From a8969e132322a214e7b78da5711159d6f891f0ab Mon Sep 17 00:00:00 2001 From: 0xMarcio Date: Wed, 14 Aug 2024 18:26:11 +0000 Subject: [PATCH] Update CVE sources 2024-08-14 18:26 --- 2006/CVE-2006-1568.md | 1 + 2012/CVE-2012-1823.md | 1 + 2017/CVE-2017-0144.md | 1 + 2017/CVE-2017-0199.md | 1 + 2017/CVE-2017-11882.md | 1 + 2017/CVE-2017-8570.md | 1 + 2017/CVE-2017-8759.md | 1 + 2018/CVE-2018-20250.md | 1 + 2018/CVE-2018-4878.md | 1 + 2018/CVE-2018-6389.md | 1 + 2019/CVE-2019-11358.md | 1 + 2019/CVE-2019-7580.md | 1 + 2019/CVE-2019-8943.md | 1 + 2020/CVE-2020-17049.md | 1 + 2021/CVE-2021-22204.md | 1 + 2021/CVE-2021-27928.md | 1 + 2021/CVE-2021-3493.md | 1 + 2021/CVE-2021-41773.md | 1 + 2021/CVE-2021-42287.md | 1 + 2022/CVE-2022-28347.md | 1 + 2022/CVE-2022-37967.md | 1 + 2022/CVE-2022-46689.md | 1 + 2022/CVE-2022-48429.md | 17 ++++++ 2023/CVE-2023-27163.md | 1 + 2023/CVE-2023-27372.md | 1 + 2023/CVE-2023-31341.md | 17 ++++++ 2023/CVE-2023-31606.md | 1 + 2023/CVE-2023-31634.md | 1 + 2023/CVE-2023-32784.md | 1 + 2023/CVE-2023-33592.md | 1 + 2023/CVE-2023-38646.md | 1 + 2023/CVE-2023-41974.md | 1 + 2024/CVE-2024-0169.md | 4 +- 2024/CVE-2024-1931.md | 1 + 2024/CVE-2024-20083.md | 17 ++++++ 2024/CVE-2024-21302.md | 14 ++++- 2024/CVE-2024-23705.md | 17 ++++++ 2024/CVE-2024-27198.md | 1 + 2024/CVE-2024-28986.md | 17 ++++++ 2024/CVE-2024-35124.md | 17 ++++++ 2024/CVE-2024-36136.md | 17 ++++++ 2024/CVE-2024-37287.md | 18 ++++++ 2024/CVE-2024-37373.md | 17 ++++++ 2024/CVE-2024-37399.md | 17 ++++++ 2024/CVE-2024-38063.md | 56 ++++++++++++++++++ 2024/CVE-2024-38202.md | 2 +- 2024/CVE-2024-38483.md | 17 ++++++ 2024/CVE-2024-38501.md | 65 +++++++++++++++++++++ 2024/CVE-2024-38502.md | 65 +++++++++++++++++++++ 2024/CVE-2024-38652.md | 17 ++++++ 2024/CVE-2024-38653.md | 17 ++++++ 2024/CVE-2024-3913.md | 20 +++++++ 2024/CVE-2024-39472.md | 17 ++++++ 2024/CVE-2024-41042.md | 17 ++++++ 2024/CVE-2024-41475.md | 17 ++++++ 2024/CVE-2024-41613.md | 17 ++++++ 2024/CVE-2024-41614.md | 17 ++++++ 2024/CVE-2024-41774.md | 17 ++++++ 2024/CVE-2024-41858.md | 17 ++++++ 2024/CVE-2024-41860.md | 17 ++++++ 2024/CVE-2024-41861.md | 17 ++++++ 2024/CVE-2024-41862.md | 17 ++++++ 2024/CVE-2024-41863.md | 17 ++++++ 2024/CVE-2024-41864.md | 17 ++++++ 2024/CVE-2024-42477.md | 3 +- 2024/CVE-2024-42478.md | 3 +- 2024/CVE-2024-42479.md | 3 +- 2024/CVE-2024-42480.md | 17 ++++++ 2024/CVE-2024-42489.md | 17 ++++++ 2024/CVE-2024-42520.md | 2 +- 2024/CVE-2024-42543.md | 17 ++++++ 2024/CVE-2024-42545.md | 17 ++++++ 2024/CVE-2024-42546.md | 17 ++++++ 2024/CVE-2024-42547.md | 17 ++++++ 2024/CVE-2024-42623.md | 17 ++++++ 2024/CVE-2024-42624.md | 17 ++++++ 2024/CVE-2024-42625.md | 17 ++++++ 2024/CVE-2024-42626.md | 17 ++++++ 2024/CVE-2024-42627.md | 17 ++++++ 2024/CVE-2024-42628.md | 17 ++++++ 2024/CVE-2024-42629.md | 17 ++++++ 2024/CVE-2024-42630.md | 17 ++++++ 2024/CVE-2024-42631.md | 17 ++++++ 2024/CVE-2024-42632.md | 17 ++++++ 2024/CVE-2024-42736.md | 17 ++++++ 2024/CVE-2024-42737.md | 17 ++++++ 2024/CVE-2024-42738.md | 17 ++++++ 2024/CVE-2024-42739.md | 17 ++++++ 2024/CVE-2024-42740.md | 17 ++++++ 2024/CVE-2024-42741.md | 17 ++++++ 2024/CVE-2024-42742.md | 17 ++++++ 2024/CVE-2024-42743.md | 17 ++++++ 2024/CVE-2024-42744.md | 17 ++++++ 2024/CVE-2024-42745.md | 17 ++++++ 2024/CVE-2024-42747.md | 17 ++++++ 2024/CVE-2024-42748.md | 17 ++++++ 2024/CVE-2024-43138.md | 17 ++++++ 2024/CVE-2024-43140.md | 17 ++++++ 2024/CVE-2024-43141.md | 17 ++++++ 2024/CVE-2024-43153.md | 17 ++++++ 2024/CVE-2024-43160.md | 17 ++++++ 2024/CVE-2024-43165.md | 17 ++++++ 2024/CVE-2024-4389.md | 17 ++++++ 2024/CVE-2024-5313.md | 17 ++++++ 2024/CVE-2024-5849.md | 65 +++++++++++++++++++++ 2024/CVE-2024-5893.md | 2 +- 2024/CVE-2024-5894.md | 2 +- 2024/CVE-2024-5895.md | 2 +- 2024/CVE-2024-6123.md | 17 ++++++ 2024/CVE-2024-6133.md | 2 +- 2024/CVE-2024-6134.md | 2 +- 2024/CVE-2024-6136.md | 2 +- 2024/CVE-2024-6532.md | 17 ++++++ 2024/CVE-2024-6823.md | 1 + 2024/CVE-2024-7092.md | 1 + 2024/CVE-2024-7094.md | 1 + 2024/CVE-2024-7247.md | 1 + 2024/CVE-2024-7339.md | 1 + 2024/CVE-2024-7388.md | 1 + 2024/CVE-2024-7588.md | 17 ++++++ 2024/CVE-2024-7728.md | 19 +++++++ 2024/CVE-2024-7729.md | 34 +++++++++++ 2024/CVE-2024-7731.md | 17 ++++++ 2024/CVE-2024-7732.md | 17 ++++++ github.txt | 126 +++++++++++++++++++++++++++++++++++++++++ references.txt | 39 +++++++++++++ 126 files changed, 1678 insertions(+), 15 deletions(-) create mode 100644 2022/CVE-2022-48429.md create mode 100644 2023/CVE-2023-31341.md create mode 100644 2024/CVE-2024-20083.md create mode 100644 2024/CVE-2024-23705.md create mode 100644 2024/CVE-2024-28986.md create mode 100644 2024/CVE-2024-35124.md create mode 100644 2024/CVE-2024-36136.md create mode 100644 2024/CVE-2024-37287.md create mode 100644 2024/CVE-2024-37373.md create mode 100644 2024/CVE-2024-37399.md create mode 100644 2024/CVE-2024-38063.md create mode 100644 2024/CVE-2024-38483.md create mode 100644 2024/CVE-2024-38501.md create mode 100644 2024/CVE-2024-38502.md create mode 100644 2024/CVE-2024-38652.md create mode 100644 2024/CVE-2024-38653.md create mode 100644 2024/CVE-2024-3913.md create mode 100644 2024/CVE-2024-39472.md create mode 100644 2024/CVE-2024-41042.md create mode 100644 2024/CVE-2024-41475.md create mode 100644 2024/CVE-2024-41613.md create mode 100644 2024/CVE-2024-41614.md create mode 100644 2024/CVE-2024-41774.md create mode 100644 2024/CVE-2024-41858.md create mode 100644 2024/CVE-2024-41860.md create mode 100644 2024/CVE-2024-41861.md create mode 100644 2024/CVE-2024-41862.md create mode 100644 2024/CVE-2024-41863.md create mode 100644 2024/CVE-2024-41864.md create mode 100644 2024/CVE-2024-42480.md create mode 100644 2024/CVE-2024-42489.md create mode 100644 2024/CVE-2024-42543.md create mode 100644 2024/CVE-2024-42545.md create mode 100644 2024/CVE-2024-42546.md create mode 100644 2024/CVE-2024-42547.md create mode 100644 2024/CVE-2024-42623.md create mode 100644 2024/CVE-2024-42624.md create mode 100644 2024/CVE-2024-42625.md create mode 100644 2024/CVE-2024-42626.md create mode 100644 2024/CVE-2024-42627.md create mode 100644 2024/CVE-2024-42628.md create mode 100644 2024/CVE-2024-42629.md create mode 100644 2024/CVE-2024-42630.md create mode 100644 2024/CVE-2024-42631.md create mode 100644 2024/CVE-2024-42632.md create mode 100644 2024/CVE-2024-42736.md create mode 100644 2024/CVE-2024-42737.md create mode 100644 2024/CVE-2024-42738.md create mode 100644 2024/CVE-2024-42739.md create mode 100644 2024/CVE-2024-42740.md create mode 100644 2024/CVE-2024-42741.md create mode 100644 2024/CVE-2024-42742.md create mode 100644 2024/CVE-2024-42743.md create mode 100644 2024/CVE-2024-42744.md create mode 100644 2024/CVE-2024-42745.md create mode 100644 2024/CVE-2024-42747.md create mode 100644 2024/CVE-2024-42748.md create mode 100644 2024/CVE-2024-43138.md create mode 100644 2024/CVE-2024-43140.md create mode 100644 2024/CVE-2024-43141.md create mode 100644 2024/CVE-2024-43153.md create mode 100644 2024/CVE-2024-43160.md create mode 100644 2024/CVE-2024-43165.md create mode 100644 2024/CVE-2024-4389.md create mode 100644 2024/CVE-2024-5313.md create mode 100644 2024/CVE-2024-5849.md create mode 100644 2024/CVE-2024-6123.md create mode 100644 2024/CVE-2024-6532.md create mode 100644 2024/CVE-2024-7588.md create mode 100644 2024/CVE-2024-7728.md create mode 100644 2024/CVE-2024-7729.md create mode 100644 2024/CVE-2024-7731.md create mode 100644 2024/CVE-2024-7732.md diff --git a/2006/CVE-2006-1568.md b/2006/CVE-2006-1568.md index c8842ecfbf..156d9396cf 100644 --- a/2006/CVE-2006-1568.md +++ b/2006/CVE-2006-1568.md @@ -11,6 +11,7 @@ Multiple cross-site scripting (XSS) vulnerabilities in register.php in RedCMS 0. #### Reference - http://evuln.com/vulns/115/summary.html +- http://securityreason.com/securityalert/708 #### Github No PoCs found on GitHub currently. diff --git a/2012/CVE-2012-1823.md b/2012/CVE-2012-1823.md index f60fb46e99..e9a8f188f4 100644 --- a/2012/CVE-2012-1823.md +++ b/2012/CVE-2012-1823.md @@ -13,6 +13,7 @@ sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured No PoCs from references. #### Github +- https://github.com/0xFatality/CVE-2012-1823 - https://github.com/0xl0k1/CVE-2012-1823 - https://github.com/0xsyr0/OSCP - https://github.com/1060275195/Covid-v2-Botnet diff --git a/2017/CVE-2017-0144.md b/2017/CVE-2017-0144.md index 351978427d..7b6b3730d4 100644 --- a/2017/CVE-2017-0144.md +++ b/2017/CVE-2017-0144.md @@ -19,6 +19,7 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 #### Github - https://github.com/0xAbbarhSF/Termux-Nation-2022-Alpha +- https://github.com/0xabdoulaye/CTFs-Journey - https://github.com/0xsyr0/OSCP - https://github.com/61106960/adPEAS - https://github.com/ARPSyndicate/cvemon diff --git a/2017/CVE-2017-0199.md b/2017/CVE-2017-0199.md index 7d97d44495..38a38e191f 100644 --- a/2017/CVE-2017-0199.md +++ b/2017/CVE-2017-0199.md @@ -64,6 +64,7 @@ Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, - https://github.com/Mal-lol-git/URL-Parser - https://github.com/Mehedi-Babu/pentest_tools_repo - https://github.com/Micr067/Pentest_Note +- https://github.com/Mr-hunt-007/CyberSecurity-Tools - https://github.com/Mrnmap/RedTeam - https://github.com/Nacromencer/cve2017-0199-in-python - https://github.com/NotAwful/CVE-2017-0199-Fix diff --git a/2017/CVE-2017-11882.md b/2017/CVE-2017-11882.md index 9cdd76e1ba..679e22ec6f 100644 --- a/2017/CVE-2017-11882.md +++ b/2017/CVE-2017-11882.md @@ -72,6 +72,7 @@ Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Micr - https://github.com/J-SinwooLee/Malware-Analysis-REMnux - https://github.com/JERRY123S/all-poc - https://github.com/Micr067/Pentest_Note +- https://github.com/Mr-hunt-007/CyberSecurity-Tools - https://github.com/Mrnmap/RedTeam - https://github.com/OlaleyeAyobami/Malware-Analysis-Lab - https://github.com/Ondrik8/RED-Team diff --git a/2017/CVE-2017-8570.md b/2017/CVE-2017-8570.md index 87e0694d58..78cd4d308e 100644 --- a/2017/CVE-2017-8570.md +++ b/2017/CVE-2017-8570.md @@ -46,6 +46,7 @@ Microsoft Office allows a remote code execution vulnerability due to the way tha - https://github.com/Loveforkeeps/Lemon-Duck - https://github.com/MaxSecurity/Office-CVE-2017-8570 - https://github.com/Mehmet065/MIS-311-Project +- https://github.com/Mr-hunt-007/CyberSecurity-Tools - https://github.com/Mrnmap/RedTeam - https://github.com/Ondrik8/RED-Team - https://github.com/Ondrik8/exploit diff --git a/2017/CVE-2017-8759.md b/2017/CVE-2017-8759.md index f8a7688264..5aa3df1e6a 100644 --- a/2017/CVE-2017-8759.md +++ b/2017/CVE-2017-8759.md @@ -46,6 +46,7 @@ Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow - https://github.com/JERRY123S/all-poc - https://github.com/JonasUliana/CVE-2017-8759 - https://github.com/Lz1y/CVE-2017-8759 +- https://github.com/Mr-hunt-007/CyberSecurity-Tools - https://github.com/Mrnmap/RedTeam - https://github.com/Ondrik8/RED-Team - https://github.com/Ostorlab/KEV diff --git a/2018/CVE-2018-20250.md b/2018/CVE-2018-20250.md index e98dfd0129..2e81802325 100644 --- a/2018/CVE-2018-20250.md +++ b/2018/CVE-2018-20250.md @@ -50,6 +50,7 @@ In WinRAR versions prior to and including 5.61, There is path traversal vulnerab - https://github.com/IversionBY/PenetratInfo - https://github.com/JERRY123S/all-poc - https://github.com/LamSonBinh/CVE-2018-20250 +- https://github.com/Mr-hunt-007/CyberSecurity-Tools - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/Mrnmap/RedTeam - https://github.com/Ondrik8/RED-Team diff --git a/2018/CVE-2018-4878.md b/2018/CVE-2018-4878.md index 31b152a360..7784377a85 100644 --- a/2018/CVE-2018-4878.md +++ b/2018/CVE-2018-4878.md @@ -54,6 +54,7 @@ A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0. - https://github.com/InQuest/yara-rules - https://github.com/JamesGrandoff/Tools - https://github.com/KathodeN/CVE-2018-4878 +- https://github.com/Mr-hunt-007/CyberSecurity-Tools - https://github.com/Mrnmap/RedTeam - https://github.com/Ondrik8/Links - https://github.com/Ondrik8/RED-Team diff --git a/2018/CVE-2018-6389.md b/2018/CVE-2018-6389.md index 86d7b8831a..2585cf7652 100644 --- a/2018/CVE-2018-6389.md +++ b/2018/CVE-2018-6389.md @@ -44,6 +44,7 @@ In WordPress through 4.9.2, unauthenticated attackers can cause a denial of serv - https://github.com/JavierOlmedo/wordpress-cve-2018-6389 - https://github.com/Jetserver/CVE-2018-6389-FIX - https://github.com/JulienGadanho/cve-2018-6389-php-patcher +- https://github.com/Mr-hunt-007/CyberSecurity-Tools - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/Neelakandan-A/BugBounty_CheatSheet - https://github.com/Prabirrimi/Awesome-Bugbounty-Writeups diff --git a/2019/CVE-2019-11358.md b/2019/CVE-2019-11358.md index fabb1494a9..eb3f2370d6 100644 --- a/2019/CVE-2019-11358.md +++ b/2019/CVE-2019-11358.md @@ -1293,6 +1293,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/Jack-Corso/22187-CENTERSTAGE - https://github.com/Jack-Justus/SMES_FTC_2022-2023 - https://github.com/JackJones7/S7-FTC-Centerstage +- https://github.com/JacobTaira/OLD_21438_CenterStage_Repo - https://github.com/JacobeZhang/FTC2021FF - https://github.com/JacobeZhang/FTCTinkering - https://github.com/JacobeZhang/HCLS-FTC-Summer diff --git a/2019/CVE-2019-7580.md b/2019/CVE-2019-7580.md index fc0221dff3..6f63d1d4c5 100644 --- a/2019/CVE-2019-7580.md +++ b/2019/CVE-2019-7580.md @@ -21,6 +21,7 @@ ThinkCMF 5.0.190111 allows remote attackers to execute arbitrary PHP code via th - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks - https://github.com/Shenkongyin/CUC-2023 +- https://github.com/Smoothss/CUC-2023 - https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC diff --git a/2019/CVE-2019-8943.md b/2019/CVE-2019-8943.md index 5aded131f9..4e19948634 100644 --- a/2019/CVE-2019-8943.md +++ b/2019/CVE-2019-8943.md @@ -18,6 +18,7 @@ WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An attacker (w #### Github - https://github.com/0xMafty/Blog - https://github.com/0xT11/CVE-POC +- https://github.com/0xabdoulaye/CTFs-Journey - https://github.com/ARPSyndicate/cvemon - https://github.com/Afetter618/WordPress-PenTest - https://github.com/Cl0wnK1n9/WhiteHat diff --git a/2020/CVE-2020-17049.md b/2020/CVE-2020-17049.md index a935ae6fa5..81798590db 100644 --- a/2020/CVE-2020-17049.md +++ b/2020/CVE-2020-17049.md @@ -60,6 +60,7 @@ No PoCs from references. - https://github.com/hackeremmen/Active-Directory-Kill-Chain-Attack-Defense- - https://github.com/iamramahibrah/AD-Attacks-and-Defend - https://github.com/infosecn1nja/AD-Attack-Defense +- https://github.com/joker200-0/Rubeus - https://github.com/kas0n/RedTeam-Articles - https://github.com/mandradets/Maritest2 - https://github.com/merlinepedra/RUBEUS diff --git a/2021/CVE-2021-22204.md b/2021/CVE-2021-22204.md index 9ad99a4dd9..8397f1a77b 100644 --- a/2021/CVE-2021-22204.md +++ b/2021/CVE-2021-22204.md @@ -35,6 +35,7 @@ Improper neutralization of user data in the DjVu file format in ExifTool version - https://github.com/Lazykakarot1/Learn-365 - https://github.com/Ly0nt4r/OSCP - https://github.com/NaInSec/CVE-PoC-in-GitHub +- https://github.com/OneSecCyber/JPEG_RCE - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/PenTestical/CVE-2021-22204 diff --git a/2021/CVE-2021-27928.md b/2021/CVE-2021-27928.md index 7e495ea33a..06b6dc491e 100644 --- a/2021/CVE-2021-27928.md +++ b/2021/CVE-2021-27928.md @@ -31,6 +31,7 @@ A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37, 10. - https://github.com/SenukDias/OSCP_cheat - https://github.com/Shenkongyin/CUC-2023 - https://github.com/SirElmard/ethical_hacking +- https://github.com/Smoothss/CUC-2023 - https://github.com/WhooAmii/POC_to_review - https://github.com/anquanscan/sec-tools - https://github.com/e-hakson/OSCP diff --git a/2021/CVE-2021-3493.md b/2021/CVE-2021-3493.md index f6808a31ac..2eec88d392 100644 --- a/2021/CVE-2021-3493.md +++ b/2021/CVE-2021-3493.md @@ -20,6 +20,7 @@ The overlayfs implementation in the linux kernel did not properly validate with - https://github.com/0xMarcio/cve - https://github.com/0xMat10/eJPT_Prep - https://github.com/0xWhoami35/root-kernel +- https://github.com/0xabdoulaye/CTFs-Journey - https://github.com/0xsyr0/OSCP - https://github.com/20142995/sectool - https://github.com/ARPSyndicate/cvemon diff --git a/2021/CVE-2021-41773.md b/2021/CVE-2021-41773.md index 6971550a64..bffb4fb4fa 100644 --- a/2021/CVE-2021-41773.md +++ b/2021/CVE-2021-41773.md @@ -27,6 +27,7 @@ A flaw was found in a change made to path normalization in Apache HTTP Server 2. - https://github.com/0xRar/CVE-2021-41773 - https://github.com/0xStrygwyr/OSCP-Guide - https://github.com/0xZipp0/OSCP +- https://github.com/0xabdoulaye/CTFs-Journey - https://github.com/0xsyr0/OSCP - https://github.com/12345qwert123456/CVE-2021-41773 - https://github.com/189569400/Meppo diff --git a/2021/CVE-2021-42287.md b/2021/CVE-2021-42287.md index dfeaf03a58..6a9d4cbd39 100644 --- a/2021/CVE-2021-42287.md +++ b/2021/CVE-2021-42287.md @@ -120,6 +120,7 @@ No PoCs from references. - https://github.com/infosecn1nja/AD-Attack-Defense - https://github.com/jbmihoub/all-poc - https://github.com/jenriquezv/OSCP-Cheat-Sheets-AD +- https://github.com/joker200-0/Rubeus - https://github.com/k8gege/Ladon - https://github.com/kgwanjala/oscp-cheatsheet - https://github.com/knightswd/NoPacScan diff --git a/2022/CVE-2022-28347.md b/2022/CVE-2022-28347.md index abc245e22b..b256d34414 100644 --- a/2022/CVE-2022-28347.md +++ b/2022/CVE-2022-28347.md @@ -15,6 +15,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/Shenkongyin/CUC-2023 +- https://github.com/Smoothss/CUC-2023 - https://github.com/SurfRid3r/Django_vulnerability_analysis - https://github.com/kudoas/sql-injection-sandbox diff --git a/2022/CVE-2022-37967.md b/2022/CVE-2022-37967.md index 323b368ac5..fbbbdc58b9 100644 --- a/2022/CVE-2022-37967.md +++ b/2022/CVE-2022-37967.md @@ -40,6 +40,7 @@ No PoCs from references. - https://github.com/Pascal-0x90/Rubeus - https://github.com/RkDx/MyRuby - https://github.com/Strokekilla/Rubeus +- https://github.com/joker200-0/Rubeus - https://github.com/qobil7681/Password-cracker - https://github.com/santan2020/ck2 - https://github.com/syedrizvinet/lib-repos-Rubeus diff --git a/2022/CVE-2022-46689.md b/2022/CVE-2022-46689.md index d9732562a6..d053589183 100644 --- a/2022/CVE-2022-46689.md +++ b/2022/CVE-2022-46689.md @@ -40,6 +40,7 @@ A race condition was addressed with additional