johe123qwe/github-trending CVE-2024-27198 - https://github.com/juev/links CVE-2024-27198 - https://github.com/labesterOct/CVE-2024-27198 CVE-2024-27198 - https://github.com/marl-ot/DevSecOps-2024 +CVE-2024-27198 - https://github.com/netlas-io/netlas-dorks CVE-2024-27198 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-27198 - https://github.com/passwa11/CVE-2024-27198-RCE CVE-2024-27198 - https://github.com/rampantspark/CVE-2024-27198 @@ -163193,8 +163402,12 @@ CVE-2024-27322 - https://github.com/hrbrmstr/rdaradar CVE-2024-27322 - https://github.com/vin01/bogus-cves CVE-2024-27347 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-27348 - https://github.com/Ostorlab/KEV +CVE-2024-27348 - https://github.com/Zeyad-Azima/CVE-2024-27348 CVE-2024-27348 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-27348 - https://github.com/kljunowsky/CVE-2024-27348 CVE-2024-27348 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2024-27348 - https://github.com/wy876/POC +CVE-2024-27348 - https://github.com/wy876/wiki CVE-2024-27349 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-27350 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-27351 - https://github.com/NaInSec/CVE-LIST @@ -163374,6 +163587,7 @@ CVE-2024-2780 - https://github.com/NaInSec/CVE-LIST CVE-2024-2780 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-27804 - https://github.com/GhostTroops/TOP CVE-2024-27804 - https://github.com/R00tkitSMM/CVE-2024-27804 +CVE-2024-27804 - https://github.com/SnoopyTools/Rootkit-cve2024 CVE-2024-27804 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-27822 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2024-27830 - https://github.com/Joe12387/Joe12387 @@ -163392,6 +163606,7 @@ CVE-2024-27920 - https://github.com/NaInSec/CVE-LIST CVE-2024-27921 - https://github.com/NaInSec/CVE-LIST CVE-2024-27930 - https://github.com/NaInSec/CVE-LIST CVE-2024-27930 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-27931 - https://github.com/KTH-LangSec/server-side-prototype-pollution CVE-2024-27937 - https://github.com/NaInSec/CVE-LIST CVE-2024-27937 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-27938 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -163399,6 +163614,7 @@ CVE-2024-27949 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-27954 - https://github.com/wjlin0/poc-doc CVE-2024-27954 - https://github.com/wy876/POC CVE-2024-27956 - https://github.com/AiGptCode/WordPress-Auto-Admin-Account-and-Reverse-Shell-cve-2024-27956 +CVE-2024-27956 - https://github.com/Cappricio-Securities/CVE-2024-27956 CVE-2024-27956 - https://github.com/FoxyProxys/CVE-2024-27956 CVE-2024-27956 - https://github.com/NaInSec/CVE-LIST CVE-2024-27956 - https://github.com/Ostorlab/KEV @@ -163618,6 +163834,8 @@ CVE-2024-28213 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-28214 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-28215 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-28216 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-28219 - https://github.com/egilewski/29381 +CVE-2024-28219 - https://github.com/egilewski/29381-1 CVE-2024-2822 - https://github.com/NaInSec/CVE-LIST CVE-2024-28222 - https://github.com/JohnHormond/CVE-2024-21762-Fortinet-RCE-WORK CVE-2024-28222 - https://github.com/c0d3b3af/CVE-2024-28222-NetBackup-RCE-exploit @@ -163660,6 +163878,7 @@ CVE-2024-28255 - https://github.com/NaInSec/CVE-LIST CVE-2024-28255 - https://github.com/Ostorlab/KEV CVE-2024-28255 - https://github.com/XRSec/AWVS-Update CVE-2024-28255 - https://github.com/YongYe-Security/CVE-2024-28255 +CVE-2024-28255 - https://github.com/jakabakos/OpenMetadata-Auth-bypass CVE-2024-28255 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-28255 - https://github.com/tanjiti/sec_profile CVE-2024-28255 - https://github.com/wjlin0/poc-doc @@ -163757,13 +163976,16 @@ CVE-2024-2852 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-28521 - https://github.com/NaInSec/CVE-LIST CVE-2024-2853 - https://github.com/NaInSec/CVE-LIST CVE-2024-2853 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-2853 - https://github.com/helloyhrr/IoT_vulnerability CVE-2024-28535 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-28537 - https://github.com/NaInSec/CVE-LIST CVE-2024-28537 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-2854 - https://github.com/NaInSec/CVE-LIST CVE-2024-2854 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-2854 - https://github.com/helloyhrr/IoT_vulnerability CVE-2024-28547 - https://github.com/NaInSec/CVE-LIST CVE-2024-28547 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-28547 - https://github.com/helloyhrr/IoT_vulnerability CVE-2024-2855 - https://github.com/NaInSec/CVE-LIST CVE-2024-2855 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-28550 - https://github.com/NaInSec/CVE-LIST @@ -163881,6 +164103,7 @@ CVE-2024-2879 - https://github.com/JohnNetSouldRU/CVE-2024-2879-POC CVE-2024-2879 - https://github.com/Ostorlab/KEV CVE-2024-2879 - https://github.com/RansomGroupCVE/CVE-2024-22328-POC CVE-2024-2879 - https://github.com/herculeszxc/CVE-2024-2879 +CVE-2024-2879 - https://github.com/netlas-io/netlas-dorks CVE-2024-2879 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-2879 - https://github.com/wjlin0/poc-doc CVE-2024-2879 - https://github.com/wy876/POC @@ -163932,11 +164155,14 @@ CVE-2024-28890 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-28891 - https://github.com/NaInSec/CVE-LIST CVE-2024-28893 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-2891 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-2891 - https://github.com/helloyhrr/IoT_vulnerability CVE-2024-28916 - https://github.com/NaInSec/CVE-LIST CVE-2024-28916 - https://github.com/Wh04m1001/GamingServiceEoP CVE-2024-28916 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-2892 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-2892 - https://github.com/helloyhrr/IoT_vulnerability CVE-2024-2893 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-2893 - https://github.com/helloyhrr/IoT_vulnerability CVE-2024-2894 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-2895 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-2896 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -163959,6 +164185,7 @@ CVE-2024-29036 - https://github.com/NaInSec/CVE-LIST CVE-2024-29037 - https://github.com/NaInSec/CVE-LIST CVE-2024-29042 - https://github.com/NaInSec/CVE-LIST CVE-2024-29049 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-2905 - https://github.com/cisagov/vulnrichment CVE-2024-29052 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-29053 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-29054 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -164144,6 +164371,7 @@ CVE-2024-29269 - https://github.com/wjlin0/poc-doc CVE-2024-29269 - https://github.com/wutalent/CVE-2024-29269 CVE-2024-29269 - https://github.com/wy876/POC CVE-2024-29269 - https://github.com/wy876/wiki +CVE-2024-29269 - https://github.com/zgimszhd61/openai-sec-test-cve-quickstart CVE-2024-29271 - https://github.com/NaInSec/CVE-LIST CVE-2024-29271 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-29272 - https://github.com/NaInSec/CVE-LIST @@ -164241,10 +164469,13 @@ CVE-2024-29513 - https://github.com/dru1d-foofus/briscKernelDriver CVE-2024-2961 - https://github.com/EGI-Federation/SVG-advisories CVE-2024-2961 - https://github.com/Threekiii/Awesome-POC CVE-2024-2961 - https://github.com/ZonghaoLi777/githubTrending +CVE-2024-2961 - https://github.com/absolutedesignltd/iconvfix CVE-2024-2961 - https://github.com/ambionics/cnext-exploits CVE-2024-2961 - https://github.com/aneasystone/github-trending CVE-2024-2961 - https://github.com/bollwarm/SecToolSet +CVE-2024-2961 - https://github.com/exfil0/test_iconv CVE-2024-2961 - https://github.com/johe123qwe/github-trending +CVE-2024-2961 - https://github.com/kjdfklha/CVE-2024-2961_poc CVE-2024-2961 - https://github.com/mattaperkins/FIX-CVE-2024-2961 CVE-2024-2961 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-2961 - https://github.com/rvizx/CVE-2024-2961 @@ -164252,6 +164483,7 @@ CVE-2024-2961 - https://github.com/sampsonv/github-trending CVE-2024-2961 - https://github.com/tanjiti/sec_profile CVE-2024-2961 - https://github.com/tarlepp/links-of-the-week CVE-2024-2961 - https://github.com/testing-felickz/docker-scout-demo +CVE-2024-2961 - https://github.com/tnishiox/cve-2024-2961 CVE-2024-2961 - https://github.com/wjlin0/wjlin0 CVE-2024-2961 - https://github.com/zhaoxiaoha/github-trending CVE-2024-29637 - https://github.com/SQU4NCH/SQU4NCH @@ -164273,11 +164505,14 @@ CVE-2024-29745 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-29745 - https://github.com/toxyl/lscve CVE-2024-29748 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-29748 - https://github.com/toxyl/lscve +CVE-2024-2976 - https://github.com/helloyhrr/IoT_vulnerability +CVE-2024-2977 - https://github.com/helloyhrr/IoT_vulnerability CVE-2024-29777 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-2978 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-29788 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-29789 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-2979 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-2979 - https://github.com/helloyhrr/IoT_vulnerability CVE-2024-29790 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-29791 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-29792 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -164308,6 +164543,7 @@ CVE-2024-29832 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-29833 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-2984 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-29844 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-29857 - https://github.com/cdupuis/aspnetapp CVE-2024-29858 - https://github.com/NaInSec/CVE-LIST CVE-2024-29859 - https://github.com/NaInSec/CVE-LIST CVE-2024-29862 - https://github.com/NaInSec/CVE-LIST @@ -164350,6 +164586,7 @@ CVE-2024-29893 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-29895 - https://github.com/Ostorlab/KEV CVE-2024-29895 - https://github.com/Rubioo02/CVE-2024-29895 CVE-2024-29895 - https://github.com/Stuub/CVE-2024-29895-CactiRCE-PoC +CVE-2024-29895 - https://github.com/netlas-io/netlas-dorks CVE-2024-29895 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-29895 - https://github.com/secunnix/CVE-2024-29895 CVE-2024-29895 - https://github.com/ticofookfook/CVE-2024-29895.py @@ -164413,6 +164650,7 @@ CVE-2024-3002 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3003 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3004 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-30040 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-30043 - https://github.com/W01fh4cker/CVE-2024-30043-XXE CVE-2024-30043 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-30043 - https://github.com/tanjiti/sec_profile CVE-2024-30050 - https://github.com/angelov-1080/CVE_Checker @@ -164435,6 +164673,8 @@ CVE-2024-30161 - https://github.com/NaInSec/CVE-LIST CVE-2024-30161 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-30163 - https://github.com/1Softworks/IPS-SQL-Injection CVE-2024-30165 - https://github.com/p4yl0ad/p4yl0ad +CVE-2024-30171 - https://github.com/cdupuis/aspnetapp +CVE-2024-30172 - https://github.com/cdupuis/aspnetapp CVE-2024-30187 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-30200 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-30202 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -164568,6 +164808,7 @@ CVE-2024-30614 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-30620 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-30621 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-30645 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-30645 - https://github.com/helloyhrr/IoT_vulnerability CVE-2024-30656 - https://github.com/Yashodhanvivek/Firebolt-wristphone-vulnerability CVE-2024-30656 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-30657 - https://github.com/yashpatelphd/CVE-2024-30657 @@ -164667,6 +164908,7 @@ CVE-2024-3075 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3076 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-30804 - https://github.com/gmh5225/awesome-game-security CVE-2024-3081 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-30840 - https://github.com/helloyhrr/IoT_vulnerability CVE-2024-30845 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-30850 - https://github.com/chebuya/CVE-2024-30850-chaos-rat-rce-poc CVE-2024-30850 - https://github.com/nomi-sec/PoC-in-GitHub @@ -164734,6 +164976,7 @@ CVE-2024-3094 - https://github.com/Cas-Cornelissen/xz-vulnerability-ansible CVE-2024-3094 - https://github.com/CyberGuard-Foundation/CVE-2024-3094 CVE-2024-3094 - https://github.com/EGI-Federation/SVG-advisories CVE-2024-3094 - https://github.com/FabioBaroni/CVE-2024-3094-checker +CVE-2024-3094 - https://github.com/Fatal016/xz_lab CVE-2024-3094 - https://github.com/Fractal-Tess/CVE-2024-3094 CVE-2024-3094 - https://github.com/Getshell/xzDoor CVE-2024-3094 - https://github.com/GhostTroops/TOP @@ -164783,6 +165026,7 @@ CVE-2024-3094 - https://github.com/cxyfreedom/website-hot-hub CVE-2024-3094 - https://github.com/dah4k/CVE-2024-3094 CVE-2024-3094 - https://github.com/devjanger/CVE-2024-3094-XZ-Backdoor-Detector CVE-2024-3094 - https://github.com/donmccaughey/xz_pkg +CVE-2024-3094 - https://github.com/dparksports/detect_intrusion CVE-2024-3094 - https://github.com/drdry2/CVE-2024-3094-EXPLOIT CVE-2024-3094 - https://github.com/duytruongpham/duytruongpham CVE-2024-3094 - https://github.com/emirkmo/xz-backdoor-github @@ -164887,6 +165131,7 @@ CVE-2024-31099 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-31134 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-31135 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-31136 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-31136 - https://github.com/netlas-io/netlas-dorks CVE-2024-31137 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-31138 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-31139 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -165071,6 +165316,10 @@ CVE-2024-32002 - https://github.com/10cks/CVE-2024-32002-linux-submod CVE-2024-32002 - https://github.com/10cks/CVE-2024-32002-submod CVE-2024-32002 - https://github.com/10cks/hook CVE-2024-32002 - https://github.com/1mxml/CVE-2024-32002-poc +CVE-2024-32002 - https://github.com/431m/rcetest +CVE-2024-32002 - https://github.com/AD-Appledog/CVE-2024-32002 +CVE-2024-32002 - https://github.com/AD-Appledog/wakuwaku +CVE-2024-32002 - https://github.com/Basyaact/CVE-2024-32002-PoC_Chinese CVE-2024-32002 - https://github.com/CrackerCat/CVE-2024-32002_EXP CVE-2024-32002 - https://github.com/GhostTroops/TOP CVE-2024-32002 - https://github.com/Goplush/CVE-2024-32002-git-rce @@ -165086,8 +165335,12 @@ CVE-2024-32002 - https://github.com/WOOOOONG/CVE-2024-32002 CVE-2024-32002 - https://github.com/WOOOOONG/hook CVE-2024-32002 - https://github.com/WOOOOONG/submod CVE-2024-32002 - https://github.com/YuanlooSec/CVE-2024-32002-poc +CVE-2024-32002 - https://github.com/Zhang-Yiiliin/test_cve_2024_32002 +CVE-2024-32002 - https://github.com/Zombie-Kaiser/Zombie-Kaiser CVE-2024-32002 - https://github.com/aitorcastel/poc_CVE-2024-32002 CVE-2024-32002 - https://github.com/aitorcastel/poc_CVE-2024-32002_submodule +CVE-2024-32002 - https://github.com/ak-phyo/gitrce_poc +CVE-2024-32002 - https://github.com/alimuhammedkose/CVE-2024-32002-linux-smash CVE-2024-32002 - https://github.com/amalmurali47/demo_git_rce CVE-2024-32002 - https://github.com/amalmurali47/demo_hook CVE-2024-32002 - https://github.com/amalmurali47/git_rce @@ -165096,6 +165349,9 @@ CVE-2024-32002 - https://github.com/aneasystone/github-trending CVE-2024-32002 - https://github.com/bfengj/CVE-2024-32002-Exploit CVE-2024-32002 - https://github.com/bfengj/CVE-2024-32002-hook CVE-2024-32002 - https://github.com/bfengj/Security-Paper-Learing +CVE-2024-32002 - https://github.com/coffeescholar/ReplaceAllGit +CVE-2024-32002 - https://github.com/cojoben/git_rce +CVE-2024-32002 - https://github.com/dzx825/32002 CVE-2024-32002 - https://github.com/fadhilthomas/hook CVE-2024-32002 - https://github.com/fadhilthomas/poc-cve-2024-32002 CVE-2024-32002 - https://github.com/jafshare/GithubTrending @@ -165115,6 +165371,8 @@ CVE-2024-32002 - https://github.com/sampsonv/github-trending CVE-2024-32002 - https://github.com/seekerzz/MyRSSSync CVE-2024-32002 - https://github.com/tanjiti/sec_profile CVE-2024-32002 - https://github.com/testing-felickz/docker-scout-demo +CVE-2024-32002 - https://github.com/tobelight/cve_2024_32002 +CVE-2024-32002 - https://github.com/tobelight/cve_2024_32002_hook CVE-2024-32002 - https://github.com/vincepsh/CVE-2024-32002 CVE-2024-32002 - https://github.com/vincepsh/CVE-2024-32002-hook CVE-2024-32002 - https://github.com/wjlin0/poc-doc @@ -165122,6 +165380,7 @@ CVE-2024-32002 - https://github.com/wy876/POC CVE-2024-32002 - https://github.com/wy876/wiki CVE-2024-32002 - https://github.com/ycdxsb/CVE-2024-32002-hulk CVE-2024-32002 - https://github.com/ycdxsb/CVE-2024-32002-submod +CVE-2024-32002 - https://github.com/zgimszhd61/openai-sec-test-cve-quickstart CVE-2024-32002 - https://github.com/zhaoxiaoha/github-trending CVE-2024-32003 - https://github.com/JohnNetSouldRU/CVE-2024-32003-POC CVE-2024-32004 - https://github.com/10cks/CVE-2024-32004-POC @@ -165143,6 +165402,7 @@ CVE-2024-3208 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3209 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3210 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-32105 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-32113 - https://github.com/Mr-xn/CVE-2024-32113 CVE-2024-32113 - https://github.com/Ostorlab/KEV CVE-2024-32113 - https://github.com/Threekiii/CVE CVE-2024-32113 - https://github.com/absholi7ly/Apache-OFBiz-Directory-Traversal-exploit @@ -165165,6 +165425,7 @@ CVE-2024-32238 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-32258 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-32258 - https://github.com/liyansong2018/CVE-2024-32258 CVE-2024-32258 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2024-32320 - https://github.com/helloyhrr/IoT_vulnerability CVE-2024-32337 - https://github.com/adiapera/xss_security_wondercms_3.4.3 CVE-2024-32338 - https://github.com/adiapera/xss_current_page_wondercms_3.4.3 CVE-2024-32339 - https://github.com/adiapera/xss_how_to_page_wondercms_3.4.3 @@ -165214,12 +165475,14 @@ CVE-2024-32640 - https://github.com/0x3f3c/CVE-2024-32640-SQLI-MuraCMS CVE-2024-32640 - https://github.com/Stuub/CVE-2024-32640-SQLI-MuraCMS CVE-2024-32640 - https://github.com/Threekiii/CVE CVE-2024-32640 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2024-32640 - https://github.com/sammings/CVE-2024-32640 CVE-2024-32640 - https://github.com/tanjiti/sec_profile CVE-2024-32640 - https://github.com/wjlin0/poc-doc CVE-2024-32640 - https://github.com/wy876/POC CVE-2024-32640 - https://github.com/wy876/wiki CVE-2024-32651 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-32651 - https://github.com/zcrosman/cve-2024-32651 +CVE-2024-32655 - https://github.com/cdupuis/aspnetapp CVE-2024-3266 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-32663 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-32664 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -165230,6 +165493,7 @@ CVE-2024-32699 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-32709 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-32709 - https://github.com/truonghuuphuc/CVE-2024-32709-Poc CVE-2024-3272 - https://github.com/OIivr/Turvan6rkus-CVE-2024-3273 +CVE-2024-3272 - https://github.com/WanLiChangChengWanLiChang/WanLiChangChengWanLiChang CVE-2024-3272 - https://github.com/aliask/dinkleberry CVE-2024-3272 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3272 - https://github.com/nickswink/D-Link-NAS-Devices-Unauthenticated-RCE @@ -165246,9 +165510,11 @@ CVE-2024-3273 - https://github.com/K3ysTr0K3R/K3ysTr0K3R CVE-2024-3273 - https://github.com/OIivr/Turvan6rkus-CVE-2024-3273 CVE-2024-3273 - https://github.com/Ostorlab/KEV CVE-2024-3273 - https://github.com/ThatNotEasy/CVE-2024-3273 +CVE-2024-3273 - https://github.com/WanLiChangChengWanLiChang/WanLiChangChengWanLiChang CVE-2024-3273 - https://github.com/adhikara13/CVE-2024-3273 CVE-2024-3273 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3273 - https://github.com/mrrobot0o/CVE-2024-3273- +CVE-2024-3273 - https://github.com/netlas-io/netlas-dorks CVE-2024-3273 - https://github.com/nickswink/D-Link-NAS-Devices-Unauthenticated-RCE CVE-2024-3273 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-3273 - https://github.com/tanjiti/sec_profile @@ -165288,12 +165554,14 @@ CVE-2024-32880 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-32884 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-32886 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-32888 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-32888 - https://github.com/zgimszhd61/openai-sec-test-cve-quickstart CVE-2024-3289 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3290 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3291 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3293 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3293 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-3293 - https://github.com/tanjiti/sec_profile +CVE-2024-3293 - https://github.com/truonghuuphuc/CVE-2024-3293-Poc CVE-2024-32944 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-32947 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-32958 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -165413,6 +165681,7 @@ CVE-2024-33645 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-33646 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-33648 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-33649 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-33666 - https://github.com/cisagov/vulnrichment CVE-2024-33670 - https://github.com/Sharpe-nl/CVEs CVE-2024-33671 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-33672 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -165522,8 +165791,10 @@ CVE-2024-3400 - https://github.com/jcaballero/cve-scanner CVE-2024-3400 - https://github.com/k4nfr3/nmap-scripts CVE-2024-3400 - https://github.com/kerberoshacker/CVE-2024-3400-POC CVE-2024-3400 - https://github.com/kerberoshacker2/CVE-2024-3400-POC +CVE-2024-3400 - https://github.com/lirantal/cve-cvss-calculator CVE-2024-3400 - https://github.com/marconesler/CVE-2024-3400 CVE-2024-3400 - https://github.com/momika233/CVE-2024-3400 +CVE-2024-3400 - https://github.com/netlas-io/netlas-dorks CVE-2024-3400 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-3400 - https://github.com/phantomradar/cve-2024-3400-poc CVE-2024-3400 - https://github.com/pwnj0hn/CVE-2024-3400 @@ -165549,6 +165820,7 @@ CVE-2024-34005 - https://github.com/cli-ish/cli-ish CVE-2024-34058 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-34061 - https://github.com/Nguyen-Trung-Kien/CVE CVE-2024-34061 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-34062 - https://github.com/CopperEagle/CopperEagle CVE-2024-34064 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-34069 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-34078 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -165634,6 +165906,7 @@ CVE-2024-34470 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-34470 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-34470 - https://github.com/osvaldotenorio/CVE-2024-34470 CVE-2024-34470 - https://github.com/wy876/POC +CVE-2024-34470 - https://github.com/wy876/wiki CVE-2024-34471 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-34471 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-34471 - https://github.com/osvaldotenorio/CVE-2024-34471 @@ -165673,6 +165946,7 @@ CVE-2024-34717 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-34751 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-34752 - https://github.com/password123456/cves CVE-2024-34760 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-3477 - https://github.com/cisagov/vulnrichment CVE-2024-34771 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-34772 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-34773 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -165682,6 +165956,7 @@ CVE-2024-34805 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-34808 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-34829 - https://github.com/ntrampham/Eramba CVE-2024-3483 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-34832 - https://github.com/julio-cfa/CVE-2024-34832 CVE-2024-34832 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-3484 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3485 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -165690,27 +165965,36 @@ CVE-2024-3487 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3488 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-34897 - https://github.com/murataydemir/CVE-2024-23897 CVE-2024-34905 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-34905 - https://github.com/lirantal/cve-cvss-calculator +CVE-2024-34913 - https://github.com/lirantal/cve-cvss-calculator CVE-2024-34914 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-34923 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3495 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-3495 - https://github.com/tanjiti/sec_profile CVE-2024-3495 - https://github.com/truonghuuphuc/CVE-2024-3495-Poc +CVE-2024-3495 - https://github.com/wjlin0/poc-doc CVE-2024-3495 - https://github.com/wy876/POC +CVE-2024-3495 - https://github.com/wy876/wiki CVE-2024-3495 - https://github.com/zomasec/CVE-2024-3495-POC CVE-2024-34950 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-34954 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-34955 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-34957 - https://github.com/Gr-1m/CVE-2024-34958 CVE-2024-34957 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-34958 - https://github.com/Gr-1m/CVE-2024-34958 CVE-2024-34958 - https://github.com/Gr-1m/CVE-2024-34958-1 CVE-2024-34958 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-34958 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2024-34974 - https://github.com/cisagov/vulnrichment CVE-2024-34982 - https://github.com/tanjiti/sec_profile +CVE-2024-34987 - https://github.com/MarkLee131/PoCs CVE-2024-34995 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-35009 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-35010 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-35011 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-35012 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-35039 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-35057 - https://github.com/cisagov/vulnrichment CVE-2024-35108 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-35109 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3512 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -165726,6 +166010,7 @@ CVE-2024-35185 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-35187 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-35190 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-35195 - https://github.com/PBorocz/raindrop-io-py +CVE-2024-35195 - https://github.com/astellingwerf/renovate-requests-allowedVersion CVE-2024-35195 - https://github.com/seal-community/patches CVE-2024-35205 - https://github.com/Ch0pin/related_work CVE-2024-3521 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -165740,9 +166025,11 @@ CVE-2024-3528 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3529 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3530 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3531 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-35315 - https://github.com/ewilded/CVE-2024-35315-POC CVE-2024-35315 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-3532 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3533 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-35333 - https://github.com/momo1239/CVE-2024-35333 CVE-2024-35333 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-35339 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3534 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -165762,7 +166049,9 @@ CVE-2024-3542 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3543 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3544 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3545 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-35468 - https://github.com/dovankha/CVE-2024-35468 CVE-2024-35468 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2024-35469 - https://github.com/dovankha/CVE-2024-35469 CVE-2024-35469 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-35475 - https://github.com/carsonchan12345/CVE-2024-35475 CVE-2024-35475 - https://github.com/nomi-sec/PoC-in-GitHub @@ -165774,11 +166063,14 @@ CVE-2024-35518 - https://github.com/AnixPasBesoin/AnixPasBesoin CVE-2024-35519 - https://github.com/AnixPasBesoin/AnixPasBesoin CVE-2024-3552 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-3552 - https://github.com/truonghuuphuc/CVE-2024-3552-Poc +CVE-2024-3552 - https://github.com/wjlin0/poc-doc CVE-2024-3552 - https://github.com/wy876/POC +CVE-2024-3552 - https://github.com/wy876/wiki CVE-2024-35520 - https://github.com/AnixPasBesoin/AnixPasBesoin CVE-2024-35522 - https://github.com/AnixPasBesoin/AnixPasBesoin CVE-2024-35523 - https://github.com/AnixPasBesoin/AnixPasBesoin CVE-2024-35524 - https://github.com/AnixPasBesoin/AnixPasBesoin +CVE-2024-35548 - https://github.com/bytyme/MybatisPlusSQLInjection CVE-2024-35591 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-35592 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-35593 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -165826,8 +166118,10 @@ CVE-2024-36064 - https://github.com/actuator/cve CVE-2024-36079 - https://github.com/DxRvs/vaultize_CVE-2024-36079 CVE-2024-36079 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-36104 - https://github.com/Co5mos/nuclei-tps +CVE-2024-36104 - https://github.com/Mr-xn/CVE-2024-32113 CVE-2024-36104 - https://github.com/tanjiti/sec_profile CVE-2024-36104 - https://github.com/wy876/POC +CVE-2024-36104 - https://github.com/wy876/wiki CVE-2024-36105 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-36120 - https://github.com/SteakEnthusiast/My-CTF-Challenges CVE-2024-3614 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -165843,9 +166137,15 @@ CVE-2024-36426 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-36428 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-36428 - https://github.com/tanjiti/sec_profile CVE-2024-36428 - https://github.com/wy876/POC +CVE-2024-36428 - https://github.com/wy876/wiki CVE-2024-36437 - https://github.com/actuator/cve CVE-2024-3645 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3652 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-36586 - https://github.com/go-compile/security-advisories +CVE-2024-36587 - https://github.com/go-compile/security-advisories +CVE-2024-36588 - https://github.com/go-compile/security-advisories +CVE-2024-36589 - https://github.com/go-compile/security-advisories +CVE-2024-3661 - https://github.com/a1xbit/DecloakingVPN CVE-2024-3661 - https://github.com/apiverve/news-API CVE-2024-3661 - https://github.com/bollwarm/SecToolSet CVE-2024-3661 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -165853,6 +166153,7 @@ CVE-2024-3661 - https://github.com/giterlizzi/secdb-feeds CVE-2024-3661 - https://github.com/leviathansecurity/TunnelVision CVE-2024-3661 - https://github.com/tanjiti/sec_profile CVE-2024-36673 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-3668 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-36795 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3686 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3687 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -165935,6 +166236,8 @@ CVE-2024-3858 - https://github.com/zhangjiahui-buaa/MasterThesis CVE-2024-3867 - https://github.com/c4cnm/CVE-2024-3867 CVE-2024-3867 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-3868 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-3875 - https://github.com/helloyhrr/IoT_vulnerability +CVE-2024-3876 - https://github.com/helloyhrr/IoT_vulnerability CVE-2024-3889 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3891 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3892 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -165942,6 +166245,7 @@ CVE-2024-3895 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3897 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3914 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3928 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-3931 - https://github.com/2lambda123/cisagov-vulnrichment CVE-2024-3931 - https://github.com/cisagov/vulnrichment CVE-2024-3931 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3931 - https://github.com/storbeck/vulnrichment-cli @@ -165996,6 +166300,7 @@ CVE-2024-4042 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4058 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4059 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4060 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-4064 - https://github.com/helloyhrr/IoT_vulnerability CVE-2024-4083 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4085 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4086 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -166029,7 +166334,9 @@ CVE-2024-4233 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4234 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4235 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4236 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-4236 - https://github.com/helloyhrr/IoT_vulnerability CVE-2024-4237 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-4239 - https://github.com/helloyhrr/IoT_vulnerability CVE-2024-4252 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4255 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4256 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -166040,6 +166347,7 @@ CVE-2024-4257 - https://github.com/wy876/wiki CVE-2024-4265 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4286 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4295 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2024-4295 - https://github.com/truonghuuphuc/CVE-2024-4295-Poc CVE-2024-4296 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4297 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4298 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -166051,6 +166359,7 @@ CVE-2024-4323 - https://github.com/d0rb/CVE-2024-4323 CVE-2024-4323 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-4323 - https://github.com/skilfoy/CVE-2024-4323-Exploit-POC CVE-2024-4323 - https://github.com/yuansec/CVE-2024-4323-dos_poc +CVE-2024-4323 - https://github.com/zgimszhd61/openai-sec-test-cve-quickstart CVE-2024-4324 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4331 - https://github.com/angelov-1080/CVE_Checker CVE-2024-4331 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -166065,25 +166374,33 @@ CVE-2024-4352 - https://github.com/truonghuuphuc/CVE-2024-4352-Poc CVE-2024-4354 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4357 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4358 - https://github.com/GhostTroops/TOP +CVE-2024-4358 - https://github.com/Harydhk7/CVE-2024-4358 +CVE-2024-4358 - https://github.com/RevoltSecurities/CVE-2024-4358 +CVE-2024-4358 - https://github.com/Sk1dr0wz/CVE-2024-4358_Mass_Exploit CVE-2024-4358 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-4358 - https://github.com/securitycipher/daily-bugbounty-writeups CVE-2024-4358 - https://github.com/sinsinology/CVE-2024-4358 CVE-2024-4358 - https://github.com/tanjiti/sec_profile +CVE-2024-4358 - https://github.com/wy876/POC +CVE-2024-4358 - https://github.com/wy876/wiki CVE-2024-4363 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4367 - https://github.com/GhostTroops/TOP CVE-2024-4367 - https://github.com/LOURC0D3/CVE-2024-4367-PoC CVE-2024-4367 - https://github.com/Threekiii/Awesome-POC CVE-2024-4367 - https://github.com/avalahEE/pdfjs_disable_eval +CVE-2024-4367 - https://github.com/clarkio/pdfjs-vuln-demo CVE-2024-4367 - https://github.com/google/fishy-pdf CVE-2024-4367 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-4367 - https://github.com/s4vvysec/CVE-2024-4367-POC CVE-2024-4367 - https://github.com/spaceraccoon/detect-cve-2024-4367 CVE-2024-4367 - https://github.com/tanjiti/sec_profile +CVE-2024-4367 - https://github.com/zgimszhd61/openai-sec-test-cve-quickstart CVE-2024-4368 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4369 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4370 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4373 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4374 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-43770 - https://github.com/netlas-io/netlas-dorks CVE-2024-4392 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4393 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4405 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -166098,7 +166415,9 @@ CVE-2024-4439 - https://github.com/xssor-dz/-CVE-2024-4439 CVE-2024-4440 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4443 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-4443 - https://github.com/truonghuuphuc/CVE-2024-4443-Poc +CVE-2024-4443 - https://github.com/wjlin0/poc-doc CVE-2024-4443 - https://github.com/wy876/POC +CVE-2024-4443 - https://github.com/wy876/wiki CVE-2024-4444 - https://github.com/JohnnyBradvo/CVE-2024-4444 CVE-2024-4444 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-4445 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -166138,7 +166457,22 @@ CVE-2024-4561 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4562 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4568 - https://github.com/bladchan/bladchan CVE-2024-4577 - https://github.com/0xsyr0/OSCP +CVE-2024-4577 - https://github.com/11whoami99/CVE-2024-4577 +CVE-2024-4577 - https://github.com/GhostTroops/TOP +CVE-2024-4577 - https://github.com/Junp0/CVE-2024-4577 +CVE-2024-4577 - https://github.com/Sysc4ll3r/CVE-2024-4577 +CVE-2024-4577 - https://github.com/TAM-K592/CVE-2024-4577 +CVE-2024-4577 - https://github.com/WanLiChangChengWanLiChang/CVE-2024-4577-RCE-EXP +CVE-2024-4577 - https://github.com/Wh02m1/CVE-2024-4577 +CVE-2024-4577 - https://github.com/Yukiioz/CVE-2024-4577 +CVE-2024-4577 - https://github.com/huseyinstif/CVE-2024-4577-Nuclei-Template CVE-2024-4577 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2024-4577 - https://github.com/ohhhh693/CVE-2024-4577 +CVE-2024-4577 - https://github.com/princew88/CVE-2024-4577 +CVE-2024-4577 - https://github.com/taida957789/CVE-2024-4577 +CVE-2024-4577 - https://github.com/watchtowrlabs/CVE-2024-4577 +CVE-2024-4577 - https://github.com/wy876/POC +CVE-2024-4577 - https://github.com/wy876/wiki CVE-2024-4582 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4583 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4584 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -166220,6 +166554,7 @@ CVE-2024-4822 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4823 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4824 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4825 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-4835 - https://github.com/netlas-io/netlas-dorks CVE-2024-4835 - https://github.com/tanjiti/sec_profile CVE-2024-4837 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4840 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -166250,15 +166585,25 @@ CVE-2024-4931 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4932 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4933 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4945 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-4947 - https://github.com/cisagov/vulnrichment +CVE-2024-4947 - https://github.com/zgimszhd61/openai-sec-test-cve-quickstart +CVE-2024-4956 - https://github.com/Cappricio-Securities/CVE-2024-4956 +CVE-2024-4956 - https://github.com/GoatSecurity/CVE-2024-4956 CVE-2024-4956 - https://github.com/Ostorlab/KEV +CVE-2024-4956 - https://github.com/Praison001/CVE-2024-4956-Sonatype-Nexus-Repository-Manager CVE-2024-4956 - https://github.com/Threekiii/Awesome-POC CVE-2024-4956 - https://github.com/Threekiii/CVE +CVE-2024-4956 - https://github.com/TypicalModMaker/CVE-2024-4956 CVE-2024-4956 - https://github.com/X1r0z/JettyFuzz CVE-2024-4956 - https://github.com/banditzCyber0x/CVE-2024-4956 CVE-2024-4956 - https://github.com/codeb0ss/CVE-2024-4956-PoC +CVE-2024-4956 - https://github.com/fin3ss3g0d/CVE-2024-4956 +CVE-2024-4956 - https://github.com/fin3ss3g0d/Shiro1Extractor +CVE-2024-4956 - https://github.com/fin3ss3g0d/Shiro1Tools CVE-2024-4956 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4956 - https://github.com/gmh5225/CVE-2024-4956 CVE-2024-4956 - https://github.com/ifconfig-me/CVE-2024-4956-Bulk-Scanner +CVE-2024-4956 - https://github.com/ifconfig-me/Path-Traversal-Scanner CVE-2024-4956 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-4956 - https://github.com/securitycipher/daily-bugbounty-writeups CVE-2024-4956 - https://github.com/tanjiti/sec_profile @@ -166267,6 +166612,7 @@ CVE-2024-4956 - https://github.com/wjlin0/poc-doc CVE-2024-4956 - https://github.com/wy876/POC CVE-2024-4956 - https://github.com/wy876/wiki CVE-2024-4956 - https://github.com/xungzzz/CVE-2024-4956 +CVE-2024-49606 - https://github.com/netlas-io/netlas-dorks CVE-2024-4966 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4978 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4984 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -166286,6 +166632,7 @@ CVE-2024-5051 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5072 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5084 - https://github.com/Chocapikk/CVE-2024-5084 CVE-2024-5084 - https://github.com/KTN1990/CVE-2024-5084 +CVE-2024-5084 - https://github.com/k3lpi3b4nsh33/CVE-2024-5084 CVE-2024-5084 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-5084 - https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main CVE-2024-5088 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -166305,6 +166652,7 @@ CVE-2024-5229 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5273 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5274 - https://github.com/kip93/kip93 CVE-2024-5326 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2024-5326 - https://github.com/truonghuuphuc/CVE-2024-5326-Poc CVE-2024-5359 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5360 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5361 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -166321,6 +166669,7 @@ CVE-2024-5391 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-54321 - https://github.com/runwuf/clickhouse-test CVE-2024-5438 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5522 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2024-5522 - https://github.com/truonghuuphuc/CVE-2024-5522-Poc CVE-2024-5542 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5555 - https://github.com/JohnnyBradvo/CVE-2024-5555 CVE-2024-5555 - https://github.com/nomi-sec/PoC-in-GitHub @@ -166330,6 +166679,8 @@ CVE-2024-5678 - https://github.com/Dashrath158/CVE-Management-App-using-Flask CVE-2024-5678 - https://github.com/bergel07/FinalProject CVE-2024-5733 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5734 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-5745 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-5770 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-6271 - https://github.com/Jokergazaa/zero-click-exploits CVE-2024-65230 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-6666 - https://github.com/JohnnyBradvo/CVE-2024-6666 diff --git a/references.txt b/references.txt index 7407804567..f6a1c5f431 100644 --- a/references.txt +++ b/references.txt @@ -20966,6 +20966,7 @@ CVE-2012-1150 - http://bugs.python.org/issue13703 CVE-2012-1150 - http://www.ubuntu.com/usn/USN-1616-1 CVE-2012-1153 - http://www.exploit-db.com/exploits/18392 CVE-2012-1153 - http://www.exploit-db.com/exploits/18922 +CVE-2012-1156 - https://moodle.org/mod/forum/discuss.php?d=198623 CVE-2012-1173 - https://bugzilla.redhat.com/show_bug.cgi?id=803078 CVE-2012-1182 - https://www.samba.org/samba/security/CVE-2012-1182 CVE-2012-1198 - http://packetstormsecurity.org/files/109663/BASE-1.4.5-Remote-File-Inclusion-Shell-Creation.html @@ -21941,6 +21942,10 @@ CVE-2012-4532 - http://www.darksecurity.de/advisories/2012/SSCHADV2012-014.txt CVE-2012-4540 - https://bugzilla.redhat.com/show_bug.cgi?id=869040 CVE-2012-4553 - http://drupal.org/node/1815912 CVE-2012-4554 - http://drupal.org/node/1815912 +CVE-2012-4567 - http://sourceforge.net/p/mydms/code/HEAD/tree/trunk/CHANGELOG +CVE-2012-4568 - http://sourceforge.net/p/mydms/code/HEAD/tree/trunk/CHANGELOG +CVE-2012-4569 - http://sourceforge.net/p/mydms/code/HEAD/tree/trunk/CHANGELOG +CVE-2012-4570 - http://sourceforge.net/p/mydms/code/HEAD/tree/trunk/CHANGELOG CVE-2012-4573 - http://packetstormsecurity.com/files/118733/Red-Hat-Security-Advisory-2012-1558-01.html CVE-2012-4577 - http://www.digitalbond.com/2012/06/13/korenix-and-oring-insecurity CVE-2012-4600 - http://www.kb.cert.org/vuls/id/511404 @@ -40846,6 +40851,7 @@ CVE-2016-9294 - http://bugs.ghostscript.com/show_bug.cgi?id=697172 CVE-2016-9296 - https://github.com/yangke/7zip-null-pointer-dereference CVE-2016-9296 - https://sourceforge.net/p/p7zip/discussion/383043/thread/648d34db/ CVE-2016-9297 - http://bugzilla.maptools.org/show_bug.cgi?id=2590 +CVE-2016-9299 - http://www.slideshare.net/codewhitesec/java-deserialization-vulnerabilities-the-forgotten-bug-class-deepsec-edition CVE-2016-9299 - https://groups.google.com/forum/#!original/jenkinsci-advisories/-fc-w9tNEJE/GRvEzWoJBgAJ CVE-2016-9299 - https://www.cloudbees.com/jenkins-security-advisory-2016-11-16 CVE-2016-9299 - https://www.exploit-db.com/exploits/44642/ @@ -52482,6 +52488,7 @@ CVE-2018-25020 - http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-S CVE-2018-25031 - https://security.snyk.io/vuln/SNYK-JS-SWAGGERUI-2314885 CVE-2018-25032 - https://github.com/madler/zlib/issues/605 CVE-2018-25032 - https://www.oracle.com/security-alerts/cpujul2022.html +CVE-2018-25034 - https://vuldb.com/?id.126695 CVE-2018-25035 - https://vuldb.com/?id.126696 CVE-2018-25036 - https://vuldb.com/?id.126697 CVE-2018-25037 - https://vuldb.com/?id.126698 @@ -65518,6 +65525,7 @@ CVE-2020-19284 - https://www.seebug.org/vuldb/ssvid-97944 CVE-2020-19286 - https://www.seebug.org/vuldb/ssvid-97942 CVE-2020-19290 - https://www.seebug.org/vuldb/ssvid-97949 CVE-2020-19292 - https://www.seebug.org/vuldb/ssvid-97953 +CVE-2020-19294 - https://www.seebug.org/vuldb/ssvid-97952 CVE-2020-19295 - https://www.seebug.org/vuldb/ssvid-97950 CVE-2020-19301 - https://github.com/tingyuu/vaeThink/issues/1 CVE-2020-19302 - https://github.com/tingyuu/vaeThink/issues/2 @@ -89958,6 +89966,7 @@ CVE-2023-26774 - https://packetstormsecurity.com/files/171692/Sales-Tracker-Mana CVE-2023-26775 - http://packetstormsecurity.com/files/171705/Monitorr-1.7.6-Cross-Site-Scripting.html CVE-2023-26776 - http://packetstormsecurity.com/files/171705/Monitorr-1.7.6-Cross-Site-Scripting.html CVE-2023-26777 - http://packetstormsecurity.com/files/171699/Uptime-Kuma-1.19.6-Cross-Site-Scripting.html +CVE-2023-26793 - https://github.com/stephane/libmodbus/issues/683 CVE-2023-26800 - https://github.com/winmt/my-vuls/tree/main/RG-EW1200 CVE-2023-26801 - https://github.com/winmt/my-vuls/tree/main/LB-LINK%20BL-AC1900%2C%20BL-WR9000%2C%20BL-X26%20and%20BL-LTE300%20Wireless%20Routers CVE-2023-26802 - https://github.com/winmt/my-vuls/tree/main/DCN%20DCBI-Netlog-LAB @@ -90584,6 +90593,7 @@ CVE-2023-29714 - https://info.vadesecure.com/hubfs/Ressource%20Marketing%20Websi CVE-2023-2972 - https://huntr.dev/bounties/009f1cd9-401c-49a7-bd08-be35cff6faef CVE-2023-29722 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29722/CVE%20detail.md CVE-2023-29724 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29724/CVE%20detail.md +CVE-2023-29725 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29725/CVE%20detail.md CVE-2023-29726 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29726/CVE%20detail.md CVE-2023-29731 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29731/CVE%20detail.md CVE-2023-29732 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29732/CVE%20detail.md @@ -90591,9 +90601,12 @@ CVE-2023-29733 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-2973 CVE-2023-29734 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29734/CVE%20detail.md CVE-2023-29735 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29735/CVE%20detail.md CVE-2023-29736 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29736/CVE%20detail.md +CVE-2023-29737 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29737/CVE%20detail.md CVE-2023-29738 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29738/CVE%20detail.md CVE-2023-29738 - https://play.google.com/store/apps/details?id=com.amdroidalarmclock.amdroid +CVE-2023-29739 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29739/CVE%20detail.md CVE-2023-29739 - https://play.google.com/store/apps/details?id=com.amdroidalarmclock.amdroid +CVE-2023-29740 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29740/CVE%20detail.md CVE-2023-29740 - https://play.google.com/store/apps/details?id=com.amdroidalarmclock.amdroid CVE-2023-29741 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29741/CVE%20detail.md CVE-2023-29742 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29742/CVE%20detail.md @@ -90602,9 +90615,12 @@ CVE-2023-29745 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-2974 CVE-2023-29746 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29746/CVE%20detail.md CVE-2023-29747 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29747/CVE%20detail.md CVE-2023-29748 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29748/CVE%20detail.md +CVE-2023-29749 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29749/CVE%20detailed.md CVE-2023-29751 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29751/CVE%20detailed.md +CVE-2023-29752 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29752/CVE%20detailed.md CVE-2023-29753 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29753/CVE%20detailed.md CVE-2023-29756 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29756/CVE%20detailed.md +CVE-2023-29757 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29757/CVE%20detailed.md CVE-2023-29758 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29758/CVE%20detailed.md CVE-2023-29759 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29759/CVE%20detailed.md CVE-2023-29766 - https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29766/CVE%20detailed.md @@ -92909,6 +92925,7 @@ CVE-2023-43278 - https://blog.csdn.net/sugaryzheng/article/details/133283101?spm CVE-2023-43284 - https://github.com/MateusTesser/CVE-2023-43284 CVE-2023-43291 - https://gist.github.com/Dar1in9s/e3db6b04daacb68633a97581bbd5921b CVE-2023-43309 - https://github.com/TishaManandhar/Webmin_xss_POC/blob/main/XSS +CVE-2023-43318 - https://seclists.org/fulldisclosure/2024/Mar/9 CVE-2023-43319 - https://medium.com/@muthumohanprasath.r/reflected-cross-site-scripting-on-icewarp-webclient-product-cve-2023-43319-c2ad758ac2bc CVE-2023-43320 - http://packetstormsecurity.com/files/176967/Proxmox-VE-7.4-1-TOTP-Brute-Force.html CVE-2023-43321 - https://github.com/Push3AX/vul/blob/main/DCN/DCFW_1800_SDC_CommandInjection.md @@ -93434,6 +93451,7 @@ CVE-2023-46587 - https://github.com/nasroabd/vulns/tree/main/XnView/2.51.5 CVE-2023-46602 - https://github.com/InternationalColorConsortium/DemoIccMAX/pull/53 CVE-2023-46603 - https://github.com/InternationalColorConsortium/DemoIccMAX/pull/53 CVE-2023-46604 - http://packetstormsecurity.com/files/175676/Apache-ActiveMQ-Unauthenticated-Remote-Code-Execution.html +CVE-2023-46604 - http://seclists.org/fulldisclosure/2024/Apr/18 CVE-2023-46604 - https://packetstormsecurity.com/files/175676/Apache-ActiveMQ-Unauthenticated-Remote-Code-Execution.html CVE-2023-4666 - https://wpscan.com/vulnerability/c6597e36-02d6-46b4-89db-52c160f418be CVE-2023-46661 - https://www.cisa.gov/news-events/ics-advisories/icsa-23-299-07 @@ -93652,6 +93670,7 @@ CVE-2023-48011 - https://github.com/gpac/gpac/issues/2611 CVE-2023-48013 - https://github.com/gpac/gpac/issues/2612 CVE-2023-48014 - https://github.com/gpac/gpac/issues/2613 CVE-2023-48016 - https://github.com/Serhatcck/cves/blob/main/CVE-2023-48016-restaurant-table-booking-system-SQLInjection.md +CVE-2023-48022 - https://www.vicarius.io/vsociety/posts/shadowray-cve-2023-48022-exploit CVE-2023-48028 - https://nitipoom-jar.github.io/CVE-2023-48028/ CVE-2023-48029 - https://nitipoom-jar.github.io/CVE-2023-48029/ CVE-2023-48031 - https://nitipoom-jar.github.io/CVE-2023-48031/ @@ -93860,6 +93879,7 @@ CVE-2023-49147 - http://seclists.org/fulldisclosure/2023/Dec/18 CVE-2023-49147 - https://sec-consult.com/vulnerability-lab/advisory/local-privilege-escalation-via-msi-installer-in-pdf24-creator-geek-software-gmbh/ CVE-2023-49210 - https://gist.github.com/mcoimbra/b05a55a5760172dccaa0a827647ad63e CVE-2023-4922 - https://wpscan.com/vulnerability/968d87c0-af60-45ea-b34e-8551313cc8df +CVE-2023-49231 - http://seclists.org/fulldisclosure/2024/Apr/1 CVE-2023-49231 - https://www.schutzwerk.com/advisories/SCHUTZWERK-SA-2023-003.txt CVE-2023-49231 - https://www.schutzwerk.com/blog/schutzwerk-sa-2023-003/ CVE-2023-4925 - https://wpscan.com/vulnerability/0b094cba-9288-4c9c-87a9-bdce286fe8b6 @@ -94431,6 +94451,7 @@ CVE-2023-5564 - https://huntr.dev/bounties/9254d8f3-a847-4ae8-8477-d2ce027cff5c CVE-2023-5571 - https://huntr.dev/bounties/926ca25f-dd4a-40cf-8e6b-9d7b5938e95a CVE-2023-5572 - https://huntr.dev/bounties/db649f1b-8578-4ef0-8df3-d320ab33f1be CVE-2023-5573 - https://huntr.dev/bounties/46a2bb2c-712a-4008-a147-b862e3af7d72 +CVE-2023-5585 - https://vuldb.com/?id.242170 CVE-2023-5586 - https://huntr.dev/bounties/d2a6ea71-3555-47a6-9b18-35455d103740 CVE-2023-5590 - https://huntr.dev/bounties/e268cd68-4f34-49bd-878b-82b96dcc0c99 CVE-2023-5591 - https://huntr.dev/bounties/54813d42-5b93-440e-b9b1-c179d2cbf090 @@ -94471,6 +94492,7 @@ CVE-2023-5708 - https://www.wordfence.com/threat-intel/vulnerabilities/id/d96e59 CVE-2023-5718 - https://gist.github.com/CalumHutton/bdb97077a66021ed455f87823cd7c7cb CVE-2023-5724 - https://bugzilla.mozilla.org/show_bug.cgi?id=1836705 CVE-2023-5725 - https://bugzilla.mozilla.org/show_bug.cgi?id=1845739 +CVE-2023-5729 - https://bugzilla.mozilla.org/show_bug.cgi?id=1823720 CVE-2023-5732 - https://bugzilla.mozilla.org/show_bug.cgi?id=1690979 CVE-2023-5737 - https://wpscan.com/vulnerability/c761c67c-eab8-4e1b-a332-c9a45e22bb13 CVE-2023-5738 - https://wpscan.com/vulnerability/7f935916-9a1a-40c7-b6d8-efcc46eb8eaf @@ -94499,6 +94521,7 @@ CVE-2023-5817 - https://drive.google.com/file/d/125xS3GVMr7_qo5HjWvXaXixuE_R-q_u CVE-2023-5826 - https://github.com/Cubi123123123/cve/blob/main/NS-ASG-sql-list_onlineuser.md CVE-2023-5826 - https://vuldb.com/?id.243716 CVE-2023-5832 - https://huntr.com/bounties/afee3726-571f-416e-bba5-0828c815f5df +CVE-2023-5836 - https://vuldb.com/?id.243800 CVE-2023-5838 - https://huntr.com/bounties/8f6feca3-386d-4897-801c-39b9e3e5eb03 CVE-2023-5839 - https://huntr.com/bounties/21125f12-64a0-42a3-b218-26b9945a5bc0 CVE-2023-5840 - https://huntr.com/bounties/8042d8c3-650e-4c0d-9146-d9ccf6082b30 @@ -94790,6 +94813,7 @@ CVE-2023-6832 - https://huntr.com/bounties/53105a20-f4b1-45ad-a734-0349de6d7376 CVE-2023-6840 - https://gitlab.com/gitlab-org/gitlab/-/issues/435500 CVE-2023-6843 - https://wpscan.com/vulnerability/41508340-8caf-4dca-bd88-350b63b78ab0 CVE-2023-6845 - https://wpscan.com/vulnerability/cbdaf158-f277-4be4-b022-68d18dae4c55 +CVE-2023-6860 - https://bugzilla.mozilla.org/show_bug.cgi?id=1854669 CVE-2023-6861 - https://bugzilla.mozilla.org/show_bug.cgi?id=1864118 CVE-2023-6866 - https://bugzilla.mozilla.org/show_bug.cgi?id=1849037 CVE-2023-6867 - https://bugzilla.mozilla.org/show_bug.cgi?id=1863863 @@ -94929,6 +94953,7 @@ CVE-2023-7247 - https://drive.google.com/file/d/1GCOzJ-ZovYij9GIdmsrZrR9g8mlC22h CVE-2023-7247 - https://wpscan.com/vulnerability/96b93253-31d0-4184-94b7-f1e18355d841/ CVE-2023-7252 - https://wpscan.com/vulnerability/c452c5da-05a6-4a14-994d-e5049996d496/ CVE-2023-7253 - https://wpscan.com/vulnerability/aeefcc01-bbbf-4d86-9cfd-ea0f9a85e1a5/ +CVE-2023-7261 - https://issues.chromium.org/issues/40064602 CVE-2024-0023 - https://android.googlesource.com/platform/frameworks/av/+/30b1b34cfd5abfcfee759e7d13167d368ac6c268 CVE-2024-0044 - https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-m7fh-f3w4-r6v2 CVE-2024-0044 - https://rtx.meta.security/exploitation/2024/03/04/Android-run-as-forgery.html @@ -95165,6 +95190,7 @@ CVE-2024-1215 - https://github.com/PrecursorYork/crud-without-refresh-reload-Ref CVE-2024-1219 - https://wpscan.com/vulnerability/ce4ac9c4-d293-4464-b6a0-82ddf8d4860b/ CVE-2024-1231 - https://wpscan.com/vulnerability/7d3968d9-61ed-4c00-8764-0360cf03255e/ CVE-2024-1232 - https://wpscan.com/vulnerability/2a29b509-4cd5-43c8-84f4-f86251dd28f8/ +CVE-2024-1252 - https://github.com/b51s77/cve/blob/main/sql.md CVE-2024-1252 - https://vuldb.com/?id.252991 CVE-2024-1253 - https://github.com/b51s77/cve/blob/main/upload.md CVE-2024-1254 - https://github.com/rockersiyuan/CVE/blob/main/Smart%20S20.md @@ -95207,6 +95233,7 @@ CVE-2024-1671 - https://issues.chromium.org/issues/41487933 CVE-2024-1672 - https://issues.chromium.org/issues/41485789 CVE-2024-1675 - https://issues.chromium.org/issues/41486208 CVE-2024-1676 - https://issues.chromium.org/issues/40944847 +CVE-2024-1694 - https://issues.chromium.org/issues/40946325 CVE-2024-1700 - https://github.com/omarexala/PHP-MYSQL-User-Login-System---Stored-XSS CVE-2024-1701 - https://github.com/omarexala/PHP-MYSQL-User-Login-System---Broken-Access-Control CVE-2024-1702 - https://github.com/omarexala/PHP-MYSQL-User-Login-System---SQL-Injection @@ -95575,6 +95602,7 @@ CVE-2024-22419 - https://github.com/vyperlang/vyper/security/advisories/GHSA-2q8 CVE-2024-22422 - https://github.com/Mintplex-Labs/anything-llm/security/advisories/GHSA-xmj6-g32r-fc5q CVE-2024-22490 - https://github.com/cui2shark/security/blob/main/beetl-bbs%20-%20A%20reflected%20cross-site%20scripting%20(XSS)%20vulnerability%20was%20discovered%20in%20the%20search%20box.md CVE-2024-22491 - https://github.com/cui2shark/security/blob/main/A%20stored%20cross-site%20scripting%20(XSS)%20vulnerability%20was%20discovered%20in%20beetl-bbs%20post%20save.md +CVE-2024-22492 - https://github.com/cui2shark/security/blob/main/(JFinalcms%20contact%20para)A%20stored%20cross-site%20scripting%20(XSS)%20vulnerability%20was%20discovered%20in%20Jfinalcms%20contact%20para.md CVE-2024-22496 - https://github.com/cui2shark/security/blob/main/(JFinalcms%20admin-login-username)%20.md CVE-2024-22497 - https://github.com/cui2shark/security/blob/main/(JFinalcms%20admin-login-password)%20.md CVE-2024-22514 - https://github.com/Orange-418/CVE-2024-22514-Remote-Code-Execution @@ -95795,6 +95823,7 @@ CVE-2024-24041 - https://portswigger.net/web-security/cross-site-scripting CVE-2024-2405 - https://wpscan.com/vulnerability/c42ffa15-6ebe-4c70-9e51-b95bd05ea04d/ CVE-2024-24050 - https://www.muratcagrialis.com/workout-journal-app-stored-xss-cve-2024-24050 CVE-2024-24059 - https://github.com/By-Yexing/Vulnerability_JAVA/blob/main/2024/springboot-manager.md#2-file-upload-vulnerability +CVE-2024-24060 - https://github.com/By-Yexing/Vulnerability_JAVA/blob/main/2024/springboot-manager.md#11-stored-cross-site-scripting-sysuser CVE-2024-24062 - https://github.com/By-Yexing/Vulnerability_JAVA/blob/main/2024/springboot-manager.md#12-stored-cross-site-scripting-sysrole CVE-2024-24115 - https://mechaneus.github.io/CVE-2024-24115.html CVE-2024-24115 - https://mechaneus.github.io/CVE-PENDING-COTONTI.html @@ -95815,6 +95844,7 @@ CVE-2024-24149 - https://github.com/libming/libming/issues/310 CVE-2024-24150 - https://github.com/libming/libming/issues/309 CVE-2024-24155 - https://github.com/axiomatic-systems/Bento4/issues/919 CVE-2024-24156 - https://github.com/gnuboard/g6/issues/316 +CVE-2024-24157 - https://github.com/gnuboard/g6/issues/314 CVE-2024-24160 - https://github.com/wy876/cve/issues/1 CVE-2024-24161 - https://github.com/wy876/cve/issues/2 CVE-2024-24186 - https://github.com/pcmacdon/jsish/issues/98 @@ -95824,6 +95854,7 @@ CVE-2024-24246 - https://github.com/qpdf/qpdf/issues/1123 CVE-2024-24256 - https://github.com/l8l1/killl.github.io/blob/main/3.md CVE-2024-2428 - https://wpscan.com/vulnerability/4832e223-4571-4b45-97db-2fd403797c49/ CVE-2024-2429 - https://wpscan.com/vulnerability/1c6812d8-a218-4c15-9e2d-d43f3f3b0e78/ +CVE-2024-24294 - https://gist.github.com/mestrtee/d1eb6e1f7c6dd60d8838c3e56cab634d CVE-2024-24300 - https://github.com/yckuo-sdc/PoC CVE-2024-24301 - https://github.com/yckuo-sdc/PoC CVE-2024-2432 - https://security.paloaltonetworks.com/CVE-2024-2432 @@ -95861,6 +95892,7 @@ CVE-2024-24506 - https://bugs.limesurvey.org/bug_relationship_graph.php?bug_id=1 CVE-2024-24506 - https://www.exploit-db.com/exploits/51926 CVE-2024-24511 - https://github.com/machisri/CVEs-and-Vulnerabilities/blob/main/CVE-2024-24511%20-%3E%20Stored%20XSS%20in%20input%20Title%20of%20the%20Component CVE-2024-24512 - https://github.com/machisri/CVEs-and-Vulnerabilities/blob/main/CVE-2024-24512%20-%3E%20Stored%20XSS%20in%20input%20SubTitle%20of%20the%20Component +CVE-2024-24520 - https://packetstormsecurity.com/files/176647/Lepton-CMS-7.0.0-Remote-Code-Execution.html CVE-2024-24524 - https://github.com/harryrabbit5651/cms/blob/main/1.md CVE-2024-2453 - https://www.cisa.gov/news-events/ics-advisories/icsa-24-081-01 CVE-2024-24543 - https://github.com/TimeSeg/IOT_CVE/blob/main/tenda/AC9V3/0130/setSchedWifi.md @@ -96079,6 +96111,7 @@ CVE-2024-25511 - https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d# CVE-2024-25512 - https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#attachdownloadaspx CVE-2024-25513 - https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#kaizen_downloadaspx CVE-2024-25514 - https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#wf_template_child_field_listaspx +CVE-2024-25515 - https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#wf_work_finish_file_downaspx CVE-2024-25517 - https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#mfaspx CVE-2024-25518 - https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#wf_get_fields_approveaspx CVE-2024-25519 - https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#wf_work_printaspx @@ -96087,12 +96120,15 @@ CVE-2024-25521 - https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d# CVE-2024-25522 - https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#wf_work_form_saveaspx CVE-2024-25523 - https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#file_memoaspx CVE-2024-25524 - https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#workplanattachdownloadaspx +CVE-2024-25525 - https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#officefiledownloadaspx CVE-2024-25526 - https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#pm_gatt_incaspx CVE-2024-25527 - https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#worklog_template_showaspx CVE-2024-25528 - https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#wf_work_stat_settingaspx +CVE-2024-25529 - https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#wf_office_file_history_showaspx CVE-2024-2553 - https://github.com/BurakSevben/CVEs/blob/main/Product%20Rating%20System/CVE-2024-2553%20-%20Product%20Rating%20System%20-%20Cross-Site-Scripting.md CVE-2024-25530 - https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#get_find_condictionaspx CVE-2024-25531 - https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#searchcondictionaspx +CVE-2024-25532 - https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#get_dictaspx CVE-2024-25533 - https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#information-leakage-and-unauthorized-access-to-sensitive-data CVE-2024-2554 - https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/2024/Task%20Management%20System%20-%20multiple%20vulnerabilities.md#3sql-injection-vulnerability-in-update-employeephp CVE-2024-2555 - https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/2024/Task%20Management%20System%20-%20multiple%20vulnerabilities.md#4sql-injection-vulnerability-in-update-adminphp @@ -96103,6 +96139,8 @@ CVE-2024-25575 - https://www.talosintelligence.com/vulnerability_reports/TALOS-2 CVE-2024-2558 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/formexeCommand.md CVE-2024-2559 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/fromSysToolReboot.md CVE-2024-2560 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/fromSysToolRestoreSet.md +CVE-2024-25600 - https://github.com/Chocapikk/CVE-2024-25600 +CVE-2024-25600 - https://github.com/K3ysTr0K3R/CVE-2024-25600-EXPLOIT CVE-2024-25600 - https://snicco.io/vulnerability-disclosure/bricks/unauthenticated-rce-in-bricks-1-9-6 CVE-2024-25618 - https://github.com/mastodon/mastodon/security/advisories/GHSA-vm39-j3vx-pch3 CVE-2024-25619 - https://github.com/mastodon/mastodon/security/advisories/GHSA-7w3c-p9j8-mq3x @@ -96110,6 +96148,7 @@ CVE-2024-25625 - https://github.com/pimcore/admin-ui-classic-bundle/security/adv CVE-2024-25627 - https://github.com/alfio-event/alf.io/security/advisories/GHSA-gpmg-8f92-37cf CVE-2024-25634 - https://github.com/alfio-event/alf.io/security/advisories/GHSA-5wcv-pjc6-mxvv CVE-2024-25635 - https://github.com/alfio-event/alf.io/security/advisories/GHSA-ffr5-g3qg-gp4f +CVE-2024-25641 - https://github.com/Cacti/cacti/security/advisories/GHSA-7cmj-g5qc-pj88 CVE-2024-25648 - https://talosintelligence.com/vulnerability_reports/TALOS-2024-1959 CVE-2024-25648 - https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1959 CVE-2024-25652 - https://www.cvcn.gov.it/cvcn/cve/CVE-2024-25652 @@ -96204,6 +96243,7 @@ CVE-2024-26445 - https://github.com/xiaolanjing0/cms/blob/main/1.md CVE-2024-26454 - https://github.com/OmRajpurkar/Healthcare-Chatbot/issues/4 CVE-2024-26454 - https://medium.com/@0x0d0x0a/healthcare-chatbot-xss-cve-2024-26454-acf2607bf210 CVE-2024-26470 - https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2024-26470 +CVE-2024-26471 - https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2024-26471 CVE-2024-26476 - https://github.com/mpdf/mpdf/issues/867 CVE-2024-26489 - https://github.com/2111715623/cms/blob/main/3.md CVE-2024-26490 - https://github.com/2111715623/cms/blob/main/2.md @@ -96320,6 +96360,7 @@ CVE-2024-2761 - https://wpscan.com/vulnerability/e092ccdc-7ea1-4937-97b7-4cdbff5 CVE-2024-27619 - https://github.com/ioprojecton/dir-3040_dos CVE-2024-27619 - https://www.dlink.com/en/security-bulletin/ CVE-2024-27620 - https://packetstormsecurity.com/files/177506/Ladder-0.0.21-Server-Side-Request-Forgery.html +CVE-2024-27622 - https://packetstormsecurity.com/files/177241/CMS-Made-Simple-2.2.19-Remote-Code-Execution.html CVE-2024-27625 - https://packetstormsecurity.com/files/177243/CMS-Made-Simple-2.2.19-Cross-Site-Scripting.html CVE-2024-27626 - https://packetstormsecurity.com/files/177239/Dotclear-2.29-Cross-Site-Scripting.html CVE-2024-27627 - https://packetstormsecurity.com/files/177254/SuperCali-1.1.0-Cross-Site-Scripting.html @@ -96619,6 +96660,7 @@ CVE-2024-29400 - https://github.com/Fr1ezy/RuoYi_info CVE-2024-29401 - https://github.com/menghaining/PoC/blob/main/xzs-mysql/xzs-mysql%20--%20PoC.md CVE-2024-29402 - https://gist.github.com/menghaining/8d424faebfe869c80eadaea12bbdd158 CVE-2024-29413 - https://github.com/RealestName/Vulnerability-Research/tree/main/CVE-2024-29413 +CVE-2024-29415 - https://github.com/indutny/node-ip/issues/150 CVE-2024-29421 - https://github.com/SpikeReply/advisories/blob/530dbd7ce68600a22c47dd1bcbe360220feda1d9/cve/xmedcon/cve-2024-29421.md CVE-2024-2944 - https://vuldb.com/?id.258035 CVE-2024-29461 - https://gist.github.com/ErodedElk/399a226905c574efe705e3bff77955e3 @@ -96671,6 +96713,7 @@ CVE-2024-30258 - https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-5 CVE-2024-30259 - https://drive.google.com/file/d/1Y2bGvP3UIOJCLh_XEURLdhrM2Sznlvlp/view?usp=sharing CVE-2024-30259 - https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-qcj9-939p-p662 CVE-2024-30264 - https://github.com/baptisteArno/typebot.io/security/advisories/GHSA-mx2f-9mcr-8j73 +CVE-2024-30268 - https://github.com/Cacti/cacti/security/advisories/GHSA-9m3v-whmr-pc2q CVE-2024-3048 - https://wpscan.com/vulnerability/e179ff7d-137c-48bf-8b18-e874e3f876f4/ CVE-2024-3050 - https://wpscan.com/vulnerability/04c1581e-fd36-49d4-8463-b49915d4b1ac/ CVE-2024-30564 - https://gist.github.com/mestrtee/5dc2c948c2057f98d3de0a9790903c6c @@ -96735,6 +96778,7 @@ CVE-2024-30809 - https://github.com/axiomatic-systems/Bento4/issues/937 CVE-2024-30840 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC15/V15.03.05.18/fromDhcpListClient_list1.md CVE-2024-30845 - https://gist.github.com/Zshan7que/c813f2b52daab08c9fb4f6c6b8178b66 CVE-2024-30845 - https://github.com/netcccyun/pan/issues/6 +CVE-2024-30849 - https://github.com/wkeyi0x1/vul-report/issues/3 CVE-2024-30850 - https://blog.chebuya.com/posts/remote-code-execution-on-chaos-rat-via-spoofed-agents/ CVE-2024-30851 - https://github.com/chebuya/CVE-2024-30851-jasmin-ransomware-path-traversal-poc CVE-2024-30862 - https://github.com/hundanchen69/cve/blob/main/NS-ASG-sql-index.md @@ -96745,6 +96789,7 @@ CVE-2024-30883 - https://github.com/jianyan74/rageframe2/issues/114 CVE-2024-30884 - https://github.com/Hebing123/cve/issues/28 CVE-2024-30885 - https://github.com/Hebing123/cve/issues/29 CVE-2024-30886 - https://github.com/Hebing123/cve/issues/30 +CVE-2024-30889 - https://github.com/robymontyz/pocs/blob/main/AudimexEE/ReflectedXSS.md CVE-2024-3089 - https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/eahp_csrf.md CVE-2024-3089 - https://vuldb.com/?submit.306963 CVE-2024-30891 - https://github.com/Lantern-r/IoT-vuln/blob/main/Tenda/AC18/formexeCommand.md @@ -96880,6 +96925,7 @@ CVE-2024-31869 - http://www.openwall.com/lists/oss-security/2024/04/17/10 CVE-2024-3188 - https://wpscan.com/vulnerability/bc273e75-7faf-4eaf-8ebd-efc5d6e9261f/ CVE-2024-31989 - https://github.com/argoproj/argo-cd/security/advisories/GHSA-9766-5277-j5hr CVE-2024-32019 - https://github.com/netdata/netdata/security/advisories/GHSA-pmhq-4cxq-wj93 +CVE-2024-32020 - https://github.com/git/git/security/advisories/GHSA-5rfh-556j-fhgj CVE-2024-32022 - https://securitylab.github.com/advisories/GHSL-2024-019_GHSL-2024-024_kohya_ss CVE-2024-32023 - https://securitylab.github.com/advisories/GHSL-2024-019_GHSL-2024-024_kohya_ss CVE-2024-32024 - https://securitylab.github.com/advisories/GHSL-2024-019_GHSL-2024-024_kohya_ss @@ -96921,6 +96967,7 @@ CVE-2024-32311 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F CVE-2024-32312 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F/F1203/formWanParameterSetting.md CVE-2024-32313 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1205/formWanParameterSetting.md CVE-2024-32314 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC500/formexecommand_cmdi.md +CVE-2024-32315 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1202/formWanParameterSetting.md CVE-2024-32316 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC500/fromDhcpListClient_list1.md CVE-2024-32317 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC10/V16.03.10.13/formWanParameterSetting.md CVE-2024-32318 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC500/fromSetVlanInfo_vlan.md @@ -96935,6 +96982,7 @@ CVE-2024-32343 - https://github.com/adiapera/xss_create2_boidcms_2.1.0 CVE-2024-32344 - https://github.com/adiapera/xss_language_cmsimple_5.15/blob/main/README.md CVE-2024-32345 - https://github.com/adiapera/xss_language_cmsimple_5.15 CVE-2024-32359 - https://github.com/HouqiyuA/k8s-rbac-poc +CVE-2024-32369 - https://github.com/chucrutis/CVE-2024-32369 CVE-2024-3239 - https://wpscan.com/vulnerability/dfa1421b-41b0-4b25-95ef-0843103e1f5e/ CVE-2024-32391 - https://github.com/magicblack/maccms10/issues/1133 CVE-2024-32392 - https://github.com/Hebing123/cve/issues/33 @@ -96959,11 +97007,14 @@ CVE-2024-3255 - https://vuldb.com/?id.259104 CVE-2024-3261 - https://wpscan.com/vulnerability/5a0d5922-eefc-48e1-9681-b63e420bb8b3/ CVE-2024-32645 - https://github.com/vyperlang/vyper/security/advisories/GHSA-xchq-w5r3-4wg3 CVE-2024-32646 - https://github.com/vyperlang/vyper/security/advisories/GHSA-r56x-j438-vw5m +CVE-2024-32647 - https://github.com/vyperlang/vyper/security/advisories/GHSA-3whq-64q2-qfj6 CVE-2024-32648 - https://github.com/vyperlang/vyper/security/advisories/GHSA-m2v9-w374-5hj9 CVE-2024-32649 - https://github.com/vyperlang/vyper/security/advisories/GHSA-5jrj-52x8-m64h CVE-2024-3265 - https://wpscan.com/vulnerability/ecb74622-eeed-48b6-a944-4e3494d6594d/ CVE-2024-32650 - https://github.com/rustls/rustls/security/advisories/GHSA-6g7w-8wpp-frhj +CVE-2024-32651 - https://blog.hacktivesecurity.com/index.php/2024/05/08/cve-2024-32651-server-side-template-injection-changedetection-io/ CVE-2024-32651 - https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-4r7v-whpg-8rx3 +CVE-2024-32652 - https://github.com/honojs/node-server/issues/159 CVE-2024-32653 - https://github.com/skylot/jadx/security/advisories/GHSA-3pp3-hg2q-9gpm CVE-2024-32735 - https://www.tenable.com/security/research/tra-2024-14 CVE-2024-32736 - https://www.tenable.com/security/research/tra-2024-14 @@ -96984,13 +97035,19 @@ CVE-2024-32880 - https://github.com/pyload/pyload/security/advisories/GHSA-3f7w- CVE-2024-32881 - https://github.com/danswer-ai/danswer/security/advisories/GHSA-xr9w-3ggr-hr6j CVE-2024-32884 - https://github.com/Byron/gitoxide/security/advisories/GHSA-98p4-xjmm-8mfh CVE-2024-32884 - https://rustsec.org/advisories/RUSTSEC-2024-0335.html +CVE-2024-32886 - https://github.com/vitessio/vitess/security/advisories/GHSA-649x-hxfx-57j2 CVE-2024-32890 - https://github.com/librespeed/speedtest/security/advisories/GHSA-3954-xrwh-fq4q CVE-2024-32962 - https://github.com/node-saml/xml-crypto/security/advisories/GHSA-2xp3-57p7-qf4v CVE-2024-32963 - https://github.com/navidrome/navidrome/security/advisories/GHSA-4jrx-5w4h-3gpm CVE-2024-32964 - https://github.com/lobehub/lobe-chat/security/advisories/GHSA-mxhq-xw3g-rphc +CVE-2024-32966 - https://github.com/static-web-server/static-web-server/security/advisories/GHSA-rwfq-v4hq-h7fg CVE-2024-32970 - https://github.com/payloadbox/xss-payload-list +CVE-2024-32974 - https://github.com/envoyproxy/envoy/security/advisories/GHSA-mgxp-7hhp-8299 +CVE-2024-32975 - https://github.com/envoyproxy/envoy/security/advisories/GHSA-g9mq-6v96-cpqc +CVE-2024-32976 - https://github.com/envoyproxy/envoy/security/advisories/GHSA-7wp5-c2vq-4f8m CVE-2024-32977 - https://github.com/OctoPrint/OctoPrint/security/advisories/GHSA-2vjq-hg5w-5gm7 CVE-2024-32982 - https://github.com/litestar-org/litestar/security/advisories/GHSA-83pv-qr33-2vcf +CVE-2024-32983 - https://github.com/misskey-dev/misskey/security/advisories/GHSA-2vxv-pv3m-3wvj CVE-2024-33101 - https://github.com/thinksaas/ThinkSAAS/issues/34 CVE-2024-33102 - https://github.com/thinksaas/ThinkSAAS/issues/35 CVE-2024-33103 - https://github.com/dokuwiki/dokuwiki/issues/4267 @@ -97115,6 +97172,7 @@ CVE-2024-34070 - https://github.com/froxlor/Froxlor/security/advisories/GHSA-x52 CVE-2024-34075 - https://github.com/xiboon/kurwov/security/advisories/GHSA-hfrv-h3q8-9jpr CVE-2024-34082 - https://github.com/getgrav/grav/security/advisories/GHSA-f8v5-jmfh-pr69 CVE-2024-34196 - https://gist.github.com/Swind1er/1ec2fde42254598a72f1d716f9cfe2a1 +CVE-2024-34199 - https://github.com/DMCERTCE/PoC_Tiny_Overflow CVE-2024-34200 - https://github.com/n0wstr/IOTVuln/tree/main/CP450/setIpQosRules CVE-2024-34201 - https://github.com/n0wstr/IOTVuln/tree/main/CP450/getSaveConfig CVE-2024-34202 - https://github.com/n0wstr/IOTVuln/tree/main/CP450/setMacFilterRules @@ -97125,11 +97183,15 @@ CVE-2024-34207 - https://github.com/n0wstr/IOTVuln/tree/main/CP450/setStaticDhcp CVE-2024-34209 - https://github.com/n0wstr/IOTVuln/tree/main/CP450/setIpPortFilterRules CVE-2024-34210 - https://github.com/n0wstr/IOTVuln/tree/main/CP450/CloudACMunualUpdate_injection CVE-2024-34212 - https://github.com/n0wstr/IOTVuln/tree/main/CP450/CloudACMunualUpdate_overflow +CVE-2024-34213 - https://github.com/n0wstr/IOTVuln/tree/main/CP450/SetPortForwardRules CVE-2024-34215 - https://github.com/n0wstr/IOTVuln/tree/main/CP450/SetUrlFilterRules CVE-2024-34217 - https://github.com/n0wstr/IOTVuln/tree/main/CP450/addWlProfileClientMode CVE-2024-34218 - https://github.com/n0wstr/IOTVuln/tree/main/CP450/NTPSyncWithHost +CVE-2024-34219 - https://github.com/n0wstr/IOTVuln/tree/main/CP450/SetTelnetCfg CVE-2024-34220 - https://github.com/dovankha/CVE-2024-34220 CVE-2024-34221 - https://github.com/dovankha/CVE-2024-34221 +CVE-2024-34222 - https://github.com/dovankha/CVE-2024-34222 +CVE-2024-34223 - https://github.com/dovankha/CVE-2024-34223 CVE-2024-34224 - https://github.com/dovankha/CVE-2024-34224 CVE-2024-34225 - https://github.com/dovankha/CVE-2024-34225 CVE-2024-34226 - https://github.com/dovankha/CVE-2024-34226 @@ -97140,6 +97202,8 @@ CVE-2024-34249 - https://github.com/wasm3/wasm3/issues/485 CVE-2024-34250 - https://github.com/bytecodealliance/wasm-micro-runtime/issues/3346 CVE-2024-34251 - https://github.com/bytecodealliance/wasm-micro-runtime/issues/3347 CVE-2024-34252 - https://github.com/wasm3/wasm3/issues/483 +CVE-2024-34257 - https://github.com/ZackSecurity/VulnerReport/blob/cve/totolink/EX1800T/1.md +CVE-2024-34273 - https://github.com/chrisandoryan/vuln-advisory/blob/main/nJwt/CVE-2024-34273.md CVE-2024-34308 - https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/totolink%20LR350/README.md CVE-2024-34340 - https://github.com/Cacti/cacti/security/advisories/GHSA-37x7-mfjv-mm7m CVE-2024-34345 - https://github.com/CycloneDX/cyclonedx-javascript-library/commit/5e5e1e0b9422f47d2de81c7c4064b803a01e7203 @@ -97148,7 +97212,10 @@ CVE-2024-34345 - https://github.com/CycloneDX/cyclonedx-javascript-library/secur CVE-2024-34347 - https://github.com/hoppscotch/hoppscotch/security/advisories/GHSA-qmmm-73r2-f8xr CVE-2024-34352 - https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-f8ch-w75v-c847 CVE-2024-34359 - https://github.com/abetlen/llama-cpp-python/security/advisories/GHSA-56xg-wfcc-g829 +CVE-2024-34362 - https://github.com/envoyproxy/envoy/security/advisories/GHSA-hww5-43gv-35jv +CVE-2024-34363 - https://github.com/envoyproxy/envoy/security/advisories/GHSA-g979-ph9j-5gg4 CVE-2024-3437 - https://vuldb.com/?id.259631 +CVE-2024-34391 - https://github.com/libxmljs/libxmljs/issues/645 CVE-2024-34391 - https://research.jfrog.com/vulnerabilities/libxmljs-attrs-type-confusion-rce-jfsa-2024-001033988/ CVE-2024-34392 - https://github.com/libxmljs/libxmljs/issues/646 CVE-2024-34392 - https://research.jfrog.com/vulnerabilities/libxmljs-namespaces-type-confusion-rce-jfsa-2024-001034096/ @@ -97161,6 +97228,7 @@ CVE-2024-34401 - https://www.exploit-db.com/exploits/51988 CVE-2024-34408 - https://github.com/Tencent/libpag/issues/2230 CVE-2024-3442 - https://vuldb.com/?id.259695 CVE-2024-3443 - https://github.com/zyairelai/CVE-submissions/blob/main/prison-xss.md +CVE-2024-34448 - https://github.com/phulelouch/CVEs/blob/main/CVE-2024-34448.md CVE-2024-34467 - https://github.com/top-think/framework/issues/2996 CVE-2024-34470 - https://github.com/osvaldotenorio/CVE-2024-34470 CVE-2024-34471 - https://github.com/osvaldotenorio/CVE-2024-34471 @@ -97178,8 +97246,11 @@ CVE-2024-34523 - https://github.com/piuppi/Proof-of-Concepts/blob/main/AChecker/ CVE-2024-34532 - https://github.com/luvsn/OdZoo/tree/main/exploits/query_deluxe CVE-2024-34533 - https://github.com/luvsn/OdZoo/tree/main/exploits/izi_data CVE-2024-34534 - https://github.com/luvsn/OdZoo/tree/main/exploits/text_commander +CVE-2024-34582 - https://github.com/silent6trinity/CVE-2024-34582 CVE-2024-3471 - https://wpscan.com/vulnerability/a3c282fb-81b8-48bf-8c18-8366ea8ad9af/ +CVE-2024-34710 - https://github.com/requarks/wiki/security/advisories/GHSA-xjcj-p2qv-q3rf CVE-2024-34714 - https://github.com/hoppscotch/hoppscotch-extension/security/advisories/GHSA-jjh5-pvqx-gg5v +CVE-2024-34715 - https://github.com/ethyca/fides/security/advisories/GHSA-8cm5-jfj2-26q7 CVE-2024-3472 - https://wpscan.com/vulnerability/d42f74dd-520f-40aa-9cf0-3544db9562c7/ CVE-2024-3474 - https://wpscan.com/vulnerability/e5c3e145-6738-4d85-8507-43ca1b1d5877/ CVE-2024-3475 - https://wpscan.com/vulnerability/bf540242-5306-4c94-ad50-782d0d5b127f/ @@ -97187,8 +97258,20 @@ CVE-2024-3476 - https://wpscan.com/vulnerability/46f74493-9082-48b2-90bc-2c1d1db CVE-2024-3477 - https://wpscan.com/vulnerability/ca5e59e6-c500-4129-997b-391cdf9aa9c7/ CVE-2024-3478 - https://wpscan.com/vulnerability/09f1a696-86ee-47cc-99de-57cfd2a3219d/ CVE-2024-3481 - https://wpscan.com/vulnerability/0c441293-e7f9-4634-8f3a-09925cd2b696/ +CVE-2024-34852 - https://github.com/Yang-Nankai/Vulnerabilities/blob/main/DataCube3%20Shell%20Code%20Injection.md +CVE-2024-34854 - https://github.com/Yang-Nankai/Vulnerabilities/blob/main/DataCube3%20Shell%20Code%20Injection.md CVE-2024-34899 - https://hackerdna.com/courses/cve/cve-2024-34899 +CVE-2024-34905 - https://github.com/CloudWise-OpenSource/FlyFish/issues/191 +CVE-2024-34906 - https://github.com/kuaifan/dootask/issues/210 CVE-2024-34914 - https://chmod744.super.site/redacted-vulnerability +CVE-2024-34919 - https://github.com/CveSecLook/cve/issues/20 +CVE-2024-34921 - https://github.com/cainiao159357/x5000r_poc/blob/main/README.md +CVE-2024-34952 - https://github.com/Helson-S/FuzzyTesting/blob/master/ncmdump/dos_FixMetadata/dos_FixMetadata.assets/debug-coredump.png +CVE-2024-34952 - https://github.com/Helson-S/FuzzyTesting/blob/master/ncmdump/dos_FixMetadata/dos_FixMetadata.md +CVE-2024-34952 - https://github.com/Helson-S/FuzzyTesting/blob/master/ncmdump/dos_FixMetadata/poc/I1DWE0~U +CVE-2024-34952 - https://github.com/Helson-S/FuzzyTesting/tree/master/ncmdump/dos_FixMetadata +CVE-2024-34952 - https://github.com/Helson-S/FuzzyTesting/tree/master/ncmdump/dos_FixMetadata/poc +CVE-2024-34952 - https://github.com/taurusxin/ncmdump/issues/18 CVE-2024-34953 - https://github.com/Helson-S/FuzzyTesting/blob/master/ncmdump/dos_mmExhausted/dos_mmExhausted.assets/image-20240505161831080.png CVE-2024-34953 - https://github.com/Helson-S/FuzzyTesting/blob/master/ncmdump/dos_mmExhausted/dos_mmExhausted.md CVE-2024-34953 - https://github.com/Helson-S/FuzzyTesting/blob/master/ncmdump/dos_mmExhausted/poc/I7K9QM~F @@ -97197,27 +97280,86 @@ CVE-2024-34953 - https://github.com/Helson-S/FuzzyTesting/tree/master/ncmdump/do CVE-2024-34953 - https://github.com/taurusxin/ncmdump/issues/19 CVE-2024-34954 - https://github.com/ethicalhackerNL/CVEs/blob/main/Budget%20Management/XSS/XSS.md CVE-2024-34955 - https://github.com/ethicalhackerNL/CVEs/blob/main/Budget%20Management/SQLi.md +CVE-2024-34957 - https://github.com/Gr-1m/cms/blob/main/1.md +CVE-2024-34958 - https://github.com/Gr-1m/cms/blob/main/2.md CVE-2024-34974 - https://github.com/hunzi0/Vullnfo/tree/main/Tenda/AC18/formSetPPTPServer +CVE-2024-34987 - https://github.com/MarkLee131/PoCs/blob/main/CVE-2024-34987.md +CVE-2024-34997 - https://github.com/joblib/joblib/issues/1582 CVE-2024-35009 - https://github.com/Thirtypenny77/cms/blob/main/5.md CVE-2024-35010 - https://github.com/Thirtypenny77/cms/blob/main/6.md CVE-2024-35011 - https://github.com/Thirtypenny77/cms/blob/main/8.md CVE-2024-35012 - https://github.com/Thirtypenny77/cms/blob/main/7.md +CVE-2024-35039 - https://github.com/ywf7678/cms/blob/main/1.md CVE-2024-35048 - https://github.com/javahuang/SurveyKing/issues/56 CVE-2024-35049 - https://github.com/javahuang/SurveyKing/issues/55 CVE-2024-35050 - https://github.com/javahuang/SurveyKing/issues/57 CVE-2024-35099 - https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/V9.3.5u.6698_B20230810/README.md CVE-2024-35108 - https://github.com/FirstLIF/cms/blob/main/1.md +CVE-2024-35109 - https://github.com/FirstLIF/cms/blob/main/2.md +CVE-2024-35110 - https://github.com/yzmcms/yzmcms/issues/68 +CVE-2024-35175 - https://github.com/tg123/sshpiper/security/advisories/GHSA-4w53-6jvp-gg52 CVE-2024-35179 - https://github.com/stalwartlabs/mail-server/security/advisories/GHSA-5pfx-j27j-4c6h CVE-2024-35181 - https://securitylab.github.com/advisories/GHSL-2024-013_GHSL-2024-014_Meshery/ CVE-2024-35182 - https://securitylab.github.com/advisories/GHSL-2024-013_GHSL-2024-014_Meshery/ +CVE-2024-35183 - https://github.com/wolfi-dev/wolfictl/security/advisories/GHSA-8fg7-hp93-qhvr +CVE-2024-35186 - https://github.com/Byron/gitoxide/security/advisories/GHSA-7w47-3wg8-547c +CVE-2024-35187 - https://github.com/stalwartlabs/mail-server/security/advisories/GHSA-rwp5-f854-ppg6 +CVE-2024-35189 - https://github.com/ethyca/fides/security/advisories/GHSA-rcvg-jj3g-rj7c +CVE-2024-35190 - https://github.com/asterisk/asterisk/security/advisories/GHSA-qqxj-v78h-hrf9 +CVE-2024-35196 - https://github.com/getsentry/sentry/blob/17d2b87e39ccd57e11da4deed62971ff306253d1/src/sentry/conf/server.py#L1307 +CVE-2024-35197 - https://github.com/Byron/gitoxide/security/advisories/GHSA-49jc-r788-3fc9 CVE-2024-3521 - https://github.com/garboa/cve_3/blob/main/Upload2.md +CVE-2024-35222 - https://github.com/tauri-apps/tauri/security/advisories/GHSA-57fm-592m-34r7 +CVE-2024-35231 - https://github.com/rack/rack-contrib/security/advisories/GHSA-8c8q-2xw3-j869 +CVE-2024-35232 - https://github.com/huandu/facebook/security/advisories/GHSA-3f65-m234-9mxr +CVE-2024-35236 - https://github.com/advplyr/audiobookshelf/security/advisories/GHSA-7j99-76cj-q9pg CVE-2024-3529 - https://vuldb.com/?id.259899 +CVE-2024-35361 - https://github.com/Hebing123/cve/issues/37 +CVE-2024-35362 - https://github.com/shopex/ecshop/issues/6 CVE-2024-35373 - https://chocapikk.com/posts/2024/mocodo-vulnerabilities/ CVE-2024-35374 - https://chocapikk.com/posts/2024/mocodo-vulnerabilities/ +CVE-2024-35384 - https://github.com/cesanta/mjs/issues/287 +CVE-2024-35385 - https://github.com/cesanta/mjs/issues/288 +CVE-2024-35386 - https://github.com/cesanta/mjs/issues/286 +CVE-2024-35387 - https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/totolink%20LR350/loginAuth_http_host/README.md +CVE-2024-35388 - https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK%20NR1800X/README.md +CVE-2024-35399 - https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK%20CP900L/loginAuth/README.md +CVE-2024-35400 - https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK%20CP900L/SetPortForwardRules/README.md +CVE-2024-35403 - https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK%20CP900L/setIpPortFilterRules/README.md +CVE-2024-35428 - https://github.com/mrojz/ZKT-Bio-CVSecurity/blob/main/CVE-2024-35428.md +CVE-2024-35429 - https://github.com/mrojz/ZKT-Bio-CVSecurity/blob/main/CVE-2024-35429.md +CVE-2024-35430 - https://github.com/mrojz/ZKT-Bio-CVSecurity/blob/main/CVE-2024-35430.md +CVE-2024-35431 - https://github.com/mrojz/ZKT-Bio-CVSecurity/blob/main/CVE-2024-35431.md +CVE-2024-35432 - https://github.com/mrojz/ZKT-Bio-CVSecurity/blob/main/CVE-2024-35432.md +CVE-2024-35433 - https://github.com/mrojz/ZKT-Bio-CVSecurity/blob/main/CVE-2024-35433.md +CVE-2024-35434 - https://github.com/inputzero/Security-Advisories/blob/main/CVE-XXXX-XXXX.md +CVE-2024-35468 - https://github.com/dovankha/CVE-2024-35468 +CVE-2024-35469 - https://github.com/dovankha/CVE-2024-35469 +CVE-2024-35475 - https://github.com/carsonchan12345/CVE-2024-35475 +CVE-2024-35475 - https://github.com/carsonchan12345/OpenKM-CSRF-PoC CVE-2024-3548 - https://wpscan.com/vulnerability/9eef8b29-2c62-4daa-ae90-467ff9be18d8/ +CVE-2024-35492 - https://github.com/zzh-newlearner/MQTT_Crash/blob/main/Mongoose_null_pointer.md +CVE-2024-35511 - https://github.com/efekaanakkar/CVE-2024-35511/blob/main/Men%20Salon%20Management%20System%20Using%20PHP%20and%20MySQL.md +CVE-2024-35550 - https://github.com/bearman113/1.md/blob/main/17/csrf.md +CVE-2024-35551 - https://github.com/bearman113/1.md/blob/main/16/csrf.md +CVE-2024-35552 - https://github.com/bearman113/1.md/blob/main/20/csrf.md +CVE-2024-35553 - https://github.com/bearman113/1.md/blob/main/21/csrf.md +CVE-2024-35554 - https://github.com/bearman113/1.md/blob/main/19/csrf.md +CVE-2024-35555 - https://github.com/bearman113/1.md/blob/main/18/csrf.md +CVE-2024-35556 - https://github.com/bearman113/1.md/blob/main/26/csrf.md +CVE-2024-35557 - https://github.com/bearman113/1.md/blob/main/27/csrf.md +CVE-2024-35558 - https://github.com/bearman113/1.md/blob/main/24/csrf.md +CVE-2024-35559 - https://github.com/bearman113/1.md/blob/main/22/csrf.md +CVE-2024-35560 - https://github.com/bearman113/1.md/blob/main/25/csrf.md +CVE-2024-35561 - https://github.com/bearman113/1.md/blob/main/23/csrf.md +CVE-2024-35570 - https://github.com/KakeruJ/CVE/ +CVE-2024-35581 - https://github.com/r04i7/CVE/blob/main/CVE-2024-35581.md CVE-2024-35581 - https://portswigger.net/web-security/cross-site-scripting/stored +CVE-2024-35582 - https://github.com/r04i7/CVE/blob/main/CVE-2024-35582.md CVE-2024-35582 - https://portswigger.net/web-security/cross-site-scripting/stored +CVE-2024-35583 - https://github.com/r04i7/CVE/blob/main/CVE-2024-35583.md CVE-2024-35583 - https://portswigger.net/web-security/cross-site-scripting/stored +CVE-2024-35591 - https://github.com/o2oa/o2oa/issues/156 CVE-2024-3567 - https://gitlab.com/qemu-project/qemu/-/issues/2273 CVE-2024-3580 - https://wpscan.com/vulnerability/31f401c4-735a-4efb-b81f-ab98c00c526b/ CVE-2024-3582 - https://wpscan.com/vulnerability/5a348b5d-13aa-40c3-9d21-0554683f8019/ @@ -97266,8 +97408,10 @@ CVE-2024-36667 - https://github.com/sigubbs/cms/blob/main/36/csrf.md CVE-2024-36668 - https://github.com/sigubbs/cms/blob/main/35/csrf.md CVE-2024-36669 - https://github.com/sigubbs/cms/blob/main/34/csrf.md CVE-2024-36670 - https://github.com/sigubbs/cms/blob/main/33/csrf.md +CVE-2024-36673 - https://github.com/CveSecLook/cve/issues/39 CVE-2024-36674 - https://github.com/LyLme/lylme_spage/issues/91 CVE-2024-36675 - https://github.com/LyLme/lylme_spage/issues/92 +CVE-2024-36773 - https://github.com/OoLs5/VulDiscovery/blob/main/cve-2024-36773.md CVE-2024-36774 - https://github.com/OoLs5/VulDiscovery/blob/main/poc.docx CVE-2024-36775 - https://github.com/OoLs5/VulDiscovery/blob/main/monstra_xss.pdf CVE-2024-36779 - https://github.com/CveSecLook/cve/issues/42 @@ -97284,7 +97428,9 @@ CVE-2024-3691 - https://github.com/nikhil-aniill/Small-CRM-CVE CVE-2024-3691 - https://vuldb.com/?submit.312975 CVE-2024-3692 - https://wpscan.com/vulnerability/6f100f85-3a76-44be-8092-06eb8595b0c9/ CVE-2024-3695 - https://vuldb.com/?id.260482 +CVE-2024-37017 - https://github.com/cinecert/asdcplib/issues/138 CVE-2024-3703 - https://wpscan.com/vulnerability/3242b820-1da0-41ba-9f35-7be5dbc6d4b0/ +CVE-2024-37160 - https://github.com/getformwork/formwork/security/advisories/GHSA-5pxr-7m4j-jjc6 CVE-2024-3720 - https://github.com/scausoft/cve/blob/main/sql.md CVE-2024-3721 - https://github.com/netsecfish/tbk_dvr_command_injection CVE-2024-37273 - https://github.com/HackAllSec/CVEs/tree/main/Jan%20Arbitrary%20File%20Upload%20vulnerability @@ -97306,6 +97452,7 @@ CVE-2024-3797 - https://github.com/BurakSevben/CVEs/blob/main/QR%20Code%20Bookma CVE-2024-3822 - https://wpscan.com/vulnerability/ff5411b1-9e04-4e72-a502-e431d774642a/ CVE-2024-3823 - https://wpscan.com/vulnerability/a138215c-4b8c-4182-978f-d21ce25070d3/ CVE-2024-3824 - https://wpscan.com/vulnerability/749ae334-b1d1-421e-a04c-35464c961a4a/ +CVE-2024-3837 - https://issues.chromium.org/issues/41491379 CVE-2024-3844 - https://issues.chromium.org/issues/40058873 CVE-2024-3846 - https://issues.chromium.org/issues/40064754 CVE-2024-3873 - https://vuldb.com/?submit.312623 @@ -97477,6 +97624,7 @@ CVE-2024-4809 - https://github.com/CveSecLook/cve/issues/26 CVE-2024-4817 - https://github.com/yylmm/CVE/blob/main/Online%20Laundry%20Management%20System/IDOR_manage_user.md CVE-2024-4818 - https://github.com/yylmm/CVE/blob/main/Online%20Laundry%20Management%20System/LFI.md CVE-2024-4819 - https://github.com/yylmm/CVE/blob/main/Online%20Laundry%20Management%20System/IDOR.md +CVE-2024-4820 - https://github.com/jxm68868/cve/blob/main/upload.md CVE-2024-4853 - https://gitlab.com/wireshark/wireshark/-/issues/19724 CVE-2024-4855 - https://gitlab.com/wireshark/wireshark/-/issues/19782 CVE-2024-4855 - https://gitlab.com/wireshark/wireshark/-/issues/19783 @@ -97546,14 +97694,50 @@ CVE-2024-5138 - https://bugs.launchpad.net/snapd/+bug/2065077 CVE-2024-5145 - https://github.com/CveSecLook/cve/issues/38 CVE-2024-5145 - https://github.com/CveSecLook/cve/issues/38CVE-2005-1275 CVE-2024-5145 - https://github.com/CveSecLook/cve/issues/38CVE-2020-7009 +CVE-2024-5350 - https://github.com/anji-plus/report/files/15363269/aj-report.pdf +CVE-2024-5351 - https://github.com/anji-plus/report/files/15363269/aj-report.pdf +CVE-2024-5352 - https://github.com/anji-plus/report/files/15363269/aj-report.pdf +CVE-2024-5353 - https://github.com/anji-plus/report/files/15363269/aj-report.pdf +CVE-2024-5354 - https://github.com/anji-plus/report/files/15363269/aj-report.pdf +CVE-2024-5355 - https://github.com/anji-plus/report/files/15363269/aj-report.pdf +CVE-2024-5356 - https://github.com/anji-plus/report/files/15363269/aj-report.pdf CVE-2024-5362 - https://github.com/CveSecLook/cve/issues/41 +CVE-2024-5363 - https://github.com/rockersiyuan/CVE/blob/main/SourceCodester_House_Rental_Management_System_Sql_Inject-1.md +CVE-2024-5364 - https://github.com/rockersiyuan/CVE/blob/main/SourceCodester_House_Rental_Management_System_Sql_Inject-2.md +CVE-2024-5365 - https://github.com/rockersiyuan/CVE/blob/main/SourceCodester_House_Rental_Management_System_Sql_Inject-3.md +CVE-2024-5366 - https://github.com/rockersiyuan/CVE/blob/main/SourceCodester_House_Rental_Management_System_Sql_Inject-4.md +CVE-2024-5377 - https://github.com/yuyuliq/cve/issues/1 +CVE-2024-5378 - https://github.com/GAO-UNO/cve/blob/main/sql2.md +CVE-2024-5381 - https://github.com/Lanxiy7th/lx_CVE_report-/issues/2 +CVE-2024-5390 - https://github.com/Lanxiy7th/lx_CVE_report-/issues/3 +CVE-2024-5391 - https://github.com/Lanxiy7th/lx_CVE_report-/issues/4 +CVE-2024-5392 - https://github.com/Lanxiy7th/lx_CVE_report-/issues/5 +CVE-2024-5393 - https://github.com/Lanxiy7th/lx_CVE_report-/issues/6 +CVE-2024-5394 - https://github.com/Lanxiy7th/lx_CVE_report-/issues/7 +CVE-2024-5395 - https://github.com/Lanxiy7th/lx_CVE_report-/issues/8 +CVE-2024-5396 - https://github.com/Lanxiy7th/lx_CVE_report-/issues/9 +CVE-2024-5397 - https://github.com/Lanxiy7th/lx_CVE_report-/issues/10 CVE-2024-5410 - https://cyberdanube.com/en/en-multiple-vulnerabilities-in-oring-iap420/ CVE-2024-5411 - https://cyberdanube.com/en/en-multiple-vulnerabilities-in-oring-iap420/ CVE-2024-5420 - https://cyberdanube.com/en/en-multiple-vulnerabilities-in-oring-iap420/index.html CVE-2024-5421 - https://cyberdanube.com/en/en-multiple-vulnerabilities-in-seh-untserver-pro/index.html CVE-2024-5422 - https://cyberdanube.com/en/en-multiple-vulnerabilities-in-seh-untserver-pro/index.html +CVE-2024-5428 - https://github.com/kaikai145154/CVE-CSRF/blob/main/SourceCodester%20Simple%20Online%20Bidding%20System%20CSRF.md +CVE-2024-5437 - https://github.com/pijiawei/CVE/blob/pijiawei-photo/SourceCodester%20Simple%20Online%20Bidding%20System%20XSS.md +CVE-2024-5515 - https://github.com/HaojianWang/cve/issues/1 +CVE-2024-5516 - https://github.com/ppp-src/ha/issues/3 +CVE-2024-5517 - https://github.com/ppp-src/ha/issues/4 +CVE-2024-5518 - https://github.com/L1OudFd8cl09/CVE/issues/1 +CVE-2024-5519 - https://github.com/L1OudFd8cl09/CVE/issues/2 CVE-2024-5565 - https://research.jfrog.com/vulnerabilities/vanna-prompt-injection-rce-jfsa-2024-001034449/ +CVE-2024-5588 - https://github.com/Lanxiy7th/lx_CVE_report-/issues/12 +CVE-2024-5635 - https://github.com/L1OudFd8cl09/CVE/blob/main/03_06_2024_a.md +CVE-2024-5636 - https://github.com/L1OudFd8cl09/CVE/blob/main/03_06_2024_b.md CVE-2024-5656 - https://wpscan.com/vulnerability/adc6ea6d-29d8-4ad0-b0db-2540e8b3f9a9/ +CVE-2024-5657 - https://github.com/sbaresearch/advisories/tree/public/2024/SBA-ADV-20240202-01_CraftCMS_Plugin_Two-Factor_Authentication_Password_Hash_Disclosure +CVE-2024-5658 - https://github.com/sbaresearch/advisories/tree/public/2024/SBA-ADV-20240202-02_CraftCMS_Plugin_Two-Factor_Authentication_TOTP_Valid_After_Use +CVE-2024-5733 - https://github.com/kingshao0312/cve/issues/1 +CVE-2024-5745 - https://github.com/L1OudFd8cl09/CVE/blob/main/07_06_2024_a.md http://0a29.blogspot.com/2011/11/0a29-11-1-cross-site-scripting.html http://0a29.blogspot.com/2011/12/0a29-11-2-privilege-escalation.html http://0dd.zone/2018/04/23/UMLet-XXE/ @@ -98027,6 +98211,7 @@ http://codevigilant.com/disclosure/wp-plugin-swipehq-payment-gateway-woocommerce http://codevigilant.com/disclosure/wp-plugin-webengage-a3-cross-site-scripting-xss http://codevigilant.com/disclosure/wp-plugin-your-text-manager-a3-cross-site-scripting-xss http://codewhitesec.blogspot.com/2017/04/amf.html +http://conference.hitb.org/hitbsecconf2010dxb/materials/D1%20-%20Laurent%20Oudot%20-%20Improving%20the%20Stealthiness%20of%20Web%20Hacking.pdf#page=69 http://conference.hitb.org/hitbsecconf2010dxb/materials/D1%20-%20Laurent%20Oudot%20-%20Improving%20the%20Stealthiness%20of%20Web%20Hacking.pdf#page=74 http://console-cowboys.blogspot.com/2013/01/swann-song-dvr-insecurity.html http://contagiodump.blogspot.com/2010/10/potential-new-adobe-flash-player-zero.html @@ -98094,6 +98279,7 @@ http://echo.or.id/adv/adv20-theday-2005.txt http://echo.or.id/adv/adv21-theday-2005.txt http://echo.or.id/adv/adv24-theday-2005.txt http://echo.or.id/adv/adv26-K-159-2006.txt +http://echo.or.id/adv/adv63-y3dips-2007.txt http://echo.or.id/adv/adv64-y3dips-2007.txt http://elegerov.blogspot.com/2006/10/here-is-lame-proof-of-concept-code-for.html http://em386.blogspot.com/2010/12/webkit-css-type-confusion.html @@ -98262,6 +98448,7 @@ http://forum.wampserver.com/read.php?2,144473 http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/ http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/#jenkins http://ftp.gnu.org/gnu/radius/radius-1.2.tar.gz +http://g-laurent.blogspot.com/2009/09/windows-vista7-smb20-negotiate-protocol.html http://g-laurent.blogspot.com/2009/11/windows-7-server-2008r2-remote-kernel.html http://genesys.com http://ghost.org/docs/security/#privilege-escalation-attacks @@ -98377,9 +98564,11 @@ http://issues.liferay.com/browse/LPS-11506 http://issues.liferay.com/browse/LPS-12628 http://issues.liferay.com/browse/LPS-13250 http://issues.liferay.com/browse/LPS-13762 +http://issues.liferay.com/browse/LPS-14726 http://issues.liferay.com/browse/LPS-14927 http://issues.liferay.com/browse/LPS-6034 http://issues.liferay.com/secure/ReleaseNote.jspa?version=10656&styleName=Html&projectId=10952 +http://issues.opennms.org/browse/NMS-5128?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel#issue-tabs http://it.slashdot.org/it/08/06/18/1919224.shtml http://jgj212.blogspot.hk/2017/04/modified-ecommerce-shopsoftware-2022.html http://jgj212.blogspot.kr/2017/05/a-reflected-xss-vulnerability-in.html @@ -98490,6 +98679,7 @@ http://lwn.net/Articles/81773/ http://marc.info/?l=apache-httpd-dev&m=118252946632447&w=2 http://marc.info/?l=bugtraq&m=109597139011373&w=2 http://marc.info/?l=bugtraq&m=100342151132277&w=2 +http://marc.info/?l=bugtraq&m=100498111712723&w=2 http://marc.info/?l=bugtraq&m=100689302316077&w=2 http://marc.info/?l=bugtraq&m=100698397818175&w=2 http://marc.info/?l=bugtraq&m=100700363414799&w=2 @@ -99188,6 +99378,9 @@ http://marc.info/?l=bugtraq&m=122298544725313&w=2 http://marc.info/?l=bugtraq&m=122893066212987&w=2 http://marc.info/?l=bugtraq&m=124171333011782&w=2 http://marc.info/?l=bugtraq&m=124905075425380&w=2 +http://marc.info/?l=bugtraq&m=128104130309426&w=2 +http://marc.info/?l=bugtraq&m=128104795219200&w=2 +http://marc.info/?l=bugtraq&m=129182251500541&w=2 http://marc.info/?l=bugtraq&m=94936267131123&w=2 http://marc.info/?l=bugtraq&m=96045469627806&w=2 http://marc.info/?l=bugtraq&m=96161462915381&w=2 @@ -99197,10 +99390,14 @@ http://marc.info/?l=bugtraq&m=97236316510117&w=2 http://marc.info/?l=bugtraq&m=97310314724964&w=2 http://marc.info/?l=bugtraq&m=97570878710037&w=2 http://marc.info/?l=bugtraq&m=97570884410184&w=2 +http://marc.info/?l=bugtraq&m=97967435023835&w=2 http://marc.info/?l=bugtraq&m=98339581702282&w=2 +http://marc.info/?l=bugtraq&m=98642418618512&w=2 http://marc.info/?l=bugtraq&m=98761402029302&w=2 http://marc.info/?l=bugtraq&m=98865027328391&w=2 +http://marc.info/?l=bugtraq&m=98874912915948&w=2 http://marc.info/?l=bugtraq&m=99057164129869&w=2 +http://marc.info/?l=bugtraq&m=99348216322147&w=2 http://marc.info/?l=bugtraq&m=99598918914068&w=2 http://marc.info/?l=bugtraq&m=99745571104126&w=2 http://marc.info/?l=bugtraq&m=99892644616749&w=2 @@ -99288,6 +99485,7 @@ http://marc.info/?l=full-disclosure&m=120139657100513&w=2 http://marc.info/?l=full-disclosure&m=122572590212610&w=4 http://marc.info/?l=full-disclosure&m=124624413120440&w=2 http://marc.info/?l=full-disclosure&m=124627617220913&w=2 +http://marc.info/?l=full-disclosure&m=126531284626756&w=2 http://marc.info/?l=full-disclosure&m=131373057621672&w=2 http://marc.info/?l=full-disclosure&m=132706457510193&w=2 http://marc.info/?l=full-disclosure&m=132852645911072&w=2 @@ -105053,6 +105251,7 @@ http://roberto.greyhats.it/advisories/20130801-dlink-dir645.txt http://roeehay.blogspot.com/2009/08/exploitation-of-cve-2009-1869.html http://rooibo.wordpress.com/2009/10/17/agujero-de-seguridad-en-wordpress/ http://rt.perl.org/rt3/Public/Bug/Display.html?id=48156 +http://rt.perl.org/rt3/Public/Bug/Display.html?id=69973 http://ruffsecurity.blogspot.com/2018/05/my-first-cve-found.html http://rungga.blogspot.co.id/2017/04/csrf-privilege-escalation-manipulation.html http://rungga.blogspot.co.id/2017/04/multiple-csrf-remote-code-execution.html @@ -105062,6 +105261,7 @@ http://scan.flashsec.org/ http://scary.beasts.org/security/CESA-2006-003.html http://scary.beasts.org/security/CESA-2008-001.html http://scarybeastsecurity.blogspot.de/2016/11/0day-exploit-compromising-linux-desktop.html +http://searchsecurity.techtarget.com.au/articles/27154-TCP-is-fundamentally-borked http://secdev.zoller.lu/research/zango.htm http://seclists.org/bugtraq/2010/Jul/60 http://seclists.org/bugtraq/2012/Apr/121 @@ -105089,6 +105289,11 @@ http://seclists.org/bugtraq/2017/Sep/20 http://seclists.org/bugtraq/2017/Sep/22 http://seclists.org/bugtraq/2018/Aug/41 http://seclists.org/bugtraq/2018/Aug/49 +http://seclists.org/fulldisclosure/2009/Aug/0143.html +http://seclists.org/fulldisclosure/2009/Nov/134 +http://seclists.org/fulldisclosure/2009/Nov/139 +http://seclists.org/fulldisclosure/2009/Nov/228 +http://seclists.org/fulldisclosure/2009/Oct/299 http://seclists.org/fulldisclosure/2010/Apr/272 http://seclists.org/fulldisclosure/2010/Apr/79 http://seclists.org/fulldisclosure/2010/Aug/235 @@ -105532,7 +105737,28 @@ http://seclists.org/fulldisclosure/2022/Oct/49 http://seclists.org/fulldisclosure/2022/Oct/5 http://seclists.org/fulldisclosure/2022/Oct/50 http://seclists.org/fulldisclosure/2022/Oct/6 +http://seclists.org/fulldisclosure/2022/Sep/17 http://seclists.org/fulldisclosure/2022/Sep/18 +http://seclists.org/fulldisclosure/2023/Apr/7 +http://seclists.org/fulldisclosure/2023/Aug/12 +http://seclists.org/fulldisclosure/2023/Aug/13 +http://seclists.org/fulldisclosure/2023/Aug/15 +http://seclists.org/fulldisclosure/2023/Aug/16 +http://seclists.org/fulldisclosure/2023/Aug/17 +http://seclists.org/fulldisclosure/2023/Aug/21 +http://seclists.org/fulldisclosure/2023/Aug/26 +http://seclists.org/fulldisclosure/2023/Aug/28 +http://seclists.org/fulldisclosure/2023/Aug/29 +http://seclists.org/fulldisclosure/2023/Aug/4 +http://seclists.org/fulldisclosure/2023/Dec/16 +http://seclists.org/fulldisclosure/2023/Dec/18 +http://seclists.org/fulldisclosure/2023/Dec/2 +http://seclists.org/fulldisclosure/2023/Dec/20 +http://seclists.org/fulldisclosure/2023/Dec/23 +http://seclists.org/fulldisclosure/2023/Dec/24 +http://seclists.org/fulldisclosure/2023/Feb/10 +http://seclists.org/fulldisclosure/2023/Feb/15 +http://seclists.org/fulldisclosure/2023/Feb/16 http://seclists.org/fulldisclosure/2023/Jan/1 http://seclists.org/fulldisclosure/2023/Jan/10 http://seclists.org/fulldisclosure/2023/Jan/11 @@ -105540,14 +105766,36 @@ http://seclists.org/fulldisclosure/2023/Jan/13 http://seclists.org/fulldisclosure/2023/Jan/14 http://seclists.org/fulldisclosure/2023/Jan/19 http://seclists.org/fulldisclosure/2023/Jan/28 +http://seclists.org/fulldisclosure/2023/Jul/14 +http://seclists.org/fulldisclosure/2023/Jul/30 +http://seclists.org/fulldisclosure/2023/Jul/42 +http://seclists.org/fulldisclosure/2023/Jun/2 +http://seclists.org/fulldisclosure/2023/Mar/2 +http://seclists.org/fulldisclosure/2023/Mar/21 http://seclists.org/fulldisclosure/2023/Mar/26 +http://seclists.org/fulldisclosure/2023/May/14 +http://seclists.org/fulldisclosure/2023/May/18 +http://seclists.org/fulldisclosure/2023/May/4 +http://seclists.org/fulldisclosure/2023/Nov/12 +http://seclists.org/fulldisclosure/2023/Nov/13 +http://seclists.org/fulldisclosure/2023/Nov/14 +http://seclists.org/fulldisclosure/2023/Oct/11 +http://seclists.org/fulldisclosure/2023/Oct/15 +http://seclists.org/fulldisclosure/2023/Oct/30 +http://seclists.org/fulldisclosure/2023/Oct/31 +http://seclists.org/fulldisclosure/2023/Sep/10 http://seclists.org/fulldisclosure/2023/Sep/6 +http://seclists.org/fulldisclosure/2024/Apr/1 http://seclists.org/fulldisclosure/2024/Apr/17 +http://seclists.org/fulldisclosure/2024/Apr/18 http://seclists.org/fulldisclosure/2024/Feb/14 http://seclists.org/fulldisclosure/2024/Feb/17 http://seclists.org/fulldisclosure/2024/Feb/23 http://seclists.org/fulldisclosure/2024/Feb/3 http://seclists.org/fulldisclosure/2024/Feb/7 +http://seclists.org/fulldisclosure/2024/Jan/11 +http://seclists.org/fulldisclosure/2024/Jan/43 +http://seclists.org/fulldisclosure/2024/Mar/10 http://seclists.org/fulldisclosure/2024/Mar/11 http://seclists.org/fulldisclosure/2024/Mar/12 http://seclists.org/fulldisclosure/2024/Mar/13 @@ -105574,6 +105822,7 @@ http://securityreason.com/achievement_securityalert/32 http://securityreason.com/achievement_securityalert/69 http://securityreason.com/achievement_securityalert/71 http://securityreason.com/achievement_securityalert/72 +http://securityreason.com/achievement_securityalert/73 http://securityreason.com/achievement_securityalert/75 http://securityreason.com/achievement_securityalert/76 http://securityreason.com/achievement_securityalert/77 @@ -106007,6 +106256,7 @@ http://securityreason.com/securityalert/2196 http://securityreason.com/securityalert/2197 http://securityreason.com/securityalert/2198 http://securityreason.com/securityalert/2199 +http://securityreason.com/securityalert/2205 http://securityreason.com/securityalert/2261 http://securityreason.com/securityalert/2388 http://securityreason.com/securityalert/2407 @@ -106262,6 +106512,7 @@ http://securityreason.com/securityalert/2886 http://securityreason.com/securityalert/2887 http://securityreason.com/securityalert/2888 http://securityreason.com/securityalert/2889 +http://securityreason.com/securityalert/2923 http://securityreason.com/securityalert/297 http://securityreason.com/securityalert/2970 http://securityreason.com/securityalert/2971 @@ -106314,10 +106565,13 @@ http://securityreason.com/securityalert/3059 http://securityreason.com/securityalert/3060 http://securityreason.com/securityalert/3067 http://securityreason.com/securityalert/3104 +http://securityreason.com/securityalert/3109 http://securityreason.com/securityalert/3140 http://securityreason.com/securityalert/3143 http://securityreason.com/securityalert/3178 http://securityreason.com/securityalert/3181 +http://securityreason.com/securityalert/3182 +http://securityreason.com/securityalert/3197 http://securityreason.com/securityalert/3234 http://securityreason.com/securityalert/3342 http://securityreason.com/securityalert/3364 @@ -107493,10 +107747,12 @@ http://securityreason.com/securityalert/787 http://securityreason.com/securityalert/788 http://securityreason.com/securityalert/789 http://securityreason.com/securityalert/8003 +http://securityreason.com/securityalert/8026 http://securityreason.com/securityalert/8061 http://securityreason.com/securityalert/8062 http://securityreason.com/securityalert/8077 http://securityreason.com/securityalert/8083 +http://securityreason.com/securityalert/8089 http://securityreason.com/securityalert/8096 http://securityreason.com/securityalert/8102 http://securityreason.com/securityalert/8103 @@ -107531,6 +107787,7 @@ http://securityreason.com/securityalert/8317 http://securityreason.com/securityalert/8324 http://securityreason.com/securityalert/8370 http://securityreason.com/securityalert/8372 +http://securityreason.com/securityalert/8373 http://securityreason.com/securityalert/8374 http://securityreason.com/securityalert/8376 http://securityreason.com/securityalert/8382 @@ -107600,6 +107857,7 @@ http://sotiriu.de/adv/NSOADV-2011-003.txt http://sotiriu.de/adv/NSOADV-2015-001.txt http://sourceforge.net/mailarchive/forum.php?thread_name=CAAoG81HL9oP8roPLLhftTSXTzSD%2BZcR66PRkVU%3Df76W3Mjde_w%40mail.gmail.com&forum_name=squashfs-devel http://sourceforge.net/p/ipcop/bugs/807/ +http://sourceforge.net/p/mydms/code/HEAD/tree/trunk/CHANGELOG http://sourceforge.net/project/shownotes.php?group_id=140317&release_id=456313 http://sourceforge.net/tracker/?func=detail&aid=3501716&group_id=157964&atid=805929 http://sourceforge.net/tracker/?func=detail&aid=3506818&group_id=219284&atid=1045881 @@ -107650,6 +107908,7 @@ http://tlhsecurity.blogspot.com/2009/10/palm-pre-webos-11-remote-file-access.htm http://tlhsecurity.blogspot.com/2009/10/palm-pre-webos-version-11-floating.html http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120912-cupxcp http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130129-upnp +http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-nat http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130717-cucm http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130904-webex http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131023-struts2 @@ -108030,6 +108289,7 @@ http://www.evuln.com/vulns/77/summary.html http://www.evuln.com/vulns/80/summary.html http://www.evuln.com/vulns/82/summary.html http://www.exploit-db.com/exploits/10216 +http://www.exploit-db.com/exploits/10338 http://www.exploit-db.com/exploits/10354 http://www.exploit-db.com/exploits/10439 http://www.exploit-db.com/exploits/10569 @@ -108459,23 +108719,33 @@ http://www.exploit-db.com/exploits/36320 http://www.exploit-db.com/exploits/37114 http://www.exploit-db.com/exploits/4170 http://www.exploit-db.com/exploits/8172 +http://www.exploit-db.com/exploits/8484 http://www.exploit-db.com/exploits/8588 http://www.exploit-db.com/exploits/8601 +http://www.exploit-db.com/exploits/8881 +http://www.exploit-db.com/exploits/9001 http://www.exploit-db.com/exploits/9033 +http://www.exploit-db.com/exploits/9103 http://www.exploit-db.com/exploits/9110 +http://www.exploit-db.com/exploits/9116 http://www.exploit-db.com/exploits/9131 http://www.exploit-db.com/exploits/9139 http://www.exploit-db.com/exploits/9140 http://www.exploit-db.com/exploits/9147 http://www.exploit-db.com/exploits/9157 http://www.exploit-db.com/exploits/9160 +http://www.exploit-db.com/exploits/9167 http://www.exploit-db.com/exploits/9198 +http://www.exploit-db.com/exploits/9252 http://www.exploit-db.com/exploits/9271 +http://www.exploit-db.com/exploits/9319 http://www.exploit-db.com/exploits/9350 http://www.exploit-db.com/exploits/9410 http://www.exploit-db.com/exploits/9480 http://www.exploit-db.com/exploits/9524 http://www.exploit-db.com/exploits/9539 +http://www.exploit-db.com/exploits/9576 +http://www.exploit-db.com/exploits/9577 http://www.exploit-db.com/exploits/9640 http://www.exploit-db.com/exploits/9659 http://www.exploit-db.com/exploits/9691 @@ -108947,6 +109217,7 @@ http://www.mantisbt.org/bugs/view.php?id=13191 http://www.mantisbt.org/bugs/view.php?id=13281 http://www.mantisbt.org/bugs/view.php?id=9154 http://www.mathyvanhoef.com/2013/11/unmasking-spoofed-mac-address.html +http://www.mavitunasecurity.com/xss-and-sql-injection-vulnerabilities-in-symphony-cms/ http://www.midnightbsd.org/security/adv/MIDNIGHTBSD-SA-20:02.txt http://www.mindedsecurity.com/MSA01150108.html http://www.mindedsecurity.com/MSA01240108.html @@ -109522,6 +109793,7 @@ http://www.securitysift.com/exploiting-ms14-066-cve-2014-6321-aka-winshock/ http://www.senseofsecurity.com.au/advisories/SOS-10-002 http://www.senseofsecurity.com.au/advisories/SOS-13-003 http://www.signalsec.com/cve-2014-1776-ie-0day-analysis/ +http://www.slideshare.net/codewhitesec/java-deserialization-vulnerabilities-the-forgotten-bug-class-deepsec-edition http://www.slideshare.net/ibmsecurity/android-keystorestackbufferoverflow http://www.slideshare.net/shawn_merdinger/we-dont-need-no-stinkin-badges-hacking-electronic-door-access-controllersquot-shawn-merdinger-carolinacon http://www.slideshare.net/wojdwo/big-problems-with-big-data-hadoop-interfaces-security @@ -109611,6 +109883,7 @@ http://www.theregister.co.uk/2011/05/25/microsoft_internet_explorer_cookiejackin http://www.theregister.co.uk/2011/06/16/webgl_security_threats_redux/ http://www.theregister.co.uk/2012/09/14/crime_tls_attack/ http://www.theregister.co.uk/2013/12/10/android_has_lockbypass_bug/ +http://www.theregister.co.uk/2014/12/19/hack_hijacks_boosted_skateboards_kills_hipsters/ http://www.thespanner.co.uk/2007/08/17/safari-beta-zero-day/ http://www.thespanner.co.uk/2012/10/10/firefox-knows-what-your-friends-did-last-summer/ http://www.theta44.org/karma/ @@ -110047,12 +110320,14 @@ https://arxiv.org/pdf/2212.05197.pdf https://asec.ahnlab.com/en/47088/ https://asfiyashaikh20.medium.com/cve-2020-29259-persistent-xss-2ef63cc5cee6 https://ashallen.net/wireless-smart-lock-vulnerability-disclosure +https://assura.atlassian.net/wiki/spaces/VULNS/pages/1843134469/CVE-2022-34002+Personnel+Data+Systems+PDS+Vista+7+-+Local+File+Inclusion https://attackerkb.com/topics/92AeLOE1M1/cve-2022-37393/rapid7-analysis https://attackerkb.com/topics/RSDAFLik92/cve-2020-12720-vbulletin-incorrect-access-control https://attackerkb.com/topics/XuEb81tsid/online-catering-reservation-dt-food-catering-by-oretnom23-v1-0-sql-injection---login https://attackerkb.com/topics/bn32f9sNax/cve-2023-40044 https://attackerkb.com/topics/gvs0Gv8BID/cve-2022-47966/rapid7-analysis https://attackerkb.com/topics/h8YKVKx21t/cve-2022-24990 +https://attackerkb.com/topics/hxx3zmiCkR/webmin-password-change-cgi-command-injection https://attackerkb.com/topics/mg883Nbeva/cve-2023-0669/rapid7-analysis https://autohack.in/2023/07/26/dude-its-my-car-how-to-develop-intimacy-with-your-car/ https://awakened1712.github.io/hacking/hacking-wechat-dos/ @@ -110071,6 +110346,7 @@ https://barriersec.com/2019/08/cve-2019-15102-sahi-pro/ https://bastijnouwendijk.com/cve-2021-24313/ https://behradtaher.dev/2021/11/05/Discovering-a-Blind-SQL-Injection-Whitebox-Approach/ https://bentl.ee/posts/cve-givewp/ +https://beronet.atlassian.net/wiki/spaces/PUB/pages/88768529/Security+Issues https://bewhale.github.io/post/PHP%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1%E2%80%94Employee%20Management%20System%20aprocess.php%20SQL%20Injection/ https://bewhale.github.io/post/PHP%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1%E2%80%94Employee%20Management%20System%20eprocess.php%20SQL%20Injection/ https://beyondbinary.io/articles/seagate-nas-rce/ @@ -110144,6 +110420,8 @@ https://blog.hackeriet.no/cve-2018-20162-digi-lr54-restricted-shell-escape/ https://blog.hackeriet.no/cve-2019-6690-python-gnupg-vulnerability/ https://blog.hackingforce.com.br/en/cve-2021-36568/ https://blog.hacktivesecurity.com/index.php/2021/10/05/cve-2021-43136-formalms-the-evil-default-value-that-leads-to-authentication-bypass/ +https://blog.hacktivesecurity.com/index.php/2024/05/08/cve-2024-32651-server-side-template-injection-changedetection-io/ +https://blog.huntresslabs.com/validating-the-bishop-fox-findings-in-connectwise-control-9155eec36a34 https://blog.ice9.us/2018/04/stealing-credit-cards-from-fuze-bluetooth.html https://blog.inhq.net/posts/gopro-gpmf-parser-vuln-1/ https://blog.inhq.net/posts/keepkey-CVE-2019-18671/ @@ -110365,6 +110643,7 @@ https://blogs.gentoo.org/ago/2017/04/01/libaacplus-signed-integer-overflow-left- https://blogs.gentoo.org/ago/2017/04/01/libtiff-divide-by-zero-in-jpegsetupencode-tiff_jpeg-c https://blogs.gentoo.org/ago/2017/04/01/libtiff-multiple-ubsan-crashes https://blogs.gentoo.org/ago/2017/04/02/imagemagick-undefined-behavior-in-codersrle-c/ +https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-check_group-elflint-c https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-check_symtab_shndx-elflint-c https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-check_sysv_hash-elflint-c https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-ebl_object_note_type_name-eblobjnotetypename-c @@ -110481,6 +110760,7 @@ https://boschko.ca/tenda_ac1200_router https://boschko.ca/tenda_ac1200_router/ https://breakingthe3ma.app https://breakingthe3ma.app/files/Threema-PST22.pdf +https://bro-tracker.atlassian.net/browse/BIT-1856 https://brooklyn.apache.org/community/security/CVE-2016-8737.html https://brooklyn.apache.org/community/security/CVE-2016-8744.html https://brooklyn.apache.org/community/security/CVE-2017-3165.html @@ -110509,6 +110789,8 @@ https://bugs.eclipse.org/bugs/show_bug.cgi?id=551747 https://bugs.eclipse.org/bugs/show_bug.cgi?id=568018 https://bugs.eclipse.org/bugs/show_bug.cgi?id=568803 https://bugs.eclipse.org/bugs/show_bug.cgi?id=575924 +https://bugs.exim.org/show_bug.cgi?id=2201 +https://bugs.exim.org/show_bug.cgi?id=2571 https://bugs.freedesktop.org/show_bug.cgi?id=100763 https://bugs.freedesktop.org/show_bug.cgi?id=100774 https://bugs.freedesktop.org/show_bug.cgi?id=100775 @@ -110549,9 +110831,15 @@ https://bugs.gentoo.org/show_bug.cgi?id=103555 https://bugs.gentoo.org/show_bug.cgi?id=276235 https://bugs.gentoo.org/show_bug.cgi?id=516822 https://bugs.gentoo.org/show_bug.cgi?id=858107 +https://bugs.ghostscript.com/show_bug.cgi?id=697596 https://bugs.ghostscript.com/show_bug.cgi?id=698538 https://bugs.ghostscript.com/show_bug.cgi?id=698551 https://bugs.ghostscript.com/show_bug.cgi?id=698558 +https://bugs.ghostscript.com/show_bug.cgi?id=699271 +https://bugs.ghostscript.com/show_bug.cgi?id=700153 +https://bugs.ghostscript.com/show_bug.cgi?id=700301 +https://bugs.ghostscript.com/show_bug.cgi?id=700576 +https://bugs.ghostscript.com/show_bug.cgi?id=700585 https://bugs.horde.org/ticket/14926 https://bugs.internet2.edu/jira/browse/GRP-1838 https://bugs.kde.org/show_bug.cgi?id=398096 @@ -110628,6 +110916,7 @@ https://bugs.launchpad.net/ubuntu/feisty/+source/libspf2/+bug/271025 https://bugs.launchpad.net/xibo/+bug/1093967 https://bugs.limesurvey.org/bug_relationship_graph.php?bug_id=19364&graph=relation https://bugs.limesurvey.org/view.php?id=14376 +https://bugs.openwrt.org/index.php?do=details&task_id=4199 https://bugs.oxid-esales.com/view.php?id=6674 https://bugs.php.net/72479 https://bugs.php.net/72494 @@ -110730,6 +111019,7 @@ https://bugs.python.org/issue26171 https://bugs.python.org/issue30657 https://bugs.python.org/issue34656 https://bugs.python.org/issue35906 +https://bugs.python.org/issue35907 https://bugs.python.org/issue36276 https://bugs.python.org/issue38243 https://bugs.python.org/issue39421 @@ -110737,6 +111027,7 @@ https://bugs.python.org/issue42938 https://bugs.python.org/issue43223 https://bugs.ruby-lang.org/issues/13234 https://bugs.webkit.org/show_bug.cgi?id=164123 +https://bugs.webkit.org/show_bug.cgi?id=167239 https://bugs.webkit.org/show_bug.cgi?id=38922 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11982 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11983 @@ -110820,8 +111111,10 @@ https://bugzilla.libsdl.org/show_bug.cgi?id=4493 https://bugzilla.libsdl.org/show_bug.cgi?id=4494 https://bugzilla.libsdl.org/show_bug.cgi?id=4495 https://bugzilla.libsdl.org/show_bug.cgi?id=4496 +https://bugzilla.libsdl.org/show_bug.cgi?id=4497 https://bugzilla.libsdl.org/show_bug.cgi?id=4498 https://bugzilla.libsdl.org/show_bug.cgi?id=4499 +https://bugzilla.libsdl.org/show_bug.cgi?id=4500 https://bugzilla.libsdl.org/show_bug.cgi?id=4522 https://bugzilla.libsdl.org/show_bug.cgi?id=4538 https://bugzilla.libsdl.org/show_bug.cgi?id=4619 @@ -110832,33 +111125,47 @@ https://bugzilla.libsdl.org/show_bug.cgi?id=4626 https://bugzilla.libsdl.org/show_bug.cgi?id=4627 https://bugzilla.libsdl.org/show_bug.cgi?id=4628 https://bugzilla.libsdl.org/show_bug.cgi?id=5200 +https://bugzilla.mozilla.org/show_bug.cgi?id=1002340 https://bugzilla.mozilla.org/show_bug.cgi?id=1002702 +https://bugzilla.mozilla.org/show_bug.cgi?id=1011859 https://bugzilla.mozilla.org/show_bug.cgi?id=1012694 https://bugzilla.mozilla.org/show_bug.cgi?id=1018234 +https://bugzilla.mozilla.org/show_bug.cgi?id=1018524 +https://bugzilla.mozilla.org/show_bug.cgi?id=1019684 https://bugzilla.mozilla.org/show_bug.cgi?id=1020008 +https://bugzilla.mozilla.org/show_bug.cgi?id=1020041 https://bugzilla.mozilla.org/show_bug.cgi?id=1020205 +https://bugzilla.mozilla.org/show_bug.cgi?id=1021240 https://bugzilla.mozilla.org/show_bug.cgi?id=1026037 https://bugzilla.mozilla.org/show_bug.cgi?id=1036213 +https://bugzilla.mozilla.org/show_bug.cgi?id=1045977 https://bugzilla.mozilla.org/show_bug.cgi?id=1047831 +https://bugzilla.mozilla.org/show_bug.cgi?id=1063327 https://bugzilla.mozilla.org/show_bug.cgi?id=1068218 +https://bugzilla.mozilla.org/show_bug.cgi?id=1069405 https://bugzilla.mozilla.org/show_bug.cgi?id=1074812 https://bugzilla.mozilla.org/show_bug.cgi?id=1075546 https://bugzilla.mozilla.org/show_bug.cgi?id=1075578 https://bugzilla.mozilla.org/show_bug.cgi?id=1079065 https://bugzilla.mozilla.org/show_bug.cgi?id=1080987 https://bugzilla.mozilla.org/show_bug.cgi?id=1087565 +https://bugzilla.mozilla.org/show_bug.cgi?id=1088635 https://bugzilla.mozilla.org/show_bug.cgi?id=1092947 +https://bugzilla.mozilla.org/show_bug.cgi?id=1096026 https://bugzilla.mozilla.org/show_bug.cgi?id=1101158 https://bugzilla.mozilla.org/show_bug.cgi?id=1116385 https://bugzilla.mozilla.org/show_bug.cgi?id=1125013 https://bugzilla.mozilla.org/show_bug.cgi?id=1130541 https://bugzilla.mozilla.org/show_bug.cgi?id=1136692 +https://bugzilla.mozilla.org/show_bug.cgi?id=1145255 https://bugzilla.mozilla.org/show_bug.cgi?id=1146339 https://bugzilla.mozilla.org/show_bug.cgi?id=1148732 https://bugzilla.mozilla.org/show_bug.cgi?id=1149000 https://bugzilla.mozilla.org/show_bug.cgi?id=1152280 https://bugzilla.mozilla.org/show_bug.cgi?id=1153672 +https://bugzilla.mozilla.org/show_bug.cgi?id=1154683 https://bugzilla.mozilla.org/show_bug.cgi?id=1175278 +https://bugzilla.mozilla.org/show_bug.cgi?id=1177861 https://bugzilla.mozilla.org/show_bug.cgi?id=1189082 https://bugzilla.mozilla.org/show_bug.cgi?id=1189814 https://bugzilla.mozilla.org/show_bug.cgi?id=1189860 @@ -110867,11 +111174,17 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=1193027 https://bugzilla.mozilla.org/show_bug.cgi?id=1193093 https://bugzilla.mozilla.org/show_bug.cgi?id=1194818 https://bugzilla.mozilla.org/show_bug.cgi?id=1194820 +https://bugzilla.mozilla.org/show_bug.cgi?id=1198435 https://bugzilla.mozilla.org/show_bug.cgi?id=1202447 https://bugzilla.mozilla.org/show_bug.cgi?id=1203078 +https://bugzilla.mozilla.org/show_bug.cgi?id=1203135 https://bugzilla.mozilla.org/show_bug.cgi?id=1208339 https://bugzilla.mozilla.org/show_bug.cgi?id=1208520 +https://bugzilla.mozilla.org/show_bug.cgi?id=1208946 +https://bugzilla.mozilla.org/show_bug.cgi?id=1211262 +https://bugzilla.mozilla.org/show_bug.cgi?id=1212939 https://bugzilla.mozilla.org/show_bug.cgi?id=1215648 +https://bugzilla.mozilla.org/show_bug.cgi?id=1216748 https://bugzilla.mozilla.org/show_bug.cgi?id=1220493 https://bugzilla.mozilla.org/show_bug.cgi?id=1221444 https://bugzilla.mozilla.org/show_bug.cgi?id=1221518 @@ -110879,14 +111192,20 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=1222798 https://bugzilla.mozilla.org/show_bug.cgi?id=1223743 https://bugzilla.mozilla.org/show_bug.cgi?id=1226977 https://bugzilla.mozilla.org/show_bug.cgi?id=1227538 +https://bugzilla.mozilla.org/show_bug.cgi?id=1228103 https://bugzilla.mozilla.org/show_bug.cgi?id=1228590 +https://bugzilla.mozilla.org/show_bug.cgi?id=1228950 https://bugzilla.mozilla.org/show_bug.cgi?id=1229681 +https://bugzilla.mozilla.org/show_bug.cgi?id=1232069 https://bugzilla.mozilla.org/show_bug.cgi?id=1232785 +https://bugzilla.mozilla.org/show_bug.cgi?id=1237219 https://bugzilla.mozilla.org/show_bug.cgi?id=1240880 https://bugzilla.mozilla.org/show_bug.cgi?id=1243178 https://bugzilla.mozilla.org/show_bug.cgi?id=1245264 +https://bugzilla.mozilla.org/show_bug.cgi?id=1245724 https://bugzilla.mozilla.org/show_bug.cgi?id=1245791 https://bugzilla.mozilla.org/show_bug.cgi?id=1245795 +https://bugzilla.mozilla.org/show_bug.cgi?id=1246054 https://bugzilla.mozilla.org/show_bug.cgi?id=1246093 https://bugzilla.mozilla.org/show_bug.cgi?id=1246944 https://bugzilla.mozilla.org/show_bug.cgi?id=1247239 @@ -110894,9 +111213,12 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=1247968 https://bugzilla.mozilla.org/show_bug.cgi?id=1252330 https://bugzilla.mozilla.org/show_bug.cgi?id=1253673 https://bugzilla.mozilla.org/show_bug.cgi?id=1255474 +https://bugzilla.mozilla.org/show_bug.cgi?id=1270381 https://bugzilla.mozilla.org/show_bug.cgi?id=1271460 https://bugzilla.mozilla.org/show_bug.cgi?id=1273129 +https://bugzilla.mozilla.org/show_bug.cgi?id=1274637 https://bugzilla.mozilla.org/show_bug.cgi?id=1282430 +https://bugzilla.mozilla.org/show_bug.cgi?id=1284395 https://bugzilla.mozilla.org/show_bug.cgi?id=1285003 https://bugzilla.mozilla.org/show_bug.cgi?id=1287266 https://bugzilla.mozilla.org/show_bug.cgi?id=1289085 @@ -110905,8 +111227,14 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=1293463 https://bugzilla.mozilla.org/show_bug.cgi?id=1295023 https://bugzilla.mozilla.org/show_bug.cgi?id=1299686 https://bugzilla.mozilla.org/show_bug.cgi?id=1301876 +https://bugzilla.mozilla.org/show_bug.cgi?id=1309630 https://bugzilla.mozilla.org/show_bug.cgi?id=1315435 +https://bugzilla.mozilla.org/show_bug.cgi?id=1317873 +https://bugzilla.mozilla.org/show_bug.cgi?id=1319070 https://bugzilla.mozilla.org/show_bug.cgi?id=1319370 +https://bugzilla.mozilla.org/show_bug.cgi?id=1320039 +https://bugzilla.mozilla.org/show_bug.cgi?id=1320057 +https://bugzilla.mozilla.org/show_bug.cgi?id=1321619 https://bugzilla.mozilla.org/show_bug.cgi?id=1321719 https://bugzilla.mozilla.org/show_bug.cgi?id=1321814 https://bugzilla.mozilla.org/show_bug.cgi?id=1325200 @@ -110919,6 +111247,7 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=1336832 https://bugzilla.mozilla.org/show_bug.cgi?id=1336964 https://bugzilla.mozilla.org/show_bug.cgi?id=1336979 https://bugzilla.mozilla.org/show_bug.cgi?id=1338637 +https://bugzilla.mozilla.org/show_bug.cgi?id=1342742 https://bugzilla.mozilla.org/show_bug.cgi?id=1344380 https://bugzilla.mozilla.org/show_bug.cgi?id=1344415 https://bugzilla.mozilla.org/show_bug.cgi?id=1344461 @@ -110933,6 +111262,7 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=1356893 https://bugzilla.mozilla.org/show_bug.cgi?id=1360842 https://bugzilla.mozilla.org/show_bug.cgi?id=1362050 https://bugzilla.mozilla.org/show_bug.cgi?id=1367531 +https://bugzilla.mozilla.org/show_bug.cgi?id=1368490 https://bugzilla.mozilla.org/show_bug.cgi?id=1370497 https://bugzilla.mozilla.org/show_bug.cgi?id=1374047 https://bugzilla.mozilla.org/show_bug.cgi?id=1388015 @@ -110940,9 +111270,12 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=1390882 https://bugzilla.mozilla.org/show_bug.cgi?id=1397064 https://bugzilla.mozilla.org/show_bug.cgi?id=1399540 https://bugzilla.mozilla.org/show_bug.cgi?id=1401339 +https://bugzilla.mozilla.org/show_bug.cgi?id=1408708 https://bugzilla.mozilla.org/show_bug.cgi?id=1408990 +https://bugzilla.mozilla.org/show_bug.cgi?id=1411699 https://bugzilla.mozilla.org/show_bug.cgi?id=1411708 https://bugzilla.mozilla.org/show_bug.cgi?id=1411716 +https://bugzilla.mozilla.org/show_bug.cgi?id=1416045 https://bugzilla.mozilla.org/show_bug.cgi?id=1418447 https://bugzilla.mozilla.org/show_bug.cgi?id=1419166 https://bugzilla.mozilla.org/show_bug.cgi?id=1421324 @@ -110955,47 +111288,81 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=1425267 https://bugzilla.mozilla.org/show_bug.cgi?id=1429379 https://bugzilla.mozilla.org/show_bug.cgi?id=1431371 https://bugzilla.mozilla.org/show_bug.cgi?id=1432624 +https://bugzilla.mozilla.org/show_bug.cgi?id=1432870 https://bugzilla.mozilla.org/show_bug.cgi?id=1434634 +https://bugzilla.mozilla.org/show_bug.cgi?id=1436482 https://bugzilla.mozilla.org/show_bug.cgi?id=1437325 +https://bugzilla.mozilla.org/show_bug.cgi?id=1438025 +https://bugzilla.mozilla.org/show_bug.cgi?id=1440079 https://bugzilla.mozilla.org/show_bug.cgi?id=1441468 +https://bugzilla.mozilla.org/show_bug.cgi?id=1441941 +https://bugzilla.mozilla.org/show_bug.cgi?id=1442840 https://bugzilla.mozilla.org/show_bug.cgi?id=1447087 +https://bugzilla.mozilla.org/show_bug.cgi?id=1449548 https://bugzilla.mozilla.org/show_bug.cgi?id=1450353 +https://bugzilla.mozilla.org/show_bug.cgi?id=1452037 +https://bugzilla.mozilla.org/show_bug.cgi?id=1452075 https://bugzilla.mozilla.org/show_bug.cgi?id=1456652 https://bugzilla.mozilla.org/show_bug.cgi?id=1457721 https://bugzilla.mozilla.org/show_bug.cgi?id=1462910 https://bugzilla.mozilla.org/show_bug.cgi?id=1483510 +https://bugzilla.mozilla.org/show_bug.cgi?id=1484753 +https://bugzilla.mozilla.org/show_bug.cgi?id=1493900 https://bugzilla.mozilla.org/show_bug.cgi?id=1505973 https://bugzilla.mozilla.org/show_bug.cgi?id=1508776 +https://bugzilla.mozilla.org/show_bug.cgi?id=1518627 +https://bugzilla.mozilla.org/show_bug.cgi?id=1526218 https://bugzilla.mozilla.org/show_bug.cgi?id=1527717 +https://bugzilla.mozilla.org/show_bug.cgi?id=1528909 https://bugzilla.mozilla.org/show_bug.cgi?id=1538006 +https://bugzilla.mozilla.org/show_bug.cgi?id=1538015 +https://bugzilla.mozilla.org/show_bug.cgi?id=1543191 +https://bugzilla.mozilla.org/show_bug.cgi?id=1544386 +https://bugzilla.mozilla.org/show_bug.cgi?id=1549833 https://bugzilla.mozilla.org/show_bug.cgi?id=1552206 https://bugzilla.mozilla.org/show_bug.cgi?id=1553820 https://bugzilla.mozilla.org/show_bug.cgi?id=1555523 +https://bugzilla.mozilla.org/show_bug.cgi?id=1556230 +https://bugzilla.mozilla.org/show_bug.cgi?id=1558299 +https://bugzilla.mozilla.org/show_bug.cgi?id=1562582 https://bugzilla.mozilla.org/show_bug.cgi?id=1563327 +https://bugzilla.mozilla.org/show_bug.cgi?id=1568397 +https://bugzilla.mozilla.org/show_bug.cgi?id=1571481 +https://bugzilla.mozilla.org/show_bug.cgi?id=1574980 +https://bugzilla.mozilla.org/show_bug.cgi?id=1577953 https://bugzilla.mozilla.org/show_bug.cgi?id=1587976 https://bugzilla.mozilla.org/show_bug.cgi?id=1596668 https://bugzilla.mozilla.org/show_bug.cgi?id=1599008 +https://bugzilla.mozilla.org/show_bug.cgi?id=1599181 +https://bugzilla.mozilla.org/show_bug.cgi?id=1602843 https://bugzilla.mozilla.org/show_bug.cgi?id=1605814 +https://bugzilla.mozilla.org/show_bug.cgi?id=1607443 https://bugzilla.mozilla.org/show_bug.cgi?id=1610426 https://bugzilla.mozilla.org/show_bug.cgi?id=1615471 https://bugzilla.mozilla.org/show_bug.cgi?id=1617928 https://bugzilla.mozilla.org/show_bug.cgi?id=1622640 https://bugzilla.mozilla.org/show_bug.cgi?id=1623633 +https://bugzilla.mozilla.org/show_bug.cgi?id=1631618 https://bugzilla.mozilla.org/show_bug.cgi?id=1631739 https://bugzilla.mozilla.org/show_bug.cgi?id=1632387 +https://bugzilla.mozilla.org/show_bug.cgi?id=1634738 https://bugzilla.mozilla.org/show_bug.cgi?id=1636629 https://bugzilla.mozilla.org/show_bug.cgi?id=1636654 https://bugzilla.mozilla.org/show_bug.cgi?id=1641487 https://bugzilla.mozilla.org/show_bug.cgi?id=1652360 +https://bugzilla.mozilla.org/show_bug.cgi?id=1652612 https://bugzilla.mozilla.org/show_bug.cgi?id=1653371 +https://bugzilla.mozilla.org/show_bug.cgi?id=1656741 https://bugzilla.mozilla.org/show_bug.cgi?id=1658881 https://bugzilla.mozilla.org/show_bug.cgi?id=1661071 https://bugzilla.mozilla.org/show_bug.cgi?id=1663466 https://bugzilla.mozilla.org/show_bug.cgi?id=1670358 https://bugzilla.mozilla.org/show_bug.cgi?id=1673241 https://bugzilla.mozilla.org/show_bug.cgi?id=1675755 +https://bugzilla.mozilla.org/show_bug.cgi?id=1675905 https://bugzilla.mozilla.org/show_bug.cgi?id=1676311 https://bugzilla.mozilla.org/show_bug.cgi?id=1677138 +https://bugzilla.mozilla.org/show_bug.cgi?id=1683940 https://bugzilla.mozilla.org/show_bug.cgi?id=1684761 https://bugzilla.mozilla.org/show_bug.cgi?id=1684837 https://bugzilla.mozilla.org/show_bug.cgi?id=1690979 @@ -111015,8 +111382,11 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=1704422 https://bugzilla.mozilla.org/show_bug.cgi?id=1706501 https://bugzilla.mozilla.org/show_bug.cgi?id=1709257 https://bugzilla.mozilla.org/show_bug.cgi?id=1719088 +https://bugzilla.mozilla.org/show_bug.cgi?id=1719203 https://bugzilla.mozilla.org/show_bug.cgi?id=1722083 https://bugzilla.mozilla.org/show_bug.cgi?id=1729517 +https://bugzilla.mozilla.org/show_bug.cgi?id=1729642 +https://bugzilla.mozilla.org/show_bug.cgi?id=1732435 https://bugzilla.mozilla.org/show_bug.cgi?id=1736886 https://bugzilla.mozilla.org/show_bug.cgi?id=1737252 https://bugzilla.mozilla.org/show_bug.cgi?id=1737722 @@ -111026,23 +111396,31 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=1739957 https://bugzilla.mozilla.org/show_bug.cgi?id=1741515 https://bugzilla.mozilla.org/show_bug.cgi?id=1742334 https://bugzilla.mozilla.org/show_bug.cgi?id=1743931 +https://bugzilla.mozilla.org/show_bug.cgi?id=1744158 https://bugzilla.mozilla.org/show_bug.cgi?id=1745566 https://bugzilla.mozilla.org/show_bug.cgi?id=1745874 +https://bugzilla.mozilla.org/show_bug.cgi?id=1746448 https://bugzilla.mozilla.org/show_bug.cgi?id=1747388 https://bugzilla.mozilla.org/show_bug.cgi?id=1747526 https://bugzilla.mozilla.org/show_bug.cgi?id=1750565 https://bugzilla.mozilla.org/show_bug.cgi?id=1750679 https://bugzilla.mozilla.org/show_bug.cgi?id=1751609 https://bugzilla.mozilla.org/show_bug.cgi?id=1751678 +https://bugzilla.mozilla.org/show_bug.cgi?id=1752979 https://bugzilla.mozilla.org/show_bug.cgi?id=1753341 https://bugzilla.mozilla.org/show_bug.cgi?id=1753838 +https://bugzilla.mozilla.org/show_bug.cgi?id=1760674 https://bugzilla.mozilla.org/show_bug.cgi?id=1765049 https://bugzilla.mozilla.org/show_bug.cgi?id=1767194 https://bugzilla.mozilla.org/show_bug.cgi?id=1767590 +https://bugzilla.mozilla.org/show_bug.cgi?id=1768537 https://bugzilla.mozilla.org/show_bug.cgi?id=1770048 +https://bugzilla.mozilla.org/show_bug.cgi?id=1771685 +https://bugzilla.mozilla.org/show_bug.cgi?id=1773874 https://bugzilla.mozilla.org/show_bug.cgi?id=1777800 https://bugzilla.mozilla.org/show_bug.cgi?id=1782211 https://bugzilla.mozilla.org/show_bug.cgi?id=1783561 +https://bugzilla.mozilla.org/show_bug.cgi?id=1786188 https://bugzilla.mozilla.org/show_bug.cgi?id=1789061 https://bugzilla.mozilla.org/show_bug.cgi?id=1789128 https://bugzilla.mozilla.org/show_bug.cgi?id=1790311 @@ -111065,9 +111443,13 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=1821155 https://bugzilla.mozilla.org/show_bug.cgi?id=1821576 https://bugzilla.mozilla.org/show_bug.cgi?id=1821886 https://bugzilla.mozilla.org/show_bug.cgi?id=1821906 +https://bugzilla.mozilla.org/show_bug.cgi?id=1822754 https://bugzilla.mozilla.org/show_bug.cgi?id=1823172 https://bugzilla.mozilla.org/show_bug.cgi?id=1823316 +https://bugzilla.mozilla.org/show_bug.cgi?id=1823365 https://bugzilla.mozilla.org/show_bug.cgi?id=1823379 +https://bugzilla.mozilla.org/show_bug.cgi?id=1823720 +https://bugzilla.mozilla.org/show_bug.cgi?id=1824420 https://bugzilla.mozilla.org/show_bug.cgi?id=1826622 https://bugzilla.mozilla.org/show_bug.cgi?id=1836705 https://bugzilla.mozilla.org/show_bug.cgi?id=1837675 @@ -111078,13 +111460,17 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=1845739 https://bugzilla.mozilla.org/show_bug.cgi?id=1848454 https://bugzilla.mozilla.org/show_bug.cgi?id=1849037 https://bugzilla.mozilla.org/show_bug.cgi?id=1849704 +https://bugzilla.mozilla.org/show_bug.cgi?id=1854669 https://bugzilla.mozilla.org/show_bug.cgi?id=1858570 https://bugzilla.mozilla.org/show_bug.cgi?id=1861344 https://bugzilla.mozilla.org/show_bug.cgi?id=1863083 https://bugzilla.mozilla.org/show_bug.cgi?id=1863863 https://bugzilla.mozilla.org/show_bug.cgi?id=1864118 https://bugzilla.mozilla.org/show_bug.cgi?id=1871838 +https://bugzilla.mozilla.org/show_bug.cgi?id=260560 +https://bugzilla.mozilla.org/show_bug.cgi?id=267645 https://bugzilla.mozilla.org/show_bug.cgi?id=272620 +https://bugzilla.mozilla.org/show_bug.cgi?id=279945 https://bugzilla.mozilla.org/show_bug.cgi?id=290036 https://bugzilla.mozilla.org/show_bug.cgi?id=295854 https://bugzilla.mozilla.org/show_bug.cgi?id=297078 @@ -111098,14 +111484,18 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=361298 https://bugzilla.mozilla.org/show_bug.cgi?id=367428 https://bugzilla.mozilla.org/show_bug.cgi?id=371375 https://bugzilla.mozilla.org/show_bug.cgi?id=395399 +https://bugzilla.mozilla.org/show_bug.cgi?id=402347 +https://bugzilla.mozilla.org/show_bug.cgi?id=403331 https://bugzilla.mozilla.org/show_bug.cgi?id=408076 https://bugzilla.mozilla.org/show_bug.cgi?id=408164 https://bugzilla.mozilla.org/show_bug.cgi?id=424733 https://bugzilla.mozilla.org/show_bug.cgi?id=433610 https://bugzilla.mozilla.org/show_bug.cgi?id=439735 +https://bugzilla.mozilla.org/show_bug.cgi?id=440230 https://bugzilla.mozilla.org/show_bug.cgi?id=441995 https://bugzilla.mozilla.org/show_bug.cgi?id=443288 https://bugzilla.mozilla.org/show_bug.cgi?id=443299 +https://bugzilla.mozilla.org/show_bug.cgi?id=460713 https://bugzilla.mozilla.org/show_bug.cgi?id=461735 https://bugzilla.mozilla.org/show_bug.cgi?id=465615 https://bugzilla.mozilla.org/show_bug.cgi?id=469565 @@ -111114,7 +111504,9 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=479880 https://bugzilla.mozilla.org/show_bug.cgi?id=481558 https://bugzilla.mozilla.org/show_bug.cgi?id=484320 https://bugzilla.mozilla.org/show_bug.cgi?id=485217 +https://bugzilla.mozilla.org/show_bug.cgi?id=486269 https://bugzilla.mozilla.org/show_bug.cgi?id=493601 +https://bugzilla.mozilla.org/show_bug.cgi?id=504342 https://bugzilla.mozilla.org/show_bug.cgi?id=504343 https://bugzilla.mozilla.org/show_bug.cgi?id=504862 https://bugzilla.mozilla.org/show_bug.cgi?id=511615 @@ -111126,9 +111518,11 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=531222 https://bugzilla.mozilla.org/show_bug.cgi?id=532246 https://bugzilla.mozilla.org/show_bug.cgi?id=533000 https://bugzilla.mozilla.org/show_bug.cgi?id=536466 +https://bugzilla.mozilla.org/show_bug.cgi?id=538308 https://bugzilla.mozilla.org/show_bug.cgi?id=538310 https://bugzilla.mozilla.org/show_bug.cgi?id=540100 https://bugzilla.mozilla.org/show_bug.cgi?id=547143 +https://bugzilla.mozilla.org/show_bug.cgi?id=552110 https://bugzilla.mozilla.org/show_bug.cgi?id=552216 https://bugzilla.mozilla.org/show_bug.cgi?id=552255 https://bugzilla.mozilla.org/show_bug.cgi?id=554255 @@ -111142,6 +111536,7 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=574059 https://bugzilla.mozilla.org/show_bug.cgi?id=576070 https://bugzilla.mozilla.org/show_bug.cgi?id=576075 https://bugzilla.mozilla.org/show_bug.cgi?id=576447 +https://bugzilla.mozilla.org/show_bug.cgi?id=576616 https://bugzilla.mozilla.org/show_bug.cgi?id=579655 https://bugzilla.mozilla.org/show_bug.cgi?id=579744 https://bugzilla.mozilla.org/show_bug.cgi?id=580445 @@ -111173,12 +111568,17 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=650001 https://bugzilla.mozilla.org/show_bug.cgi?id=655742 https://bugzilla.mozilla.org/show_bug.cgi?id=655987 https://bugzilla.mozilla.org/show_bug.cgi?id=656277 +https://bugzilla.mozilla.org/show_bug.cgi?id=659349 https://bugzilla.mozilla.org/show_bug.cgi?id=664009 +https://bugzilla.mozilla.org/show_bug.cgi?id=665934 https://bugzilla.mozilla.org/show_bug.cgi?id=665936 https://bugzilla.mozilla.org/show_bug.cgi?id=670514 https://bugzilla.mozilla.org/show_bug.cgi?id=672485 +https://bugzilla.mozilla.org/show_bug.cgi?id=674042 +https://bugzilla.mozilla.org/show_bug.cgi?id=682335 https://bugzilla.mozilla.org/show_bug.cgi?id=684555 https://bugzilla.mozilla.org/show_bug.cgi?id=687745 +https://bugzilla.mozilla.org/show_bug.cgi?id=690225 https://bugzilla.mozilla.org/show_bug.cgi?id=697699 https://bugzilla.mozilla.org/show_bug.cgi?id=703975 https://bugzilla.mozilla.org/show_bug.cgi?id=703983 @@ -111192,6 +111592,7 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=718319 https://bugzilla.mozilla.org/show_bug.cgi?id=719612 https://bugzilla.mozilla.org/show_bug.cgi?id=723446 https://bugzilla.mozilla.org/show_bug.cgi?id=724247 +https://bugzilla.mozilla.org/show_bug.cgi?id=724599 https://bugzilla.mozilla.org/show_bug.cgi?id=725611 https://bugzilla.mozilla.org/show_bug.cgi?id=725663 https://bugzilla.mozilla.org/show_bug.cgi?id=735104 @@ -111200,13 +111601,16 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=744480 https://bugzilla.mozilla.org/show_bug.cgi?id=745397 https://bugzilla.mozilla.org/show_bug.cgi?id=746855 https://bugzilla.mozilla.org/show_bug.cgi?id=748764 +https://bugzilla.mozilla.org/show_bug.cgi?id=750096 https://bugzilla.mozilla.org/show_bug.cgi?id=750109 https://bugzilla.mozilla.org/show_bug.cgi?id=750820 https://bugzilla.mozilla.org/show_bug.cgi?id=751422 +https://bugzilla.mozilla.org/show_bug.cgi?id=756719 https://bugzilla.mozilla.org/show_bug.cgi?id=757128 https://bugzilla.mozilla.org/show_bug.cgi?id=757376 https://bugzilla.mozilla.org/show_bug.cgi?id=767778 https://bugzilla.mozilla.org/show_bug.cgi?id=769108 +https://bugzilla.mozilla.org/show_bug.cgi?id=771859 https://bugzilla.mozilla.org/show_bug.cgi?id=775009 https://bugzilla.mozilla.org/show_bug.cgi?id=790296 https://bugzilla.mozilla.org/show_bug.cgi?id=792405 @@ -111214,6 +111618,8 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=796866 https://bugzilla.mozilla.org/show_bug.cgi?id=799952 https://bugzilla.mozilla.org/show_bug.cgi?id=800666 https://bugzilla.mozilla.org/show_bug.cgi?id=813901 +https://bugzilla.mozilla.org/show_bug.cgi?id=813906 +https://bugzilla.mozilla.org/show_bug.cgi?id=814001 https://bugzilla.mozilla.org/show_bug.cgi?id=814026 https://bugzilla.mozilla.org/show_bug.cgi?id=814027 https://bugzilla.mozilla.org/show_bug.cgi?id=814029 @@ -111221,23 +111627,30 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=827193 https://bugzilla.mozilla.org/show_bug.cgi?id=840263 https://bugzilla.mozilla.org/show_bug.cgi?id=845880 https://bugzilla.mozilla.org/show_bug.cgi?id=848417 +https://bugzilla.mozilla.org/show_bug.cgi?id=850492 https://bugzilla.mozilla.org/show_bug.cgi?id=866915 https://bugzilla.mozilla.org/show_bug.cgi?id=868267 +https://bugzilla.mozilla.org/show_bug.cgi?id=868327 https://bugzilla.mozilla.org/show_bug.cgi?id=870870 https://bugzilla.mozilla.org/show_bug.cgi?id=875818 https://bugzilla.mozilla.org/show_bug.cgi?id=888314 https://bugzilla.mozilla.org/show_bug.cgi?id=888361 +https://bugzilla.mozilla.org/show_bug.cgi?id=890277 +https://bugzilla.mozilla.org/show_bug.cgi?id=890853 https://bugzilla.mozilla.org/show_bug.cgi?id=891693 https://bugzilla.mozilla.org/show_bug.cgi?id=910375 https://bugzilla.mozilla.org/show_bug.cgi?id=911593 https://bugzilla.mozilla.org/show_bug.cgi?id=913904 https://bugzilla.mozilla.org/show_bug.cgi?id=916726 +https://bugzilla.mozilla.org/show_bug.cgi?id=920515 https://bugzilla.mozilla.org/show_bug.cgi?id=924802 https://bugzilla.mozilla.org/show_bug.cgi?id=925747 https://bugzilla.mozilla.org/show_bug.cgi?id=950427 https://bugzilla.mozilla.org/show_bug.cgi?id=952077 +https://bugzilla.mozilla.org/show_bug.cgi?id=956524 https://bugzilla.mozilla.org/show_bug.cgi?id=961676 https://bugzilla.mozilla.org/show_bug.cgi?id=963962 +https://bugzilla.mozilla.org/show_bug.cgi?id=995289 https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2018-5123 https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2019-17003 https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2021-23980 @@ -111258,6 +111671,7 @@ https://bugzilla.redhat.com/show_bug.cgi?id=1251749 