validation. This issue is fixed i - https://github.com/Hiimsonkul/Hiimsonkul - https://github.com/Ingan121/FSUntether - https://github.com/Kry9toN/WDBFontOverwrite +- https://github.com/Lrdsnow/PureKFD - https://github.com/ManoChina/Cowabunga - https://github.com/ManoChina/MacDirtyCowDemo - https://github.com/PureKFD/PureKFD diff --git a/2022/CVE-2022-48429.md b/2022/CVE-2022-48429.md new file mode 100644 index 0000000000..18a0f61d7e --- /dev/null +++ b/2022/CVE-2022-48429.md @@ -0,0 +1,17 @@ +### [CVE-2022-48429](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48429) +![](https://img.shields.io/static/v1?label=Product&message=Hub&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=0%3C%202022.3.15573%2C%202022.2.15572%2C%202022.1.15583%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79&color=brighgreen) + +### Description + +In JetBrains Hub before 2022.3.15573, 2022.2.15572, 2022.1.15583 reflected XSS in dashboards was possible + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/echo-devim/CVE-2022-48429_poc + diff --git a/2023/CVE-2023-27163.md b/2023/CVE-2023-27163.md index 15310e842e..788b957702 100644 --- a/2023/CVE-2023-27163.md +++ b/2023/CVE-2023-27163.md @@ -16,6 +16,7 @@ request-baskets up to v1.2.1 was discovered to contain a Server-Side Request For #### Github - https://github.com/0xFTW/CVE-2023-27163 +- https://github.com/0xabdoulaye/CTFs-Journey - https://github.com/Aledangelo/Sau_Writeup - https://github.com/Hamibubu/CVE-2023-27163 - https://github.com/HusenjanDev/CVE-2023-27163-AND-Mailtrail-v0.53 diff --git a/2023/CVE-2023-27372.md b/2023/CVE-2023-27372.md index d01a0c74c3..5d93eea67c 100644 --- a/2023/CVE-2023-27372.md +++ b/2023/CVE-2023-27372.md @@ -17,6 +17,7 @@ SPIP before 4.2.1 allows Remote Code Execution via form values in the public are - https://github.com/0SPwn/CVE-2023-27372-PoC - https://github.com/ARPSyndicate/cvemon - https://github.com/Chocapikk/CVE-2023-27372 +- https://github.com/Jhonsonwannaa/CVE-2023-27372 - https://github.com/Pari-Malam/CVE-2023-27372 - https://github.com/RSTG0D/CVE-2023-27372-PoC - https://github.com/ThatNotEasy/CVE-2023-27372 diff --git a/2023/CVE-2023-31341.md b/2023/CVE-2023-31341.md new file mode 100644 index 0000000000..d64cfdf59c --- /dev/null +++ b/2023/CVE-2023-31341.md @@ -0,0 +1,17 @@ +### [CVE-2023-31341](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31341) +![](https://img.shields.io/static/v1?label=Product&message=%CE%BCProf%20Tool&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%CE%BCProf%20Tool%3C%203.4.494%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-284%20Improper%20Access%20Control&color=brighgreen) + +### Description + +Insufficientvalidation of the Input Output Control (IOCTL) input buffer in AMD μProf mayallow an authenticated attacker to cause an out-of-bounds write, potentiallycausing a Windows® OS crash, resulting in denial of service. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/5angjun/5angjun + diff --git a/2023/CVE-2023-31606.md b/2023/CVE-2023-31606.md index 63693af6ba..299edfa54c 100644 --- a/2023/CVE-2023-31606.md +++ b/2023/CVE-2023-31606.md @@ -14,5 +14,6 @@ No PoCs from references. #### Github - https://github.com/e23e/CVE-2023-31606 +- https://github.com/merbinr/CVE-2023-31606 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2023/CVE-2023-31634.md b/2023/CVE-2023-31634.md index 74dbfb1aee..290831bd19 100644 --- a/2023/CVE-2023-31634.md +++ b/2023/CVE-2023-31634.md @@ -14,5 +14,6 @@ In TeslaMate before 1.27.2, there is unauthorized access to port 4000 for remote #### Github - https://github.com/XC9409/CVE-2023-31634 +- https://github.com/iSee857/CVE-2023-31634 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2023/CVE-2023-32784.md b/2023/CVE-2023-32784.md index 9be05613b1..52aeb62229 100644 --- a/2023/CVE-2023-32784.md +++ b/2023/CVE-2023-32784.md @@ -16,6 +16,7 @@ In KeePass 2.x before 2.54, it is possible to recover the cleartext master passw #### Github - https://github.com/0xFFD700/Neuland-CTF-2023 +- https://github.com/0xabdoulaye/CTFs-Journey - https://github.com/1ocho3/NCL_V - https://github.com/3mpir3Albert/HTB_Keeper - https://github.com/4m4Sec/CVE-2023-32784 diff --git a/2023/CVE-2023-33592.md b/2023/CVE-2023-33592.md index 0f5523ae91..2590191448 100644 --- a/2023/CVE-2023-33592.md +++ b/2023/CVE-2023-33592.md @@ -15,6 +15,7 @@ Lost and Found Information System v1.0 was discovered to contain a SQL injection #### Github - https://github.com/0XRedRose/CVE-2023-33592 - https://github.com/Acous7icwav3/CVE-2023-33592 +- https://github.com/ChineseOldboy/CVE-2023-33592 - https://github.com/FuckingHack3r/CVE-2023-33592 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2023/CVE-2023-38646.md b/2023/CVE-2023-38646.md index 3a2c769f29..52ea0f5e8f 100644 --- a/2023/CVE-2023-38646.md +++ b/2023/CVE-2023-38646.md @@ -15,6 +15,7 @@ Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 all #### Github - https://github.com/0utl4nder/Another-Metabase-RCE-CVE-2023-38646 +- https://github.com/0xabdoulaye/CTFs-Journey - https://github.com/0xrobiul/CVE-2023-38646 - https://github.com/20142995/sectool - https://github.com/Anekant-Singhai/Exploits diff --git a/2023/CVE-2023-41974.md b/2023/CVE-2023-41974.md index 1de86acc25..512b7c04f9 100644 --- a/2023/CVE-2023-41974.md +++ b/2023/CVE-2023-41974.md @@ -13,6 +13,7 @@ A use-after-free issue was addressed with improved memory management. This issue No PoCs from references. #### Github +- https://github.com/Lrdsnow/PureKFD - https://github.com/PureKFD/PureKFD - https://github.com/Spoou/123 - https://github.com/felix-pb/kfd diff --git a/2024/CVE-2024-0169.md b/2024/CVE-2024-0169.md index 1dd2dec28d..f5a76e8414 100644 --- a/2024/CVE-2024-0169.md +++ b/2024/CVE-2024-0169.md @@ -1,11 +1,11 @@ ### [CVE-2024-0169](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0169) ![](https://img.shields.io/static/v1?label=Product&message=Unity&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=0%3C%205.4%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%3A%20Improper%20Input%20Validation&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%3A%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen) ### Description -Dell Unity, versions prior to 5.4, contains a cross-site scripting (XSS) vulnerability. An authenticated attacker could potentially exploit this vulnerability, leading users to download and execute malicious software crafted by this product's feature to compromise their systems. +Dell Unity, version(s) 5.3 and prior, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure. ### POC diff --git a/2024/CVE-2024-1931.md b/2024/CVE-2024-1931.md index 68d64e33a1..cf3721e527 100644 --- a/2024/CVE-2024-1931.md +++ b/2024/CVE-2024-1931.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/fkie-cad/nvd-json-data-feeds +- https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2024/CVE-2024-20083.md b/2024/CVE-2024-20083.md new file mode 100644 index 0000000000..6bb1334a14 --- /dev/null +++ b/2024/CVE-2024-20083.md @@ -0,0 +1,17 @@ +### [CVE-2024-20083](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20083) +![](https://img.shields.io/static/v1?label=Product&message=MT6765%2C%20MT6768%2C%20MT6779%2C%20MT6785%2C%20MT8321%2C%20MT8385%2C%20MT8666%2C%20MT8667%2C%20MT8755%2C%20MT8765%2C%20MT8766%2C%20MT8768%2C%20MT8771%2C%20MT8775%2C%20MT8781%2C%20MT8786%2C%20MT8788%2C%20MT8789%2C%20MT8791T%2C%20MT8792%2C%20MT8795T%2C%20MT8796%2C%20MT8797%2C%20MT8798&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20Android%2012.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-787%20Out-of-bounds%20Write&color=brighgreen) + +### Description + +In venc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08810810 / ALPS08805789; Issue ID: MSV-1502. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Resery/Resery + diff --git a/2024/CVE-2024-21302.md b/2024/CVE-2024-21302.md index 6604e3d780..46de991f87 100644 --- a/2024/CVE-2024-21302.md +++ b/2024/CVE-2024-21302.md @@ -15,12 +15,22 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202022%2C%2023H2%20Edition%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202022&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=%3D%20N%2FA%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.10240.20710%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.14393.7259%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.17763.6189%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.19044.4780%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.19045.4780%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.2655%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.3147%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.4037%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22631.4037%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.25398.1085%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.26100.1457%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-284%3A%20Improper%20Access%20Control&color=brighgreen) ### Description -Summary:Microsoft was notified that an elevation of privilege vulnerability exists in Windows based systems supporting Virtualization Based Security (VBS) including a subset of Azure Virtual Machine SKUS; enabling an attacker with administrator privileges to replace current versions of Windows system files with outdated versions. By exploiting this vulnerability, an attacker could reintroduce previously mitigated vulnerabilities, circumvent some features of VBS, and exfiltrate data protected by VBS. For more information on Windows versions and VM SKUs supporting VBS, reference: Virtualization-based Security (VBS) | Microsoft Learn..Microsoft is developing a security update to mitigate this vulnerability, but it is not yet available. Guidance to help customers reduce the risks associated with this vulnerability and to protect their systems until the mitigation is available in a Windows security update is provided in the Recommended Actions section of this CVE.This CVE will be updated when the mitigation is available in a Windows security update. We highly encourage customers to subscribe to Security Update Guide notifications to receive an alert when this update occurs.Details:A security researcher informed Microsoft of an elevation of privilege vulnerability in Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, Windows Server 2022 , and a subset of Azure Virtual Machines (VM) SKUs with a Windows based guestOS supporting VBS.The vulnerability enables an attacker with administrator privileges on the target system to replace current Windows system files with outdated versions. Successful exploitation provides an attacker with the ability to reintroduce previously mitigated vulnerabilities, circumvent VBS security features, and exfiltrate data protected by VBS.Microsoft is developing a security update that will revoke outdated, unpatched VBS system files to mitigate this vulnerability, but it is not yet available. Due to the complexity of blocking such a large quantity of files, rigorous testing is required to avoid integration failures or regressions. This CVE will be updated with new information and links to the security updates once available. We highly encourage customers subscribe to Security Update Guide notifications to be alerted of updates. See Microsoft Technical Security Notifications and Security Update Guide Notification System News: Create your profile now – Microsoft Security Response Center.Microsoft is not aware of any attempts to exploit this vulnerability. However, a public presentation regarding this vulnerability was hosted at BlackHat on August 07th, 2024. The presentation was appropriately coordinated with Microsoft but may change the threat landscape. Customers concerned with these risks should reference the guidance provided in the Recommended Actions section of this CVE to protect their systems.Recommended Actions:The following recommendations do not mitigate the vulnerability but can be used to reduce the risk of exploitation until the security update is available.Configure “Audit Object Access” settings to monitor attempts to access files, such as handle creation, read / write operations, or modifications to security descriptors.Audit File System - Windows 10 | Microsoft LearnApply a basic audit policy on a file or folder - Windows 10 | Microsoft LearnAuditing sensitive privileges used to identify access, modification, or replacement of VBS related files could help indicacte attempts to exploit this vulnerability.Audit Sensitive Privilege Use - Windows 10 | Microsoft LearnProtect your Azure tenant by investigating administrators and users flagged for risky sign-ins and rotating their credentials.Investigate risk Microsoft Entra ID Protection - Microsoft Entra ID Protection | Microsoft LearnEnabling Multi-Factor Authentication can also help alleviate concerns about compromised accounts or exposure.Enforce multifactor... +Summary:Microsoft was notified that an elevation of privilege vulnerability exists in Windows based systems supporting Virtualization Based Security (VBS), including a subset of Azure Virtual Machine SKUS. This vulnerability enables an attacker with administrator privileges to replace current versions of Windows system files with outdated versions. By exploiting this vulnerability, an attacker could reintroduce previously mitigated vulnerabilities, circumvent some features of VBS, and exfiltrate data protected by VBS.Microsoft is developing a security update to mitigate this threat, but it is not yet available. Guidance to help customers reduce the risks associated with this vulnerability and to protect their systems until the mitigation is available in a Windows security update is provided in the Recommended Actions section of this CVE.This CVE will be updated when the mitigation is available in a Windows security update. We highly encourage customers to subscribe to Security Update Guide notifications to receive an alert when this update occurs.Update: August 13, 2024Microsoft has released the August 2024 security updates that include an opt-in revocation policy mitigation to address this vulnerability. Customers running affected versions of Windows are encouraged to review KB5042562: Guidance for blocking rollback of virtualization-based security related updates to assess if this opt-in policy meets the needs of their environment before implementing this mitigation. There are risks associated with this mitigation that should be understood prior to applying it to your systems. Detailed information about these risks is also available in KB5042562.Details:A security researcher informed Microsoft of an elevation of privilege vulnerability in Windows 10, Windows 11, Windows Server 2016, and higher based systems including Azure Virtual Machines (VM) that support VBS. For more information on Windows versions and VM SKUs supporting VBS, reference: Virtualization-based Security (VBS) | Microsoft Learn.The vulnerability enables an attacker with administrator privileges on the target system to replace current Windows system files with outdated versions. Successful exploitation provides an attacker with the ability to reintroduce previously mitigated vulnerabilities, circumvent VBS security features, and exfiltrate data protected by VBS.Microsoft is developing a security update that will revoke outdated, unpatched VBS system files to mitigate this vulnerability, but it is not yet available. Due to the complexity of blocking such a large quantity of files, rigorous testing is required to avoid integration failures or regressions. This CVE will be updated with new information and links to the security updates once available. For more information see Microsoft Technical Security Notifications and Security Update Guide Notification System News: Create your profile now – Microsoft Security Response CenterMicrosoft is not aware of any attempts to exploit this vulnerability. However, a public presentation regarding this vulnerability was hosted at BlackHat on August 7, 2024. The presentation was appropriately coordinated with Microsoft but may change the threat landscape. Customers concerned with these risks should reference the guidance provided in the Recommended Actions section to protect their systems.Recommended Actions:Microsoft has released an opt-in mitigation available as an interim solution to help protect customers concerned about this vulnerability until the final mitigation is available in a security update.For Windows 10 1809 and later, Windows 11 version 21H2 and later, and Windows Server 2019 and later, administrators can deploy a Microsoft-signed revocation policy (SkuSiPolicy.p7b) to block vulnerable, unpatched versions of VBS system files from being loaded by the operating system. For more information, refer to KB5042562: Guidance for blocking rollback of virtualization-based security related... ### POC diff --git a/2024/CVE-2024-23705.md b/2024/CVE-2024-23705.md new file mode 100644 index 0000000000..3c39546c49 --- /dev/null +++ b/2024/CVE-2024-23705.md @@ -0,0 +1,17 @@ +### [CVE-2024-23705](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23705) +![](https://img.shields.io/static/v1?label=Product&message=Android&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%2014%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20privilege&color=brighgreen) + +### Description + +In multiple locations, there is a possible failure to persist or enforce user restrictions due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/nomi-sec/PoC-in-GitHub + diff --git a/2024/CVE-2024-27198.md b/2024/CVE-2024-27198.md index 1fcd492a04..7266ef75b6 100644 --- a/2024/CVE-2024-27198.md +++ b/2024/CVE-2024-27198.md @@ -26,6 +26,7 @@ No PoCs from references. - https://github.com/Stuub/RCity-CVE-2024-27198 - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/CVE +- https://github.com/TrojanAZhen/Self_Back - https://github.com/W01fh4cker/CVE-2024-27198-RCE - https://github.com/ZonghaoLi777/githubTrending - https://github.com/aneasystone/github-trending diff --git a/2024/CVE-2024-28986.md b/2024/CVE-2024-28986.md new file mode 100644 index 0000000000..7ca6aae5aa --- /dev/null +++ b/2024/CVE-2024-28986.md @@ -0,0 +1,17 @@ +### [CVE-2024-28986](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28986) +![](https://img.shields.io/static/v1?label=Product&message=Web%20Help%20Desk&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%20Deserialization%20of%20Untrusted%20Data&color=brighgreen) + +### Description + +SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. While it was reported as an unauthenticated vulnerability, SolarWinds has been unable to reproduce it without authentication after thorough testing.  