https://bugzilla.redhat.com/show_bug.cgi?id=1257962 https://bugzilla.redhat.com/show_bug.cgi?id=1272326 https://bugzilla.redhat.com/show_bug.cgi?id=1283362 +https://bugzilla.redhat.com/show_bug.cgi?id=1283370 https://bugzilla.redhat.com/show_bug.cgi?id=1377015 https://bugzilla.redhat.com/show_bug.cgi?id=1393882 https://bugzilla.redhat.com/show_bug.cgi?id=1396959 @@ -111462,6 +111876,7 @@ https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4350 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2095 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3592 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16839 +https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10131 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14386 https://bugzilla.samba.org/show_bug.cgi?id=13979 https://bugzilla.samba.org/show_bug.cgi?id=14914 @@ -111888,8 +112303,27 @@ https://cxsecurity.com/issue/WLB-2017100187 https://cxsecurity.com/issue/WLB-2017120155 https://cxsecurity.com/issue/WLB-2017120169 https://cxsecurity.com/issue/WLB-2017120183 +https://cxsecurity.com/issue/WLB-2018010251 +https://cxsecurity.com/issue/WLB-2018050029 +https://cxsecurity.com/issue/WLB-2018050139 +https://cxsecurity.com/issue/WLB-2018060091 +https://cxsecurity.com/issue/WLB-2018060092 +https://cxsecurity.com/issue/WLB-2018060157 +https://cxsecurity.com/issue/WLB-2018060185 +https://cxsecurity.com/issue/WLB-2018060325 +https://cxsecurity.com/issue/WLB-2018070095 +https://cxsecurity.com/issue/WLB-2018070096 +https://cxsecurity.com/issue/WLB-2018070175 https://cxsecurity.com/issue/WLB-2018080003 +https://cxsecurity.com/issue/WLB-2018080098 https://cxsecurity.com/issue/WLB-2018090182 +https://cxsecurity.com/issue/WLB-2018090248 +https://cxsecurity.com/issue/WLB-2018090249 +https://cxsecurity.com/issue/WLB-2018090255 +https://cxsecurity.com/issue/WLB-2018090261 +https://cxsecurity.com/issue/WLB-2018100018 +https://cxsecurity.com/issue/WLB-2018100107 +https://cxsecurity.com/issue/WLB-2018120252 https://cxsecurity.com/issue/WLB-2019020191 https://cxsecurity.com/issue/WLB-2019050199 https://cxsecurity.com/issue/WLB-2019100164 @@ -111922,6 +112356,7 @@ https://cxsecurity.com/issue/WLB-2022100037 https://cxsecurity.com/issue/WLB-2023050012 https://cxsecurity.com/issue/WLB-2023090075 https://cxsecurity.com/issue/WLB-2024010023 +https://cxsecurity.com/issue/WLB-2024010027 https://cyberaz0r.info/2020/04/tiny-file-manager-multiple-vulnerabilities/ https://cyberdanube.com/en/authenticated-command-injection-in-intelbras-wifiber-120ac-inmesh/ https://cyberdanube.com/en/en-authenticated-command-injection-in-delta-electronics-dvw-w02w2-e2/ @@ -111941,6 +112376,7 @@ https://cyberintel.es/cve/CVE-2022-48334_Buffer_Overflow_in_Widevine_drm_verify_ https://cyberintel.es/cve/CVE-2022-48335_Buffer_Overflow_in_Widevine_PRDiagVerifyProvisioning_0x5f90/ https://cyberintel.es/cve/CVE-2022-48336_Buffer_Overflow_in_Widevine_PRDiagParseAndStoreData_0x5cc8/ https://cybersecurityworks.com/zerodays/cve-2015-9260-bedita.html +https://cybersecurityworks.com/zerodays/cve-2016-11014-netgear.html https://cyberthoth.medium.com/fast-food-ordering-system-1-0-cross-site-scripting-7927f4b1edd6 https://cyberworldmirror.com/nicehash-vulnerability-leaked-miners-information/ https://cybir.com/2022/cve/connectwise-control-dns-spoofing-poc/ @@ -112492,7 +112928,10 @@ https://ecosystem.atlassian.net/browse/APL-1359 https://ecosystem.atlassian.net/browse/APL-1361 https://ecosystem.atlassian.net/browse/APL-1363 https://ecosystem.atlassian.net/browse/APL-1373 +https://ecosystem.atlassian.net/browse/APL-1386 +https://ecosystem.atlassian.net/browse/APL-1390 https://ecosystem.atlassian.net/browse/APL-1391 +https://ecosystem.atlassian.net/browse/AW-20 https://ecosystem.atlassian.net/browse/OAUTH-344 https://ecosystem.atlassian.net/browse/STRM-2350 https://ecosystem.atlassian.net/browse/UPM-5871 @@ -112597,6 +113036,7 @@ https://fluidattacks.com/advisories/tempest/ https://fluidattacks.com/advisories/tyler/ https://fluidattacks.com/advisories/wyckoff/ https://flyd.uk/post/cve-2023-24249/ +https://forge.univention.org/bugzilla/show_bug.cgi?id=48427 https://forsec.nl/wp-content/uploads/2014/11/ms14_064_ie_olerce.rb_.txt https://forum.backbox.org/security-advisories/waiting-verification-backbox-os-denial-of-service/msg10218 https://forum.epesibim.com/d/4956-security-issue-multiple-stored-xss-in-epesi-version-1-8-2-rev20170830 @@ -112682,10 +113122,12 @@ https://g0blin.co.uk/cve-2014-8758/ https://galogetlatorre.blogspot.com/2023/06/cve-2023-34096-path-traversal-thruk.html https://ganofins.com/blog/my-first-cve-2021-24176/ https://gccybermonks.com/posts/pdfjira/ +https://generalbytes.atlassian.net/wiki/spaces/ESD/pages/2885222430/Security+Incident+March+17-18th+2023 https://gerr.re/posts/cve-2022-27438/ https://ghost.org/docs/security/ https://ghost.org/docs/security/#privilege-escalation-attacks https://giongfnef.gitbook.io/giongfnef/cve/cve-2023-5311 +https://gist.github.com/0xHop/0d065694d56ac3943d8e8c239d80c63f https://gist.github.com/0xx7/a7aaa8b0515139cf7e30c808c8d54070 https://gist.github.com/1725489 https://gist.github.com/404notf0und/ab59234d71fbf35b4926ffd646324f29 @@ -112696,15 +113138,27 @@ https://gist.github.com/6en6ar/b118888dc739e8979038f24c8ac33611 https://gist.github.com/9thplayer/df042fe48c314dbc1afad80ffed8387d https://gist.github.com/AhMyth/6d9c5e15d943dd092ccca19fca8d5d37 https://gist.github.com/AhMyth/b0f7e4b8244def8eb8d7d8c61fa6d4e5 +https://gist.github.com/B0UG/68d3161af0c0ec85c615ca7452f9755e +https://gist.github.com/B0UG/8615df3fe83a4deca07334af783696d6 +https://gist.github.com/B0UG/9732614abccaf2893c352d14c822d07b +https://gist.github.com/B0UG/f0cfb356e23be3cd6ebea69566d6100a https://gist.github.com/CalumHutton/1fb89b64409570a43f89d1fd3274b231 +https://gist.github.com/CalumHutton/45d33e9ea55bf4953b3b31c84703dfca +https://gist.github.com/CalumHutton/b7aa1c2e71c8d4386463ac14f686901d https://gist.github.com/CalumHutton/bdb97077a66021ed455f87823cd7c7cb https://gist.github.com/ChALkeR/415a41b561ebea9b341efbb40b802fc9 https://gist.github.com/ChubbyZ/e1e5c1858c389334dcf581a19c741308 https://gist.github.com/Clingto/bb632c0c463f4b2c97e4f65f751c5e6d +https://gist.github.com/Cossack9989/6034c077f46e4f06d0992e9f2fae7f26 https://gist.github.com/Cossack9989/e9c1c2d2e69b773ca4251acdd77f2835 https://gist.github.com/CrimsonHamster/1aeec6db0d740de6ed4690f6a975f377 +https://gist.github.com/DrmnSamoLiu/cd1d6fa59501f161616686296aa4a6c8 +https://gist.github.com/DylanGrl/4269ae834c5d0ec77c9b928ad35d3be3 https://gist.github.com/DylanGrl/4b4e0d53bb7626b2ab3f834ec5a2b23c +https://gist.github.com/Eriner/0872628519f70556d2c26c83439a9f67 +https://gist.github.com/ErodedElk/1133d64dde2d92393a065edc9b243792 https://gist.github.com/Fastor01/30c6d89c842feb1865ec2cd2d3806838 +https://gist.github.com/GAP-dev/c33276a151c824300d68aecc317082a3 https://gist.github.com/GiongfNef/8fe658dce4c7fcf3a7b4e6387e50141c https://gist.github.com/GroundCTL2MajorTom/eef0d55f5df77cc911d84392acdbf625 https://gist.github.com/ISHGARD-2/a95632111138fcd7ccf7432ccb145b53 @@ -112712,6 +113166,7 @@ https://gist.github.com/JLLeitschuh/6792947ed57d589b08c1cc8b666c7737 https://gist.github.com/JLLeitschuh/fe6784391254b58de680bbda78a04a70 https://gist.github.com/JafarAkhondali/528fe6c548b78f454911fb866b23f66e https://gist.github.com/Ji4n1ng/6d028709d39458f5ab95b3ea211225ef +https://gist.github.com/LioTree/003202727a61c0fb3ec3c948ab5e38f9 https://gist.github.com/LioTree/8d10d123d31f50db05a25586e62a87ba https://gist.github.com/LioTree/a81111fb0c598a920cb49aaf0bd64e58 https://gist.github.com/Lz1y/24a6368c7ffdc1af7292035dd16a97f5 @@ -112722,8 +113177,39 @@ https://gist.github.com/Lz1y/acd1bfd0cc0e0f53b8f781840e7bf368 https://gist.github.com/Lz1y/cfb2f8179003b91404ad029333508f4c https://gist.github.com/Lz1y/e82eb9cc776e629b9d1874dc689421eb https://gist.github.com/Marshall-Hallenbeck/bf6a4a4f408bb7a5e0a47cb39dc1dbbe +https://gist.github.com/Meeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee/712ac36c8a08e2698e875169442a23a4 https://gist.github.com/MortalP0ison/5fd584b4c85fa13281fdc918913446fa +https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#address_public_newaspx +https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#address_public_showaspx +https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#attachdownloadaspx +https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#bulletin_template_showaspx +https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#file_memoaspx +https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#get_companyaspx +https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#get_dictaspx +https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#get_find_condictionaspx +https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#information-leakage-and-unauthorized-access-to-sensitive-data +https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#kaizen_downloadaspx +https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#mfaspx +https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#officefiledownloadaspx +https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#plan_template_previewaspx +https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#pm_gatt_incaspx +https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#searchcondictionaspx +https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#sys_blogtemplate_newaspx +https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#wf_file_downloadaspx +https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#wf_get_fields_approveaspx +https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#wf_office_file_history_showaspx +https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#wf_template_child_field_listaspx +https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#wf_work_finish_file_downaspx +https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#wf_work_form_saveaspx +https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#wf_work_printaspx +https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#wf_work_stat_settingaspx +https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#worklog_template_showaspx +https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#workplanattachdownloadaspx +https://gist.github.com/NinjaXshell/4c0509096cb4ec6543b3f8050369920c +https://gist.github.com/NinjaXshell/a5fae5e2d1031ca59160fbe29d94279c https://gist.github.com/NitescuLucian/69cf22d17bf190325118304be04828e8 +https://gist.github.com/P0cas/5aa55f62781364a750ac4a4d47f319fa#cve-2021-45803 +https://gist.github.com/P0cas/5aa55f62781364a750ac4a4d47f319fa#file-cve-2021-45802-md https://gist.github.com/Psychotropos/3e8c047cada9b1fb716e6a014a428b7f https://gist.github.com/RNPG/062cfca2e293a0e7d24f5d55f8db3fde https://gist.github.com/RNPG/32be1c4bae6f9378d4f382ba0c92b367 @@ -112741,12 +113227,17 @@ https://gist.github.com/RNPG/e10524f1781a9981b50fb27bb473b0fe https://gist.github.com/RNPG/e11af10e1bd3606de8b568033d932589 https://gist.github.com/RNPG/ef10c0acceb650d43625a77d3472dd84 https://gist.github.com/RaJiska/c1b4521aefd77ed43b06045ca05e2591 +https://gist.github.com/Raghavrao29/1cb84f1f2d8ce993fd7b2d1366d35f48 https://gist.github.com/ReturnHere/d0899bb03b8f5e8fae118f2b76888486 https://gist.github.com/RootUp/3d9e90ea5ae0799305b4c7ec66e19387 https://gist.github.com/RootUp/b5de893bb2e51a4c846c5a0caa13b666 https://gist.github.com/Shinkurt/157dbb3767c9489f3d754f79b183a890 +https://gist.github.com/Shulelk/15c9ba8d6b54dd4256a50a24ac7dd0a2 +https://gist.github.com/Slonser/8b4d061abe6ee1b2e10c7242987674cf https://gist.github.com/Sp3eD-X/22640377f96340544baf12891f708b8f https://gist.github.com/Swind1er/0c50e72428059fb72a4fd4d31c43f883 +https://gist.github.com/Swind1er/1ec2fde42254598a72f1d716f9cfe2a1 +https://gist.github.com/Swind1er/7aad5c28e5bdc91d73fa7489b7250c94 https://gist.github.com/Swind1er/ee095fbfe13f77a5b45b39a5aa82bd17 https://gist.github.com/TJetnipat/02b3854543b7ec95d54a8de811f2e8ae https://gist.github.com/This-is-Neo/c91e1a0ed5d40fbcf0dada43ea1d7479 @@ -112758,6 +113249,7 @@ https://gist.github.com/Xib3rR4dAr/02a21cd0ea0b7bf586131c5eebb69f1d https://gist.github.com/Xib3rR4dAr/417a11bcb9b8da28cfe5ba1c17c44d0e https://gist.github.com/Xib3rR4dAr/441d6bb4a5b8ad4b25074a49210a02cc https://gist.github.com/Xib3rR4dAr/4b3ea7960914e23c3a875b973a5b37a3 +https://gist.github.com/Xib3rR4dAr/561ac3c17b92cb55d3032504a076fa4b https://gist.github.com/Xib3rR4dAr/5dbd58b7f57a5037fe461fba8e696042 https://gist.github.com/Xib3rR4dAr/5f0accbbfdee279c68ed144da9cd8607 https://gist.github.com/Xib3rR4dAr/6aa9e730c1d030a5ee9f9d1eae6fbd5e @@ -112769,6 +113261,12 @@ https://gist.github.com/Xib3rR4dAr/af90cef7867583ab2de4cccea2a8c87d https://gist.github.com/Xib3rR4dAr/f9a4b4838154854ec6cde7d5deb76bf9 https://gist.github.com/ZIKH26/18693c67ee7d2f8d2c60231b19194c37 https://gist.github.com/Zenexer/40d02da5e07f151adeaeeaa11af9ab36 +https://gist.github.com/Zenexer/ac7601c0e367d876353137e5099b18a7 +https://gist.github.com/Zshan7que/c813f2b52daab08c9fb4f6c6b8178b66 +https://gist.github.com/aaaahuia/1343e3aa06b031ea621b5701cebcee3e +https://gist.github.com/aaaahuia/1fd31c1ebcddfe4c95268fa4f31fc312 +https://gist.github.com/aaaahuia/583b062b686cdff27554e3c6fa5ac94e +https://gist.github.com/aaaahuia/b99596c6de9bd6f60e0ddb7bf0bd13c4 https://gist.github.com/adeadfed/ccc834440af354a5638f889bee34bafe https://gist.github.com/adeshkolte/983bcadd82cc1fd60333098eb646ef68 https://gist.github.com/adeshkolte/9e60b2483d2f20d1951beac0fc917c6f @@ -112781,6 +113279,7 @@ https://gist.github.com/aliceicl/b2f25f3a0a3ba9973e4977f922d04008 https://gist.github.com/aliceicl/e32fb4a17277c7db9e0256185ac03dae https://gist.github.com/anonymous/16aca69b7dea27cb73ddebb0d9033b02 https://gist.github.com/anonymous/32e2894fa29176f3f32cb2b2bb7c24cb +https://gist.github.com/ansarisec/12737c207c0851d52865ed60c08891b7 https://gist.github.com/arkark/c1c57eaf3e0a649af1a70c2b93b17550 https://gist.github.com/arkark/e9f5cf5782dec8321095be3e52acf5ac https://gist.github.com/arleyna/20d858e11c48984d00926fa8cc0c2722 @@ -112796,15 +113295,27 @@ https://gist.github.com/captain-noob/aff11542477ddd0a92ad8b94ec75f832 https://gist.github.com/cure53/09a81530a44f6b8173f545accc9ed07e https://gist.github.com/cure53/df34ea68c26441f3ae98f821ba1feb9c https://gist.github.com/dazhouzhou/1a3b7400547f23fe316db303ab9b604f +https://gist.github.com/dellalibera/094aece17a86069a7d27f93c8aba2280 +https://gist.github.com/dellalibera/2be265b56b7b3b00de1a777b9dec0c7b +https://gist.github.com/dellalibera/65d136066fdd5ea4dddaadaa9b0ba90e +https://gist.github.com/dellalibera/666d67165830ded052a1ede2d2c0b02a +https://gist.github.com/dellalibera/9247769cc90ed96c0d72ddbcba88c65c +https://gist.github.com/dellalibera/c53448135480cbe12257c4b413a90d20 https://gist.github.com/dellalibera/cebce20e51410acebff1f46afdc89808 +https://gist.github.com/dellalibera/d2abd809f32ec6c61be1f41d80edf61b https://gist.github.com/dhondta/b45cd41f4186110a354dc7272916feba https://gist.github.com/dhondta/f71ae7e5c4234f8edfd2f12503a5dcc7 +https://gist.github.com/dmblbc/14a77036a9562407194c3cf3ee3f265e https://gist.github.com/dmknght/ac489cf3605ded09b3925521afee3003 https://gist.github.com/dru1d-foofus/1af21179f253879f101c3a8d4f718bf0 https://gist.github.com/dru1d-foofus/835423de77c3522d53b9e7bdf5a28dfe https://gist.github.com/dvyukov/48ad14e84de45b0be92b7f0eda20ff1b https://gist.github.com/emboss/91696b56cd227c8a0c13 https://gist.github.com/erud1te-sec/5c85924cb78ba85af42e0b7b62a5ec91 +https://gist.github.com/faisalfs10x/bd12e9abefb0d44f020bf297a14a4597 +https://gist.github.com/fakhrizulkifli/40f3daf52950cca6de28ebec2498ff6e +https://gist.github.com/fakhrizulkifli/87cf1c1ad403b4d40a86d90c9c9bf7ab +https://gist.github.com/fakhrizulkifli/8df4a174158df69ebd765f824bd736b8 https://gist.github.com/fakhrizulkifli/c7740d28efa07dafee66d4da5d857ef6 https://gist.github.com/feixuezhi/7a1b117e1a4800efb3b6fffe76ca0e97 https://gist.github.com/fxb6476/0b9883a88ff2ca40de46a8469834e16c @@ -112814,33 +113325,48 @@ https://gist.github.com/gandalf4a/d7fa58f1b3418ef08ad244acccc10ba6 https://gist.github.com/harsh-bothra/d8c86b8279b23ff6d371f832ba0a5b6b https://gist.github.com/huanglei3/ec9090096aa92445cf0a8baa8e929084 https://gist.github.com/hybriz/63bbe2d963e531357aca353c74dd1ad5 +https://gist.github.com/icemonster/282ab98fb68fc22aac7c576538f6369c +https://gist.github.com/illikainen/ced14e08e00747fef613ba619bb25bb4 https://gist.github.com/ipxsec/1680d29c49fe368be81b037168175b10 https://gist.github.com/ipxsec/b20383620c9e1d5300f7716e62e8a82f https://gist.github.com/isciurus/df4d7edd9c3efb4a0753 https://gist.github.com/izadgot/38a7dd553f8024ed3154134dae0414fd https://gist.github.com/izadgot/3efc75f62f9c9567c8f11bad74165425 https://gist.github.com/jk1986/3b304ac6b4ae52ae667bba380c2dce19 +https://gist.github.com/jocephus/806ff4679cf54af130d69777a551f819 https://gist.github.com/kdrypr/5dac91c2d27c4dc82b1225dffa38f7a8 +https://gist.github.com/keeganparr1/1dffd3c017339b7ed5371ed3d81e6b2a +https://gist.github.com/keltecc/49da037072276f21b005a8337c15db26 https://gist.github.com/keniver/f5155b42eb278ec0273b83565b64235b#file-androvideo-advan-vd-1-multiple-vulnerabilities-md +https://gist.github.com/lebr0nli/4edb76bbd3b5ff993cf44f2fbce5e571 https://gist.github.com/leesh3288/381b230b04936dd4d74aaf90cc8bb244 https://gist.github.com/leesh3288/f05730165799bf56d70391f3d9ea187c https://gist.github.com/legndery/a248350bb25b8502a03c2f407cedeb14 +https://gist.github.com/lelecolacola123/cc0d1e73780127aea9482c05f2ff3252 https://gist.github.com/leommxj/0a32afeeaac960682c5b7c9ca8ed070d https://gist.github.com/leonjza/2244eb15510a0687ed93160c623762ab https://gist.github.com/lirantal/0f8a48c3f5ac581ce73123abe9f7f120 +https://gist.github.com/lirantal/1f7021703a2065ecaf9ec9e06a3a346d https://gist.github.com/lirantal/327e9dd32686991b5a1fa6341aac2e7b https://gist.github.com/lirantal/52debd25284726fcc2eaed9c7512975c https://gist.github.com/lirantal/5550bcd0bdf92c1b56fbb20e141fe5bd +https://gist.github.com/lirantal/637520812da06fffb91dd86d02ff6bde https://gist.github.com/lirantal/832382155e00da92bfd8bb3adea474eb https://gist.github.com/lirantal/9ccdfda0edcb95e36d07a04b0b6c2db0 +https://gist.github.com/lirantal/c80b28e7bee148dc287339cb483e42bc +https://gist.github.com/lirantal/dcb32c11ce87f5aafd2282b90b4dc998 https://gist.github.com/llandeilocymro/55a61e3730cdef56ab5806a677ba0891 https://gist.github.com/llandeilocymro/7dbe3daaab6d058d609fd9a0b24301cb +https://gist.github.com/lx39214/248dc58c6d05455d4bd06c4d3df8e2d0 https://gist.github.com/mariuszpoplwski/51604d8a6d7d78fffdf590c25e844e09 https://gist.github.com/mattwelke/b7f42424680a57b8161794ad1737cd8f +https://gist.github.com/mcoimbra/47b1da554a80795c45126d51e41b2b18 https://gist.github.com/menghaining/8d424faebfe869c80eadaea12bbdd158 https://gist.github.com/menglong2234/b7bc13ae1a144f47cc3c95a7ea062428 https://gist.github.com/menglong2234/d07a65b5028145c9f4e1d1db8c4c202f https://gist.github.com/merhawi023/a1155913df3cf0c17971b0fb7dcd8f20 +https://gist.github.com/mestrtee/5dc2c948c2057f98d3de0a9790903c6c +https://gist.github.com/mestrtee/d1eb6e1f7c6dd60d8838c3e56cab634d https://gist.github.com/mmmdzz/03df5177afd04b32ac190eb7907f3834 https://gist.github.com/naihsin/b96e2c5c2c81621b46557fd7aacd165f https://gist.github.com/netspooky/61101e191afee95feda7dbd2f6b061c4 @@ -112865,8 +113391,12 @@ https://gist.github.com/redeye5/57ccafea7263efec67c82b0503c72480 https://gist.github.com/redeye5/ccbbc43330cc9821062249b78c916317 https://gist.github.com/redeye5/ebfef23f0a063b82779151f9cde8e480 https://gist.github.com/renanavs/dcb13bb1cd618ce7eb0c80290b837245 +https://gist.github.com/renbou/957f70d27470982994f12a1d70153d09 https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f https://gist.github.com/rntcruz23/199782fb65b7dc3c4492d168770b71e5 +https://gist.github.com/rodnt/a190d14d1715890d8df19bad58b90693 +https://gist.github.com/rvismit/2b1a10a48104e01f575cc948da69df19 +https://gist.github.com/rvismit/67bc11dd9ccb7423827564cb81d25740 https://gist.github.com/sedrubal/a83fa22f1091025a5c1a14aabd711ad7 https://gist.github.com/senzee1984/ff30f0914db39d2741ab17332f0fc6e1 https://gist.github.com/seongil-wi/2a44e082001b959bfe304b62121fb76d @@ -112876,19 +113406,33 @@ https://gist.github.com/sqrtrev/1f9986d4bdd1393832c60a97b56e170a https://gist.github.com/svennergr/204038bda1849ebce9af32eea9e55038 https://gist.github.com/svennergr/501409fbdb0ef4a8b0f07a26a2815fbb https://gist.github.com/swkim101/f473b9a60e6d4635268402a2cd2025ac +https://gist.github.com/tanprathan/18d0f692a2485acfb5693e2f6dabeb5d +https://gist.github.com/tanprathan/19165c43ade898ab8b664098fb171f49 https://gist.github.com/tanprathan/24cab2eb02937f86961c6380b47ce385 https://gist.github.com/tanprathan/69fbf6fbac11988e12f44069ec5b18ea#file-cve-2020-22007-txt https://gist.github.com/tanprathan/6e8ed195a2e05b7f9d9a342dbdacb349 +https://gist.github.com/tanprathan/f5133651e438b2ad1b39172d52b56115 +https://gist.github.com/tim124058/5c4babe391a016c771d2cccabead21cb https://gist.github.com/tj-oconnor/16a4116050bbcb4717315f519b944f1f +https://gist.github.com/tpmiller87/6c05596fe27dd6f69f1aaba4cbb9c917 https://gist.github.com/vin01/26a8bb13233acd9425e7575a7ad4c936 +https://gist.github.com/w4nd3r-hya/784a86dda91bdcb3071892e56aacdee2 +https://gist.github.com/wadeAlexC/2490d522e81a796af9efcad1686e6754 +https://gist.github.com/walhajri/711af9b62f6fb25e66a5d9a490deab98 https://gist.github.com/wbowling/13f9f90365c171806b9ffba2c841026b https://gist.github.com/wdormann/874198c1bd29c7dd2157d9fc1d858263 https://gist.github.com/wealeson1/e24fc8575f4e051320d69e9a75080642 https://gist.github.com/wes4m/e32080b02c2cd668d50eeac66613ca1d +https://gist.github.com/whiteman007/ +https://gist.github.com/whiteman007/43bd7fa1fa0e47554b33f0cf93066784 +https://gist.github.com/whiteman007/a3b25a7ddf38774329d72930e0cd841a +https://gist.github.com/whiteman007/b50a9b64007a5d7bcb7a8bee61d2cb47 https://gist.github.com/xax007/28e7326acfae677be0b351216888e522 https://gist.github.com/xax007/94183b11bdfe579fd860a37e74cd3a8e https://gist.github.com/yasinyilmaz/1fe3fe58dd275edb77dcbe890fce2f2c https://gist.github.com/yinfei6/56bb396f579cb67840ed1ecb77460a5b +https://gist.github.com/yurahod/2e11eabbe4b92ef1d44b08e37023ecfb +https://gist.github.com/yurahod/828d5e6a077c12f3f74c6485d1c7f0e7 https://gist.github.com/zaee-k/390b2f8e50407e4b199df806baa7e4ef https://gist.github.com/zeroSteiner/85daef257831d904479c https://gist.githubusercontent.com/henices/2467e7f22dcc2aa97a2453e197b55a0c/raw/7b54bccc9a129c604fb139266f4497ab7aaa94c7/gistfile1.txt @@ -112948,6 +113492,8 @@ https://gitbook.seguranca-informatica.pt/cve-and-exploits/cves/chiyu-iot-devices https://gitbook.seguranca-informatica.pt/cve-and-exploits/cves/chiyu-iot-devices#cve-2021-31643 https://gitee.com/inxeduopen/inxedu/issues/I294XL https://gitee.com/koyshe/phpshe/issues/IQ8S8 +https://gitee.com/koyshe/phpshe/issues/ISW87 +https://gitee.com/koyshe/phpshe/issues/ITC0C https://gitee.com/koyshe/phpshe/issues/ITLK2 https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/ https://github.blog/2023-01-23-pwning-the-all-google-phone-with-a-non-google-bug/ @@ -112961,14 +113507,39 @@ https://github.com/0x727/ShuiZe_0x727/issues/160 https://github.com/0xAlmighty/Vulnerability-Research/blob/main/SourceCodester/CLMS/SourceCodester-CLMS-SQLi.md https://github.com/0xB9/LayerBB-1.1.3-CSRF/blob/master/README.md https://github.com/0xBaz/CVE-2021-29349/issues/1 +https://github.com/0xBrAinsTorM/CVE-2021-36981 https://github.com/0xInfection/EPScalate +https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-8r25-68wm-jw35 +https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-h374-mm57-879c +https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-xvq9-4vpv-227m +https://github.com/0xQRx/VulnerabilityResearch/blob/master/2024/DailyHabitTracker-SQL_Injection.md +https://github.com/0xQRx/VulnerabilityResearch/blob/master/2024/MembershipManagementSystem-SQL_Injection_Add_Type.md +https://github.com/0xQRx/VulnerabilityResearch/blob/master/2024/MembershipManagementSystem-SQL_Injection_Login.md +https://github.com/0xQRx/VulnerabilityResearch/blob/master/2024/MembershipManagementSystem-Stored_XSS_Add_Type.md +https://github.com/0xQRx/VulnerabilityResearch/blob/master/2024/MembershipManagementSystem-Unrestricted_Fileupload.md +https://github.com/0xQRx/VulnerabilityResearch/blob/master/2024/ZooManagementSystem-SQL_Injection_Edit_Ticket.md +https://github.com/0xQRx/VunerabilityResearch/blob/master/2024/DailyHabitTracker-Stored_XSS.md +https://github.com/0xbunniee/MailCow-Pixel-Flood-Attack https://github.com/0xcc-Since2016/TP-Link-WDR-Router-Command-injection_POC/blob/master/poc.py +https://github.com/0xfml/poc/blob/main/NCH/Axon_2.22_LFI.md +https://github.com/0xfml/poc/blob/main/NCH/Axon_2.22_XSS.md +https://github.com/0xfml/poc/blob/main/NCH/Flexiserver_6.00_LFI.md +https://github.com/0xfml/poc/blob/main/NCH/IVM_5.12_LFI.md +https://github.com/0xfml/poc/blob/main/NCH/IVM_5.12_RCE.md +https://github.com/0xfml/poc/blob/main/NCH/IVM_5.12_XSS.md +https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_CC.md +https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_LFI.md +https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md +https://github.com/0xfml/poc/blob/main/NCH/ReflectCRM_3.01_CC.md +https://github.com/0xfml/poc/blob/main/NCH/WebDictate_2.13_LFI.md +https://github.com/0xfml/poc/blob/main/NCH/WebDictate_2.13_XSS.md https://github.com/0xfml/poc/blob/main/PLANET/WDRT-1800AX.md https://github.com/0xhebi/CVE-2022-34970/blob/master/report.md https://github.com/0xhebi/CVEs/blob/main/Crow/CVE-2022-38668.md https://github.com/0xrayan/CVEs/issues/1 https://github.com/0xrayan/CVEs/issues/2 https://github.com/0xrayan/CVEs/issues/3 +https://github.com/0xrayan/CVEs/issues/4 https://github.com/0z09e/CVE-2022-22909 https://github.com/10TG/vulnerabilities/blob/main/Acer/CVE-2022-41415/CVE-2022-41415.md https://github.com/10TG/vulnerabilities/blob/main/Netgear/CVE-2022-30078/CVE-2022-30078.md @@ -112984,7 +113555,10 @@ https://github.com/10cksYiqiyinHangzhouTechnology/vox2png/blob/main/README.md https://github.com/10splayaSec/CVE-Disclosures/tree/main/ChurchCRM/CVE-2023-25346 https://github.com/10splayaSec/CVE-Disclosures/tree/main/ChurchCRM/CVE-2023-25347 https://github.com/10splayaSec/CVE-Disclosures/tree/main/ChurchCRM/CVE-2023-26839 +https://github.com/10splayaSec/CVE-Disclosures/tree/main/ChurchCRM/CVE-2023-26840 https://github.com/10splayaSec/CVE-Disclosures/tree/main/ChurchCRM/CVE-2023-26841 +https://github.com/10splayaSec/CVE-Disclosures/tree/main/ChurchCRM/CVE-2023-26842 +https://github.com/10splayaSec/CVE-Disclosures/tree/main/ChurchCRM/CVE-2023-26843 https://github.com/10splayaSec/CVE-Disclosures/tree/main/ChurchCRM/CVE-2023-31548 https://github.com/1160300418/Vuls/blob/main/Tenda/AC/Vul_NatStaticSetting.md https://github.com/1160300418/Vuls/blob/main/Tenda/AC/Vul_expandDlnaFile.md @@ -112998,6 +113572,7 @@ https://github.com/1160300418/Vuls/tree/main/D-Link/DIR-605L/curTime_Vuls/04 https://github.com/1160300418/Vuls/tree/main/D-Link/DIR-605L/webpage_Vuls/01 https://github.com/1160300418/Vuls/tree/main/D-Link/DIR-605L/webpage_Vuls/02 https://github.com/1160300418/Vuls/tree/main/D-Link/DIR-605L/webpage_Vuls/03 +https://github.com/1337kid/Piggery_CMS_multiple_vulns_PoC/tree/main/CVE-2023-37630 https://github.com/14isnot40/vul_discovery/blob/06d04dbbc6f792a82321c00376d4dbf3add00f4f/poc/bit2spr%20vulnerability%20discovery.md.pdf https://github.com/14isnot40/vul_discovery/blob/master/D-Link%20COVR%2012xx%20.pdf https://github.com/1759134370/iot/blob/main/TOTOLINK/A3002R/2.md @@ -113006,17 +113581,25 @@ https://github.com/1759134370/iot/blob/main/TOTOLINK/A860R/1.md https://github.com/1759134370/iot/blob/main/TOTOLINK/A860R/3.md https://github.com/1759134370/iot/blob/main/TOTOLINK/A860R/4.md https://github.com/1759134370/iot/blob/main/TOTOLINK/A860R/5.md +https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-6m9h-2pr2-9j8f https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-85cf-gj29-f555 +https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-f8ch-w75v-c847 https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-hf7j-xj3w-87g4 +https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-pv7q-v9mv-9mh5 https://github.com/1Panel-dev/KubePi/security/advisories/GHSA-757p-vx43-fp9r https://github.com/1Panel-dev/KubePi/security/advisories/GHSA-87f6-8gr7-pc6h https://github.com/1angx/webray.com.cn/blob/main/Wavlink/Wavlink%20mesh.cgi.md https://github.com/1angx/webray.com.cn/blob/main/Wavlink/Wavlink%20touchlist_sync.cgi.md +https://github.com/1d8/publications/tree/main/cve-2021-29011 https://github.com/1d8/publications/tree/main/cve-2021-29012 https://github.com/1dreamGN/CVE/blob/main/CVE-2023-42406.md https://github.com/1modm/petereport/issues/35 https://github.com/1nters3ct/CVEs/blob/main/CVE-2023-26255.md +https://github.com/1nters3ct/CVEs/blob/main/CVE-2023-26256.md +https://github.com/1testnew/CVE_Hunter/blob/main/SQLi-1.md https://github.com/202ecommerce/security-advisories/security/advisories/GHSA-hg7m-23j3-rf56 +https://github.com/20Yiju/DLink/blob/master/DIR-845L/CI.md +https://github.com/2111715623/cms/blob/main/3.md https://github.com/21Gun5/my_cve/blob/main/tenda/bypass_auth.md https://github.com/2205794866/Tenda/blob/main/AC15/1.md https://github.com/2205794866/Tenda/blob/main/AC15/10.md @@ -113024,6 +113607,7 @@ https://github.com/2205794866/Tenda/blob/main/AC15/5.md https://github.com/2205794866/Tenda/blob/main/AC15/7.md https://github.com/2205794866/Tenda/blob/main/AC15/9.md https://github.com/2205794866/Tenda/blob/main/AC5/1.md +https://github.com/3ndG4me/AdTran-Personal-Phone-Manager-Vulns/blob/main/CVE-2021-25679.md https://github.com/3ndG4me/AdTran-Personal-Phone-Manager-Vulns/blob/main/CVE-2021-25680.md https://github.com/3ndG4me/AdTran-Personal-Phone-Manager-Vulns/blob/main/CVE-2021-25681.md https://github.com/3ndG4me/liferay-xss-7.2.1GA2-poc-report-CVE-2020-7934 @@ -113036,17 +113620,40 @@ https://github.com/4ra1n/super-xray/releases/tag/0.3-beta https://github.com/4ra1n/super-xray/security/advisories/GHSA-39pv-4vmj-c4fr https://github.com/4websecurity/CVE-2022-38553/blob/main/README.md https://github.com/5497lvren/Zhenhao/issues/1 +https://github.com/5erua/vuls/blob/main/dir882.md https://github.com/726232111/VulIoT/tree/main/D-Link/DIR-816%20A2_v1.10CNB05/addRouting https://github.com/726232111/VulIoT/tree/main/D-Link/DIR823G%20V1.0.2B05/HNAP1 https://github.com/726232111/VulIoT/tree/main/D-Link/DIR823G%20V1.0.2B05/HNAP1/SetMultipleActions https://github.com/726232111/VulIoT/tree/main/D-Link/DIR823G%20V1.0.2B05/HNAP1/SetParentsControlInfo https://github.com/726232111/VulIoT/tree/main/D-Link/DIR823G%20V1.0.2B05/HNAP1/boSetPasswdSettings +https://github.com/726232111/VulIoT/tree/main/D-Link/DIR823G%20V1.0.2B05/excu_shell https://github.com/7332all/cve/blob/main/rce_1.md +https://github.com/777erp/cms/blob/main/1.md +https://github.com/777erp/cms/blob/main/10.md +https://github.com/777erp/cms/blob/main/11.md +https://github.com/777erp/cms/blob/main/12.md +https://github.com/777erp/cms/blob/main/13.md +https://github.com/777erp/cms/blob/main/14.md +https://github.com/777erp/cms/blob/main/15.md +https://github.com/777erp/cms/blob/main/16.md +https://github.com/777erp/cms/blob/main/17.md +https://github.com/777erp/cms/blob/main/2.md +https://github.com/777erp/cms/blob/main/20.md +https://github.com/777erp/cms/blob/main/3.md +https://github.com/777erp/cms/blob/main/4.md +https://github.com/777erp/cms/blob/main/5.md +https://github.com/777erp/cms/blob/main/6.md +https://github.com/777erp/cms/blob/main/7.md +https://github.com/777erp/cms/blob/main/9.md https://github.com/779789571/zzcms/blob/main/README.md https://github.com/7akahash1/POC/blob/main/1.md https://github.com/849200701/cms/blob/main/CSRF%20exists%20in%20the%20backup%20and%20restore%20location.md +https://github.com/86x/CVE-2021-45416 https://github.com/876054426/vul/blob/master/ljcms_sql.md https://github.com/9001/copyparty/security/advisories/GHSA-f54q-j679-p9hh +https://github.com/94fzb/zrlog/issues/37 +https://github.com/94fzb/zrlog/issues/38 +https://github.com/94fzb/zrlog/issues/39 https://github.com/96xiaopang/Vulnerabilities/blob/main/zzzcms%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0_en.md https://github.com/9Bakabaka/CVE-2023-36123 https://github.com/9lyph/CVE-2019-12836/blob/master/README.md @@ -113054,6 +113661,8 @@ https://github.com/ABB-EL/external-vulnerability-disclosures/security/advisories https://github.com/ADOdb/ADOdb/issues/274 https://github.com/ARM-software/astc-encoder/issues/294 https://github.com/ARMmbed/mbedtls/issues/1561 +https://github.com/AUTOCRYPT-IVS-VnV/CVE-2022-38766 +https://github.com/AaravRajSIngh/Chatbot/pull/10 https://github.com/Abyss-W4tcher/ab4yss-wr4iteups/blob/ffa980faa9e3598d49d6fb7def4f7a67cfb5f427/SPIP%20-%20Pentest/SPIP%204.1.2/SPIP_4.1.2_AUTH_RCE/SPIP_4.1.2_AUTH_RCE_Abyss_Watcher_12_07_22.md https://github.com/AcademySoftwareFoundation/openexr/blob/master/SECURITY.md https://github.com/AcademySoftwareFoundation/openexr/issues/1680 @@ -113077,12 +113686,18 @@ https://github.com/AgainstTheLight/someEXP_of_jfinal_cms/blob/main/jfinal_cms/sq https://github.com/AgainstTheLight/someEXP_of_jfinal_cms/blob/main/jfinal_cms/sql7.md https://github.com/AgainstTheLight/someEXP_of_jfinal_cms/blob/main/jfinal_cms/sql8.md https://github.com/AgainstTheLight/someEXP_of_jfinal_cms/blob/main/jfinal_cms/sql9.md +https://github.com/Agampreet-Singh/CVE-2024-25202 https://github.com/Ahwxorg/LibreY/security/advisories/GHSA-p4f9-h8x8-mpwf https://github.com/Ahwxorg/LibreY/security/advisories/GHSA-xfj6-4vp9-8rgc https://github.com/Ainevsia/CVE-Request/tree/main/Ricoh/1 https://github.com/Ainevsia/CVE-Request/tree/main/Solana/1 +https://github.com/Ainevsia/CVE-Request/tree/main/Tenda/11 +https://github.com/Ainevsia/CVE-Request/tree/main/Tenda/7 +https://github.com/Ainevsia/CVE-Request/tree/main/Xerox/1 +https://github.com/Alexandre-Bartel/CVE-2018-20343 https://github.com/Alkatraz97/CVEs/blob/main/CVE-2023-33754.md https://github.com/Alluxio/alluxio/issues/10552 +https://github.com/AlquistManager/alquist/issues/43 https://github.com/Am1ngl/ttt/tree/main/12 https://github.com/Am1ngl/ttt/tree/main/13 https://github.com/Am1ngl/ttt/tree/main/14 @@ -113095,29 +113710,39 @@ https://github.com/Am1ngl/ttt/tree/main/19 https://github.com/Am1ngl/ttt/tree/main/20 https://github.com/Am1ngl/ttt/tree/main/22 https://github.com/Am1ngl/ttt/tree/main/23 +https://github.com/Am1ngl/ttt/tree/main/28 https://github.com/Am1ngl/ttt/tree/main/29 https://github.com/Am1ngl/ttt/tree/main/30 https://github.com/Am1ngl/ttt/tree/main/31 https://github.com/Am1ngl/ttt/tree/main/32 https://github.com/Am1ngl/ttt/tree/main/37 +https://github.com/Amrita2000/CVES/blob/main/CVE-2024-34230.md +https://github.com/Amrita2000/CVES/blob/main/CVE-2024-34231.md https://github.com/AndreGNogueira/CVE-2023-39063 +https://github.com/Andriesces/SelectCours-_Sever-side-Template-injection/blob/main/README.md https://github.com/AndyRixon/LayerBB/issues/51 https://github.com/AnotherN/cvv/blob/main/imgs/Lost%20and%20Found%20Information%20System%20-%20multiple%20vulnerabilities.md#4sql-injection-vulnerability-in-admininquiriesview_inquiryphp https://github.com/AnotherN/cvv/blob/main/imgs/Lost%20and%20Found%20Information%20System%20-%20multiple%20vulnerabilities.md#7sql-injection-vulnerability-in-adminusermanage_userphp +https://github.com/AntSword-Store/AS_Redis/issues/1 https://github.com/AntSwordProject/antSword/issues/147 https://github.com/Antho59/wp-jobhunt-exploit +https://github.com/AntonKueltz/fastecdsa/commit/57fc5689c95d649dab7ef60cc99ac64589f01e36 https://github.com/AntonKueltz/fastecdsa/issues/52 +https://github.com/AntsKnows/CVE/blob/master/WP_Plugin_Flickr-rss https://github.com/Anza2001/IOT_VULN/blob/main/Tenda/AX1803/formAddMacfilterRule.md https://github.com/Anza2001/IOT_VULN/blob/main/Tenda/AX1806/fromSetWirelessRepeat.md https://github.com/Anza2001/IOT_VULN/blob/main/Tenda/AX1806/setSchedWifi.md +https://github.com/ArchimedesCAD/libredwg/issues/6 https://github.com/ArianeBlow/exploit-eyesofnetwork5.3.10/blob/main/PoC-BruteForceID-arbitraty-file-upload-RCE-PrivEsc.py https://github.com/Athlon1600/php-proxy-app/issues/134 +https://github.com/Athos-Zago/CVE-2024-30973/tree/main https://github.com/AuroraHaaash/vul_report/blob/main/TOTOLINK%20A3300R-Command%20Injection/readme.md https://github.com/AuroraHaaash/vul_report/blob/main/TOTOLINK%20A3300R/readme.md https://github.com/Aurorainfinity/Poc/tree/master/jerryscript/NULL-dereference-ecma_get_lex_env_type https://github.com/Aurorainfinity/Poc/tree/master/pdf2json https://github.com/Aurorainfinity/Poc/tree/master/pdf2xml https://github.com/AutismJH/damicms/issues/5 +https://github.com/AutismJH/damicms/issues/6 https://github.com/Automattic/mongoose/issues/8222 https://github.com/Awilum/monstra-cms/issues/351 https://github.com/B2eFly/CVE/blob/main/totolink/CP900/2/2.md @@ -113151,18 +113776,27 @@ https://github.com/BastilleResearch/CableTap/blob/master/doc/advisories/bastille https://github.com/BastilleResearch/CableTap/blob/master/doc/advisories/bastille-40.ethernet-snmp.txt https://github.com/BastilleResearch/CableTap/blob/master/doc/advisories/bastille-41.root-command-execution.txt https://github.com/BastilleResearch/CableTap/blob/master/doc/advisories/bastille-42.remote-OTA.txt +https://github.com/BasuCert/WinboxPoC https://github.com/Beckaf/vunl/blob/main/TOTOLINK/X6000R/2/2.md https://github.com/BigNerd95/Chimay-Red +https://github.com/BigNerd95/WinboxExploit https://github.com/BigTiger2020/2023/blob/main/Free%20and%20Open%20Source%20inventory%20management%20system/Free%20and%20Open%20Source%20inventory%20management%20system.md https://github.com/BigTiger2020/2023/blob/main/XSS.md https://github.com/BigTiger2020/2023/blob/main/best-courier-management-system/best-courier-management-system-reflected%20xss2.md https://github.com/BigTiger2020/74cms-rce/blob/main/README.md +https://github.com/BigTiger2020/BloodX-CMS/blob/main/README.md https://github.com/BigTiger2020/Seat-Reservation-System https://github.com/BigTiger2020/Victor-CMS-/blob/main/README.md +https://github.com/Bixie/pagekit-portfolio/issues/44 https://github.com/BlackCatDevelopment/BlackCatCMS/issues/373 https://github.com/BlackCatDevelopment/BlackCatCMS/issues/389 +https://github.com/BlackFan/client-side-prototype-pollution/blob/master/pp/backbone-qp.md +https://github.com/BlackFan/client-side-prototype-pollution/blob/master/pp/jquery-bbq.md https://github.com/BlackFan/client-side-prototype-pollution/blob/master/pp/jquery-deparam.md +https://github.com/BlackFan/client-side-prototype-pollution/blob/master/pp/jquery-query-object.md +https://github.com/BlackFan/client-side-prototype-pollution/blob/master/pp/jquery-sparkle.md https://github.com/BlackFan/client-side-prototype-pollution/blob/master/pp/mootools-more.md +https://github.com/BlackFan/client-side-prototype-pollution/blob/master/pp/purl.md https://github.com/Blck4/blck4/blob/master/Gxlcms%20POC.php https://github.com/BloodHoundAD/BloodHound/issues/267 https://github.com/BloodHoundAD/BloodHound/issues/338 @@ -113170,6 +113804,8 @@ https://github.com/Bo0oM/CVE-2017-5124 https://github.com/BobTheShoplifter/CVE-2023-52251-POC https://github.com/Bobjones7/cve/blob/main/sql.md https://github.com/Bonfee/CVE-2022-25636 +https://github.com/Boomingjacob/ZZCMS2021#readme +https://github.com/Boyan-MILANOV/ropium/issues/32 https://github.com/BreakALegCml/try/blob/main/SinSiuEnterpriseWebsiteSystem https://github.com/BretMcDanel/CVE/blob/main/CVE-2023-25366.md https://github.com/BretMcDanel/CVE/blob/main/CVE-2023-25367.md @@ -113181,6 +113817,27 @@ https://github.com/BrunoTeixeira1996/CVE-2023-36250/blob/main/README.md https://github.com/Bubka/2FAuth/security/advisories/GHSA-cwhq-2mcq-pp9q https://github.com/Budibase/budibase/security/advisories/GHSA-9xg2-9mcv-985p https://github.com/BugBountyHunterCVE/CVE-2023-40280/blob/main/CVE-2023-40280_Authenticated-Directory-Path-Traversal_OpenClinic-GA_5.247.01_Report.md +https://github.com/BurakSevben/2024_Math_Game_XSS +https://github.com/BurakSevben/2024_Online_Food_Menu_XSS/ +https://github.com/BurakSevben/2024_Product_Inventory_with_Export_to_Excel_XSS/ +https://github.com/BurakSevben/CVEs/blob/main/Barangay%20Population%20Monitoring%20System/Barangay%20Population%20System%20-%20XSS-1.md +https://github.com/BurakSevben/CVEs/blob/main/Barangay%20Population%20Monitoring%20System/Barangay%20Population%20System%20-%20XSS-2.md +https://github.com/BurakSevben/CVEs/blob/main/Budget%20Management%20App/Budget%20Management%20App%20-%20SQL%20Injection%20-%201.md +https://github.com/BurakSevben/CVEs/blob/main/Directory%20Management%20System/Directory%20Management%20System%20-%20Cross-Site-Scripting%20-%201.md +https://github.com/BurakSevben/CVEs/blob/main/Directory%20Management%20System/Directory%20Management%20System%20-%20Cross-Site-Scripting%20-%202.md +https://github.com/BurakSevben/CVEs/blob/main/Directory%20Management%20System/Directory%20Management%20System%20-%20SQL%20Injection%20-%201.md +https://github.com/BurakSevben/CVEs/blob/main/Electricity%20Consumption%20Monitoring%20Tool/Electricity%20Consumption%20Monitoring%20Tool%20-%20SQL%20Injection.md +https://github.com/BurakSevben/CVEs/blob/main/Employee%20Management%20System/Employee%20Managment%20System%20-%20Authentication%20Bypass.md +https://github.com/BurakSevben/CVEs/blob/main/Employee%20Management%20System/Employee%20Managment%20System%20-%20SQL%20Injection%20-%201.md +https://github.com/BurakSevben/CVEs/blob/main/Employee%20Management%20System/Employee%20Managment%20System%20-%20SQL%20Injection%20-%202.md +https://github.com/BurakSevben/CVEs/blob/main/Employee%20Management%20System/Employee%20Managment%20System%20-%20SQL%20Injection%20-%203.md +https://github.com/BurakSevben/CVEs/blob/main/Event%20Registration%20System/Event%20Registration%20System%20-%20Cross-Site-Scripting%20-%202.md +https://github.com/BurakSevben/CVEs/blob/main/Event%20Registration%20System/Event%20Registration%20System%20-%20SQL%20Injection%20-%201.md +https://github.com/BurakSevben/CVEs/blob/main/Event%20Registration%20System/Event%20Registration%20System%20-%20SQL%20Injection%20-%202.md +https://github.com/BurakSevben/CVEs/blob/main/Event%20Registration%20System/Event%20Registration%20System%20-%20SQL%20Injection%20-%203.md +https://github.com/BurakSevben/CVEs/blob/main/Event%20Registration%20System/Event%20Registration%20System%20-%20SQL%20Injection%20-%204.md +https://github.com/BurakSevben/CVEs/blob/main/House%20Rental%20Management%20System/House%20Rental%20Management%20System%20-%20Authentication%20Bypass.md +https://github.com/BurakSevben/CVEs/blob/main/House%20Rental%20Management%20System/House%20Rental%20Management%20System%20-%20SQL%20Injection%20-%202.md https://github.com/BurakSevben/CVEs/blob/main/Interactive%20Map%20App/Interactive%20Map%20App%20-%20Cross-Site-Scripting.md https://github.com/BurakSevben/CVEs/blob/main/Interactive%20Map%20App/Interactive%20Map%20App%20-%20SQL%20Injection.md https://github.com/BurakSevben/CVEs/blob/main/News%20Portal/News%20Portal%20-%20SQL%20Injection%20-%203.md @@ -113190,14 +113847,40 @@ https://github.com/BurakSevben/CVEs/blob/main/Online%20Book%20System/Online%20Bo https://github.com/BurakSevben/CVEs/blob/main/Online%20Book%20System/Online%20Book%20System-%20SQL%20Injection%20-%203.md https://github.com/BurakSevben/CVEs/blob/main/Online%20Book%20System/Online%20Book%20System-%20SQL%20Injection%20-%204.md https://github.com/BurakSevben/CVEs/blob/main/Online%20Book%20System/Online%20Book%20System-%20SQL%20Injection%20-%205.md +https://github.com/BurakSevben/CVEs/blob/main/Online%20Course%20Registration%20System/Online%20Course%20Registration%20System%20-%20Authentication%20Bypass.md +https://github.com/BurakSevben/CVEs/blob/main/Online%20Course%20Registration%20System/Online%20Course%20Registration%20System%20-%20SQL%20Injection%20-%202%20(Unauthenticated).md +https://github.com/BurakSevben/CVEs/blob/main/Online%20Course%20Registration%20System/Online%20Course%20Registration%20System%20-%20SQL%20Injection%20-%203%20(Unauthenticated).md +https://github.com/BurakSevben/CVEs/blob/main/Online%20Course%20Registration%20System/Online%20Course%20Registration%20System%20-%20SQL%20Injection%20-%204.md +https://github.com/BurakSevben/CVEs/blob/main/Online%20Medicine%20Ordering%20System/OMOS%20-%20SQL%20Injection(Unauthenticated).md +https://github.com/BurakSevben/CVEs/blob/main/Product%20Rating%20System/CVE-2024-2553%20-%20Product%20Rating%20System%20-%20Cross-Site-Scripting.md https://github.com/BurakSevben/CVEs/blob/main/QR%20Code%20Bookmark%20System/QR%20Code%20Bookmark%20System%20-%20SQL%20Injection.md +https://github.com/BurakSevben/CVEs/blob/main/Simple%20Admin%20Panel%20App/Simple%20Admin%20Panel%20App%20-%20Cross-Site-Scripting%20-%202.md +https://github.com/BurakSevben/CVEs/blob/main/Simple%20Admin%20Panel%20App/Simple%20Admin%20Panel%20App%20-%20SQL%20Injection.md https://github.com/BurakSevben/CVEs/blob/main/Simple%20Chat%20App/Simple%20Chat%20App%20-%20Cross-Site-Scripting-1.md https://github.com/BurakSevben/CVEs/blob/main/Simple%20Chat%20App/Simple%20Chat%20App%20-%20Cross-Site-Scripting-2.md https://github.com/BurakSevben/CVEs/blob/main/Simple%20Chat%20App/Simple%20Chat%20App%20-%20SQL%20Injection%20-%201.md https://github.com/BurakSevben/CVEs/blob/main/Simple%20Chat%20App/Simple%20Chat%20App%20-%20SQL%20Injection%20-%202.md +https://github.com/BurakSevben/CVEs/blob/main/Simple%20Expense%20Tracker/Simple%20Expense%20Tracker%20-%20SQL%20Injection-2.md https://github.com/BurakSevben/CVEs/blob/main/Student%20Record%20System%203.20/Student%20Record%20System%20-%20Authentication%20Bypass.md https://github.com/BurakSevben/CVEs/blob/main/Student%20Record%20System%203.20/Student%20Record%20System%20-%20SQL%20Injection%20-%203.md https://github.com/BurakSevben/CVEs/blob/main/Student%20Record%20System%203.20/Student%20Record%20System%20-%20SQL%20Injection%20-%204.md +https://github.com/BurakSevben/CVEs/blob/main/Supplier%20Managment%20System/Supplier%20Managment%20System%20-%20SQL%20Injection.md +https://github.com/BurakSevben/CVEs/blob/main/Task%20Manager%20App/Task%20Manager%20App%20-%20Cross-Site-Scripting%20-%202.md +https://github.com/BurakSevben/CVEs/blob/main/Task%20Manager%20App/Task%20Manager%20App%20-%20Cross-Site-Scripting%20-1.md +https://github.com/BurakSevben/CVEs/blob/main/Task%20Manager%20App/Task%20Manager%20App%20-%20Cross-Site-Scripting%20-3.md +https://github.com/BurakSevben/CVEs/blob/main/Task%20Manager%20App/Task%20Manager%20App%20-%20SQL%20Injection%20-%201.md +https://github.com/BurakSevben/CVEs/blob/main/To%20Do%20List%20App/To%20Do%20List%20App%20-%20Cross-Site-Scripting.md +https://github.com/BurakSevben/CVEs/blob/main/To%20Do%20List%20App/To%20Do%20List%20App%20-%20SQL%20Injection.md +https://github.com/BurakSevben/Daily_Habit_Tracker_App_SQL_Injection +https://github.com/BurakSevben/Login_System_with_Email_Verification_SQL_Injection/ +https://github.com/BurakSevben/School-Task-Manager-SQL-Injection-2 +https://github.com/BurakSevben/School-Task-Manager-System-SQLi-1 +https://github.com/By-Yexing/Vulnerability_JAVA/blob/main/2024/springboot-manager.md#11-stored-cross-site-scripting-sysuser +https://github.com/By-Yexing/Vulnerability_JAVA/blob/main/2024/springboot-manager.md#12-stored-cross-site-scripting-sysrole +https://github.com/By-Yexing/Vulnerability_JAVA/blob/main/2024/springboot-manager.md#2-file-upload-vulnerability +https://github.com/Byron/gitoxide/security/advisories/GHSA-49jc-r788-3fc9 +https://github.com/Byron/gitoxide/security/advisories/GHSA-7w47-3wg8-547c +https://github.com/Byron/gitoxide/security/advisories/GHSA-98p4-xjmm-8mfh https://github.com/ByteHackr/389-ds-base https://github.com/ByteHackr/unzip_poc https://github.com/C0der1iu/Nexusphppoc/blob/master/xss2.txt @@ -113233,24 +113916,31 @@ https://github.com/CPSeek/Router-vuls/blob/main/Tenda/W20E/formIPMacBindDel.md https://github.com/CPSeek/Router-vuls/blob/main/Tenda/W20E/formSetPortMapping.md https://github.com/CPSeek/Router-vuls/blob/main/Tenda/W20E/setDebugCfg.md https://github.com/CQURE/CVEs/blob/main/CVE-2023-37607/README.md +https://github.com/CQURE/CVEs/tree/main/CVE-2023-37608 https://github.com/CTurt/shogihax https://github.com/Cacti/cacti/issues/1057 https://github.com/Cacti/cacti/issues/1071 https://github.com/Cacti/cacti/issues/1882 https://github.com/Cacti/cacti/security/advisories/GHSA-24w4-4hp2-3j8h +https://github.com/Cacti/cacti/security/advisories/GHSA-37x7-mfjv-mm7m https://github.com/Cacti/cacti/security/advisories/GHSA-4pjv-rmrp-r59x https://github.com/Cacti/cacti/security/advisories/GHSA-5hpr-4hhc-8q42 https://github.com/Cacti/cacti/security/advisories/GHSA-6hrc-2cfc-8hm7 https://github.com/Cacti/cacti/security/advisories/GHSA-6jhp-mgqg-fhqg https://github.com/Cacti/cacti/security/advisories/GHSA-6r43-q2fw-5wrg https://github.com/Cacti/cacti/security/advisories/GHSA-77rf-774j-6h3p +https://github.com/Cacti/cacti/security/advisories/GHSA-7cmj-g5qc-pj88 https://github.com/Cacti/cacti/security/advisories/GHSA-9fj7-8f2j-2rw2 +https://github.com/Cacti/cacti/security/advisories/GHSA-9m3v-whmr-pc2q +https://github.com/Cacti/cacti/security/advisories/GHSA-cr28-x256-xf5m https://github.com/Cacti/cacti/security/advisories/GHSA-cx8g-hvq8-p2rv https://github.com/Cacti/cacti/security/advisories/GHSA-g6ff-58cj-x3cp https://github.com/Cacti/cacti/security/advisories/GHSA-gj3f-p326-gh8r https://github.com/Cacti/cacti/security/advisories/GHSA-gj95-7xr8-9p7g +https://github.com/Cacti/cacti/security/advisories/GHSA-grj5-8fcj-34gh https://github.com/Cacti/cacti/security/advisories/GHSA-gx8c-xvjh-9qh4 https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h +https://github.com/Cacti/cacti/security/advisories/GHSA-j868-7vjp-rp9h https://github.com/Cacti/cacti/security/advisories/GHSA-jrxg-8wh8-943x https://github.com/Cacti/cacti/security/advisories/GHSA-p4ch-7hjw-6m87 https://github.com/Cacti/cacti/security/advisories/GHSA-q4wh-3f9w-836h @@ -113284,6 +113974,9 @@ https://github.com/CapgeminiCisRedTeam/Disclosure/blob/main/CVE%20PoC/CVE-ID%20% https://github.com/CapgeminiCisRedTeam/Disclosure/blob/main/CVE%20PoC/CVE-ID%20%7C%20RealGimm%20-%20SQL%20Injection(1).md https://github.com/CapgeminiCisRedTeam/Disclosure/blob/main/CVE%20PoC/CVE-ID%20%7C%20RealGimm%20-%20Stored%20Cross-site%20Scripting.md https://github.com/CapgeminiCisRedTeam/Disclosure/blob/main/CVE%20PoC/CVE-ID%20%7C%20RealGimm%20-%20XML%20External%20Entity%20Injection.md +https://github.com/Carl0724/cms/blob/main/1.md +https://github.com/Carl0724/cms/blob/main/2.md +https://github.com/Carl0724/cms/blob/main/3.md https://github.com/Carol7S/cve/blob/main/rce.md https://github.com/CauldronDevelopmentLLC/cbang/issues/115 https://github.com/Cedric1314/CVE-2022-44870/blob/main/README.md @@ -113299,17 +113992,27 @@ https://github.com/Cherry-toto/jizhicms/issues/76 https://github.com/Cherry-toto/jizhicms/issues/77 https://github.com/Cherry-toto/jizhicms/issues/85 https://github.com/ChijinZ/security_advisories/tree/master/webkitgtk-2.36.0 +https://github.com/Chocapikk/CVE-2024-25600 https://github.com/Chocapikk/CVE-2024-31819 https://github.com/ChrisL0tus/CVE-2023-34924 https://github.com/ChurchCRM/CRM/issues/5477 https://github.com/ChurchCRM/CRM/issues/6450 https://github.com/ChurchCRM/CRM/issues/6471 https://github.com/ChurchCRM/CRM/issues/6474 +https://github.com/ChurchCRM/CRM/issues/6849 +https://github.com/ChurchCRM/CRM/issues/6851 +https://github.com/ChurchCRM/CRM/issues/6853 +https://github.com/ChurchCRM/CRM/issues/6854 +https://github.com/ChurchCRM/CRM/issues/6856 +https://github.com/ChurchCRM/CRM/issues/6858 https://github.com/Ciber-Mike/BigTree_CMS-Stored_XSS-Developer_Settings/blob/main/README.md https://github.com/CleverStupidDog/yf-exam/issues/2 +https://github.com/ClickHouse/ClickHouse/security/advisories/GHSA-45h5-f7g3-gr8r https://github.com/ClipperCMS/ClipperCMS/issues/487 https://github.com/ClipperCMS/ClipperCMS/issues/488 +https://github.com/ClipperCMS/ClipperCMS/issues/489 https://github.com/ClipperCMS/ClipperCMS/issues/494 +https://github.com/CloudWise-OpenSource/FlyFish/issues/191 https://github.com/CoColizdf/CVE/issues/1 https://github.com/CoColizdf/CVE/issues/2 https://github.com/Codiad/Codiad/issues/1122 @@ -113322,8 +114025,15 @@ https://github.com/Contrast-Security-OSS/yamlbeans/blob/main/SECURITY.md https://github.com/Cossack9989/Vulns/blob/master/IoT/CVE-2020-14473.md https://github.com/Cotonti/Cotonti/issues/1660 https://github.com/Cotonti/Cotonti/issues/1661 +https://github.com/CpyRe/I-Find-CVE-2024/blob/main/BLUDIT%20Stored%20XSS.md +https://github.com/CpyRe/I-Find-CVE-2024/blob/main/REDAXO%20RCE.md +https://github.com/Creatiwity/wityCMS/issues/153 +https://github.com/CrownZTX/storedXSS +https://github.com/CrownZTX/vulnerabilities/blob/main/fudforum/stored_xss_in_admsql.md https://github.com/CrownZTX/vulnerabilities/blob/main/geeklog/Stored_XSS_in_group.php.md https://github.com/CrownZTX/vulnerabilities/blob/main/geeklog/reflected_XSS_in_editservice.md +https://github.com/CrownZTX/vulnerabilities/blob/main/htmly/stored_xss_in_Menueditor.md +https://github.com/CrownZTX/vulnerabilities/blob/main/pescms/stored_xss.md https://github.com/Crypt0Cr33py/monicahqvuln https://github.com/Cubi123123123/cve/blob/main/NS-ASG-sql-list_onlineuser.md https://github.com/CunningLogic/PixelDump_CVE-2016-8462 @@ -113338,6 +114048,7 @@ https://github.com/CuppaCMS/CuppaCMS/issues/30 https://github.com/CuppaCMS/CuppaCMS/issues/31 https://github.com/CuppaCMS/CuppaCMS/issues/33 https://github.com/CuppaCMS/CuppaCMS/issues/34 +https://github.com/CuppaCMS/CuppaCMS/issues/4 https://github.com/CuppaCMS/CuppaCMS/issues/7 https://github.com/Cutegod/CMS_0_day/issues/2 https://github.com/CveSecLook/cve/issues/1 @@ -113346,10 +114057,15 @@ https://github.com/CveSecLook/cve/issues/11 https://github.com/CveSecLook/cve/issues/16 https://github.com/CveSecLook/cve/issues/17 https://github.com/CveSecLook/cve/issues/19 +https://github.com/CveSecLook/cve/issues/20 https://github.com/CveSecLook/cve/issues/26 https://github.com/CveSecLook/cve/issues/27 https://github.com/CveSecLook/cve/issues/29 +https://github.com/CveSecLook/cve/issues/3 https://github.com/CveSecLook/cve/issues/30 +https://github.com/CveSecLook/cve/issues/32 +https://github.com/CveSecLook/cve/issues/38 +https://github.com/CveSecLook/cve/issues/39 https://github.com/CveSecLook/cve/issues/4 https://github.com/CveSecLook/cve/issues/41 https://github.com/CveSecLook/cve/issues/42 @@ -113419,6 +114135,9 @@ https://github.com/CyberThoth/CVE/blob/a203e5c7b3ac88a5a0bc7200324f2b24716e8fc2/ https://github.com/CyberThoth/CVE/blob/eea3090b960da014312f7ad4b09aa58d23966d77/CVE/Simple%20Parking%20Management%20System/Cross%20Site%20Scripting(Refelected)/POC.md https://github.com/CyberThoth/CVE/blob/eea3090b960da014312f7ad4b09aa58d23966d77/CVE/Simple%20Parking%20Management%20System/Cross%20Site%20Scripting(Stored)/POC.md https://github.com/CyberThoth/CVE/blob/main/CVE/Library%20Management%20System%20with%20QR%20code%20Attendance/Cross%20Site%20Scripting(Stored)/POC.md +https://github.com/CycloneDX/cyclonedx-javascript-library/commit/5e5e1e0b9422f47d2de81c7c4064b803a01e7203 +https://github.com/CycloneDX/cyclonedx-javascript-library/pull/1063 +https://github.com/CycloneDX/cyclonedx-javascript-library/security/advisories/GHSA-38gf-rh2w-gmj7 https://github.com/D0neMkj/POC_BSOD/tree/master/2345%20security%20guard/0x00222018 https://github.com/D0neMkj/POC_BSOD/tree/master/2345%20security%20guard/0x00222040 https://github.com/D0neMkj/POC_BSOD/tree/master/2345%20security%20guard/0x00222054 @@ -113486,17 +114205,24 @@ https://github.com/D4rkP0w4r/Musical-World-Unrestricted-File-Upload-RCE-POC https://github.com/D4rkP0w4r/sms-Add_Student-Stored_XSS-POC https://github.com/D4rkP0w4r/sms-Unrestricted-File-Upload-RCE-POC https://github.com/DDizzzy79/Tenda-CVE/blob/main/AC8V4.0/N1/README.md +https://github.com/DDizzzy79/Tenda-CVE/blob/main/AC8V4.0/N2/README.md https://github.com/DDizzzy79/Tenda-CVE/blob/main/AC8V4.0/N3/README.md https://github.com/DDizzzy79/Tenda-CVE/blob/main/AC8V4.0/N4/README.md https://github.com/DDizzzy79/Tenda-CVE/blob/main/AC8V4.0/N5/README.md https://github.com/DDizzzy79/Tenda-CVE/blob/main/AC8V4.0/N6/README.md https://github.com/DDizzzy79/Tenda-CVE/tree/main/AC8V4.0/N1 +https://github.com/DDizzzy79/Tenda-CVE/tree/main/AC8V4.0/N2 https://github.com/DDizzzy79/Tenda-CVE/tree/main/AC8V4.0/N3 +https://github.com/DDizzzy79/Tenda-CVE/tree/main/AC8V4.0/N4 https://github.com/DDizzzy79/Tenda-CVE/tree/main/AC8V4.0/N5 https://github.com/DDizzzy79/Tenda-CVE/tree/main/AC8V4.0/N6 +https://github.com/DEMON1A/Discord-Recon/issues/23 https://github.com/DIPlib/diplib/issues/80 https://github.com/DIYgod/RSSHub/issues/10045 +https://github.com/DIYgod/RSSHub/security/advisories/GHSA-3p3p-cgj7-vgw3 +https://github.com/DMCERTCE/PoC_Tiny_Overflow https://github.com/DaDong-G/Vulnerability_info/blob/main/TOTOLINK/lr350/4/README.md +https://github.com/DaDong-G/Vulnerability_info/tree/main/TOTOLINK/lr350/2 https://github.com/DaisyPo/fuzzing-vulncollect/blob/main/yasm/SEGV/nasm-pp.c:4008%20in%20expand_mmac_params/README.md https://github.com/DaisyPo/fuzzing-vulncollect/files/11343936/poc-file.zip https://github.com/DaisyPo/fuzzing-vulncollect/tree/main/yasm/SEGV/nasm-pp.c:3570%20in%20do_directive @@ -113654,12 +114380,14 @@ https://github.com/DisguisedRoot/Exploit/blob/main/SQLInj/POC https://github.com/Dmitriy-area51/Exploit/tree/master/CVE-2020-24038 https://github.com/Dodge-MPTC/CVE-2023-31445-Unprivileged-Information-Disclosure https://github.com/Dogfalo/materialize/issues/6286 +https://github.com/DogukanUrker/flaskBlog/security/advisories/GHSA-mrcw-j96f-p6v6 https://github.com/DojoSecurity/BMC-Control-M-Unauthenticated-SQL-Injection https://github.com/DojoSecurity/Enterprise-Architect-SQL-Injection https://github.com/Dolibarr/dolibarr/issues/20237 https://github.com/Dolibarr/dolibarr/issues/2857 https://github.com/Dolibarr/dolibarr/issues/4341 https://github.com/Dolibarr/dolibarr/issues/8000 +https://github.com/Dolibarr/dolibarr/security/advisories/GHSA-7947-48q7-cp5m https://github.com/DonnchaC/ubuntu-apport-exploitation https://github.com/Double-q1015/CVE-vulns/blob/main/Tenda/i21/formAddSysLogRule/readme.md https://github.com/Double-q1015/CVE-vulns/blob/main/Tenda/i21/formSetDiagnoseInfo/readme.md @@ -113700,8 +114428,10 @@ https://github.com/Double-q1015/CVE-vulns/blob/main/totolink_t8/recvSlaveCloudCh https://github.com/Double-q1015/CVE-vulns/blob/main/totolink_t8/recvSlaveCloudCheckStatus_version/recvSlaveCloudCheckStatus.md https://github.com/DoubleLabyrinth/SdoKeyCrypt-sys-local-privilege-elevation https://github.com/Doufox/Doufox/issues/7 +https://github.com/DownWithUp/CVE-2018-15499 https://github.com/DozerMapper/dozer/issues/217 https://github.com/DreyAnd/maian-cart-rce +https://github.com/DriverUnload/cve-2024-25423 https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-10092-Limited%20Cross-Site%20Scripting%20in%20mod_proxy%20Error%20Page-Apache%20httpd https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-11287-DoS%20via%20Heap%20Overflow-RabbitMQ%20Web%20Management%20Plugin https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-12401-XML%20Bomb-Apache%20Solr @@ -113725,9 +114455,17 @@ https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2020-14029-XXE-Ozek https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2020-14030-RCE%20via%20.NET%20Deserialization-Ozeki%20SMS%20Gateway https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2020-14031-Arbitary%20File%20Delete-Ozeki%20SMS%20Gateway https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2021-42558-Multiple%20XSS-MITRE%20Caldera +https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2021-42559-Command%20Injection%20Via%20Configurations-MITRE%20Caldera https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2021-42560-Unsafe%20XML%20Parsing-MITRE%20Caldera https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2021-42561-Command%20Injection%20Via%20the%20Human%20Plugin-MITRE%20Caldera https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2021-42562-Improper%20Access%20Control-MITRE%20Caldera +https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2021-46361-FreeMarker%20Bypass-Magnolia%20CMS +https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2021-46362-Unauthenticated%20SSTI-Magnolia%20CMS +https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2021-46363-Formula%20Injection-Magnolia%20CMS +https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2021-46364-YAML%20Deserialization-Magnolia%20CMS +https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2021-46365-Unsafe%20XML%20Parsing-Magnolia%20CMS +https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2021-46366-CSRF%2BOpen%20Redirect-Magnolia%20CMS +https://github.com/Durian1546/vul/blob/main/webray.com.cn/Modbus%20Poll/Modbus%20Poll%20(version%209.10.0%20and%20earlier)%20mbp%20file%20has%20a%20buffer%20overflow%20vulnerability.md https://github.com/Durian1546/vul/blob/main/webray.com.cn/Modbus%20Poll/poc/poc.mbp https://github.com/Durian1546/vul/blob/main/webray.com.cn/Modbus%20Slave/Modbus%20Slave%20(version%207.5.1%20and%20earlier)%20mbs%20file%20has%20a%20buffer%20overflow%20vulnerability.md https://github.com/Durian1546/vul/blob/main/webray.com.cn/Modbus%20Slave/poc/poc.mbs @@ -113743,16 +114481,27 @@ https://github.com/Dyrandy/BugBounty/blob/main/pms/cve-2022-32402.md https://github.com/Dyrandy/BugBounty/blob/main/pms/cve-2022-32404.md https://github.com/Dyrandy/BugBounty/blob/main/pms/cve-2022-32405.md https://github.com/E1tex/CVE-2023-48104 +https://github.com/ELIZEUOPAIN/CVE-2024-24034/tree/main +https://github.com/EQSTLab/PoC/tree/main/2024/LCE/CVE-2024-25293 +https://github.com/EQSTLab/PoC/tree/main/2024/RCE/CVE-2024-22891 +https://github.com/EQSTLab/PoC/tree/main/2024/XSS/CVE-2024-25503 https://github.com/EagleTube/CloudPanel +https://github.com/Echox1/metinfo_csrf/issues/1 +https://github.com/Edgarloyola/CVE-2021-36563 +https://github.com/Edgarloyola/CVE-2021-40904 +https://github.com/Edgarloyola/CVE-2021-40906 https://github.com/Edubr2020/RP_DCP_Code_Exec https://github.com/Edubr2020/RP_Import_RCE https://github.com/Edubr2020/RealPlayer_G2_RCE +https://github.com/Edward-L/fuzzing-pocs/tree/master/liblouis https://github.com/Edward-L/fuzzing-pocs/tree/master/md4c +https://github.com/Edward-L/fuzzing-pocs/tree/master/ngiflib https://github.com/ElberTavares/routers-exploit/tree/master/tp-link https://github.com/Elias-Black/Landing-CMS/issues/8 https://github.com/Elvin9/NotSecDrv/blob/master/README.md https://github.com/Elvin9/SecDrvPoolLeak/blob/master/README.md https://github.com/Emilytutu/IoT-vulnerable/blob/main/Tenda/AC18/setSchedWifi_end.md +https://github.com/EmreOvunc/CyBroHttpServer-v1.0.3-Reflected-XSS https://github.com/EmreOvunc/FHEM-6.0-Local-File-Inclusion-LFI-Vulnerability https://github.com/EmreOvunc/FileRun-Vulnerabilities/ https://github.com/EmreOvunc/FileRun-Vulnerabilities/issues/3 @@ -113770,6 +114519,7 @@ https://github.com/Erebua/CVE/blob/main/N300_BR-6428nS%20V4/4/Readme.md https://github.com/Ers4tz/vuln/blob/master/74cms_5.2.8_SQLI.md https://github.com/Ers4tz/vuln/blob/master/qibosoft/qibosoft_v7_remote_code_execution.md https://github.com/Ettercap/ettercap/issues/782 +https://github.com/Exafunction/codeium-chrome/security/advisories/GHSA-8c7j-2h97-q63p https://github.com/Exiv2/exiv2/commit/a82098f4f90cd86297131b5663c3dec6a34470e8 https://github.com/Exiv2/exiv2/commit/e884a0955359107f4031c74a07406df7e99929a5 https://github.com/Exiv2/exiv2/issues/1011 @@ -113777,16 +114527,25 @@ https://github.com/Exiv2/exiv2/issues/1019 https://github.com/Exiv2/exiv2/issues/187 https://github.com/Exiv2/exiv2/issues/188 https://github.com/Exiv2/exiv2/issues/202 +https://github.com/Exiv2/exiv2/issues/216 https://github.com/Exiv2/exiv2/issues/246 https://github.com/Exiv2/exiv2/issues/247 https://github.com/Exiv2/exiv2/issues/262 https://github.com/Exiv2/exiv2/issues/263 +https://github.com/Exiv2/exiv2/issues/302 +https://github.com/Exiv2/exiv2/issues/303 +https://github.com/Exiv2/exiv2/issues/306 https://github.com/Exiv2/exiv2/issues/307 https://github.com/Exiv2/exiv2/issues/365 https://github.com/Exiv2/exiv2/issues/366 https://github.com/Exiv2/exiv2/issues/378 +https://github.com/Exiv2/exiv2/issues/400 https://github.com/Exiv2/exiv2/issues/428 +https://github.com/Exiv2/exiv2/issues/457 +https://github.com/Exiv2/exiv2/issues/460 +https://github.com/Exiv2/exiv2/issues/511 https://github.com/Exiv2/exiv2/issues/561 +https://github.com/Exiv2/exiv2/issues/590 https://github.com/Exiv2/exiv2/issues/711 https://github.com/Exiv2/exiv2/issues/712 https://github.com/Exiv2/exiv2/issues/741 @@ -113807,7 +114566,9 @@ https://github.com/Exiv2/exiv2/issues/954 https://github.com/Exiv2/exiv2/issues/960 https://github.com/Exiv2/exiv2/issues/980 https://github.com/Exiv2/exiv2/pull/1536 +https://github.com/Exiv2/exiv2/pull/1627 https://github.com/Exiv2/exiv2/pull/1657 +https://github.com/Exiv2/exiv2/pull/1790 https://github.com/Exiv2/exiv2/pull/518 https://github.com/Exiv2/exiv2/security/policy https://github.com/Exopteron/BiblioRCE @@ -113831,6 +114592,7 @@ https://github.com/FFmpeg/FFmpeg/commit/e724bd1dd9efea3abb8586d6644ec07694afceae https://github.com/FFmpeg/FFmpeg/commit/f31fc4755f69ab26bf6e8be47875b7dcede8e29e https://github.com/FGasper/p5-Crypt-Perl/issues/14 https://github.com/FLIF-hub/FLIF/issues/501 +https://github.com/FLIF-hub/FLIF/issues/503 https://github.com/FLIF-hub/FLIF/issues/541 https://github.com/FRRouting/frr/issues/11698 https://github.com/FRRouting/frr/issues/13098 @@ -113839,13 +114601,19 @@ https://github.com/Fanli2012/nbnbk/issues/5 https://github.com/FasterXML/jackson-databind/issues/2462 https://github.com/FasterXML/jackson-databind/issues/3972 https://github.com/FeMiner/wms/issues/12 +https://github.com/FeMiner/wms/issues/14 https://github.com/FedericoHeichou/DSL-N14U-XSS +https://github.com/Fewword/Poc/blob/main/webid/webid-poc14.md https://github.com/FireFart/HashCollision-DOS-POC/blob/master/HashtablePOC.py https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/fromNatStaticSetting/report.md https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/fromP2pListFilter/report.md +https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/fromRouteStatic/report.md https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/fromSafeMacFilter/report.md https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/fromqossetting/report.md https://github.com/FirmRec/IoT-Vulns/tree/main/tenda/saveParentControlInfo +https://github.com/FirstLIF/cms/blob/main/1.md +https://github.com/FirstLIF/cms/blob/main/2.md +https://github.com/Fishkey1/cms/commit/e9d294951ab2dd85709f1d12ad4747f25d326b1b https://github.com/FiyoCMS/FiyoCMS/issues/10 https://github.com/FiyoCMS/FiyoCMS/issues/11 https://github.com/FiyoCMS/FiyoCMS/issues/7 @@ -113854,6 +114622,7 @@ https://github.com/FlameNET/FlameCMS/issues/26 https://github.com/Flask-Middleware/flask-security/security/advisories/GHSA-6qmf-fj6m-686c https://github.com/FlaviuPopescu/CVE-2022-28986 https://github.com/FlaviuPopescu/Spigit-PoC +https://github.com/Fluorohydride/ygopro/issues/2314 https://github.com/Foddy/node-red-contrib-huemagic/issues/217 https://github.com/Fovker8/cve/blob/main/rce.md https://github.com/Frank-Z7/z-vulnerabilitys/blob/main/covid-19-vaccination-poc/covid-19-vaccination.md @@ -113865,9 +114634,11 @@ https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-c6vw-92h9-5w9v https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-gc34-mw6m-g42x https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-hg53-9j9h-3c8f https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-hm8c-rcjg-c8qp +https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-hvwj-vmg6-2f5h https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-pwf9-v5p9-ch4f https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q5v5-qhj5-mh6m https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q9x9-cqjc-rgwq +https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rjhp-44rv-7v59 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rrrv-3w42-pffh https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-whwr-qcf2-2mvj https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-x3x5-r7jm-5pq2 @@ -113875,19 +114646,24 @@ https://github.com/FreeTAKTeam/UI/issues/27 https://github.com/FreshRSS/FreshRSS/security/advisories/GHSA-8vvv-jxg6-8578 https://github.com/FreySolarEye/CVE/blob/master/Battle%20Net%20Launcher%20Local%20Privilege%20Escalation https://github.com/FreySolarEye/CVE/blob/master/Guild%20Wars%202%20-%20Local%20Privilege%20Escalation +https://github.com/FreySolarEye/CVE/blob/master/Mara%20CMS%207.5%20-%20Cross%20Site%20Scripting https://github.com/Frichetten/CVE-2019-5736-PoC https://github.com/Frichetten/CVE-2020-11108-PoC +https://github.com/FriendsOfSymfony1/symfony1/security/advisories/GHSA-pv9j-c53q-h433 +https://github.com/FriendsOfSymfony1/symfony1/security/advisories/GHSA-wjv8-pxr6-5f4r https://github.com/FrontAccountingERP/FA/issues/37 https://github.com/FrontAccountingERP/FA/issues/38 https://github.com/Funcy33/Vluninfo_Repo/tree/main/CNVDs/104 https://github.com/Funcy33/Vluninfo_Repo/tree/main/CNVDs/113_1 https://github.com/Funcy33/Vluninfo_Repo/tree/main/CNVDs/113_2 +https://github.com/Funcy33/Vluninfo_Repo/tree/main/CNVDs/AC6/205_1 https://github.com/Future-Depth/IMS/issues/1 https://github.com/Future-Depth/IMS/issues/2 https://github.com/Fysac/CVE-2019-20326 https://github.com/G37SYS73M/Advisory_G37SYS73M/blob/main/CVE-2022-36193/POC.md https://github.com/G37SYS73M/CVE-2023-27742 https://github.com/GAO-UNO/cve/blob/main/sql.md +https://github.com/GAO-UNO/cve/blob/main/sql2.md https://github.com/GD008/TENDA/blob/main/AX3/tenda_AX3_setBlackRule/AX3-setBlackRule.md https://github.com/GD008/TENDA/blob/main/M3/cookie/M3_cookie.md https://github.com/GD008/TENDA/blob/main/M3/delWlPolicyData/M3_delWlPolicyData.md @@ -113907,14 +114683,22 @@ https://github.com/GD008/TENDA/blob/main/w30e/tenda_w30e_setFixTools/w30e_setFix https://github.com/GD008/TENDA/blob/main/w30e/tenda_w30e_setIPv6Status/w30e_setIPv6Status.md https://github.com/GENIVI/dlt-daemon/issues/274 https://github.com/GUIqizsq/cve/blob/main/upload_1.md +https://github.com/GURJOTEXPERT/ritecms https://github.com/Galapag0s/Trendnet_TW100-S4W1CA/blob/main/writeup_XSS.txt https://github.com/Gallopsled/pwntools/issues/1427 +https://github.com/GeoNode/geonode/security/advisories/GHSA-mcmc-c59m-pqq8 +https://github.com/GetSimpleCMS/GetSimpleCMS/issues/1293 https://github.com/GetSimpleCMS/GetSimpleCMS/issues/1295 +https://github.com/Geta/NestedObjectAssign/pull/11 +https://github.com/Ghostfox2003/cms/blob/main/1.md https://github.com/Gi0rgi0R/xss_frontend_settings_blackcat_cms_1.4.1 https://github.com/Gi0rgi0R/xss_installation_blackcat_cms_1.4.1 https://github.com/GilaCMS/gila/issues/51 +https://github.com/GilaCMS/gila/issues/52 https://github.com/GilaCMS/gila/issues/57 +https://github.com/GitHaaH/issue/blob/master/Niushop.md https://github.com/GleamingEyes/vul/blob/main/tenda_ac8/ac8_1.md +https://github.com/GloBee-Official/woocommerce-payment-api-plugin/issues/3 https://github.com/Gnoxter/mountain_goat https://github.com/GodEpic/JuQingCMS/issues/1 https://github.com/GodEpic/Vulnerability-detection/blob/master/feifeicms/FeiFeiCMS_4.1_csrf.doc @@ -113923,13 +114707,20 @@ https://github.com/GodEpic/chaojicms/issues/3 https://github.com/GodEpic/chaojicms/issues/5 https://github.com/GodEpic/chaojicms/issues/6 https://github.com/Godfather-onec/cve/blob/main/sql.md +https://github.com/Gr-1m/cms/blob/main/1.md +https://github.com/Gr-1m/cms/blob/main/2.md https://github.com/Graylog2/graylog2-server/security/advisories/GHSA-3fqm-frhg-7c85 https://github.com/Graylog2/graylog2-server/security/advisories/GHSA-g96c-x7rh-99r3 +https://github.com/Graylog2/graylog2-server/security/advisories/GHSA-p6gg-5hf4-4rgj https://github.com/GreenCMS/GreenCMS/issues/110 https://github.com/GreenCMS/GreenCMS/issues/114 https://github.com/GreenCMS/GreenCMS/issues/115 https://github.com/GreycLab/CImg/issues/343 +https://github.com/GreycLab/CImg/issues/403 https://github.com/GuillaumePetit84/CVE-2020-35488 +https://github.com/HDFGroup/hdf5/issues/1326 +https://github.com/HDFGroup/hdf5/issues/1327 +https://github.com/HDFGroup/hdf5/issues/2458 https://github.com/HF9/yxcms-code-audit/blob/master/Any%20PHP%20Code%20Execution https://github.com/HH1F/KbaseDoc-v1.0-Arbitrary-file-deletion-vulnerability/blob/main/README.md https://github.com/Ha0Liu/cveAdd/blob/developer/dst-admin%201.5.0%E5%90%8E%E5%8F%B0kickPlayer%E6%8E%A5%E5%8F%A3%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C/Dst-admin%201.5.0%20background%20kickPlayer%20interface%20remote%20command%20execution.md @@ -113949,11 +114740,13 @@ https://github.com/HackAllSec/CVEs/tree/main/Jan%20Arbitrary%20File%20Upload%20v https://github.com/Hackdwerg/CVE-2021-30109/blob/main/README.md https://github.com/HadiMed/KINGSOFT-WPS-Office-LPE https://github.com/HadiMed/firmware-analysis/blob/main/DSL-2750U%20(firmware%20version%201.6)/README.md +https://github.com/Hagrid29/ForeScout-SecureConnector-EoP https://github.com/Hakcoder/Simple-Online-Public-Access-Catalog-OPAC---SQL-injection/blob/main/POC https://github.com/Hanfu-l/POC-Exp/blob/main/The%20Human%20Resource%20Management%20System%20ci%20parameter%20is%20injected.pdf https://github.com/Hanfu-l/POC-Exp/blob/main/The%20Human%20Resource%20Management%20System%20cityedit%20parameter%20is%20injected.pdf https://github.com/Hanfu-l/POC-Exp/blob/main/The%20Human%20Resource%20Management%20System%20sc%20parameter%20is%20injected.pdf https://github.com/Hanfu-l/POC-Exp/blob/main/The%20Human%20Resource%20Management%20System%20searccity%20parameter%20is%20injected.pdf +https://github.com/HaojianWang/cve/issues/1 https://github.com/HaschekSolutions/pictshare/issues/133 https://github.com/Hckwzh/cms/blob/main/12.md https://github.com/Hckwzh/cms/blob/main/13.md @@ -113969,9 +114762,16 @@ https://github.com/Hckwzh/cms/blob/main/22.md https://github.com/Hckwzh/cms/blob/main/23.md https://github.com/Hckwzh/cms/blob/main/24.md https://github.com/Hckwzh/cms/blob/main/25.md +https://github.com/Hebing123/cve/issues/13 +https://github.com/Hebing123/cve/issues/14 +https://github.com/Hebing123/cve/issues/16 +https://github.com/Hebing123/cve/issues/17 +https://github.com/Hebing123/cve/issues/18 https://github.com/Hebing123/cve/issues/2 https://github.com/Hebing123/cve/issues/28 https://github.com/Hebing123/cve/issues/29 +https://github.com/Hebing123/cve/issues/30 +https://github.com/Hebing123/cve/issues/37 https://github.com/Hefei-Coffee/cve/blob/main/csrf.md https://github.com/Hefei-Coffee/cve/blob/main/sql.md https://github.com/Hefei-Coffee/cve/blob/main/sql2.md @@ -113982,16 +114782,33 @@ https://github.com/Hefei-Coffee/cve/blob/main/sql7.md https://github.com/Hefei-Coffee/cve/blob/main/sql8.md https://github.com/Hefei-Coffee/cve/blob/main/upload.md https://github.com/Hefei-Coffee/cve/blob/main/upload2.md +https://github.com/Helson-S/FuzzyTesting/blob/master/ncmdump/dos_FixMetadata/dos_FixMetadata.assets/debug-coredump.png +https://github.com/Helson-S/FuzzyTesting/blob/master/ncmdump/dos_FixMetadata/dos_FixMetadata.md +https://github.com/Helson-S/FuzzyTesting/blob/master/ncmdump/dos_FixMetadata/poc/I1DWE0~U +https://github.com/Helson-S/FuzzyTesting/blob/master/ncmdump/dos_mmExhausted/dos_mmExhausted.assets/image-20240505161831080.png +https://github.com/Helson-S/FuzzyTesting/blob/master/ncmdump/dos_mmExhausted/dos_mmExhausted.md +https://github.com/Helson-S/FuzzyTesting/blob/master/ncmdump/dos_mmExhausted/poc/I7K9QM~F https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/flowPointException-1/flowPointException-1.assets/image-20240420004701828.png https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/flowPointException-1/flowPointException-1.md https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/flowPointException-1/poc/I0I72U~G https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/heap-buffer-overflow-1/heap-buffer-overflow-1.assets/image-20240420005017430.png https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/heap-buffer-overflow-1/heap-buffer-overflow-1.md https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/heap-buffer-overflow-1/poc +https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/heap-buffer-overflow-2/heap-buffer-overflow-2.assets/image-20240420011116818.png +https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/heap-buffer-overflow-2/heap-buffer-overflow-2.md +https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/segmentFault-1/poc/I2ZFI3~5 +https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/segmentFault-1/segmentFault-1.assets/image-20240420011601263.png +https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/segmentFault-1/segmentFault-1.md +https://github.com/Helson-S/FuzzyTesting/tree/master/ncmdump/dos_FixMetadata +https://github.com/Helson-S/FuzzyTesting/tree/master/ncmdump/dos_FixMetadata/poc +https://github.com/Helson-S/FuzzyTesting/tree/master/ncmdump/dos_mmExhausted +https://github.com/Helson-S/FuzzyTesting/tree/master/ncmdump/dos_mmExhausted/poc https://github.com/Helson-S/FuzzyTesting/tree/master/phiola/flowPointException-1 https://github.com/Helson-S/FuzzyTesting/tree/master/phiola/flowPointException-1/poc https://github.com/Helson-S/FuzzyTesting/tree/master/phiola/heap-buffer-overflow-1 https://github.com/Helson-S/FuzzyTesting/tree/master/phiola/heap-buffer-overflow-2 +https://github.com/Helson-S/FuzzyTesting/tree/master/phiola/segmentFault-1 +https://github.com/Helson-S/FuzzyTesting/tree/master/phiola/segmentFault-1/poc https://github.com/HerrLeStrate/CVE-2022-44276-PoC https://github.com/HolaAsuka/CVE/issues/1 https://github.com/HotelsDotCom/styx/security/advisories/GHSA-6v7p-v754-j89v @@ -114002,11 +114819,14 @@ https://github.com/HuangYuHsiangPhone/CVEs/tree/main/TestLink/CVE-2022-35193 https://github.com/HuangYuHsiangPhone/CVEs/tree/main/TestLink/CVE-2022-35194 https://github.com/HuangYuHsiangPhone/CVEs/tree/main/TestLink/CVE-2022-35196 https://github.com/HumanSignal/label-studio/security/advisories/GHSA-6hjj-gq77-j4qw +https://github.com/HumanSignal/label-studio/security/advisories/GHSA-6xv9-957j-qfhg +https://github.com/HumanSignal/label-studio/security/advisories/GHSA-fq23-g58m-799r https://github.com/HumanSignal/label-studio/security/advisories/GHSA-p59w-9gqw-wj8r https://github.com/HumanSignal/label-studio/security/advisories/GHSA-q68h-xwq5-mm7x https://github.com/HuskyHacks/CVE-2021-38699-Reflected-XSS https://github.com/HuskyHacks/CVE-2021-38699-Stored-XSS https://github.com/I-Schnee-I/cev/blob/main/D-LINK-DAR-8000-10_rce_importhtml.md +https://github.com/I-Schnee-I/cev/blob/main/SourceCodester%20Student%20Management%20System%201.0%20controller.php%20Unrestricted%20Upload.md https://github.com/I-Schnee-I/cev/blob/main/upload.md https://github.com/IAIK/wolfSSL-DoS https://github.com/IBAX-io/go-ibax/issues/2060 @@ -114016,7 +114836,11 @@ https://github.com/IBAX-io/go-ibax/issues/2063 https://github.com/INTER-Mediator/INTER-Mediator/issues/772 https://github.com/ISCAS-Vulab/PoC_Nebula-Capsule-Pro-Wifi https://github.com/IbrahimEkimIsik/CVE-2022-28099/blob/main/SQL%20Injection%20For%20Poultry%20Farm%20Management%20system%201.0 +https://github.com/IceWhaleTech/CasaOS-UserService/security/advisories/GHSA-c967-2652-gfjm +https://github.com/IceWhaleTech/CasaOS-UserService/security/advisories/GHSA-h5gf-cmm8-cg7c +https://github.com/IceWhaleTech/CasaOS-UserService/security/advisories/GHSA-hcw2-2r9c-gc6p https://github.com/Ickarah/CVE-2019-25137-Version-Research +https://github.com/Icycu123/X6000R-AX3000-Wifi-6-Giga/blob/main/2/X6000R%20AX3000%20WiFi%206%20Giga%E7%84%A1%E7%B7%9A%E8%B7%AF%E7%94%B1%E5%99%A8%E6%9C%AA%E6%8E%88%E6%9D%83rce.md https://github.com/ImageMagick/ImageMagick/commit/30ccf9a0da1f47161b5935a95be854fe84e6c2a2 https://github.com/ImageMagick/ImageMagick/commit/6ee5059cd3ac8d82714a1ab1321399b88539abf0 https://github.com/ImageMagick/ImageMagick/commit/aa673b2e4defc7cad5bec16c4fc8324f71e531f1 @@ -114024,9 +114848,16 @@ https://github.com/ImageMagick/ImageMagick/issues/1009 https://github.com/ImageMagick/ImageMagick/issues/1020 https://github.com/ImageMagick/ImageMagick/issues/1025 https://github.com/ImageMagick/ImageMagick/issues/1072 +https://github.com/ImageMagick/ImageMagick/issues/1095 https://github.com/ImageMagick/ImageMagick/issues/1149 +https://github.com/ImageMagick/ImageMagick/issues/1156 https://github.com/ImageMagick/ImageMagick/issues/1177 https://github.com/ImageMagick/ImageMagick/issues/1178 +https://github.com/ImageMagick/ImageMagick/issues/1221 +https://github.com/ImageMagick/ImageMagick/issues/1249 +https://github.com/ImageMagick/ImageMagick/issues/1250 +https://github.com/ImageMagick/ImageMagick/issues/1251 +https://github.com/ImageMagick/ImageMagick/issues/1255 https://github.com/ImageMagick/ImageMagick/issues/1335 https://github.com/ImageMagick/ImageMagick/issues/1336 https://github.com/ImageMagick/ImageMagick/issues/1337 @@ -114043,6 +114874,7 @@ https://github.com/ImageMagick/ImageMagick/issues/1641 https://github.com/ImageMagick/ImageMagick/issues/1723 https://github.com/ImageMagick/ImageMagick/issues/1723#issuecomment-718275153 https://github.com/ImageMagick/ImageMagick/issues/1791 +https://github.com/ImageMagick/ImageMagick/issues/1859 https://github.com/ImageMagick/ImageMagick/issues/1895 https://github.com/ImageMagick/ImageMagick/issues/2624 https://github.com/ImageMagick/ImageMagick/issues/298 @@ -114145,6 +114977,10 @@ https://github.com/ImageMagick/ImageMagick/issues/904 https://github.com/ImageMagick/ImageMagick/issues/920 https://github.com/ImageMagick/ImageMagick/issues/921 https://github.com/ImageMagick/ImageMagick/issues/927 +https://github.com/ImageMagick/ImageMagick/issues/928 +https://github.com/ImageMagick/ImageMagick/issues/929 +https://github.com/ImageMagick/ImageMagick/issues/941 +https://github.com/ImageMagick/ImageMagick/issues/973 https://github.com/ImageMagick/ImageMagick/issues/998 https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-j96m-mjp6-99xr https://github.com/ImageMagick/ImageMagick6/commit/1aea203eb36409ce6903b9e41fe7cb70030e8750 @@ -114157,6 +114993,7 @@ https://github.com/Indexhibit/indexhibit/issues/22 https://github.com/InductiveComputerScience/pbJson/issues/2 https://github.com/InitRoot/CVE-2022-23342 https://github.com/IntellectualSites/FastAsyncWorldEdit/security/advisories/GHSA-whj9-m24x-qhhp +https://github.com/Intermesh/groupoffice/security/advisories/GHSA-p7w9-h6c3-wqpp https://github.com/Intermesh/groupoffice/security/advisories/GHSA-vw6c-h82w-mvfv https://github.com/InternationalColorConsortium/DemoIccMAX/issues/54 https://github.com/InternationalColorConsortium/DemoIccMAX/pull/53 @@ -114166,6 +115003,7 @@ https://github.com/IvanCql/vulnerability/blob/master/An%20NULL%20pointer%20deref https://github.com/IvanCql/vulnerability/blob/master/An%20NULL%20pointer%20dereference(DoS)%20Vulnerability%20was%20found%20in%20function%20swri_audio_convert%20of%20ffmpeg%20libswresample.md https://github.com/J3rryBl4nks/CUPSEasyExploits https://github.com/J3rryBl4nks/CandidATS/blob/master/AddAdminUserCSRF.md +https://github.com/J3rryBl4nks/GenixCMS/blob/master/CreateAdminBAC.md https://github.com/J3rryBl4nks/IceHRM/blob/master/AddNewUserCSRF.md https://github.com/J3rryBl4nks/IceHRM/blob/master/ChangeUserPasswordCSRF.md https://github.com/J3rryBl4nks/PHPMyChatPlus/blob/master/SQLi.md @@ -114302,17 +115140,35 @@ https://github.com/JamesIT/vuln-advisories-/blob/master/EE-4GEE-Multiple-Vulns/C https://github.com/JamesIT/vuln-advisories-/blob/master/EE-4GEE-Multiple-Vulns/CSRF/CSRFPocRedirectSMS.html https://github.com/JamesIT/vuln-advisories-/blob/master/EE-4GEE-Multiple-Vulns/CSRF/CSRFPocResetDefaults.html https://github.com/JamesIT/vuln-advisories-/blob/master/EE-4GEE-Multiple-Vulns/CSRF/uploadBinarySettingsCSRFPoC.html +https://github.com/Jas0nwhy/vulnerability/blob/master/Seacmsxss.md +https://github.com/JaxsonWang/WP-Editor.md/issues/275 https://github.com/Jfox816/TOTOLINK-720R/blob/177ee39a5a8557a6bd19586731b0e624548b67ee/totolink%20720%20RCode%20Execution2.md https://github.com/Jfox816/TOTOLINK-720R/blob/fb6ba109ba9c5bd1b0d8e22c88ee14bdc4a75e6b/TOTOLINK%20720%20RCode%20Execution.md +https://github.com/JiaDongGao1/CVE_Hunter/blob/main/SQLi-2.md +https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2020-10262.md +https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2020-10263.md +https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2020-8994.md +https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33818.md +https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33820.md https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33822.md +https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33823.md +https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33824.md +https://github.com/JiangXiaoBaiJia/cve2/blob/main/1.md +https://github.com/JiangXiaoBaiJia/cve2/blob/main/a.png https://github.com/JinYiTong/poc https://github.com/JiuBanSec/CVE/blob/main/VictorCMS%20SQL.md https://github.com/JojoCMS/Jojo-CMS/issues/30 https://github.com/JunFengDeng/Cve-List/blob/main/novel-plus/20231027/vuln/readme.md +https://github.com/Juniper/libslax/issues/50 https://github.com/Juniper/libslax/issues/51 https://github.com/Juniper/libslax/issues/52 +https://github.com/Juniper/libslax/issues/53 +https://github.com/Juunan06/eCommerce/issues/1 +https://github.com/K3ysTr0K3R/CVE-2024-25600-EXPLOIT https://github.com/KINGSABRI/CVE-in-Ruby/tree/master/CVE-2018-0833 +https://github.com/KINGSABRI/CVE-in-Ruby/tree/master/CVE-2018-6574 https://github.com/KPN-CISO/CVE-2019-9745/blob/master/README.md +https://github.com/KakeruJ/CVE/ https://github.com/KamasuOri/publicResearch/tree/master/poc/irfanview/1 https://github.com/KamasuOri/publicResearch/tree/master/poc/irfanview/2 https://github.com/KamasuOri/publicResearch/tree/master/poc/irfanview/3 @@ -114322,15 +115178,20 @@ https://github.com/Kazamayc/vuln/tree/main/TOTOLINK/X5000R/4 https://github.com/Kazamayc/vuln/tree/main/TOTOLINK/X5000R/5 https://github.com/Kenun99/CVE-batdappboomx https://github.com/Keyvanhardani/Exploit-eShop-Multipurpose-Ecommerce-Store-Website-3.0.4-Cross-Site-Scripting-XSS/blob/main/README.md +https://github.com/Khwarezmia/WPS_POC/tree/master/wps_20180122 +https://github.com/Khwarezmia/WPS_POC/tree/master/wps_20180129 https://github.com/KingBridgeSS/Online_Driving_School_Project_In_PHP_With_Source_Code_Vulnerabilities/blob/main/arbitrary_file_upload.md https://github.com/KingBridgeSS/Online_Driving_School_Project_In_PHP_With_Source_Code_Vulnerabilities/blob/main/sql_injection.md https://github.com/Kirin-say/Vulnerabilities/blob/master/CVE-2019-17266_POC.md +https://github.com/Kiss-sh0t/e107_v2.1.9_XSS_poc https://github.com/Kitesky/KiteCMS/issues/1 https://github.com/Kitesky/KiteCMS/issues/10 https://github.com/Kitesky/KiteCMS/issues/3 https://github.com/Kitsun3Sec/exploits/blob/master/cms/ovidentia/exploitSQLIOvidentia.txt https://github.com/Kitsun3Sec/exploits/blob/master/cms/ovidentia/exploitXSSOvidentia.txt +https://github.com/Kliqqi-CMS/Kliqqi-CMS/issues/256 https://github.com/Kliqqi-CMS/Kliqqi-CMS/issues/261 +https://github.com/Kludex/python-multipart/security/advisories/GHSA-2jv5-9r88-3w3p https://github.com/KnowageLabs/Knowage-Server/security/advisories/GHSA-7mjh-73q3-c3fc https://github.com/KnpLabs/snappy/security/advisories/GHSA-92rv-4j2h-8mjj https://github.com/KnpLabs/snappy/security/advisories/GHSA-gq6w-q6wh-jggc @@ -114338,19 +115199,46 @@ https://github.com/Kotti/Kotti/issues/551 https://github.com/Kubozz/rukovoditel-3.2.1/issues/2 https://github.com/Kyhvedn/CVE_Description/blob/master/CVE-2018-7720_Description.md https://github.com/Kyhvedn/CVE_Description/blob/master/Cobub_Razor_0.8.0_SQL_injection_description.md +https://github.com/L1OudFd8cl09/CVE/blob/main/03_06_2024_a.md +https://github.com/L1OudFd8cl09/CVE/blob/main/03_06_2024_b.md +https://github.com/L1OudFd8cl09/CVE/blob/main/07_06_2024_a.md +https://github.com/L1OudFd8cl09/CVE/issues/1 +https://github.com/L1OudFd8cl09/CVE/issues/2 https://github.com/L1ziang/Vulnerability/blob/main/formAddMacfilterRule.md https://github.com/LDAPAccountManager/lam/issues/170 https://github.com/LLK/scratch-vm/pull/2476 https://github.com/LMP88959/NTSC-CRT/issues/32 +https://github.com/Lantern-r/IoT-vuln/blob/main/Tenda/AC18/formexeCommand.md +https://github.com/Lanxiy7th/lx_CVE_report-/issues/10 +https://github.com/Lanxiy7th/lx_CVE_report-/issues/12 +https://github.com/Lanxiy7th/lx_CVE_report-/issues/2 +https://github.com/Lanxiy7th/lx_CVE_report-/issues/3 +https://github.com/Lanxiy7th/lx_CVE_report-/issues/4 +https://github.com/Lanxiy7th/lx_CVE_report-/issues/5 +https://github.com/Lanxiy7th/lx_CVE_report-/issues/6 +https://github.com/Lanxiy7th/lx_CVE_report-/issues/7 +https://github.com/Lanxiy7th/lx_CVE_report-/issues/8 +https://github.com/Lanxiy7th/lx_CVE_report-/issues/9 https://github.com/Le1a/CVE-2022-30040 https://github.com/Le1a/Tenda-AX1803-Denial-of-service https://github.com/Leeyangee/leeya_bug/blob/main/%5BWarning%5DSQL%20Injection%20in%20abupy%20%3C=%20v0.4.0.md +https://github.com/Legrandin/pycryptodome/issues/198 https://github.com/LetUsFsck/PoC-Exploit-Mirror/tree/master/CVE-2017-16944 +https://github.com/LiAoRJ/CVE_Hunter/blob/main/RCE-1.md https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2022-47028/CVE%20detailed.md https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2022-47029/CVE%20detailed.md +https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29725/CVE%20detail.md https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29733/CVE%20detail.md +https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29737/CVE%20detail.md +https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29739/CVE%20detail.md +https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29740/CVE%20detail.md +https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29742/CVE%20detail.md +https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29745/CVE%20detail.md https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29747/CVE%20detail.md +https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29749/CVE%20detailed.md https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29751/CVE%20detailed.md +https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29752/CVE%20detailed.md +https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29757/CVE%20detailed.md https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29758/CVE%20detailed.md https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29767/CVE%20detailed.md https://github.com/LianKee/SODA/blob/main/CVEs/CVE-2022-47027/CVE%20detail.md @@ -114358,6 +115246,10 @@ https://github.com/LianKee/SODA/blob/main/CVEs/CVE-2023-27645/CVE%20detail.md https://github.com/LianKee/SODA/blob/main/CVEs/CVE-2023-27647/CVE%20detail.md https://github.com/LianKee/SODA/blob/main/CVEs/CVE-2023-27648/CVE%20detail.md https://github.com/LianKee/SODA/blob/main/CVEs/CVE-2023-27652/CVE%20detail.md +https://github.com/LibRaw/LibRaw/issues/144 +https://github.com/LibRaw/LibRaw/issues/192 +https://github.com/LibRaw/LibRaw/issues/194 +https://github.com/LibRaw/LibRaw/issues/195 https://github.com/LibRaw/LibRaw/issues/269 https://github.com/LibRaw/LibRaw/issues/270 https://github.com/LibRaw/LibRaw/issues/271 @@ -114372,6 +115264,9 @@ https://github.com/LibRaw/LibRaw/issues/335 https://github.com/LibRaw/LibRaw/issues/400 https://github.com/LibRaw/LibRaw/issues/557 https://github.com/LibVNC/libvncserver/pull/137 +https://github.com/LibreCAD/LibreCAD/issues/1462 +https://github.com/LibreCAD/LibreCAD/issues/1464 +https://github.com/LibreCAD/LibreCAD/issues/1468 https://github.com/LibreCAD/LibreCAD/issues/1481 https://github.com/LibreDWG/libredwg/issues/176 https://github.com/LibreDWG/libredwg/issues/176#issue-541977765 @@ -114391,8 +115286,10 @@ https://github.com/LibreDWG/libredwg/issues/179#issuecomment-570447190 https://github.com/LibreDWG/libredwg/issues/179#issuecomment-570447223 https://github.com/LibreDWG/libredwg/issues/182#issue-547887727 https://github.com/LibreDWG/libredwg/issues/182#issuecomment-572890865 +https://github.com/LibreDWG/libredwg/issues/182#issuecomment-572890901 https://github.com/LibreDWG/libredwg/issues/182#issuecomment-572890932 https://github.com/LibreDWG/libredwg/issues/182#issuecomment-572890969 +https://github.com/LibreDWG/libredwg/issues/182#issuecomment-572891053 https://github.com/LibreDWG/libredwg/issues/182#issuecomment-572891083 https://github.com/LibreDWG/libredwg/issues/183 https://github.com/LibreDWG/libredwg/issues/186 @@ -114401,7 +115298,10 @@ https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574492707 https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574492816 https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493046 https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493134 +https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493267 https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493364 +https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493437 +https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493513 https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493607 https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493684 https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493775 @@ -114413,9 +115313,12 @@ https://github.com/LibreDWG/libredwg/issues/252 https://github.com/LibreDWG/libredwg/issues/255 https://github.com/LibreDWG/libredwg/issues/256 https://github.com/LibreDWG/libredwg/issues/258 +https://github.com/LibreDWG/libredwg/issues/261 https://github.com/LibreDWG/libredwg/issues/262 +https://github.com/LibreDWG/libredwg/issues/32 https://github.com/LibreDWG/libredwg/issues/324 https://github.com/LibreDWG/libredwg/issues/325 +https://github.com/LibreDWG/libredwg/issues/33 https://github.com/LibreDWG/libredwg/issues/350 https://github.com/LibreDWG/libredwg/issues/351 https://github.com/LibreDWG/libredwg/issues/484 @@ -114437,22 +115340,34 @@ https://github.com/LibreHealthIO/lh-ehr/issues/1223 https://github.com/Limesss/CVE-2023-36109/tree/main https://github.com/Ling-Yizhou/zendframework3-/blob/main/zend%20framework3%20%E5%8F%8D%E5%BA%8F%E5%88%97%E5%8C%96%20rce.md https://github.com/LiodAir/images/blob/master/csrf.md +https://github.com/LiveHelperChat/livehelperchat/issues/2054 https://github.com/Liyou-ZY/POC/issues/1 +https://github.com/Lnkvct/IoT-poc/tree/master/D-Link-DIR809/vuln01 https://github.com/Lnkvct/IoT-poc/tree/master/D-Link-DIR809/vuln02 https://github.com/Lnkvct/IoT-poc/tree/master/D-Link-DIR809/vuln03 https://github.com/Lnkvct/IoT-poc/tree/master/D-Link-DIR809/vuln04 +https://github.com/Lnkvct/IoT-poc/tree/master/D-Link-DIR809/vuln05 +https://github.com/Lnkvct/IoT-poc/tree/master/D-Link-DIR809/vuln06 +https://github.com/Lnkvct/IoT-poc/tree/master/D-Link-DIR809/vuln07 https://github.com/Lnkvct/IoT-poc/tree/master/D-Link-DIR809/vuln11 https://github.com/LoRexxar/CVE_Request/tree/master/wordpress%20plugin%20updraftplus%20vulnerablity#authenticated--upload-file-and-php-code-execution https://github.com/LoRexxar/CVE_Request/tree/master/wordpress%20plugin%20updraftplus%20vulnerablity#authenticated-ssrf +https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#ajaxstatusphp-line-276-orderby-sql-injection +https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#ajaxstatusphp-line-393-sql-injection https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#skinsclassicviewscontrolcapphp-reflected-xss +https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#skinsclassicviewscontrolphp-line-35-second-order-sqli +https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#skinsclassicviewseventsphp-line-44-sql-injection +https://github.com/Lq0ne/CVE-2024-28715 https://github.com/LuaJIT/LuaJIT/issues/601 https://github.com/LuaJIT/LuaJIT/issues/603 https://github.com/LuaJIT/LuaJIT/pull/526 https://github.com/LucaBarile/CVE-2022-38604 https://github.com/LucaBarile/CVE-2022-43293 https://github.com/LucidUnicorn/CVE-2020-10560-Key-Recovery +https://github.com/LucvanDonk/Siemens-Siemens-PLM-Software-TEAMCENTER-Reflected-Cross-Site-Scripting-XSS-vulnerability/wiki https://github.com/LyLme/lylme_spage/issues/91 https://github.com/LyLme/lylme_spage/issues/92 +https://github.com/Lyc-heng/routers/blob/a80b30bccfc9b76f3a4868ff28ad5ce2e0fca180/routers/rce1.md https://github.com/Lyc-heng/routers/blob/main/routers/rce1.md https://github.com/Lyc-heng/routers/blob/main/routers/stack1.md https://github.com/Lyc-heng/routers/blob/main/routers/stack2.md @@ -114468,6 +115383,7 @@ https://github.com/MRdoulestar/CodeAnalyse/issues/2 https://github.com/MacDownApp/macdown/issues/1050 https://github.com/MacDownApp/macdown/issues/1076 https://github.com/MacherCS/CVE_Evoh_Contract +https://github.com/Mad-robot/CVE-List/blob/master/Advanced%20Real%20Estate%20Script.md https://github.com/MaherAzzouzi/CVE-2022-37703 https://github.com/MaherAzzouzi/CVE-2022-37704 https://github.com/MaherAzzouzi/CVE-2022-37705 @@ -114477,6 +115393,7 @@ https://github.com/MalFuzzer/Vulnerability-Research/blob/master/TL-WR1043ND%20V2 https://github.com/ManhNDd/CVE-2019-19203 https://github.com/ManhNDd/CVE-2019-19204 https://github.com/MarginResearch/FOISted +https://github.com/MarkLee131/PoCs/blob/main/CVE-2024-34987.md https://github.com/Martinzb/cve/blob/main/sql.md https://github.com/Marynk/JavaScript-vulnerability-detection/blob/main/minimist%20PoC.zip https://github.com/Marynk/JavaScript-vulnerability-detection/blob/main/sailsJS%20PoC.zip @@ -114485,12 +115402,14 @@ https://github.com/MateusTesser/CVE-2023-43284 https://github.com/Matheus-Garbelini/esp32_esp8266_attacks https://github.com/Matroska-Org/foundation-source/issues/24 https://github.com/Matroska-Org/libebml/issues/74 +https://github.com/Matthias-Wandel/jhead/files/14613084/poc.zip https://github.com/Matthias-Wandel/jhead/issues/15 https://github.com/Matthias-Wandel/jhead/issues/16 https://github.com/Matthias-Wandel/jhead/issues/17 https://github.com/Matthias-Wandel/jhead/issues/33 https://github.com/Matthias-Wandel/jhead/issues/36 https://github.com/Matthias-Wandel/jhead/issues/7 +https://github.com/Matthias-Wandel/jhead/issues/84 https://github.com/MauroEldritch/VanCleef https://github.com/MauroEldritch/lempo https://github.com/MegaTKC/AeroCMS/issues/11 @@ -114507,11 +115426,16 @@ https://github.com/Mesh3l911/CVE-2021-32160 https://github.com/Mesh3l911/CVE-2021-32161 https://github.com/Mesh3l911/CVE-2021-32162 https://github.com/Mesh3l911/Disource +https://github.com/MiSERYYYYY/Vulnerability-Reports-and-Disclosures/blob/main/OpenSIS-Community-8.0.md https://github.com/Mindwerks/wildmidi/issues/178 https://github.com/MinoTauro2020/CVE-2023-43147/ https://github.com/Mint60/PHP/issues/1 +https://github.com/Mintplex-Labs/anything-llm/security/advisories/GHSA-xmj6-g32r-fc5q https://github.com/MirahezeBots/sopel-channelmgnt/security/advisories/GHSA-23c7-6444-399m https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/166 +https://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-wfgj-wrgh-h3r3 +https://github.com/MobiusBinary/CVE-2021-41647 +https://github.com/MobiusBinary/CVE-2021-41651/ https://github.com/Moddable-OpenSource/moddable/issues/351 https://github.com/Moddable-OpenSource/moddable/issues/431 https://github.com/Moddable-OpenSource/moddable/issues/432 @@ -114519,9 +115443,21 @@ https://github.com/Moddable-OpenSource/moddable/issues/440 https://github.com/Moddable-OpenSource/moddable/issues/441 https://github.com/Moddable-OpenSource/moddable/issues/442 https://github.com/Moddable-OpenSource/moddable/issues/580 +https://github.com/Moddable-OpenSource/moddable/issues/582 +https://github.com/Moddable-OpenSource/moddable/issues/583 https://github.com/Moddable-OpenSource/moddable/issues/585 https://github.com/Moddable-OpenSource/moddable/issues/586 https://github.com/Moddable-OpenSource/moddable/issues/587 +https://github.com/Moddable-OpenSource/moddable/issues/748 +https://github.com/Moddable-OpenSource/moddable/issues/749 +https://github.com/Moddable-OpenSource/moddable/issues/750 +https://github.com/Moddable-OpenSource/moddable/issues/752 +https://github.com/Moddable-OpenSource/moddable/issues/759 +https://github.com/Moddable-OpenSource/moddable/issues/760 +https://github.com/Moddable-OpenSource/moddable/issues/766 +https://github.com/Moddable-OpenSource/moddable/issues/768 +https://github.com/Moddable-OpenSource/moddable/issues/769 +https://github.com/Moddable-OpenSource/moddable/issues/774 https://github.com/Moddable-OpenSource/moddable/issues/896 https://github.com/MoeMion233/cve/blob/main/1.md https://github.com/MoeMion233/cve/blob/main/2.md @@ -114549,17 +115485,23 @@ https://github.com/MucahitSaratar/endian_firewall_authenticated_rce https://github.com/MucahitSaratar/zencart_auth_rce_poc https://github.com/NC3-LU/TestingPlatform/security/advisories/GHSA-9fhc-f3mr-w6h6 https://github.com/NC3-LU/TestingPlatform/security/advisories/GHSA-mmpf-rw6c-67mm +https://github.com/NN0b0dy/CVE-2024-32399/blob/main/README.md https://github.com/NSSCYCTFER/SRC-CVE +https://github.com/NUDTTAN91/CVE-2024-22939 +https://github.com/NUDTTAN91/CVE20240109/blob/master/README.md https://github.com/Nacl122/CVEReport/blob/main/CVE-2023-42286/CVE-2023-42286.md https://github.com/NagVis/nagvis/issues/91 https://github.com/NanKeXXX/selfVuln_poc/blob/main/whaleal%3Aicefrog/icefrog_1.1.8_RCE.md +https://github.com/Nat-Lab/CVE-2018-5951 https://github.com/NationalSecurityAgency/ghidra/issues/4869 https://github.com/NationalSecurityAgency/ghidra/issues/71 https://github.com/NationalSecurityAgency/ghidra/issues/943 https://github.com/NaturalIntelligence/wp-thumb-post/issues/1 https://github.com/Neeke/HongCMS/issues/15 https://github.com/Neeke/HongCMS/issues/4 +https://github.com/Net-hunter121/CVE-2021-41381/blob/main/CVE:%202021-41381-POC https://github.com/Nhoya/MycroftAI-RCE +https://github.com/Ni7inSharma/CVE-2021-41511 https://github.com/Ni9htMar3/vulnerability/blob/master/PLC/DCCE/DCCE%20MAC1100%20PLC_DOS.md https://github.com/Ni9htMar3/vulnerability/blob/master/PLC/DCCE/DCCE%20MAC1100%20PLC_leak.md https://github.com/Ni9htMar3/vulnerability/blob/master/PLC/DCCE/DCCE%20MAC1100%20PLC_leak2.md @@ -114571,20 +115513,34 @@ https://github.com/Ni9htMar3/vulnerability/blob/master/zzcms_8.2/install.md https://github.com/Ni9htMar3/vulnerability/blob/master/zzcms_8.2/licence_save.php.md https://github.com/Ni9htMar3/vulnerability/blob/master/zzcms_8.2/manage.php.md https://github.com/Ni9htMar3/vulnerability/blob/master/zzcms_8.2/ppsave.php.md +https://github.com/Nicholas-wei/bug-discovery/blob/main/asus/2/ASUS_ac68u.md +https://github.com/Nivedita-22/SRELAY-exploit-writeup/blob/main/Srelay.md https://github.com/NoneShell/Vulnerabilities/blob/main/NETGEAR/WNR2000v4-1.0.0.70-Authorized-Command-Injection.md +https://github.com/Notselwyn/CVE-2024-1086 https://github.com/NtRaiseHardError/Antimalware-Research/blob/master/K7%20Security/Local%20Privilege%20Escalation/v16.0.0120/README.md https://github.com/NucleusCMS/NucleusCMS/issues/83 +https://github.com/OAID/Tengine/issues/476 https://github.com/OP-TEE/optee_os/security/advisories/GHSA-jrw7-63cq-7vhm https://github.com/OS4ED/openSIS-Classic/issues/158 +https://github.com/OS4ED/openSIS-Classic/issues/192 +https://github.com/OS4ED/openSIS-Classic/issues/193 +https://github.com/OS4ED/openSIS-Classic/issues/204 https://github.com/OS4ED/openSIS-Classic/issues/248 https://github.com/OYyunshen/Poc/blob/main/Novel-PlusSqli1.pdf https://github.com/OYyunshen/Poc/blob/main/Novel-PlusV3.6.2Sqli.pdf +https://github.com/OctoPrint/OctoPrint/security/advisories/GHSA-x7mf-wrh9-r76c https://github.com/Off3nS3c/CVE-2022-29932/blob/main/Proof-of-Concept.md https://github.com/OffensiveOceloot/advisories/blob/main/CVE-2020-17381.md +https://github.com/OmRajpurkar/Healthcare-Chatbot/issues/4 https://github.com/Ombi-app/Ombi/security/advisories/GHSA-28j3-84m7-gpjp +https://github.com/OneUptime/oneuptime/security/advisories/GHSA-246p-xmg8-wmcq +https://github.com/OoLs5/VulDiscovery/blob/main/cve-2024-36773.md https://github.com/OoLs5/VulDiscovery/blob/main/monstra_xss.pdf https://github.com/OoLs5/VulDiscovery/blob/main/poc.docx +https://github.com/Open-MSS/MSS/security/advisories/GHSA-pf2h-qjcr-qvq2 https://github.com/OpenAPITools/openapi-generator/issues/2253 +https://github.com/OpenDDS/OpenDDS/issues/4527 +https://github.com/OpenIDC/mod_auth_openidc/security/advisories/GHSA-hxr6-w4gc-7vvv https://github.com/OpenImageIO/oiio/issues/3871 https://github.com/OpenImageIO/oiio/issues/3947 https://github.com/OpenMage/magento-lts/security/advisories/GHSA-9358-cpvx-c2qp @@ -114607,6 +115563,8 @@ https://github.com/Oracle-Security/CVEs/blob/main/QStar%20Archive%20Solutions/CV https://github.com/Oracle-Security/CVEs/blob/main/QStar%20Archive%20Solutions/CVE-2023-51068.md https://github.com/Oracle-Security/CVEs/blob/main/QStar%20Archive%20Solutions/CVE-2023-51071.md https://github.com/OraclePi/repo/blob/main/totolink%20A3700R/1/A3700R%20%20V9.1.2u.6165_20211012%20vuln.md +https://github.com/OraclePi/repo/blob/main/totolink%20X6000R/1/X6000R%20AX3000%20WiFi%206%20Giga%20unauthed%20rce.md +https://github.com/Orange-418/CVE-2024-22515-File-Upload-Vulnerability https://github.com/Orange-Cyberdefense/CVE-repository https://github.com/Orange-Cyberdefense/CVE-repository/blob/master/PoCs/POC_CVE-2021-44032_Kevin.md https://github.com/Orange-Cyberdefense/CVE-repository/blob/master/PoCs/poc_geomatika_isigeoweb.md @@ -114619,12 +115577,27 @@ https://github.com/PAGalaxyLab/VulInfo/blob/master/D-Link/DIR-816/edit_sys_accou https://github.com/PAGalaxyLab/VulInfo/blob/master/D-Link/DIR-816/edit_web_and_sys_account/README.md https://github.com/PAGalaxyLab/VulInfo/blob/master/D-Link/DIR-816/remote_cmd_exec_0/README.md https://github.com/PAGalaxyLab/VulInfo/blob/master/D-Link/DIR-816/reset_router/README.md +https://github.com/PAGalaxyLab/VulInfo/blob/master/TP-Link/WR886N/inetd_task_dos_00/README.md +https://github.com/PAGalaxyLab/VulInfo/blob/master/TP-Link/WR886N/inetd_task_dos_01/README.md https://github.com/PAGalaxyLab/VulInfo/blob/master/TP-Link/WR886N/inetd_task_dos_02/README.md +https://github.com/PAGalaxyLab/VulInfo/blob/master/TP-Link/WR886N/inetd_task_dos_03/README.md +https://github.com/PAGalaxyLab/VulInfo/blob/master/TP-Link/WR886N/inetd_task_dos_04/README.md +https://github.com/PAGalaxyLab/VulInfo/blob/master/TP-Link/WR886N/inetd_task_dos_05/README.md https://github.com/PAGalaxyLab/VulInfo/blob/master/TP-Link/WR886N/inetd_task_dos_07/README.md +https://github.com/PAGalaxyLab/VulInfo/blob/master/TP-Link/WR886N/inetd_task_dos_08/README.md +https://github.com/PAGalaxyLab/VulInfo/blob/master/TP-Link/WR886N/inetd_task_dos_09/README.md +https://github.com/PAGalaxyLab/VulInfo/blob/master/TP-Link/WR886N/inetd_task_dos_10/README.md +https://github.com/PAGalaxyLab/VulInfo/blob/master/TP-Link/WR886N/inetd_task_dos_11/README.md +https://github.com/PAGalaxyLab/VulInfo/blob/master/TP-Link/WR886N/inetd_task_dos_12/README.md +https://github.com/PAGalaxyLab/VulInfo/blob/master/TP-Link/WR886N/inetd_task_dos_13/README.md https://github.com/PAGalaxyLab/VulInfo/blob/master/TP-Link/WR886N/inetd_task_dos_14/README.md +https://github.com/PAGalaxyLab/VulInfo/tree/master/ASUS/GT-AC5300/dos1 +https://github.com/PAGalaxyLab/VulInfo/tree/master/D-Link/DIR-816/cmd_injection_0 https://github.com/PAGalaxyLab/VulInfo/tree/master/D-Link/DIR-816/cmd_injection_1 https://github.com/PAGalaxyLab/VulInfo/tree/master/D-Link/DIR-816/cmd_injection_2 +https://github.com/PAGalaxyLab/VulInfo/tree/master/D-Link/DIR-816/cmd_injection_3 https://github.com/PAGalaxyLab/VulInfo/tree/master/D-Link/DIR-816/stack_overflow_1 +https://github.com/PGYER/codefever/issues/140 https://github.com/PHPFusion/PHPFusion/issues/2314 https://github.com/PX4/PX4-Autopilot/issues/17062 https://github.com/PX4/PX4-Autopilot/security/advisories/GHSA-5hvv-q2r5-rppw @@ -114650,6 +115623,8 @@ https://github.com/Paxa/postbird/issues/132 https://github.com/Paxa/postbird/issues/133 https://github.com/Paxa/postbird/issues/134 https://github.com/Pbootcms/Pbootcms/issues/8 +https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/2024/Task%20Management%20System%20-%20multiple%20vulnerabilities.md#3sql-injection-vulnerability-in-update-employeephp +https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/2024/Task%20Management%20System%20-%20multiple%20vulnerabilities.md#4sql-injection-vulnerability-in-update-adminphp https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/NFine-Rapid-development-platform-has-weak-password-vulnerability.md https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/Online%20Discussion%20Forum%20Site%20-%20multiple%20vulnerabilities.md https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/Online%20Discussion%20Forum%20Site%20-%20multiple%20vulnerabilities.md#10xss-vulnerability-in-adminpostsmanage_postphptitle @@ -114665,6 +115640,7 @@ https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/The%20NFine%2 https://github.com/Peppermint-Lab/peppermint/issues/171 https://github.com/PinaeOS/py-xml/issues/2 https://github.com/Pingkon/HMS-PHP/issues/1 +https://github.com/PinkDraconian/PoC-Langchain-RCE/blob/main/README.md https://github.com/Piwigo/AdminTools/issues/21 https://github.com/Piwigo/Piwigo/issues/1157 https://github.com/Piwigo/Piwigo/issues/1158 @@ -114679,15 +115655,22 @@ https://github.com/PopojiCMS/PopojiCMS/issues/13 https://github.com/PopojiCMS/PopojiCMS/issues/14 https://github.com/PopojiCMS/PopojiCMS/issues/16 https://github.com/PopojiCMS/PopojiCMS/issues/23 +https://github.com/PopojiCMS/PopojiCMS/issues/24 https://github.com/PopojiCMS/PopojiCMS/issues/31 https://github.com/PoppingSnack/VulReport/issues/12 +https://github.com/PrecursorYork/Product-Management-System-Using-PHP-and-MySQL-Reflected-XSS-POC/blob/main/README.md +https://github.com/PrecursorYork/crud-without-refresh-reload-Reflected_XSS-POC/blob/main/README.md https://github.com/PrivateBin/PrivateBin/security/advisories/GHSA-8j72-p2wm-6738 https://github.com/PrivateBin/PrivateBin/security/advisories/GHSA-cqcc-mm6x-vmvw https://github.com/ProxymanApp/Proxyman/issues/364 https://github.com/PumpkinBridge/cve/blob/main/rce.md https://github.com/Push3AX/vul/blob/main/viessmann/Vitogate300_HardcodedPassword.md +https://github.com/PwnYouLin/IOT_vul/blob/main/wayos/2/readme.md +https://github.com/PyconUK/ConferenceScheduler-cli/issues/19 https://github.com/QQ704568679/YXcms-Code-audit/blob/master/Yxcms%20Code%20audit +https://github.com/Qiskit/qiskit-ibm-runtime/security/advisories/GHSA-x4x5-jv3x-9c7m https://github.com/Qrayyy/CVE/blob/main/Dairy%20Farm%20Shop%20Management%20System/sales-report-ds-sql(CVE-2022-40944).md +https://github.com/Quadron-Research-Lab/Hardware-IoT/blob/main/Tenda_AC10U_command_injection_RCE.pdf https://github.com/Quadron-Research-Lab/Hardware-IoT/blob/main/d-link_dir-825_R2.pdf https://github.com/Quadron-Research-Lab/Hardware-IoT/blob/main/tp-link%20tl-wr840n_DNSServers%3D.pdf https://github.com/Quadron-Research-Lab/Hardware-IoT/blob/main/tp-link%20tl-wr840n_X_TP_ClonedMACAddress%3D.pdf @@ -114704,6 +115687,8 @@ https://github.com/RCEraser/cve/blob/main/sql_inject_5.md https://github.com/RCEraser/cve/blob/main/tongda.md https://github.com/RCEraser/cve/blob/main/wanjiang.md https://github.com/RO6OTXX/pescms_vulnerability +https://github.com/RaRe-Technologies/bounter/issues/47 +https://github.com/Raj789-sec/CVE-2023-39115 https://github.com/Ramansh123454/POCs/blob/main/CSMS_RCE https://github.com/Ramansh123454/POCs/blob/main/POC https://github.com/Ramikan/Vulnerabilities/blob/master/GoAhead%20Web%20server%20HTTP%20Header%20Injection @@ -114721,6 +115706,7 @@ https://github.com/ReFirmLabs/binwalk/pull/617 https://github.com/RealLinkers/CVE-2019-17427 https://github.com/RealLinkers/CVE-2019-18890 https://github.com/RedisGraph/RedisGraph/issues/3178 +https://github.com/RektInator/cod-steamauth-rce https://github.com/RhinoSecurityLabs/CVEs https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2018-20621 https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2018-5757 @@ -114743,39 +115729,72 @@ https://github.com/RiieCco/write-ups/tree/master/CVE-2019-9659 https://github.com/RioIsDown/TC7337 https://github.com/RisingStack/protect/issues/16 https://github.com/RobertDra/CVE-2021-31862/blob/main/README.md +https://github.com/RootSoull/Vuln-Poc/tree/master/D-Link/DIR-816 https://github.com/RootUp/PersonalStuff/blob/master/Telegram_Privacy.pdf +https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909 https://github.com/Ruia-ruia/Exploits/blob/master/DFX11details.txt https://github.com/RustCrypto/AEADs/security/advisories/GHSA-423w-p2w9-r7vq +https://github.com/Ryan0lb/EC-cloud-e-commerce-system-CVE-application/blob/master/README.md https://github.com/S1lkys/CVE-2020-29669 https://github.com/S1lkys/CVE-2023-30367-mRemoteNG-password-dumper https://github.com/S4nshine/CVE-2023-23169 https://github.com/SECFORCE/CVE-2018-8941 https://github.com/SQSamir/CVE-2021-27328 +https://github.com/SadFud/Exploits/tree/master/Real%20World/SCADA%20-%20IOT%20Systems/CVE-2018-11654 https://github.com/SadFud/Exploits/tree/master/Real%20World/SCADA%20-%20IOT%20Systems/CVE-2018-7812 https://github.com/SadFud/Exploits/tree/master/Real%20World/Suites/cir-pwn-life +https://github.com/Sadw11v/cve/blob/main/upload.md +https://github.com/SakuraSamuraii/CVE-2021-43032 +https://github.com/SakuraSamuraii/derailed https://github.com/SakuraSamuraii/ez-iRZ https://github.com/Samsung/mTower/issues/83 https://github.com/Samuel-Tyler/fast_ber/issues/30 https://github.com/SaumyajeetDas/POC-of-CVE-2022-36271 https://github.com/ScottyBauer/Android_Kernel_CVE_POCs/blob/master/CVE-2017-8260.c https://github.com/Seagate/cortx-s3server/issues/1037 +https://github.com/SecLoop/CVE/blob/main/telefone_ip_tip200.md +https://github.com/SecWiki/CMS-Hunter/blob/master/seacms/seacms6.61/seacms661.md https://github.com/SecureAuthCorp/impacket/releases https://github.com/SecuriTrust/CVEsLab/tree/main/CVE-2022-2551 https://github.com/SecuriTrust/CVEsLab/tree/main/CVE-2022-2552 https://github.com/Security-AVS/CVE-2019-13633 https://github.com/Security-AVS/CVE-2020-16270 +https://github.com/Security-AVS/CVE-2021-29267 +https://github.com/Security-AVS/CVE-2021-30146 +https://github.com/SegfaultMasters/covering360/blob/master/HDF5/README.md#divided-by-zero---h5d__chunk_set_info_real_div_by_zero +https://github.com/SegfaultMasters/covering360/blob/master/tcpreplay https://github.com/SegfaultMasters/covering360/blob/master/tcpreplay/README.md#use-after-free-in-post_args +https://github.com/SegfaultMasters/covering360/blob/master/tcpreplay/README.md#user-content-heap-overflow-in-csum_replace4 +https://github.com/SegfaultMasters/covering360/tree/master/HDF5#divided-by-zero---divbyzero__h5d_chunk_poc +https://github.com/SegfaultMasters/covering360/tree/master/HDF5#stack-overflow---stackoverflow_h5p__get_cb +https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln2#divided-by-zero---h5d__create_chunk_file_map_hyper_div_zero +https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln3#memory-leak---h5o__chunk_deserialize_memory_leak +https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln4#divided-by-zero---poc_apply_filters_h5repack_filters +https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln4#divided-by-zero---poc_h5d__select_io_h5dselect +https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln5#memory-leak-in-h5o_dtype_decode_helper +https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln5#stack-overflow-in-h5s_extent_get_dims +https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln6#null-pointer-dereference-in-h5o_sdspace_encode +https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln7#heap-overflow-in-h5o_attr_decode +https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln8#heap-overflow-in-readgifimagedesc +https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln8#invalid-write-memory-access-in-decompressc https://github.com/Sentinal920/WPanel4-Authenticated-RCE https://github.com/Serhatcck/cves/blob/main/CVE-2023-48016-restaurant-table-booking-system-SQLInjection.md https://github.com/ShielderSec/cve-2017-18635 +https://github.com/ShravanSinghRathore/ASUS-RT-N300-B1/wiki/CSV-Injection-CVE%E2%80%902024%E2%80%9028328 +https://github.com/ShravanSinghRathore/ASUS-RT-N300-B1/wiki/Credentials-Stored-in-Cleartext-CVE%E2%80%902024%E2%80%9028325 +https://github.com/ShravanSinghRathore/ASUS-RT-N300-B1/wiki/Insecure-Credential-Storage-CVE%E2%80%902024%E2%80%9028327 +https://github.com/ShravanSinghRathore/ASUS-RT-N300-B1/wiki/Privilege-Escalation-CVE%E2%80%902024%E2%80%9028326 +https://github.com/ShravanSinghRathore/Tenda-N300-F3-Router/wiki/Password-Policy-Bypass-Vulnerability-CVE%E2%80%902024%E2%80%9025343 https://github.com/Shumerez/CVE-2023-48858 https://github.com/Sigil-Ebook/flightcrew/issues/52 https://github.com/Sigil-Ebook/flightcrew/issues/52#issuecomment-505967936 https://github.com/Sigil-Ebook/flightcrew/issues/52#issuecomment-505997355 https://github.com/SimbCo/httpster/pull/36 https://github.com/SinGooCMS/SinGooCMSUtility/issues/1 +https://github.com/Skotizo/CVE-2021-43129 https://github.com/SlashXzerozero/Injection-vulnerability-in-Paradox-Security-Systems-IPR512 https://github.com/Slovejoy/dnsmasq-pre2.76 +https://github.com/Snawoot/hisilicon-dvr-telnet https://github.com/Snowty/myCVE/blob/master/CraftCMS-2.6.3000/README.md https://github.com/SomeBottle/OBottle/issues/6 https://github.com/Sospiro014/zday1/blob/main/Execution_After_Redirect.md @@ -114784,10 +115803,13 @@ https://github.com/Sospiro014/zday1/blob/main/Laboratory_Management_System.md https://github.com/Sospiro014/zday1/blob/main/doctor_appointment_management_system_idor.md https://github.com/Sospiro014/zday1/blob/main/doctor_appointment_management_system_xss.md https://github.com/Sospiro014/zday1/blob/main/ear_stord_xss.md +https://github.com/Sospiro014/zday1/blob/main/event-managment.md https://github.com/Sospiro014/zday1/blob/main/xss_1.md https://github.com/SouhailHammou/Exploits/blob/master/CVE-2019-14694%20-%20Comodo%20AV%20Sandbox%20Race%20Condition%20UAF/comodo_av_uaf_poc.c https://github.com/SouhailHammou/Panda-Antivirus-LPE https://github.com/SpengeSec/CVE-2019-19699 +https://github.com/SpikeReply/advisories/blob/530dbd7ce68600a22c47dd1bcbe360220feda1d9/cve/xmedcon/cve-2024-29421.md +https://github.com/SpikeReply/advisories/blob/main/cve/totolink/cve-2024-27521.md https://github.com/SpikeReply/advisories/blob/main/cve/trendnet/cve-2023-51146.md https://github.com/SpikeReply/advisories/blob/main/cve/trendnet/cve-2023-51147.md https://github.com/SpikeReply/advisories/blob/main/cve/trendnet/cve-2023-51148.md @@ -114796,6 +115818,7 @@ https://github.com/StarCitizenTools/mediawiki-skins-Citizen/security/advisories/ https://github.com/Starcounter-Jack/JSON-Patch/pull/262 https://github.com/Stevenbaga/fengsha/blob/main/H3C/GR-1200W/SetTftpUpgrad.md https://github.com/Stevenbaga/fengsha/blob/main/H3C/GR-1200W/aVersionSet.md +https://github.com/Stevenbaga/fengsha/blob/main/W20E/SetSysTime.md https://github.com/Stevenbaga/fengsha/blob/main/W20E/formIPMacBindModify.md https://github.com/Stevenbaga/fengsha/blob/main/W20E/formSetStaticRoute.md https://github.com/Stitch3612/cve/blob/main/rce.md @@ -114806,20 +115829,27 @@ https://github.com/SukaraLin/php_code_audit_project/blob/master/dedecms/dedecms% https://github.com/SxB64/mxgraph-xss-vul/wiki https://github.com/Sylon001/NVS-365-Camera/tree/master/NVS365%20Network%20Video%20Server%20Password%20Information%20Unauthorized%20Access%20Vulnerability https://github.com/TAPESH-TEAM/CVE-2020-17456-Seowon-SLR-120S42G-RCE-Exploit-Unauthenticated +https://github.com/TEag1e/zzcms +https://github.com/TREYWANGCQU/LANKERS/issues/1 https://github.com/TTY-flag/my_iot_vul/tree/main/COMFAST/CF-XR11/Command_Inject1 https://github.com/TTY-flag/my_iot_vul/tree/main/COMFAST/CF-XR11/Command_Inject3 https://github.com/TTY-flag/my_iot_vul/tree/main/COMFAST/CF-XR11/Command_Inject4 https://github.com/TTY-flag/my_iot_vul/tree/main/COMFAST/CF-XR11/Command_Inject5 https://github.com/TTY-flag/my_iot_vul/tree/main/WAVLINK/WL-WN575A3 +https://github.com/TablePress/TablePress/security/advisories/GHSA-x8rf-c8x6-mrpg https://github.com/Tanguy-Boisset/CVE/blob/master/CVE-2023-52059/README.md https://github.com/Tardis07/CVE_GO/blob/master/zzzphp_code_execution_v1.7.3.md https://github.com/Tatsh/pngdefry/issues/1 https://github.com/TeamEasy/EasyCMS/issues/8 +https://github.com/TeamNewPipe/NewPipe/security/advisories/GHSA-wxrm-jhpf-vp6v https://github.com/TeamSeri0us/pocs/blob/master/exiv2/1-out-of-read-Poc https://github.com/TeamSeri0us/pocs/blob/master/exiv2/2-out-of-read-Poc https://github.com/TeamSeri0us/pocs/blob/master/faad/global-buffer-overflow%40ps_mix_phase.md https://github.com/TeamSeri0us/pocs/blob/master/recutils/bug-report-recutils https://github.com/TeamSeri0us/pocs/blob/master/recutils/bug-report-recutils/ +https://github.com/TeamSeri0us/pocs/blob/master/soundtouch/2018_09_03 +https://github.com/TeamSeri0us/pocs/blob/master/soundtouch/readme.md +https://github.com/TeamSeri0us/pocs/tree/master/exiv2/20181206 https://github.com/TeamSeri0us/pocs/tree/master/faad https://github.com/TeamSeri0us/pocs/tree/master/gerbv https://github.com/TeamSeri0us/pocs/tree/master/libofx @@ -114837,7 +115867,9 @@ https://github.com/TeamSeri0us/pocs/tree/master/recutils/bug-report-recutils/rec https://github.com/TeamSeri0us/pocs/tree/master/xpdf https://github.com/TeamSeri0us/pocs/tree/master/xpdf/2018_10_16/pdftoppm https://github.com/TeamSeri0us/pocs/tree/master/xpdf/4.01.01 +https://github.com/TechSmith/mp4v2/issues/20 https://github.com/TechSmith/mp4v2/issues/74 +https://github.com/Tencent/libpag/issues/2230 https://github.com/Tencent/vConsole/issues/616 https://github.com/TestLinkOpenSourceTRMS/testlink-code/pull/357 https://github.com/The-Itach1/IOT-CVE/tree/master/Tenda/AX12/1 @@ -114845,6 +115877,7 @@ https://github.com/The-Itach1/IOT-CVE/tree/master/Tenda/AX12/2 https://github.com/The-Itach1/IOT-CVE/tree/master/Tenda/AX12/3 https://github.com/The-Itach1/IOT-CVE/tree/master/Tenda/AX12/4 https://github.com/The-Itach1/IOT-CVE/tree/master/Tenda/AX12/6 +https://github.com/TheBeeMan/Pwning-multiple-dlink-router-via-SOAP-proto https://github.com/TheCyberGeek/CVE-2020-5844 https://github.com/TheGetch/CVE-2022-23378 https://github.com/TheGetch/CVE-2022-29597 @@ -114860,20 +115893,34 @@ https://github.com/TheHackingRabbi/CVE-2021-42670 https://github.com/TheHackingRabbi/CVE-2021-42671 https://github.com/Thecosy/IceCMS/issues/8 https://github.com/Thinstation/thinstation/issues/427 +https://github.com/Thirtypenny77/cms/blob/main/5.md +https://github.com/Thirtypenny77/cms/blob/main/6.md +https://github.com/Thirtypenny77/cms/blob/main/7.md +https://github.com/Thirtypenny77/cms/blob/main/8.md https://github.com/Thirukrishnan/CVE-2023-33408 https://github.com/Thirukrishnan/CVE-2023-33409 https://github.com/Thirukrishnan/CVE-2023-33410 +https://github.com/Thirukrishnan/CVE-2024-27665/ https://github.com/This-is-Y/baijiacms-RCE https://github.com/Thomas-Tsai/partclone/issues/71 https://github.com/Thomas-Tsai/partclone/issues/82 https://github.com/Tiamat-ron/cms/blob/main/The%20deletion%20function%20of%20the%20Article%20Management%20Office%20exists%20in%20CSRF.md https://github.com/Tiamat-ron/cms/blob/main/There%20is%20a%20csrf%20in%20the%20article%20management%20modification%20section.md +https://github.com/TiffanyBlue/PoCbyMyself/blob/master/mongoose6.13/mqtt/Cesanta%20Mongoose%20MQTT%20getu16%20heap%20buffer%20overflow2.md +https://github.com/TimeSeg/IOT_CVE/blob/main/tenda/AC9V3/0130/setSchedWifi.md +https://github.com/TimeSeg/IOT_CVE/blob/main/tenda/AC9V3/0218/add_white_node.md +https://github.com/TimeSeg/IOT_CVE/blob/main/tenda/AC9V3/0218/formSetDeviceName.md +https://github.com/TimeSeg/IOT_CVE/blob/main/tenda/AC9V3/0218/formWifiBasicSet.md +https://github.com/TimeSeg/IOT_CVE/blob/main/tenda/AC9V3/0218/fromSetIpMacBind.md +https://github.com/TimeSeg/IOT_CVE/blob/main/tenda/AC9V3/0218/fromSetSysTime.md https://github.com/Timorlover/CVE-2023-23333 https://github.com/Timorlover/SolarView_Compact_6.0_rce_via_network_test.php https://github.com/TinkAnet/cve/blob/main/sql2.md https://github.com/TishaManandhar/Superstore-sql-poc/blob/main/SQL https://github.com/TishaManandhar/Webmin_xss_POC/blob/main/XSS https://github.com/To-LingJing/CVE-Issues/blob/main/baijiacms/upload_file.md +https://github.com/TonyKentClark/MyCodeAudit/blob/master/gxlcms1.1.4 +https://github.com/TonyKentClark/MyCodeAudit/blob/master/xycms%20%20v1.7 https://github.com/ToughRunner/Open5gs_bugreport https://github.com/ToughRunner/Open5gs_bugreport2 https://github.com/ToughRunner/Open5gs_bugreport3 @@ -114891,6 +115938,7 @@ https://github.com/Tr0e/CVE_Hunter/blob/main/XSS-3.md https://github.com/Tr0e/CVE_Hunter/blob/main/XSS-5.md https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/Online%20Security%20Guards%20Hiring%20System%201.0.md https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/e107%20v2.3.2.md +https://github.com/Trinity-SYT-SECURITY/arbitrary-file-upload-RCE/blob/main/Online%20Art%20gallery%20project%201.0.md https://github.com/Tsiming/Vulnerabilities/blob/main/SQLite/CVE-2021-31239 https://github.com/TycheSoftwares/woocommerce-abandoned-cart/pull/885#issuecomment-1601813615 https://github.com/TyeYeah/DIR-890L-1.20-RCE @@ -114907,6 +115955,7 @@ https://github.com/TyeYeah/othercveinfo/blob/main/wavlink/README.md#wavlink-rout https://github.com/TyeYeah/othercveinfo/tree/main/wavlink#command-injection-occurs-when-adding-extender-in-wavlink-router-ac1200-page-wifi_meshshtml-in-wirelesscgi https://github.com/TyeYeah/othercveinfo/tree/main/wavlink#command-injection-occurs-when-clicking-the-button-in-wavlink-router-ac1200-page-wifi_meshshtml-in-wirelesscgi https://github.com/TyeYeah/othercveinfo/tree/main/wavlink#wavlink-router-ac1200-page-qosshtml-command-injection-in-qoscgi +https://github.com/TylerGarlick/angular-redactor/issues/77 https://github.com/Typesetter/Typesetter/issues/674 https://github.com/Typesetter/Typesetter/issues/697 https://github.com/UT-Security/gpu-zip @@ -114918,6 +115967,7 @@ https://github.com/UniSharp/laravel-filemanager/issues/1150 https://github.com/UniSharp/laravel-filemanager/issues/1150#issuecomment-1320186966 https://github.com/UniSharp/laravel-filemanager/issues/1150#issuecomment-1825310417 https://github.com/V1n1v131r4/CSRF-on-ArGoSoft-Mail-Server/blob/master/README.md +https://github.com/V1n1v131r4/CSRF-to-RCE-on-Backdrop-CMS https://github.com/V1n1v131r4/Exploiting-Postie-WordPress-Plugin-/blob/master/README.md https://github.com/V1n1v131r4/Exploiting-WP-Database-Backup-WordPress-Plugin/blob/master/README.md https://github.com/V1n1v131r4/Exploiting-WP-Htaccess-by-BestWebSoft-Plugin/blob/master/README.md @@ -114925,20 +115975,26 @@ https://github.com/V1n1v131r4/HGB10R-2 https://github.com/V1n1v131r4/MIME-Confusion-Attack-on-Midori-Browser/blob/master/README.md https://github.com/V3locidad/GLPI_POC_Plugins_Shell https://github.com/VauP/CVE-IDs/blob/main/proof_of_concept.md +https://github.com/Veeeooo/phpwind/blob/master/README.md https://github.com/Venan24/SCMS/issues/2 https://github.com/Venus-WQLab/bug_report/blob/main/Tenda/CVE-2023-24212.md https://github.com/VerSprite/research/blob/master/advisories/VS-2017-007.md https://github.com/VerSprite/research/blob/master/advisories/VS-2018-014.md https://github.com/Verytops/verydows/issues/10 https://github.com/Verytops/verydows/issues/17 +https://github.com/Vict00r/poc/issues/1 +https://github.com/VictorAlagwu/CMSsite/issues/14 https://github.com/VictorAlagwu/CMSsite/issues/15 https://github.com/VijayT007/Vulnerability-Database/blob/master/Telegram-CVE-2020-17448 +https://github.com/VijayT007/Vulnerability-Database/blob/master/Telegram:CVE-2020-10570 https://github.com/VijayT007/Vulnerability-Database/blob/master/Telegram:CVE-2020-12474 https://github.com/VirusTotal/yara/issues/1178 +https://github.com/VirusTotal/yara/issues/1616 https://github.com/VirusTotal/yara/issues/891 https://github.com/VirusTotal/yara/issues/999 https://github.com/VivekPanday12/CVE-/issues/2 https://github.com/VivekPanday12/CVE-/issues/3 +https://github.com/VoidSec/Exploit-Development/blob/master/windows/x64/kernel/crucial_Ballistix_MOD_Utility_v.2.0.2.5/crucial_Ballistix_MOD_Utility_v.2.0.2.5_memory_dump_PoC.cpp https://github.com/VoidSec/Exploit-Development/blob/master/windows/x86/local/IBM_ITSM_Administrator_Client_v.5.2.0.1/IBM_TSM_v.5.2.0.1_exploit.py https://github.com/VulDetailsPublication/Poc/tree/master/Tenda/AC9 https://github.com/WPO-Foundation/webpagetest/issues/820 @@ -114954,6 +116010,8 @@ https://github.com/WPO-Foundation/webpagetest/issues/838 https://github.com/WULINPIN/CVE/blob/main/JForum/poc.html https://github.com/WWBN/AVideo/security/advisories/GHSA-2mhh-27v7-3vcx https://github.com/WWBN/AVideo/security/advisories/GHSA-xr9h-p2rc-rpqm +https://github.com/WarmBrew/web_vul/blob/main/TTX.md +https://github.com/WazeHell/CVE-2018-6389 https://github.com/WebAssembly/binaryen/issues/1863 https://github.com/WebAssembly/binaryen/issues/1864 https://github.com/WebAssembly/binaryen/issues/1865 @@ -114976,6 +116034,7 @@ https://github.com/WebAssembly/wabt/issues/1992 https://github.com/WebAssembly/wabt/issues/2310 https://github.com/WebAssembly/wabt/issues/2311 https://github.com/Webklex/php-imap/security/advisories/GHSA-47p7-xfcc-4pv9 +https://github.com/Westbrookadmin/portfolioCMS/issues/1 https://github.com/Wh04m1001/CVE https://github.com/WhatCD/Gazelle/issues/111 https://github.com/WhatCD/Gazelle/issues/112 @@ -114984,6 +116043,8 @@ https://github.com/WhatCD/Gazelle/issues/114 https://github.com/WhereisRain/dir-815 https://github.com/WhereisRain/dir-815/blob/main/README.md https://github.com/WhoisZkuan/TOTOlink-A700RU +https://github.com/WillyXJ/facileManager/security/advisories/GHSA-h7w3-xv88-2xqj +https://github.com/WillyXJ/facileManager/security/advisories/GHSA-w67q-pp62-j4pf https://github.com/WithSecureLabs/megafeis-palm/tree/main/CVE-2022-45634 https://github.com/WithSecureLabs/megafeis-palm/tree/main/CVE-2022-45635 https://github.com/WithSecureLabs/megafeis-palm/tree/main/CVE-2022-45636 @@ -114991,13 +116052,20 @@ https://github.com/WithSecureLabs/megafeis-palm/tree/main/CVE-2022-45637 https://github.com/WizardMac/ReadStat/issues/108 https://github.com/Wocanilo/CVE-2019-14537 https://github.com/WodenSec/CVE-2022-46485 +https://github.com/WoodManGitHub/MyCVEs/blob/main/2024-REDAXO/RCE.md +https://github.com/WoodManGitHub/MyCVEs/blob/main/2024-REDAXO/XSS.md +https://github.com/WoodManGitHub/MyCVEs/blob/main/2024-Totolink/X6000R-Hardcoded-Password.md https://github.com/WordPress/WordPress/commit/4482f9207027de8f36630737ae085110896ea849 https://github.com/Wsecpro/cve1/blob/main/NS-ASG-sql-list_addr_fwresource_ip.md +https://github.com/WuKongOpenSource/WukongCRM-9.0-JAVA/issues/28 https://github.com/X-C3LL/PoC-CVEs/blob/master/Aircam-DoS/Aircam-DoS.py https://github.com/X-C3LL/PoC-CVEs/blob/master/CVE-2022-26952%20%26%20CVE-2022-26953/readme.md https://github.com/XC9409/CVE-2023-31634/blob/main/PoC https://github.com/XOOPS/XoopsCore25/issues/523 +https://github.com/XOS-Shop/xos_shop_system/issues/1 https://github.com/Xh4H/Satellian-CVE-2020-7980 +https://github.com/XiLitter/CMS_vulnerability-discovery/blob/main/CMSeasy_7.7.7.9_code_execution.md +https://github.com/Xin246/cms/blob/main/2.md https://github.com/XiphosResearch/exploits/tree/master/suiteshell https://github.com/Xithrius/twitch-tui/security/advisories/GHSA-779w-xvpm-78jx https://github.com/Xtraball/SiberianCMS/issues/217 @@ -115010,6 +116078,7 @@ https://github.com/YAFNET/YAFNET/security/advisories/GHSA-mg6p-jjff-7g5m https://github.com/YMFE/yapi/issues/2745 https://github.com/YTrick/vuln/blob/main/DIR-619L%20Buffer%20Overflow_1.md https://github.com/YXuanZ1216/cve/blob/main/sql.md +https://github.com/Yang-Nankai/Vulnerabilities/blob/main/DataCube3%20Shell%20Code%20Injection.md https://github.com/YavuzSahbaz/Red-Planet-Laundry-Management-System-1.0-is-vulnerable-to-SQL https://github.com/Yesec/-Doctor-s-Appointment-System/blob/main/SQL%20Injection%20in%20login.php/vuln.md https://github.com/Yesec/Free-Hospital-Management-System-for-Small-Practices/blob/main/SQL%20Injection%20in%20doctors.php/vuln.md @@ -115021,7 +116090,13 @@ https://github.com/Yesec/Inventory-Management-System/blob/main/SQL%20Injection%2 https://github.com/Yesec/Resort-Reservation-System/blob/main/SQL%20Injection%20in%20manage_user.php/vuln.md https://github.com/Yesec/Resort-Reservation-System/blob/main/SQL%20Injection%20in%20view_fee.php/vuln.md https://github.com/Yesec/Resort-Reservation-System/blob/main/local%20file%20inclusion/vuln.md +https://github.com/Ylianst/MeshCentral/security/advisories/GHSA-cp68-qrhr-g9h8 https://github.com/Yomguithereal/baobab/pull/511 +https://github.com/Yooooomi/your_spotify/security/advisories/GHSA-3782-758f-mj85 +https://github.com/Yooooomi/your_spotify/security/advisories/GHSA-c8wf-wcjc-2pvm +https://github.com/Yooooomi/your_spotify/security/advisories/GHSA-gvcr-g265-j827 +https://github.com/Yooooomi/your_spotify/security/advisories/GHSA-hfgf-99p3-6fjj +https://github.com/Yooooomi/your_spotify/security/advisories/GHSA-m5x2-6hjm-cggq https://github.com/YouPHPTube/YouPHPTube/issues/2202 https://github.com/Yozarseef95/CVE-2023-31594 https://github.com/Yozarseef95/CVE-2023-31595 @@ -115029,45 +116104,159 @@ https://github.com/Ysurac/FlightAirMap/issues/275 https://github.com/Yu1e/vuls/blob/main/Byzro%20Networks%20Smart%20S80%20management%20platform%20has%20rce%20vulnerability.md https://github.com/YuboZhaoo/IoT/blob/main/D-Link/DIR-619L/20240424.md https://github.com/Z3Prover/z3/issues/3363 +https://github.com/ZBWACD/CodeAudit/blob/master/rejucms_v2.1 +https://github.com/ZBWACD/CodeAudit/blob/master/rejucms_v2.1%20%20xss1 +https://github.com/ZIKH26/CVE-information/blob/master/TOTOLINK/Vulnerability%20Information_1.md +https://github.com/ZIKH26/CVE-information/blob/master/TOTOLINK/Vulnerability%20Information_2.md https://github.com/ZIllR0/Routers/blob/master/PHICOMM https://github.com/ZIllR0/Routers/blob/master/Tenda/heapoverflow1.md +https://github.com/ZIllR0/Routers/blob/master/Tenda/rce1.md https://github.com/ZIllR0/Routers/blob/master/Tenda/stack1.md https://github.com/ZIllR0/Routers/blob/master/Tenda/stack2.md +https://github.com/ZIllR0/Routers/blob/master/Tenda/stack3.md https://github.com/ZIllR0/Routers/blob/master/Tenda/stack4.md +https://github.com/ZIllR0/Routers/blob/master/Tendaoob1.md https://github.com/ZLMediaKit/ZLMediaKit/issues/1839 +https://github.com/ZackSecurity/VulnerReport/blob/cve/totolink/EX1800T/1.md https://github.com/Zarathustra-L/IoT_Vul/tree/main/D-Link/DIR-869 https://github.com/Zarathustra-L/IoT_Vul/tree/main/D-Link/DIR-879 https://github.com/ZerBea/hcxtools/issues/155 https://github.com/ZhenKaiHe/bug_report/blob/main/vendors/onetnom23/clinics-patient-management-system/XSS-1.md +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/EscanAV_POC/tree/master/0x830020E0_0x830020E4 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/EscanAV_POC/tree/master/0x830020F8 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/EscanAV_POC/tree/master/0x8300210C +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KSysCall_9A008084 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KSysCall_9A008088 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KSysCall_9A008090 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KSysCall_9A00813C +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KSysCall_9A0081DC +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KSysCall_9A0081E4 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KSysCall_9A008240 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KSysCall_9A00824C +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KSysCall_9A008254 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KSysCall_9A00825C +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KSysCall_9A008264 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KSysCall_9A008268 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KVFG_220400 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KVFG_220840 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KVFG_2208C0 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KVFG_221808 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KrnlCall_99008020 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KrnlCall_990081C8 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KrnlCall_99008208 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KrnlCall_99008210 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KrnlCall_99008224 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Malwarebytes_POC/tree/master/0x9C40E020 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Malwarebytes_POC/tree/master/0x9C40E024 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Malwarebytes_POC/tree/master/0x9c40e000 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Malwarebytes_POC/tree/master/0x9c40e004 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Malwarebytes_POC/tree/master/0x9c40e008 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Malwarebytes_POC/tree/master/0x9c40e00c +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Malwarebytes_POC/tree/master/0x9c40e014 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Malwarebytes_POC/tree/master/0x9c40e018 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Malwarebytes_POC/tree/master/0x9c40e02c +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/MaxSecureAntivirus_POC/tree/master/MaxCryptMon +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/MaxSecureAntivirus_POC/tree/master/MaxProtector32_0x220009 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/MaxSecureAntivirus_POC/tree/master/MaxProtector32_0x22000d +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/MaxSecureAntivirus_POC/tree/master/MaxProtector32_0x220011 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/MaxSecureAntivirus_POC/tree/master/MaxProtector32_220019 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/MaxSecureAntivirus_POC/tree/master/SDActMon +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Micropoint_POC/tree/master/mp110005/80000035 https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Micropoint_POC/tree/master/mp110005/80000038 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Micropoint_POC/tree/master/mp110005/8000010c https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Micropoint_POC/tree/master/mp110005/80000110 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Micropoint_POC/tree/master/mp110005/80000118 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Micropoint_POC/tree/master/mp110005/8000014c +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Micropoint_POC/tree/master/mp110009/0x80000170 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/SUPERAntiSpyware_POC/tree/master/0x9C40204c +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/SUPERAntiSpyware_POC/tree/master/0x9C402078 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/SUPERAntiSpyware_POC/tree/master/0x9C402080 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/SUPERAntiSpyware_POC/tree/master/0x9C402114_9C402124_9C40207c +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/SUPERAntiSpyware_POC/tree/master/0x9C402148 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/SUPERAntiSpyware_POC/tree/master/getshell +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/WatchDog_AntiMalware_POC/tree/master/0x80002010 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/WatchDog_AntiMalware_POC/tree/master/0x80002054 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/ZillyaAntivirus_POC/tree/master/0x9C402424 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/ZillyaAntivirus_POC/tree/master/0x9C40242C +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/nProtectAntivirus_POC/tree/master/TKFsAv_0x220458 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/nProtectAntivirus_POC/tree/master/TKFsAv_0x22045c +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/nProtectAntivirus_POC/tree/master/TKFsAv_0x220c20 +https://github.com/ZhiyuanWang-Chengdu-Qihoo360/nProtectAntivirus_POC/tree/master/TKRgFtXp_0x220408 https://github.com/ZipArchive/ZipArchive/issues/680 https://github.com/ZoneMinder/ZoneMinder/issues/1797 +https://github.com/ZoneMinder/zoneminder/security/advisories/GHSA-222j-wh8m-xjrx https://github.com/ZxDecide/Nginx-variants/blob/master/%E9%99%84%E4%BB%B6(Tengine).docx https://github.com/a2u/CVE-2018-7600 https://github.com/a932278490/ebcms/issues/1 +https://github.com/aaPanel/aaPanel/issues/74 https://github.com/aaronsvk https://github.com/aaronsvk/CVE-2020-3956 https://github.com/aaronsvk/CVE-2022-30075 +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/A18/fromSetWirelessRepeat_a.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC10/V16.03.10.13/formWanParameterSetting.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC10/V16.03.10.13/fromSetRouteStatic.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC10/V16.03.10.13/fromSetSysTime.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC10U/v1.V15.03.06.48/fromWizardHandle.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC10U/v1.V15.03.06.48/more/addWifiMacFilter_deviceMac.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC10U/v1.V15.03.06.48/more/formSetCfm.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC10U/v1.V15.03.06.48/more/formSetClientState.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC10U/v1.V15.03.06.48/more/formSetPPTPServer.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC10U/v1.V15.03.06.48/more/formSetSambaConf.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC10U/v1.V15.03.06.49/more/formSetDeviceName_mac.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC10U/v1.V15.03.06.49/more/formSetFirewallCfg.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC10U/v1.V15.03.06.49/more/formSetQosBand.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC10U/v1.V15.03.06.49/more/formWifiWpsStart.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC10U/v1.V15.03.06.49/more/formWriteFacMac.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC10U/v1.V15.03.06.49/more/fromSetRouteStatic.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC10U/v1.V15.03.06.49/more/setSchedWifi_start.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC15/V1.0%20V15.03.20_multi/SetSpeedWan.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC15/V1.0%20V15.03.20_multi/addWifiMacFilter_deviceId.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC15/V1.0%20V15.03.20_multi/formExpandDlnaFile.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC15/V1.0%20V15.03.20_multi/formQuickIndex.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC15/V1.0%20V15.03.20_multi/formSetFirewallCfg.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC15/V1.0%20V15.03.20_multi/formWifiWpsOOB.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC15/V1.0%20V15.03.20_multi/formWifiWpsStart.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC15/V1.0%20V15.03.20_multi/formWriteFacMac.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC15/V1.0%20V15.03.20_multi/form_fast_setting_wifi_set.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC15/V1.0%20V15.03.20_multi/fromDhcpListClient_page.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC15/V1.0%20V15.03.20_multi/fromSetSysTime.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC15/V1.0%20V15.03.20_multi/saveParentControlInfo_urls.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC15/V1.0%20V15.03.20_multi/setUsbUnload.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC15/V15.03.05.18/R7WebsSecurityHandler.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC15/V15.03.05.18/formSetSambaConf.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC15/V15.03.05.18/fromDhcpListClient_list1.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC15/V15.03.05.18/fromSysToolReboot.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC15/V15.03.05.18/fromSysToolRestoreSet.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC15/V15.03.05.18/fromWizardHandle.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC15/V15.03.05.18/saveParentControlInfo_urls.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC15/V15.03.05.18/setSmartPowerManagement.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/R7WebsSecurityHandler.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/SetSpeedWan.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/formExpandDlnaFile.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/formSetQosBand.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/formSetSambaConf.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/form_fast_setting_wifi_set.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/fromAddressNat_entrys.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/fromAddressNat_mitInterface.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/fromNatStaticSetting.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/fromSysToolReboot.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/fromSysToolRestoreSet.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/fromWizardHandle.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/setUsbUnload.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC500/R7WebsSecurityHandler.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC500/formQuickIndex.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC500/formSetCfm.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC500/formWriteFacMac.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC500/formexeCommand.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC500/formexecommand_cmdi.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC500/fromDhcpListClient_page.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC7/v1/GetParentControlInfo.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC7/v1/formQuickIndex.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC7/v1/fromSetWifiGusetBasic.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC7/v1/fromSetWirelessRepeat.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC7/v1/fromWizardHandle.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC7/v1/saveParentControlInfo_deviceId.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC7/v1/setSchedWifi.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC8/R7WebsSecurityHandler.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC8/formSetRebootTimer.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC8/fromAdvSetMacMtuWan.md @@ -115075,14 +116264,65 @@ https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AX/AX1803/formSetS https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AX/AX1806/R7WebsSecurityHandler.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AX/AX1806/formSetDeviceName_devName.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AX/AX1806/formSetRebootTimer.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F/F1202/formQuickIndex.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F/F1202/formSetCfm.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F/F1202/fromAddressNat_entrys.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F/F1202/fromAddressNat_mitInterface.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F/F1202/fromAddressNat_page.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F/F1202/fromNatlimit.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F/F1202/fromVirtualSer.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F/F1202/fromqossetting.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F/F1202/fromwebExcptypemanFilter.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F/F1203/formWanParameterSetting.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F/F1203/fromWizardHandle.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1202/addWifiMacFilter_deviceId.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1202/addWifiMacFilter_deviceMac.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1202/formQuickIndex.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1202/formSetCfm.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1202/formSetClientState.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1202/formSetDeviceName_devName.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1202/formSetDeviceName_deviceId.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1202/formWanParameterSetting.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1202/formWifiBasicSet_security.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1202/formWifiBasicSet_security_5g.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1202/formWriteFacMac.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1202/form_fast_setting_wifi_set.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1202/formexeCommand.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1202/fromAddressNat_entrys.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1202/fromAddressNat_mitInterface.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1202/fromAddressNat_page.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1202/fromWizardHandle.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1202/saveParentControlInfo_deviceId.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1202/saveParentControlInfo_time.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1202/saveParentControlInfo_urls.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1202/setSchedWifi_end.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1202/setSchedWifi_start.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1203/addWifiMacFilter_deviceMac.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1203/formWifiBasicSet_security.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1203/formWifiBasicSet_security_5g.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1203/fromDhcpListClient_list1.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1203/fromDhcpListClient_page.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1203/fromWizardHandle.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1203/saveParentControlInfo_deviceId.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1203/saveParentControlInfo_urls.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1203/setSchedWifi_end.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1203/setSchedWifi_start.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1205/GetParentControlInfo.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1205/formQuickIndex.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1205/formWanParameterSetting.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1205/formWifiBasicSet_security.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1205/formWifiBasicSet_security_5g.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1205/fromAddressNat_entrys.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1205/fromAddressNat_mitInterface.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1205/fromAddressNat_page.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1205/fromDhcpListClient_list1.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1205/fromDhcpListClient_page.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1205/fromWizardHandle.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1205/saveParentControlInfo_deviceId.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1205/saveParentControlInfo_time.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1205/saveParentControlInfo_urls.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1205/setSchedWifi_end.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1205/setSchedWifi_start.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/G3/4G300/sub_41E858_GO.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/G3/4G300/sub_422AA4.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/G3/4G300/sub_4260F0.md @@ -115111,8 +116351,14 @@ https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W20E/formSetRemote https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W30E/formSetCfm.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W30E/formWriteFacMac.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W30E/frmL7ProtForm.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W30E/fromAddressNat_page.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W30E/fromDhcpListClient_page.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W30E/fromNatlimit.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W30E/fromRouteStatic.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W30E/fromVirtualSer.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W30E/fromWizardHandle.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W30E/fromqossetting.md +https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W30E/fromwebExcptypemanFilter.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W9/formQosManageDouble_auto.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W9/formQosManageDouble_user.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W9/formwrlSSIDget.md @@ -115134,6 +116380,7 @@ https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/i/i21/formwrlSSIDs https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/i/i21/fromDhcpSetSer.md https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/i/i22/formSetUrlFilterRule.md https://github.com/abeluck/stegdetect/issues/10 +https://github.com/abetlen/llama-cpp-python/security/advisories/GHSA-56xg-wfcc-g829 https://github.com/abhiunix/Bus-Pass-Management-System-v1.0/blob/master/Directory%20listing/Report_Directory%20listing.pdf https://github.com/abhiunix/Bus-Pass-Management-System-v1.0/tree/master/Directory%20listing https://github.com/aclements/libelfin/issues/52 @@ -115148,6 +116395,7 @@ https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-010.md https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-011.md https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-012.md https://github.com/active-labs/Advisories/blob/master/2020/ACTIVE-2020-001.md +https://github.com/active-labs/Advisories/blob/master/2020/ACTIVE-2020-002.md https://github.com/active-labs/Advisories/blob/master/2020/ACTIVE-2020-003.md https://github.com/active-labs/Advisories/blob/master/2020/ACTIVE-2020-004.md https://github.com/active-labs/Advisories/blob/master/2020/ACTIVE-2020-005.md @@ -115171,6 +116419,9 @@ https://github.com/actuator/com.tcl.browser/blob/main/CWE-94.md https://github.com/actuator/cve/blob/main/CVE-2023-42469 https://github.com/actuator/cve/blob/main/CVE-2023-42470 https://github.com/actuator/cve/blob/main/CVE-2023-42471 +https://github.com/actuator/cve/blob/main/Hitron/CVE-2024-28089 +https://github.com/actuator/cve/blob/main/Hitron/Hitron_DOM_XSS_POC.gif +https://github.com/actuator/cve/blob/main/Hitron/Hitron_DOM_XSS_POC_DOS_ALT.gif https://github.com/actuator/imou/blob/main/com.dahua.imou.go-V1.0.11.md https://github.com/actuator/imou/blob/main/poc.apk https://github.com/actuator/wave.ai.browser/blob/main/CWE-94.md @@ -115178,28 +116429,45 @@ https://github.com/actuator/wave.ai.browser/blob/main/poc.apk https://github.com/actuator/yi/blob/main/CWE-319.md https://github.com/adeoluwa-adebiyi/Mikrotik-Router-Monitoring-System/issues/4 https://github.com/adhikara13/CVE-2023-38829-NETIS-WF2409E +https://github.com/adhikara13/CVE/blob/main/netis_MW5360/blind%20command%20injection%20in%20password%20parameter%20in%20initial%20settings.md https://github.com/adhikara13/CVE/blob/main/netis_N3/Improper%20Authentication%20Mechanism%20Leading%20to%20Denial-of-Service%20(DoS).md https://github.com/adhikara13/CVE/blob/main/netis_N3/blind%20command%20injection%20in%20ddnsDomainName%20parameter%20in%20Dynamic%20DNS%20setting.md https://github.com/adhikara13/CVE/blob/main/netis_N3/blind%20command%20injection%20in%20hostname%20parameter%20in%20wan%20settings.md https://github.com/adhikara13/CVE/blob/main/netis_N3/blind%20command%20injection%20in%20ntpServIP%20parameter%20in%20Time%20Settings%20.md https://github.com/adhikara13/CVE/blob/main/netis_N3/blind%20command%20injection%20in%20pin_host%20parameter%20in%20wps%20setting.md https://github.com/adhikara13/CVE/blob/main/netis_N3/buffer%20overflow%20in%20hostname%20parameter%20leads%20to%20DOS.md +https://github.com/adiapera/xss_create2_boidcms_2.1.0 +https://github.com/adiapera/xss_create_boidcms_2.1.0 +https://github.com/adiapera/xss_current_page_wondercms_3.4.3 +https://github.com/adiapera/xss_home_page_wondercms_3.4.3 https://github.com/adiapera/xss_language_cmsimple_5.15 https://github.com/adiapera/xss_language_cmsimple_5.15/blob/main/README.md +https://github.com/adiapera/xss_menu_page_wondercms_3.4.3 +https://github.com/adiapera/xss_security_wondercms_3.4.3 https://github.com/adilkhan7/CVE-2023-31664 https://github.com/advisories/GHSA-2m57-hf25-phgg +https://github.com/advisories/GHSA-3qx3-6hxr-j2ch +https://github.com/advisories/GHSA-5pq7-52mg-hr42 https://github.com/advisories/GHSA-66m2-493m-crh2 https://github.com/advisories/GHSA-8jxm-xp43-qh3q +https://github.com/advisories/GHSA-98hq-4wmw-98w9 +https://github.com/advisories/GHSA-9p43-hj5j-96h5 https://github.com/advisories/GHSA-c35q-ffpf-5qpm https://github.com/advisories/GHSA-cfc2-wr2v-gxm5 https://github.com/advisories/GHSA-qg8p-v9q4-gh34 +https://github.com/advisories/GHSA-qqhq-8r2c-c3f5 https://github.com/advisto/peel-shopping/issues/1 +https://github.com/advisto/peel-shopping/issues/3 https://github.com/advisto/peel-shopping/issues/4#issuecomment-953461611 +https://github.com/advplyr/audiobookshelf/security/advisories/GHSA-7j99-76cj-q9pg https://github.com/ae6e361b/taocms-XSS https://github.com/afaq1337/CVE-2021-35296 https://github.com/afaq1337/CVE-2022-36200 https://github.com/affix/CVE-2022-36231 https://github.com/afichet/openexr-viewer/security/advisories/GHSA-99jg-r3f4-rpxj +https://github.com/agambier/libsvg2/issues/2 +https://github.com/agambier/libsvg2/issues/3 +https://github.com/agambier/libsvg2/issues/4 https://github.com/agentejo/cockpit/issues/1310 https://github.com/agl/jbig2enc/issues/84 https://github.com/agl/jbig2enc/issues/85 @@ -115214,6 +116482,7 @@ https://github.com/ahrixia/CVE-2023-50072 https://github.com/aio-libs/aiohttp-session/issues/272 https://github.com/aio-libs/aiohttp-session/issues/325 https://github.com/aio-libs/aiohttp/issues/6772 +https://github.com/aio-libs/aiohttp/pull/8079 https://github.com/aio-libs/aiohttp/security/advisories/GHSA-gfw2-4jvh-wgfg https://github.com/aio-libs/aiohttp/security/advisories/GHSA-qvrw-v9rv-5rjx https://github.com/aio-libs/aiohttp/security/advisories/GHSA-xx9p-xxvh-7g8j @@ -115228,6 +116497,7 @@ https://github.com/aixiao0621/Tenda/blob/main/AC10U/3/0.md https://github.com/aixiao0621/Tenda/blob/main/AC10U/7/0.md https://github.com/aixiao0621/Tenda/blob/main/AC10U/8/0.md https://github.com/aixiao0621/Tenda/blob/main/AC10U/9/0.md +https://github.com/aknbg1thub/cve/blob/main/upload.md https://github.com/akrennmair/newsbeuter/commit/96e9506ae9e252c548665152d1b8968297128307 https://github.com/akrennmair/newsbeuter/issues/591 https://github.com/akshadjoshi/CVE-2023-38890 @@ -115239,18 +116509,28 @@ https://github.com/alexlang24/bloofoxCMS/issues/10 https://github.com/alexlang24/bloofoxCMS/issues/11 https://github.com/alexlang24/bloofoxCMS/issues/8 https://github.com/alexlang24/bloofoxCMS/issues/9 +https://github.com/alfio-event/alf.io/security/advisories/GHSA-5wcv-pjc6-mxvv +https://github.com/alfio-event/alf.io/security/advisories/GHSA-ffr5-g3qg-gp4f +https://github.com/alfio-event/alf.io/security/advisories/GHSA-gpmg-8f92-37cf +https://github.com/aliasrobotics/RVD/issues/1495 +https://github.com/aliasrobotics/RVD/issues/3316 https://github.com/alibaba/nacos/issues/4463 https://github.com/alipay/sofa-hessian/issues/34 https://github.com/alixiaowei/cve_test/issues/2 https://github.com/alixiaowei/cve_test/issues/3 https://github.com/ally-petitt/CVE-2023-40362 +https://github.com/ally-petitt/CVE-2024-27631 +https://github.com/ally-petitt/CVE-2024-29399 https://github.com/alorfm/vuln/blob/master/qibosoft_cross_Site_Scripting.md https://github.com/alt3kx/CVE-2019-10685 +https://github.com/alterebro/WeaselCMS/issues/6 https://github.com/alwentiu/COVIDSafe-CVE-2020-12856/blob/master/README.md https://github.com/aman05382/movie_ticket_booking_system_php/issues/2 https://github.com/aman05382/movie_ticket_booking_system_php/issues/3 https://github.com/aman05382/movie_ticket_booking_system_php/issues/4 https://github.com/amdsyad/poc-dump/blob/main/Stored%20XSS%20in%20name%20parameter%20in%20Centreon%20version%2022.04.0 +https://github.com/ampache/ampache/security/advisories/GHSA-g7hx-hm68-f639 +https://github.com/ampache/ampache/security/advisories/GHSA-prw2-7cr3-5mx8 https://github.com/amplafi/htmlcleaner/issues/13 https://github.com/an0ry/advisories/blob/main/CVE-2020-17381.md https://github.com/andreas83/SocialNetwork/issues/84 @@ -115301,9 +116581,20 @@ https://github.com/anhdq201/webtareas/issues/5 https://github.com/anhdq201/webtareas/issues/6 https://github.com/anhdq201/webtareas/issues/7 https://github.com/anhdq201/webtareas/issues/8 +https://github.com/anhkgg/poc/tree/master/2345%20security%20guard/2345BdPcSafe.sys-x64-0x0022204C +https://github.com/anhkgg/poc/tree/master/2345%20security%20guard/2345BdPcSafe.sys-x64-0x00222050 +https://github.com/anhkgg/poc/tree/master/2345%20security%20guard/2345BdPcSafe.sys-x64-0x00222088 +https://github.com/anhkgg/poc/tree/master/2345%20security%20guard/2345BdPcSafe.sys-x64-0x002220E4 https://github.com/anhkgg/poc/tree/master/2345%20security%20guard/2345BdPcSafe.sys-x64-0x002220e0 +https://github.com/anhkgg/poc/tree/master/2345%20security%20guard/2345BdPcSafe.sys-x64-0x00222100 +https://github.com/anhkgg/poc/tree/master/2345%20security%20guard/2345BdPcSafe.sys-x64-0x00222104 https://github.com/anhkgg/poc/tree/master/2345%20security%20guard/2345BdPcSafe.sys-x64-0x00222548 +https://github.com/anhkgg/poc/tree/master/2345%20security%20guard/2345BdPcSafe.sys-x64-0x00222550 +https://github.com/anhkgg/poc/tree/master/2345%20security%20guard/2345NetFirewall.sys-0x00222014 +https://github.com/anhkgg/poc/tree/master/2345%20security%20guard/2345NetFirewall.sys-0x00222040 +https://github.com/anhkgg/poc/tree/master/2345%20security%20guard/2345NsProtect.sys-x64-0x8000200D https://github.com/anhkgg/poc/tree/master/2345%20security%20guard/2345NsProtect.sys-x64-0x80002019 +https://github.com/anji-plus/report/files/15363269/aj-report.pdf https://github.com/anmolksachan/CVE-2021-27190-PEEL-Shopping-cart-9.3.0-Stored-XSS https://github.com/ansible/ansible-modules-extras/pull/1941 https://github.com/ansible/ansible-modules-extras/pull/1941/commits/8c6fe646ee79f5e55361b885b7efed5bec72d4a4 @@ -115330,13 +116621,19 @@ https://github.com/anx0ing/CVE_demo/blob/main/2022/Library%20Management%20System https://github.com/anx0ing/CVE_demo/blob/main/2022/Simple%20Food%20Ordering%20System-XSS.md https://github.com/apexcharts/apexcharts.js/pull/2158 https://github.com/appneta/tcpreplay/issues/278 +https://github.com/appneta/tcpreplay/issues/477 +https://github.com/appneta/tcpreplay/issues/485 +https://github.com/appneta/tcpreplay/issues/486 +https://github.com/appneta/tcpreplay/issues/530 https://github.com/appneta/tcpreplay/issues/536 https://github.com/appneta/tcpreplay/issues/537 https://github.com/appneta/tcpreplay/issues/538 https://github.com/appneta/tcpreplay/issues/556 https://github.com/appneta/tcpreplay/issues/576 +https://github.com/appneta/tcpreplay/issues/579 https://github.com/appneta/tcpreplay/issues/616 https://github.com/appneta/tcpreplay/issues/617 +https://github.com/appneta/tcpreplay/issues/687 https://github.com/appneta/tcpreplay/issues/716 https://github.com/appneta/tcpreplay/issues/717 https://github.com/appneta/tcpreplay/issues/718 @@ -115347,7 +116644,12 @@ https://github.com/appneta/tcpreplay/issues/736 https://github.com/appneta/tcpreplay/issues/787 https://github.com/appneta/tcpreplay/issues/813 https://github.com/arachnys/cabot/pull/694 +https://github.com/arbahayoub/POC/blob/master/itop_command_injection_1.txt +https://github.com/argoproj/argo-cd/security/advisories/GHSA-2vgg-9h6w-m454 +https://github.com/argoproj/argo-cd/security/advisories/GHSA-6v85-wr92-q4p7 https://github.com/argoproj/argo-cd/security/advisories/GHSA-9766-5277-j5hr +https://github.com/argoproj/argo-cd/security/advisories/GHSA-x32m-mvfj-52xv +https://github.com/argoproj/argo-workflows/issues/6441 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/armink/struct2json/issues/13 https://github.com/arrow-kt/ank/issues/35 @@ -115360,15 +116662,20 @@ https://github.com/arvidn/libtorrent/issues/2099 https://github.com/aslanemre/CVE-2020-29364/blob/main/CVE-2020-29364 https://github.com/assimp/assimp/issues/4286 https://github.com/assimp/assimp/issues/4662 +https://github.com/asterisk/asterisk/security/advisories/GHSA-qqxj-v78h-hrf9 https://github.com/astropy/astropy/security/advisories/GHSA-h2x6-5jx5-46hf https://github.com/atredispartners/advisories/blob/master/ATREDIS-2020-0004.md https://github.com/atredispartners/advisories/blob/master/ATREDIS-2022-0001.md https://github.com/atredispartners/advisories/blob/master/ATREDIS-2023-0003.md https://github.com/atutor/ATutor/issues/129 https://github.com/atutor/ATutor/issues/135 +https://github.com/auracms/AuraCMS/issues/3 https://github.com/auth0/node-jsonwebtoken/commit/e1fa9dcc12054a8681db4e6373da1b30cf7016e3 https://github.com/avo-hq/avo/security/advisories/GHSA-86h2-2g4g-29qx +https://github.com/avo-hq/avo/security/advisories/GHSA-g8vp-2v5p-9qfh +https://github.com/avo-hq/avo/security/advisories/GHSA-ghjv-mh6x-7q6h https://github.com/awake1t/linglong +https://github.com/awslabs/aws-js-s3-explorer/issues/118 https://github.com/axiomatic-systems/Bento4/files/9640968/Bug_1_POC.zip https://github.com/axiomatic-systems/Bento4/files/9653209/poc_Bento4.zip https://github.com/axiomatic-systems/Bento4/files/9658653/POC_avcinfo_15644345.zip @@ -115389,7 +116696,16 @@ https://github.com/axiomatic-systems/Bento4/issues/185 https://github.com/axiomatic-systems/Bento4/issues/187 https://github.com/axiomatic-systems/Bento4/issues/188 https://github.com/axiomatic-systems/Bento4/issues/190 +https://github.com/axiomatic-systems/Bento4/issues/204 +https://github.com/axiomatic-systems/Bento4/issues/233 +https://github.com/axiomatic-systems/Bento4/issues/289 +https://github.com/axiomatic-systems/Bento4/issues/291 +https://github.com/axiomatic-systems/Bento4/issues/292 +https://github.com/axiomatic-systems/Bento4/issues/341 https://github.com/axiomatic-systems/Bento4/issues/342 +https://github.com/axiomatic-systems/Bento4/issues/343 +https://github.com/axiomatic-systems/Bento4/issues/345 +https://github.com/axiomatic-systems/Bento4/issues/350 https://github.com/axiomatic-systems/Bento4/issues/351 https://github.com/axiomatic-systems/Bento4/issues/354 https://github.com/axiomatic-systems/Bento4/issues/355 @@ -115399,6 +116715,7 @@ https://github.com/axiomatic-systems/Bento4/issues/363 https://github.com/axiomatic-systems/Bento4/issues/364 https://github.com/axiomatic-systems/Bento4/issues/366 https://github.com/axiomatic-systems/Bento4/issues/374 +https://github.com/axiomatic-systems/Bento4/issues/390 https://github.com/axiomatic-systems/Bento4/issues/408 https://github.com/axiomatic-systems/Bento4/issues/413 https://github.com/axiomatic-systems/Bento4/issues/414 @@ -115417,6 +116734,7 @@ https://github.com/axiomatic-systems/Bento4/issues/540 https://github.com/axiomatic-systems/Bento4/issues/545 https://github.com/axiomatic-systems/Bento4/issues/615 https://github.com/axiomatic-systems/Bento4/issues/616 +https://github.com/axiomatic-systems/Bento4/issues/643 https://github.com/axiomatic-systems/Bento4/issues/677 https://github.com/axiomatic-systems/Bento4/issues/691 https://github.com/axiomatic-systems/Bento4/issues/702 @@ -115446,46 +116764,84 @@ https://github.com/axiomatic-systems/Bento4/issues/802 https://github.com/axiomatic-systems/Bento4/issues/806 https://github.com/axiomatic-systems/Bento4/issues/812 https://github.com/axiomatic-systems/Bento4/issues/840 +https://github.com/axiomatic-systems/Bento4/issues/841 https://github.com/axiomatic-systems/Bento4/issues/842 +https://github.com/axiomatic-systems/Bento4/issues/844 +https://github.com/axiomatic-systems/Bento4/issues/872 +https://github.com/axiomatic-systems/Bento4/issues/873 +https://github.com/axiomatic-systems/Bento4/issues/874 +https://github.com/axiomatic-systems/Bento4/issues/919 +https://github.com/axiomatic-systems/Bento4/issues/937 https://github.com/axiomatic-systems/Bento4/issues/939 https://github.com/axiomatic-systems/Bento4/issues/941 https://github.com/axiomatic-systems/bento4/issues/408 https://github.com/axiomatic-systems/bento4/issues/409 https://github.com/azukaar/Cosmos-Server/security/advisories/GHSA-hpvm-x7m8-3c6x +https://github.com/b-hermes/vulnerability-research/blob/main/CVE-2024-27703/README.md +https://github.com/b-hermes/vulnerability-research/blob/main/CVE-2024-27706/README.md +https://github.com/b-hermes/vulnerability-research/tree/main/CVE-2024-28435 https://github.com/b17fr13nds/MPlayer_cve_poc https://github.com/b1ackc4t/MarsCTF/issues/10 +https://github.com/b51s77/cve/blob/main/sql.md https://github.com/badboycxcc/SolarView_Compact_6.0_xss https://github.com/badboycxcc/nuuo-xss/blob/main/README.md https://github.com/badru8612/CuppaCMS-Authenticated-LFI-Vulnerability +https://github.com/bagesoft/bagecms/issues/2 https://github.com/bagesoft/bagecms/issues/5 https://github.com/baigoStudio/baigoCMS/issues/7 https://github.com/baigoStudio/baigoCMS/issues/8 https://github.com/baigoStudio/baigoCMS/issues/9 https://github.com/baigoStudio/baigoSSO/issues/13 https://github.com/baijiacms/baijiacmsV4/issues/2 +https://github.com/baijiacms/baijiacmsV4/issues/7 https://github.com/baker221/poc-xpdf https://github.com/balderdashy/sails/issues/7209 https://github.com/balloonwj/flamingo/issues/47 https://github.com/balloonwj/flamingo/issues/48 +https://github.com/baptisteArno/typebot.io/security/advisories/GHSA-mx2f-9mcr-8j73 https://github.com/barneycarroll/npm-dependency-versions/issues/6 +https://github.com/bayuncao/vul-cve-16/tree/main/PoC.pkl +https://github.com/bayuncao/vul-cve-5/blob/main/poc.py +https://github.com/bayuncao/vul-cve-6/blob/main/poc.py https://github.com/bazad/ctl_ctloutput-leak +https://github.com/bbalet/jorani/issues/254 https://github.com/bbatsov/rubocop/issues/4336 +https://github.com/bbbrumley/portsmash https://github.com/bbengfort/confire/issues/24 https://github.com/bcit-ci/CodeIgniter/issues/4020 https://github.com/bcit-ci/CodeIgniter/issues/4963 +https://github.com/bearman113/1.md/blob/main/16/csrf.md +https://github.com/bearman113/1.md/blob/main/17/csrf.md +https://github.com/bearman113/1.md/blob/main/18/csrf.md +https://github.com/bearman113/1.md/blob/main/19/csrf.md +https://github.com/bearman113/1.md/blob/main/20/csrf.md +https://github.com/bearman113/1.md/blob/main/21/csrf.md +https://github.com/bearman113/1.md/blob/main/22/csrf.md +https://github.com/bearman113/1.md/blob/main/23/csrf.md +https://github.com/bearman113/1.md/blob/main/24/csrf.md +https://github.com/bearman113/1.md/blob/main/25/csrf.md +https://github.com/bearman113/1.md/blob/main/26/csrf.md +https://github.com/bearman113/1.md/blob/main/27/csrf.md +https://github.com/becpn/mozilocms https://github.com/beego/beego/issues/4484 https://github.com/beekeeper-studio/beekeeper-studio/issues/1393 https://github.com/beerpwn/CVE/blob/master/cms_made_simple_2021/file_upload_RCE/File_upload_to_RCE.md https://github.com/beerpwn/CVE/blob/master/cms_made_simple_2021/sqli_order_by/CMS-MS-SQLi-report.md +https://github.com/beerpwn/CVE/tree/master/WP-File-Upload_disclosure_report/ https://github.com/beerpwn/ctf/blob/master/CVE/CVE-2019-13571/report.pdf https://github.com/beerpwn/ctf/tree/master/CVE/CVE-2019-13571 https://github.com/bellard/quickjs/issues/178 https://github.com/bellard/quickjs/issues/277 +https://github.com/beraoudabdelkhalek/research/tree/main/CVEs/CVE-2024-0720 https://github.com/bernardofsr/CVEs-With-PoC/blob/main/PoCs/Form%20Tools/README.md https://github.com/bettershop/LaikeTui/issues/8 https://github.com/beyond7176/njiandan-cms/issues/1 https://github.com/bg5sbk/MiniCMS/issues/14 +https://github.com/bg5sbk/MiniCMS/issues/15 https://github.com/bg5sbk/MiniCMS/issues/20 +https://github.com/bg5sbk/MiniCMS/issues/21 +https://github.com/bg5sbk/MiniCMS/issues/22 +https://github.com/bg5sbk/MiniCMS/issues/25 https://github.com/bg5sbk/MiniCMS/issues/29 https://github.com/bg5sbk/MiniCMS/issues/31 https://github.com/bg5sbk/MiniCMS/issues/32 @@ -115493,6 +116849,9 @@ https://github.com/bg5sbk/MiniCMS/issues/45 https://github.com/bhaveshkush007/CVEs/blob/main/CVE-2023-27073.txt https://github.com/bi7s/CVE/blob/master/CVE-2019-15943/README.md https://github.com/bi7s/CVE/tree/master/CVE-2019-16294 +https://github.com/biantaibao/cms/blob/main/1.md +https://github.com/biantaibao/octopus_SQL2/blob/main/report.md +https://github.com/biantaibao/snow_SQL/blob/main/report.md https://github.com/bigb0x/CVEs/blob/main/Inout-Homestay-2-2-sqli.md https://github.com/bigbigbigbaby/cms2/blob/main/1.md https://github.com/bigric3/poc @@ -115512,9 +116871,13 @@ https://github.com/bigtreecms/BigTree-CMS/issues/296 https://github.com/bigtreecms/BigTree-CMS/issues/297 https://github.com/bigtreecms/BigTree-CMS/issues/298 https://github.com/bigtreecms/BigTree-CMS/issues/323 +https://github.com/bigtreecms/BigTree-CMS/issues/327 +https://github.com/bigtreecms/BigTree-CMS/issues/333 +https://github.com/bigtreecms/BigTree-CMS/issues/342 https://github.com/bigtreecms/BigTree-CMS/issues/364 https://github.com/bigtreecms/BigTree-CMS/issues/392 https://github.com/bitfu/sricam-gsoap2.8-dos-exploit +https://github.com/bitfu/uc-httpd-1.0.0-buffer-overflow-exploit https://github.com/bitovi/launchpad/pull/124 https://github.com/bitwarden/jslib/issues/52 https://github.com/blackarrowsec/advisories/tree/master/2019/CVE-2019-18956 @@ -115522,6 +116885,8 @@ https://github.com/blackarrowsec/advisories/tree/master/2020/CVE-2020-12606 https://github.com/blackarrowsec/advisories/tree/master/2020/CVE-2020-28657 https://github.com/blackarrowsec/advisories/tree/master/2020/CVE-2020-35577 https://github.com/blackarrowsec/advisories/tree/master/2021/CVE-2021-33208 +https://github.com/blackarrowsec/advisories/tree/master/2021/CVE-2021-33523 +https://github.com/blackarrowsec/advisories/tree/master/2021/CVE-2021-33581 https://github.com/blackarrowsec/advisories/tree/master/2022/CVE-2022-43216 https://github.com/blackjliuyun/cvetest/issues/1 https://github.com/blacksmithgu/obsidian-dataview/issues/615 @@ -115569,10 +116934,13 @@ https://github.com/boiteasite/cmsuno/issues/15 https://github.com/boku7/CVE-2020-23839 https://github.com/brackeen/ok-file-formats/issues/11 https://github.com/brackeen/ok-file-formats/issues/12 +https://github.com/brackeen/ok-file-formats/issues/13 https://github.com/brackeen/ok-file-formats/issues/15 https://github.com/brackeen/ok-file-formats/issues/17 https://github.com/brackeen/ok-file-formats/issues/18 https://github.com/brackeen/ok-file-formats/issues/19 +https://github.com/brackeen/ok-file-formats/issues/5 +https://github.com/brackeen/ok-file-formats/issues/6 https://github.com/brackeen/ok-file-formats/issues/7 https://github.com/brackeen/ok-file-formats/issues/8 https://github.com/brandon-t-elliott/CVE-2023-49438 @@ -115581,13 +116949,20 @@ https://github.com/brave/browser-laptop/issues/5007 https://github.com/breaktoprotect/CVE-2017-12615 https://github.com/breaktoprotect/CVE-2017-16778-Intercom-DTMF-Injection https://github.com/brechtsanders/xlsxio/issues/121 +https://github.com/brefphp/bref/security/advisories/GHSA-82vx-mm6r-gg8w +https://github.com/brefphp/bref/security/advisories/GHSA-99f9-gv72-fw9r +https://github.com/brefphp/bref/security/advisories/GHSA-j4hq-f63x-f39r +https://github.com/brefphp/bref/security/advisories/GHSA-x4hh-frx8-98r5 https://github.com/brendan-duncan/archive/issues/266 https://github.com/brianmario/yajl-ruby/issues/176 +https://github.com/brycebaril/node-flatnest/issues/4 https://github.com/bsmali4/cve/blob/master/CMS%20Made%20Simple%20Stored%20XSS.md https://github.com/bsmali4/cve/blob/master/CMS%20Made%20Simple%20UPLOAD%20FILE%20XSS.md https://github.com/butterflyhack/anchorcms-0.12.7-CSRF https://github.com/buxu/bug/issues/2 https://github.com/bytecodealliance/wasm-micro-runtime/issues/2726 +https://github.com/bytecodealliance/wasm-micro-runtime/issues/3346 +https://github.com/bytecodealliance/wasm-micro-runtime/issues/3347 https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23345 https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23346 https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23347 @@ -115596,24 +116971,38 @@ https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23349 https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23350 https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23352 https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-26281 +https://github.com/c0d3x27/CVEs/blob/main/CVE-2024-23054/README.md +https://github.com/c0d3x27/CVEs/blob/main/CVE-2024-26542/README.md +https://github.com/c0d3x27/CVEs/tree/main/CVE-2024-23055 +https://github.com/c0d3x27/CVEs/tree/main/CVE-2024-23756 https://github.com/c0n5n3d/CVE-2021-43657/blob/main/Info.txt https://github.com/c2dc/cve-reported/blob/main/CVE-2023-6580/CVE-2023-6580.md +https://github.com/c2dc/cve-reported/blob/main/CVE-2024-0769/CVE-2024-0769.md https://github.com/c53elyas/CVE-2023-33733 https://github.com/c610/free/ https://github.com/c610/tmp/blob/master/aRtiCE.py https://github.com/c610/tmp/blob/master/zenload4patreons.zip https://github.com/cBioPortal/cbioportal/issues/8680 +https://github.com/cacalabs/libcaca/issues/53 https://github.com/cacalabs/libcaca/issues/54 https://github.com/cacalabs/libcaca/issues/65 https://github.com/cachethq/cachet/security/advisories/GHSA-hv79-p62r-wg3p https://github.com/caffeinated-labs/CVE-2023-36644 +https://github.com/cainiao159357/x5000r_poc/blob/main/README.md +https://github.com/caiteli/poc_information/blob/main/southsoft_GMIS.txt +https://github.com/caiteli/poc_information/issues/1 +https://github.com/caokang/waimai/issues/2 https://github.com/caoyebo/CVE/tree/main/Dlink%20816%20-%20CVE-2023-24331 https://github.com/caoyebo/CVE/tree/main/TENDA%20AC23%20-%20CVE-2023-24334 https://github.com/caoyebo/CVE/tree/main/Tenda%20AC6%20-%20CVE-2023-24332 https://github.com/caoyebo/CVE/tree/main/dlink%20882%20-%20CVE-2023-24330 +https://github.com/capture0x/CSZ_CMS +https://github.com/capture0x/Phoenix https://github.com/cardgate/magento2/issues/54 https://github.com/cardgate/woocommerce/issues/18 https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-cf3w-g86h-35x4 +https://github.com/carsonchan12345/CVE-2024-35475 +https://github.com/carsonchan12345/OpenKM-CSRF-PoC https://github.com/casdoor/casdoor/issues/1171 https://github.com/casdoor/casdoor/issues/439 https://github.com/casdoor/casdoor/pull/442 @@ -115625,6 +117014,7 @@ https://github.com/cby234/zzcms/issues/2 https://github.com/cby234/zzcms/issues/3 https://github.com/cby234/zzcms/issues/4 https://github.com/cby234/zzcms/issues/5 +https://github.com/cc-crack/router/blob/master/CNVD-2018-04520.py https://github.com/cc-crack/router/blob/master/CNVD-2018-04521.py https://github.com/cc-crack/router/blob/master/motocx2.md https://github.com/cc-tweaked/CC-Tweaked/security/advisories/GHSA-7p4w-mv69-2wm2 @@ -115632,7 +117022,9 @@ https://github.com/cccaaasser/1CRM-CVE/blob/master/CVE-2019-14221.md https://github.com/ccxvii/mujs/issues/133 https://github.com/ccxvii/mujs/issues/134 https://github.com/ccxvii/mujs/issues/136 +https://github.com/ccxvii/mujs/issues/148 https://github.com/ccxvii/mujs/issues/161 +https://github.com/cdfan/my-admin/issues/3 https://github.com/cebe/markdown/issues/166 https://github.com/cebe/markdown/issues/166#issuecomment-508230493 https://github.com/ceng-yildirim/LFI-processwire @@ -115640,14 +117032,62 @@ https://github.com/centreon/centreon/security/policy https://github.com/cesanta/mjs/issues/135 https://github.com/cesanta/mjs/issues/136 https://github.com/cesanta/mjs/issues/158 +https://github.com/cesanta/mjs/issues/159 https://github.com/cesanta/mjs/issues/160 https://github.com/cesanta/mjs/issues/161 +https://github.com/cesanta/mjs/issues/162 +https://github.com/cesanta/mjs/issues/163 +https://github.com/cesanta/mjs/issues/164 https://github.com/cesanta/mjs/issues/165 +https://github.com/cesanta/mjs/issues/166 +https://github.com/cesanta/mjs/issues/167 +https://github.com/cesanta/mjs/issues/168 +https://github.com/cesanta/mjs/issues/169 +https://github.com/cesanta/mjs/issues/170 +https://github.com/cesanta/mjs/issues/175 +https://github.com/cesanta/mjs/issues/183 +https://github.com/cesanta/mjs/issues/184 +https://github.com/cesanta/mjs/issues/186 +https://github.com/cesanta/mjs/issues/187 +https://github.com/cesanta/mjs/issues/188 +https://github.com/cesanta/mjs/issues/189 +https://github.com/cesanta/mjs/issues/191 +https://github.com/cesanta/mjs/issues/193 +https://github.com/cesanta/mjs/issues/195 +https://github.com/cesanta/mjs/issues/196 +https://github.com/cesanta/mjs/issues/197 +https://github.com/cesanta/mjs/issues/198 +https://github.com/cesanta/mjs/issues/199 +https://github.com/cesanta/mjs/issues/200 +https://github.com/cesanta/mjs/issues/201 +https://github.com/cesanta/mjs/issues/202 +https://github.com/cesanta/mjs/issues/203 +https://github.com/cesanta/mjs/issues/204 +https://github.com/cesanta/mjs/issues/206 +https://github.com/cesanta/mjs/issues/208 +https://github.com/cesanta/mjs/issues/209 +https://github.com/cesanta/mjs/issues/210 +https://github.com/cesanta/mjs/issues/212 +https://github.com/cesanta/mjs/issues/213 +https://github.com/cesanta/mjs/issues/214 +https://github.com/cesanta/mjs/issues/215 +https://github.com/cesanta/mjs/issues/217 +https://github.com/cesanta/mjs/issues/218 +https://github.com/cesanta/mjs/issues/219 +https://github.com/cesanta/mjs/issues/220 +https://github.com/cesanta/mjs/issues/221 +https://github.com/cesanta/mjs/issues/224 +https://github.com/cesanta/mjs/issues/226 +https://github.com/cesanta/mjs/issues/228 +https://github.com/cesanta/mjs/issues/229 https://github.com/cesanta/mjs/issues/240 https://github.com/cesanta/mjs/issues/241 https://github.com/cesanta/mjs/issues/250 https://github.com/cesanta/mjs/issues/252 https://github.com/cesanta/mjs/issues/257 +https://github.com/cesanta/mjs/issues/286 +https://github.com/cesanta/mjs/issues/287 +https://github.com/cesanta/mjs/issues/288 https://github.com/ch0ing/vul/blob/main/WebRay.com.cn/Badminton%20Center%20Management%20System(XSS).md https://github.com/ch0ing/vul/blob/main/WebRay.com.cn/Company%20Website%20CMS(XSS).md https://github.com/ch0ing/vul/blob/main/WebRay.com.cn/Company%20Website%20CMS--.md @@ -115662,9 +117102,13 @@ https://github.com/chakra-core/ChakraCore/issues/6887 https://github.com/chakra-core/ChakraCore/issues/6888 https://github.com/chbrown/rfc6902/pull/76 https://github.com/che-my/fastadmin-tp6/issues/2 +https://github.com/chebuya/CVE-2024-30851-jasmin-ransomware-path-traversal-poc https://github.com/chekun/DiliCMS/issues/59 https://github.com/chekun/DiliCMS/issues/60 +https://github.com/chemcms/ChemCMS/issues/1 +https://github.com/chemcms/ChemCMS/issues/2 https://github.com/chenan224/webchess_sqli_poc +https://github.com/chendotjs/lotos/issues/7 https://github.com/chengcheng227/CVE-POC/blob/master/CVE-2019-15910.md https://github.com/chengcheng227/CVE-POC/blob/master/CVE-2019-15911.md https://github.com/chengcheng227/CVE-POC/blob/master/CVE-2019-15912_1.md @@ -115683,6 +117127,8 @@ https://github.com/cherryla/zzcms/blob/master/adv.php.md https://github.com/chjj/marked/issues/937 https://github.com/chocolate-doom/chocolate-doom/issues/1293 https://github.com/choregus/puppyCMS/issues/13 +https://github.com/chrisandoryan/vuln-advisory/blob/main/nJwt/CVE-2024-34273.md +https://github.com/chromiumembedded/cef/security/advisories/GHSA-3h3j-38xq-v7hh https://github.com/chshcms/cscms/issues/12#issue-1170440183 https://github.com/chshcms/cscms/issues/2 https://github.com/chshcms/cscms/issues/20#issue-1207634969 @@ -115705,11 +117151,13 @@ https://github.com/chshcms/cscms/issues/35#issue-1209058818 https://github.com/chshcms/cscms/issues/36#issue-1209060196 https://github.com/chshcms/cscms/issues/37 https://github.com/chshcms/cscms/issues/4 +https://github.com/chucrutis/CVE-2024-32369 https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt https://github.com/chunklhit/cve/blob/master/TRENDNet/TEW-820AP/01/README.md https://github.com/chunklhit/cve/blob/master/TRENDNet/TEW-820AP/05/README.md https://github.com/chunklhit/cve/blob/master/TRENDNet/TEW-820AP/07/README.md https://github.com/cilan2/iot/blob/main/4.md +https://github.com/cinecert/asdcplib/issues/138 https://github.com/ciph0x01/poc/blob/main/poc.html https://github.com/ciur/papermerge/issues/228 https://github.com/cjvnjde/google-translate-api-browser/security/advisories/GHSA-4233-7q5q-m7p6 @@ -115717,6 +117165,8 @@ https://github.com/ckolivas/lrzip/issues/108 https://github.com/ckolivas/lrzip/issues/163 https://github.com/ckolivas/lrzip/issues/164 https://github.com/ckolivas/lrzip/issues/165 +https://github.com/ckolivas/lrzip/issues/198 +https://github.com/ckolivas/lrzip/issues/199 https://github.com/ckolivas/lrzip/issues/206 https://github.com/ckolivas/lrzip/issues/246 https://github.com/ckolivas/lrzip/issues/66 @@ -115725,19 +117175,27 @@ https://github.com/ckolivas/lrzip/issues/68 https://github.com/ckolivas/lrzip/issues/69 https://github.com/ckolivas/lrzip/issues/70 https://github.com/ckolivas/lrzip/issues/71 +https://github.com/ckolivas/lrzip/issues/88 +https://github.com/ckolivas/lrzip/issues/90 +https://github.com/ckolivas/lrzip/issues/91 https://github.com/ckolivas/lrzip/issues/93 +https://github.com/ckolivas/lrzip/issues/95 +https://github.com/ckolivas/lrzip/issues/96 +https://github.com/cksgf/ServerManagement/issues/21 https://github.com/cl0udz/vulnerabilities/blob/master/cezerin-manipulate_order_information/README.md https://github.com/cl0udz/vulnerabilities/tree/master/pomelo-critical-state-manipulation https://github.com/clarkgrubb/data-tools/issues/7 https://github.com/claudiodangelis/qrcp/issues/223 https://github.com/claviska/simple-php-captcha/issues/16 https://github.com/clickbar/dot-diver/security/advisories/GHSA-9w5f-mw3p-pj47 +https://github.com/closethe/AG550QCN_CommandInjection_ql_atfwd/blob/main/README.md https://github.com/cloudflare/golz4/commit/199f5f7878062ca17a98e079f2dbe1205e2ed898 https://github.com/cloudwebsoft/ywoa/issues/25 https://github.com/cloudwu/pbc/issues/158 https://github.com/cnvs/canvas/issues/331 https://github.com/cobbler/cobbler/issues/1917 https://github.com/cobub/razor/issues/168 +https://github.com/cobub/razor/issues/178 https://github.com/cockpit-project/cockpit/issues/15077 https://github.com/codenotary/immudb/tree/master/docs/security/vulnerabilities/linear-fake https://github.com/coincoin7/Wireless-Router-Vulnerability/blob/master/Asus_DeleteOfflineClientOverflow.txt @@ -115747,6 +117205,7 @@ https://github.com/concrete5/concrete5-legacy/issues/1948 https://github.com/congcong9184-123/congcong9184-123.github.io/blob/master/74cms.docx https://github.com/congcong9184-123/congcong9184-123.github.io/blob/master/douphp_xss.docx https://github.com/contentful/the-example-app.py/issues/44 +https://github.com/contribsys/faktory/security/advisories/GHSA-x4hh-vjm7-g2jv https://github.com/convisoappsec/advisories/blob/master/2017/CONVISO-17-003.txt https://github.com/convos-chat/convos/issues/623 https://github.com/cooltey/C.P.Sub/issues/2 @@ -115760,6 +117219,7 @@ https://github.com/cpeggg/Netgear-upnpd-poc https://github.com/cq674350529/pocs_slides/blob/master/advisory/MikroTik/CVE-2020-20217/README.md https://github.com/cq674350529/pocs_slides/blob/master/advisory/MikroTik/CVE-2020-20230/README.md https://github.com/cq674350529/pocs_slides/blob/master/advisory/MikroTik/CVE-2020-20231/README.md +https://github.com/cq674350529/pocs_slides/blob/master/advisory/MikroTik/CVE-2020-20248/README.md https://github.com/cq674350529/pocs_slides/blob/master/advisory/MikroTik/CVE-2020-20249/README.md https://github.com/cq674350529/pocs_slides/blob/master/advisory/MikroTik/CVE-2020-20250/README.md https://github.com/cq674350529/pocs_slides/blob/master/advisory/MikroTik/CVE-2020-20252/README.md @@ -115771,12 +117231,15 @@ https://github.com/cq674350529/pocs_slides/blob/master/pocs/MikroTik/vul_ipsec/R https://github.com/cq674350529/pocs_slides/blob/master/pocs/MikroTik/vul_lcdstat_2/README.md https://github.com/cq674350529/pocs_slides/blob/master/pocs/MikroTik/vul_lcdstat_4/README.md https://github.com/cq674350529/pocs_slides/blob/master/pocs/MikroTik/vul_netwatch/README.md +https://github.com/cqliuke/cve/blob/main/sql.md +https://github.com/crafatar/crafatar/security/advisories/GHSA-5cxq-25mp-q5f2 https://github.com/craftcms/cms/security/advisories/GHSA-3wxg-w96j-8hq9 https://github.com/craftcms/cms/security/advisories/GHSA-6qjx-787v-6pxr https://github.com/craftcms/cms/security/advisories/GHSA-cjmm-x9x9-m2w5 https://github.com/craftcms/cms/security/advisories/GHSA-qcrj-6ffc-v7hq https://github.com/craftcms/cms/security/advisories/GHSA-qpgm-gjgf-8c2x https://github.com/craftcms/cms/security/advisories/GHSA-vqxf-r9ph-cc9c +https://github.com/crate/crate/security/advisories/GHSA-475g-vj6c-xf96 https://github.com/crater-invoice/crater/issues/1267 https://github.com/creditease-sec/insight/issues/42 https://github.com/cri-o/cri-o/security/advisories/GHSA-2cgq-h8xw-2v5j @@ -115787,8 +117250,10 @@ https://github.com/cryptonotefoundation/cryptonote/issues/172 https://github.com/cskaza/cszcms/issues/17 https://github.com/cskaza/cszcms/issues/28 https://github.com/cskaza/cszcms/issues/29 +https://github.com/cskaza/cszcms/issues/32 https://github.com/ctflearner/Android_Findings/blob/main/AndroidWeatherApp/Android_backup.md https://github.com/ctflearner/Android_Findings/blob/main/Musicshelf/Musicshelf_Manifest_issue.md +https://github.com/ctflearner/Android_Findings/blob/main/Musicshelf/Weak_Hashing_Algorithms.md https://github.com/ctflearner/Android_Findings/blob/main/Replify-Messenger/Backup.md https://github.com/ctflearner/Android_Findings/blob/main/Smartalarm/Backup.md https://github.com/ctflearner/Vulnerability/blob/main/Bank_Locker_Management_System/BLMS_XSS_IN_ADMIN_BROWSER.md @@ -115804,8 +117269,16 @@ https://github.com/ctflearner/Vulnerability/blob/main/WALLABAG/NAME-LIMIT.md https://github.com/ctripcorp/apollo/issues/2103 https://github.com/cugerQDHJ/cve/blob/main/rce.md https://github.com/cui2shark/cms/blob/main/CSRF%20exists%20at%20the%20creation%20location%20of%20the%20custom%20table.md +https://github.com/cui2shark/security/blob/main/(JFinalcms%20contact%20para)A%20stored%20cross-site%20scripting%20(XSS)%20vulnerability%20was%20discovered%20in%20Jfinalcms%20contact%20para.md +https://github.com/cui2shark/security/blob/main/A%20stored%20cross-site%20scripting%20(XSS)%20vulnerability%20was%20discovered%20in%20beetl-bbs%20post%20save.md https://github.com/cui2shark/security/blob/main/Added%20CSRF%20in%20Role%20Controller.md +https://github.com/cui2shark/security/blob/main/beetl-bbs%20-%20A%20reflected%20cross-site%20scripting%20(XSS)%20vulnerability%20was%20discovered%20in%20the%20search%20box.md +https://github.com/curl/curl/commit/f3a24d7916b9173c69a3e0ee790102993833d6c5 https://github.com/curlyboi/hashtopus/issues/63 +https://github.com/cvdyfbwa/IoT_LBT_Router/blob/main/generate_conf_router.md +https://github.com/cvdyfbwa/IoT_LBT_Router/blob/main/init_nvram.md +https://github.com/cvdyfbwa/IoT_LBT_Router/blob/main/setupEC20Apn.md +https://github.com/cvdyfbwa/IoT_LBT_Router/blob/main/updateCurAPlist.md https://github.com/cve-vul/vul/blob/master/FTPShell/FTPShell_Server_6.83_DOS.md https://github.com/cxong/tinydir/security/advisories/GHSA-jf5r-wgf4-qhxf https://github.com/cyb3r-n3rd/cve-request/blob/main/cve-poc-payload @@ -115883,9 +117356,14 @@ https://github.com/d4wner/Vulnerabilities-Report/blob/master/Professional-Servic https://github.com/d4wner/Vulnerabilities-Report/blob/master/Readymade-Video-Sharing-Script.md https://github.com/d4wner/Vulnerabilities-Report/blob/master/Responsive%20Realestate%20Script.md https://github.com/d4wner/Vulnerabilities-Report/blob/master/Single-Theater-Booking.md +https://github.com/d4wner/Vulnerabilities-Report/blob/master/SrbTransLatin.md https://github.com/d4wner/Vulnerabilities-Report/blob/master/Vanguard.md +https://github.com/d4wner/Vulnerabilities-Report/blob/master/booking-calendar.md +https://github.com/d4wner/Vulnerabilities-Report/blob/master/gd-rating-system.md https://github.com/d4wner/Vulnerabilities-Report/blob/master/piwigo.md https://github.com/d4wner/Vulnerabilities-Report/blob/master/ready-made-job-site-script.md +https://github.com/d4wner/Vulnerabilities-Report/blob/master/responsive-coming-soon-page.md +https://github.com/d4wner/Vulnerabilities-Report/blob/master/weblizar-pinterest-feeds.md https://github.com/d7x/CVE-2020-12432 https://github.com/da271133/cms/blob/main/29/csrf.md https://github.com/da271133/cms/blob/main/30/csrf.md @@ -115900,6 +117378,8 @@ https://github.com/dahua966/Routers-vuls/blob/master/DAP-1320/vuls_poc.md https://github.com/dahua966/Routers-vuls/blob/master/DIR-846/GuestWLanSetting_RCE.md https://github.com/dahua966/Routers-vuls/blob/master/DIR-846/vuls_info.md https://github.com/danieljiang0415/android_kernel_crash_poc +https://github.com/danpros/htmly/issues/462 +https://github.com/danswer-ai/danswer/security/advisories/GHSA-xr9w-3ggr-hr6j https://github.com/daodaoshao/vul_tenda_i6_1 https://github.com/daodaoshao/vul_tenda_i6_2 https://github.com/darkmentorllc/jackbnimble/blob/master/host/pocs/silabs_efr32_extadv_dos.py @@ -115907,37 +117387,59 @@ https://github.com/darkmentorllc/jackbnimble/blob/master/host/pocs/silabs_efr32_ https://github.com/darkmentorllc/jackbnimble/blob/master/host/pocs/ti_wl18xx_adv_rce.py https://github.com/datackmy/FallingSkies-CVE-2023-35885 https://github.com/datadancer/HIAFuzz/blob/master/360%20Phone%20N6%20Pro%20Kernel%20Vuln.md +https://github.com/datadancer/HIAFuzz/blob/master/CVE-2018-11019.md https://github.com/datadancer/HIAFuzz/blob/master/CVE-2018-11020.md +https://github.com/datadancer/HIAFuzz/blob/master/CVEs.md +https://github.com/datadancer/WinSysVuln/blob/main/DriverGenius-MyDrivers64.md https://github.com/datahub-project/datahub/security/advisories/GHSA-75p8-rgh2-r9mx https://github.com/datahub-project/datahub/security/advisories/GHSA-fg9x-wvqw-6gmw https://github.com/datahub-project/datahub/security/advisories/GHSA-vj59-23ww-p6c8 +https://github.com/davea42/libdwarf-code/blob/main/bugxml/data.txt https://github.com/davea42/libdwarf-code/issues/116 https://github.com/davea42/libdwarf-code/issues/119 https://github.com/davea42/libdwarf-code/issues/132 +https://github.com/daveismyname/simple-cms/issues/3 https://github.com/davesteele/gnome-gmail/issues/84 https://github.com/davidhalter/parso/issues/75 +https://github.com/daylightstudio/FUEL-CMS/issues/481 https://github.com/daylightstudio/FUEL-CMS/issues/559 https://github.com/daylightstudio/FUEL-CMS/issues/561 https://github.com/daylightstudio/FUEL-CMS/issues/575 https://github.com/daylightstudio/FUEL-CMS/issues/576 https://github.com/daylightstudio/FUEL-CMS/issues/578 +https://github.com/daylightstudio/FUEL-CMS/issues/579 https://github.com/daylightstudio/FUEL-CMS/issues/584 https://github.com/daylightstudio/FUEL-CMS/issues/595 https://github.com/dayrui/xunruicms/issues/1 https://github.com/dbry/WavPack/issues/121 https://github.com/dbry/WavPack/issues/26 +https://github.com/dbry/WavPack/issues/27 https://github.com/dbry/WavPack/issues/28 https://github.com/dbry/WavPack/issues/91 https://github.com/dbt-labs/dbt-core/security/advisories/GHSA-pmrx-695r-4349 https://github.com/dbyio/cve-2022-37298 +https://github.com/dd3x3r/enhavo/blob/main/html-injection-page-content-blockquote-author-v0.13.1.md +https://github.com/dd3x3r/enhavo/blob/main/xss-create-tag-v0.13.1.md +https://github.com/dd3x3r/enhavo/blob/main/xss-page-content-header-titel-v0.13.1.md +https://github.com/dd3x3r/enhavo/blob/main/xss-page-content-header-undertitel-v0.13.1.md +https://github.com/dead1nfluence/Leantime-POC/blob/main/README.md +https://github.com/delikely/advisory/tree/main/GARO https://github.com/delta/pragyan/issues/228 +https://github.com/denoland/deno/issues/12152 +https://github.com/denoland/deno/security/advisories/GHSA-6q4w-9x56-rmwq +https://github.com/denoland/deno/security/advisories/GHSA-wrqv-pf6j-mqjp +https://github.com/derf/feh/issues/709 +https://github.com/derf/feh/issues/712 https://github.com/derrekr/android_security/commit/0dd1a733e60cf5239c0a185d4219ba2ef1118a8b https://github.com/desencrypt/CVE/blob/main/CVE-2023-38910/Readme.md https://github.com/desencrypt/CVE/blob/main/CVE-2023-38911/Readme.md https://github.com/desencrypt/CVE/blob/main/CVE-2023-39599/Readme.md https://github.com/dest-3/CVE-2023-46012/tree/main https://github.com/devryan/GamePanelX-V3/issues/161 +https://github.com/dexter2206/ymlref/issues/2 https://github.com/dexterone/Vigor-poc +https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-hcvp-2cc7-jrwr +https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-pwgc-w4x9-gw67 https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/csrf_add_sub.md https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/csrf_delete_course.md https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/csrf_delete_notes.md @@ -115947,9 +117449,15 @@ https://github.com/dhabaleshwar/niv_testing_csrf/blob/main/exploit.md https://github.com/dhabaleshwar/niv_testing_rxss/blob/main/exploit.md https://github.com/dhammon/pfBlockerNg-CVE-2022-40624 https://github.com/dhananjay-bajaj/E107-v2.1.8-XSS-POC +https://github.com/dhananjay-bajaj/e107_2.1.8_csrf https://github.com/didi-zhiyuan/vuln/blob/main/iot/Tenda/W15EV1/formDelDnsForward.md https://github.com/didi-zhiyuan/vuln/blob/main/iot/Tenda/W15EV1/formDelWewifiPic.md https://github.com/didi-zhiyuan/vuln/blob/main/iot/Tenda/W15EV1/formWifiFilterRulesModify.md +https://github.com/dinhvh/libetpan/issues/420 +https://github.com/directus/directus/security/advisories/GHSA-fr3w-2p22-6w7p +https://github.com/directus/directus/security/advisories/GHSA-j3rg-3rgm-537h +https://github.com/dirk1983/chatgpt-wechat-personal/issues/4 +https://github.com/dirk1983/chatgpt/issues/114 https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs https://github.com/disintegration/imaging/issues/165 https://github.com/django-ses/django-ses/blob/3d627067935876487f9938310d5e1fbb249a7778/CVE/001-cert-url-signature-verification.md @@ -115961,7 +117469,9 @@ https://github.com/djcsdy/swfmill/issues/62 https://github.com/djcsdy/swfmill/issues/63 https://github.com/djcsdy/swfmill/issues/64 https://github.com/djcsdy/swfmill/issues/65 +https://github.com/dlitz/pycrypto/issues/253 https://github.com/docsifyjs/docsify/issues/1126 +https://github.com/dojo/dojo/security/advisories/GHSA-jxfh-8wgv-vfr2 https://github.com/dokuwiki/dokuwiki/issues/4267 https://github.com/dom96/httpbeast/issues/95 https://github.com/dom96/jester/issues/326 @@ -115973,16 +117483,33 @@ https://github.com/domainmod/domainmod/issues/83 https://github.com/domainmod/domainmod/issues/84 https://github.com/domainmod/domainmod/issues/86 https://github.com/domainmod/domainmod/issues/87 +https://github.com/domainmod/domainmod/issues/88 https://github.com/dompdf/dompdf/security/advisories/GHSA-3cw5-7cxw-v5qg https://github.com/dompdf/dompdf/security/advisories/GHSA-3qx2-6f78-w2j2 +https://github.com/dompdf/php-svg-lib/security/advisories/GHSA-f3qr-qr4x-j273 https://github.com/dompdf/php-svg-lib/security/advisories/GHSA-ff5x-7qg5-vwf2 https://github.com/dompdf/php-svg-lib/security/advisories/GHSA-jq98-9543-m4cr +https://github.com/doorgets/CMS/issues/11 +https://github.com/doorgets/CMS/issues/12 +https://github.com/doramart/DoraCMS/issues/136 https://github.com/doramart/DoraCMS/issues/256 https://github.com/dotCMS/core/issues/12131 https://github.com/dotnetcore/AgileConfig/issues/91 https://github.com/doublefast/yunucms/issues/1 +https://github.com/doudoudedi/D-LINK_Command_Injection1/blob/main/D-LINK_Command_injection.md +https://github.com/doudoudedi/DIR-846_Command_Injection/blob/main/DIR-846_Command_Injection1.md +https://github.com/doudoudedi/buffer_overflow/blob/main/Tenda%20AC6%20V4.0-Denial%20of%20Service%20Vulnerability.md https://github.com/doudoudedi/main-DIR-816_A1_Command-injection/blob/main/injection_A1.md https://github.com/doudoudedi/main-DIR-816_A2_Command-injection/blob/main/injection.md +https://github.com/dovankha/CVE-2024-34220 +https://github.com/dovankha/CVE-2024-34221 +https://github.com/dovankha/CVE-2024-34222 +https://github.com/dovankha/CVE-2024-34223 +https://github.com/dovankha/CVE-2024-34224 +https://github.com/dovankha/CVE-2024-34225 +https://github.com/dovankha/CVE-2024-34226 +https://github.com/dovankha/CVE-2024-35468 +https://github.com/dovankha/CVE-2024-35469 https://github.com/dpuenteramirez/XSS-ReferenceID-Subrion_4.2.1 https://github.com/draco1725/POC/blob/main/Exploit/Password%20Storage%20Application/XSS https://github.com/draco1725/POC/blob/main/Exploit/Simple%20Online%20Men's%20Salon%20Management%20System/SQL%20Injection @@ -115994,38 +117521,50 @@ https://github.com/draco1725/Stored-XSS/blob/main/poc https://github.com/draco1725/localpriv/blob/main/poc https://github.com/draco1725/vloggers/blob/main/poc https://github.com/drbye78/libgig/issues/1 +https://github.com/dreadlocked/ConceptronicIPCam_MultipleVulnerabilities/ +https://github.com/dreadlocked/netwave-dosvulnerability https://github.com/drewlong/vbully https://github.com/drewnoakes/metadata-extractor/issues/561 https://github.com/dromara/hertzbeat/security/advisories/GHSA-4576-m8px-w9qj https://github.com/dromara/hertzbeat/security/advisories/GHSA-rrc5-qpxr-5jm2 https://github.com/dromara/hutool/issues/3289 +https://github.com/dropbox/lepton/issues/112 https://github.com/dropbox/lepton/issues/154 https://github.com/dtorp06/jymusic/issues/1 https://github.com/dtschump/CImg/issues/184 +https://github.com/dtxharry/cve/blob/main/cve.md https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38870 https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38872 https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38874 https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38876 https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38879 https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38882 +https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2024-26470 +https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2024-26471 https://github.com/dumpling-soup/Online-Catering-Reservation-DT/blob/main/README.md https://github.com/dumpling-soup/Online-Catering-Reservation/blob/main/README.md https://github.com/dumpling-soup/Simple-Image-Gallery-Web-App/blob/main/README.md https://github.com/dutchcoders/transfer.sh/issues/500 https://github.com/duy-31/CVE-2023-51764 +https://github.com/dvidelabs/flatcc/issues/188 https://github.com/dweeves/magmi-git/issues/522 https://github.com/dwisiswant0/advisory/issues/18 https://github.com/dwisiswant0/advisory/issues/3 +https://github.com/dwisiswant0/advisory/issues/4 https://github.com/dwisiswant0/advisory/issues/5 https://github.com/dzflack/exploits/blob/master/unix/monit_buffer_overread.py https://github.com/eBPF-Research/eBPF-Attack/blob/main/PoC.md#attack-requirements https://github.com/eProsima/Fast-DDS/issues/3236 +https://github.com/eProsima/Fast-DDS/issues/4365 https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-2rq6-8j7x-frr9 https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-3jv9-j9x3-95cg +https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-53xw-465j-rxfh +https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-9m2j-qw67-ph4w https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-fcr6-x23w-94wp https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-gq8g-fj58-22gm https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-j297-rg6j-m7hx https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-mf55-5747-c4pv +https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-qcj9-939p-p662 https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-v5r6-8mvh-cp98 https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-x9pj-vrgf-f68f https://github.com/earth2sky/Disclosed/blob/main/CVE-2022-30519 @@ -116049,6 +117588,7 @@ https://github.com/edmarmoretti/i3geo/issues/5 https://github.com/eeenvik1/CVE-2023-51764 https://github.com/efchatz/easy-exploits/tree/main/Web/TP-Link/Offline-decryption https://github.com/efchatz/easy-exploits/tree/main/Web/TP-Link/Replay +https://github.com/efekaanakkar/CVE-2024-35511/blob/main/Men%20Salon%20Management%20System%20Using%20PHP%20and%20MySQL.md https://github.com/ehtec/phpipam-exploit https://github.com/ejdhssh/IOT_Vul https://github.com/ekultek/cve-2019-7216 @@ -116074,6 +117614,7 @@ https://github.com/emqx/nanomq/issues/1154 https://github.com/emqx/nanomq/issues/1155 https://github.com/emqx/nanomq/issues/1164 https://github.com/emqx/nanomq/issues/1165#issue-1668648319 +https://github.com/emqx/nanomq/issues/1165#issuecomment-1515667127 https://github.com/emqx/nanomq/issues/1181 https://github.com/emremulazimoglu/cve/blob/main/CWE330-TL-WA850RE-v6.md https://github.com/encode/starlette/security/advisories/GHSA-v5gw-mw7f-84px @@ -116088,11 +117629,16 @@ https://github.com/envoyproxy/envoy/security/advisories/GHSA-5375-pq35-hf2g https://github.com/envoyproxy/envoy/security/advisories/GHSA-69vr-g55c-v2v4 https://github.com/envoyproxy/envoy/security/advisories/GHSA-75hv-2jjj-89hh https://github.com/envoyproxy/envoy/security/advisories/GHSA-7mhv-gr67-hq55 +https://github.com/envoyproxy/envoy/security/advisories/GHSA-7wp5-c2vq-4f8m +https://github.com/envoyproxy/envoy/security/advisories/GHSA-g979-ph9j-5gg4 +https://github.com/envoyproxy/envoy/security/advisories/GHSA-g9mq-6v96-cpqc https://github.com/envoyproxy/envoy/security/advisories/GHSA-gxvv-x4p2-rppp https://github.com/envoyproxy/envoy/security/advisories/GHSA-h45c-2f94-prxh +https://github.com/envoyproxy/envoy/security/advisories/GHSA-hww5-43gv-35jv https://github.com/envoyproxy/envoy/security/advisories/GHSA-jfxv-29pc-x22r https://github.com/envoyproxy/envoy/security/advisories/GHSA-m4j9-86g3-8f49 https://github.com/envoyproxy/envoy/security/advisories/GHSA-mc6h-6j9x-v3gq +https://github.com/envoyproxy/envoy/security/advisories/GHSA-mgxp-7hhp-8299 https://github.com/envoyproxy/envoy/security/advisories/GHSA-pvgm-7jpg-pw5g https://github.com/envoyproxy/envoy/security/advisories/GHSA-rm2p-qvf6-pvr6 https://github.com/envoyproxy/envoy/security/advisories/GHSA-rww6-8h7g-8jf6 @@ -116104,6 +117650,7 @@ https://github.com/enzo1982/mp4v2/issues/36 https://github.com/enzo1982/mp4v2/issues/37 https://github.com/ephort/laravel-user-enumeration-demo https://github.com/epiphyt/embed-privacy/security/advisories/GHSA-3wv9-4rvf-w37g +https://github.com/epistemophilia/CVEs/blob/master/Epson-WorkForce-WF2861/CVE-2018-18959/poc-cve-2018-18959.py https://github.com/epistemophilia/CVEs/blob/master/Epson-WorkForce-WF2861/CVE-2018-18960/poc-cve-2018-18960.py https://github.com/epistemophilia/CVEs/blob/master/Epson-WorkForce-WF2861/CVE-2018-19232/poc-cve-2018-19232.py https://github.com/epistemophilia/CVEs/blob/master/Epson-WorkForce-WF2861/CVE-2018-19248/poc-cve-2018-19248.py @@ -116119,6 +117666,8 @@ https://github.com/erengozaydin/College-Management-System-course_code-SQL-Inject https://github.com/erengozaydin/Microfinance-Management-System-V1.0-SQL-Injection-Vulnerability-Unauthenticated https://github.com/erengozaydin/Royal-Event-Management-System-todate-SQL-Injection-Authenticated https://github.com/erikd/libsamplerate/issues/11 +https://github.com/erikd/libsndfile/issues/397 +https://github.com/erikd/libsndfile/issues/398 https://github.com/erikd/libsndfile/issues/427 https://github.com/erikd/libsndfile/issues/429 https://github.com/erikd/libsndfile/issues/456 @@ -116146,24 +117695,41 @@ https://github.com/esasadam06/Simple-CRUD-Functionality-SQLi-POC https://github.com/esnet/iperf/issues/1542 https://github.com/espeak-ng/espeak-ng/issues/1824 https://github.com/espeak-ng/espeak-ng/issues/1826 +https://github.com/esphome/esphome/security/advisories/GHSA-5925-88xh-6h99 +https://github.com/esphome/esphome/security/advisories/GHSA-8p25-3q46-8q2p +https://github.com/esphome/esphome/security/advisories/GHSA-9p43-hj5j-96h5 +https://github.com/espocrm/espocrm/issues/1038 +https://github.com/espocrm/espocrm/issues/1039 https://github.com/espocrm/espocrm/issues/1349 https://github.com/espocrm/espocrm/issues/1356 https://github.com/espocrm/espocrm/issues/1357 https://github.com/espocrm/espocrm/issues/1358 +https://github.com/espocrm/espocrm/security/advisories/GHSA-8gv6-8r33-fm7j https://github.com/espocrm/espocrm/security/advisories/GHSA-g955-rwxx-jvf6 https://github.com/espruino/Espruino/issues/1684 https://github.com/espruino/Espruino/issues/1799 https://github.com/espruino/Espruino/issues/1820 +https://github.com/espruino/Espruino/issues/2121 +https://github.com/espruino/Espruino/issues/2122 https://github.com/espruino/Espruino/issues/2142 +https://github.com/espruino/Espruino/issues/2457 https://github.com/ethancunt/CVE-2022-45599 https://github.com/ethancunt/CVE-2022-45600 https://github.com/ethereum/go-ethereum/pull/16891 +https://github.com/ethicalhackerNL/CVEs/blob/main/Budget%20Management/SQLi.md +https://github.com/ethicalhackerNL/CVEs/blob/main/Budget%20Management/XSS/XSS.md +https://github.com/ethyca/fides/security/advisories/GHSA-8cm5-jfj2-26q7 +https://github.com/ethyca/fides/security/advisories/GHSA-rcvg-jj3g-rj7c +https://github.com/evangelion1204/multi-ini/pull/37 +https://github.com/evanmiller/libxls/issues/34 +https://github.com/evanmiller/libxls/issues/35 https://github.com/evict/poc_CVE-2018-1002105 https://github.com/evildrummer/MyOwnCVEs/tree/main/CVE-2021-39458 https://github.com/evildrummer/MyOwnCVEs/tree/main/CVE-2021-39459 https://github.com/evildrummer/MyOwnCVEs/tree/main/CVE-2022-29347 https://github.com/evolution-cms/evolution/issues/1041 https://github.com/evolution-cms/evolution/issues/1042 +https://github.com/excalidraw/excalidraw/security/advisories/GHSA-m64q-4jqh-f72f https://github.com/exponentcms/exponent-cms/issues/73 https://github.com/extramaster/bchunk/issues/2 https://github.com/extramaster/bchunk/issues/3 @@ -116175,26 +117741,36 @@ https://github.com/eyoucms/eyoucms/issues/14 https://github.com/eyoucms/eyoucms/issues/17 https://github.com/eyoucms/eyoucms/issues/18 https://github.com/eyoucms/eyoucms/issues/19 +https://github.com/eyoucms/eyoucms/issues/21 https://github.com/eyoucms/eyoucms/issues/22 https://github.com/eyoucms/eyoucms/issues/24 https://github.com/eyoucms/eyoucms/issues/4 https://github.com/eyoucms/eyoucms/issues/5 https://github.com/eyoucms/eyoucms/issues/8 https://github.com/eyoucms/eyoucms/issues/9 +https://github.com/facebook/create-react-app/pull/10644 https://github.com/facebook/proxygen/pull/466 https://github.com/facelessuser/pymdown-extensions/security/advisories/GHSA-jh85-wwv9-24hv https://github.com/fail2ban/fail2ban/security/advisories/GHSA-m985-3f3v-cwmm +https://github.com/faisalfs10x/CVE-IDs/blob/main/2021/CVE-2021-37593/Proof_of_Concept.md https://github.com/faizzaidi/Admidio-3.2.8-CSRF-POC-by-Provensec-llc https://github.com/faizzaidi/Blackcat-cms-v1.2-xss-POC-by-Provensec-llc https://github.com/faizzaidi/TYPO3-v7.6.15-Unencrypted-Login-Request https://github.com/faizzaidi/Wolfcms-v0.8.3.1-xss-POC-by-Provensec-llc https://github.com/faizzaidi/Zurmo-Stable-3.1.1-XSS-By-Provensec-LLC https://github.com/fangqyi/cpiopwn +https://github.com/fanyibo2009/cscms/blob/master/v4.1%20csrf https://github.com/farliy-hacker/Doufoxcms/issues/1 https://github.com/fatcerberus/minisphere/commit/252c1ca184cb38e1acb917aa0e451c5f08519996 https://github.com/fatcerberus/minisphere/pull/268 +https://github.com/faucetsdn/ryu/issues/190 +https://github.com/faucetsdn/ryu/issues/191 +https://github.com/faucetsdn/ryu/issues/192 +https://github.com/faucetsdn/ryu/issues/194 +https://github.com/faucetsdn/ryu/issues/195 https://github.com/fbkcs/CVE-2021-35975 https://github.com/fdbao/UsualToolCMS/issues/1 +https://github.com/febinrev/tinyfilemanager-2.4.3-exploit/raw/main/exploit.sh https://github.com/federella/CVE-2023-41717 https://github.com/feric/Findings/tree/main/Hiby/Web%20Server/File%20uploading https://github.com/feross/bittorrent-dht/issues/87 @@ -116203,8 +117779,10 @@ https://github.com/ff4j/ff4j/issues/624 https://github.com/fhlip0/JopinXSS https://github.com/fibonascii/CVE-2004-0558 https://github.com/filebrowser/filebrowser/issues/2570 +https://github.com/filecoin-project/lotus/security/advisories/GHSA-4g52-pqcj-phvh https://github.com/filipi86/ConnectBoxDOCSIS-3.0 https://github.com/filipkarc/PoC-ubuntutouch-pin-privesc +https://github.com/firebase/php-jwt/issues/351 https://github.com/fireblocks-labs/safeheron-gg20-exploit-poc https://github.com/fireblocks-labs/zengo-lindell17-exploit-poc https://github.com/fireeye/Vulnerability-Disclosures/blob/master/FEYE-2019-0005/FEYE-2019-0005.md @@ -116224,6 +117802,7 @@ https://github.com/firmianay/security-issues/tree/main/app/cn.etouch.ecalendar https://github.com/firmianay/security-issues/tree/main/app/com.sdjictec.qdmetro https://github.com/firsov/onlyoffice https://github.com/firsov/onlyoffice/blob/main/CVE-2023-34939-PoC.md +https://github.com/fishykz/TP-POC https://github.com/fit2cloud/rackshift/issues/79 https://github.com/fixitc/cve/blob/main/sql.md https://github.com/flankerhqd/vendor-android-cves/tree/master/SMT-CVE-2019-16253 @@ -116231,8 +117810,10 @@ https://github.com/flatCore/flatCore-CMS/issues/27 https://github.com/flatCore/flatCore-CMS/issues/39 https://github.com/flatCore/flatCore-CMS/issues/52 https://github.com/flatCore/flatCore-CMS/issues/53 +https://github.com/flatCore/flatCore-CMS/issues/56 https://github.com/flatCore/flatCore-CMS/issues/69 https://github.com/fleetcaptain/integria-takeover +https://github.com/flexocms/flexo1.source/issues/25 https://github.com/flexpaper/pdf2json/issues/24 https://github.com/flexpaper/pdf2json/issues/25 https://github.com/flexpaper/pdf2json/issues/26 @@ -116248,17 +117829,23 @@ https://github.com/flexpaper/pdf2json/issues/35 https://github.com/flexpaper/pdf2json/issues/36 https://github.com/flexpaper/pdf2json/issues/44 https://github.com/flexpaper/pdf2json/issues/45 +https://github.com/flexpaper/pdf2json/issues/52 https://github.com/flipped-aurora/gin-vue-admin/security/advisories/GHSA-5g92-6hpp-w425 https://github.com/flipped-aurora/gin-vue-admin/security/advisories/GHSA-gv3w-m57p-3wc4 https://github.com/flipped-aurora/gin-vue-admin/security/advisories/GHSA-wrmq-4v4c-gxp2 https://github.com/flipperdevices/flipperzero-firmware/pull/1697 +https://github.com/fluent/fluentd/issues/3201 +https://github.com/flusity/flusity-CMS/issues/10 +https://github.com/flyhha/cms/blob/main/1.md https://github.com/flyyue2001/cve/blob/main/D-LINK%20-DAR-7000%E5%AD%98%E5%9C%A8sql%E6%B3%A8%E5%85%A5:sysmanage:edit_manageadmin.php.md https://github.com/flyyue2001/cve/blob/main/D-LINK%20-DAR-7000_sql_:sysmanage:editrole.php.md https://github.com/flyyue2001/cve/blob/main/smart_sql_updateos.md +https://github.com/fmsdwifull/tp5cms/issues/3 https://github.com/fmsdwifull/tp5cms/issues/6 https://github.com/fmsdwifull/tp5cms/issues/8 https://github.com/fmsh-seclab/TesMla https://github.com/follow-redirects/follow-redirects/issues/235 +https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-cxjh-pqwp-8mfp https://github.com/fontforge/fontforge/issues/3087 https://github.com/fontforge/fontforge/issues/3088 https://github.com/fontforge/fontforge/issues/3089 @@ -116298,10 +117885,16 @@ https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-rm4c-ccvf-ff9c https://github.com/fribidi/fribidi/issues/181 https://github.com/friends-of-presta/security-advisories/blob/main/_posts/2023-11-09-newsletterpop.md https://github.com/froala/wysiwyg-editor/issues/3880 +https://github.com/frohoff/ysoserial/ +https://github.com/frohoff/ysoserial/pull/13 +https://github.com/frohoff/ysoserial/pull/68/files https://github.com/frostming/rediswrapper/pull/1 +https://github.com/froxlor/Froxlor/security/advisories/GHSA-x525-54hf-xr53 +https://github.com/frozeman/feindura-flat-file-cms/issues/29 https://github.com/fs0c-sh/nagios-xi-5.7.5-bugs/blob/main/README.md https://github.com/fs0c131y/ESFileExplorerOpenPortVuln https://github.com/fs0c131y/SamsungLocker +https://github.com/fu2x2000/Liferay_exploit_Poc https://github.com/fudforum/FUDforum/issues/2 https://github.com/fudforum/FUDforum/issues/23 https://github.com/fudforum/FUDforum/issues/24 @@ -116311,7 +117904,17 @@ https://github.com/funadmin/funadmin/issues/4 https://github.com/funadmin/funadmin/issues/6 https://github.com/funadmin/funadmin/issues/8 https://github.com/funadmin/funadmin/issues/9 +https://github.com/funny-mud-peee/IoT-vuls/blob/main/TOTOLINK%20A3300R/12/TOTOlink%20A3300R%20setMacFilterRules.md +https://github.com/funny-mud-peee/IoT-vuls/blob/main/TOTOLINK%20A3300R/13/TOTOlink%20A3300R%20setWiFiScheduleCfg.md +https://github.com/funny-mud-peee/IoT-vuls/blob/main/TOTOLINK%20A3300R/15/TOTOlink%20A3300R%20setWiFiAclRules.md +https://github.com/funny-mud-peee/IoT-vuls/blob/main/TOTOLINK%20A3300R/3/TOTOLINK%20A3300R%20setScheduleCfg.md +https://github.com/funny-mud-peee/IoT-vuls/blob/main/TOTOLINK%20A3300R/7/TOTOlink%20A3300R%20setIpv6Cfg.md +https://github.com/funny-mud-peee/IoT-vuls/blob/main/TOTOLINK%20A3300R/8/TOTOlink%20A3300R%20setStaticDhcpRules.md +https://github.com/funny-mud-peee/IoT-vuls/blob/main/TOTOLINK%20A3300R/9/TOTOlink%20A3300R%20setUrlFilterRules.md +https://github.com/funny-mud-peee/IoT-vuls/blob/main/TOTOLINK%20A8000RU/TOTOlink%20A8000RU%20login%20bypass.md https://github.com/funny-mud-peee/IoT-vuls/blob/main/dir822+/2/readme.md +https://github.com/funny-mud-peee/IoT-vuls/blob/main/netgear%20R6850/Netgear-R6850%20V1.1.0.88%20Command%20Injection(ntp_server).md +https://github.com/funny-mud-peee/IoT-vuls/blob/main/netgear%20R6850/Netgear-R6850%20V1.1.0.88%20Command%20Injection(ping_test).md https://github.com/funny-mud-peee/IoT-vuls/tree/main/dir822%2B/2 https://github.com/fuzzlove/ATutor-2.2.4-Language-Exploit https://github.com/fuzzlove/ATutor-Instructor-Backup-Arbitrary-File @@ -116336,8 +117939,13 @@ https://github.com/garboa/cve_3/blob/main/Upload2.md https://github.com/garboa/cve_3/blob/main/file_put_content.md https://github.com/gatsby2003/Shenzhen-Youkate-Industrial-Co.