However, out of an abundance of caution, we recommend all Web Help Desk customers apply the patch, which is now available. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-35124.md b/2024/CVE-2024-35124.md new file mode 100644 index 0000000000..0a91ecf868 --- /dev/null +++ b/2024/CVE-2024-35124.md @@ -0,0 +1,17 @@ +### [CVE-2024-35124](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35124) +![](https://img.shields.io/static/v1?label=Product&message=OpenBMC&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=FW1050.00%3C%3D%20FW1050.10%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-288&color=brighgreen) + +### Description + +A vulnerability in the combination of the OpenBMC's FW1050.00 through FW1050.10, FW1030.00 through FW1030.50, and FW1020.00 through FW1020.60 default password and session management allow an attacker to gain administrative access to the BMC. IBM X-Force ID: 290674. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-36136.md b/2024/CVE-2024-36136.md new file mode 100644 index 0000000000..b11a649d46 --- /dev/null +++ b/2024/CVE-2024-36136.md @@ -0,0 +1,17 @@ +### [CVE-2024-36136](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36136) +![](https://img.shields.io/static/v1?label=Product&message=Avalanche&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=6.4.4%3C%206.4.4%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An off-by-one error in WLInfoRailService in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to crash the service, resulting in a DoS. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-37287.md b/2024/CVE-2024-37287.md new file mode 100644 index 0000000000..796eadfc1c --- /dev/null +++ b/2024/CVE-2024-37287.md @@ -0,0 +1,18 @@ +### [CVE-2024-37287](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37287) +![](https://img.shields.io/static/v1?label=Product&message=Kibana&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=7.7.0%2C%208.0.0%3C%207.17.23%2C%208.14.2%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-94%20Improper%20Control%20of%20Generation%20of%20Code%20('Code%20Injection')&color=brighgreen) + +### Description + +A flaw allowing arbitrary code execution was discovered in Kibana. An attacker with access to ML and Alerting connector features, as well as write access to internal ML indices can trigger a prototype pollution vulnerability, ultimately leading to arbitrary code execution. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds +- https://github.com/tanjiti/sec_profile + diff --git a/2024/CVE-2024-37373.md b/2024/CVE-2024-37373.md new file mode 100644 index 0000000000..cc21c5a187 --- /dev/null +++ b/2024/CVE-2024-37373.md @@ -0,0 +1,17 @@ +### [CVE-2024-37373](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37373) +![](https://img.shields.io/static/v1?label=Product&message=Avalanche&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=6.4.4%3C%206.4.4%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Improper input validation in the Central Filestore in Ivanti Avalanche 6.3.1 allows a remote authenticated attacker with admin rights to achieve RCE. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-37399.md b/2024/CVE-2024-37399.md new file mode 100644 index 0000000000..71cdb307f4 --- /dev/null +++ b/2024/CVE-2024-37399.md @@ -0,0 +1,17 @@ +### [CVE-2024-37399](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37399) +![](https://img.shields.io/static/v1?label=Product&message=Avalanche&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=6.4.4%3C%206.4.4%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A NULL pointer dereference in WLAvalancheService in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to crash the service, resulting in a DoS. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-38063.md b/2024/CVE-2024-38063.md new file mode 100644 index 0000000000..89fb5c988d --- /dev/null +++ b/2024/CVE-2024-38063.md @@ -0,0 +1,56 @@ +### [CVE-2024-38063](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38063) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2021H2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2022H2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20Version%2023H2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20Version%2024H2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H3&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202022%2C%2023H2%20Edition%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202022&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.10240.20751%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.14393.7259%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.17763.6189%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.19044.4780%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.19045.4780%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.2655%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.3147%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.4037%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22631.4037%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.25398.1085%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.26100.1457%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22825%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.27277%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.27277%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.25031%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.22134%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-191%3A%20Integer%20Underflow%20(Wrap%20or%20Wraparound)&color=brighgreen) + +### Description + +Windows TCP/IP Remote Code Execution Vulnerability + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/kherrick/hacker-news + diff --git a/2024/CVE-2024-38202.md b/2024/CVE-2024-38202.md index 4fbc5d2766..81feef433c 100644 --- a/2024/CVE-2024-38202.md +++ b/2024/CVE-2024-38202.md @@ -18,7 +18,7 @@ ### Description -SummaryMicrosoft was notified that an elevation of privilege vulnerability exists in Windows Backup, potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of Virtualization Based Security (VBS). However, an attacker attempting to exploit this vulnerability requires additional interaction by a privileged user to be successful.Microsoft is developing a security update to mitigate this threat, but it is not yet available. Guidance to help customers reduce the risks associated with this vulnerability and to protect their systems until the mitigation is available in a Windows security update is provided in the Recommended Actions section of this CVE.This CVE will be updated, and customers will be notified when the official mitigation is available in a Windows security update. We highly encourage customers to subscribe to Security Update Guide notifications to receive an alert when this update occurs.DetailsA security researcher informed Microsoft of an elevation of privilege vulnerability in Windows Backup potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of VBS. For exploitation to succeed, an attacker must trick or convince an Administrator or a user with delegated permissions into performing a system restore which inadvertently triggers the vulnerability.Microsoft is developing a security update that will mitigate this vulnerability, but it is not yet available. This CVE will be updated with new information and links to the security updates once available. We highly encourage customers subscribe to Security Update Guide notifications to be alerted of updates. See Microsoft Technical Security Notifications and Security Update Guide Notification System News: Create your profile now – Microsoft Security Response Center.Microsoft is not aware of any attempts to exploit this vulnerability. However, a public presentation regarding this vulnerability was hosted at BlackHat on August 7, 2024. The presentation was appropriately coordinated with Microsoft but may change the threat landscape. Customers concerned with these risks should reference the guidance provided in the Recommended Actions section to protect their systems.Recommended ActionsThe following recommendations do not mitigate the vulnerability but can be used to reduce the risk of exploitation until the security update is available.Configure “Audit Object Access” settings to monitor attempts to access files, such as handle creation, read / write operations, or modifications to security descriptors.Audit File System - Windows 10 | Microsoft LearnApply a basic audit policy on a file or folder - Windows 10 | Microsoft LearnAudit users with permission to perform Backup and Restore operations to ensure only the appropriate users can perform these operations.Audit: Audit the use of Backup and Restore privilege (Windows 10) - Windows 10 | Microsoft LearnImplement an Access Control List or Discretionary Access Control Lists to restrict the access or modification of Backup files and perform Restore operations to appropriate users, for example administrators only.Access Control overview | Microsoft LearnDiscretionary Access Control Lists (DACL)Auditing sensitive privileges used to identify access, modification, or replacement of Backup related files could help indicate attempts to exploit this vulnerability.Audit Sensitive Privilege Use - Windows 10 | Microsoft Learn +SummaryMicrosoft was notified that an elevation of privilege vulnerability exists in Windows Update, potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of Virtualization Based Security (VBS). However, an attacker attempting to exploit this vulnerability requires additional interaction by a privileged user to be successful.Microsoft is developing a security update to mitigate this threat, but it is not yet available. Guidance to help customers reduce the risks associated with this vulnerability and to protect their systems until the mitigation is available in a Windows security update is provided in the Recommended Actions section of this CVE.This CVE will be updated, and customers will be notified when the official mitigation is available in a Windows security update. We highly encourage customers to subscribe to Security Update Guide notifications to receive an alert when this update occurs.DetailsA security researcher informed Microsoft of an elevation of privilege vulnerability in Windows Update potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of VBS. For exploitation to succeed, an attacker must trick or convince an Administrator or a user with delegated permissions into performing a system restore which inadvertently triggers the vulnerability.Microsoft is developing a security update that will mitigate this vulnerability, but it is not yet available. This CVE will be updated with new information and links to the security updates once available. We highly encourage customers subscribe to Security Update Guide notifications to be alerted of updates. See Microsoft Technical Security Notifications and Security Update Guide Notification System News: Create your profile now – Microsoft Security Response Center.Microsoft is not aware of any attempts to exploit this vulnerability. However, a public presentation regarding this vulnerability was hosted at BlackHat on August 7, 2024. The presentation was appropriately coordinated with Microsoft but may change the threat landscape. Customers concerned with these risks should reference the guidance provided in the Recommended Actions section to protect their systems.Recommended ActionsThe following recommendations do not mitigate the vulnerability but can be used to reduce the risk of exploitation until the security update is available.Configure “Audit Object Access” settings to monitor attempts to access files, such as handle creation, read / write operations, or modifications to security descriptors.Audit File System - Windows 10 | Microsoft LearnApply a basic audit policy on a file or folder - Windows 10 | Microsoft LearnAudit users with permission to perform Update and Restore operations to ensure only the appropriate users can perform these operations.Audit: Audit the use of Backup and Restore privilege (Windows 10) - Windows 10 | Microsoft LearnImplement an Access Control List or Discretionary Access Control Lists to restrict the access or modification of Update files and perform Restore operations to appropriate users, for example administrators only.Access Control overview | Microsoft LearnDiscretionary Access Control Lists (DACL)Auditing sensitive privileges used to identify access, modification, or replacement of Update related files could help indicate attempts to exploit this vulnerability.Audit Sensitive Privilege Use - Windows 10 | Microsoft Learn ### POC diff --git a/2024/CVE-2024-38483.md b/2024/CVE-2024-38483.md new file mode 100644 index 0000000000..8040da3b1d --- /dev/null +++ b/2024/CVE-2024-38483.md @@ -0,0 +1,17 @@ +### [CVE-2024-38483](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38483) +![](https://img.shields.io/static/v1?label=Product&message=Dell%20Client%20Platform%20BIOS&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=N%2FA%3C%201.35.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%3A%20Improper%20Input%20Validation&color=brighgreen) + +### Description + +Dell BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-38501.md b/2024/CVE-2024-38501.md new file mode 100644 index 0000000000..83e1dda8a5 --- /dev/null +++ b/2024/CVE-2024-38501.md @@ -0,0 +1,65 @@ +### [CVE-2024-38501](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38501) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN-2DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN-2ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN-4DB9%2F2RJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN-DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN-DB9%2FRJ45-PM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN-ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN1-2DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN1-2ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN1-4DB9%2F2RJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN1-DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN1-DB9%2FRJ45-PM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN1-ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FMOD-16RJ45%2F2RJ45-PM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FMOD-2DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FMOD-2ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FMOD-4DB9%2F2RJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FMOD-DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FMOD-DB9%2FRJ45-PM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FMOD-ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN-2DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN-2ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN-4DB9%2F2RJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN-DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN-DB9%2FRJ45-PM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN-ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN1-2DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN1-2ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN1-4DB9%2F2RJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN1-DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN1-DB9%2FRJ45-PM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN1-ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-16DB9%2FRJ45-RM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-16RJ45%2F2RJ45-PM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-16RJ45%2FRJ45-RM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-2DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-2ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-32RJ45%2FRJ45-RM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-4DB9%2F2RJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-4DB9%2F2RJ45-PM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-8DB9%2F2RJ45-PM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-DB9%2FRJ45-PM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-DB9%2FRJ45-PM2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=EIP%2FModbus%3C%3D%20v1.08%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=EtherNet%2FIP%3C%3D%20v7.22%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=Modbus%20Router%3C%3D%20v7.09%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=PROFINET%2FModbus%3C%3D%20v1.0.7%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=PROFINET%3C%3D%20v3.4.9%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=SocketServer%3C%3D%2011.65%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen) + +### Description + +An unauthenticated remote attacker may use a HTML injection vulnerability with limited length to inject malicious HTML code and gain low-privileged access on the affected device. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-38502.md b/2024/CVE-2024-38502.md new file mode 100644 index 0000000000..85f59c3514 --- /dev/null +++ b/2024/CVE-2024-38502.md @@ -0,0 +1,65 @@ +### [CVE-2024-38502](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38502) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN-2DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN-2ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN-4DB9%2F2RJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN-DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN-DB9%2FRJ45-PM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN-ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN1-2DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN1-2ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN1-4DB9%2F2RJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN1-DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN1-DB9%2FRJ45-PM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN1-ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FMOD-16RJ45%2F2RJ45-PM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FMOD-2DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FMOD-2ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FMOD-4DB9%2F2RJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FMOD-DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FMOD-DB9%2FRJ45-PM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FMOD-ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN-2DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN-2ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN-4DB9%2F2RJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN-DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN-DB9%2FRJ45-PM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN-ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN1-2DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN1-2ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN1-4DB9%2F2RJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN1-DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN1-DB9%2FRJ45-PM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN1-ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-16DB9%2FRJ45-RM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-16RJ45%2F2RJ45-PM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-16RJ45%2FRJ45-RM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-2DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-2ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-32RJ45%2FRJ45-RM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-4DB9%2F2RJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-4DB9%2F2RJ45-PM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-8DB9%2F2RJ45-PM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-DB9%2FRJ45-PM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-DB9%2FRJ45-PM2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=EIP%2FModbus%3C%3D%20v1.08%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=EtherNet%2FIP%3C%3D%20v7.22%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=Modbus%20Router%3C%3D%20v7.09%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=PROFINET%2FModbus%3C%3D%20v1.0.7%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=PROFINET%3C%3D%20v3.4.9%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=SocketServer%3C%3D%2011.65%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen) + +### Description + +An unauthenticated remote attacker may use stored XSS vulnerability to obtain information from a user or reboot the affected device once. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-38652.md b/2024/CVE-2024-38652.md new file mode 100644 index 0000000000..5b4db09b38 --- /dev/null +++ b/2024/CVE-2024-38652.md @@ -0,0 +1,17 @@ +### [CVE-2024-38652](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38652) +![](https://img.shields.io/static/v1?label=Product&message=Avalanche&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=6.4.4%3C%206.4.4%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Path traversal in the skin management component of Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to achieve denial of service via arbitrary file deletion. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-38653.md b/2024/CVE-2024-38653.md new file mode 100644 index 0000000000..595f5dba3c --- /dev/null +++ b/2024/CVE-2024-38653.md @@ -0,0 +1,17 @@ +### [CVE-2024-38653](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38653) +![](https://img.shields.io/static/v1?label=Product&message=Avalanche&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=6.4.4%3C%206.4.4%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +XXE in SmartDeviceServer in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to read arbitrary files on the server. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-3913.md b/2024/CVE-2024-3913.md new file mode 100644 index 0000000000..17a2cddfe9 --- /dev/null +++ b/2024/CVE-2024-3913.md @@ -0,0 +1,20 @@ +### [CVE-2024-3913](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3913) +![](https://img.shields.io/static/v1?label=Product&message=CHARX%20SEC-3000%20(1139022)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=CHARX%20SEC-3050%20(1139018)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=CHARX%20SEC-3100%20(1139012)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=CHARX%20SEC-3150%20(1139012)&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=0.0.0%3C%201.7.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-552%20Files%20or%20Directories%20Accessible%20to%20External%20Parties&color=brighgreen) + +### Description + +An unauthenticated remote attacker can use this vulnerability to change the device configuration due to a file writeable for short time after system startup. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-39472.md b/2024/CVE-2024-39472.md new file mode 100644 index 0000000000..208b8814bf --- /dev/null +++ b/2024/CVE-2024-39472.md @@ -0,0 +1,17 @@ +### [CVE-2024-39472](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39472) +![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=0c771b99d6c9%3C%2045cf976008dd%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In the Linux kernel, the following vulnerability has been resolved:xfs: fix log recovery buffer allocation for the legacy h_size fixupCommit a70f9fe52daa ("xfs: detect and handle invalid iclog size set bymkfs") added a fixup for incorrect h_size values used for the initialumount record in old xfsprogs versions. Later commit 0c771b99d6c9("xfs: clean up calculation of LR header blocks") cleaned up the logreover buffer calculation, but stoped using the fixed up h_size valueto size the log recovery buffer, which can lead to an out of boundsaccess when the incorrect h_size does not come from the old mkfstool, but a fuzzer.Fix this by open coding xlog_logrec_hblks and taking the fixed h_sizeinto account for this calculation. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-41042.md b/2024/CVE-2024-41042.md new file mode 100644 index 0000000000..baa53df3b0 --- /dev/null +++ b/2024/CVE-2024-41042.md @@ -0,0 +1,17 @@ +### [CVE-2024-41042](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41042) +![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=20a69341f2d0%3C%209df785aeb7dc%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In the Linux kernel, the following vulnerability has been resolved:netfilter: nf_tables: prefer nft_chain_validatenft_chain_validate already performs loop detection because a cycle willresult in a call stack overflow (ctx->level >= NFT_JUMP_STACK_SIZE).It also follows maps via ->validate callback in nft_lookup, so thereappears no reason to iterate the maps again.nf_tables_check_loops() and all its helper functions can be removed.This improves ruleset load time significantly, from 23s down to 12s.This also fixes a crash bug. Old loop detection code can result inunbounded recursion:BUG: TASK stack guard page was hit at ....Oops: stack guard page: 0000 [#1] PREEMPT SMP KASANCPU: 4 PID: 1539 Comm: nft Not tainted 6.10.0-rc5+ #1[..]with a suitable ruleset during validation of register stores.I can't see any actual reason to attempt to check for this fromnft_validate_register_store(), at this point the transaction is still inprogress, so we don't have a full picture of the rule graph.For nf-next it might make sense to either remove it or make this dependon table->validate_state in case we could catch an error earlier(for improved error reporting to userspace). + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-41475.md b/2024/CVE-2024-41475.md new file mode 100644 index 0000000000..e5caf4eaea --- /dev/null +++ b/2024/CVE-2024-41475.md @@ -0,0 +1,17 @@ +### [CVE-2024-41475](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41475) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Gnuboard g6 6.0.7 is vulnerable to Session hijacking due to a CORS misconfiguration. + +### POC + +#### Reference +- https://gist.github.com/AkiaCode/7c878b1699931314246d6589d86b1e89 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-41613.md b/2024/CVE-2024-41613.md new file mode 100644 index 0000000000..93f6437626 --- /dev/null +++ b/2024/CVE-2024-41613.md @@ -0,0 +1,17 @@ +### [CVE-2024-41613](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41613) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A Cross Site Scripting (XSS) vulnerability in Symphony CMS 2.7.10 allows remote attackers to inject arbitrary web script or HTML by editing note. + +### POC + +#### Reference +- https://github.com/OoLs5/VulDiscovery/blob/main/symphony_xss_vul.pdf + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-41614.md b/2024/CVE-2024-41614.md new file mode 100644 index 0000000000..76d84e6e9a --- /dev/null +++ b/2024/CVE-2024-41614.md @@ -0,0 +1,17 @@ +### [CVE-2024-41614](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41614) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +symphonycms <=2.7.10 is vulnerable to Cross Site Scripting (XSS) in the Comment component for articles. + +### POC + +#### Reference +- https://github.com/OoLs5/VulDiscovery/blob/main/Symphony_CMS_XSS.pdf + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-41774.md b/2024/CVE-2024-41774.md new file mode 100644 index 0000000000..2c39e2b9df --- /dev/null +++ b/2024/CVE-2024-41774.md @@ -0,0 +1,17 @@ +### [CVE-2024-41774](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41774) +![](https://img.shields.io/static/v1?label=Product&message=Common%20Licensing&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%209.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20(XSS%20or%20'Cross-site%20Scripting')&color=brighgreen) + +### Description + +IBM Common Licensing 9.0 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 350348. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-41858.md b/2024/CVE-2024-41858.md new file mode 100644 index 0000000000..79c1217dc2 --- /dev/null +++ b/2024/CVE-2024-41858.md @@ -0,0 +1,17 @@ +### [CVE-2024-41858](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41858) +![](https://img.shields.io/static/v1?label=Product&message=InCopy&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Integer%20Overflow%20or%20Wraparound%20(CWE-190)&color=brighgreen) + +### Description + +InCopy versions 18.5.2, 19.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-41860.md b/2024/CVE-2024-41860.md new file mode 100644 index 0000000000..1b7a34d1b1 --- /dev/null +++ b/2024/CVE-2024-41860.md @@ -0,0 +1,17 @@ +### [CVE-2024-41860](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41860) +![](https://img.shields.io/static/v1?label=Product&message=Substance3D%20-%20Sampler&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Out-of-bounds%20Read%20(CWE-125)&color=brighgreen) + +### Description + +Substance3D - Sampler versions 4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-41861.md b/2024/CVE-2024-41861.md new file mode 100644 index 0000000000..2ece9ed887 --- /dev/null +++ b/2024/CVE-2024-41861.md @@ -0,0 +1,17 @@ +### [CVE-2024-41861](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41861) +![](https://img.shields.io/static/v1?label=Product&message=Substance3D%20-%20Sampler&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Out-of-bounds%20Read%20(CWE-125)&color=brighgreen) + +### Description + +Substance3D - Sampler versions 4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-41862.md b/2024/CVE-2024-41862.md new file mode 100644 index 0000000000..920f8c1bfa --- /dev/null +++ b/2024/CVE-2024-41862.md @@ -0,0 +1,17 @@ +### [CVE-2024-41862](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41862) +![](https://img.shields.io/static/v1?label=Product&message=Substance3D%20-%20Sampler&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Out-of-bounds%20Read%20(CWE-125)&color=brighgreen) + +### Description + +Substance3D - Sampler versions 4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-41863.md b/2024/CVE-2024-41863.md new file mode 100644 index 0000000000..9a5cea2632 --- /dev/null +++ b/2024/CVE-2024-41863.md @@ -0,0 +1,17 @@ +### [CVE-2024-41863](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41863) +![](https://img.shields.io/static/v1?label=Product&message=Substance3D%20-%20Sampler&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Out-of-bounds%20Read%20(CWE-125)&color=brighgreen) + +### Description + +Substance3D - Sampler versions 4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-41864.md b/2024/CVE-2024-41864.md new file mode 100644 index 0000000000..51c5639ae9 --- /dev/null +++ b/2024/CVE-2024-41864.md @@ -0,0 +1,17 @@ +### [CVE-2024-41864](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41864) +![](https://img.shields.io/static/v1?label=Product&message=Substance3D%20-%20Designer&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Out-of-bounds%20Write%20(CWE-787)&color=brighgreen) + +### Description + +Substance3D - Designer versions 13.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-42477.md b/2024/CVE-2024-42477.md index d131bce96d..fb7919da06 100644 --- a/2024/CVE-2024-42477.md +++ b/2024/CVE-2024-42477.md @@ -10,7 +10,8 @@ llama.cpp provides LLM inference in C/C++. The unsafe `type` member in the `rpc_ ### POC #### Reference -No PoCs from references. +- https://github.com/ggerganov/llama.cpp/commit/b72942fac998672a79a1ae3c03b340f7e629980b +- https://github.com/ggerganov/llama.cpp/security/advisories/GHSA-mqp6-7pv6-fqjf #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-42478.md b/2024/CVE-2024-42478.md index 86f62a5ce9..1d572a2e79 100644 --- a/2024/CVE-2024-42478.md +++ b/2024/CVE-2024-42478.md @@ -10,7 +10,8 @@ llama.cpp provides LLM inference in C/C++. The unsafe `data` pointer member in t ### POC #### Reference -No PoCs from references. +- https://github.com/ggerganov/llama.cpp/commit/b72942fac998672a79a1ae3c03b340f7e629980b +- https://github.com/ggerganov/llama.cpp/security/advisories/GHSA-5vm9-p64x-gqw9 #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-42479.md b/2024/CVE-2024-42479.md index f6a5220aba..0c1665d900 100644 --- a/2024/CVE-2024-42479.md +++ b/2024/CVE-2024-42479.md @@ -10,7 +10,8 @@ llama.cpp provides LLM inference in C/C++. The unsafe `data` pointer member in t ### POC #### Reference -No PoCs from references. +- https://github.com/ggerganov/llama.cpp/commit/b72942fac998672a79a1ae3c03b340f7e629980b +- https://github.com/ggerganov/llama.cpp/security/advisories/GHSA-wcr5-566p-9cwj #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-42480.md b/2024/CVE-2024-42480.md new file mode 100644 index 0000000000..ea5265e5c1 --- /dev/null +++ b/2024/CVE-2024-42480.md @@ -0,0 +1,17 @@ +### [CVE-2024-42480](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42480) +![](https://img.shields.io/static/v1?label=Product&message=kamaji&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%3D%201.0.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-284%3A%20Improper%20Access%20Control&color=brighgreen) + +### Description + +Kamaji is the Hosted Control Plane Manager for Kubernetes. In versions 1.0.0 and earlier, Kamaji uses an "open at the top" range definition in RBAC for etcd roles leading to some TCPs API servers being able to read, write, and delete the data of other control planes. This vulnerability is fixed in edge-24.8.2. + +### POC + +#### Reference +- https://github.com/clastix/kamaji/security/advisories/GHSA-6r4j-4rjc-8vw5 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-42489.md b/2024/CVE-2024-42489.md new file mode 100644 index 0000000000..4620532e74 --- /dev/null +++ b/2024/CVE-2024-42489.md @@ -0,0 +1,17 @@ +### [CVE-2024-42489](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42489) +![](https://img.shields.io/static/v1?label=Product&message=xwiki-pro-macros&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3E%3D%201.0%2C%20%3C%201.10.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-74%3A%20Improper%20Neutralization%20of%20Special%20Elements%20in%20Output%20Used%20by%20a%20Downstream%20Component%20('Injection')&color=brighgreen) + +### Description + +Pro Macros provides XWiki rendering macros. Missing escaping in the Viewpdf macro allows any user with view right on the `CKEditor.HTMLConverter` page or edit or comment right on any page to perform remote code execution. Other macros like Viewppt are vulnerable to the same kind of attack. This vulnerability is fixed in 1.10.1. + +### POC + +#### Reference +- https://github.com/xwikisas/xwiki-pro-macros/security/advisories/GHSA-cfq3-q227-7j65 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-42520.md b/2024/CVE-2024-42520.md index 16cb67cd89..dd9cfaf7d3 100644 --- a/2024/CVE-2024-42520.md +++ b/2024/CVE-2024-42520.md @@ -10,7 +10,7 @@ TOTOLINK A3002R v4.0.0-B20230531.1404 contains a buffer overflow vulnerability i ### POC #### Reference -No PoCs from references. +- https://github.com/c10uds/totolink_A3002R_stackoverflow #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-42543.md b/2024/CVE-2024-42543.md new file mode 100644 index 0000000000..61a2e26283 --- /dev/null +++ b/2024/CVE-2024-42543.md @@ -0,0 +1,17 @@ +### [CVE-2024-42543](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42543) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +TOTOLINK A3700R v9.1.2u.5822_B20200513 has a buffer overflow vulnerability in the http_host parameter in the loginauth function. + +### POC + +#### Reference +- https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/A3700R/loginauth.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-42545.md b/2024/CVE-2024-42545.md new file mode 100644 index 0000000000..ed5ca3d7aa --- /dev/null +++ b/2024/CVE-2024-42545.md @@ -0,0 +1,17 @@ +### [CVE-2024-42545](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42545) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +TOTOLINK A3700R v9.1.2u.5822_B20200513 has a buffer overflow vulnerability in the ssid parameter in setWizardCfg function. + +### POC + +#### Reference +- https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/A3700R/setWizardCfg.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-42546.md b/2024/CVE-2024-42546.md new file mode 100644 index 0000000000..236a71cddb --- /dev/null +++ b/2024/CVE-2024-42546.md @@ -0,0 +1,17 @@ +### [CVE-2024-42546](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42546) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +TOTOLINK A3100R V4.1.2cu.5050_B20200504 has a buffer overflow vulnerability in the password parameter in the loginauth function. + +### POC + +#### Reference +- https://github.com/noahze01/IoT-vulnerable/blob/main/TOTOLink/A3100R/loginauth_password.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-42547.md b/2024/CVE-2024-42547.md new file mode 100644 index 0000000000..054d1d2c3f --- /dev/null +++ b/2024/CVE-2024-42547.md @@ -0,0 +1,17 @@ +### [CVE-2024-42547](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42547) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +TOTOLINK A3100R V4.1.2cu.5050_B20200504 has a buffer overflow vulnerability in the http_host parameter in the loginauth function. + +### POC + +#### Reference +- https://github.com/noahze01/IoT-vulnerable/blob/main/TOTOLink/A3100R/loginauth.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-42623.md b/2024/CVE-2024-42623.md new file mode 100644 index 0000000000..4e96913cd5 --- /dev/null +++ b/2024/CVE-2024-42623.md @@ -0,0 +1,17 @@ +### [CVE-2024-42623](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42623) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/layout/delete/1 + +### POC + +#### Reference +- https://github.com/Kirtoc/cms/tree/main/8/readme.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-42624.md b/2024/CVE-2024-42624.md new file mode 100644 index 0000000000..fb5118283d --- /dev/null +++ b/2024/CVE-2024-42624.md @@ -0,0 +1,17 @@ +### [CVE-2024-42624](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42624) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/page/delete/10. + +### POC + +#### Reference +- https://github.com/Kirtoc/cms/tree/main/3/readme.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-42625.md b/2024/CVE-2024-42625.md new file mode 100644 index 0000000000..7712cf0c40 --- /dev/null +++ b/2024/CVE-2024-42625.md @@ -0,0 +1,17 @@ +### [CVE-2024-42625](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42625) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/layout/add + +### POC + +#### Reference +- https://github.com/Kirtoc/cms/tree/main/9/readme.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-42626.md b/2024/CVE-2024-42626.md new file mode 100644 index 0000000000..1ee02139ba --- /dev/null +++ b/2024/CVE-2024-42626.md @@ -0,0 +1,17 @@ +### [CVE-2024-42626](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42626) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/snippet/add. + +### POC + +#### Reference +- https://github.com/Kirtoc/cms/tree/main/4/readme.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-42627.md b/2024/CVE-2024-42627.md new file mode 100644 index 0000000000..3471689232 --- /dev/null +++ b/2024/CVE-2024-42627.md @@ -0,0 +1,17 @@ +### [CVE-2024-42627](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42627) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/snippet/delete/3. + +### POC + +#### Reference +- https://github.com/Kirtoc/cms/tree/main/6/readme.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-42628.md b/2024/CVE-2024-42628.md new file mode 100644 index 0000000000..d1b6805322 --- /dev/null +++ b/2024/CVE-2024-42628.md @@ -0,0 +1,17 @@ +### [CVE-2024-42628](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42628) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/snippet/edit/3. + +### POC + +#### Reference +- https://github.com/Kirtoc/cms/tree/main/5/readme.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-42629.md b/2024/CVE-2024-42629.md new file mode 100644 index 0000000000..b0f4885539 --- /dev/null +++ b/2024/CVE-2024-42629.md @@ -0,0 +1,17 @@ +### [CVE-2024-42629](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42629) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/page/edit/10. + +### POC + +#### Reference +- https://github.com/Kirtoc/cms/tree/main/2/readme.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-42630.md b/2024/CVE-2024-42630.md new file mode 100644 index 0000000000..86c0ebea37 --- /dev/null +++ b/2024/CVE-2024-42630.md @@ -0,0 +1,17 @@ +### [CVE-2024-42630](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42630) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/plugin/file_manager/create_file. + +### POC + +#### Reference +- https://github.com/Kirtoc/cms/tree/main/10/readme.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-42631.md b/2024/CVE-2024-42631.md new file mode 100644 index 0000000000..0f0c67a8a7 --- /dev/null +++ b/2024/CVE-2024-42631.md @@ -0,0 +1,17 @@ +### [CVE-2024-42631](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42631) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/layout/edit/1. + +### POC + +#### Reference +- https://github.com/Kirtoc/cms/tree/main/7/readme.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-42632.md b/2024/CVE-2024-42632.md new file mode 100644 index 0000000000..7d767073ba --- /dev/null +++ b/2024/CVE-2024-42632.md @@ -0,0 +1,17 @@ +### [CVE-2024-42632](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42632) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/page/add. + +### POC + +#### Reference +- https://github.com/Kirtoc/cms/tree/main/1/readme.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-42736.md b/2024/CVE-2024-42736.md new file mode 100644 index 0000000000..a09c7d4026 --- /dev/null +++ b/2024/CVE-2024-42736.md @@ -0,0 +1,17 @@ +### [CVE-2024-42736](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42736) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in addBlacklist. Authenticated Attackers can send malicious packet to execute arbitrary commands. + +### POC + +#### Reference +- https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/addBlacklist/addBlacklist.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-42737.md b/2024/CVE-2024-42737.md new file mode 100644 index 0000000000..05627756cd --- /dev/null +++ b/2024/CVE-2024-42737.md @@ -0,0 +1,17 @@ +### [CVE-2024-42737](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42737) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in delBlacklist. Authenticated Attackers can send malicious packet to execute arbitrary commands. + +### POC + +#### Reference +- https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/delBlacklist/delBlacklist.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-42738.md b/2024/CVE-2024-42738.md new file mode 100644 index 0000000000..1407e38418 --- /dev/null +++ b/2024/CVE-2024-42738.md @@ -0,0 +1,17 @@ +### [CVE-2024-42738](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42738) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setDmzCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands. + +### POC + +#### Reference +- https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/setDmzCfg/setDmzCfg.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-42739.md b/2024/CVE-2024-42739.md new file mode 100644 index 0000000000..fe06ebc119 --- /dev/null +++ b/2024/CVE-2024-42739.md @@ -0,0 +1,17 @@ +### [CVE-2024-42739](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42739) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setAccessDeviceCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands. + +### POC + +#### Reference +- https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/setAccessDeviceCfg/setAccessDeviceCfg.md + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-42740.md b/2024/CVE-2024-42740.md new file mode 100644 index 0000000000..244d9a6a86 --- /dev/null +++ b/2024/CVE-2024-42740.md @@ -0,0 +1,17 @@ +### [CVE-2024-42740](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42740) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setLedCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands. + +### POC + +#### Reference +- https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/setLedCfg/setLedCfg.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-42741.md b/2024/CVE-2024-42741.md new file mode 100644 index 0000000000..4b51d7d20b --- /dev/null +++ b/2024/CVE-2024-42741.md @@ -0,0 +1,17 @@ +### [CVE-2024-42741](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42741) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setL2tpServerCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands. + +### POC + +#### Reference +- https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/setL2tpServerCfg/setL2tpServerCfg.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-42742.md b/2024/CVE-2024-42742.md new file mode 100644 index 0000000000..f78a981b68 --- /dev/null +++ b/2024/CVE-2024-42742.md @@ -0,0 +1,17 @@ +### [CVE-2024-42742](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42742) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setUrlFilterRules. Authenticated Attackers can send malicious packet to execute arbitrary commands. + +### POC + +#### Reference +- https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/setUrlFilterRules/setUrlFilterRules.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-42743.md b/2024/CVE-2024-42743.md new file mode 100644 index 0000000000..f35ef5641e --- /dev/null +++ b/2024/CVE-2024-42743.md @@ -0,0 +1,17 @@ +### [CVE-2024-42743](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42743) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setSyslogCfg . Authenticated Attackers can send malicious packet to execute arbitrary commands. + +### POC + +#### Reference +- https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/setSyslogCfg/setSyslogCfg.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-42744.md b/2024/CVE-2024-42744.md new file mode 100644 index 0000000000..770176326e --- /dev/null +++ b/2024/CVE-2024-42744.md @@ -0,0 +1,17 @@ +### [CVE-2024-42744](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42744) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setModifyVpnUser. Authenticated Attackers can send malicious packet to execute arbitrary commands. + +### POC + +#### Reference +- https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/setModifyVpnUser/setModifyVpnUser.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-42745.md b/2024/CVE-2024-42745.md new file mode 100644 index 0000000000..8c02d8b0b8 --- /dev/null +++ b/2024/CVE-2024-42745.md @@ -0,0 +1,17 @@ +### [CVE-2024-42745](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42745) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setUPnPCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands. + +### POC + +#### Reference +- https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/setUPnPCfg/setUPnPCfg.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-42747.md b/2024/CVE-2024-42747.md new file mode 100644 index 0000000000..96cff9a1b4 --- /dev/null +++ b/2024/CVE-2024-42747.md @@ -0,0 +1,17 @@ +### [CVE-2024-42747](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42747) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setWanIeCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands. + +### POC + +#### Reference +- https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/setWanIeCfg/setWanIeCfg.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-42748.md b/2024/CVE-2024-42748.md new file mode 100644 index 0000000000..f241a7520c --- /dev/null +++ b/2024/CVE-2024-42748.md @@ -0,0 +1,17 @@ +### [CVE-2024-42748](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42748) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setWiFiWpsCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands. + +### POC + +#### Reference +- https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/setWiFiWpsCfg/setWiFiWpsCfg.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-43138.md b/2024/CVE-2024-43138.md new file mode 100644 index 0000000000..f04d8a0536 --- /dev/null +++ b/2024/CVE-2024-43138.md @@ -0,0 +1,17 @@ +### [CVE-2024-43138](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43138) +![](https://img.shields.io/static/v1?label=Product&message=Event%20Manager%20for%20WooCommerce&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-22%20Improper%20Limitation%20of%20a%20Pathname%20to%20a%20Restricted%20Directory%20('Path%20Traversal')&color=brighgreen) + +### Description + +Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in MagePeople Team Event Manager for WooCommerce allows PHP Local File Inclusion.This issue affects Event Manager for WooCommerce: from n/a through 4.2.1. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-43140.md b/2024/CVE-2024-43140.md new file mode 100644 index 0000000000..6f4b0627a2 --- /dev/null +++ b/2024/CVE-2024-43140.md @@ -0,0 +1,17 @@ +### [CVE-2024-43140](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43140) +![](https://img.shields.io/static/v1?label=Product&message=Ultimate%20Bootstrap%20Elements%20for%20Elementor&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-22%20Improper%20Limitation%20of%20a%20Pathname%20to%20a%20Restricted%20Directory%20('Path%20Traversal')&color=brighgreen) + +### Description + +Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in G5Theme Ultimate Bootstrap Elements for Elementor allows PHP Local File Inclusion.This issue affects Ultimate Bootstrap Elements for Elementor: from n/a through 1.4.4. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-43141.md b/2024/CVE-2024-43141.md new file mode 100644 index 0000000000..811ea02a19 --- /dev/null +++ b/2024/CVE-2024-43141.md @@ -0,0 +1,17 @@ +### [CVE-2024-43141](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43141) +![](https://img.shields.io/static/v1?label=Product&message=Participants%20Database&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%20Deserialization%20of%20Untrusted%20Data&color=brighgreen) + +### Description + +Deserialization of Untrusted Data vulnerability in Roland Barker, xnau webdesign Participants Database allows Object Injection.This issue affects Participants Database: from n/a through 2.5.9.2. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-43153.md b/2024/CVE-2024-43153.md new file mode 100644 index 0000000000..409c1a2e52 --- /dev/null +++ b/2024/CVE-2024-43153.md @@ -0,0 +1,17 @@ +### [CVE-2024-43153](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43153) +![](https://img.shields.io/static/v1?label=Product&message=Woffice&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-269%20Improper%20Privilege%20Management&color=brighgreen) + +### Description + +Improper Privilege Management vulnerability in WofficeIO Woffice allows Privilege Escalation.This issue affects Woffice: from n/a through 5.4.10. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-43160.md b/2024/CVE-2024-43160.md new file mode 100644 index 0000000000..f85f58cfa6 --- /dev/null +++ b/2024/CVE-2024-43160.md @@ -0,0 +1,17 @@ +### [CVE-2024-43160](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43160) +![](https://img.shields.io/static/v1?label=Product&message=BerqWP&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload%20of%20File%20with%20Dangerous%20Type&color=brighgreen) + +### Description + +Unrestricted Upload of File with Dangerous Type vulnerability in BerqWP allows Code Injection.This issue affects BerqWP: from n/a through 1.7.6. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-43165.md b/2024/CVE-2024-43165.md new file mode 100644 index 0000000000..5d1ccea6e0 --- /dev/null +++ b/2024/CVE-2024-43165.md @@ -0,0 +1,17 @@ +### [CVE-2024-43165](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43165) +![](https://img.shields.io/static/v1?label=Product&message=WPSection&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-22%20Improper%20Limitation%20of%20a%20Pathname%20to%20a%20Restricted%20Directory%20('Path%20Traversal')&color=brighgreen) + +### Description + +Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Rashid87 WPSection allows PHP Local File Inclusion.This issue affects WPSection: from n/a through 1.3.8. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-4389.md b/2024/CVE-2024-4389.md new file mode 100644 index 0000000000..8e3ffb353e --- /dev/null +++ b/2024/CVE-2024-4389.md @@ -0,0 +1,17 @@ +### [CVE-2024-4389](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4389) +![](https://img.shields.io/static/v1?label=Product&message=Slider%20%26%20Popup%20Builder%20by%20Depicter%20%E2%80%93%20Add%20Image%20Slider%2C%20Carousel%20Slider%2C%20Exit%20Intent%20Popup%2C%20Popup%20Modal%2C%20Coupon%20Popup%2C%20Post%20Slider%20Carousel&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%203.1.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload%20of%20File%20with%20Dangerous%20Type&color=brighgreen) + +### Description + +The Slider and Carousel slider by Depicter plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the uploadFile function in all versions up to, and including, 3.1.1. This makes it possible for authenticated attackers, with contributor access or higher, to upload arbitrary files on the affected site's server which may make remote code execution possible. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-5313.md b/2024/CVE-2024-5313.md new file mode 100644 index 0000000000..dc192c509e --- /dev/null +++ b/2024/CVE-2024-5313.md @@ -0,0 +1,17 @@ +### [CVE-2024-5313](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5313) +![](https://img.shields.io/static/v1?label=Product&message=EVlink%20Home%20Smart&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20v2.0.4.1.2_131%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-668%20Exposure%20of%20Resource%20to%20Wrong%20Sphere&color=brighgreen) + +### Description + +CWE-668: Exposure of the Resource Wrong Sphere vulnerability exists that exposes a SSHinterface over the product network interface. This does not allow to directly exploit the product ormake any unintended operation as the SSH interface access is protected by an authenticationmechanism. Impacts are limited to port scanning and fingerprinting activities as well as attemptsto perform a potential denial of service attack on the exposed SSH interface. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-5849.md b/2024/CVE-2024-5849.md new file mode 100644 index 0000000000..22658f34cb --- /dev/null +++ b/2024/CVE-2024-5849.md @@ -0,0 +1,65 @@ +### [CVE-2024-5849](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5849) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN-2DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN-2ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN-4DB9%2F2RJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN-DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN-DB9%2FRJ45-PM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN-ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN1-2DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN1-2ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN1-4DB9%2F2RJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN1-DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN1-DB9%2FRJ45-PM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FEN1-ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FMOD-16RJ45%2F2RJ45-PM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FMOD-2DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FMOD-2ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FMOD-4DB9%2F2RJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FMOD-DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FMOD-DB9%2FRJ45-PM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FMOD-ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN-2DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN-2ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN-4DB9%2F2RJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN-DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN-DB9%2FRJ45-PM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN-ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN1-2DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN1-2ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN1-4DB9%2F2RJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN1-DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN1-DB9%2FRJ45-PM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FPN1-ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-16DB9%2FRJ45-RM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-16RJ45%2F2RJ45-PM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-16RJ45%2FRJ45-RM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-2DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-2ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-32RJ45%2FRJ45-RM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-4DB9%2F2RJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-4DB9%2F2RJ45-PM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-8DB9%2F2RJ45-PM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-DB9%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-DB9%2FRJ45-PM&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-DB9%2FRJ45-PM2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=ICDM-RX%2FTCP-ST%2FRJ45-DIN&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=EIP%2FModbus%3C%3D%20v1.08%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=EtherNet%2FIP%3C%3D%20v7.22%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=Modbus%20Router%3C%3D%20v7.09%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=PROFINET%2FModbus%3C%3D%20v1.0.7%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=PROFINET%3C%3D%20v3.4.9%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=SocketServer%3C%3D%2011.65%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen) + +### Description + +An unauthenticated remote attacker may use a reflected XSS vulnerability to obtain information from a user or reboot the affected device once. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-5893.md b/2024/CVE-2024-5893.md index de16be07d8..b5515b801b 100644 --- a/2024/CVE-2024-5893.md +++ b/2024/CVE-2024-5893.md @@ -13,5 +13,5 @@ A vulnerability classified as critical has been found in SourceCodester Cab Mana - https://github.com/Hefei-Coffee/cve/blob/main/sql9.md #### Github -No PoCs found on GitHub currently. +- https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-5894.md b/2024/CVE-2024-5894.md index 7928458996..74c9dd2e8a 100644 --- a/2024/CVE-2024-5894.md +++ b/2024/CVE-2024-5894.md @@ -13,5 +13,5 @@ A vulnerability classified as critical was found in SourceCodester Online Eyewea - https://github.com/Hefei-Coffee/cve/blob/main/sql10.md #### Github -No PoCs found on GitHub currently. +- https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-5895.md b/2024/CVE-2024-5895.md index ccf827fc15..055ec004d6 100644 --- a/2024/CVE-2024-5895.md +++ b/2024/CVE-2024-5895.md @@ -13,5 +13,5 @@ A vulnerability, which was classified as critical, has been found in SourceCodes - https://github.com/Hefei-Coffee/cve/blob/main/sql11.md #### Github -No PoCs found on GitHub currently. +- https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-6123.md b/2024/CVE-2024-6123.md new file mode 100644 index 0000000000..f09ada06a9 --- /dev/null +++ b/2024/CVE-2024-6123.md @@ -0,0 +1,17 @@ +### [CVE-2024-6123](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6123) +![](https://img.shields.io/static/v1?label=Product&message=Contact%20Form%20by%20Bit%20Form%3A%20Multi%20Step%20Form%2C%20Calculation%20Contact%20Form%2C%20Payment%20Contact%20Form%20%26%20Custom%20Contact%20Form%20builder&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%202.12.2%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload%20of%20File%20with%20Dangerous%20Type&color=brighgreen) + +### Description + +The Bit Form plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'iconUpload' function in all versions up to, and including, 2.12.2. This makes it possible for authenticated attackers, with administrator-level and above permissions, to upload arbitrary files on the affected site's server which may make remote code execution possible. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-6133.md b/2024/CVE-2024-6133.md index 29f64c81bf..1de943ad85 100644 --- a/2024/CVE-2024-6133.md +++ b/2024/CVE-2024-6133.md @@ -13,5 +13,5 @@ The wp-cart-for-digital-products WordPress plugin before 8.5.6 does not sanitise - https://wpscan.com/vulnerability/fd613e1e-557c-4383-a3e9-4c14bc0be0c5/ #### Github -No PoCs found on GitHub currently. +- https://github.com/20142995/nuclei-templates diff --git a/2024/CVE-2024-6134.md b/2024/CVE-2024-6134.md index 901538d2e6..f4e9b2f630 100644 --- a/2024/CVE-2024-6134.md +++ b/2024/CVE-2024-6134.md @@ -13,5 +13,5 @@ The wp-cart-for-digital-products WordPress plugin before 8.5.6 does not sanitise - https://wpscan.com/vulnerability/34d61f7e-90eb-4a64-a8a7-18f2d6518118/ #### Github -No PoCs found on GitHub currently. +- https://github.com/20142995/nuclei-templates diff --git a/2024/CVE-2024-6136.md b/2024/CVE-2024-6136.md index 758da8fa8b..0882de2de2 100644 --- a/2024/CVE-2024-6136.md +++ b/2024/CVE-2024-6136.md @@ -14,5 +14,5 @@ The wp-cart-for-digital-products WordPress plugin before 8.5.6 does not have CSR - https://wpscan.com/vulnerability/7d85cfe4-4878-4530-ba78-7cfe33f3a8d5/ #### Github -No PoCs found on GitHub currently. +- https://github.com/20142995/nuclei-templates diff --git a/2024/CVE-2024-6532.md b/2024/CVE-2024-6532.md new file mode 100644 index 0000000000..7f6e07336a --- /dev/null +++ b/2024/CVE-2024-6532.md @@ -0,0 +1,17 @@ +### [CVE-2024-6532](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6532) +![](https://img.shields.io/static/v1?label=Product&message=Sheet%20to%20Table%20Live%20Sync%20for%20Google%20Sheet&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%201.0.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen) + +### Description + +The Sheet to Table Live Sync for Google Sheet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's STWT_Sheet_Table shortcode in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-6823.md b/2024/CVE-2024-6823.md index 37d9809ad5..35011875c8 100644 --- a/2024/CVE-2024-6823.md +++ b/2024/CVE-2024-6823.md @@ -13,5 +13,6 @@ The Media Library Assistant plugin for WordPress is vulnerable to arbitrary file No PoCs from references. #### Github +- https://github.com/20142995/nuclei-templates - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-7092.md b/2024/CVE-2024-7092.md index c3fa83e0fe..354ce4f889 100644 --- a/2024/CVE-2024-7092.md +++ b/2024/CVE-2024-7092.md @@ -13,5 +13,6 @@ The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & No PoCs from references. #### Github +- https://github.com/20142995/nuclei-templates - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-7094.md b/2024/CVE-2024-7094.md index 818bb89cb1..c552d556e7 100644 --- a/2024/CVE-2024-7094.md +++ b/2024/CVE-2024-7094.md @@ -13,5 +13,6 @@ The JS Help Desk – The Ultimate Help Desk & Support Plugin plugin for WordPres No PoCs from references. #### Github +- https://github.com/20142995/nuclei-templates - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-7247.md b/2024/CVE-2024-7247.md index 634adbc9d6..eede9898a0 100644 --- a/2024/CVE-2024-7247.md +++ b/2024/CVE-2024-7247.md @@ -13,5 +13,6 @@ The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid No PoCs from references. #### Github +- https://github.com/20142995/nuclei-templates - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-7339.md b/2024/CVE-2024-7339.md index c740f73397..9bbcecd909 100644 --- a/2024/CVE-2024-7339.md +++ b/2024/CVE-2024-7339.md @@ -16,6 +16,7 @@ A vulnerability has been found in TVT DVR TD-2104TS-CL, DVR TD-2108TS-HP, Provis No PoCs from references. #### Github +- https://github.com/20142995/nuclei-templates - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/tanjiti/sec_profile diff --git a/2024/CVE-2024-7388.md b/2024/CVE-2024-7388.md index 225d0cc81c..6a35256d1a 100644 --- a/2024/CVE-2024-7388.md +++ b/2024/CVE-2024-7388.md @@ -13,5 +13,6 @@ The WP Bannerize Pro plugin for WordPress is vulnerable to Stored Cross-Site Scr No PoCs from references. #### Github +- https://github.com/20142995/nuclei-templates - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-7588.md b/2024/CVE-2024-7588.md new file mode 100644 index 0000000000..d6f7af52ba --- /dev/null +++ b/2024/CVE-2024-7588.md @@ -0,0 +1,17 @@ +### [CVE-2024-7588](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7588) +![](https://img.shields.io/static/v1?label=Product&message=Gutenberg%20Blocks%2C%20Page%20Builder%20%E2%80%93%20ComboBlocks&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%202.2.84%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen) + +### Description + +The Gutenberg Blocks, Page Builder – ComboBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Accordion block in all versions up to, and including, 2.2.87 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-7728.md b/2024/CVE-2024-7728.md new file mode 100644 index 0000000000..92f9310893 --- /dev/null +++ b/2024/CVE-2024-7728.md @@ -0,0 +1,19 @@ +### [CVE-2024-7728](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7728) +![](https://img.shields.io/static/v1?label=Product&message=CMS-SE&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=CMS-SE(18.04)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=CMS-SE(22.04)&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%2011.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-78%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20OS%20Command%20('OS%20Command%20Injection')&color=brighgreen) + +### Description + +The specific CGI of the CAYIN Technology CMS does not properly validate user input, allowing a remote attacker with administrator privileges to inject OS commands into the specific parameter and execute them on the remote server. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-7729.md b/2024/CVE-2024-7729.md new file mode 100644 index 0000000000..f1cc89b0ef --- /dev/null +++ b/2024/CVE-2024-7729.md @@ -0,0 +1,34 @@ +### [CVE-2024-7729](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7729) +![](https://img.shields.io/static/v1?label=Product&message=CMS-20&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=CMS-60&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=CMS-SE&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=CMS-SE(18.04)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=CMS-SE(22.04)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=SMP-2100&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=SMP-2200&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=SMP-2210&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=SMP-2300&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=SMP-2310&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=SMP-2400&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=SMP-6000&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=SMP-8000&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=SMP-8000QD&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=SMP-8100&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%2011.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=%3D%203.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=%3D%204.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=3.0%3C%3D%204.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-552%20Files%20or%20Directories%20Accessible%20to%20External%20Parties&color=brighgreen) + +### Description + +The CAYIN Technology CMS lacks proper access control, allowing unauthenticated remote attackers to download arbitrary CGI files. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-7731.md b/2024/CVE-2024-7731.md new file mode 100644 index 0000000000..986f842eb6 --- /dev/null +++ b/2024/CVE-2024-7731.md @@ -0,0 +1,17 @@ +### [CVE-2024-7731](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7731) +![](https://img.shields.io/static/v1?label=Product&message=Dr.ID%20Access%20control%20%20system&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=0%3C%203.6.3%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20SQL%20Command%20('SQL%20Injection')&color=brighgreen) + +### Description + +Dr.ID Access Control System from SECOM does not properly validate a specific page parameter, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database contents. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-7732.md b/2024/CVE-2024-7732.md new file mode 100644 index 0000000000..c787c2f572 --- /dev/null +++ b/2024/CVE-2024-7732.md @@ -0,0 +1,17 @@ +### [CVE-2024-7732](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7732) +![](https://img.shields.io/static/v1?label=Product&message=Dr.ID%20Attendance%20system&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=0%3C%203.6.3%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20SQL%20Command%20('SQL%20Injection')&color=brighgreen) + +### Description + +Dr.ID Access Control System from SECOM does not properly validate a specific page parameter, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database contents. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/github.txt b/github.txt index a0672a3970..0131737fac 100644 --- a/github.txt +++ b/github.txt @@ -8502,6 +8502,7 @@ CVE-2012-1723 - https://github.com/S3N4T0R-0X0/Energetic-Bear-APT CVE-2012-1734 - https://github.com/Live-Hack-CVE/CVE-2012-1734 CVE-2012-1756 - https://github.com/Live-Hack-CVE/CVE-2012-1756 CVE-2012-1757 - https://github.com/Live-Hack-CVE/CVE-2012-1757 +CVE-2012-1823 - https://github.com/0xFatality/CVE-2012-1823 CVE-2012-1823 - https://github.com/0xl0k1/CVE-2012-1823 CVE-2012-1823 - https://github.com/0xsyr0/OSCP CVE-2012-1823 - https://github.com/1060275195/Covid-v2-Botnet @@ -30202,6 +30203,7 @@ CVE-2017-0143 - https://github.com/yeriej77/Identifying-and-Exploiting-Vulnerabi CVE-2017-0143 - https://github.com/zhang040723/web CVE-2017-0143 - https://github.com/zimmel15/HTBBlueWriteup CVE-2017-0144 - https://github.com/0xAbbarhSF/Termux-Nation-2022-Alpha +CVE-2017-0144 - https://github.com/0xabdoulaye/CTFs-Journey CVE-2017-0144 - https://github.com/0xsyr0/OSCP CVE-2017-0144 - https://github.com/61106960/adPEAS CVE-2017-0144 - https://github.com/ARPSyndicate/cvemon @@ -30636,6 +30638,7 @@ CVE-2017-0199 - https://github.com/Lynk4/Windows-Server-2008-VAPT CVE-2017-0199 - https://github.com/Mal-lol-git/URL-Parser CVE-2017-0199 - https://github.com/Mehedi-Babu/pentest_tools_repo CVE-2017-0199 - https://github.com/Micr067/Pentest_Note +CVE-2017-0199 - https://github.com/Mr-hunt-007/CyberSecurity-Tools CVE-2017-0199 - https://github.com/Mrnmap/RedTeam CVE-2017-0199 - https://github.com/Nacromencer/cve2017-0199-in-python CVE-2017-0199 - https://github.com/NotAwful/CVE-2017-0199-Fix @@ -33193,6 +33196,7 @@ CVE-2017-11882 - https://github.com/IversionBY/PenetratInfo CVE-2017-11882 - https://github.com/J-SinwooLee/Malware-Analysis-REMnux CVE-2017-11882 - https://github.com/JERRY123S/all-poc CVE-2017-11882 - https://github.com/Micr067/Pentest_Note +CVE-2017-11882 - https://github.com/Mr-hunt-007/CyberSecurity-Tools CVE-2017-11882 - https://github.com/Mrnmap/RedTeam CVE-2017-11882 - https://github.com/OlaleyeAyobami/Malware-Analysis-Lab CVE-2017-11882 - https://github.com/Ondrik8/RED-Team @@ -41846,6 +41850,7 @@ CVE-2017-8570 - https://github.com/JERRY123S/all-poc CVE-2017-8570 - https://github.com/Loveforkeeps/Lemon-Duck CVE-2017-8570 - https://github.com/MaxSecurity/Office-CVE-2017-8570 CVE-2017-8570 - https://github.com/Mehmet065/MIS-311-Project +CVE-2017-8570 - https://github.com/Mr-hunt-007/CyberSecurity-Tools CVE-2017-8570 - https://github.com/Mrnmap/RedTeam CVE-2017-8570 - https://github.com/Ondrik8/RED-Team CVE-2017-8570 - https://github.com/Ondrik8/exploit @@ -42322,6 +42327,7 @@ CVE-2017-8759 - https://github.com/HildeTeamTNT/Red-Teaming-Toolkit CVE-2017-8759 - https://github.com/JERRY123S/all-poc CVE-2017-8759 - https://github.com/JonasUliana/CVE-2017-8759 CVE-2017-8759 - https://github.com/Lz1y/CVE-2017-8759 +CVE-2017-8759 - https://github.com/Mr-hunt-007/CyberSecurity-Tools CVE-2017-8759 - https://github.com/Mrnmap/RedTeam CVE-2017-8759 - https://github.com/Ondrik8/RED-Team CVE-2017-8759 - https://github.com/Ostorlab/KEV @@ -51078,6 +51084,7 @@ CVE-2018-20250 - https://github.com/HildeTeamTNT/Red-Teaming-Toolkit CVE-2018-20250 - https://github.com/IversionBY/PenetratInfo CVE-2018-20250 - https://github.com/JERRY123S/all-poc CVE-2018-20250 - https://github.com/LamSonBinh/CVE-2018-20250 +CVE-2018-20250 - https://github.com/Mr-hunt-007/CyberSecurity-Tools CVE-2018-20250 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2018-20250 - https://github.com/Mrnmap/RedTeam CVE-2018-20250 - https://github.com/Ondrik8/RED-Team @@ -53370,6 +53377,7 @@ CVE-2018-4878 - https://github.com/InQuest/malware-samples CVE-2018-4878 - https://github.com/InQuest/yara-rules CVE-2018-4878 - https://github.com/JamesGrandoff/Tools CVE-2018-4878 - https://github.com/KathodeN/CVE-2018-4878 +CVE-2018-4878 - https://github.com/Mr-hunt-007/CyberSecurity-Tools CVE-2018-4878 - https://github.com/Mrnmap/RedTeam CVE-2018-4878 - https://github.com/Ondrik8/Links CVE-2018-4878 - https://github.com/Ondrik8/RED-Team @@ -54493,6 +54501,7 @@ CVE-2018-6389 - https://github.com/ItinerisLtd/trellis-cve-2018-6389 CVE-2018-6389 - https://github.com/JavierOlmedo/wordpress-cve-2018-6389 CVE-2018-6389 - https://github.com/Jetserver/CVE-2018-6389-FIX CVE-2018-6389 - https://github.com/JulienGadanho/cve-2018-6389-php-patcher +CVE-2018-6389 - https://github.com/Mr-hunt-007/CyberSecurity-Tools CVE-2018-6389 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2018-6389 - https://github.com/Neelakandan-A/BugBounty_CheatSheet CVE-2018-6389 - https://github.com/Prabirrimi/Awesome-Bugbounty-Writeups @@ -61840,6 +61849,7 @@ CVE-2019-11358 - https://github.com/JaanviC25/GeneralRelativity21-22 CVE-2019-11358 - https://github.com/Jack-Corso/22187-CENTERSTAGE CVE-2019-11358 - https://github.com/Jack-Justus/SMES_FTC_2022-2023 CVE-2019-11358 - https://github.com/JackJones7/S7-FTC-Centerstage +CVE-2019-11358 - https://github.com/JacobTaira/OLD_21438_CenterStage_Repo CVE-2019-11358 - https://github.com/JacobeZhang/FTC2021FF CVE-2019-11358 - https://github.com/JacobeZhang/FTCTinkering CVE-2019-11358 - https://github.com/JacobeZhang/HCLS-FTC-Summer @@ -74782,6 +74792,7 @@ CVE-2019-7580 - https://github.com/EchoGin404/gongkaishouji CVE-2019-7580 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2019-7580 - https://github.com/SexyBeast233/SecBooks CVE-2019-7580 - https://github.com/Shenkongyin/CUC-2023 +CVE-2019-7580 - https://github.com/Smoothss/CUC-2023 CVE-2019-7580 - https://github.com/Tyro-Shan/gongkaishouji CVE-2019-7580 - https://github.com/YIXINSHUWU/Penetration_Testing_POC CVE-2019-7580 - https://github.com/ZTK-009/Penetration_PoC @@ -75535,6 +75546,7 @@ CVE-2019-8942 - https://github.com/tuannq2299/CVE-2019-8942 CVE-2019-8942 - https://github.com/v0lck3r/CVE-2019-8943 CVE-2019-8943 - https://github.com/0xMafty/Blog CVE-2019-8943 - https://github.com/0xT11/CVE-POC +CVE-2019-8943 - https://github.com/0xabdoulaye/CTFs-Journey CVE-2019-8943 - https://github.com/ARPSyndicate/cvemon CVE-2019-8943 - https://github.com/Afetter618/WordPress-PenTest CVE-2019-8943 - https://github.com/Cl0wnK1n9/WhiteHat @@ -85795,6 +85807,7 @@ CVE-2020-17049 - https://github.com/bhataasim1/AD-Attack-Defence CVE-2020-17049 - https://github.com/hackeremmen/Active-Directory-Kill-Chain-Attack-Defense- CVE-2020-17049 - https://github.com/iamramahibrah/AD-Attacks-and-Defend CVE-2020-17049 - https://github.com/infosecn1nja/AD-Attack-Defense +CVE-2020-17049 - https://github.com/joker200-0/Rubeus CVE-2020-17049 - https://github.com/kas0n/RedTeam-Articles CVE-2020-17049 - https://github.com/mandradets/Maritest2 CVE-2020-17049 - https://github.com/merlinepedra/RUBEUS @@ -101224,6 +101237,7 @@ CVE-2021-22204 - https://github.com/LazyTitan33/ExifTool-DjVu-exploit CVE-2021-22204 - https://github.com/Lazykakarot1/Learn-365 CVE-2021-22204 - https://github.com/Ly0nt4r/OSCP CVE-2021-22204 - https://github.com/NaInSec/CVE-PoC-in-GitHub +CVE-2021-22204 - https://github.com/OneSecCyber/JPEG_RCE CVE-2021-22204 - https://github.com/Ostorlab/KEV CVE-2021-22204 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors CVE-2021-22204 - https://github.com/PenTestical/CVE-2021-22204 @@ -105536,6 +105550,7 @@ CVE-2021-27928 - https://github.com/SYRTI/POC_to_review CVE-2021-27928 - https://github.com/SenukDias/OSCP_cheat CVE-2021-27928 - https://github.com/Shenkongyin/CUC-2023 CVE-2021-27928 - https://github.com/SirElmard/ethical_hacking +CVE-2021-27928 - https://github.com/Smoothss/CUC-2023 CVE-2021-27928 - https://github.com/WhooAmii/POC_to_review CVE-2021-27928 - https://github.com/anquanscan/sec-tools CVE-2021-27928 - https://github.com/e-hakson/OSCP @@ -110414,6 +110429,7 @@ CVE-2021-3493 - https://github.com/0day404/vulnerability-poc CVE-2021-3493 - https://github.com/0xMarcio/cve CVE-2021-3493 - https://github.com/0xMat10/eJPT_Prep CVE-2021-3493 - https://github.com/0xWhoami35/root-kernel +CVE-2021-3493 - https://github.com/0xabdoulaye/CTFs-Journey CVE-2021-3493 - https://github.com/0xsyr0/OSCP CVE-2021-3493 - https://github.com/20142995/sectool CVE-2021-3493 - https://github.com/ARPSyndicate/cvemon @@ -114998,6 +115014,7 @@ CVE-2021-41773 - https://github.com/0xGabe/Apache-CVEs CVE-2021-41773 - https://github.com/0xRar/CVE-2021-41773 CVE-2021-41773 - https://github.com/0xStrygwyr/OSCP-Guide CVE-2021-41773 - https://github.com/0xZipp0/OSCP +CVE-2021-41773 - https://github.com/0xabdoulaye/CTFs-Journey CVE-2021-41773 - https://github.com/0xsyr0/OSCP CVE-2021-41773 - https://github.com/12345qwert123456/CVE-2021-41773 CVE-2021-41773 - https://github.com/189569400/Meppo @@ -115986,6 +116003,7 @@ CVE-2021-42287 - https://github.com/ihebski/A-Red-Teamer-diaries CVE-2021-42287 - https://github.com/infosecn1nja/AD-Attack-Defense CVE-2021-42287 - https://github.com/jbmihoub/all-poc CVE-2021-42287 - https://github.com/jenriquezv/OSCP-Cheat-Sheets-AD +CVE-2021-42287 - https://github.com/joker200-0/Rubeus CVE-2021-42287 - https://github.com/k8gege/Ladon CVE-2021-42287 - https://github.com/kgwanjala/oscp-cheatsheet CVE-2021-42287 - https://github.com/knightswd/NoPacScan @@ -132440,6 +132458,7 @@ CVE-2022-28346 - https://github.com/youwizard/CVE-POC CVE-2022-28346 - https://github.com/zecool/cve CVE-2022-28347 - https://github.com/ARPSyndicate/cvemon CVE-2022-28347 - https://github.com/Shenkongyin/CUC-2023 +CVE-2022-28347 - https://github.com/Smoothss/CUC-2023 CVE-2022-28347 - https://github.com/SurfRid3r/Django_vulnerability_analysis CVE-2022-28347 - https://github.com/kudoas/sql-injection-sandbox CVE-2022-28355 - https://github.com/ARPSyndicate/cvemon @@ -138578,6 +138597,7 @@ CVE-2022-37967 - https://github.com/OsandaMalith/Rubeus CVE-2022-37967 - https://github.com/Pascal-0x90/Rubeus CVE-2022-37967 - https://github.com/RkDx/MyRuby CVE-2022-37967 - https://github.com/Strokekilla/Rubeus +CVE-2022-37967 - https://github.com/joker200-0/Rubeus CVE-2022-37967 - https://github.com/qobil7681/Password-cracker CVE-2022-37967 - https://github.com/santan2020/ck2 CVE-2022-37967 - https://github.com/syedrizvinet/lib-repos-Rubeus @@ -142250,6 +142270,7 @@ CVE-2022-46689 - https://github.com/BomberFish/Mandela-Rewritten CVE-2022-46689 - https://github.com/Hiimsonkul/Hiimsonkul CVE-2022-46689 - https://github.com/Ingan121/FSUntether CVE-2022-46689 - https://github.com/Kry9toN/WDBFontOverwrite +CVE-2022-46689 - https://github.com/Lrdsnow/PureKFD CVE-2022-46689 - https://github.com/ManoChina/Cowabunga CVE-2022-46689 - https://github.com/ManoChina/MacDirtyCowDemo CVE-2022-46689 - https://github.com/PureKFD/PureKFD @@ -142636,6 +142657,7 @@ CVE-2022-48363 - https://github.com/VulnTotal-Team/Vehicle-Security CVE-2022-48363 - https://github.com/VulnTotal-Team/vehicle_cves CVE-2022-48364 - https://github.com/40826d/advisories CVE-2022-48364 - https://github.com/ARPSyndicate/cvemon +CVE-2022-48429 - https://github.com/echo-devim/CVE-2022-48429_poc CVE-2022-48434 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2022-48434 - https://github.com/h26forge/h26forge CVE-2022-48474 - https://github.com/nomi-sec/PoC-in-GitHub @@ -146674,6 +146696,7 @@ CVE-2023-27131 - https://github.com/Srpopty/Corax CVE-2023-27162 - https://github.com/ARPSyndicate/cvemon CVE-2023-27162 - https://github.com/limithit/modsecurity-rule CVE-2023-27163 - https://github.com/0xFTW/CVE-2023-27163 +CVE-2023-27163 - https://github.com/0xabdoulaye/CTFs-Journey CVE-2023-27163 - https://github.com/Aledangelo/Sau_Writeup CVE-2023-27163 - https://github.com/Hamibubu/CVE-2023-27163 CVE-2023-27163 - https://github.com/HusenjanDev/CVE-2023-27163-AND-Mailtrail-v0.53 @@ -146797,6 +146820,7 @@ CVE-2023-27366 - https://github.com/Souf31/mqtt-pentest CVE-2023-27372 - https://github.com/0SPwn/CVE-2023-27372-PoC CVE-2023-27372 - https://github.com/ARPSyndicate/cvemon CVE-2023-27372 - https://github.com/Chocapikk/CVE-2023-27372 +CVE-2023-27372 - https://github.com/Jhonsonwannaa/CVE-2023-27372 CVE-2023-27372 - https://github.com/Pari-Malam/CVE-2023-27372 CVE-2023-27372 - https://github.com/RSTG0D/CVE-2023-27372-PoC CVE-2023-27372 - https://github.com/ThatNotEasy/CVE-2023-27372 @@ -148306,6 +148330,7 @@ CVE-2023-31594 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-31595 - https://github.com/Yozarseef95/CVE-2023-31595 CVE-2023-31595 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-31606 - https://github.com/e23e/CVE-2023-31606 +CVE-2023-31606 - https://github.com/merbinr/CVE-2023-31606 CVE-2023-31606 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-31607 - https://github.com/Sedar2024/Sedar CVE-2023-31608 - https://github.com/Sedar2024/Sedar @@ -148319,6 +148344,7 @@ CVE-2023-31615 - https://github.com/Sedar2024/Sedar CVE-2023-3163 - https://github.com/George0Papasotiriou/CVE-2023-3163-SQL-Injection-Prevention CVE-2023-3163 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-31634 - https://github.com/XC9409/CVE-2023-31634 +CVE-2023-31634 - https://github.com/iSee857/CVE-2023-31634 CVE-2023-31634 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-3164 - https://github.com/adegoodyer/kubernetes-admin-toolkit CVE-2023-3164 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -148815,6 +148841,7 @@ CVE-2023-32781 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-32782 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-32783 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-32784 - https://github.com/0xFFD700/Neuland-CTF-2023 +CVE-2023-32784 - https://github.com/0xabdoulaye/CTFs-Journey CVE-2023-32784 - https://github.com/1ocho3/NCL_V CVE-2023-32784 - https://github.com/3mpir3Albert/HTB_Keeper CVE-2023-32784 - https://github.com/4m4Sec/CVE-2023-32784 @@ -149146,6 +149173,7 @@ CVE-2023-33584 - https://github.com/akarrel/test_enrollment CVE-2023-33584 - https://github.com/sudovivek/My-CVE CVE-2023-33592 - https://github.com/0XRedRose/CVE-2023-33592 CVE-2023-33592 - https://github.com/Acous7icwav3/CVE-2023-33592 +CVE-2023-33592 - https://github.com/ChineseOldboy/CVE-2023-33592 CVE-2023-33592 - https://github.com/FuckingHack3r/CVE-2023-33592 CVE-2023-33592 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-33595 - https://github.com/toxyl/lscve @@ -151033,6 +151061,7 @@ CVE-2023-38633 - https://github.com/Threekiii/Awesome-POC CVE-2023-38633 - https://github.com/Threekiii/Vulhub-Reproduce CVE-2023-38633 - https://github.com/bakery312/Vulhub-Reproduce CVE-2023-38646 - https://github.com/0utl4nder/Another-Metabase-RCE-CVE-2023-38646 +CVE-2023-38646 - https://github.com/0xabdoulaye/CTFs-Journey CVE-2023-38646 - https://github.com/0xrobiul/CVE-2023-38646 CVE-2023-38646 - https://github.com/20142995/sectool CVE-2023-38646 - https://github.com/Anekant-Singhai/Exploits @@ -152269,6 +152298,7 @@ CVE-2023-41964 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-41968 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-4197 - https://github.com/alien-keric/CVE-2023-4197 CVE-2023-4197 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2023-41974 - https://github.com/Lrdsnow/PureKFD CVE-2023-41974 - https://github.com/PureKFD/PureKFD CVE-2023-41974 - https://github.com/Spoou/123 CVE-2023-41974 - https://github.com/felix-pb/kfd @@ -162574,6 +162604,7 @@ CVE-2024-1926 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-1929 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-1930 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-1931 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-1931 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-1933 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-1936 - https://github.com/NaInSec/CVE-LIST CVE-2024-1936 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -162672,6 +162703,13 @@ CVE-2024-2008 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-20083 - https://github.com/Resery/Resery CVE-2024-20088 - https://github.com/Resery/Resery CVE-2024-2009 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-20090 - https://github.com/Resery/Resery +CVE-2024-20091 - https://github.com/Resery/Resery +CVE-2024-20092 - https://github.com/Resery/Resery +CVE-2024-20093 - https://github.com/Resery/Resery +CVE-2024-20095 - https://github.com/Resery/Resery +CVE-2024-20096 - https://github.com/Resery/Resery +CVE-2024-20097 - https://github.com/Resery/Resery CVE-2024-2014 - https://github.com/ibaiw/2024Hvv CVE-2024-2021 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-2022 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -164396,6 +164434,7 @@ CVE-2024-23692 - https://github.com/wjlin0/poc-doc CVE-2024-23692 - https://github.com/wy876/POC CVE-2024-2370 - https://github.com/NaInSec/CVE-LIST CVE-2024-2370 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-23705 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-23708 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-23709 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-23721 - https://github.com/NaInSec/CVE-LIST @@ -166376,6 +166415,7 @@ CVE-2024-27198 - https://github.com/Shimon03/Explora-o-RCE-n-o-autenticado-JetBr CVE-2024-27198 - https://github.com/Stuub/RCity-CVE-2024-27198 CVE-2024-27198 - https://github.com/Threekiii/Awesome-POC CVE-2024-27198 - https://github.com/Threekiii/CVE +CVE-2024-27198 - https://github.com/TrojanAZhen/Self_Back CVE-2024-27198 - https://github.com/W01fh4cker/CVE-2024-27198-RCE CVE-2024-27198 - https://github.com/ZonghaoLi777/githubTrending CVE-2024-27198 - https://github.com/aneasystone/github-trending @@ -167360,6 +167400,7 @@ CVE-2024-28971 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-28978 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-28979 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-2898 - https://github.com/LaPhilosophie/IoT-vulnerable +CVE-2024-28986 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-2899 - https://github.com/LaPhilosophie/IoT-vulnerable CVE-2024-28995 - https://github.com/0xc4t/CVE-2024-28995 CVE-2024-28995 - https://github.com/Ostorlab/KEV @@ -169743,6 +169784,7 @@ CVE-2024-36105 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-36111 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-36111 - https://github.com/wy876/POC CVE-2024-36120 - https://github.com/SteakEnthusiast/My-CTF-Challenges +CVE-2024-36136 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3614 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3616 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3617 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -169879,7 +169921,9 @@ CVE-2024-37305 - https://github.com/chnzzh/OpenSSL-CVE-lib CVE-2024-37309 - https://github.com/chnzzh/OpenSSL-CVE-lib CVE-2024-3735 - https://github.com/ahmedvienna/CVEs-and-Vulnerabilities CVE-2024-3737 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-37373 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-37393 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2024-37399 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-37407 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3744 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3745 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -169950,6 +169994,7 @@ CVE-2024-38041 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-3806 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-3806 - https://github.com/tanjiti/sec_profile CVE-2024-3806 - https://github.com/truonghuuphuc/CVE-2024-3806-AND-CVE-2024-3807-Poc +CVE-2024-38063 - https://github.com/kherrick/hacker-news CVE-2024-3807 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-3807 - https://github.com/truonghuuphuc/CVE-2024-3806-AND-CVE-2024-3807-Poc CVE-2024-38077 - https://github.com/0xMarcio/cve @@ -169999,6 +170044,7 @@ CVE-2024-3847 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-38472 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-38473 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-38481 - https://github.com/chnzzh/iDRAC-CVE-lib +CVE-2024-38483 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-38489 - https://github.com/chnzzh/iDRAC-CVE-lib CVE-2024-38490 - https://github.com/chnzzh/iDRAC-CVE-lib CVE-2024-38501 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -170013,6 +170059,8 @@ CVE-2024-3857 - https://github.com/googleprojectzero/fuzzilli CVE-2024-3857 - https://github.com/zhangjiahui-buaa/MasterThesis CVE-2024-3858 - https://github.com/googleprojectzero/fuzzilli CVE-2024-3858 - https://github.com/zhangjiahui-buaa/MasterThesis +CVE-2024-38652 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-38653 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3867 - https://github.com/c4cnm/CVE-2024-3867 CVE-2024-3867 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-3868 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -170096,7 +170144,31 @@ CVE-2024-3931 - https://github.com/storbeck/vulnrichment-cli CVE-2024-3932 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-39345 - https://github.com/actuator/cve CVE-2024-3936 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-39397 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-39398 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-39399 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-39400 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-39401 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-39402 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-39403 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-39404 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-39405 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-39406 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-39407 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-39408 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-39409 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-39410 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-39411 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-39412 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-39413 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-39414 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-39415 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-39416 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-39417 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-39418 