-Ltd/blob/main/Shenzhen%20Youkate%20Industrial%20Co.%2C%20Ltd.md https://github.com/gatsby2003/Struts2-046/blob/main/Xiamen%20Four-Faith%20Communication%20Technology%20Co.,%20Ltd.%20video%20surveillance%20management%20system%20has%20a%20command%20execution%20vulnerability.md +https://github.com/gaukas/instructure-canvas-file-oracle https://github.com/gb111d/ns-asg_poc/ +https://github.com/gdraheim/zziplib/issues/14 +https://github.com/gdraheim/zziplib/issues/15 +https://github.com/gdraheim/zziplib/issues/16 https://github.com/gdraheim/zziplib/issues/17 +https://github.com/gdraheim/zziplib/issues/22 https://github.com/gdraheim/zziplib/issues/39 https://github.com/gdraheim/zziplib/issues/40 https://github.com/gdraheim/zziplib/issues/41 @@ -116345,31 +117953,48 @@ https://github.com/gdraheim/zziplib/issues/68 https://github.com/gdraheim/zziplib/issues/69 https://github.com/geffner/CVE-2020-8289/blob/master/README.md https://github.com/geffner/CVE-2020-8290/blob/master/README.md +https://github.com/gentoo/soko/security/advisories/GHSA-gp8g-jfq9-5q2g +https://github.com/geoserver/geoserver/security/advisories/GHSA-56r3-f536-5gf7 https://github.com/geoserver/geoserver/security/advisories/GHSA-9v5q-2gwq-q9hq +https://github.com/geoserver/geoserver/security/advisories/GHSA-fg9v-56hw-g525 https://github.com/geoserver/geoserver/security/advisories/GHSA-fh7p-5f6g-vj2w https://github.com/gerbv/gerbv/commit/5517e22250e935dc7f86f64ad414aeae3dbcb36a https://github.com/gerbv/gerbv/issues/191 https://github.com/gerr-re/cve-2022-24644/blob/main/cve-2022-24644_public-advisory.pdf https://github.com/gerwout/CVE-2019-9596-and-CVE-2019-9597/blob/master/poc.html +https://github.com/getformwork/formwork/security/advisories/GHSA-5pxr-7m4j-jjc6 https://github.com/getgrav/grav/commit/2eae104c7a4bf32bc26cb8073d5c40464bfda3f7 +https://github.com/getgrav/grav/security/advisories/GHSA-2m7x-c7px-hp58 +https://github.com/getgrav/grav/security/advisories/GHSA-c9gp-64c4-2rrh +https://github.com/getgrav/grav/security/advisories/GHSA-f6g2-h7qv-3m5v +https://github.com/getgrav/grav/security/advisories/GHSA-f8v5-jmfh-pr69 https://github.com/getgrav/grav/security/advisories/GHSA-f9jf-4cp4-4fq5 +https://github.com/getgrav/grav/security/advisories/GHSA-m7hx-hw6h-mqmc +https://github.com/getgrav/grav/security/advisories/GHSA-qfv4-q44r-g7rv +https://github.com/getgrav/grav/security/advisories/GHSA-r6vw-8v8r-pmp4 https://github.com/getgrav/grav/security/advisories/GHSA-xcr8-cc2j-62fc +https://github.com/getsentry/sentry/blob/17d2b87e39ccd57e11da4deed62971ff306253d1/src/sentry/conf/server.py#L1307 https://github.com/ggb0n/CVE-2023-44962 +https://github.com/ggerganov/llama.cpp/security/advisories/GHSA-p5mv-gjc5-mwqv https://github.com/ggfzx/OCP-Security-Misconfiguration/tree/main https://github.com/ggg48966/cve/blob/main/D-LINK%20-DAR-7000_rce_%20webmailattach.md https://github.com/ggg48966/cve/blob/main/NS-ASG-sql-addaddress_interpret.md https://github.com/ggg48966/cve/blob/main/sql.md https://github.com/gin-gonic/gin/issues/3555 https://github.com/git-for-windows/git/issues/944 +https://github.com/git/git/security/advisories/GHSA-5rfh-556j-fhgj +https://github.com/github/advisory-database/pull/3490 https://github.com/github/cmark-gfm/security/advisories/GHSA-24f7-9frr-5h2r https://github.com/github/cmark-gfm/security/advisories/GHSA-29g3-96g3-jg6c https://github.com/github/cmark-gfm/security/advisories/GHSA-66g8-4hjf-77xh https://github.com/github/cmark-gfm/security/advisories/GHSA-c944-cv5f-hpvr https://github.com/github/cmark-gfm/security/advisories/GHSA-r572-jvj2-3m8p +https://github.com/github/cmark-gfm/security/advisories/GHSA-r8vr-c48j-fcc5 https://github.com/github/securitylab/issues/669#issuecomment-1117265726 https://github.com/github123abc123/bird/issues/1 https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-wfm5-v35h-vwf4 +https://github.com/givanz/VvvebJs/issues/342 https://github.com/gl-inet/CVE-issues/blob/main/3.215/Abuse_of_Functionality_leads_to_RCE.md https://github.com/gl-inet/CVE-issues/blob/main/3.215/Arbitrary%20File%20Read%20through%20file%20share.md https://github.com/gl-inet/CVE-issues/blob/main/3.215/Arbitrary_File_Creation.md @@ -116380,22 +118005,35 @@ https://github.com/gl-inet/CVE-issues/blob/main/3.215/GL-MV1000_Arbitrary_File_C https://github.com/gl-inet/CVE-issues/blob/main/3.215/SSID_Key_Disclosure.md https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Arbitrary%20File%20Creation%20Through%20API%20upload.md https://github.com/glFusion/glfusion/issues/486 +https://github.com/gleez/cms/issues/795 +https://github.com/gleez/cms/issues/800 https://github.com/glennrp/libpng/issues/269 https://github.com/glennrp/libpng/issues/307 https://github.com/glennrp/libpng/issues/307#issuecomment-544779431 https://github.com/glpi-project/glpi/issues/1047 +https://github.com/glpi-project/glpi/security/advisories/GHSA-jwpv-7m4h-5gvc +https://github.com/gluxon/CVE-2018-13257 https://github.com/gnat/nc-cms/issues/11 +https://github.com/gnuboard/g6/issues/314 +https://github.com/gnuboard/g6/issues/316 https://github.com/goauthentik/authentik/security/advisories/GHSA-9qwp-jf7p-vr7h https://github.com/godotengine/godot/pull/45701 https://github.com/godotengine/godot/pull/45701/commits/403e4fd08b0b212e96f53d926e6273e0745eaa5a https://github.com/godotengine/godot/pull/45702 https://github.com/godotengine/godot/pull/45702/files +https://github.com/gogs/gogs/issues/5364 +https://github.com/gogs/gogs/issues/5372 +https://github.com/gogs/gogs/issues/5397 https://github.com/gogs/gogs/issues/5926 https://github.com/goharbor/harbor/security/advisories/GHSA-mq6f-5xh5-hgcf https://github.com/golang/go/issues/23867 +https://github.com/golang/go/issues/27016 +https://github.com/goldds96/Report/blob/main/DLink/DIR-815/CI.md https://github.com/gomarkdown/markdown/security/advisories/GHSA-m9xq-6h2j-65r2 https://github.com/gongfuxiang/schoolcms/issues/1 +https://github.com/gongwalker/ApiManager/issues/26 https://github.com/goodrain-apps/chanzhieps/issues/1 +https://github.com/google/google-api-cpp-client/pull/58 https://github.com/google/sa360-webquery-bigquery/pull/15 https://github.com/google/security-research/security/advisories/GHSA-6vq3-w69p-w63m https://github.com/google/security-research/security/advisories/GHSA-7f33-f4f5-xwgw @@ -116404,8 +118042,15 @@ https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-8 https://github.com/google/security-research/security/advisories/GHSA-g69r-8jwh-2462 https://github.com/google/security-research/security/advisories/GHSA-gg9x-v835-m48q https://github.com/google/security-research/security/advisories/GHSA-jg27-jx6w-xwph +https://github.com/google/security-research/security/advisories/GHSA-mhhf-w9xw-pp9x https://github.com/google/security-research/security/advisories/GHSA-mj4w-6495-6crx https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2 +https://github.com/google/security-research/security/advisories/GHSA-r7m9-grw7-vcc4 +https://github.com/google/security-research/security/advisories/GHSA-xxx5-8mvq-3528 +https://github.com/gopeak/masterlab/issues/254 +https://github.com/gopro/gpmf-parser/issues/29 +https://github.com/gopro/gpmf-parser/issues/31 +https://github.com/gopro/gpmf-parser/issues/32 https://github.com/gopro/gpmf-parser/issues/43 https://github.com/gopro/gpmf-parser/issues/60 https://github.com/gopro/gpmf-parser/issues/74 @@ -116417,6 +118062,8 @@ https://github.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh https://github.com/gottburgm/Exploits/tree/master/CVE-2017-12149 https://github.com/gottburgm/Exploits/tree/master/CVE-2017-3169 https://github.com/gottburgm/Exploits/tree/master/CVE-2017-7679 +https://github.com/gpac/gpac/commit/04dbf08bff4d61948bab80c3f9096ecc60c7f302 +https://github.com/gpac/gpac/commit/893fb99b606eebfae46cde151846a980e689039b https://github.com/gpac/gpac/commit/90dc7f853d31b0a4e9441cba97feccf36d8b69a4 https://github.com/gpac/gpac/issues/1179 https://github.com/gpac/gpac/issues/1180 @@ -116458,6 +118105,7 @@ https://github.com/gpac/gpac/issues/1423 https://github.com/gpac/gpac/issues/1440 https://github.com/gpac/gpac/issues/1479 https://github.com/gpac/gpac/issues/1481 +https://github.com/gpac/gpac/issues/1482 https://github.com/gpac/gpac/issues/1564 https://github.com/gpac/gpac/issues/1565 https://github.com/gpac/gpac/issues/1566 @@ -116465,6 +118113,7 @@ https://github.com/gpac/gpac/issues/1567 https://github.com/gpac/gpac/issues/1568 https://github.com/gpac/gpac/issues/1569 https://github.com/gpac/gpac/issues/1574 +https://github.com/gpac/gpac/issues/1575 https://github.com/gpac/gpac/issues/1586 https://github.com/gpac/gpac/issues/1587 https://github.com/gpac/gpac/issues/1659 @@ -116478,12 +118127,48 @@ https://github.com/gpac/gpac/issues/1772 https://github.com/gpac/gpac/issues/1774 https://github.com/gpac/gpac/issues/1838 https://github.com/gpac/gpac/issues/1840 +https://github.com/gpac/gpac/issues/1842 +https://github.com/gpac/gpac/issues/1846 +https://github.com/gpac/gpac/issues/1879 +https://github.com/gpac/gpac/issues/1883 +https://github.com/gpac/gpac/issues/1886 +https://github.com/gpac/gpac/issues/1887 +https://github.com/gpac/gpac/issues/1889 +https://github.com/gpac/gpac/issues/1890 +https://github.com/gpac/gpac/issues/1891 +https://github.com/gpac/gpac/issues/1892 +https://github.com/gpac/gpac/issues/1893 +https://github.com/gpac/gpac/issues/1894 +https://github.com/gpac/gpac/issues/1895 +https://github.com/gpac/gpac/issues/1897 +https://github.com/gpac/gpac/issues/1898 +https://github.com/gpac/gpac/issues/1899 +https://github.com/gpac/gpac/issues/1900 +https://github.com/gpac/gpac/issues/1901 +https://github.com/gpac/gpac/issues/1902 +https://github.com/gpac/gpac/issues/1904 +https://github.com/gpac/gpac/issues/1955 https://github.com/gpac/gpac/issues/1957 +https://github.com/gpac/gpac/issues/1958 https://github.com/gpac/gpac/issues/1959 https://github.com/gpac/gpac/issues/1964 +https://github.com/gpac/gpac/issues/1965 +https://github.com/gpac/gpac/issues/1966 https://github.com/gpac/gpac/issues/1967 https://github.com/gpac/gpac/issues/1968 https://github.com/gpac/gpac/issues/1969 +https://github.com/gpac/gpac/issues/1970 +https://github.com/gpac/gpac/issues/1971 +https://github.com/gpac/gpac/issues/1972 +https://github.com/gpac/gpac/issues/1973 +https://github.com/gpac/gpac/issues/1974 +https://github.com/gpac/gpac/issues/1975 +https://github.com/gpac/gpac/issues/1978 +https://github.com/gpac/gpac/issues/1979 +https://github.com/gpac/gpac/issues/1980 +https://github.com/gpac/gpac/issues/1982 +https://github.com/gpac/gpac/issues/1986 +https://github.com/gpac/gpac/issues/1999 https://github.com/gpac/gpac/issues/2058 https://github.com/gpac/gpac/issues/2061 https://github.com/gpac/gpac/issues/2067 @@ -116515,6 +118200,7 @@ https://github.com/gpac/gpac/issues/2307 https://github.com/gpac/gpac/issues/2315 https://github.com/gpac/gpac/issues/2327 https://github.com/gpac/gpac/issues/2328 +https://github.com/gpac/gpac/issues/2333 https://github.com/gpac/gpac/issues/2337 https://github.com/gpac/gpac/issues/2338 https://github.com/gpac/gpac/issues/2339 @@ -116537,6 +118223,7 @@ https://github.com/gpac/gpac/issues/2360 https://github.com/gpac/gpac/issues/2386 https://github.com/gpac/gpac/issues/2388 https://github.com/gpac/gpac/issues/2396 +https://github.com/gpac/gpac/issues/2514 https://github.com/gpac/gpac/issues/2516 https://github.com/gpac/gpac/issues/2537 https://github.com/gpac/gpac/issues/2550 @@ -116557,6 +118244,9 @@ https://github.com/gpac/gpac/issues/2672 https://github.com/gpac/gpac/issues/2679 https://github.com/gpac/gpac/issues/2689 https://github.com/gpac/gpac/issues/2698 +https://github.com/gpac/gpac/issues/2713 +https://github.com/gpac/gpac/issues/2763 +https://github.com/gpac/gpac/issues/2764 https://github.com/gpac/gpac/issues/997 https://github.com/gpertea/gclib/issues/11 https://github.com/gphper/ginadmin/issues/8 @@ -116569,6 +118259,7 @@ https://github.com/grafana/grafana/issues/13667 https://github.com/grails/grails-core/issues/11250 https://github.com/grame-cncm/faust/issues/482 https://github.com/graphql-rust/juniper/security/advisories/GHSA-4rx6-g5vg-5f3j +https://github.com/graphql/graphql-playground/commit/b8a956006835992f12c46b90384a79ab82bcadad https://github.com/gravitational/teleport https://github.com/gravitational/teleport/releases/tag/v4.4.11 https://github.com/gravitational/teleport/releases/tag/v5.2.4 @@ -116580,9 +118271,12 @@ https://github.com/gscamelo/TP-Link-Archer-AX10-V1/blob/main/README.md https://github.com/gteissier/CVE-2016-6271 https://github.com/gunet/openeclass/issues/11 https://github.com/gunet/openeclass/issues/39 +https://github.com/guusec/VSeeDoS https://github.com/guy-liu/yith-giftdrop +https://github.com/guyinatuxedo/sqlite3_record_leaking https://github.com/gventuri/pandas-ai/issues/399 https://github.com/gventuri/pandas-ai/issues/410 +https://github.com/gventuri/pandas-ai/issues/868 https://github.com/h3llraiser/CVE-2019-15120 https://github.com/h3llraiser/CVE-2020-25398 https://github.com/h3llraiser/CVE-2020-25399 @@ -116627,11 +118321,13 @@ https://github.com/hackerlib/hackerlib-vul/tree/master/gnome https://github.com/hackerlib/hackerlib-vul/tree/master/potrace/heap-buffer-overflow-mkbitmap https://github.com/hackerlib/hackerlib-vul/tree/master/tcpdump-vul/heap-buffer-overflow/print-pim https://github.com/hackerlib/hackerlib-vul/tree/master/tcpdump-vul/heap-buffer-overflow/util-print +https://github.com/hackervegas001/CVE-2024-26521 https://github.com/hackmdio/codimd/issues/1263 https://github.com/hackmdio/codimd/issues/1630 https://github.com/hackmdio/codimd/issues/1648 https://github.com/hacksparrow/safe-eval/issues/19 https://github.com/hacksparrow/safe-eval/issues/26 +https://github.com/hacksparrow/safe-eval/issues/27 https://github.com/hacksparrow/safe-eval/issues/5 https://github.com/hacky1997/CVE-2020-8825 https://github.com/haile01/perl_spreadsheet_excel_rce_poc @@ -116647,26 +118343,32 @@ https://github.com/hamm0nz/CVE-2020-18324 https://github.com/hamm0nz/CVE-2020-18325 https://github.com/hamm0nz/CVE-2020-18326 https://github.com/hannob/optionsbleed +https://github.com/hanxuer/crashes/blob/main/flvmeta/01/readme.md +https://github.com/hanxuer/crashes/blob/main/gapc/01/readme.md https://github.com/hanxuer/crashes/blob/main/yasm/04/readme.md https://github.com/hap-wi/roxy-wi/security/advisories/GHSA-7qqj-xhvr-46fv https://github.com/hapijs/hapi/issues/3466 https://github.com/harry935/CVE-2023-45992 +https://github.com/harryrabbit5651/cms/blob/main/1.md https://github.com/havok89/Hoosk/issues/63 https://github.com/hawtio/hawtio/issues/2832 https://github.com/haxpunk1337/MDaemon-/blob/main/MDaemon%20XSS%20at%20BCC%20endpoint https://github.com/haxpunk1337/MDaemon-/blob/main/MDaemon%20XSS%20at%20CC%20endpoint https://github.com/haxpunk1337/Microstrategy-Poc/blob/main/poc +https://github.com/hayyp/cherry/issues/1 https://github.com/hedgedoc/hedgedoc/security/advisories/GHSA-7494-7hcf-vxpg https://github.com/hedgedoc/hedgedoc/security/advisories/GHSA-p528-555r-pf87 https://github.com/hedgedoc/hedgedoc/security/advisories/GHSA-pxxg-px9v-6qf3 https://github.com/heidashuai5588/cve/blob/main/upload.md https://github.com/heimdal/heimdal/issues/353 https://github.com/helloxz/imgurl/issues/75 +https://github.com/helloxz/onenav/issues/186 https://github.com/hemantsolo/CVE-Reference/blob/main/CVE-2020-29228.md https://github.com/hemantsolo/CVE-Reference/blob/main/CVE-2020-29230.md https://github.com/hemantsolo/CVE-Reference/blob/main/CVE-2020-29231.md https://github.com/hemantsolo/CVE-Reference/blob/main/CVE-2020-35240.md https://github.com/hemantsolo/CVE-Reference/blob/main/CVE-2020-35241.md +https://github.com/heshi906/CVE-2024-28515 https://github.com/hessandrew/CVE-2019-17124 https://github.com/hfiref0x/LightFTP/issues/5 https://github.com/hfp/libxsmm/issues/398 @@ -116675,15 +118377,20 @@ https://github.com/hhhhu8045759/619L_upnpd_heapoverflow https://github.com/hhhhu8045759/dir_619l-buffer-overflow https://github.com/hhhhu8045759/dlink-619l-buffer_overflow https://github.com/hhxsv5/laravel-s/issues/437 +https://github.com/hi-KK/CVE-Hunter/blob/master/1.md +https://github.com/hi-KK/CVE-Hunter/blob/master/2.md https://github.com/hi-KK/CVE-Hunter/blob/master/3.md https://github.com/hillerlin/bycms/issues/1 https://github.com/hillerlin/bycms/issues/3 +https://github.com/himanshurahi/e107_2.1.9_CSRF_POC https://github.com/hisiphp/hisiphp/issues/10 +https://github.com/hisiphp/hisiphp/issues/11 https://github.com/hisiphp/hisiphp/issues/3 https://github.com/hisiphp/hisiphp/issues/7 https://github.com/hitIer/web_test/tree/master/hotel https://github.com/hjson/hjson-java/issues/24 https://github.com/hjson/hjson-java/issues/27 +https://github.com/hkerma/opa-gatekeeper-concurrency-issue https://github.com/hnsecurity/vulns/blob/main/HNS-2022-01-dtprintinfo.txt https://github.com/hoene/libmysofa/issues/67 https://github.com/hoene/libmysofa/issues/83 @@ -116691,6 +118398,12 @@ https://github.com/hoene/libmysofa/issues/84 https://github.com/hoene/libmysofa/issues/96 https://github.com/holychang/maccms8/blob/master/xss2 https://github.com/hongliuliao/ehttp/commit/17405b975948abc216f6a085d2d027ec1cfd5766 +https://github.com/honojs/hono/security/advisories/GHSA-3mpf-rcc7-5347 +https://github.com/honojs/node-server/issues/159 +https://github.com/hook-s3c/CVE-2018-11776-Python-PoC +https://github.com/hoppscotch/hoppscotch-extension/security/advisories/GHSA-jjh5-pvqx-gg5v +https://github.com/hoppscotch/hoppscotch/security/advisories/GHSA-8r6h-8r68-q3pp +https://github.com/hoppscotch/hoppscotch/security/advisories/GHSA-qmmm-73r2-f8xr https://github.com/hoppscotch/hoppscotch/security/advisories/GHSA-qpx8-wq6q-r833 https://github.com/horde/horde/commit/eb3afd14c22c77ae0d29e2848f5ac726ef6e7c5b https://github.com/horizon3ai/CVE-2022-47966 @@ -116701,6 +118414,7 @@ https://github.com/httl/httl/issues/224 https://github.com/httl/httl/issues/225 https://github.com/httpvoid/writeups/blob/main/Apple-RCE.md https://github.com/hu1y40/PoC/blob/main/rtspserver_stackoverflow_poc.py +https://github.com/huandu/facebook/security/advisories/GHSA-3f65-m234-9mxr https://github.com/huanglei3/lrzip-next-poc/tree/main https://github.com/huanglei3/lrzip_poc/tree/main/lrzip_heap_overflow https://github.com/hubertfarnsworth12/Generex-CS141-Authenticated-Remote-Command-Execution @@ -116714,11 +118428,13 @@ https://github.com/hunzi0/VulInfo/tree/main/D-Link/DIR-816/form2WizardStep54 https://github.com/hunzi0/VulInfo/tree/main/D-Link/DIR-816/setRepeaterSecurity https://github.com/hunzi0/VulInfo/tree/main/D-Link/DIR-816/setSecurity https://github.com/hunzi0/VulInfo/tree/main/D-Link/DIR-816/setSysAdm +https://github.com/hunzi0/Vullnfo/tree/main/Tenda/AC18/formSetPPTPServer https://github.com/hurricane618/my_cves/blob/master/router/totolink/A720R_cookie_overflow.md https://github.com/hurricane618/my_cves/blob/master/router/totolink/A720R_default_telnet_info.md https://github.com/hurricane618/my_cves/blob/master/router/totolink/A720R_leak_config_file.md https://github.com/hurricane618/my_cves/blob/master/router/totolink/A720R_login_bypass.md https://github.com/husterdjx/cve/blob/main/sql1.md +https://github.com/hxcc/just_for_fun/blob/master/ICMS%20CSRF https://github.com/hyperledger/fabric/security/advisories/GHSA-v9w2-543f-h69m https://github.com/hyperledger/indy-node/blob/master/CHANGELOG.md#1123 https://github.com/hyperledger/indy-node/blob/master/CHANGELOG.md#1124 @@ -116728,18 +118444,27 @@ https://github.com/hyyyp/HYBBS2/issues/33 https://github.com/hyyyp/HYBBS2/issues/34 https://github.com/hzeller/timg/issues/92 https://github.com/i3umi3iei3ii/CentOS-Control-Web-Panel-CVE/blob/master/CVE-2019-13477.md +https://github.com/iBotPeaches/Apktool/commit/d348c43b24a9de350ff6e5bd610545a10c1fc712 +https://github.com/iBotPeaches/Apktool/security/advisories/GHSA-2hqv-2xv4-5h5w +https://github.com/iBotPeaches/Apktool/security/advisories/GHSA-vgwr-4w3p-xmjv +https://github.com/iamHuFei/HVVault/blob/main/webapp/%E9%AD%94%E6%96%B9%E7%BD%91%E8%A1%A8/magicflu-mailupdate-jsp-fileupload.md +https://github.com/iamweifan/jooan/blob/master/es_poc.py https://github.com/ibey0nd/CVE/blob/master/CMS%20Made%20Simple%20Stored%20XSS%202.md https://github.com/ibey0nd/CVE/blob/master/CMS%20Made%20Simple%20Stored%20XSS.md +https://github.com/iceMatcha/Some-Vulnerabilities-of-D-link-Dir815/blob/master/Vulnerabilities_Summary.md https://github.com/icepng/PoC/tree/master/PoC1 https://github.com/iceyjchen/VulnerabilityProjectRecords/blob/main/setPasswordCfg_admpass/setPasswordCfg_admpass.md https://github.com/icon-project/loopchain/issues/231 https://github.com/idcos/Cloudboot/issues/22 +https://github.com/iiSiLvEr/CVEs/tree/main/CVE-2021-40219 +https://github.com/iimiss/cms/blob/main/1.md https://github.com/illagrenan/django-make-app/issues/5 https://github.com/ilsani/rd/tree/master/security-advisories/faststone/maxview-cve-2017-6078 https://github.com/imapsync/imapsync/issues/399 https://github.com/imp0wd3r/vuln-papers/tree/master/zencart-155e-auth-rce https://github.com/imsebao/404team/blob/master/zorovavi-blog-sql-injection.md https://github.com/indutny/elliptic/issues/226 +https://github.com/indutny/node-ip/issues/150 https://github.com/inflixim4be/Brute-Force-on-Umanni-RH https://github.com/inflixim4be/CVE-2020-15367 https://github.com/inflixim4be/CVE-2020-15392 @@ -116750,6 +118475,8 @@ https://github.com/input-output-hk/hydra/blob/master/CHANGELOG.md#0130---2023-10 https://github.com/input-output-hk/hydra/security/advisories/GHSA-6x9v-7x5r-w8w6 https://github.com/input-output-hk/hydra/security/advisories/GHSA-9m8q-7wxv-v65p https://github.com/input-output-hk/hydra/security/advisories/GHSA-mgcx-6p7h-5996 +https://github.com/inputzero/Security-Advisories/blob/main/CVE-XXXX-XXXX.md +https://github.com/instantsoft/icms2/issues/892 https://github.com/instantsoft/icms2/security/advisories/GHSA-6v3c-p92q-prfq https://github.com/instantsoft/icms2/security/advisories/GHSA-qx95-w566-73fw https://github.com/intelliants/subrion/issues/467 @@ -116760,12 +118487,14 @@ https://github.com/intelliants/subrion/issues/762 https://github.com/intelliants/subrion/issues/817 https://github.com/intelliants/subrion/issues/821 https://github.com/intelliants/subrion/issues/845 +https://github.com/intelliants/subrion/issues/890 https://github.com/intridea/omniauth-oauth2/pull/25 https://github.com/invernyx/smartcars-3-bugs/security/advisories/GHSA-hx8p-f8h7-5h78 https://github.com/invisiblebyte/CVE-2023-46694 https://github.com/invoiceninja/invoiceninja/issues/1727 https://github.com/iohex/ZZCMS/blob/master/zzcms2019_login_xss.md https://github.com/ionize/ionize/issues/393 +https://github.com/ioprojecton/dir-3040_dos https://github.com/iot-firmeware/-Router-vulnerability/tree/main/AX12 https://github.com/iot-firmeware/-Router-vulnerability/tree/main/Tenda%20AC9 https://github.com/ipython/ipython/security/advisories/GHSA-29gw-9793-fvw7 @@ -116781,6 +118510,8 @@ https://github.com/irsl/gnu-patch-vulnerabilities https://github.com/irsl/jackson-rce-via-spel/ https://github.com/irsl/knc-memory-exhaustion/ https://github.com/isBigChen/iot/blob/main/tenda/formSetSafeWanWebMan.md +https://github.com/isaacs/node-tar/security/advisories/GHSA-f5x3-32g6-xq36 +https://github.com/ismailcemunver/CVE-2024-29375 https://github.com/ismailerkek/CVEs/blob/main/CVE-2020-19762-RESERVED.md https://github.com/istlnight/cve/blob/main/NS-ASG-sql-uploadiscgwrouteconf.md https://github.com/itext/itext7/pull/78 @@ -116788,8 +118519,12 @@ https://github.com/itext/itext7/pull/78#issuecomment-1089279222 https://github.com/itext/itext7/pull/78#issuecomment-1089282165 https://github.com/itext/itext7/pull/78#issuecomment-1089287808 https://github.com/itodaro/WhiteSharkSystem_cve +https://github.com/itodaro/cmsms_cve/blob/master/README.md https://github.com/itodaro/cve/blob/master/README.md https://github.com/itodaro/doorGets_cve +https://github.com/itsqian797/cms/blob/main/1.md +https://github.com/itsqian797/cms/blob/main/3.md +https://github.com/itsqian797/cms/blob/main/4.md https://github.com/itssixtyn3in/CVE-2023-42222 https://github.com/itzmehedi/Hostel-searching-project-using-PHP-Mysql/issues/1 https://github.com/ivoschyk-cs/CVE-s/blob/master/Email%20Subscribers%20%26%20Newsletters%20Wordpress%20Plugin%20(XSS) @@ -116800,6 +118535,7 @@ https://github.com/jadacheng/vulnerability/blob/master/Metinfo6.x/MetInfo.md https://github.com/jaegertracing/jaeger-ui/security/advisories/GHSA-vv24-rm95-q56r https://github.com/jakgibb/nagiosxi-root-rce-exploit https://github.com/jamesagnew/hapi-fhir/issues/2026 +https://github.com/janbialostok/deep-assign/issues/1 https://github.com/janino-compiler/janino/issues/201 https://github.com/jarradseers/config-handler/issues/1 https://github.com/jasonjoh/php-calendar/issues/4 @@ -116811,7 +118547,10 @@ https://github.com/jasper-software/jasper/issues/265 https://github.com/jasper-software/jasper/issues/338 https://github.com/jasper-software/jasper/issues/367 https://github.com/jasper-software/jasper/issues/381 +https://github.com/javadelight/delight-nashorn-sandbox/issues/117 https://github.com/javadelight/delight-nashorn-sandbox/issues/135 +https://github.com/javahuang/SurveyKing/issues/55 +https://github.com/javahuang/SurveyKing/issues/56 https://github.com/jaygreig86/dmitry/issues/4 https://github.com/jayus0821/insight/blob/master/ClipperCMS%20SSRF.md https://github.com/jayus0821/insight/blob/master/ClipperCMS%20SSRF2.md @@ -116820,14 +118559,17 @@ https://github.com/jayus0821/uai-poc/blob/main/ASUS/RT-N53/command%20injection.m https://github.com/jayus0821/uai-poc/blob/main/Netgear/WNAP320/unauth.md https://github.com/jayus0821/uai-poc/blob/main/Trendnet/IP-110wn/xss1.md https://github.com/jayus0821/uai-poc/blob/main/Trendnet/IP-110wn/xss2.md +https://github.com/jbaines-r7/staystaystay https://github.com/jbaines-r7/theway https://github.com/jbeder/yaml-cpp/issues/519 +https://github.com/jbeder/yaml-cpp/issues/654 https://github.com/jbeder/yaml-cpp/issues/657 https://github.com/jbeder/yaml-cpp/issues/660 https://github.com/jboogie15/CVE-2021-38149 https://github.com/jcarabantes/Bus-Vulnerabilities https://github.com/jcubic/jquery.terminal/issues/727 https://github.com/je6k/ctf-challenges/blob/master/poc.txt +https://github.com/jeecgboot/jeecg-boot/issues/3331 https://github.com/jeecgboot/jeecg-boot/issues/4125 https://github.com/jeecgboot/jeecg-boot/issues/4126 https://github.com/jeecgboot/jeecg-boot/issues/4127 @@ -116839,7 +118581,9 @@ https://github.com/jenaye/aapanel https://github.com/jenaye/cve/blob/master/readme.MD https://github.com/jenaye/pligg/blob/master/README.md https://github.com/jensregel/Advisories/tree/master/CVE-2020-12608 +https://github.com/jeremylong/DependencyCheck/security/advisories/GHSA-qqhq-8r2c-c3f5 https://github.com/jerryhanjj/ERP/issues/3 +https://github.com/jerryjliu/llama_index/issues/7054 https://github.com/jerryscript-project/jerryscript/issues/2008 https://github.com/jerryscript-project/jerryscript/issues/2140 https://github.com/jerryscript-project/jerryscript/issues/3785 @@ -116858,8 +118602,21 @@ https://github.com/jerryscript-project/jerryscript/issues/4890 https://github.com/jerryscript-project/jerryscript/issues/4891 https://github.com/jerryscript-project/jerryscript/issues/4894 https://github.com/jerryscript-project/jerryscript/issues/4895 +https://github.com/jerryscript-project/jerryscript/issues/4900 https://github.com/jerryscript-project/jerryscript/issues/4901 https://github.com/jerryscript-project/jerryscript/issues/4916 +https://github.com/jerryscript-project/jerryscript/issues/4917 +https://github.com/jerryscript-project/jerryscript/issues/4920 +https://github.com/jerryscript-project/jerryscript/issues/4924 +https://github.com/jerryscript-project/jerryscript/issues/4927 +https://github.com/jerryscript-project/jerryscript/issues/4928 +https://github.com/jerryscript-project/jerryscript/issues/4930 +https://github.com/jerryscript-project/jerryscript/issues/4934 +https://github.com/jerryscript-project/jerryscript/issues/4936 +https://github.com/jerryscript-project/jerryscript/issues/4938 +https://github.com/jerryscript-project/jerryscript/issues/4939 +https://github.com/jerryscript-project/jerryscript/issues/4940 +https://github.com/jerryscript-project/jerryscript/issues/4941 https://github.com/jerryscript-project/jerryscript/issues/5061 https://github.com/jerryscript-project/jerryscript/issues/5062 https://github.com/jerryscript-project/jerryscript/issues/5064 @@ -116878,14 +118635,24 @@ https://github.com/jerryscript-project/jerryscript/issues/5135 https://github.com/jet-pentest/CVE-2022-39838 https://github.com/jettison-json/jettison/issues/52 https://github.com/jettison-json/jettison/issues/54 +https://github.com/jflyfox/jfinal_cms/issues/27 https://github.com/jflyfox/jfinal_cms/issues/54 https://github.com/jhipster/generator-jhipster/issues/10401 https://github.com/jhipster/jhipster-kotlin/issues/183 https://github.com/jianyan74/TinyShop/issues/14 +https://github.com/jianyan74/rageframe2/issues/111 +https://github.com/jianyan74/rageframe2/issues/114 https://github.com/jiaofj/cms/blob/main/There%20is%20a%20storage%20based%20XSS%20in%20the%20article%20management%20department.md +https://github.com/jinhaochan/CVE-POC/blob/main/tms/POC.md +https://github.com/jishenghua/jshERP/issues/99 +https://github.com/jjanier/axml/issues/1 +https://github.com/jkriege2/TinyTIFF/issues/19 +https://github.com/jmrcsnchz/ClinicQueueingSystem_RCE/ +https://github.com/jmrcsnchz/ClinicQueueingSystem_RCE/blob/main/clinicx.py https://github.com/jmrozanec/cron-utils/issues/461 https://github.com/jmurty/java-xmlbuilder/issues/6 https://github.com/joaquimserafim/json-web-token/security/advisories/GHSA-4xw9-cx39-r355 +https://github.com/joblib/joblib/issues/1582 https://github.com/jofpin/trape/issues/168 https://github.com/jofpin/trape/issues/169 https://github.com/johnawm/vulner-box/blob/master/TRENDNet/TEW-820AP/02/README.md @@ -116900,6 +118667,7 @@ https://github.com/joinia/webray.com.cn/blob/main/URVE/URVE%20Web%20Manager%20up https://github.com/joinia/webray.com.cn/blob/main/lead-management-system/leadmanasql.md https://github.com/joinia/webray.com.cn/blob/main/php-bank/phpbanksql.md https://github.com/jollheef/libreoffice-remote-arbitrary-file-disclosure +https://github.com/jomskiller/Employee-Managemet-System---Broken-Access-Control https://github.com/jonschlinkert/remarkable/issues/331 https://github.com/josdejong/jsoneditor/issues/1029 https://github.com/josdejong/mathjs/blob/master/HISTORY.md#2017-11-18-version-3170 @@ -116919,10 +118687,15 @@ https://github.com/jsummers/imageworsener/issues/34 https://github.com/jtdowney/private_address_check/issues/1 https://github.com/jtesta/gog_galaxy_client_service_poc https://github.com/jtesta/gog_galaxy_client_service_poc/issues/1#issuecomment-926932218 +https://github.com/jubilianite/flusity-CMS/security/advisories/GHSA-5843-5m74-7fqh https://github.com/jucktnich/meldekarten-generator/security/advisories/GHSA-f2gp-85cr-vgj7 +https://github.com/judge0/judge0/security/advisories/GHSA-3xpw-36v7-2cmg +https://github.com/judge0/judge0/security/advisories/GHSA-h9g2-45c8-89cf +https://github.com/judge0/judge0/security/advisories/GHSA-q7vg-26pg-v5hr https://github.com/julio-cfa/CVE-2024-33438 https://github.com/jumpycastle/xmlrpc.net-poc https://github.com/junrar/junrar/issues/73 +https://github.com/jupyter/nbconvert/security/advisories/GHSA-9jmq-rx5f-8jwq https://github.com/jusstSahil/CSRF-/blob/main/POC https://github.com/justdan96/tsMuxer/issues/395 https://github.com/justdan96/tsMuxer/issues/423 @@ -116932,6 +118705,10 @@ https://github.com/justdan96/tsMuxer/issues/427 https://github.com/justdan96/tsMuxer/issues/428 https://github.com/justdan96/tsMuxer/issues/432 https://github.com/justdan96/tsMuxer/issues/436 +https://github.com/justdan96/tsMuxer/issues/476 +https://github.com/justdan96/tsMuxer/issues/478 +https://github.com/justdan96/tsMuxer/issues/509 +https://github.com/justdan96/tsMuxer/issues/510 https://github.com/justdan96/tsMuxer/issues/641 https://github.com/justdan96/tsMuxer/issues/778 https://github.com/justdan96/tsMuxer/issues/780 @@ -116939,7 +118716,9 @@ https://github.com/justinas/nosurf/pull/60 https://github.com/justinhunt/moodle-filter_poodll/issues/23 https://github.com/justinsteven/advisories/blob/master/2017_rbenv_ruby_version_directory_traversal.md https://github.com/justinsteven/advisories/blob/master/2017_rvm_cd_command_execution.md +https://github.com/justinsteven/advisories/blob/master/2020_fwupd_dangling_s3_bucket_and_CVE-2020-10759_signature_verification_bypass.md https://github.com/juweihuitao/MpOperationLogs/ +https://github.com/jxm68868/cve/blob/main/upload.md https://github.com/k-takata/Onigmo/issues/132 https://github.com/k-takata/Onigmo/issues/139 https://github.com/k0keoyo/CVE-2017-0038-EXP-C-JS @@ -116967,6 +118746,7 @@ https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/purchase-order- https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/purchase-order-management-system/SQLi-1.md https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/purchase-order-management-system/SQLi-2.md https://github.com/kagancapar/CVE-2022-29072 +https://github.com/kaikai145154/CVE-CSRF/blob/main/SourceCodester%20Simple%20Online%20Bidding%20System%20CSRF.md https://github.com/kaisersource/kaisersource.github.io/blob/main/_posts/2021-01-17-dsl-n14u.md https://github.com/kalcaddle/KodExplorer/issues/482 https://github.com/kaltura/server/issues/5303 @@ -116978,13 +118758,21 @@ https://github.com/kanboard/kanboard/security/advisories/GHSA-wfch-8rhv-v286 https://github.com/kanboard/kanboard/security/advisories/GHSA-x8v7-3ghx-65cv https://github.com/kaoudis/advisories/blob/main/0-2021.md https://github.com/kashimAstro/SimpleNetwork/issues/22 +https://github.com/kayo-zjq/myc/blob/main/1.md https://github.com/kbgsft/vuln-dext5upload/wiki/File-Download-Vulnerability-in-DEXT5Upload-2.7.1262310-by-xcuter https://github.com/kbni/owlky https://github.com/keepassxreboot/keepassxc/discussions/9433 +https://github.com/keepinggg/poc/blob/main/poc_of_swfc https://github.com/keepinggg/poc/blob/main/poc_of_swfdump/poc https://github.com/keepinggg/poc/tree/main/poc_of_lunasvg https://github.com/keepinggg/poc/tree/main/poc_of_swfdump +https://github.com/keheying/onekeyadmin/issues/1 +https://github.com/keheying/onekeyadmin/issues/11 +https://github.com/keheying/onekeyadmin/issues/4 +https://github.com/keheying/onekeyadmin/issues/7 https://github.com/keheying/onekeyadmin/issues/8 +https://github.com/keheying/onekeyadmin/issues/9 +https://github.com/kekingcn/kkFileView/issues/304 https://github.com/kekingcn/kkFileView/issues/347 https://github.com/kekingcn/kkFileView/issues/366 https://github.com/kekingcn/kkFileView/issues/370 @@ -116992,19 +118780,26 @@ https://github.com/kekingcn/kkFileView/issues/389 https://github.com/kekingcn/kkFileView/issues/392 https://github.com/kermitt2/pdf2xml/issues/10 https://github.com/kermitt2/pdf2xml/issues/11 +https://github.com/kermitt2/pdf2xml/issues/12 https://github.com/kermitt2/pdf2xml/issues/14 https://github.com/kermitt2/pdf2xml/issues/15 https://github.com/kermitt2/pdfalto/issues/46 +https://github.com/keru6k/Online-Admission-System-RCE-PoC/blob/main/poc.py https://github.com/kevinboone/epub2txt2/issues/22 https://github.com/kevins1022/cve/blob/master/wordpress-Easy-Testimonials.md https://github.com/kevins1022/cve/blob/master/wordpress-event-list.md https://github.com/kevins1022/cve/blob/master/wordpress-product-catalog.md https://github.com/kevva/decompress/issues/71 +https://github.com/kevva/decompress/pull/73 https://github.com/keycloak/keycloak/issues/9247 https://github.com/khmk2k/CVE-2023-31753/ +https://github.com/kilooooo/cms/blob/main/1.md +https://github.com/kilooooo/cms/blob/main/2.md +https://github.com/kimai/kimai/security/advisories/GHSA-cj3c-5xpm-cx94 https://github.com/kimai/kimai/security/advisories/GHSA-fjhg-96cp-6fcw https://github.com/kindsoft/kindeditor/issues/321 https://github.com/kings-way/deepinhack/blob/master/dde_daemon_poc.py +https://github.com/kingshao0312/cve/issues/1 https://github.com/kirillwow/ids_bypass https://github.com/kishan0725/Hospital-Management-System/issues/17 https://github.com/kishan0725/Hospital-Management-System/issues/22 @@ -117035,12 +118830,20 @@ https://github.com/knik0/faac/issues/22 https://github.com/knik0/faac/issues/23 https://github.com/knik0/faac/issues/24 https://github.com/knik0/faac/issues/25 +https://github.com/knik0/faad2/issues/19 +https://github.com/knik0/faad2/issues/20 +https://github.com/knik0/faad2/issues/21 +https://github.com/knik0/faad2/issues/29 +https://github.com/knik0/faad2/issues/30 +https://github.com/knik0/faad2/issues/32 +https://github.com/knik0/faad2/issues/56 https://github.com/knik0/faad2/issues/57 https://github.com/knik0/faad2/issues/58 https://github.com/knik0/faad2/issues/59 https://github.com/knik0/faad2/issues/60 https://github.com/knik0/faad2/issues/62 https://github.com/kobezzza/Collection/issues/27 +https://github.com/kofa2002/splunk https://github.com/kohler/gifsicle/issues/140 https://github.com/kohler/gifsicle/issues/196 https://github.com/kohler/gifsicle/issues/65 @@ -117063,6 +118866,8 @@ https://github.com/krb5/krb5/commit/e3b5a5e5267818c97750b266df50b6a3d4649604 https://github.com/krb5/krb5/commit/e6ae703ae597d798e310368d52b8f38ee11c6a73 https://github.com/krb5/krb5/commit/f0c094a1b745d91ef2f9a4eae2149aac026a5789 https://github.com/krb5/krb5/commit/f18ddf5d82de0ab7591a36e465bc24225776940f +https://github.com/kuaifan/dootask/issues/210 +https://github.com/kuba--/zip/issues/123 https://github.com/kubernetes/kubernetes/issues/61297 https://github.com/kubernetes/kubernetes/issues/92914 https://github.com/kubernetes/kubernetes/issues/97076 @@ -117098,20 +118903,27 @@ https://github.com/ladybirdweb/faveo-helpdesk/issues/446 https://github.com/lakshaya0557/POCs/blob/main/POC https://github.com/landley/toybox/issues/346 https://github.com/lane711/sonicjs/pull/183 +https://github.com/langchain-ai/langchain/commit/727d5023ce88e18e3074ef620a98137d26ff92a3 https://github.com/langchain-ai/langchain/issues/7700 https://github.com/langchain-ai/langchain/issues/8363 https://github.com/langhsu/mblog/issues/27 +https://github.com/langhsu/mblog/issues/50 https://github.com/laoquanshi/Chic-Vulnerability- https://github.com/laotun-s/POC/blob/main/CVE-2022-31382.txt https://github.com/laotun-s/POC/blob/main/CVE-2022-31383.txt https://github.com/laotun-s/POC/blob/main/CVE-2022-31384.txt https://github.com/laotun-s/POC/blob/main/CVE-2022-32993.txt +https://github.com/laotun-s/POC/blob/main/CVE-2023-26925.txt +https://github.com/latchset/jwcrypto/security/advisories/GHSA-j857-7rvv-vj97 https://github.com/laurent22/joplin/commit/9c20d5947d1fa4678a8b640792ff3d31224f0adf +https://github.com/laurent22/joplin/commit/feaecf765368f2c273bea3a9fa641ff0da7e6b26 https://github.com/laurent22/joplin/issues/500 https://github.com/laurent22/joplin/issues/6004 +https://github.com/laurent22/joplin/releases/tag/v2.0.9 https://github.com/laurent22/joplin/releases/tag/v2.9.17 https://github.com/lazyphp/PESCMS-TEAM/issues/7 https://github.com/lazyphp/PESCMS-TEAM/issues/7, +https://github.com/lcg-22266/cms/blob/main/1.md https://github.com/lcyfrank/VulnRepo/tree/master/IoT/Tenda/1 https://github.com/lcyfrank/VulnRepo/tree/master/IoT/Tenda/3 https://github.com/lcyfrank/VulnRepo/tree/master/IoT/Tenda/4 @@ -117125,6 +118937,8 @@ https://github.com/leecybersec/bug-report/tree/main/sourcecodester/oretnom23/hrm https://github.com/leecybersec/bug-report/tree/main/sourcecodester/oretnom23/hrm/employeeadd-sqli https://github.com/leekenghwa/CVE-2023-33817---SQL-Injection-found-in-HotelDruid-3.0.5 https://github.com/leerina/vulnerability/blob/master/Fuel%20CMS%201.4.8%20SQLi%20vulnerability.txt +https://github.com/leesavide/abcm2ps/issues/16 +https://github.com/leesavide/abcm2ps/issues/83 https://github.com/leesavide/abcm2ps/issues/84 https://github.com/leesavide/abcm2ps/issues/85 https://github.com/lemon666/vuln/blob/master/MetInfo5.3.md @@ -117143,10 +118957,14 @@ https://github.com/leonardobg/CVE-2023-36146/#readme https://github.com/leonhad/pdftools/issues/1 https://github.com/leonhad/pdftools/issues/2 https://github.com/leonhad/pdftools/issues/3 +https://github.com/leonhad/pdftools/issues/4 https://github.com/leonhad/pdftools/issues/5 https://github.com/leonhad/pdftools/issues/6 https://github.com/leonzhao7/vulnerability/blob/master/An%20Out-of-Bounds%20Read%20%28DoS%29%20Vulnerability%20in%20hevc.c%20of%20libbpg.md https://github.com/leonzhao7/vulnerability/blob/master/An%20integer%20underflow%20vulnerability%20in%20sao_filter_CTB%20of%20libbpg.md +https://github.com/lessthanoptimal/BoofCV/issues/406 +https://github.com/lestrrat-go/jwx/security/advisories/GHSA-hj3v-m684-v259 +https://github.com/lestrrat-go/jwx/security/advisories/GHSA-pvcr-v8j8-j5q3 https://github.com/lexborisov/myhtml/issues/175 https://github.com/li-yu320/cms/blob/main/There%20is%20a%20CSRF%20present%20at%20the%20new%20location%20of%20the%20rotation%20image.md https://github.com/liang-junkai/Fault-injection-of-ML-DSA @@ -117169,6 +118987,8 @@ https://github.com/libexpat/libexpat/pull/559 https://github.com/libgd/libgd/issues/215 https://github.com/libgd/libgd/issues/248 https://github.com/libgd/libgd/issues/308 +https://github.com/libgd/libgd/issues/700 +https://github.com/libgd/libgd/pull/713 https://github.com/libimobiledevice/libplist/issues/87 https://github.com/libimobiledevice/libplist/issues/88 https://github.com/libimobiledevice/libplist/issues/93 @@ -117177,12 +118997,17 @@ https://github.com/libimobiledevice/libplist/issues/95 https://github.com/libimobiledevice/libplist/issues/98 https://github.com/libimobiledevice/libplist/issues/99 https://github.com/libjpeg-turbo/libjpeg-turbo/issues/167 +https://github.com/libjpeg-turbo/libjpeg-turbo/issues/258 https://github.com/libjpeg-turbo/libjpeg-turbo/issues/392 https://github.com/libjxl/libjxl/issues/1477 https://github.com/libjxl/libjxl/issues/422 https://github.com/liblouis/liblouis/issues/1171 https://github.com/liblouis/liblouis/issues/1214 +https://github.com/liblouis/liblouis/issues/1292 https://github.com/liblouis/liblouis/issues/1301 +https://github.com/liblouis/liblouis/issues/582 +https://github.com/libming/libming/issues/101 +https://github.com/libming/libming/issues/105 https://github.com/libming/libming/issues/109 https://github.com/libming/libming/issues/110 https://github.com/libming/libming/issues/111 @@ -117196,11 +119021,20 @@ https://github.com/libming/libming/issues/118 https://github.com/libming/libming/issues/119 https://github.com/libming/libming/issues/120 https://github.com/libming/libming/issues/121 +https://github.com/libming/libming/issues/122 +https://github.com/libming/libming/issues/123 https://github.com/libming/libming/issues/128 https://github.com/libming/libming/issues/129 https://github.com/libming/libming/issues/130 https://github.com/libming/libming/issues/131 https://github.com/libming/libming/issues/133 +https://github.com/libming/libming/issues/146 +https://github.com/libming/libming/issues/149 +https://github.com/libming/libming/issues/160 +https://github.com/libming/libming/issues/161 +https://github.com/libming/libming/issues/163 +https://github.com/libming/libming/issues/164 +https://github.com/libming/libming/issues/168 https://github.com/libming/libming/issues/169 https://github.com/libming/libming/issues/170 https://github.com/libming/libming/issues/171 @@ -117222,18 +119056,33 @@ https://github.com/libming/libming/issues/236 https://github.com/libming/libming/issues/267 https://github.com/libming/libming/issues/268 https://github.com/libming/libming/issues/273 +https://github.com/libming/libming/issues/307 +https://github.com/libming/libming/issues/308 +https://github.com/libming/libming/issues/309 +https://github.com/libming/libming/issues/310 +https://github.com/libming/libming/issues/311 https://github.com/libming/libming/issues/85 https://github.com/libming/libming/issues/86 https://github.com/libming/libming/issues/97 +https://github.com/libming/libming/issues/98 https://github.com/libofx/libofx/issues/22 https://github.com/librenms/librenms/issues/9170 +https://github.com/librenms/librenms/security/advisories/GHSA-72m9-7c8x-pmmw https://github.com/librenms/librenms/security/advisories/GHSA-rq42-58qf-v3qx +https://github.com/libsixel/libsixel/issues/25 +https://github.com/libsixel/libsixel/issues/27 +https://github.com/libsixel/libsixel/issues/51 https://github.com/libsndfile/libsndfile/issues/687 https://github.com/libsndfile/libsndfile/issues/731 https://github.com/libsndfile/libsndfile/issues/789 https://github.com/libtom/libtomcrypt/issues/507 +https://github.com/libuv/libuv/security/advisories/GHSA-f74f-cvh7-c6q6 https://github.com/libxls/libxls/issues/94 +https://github.com/libxmljs/libxmljs/issues/645 +https://github.com/libxmljs/libxmljs/issues/646 +https://github.com/libyal/libesedb/issues/43 https://github.com/libyal/libexe/issues/1 +https://github.com/libyal/libfsclfs/issues/3 https://github.com/libyal/libfwsi/issues/13 https://github.com/libyal/liblnk/issues/38 https://github.com/libyal/liblnk/issues/40 @@ -117261,17 +119110,27 @@ https://github.com/liske/needrestart/releases/tag/v3.6 https://github.com/litespeedtech/openlitespeed/issues/117 https://github.com/litespeedtech/openlitespeed/issues/217 https://github.com/lithonn/bug-report/tree/main/vendors/oretnom23/bsms_ci/stored-xss +https://github.com/liu21st/onethink/issues/36 +https://github.com/liu21st/onethink/issues/37 +https://github.com/liu21st/onethink/issues/39 https://github.com/liu21st/onethink/issues/40 https://github.com/liufee/cms/issues/43 https://github.com/liufee/cms/issues/45 https://github.com/liufee/cms/issues/57 +https://github.com/liufee/cms/issues/58 +https://github.com/liufee/cms/issues/59 https://github.com/liufee/feehicms/issues/4 https://github.com/livehybrid/poc-cribl-rce +https://github.com/liyako/vulnerability/blob/main/POC/Limbas-Blind-SQL-injection.md +https://github.com/liyansong2018/CVE-2024-32258 +https://github.com/liyansong2018/CVE/tree/main/2021/CVE-2021-29302 +https://github.com/liyansong2018/CVE/tree/main/2021/CVE-2021-31659 https://github.com/liyansong2018/CVE/tree/main/2021/CVE-2021-34201 https://github.com/liyansong2018/CVE/tree/main/2021/CVE-2021-34202 https://github.com/liyansong2018/CVE/tree/main/2021/CVE-2021-34203 https://github.com/liyansong2018/elfspirit/issues/1 https://github.com/lizhipay/faka/issues/22 +https://github.com/ljw11e/cms/blob/main/4.md https://github.com/llixixi/cve/blob/main/D-LINK-DAR-7000_rce_%20mailrecvview.md https://github.com/llixixi/cve/blob/main/D-LINK-DAR-7000_sql_%20importexport.md https://github.com/llixixi/cve/blob/main/D-LINK-DAR-7000_upload_%20updateos.md @@ -117286,6 +119145,7 @@ https://github.com/llixixi/cve/blob/main/s45_upload_licence.md https://github.com/llixixi/cve/blob/main/s45_upload_web.md https://github.com/llvm/llvm-project/issues/80287 https://github.com/lntrx/CVE-2021-28663 +https://github.com/lobehub/lobe-chat/security/advisories/GHSA-pf55-fj96-xf37 https://github.com/lock-upme/OPMS/issues/25 https://github.com/lodestone-security/CVEs/blob/master/CVE-2019-16404/README.md https://github.com/lodestone-security/CVEs/blob/master/CVE-2019-16862/README.md @@ -117300,41 +119160,63 @@ https://github.com/looCiprian/Responsible-Vulnerability-Disclosure/blob/main/CVE https://github.com/looCiprian/Responsible-Vulnerability-Disclosure/tree/main/CVE-2022-28051 https://github.com/looCiprian/Responsible-Vulnerability-Disclosure/tree/main/CVE-2022-28478 https://github.com/looCiprian/Responsible-Vulnerability-Disclosure/tree/main/CVE-2022-28479 +https://github.com/louiselalanne/CVE-2024-23745 +https://github.com/louiselalanne/CVE-2024-23746 https://github.com/louislam/uptime-kuma/security/advisories/GHSA-553g-fcpf-m3wp https://github.com/louislam/uptime-kuma/security/advisories/GHSA-7grx-f945-mj96 https://github.com/louislam/uptime-kuma/security/advisories/GHSA-g9v2-wqcj-j99g https://github.com/louislam/uptime-kuma/security/advisories/GHSA-vr8x-74pm-6vj7 https://github.com/louislam/uptime-kuma/security/advisories/GHSA-wh8j-xr66-f296 +https://github.com/ls1intum/Ares/security/advisories/GHSA-98hq-4wmw-98w9 https://github.com/lscjl/lsi.webray.com.cn/blob/main/CVE-project/Book%20Borrower%20System%20Cross%20site%20scripting.md +https://github.com/lsegal/yard/security/advisories/GHSA-8mq4-9jjh-9xrc https://github.com/lsh123/xmlsec/issues/43 https://github.com/lst-oss/Vulnerability/tree/main/Tenda/A18/formAddMacfilterRule https://github.com/lst-oss/Vulnerability/tree/main/Tenda/A18/formWifiBasicSet https://github.com/lst-oss/Vulnerability/tree/main/Tenda/A18/fromSetWirelessRepeat https://github.com/lst-oss/Vulnerability/tree/main/Tenda/AC23/compare_parentcontrol_time https://github.com/lua/lua/commit/42d40581dd919fb134c07027ca1ce0844c670daf +https://github.com/luca-regne/my-cves/tree/main/CVE-2021-37589 https://github.com/lucasgcilento/CVE/blob/master/Dolibarr_CSRF https://github.com/lucxssouza/CVE-2020-13886 https://github.com/luelueking/Beetl-3.15.0-vuln-poc https://github.com/luelueking/ruoyi-4.7.5-vuln-poc https://github.com/luin/medis/issues/109 +https://github.com/luqiut/iot/blob/main/DIR-645%20Stack%20overflow.md +https://github.com/luvsn/OdZoo/tree/main/exploits/izi_data https://github.com/luvsn/OdZoo/tree/main/exploits/odoo-biometric-attendance https://github.com/luvsn/OdZoo/tree/main/exploits/pdm/2 +https://github.com/luvsn/OdZoo/tree/main/exploits/query_deluxe +https://github.com/luvsn/OdZoo/tree/main/exploits/text_commander https://github.com/luvsn/OdZoo/tree/main/exploits/website_search_blog https://github.com/luxiaoxun/NettyRpc/issues/53 https://github.com/lvandeve/lodepng/issues/177 https://github.com/lvu/rtf2html/issues/11 +https://github.com/lvyyevd/cms/blob/master/metinfo/metinfo7.0.0.md https://github.com/lwindolf/liferea/commit/8d8b5b963fa64c7a2122d1bbfbb0bed46e813e59 https://github.com/ly1g3/Joplin-CVE-2022-35131 https://github.com/ly1g3/Mailcow-CVE-2022-31138 https://github.com/ly1g3/Mailcow-CVE-2022-31245 https://github.com/lzlzh2016/CVE/blob/master/XSS.md https://github.com/lzlzh2016/CraftedWeb/blob/master/xss.md +https://github.com/m3lon/CVE/blob/master/CSRF/FUELCMS%20CSRF.md https://github.com/m4b/bingrep/issues/30 https://github.com/m4sk0ff/CVE-2021-38819/blob/main/CVE-2021-38819.md +https://github.com/machisri/CVEs-and-Vulnerabilities/blob/main/CVE-2024-24511%20-%3E%20Stored%20XSS%20in%20input%20Title%20of%20the%20Component +https://github.com/machisri/CVEs-and-Vulnerabilities/blob/main/CVE-2024-24512%20-%3E%20Stored%20XSS%20in%20input%20SubTitle%20of%20the%20Component +https://github.com/machisri/CVEs-and-Vulnerabilities/blob/main/CVE-2024-25434%20-%3E%20Stored%20XSS%20in%20input%20public%20name%20of%20the%20Component +https://github.com/machisri/CVEs-and-Vulnerabilities/blob/main/CVE-2024-25435%20-%3E%20Reflected%20XSS%20on%20md1patient%20login%20page +https://github.com/machisri/CVEs-and-Vulnerabilities/blob/main/CVE-2024-25438%20-%3E%20Stored%20XSS%20in%20input%20Subject%20of%20the%20Add%20Discussion%20Component%20under%20Submissions https://github.com/macvim-dev/macvim/security/advisories/GHSA-9jgj-jfwg-99fv https://github.com/maddingo/sojo/issues/15 https://github.com/madler/zlib/commit/d1d577490c15a0c6862473d7576352a9f18ef811 +https://github.com/maelosoki/MaeloStore/issues/1 +https://github.com/mafangqian/cms/blob/main/2.md +https://github.com/magicblack/maccms10/issues/1133 +https://github.com/magicblack/maccms10/issues/747 https://github.com/magicblack/maccms10/issues/76 +https://github.com/mailcow/mailcow-dockerized/security/advisories/GHSA-3j2f-wf52-cjg7 +https://github.com/majic-banana/vulnerability/blob/main/POC/WUZHICMS4.1.0%20Stored%20Xss%20In%20Affiche%20Model.md https://github.com/majic-banana/vulnerability/blob/main/POC/WUZHICMS4.1.0-Captcha%20bypass%20(logic%20vulnerability).md https://github.com/majic-banana/vulnerability/blob/main/POC/taocms-3.0.2%20Arbitrary%20File%20Writing%20Vulnerability.md https://github.com/malerisch/omnivista-8770-unauth-rce @@ -117362,10 +119244,17 @@ https://github.com/markedjs/marked/security/advisories/GHSA-5v2h-r2cx-5xgj https://github.com/markedjs/marked/security/advisories/GHSA-rrrm-qjm4-v8hf https://github.com/markgruffer/markgruffer.github.io/blob/master/_posts/2019-07-19-adaptive-images-for-wordpress-0-6-66-lfi-rce-file-deletion.markdown https://github.com/marktext/marktext/issues/2360 +https://github.com/marktext/marktext/issues/2548 https://github.com/marktext/marktext/issues/3575 https://github.com/markuta/bw-dump https://github.com/marmelab/react-admin/pull/8644 https://github.com/martinfrancois/CVE-2018-1000529 +https://github.com/martinfrancois/CVE-2021-36460 +https://github.com/martinh/libconfuse/issues/109 +https://github.com/martinzhou2015/SRCMS/issues/20 +https://github.com/mashroompc0527/CVE/blob/main/vul.md +https://github.com/mastodon/mastodon/security/advisories/GHSA-7w3c-p9j8-mq3x +https://github.com/mastodon/mastodon/security/advisories/GHSA-vm39-j3vx-pch3 https://github.com/mate-desktop/atril/security/advisories/GHSA-34rr-j8v9-v4p2 https://github.com/mate-desktop/atril/security/advisories/GHSA-6mf6-mxpc-jc37 https://github.com/matt-/nunjucks_test @@ -117373,11 +119262,17 @@ https://github.com/matthiaskramm/swftools/issues/100 https://github.com/matthiaskramm/swftools/issues/101 https://github.com/matthiaskramm/swftools/issues/102 https://github.com/matthiaskramm/swftools/issues/103 +https://github.com/matthiaskramm/swftools/issues/105 +https://github.com/matthiaskramm/swftools/issues/106 https://github.com/matthiaskramm/swftools/issues/114 https://github.com/matthiaskramm/swftools/issues/115 +https://github.com/matthiaskramm/swftools/issues/116 https://github.com/matthiaskramm/swftools/issues/121 +https://github.com/matthiaskramm/swftools/issues/122 +https://github.com/matthiaskramm/swftools/issues/124 https://github.com/matthiaskramm/swftools/issues/125 https://github.com/matthiaskramm/swftools/issues/128 +https://github.com/matthiaskramm/swftools/issues/129 https://github.com/matthiaskramm/swftools/issues/13 https://github.com/matthiaskramm/swftools/issues/130 https://github.com/matthiaskramm/swftools/issues/131 @@ -117405,8 +119300,12 @@ https://github.com/matthiaskramm/swftools/issues/175 https://github.com/matthiaskramm/swftools/issues/176 https://github.com/matthiaskramm/swftools/issues/177 https://github.com/matthiaskramm/swftools/issues/188 +https://github.com/matthiaskramm/swftools/issues/196 https://github.com/matthiaskramm/swftools/issues/197 https://github.com/matthiaskramm/swftools/issues/198 +https://github.com/matthiaskramm/swftools/issues/206 +https://github.com/matthiaskramm/swftools/issues/207 +https://github.com/matthiaskramm/swftools/issues/208 https://github.com/matthiaskramm/swftools/issues/21 https://github.com/matthiaskramm/swftools/issues/210 https://github.com/matthiaskramm/swftools/issues/211 @@ -117417,6 +119316,8 @@ https://github.com/matthiaskramm/swftools/issues/215 https://github.com/matthiaskramm/swftools/issues/216 https://github.com/matthiaskramm/swftools/issues/217 https://github.com/matthiaskramm/swftools/issues/219 +https://github.com/matthiaskramm/swftools/issues/223 +https://github.com/matthiaskramm/swftools/issues/225 https://github.com/matthiaskramm/swftools/issues/23 https://github.com/matthiaskramm/swftools/issues/24 https://github.com/matthiaskramm/swftools/issues/25 @@ -117436,12 +119337,15 @@ https://github.com/matthiaskramm/swftools/issues/52 https://github.com/matthiaskramm/swftools/issues/57 https://github.com/matthiaskramm/swftools/issues/97 https://github.com/matthiaskramm/swftools/issues/98 +https://github.com/matthiaskramm/swftools/issues/99 https://github.com/matthiasmaes/CVE-2020-27688 https://github.com/matthieu-hackwitharts/claroline-CVEs/blob/main/calendar_xss/calendar_xss.md https://github.com/matthieu-hackwitharts/claroline-CVEs/blob/main/csrf/csrf.md https://github.com/matthieu-hackwitharts/claroline-CVEs/blob/main/rce/rce_file_upload.md https://github.com/matthieu-hackwitharts/claroline-CVEs/blob/main/svg_xss/svg_xss.md +https://github.com/mattiapazienti/fledrCMS/issues/2 https://github.com/mautic/mautic/security/advisories/GHSA-x7g2-wrrp-r6h3 +https://github.com/maxmind/libmaxminddb/issues/236 https://github.com/maxsite/cms/issues/430 https://github.com/maxsite/cms/issues/487 https://github.com/mclab-hbrs/BBB-POC @@ -117455,16 +119359,24 @@ https://github.com/mdadams/jasper/issues/172 https://github.com/mdadams/jasper/issues/173 https://github.com/mdadams/jasper/issues/184 https://github.com/mdadams/jasper/issues/188 +https://github.com/mdadams/jasper/issues/191 +https://github.com/mdadams/jasper/issues/192 https://github.com/mdadams/jasper/issues/93 https://github.com/mdadams/jasper/issues/94 https://github.com/mdanzaruddin/CVE-2021-33558. https://github.com/mdanzaruddin/CVE-2021-33558./issues/1 https://github.com/mde/ejs/issues/720 https://github.com/mde/utilities/issues/29 +https://github.com/medikoo/es5-ext/issues/201 +https://github.com/meetecho/janus-gateway/blob/v0.10.0/plugins/janus_streaming.c#L6117 https://github.com/meetecho/janus-gateway/blob/v0.10.0/plugins/janus_streaming.c#L6166 +https://github.com/memcached/memcached/issues/629 +https://github.com/memcached/memcached/issues/805 https://github.com/memononen/nanosvg/issues/136 https://github.com/menghaining/PoC/blob/main/PublicCMS/publishCMS--PoC.md https://github.com/menghaining/PoC/blob/main/gin-vue-admin/gin-vue-admin--PoC.md +https://github.com/menghaining/PoC/blob/main/xzs-mysql/xzs-mysql%20--%20PoC.md +https://github.com/merces/libpe/issues/35 https://github.com/mermaid-js/mermaid/security/advisories/GHSA-x3vm-38hw-55wf https://github.com/merrychap/CVEs/tree/master/janus-webrtc/CVE-2020-13898 https://github.com/merrychap/poc_exploits/tree/master/ONLYOFFICE/CVE-2021-25829 @@ -117483,11 +119395,13 @@ https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-85g https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-8cw3-6r98-g7cw https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-9v93-3qpc-hxj9 https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-hxg8-4r3q-p9rv +https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-m7fh-f3w4-r6v2 https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-p295-2jh6-g6g4 https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-vgvw-6xcf-qqfc https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-whc6-2989-42xm https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf https://github.com/metersphere/metersphere/security/advisories/GHSA-5mwp-xw7p-5j27 +https://github.com/metersphere/metersphere/security/advisories/GHSA-7499-q88f-mxqp https://github.com/metersphere/metersphere/security/advisories/GHSA-7xj3-qrx5-524r https://github.com/metersphere/metersphere/security/advisories/GHSA-fwc3-5h55-mh2j https://github.com/metersphere/metersphere/security/advisories/GHSA-qffq-8gf8-mhq7 @@ -117495,20 +119409,26 @@ https://github.com/metersphere/metersphere/security/advisories/GHSA-qxx2-p3w2-w4 https://github.com/metersphere/metersphere/security/advisories/GHSA-vrv6-cg45-rmjj https://github.com/mhenrixon/sidekiq-unique-jobs/security/advisories/GHSA-cmh9-rx85-xj38 https://github.com/mholt/archiver/pull/65 +https://github.com/mi2acle/forucmsvuln/blob/master/sqli.md https://github.com/michaelrsweet/htmldoc/issues/413 https://github.com/michaelrsweet/htmldoc/issues/414 https://github.com/michaelrsweet/htmldoc/issues/415 https://github.com/michaelrsweet/htmldoc/issues/416 https://github.com/michaelrsweet/htmldoc/issues/417 https://github.com/michaelrsweet/htmldoc/issues/418 +https://github.com/michaelrsweet/htmldoc/issues/423 https://github.com/michaelrsweet/htmldoc/issues/425 https://github.com/michaelrsweet/htmldoc/issues/431 https://github.com/michaelrsweet/htmldoc/issues/433 +https://github.com/michaelrsweet/htmldoc/issues/444 +https://github.com/michaelrsweet/htmldoc/issues/453 +https://github.com/michaelrsweet/htmldoc/issues/456 https://github.com/michaelrsweet/htmldoc/issues/461 https://github.com/michaelrsweet/htmldoc/issues/463 https://github.com/michaelrsweet/htmldoc/issues/470 https://github.com/michaelrsweet/htmldoc/issues/471 https://github.com/michaelrsweet/htmldoc/issues/480 +https://github.com/michaelrsweet/mxml/issues/237 https://github.com/michaelrsweet/mxml/issues/286 https://github.com/michaelrsweet/pdfio/security/advisories/GHSA-68x8-9phf-j7jf https://github.com/michaelrsweet/pdfio/security/advisories/GHSA-cjc4-x96x-fvgf @@ -117520,8 +119440,10 @@ https://github.com/micronaut-projects/micronaut-security/security/advisories/GHS https://github.com/micropython/micropython/issues/13007 https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/microweber/microweber/issues/1042 +https://github.com/microweber/microweber/issues/483 https://github.com/microweber/microweber/issues/484 https://github.com/micwallace/wallacepos/issues/84 +https://github.com/miekg/dns/issues/742 https://github.com/migraine-sudo/D_Link_Vuln/tree/main/Permanent%20DDOS%20vulnerability%20in%20emailInfo https://github.com/migraine-sudo/D_Link_Vuln/tree/main/cmd%20Inject%20In%20tools_AccountName https://github.com/migraine-sudo/D_Link_Vuln/tree/main/cmd%20Inject%20in%20pingV4Msg @@ -117535,14 +119457,23 @@ https://github.com/mikedamm/CVEs/blob/master/CVE-2019-11688.md https://github.com/mikelbring/tinyissue/issues/237 https://github.com/millken/doyocms/issues/1 https://github.com/mindsdb/mindsdb/security/advisories/GHSA-7x45-phmr-9wqp +https://github.com/mindstellar/Osclass/issues/495 https://github.com/ming-soft/MCMS/issues/58 +https://github.com/ming-soft/MCMS/issues/59 https://github.com/minghangshen/bug_poc https://github.com/miniupnp/ngiflib/issues/11 https://github.com/miniupnp/ngiflib/issues/12 https://github.com/miniupnp/ngiflib/issues/15 https://github.com/miniupnp/ngiflib/issues/16 +https://github.com/miniupnp/ngiflib/issues/17 +https://github.com/miniupnp/ngiflib/issues/18 +https://github.com/miniupnp/ngiflib/issues/19 +https://github.com/miniupnp/ngiflib/issues/27 https://github.com/miniupnp/ngiflib/issues/29 +https://github.com/miniupnp/ngiflib/issues/4 https://github.com/miniupnp/ngiflib/issues/5 +https://github.com/miniupnp/ngiflib/issues/6 +https://github.com/mirchr/security-research/blob/master/vulnerabilities/F5/CVE-2018-5529.txt https://github.com/mirchr/security-research/blob/master/vulnerabilities/F5/CVE-2019-6617.txt https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE-2019-12573.txt https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE-2019-12574.txt @@ -117551,7 +119482,10 @@ https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE- https://github.com/miroslavpejic85/mirotalk/issues/139 https://github.com/miruser/Roche-CVEs/blob/master/CVE-2017-11175.md https://github.com/miruser/Roche-CVEs/blob/master/CVE-2019-12834.md +https://github.com/missing0x00/CVE-2018-5353 +https://github.com/missing0x00/CVE-2018-5354 https://github.com/missing0x00/CVE-2020-26061 +https://github.com/misskey-dev/misskey/security/advisories/GHSA-2vxv-pv3m-3wvj https://github.com/misskey-dev/misskey/security/advisories/GHSA-3f39-6537-3cgc https://github.com/misskey-dev/misskey/security/advisories/GHSA-7pxq-6xx9-xpgm https://github.com/mity/md4c/issues/41 @@ -117577,20 +119511,28 @@ https://github.com/moehw/poc_exploits/tree/master/CVE-2021-3199/poc_uploadImageF https://github.com/moehw/poc_exploits/tree/master/CVE-2022-29776 https://github.com/moehw/poc_exploits/tree/master/CVE-2022-29777 https://github.com/moehw/poc_exploits/tree/master/CVE-2023-28488 +https://github.com/momo5502/cod-exploit +https://github.com/momo5502/cod-exploits/tree/master/steam-auth +https://github.com/monburan/attack-baijiacmsV4-with-csrf https://github.com/monero-project/monero-gui/issues/3142#issuecomment-705940446 https://github.com/monicahq/monica/issues/4888 https://github.com/monicahq/monica/pull/4543 https://github.com/monkey/monkey/issues/92 https://github.com/monoxgas/mailorder +https://github.com/monstra-cms/monstra/issues/452 +https://github.com/monstra-cms/monstra/issues/458 +https://github.com/monstra-cms/monstra/issues/471 https://github.com/moonlight-stream/moonlight-common-c/security/advisories/GHSA-4927-23jw-rq62 https://github.com/moov-io/signedxml/issues/23 https://github.com/moses-smt/mosesdecoder/issues/237 https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7110 https://github.com/mozilla/mozjpeg/issues/268 +https://github.com/mozilla/mozjpeg/issues/299 https://github.com/mozilla/ssl-config-generator/issues/162 https://github.com/mpdavis/python-jose/issues/344 https://github.com/mpdf/mpdf/issues/867 https://github.com/mpdf/mpdf/issues/949 +https://github.com/mperham/sidekiq/issues/4852 https://github.com/mpgn/CRIME-poc https://github.com/mpgn/poodle-PoC https://github.com/mpruett/audiofile/issues/33 @@ -117602,40 +119544,74 @@ https://github.com/mpruett/audiofile/issues/38 https://github.com/mpruett/audiofile/issues/39 https://github.com/mpruett/audiofile/issues/40 https://github.com/mpruett/audiofile/issues/41 +https://github.com/mpruett/audiofile/issues/49 https://github.com/mpruett/audiofile/issues/54 https://github.com/mpruett/audiofile/issues/56 https://github.com/mpruett/audiofile/issues/60 https://github.com/mr-xmen786/CVE-2023-46478/tree/main +https://github.com/mrojz/ZKT-Bio-CVSecurity/blob/main/CVE-2024-35428.md +https://github.com/mrojz/ZKT-Bio-CVSecurity/blob/main/CVE-2024-35429.md +https://github.com/mrojz/ZKT-Bio-CVSecurity/blob/main/CVE-2024-35430.md +https://github.com/mrojz/ZKT-Bio-CVSecurity/blob/main/CVE-2024-35431.md +https://github.com/mrojz/ZKT-Bio-CVSecurity/blob/main/CVE-2024-35432.md +https://github.com/mrojz/ZKT-Bio-CVSecurity/blob/main/CVE-2024-35433.md https://github.com/mrojz/rconfig-exploit/blob/main/CVE-2021-29004-POC-req.txt +https://github.com/mrojz/rconfig-exploit/blob/main/CVE-2021-29005-POC.sh https://github.com/mrojz/rconfig-exploit/blob/main/CVE-2021-29006-POC.py https://github.com/mrojz/rconfig-exploit/blob/main/CVE-2023-24366.md https://github.com/mrojz/rconfig-exploit/blob/main/README.md https://github.com/mrojz/rconfig-exploit/blob/main/rconfigV6_Local_File_Disclosure.md +https://github.com/mruby/mruby/issues/3995 https://github.com/mruby/mruby/issues/4926 https://github.com/mruby/mruby/issues/4927 https://github.com/mruby/mruby/issues/4929 https://github.com/mruby/mruby/issues/5042 +https://github.com/mruby/mruby/issues/5613 https://github.com/mrvautin/expressCart/issues/120 https://github.com/mskocik/svelecte/security/advisories/GHSA-7h45-grc5-89wq https://github.com/mspaling/mbam-exclusions-poc- https://github.com/mspaling/mbam-exclusions-poc-/blob/master/mbam-whitelist-poc.txt +https://github.com/mspaling/zemana-exclusions-poc/blob/master/zemana-whitelist-poc.txt https://github.com/mssalvatore/CVE-2019-14751_PoC https://github.com/mudassiruddin/CVE-2022-43144-Stored-XSS https://github.com/munin-monitoring/munin/blob/2.0.18/ChangeLog +https://github.com/musescore/MuseScore/issues/16346 https://github.com/mvel/mvel/issues/348 https://github.com/mvel/mvel/issues/348#issuecomment-1874047271 https://github.com/mwarning/KadNode/issues/79 https://github.com/mwrlabs/CVE-2016-7255 https://github.com/mwrlabs/CVE-2018-4121 +https://github.com/myndtt/vulnerability/blob/master/poscms/3-2-10.md +https://github.com/myndtt/vulnerability/blob/master/poscms/3-2-18.md https://github.com/mz-automation/libiec61850/issues/193 https://github.com/mz-automation/libiec61850/issues/194 https://github.com/mz-automation/libiec61850/issues/196 https://github.com/mz-automation/libiec61850/issues/197 https://github.com/mz-automation/libiec61850/issues/198 https://github.com/mz-automation/libiec61850/issues/200 +https://github.com/mz-automation/libiec61850/issues/368 +https://github.com/mz-automation/libiec61850/issues/492 +https://github.com/mz-automation/libiec61850/issues/495 +https://github.com/mz-automation/libiec61850/issues/496 https://github.com/n0obit4/Vulnerability_Disclosure/tree/main/CVE-2023-50015 +https://github.com/n0wstr/IOTVuln/tree/main/CP450/CloudACMunualUpdate_injection +https://github.com/n0wstr/IOTVuln/tree/main/CP450/NTPSyncWithHost +https://github.com/n0wstr/IOTVuln/tree/main/CP450/SetPortForwardRules +https://github.com/n0wstr/IOTVuln/tree/main/CP450/SetTelnetCfg +https://github.com/n0wstr/IOTVuln/tree/main/CP450/SetUrlFilterRules +https://github.com/n0wstr/IOTVuln/tree/main/CP450/addWlProfileClientMode +https://github.com/n0wstr/IOTVuln/tree/main/CP450/getSaveConfig +https://github.com/n0wstr/IOTVuln/tree/main/CP450/setIpPortFilterRules +https://github.com/n0wstr/IOTVuln/tree/main/CP450/setIpQosRules +https://github.com/n0wstr/IOTVuln/tree/main/CP450/setLanguageCfg +https://github.com/n0wstr/IOTVuln/tree/main/CP450/setMacFilterRules +https://github.com/n0wstr/IOTVuln/tree/main/CP450/setStaticDhcpConfig +https://github.com/n0wstr/IOTVuln/tree/main/CP450/setUpgradeFW +https://github.com/n0wstr/IOTVuln/tree/main/CP450/setWebWlanIdx +https://github.com/n0wstr/IOTVuln/tree/main/DIR-823g/UploadFirmware https://github.com/n3gox/Stored-XSS-on-SCM-Manager-1.60 https://github.com/n8tz/CVE-2022-24999 +https://github.com/nabby27/CMS/pull/3 https://github.com/nagenanhai/cve/blob/main/duqu.md https://github.com/nagenanhai/cve/blob/main/sql.md https://github.com/naihsin/IoT/blob/main/D-Link/DIR-600/cmd%20injection/README.md @@ -117644,6 +119620,7 @@ https://github.com/naihsin/IoT/tree/main/D-Link/DIR-600/cmd%20injection https://github.com/naihsin/IoT/tree/main/D-Link/DIR-600/overflow https://github.com/naihsin/IoT/tree/main/D-Link/DIR-619L/overflow https://github.com/nam3lum/msi-central_privesc +https://github.com/nangge/noneCms/issues/21 https://github.com/nangge/noneCms/issues/30 https://github.com/nangge/noneCms/issues/32 https://github.com/nangge/noneCms/issues/33 @@ -117659,7 +119636,9 @@ https://github.com/navaidzansari/CVE_Demo/blob/main/2023/Music%20Gallery%20Site% https://github.com/navaidzansari/CVE_Demo/blob/main/2023/Music%20Gallery%20Site%20-%20SQL%20Injection%202.md https://github.com/navaidzansari/CVE_Demo/blob/main/2023/Music%20Gallery%20Site%20-%20SQL%20Injection%203.md https://github.com/navaidzansari/CVE_Demo/blob/main/2023/Simple%20Food%20Ordering%20System%20-%20Authenticated%20Reflected%20XSS.md +https://github.com/navidrome/navidrome/security/advisories/GHSA-4jrx-5w4h-3gpm https://github.com/navidrome/navidrome/security/advisories/GHSA-wq59-4q6r-635r +https://github.com/nck0099/osTicket/issues/2 https://github.com/nearform/fast-jwt/security/advisories/GHSA-c2ff-88x2-x9pg https://github.com/nektos/act/security/advisories/GHSA-pc99-qmg4-rcff https://github.com/nelhage/virtunoid @@ -117673,7 +119652,10 @@ https://github.com/nepenthe0320/cve_poc/blob/master/CVE-2019-11370 https://github.com/net-snmp/net-snmp/issues/474 https://github.com/net-snmp/net-snmp/issues/475 https://github.com/netbox-community/netbox/issues/3471 +https://github.com/netcccyun/pan/issues/6 +https://github.com/netdata/netdata/security/advisories/GHSA-pmhq-4cxq-wj93 https://github.com/netplex/json-smart-v2/issues/67 +https://github.com/netptop/siteproxy/issues/67 https://github.com/netsecfish/tbk_dvr_command_injection https://github.com/netsecfish/xiongmai_incorrect_access_control https://github.com/netsecfish/xiongmai_incorrect_access_control/blob/main/pocCheck3-en.py @@ -117682,6 +119664,7 @@ https://github.com/nexB/scancode.io/security/advisories/GHSA-2ggp-cmvm-f62f https://github.com/nexis-nexis/Searchor-2.4.0-POC-Exploit- https://github.com/nextauthjs/next-auth/security/advisories/GHSA-pg53-56cg-4m8q https://github.com/nextcloud/cookbook/security/advisories/GHSA-c5pc-mf2f-xq8h +https://github.com/nextcloud/news-android/blob/master/security/GHSL-2021-1033_Nextcloud_News_for_Android.md https://github.com/ngallagher/simplexml/issues/18 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/security/advisories/GHSA-q5wr-xfw9-q7xr @@ -117692,6 +119675,8 @@ https://github.com/nginx/njs/issues/322 https://github.com/nginx/njs/issues/323 https://github.com/nginx/njs/issues/324 https://github.com/nginx/njs/issues/325 +https://github.com/nginx/njs/issues/447 +https://github.com/nginx/njs/issues/449 https://github.com/nginx/njs/issues/451 https://github.com/nginx/njs/issues/467 https://github.com/nginx/njs/issues/469 @@ -117726,13 +119711,19 @@ https://github.com/nih-at/libzip/issues/5 https://github.com/nikeshtiwari1/House-Rental-System/issues/6 https://github.com/nikeshtiwari1/House-Rental-System/issues/8 https://github.com/nikhil-aniill/Small-CRM-CVE +https://github.com/nikhil1232/Cockpit-CMS-XSS-POC https://github.com/nikn0laty/Exploit-for-Searchor-2.4.0-Arbitrary-CMD-Injection https://github.com/nim-lang/zip/issues/54 +https://github.com/nimble-code/Modex/issues/8 +https://github.com/nimble-code/Spin/issues/56 https://github.com/nipunsomani/Opencart-3.x.x-Authenticated-Stored-XSS/blob/master/README.md +https://github.com/nisdn/CVE-2021-40978 +https://github.com/nisdn/CVE-2021-40978/issues/1 https://github.com/niteosoft/simplejobscript/issues/10 https://github.com/niteosoft/simplejobscript/issues/7 https://github.com/niteosoft/simplejobscript/issues/9 https://github.com/nitinp1232/cms-corephp/issues/1 +https://github.com/nixwizard/CVE-2018-15365/ https://github.com/njhartwell/pw3nage https://github.com/nmap/nmap/issues/1568 https://github.com/no-security/sqlalchemy_test @@ -117754,6 +119745,7 @@ https://github.com/noperator/CVE-2019-18935 https://github.com/noraj/Umbraco-RCE https://github.com/nothings/stb/issues/1108 https://github.com/nothings/stb/issues/1166 +https://github.com/nothings/stb/issues/1178 https://github.com/nothings/stb/issues/1224 https://github.com/nothings/stb/issues/1225 https://github.com/nothings/stb/issues/1286 @@ -117766,12 +119758,16 @@ https://github.com/nothings/stb/issues/867 https://github.com/nothings/stb/issues/868 https://github.com/nothings/stb/issues/869 https://github.com/notkisi/CVE-s/blob/master/CVE-2018-18912.py +https://github.com/novysodope/VulReq/blob/main/JFinalOA +https://github.com/novysodope/VulReq/blob/main/oa_system https://github.com/nowsecure/samsung-ime-rce-poc/ https://github.com/nrb547/kernel-exploitation/blob/main/cve-2021-3609/cve-2021-3609.md +https://github.com/nrhirani/node-qpdf/issues/23 https://github.com/nsbogam/CVE-2022-26269/blob/main/README.md https://github.com/nsbogam/ebike https://github.com/nsbogam/ebike-jammer https://github.com/nsbogam/ebike-jammer/blob/main/README.md +https://github.com/nt1m/livemarks/security/advisories/GHSA-3gg9-w4fm-jjcg https://github.com/nu11secur1ty/CVE-mitre/tree/main/2022/CVE-2022-23366 https://github.com/nu11secur1ty/CVE-mitre/tree/main/2022/CVE-2022-24263 https://github.com/nu11secur1ty/CVE-mitre/tree/main/2022/CVE-2022-25003 @@ -117780,6 +119776,13 @@ https://github.com/nu11secur1ty/CVE-mitre/tree/main/2022/CVE-2022-28452 https://github.com/nu11secur1ty/CVE-mitre/tree/main/2022/CVE-2022-31325 https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-35458 https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-36624 +https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-37806 +https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-37808 +https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-41054 +https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-41492 +https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-41511 +https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-41649 +https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-41947 https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-42224 https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-42665 https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-42667 @@ -117792,18 +119795,22 @@ https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44593 https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44598 https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44653 https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44655 +https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-45334 https://github.com/nu11secur1ty/CVE-mitre/tree/main/Online-Catering-Reservation-DT-Food-Catering https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/Md-Saiful-Islam-creativesaiful/2021/Ecommerce-project-with-php-and-mysqli-Fruits-Bazar https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/PHPGURUKUL/ANUJ%20KUMAR/Employee-Record-Management-System https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/PHPGURUKUL/ANUJ%20KUMAR/Employee-Record-Management-System-SQL-Injection https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/PHPGURUKUL/ANUJ%20KUMAR/Employee-Record-Management-System-SQL-Injection-Bypass-Authentication https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/Piwigo/2022/12.3.0 +https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/Projectworlds/2022/Online%20Examination%20System https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/PuneethReddyHC/event-management-1.0 https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/acetech/2022/Home-Clean-Service-System https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/campcodes.com/Bank-Management-System https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/code-projects/Pharmacy-Management +https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/glfusion/XSS-Reflected https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/janobe/CVE-nu11-101321 https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/janobe/CVE-nu11-101821 +https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/janobe/CVE-nu11-12-09162021 https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/janobe/Multi%20Restaurant%20Table%20Reservation%20System https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/janobe/Online-Enrollment-Management-System https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/mayuri_k/2022/Garage-Management-System-1.0-SFU @@ -117812,23 +119819,44 @@ https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/202 https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Air-Cargo-Management-System https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Cosmetics-and-Beauty-Product-Online-Store https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Cosmetics-and-Beauty-Product-Online-Store/SQL-Injection +https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Courier-Management-System https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Covid-19-Travel-Pass-Management +https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Employee-and-Visitor-Gate-Pass-Logging https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Home-Owners-Collection-Management https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Online-Fire-Reporting +https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Online-Resort-Management-System-1.0 https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Payroll-Management-System +https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Simple%20ChatBot https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Simple-Mobile-Comparison-Website +https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Simple-Music-Cloud-Community-System https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Simple-Student-Information https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Student-Grading-System +https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/CSMS-1.0 +https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/CVE-nu11-03 +https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/CVE-nu11-04 +https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/CVE-nu11-06-092421 https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/CVE-nu11-07 +https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/CVE-nu11-08-09072021 +https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/CVE-nu11-09 +https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/CVE-nu11-10-09102021 +https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/CVE-nu11-15-092121 https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/CVE-nu11-17-092921 +https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/CVE-nu11-18-09-2821 +https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/CVE-nu11-19-302021 +https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/CVE-nu11-20-100121 https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/CVE-nu11-21-100521 +https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/Forum-Discussion-System-1.0 https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/MSMS +https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/RSMS-1.0 https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/Simple-Logistic-Hub-Parcels-Management +https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/Video-Sharing-Website +https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/razormist https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/unyasoft/CTMS https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/vetbossel.in/2022/Matrimony https://github.com/nu774/fdkaac/issues/52 https://github.com/nugmubs/chronoforums-cve/wiki/Stored-XSS-Vulnerability-in-Chronoforum-v2.0.11-(Joomla-plugin) https://github.com/numirias/security/blob/master/doc/2019-06-04_ace-vim-neovim.md +https://github.com/o2oa/o2oa/issues/156 https://github.com/o2platform/DefCon_RESTing/tree/master/Live-Demos/Neo4j https://github.com/oauthlib/oauthlib/security/advisories/GHSA-3pgj-pg6c-r5p7 https://github.com/oblac/jodd-http/issues/9 @@ -117839,6 +119867,9 @@ https://github.com/ohler55/agoo/issues/88 https://github.com/ohler55/ox/issues/194 https://github.com/ohler55/ox/issues/195 https://github.com/olmax99/helm-flask-celery/commit/28c985d712d7ac26893433e8035e2e3678fcae9f +https://github.com/omarexala/PHP-MYSQL-User-Login-System---Broken-Access-Control +https://github.com/omarexala/PHP-MYSQL-User-Login-System---SQL-Injection +https://github.com/omarexala/PHP-MYSQL-User-Login-System---Stored-XSS https://github.com/omarhashem123/Security-Research/blob/main/CVE-2022-38627/CVE-2022-38627.txt https://github.com/omarhashem123/Security-Research/blob/main/CVE-2022-38627/CVE-2022-38627.yaml https://github.com/omarhashem123/Security-Research/blob/main/CVE-2022-38628/CVE-2022-38628.txt @@ -117854,11 +119885,17 @@ https://github.com/onlaj/Piano-LED-Visualizer/issues/350 https://github.com/onlaj/Piano-LED-Visualizer/pull/351 https://github.com/onlaj/Piano-LED-Visualizer/security/advisories/GHSA-g78x-q3x8-r6m4 https://github.com/onnx/onnx/issues/3991 +https://github.com/open-metadata/OpenMetadata/security/advisories/GHSA-5xv3-fm7g-865r +https://github.com/open-metadata/OpenMetadata/security/advisories/GHSA-6wx7-qw5p-wh84 +https://github.com/open-metadata/OpenMetadata/security/advisories/GHSA-7vf4-x5m2-r6gr +https://github.com/open-metadata/OpenMetadata/security/advisories/GHSA-8p5r-6mvv-2435 +https://github.com/open-metadata/OpenMetadata/security/advisories/GHSA-j86m-rrpr-g8gw https://github.com/open-telemetry/opentelemetry-collector/security/advisories/GHSA-c74f-6mfw-mm4v https://github.com/open-telemetry/opentelemetry-go-contrib/security/advisories/GHSA-8pgv-569h-w5rw https://github.com/open-telemetry/opentelemetry-java-instrumentation/security/advisories/GHSA-hghr-r469-gfq6 https://github.com/open-zaak/open-zaak/blob/master/CHANGELOG.rst#133-2020-12-17 https://github.com/open5gs/open5gs/issues/1247 +https://github.com/open5gs/open5gs/issues/764 https://github.com/openSUSE/libsolv/issues/416 https://github.com/openSUSE/libsolv/issues/417 https://github.com/openSUSE/libsolv/issues/425 @@ -117877,6 +119914,7 @@ https://github.com/openemr/openemr/issues/1781 https://github.com/openemr/openemr/issues/1782 https://github.com/openemr/openemr/issues/498 https://github.com/openexr/openexr/issues/248 +https://github.com/openexr/openexr/issues/350 https://github.com/openexr/openexr/issues/351 https://github.com/openid/ruby-openid/pull/43 https://github.com/openlink/virtuoso-opensource/issues/1118 @@ -117907,6 +119945,8 @@ https://github.com/openlink/virtuoso-opensource/issues/1173 https://github.com/openlink/virtuoso-opensource/issues/1176 https://github.com/openlink/virtuoso-opensource/issues/1177 https://github.com/openlink/virtuoso-opensource/issues/1178 +https://github.com/openobserve/openobserve/security/advisories/GHSA-3m5f-9m66-xgp7 +https://github.com/openobserve/openobserve/security/advisories/GHSA-hfxx-g56f-8h5v https://github.com/openreplay/openreplay/security/advisories/GHSA-xpfv-454c-3fj4 https://github.com/openscad/openscad/issues/4043 https://github.com/orangecertcc/security-research/security/advisories/GHSA-25j8-69h7-83h2 @@ -117915,6 +119955,7 @@ https://github.com/orangecertcc/security-research/security/advisories/GHSA-34f2- https://github.com/orangecertcc/security-research/security/advisories/GHSA-77vw-2pmg-q492 https://github.com/orangecertcc/security-research/security/advisories/GHSA-7xfm-92p7-qc57 https://github.com/orangecertcc/security-research/security/advisories/GHSA-8v5w-4fhm-gqxj +https://github.com/orangecertcc/security-research/security/advisories/GHSA-8wx4-g5p9-348h https://github.com/orangecertcc/security-research/security/advisories/GHSA-f49v-45qp-cv53 https://github.com/orangecertcc/security-research/security/advisories/GHSA-f73m-fvj3-m2pm https://github.com/orangecertcc/security-research/security/advisories/GHSA-gq88-gqmj-7v24 @@ -117939,11 +119980,17 @@ https://github.com/orangecertcc/security-research/security/advisories/GHSA-wmjv- https://github.com/orangecertcc/security-research/security/advisories/GHSA-wwq2-pxrj-v62r https://github.com/orangecertcc/security-research/security/advisories/GHSA-x2r6-4m45-m4jp https://github.com/orangecertcc/security-research/security/advisories/GHSA-xfw3-pgp3-5j2p +https://github.com/osamu620/OpenHTJ2K +https://github.com/oskarsve/ms-teams-rce https://github.com/ossec/ossec-hids/issues/1585 https://github.com/ossec/ossec-hids/issues/1953 https://github.com/ossec/ossec-hids/releases/tag/2.8.1 +https://github.com/osvaldotenorio/CVE-2024-34470 +https://github.com/osvaldotenorio/CVE-2024-34471 +https://github.com/osvaldotenorio/CVE-2024-34472 https://github.com/oswetto/LoboEvolution/issues/38 https://github.com/otavioarj/SIOCtl +https://github.com/overXsky/IrfanviewPoc https://github.com/owlike/genson/issues/191 https://github.com/oxen-io/session-android/pull/897 https://github.com/oyeahtime/test/issues/3 @@ -117964,6 +120011,7 @@ https://github.com/p1ckzi/CVE-2022-35513 https://github.com/p1n93r/SpringBootAdmin-thymeleaf-SSTI https://github.com/p8w/akcms/issues/1 https://github.com/p8w/akcms/issues/2 +https://github.com/paalbra/zabbix-zbxsec-7 https://github.com/palantir/security-bulletins/blob/main/PLTRSEC-2022-01.md https://github.com/palantir/security-bulletins/blob/main/PLTRSEC-2022-02.md https://github.com/palantir/security-bulletins/blob/main/PLTRSEC-2022-06.md @@ -117976,11 +120024,15 @@ https://github.com/pallets/jinja/issues/549 https://github.com/pandao/editor.md/issues/700 https://github.com/pandao/editor.md/issues/709 https://github.com/pang0lin/CVEproject/blob/main/wordpress_SP-Project_fileupload.md +https://github.com/pang0lin/CVEproject/blob/main/wordpress_side-menu-lite_sqli.md +https://github.com/panghusec/exploit/issues/2 https://github.com/panghusec/exploit/issues/8 https://github.com/paradessia/cve/blob/main/Ipack-Scada-Automation.txt https://github.com/paragbagul111/CVE-2023-30145 https://github.com/paramiko/paramiko/blob/master/sites/www/changelog.rst +https://github.com/parcel-bundler/parcel/pull/1794 https://github.com/parisneo/lollms-webui/commit/1e17df01e01d4d33599db2afaafe91d90b6f0189 +https://github.com/passtheticket/vulnerability-research/blob/main/cockpitProject/README.md https://github.com/passtheticket/vulnerability-research/blob/main/manage-engine-apps/admanager-recovery-password-disclosure.md https://github.com/patrickhener/CVE-2023-22855/blob/main/advisory/advisory.md https://github.com/patriksimek/vm2/issues/197 @@ -117988,11 +120040,13 @@ https://github.com/patriksimek/vm2/issues/467 https://github.com/patriksimek/vm2/issues/515 https://github.com/patriksimek/vm2/security/advisories/GHSA-7jxr-cg7f-gpgv https://github.com/patriksimek/vm2/security/advisories/GHSA-ch3r-j5x3-6q2m +https://github.com/patriksimek/vm2/security/advisories/GHSA-g644-9gfx-q4q4 https://github.com/patriksimek/vm2/security/advisories/GHSA-p5gc-c584-jj6v https://github.com/patriksimek/vm2/security/advisories/GHSA-whpj-8f3w-67p5 https://github.com/patriksimek/vm2/security/advisories/GHSA-xj72-wvfv-8985 https://github.com/pawelmalak/snippet-box/issues/57 https://github.com/payatu/QuickHeal +https://github.com/payloadbox/xss-payload-list https://github.com/pbgt/CVEs/blob/main/CVE-2021-39285.md https://github.com/pcmacdon/jsish/issues/10 https://github.com/pcmacdon/jsish/issues/100 @@ -118008,6 +120062,25 @@ https://github.com/pcmacdon/jsish/issues/53 https://github.com/pcmacdon/jsish/issues/54 https://github.com/pcmacdon/jsish/issues/55 https://github.com/pcmacdon/jsish/issues/57 +https://github.com/pcmacdon/jsish/issues/60 +https://github.com/pcmacdon/jsish/issues/61 +https://github.com/pcmacdon/jsish/issues/62 +https://github.com/pcmacdon/jsish/issues/63 +https://github.com/pcmacdon/jsish/issues/64 +https://github.com/pcmacdon/jsish/issues/65 +https://github.com/pcmacdon/jsish/issues/67 +https://github.com/pcmacdon/jsish/issues/68 +https://github.com/pcmacdon/jsish/issues/69 +https://github.com/pcmacdon/jsish/issues/70 +https://github.com/pcmacdon/jsish/issues/73 +https://github.com/pcmacdon/jsish/issues/74 +https://github.com/pcmacdon/jsish/issues/78 +https://github.com/pcmacdon/jsish/issues/81 +https://github.com/pcmacdon/jsish/issues/83 +https://github.com/pcmacdon/jsish/issues/84 +https://github.com/pcmacdon/jsish/issues/85 +https://github.com/pcmacdon/jsish/issues/86 +https://github.com/pcmacdon/jsish/issues/98 https://github.com/pcmt/superMicro-CMS/issues/1 https://github.com/pcmt/superMicro-CMS/issues/2 https://github.com/pdm-project/pdm/security/advisories/GHSA-j44v-mmf2-xvm9 @@ -118017,17 +120090,22 @@ https://github.com/pedrib/PoC/blob/master/advisories/ManageEngine/me_dc9_admin.t https://github.com/pedrib/PoC/blob/master/advisories/NUUO/nuuo_nvrmini_round2.mkd https://github.com/pedrib/PoC/blob/master/advisories/Pwn2Own/Tokyo_2019/lao_bomb/lao_bomb.md https://github.com/pedrib/PoC/blob/master/advisories/Pwn2Own/Tokyo_2020/minesweeper.md +https://github.com/pedrib/PoC/blob/master/advisories/Pwn2Own/Tokyo_2020/weekend_destroyer/weekend_destroyer.md +https://github.com/pedrib/PoC/blob/master/advisories/asuswrt-lan-rce.txt https://github.com/pedrib/PoC/blob/master/advisories/bmc-track-it-11.4.txt https://github.com/pedrib/PoC/blob/master/advisories/webnms-5.2-sp1-pwn.txt +https://github.com/pedrib/PoC/blob/master/fuzzing/CVE-2021-46829/CVE-2021-46829.md https://github.com/pedrib/PoC/blob/master/generic/impresscms-1.3.5.txt https://github.com/pedrib/PoC/blob/master/lorexActivex/lorex-report.txt https://github.com/pedrib/PoC/blob/master/lorexActivex/lorex-testcase.html https://github.com/pedrib/PoC/blob/master/pimcore-2.1.0.txt +https://github.com/penson233/Vuln/issues/3 https://github.com/pentestingforfunandprofit/research/tree/master/dozer-rce https://github.com/peris-navince/founded-0-days/blob/main/Dlink/816/form2Dhcpip_cgi/1.md https://github.com/peris-navince/founded-0-days/blob/main/Dlink/816/form2IPQoSTcDel/1.md https://github.com/peris-navince/founded-0-days/blob/main/Dlink/823G/SetWifiDownSettings/1.md https://github.com/peris-navince/founded-0-days/blob/main/Tenda/ac500/fromSetVlanInfo/1.md +https://github.com/petergoldstein/dalli/issues/932 https://github.com/petewarden/catdoc/issues/9 https://github.com/pghuanghui/CVE_Request/blob/main/AERIAL%20X%201200_Command%20Execution%20Vulnerability.md https://github.com/pghuanghui/CVE_Request/blob/main/WAVLINK%20AC1200.md @@ -118047,13 +120125,17 @@ https://github.com/ph0nkybit/proof-of-concepts/tree/main/Use_Of_Hardcoded_Passwo https://github.com/phantom0301/vulns/blob/master/Metinfo.md https://github.com/phantom0301/vulns/blob/master/Metinfo2.md https://github.com/phax/ph-commons/issues/35 +https://github.com/philippe/FrogCMS/issues/10 +https://github.com/philippe/FrogCMS/issues/6 https://github.com/php/php-src/commit/1a23ebc1fff59bf480ca92963b36eba5c1b904c4 https://github.com/php/php-src/commit/6a7cc8ff85827fa9ac715b3a83c2d9147f33cd43?w=1 https://github.com/php/php-src/security/advisories/GHSA-3qrf-m4j2-pcrr https://github.com/php/php-src/security/advisories/GHSA-76gg-c692-v2mw https://github.com/php/php-src/security/advisories/GHSA-7fj2-8x79-rjf4 +https://github.com/php/php-src/security/advisories/GHSA-fjp9-9hwx-59fq https://github.com/php/php-src/security/advisories/GHSA-h746-cjrr-wfmr https://github.com/php/php-src/security/advisories/GHSA-jqcx-ccgc-xwhv +https://github.com/php/php-src/security/advisories/GHSA-pc52-254m-w9w7 https://github.com/php/php-src/security/advisories/GHSA-wpj3-hf5j-x4v4 https://github.com/phpList/phplist3/issues/660 https://github.com/phpList/phplist3/issues/665 @@ -118067,18 +120149,28 @@ https://github.com/phpipam/phpipam/issues/3025 https://github.com/phpipam/phpipam/issues/3351 https://github.com/phpipam/phpipam/issues/992 https://github.com/phpmyadmin/phpmyadmin/issues/16056 +https://github.com/phulelouch/CVEs/blob/main/CVE-2024-34448.md https://github.com/pi-engine/pi/issues/1523 https://github.com/pi-hole/AdminLTE/security/advisories/GHSA-33w4-xf7m-f82m https://github.com/pi-hole/AdminLTE/security/advisories/GHSA-5cm9-6p3m-v259 https://github.com/pi-hole/AdminLTE/security/advisories/GHSA-6qh8-6rrj-7497 +https://github.com/pi-hole/pi-hole/security/advisories/GHSA-95g6-7q26-mp9x https://github.com/piccolo-orm/piccolo/security/advisories/GHSA-h7cm-mrvq-wcfr https://github.com/piccolo-orm/piccolo/security/advisories/GHSA-xq59-7jf3-rjc6 +https://github.com/piccolo-orm/piccolo_admin/security/advisories/GHSA-pmww-v6c9-7p83 +https://github.com/pijiawei/CVE/blob/pijiawei-photo/SourceCodester%20Simple%20Online%20Bidding%20System%20XSS.md +https://github.com/pimcore/admin-ui-classic-bundle/security/advisories/GHSA-cwx6-4wmf-c6xv https://github.com/pimcore/admin-ui-classic-bundle/security/advisories/GHSA-jfxw-6c5v-c42f +https://github.com/pimcore/customer-data-framework/security/advisories/GHSA-c38c-c8mh-vq68 +https://github.com/pimcore/customer-data-framework/security/advisories/GHSA-g273-wppx-82w4 +https://github.com/pimcore/ecommerce-framework-bundle/security/advisories/GHSA-cx99-25hr-5jxf https://github.com/pimcore/pimcore/security/advisories/GHSA-72hh-xf79-429p https://github.com/pingcap/tidb/issues/52159 +https://github.com/piuppi/Proof-of-Concepts/blob/main/AChecker/CVE-2024-34523.md https://github.com/piuppi/Proof-of-Concepts/blob/main/AudimexEE/README.md https://github.com/piuppi/Proof-of-Concepts/blob/main/AudimexEE/Reflected-XSS.md https://github.com/piuppi/Proof-of-Concepts/blob/main/Engineering/CSTI-KnowageSuite7-3.md +https://github.com/piuppi/Proof-of-Concepts/blob/main/Engineering/HTLM-Injection-KnowageSuite.md https://github.com/piuppi/Proof-of-Concepts/blob/main/Engineering/SQLi-KnowageSuite.md https://github.com/piuppi/Proof-of-Concepts/blob/main/Engineering/Stored-XSS-KnowageSuite7-3-notes.md https://github.com/piuppi/Proof-of-Concepts/blob/main/Engineering/Stored-XSS-KnowageSuite7-3-surname.md @@ -118087,6 +120179,8 @@ https://github.com/piuppi/Proof-of-Concepts/blob/main/Engineering/XSS-KnowageSui https://github.com/piuppi/Proof-of-Concepts/blob/main/Engineering/XSSI-KnowageSuite.md https://github.com/piuppi/Proof-of-Concepts/blob/main/Syracom/SecureLogin2FA-OpenRedirect.md https://github.com/piuppi/Proof-of-Concepts/blob/main/WSO2/CVE-2020-25516.md +https://github.com/pixee/java-security-toolkit/security/advisories/GHSA-qh4g-4m4w-jgv2 +https://github.com/pixelfed/pixelfed/security/advisories/GHSA-gccq-h3xj-jgvf https://github.com/pixelimity/pixelimity/issues/19 https://github.com/pixelimity/pixelimity/issues/20 https://github.com/pixelimity/pixelimity/issues/21 @@ -118095,6 +120189,9 @@ https://github.com/pjlantz/optee-qemu/blob/main/README.md https://github.com/pkuvcl/davs2/issues/29 https://github.com/plack/Plack/issues/405 https://github.com/pllrry/Tenda-AC9-V15.03.2.21_cn-Command-Execution-Vulnerability/tree/main/Tenda-AC9 +https://github.com/plone/Products.CMFPlone/issues/3255 +https://github.com/plougher/squashfs-tools/issues/72 +https://github.com/plougher/squashfs-tools/issues/72#issuecomment-913833405 https://github.com/pluck-cms/pluck/issues/69 https://github.com/pluck-cms/pluck/issues/70 https://github.com/pluck-cms/pluck/issues/81 @@ -118111,14 +120208,23 @@ https://github.com/podofo/podofo/issues/70 https://github.com/podofo/podofo/issues/71 https://github.com/podofo/podofo/issues/72 https://github.com/polaris0x1/CVE/issues/1 +https://github.com/polaris0x1/CVE/issues/2 +https://github.com/polaris0x1/CVE/issues/3 +https://github.com/ponchio/untrunc/issues/131 https://github.com/poropro/kuaifan/issues/3 https://github.com/portainer/portainer/issues/2475 +https://github.com/ppp-src/ha/issues/3 +https://github.com/ppp-src/ha/issues/4 https://github.com/pr0v3rbs/CVE/tree/master/CVE-2018-19986%20-%2019990 +https://github.com/pr0v3rbs/CVE/tree/master/CVE-2018-20114 https://github.com/pr0v3rbs/CVE/tree/master/CVE-2019-20082 https://github.com/pr0v3rbs/CVE/tree/master/CVE-2019-6258 https://github.com/pradeepjairamani/TYPO3-XSS-POC +https://github.com/pradeepjairamani/WolfCMS-XSS-POC +https://github.com/pradeepjairamani/WolfCMS-XSS-POC/blob/master/Wolfcms%20v0.8.3.1%20xss%20POC%20by%20Pradeep%20Jairamani.pdf https://github.com/pramodmahato/BlogCMS/issues/1 https://github.com/pravednik/xmlBundle/issues/2 +https://github.com/preempt/credssp https://github.com/prismbreak/vulnerabilities/issues/2 https://github.com/prismbreak/vulnerabilities/issues/3 https://github.com/prismbreak/vulnerabilities/issues/4 @@ -118128,15 +120234,23 @@ https://github.com/proftpd/proftpd/issues/903 https://github.com/progfay/scrapbox-parser/pull/519 https://github.com/progfay/scrapbox-parser/pull/539 https://github.com/projectcapsule/capsule-proxy/security/advisories/GHSA-fpvw-6m5v-hqfp +https://github.com/projectsend/projectsend/issues/995 https://github.com/projectworldsofficial/Assets-management-system-in-php/issues/2 +https://github.com/projectworldsofficial/hospital-management-system-in-php/issues/2 +https://github.com/projectworldsofficial/hospital-management-system-in-php/issues/3 +https://github.com/projectworldsofficial/hospital-management-system-in-php/issues/4 https://github.com/projectworldsofficial/online-book-store-project-in-php/issues/10 https://github.com/projectworldsofficial/online-book-store-project-in-php/issues/11 https://github.com/projectworldsofficial/online-book-store-project-in-php/issues/12 https://github.com/projectworldsofficial/online-book-store-project-in-php/issues/13 https://github.com/projectworldsofficial/online-book-store-project-in-php/issues/15 +https://github.com/projectworldsofficial/online-book-store-project-in-php/issues/18 +https://github.com/projectworldsofficial/online-book-store-project-in-php/issues/19 https://github.com/projectworldsofficial/online-book-store-project-in-php/issues/8 https://github.com/projectworldsofficial/online-book-store-project-in-php/issues/9 +https://github.com/projectworldsofficial/online-shopping-webvsite-in-php/issues/1 https://github.com/projectworldsofficial/online-shopping-webvsite-in-php/issues/2 +https://github.com/prometheus/blackbox_exporter/issues/1024 https://github.com/proofofcalc/cve-2019-6453-poc https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-8gq9-2x98-w8hf https://github.com/psi-4ward/psitransfer/security/advisories/GHSA-2p2x-p7wj-j5h2 @@ -118157,12 +120271,19 @@ https://github.com/pts/sam2p/issues/39 https://github.com/pts/sam2p/issues/41 https://github.com/pts/sam2p/issues/66 https://github.com/pts/sam2p/issues/67 +https://github.com/pugjs/pug/issues/3312 https://github.com/punkave/sanitize-html/issues/100 https://github.com/pupnp/pupnp/issues/249 https://github.com/purpleracc00n/CVE-2019-16941 https://github.com/purpleracc00n/Exploits-and-PoC/blob/master/XXE%20in%20YAJSW%E2%80%99s%20JnlpSupport%20affects%20Ghidra%20Server.md https://github.com/pwndoc/pwndoc/issues/401 +https://github.com/pwndorei/CVE-2024-22532 +https://github.com/pyload/pyload/security/advisories/GHSA-3f7w-p8vr-4v5f +https://github.com/pyload/pyload/security/advisories/GHSA-g3cm-qg2v-2hj5 +https://github.com/pyload/pyload/security/advisories/GHSA-ghmw-rwh8-6qmr https://github.com/pyload/pyload/security/advisories/GHSA-h73m-pcfw-25h2 +https://github.com/pyload/pyload/security/advisories/GHSA-mqpq-2p68-46fv +https://github.com/pyload/pyload/security/advisories/GHSA-pgpj-v85q-h5fm https://github.com/pymedusa/Medusa/security/advisories/GHSA-3hph-6586-qv9g https://github.com/pymedusa/Medusa/security/advisories/GHSA-6589-x6f5-cgg9 https://github.com/pymedusa/Medusa/security/advisories/GHSA-8mcr-vffr-jwxv @@ -118170,6 +120291,7 @@ https://github.com/pypa/pip/issues/425 https://github.com/pypa/pip/issues/6413 https://github.com/pytest-dev/py/issues/287 https://github.com/python/cpython/issues/103824 +https://github.com/python/cpython/pull/12577 https://github.com/python/cpython/pull/25099 https://github.com/pytroll/donfig/issues/5 https://github.com/q3k/cve-2019-5736-poc @@ -118181,19 +120303,32 @@ https://github.com/qinggan/phpok/issues/5 https://github.com/qinming99/dst-admin/issues/28 https://github.com/qiubaoyang/CVEs/blob/master/zzcms/zzcms.md https://github.com/qoli/Merlin.PHP/issues/26 +https://github.com/qoli/Merlin.PHP/issues/27 +https://github.com/qpdf/qpdf/issues/1123 https://github.com/qpdf/qpdf/issues/146 https://github.com/qpdf/qpdf/issues/202 https://github.com/qpdf/qpdf/issues/243 https://github.com/qpdf/qpdf/issues/492 https://github.com/qq956801985/cve/blob/main/sql.md https://github.com/quartz-scheduler/quartz/issues/943 +https://github.com/quickapps/cms/issues/199 https://github.com/quilljs/quill/issues/3364 https://github.com/qurbat/CVE-2022-0236 https://github.com/qurbat/gpon +https://github.com/qutebrowser/qutebrowser/commit/8f46ba3f6dc7b18375f7aa63c48a1fe461190430 +https://github.com/r04i7/CVE/blob/main/CVE-2024-35581.md +https://github.com/r04i7/CVE/blob/main/CVE-2024-35582.md +https://github.com/r04i7/CVE/blob/main/CVE-2024-35583.md https://github.com/r0ck3t1973/xss_payload/issues/6 +https://github.com/r0ck3t1973/xss_payload/issues/7 https://github.com/r1b/CVE-2017-13089 +https://github.com/r4hn1/Simple-Client-Management-System-Exploit/blob/main/CVE-2021-43509 https://github.com/rabbitmq/rabbitmq-java-client/security/advisories/GHSA-mm8h-8587-p46h https://github.com/rabbitmq/rabbitmq-server/security/advisories/GHSA-w6cq-9cf4-gqpg +https://github.com/rack/rack-contrib/security/advisories/GHSA-8c8q-2xw3-j869 +https://github.com/rack/rack/security/advisories/GHSA-22f2-v57c-j9cx +https://github.com/radare/radare2/issues/10464 +https://github.com/radare/radare2/issues/10498 https://github.com/radare/radare2/issues/8731 https://github.com/radare/radare2/issues/8742 https://github.com/radare/radare2/issues/8743 @@ -118201,6 +120336,8 @@ https://github.com/radare/radare2/issues/8748 https://github.com/radare/radare2/issues/9725 https://github.com/radare/radare2/issues/9726 https://github.com/radare/radare2/issues/9727 +https://github.com/radare/radare2/issues/9913 +https://github.com/radare/radare2/issues/9915 https://github.com/radare/radare2/releases/tag/3.7.0 https://github.com/radareorg/radare2/commit/10517e3ff0e609697eb8cde60ec8dc999ee5ea24 https://github.com/radareorg/radare2/issues/15543 @@ -118217,6 +120354,7 @@ https://github.com/ralap-z/rpcms/issues/2 https://github.com/ralap-z/rpcms/issues/3 https://github.com/ramda/ramda/pull/3192 https://github.com/rand0mIdas/randomideas/blob/main/ShimoVPN.md +https://github.com/randshell/vulnerability-research/tree/main/CVE-2024-29384 https://github.com/randshell/vulnerability-research/tree/main/CVE-2024-33436 https://github.com/randshell/vulnerability-research/tree/main/CVE-2024-33437 https://github.com/rapid7/metasploit-framework/issues/13026 @@ -118236,10 +120374,17 @@ https://github.com/rauschecker/CVEs/tree/main/CVE-2023-33764 https://github.com/rawchen/sims/issues/7 https://github.com/rawchen/sims/issues/8 https://github.com/rdincel1/Bolt-CMS-3.6.2---Cross-Site-Scripting +https://github.com/rdincel1/Craft-CMS-3.0.25---Cross-Site-Scripting https://github.com/rdomanski/Exploits_and_Advisories/blob/master/advisories/Pwn2Own/Tokyo2019/lao_bomb.md https://github.com/rdomanski/Exploits_and_Advisories/blob/master/advisories/Pwn2Own/Tokyo2020/minesweeper.md +https://github.com/re1wn/IoT_vuln/blob/main/Tenda_AX1803_v1.0.0.1_contains_a_stack_overflow_via_the_serverName_parameter_in_the_function_fromAdvSetMacMtuWan.md +https://github.com/re1wn/IoT_vuln/blob/main/Tenda_AX1803_v1.0.0.1_contains_a_stack_overflow_via_the_serviceName_parameter_in_the_function_fromAdvSetMacMtuWan.md https://github.com/realistic-security/CVE-2017-16524 https://github.com/reasoncms/reasoncms/issues/264 +https://github.com/rebol0x6c/2345_mouse_poc +https://github.com/rebol0x6c/2345_msg_poc +https://github.com/redaxo/redaxo/issues/2043 +https://github.com/redaxo/redaxo4/issues/420 https://github.com/redaxo/redaxo4/issues/422 https://github.com/redblueteam/CVE-2023-41507/ https://github.com/redblueteam/CVE-2023-41508/ @@ -118250,20 +120395,28 @@ https://github.com/relic-toolkit/relic/issues/154 https://github.com/relic-toolkit/relic/issues/155 https://github.com/relic-toolkit/relic/issues/284 https://github.com/remix30303/AirBoxAPNLeaks +https://github.com/remix30303/AirBoxDoom +https://github.com/remix30303/AirboxLeak +https://github.com/remix30303/AsusLeak +https://github.com/remoteclinic/RemoteClinic/issues/22 https://github.com/remoteclinic/RemoteClinic/issues/23 https://github.com/remoteclinic/RemoteClinic/issues/24 https://github.com/renmizo/CVE-2022-41412 https://github.com/renmizo/CVE-2022-41413 +https://github.com/requarks/wiki/security/advisories/GHSA-xjcj-p2qv-q3rf https://github.com/request/request/issues/1904 https://github.com/restify/node-restify/issues/1018 https://github.com/rgaufman/live555/issues/19 https://github.com/rhymix/rhymix/issues/1088 https://github.com/rhysd/Shiba/issues/42 +https://github.com/ricardojoserf/CVE-2021-40845 https://github.com/richardgirges/express-fileupload/issues/236 https://github.com/richgel999/miniz/issues/90 https://github.com/rickxy/Stock-Management-System/issues/2 https://github.com/rickxy/Stock-Management-System/issues/3 +https://github.com/rickxy/Stock-Management-System/issues/4 https://github.com/rickytriky/NWPU_Projct/tree/main/Tenda/AC18/1 +https://github.com/rickytriky/NWPU_Projct/tree/main/Tenda/AC18/2 https://github.com/rickytriky/NWPU_Projct/tree/main/Tenda/AC18/3 https://github.com/rickytriky/NWPU_Projct/tree/main/Tenda/AC18/4 https://github.com/rickytriky/NWPU_Projct/tree/main/Tenda/AC18/5 @@ -118277,6 +120430,10 @@ https://github.com/rjbs/Email-MIME/issues/66 https://github.com/rjt-gupta/CVE-2021-29337 https://github.com/rmccarth/cve-2021-3164 https://github.com/robertchrk/zmanda_exploit +https://github.com/robertguetzkow/CVE-2021-37740 +https://github.com/robertguetzkow/ets5-password-recovery +https://github.com/robiso/wondercms/issues/64 +https://github.com/robymontyz/pocs/blob/main/AudimexEE/ReflectedXSS.md https://github.com/rockcarry/ffjpeg/issues/10 https://github.com/rockcarry/ffjpeg/issues/11 https://github.com/rockcarry/ffjpeg/issues/12 @@ -118289,7 +120446,16 @@ https://github.com/rockcarry/ffjpeg/issues/28 https://github.com/rockcarry/ffjpeg/issues/36 https://github.com/rockcarry/ffjpeg/issues/43 https://github.com/rockcarry/ffjpeg/issues/44 +https://github.com/rockcarry/ffjpeg/issues/47 https://github.com/rockcarry/ffjpeg/issues/49 +https://github.com/rockersiyuan/CVE/blob/main/SourceCodester%20Simple%20Inventory%20System%20CSRF.md +https://github.com/rockersiyuan/CVE/blob/main/SourceCodester%20Simple%20Inventory%20System%20Sql%20Inject-1.md +https://github.com/rockersiyuan/CVE/blob/main/SourceCodester%20Simple%20Inventory%20System%20Sql%20Inject-2.md +https://github.com/rockersiyuan/CVE/blob/main/SourceCodester%20Simple%20Inventory%20System%20Sql%20Inject-4.md +https://github.com/rockersiyuan/CVE/blob/main/SourceCodester_House_Rental_Management_System_Sql_Inject-1.md +https://github.com/rockersiyuan/CVE/blob/main/SourceCodester_House_Rental_Management_System_Sql_Inject-2.md +https://github.com/rockersiyuan/CVE/blob/main/SourceCodester_House_Rental_Management_System_Sql_Inject-3.md +https://github.com/rockersiyuan/CVE/blob/main/SourceCodester_House_Rental_Management_System_Sql_Inject-4.md https://github.com/rohe/pysaml2/issues/366 https://github.com/rohit0x5/poc/blob/main/cve_2 https://github.com/rohit0x5/poc/blob/main/idor @@ -118297,6 +120463,9 @@ https://github.com/roman-mueller/PoC/tree/master/CVE-2023-50488 https://github.com/roman-mueller/PoC/tree/master/CVE-2023-51820 https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst https://github.com/ronf/asyncssh/security/advisories/GHSA-cfc2-wr2v-gxm5 +https://github.com/root3nl/SupportApp/security/advisories/GHSA-jr78-247f-rhqc +https://github.com/ros-planning/navigation2/issues/3940 +https://github.com/ros/actionlib/pull/171 https://github.com/roughb8722/CVE-2021-3122-Details/blob/main/CVE-2021-3122 https://github.com/roundcube/roundcubemail/pull/7302 https://github.com/rrainn/PortProcesses/security/advisories/GHSA-vm67-7vmg-66vm @@ -118304,14 +120473,22 @@ https://github.com/rsrahulsingh05/POC/blob/main/Stored%20XSS https://github.com/rsyslog/libfastjson/issues/161 https://github.com/rt122001/CVES/blob/main/CVE-2023-37684.txt https://github.com/rt122001/CVES/blob/main/CVE-2023-37685.txt +https://github.com/rt122001/CVES/blob/main/CVE-2023-37689.txt https://github.com/rtomayko/rack-cache/blob/master/CHANGES https://github.com/ruby/ruby/pull/1777 https://github.com/rubyfly/IKARUS_POC/tree/master/0x83000058 https://github.com/rubyfly/IKARUS_POC/tree/master/0x83000084 https://github.com/rubyfly/IKARUS_POC/tree/master/0x83000088 +https://github.com/rubyfly/K7AntiVirus_POC/tree/master/0x830020F0 +https://github.com/rubyfly/K7AntiVirus_POC/tree/master/0x830020FC +https://github.com/rubyfly/K7AntiVirus_POC/tree/master/0x83002100 +https://github.com/rubyfly/K7AntiVirus_POC/tree/master/0x8300211C https://github.com/rubyfly/K7AntiVirus_POC/tree/master/0x83002124 https://github.com/rubyfly/K7AntiVirus_POC/tree/master/0x83002128 +https://github.com/rubyfly/K7AntiVirus_POC/tree/master/0x8300212C https://github.com/rubyfly/K7AntiVirus_POC/tree/master/0x8300215B +https://github.com/rubyfly/K7AntiVirus_POC/tree/master/0x8300215F +https://github.com/rubyfly/K7AntiVirus_POC/tree/master/1_95002578 https://github.com/rubyfly/K7AntiVirus_POC/tree/master/1_950025b0 https://github.com/rubyfly/K7AntiVirus_POC/tree/master/1_95002610 https://github.com/rubyfly/Vir.IT-explorer_POC/tree/master/0x82730008 @@ -118332,6 +120509,7 @@ https://github.com/rubyfly/Vir.IT-explorer_POC/tree/master/8.5.65/0x8273A0A0 https://github.com/rubyfly/Vir.IT-explorer_POC/tree/master/8.5.65/0x8273E060 https://github.com/rubyfly/Vir.IT-explorer_POC/tree/master/8.5.65/0x8273E080 https://github.com/rubygems/rubygems/commit/8d91516fb7037ecfb27622f605dc40245e0f8d32 +https://github.com/rubysec/ruby-advisory-db/blob/master/gems/yard/CVE-2024-27285.yml https://github.com/rubyzip/rubyzip/issues/315 https://github.com/rubyzip/rubyzip/issues/369 https://github.com/rubyzip/rubyzip/pull/403 @@ -118340,6 +120518,7 @@ https://github.com/rust-lang/rust/issues/83618 https://github.com/rustsec/advisory-db/pull/1798 https://github.com/rxwx/CVE-2017-11882 https://github.com/rxwx/CVE-2017-8570 +https://github.com/rxwx/CVE-2018-0802 https://github.com/s-cart/s-cart/issues/102 https://github.com/s-cart/s-cart/issues/52 https://github.com/s0tr/CVE-2023-33781 @@ -118348,13 +120527,21 @@ https://github.com/s1kr10s/EasyChatServer-DOS https://github.com/s3131212/allendisk/issues/16 https://github.com/s3131212/allendisk/issues/21 https://github.com/s3inlc/hashtopussy/issues/241 +https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK%20CP900L/SetPortForwardRules/README.md +https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK%20CP900L/loginAuth/README.md +https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK%20CP900L/setIpPortFilterRules/README.md +https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK%20NR1800X/README.md +https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/V9.3.5u.6698_B20230810/README.md https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/totolink%20LR350/NTPSyncWithHost/README.md +https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/totolink%20LR350/README.md +https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/totolink%20LR350/loginAuth_http_host/README.md https://github.com/sT0wn-nl/CVEs/blob/master/README.md#nagios-xi https://github.com/saaramar/execve_exploit https://github.com/safe-b/CVE/issues/1 https://github.com/safe-b/CVE/issues/1#issue-1817133689 https://github.com/sagemath/FlintQS/issues/3 https://github.com/sagemathinc/cocalc/security/advisories/GHSA-8w44-hggw-p5rf +https://github.com/sahaRatul/sela/issues/23 https://github.com/sahaRatul/sela/issues/25 https://github.com/sahaRatul/sela/issues/26 https://github.com/sahaRatul/sela/issues/27 @@ -118362,6 +120549,7 @@ https://github.com/sahaRatul/sela/issues/28 https://github.com/sahaRatul/sela/issues/29 https://github.com/sahaRatul/sela/issues/30 https://github.com/sahaRatul/sela/issues/31 +https://github.com/sahaRatul/sela/issues/32 https://github.com/sahellebusch/flattenizer/pull/13 https://github.com/sahildari/cve/blob/master/CVE-2024-31061.md https://github.com/sahildari/cve/blob/master/CVE-2024-31062.md @@ -118396,6 +120584,7 @@ https://github.com/saitoha/libsixel/issues/136 https://github.com/saitoha/libsixel/issues/143 https://github.com/saitoha/libsixel/issues/156 https://github.com/saitoha/libsixel/issues/157 +https://github.com/saitoha/libsixel/issues/158 https://github.com/saitoha/libsixel/issues/163 https://github.com/saitoha/libsixel/issues/165 https://github.com/saitoha/libsixel/issues/166 @@ -118408,11 +120597,13 @@ https://github.com/sajaljat/CVE-2023-46451 https://github.com/sajaljat/CVE-2023-46980/tree/main https://github.com/salesagility/SuiteCRM-Core/security/advisories/GHSA-fxww-jqfv-9rrr https://github.com/salesagility/SuiteCRM/issues/333 +https://github.com/salesforce/tough-cookie/issues/282 https://github.com/saltstack/salt/commits/master https://github.com/samboy/MaraDNS/security/advisories/GHSA-58m7-826v-9c3c https://github.com/samuelhuntley/Moxa_AWK_1121/blob/master/Moxa_AWK_1121 https://github.com/samyk/slipstream https://github.com/sandyre/libopencad/issues/43 +https://github.com/sanluan/PublicCMS/issues/11 https://github.com/sanluan/PublicCMS/issues/12 https://github.com/sanluan/PublicCMS/issues/79 https://github.com/sansanyun/mipcms5/issues/4 @@ -118420,6 +120611,8 @@ https://github.com/sansanyun/mipcms5/issues/5 https://github.com/sapplica/sentrifugo/issues/384 https://github.com/sass/libsass/issues/2661 https://github.com/sass/libsass/issues/2662 +https://github.com/sass/libsass/issues/2663 +https://github.com/sass/libsass/issues/2665 https://github.com/sass/libsass/issues/2814 https://github.com/sass/libsass/issues/2815 https://github.com/sass/libsass/issues/2816 @@ -118434,7 +120627,10 @@ https://github.com/sazanrjb/InventoryManagementSystem/issues/14 https://github.com/sbaresearch/advisories/tree/public/2015/Polycom_20150513 https://github.com/sbaresearch/advisories/tree/public/2015/RXTEC_20150513 https://github.com/sbaresearch/advisories/tree/public/2015/knAx_20150101 +https://github.com/sbaresearch/advisories/tree/public/2018/SBA-ADV-20180319-01_Teltonika_OS_Command_Injection +https://github.com/sbaresearch/advisories/tree/public/2018/SBA-ADV-20180319-02_Teltonika_Incorrect_Access_Control https://github.com/sbaresearch/advisories/tree/public/2018/SBA-ADV-20180410-01_Teltonika_Cross_Site_Scripting +https://github.com/sbaresearch/advisories/tree/public/2018/SBA-ADV-20180420-01_Smarty_Path_Traversal https://github.com/sbaresearch/advisories/tree/public/2018/SBA-ADV-20180425-01_phpWhois_Code_Execution https://github.com/sbaresearch/advisories/tree/public/2019/SBA-ADV-20190305-01_Ping_Identity_Agentless_Integration_Kit_Reflected_XSS https://github.com/sbaresearch/advisories/tree/public/2019/SBA-ADV-20190911-01_Easy_FancyBox_WP_Plugin_Stored_XSS @@ -118450,6 +120646,9 @@ https://github.com/sbaresearch/advisories/tree/public/2020/SBA-ADV-20200707-02_C https://github.com/sbaresearch/advisories/tree/public/2022/SBA-ADV-20220120-01_MOKOSmart_MKGW1_Gateway_Improper_Session_Management https://github.com/sbaresearch/advisories/tree/public/2022/SBA-ADV-20220127-01_Shibboleth_IdP_OIDC_OP_Plugin_SSRF https://github.com/sbaresearch/advisories/tree/public/2022/SBA-ADV-20220328-01_Vtiger_CRM_Stored_Cross-Site_Scripting +https://github.com/sbaresearch/advisories/tree/public/2024/SBA-ADV-20240202-01_CraftCMS_Plugin_Two-Factor_Authentication_Password_Hash_Disclosure +https://github.com/sbaresearch/advisories/tree/public/2024/SBA-ADV-20240202-02_CraftCMS_Plugin_Two-Factor_Authentication_TOTP_Valid_After_Use +https://github.com/sbmzhcn/EmpireCMS/issues/1 https://github.com/scarvell/grandstream_exploits https://github.com/scausoft/cve/blob/main/rce.md https://github.com/scausoft/cve/blob/main/sql.md @@ -118460,6 +120659,10 @@ https://github.com/scipy/scipy/issues/14713#issuecomment-1629468565 https://github.com/scorelab/OpenMF/issues/262 https://github.com/screetsec/VDD/tree/main/Automad%20CMS/Cross-Site%20Request%20Forgery%20(CSRF) https://github.com/seacms-com/seacms/issues/23 +https://github.com/seacms-net/CMS/issues/15 +https://github.com/sec-Kode/cve +https://github.com/sec-bin/IoT-CVE/tree/main/Tenda/AX12/1 +https://github.com/sec-bin/IoT-CVE/tree/main/Tenda/AX12/2 https://github.com/sec-bin/IoT-CVE/tree/main/Tenda/AX12/4 https://github.com/sec-bin/IoT-CVE/tree/main/Tenda/AX12/5 https://github.com/sec-bin/IoT-CVE/tree/main/Tenda/AX12/6 @@ -118471,15 +120674,22 @@ https://github.com/sec-bin/IoT-CVE/tree/main/Tenda/AX1806/2 https://github.com/sec-bin/IoT-CVE/tree/main/Tenda/AX1806/4 https://github.com/sec-bin/IoT-CVE/tree/main/Tenda/AX1806/6 https://github.com/sec-bin/IoT-CVE/tree/main/Tenda/AX1806/8 +https://github.com/sec-bin/IoT-CVE/tree/main/Tenda/AX3/3 https://github.com/sec-bin/IoT-CVE/tree/main/Tenda/AX3/7 https://github.com/seccome/Ehoney/issues/59 https://github.com/secf0ra11/secf0ra11.github.io/blob/main/Shopro_SQL_injection.md https://github.com/secoats/cve/tree/master/CVE-2020-27543_dos_restify-paginate https://github.com/secoats/cve/tree/master/CVE-2022-38488_sqli_logrocket-oauth2-example https://github.com/secure-77/CVE-2022-31262 +https://github.com/securifera/CVE-2018-6546-Exploit/ https://github.com/seedis/Z-BlogPHP/blob/master/Z-BlogPHP_stored_xss.md +https://github.com/seedis/zzcms/blob/master/README.md +https://github.com/seedis/zzcms/blob/master/SQL%20injection%20in%20%20addclass.md +https://github.com/seedis/zzcms/blob/master/SQL%20injection%20in%20zs_elite.php.md https://github.com/seedis/zzcms/blob/master/SQL%20injection.md +https://github.com/seedis/zzcms/blob/master/arbitrary_file_deletion1.md https://github.com/segonse/cve/blob/main/sichuang/sichuang.md +https://github.com/sehmaschine/django-grappelli/issues/975 https://github.com/sek1th/iot/blob/master/DIR-816L_XSS.md https://github.com/semplon/GeniXCMS/issues/62 https://github.com/semplon/GeniXCMS/issues/64 @@ -118495,10 +120705,12 @@ https://github.com/seopanel/Seo-Panel/issues/206 https://github.com/seopanel/Seo-Panel/issues/207 https://github.com/seopanel/Seo-Panel/issues/208 https://github.com/seopanel/Seo-Panel/issues/209 +https://github.com/seopanel/Seo-Panel/issues/210 https://github.com/seopanel/Seo-Panel/issues/211 https://github.com/seopanel/Seo-Panel/issues/212 https://github.com/sergeKashkin/Simple-RAT/pull/11 https://github.com/serializingme/cve-2016-9192 +https://github.com/sfh320/seacms/issues/1 https://github.com/shadowsock5/ThinkCMF-5.0.190111/blob/master/README.md https://github.com/shadowsocks/shadowsocks-libev/issues/1734 https://github.com/shahzaibak96/CVE-2023-46480 @@ -118513,6 +120725,8 @@ https://github.com/sheehan/grails-console/issues/54 https://github.com/sheehan/grails-console/issues/55 https://github.com/shellpei/TOTOLINK-Unauthorized/blob/main/CVE-2023-23064 https://github.com/shellshok3/Cross-Site-Scripting-XSS/blob/main/Bus%20Pass%20Management%20System%201.0.md +https://github.com/shenhav12/CVE-2024-25169-Mezzanine-v6.0.0 +https://github.com/shenhav12/CVE-2024-25170-Mezzanine-v6.0.0 https://github.com/shenzhim/aaptjs/issues/2 https://github.com/shijin0925/IOT/blob/master/TOTOLINK%20A3100R/2.md https://github.com/shijin0925/IOT/blob/master/TOTOLINK%20A3100R/3.md @@ -118526,7 +120740,15 @@ https://github.com/shinypolaris/vuln-reports/blob/master/TOTOLINK%20X6000R/1/REA https://github.com/shinypolaris/vuln-reports/blob/master/TOTOLINK%20X6000R/2/README.md https://github.com/shirasagi/shirasagi/security/advisories/GHSA-xr45-c2jv-2v9r https://github.com/shish/shimmie2/issues/597 +https://github.com/shopex/ecshop/issues/6 +https://github.com/shortmore/trsh/blob/main/starcharge/CVE-2021-45418.md +https://github.com/shortmore/trsh/blob/main/starcharge/CVE-2021-45419.md https://github.com/shreyansh225/Sports-Club-Management-System/issues/6 +https://github.com/shubham-s-pandey/CVE_POC/blob/main/CVE-2024-27743.md +https://github.com/shubham-s-pandey/CVE_POC/blob/main/CVE-2024-27744.md +https://github.com/shubham-s-pandey/CVE_POC/blob/main/CVE-2024-27746.md +https://github.com/shubham-s-pandey/CVE_POC/blob/main/CVE-2024-27747.md +https://github.com/shubham-s-pandey/CVE_POC/blob/main/CVE-2024-28595.md https://github.com/shubhamjain/svg-loader/security/advisories/GHSA-xc2r-jf2x-gjr8 https://github.com/shulao2020/cve/blob/main/Flying%20Fish.md https://github.com/shyiko/ktlint/pull/332 @@ -118536,12 +120758,15 @@ https://github.com/sickcodes/security/blob/master/advisories/SICK-2020-009.md https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-011.md https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-014.md https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-015.md +https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-016.md https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-018.md +https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-111.md https://github.com/sickcodes/security/blob/master/advisories/SICK-2022-128.md https://github.com/sigubbs/cms/blob/main/33/csrf.md https://github.com/sigubbs/cms/blob/main/34/csrf.md https://github.com/sigubbs/cms/blob/main/35/csrf.md https://github.com/sigubbs/cms/blob/main/36/csrf.md +https://github.com/silent6trinity/CVE-2024-34582 https://github.com/silnrsi/graphite/issues/22 https://github.com/simplcommerce/SimplCommerce/issues/943 https://github.com/simplcommerce/SimplCommerce/issues/969 @@ -118550,30 +120775,81 @@ https://github.com/sinemsahn/POC/blob/main/Create%20Clansphere%202011.4%20%22use https://github.com/siriuswhiter/VulnHub/blob/main/Flir/02-FLIR-AX8%20palette.php%20%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E/FLIR-AX8%20palette.php%20%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E1.md https://github.com/siteserver/cms/issues/1858 https://github.com/siteserver/cms/issues/3492 +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Arbitrary%20File%20Upload%20-%20rooms.php.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Arbitrary%20File%20Upload%20-%20update-rooms.php.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Blind%20SQL%20Injection%20-%20book_history.php.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Blind%20SQL%20Injection%20-%20home.php.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Reflected%20XSS%20-%20book_history.php.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Reflected%20XSS%20-%20bookdate.php.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Reflected%20XSS%20-%20booktime.php.md https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Reflected%20XSS%20-%20home.php.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Reflected%20XSS%20-%20navbar.php.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Reflected%20XSS%20-%20receipt.php.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Reflected%20XSS%20-%20rooms.php.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Reflected%20XSS%20-%20update-rooms.php.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Reflected%20XSS%20-%20update-users.php.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Reflected%20XSS%20-%20users.php.md https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/SQL%20Injection%20-%20bookdate.php.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/SQL%20Injection%20-%20booktime.php.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/SQL%20Injection%20-%20receipt.php.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/SQL%20Injection%20-%20rooms.php.md https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/SQL%20Injection%20-%20update-rooms.php.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/SQL%20Injection%20-%20update-users.php.md https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/SQL%20Injection%20-%20users.php.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Barangay%20Population%20Monitoring%20System/Stored%20XSS%20update-resident.php%20.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Computer%20Inventory%20System%20Using%20PHP/SQL%20Injection%20delete-computer.php%20.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Computer%20Inventory%20System%20Using%20PHP/STORED%20XSS%20add-computer.php%20.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Computer%20Inventory%20System%20Using%20PHP/STORED%20XSS%20upadte-computer.php%20.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20EMPLOYEE%20MANAGEMENT%20SYSTEM/Employee%20Leave%20Cancel%20SQL%20Injection.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20EMPLOYEE%20MANAGEMENT%20SYSTEM/IDOR%20Employee%20Profile.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20EMPLOYEE%20MANAGEMENT%20SYSTEM/XSS%20Vulnerability%20in%20Project%20Assignment%20Report.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Employee%20Task%20Management%20System/Execution%20After%20Redirect%20-%20admin-manage-user.php.md https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Employee%20Task%20Management%20System/Execution%20After%20Redirect%20-%20edit-task.php.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Employee%20Task%20Management%20System/Execution%20After%20Redirect%20-%20manage-admin.php.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Employee%20Task%20Management%20System/Execution%20After%20Redirect%20-%20task-details.php.md https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Employee%20Task%20Management%20System/Execution%20After%20Redirect%20-%20task-info.php.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Employee%20Task%20Management%20System/IDOR%20-%20edit-task.php.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Employee%20Task%20Management%20System/IDOR%20-%20task-details.php.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Employee%20Task%20Management%20System/IDOR%20-%20update-admin.php.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Employee%20Task%20Management%20System/IDOR%20-%20update-employee.php.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20File%20Manager%20App/Arbitrary%20File%20Upload%20-%20update-file.php.md https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Petrol%20pump%20management%20software/Unauthenticated%20Arbitrary%20File%20Upload.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Petrol%20pump%20management%20software/edit_categories.php%20SQL%20Injection.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Petrol%20pump%20management%20software/login_crud.php%20SQL%20Injection.md https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Petrol%20pump%20management%20software/profile_crud.php%20Unauthenticated%20STORED%20XSS.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Petrol%20pump%20management%20software/service_crud.php%20Unauthenticated%20Arbitrary%20File%20Upload.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/boyiddha%20utomated-Mess-Management-System/BROKEN%20ACCESS%20CONTROL%20.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/boyiddha%20utomated-Mess-Management-System/SQL%20Injection%20Login.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/boyiddha%20utomated-Mess-Management-System/SQL%20Injection%20member-view.php%20.md https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/boyiddha%20utomated-Mess-Management-System/STORED%20XSS%20member-chat.php%20.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/boyiddha%20utomated-Mess-Management-System/STORED%20XSS%20member-member-edit.php%20.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/keerti1924%20Online-Book-Store-Website/Blind%20SQL%20Injection%20%20Home/Blind%20SQL%20Injection%20Home.php%20.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/keerti1924%20Online-Book-Store-Website/Blind%20SQL%20Injection%20%20Shop/Blind%20SQL%20Injection%20Shop.php%20.md https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/keerti1924%20Online-Book-Store-Website/Business%20Logic/Business%20Logic%20shop.php%20.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/keerti1924%20Online-Book-Store-Website/File%20Upload/Arbitrary%20FIle%20Upload%20in%20product_update.php%20.md +https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/keerti1924%20Online-Book-Store-Website/SQL%20Injection%20Search/SQL%20Injection%20in%20search.php%20.md https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/keerti1924%20Online-Book-Store-Website/StoredXSS%20Signup/Stored%20XSS%20signup.php%20.md https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/keerti1924%20PHP-MYSQL-User-Login-System/SQLI%20Auth.md https://github.com/skoranga/node-dns-sync/issues/5 https://github.com/skvadrik/re2c/commit/c4603ba5ce229db83a2a4fb93e6d4b4e3ec3776a +https://github.com/skylot/jadx/security/advisories/GHSA-3pp3-hg2q-9gpm https://github.com/skysafe/reblog/tree/main/cve-2023-45866 https://github.com/skysider/openexif_vulnerabilities https://github.com/sl4cky/LumisXP-XXE---POC/blob/main/poc.txt +https://github.com/slackero/phpwcms/issues/312 https://github.com/sleepyvv/vul_report/blob/main/C-data/BrokenAccessControl.md https://github.com/sleepyvv/vul_report/blob/main/WAVLINK/WAVLINK-WN579X3-RCE.md https://github.com/sleuthkit/sleuthkit/issues/1264 https://github.com/sleuthkit/sleuthkit/issues/1265 +https://github.com/sleuthkit/sleuthkit/issues/1266 https://github.com/sleuthkit/sleuthkit/issues/1575 https://github.com/sleuthkit/sleuthkit/issues/1576 +https://github.com/sleuthkit/sleuthkit/issues/1829 https://github.com/sleuthkit/sleuthkit/pull/1374 +https://github.com/slic3r/Slic3r/issues/5117 +https://github.com/slic3r/Slic3r/issues/5118 +https://github.com/slic3r/Slic3r/issues/5119 +https://github.com/slic3r/Slic3r/issues/5120 https://github.com/slims/slims7_cendana/issues/50 https://github.com/slims/slims8_akasia/issues/103 https://github.com/slims/slims8_akasia/issues/48 @@ -118582,12 +120858,18 @@ https://github.com/slims/slims9_bulian/issues/186 https://github.com/slims/slims9_bulian/issues/204 https://github.com/slims/slims9_bulian/issues/209 https://github.com/slims/slims9_bulian/issues/217 +https://github.com/slims/slims9_bulian/issues/229 https://github.com/smriti548/CVE/blob/main/CVE-2021-3275 +https://github.com/sms2056/cms/blob/main/1.md +https://github.com/smurf-reigz/security/blob/main/proof-of-concepts/SOURCECODESTER%20%5BFAQ%20Management%20System%20Using%20PHP%20and%20MySQL%5D%20SQLi%20on%20delete-faq.php.md +https://github.com/smurf-reigz/security/blob/main/proof-of-concepts/SOURCECODESTER%20%5BSimple%20Student%20Attendance%20System%20using%20PHP%20and%20MySQL%5D%20SQLi%20on%20ajax-api.php%3Faction=delete_class.md https://github.com/snappyJack/CVE-request-XZ-5.2.5-has-denial-of-service-vulnerability +https://github.com/sni/Thruk/security/advisories/GHSA-4mrh-mx7x-rqjx https://github.com/sni/Thruk/security/advisories/GHSA-vhqc-649h-994h https://github.com/socketio/socket.io/issues/3671 https://github.com/software-mansion/react-native-reanimated/pull/3382 https://github.com/software-mansion/react-native-reanimated/pull/3382/commits/7adf06d0c59382d884a04be86a96eede3d0432fa +https://github.com/songah119/Report/blob/main/CI-1.md https://github.com/sonicdoe/ced/security/advisories/GHSA-27wq-qx3q-fxm9 https://github.com/sonicdoe/detect-character-encoding/security/advisories/GHSA-5rwj-j5m3-3chj https://github.com/sony/nnabla/issues/209 @@ -118597,8 +120879,10 @@ https://github.com/soundarkutty/HTML-Injection/blob/main/POC.md https://github.com/soundarkutty/Stored-xss/blob/main/poc https://github.com/souravkr529/CSRF-in-Cold-Storage-Management-System/blob/main/PoC https://github.com/source-hunter/espcms/issues/1 +https://github.com/source-trace/beescms/issues/1 https://github.com/source-trace/beescms/issues/4 https://github.com/source-trace/beescms/issues/5 +https://github.com/source-trace/yunucms/issues/1 https://github.com/source-trace/yunucms/issues/2 https://github.com/source-trace/yunucms/issues/3 https://github.com/source-trace/yunucms/issues/4 @@ -118609,11 +120893,15 @@ https://github.com/source-trace/yunucms/issues/8 https://github.com/sourceincite/randy https://github.com/soy-oreocato/CVE-2023-46998/ https://github.com/soy-oreocato/CVE-Advisories/tree/main/PapiQuieroPollo00 +https://github.com/spaceraccoon/CVE-2020-10665 +https://github.com/spatie/image-optimizer/issues/210 https://github.com/spcck/cve/blob/main/sql.md https://github.com/spejman/festivaltts4r/issues/1 +https://github.com/spesmilo/electrum/issues/3678 https://github.com/splitbrain/dokuwiki/issues/2061 https://github.com/splitbrain/dokuwiki/issues/2080 https://github.com/splitbrain/dokuwiki/issues/2081 +https://github.com/splitbrain/dokuwiki/issues/2450 https://github.com/spotipy-dev/spotipy/security/advisories/GHSA-q764-g6fm-555v https://github.com/spwpun/pocs https://github.com/spwpun/pocs/blob/main/frr-bgpd.md @@ -118647,15 +120935,22 @@ https://github.com/sromanhu/e107-CMS-Stored-XSS---Manage/blob/main/README.md https://github.com/srsec/-srsec-/issues/1 https://github.com/ss122-0ss/School/blob/main/readme.md https://github.com/ss122-0ss/semcms/blob/main/README.md +https://github.com/stacklok/minder/security/advisories/GHSA-q6h8-4j2v-pjg4 +https://github.com/stacklok/minder/security/advisories/GHSA-v627-69v2-xx37 +https://github.com/stalwartlabs/mail-server/security/advisories/GHSA-5pfx-j27j-4c6h +https://github.com/stalwartlabs/mail-server/security/advisories/GHSA-rwp5-f854-ppg6 https://github.com/stampit-org/supermixer/issues/9 +https://github.com/star7th/showdoc/issues/1406 https://github.com/starnight/MicroHttpServer/issues/5 https://github.com/starnight/MicroHttpServer/issues/8 https://github.com/statamic/cms/security/advisories/GHSA-6r5g-cq4q-327g +https://github.com/static-web-server/static-web-server/security/advisories/GHSA-rwfq-v4hq-h7fg https://github.com/staufnic/CVE/tree/master/CVE-2019-18794 https://github.com/staufnic/CVE/tree/master/CVE-2019-18795 https://github.com/staufnic/CVE/tree/master/CVE-2019-18796 https://github.com/staufnic/CVE/tree/master/CVE-2019-19513 https://github.com/stephane/libmodbus/issues/614 +https://github.com/stephane/libmodbus/issues/683 https://github.com/stephane/libmodbus/issues/748 https://github.com/stephane/libmodbus/issues/749 https://github.com/stephane/libmodbus/issues/750 @@ -118672,8 +120967,11 @@ https://github.com/strapi/strapi/security/advisories/GHSA-9xg4-3qfm-9w8f https://github.com/strapi/strapi/security/advisories/GHSA-v8gg-4mq2-88q4 https://github.com/strik3r0x1/Vulns/blob/35fe4fb3d5945b5df2a87aab0cf9ec6137bcf976/Insufficient%20Session%20Expiration%20-%20Elenos.md https://github.com/strik3r0x1/Vulns/blob/main/(IDOR)%20leads%20to%20events%20profiles%20access%20-%20Elenos.md +https://github.com/strik3r0x1/Vulns/blob/main/BAC%20leads%20to%20access%20Traps%20configurations.md https://github.com/strik3r0x1/Vulns/blob/main/CSRF_Clavister-E80,E10.md https://github.com/strik3r0x1/Vulns/blob/main/Clavister_E80-RXSS.md +https://github.com/strik3r0x1/Vulns/blob/main/GARO_GLBDCMB-T274WO_Stored_XSS.md +https://github.com/strik3r0x1/Vulns/blob/main/Lack%20of%20resources%20and%20rate%20limiting%20-%20Elenos.md https://github.com/strik3r0x1/Vulns/blob/main/SolarView%20Compact%20XSS%20up%20to%207.0.md https://github.com/strik3r0x1/Vulns/blob/main/Unrestricted%20File%20Upload_%20SolarView%20Compact%204.0%2C5.0.md https://github.com/strik3r0x1/Vulns/blob/main/WAVLINK_WN533A8.md @@ -118683,10 +120981,17 @@ https://github.com/strukturag/libde265/issues/232 https://github.com/strukturag/libde265/issues/233 https://github.com/strukturag/libde265/issues/234 https://github.com/strukturag/libde265/issues/235 +https://github.com/strukturag/libde265/issues/236 https://github.com/strukturag/libde265/issues/237 +https://github.com/strukturag/libde265/issues/238 +https://github.com/strukturag/libde265/issues/239 https://github.com/strukturag/libde265/issues/240 https://github.com/strukturag/libde265/issues/242 https://github.com/strukturag/libde265/issues/298 +https://github.com/strukturag/libde265/issues/299 +https://github.com/strukturag/libde265/issues/300 +https://github.com/strukturag/libde265/issues/301 +https://github.com/strukturag/libde265/issues/302 https://github.com/strukturag/libde265/issues/335 https://github.com/strukturag/libde265/issues/336 https://github.com/strukturag/libde265/issues/337 @@ -118723,8 +121028,10 @@ https://github.com/strukturag/libheif/issues/139 https://github.com/strukturag/libheif/issues/207 https://github.com/strukturag/libheif/issues/794 https://github.com/stsaz/phiola/issues/27 +https://github.com/stsaz/phiola/issues/28 https://github.com/stsaz/phiola/issues/29 https://github.com/stsaz/phiola/issues/30 +https://github.com/summernote/summernote/pull/3782 https://github.com/sungjungk/fp-img-key-crack https://github.com/sungjungk/fp-scanner-hacking https://github.com/sungjungk/keyring_crack @@ -118749,6 +121056,7 @@ https://github.com/sybrenstuvel/python-rsa/issues/146#issuecomment-641845667 https://github.com/syedsohaibkarim/PoC-BrokenAuth-AppSpace6.2.4 https://github.com/syedsohaibkarim/PoC-StoredXSS-Appspace6.2.4 https://github.com/symless/synergy-core/security/advisories/GHSA-chfm-333q-gfpp +https://github.com/sympa-community/sympa/issues/943#issuecomment-704779420 https://github.com/sympa-community/sympa/issues/943#issuecomment-704842235 https://github.com/syoyo/tinydng/issues/28 https://github.com/syoyo/tinyexr/issues/124 @@ -118767,9 +121075,15 @@ https://github.com/systemd/systemd/pull/28885 https://github.com/syuilo/misskey/security/advisories/GHSA-6qw9-6jxq-xj3p https://github.com/tacetool/TACE#cve-2023-48161 https://github.com/tadashi-aikawa/owlmixin/issues/12 +https://github.com/tang-0717/cms/blob/main/1.md +https://github.com/tang-0717/cms/blob/main/2.md +https://github.com/tang-0717/cms/blob/main/3.md https://github.com/tangent65536/Slivjacker https://github.com/tanghaibao/jcvi/security/advisories/GHSA-x49m-3cw7-gq5q +https://github.com/taogogo/taocms/issues/13 +https://github.com/taogogo/taocms/issues/14 https://github.com/taogogo/taocms/issues/15 +https://github.com/taogogo/taocms/issues/4 https://github.com/taogogo/taocms/issues/5 https://github.com/taogogo/taocms/issues/6 https://github.com/taogogo/taocms/issues/8 @@ -118788,8 +121102,12 @@ https://github.com/tats/w3m/issues/242 https://github.com/tats/w3m/issues/268 https://github.com/tats/w3m/issues/270 https://github.com/tats/w3m/issues/271 +https://github.com/tauri-apps/tauri/security/advisories/GHSA-57fm-592m-34r7 +https://github.com/taurusxin/ncmdump/issues/18 +https://github.com/taurusxin/ncmdump/issues/19 https://github.com/tbeu/matio/issues/121 https://github.com/tbeu/matio/issues/127 +https://github.com/tbeu/matio/issues/128 https://github.com/tbeu/matio/issues/129 https://github.com/tbeu/matio/issues/130 https://github.com/tbeu/matio/issues/131 @@ -118798,19 +121116,32 @@ https://github.com/tchenu/CVE-2020-12112 https://github.com/te5tb99/For-submitting/wiki/Command-Execution-Vulnerability-in-China-Mobile-Intelligent-Home-Gateway-HG6543C4 https://github.com/te5tb99/For-submitting/wiki/Command-Execution-Vulnerability-in-China-Mobile-Intelligent-Home-Gateway-HG6543C4-Identity-verification-has-design-flaws https://github.com/teameasy/EasyCMS/issues/3 +https://github.com/teameasy/EasyCMS/issues/4 +https://github.com/teameasy/EasyCMS/issues/5 +https://github.com/teameasy/EasyCMS/issues/7 https://github.com/teknoraver/aacplusenc/issues/1 +https://github.com/tektoncd/pipeline/security/advisories/GHSA-w2h3-vvvq-3m53 https://github.com/tenable/poc/tree/master/netatalk/cve_2018_1160/ +https://github.com/tenable/poc/tree/master/nuuo/nvrmini2 +https://github.com/tenable/poc/tree/master/nuuo/nvrmini2/cve_2018_15716 +https://github.com/tenable/routeros/blob/master/bug_hunting_in_routeros_derbycon_2018.pdf +https://github.com/tenable/routeros/tree/master/poc/bytheway +https://github.com/tenable/routeros/tree/master/poc/cve_2018_14847 https://github.com/tenable/routeros/tree/master/poc/cve_2019_15055 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-jq6x-99hj-q636 https://github.com/termanix/PHPGrukul-Pre-School-Enrollment-System-v1.0/blob/main/CVE-2023-47445%20PHPGurukul-Pre-School-Enrollment-System-v1.0%20SQL%20Injection.md https://github.com/termanix/PHPGrukul-Pre-School-Enrollment-System-v1.0/blob/main/CVE-2023-47446%20PHPGurukul-Pre-School-Enrollment-System-v1.0%20Stored%20XSS%20Vulnerability.md +https://github.com/testgo1safe/cms/blob/main/1.md https://github.com/tezeb/accfly/blob/master/Readme.md +https://github.com/tg123/sshpiper/security/advisories/GHSA-4w53-6jvp-gg52 +https://github.com/tgp-top/D-Link-DIR-825 https://github.com/tgp-top/DAP-1360/blob/main/README.md https://github.com/thanethomson/MLAlchemy/issues/1 https://github.com/the-girl-who-lived/CVE-2020-11539/ https://github.com/the-girl-who-lived/CVE-2020-25498 https://github.com/the-girl-who-lived/CVE-2020-35262 https://github.com/the-tcpdump-group/tcpdump/issues/645 +https://github.com/the-tcpdump-group/tcpslice/issues/11 https://github.com/theart42/cves/blob/master/CVE-2021-28079/CVE-2021-28079.md https://github.com/thecasual/CVE-2022-41358 https://github.com/thedigicraft/Atom.CMS/issues/256 @@ -118826,11 +121157,14 @@ https://github.com/thelastede/FreeImage-cve-poc/tree/master/CVE-2023-47997 https://github.com/theonedev/onedev/security/advisories/GHSA-5q3q-f373-2jv8 https://github.com/theonedev/onedev/security/advisories/GHSA-9mmq-fm8c-q4fv https://github.com/theori-io/chakra-2016-11 +https://github.com/theupdateframework/python-tuf/security/advisories/GHSA-wjw6-2cqr-j4qr https://github.com/thinkcmf/cmfx/issues/26 https://github.com/thinkcmf/thinkcmf/issues/675 https://github.com/thinkcmf/thinkcmf/issues/736 https://github.com/thinkcmf/thinkcmf/issues/737 https://github.com/thinkgad/Bugs/blob/main/emlog%20v5.3.1%20has%20Full%20Path%20Disclosure%20vulnerability.md +https://github.com/thinksaas/ThinkSAAS/issues/16 +https://github.com/thinksaas/ThinkSAAS/issues/18 https://github.com/thinksaas/ThinkSAAS/issues/24 https://github.com/thinksaas/ThinkSAAS/issues/34 https://github.com/thinksaas/ThinkSAAS/issues/35 @@ -118838,6 +121172,7 @@ https://github.com/tholum/crm42/issues/1 https://github.com/thorfdbg/libjpeg/issues/28 https://github.com/thorfdbg/libjpeg/issues/33 https://github.com/thorfdbg/libjpeg/issues/34 +https://github.com/thorfdbg/libjpeg/issues/35 https://github.com/thorfdbg/libjpeg/issues/36 https://github.com/thorfdbg/libjpeg/issues/37 https://github.com/thorfdbg/libjpeg/issues/42 @@ -118849,16 +121184,27 @@ https://github.com/thorfdbg/libjpeg/issues/75 https://github.com/thorfdbg/libjpeg/issues/77 https://github.com/thorfdbg/libjpeg/issues/78 https://github.com/thorfdbg/libjpeg/issues/79 +https://github.com/thorfdbg/libjpeg/issues/87#BUG1 +https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-2grw-mc9r-822r +https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-48vw-jpf8-hwqh +https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-6p68-36m6-392r +https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-7m8g-fprr-47fx +https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-hm8r-95g3-5hj9 +https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-mmh6-5cpf-2c72 +https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-q7g6-xfh2-vhpx +https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-qgxx-4xv5-6hcw https://github.com/tht1997/CVE_2023/blob/main/Lost%20and%20Found%20Information%20System/CVE-2023-2671.md https://github.com/tht1997/CVE_2023/blob/main/Lost%20and%20Found%20Information%20System/CVE-2023-2672.md https://github.com/tht1997/CVE_2023/blob/main/online_exam/kelasdosen.md https://github.com/tht1997/WhiteBox/blob/main/PHPKOBO/ajax_pool_script.md +https://github.com/tht1997/WhiteBox/blob/main/sourcecodesters/employee-management-system-php-attendance-info.md https://github.com/tiann/KernelSU/security/advisories/GHSA-86cp-3prf-pwqq https://github.com/tidwall/gjson/issues/195 https://github.com/tifaweb/Dswjcms/issues/4 https://github.com/tifaweb/Dswjcms/issues/5 https://github.com/tildearrow/furnace/issues/325 https://github.com/tildearrow/furnace/issues/325#issuecomment-1094139655 +https://github.com/timdown/rangy/issues/478 https://github.com/tin-z/Stuff_and_POCs/blob/main/poc_libwav/POC https://github.com/tingyuu/vaeThink/issues/1 https://github.com/tingyuu/vaeThink/issues/2 @@ -118872,13 +121218,20 @@ https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-16929 https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-16930 https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-18016 https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-8798 +https://github.com/tintinweb/pub/tree/master/pocs/cve-2018-10057 +https://github.com/tintinweb/pub/tree/master/pocs/cve-2018-10058 https://github.com/tintinweb/pub/tree/master/pocs/cve-2020-15690 https://github.com/tinymce/tinymce/issues/4394 https://github.com/tj-actions/changed-files/security/advisories/GHSA-mcph-m25j-8j63 +https://github.com/tldjgggg/cve/blob/main/sql.md https://github.com/tlfyyds/EQ +https://github.com/tmccombs/tls-listener/security/advisories/GHSA-2qph-qpvm-2qf7 https://github.com/tolgee/tolgee-platform/security/advisories/GHSA-gx3w-rwh5-w5cg https://github.com/tonini/alchemist-server/issues/14 +https://github.com/tootsuite/mastodon/pull/9329 https://github.com/tootsuite/mastodon/pull/9381 +https://github.com/top-think/framework/issues/2559 +https://github.com/top-think/framework/issues/2996 https://github.com/torres14852/cve/blob/main/upload.md https://github.com/torvalds/linux/commit/04bf464a5dfd9ade0dda918e44366c2c61fce80b https://github.com/torvalds/linux/commit/05ab8f2647e4221cbdb3856dd7d32bd5407316b3 @@ -118891,9 +121244,11 @@ https://github.com/torvalds/linux/commit/b66c5984017533316fd1951770302649baf1aa3 https://github.com/torvalds/linux/commit/d114b9fe78c8d6fc6e70808c2092aa307c36dc8e https://github.com/torvalds/linux/commit/d270453a0d9ec10bb8a802a142fb1b3601a83098 https://github.com/totaljs/cms/issues/35 +https://github.com/tothi/hs-dvr-telnet https://github.com/tothi/pwn-hisilicon-dvr/blob/master/pwn_hisilicon_dvr.py https://github.com/toyydsBT123/One_of_my_take_on_SourceCodester/blob/main/Best-Student-Result-Management-System_1.0.poc.md https://github.com/traccar/traccar/security/advisories/GHSA-3gxq-f2qj-c8v9 +https://github.com/traccar/traccar/security/advisories/GHSA-vhrw-72f6-gwp5 https://github.com/traefik/traefik/security/advisories/GHSA-6fwg-jrfw-ff7p https://github.com/traefik/traefik/security/advisories/GHSA-fvhj-4qfh-q2hm https://github.com/trampgeek/jobe/issues/39 @@ -118901,8 +121256,11 @@ https://github.com/tramyardg/hotel-mgmt-system/issues/21 https://github.com/tramyardg/hotel-mgmt-system/issues/22 https://github.com/transcendent-group/advisories/blob/main/CVE-2022-27192.md https://github.com/tremwil/ds3-nrssr-rce +https://github.com/trenta3/goahead-versions/blob/master/2.1.8/230165webs218.tar.gz?raw=true https://github.com/trentm/json/issues/144 +https://github.com/trentm/python-markdown2/issues/285 https://github.com/trentm/python-markdown2/issues/348 +https://github.com/trippo/ResponsiveFilemanager/issues/600 https://github.com/tristao-marinho/CVE-2022-45544/blob/main/README.md https://github.com/tristao-marinho/CVE-2023-27842 https://github.com/tristao-marinho/CVE-2023-27842/blob/main/README.md @@ -118912,16 +121270,32 @@ https://github.com/trusteddomainproject/OpenDMARC/issues/64 https://github.com/tsingsee/EasyPlayerPro-Win/pull/24 https://github.com/tsruban/HHIMS/issues/1 https://github.com/ttimot24/HorizontCMS/issues/43 +https://github.com/tubakvgc/CVE/blob/main/Event_Student_Attendance_System.md +https://github.com/tubakvgc/CVE/blob/main/Travel_Journal_App.md +https://github.com/tubakvgc/CVEs/blob/main/Cinema%20Seat%20Reservation%20System/Cinema%20Seat%20Reservation%20System%20-%20SQL%20Injection.md +https://github.com/tubakvgc/CVEs/blob/main/Hotel%20Managment%20System/Hotel%20Managment%20System%20-%20SQL%20Injection-2.md +https://github.com/tubakvgc/CVEs/blob/main/Hotel%20Managment%20System/Hotel%20Managment%20System%20-%20SQL%20Injection-3.md +https://github.com/tubakvgc/CVEs/blob/main/Hotel%20Managment%20System/Hotel%20Managment%20System%20-%20SQL%20Injection-4.md +https://github.com/tubakvgc/CVEs/blob/main/Simple%20School%20Management%20System/Simple%20School%20Managment%20System%20-%20Authentication%20Bypass%20-%202.md +https://github.com/tubakvgc/CVEs/blob/main/Simple%20School%20Management%20System/Simple%20School%20Managment%20System%20-%20Authentication%20Bypass.md +https://github.com/tubakvgc/CVEs/blob/main/Simple%20School%20Management%20System/Simple%20School%20Managment%20System%20-%20SQL%20Injection%20-1.md +https://github.com/tubakvgc/CVEs/blob/main/Simple%20School%20Management%20System/Simple%20School%20Managment%20System%20-%20SQL%20Injection%20-3.md +https://github.com/tubakvgc/CVEs/blob/main/Simple%20School%20Management%20System/Simple%20School%20Managment%20System%20-%20SQL%20Injection%20-5.md +https://github.com/tubakvgc/CVEs/blob/main/Simple%20School%20Management%20System/Simple%20School%20Managment%20System%20-%20SQL%20Injection%20-6.md +https://github.com/tubakvgc/CVEs/blob/main/Simple%20School%20Management%20System/Simple%20School%20Managment%20System%20-%20SQL%20Injection%20-7.md +https://github.com/tutao/tutanota/security/advisories/GHSA-5h47-g927-629g https://github.com/tutao/tutanota/security/advisories/GHSA-mxgj-pq62-f644 https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-6mv4-4v73-xw58 https://github.com/twignet/splicecom https://github.com/two-kisses/pescms_vulnerability https://github.com/two-kisses/pescms_vulnerability, +https://github.com/twosevenzero/shoretel-mitel-rce https://github.com/twothink/twothink/issues/1 https://github.com/typecho/typecho/issues/1523 https://github.com/typecho/typecho/issues/1536 https://github.com/typecho/typecho/issues/1539 https://github.com/typecho/typecho/issues/1546 +https://github.com/typecho/typecho/issues/952 https://github.com/typestack/class-validator/issues/438 https://github.com/typestack/class-validator/issues/438#issuecomment-964728471 https://github.com/typora/typora-issues/issues/2129 @@ -118932,8 +121306,13 @@ https://github.com/typora/typora-issues/issues/2289 https://github.com/typora/typora-issues/issues/2505 https://github.com/typora/typora-issues/issues/2959 https://github.com/typora/typora-issues/issues/3124 +https://github.com/u32i/cve/tree/main/CVE-2024-25164 https://github.com/uBlockOrigin/uBlock-issues/issues/1992 https://github.com/uclouvain/openjpeg/blob/master/CHANGELOG.md +https://github.com/uclouvain/openjpeg/issues/1053 +https://github.com/uclouvain/openjpeg/issues/1057 +https://github.com/uclouvain/openjpeg/issues/1059 +https://github.com/uclouvain/openjpeg/issues/1152 https://github.com/uclouvain/openjpeg/issues/1178 https://github.com/uclouvain/openjpeg/issues/1228 https://github.com/uclouvain/openjpeg/issues/1231 @@ -119001,12 +121380,15 @@ https://github.com/unicorn-engine/unicorn/issues/1586 https://github.com/unicorn-engine/unicorn/issues/1588 https://github.com/unicorn-engine/unicorn/issues/1595 https://github.com/unknown00759/CVE-2023-36158/blob/main/CVE-2023-36158.md +https://github.com/unlcms/UNL-CMS/issues/941 https://github.com/unpWn4bL3/iot-security/blob/main/1.md https://github.com/unpWn4bL3/iot-security/blob/main/13.md https://github.com/unpWn4bL3/iot-security/blob/main/2.md +https://github.com/unpWn4bL3/iot-security/blob/main/29.md https://github.com/upasvi/CVE-/issues/1 https://github.com/upasvi/CVE-/issues/2 https://github.com/upx/upx/issues/128 +https://github.com/upx/upx/issues/207 https://github.com/upx/upx/issues/286 https://github.com/upx/upx/issues/287 https://github.com/upx/upx/issues/313 @@ -119015,6 +121397,9 @@ https://github.com/upx/upx/issues/315 https://github.com/upx/upx/issues/331 https://github.com/upx/upx/issues/332 https://github.com/upx/upx/issues/333 +https://github.com/upx/upx/issues/378 +https://github.com/upx/upx/issues/379 +https://github.com/upx/upx/issues/381 https://github.com/upx/upx/issues/388 https://github.com/upx/upx/issues/390 https://github.com/upx/upx/issues/391 @@ -119023,28 +121408,53 @@ https://github.com/upx/upx/issues/393 https://github.com/upx/upx/issues/394 https://github.com/upx/upx/issues/395 https://github.com/upx/upx/issues/396 +https://github.com/upx/upx/issues/421 https://github.com/upx/upx/issues/485 +https://github.com/upx/upx/issues/486 +https://github.com/upx/upx/issues/545 https://github.com/upx/upx/issues/631 https://github.com/upx/upx/issues/632 https://github.com/ushahidi/Ushahidi_Web/issues/1009 +https://github.com/uvoteam/libdoc/issues/1 +https://github.com/uvoteam/libdoc/issues/2 https://github.com/uvoteam/libdoc/issues/5 https://github.com/uvoteam/libdoc/issues/6 +https://github.com/v1k1ngfr/exploits-rconfig/blob/master/rconfig_CVE-2020-10220.py +https://github.com/v1k1ngfr/exploits-rconfig/blob/master/rconfig_sqli.py +https://github.com/vQAQv/Request-CVE-ID-PoC/blob/master/PbootCMS/v0.9.8/CSRF.md +https://github.com/vQAQv/Request-CVE-ID-PoC/blob/master/PbootCMS/v0.9.8/Getshll.md https://github.com/vaadin/flow/pull/10577 https://github.com/vah13/OracleCVE/tree/master/CVE-2017-10147 https://github.com/vah13/OracleCVE/tree/master/CVE-2017-10148 https://github.com/vah13/SAP_exploit +https://github.com/vah13/extractTVpasswords +https://github.com/vanitashtml/CVE-Dumps/blob/main/Blind%20SQL%20Injection%20Manage%20Category%20-%20Mobile%20Management%20Store.md +https://github.com/vanitashtml/CVE-Dumps/blob/main/Block%20Inserter%20for%20Dynamic%20Content%20-%20Sql%20Injection.md +https://github.com/vanitashtml/CVE-Dumps/blob/main/Execute%20After%20Redirect%20-%20Food%20Management%20System.md https://github.com/vanitashtml/CVE-Dumps/blob/main/RCE%20via%20Arbitrary%20File%20Upload%20in%20Mobile%20Management%20Store.md +https://github.com/vanitashtml/CVE-Dumps/blob/main/SQL%20Injection%20in%20Mobile%20Management%20Store.md +https://github.com/vanitashtml/CVE-Dumps/blob/main/SQL%20Injection%20in%20View%20Order%20-%20Mobile%20Management%20Store.md +https://github.com/vanitashtml/CVE-Dumps/blob/main/Sql%20Injection%20Authentication%20Bypass%20in%20Mobile%20Management%20Store.md https://github.com/vanitashtml/CVE-Dumps/blob/main/Stored%20XSS%20Daily%20Habit%20Tracker.md +https://github.com/vanitashtml/CVE-Dumps/blob/main/Stored%20XSS%20Mobile%20Management%20Store.md https://github.com/vanitashtml/CVE-Dumps/blob/main/Unauthenticated%20SQL%20Injection%20-%20Mobile%20Management%20Store.md https://github.com/varangamin/CVE-2017-6206 +https://github.com/varigit/matrix-gui-v2/issues/1 +https://github.com/varun-suresh/Clustering/issues/12 +https://github.com/vatesfr/xen-orchestra/issues/5712 https://github.com/vdohney/keepass-password-dumper https://github.com/vedees/wcms/issues/10 +https://github.com/vedees/wcms/issues/11 https://github.com/vedees/wcms/issues/12 https://github.com/vedees/wcms/issues/15 https://github.com/vedees/wcms/issues/2 https://github.com/vedees/wcms/issues/3 +https://github.com/vedees/wcms/issues/7 https://github.com/vedees/wcms/issues/8 https://github.com/vedees/wcms/issues/9 +https://github.com/vega/vega/security/advisories/GHSA-4vq7-882g-wcg4 +https://github.com/vega/vega/security/advisories/GHSA-w5m3-xh75-mp55 +https://github.com/vektor-inc/vk-all-in-one-expansion-unit/pull/1072 https://github.com/vercel/ms/pull/89 https://github.com/verdammelt/tnef/issues/23 https://github.com/verf1sh/Poc/blob/master/asan_report_giflib.png @@ -119073,12 +121483,14 @@ https://github.com/vipinxsec/Alfresco_XSS/blob/master/README.md https://github.com/vitejs/vite/issues/8498 https://github.com/vitejs/vite/security/advisories/GHSA-353f-5xf4-qw67 https://github.com/vitejs/vite/security/advisories/GHSA-92r3-m2mg-pj97 +https://github.com/vitessio/vitess/security/advisories/GHSA-649x-hxfx-57j2 https://github.com/vitorespf/Advisories/blob/master/DLINK-DIR-841-command-injection.txt https://github.com/vitorespf/Advisories/blob/master/Intelbras-switch.txt https://github.com/vitorespf/Advisories/blob/master/Pelco_Digital_Sentry_Server-RSTPLive555%20Activex%20Buffer%20overflow.txt https://github.com/vitorespf/Advisories/blob/master/Pelco_Digital_Sentry_Server.txt https://github.com/vitorespf/Advisories/blob/master/Pelco_Digital_Sentry_Server_AFW.txt https://github.com/viz-rs/nano-id/security/advisories/GHSA-9hc7-6w9r-wj94 +https://github.com/vlm/asn1c/issues/394 https://github.com/vlm/asn1c/issues/396 https://github.com/vulf/Peel-Shopping-cart-9.4.0-Stored-XSS https://github.com/vulnbe/poc-rebar3.git @@ -119086,6 +121498,15 @@ https://github.com/vulnbe/poc-yaws-cgi-shell-injection https://github.com/vulnbe/poc-yaws-dav-xxe https://github.com/vulreport3r/cve-reports/blob/main/Ncast_Yingshi_has_RCE_vulnerabilities/report.md https://github.com/vuongdq54/RedCap +https://github.com/vyperlang/vyper/security/advisories/GHSA-3whq-64q2-qfj6 +https://github.com/vyperlang/vyper/security/advisories/GHSA-52xq-j7v9-v4v2 +https://github.com/vyperlang/vyper/security/advisories/GHSA-5jrj-52x8-m64h +https://github.com/vyperlang/vyper/security/advisories/GHSA-9p8r-4xp4-gw5w +https://github.com/vyperlang/vyper/security/advisories/GHSA-gp3w-2v2m-p686 +https://github.com/vyperlang/vyper/security/advisories/GHSA-m2v9-w374-5hj9 +https://github.com/vyperlang/vyper/security/advisories/GHSA-ppx5-q359-pvwj +https://github.com/vyperlang/vyper/security/advisories/GHSA-r56x-j438-vw5m +https://github.com/vyperlang/vyper/security/advisories/GHSA-xchq-w5r3-4wg3 https://github.com/vysec/CVE-2018-4878 https://github.com/w3c/resource-timing/issues/29 https://github.com/w3irdo001/demo/blob/master/1.html @@ -119097,26 +121518,36 @@ https://github.com/wagnerdracha/ProofOfConcept/blob/main/i3geo_proof_of_concept. https://github.com/wagnerdracha/ProofOfConcept/blob/main/i3geo_proof_of_concept.txt#L65 https://github.com/walinejs/waline/issues/785 https://github.com/walmartlabs/concord/issues/22 +https://github.com/wanghaiwei/xiuno-docker/issues/3 https://github.com/wanghaiwei/xiuno-docker/issues/5 +https://github.com/wangl1989/mysiteforme/issues/40 https://github.com/want1997/SEMCMS_VUL/blob/main/Download_sql_vul.md https://github.com/want1997/SEMCMS_VUL/blob/main/Download_sql_vul_2.md https://github.com/warmachine-57/CVE-2021-44117/blob/main/CSRF%20in%20FuelCMS +https://github.com/warp-tech/warpgate/security/advisories/GHSA-868r-97g5-r9g4 https://github.com/warp-tech/warpgate/security/advisories/GHSA-c94j-vqr5-3mxr https://github.com/warringaa/CVEs#glory-systems-rbw-100 https://github.com/wasm3/wasm3/issues/320 https://github.com/wasm3/wasm3/issues/323 https://github.com/wasm3/wasm3/issues/337 +https://github.com/wasm3/wasm3/issues/483 +https://github.com/wasm3/wasm3/issues/484 +https://github.com/wasm3/wasm3/issues/485 +https://github.com/watchtowrlabs/connectwise-screenconnect_auth-bypass-add-user-poc https://github.com/wazuh/wazuh/security/advisories/GHSA-4mq7-w9r6-9975 https://github.com/wazuh/wazuh/security/advisories/GHSA-mjq2-xf8g-68vw https://github.com/wbowm15/jubilant-enigma/blob/main/writeup.md https://github.com/wclimb/Koa2-blog/issues/40 +https://github.com/wclimb/Koa2-blog/issues/41 https://github.com/we1h0/SiteServer-CMS-Remote-download-Getshell +https://github.com/webasyst/webasyst-framework/issues/377 https://github.com/webbukkit/dynmap/issues/2474 https://github.com/webpack/loader-utils/issues/212 https://github.com/webpack/loader-utils/issues/212#issuecomment-1319192884 https://github.com/websockets/ws/commit/00c425ec77993773d823f018f64a5c44e17023ff https://github.com/websockets/ws/security/advisories/GHSA-6fc8-4gx4-v693 https://github.com/weidai11/cryptopp/issues/1248 +https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki https://github.com/weison-tech/yii2-cms/issues/2 https://github.com/wellcms/wellcms/issues/11 https://github.com/wendell1224/O2OA-POC/blob/main/POC.md @@ -119130,8 +121561,11 @@ https://github.com/weng-xianhu/eyoucms/issues/38 https://github.com/weng-xianhu/eyoucms/issues/41 https://github.com/weng-xianhu/eyoucms/issues/44 https://github.com/weng-xianhu/eyoucms/issues/55 +https://github.com/weng-xianhu/eyoucms/issues/57 https://github.com/westes/flex/issues/414 https://github.com/wgm/cerb/commit/12de87ff9961a4f3ad2946c8f47dd0c260607144 +https://github.com/whiteHat001/DRIVER_POC/tree/master/malwarefox/0x80002010 +https://github.com/whiteHat001/DRIVER_POC/tree/master/malwarefox/0x80002054 https://github.com/whitehatl/Vulnerability/blob/main/web/dedebiz/6.0.0/sys_info.poc.md https://github.com/whitehatl/Vulnerability/blob/main/web/dedecms/5.7.93/Login.poc.md https://github.com/whitehatl/Vulnerability/blob/main/web/dedecms/5.7.94/member_toadmin.poc.md @@ -119143,6 +121577,7 @@ https://github.com/whiter6666/CVE/blob/main/Tenda_RX9_Pro/SetNetControlList.md https://github.com/whiter6666/CVE/blob/main/Tenda_RX9_Pro/setIPv6Status.md https://github.com/whiter6666/CVE/blob/main/Tenda_RX9_Pro/setMacFilterCfg.md https://github.com/whiter6666/CVE/blob/main/Tenda_TX9pro/SetNetControlList.md +https://github.com/will121351/wenqin.webray.com.cn/blob/main/CVE-project/faq-management-system.md https://github.com/will121351/wenqin.webray.com.cn/blob/main/CVE-project/school-visitors-log-e-book.md https://github.com/will121351/wenqin.webray.com.cn/blob/main/CVE-project/url-shortener.md https://github.com/willchen0011/cve/blob/main/HongJing-sql.md @@ -119152,14 +121587,19 @@ https://github.com/win3zz/CVE-2023-43261 https://github.com/wind-cyber/DamiCMS-v6.0.0-have-csrf-and-xss-Vulnerabilities-/blob/master/README.md https://github.com/windecks/CVE-2023-46404 https://github.com/wiremock/wiremock/security/advisories/GHSA-676j-xrv3-73vc +https://github.com/wixtoolset/issues/security/advisories/GHSA-7wh2-wxc7-9ph5 +https://github.com/wixtoolset/issues/security/advisories/GHSA-rf39-3f98-xr7r https://github.com/wizlab-it/anviz-m3-rfid-cve-2019-11523-poc https://github.com/wkeyi0x1/vul-report/issues/2 +https://github.com/wkeyi0x1/vul-report/issues/3 +https://github.com/wkeyi0x1/vul-report/issues/4 https://github.com/wkeyuan/DWSurvey/issues/47 https://github.com/wkeyuan/DWSurvey/issues/48 https://github.com/wkeyuan/DWSurvey/issues/81 https://github.com/wlx65003/HZNUOJ/issues/17 https://github.com/woduq1414/munhak-moa/commit/e8f800373b20cb22de70c7a994325b8903877da0 https://github.com/woider/ArticleCMS/issues/5 +https://github.com/wolfi-dev/wolfictl/security/advisories/GHSA-8fg7-hp93-qhvr https://github.com/wollardj/simple-plist/issues/60 https://github.com/wpay65249519/cve/blob/main/SQL_injection.md https://github.com/wrongsid3/Sysax-MultiServer-6.90-Multiple-Vulnerabilities/blob/master/README.md @@ -119168,17 +121608,34 @@ https://github.com/wshepherd0010/advisories/blob/master/CVE-2018-8974.md https://github.com/wshepherd0010/advisories/blob/master/CVE-2018-9113.md https://github.com/wshidamowang/Router/blob/main/Tenda/AC18/RCE_1.md https://github.com/wssgcsc58/CVEs/tree/master/baidurustsgxsdk_enclaveid_race +https://github.com/wstmall/wstmall/issues/4 https://github.com/wsummerhill/BSA-Radar_CVE-Vulnerabilities/blob/master/CVE-2020-14943%20-%20Stored%20XSS.md https://github.com/wsummerhill/BSA-Radar_CVE-Vulnerabilities/blob/master/CVE-2020-14944%20-%20Access%20Control%20Vulnerabilities.md https://github.com/wsummerhill/BSA-Radar_CVE-Vulnerabilities/blob/master/CVE-2020-14945%20-%20Privilege%20Escalation.md https://github.com/wsummerhill/BSA-Radar_CVE-Vulnerabilities/blob/master/CVE-2020-14946%20-%20Local%20File%20Inclusion.md +https://github.com/wuweiit/mushroom/issues/19 https://github.com/wuzhicms/wuzhicms/issues/128 +https://github.com/wuzhicms/wuzhicms/issues/129 +https://github.com/wuzhicms/wuzhicms/issues/130 https://github.com/wuzhicms/wuzhicms/issues/131 +https://github.com/wuzhicms/wuzhicms/issues/132 +https://github.com/wuzhicms/wuzhicms/issues/133 https://github.com/wuzhicms/wuzhicms/issues/134 +https://github.com/wuzhicms/wuzhicms/issues/137 +https://github.com/wuzhicms/wuzhicms/issues/138 https://github.com/wuzhicms/wuzhicms/issues/141 +https://github.com/wuzhicms/wuzhicms/issues/143 +https://github.com/wuzhicms/wuzhicms/issues/144 +https://github.com/wuzhicms/wuzhicms/issues/145 +https://github.com/wuzhicms/wuzhicms/issues/146 +https://github.com/wuzhicms/wuzhicms/issues/149 +https://github.com/wuzhicms/wuzhicms/issues/150 +https://github.com/wuzhicms/wuzhicms/issues/154 +https://github.com/wuzhicms/wuzhicms/issues/155 https://github.com/wuzhicms/wuzhicms/issues/156 https://github.com/wuzhicms/wuzhicms/issues/157 https://github.com/wuzhicms/wuzhicms/issues/158 +https://github.com/wuzhicms/wuzhicms/issues/159 https://github.com/wuzhicms/wuzhicms/issues/169 https://github.com/wuzhicms/wuzhicms/issues/170 https://github.com/wuzhicms/wuzhicms/issues/171 @@ -119189,10 +121646,18 @@ https://github.com/wuzhicms/wuzhicms/issues/183 https://github.com/wuzhicms/wuzhicms/issues/188 https://github.com/wuzhicms/wuzhicms/issues/191 https://github.com/wuzhicms/wuzhicms/issues/192 +https://github.com/wuzhicms/wuzhicms/issues/196 +https://github.com/wuzhicms/wuzhicms/issues/197 +https://github.com/wuzhicms/wuzhicms/issues/198 https://github.com/wuzhicms/wuzhicms/issues/200 https://github.com/wuzhicms/wuzhicms/issues/205#issue-1635153937 https://github.com/wuzhicms/wuzhicms/issues/208 +https://github.com/wy876/cve/issues/1 https://github.com/wy876/cve/issues/3 +https://github.com/x-f1v3/ForCve/issues/1 +https://github.com/x-f1v3/ForCve/issues/2 +https://github.com/x-f1v3/ForCve/issues/3 +https://github.com/x-f1v3/ForCve/issues/4 https://github.com/x-f1v3/ForCve/issues/5 https://github.com/xCss/Valine/issues/127 https://github.com/xairy/kernel-exploits/tree/master/CVE-2016-2384 @@ -119206,9 +121671,11 @@ https://github.com/xcodeOn1/XSS-Stored-Expense-Tracker-App/tree/main https://github.com/xcodeOn1/xcode0x-CVEs/blob/main/CVE/CVE-2023-44047.md https://github.com/xcodeOn1/xcode0x-CVEs/blob/main/CVE/CVE-2023-44048.md https://github.com/xebd/accel-ppp/issues/158 +https://github.com/xenv/S-mall-ssm/issues/37 https://github.com/xerial/snappy-java/security/advisories/GHSA-55g7-9cwv-5qfv https://github.com/xiahao90/CVEproject/blob/main/DolphinPHPV1.5.0_xss.md https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/AC-Repair-and-Services-System---SQL-injections.md +https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Free%20and%20Open%20Source%20inventory%20management%20system-SQLi.md https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Garage-Management-System.md https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Lost-and-Found-Information-System---Multiple-SQL-injections.md https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Lost-and-Found-Information-System---Multiple-SQL-injections.md#2classesmasterphpfdelete_item @@ -119216,18 +121683,27 @@ https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Online-Com https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Online-Computer-and-Laptop-Store---Multiple-vulnerabilities.md#2sql-injection-vulnerability-in-productsphp https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Online-Computer-and-Laptop-Store---Multiple-vulnerabilities.md#3sql-injection-vulnerability-in-view_productphp https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Online-Computer-and-Laptop-Store---Multiple-vulnerabilities.md#4sql-injection-vulnerability-in-view_categoriesphp +https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/OnlineLearningSystemV2-XSS.md https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Serviced-Providerd-Managementd-Systemd--d-SQLd-injections.md https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Simple-E-Learning-System.md https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Simple-E-Learning-System.md#search.php +https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Simple-Student-Attendance-System.md#2pageattendancexss +https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Web-Based%20Student%20Clearance%20System%20-%20SQLi.md +https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Web-Based%20Student%20Clearance%20System%20-%20XSS.md https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/emlog%3C=pro-1.2.2%20Stored%20Cross-Site%20Scripting(XSS).md https://github.com/xiangbulala/CVE/blob/main/totlink.md https://github.com/xiangxiaobo/poc_and_report/tree/master/podofo_heapoverflow_PdfParser.ReadObjects +https://github.com/xiaolanjing0/cms/blob/main/1.md +https://github.com/xiaolanjing0/cms/blob/main/4.md https://github.com/xiaoqx/pocs/blob/master/exiv2/readme.md https://github.com/xiaoqx/pocs/blob/master/netpbm +https://github.com/xiaoqx/pocs/tree/master/cms https://github.com/xiaoqx/pocs/tree/master/exiv2 +https://github.com/xiaoqx/pocs/tree/master/gegl https://github.com/xiaoqx/pocs/tree/master/libtiff https://github.com/xiaosed/CVE-2023-29919/ https://github.com/xiayulei/open_source_bms/issues/33 +https://github.com/xiboon/kurwov/security/advisories/GHSA-hfrv-h3q8-9jpr https://github.com/xieqiang11/poc-1/tree/main https://github.com/xieqiang11/poc-2/tree/main https://github.com/xieqiang11/poc-3/tree/main @@ -119236,6 +121712,7 @@ https://github.com/xinzhihen06/ac23tenda/blob/main/tendaAC23.md https://github.com/xinzhihen06/dxq-cve/blob/main/h3cr160.md https://github.com/xiph/vorbis-tools/issues/41 https://github.com/xiweicheng/tms/issues/19 +https://github.com/xiyuanhuaigu/cve/blob/main/rce.md https://github.com/xmldom/xmldom/issues/436 https://github.com/xmldom/xmldom/issues/436#issuecomment-1319412826 https://github.com/xmldom/xmldom/issues/436#issuecomment-1327776560 @@ -119254,9 +121731,15 @@ https://github.com/xoffense/POC/blob/main/Multiple%20URI%20Based%20XSS%20in%20Bi https://github.com/xoffense/POC/blob/main/Session%20Fixation%20in%20Cubecart%206.4.2.md https://github.com/xoffense/POC/blob/main/Stored%20XSS%20via%20malicious%20file%20upload%20in%20ICE%20Hrm%20Version%2029.0.0.OS.md https://github.com/xtr4nge/FruityWifi/issues/277 +https://github.com/xuanluansec/vul/blob/main/vul/Music%20Gallery%20Site%20using%20PHP%20and%20MySQL%20Database%20Free%20Source%20Code/Music%20Gallery%20Site%20using%20PHP%20and%20MySQL%20Database%20Free%20Source%20Code.md +https://github.com/xuanluansec/vul/issues/1 +https://github.com/xuanluansec/vul/issues/2 +https://github.com/xuanluansec/vul/issues/3#issue-2243633522 https://github.com/xuanluansec/vul/issues/5 https://github.com/xuhuisheng/lemon/issues/198 https://github.com/xuhuisheng/lemon/issues/199 +https://github.com/xunyang1/ZZCMS/issues/1 +https://github.com/xunyang1/ZZCMS/issues/2 https://github.com/xuxueli/xxl-job/issues/1866 https://github.com/xuxueli/xxl-job/issues/1921 https://github.com/xuxueli/xxl-job/issues/2083 @@ -119266,9 +121749,11 @@ https://github.com/xuxueli/xxl-job/issues/3002 https://github.com/xuxueli/xxl-job/issues/3391 https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-9pc2-x9qf-7j2q https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-c5f4-p5wv-2475 +https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-p9mj-v5mf-m82x https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-qx9h-c5v6-ghqh https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-qxjg-jhgw-qhrv https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-x764-ff8r-9hpx +https://github.com/xwlrbh/Catfish/issues/1 https://github.com/xwlrbh/Catfish/issues/5 https://github.com/xxxxfang/CVE-Apply/blob/main/csrf-1.md https://github.com/xxy1126/Vuln/blob/main/Draytek/1.md @@ -119294,6 +121779,9 @@ https://github.com/xxy1126/Vuln/tree/main/Tenda%20M3/formSetFixTools_hostname https://github.com/xxy1126/Vuln/tree/main/Tenda%20M3/formSetFixTools_lan https://github.com/xxy1126/Vuln/tree/main/Tenda%20M3/formSetGuideListItem https://github.com/xxy1126/Vuln/tree/main/Tenda%20M3/formSetPicListItem +https://github.com/xxy961216/attack-baijiacmsV4-with-blind-sql-injection +https://github.com/xxy961216/attack-baijiacmsV4-with-xss +https://github.com/xyaly163/cms/blob/main/1.md https://github.com/xyaly163/cms/blob/main/2.md https://github.com/yanbushuang/CVE/blob/main/TendaAC5.md https://github.com/yangfan6888/PoC @@ -119306,13 +121794,34 @@ https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/resolve_dependencies https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/resolve_dependencies-1995 https://github.com/yaniswang/xhEditor/issues/37 https://github.com/yaowenxiao721/CloudExplorer-Lite-v1.4.1-vulnerability-BOPLA +https://github.com/yaoyue123/iot/blob/main/Tenda/A15/SetOnlineDevName.devname.md +https://github.com/yaoyue123/iot/blob/main/Tenda/A15/SetOnlineDevName.mac.md +https://github.com/yaoyue123/iot/blob/main/Tenda/A15/WifExtraSet.md +https://github.com/yaoyue123/iot/blob/main/Tenda/A15/setBlackRule.md +https://github.com/yaoyue123/iot/blob/main/Tenda/AC10U/formQuickIndex.md +https://github.com/yaoyue123/iot/blob/main/Tenda/AC10U/formSetPPTPServer.md +https://github.com/yaoyue123/iot/blob/main/Tenda/AC10U/fromDhcpListClient_1.md +https://github.com/yaoyue123/iot/blob/main/Tenda/AC10U/fromNatStaticSetting.md +https://github.com/yaoyue123/iot/blob/main/Tenda/AC10U/fromSetWirelessRepeat.md +https://github.com/yaoyue123/iot/blob/main/Tenda/AC10U/saveParentControlInfo_1.md +https://github.com/yaoyue123/iot/blob/main/Tenda/AC10U/setSmartPowerManagement.md https://github.com/yargs/y18n/issues/96 https://github.com/yasinyildiz26/Badminton-Center-Management-System https://github.com/yasm/yasm/issues/161 +https://github.com/yasm/yasm/issues/162 https://github.com/yasm/yasm/issues/163 +https://github.com/yasm/yasm/issues/164 +https://github.com/yasm/yasm/issues/165 https://github.com/yasm/yasm/issues/166 +https://github.com/yasm/yasm/issues/167 https://github.com/yasm/yasm/issues/168 +https://github.com/yasm/yasm/issues/169 +https://github.com/yasm/yasm/issues/170 +https://github.com/yasm/yasm/issues/171 https://github.com/yasm/yasm/issues/172 +https://github.com/yasm/yasm/issues/173 +https://github.com/yasm/yasm/issues/174 +https://github.com/yasm/yasm/issues/175 https://github.com/yasm/yasm/issues/206 https://github.com/yasm/yasm/issues/207 https://github.com/yasm/yasm/issues/208 @@ -119324,12 +121833,16 @@ https://github.com/yasm/yasm/issues/220 https://github.com/yasm/yasm/issues/221 https://github.com/yasm/yasm/issues/222 https://github.com/yaxuan404/OTCMS_3.2 +https://github.com/yckuo-sdc/PoC https://github.com/ycxdzj/CVE_Hunter/blob/main/SQL-7.md https://github.com/yetingli/PoCs/blob/main/CVE-2020-27511/Prototype.md https://github.com/yetingli/PoCs/blob/main/CVE-2021-29059/IS-SVG.md +https://github.com/yetingli/PoCs/blob/main/CVE-2021-29060/Color-String.md https://github.com/yetingli/PoCs/blob/main/CVE-2021-29061/Vfsjfilechooser2.md https://github.com/yetingli/PoCs/blob/main/CVE-2021-29063/Mpmath.md https://github.com/yetingli/SaveResults/blob/main/md/vfsjfilechooser2.md +https://github.com/yeyinshi/tuzicms/issues/1 +https://github.com/yeyinshi/tuzicms/issues/10 https://github.com/yeyinshi/tuzicms/issues/11 https://github.com/yeyinshi/tuzicms/issues/12 https://github.com/yeyinshi/tuzicms/issues/13 @@ -119341,7 +121854,10 @@ https://github.com/yhirose/cpp-peglib/issues/121 https://github.com/yhirose/cpp-peglib/issues/122 https://github.com/yhy217/huakecms-vul/issues/1 https://github.com/yi-ge/unzip/pull/1 +https://github.com/yiisoft/yii2/issues/19755 https://github.com/yiisoft/yii2/issues/19755#issuecomment-1426155955 +https://github.com/yiisoft/yii2/issues/19755#issuecomment-1505390813 +https://github.com/yiisoft/yii2/issues/19755#issuecomment-1505560351 https://github.com/yikesoftware/exp_and_poc_archive/tree/main/CVE/CVE-2022-40469 https://github.com/yilezhu/Czar.Cms/issues/6 https://github.com/yinfeidi/Vuls/blob/main/TRENDnet%20TV-IP110WN/CVE-2021-31655.md @@ -119351,12 +121867,16 @@ https://github.com/ymkyu/CVE/tree/main/CVE-2024-33789 https://github.com/ymkyu/CVE/tree/main/CVE-2024-33792 https://github.com/ymkyu/CVE/tree/main/CVE-2024-33793 https://github.com/yogeshshe1ke/CVE/blob/master/2019-7690/mobaxterm_exploit.py +https://github.com/yoshuawuyts/vmd/issues/137 https://github.com/youki992/youki992.github.io/blob/master/others/apply2.md https://github.com/youngerheart/nodeserver/pull/6 https://github.com/yourkevin/NiterForum/issues/25 https://github.com/ysuzhangbin/cms/blob/main/CSRF%20exists%20at%20the%20deletion%20point%20of%20navigation%20management.md +https://github.com/ysuzhangbin/cms2/blob/main/1.md +https://github.com/ysuzhangbin/cms2/blob/main/2.md https://github.com/yte121/-CVE-2023-46450/ https://github.com/yte121/CVE-2023-46974/ +https://github.com/ytsutano/axmldec/issues/4 https://github.com/yueying638/cve/blob/main/upload.md https://github.com/yukar1z0e/temp/blob/main/README.md https://github.com/yukino-hiki/CVE/blob/main/3/There%20is%20a%20storage%20type%20xss%20in%20the%20site%20management%20office.md @@ -119364,6 +121884,9 @@ https://github.com/yunaranyancat/poc-dump/blob/main/cloudpanel/README.md https://github.com/yunaranyancat/poc-dump/blob/main/simplecollegewebsite/sqli_rce.py https://github.com/yunaranyancat/poc-dump/tree/main/MultiRestaurantReservationSystem/1.0 https://github.com/yupoxiong/BearAdmin/issues/5 +https://github.com/yuyuliq/cve/issues/1 +https://github.com/ywf7678/cms/blob/main/1.md +https://github.com/yxcmf/ukcms/issues/1 https://github.com/yylmm/CVE/blob/main/Legal%20Case%20Management%20System/xss_admin_appointment.md https://github.com/yylmm/CVE/blob/main/Legal%20Case%20Management%20System/xss_admin_case-status.md https://github.com/yylmm/CVE/blob/main/Legal%20Case%20Management%20System/xss_admin_case-type.md @@ -119399,12 +121922,17 @@ https://github.com/yylmm/CVE/blob/main/Prison%20Management%20System/xss.md https://github.com/yylmm/CVE/blob/main/Prison%20Management%20System/xss2.md https://github.com/yylmm/CVE/blob/main/Prison%20Management%20System/xss3.md https://github.com/yylmm/CVE/blob/main/Prison%20Management%20System/xss4.md +https://github.com/yzmcms/yzmcms/issues/1 https://github.com/yzmcms/yzmcms/issues/11 https://github.com/yzmcms/yzmcms/issues/12 https://github.com/yzmcms/yzmcms/issues/13 https://github.com/yzmcms/yzmcms/issues/14 +https://github.com/yzmcms/yzmcms/issues/2 +https://github.com/yzmcms/yzmcms/issues/21 +https://github.com/yzmcms/yzmcms/issues/22 https://github.com/yzmcms/yzmcms/issues/27 https://github.com/yzmcms/yzmcms/issues/28 +https://github.com/yzmcms/yzmcms/issues/3 https://github.com/yzmcms/yzmcms/issues/43 https://github.com/yzmcms/yzmcms/issues/45 https://github.com/yzmcms/yzmcms/issues/46 @@ -119412,9 +121940,11 @@ https://github.com/yzmcms/yzmcms/issues/47 https://github.com/yzmcms/yzmcms/issues/55 https://github.com/yzmcms/yzmcms/issues/59 https://github.com/yzmcms/yzmcms/issues/60 +https://github.com/yzmcms/yzmcms/issues/68 https://github.com/yzmcms/yzmcms/issues/7 https://github.com/yzmcms/yzmcms/issues/9 https://github.com/yzskyt/Vuln/blob/main/Go-RT-AC750/Go-RT-AC750.md +https://github.com/z00z00z00/Safenet_SAC_CVE-2021-42056 https://github.com/z1pwn/bug_report/blob/main/vendors/kingbhob02/library-management-system/XSS-1.md https://github.com/z1r00/IOT_Vul/blob/main/Tenda/A18/TendaTelnet/readme.md https://github.com/z1r00/IOT_Vul/blob/main/Tenda/A18/formWifiBasicSet/readme.md @@ -119459,6 +121989,7 @@ https://github.com/z1r00/IOT_Vul/blob/main/dlink/Dir816/setmac/readme.md https://github.com/z1r00/IOT_Vul/blob/main/dlink/Dir816/wizard_end/readme.md https://github.com/z1r00/IOT_Vul/tree/main/dlink/Dir816/form2systime_cgi https://github.com/z1r00/fuzz_vuln/blob/main/Bento4/mp42aac/readme.md +https://github.com/z1r00/fuzz_vuln/blob/main/Bento4/mp42avc/readme.md https://github.com/z1r00/fuzz_vuln/blob/main/Bento4/mp4decrypt/sigv/readme.md https://github.com/z1r00/fuzz_vuln/blob/main/Bento4/mp4info/readme.md https://github.com/z1r00/fuzz_vuln/blob/main/mjs/SEGV/mjs_ffi/readme.md @@ -119469,6 +122000,7 @@ https://github.com/z1r00/fuzz_vuln/blob/main/mp4v2/heap-buffer-overflow/mp4prope https://github.com/z1r00/fuzz_vuln/blob/main/yasm/segv/delete_Token/readme.md https://github.com/z1r00/fuzz_vuln/blob/main/yasm/stack-buffer-overflow/yasm/readmd.md https://github.com/z1r00/fuzz_vuln/blob/main/yasm/stack-overflow/parse_expr1/readme.md +https://github.com/zadewg/LIVEBOX-0DAY https://github.com/zadewg/RIUS https://github.com/zakee94/online-banking-system/issues/11 https://github.com/zakee94/online-banking-system/issues/12 @@ -119479,10 +122011,15 @@ https://github.com/zakee94/online-banking-system/issues/16 https://github.com/zakee94/online-banking-system/issues/17 https://github.com/zakee94/online-banking-system/issues/19 https://github.com/zalando/skipper/releases/tag/v0.13.218 +https://github.com/zblogcn/zblogphp/issues/175 +https://github.com/zblogcn/zblogphp/issues/176 +https://github.com/zblogcn/zblogphp/issues/187 +https://github.com/zblogcn/zblogphp/issues/188 https://github.com/zblogcn/zblogphp/issues/209 https://github.com/zblogcn/zblogphp/issues/336 https://github.com/zchuanzhao/jeesns/issues/6 https://github.com/zchuanzhao/jeesns/issues/9 +https://github.com/zeek/zeek/issues/1798 https://github.com/zencart/zencart/issues/1431 https://github.com/zenspider/ruby_parser-legacy/issues/1 https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-2g3m-p6c7-8rr3 @@ -119497,6 +122034,7 @@ https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fjc8-223c- https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-gghm-c696-f4j4 https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-gj27-862r-55wh https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hmpr-px56-rvww +https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-p6f3-f63q-5mc2 https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-rf6q-rhhp-pqhf https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-rgx6-3w4j-gf5j https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-rhrc-pcxp-4453 @@ -119504,6 +122042,7 @@ https://github.com/zer0yu/CVE_Request/blob/master/MonstaFTP/MonstaFTP_v2_10_3_SS https://github.com/zer0yu/CVE_Request/blob/master/WAVLINK/WAVLINK_AC1200_unauthorized_access_vulnerability_first.md https://github.com/zer0yu/CVE_Request/blob/master/WAVLINK/WAVLINK_AC1200_unauthorized_access_vulnerability_second.md https://github.com/zer0yu/CVE_Request/blob/master/Webid/WeBid_Path_Traversal.md +https://github.com/zer0yu/CVE_Request/blob/master/WonderCMS/wondercms_installUpdateThemePluginAction_plugins.md https://github.com/zer0yu/CVE_Request/blob/master/baijiacms/baijiacmsv4_ssrf.md https://github.com/zer0yu/CVE_Request/blob/master/netgear/Netgear_W104_unauthorized_access_vulnerability_first.md https://github.com/zer0yu/CVE_Request/blob/master/netgear/Netgear_W104_unauthorized_access_vulnerability_second.md @@ -119513,6 +122052,7 @@ https://github.com/zer0yu/CVE_Request/blob/master/rConfig/rConfig_%20ajaxGetFile https://github.com/zer0yu/CVE_Request/blob/master/rConfig/rConfig_path_a.md https://github.com/zer0yu/CVE_Request/blob/master/rConfig/rConfig_path_b.md https://github.com/zerohax/RedmineUP-XSS/blob/master/vcard-upload-xss +https://github.com/zeromicro/go-zero/security/advisories/GHSA-fgxv-gw55-r5fq https://github.com/zerrr0/Zerrr0_Vulnerability/blob/main/Best%20Courier%20Management%20System%201.0/Arbitrary-File-Upload-Vulnerability.md https://github.com/zerrr0/Zerrr0_Vulnerability/blob/main/Best%20Courier%20Management%20System%201.0/SQL-Injection-Vulnerability-3.md https://github.com/zerrr0/Zerrr0_Vulnerability/blob/main/Best%20Courier%20Management%20System%201.0/SQL-Injection-Vulnerability.md @@ -119547,12 +122087,16 @@ https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1643 https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1678 https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1679 https://github.com/zhangqiquan/shopxian_cms/issues/4 +https://github.com/zhaoheng521/PbootCMS/blob/master/V1.0.7%20csrf +https://github.com/zhaoheng521/yxcms/blob/master/Any%20file%20deletion https://github.com/zhaojh329/rttys/issues/117 https://github.com/zhizhuoshuma/cve_info_data/blob/ccaed4b94ba762eb8a8e003bfa762a7754b8182e/Vuln/Vuln/DIR-820L/command_execution_0/README.md https://github.com/zhlu32/cve/blob/main/tenda/Tenda-ac15-buffer-overflow.md https://github.com/zhlu32/cve/blob/main/tplink/wr886n/Tplink-wr886n-V3-Ping-DOS.md +https://github.com/zhuowei/worthdoingbadly.com/blob/master/_posts/2018-12-14-sqlitebug.html https://github.com/zhuxianjin/vuln_repo/blob/master/chaojicms_stored_xss.md https://github.com/zhuzhuyule/HexoEditor/issues/3 +https://github.com/zi0Black/POC-CVE-2018-0114 https://github.com/zikula/core/issues/3237 https://github.com/zj3t/Automotive-vulnerabilities/tree/main/VW/jetta2021 https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc1.md @@ -119560,6 +122104,7 @@ https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc2.md https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc3.md https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc4.md https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc5.md +https://github.com/zldww2011/CVE-2018-0802_POC https://github.com/zlgxzswjy/BUI-select-xss https://github.com/zlib-ng/minizip-ng/issues/739 https://github.com/zmanda/amanda/security/advisories/GHSA-crrw-v393-h5q3 @@ -119584,7 +122129,9 @@ https://github.com/zyairelai/CVE-submissions/blob/main/kortex-deactivate_case-sq https://github.com/zyairelai/CVE-submissions/blob/main/kortex-register_case-sqli.md https://github.com/zyairelai/CVE-submissions/blob/main/prison-xss.md https://github.com/zyx0814/dzzoffice/issues/183 +https://github.com/zyx0814/dzzoffice/issues/195 https://github.com/zyx0814/dzzoffice/issues/223 +https://github.com/zzh-newlearner/MQTT_Crash/blob/main/Mongoose_null_pointer.md https://github.com/zzh-newlearner/record/blob/main/luowice.md https://github.com/zzh-newlearner/record/blob/main/luowice_warning.md https://github.com/zzh-newlearner/record/blob/main/macrovideo_share.md @@ -119608,13 +122155,16 @@ https://gitlab.com/gitlab-org/gitlab-ce/issues/47793 https://gitlab.com/gitlab-org/gitlab-ce/issues/48617 https://gitlab.com/gitlab-org/gitlab-ce/issues/49133 https://gitlab.com/gitlab-org/gitlab-ce/issues/50744 +https://gitlab.com/gitlab-org/gitlab-ce/issues/50748 https://gitlab.com/gitlab-org/gitlab-ce/issues/50995 https://gitlab.com/gitlab-org/gitlab-ce/issues/51142 +https://gitlab.com/gitlab-org/gitlab-ce/issues/51423 https://gitlab.com/gitlab-org/gitlab-ce/issues/51581 https://gitlab.com/gitlab-org/gitlab-ce/issues/52212 https://gitlab.com/gitlab-org/gitlab-ce/issues/52444 https://gitlab.com/gitlab-org/gitlab-ce/issues/52522 https://gitlab.com/gitlab-org/gitlab-ce/issues/53037 +https://gitlab.com/gitlab-org/gitlab-ce/issues/54189 https://gitlab.com/gitlab-org/gitlab-ce/issues/54220 https://gitlab.com/gitlab-org/gitlab-ce/issues/54795 https://gitlab.com/gitlab-org/gitlab-ce/issues/55200 @@ -119812,8 +122362,10 @@ https://gitlab.freedesktop.org/dbus/dbus/-/issues/294 https://gitlab.freedesktop.org/freetype/freetype-demos/-/issues/8 https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1224 https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225 +https://gitlab.freedesktop.org/libopenraw/exempi/issues/12 https://gitlab.freedesktop.org/libopenraw/exempi/issues/13 https://gitlab.freedesktop.org/pixman/pixman/-/issues/63 +https://gitlab.freedesktop.org/polkit/polkit/-/issues/141 https://gitlab.freedesktop.org/poppler/poppler/-/issues/1011 https://gitlab.freedesktop.org/poppler/poppler/-/issues/1013 https://gitlab.freedesktop.org/poppler/poppler/-/issues/1016 @@ -119835,6 +122387,7 @@ https://gitlab.freedesktop.org/poppler/poppler/issues/741 https://gitlab.freedesktop.org/poppler/poppler/issues/742 https://gitlab.freedesktop.org/poppler/poppler/issues/748 https://gitlab.freedesktop.org/poppler/poppler/issues/750 +https://gitlab.freedesktop.org/poppler/poppler/issues/751 https://gitlab.freedesktop.org/poppler/poppler/issues/752 https://gitlab.freedesktop.org/poppler/poppler/issues/802 https://gitlab.gnome.org/GNOME/epiphany/-/issues/1612 @@ -119915,6 +122468,7 @@ https://gkaim.com/cve-2019-7439-vikas-chaudhary/ https://gkaim.com/cve-2019-7440-vikas-chaudhary/ https://gkaim.com/cve-2019-7441-vikas-chaudhary/ https://gnats.netbsd.org/cgi-bin/query-pr-single.pl?number=51682 +https://go.dev/issue/63417 https://googleinformationsworld.blogspot.com/2023/04/revive-adserver-541-vulnerable-to-brute.html https://googleonlinesecurity.blogspot.com/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html https://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.html @@ -119973,8 +122527,10 @@ https://hackerone.com/reports/588239 https://hackerone.com/reports/588562 https://hackerone.com/reports/651518 https://hackerone.com/reports/681617 +https://hackerone.com/reports/689314 https://hackerone.com/reports/775693 https://hackerone.com/reports/792895 +https://hackerone.com/reports/867052 https://hackerone.com/reports/986365 https://hackings8n.blogspot.com/2018/06/cve-2018-12705-digisol-wireless-router.html https://hackings8n.blogspot.com/2018/06/cve-2018-12706-digisol-dg-br4000ng.html @@ -119984,6 +122540,7 @@ https://hackingvila.wordpress.com/2019/03/06/php-scripts-mall-online-lottery-php https://hackintoanetwork.com/blog/2023-starlink-router-gen2-xss-eng/ https://hackmag.com/security/aguard-cve/ https://hackpuntes.com/cve-2018-14430-wordpress-plugin-multi-step-form-125-multiples-xss-reflejados/ +https://hackpuntes.com/cve-2018-15571-wordpress-plugin-export-users-to-csv-1-1-1-csv-injection/ https://hackpuntes.com/cve-2018-15873-sentrifugo-hrms-3-2-blind-sql-injection/ https://hackpuntes.com/cve-2018-15917-jorani-leave-management-system-0-6-5-cross-site-scripting-persistente/ https://hackpuntes.com/cve-2018-15918-jorani-leave-management-system-0-6-5-sql-injection/ @@ -120133,6 +122690,7 @@ https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19 https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-022-ultravnc-improper-null-termination/ https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-023-ultravnc-stack-based-buffer-overflow/ https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-024-ultravnc-improper-initialization/ +https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/10/30/klcert-19-032-denial-of-service-in-rdesktop-before-1-8-4/ https://ics-cert.kaspersky.com/advisories/klcert-advisories/2020/10/09/klcert-20-015-remote-code-execution-in-arc-informatique-pcvue/ https://ics-cert.kaspersky.com/advisories/klcert-advisories/2020/10/09/klcert-20-016-denial-of-service-in-arc-informatique-pcvue/ https://ics-cert.kaspersky.com/advisories/klcert-advisories/2020/10/09/klcert-20-017-session-information-exposure-in-arc-informatique-pcvue/ @@ -120147,6 +122705,7 @@ https://ihexcoder.wixsite.com/secresearch/post/privilege-escalation-in-teachers- https://ikiwiki.info/bugs/XSS_Alert...__33____33____33__/ https://illikainen.dev/advisories/014-yz1-izarc https://illuminati.services/2021/04/29/cve-2021-26807-gog-galaxy-v2-0-35-dll-load-order-hijacking/ +https://images.go.hitachienergy.com/Web/ABBEnterpriseSoftware/%7B70b3d323-4866-42e1-8a75-58996729c1d4%7D_8DBD000172-VU-2023-23_Asset_Suite_Tagout_vulnerability_Rev1.pdf https://imagetragick.com/ https://imhotepisinvisible.com/druva-lpe/ https://improsec.com/tech-blog/cam1 @@ -120188,12 +122747,15 @@ https://issues.asterisk.org/jira/browse/ASTERISK-20967 https://issues.chromium.org/issues/325866363 https://issues.chromium.org/issues/325936438 https://issues.chromium.org/issues/40058873 +https://issues.chromium.org/issues/40064602 https://issues.chromium.org/issues/40064754 https://issues.chromium.org/issues/40944847 +https://issues.chromium.org/issues/40946325 https://issues.chromium.org/issues/41481374 https://issues.chromium.org/issues/41485789 https://issues.chromium.org/issues/41486208 https://issues.chromium.org/issues/41487933 +https://issues.chromium.org/issues/41491379 https://issues.chromium.org/issues/41493290 https://issues.chromium.org/issues/41495060 https://issues.chromium.org/issues/41495878 @@ -120485,6 +123047,7 @@ https://launchpad.net/bugs/1822013 https://launchpad.net/bugs/1881982 https://launchpad.net/bugs/1883840 https://launchpad.net/bugs/1895688 +https://launchpad.net/bugs/1939733 https://launchpad.net/bugs/2048114 https://launchpad.net/bugs/500625 https://launchpadlibrarian.net/74204969/LWSA-2011-002.txt @@ -120719,6 +123282,7 @@ https://medium.com/@heishou/libsystem-foreground-sql-injection-vulnerability-a98 https://medium.com/@heishou/libsystem-sql-injection-bb74915175fe https://medium.com/@hoanhp/0-day-story-2-delete-all-comments-easily-a854e52a7d50 https://medium.com/@honeyakshat999/hotel-management-system-sql-injection-on-login-page-a1ca87a31176 +https://medium.com/@hussainfathy99/exciting-news-my-first-cve-discovery-cve-2023-37543-idor-vulnerability-in-cacti-bbb6c386afed https://medium.com/@igor.lrgomes/cve-2019-11877-credentials-stealing-through-xss-on-pix-link-repeater-9a98c344f58e https://medium.com/@ismael0x00/multiple-vulnerabilities-in-raspap-3c35e78809f2 https://medium.com/@jalee0606/how-i-found-my-first-one-click-account-takeover-via-deeplink-in-ryde-5406010c36d8 @@ -120841,6 +123405,7 @@ https://mjlanders.com/2019/11/07/multiple-vulnerabilities-found-in-enghouse-zeac https://modzero.com/modlog/archives/2022/12/19/better_make_sure_your_password_manager_is_secure/index.html https://mohemiv.com/all/rejetto-http-file-server-2-3m-unauthenticated-rce/ https://momo5502.com/blog/?p=34 +https://moodle.org/mod/forum/discuss.php?d=198623 https://moodle.org/mod/forum/discuss.php?d=349419 https://mouha.be/sha-3-buffer-overflow/ https://movermeyer.com/2018-08-02-privilege-escalation-exploits-in-cobblers-api/ @@ -121681,6 +124246,7 @@ https://packetstormsecurity.com/files/177075/Enpass-Desktop-Application-6.9.2-HT https://packetstormsecurity.com/files/177168/User-Registration-And-Login-And-User-Management-System-3.1-SQL-Injection.html https://packetstormsecurity.com/files/177224/ITFlow-Cross-Site-Request-Forgery.html https://packetstormsecurity.com/files/177239/Dotclear-2.29-Cross-Site-Scripting.html +https://packetstormsecurity.com/files/177241/CMS-Made-Simple-2.2.19-Remote-Code-Execution.html https://packetstormsecurity.com/files/177243/CMS-Made-Simple-2.2.19-Cross-Site-Scripting.html https://packetstormsecurity.com/files/177254/SuperCali-1.1.0-Cross-Site-Scripting.html https://packetstormsecurity.com/files/177326/Hospital-Management-System-1.0-Insecure-Direct-Object-Reference-Account-Takeover.html @@ -121758,6 +124324,8 @@ https://packetstormsecurity.com/files/cve/CVE-2018-17792 https://packetstormsecurity.com/files/cve/CVE-2022-37661 https://packetstormsecurity.com/files/cve/CVE-2023-33584 https://packetstormsecurity.com/files/date/2012-12-14/ +https://pagure.io/389-ds-base/issue/49336 +https://pagure.io/389-ds-base/issue/50329 https://palant.de/2020/01/13/pwning-avast-secure-browser-for-fun-and-profit/ https://panda002.hashnode.dev/a-stored-cross-site-scripting-xss-vulnerability-in-the-create-the-function-of-zenario-cms-v94 https://panda002.hashnode.dev/badaso-version-297-has-an-xss-vulnerability-in-add-books @@ -122047,6 +124615,7 @@ https://research.jfrog.com/vulnerabilities/vector-admin-filter-bypass/ https://research.loginsoft.com/bugs/1501/ https://research.loginsoft.com/bugs/1508/ https://research.loginsoft.com/bugs/a-heap-buffer-overflow-vulnerability-in-the-function-ap4_bitstreamreadbytes-bento4-1-5-1-628/ +https://research.loginsoft.com/bugs/blind-sql-injection-in-librenms/ https://research.loginsoft.com/bugs/heap-based-buffer-underwrite-in-imagestreamgetline-poppler-0-74-0/ https://research.loginsoft.com/bugs/heap-buffer-overflow-in-h5olayout-c-hdf5-1-13-0/ https://research.loginsoft.com/bugs/heap-overflow-in-decompress-c-hdf5-1-13-0/ @@ -122129,7 +124698,9 @@ https://rodelllemit.medium.com/stored-xss-in-neo-cms-8-3-3-9bd1cb973c5b https://rotem-bar.com/hacking-65-million-websites-greater-cve-2022-29455-elementor https://rstforums.com/forum/88810-csrf-vbulletin-modcp.rst https://rt.perl.org/Public/Bug/Display.html?id=131665 +https://rt.perl.org/Public/Bug/Display.html?id=131844 https://rt.perl.org/Public/Bug/Display.html?id=133423 +https://rt.perl.org/Ticket/Display.html?id=133192 https://rtx.meta.security/exploitation/2024/01/30/Android-vendors-APEX-test-keys.html https://rtx.meta.security/exploitation/2024/03/04/Android-run-as-forgery.html https://ruby.sh/helpspot-disclosure-20180206.txt @@ -122228,6 +124799,7 @@ https://sec-consult.com/vulnerability-lab/advisory/pre-authenticated-remote-code https://sec-consult.com/vulnerability-lab/advisory/pre-authenticated-remote-code-execution-via-java-frontend-qds-endpoint-opentext-extended-ecm/ https://sec-consult.com/vulnerability-lab/advisory/sandbox-escape-with-root-access-clear-text-passwords-in-konica-minolta-bizhub-mfp-printer-terminals/ https://sec-consult.com/vulnerability-lab/advisory/stored-cross-site-scripting-in-mb-support-broker-management-solution-openviva-c2/ +https://sec.1i6w31fen9.top/2024/02/02/dcf-operations-window-remote-command-execute/ https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-csc-privesc-wx4U4Kw https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-LOeKsNmO https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-bLuPcb @@ -122310,12 +124882,34 @@ https://seclists.org/fulldisclosure/2022/Nov/18 https://seclists.org/fulldisclosure/2022/Oct/23 https://seclists.org/fulldisclosure/2022/Sep/24 https://seclists.org/fulldisclosure/2022/Sep/29 +https://seclists.org/fulldisclosure/2023/Jul/12 +https://seclists.org/fulldisclosure/2023/Jul/15 +https://seclists.org/fulldisclosure/2023/Jul/33 +https://seclists.org/fulldisclosure/2023/Jul/34 +https://seclists.org/fulldisclosure/2023/Jul/35 +https://seclists.org/fulldisclosure/2023/Jul/36 +https://seclists.org/fulldisclosure/2023/Jul/37 +https://seclists.org/fulldisclosure/2023/Jul/38 +https://seclists.org/fulldisclosure/2023/Jul/39 +https://seclists.org/fulldisclosure/2023/Jul/40 +https://seclists.org/fulldisclosure/2023/Mar/5 +https://seclists.org/fulldisclosure/2023/Nov/2 +https://seclists.org/fulldisclosure/2023/Nov/3 +https://seclists.org/fulldisclosure/2023/Nov/4 +https://seclists.org/fulldisclosure/2023/Nov/5 https://seclists.org/fulldisclosure/2024/Apr/23 +https://seclists.org/fulldisclosure/2024/Mar/9 https://seclists.org/oss-sec/2012/q2/396 https://seclists.org/oss-sec/2022/q2/155 https://seclists.org/oss-sec/2022/q2/66 https://seclists.org/oss-sec/2022/q4/178 https://seclists.org/oss-sec/2022/q4/41 +https://seclists.org/oss-sec/2023/q1/20 +https://seclists.org/oss-sec/2023/q2/276 +https://seclists.org/oss-sec/2023/q3/216 +https://seclists.org/oss-sec/2023/q3/229 +https://seclists.org/oss-sec/2023/q3/242 +https://seclists.org/oss-sec/2023/q4/14 https://secur1tyadvisory.wordpress.com/2017/03/15/usb-pratirodh-xml-external-entity-injection-vulnerability/ https://secur1tyadvisory.wordpress.com/2018/02/11/trixbox-os-command-injection-vulnerability-cve-2017-14535/ https://secur1tyadvisory.wordpress.com/2018/02/13/trixbox-multiple-cross-site-scripting-vulnerabilities/ @@ -123521,6 +126115,7 @@ https://sourceforge.net/p/yajsw/bugs/166/ https://sourceforge.net/p/zint/tickets/181/ https://sourceforge.net/project/shownotes.php?group_id=138780&release_id=571924 https://sourceware.org/bugzilla/show_bug.cgi?id=22421 +https://sourceware.org/bugzilla/show_bug.cgi?id=31058 https://spawnzii.github.io/posts/2022/07/how-we-have-pwned-root-me-in-2022/ https://spectreattack.com/ https://sploitus.com/exploit?id=1337DAY-ID-37364&utm_source=rss&utm_medium=rss @@ -123536,6 +126131,9 @@ https://srpopty.github.io/2023/02/15/Vulnerability-Discuz-X3.4-Reflected-XSS-(CV https://srpopty.github.io/2023/02/27/DedeCMS-V5.7.160-Backend-SQLi-group/ https://srpopty.github.io/2023/02/27/DedeCMS-V5.7.160-Backend-SQLi-story/ https://srpopty.github.io/2023/03/02/Typecho-V1.2.0-Backend-Reflected-XSS-cid/ +https://ssl.icu-project.org/trac/attachment/ticket/13490/poc.cpp +https://ssl.icu-project.org/trac/changeset/40715 +https://ssl.icu-project.org/trac/ticket/13510 https://stackdiary.com/critical-vulnerability-in-webp-codec-cve-2023-4863/ https://stackoverflow.com/questions/42170239/security-of-rand-in-ruby-compared-to-other-methods/42170560 https://starlabs.sg/advisories/22/22-0216/ @@ -124034,11 +126632,15 @@ https://toandak.blogspot.com/2020/05/improper-privilege-management-in.html https://tomekwasiak.pl/cve-2024-22854/ https://tomiodarim.io/posts/cve-2024-22632-3/ https://tomiodarim.io/posts/cve-2024-26504/ +https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-file-delete-N2VPmOnE https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-imp-afr-YBFLNyzd +https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-path-trav-Dz5dpzyM https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xss-twLnpy3M https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-mso-prvesc-BPFp9cZs https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-xss-P8fBz2FW https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-mult-vuln-KA9PK6D +https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-swg-fbyps-3z4qT7p +https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vpndtls-dos-TunzLEV https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu https://tortel.li/post/insecure-scope/ https://trac.ffmpeg.org/ticket/10686 @@ -124164,6 +126766,7 @@ https://us-cert.cisa.gov/ics/alerts/ICS-ALERT-15-288-01 https://user-images.githubusercontent.com/75008428/163742517-ecc1c787-1ef6-4df9-bdf2-407b2b31e111.png https://usn.ubuntu.com/3738-1/ https://usn.ubuntu.com/4118-1/ +https://usn.ubuntu.com/4559-1/ https://vavkamil.cz/2021/11/25/wordpress-plugin-confusion-update-can-get-you-pwned/ https://verneet.com/cve-2022-40711/ https://versprite.com/blog/security-research/windows-registry/ @@ -124197,6 +126800,9 @@ https://voidsec.com/vpn-leak/ https://volse.net/~haraldei/infosec/disclosures/hubzilla-before-7-2-multiple-vulnerabilities/ https://vrls.ws/posts/2021/08/samourai-wallet-bitcoin-pin-authentication-bypass-crypto/ https://vuldb.com/?id.1022 +https://vuldb.com/?id.113806 +https://vuldb.com/?id.126695 +https://vuldb.com/?id.126699 https://vuldb.com/?id.159430 https://vuldb.com/?id.164510 https://vuldb.com/?id.203178 @@ -124209,10 +126815,14 @@ https://vuldb.com/?id.206486 https://vuldb.com/?id.206688 https://vuldb.com/?id.206845 https://vuldb.com/?id.220638 +https://vuldb.com/?id.242170 +https://vuldb.com/?id.243800 https://vuldb.com/?id.248952 https://vuldb.com/?id.249356 https://vuldb.com/?id.250446 https://vuldb.com/?id.250716 +https://vuldb.com/?submit.304556 +https://vuldb.com/?submit.304572 https://vuldb.com/?submit.307752 https://vuldb.com/?submit.307761 https://vuldb.com/?submit.320855 @@ -124286,6 +126896,7 @@ https://wid.cert-bund.de/.well-known/csaf/white/2022/bsi-2022-0004.json https://wiki.mozilla.org/Platform/2010-12-07 https://wildix.atlassian.net/wiki/spaces/DOC/pages/30279136/Changelogs https://winscp.net/forum/viewtopic.php?t=30085 +https://wordpress.org/plugins/peepso-core/#developers https://wordpress.org/plugins/safe-svg/#developers https://wordpress.org/support/topic/discovered-security-vulnerabilities-1/ https://wordpress.org/support/topic/zip-attachments-wordpress-plugin-v114-arbitrary-file-download-vulnerability?replies=1 @@ -127476,6 +130087,7 @@ https://www.ayrx.me/prolink-prc2402m-multiple-vulnerabilities/#syscmd-command-in https://www.ayrx.me/prolink-prc2402m-multiple-vulnerabilities/#sysinit-password-reset https://www.ayrx.me/prolink-prc2402m-multiple-vulnerabilities/#tr069-command-injection https://www.bankinfosecurity.com/exclusive-aussie-firm-loses-5m-to-backdoored-cryptocurrency-a-11057 +https://www.bbraun.com/productsecurity https://www.bbraunusa.com/productsecurity https://www.bencteux.fr/posts/malwarebytes_wfc/ https://www.bencteux.fr/posts/synaman/ @@ -127498,6 +130110,9 @@ https://www.bsi.bund.de/SharedDocs/Cybersicherheitswarnungen/DE/2024/2024-213941 https://www.canva.dev/blog/engineering/when-url-parsers-disagree-cve-2023-38633/ https://www.checkmarx.com/blog/vulnerabilities-discovered-in-mozilla-bleach https://www.chtsecurity.com/news/0a4743a5-491e-4685-95ee-df8316ab5284 +https://www.chtsecurity.com/news/0dbe8e1d-0a6c-4604-9cf1-778ddc86a8c1 +https://www.chtsecurity.com/news/4ffbe017-70e1-4789-bfe6-4d6fb0d1a0b7 +https://www.chtsecurity.com/news/afe25fb4-55ac-45d9-9ece-cbc1edda2fb2%20 https://www.chudamax.com/posts/multiple-vulnerabilities-in-belloo-dating-script/ https://www.cirosec.de/fileadmin/1._Unternehmen/1.4._Unsere_Kompetenzen/Security_Advisory_AudioCodes_Mediant_family.pdf https://www.cisa.gov/news-events/ics-advisories/icsa-23-033-05 @@ -127513,6 +130128,8 @@ https://www.cisa.gov/news-events/ics-advisories/icsa-24-151-03 https://www.cisa.gov/uscert/ics/advisories/icsa-22-284-01 https://www.cisa.gov/uscert/ics/advisories/icsa-23-010-01 https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-04 +https://www.cnblogs.com/L0g4n-blog/p/16695155.html +https://www.cnblogs.com/L0g4n-blog/p/16704071.html https://www.cnblogs.com/Rainy-Day/p/18061399 https://www.cnblogs.com/echod/articles/10380909.html https://www.cnblogs.com/tr3e/p/9662324.html @@ -136586,6 +139203,7 @@ https://www.exploit-db.com/exploits/9926 https://www.exploit-db.com/ghdb/4613/ https://www.exploit-db.com/papers/47535 https://www.exploitee.rs/index.php/Belkin_N300#Remote_Root +https://www.exploitsecurity.io/post/cve-2023-33383-authentication-bypass-via-an-out-of-bounds-read-vulnerability https://www.exploitsecurity.io/post/cve-2023-34723-cve-2023-34724-cve-2023-34725 https://www.exsiliumsecurity.com/CVE-2024-27453.html https://www.fastly.com/blog/anatomy-of-a-command-injection-cve-2021-25296-7-8-with-metasploit-module-and @@ -136847,6 +139465,7 @@ https://www.navidkagalwalla.com/gila-cms-vulnerabilities https://www.navidkagalwalla.com/icehrm-vulnerabilities https://www.navsec.net/2022/11/12/kwoksys-xxe.html https://www.netskope.com/company/security-compliance-and-assurance/netskope-security-advisory-nskpsa-2021-002 +https://www.netsparker.com/critical-xss-sql-injection-vulnerabilities-gnew/ https://www.netsparker.com/cve-2015-1385-xss-vulnerability-in-blubrry-powerpress/ https://www.nezami.me/ https://www.novell.com/support/kb/doc.php?id=7017813 @@ -136855,6 +139474,7 @@ https://www.nri-secure.com/blog/new-iot-vulnerability-connmando https://www.ns-echo.com/posts/nomachine_afo.html https://www.nussko.com/advisories/advisory-2021-08-01.txt https://www.nussko.com/advisories/advisory-2021-08-02.txt +https://www.octority.com/2019/05/07/cyberark-enterprise-password-vault-xml-external-entity-xxe-injection/ https://www.okta.com/security-blog/2018/06/issues-around-third-party-apple-code-signing-checks/ https://www.on-x.com/wp-content/uploads/2023/01/ON-X-Security-Advisory-Ip-label-Ekara-Newtest-CVE-2022-23334.pdf https://www.on-x.com/wp-content/uploads/2023/01/on-x_-_security_advisory_-_sage_frp_1000_-_cve-2019-25053.pdf @@ -136967,6 +139587,7 @@ https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF) https://www.oxeye.io/blog/vm2-sandbreak-vulnerability-cve-2022-36067 https://www.papercut.com/kb/Main/CommonSecurityQuestions/ https://www.paramiko.org/changelog.html +https://www.pcmag.com/news/367801/security-flaw-allowed-any-app-to-run-using-eas-origin-clien https://www.pentagrid.ch/en/blog/busybox-cpio-directory-traversal-vulnerability/ https://www.pentagrid.ch/en/blog/reflected-xss-vulnerability-in-crealogix-ebics-implementation/ https://www.pentagrid.ch/en/blog/wind-river-vxworks-tarextract-directory-traversal-vulnerability/ @@ -137009,6 +139630,7 @@ https://www.purplemet.com/blog/openemr-xss-vulnerability https://www.purplemet.com/blog/palo-alto-firewall-multiple-xss-vulnerabilities https://www.purplemet.com/blog/sugarcrm-multiple-xss-vulnerabilities https://www.purplemet.com/blog/typo3-xss-vulnerability +https://www.quali.com/products/cloudshell-pro/ https://www.qualys.com/2015/07/23/cve-2015-3245-cve-2015-3246/cve-2015-3245-cve-2015-3246.txt https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt @@ -137106,6 +139728,7 @@ https://www.sec-consult.com/en/blog/advisories/sql-injection-xss-csrf-vulnerabil https://www.sec-consult.com/en/blog/advisories/stored-cross-site-scripting-in-kendo-ui-editor-cve-2018-14037/ https://www.sec-consult.com/en/blog/advisories/unprotected-wifi-access-unencrypted-data-transfer-in-vgate-icar2-wifi-obd2-dongle/ https://www.secforce.com/blog/2017/04/cve-2017-3599-pre-auth-mysql-remote-dos/ +https://www.secforce.com/blog/exploiting-grandstream-ht801-ata-cve-2021-37748-cve-2021-37915/ https://www.secura.com/services/iot/consumer-products/security-concerns-in-popular-smart-home-devices https://www.secureauth.com/labs/advisories/gigabyte-drivers-elevation-privilege-vulnerabilities https://www.securesystems.de/blog/advisory-and-exploitation-the-melag-ftp-server/ @@ -137170,6 +139793,7 @@ https://www.securitylab.ru/news/513051.php https://www.securityweek.com/connectwise-confirms-screenconnect-flaw-under-active-exploitation/ https://www.securityweek.com/recently-patched-teamcity-vulnerability-exploited-to-hack-servers/ https://www.seebug.org/vuldb/ssvid-97939 +https://www.seebug.org/vuldb/ssvid-97952 https://www.seekurity.com/blog/general/cve-2017-17713-and-cve-2017-17714-multiple-sql-injections-and-xss-vulnerabilities-found-in-the-hackers-tracking-tool-trape-boxug/ https://www.seekurity.com/blog/general/metasploit-web-project-kill-all-running-tasks-csrf-CVE-2017-5244/ https://www.seekurity.com/blog/general/multiple-cross-site-scripting-vulnerabilities-in-crea8social-social-network-script/ @@ -137640,6 +140264,7 @@ https://www.tarlogic.com/en/blog/vulnerabilities-in-ocs-inventory-2-4-1/ https://www.telekom.com/en/company/data-privacy-and-security/news/advisories-504842 https://www.telekom.com/en/corporate-responsibility/data-protection-data-security/security/details/advisories-504842 https://www.telekom.com/resource/blob/566546/276aaa2eab781729f2544d62edecf002/dl-190322-remote-buffer-overflow-in-a-axtls-data.pdf +https://www.tenable.com/blog/critical-drupal-core-vulnerability-what-you-need-to-know https://www.tenable.com/blog/cve-2020-12695-callstranger-vulnerability-in-universal-plug-and-play-upnp-puts-billions-of https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487 https://www.tenable.com/blog/frequently-asked-questions-cve-2024-3094-supply-chain-backdoor-in-xz-utils @@ -137864,6 +140489,7 @@ https://www.tenable.com/security/tns-2021-07 https://www.tenable.com/security/tns-2021-09 https://www.tenable.com/security/tns-2021-10 https://www.tenable.com/security/tns-2021-13 +https://www.tetradefense.com/incident-response-services/active-exploit-a-remote-code-execution-rce-vulnerability-for-ncr-aloha-point-of-sale/ https://www.theregister.co.uk/2018/02/06/openvms_vulnerability/ https://www.theregister.co.uk/2018/05/23/bmw_security_bugs/ https://www.theregister.co.uk/2018/08/20/php_unserialisation_wordpress_vuln/ @@ -137931,6 +140557,7 @@ https://www.veracode.com/blog/research/anatomy-cross-site-scripting-flaw-telerik https://www.vfxcomputing.com/?CVE-2018-19588 https://www.vfxcomputing.com/?CVE-2019-9657 https://www.vg247.com/2019/04/17/ea-origin-security-flaw-run-malicious-code-fixed/ +https://www.vicarius.io/vsociety/posts/shadowray-cve-2023-48022-exploit https://www.vicarius.io/vsociety/vulnerabilities/cve-2024-3094 https://www.vice.com/en/article/y3p35w/hackers-are-using-anti-cheat-in-genshin-impact-to-ransom-victims https://www.virusbulletin.com/virusbulletin/2017/01/journey-and-evolution-god-mode-2016-cve-2016-0189/ @@ -138187,6 +140814,7 @@ https://www.youtube.com/watch?v=6iZnIQbRf5M https://www.youtube.com/watch?v=88qeaLq98Gc https://www.youtube.com/watch?v=8GZg1IuSfCs https://www.youtube.com/watch?v=9c9Q4VZQOUk +https://www.youtube.com/watch?v=B0VpK0poTco https://www.youtube.com/watch?v=BOPLYnveBqk https://www.youtube.com/watch?v=Bgdbx5TJShI https://www.youtube.com/watch?v=CLAHE0qUHXs @@ -138196,6 +140824,7 @@ https://www.youtube.com/watch?v=ECTu2QVAl1c https://www.youtube.com/watch?v=FM5XlZPdvdo https://www.youtube.com/watch?v=Grirez2xeas https://www.youtube.com/watch?v=HUM5myJWbvc +https://www.youtube.com/watch?v=I93aH86BUaE https://www.youtube.com/watch?v=Iw8sIBLWE_w https://www.youtube.com/watch?v=KtDjoJlrpAc https://www.youtube.com/watch?v=La9nMeVCtt4 @@ -138225,6 +140854,7 @@ https://www.youtube.com/watch?v=aPKPUDmmYpc https://www.youtube.com/watch?v=b5vPDmMtzwQ https://www.youtube.com/watch?v=bIFot3a-58I https://www.youtube.com/watch?v=c0nawqA_bdI +https://www.youtube.com/watch?v=eHG1pWaez9w https://www.youtube.com/watch?v=efmvL235S-8 https://www.youtube.com/watch?v=ev0VXbiduuQ https://www.youtube.com/watch?v=fkESBVhIdIA @@ -138336,6 +140966,7 @@ https://yoroi.company/research/cve-advisory-full-disclosure-multiple-vulnerabili https://yoursecuritybores.me/coreftp-vulnerabilities/ https://youtu.be/-i2KtBgO3Kw https://youtu.be/3If-Fqwx-4s +https://youtu.be/5oVfJHT_-Ys https://youtu.be/7bh2BQOqxFo https://youtu.be/AMODp3iTnqY https://youtu.be/AeuGjMbAirU