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-39419 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3942 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-39472 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3951 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3957 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3958 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -170150,7 +170222,10 @@ CVE-2024-39694 - https://github.com/IdentityServer/IdentityServer4 CVE-2024-3970 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-39700 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-3973 - https://github.com/20142995/nuclei-templates +CVE-2024-39778 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3979 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-39792 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-39809 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-39844 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-3985 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-39863 - https://github.com/ch4n3-yoon/ch4n3-yoon @@ -170428,6 +170503,7 @@ CVE-2024-4092 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4096 - https://github.com/20142995/nuclei-templates CVE-2024-4097 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-41003 - https://github.com/google/buzzer +CVE-2024-41042 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-41107 - https://github.com/ibaiw/2024Hvv CVE-2024-41107 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-41107 - https://github.com/tanjiti/sec_profile @@ -170447,6 +170523,7 @@ CVE-2024-4114 - https://github.com/LaPhilosophie/IoT-vulnerable CVE-2024-4114 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4115 - https://github.com/LaPhilosophie/IoT-vulnerable CVE-2024-4116 - https://github.com/LaPhilosophie/IoT-vulnerable +CVE-2024-41164 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4117 - https://github.com/LaPhilosophie/IoT-vulnerable CVE-2024-4118 - https://github.com/LaPhilosophie/IoT-vulnerable CVE-2024-4119 - https://github.com/LaPhilosophie/IoT-vulnerable @@ -170510,14 +170587,38 @@ CVE-2024-41707 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-41709 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4171 - https://github.com/LaPhilosophie/IoT-vulnerable CVE-2024-4171 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-41719 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4172 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-41723 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-41727 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-41774 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-41806 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-41816 - https://github.com/20142995/nuclei-templates CVE-2024-41819 - https://github.com/alessio-romano/Sfoffo-Pentesting-Notes CVE-2024-41819 - https://github.com/alessio-romano/alessio-romano CVE-2024-41827 - https://github.com/tanjiti/sec_profile +CVE-2024-41830 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-41831 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-41832 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-41833 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-41834 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-41835 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-41840 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-41850 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-41851 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-41852 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-41853 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-41854 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-41856 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-41858 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4186 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-41860 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-41861 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-41862 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-41863 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-41864 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-41865 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-41866 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-41910 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-41911 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-41913 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -170569,6 +170670,7 @@ CVE-2024-42245 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-42246 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-42247 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-42258 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-42259 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4226 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4231 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-4232 - https://github.com/nomi-sec/PoC-in-GitHub @@ -170618,6 +170720,7 @@ CVE-2024-4257 - https://github.com/wjlin0/poc-doc CVE-2024-4257 - https://github.com/wy876/POC CVE-2024-4257 - https://github.com/wy876/wiki CVE-2024-4265 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-42739 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4286 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4295 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-4295 - https://github.com/truonghuuphuc/CVE-2024-4295-Poc @@ -170712,6 +170815,7 @@ CVE-2024-4370 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4373 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4374 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-43770 - https://github.com/netlas-io/netlas-dorks +CVE-2024-4389 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4392 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4393 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4405 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -171072,6 +171176,7 @@ CVE-2024-5287 - https://github.com/20142995/nuclei-templates CVE-2024-5288 - https://github.com/wolfSSL/Arduino-wolfSSL CVE-2024-5288 - https://github.com/wolfSSL/wolfssl CVE-2024-5290 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-5313 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5326 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-5326 - https://github.com/truonghuuphuc/CVE-2024-5326-Poc CVE-2024-5344 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -171166,6 +171271,9 @@ CVE-2024-5814 - https://github.com/wolfSSL/wolfssl CVE-2024-5818 - https://github.com/20142995/nuclei-templates CVE-2024-5849 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5861 - https://github.com/20142995/nuclei-templates +CVE-2024-5893 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-5894 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-5895 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5947 - https://github.com/komodoooo/Some-things CVE-2024-5947 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-5961 - https://github.com/nomi-sec/PoC-in-GitHub @@ -171182,6 +171290,10 @@ CVE-2024-6070 - https://github.com/20142995/nuclei-templates CVE-2024-6095 - https://github.com/sev-hack/sev-hack CVE-2024-6100 - https://github.com/leesh3288/leesh3288 CVE-2024-6120 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-6123 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-6133 - https://github.com/20142995/nuclei-templates +CVE-2024-6134 - https://github.com/20142995/nuclei-templates +CVE-2024-6136 - https://github.com/20142995/nuclei-templates CVE-2024-6138 - https://github.com/20142995/nuclei-templates CVE-2024-6147 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-6153 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -171271,6 +171383,7 @@ CVE-2024-6522 - https://github.com/20142995/nuclei-templates CVE-2024-6522 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-65230 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-6529 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2024-6532 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-6536 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-6552 - https://github.com/20142995/nuclei-templates CVE-2024-6553 - https://github.com/20142995/nuclei-templates @@ -171319,6 +171432,7 @@ CVE-2024-6782 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-6782 - https://github.com/wy876/POC CVE-2024-6802 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-6807 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-6823 - https://github.com/20142995/nuclei-templates CVE-2024-6823 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-6824 - https://github.com/20142995/nuclei-templates CVE-2024-6836 - https://github.com/20142995/nuclei-templates @@ -171359,7 +171473,9 @@ CVE-2024-7081 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-7082 - https://github.com/20142995/nuclei-templates CVE-2024-7084 - https://github.com/20142995/nuclei-templates CVE-2024-7091 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-7092 - https://github.com/20142995/nuclei-templates CVE-2024-7092 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-7094 - https://github.com/20142995/nuclei-templates CVE-2024-7094 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-7120 - https://github.com/Ostorlab/KEV CVE-2024-7120 - https://github.com/komodoooo/Some-things @@ -171384,6 +171500,7 @@ CVE-2024-7214 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-7215 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-7216 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-7246 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-7247 - https://github.com/20142995/nuclei-templates CVE-2024-7247 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-7265 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-7266 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -171396,9 +171513,11 @@ CVE-2024-7335 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-7336 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-7337 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-7338 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-7339 - https://github.com/20142995/nuclei-templates CVE-2024-7339 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-7339 - https://github.com/tanjiti/sec_profile CVE-2024-7340 - https://github.com/20142995/nuclei-templates +CVE-2024-7347 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-7348 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-7350 - https://github.com/20142995/nuclei-templates CVE-2024-7353 - https://github.com/20142995/nuclei-templates @@ -171416,6 +171535,7 @@ CVE-2024-7365 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-7366 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-7382 - https://github.com/20142995/nuclei-templates CVE-2024-7383 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-7388 - https://github.com/20142995/nuclei-templates CVE-2024-7388 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-7395 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-7396 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -171493,6 +171613,7 @@ CVE-2024-7580 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-7581 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-7584 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-7585 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-7588 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-7589 - https://github.com/tanjiti/sec_profile CVE-2024-7590 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-7610 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -171506,6 +171627,11 @@ CVE-2024-7706 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-7707 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-7709 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-7715 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-7728 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-7729 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-7731 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-7732 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-7790 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-87654 - https://github.com/runwuf/clickhouse-test CVE-2024-98765 - https://github.com/runwuf/clickhouse-test CVE-2024-99999 - https://github.com/kolewttd/wtt diff --git a/references.txt b/references.txt index cc1e79a064..32a433cc96 100644 --- a/references.txt +++ b/references.txt @@ -3444,6 +3444,7 @@ CVE-2006-1554 - http://evuln.com/vulns/106/description.html CVE-2006-1555 - http://evuln.com/vulns/106/description.html CVE-2006-1560 - http://securityreason.com/securityalert/680 CVE-2006-1568 - http://evuln.com/vulns/115/summary.html +CVE-2006-1568 - http://securityreason.com/securityalert/708 CVE-2006-1569 - http://evuln.com/vulns/115/summary.html CVE-2006-1571 - http://evuln.com/vulns/114/summary.html CVE-2006-1571 - http://securityreason.com/securityalert/701 @@ -99538,10 +99539,13 @@ CVE-2024-41465 - https://github.com/iotresearch/iot-vuln/tree/main/Tenda/FH1201/ CVE-2024-41466 - https://github.com/iotresearch/iot-vuln/blob/main/Tenda/FH1201/NatStaticSetting/README.md CVE-2024-41468 - https://github.com/iotresearch/iot-vuln/blob/main/Tenda/FH1201/exeCommand/README.md CVE-2024-41473 - https://github.com/iotresearch/iot-vuln/tree/main/Tenda/FH1201/WriteFacMac +CVE-2024-41475 - https://gist.github.com/AkiaCode/7c878b1699931314246d6589d86b1e89 CVE-2024-4149 - https://wpscan.com/vulnerability/0256ec2a-f1a9-4110-9978-ee88f9e24237/ CVE-2024-41492 - https://gist.github.com/Swind1er/4176fdc25e415296904c9fb19e2f8293 CVE-2024-41570 - https://blog.chebuya.com/posts/server-side-request-forgery-on-havoc-c2/ CVE-2024-41597 - https://gist.github.com/DefensiumDevelopers/608be4d10b016dce0566925368a8b08c#file-cve-2024-41597-md +CVE-2024-41613 - https://github.com/OoLs5/VulDiscovery/blob/main/symphony_xss_vul.pdf +CVE-2024-41614 - https://github.com/OoLs5/VulDiscovery/blob/main/Symphony_CMS_XSS.pdf CVE-2024-41637 - https://blog.0xzon.dev/2024-07-27-CVE-2024-41637/ CVE-2024-4164 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/G3/G3V15/formModifyPppAuthWhiteMac.md CVE-2024-4165 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/G3/G3V15/modifyDhcpRule.md @@ -99601,18 +99605,53 @@ CVE-2024-4244 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W9 CVE-2024-4245 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/i/i21/formQosManageDouble_auto.md CVE-2024-4246 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/i/i21/formQosManageDouble_user.md CVE-2024-4247 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/i/i21/formQosManage_auto.md +CVE-2024-42477 - https://github.com/ggerganov/llama.cpp/commit/b72942fac998672a79a1ae3c03b340f7e629980b +CVE-2024-42477 - https://github.com/ggerganov/llama.cpp/security/advisories/GHSA-mqp6-7pv6-fqjf +CVE-2024-42478 - https://github.com/ggerganov/llama.cpp/commit/b72942fac998672a79a1ae3c03b340f7e629980b +CVE-2024-42478 - https://github.com/ggerganov/llama.cpp/security/advisories/GHSA-5vm9-p64x-gqw9 +CVE-2024-42479 - https://github.com/ggerganov/llama.cpp/commit/b72942fac998672a79a1ae3c03b340f7e629980b +CVE-2024-42479 - https://github.com/ggerganov/llama.cpp/security/advisories/GHSA-wcr5-566p-9cwj CVE-2024-4248 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/i/i21/formQosManage_user.md +CVE-2024-42480 - https://github.com/clastix/kamaji/security/advisories/GHSA-6r4j-4rjc-8vw5 +CVE-2024-42489 - https://github.com/xwikisas/xwiki-pro-macros/security/advisories/GHSA-cfq3-q227-7j65 CVE-2024-4249 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/i/i21/formwrlSSIDget.md CVE-2024-4250 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/i/i21/formwrlSSIDset.md CVE-2024-4251 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/i/i21/fromDhcpSetSer.md CVE-2024-4252 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/i/i22/formSetUrlFilterRule.md +CVE-2024-42520 - https://github.com/c10uds/totolink_A3002R_stackoverflow +CVE-2024-42543 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/A3700R/loginauth.md +CVE-2024-42545 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/A3700R/setWizardCfg.md +CVE-2024-42546 - https://github.com/noahze01/IoT-vulnerable/blob/main/TOTOLink/A3100R/loginauth_password.md +CVE-2024-42547 - https://github.com/noahze01/IoT-vulnerable/blob/main/TOTOLink/A3100R/loginauth.md CVE-2024-4257 - https://github.com/GAO-UNO/cve/blob/main/sql.md CVE-2024-4260 - https://wpscan.com/vulnerability/69f33e20-8ff4-491c-8f37-a4eadd4ea8cf/ +CVE-2024-42623 - https://github.com/Kirtoc/cms/tree/main/8/readme.md +CVE-2024-42624 - https://github.com/Kirtoc/cms/tree/main/3/readme.md +CVE-2024-42625 - https://github.com/Kirtoc/cms/tree/main/9/readme.md +CVE-2024-42626 - https://github.com/Kirtoc/cms/tree/main/4/readme.md +CVE-2024-42627 - https://github.com/Kirtoc/cms/tree/main/6/readme.md +CVE-2024-42628 - https://github.com/Kirtoc/cms/tree/main/5/readme.md +CVE-2024-42629 - https://github.com/Kirtoc/cms/tree/main/2/readme.md +CVE-2024-42630 - https://github.com/Kirtoc/cms/tree/main/10/readme.md +CVE-2024-42631 - https://github.com/Kirtoc/cms/tree/main/7/readme.md +CVE-2024-42632 - https://github.com/Kirtoc/cms/tree/main/1/readme.md CVE-2024-4268 - https://www.dropbox.com/scl/fi/zh7t1qsvxkxk2dfhwd7nn/Ultimate-Blocks-Stored-XSS_POC_4.20.24.mov?rlkey=ws16dcu7f6mjd3h9emsqev7jm&e=2&st=fdr7q9h7&dl=0 CVE-2024-4269 - https://wpscan.com/vulnerability/8aae7aa1-6170-45d8-903f-8520913276da/ CVE-2024-4270 - https://wpscan.com/vulnerability/7a3b89cc-7a81-448a-94fc-36a7033609d5/ CVE-2024-4271 - https://wpscan.com/vulnerability/c1fe0bc7-a340-428e-a549-1e37291bea1c/ CVE-2024-4272 - https://wpscan.com/vulnerability/ed1b1540-a0e2-434e-8769-9532c3ed5e31/ +CVE-2024-42736 - https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/addBlacklist/addBlacklist.md +CVE-2024-42737 - https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/delBlacklist/delBlacklist.md +CVE-2024-42738 - https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/setDmzCfg/setDmzCfg.md +CVE-2024-42739 - https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/setAccessDeviceCfg/setAccessDeviceCfg.md +CVE-2024-42740 - https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/setLedCfg/setLedCfg.md +CVE-2024-42741 - https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/setL2tpServerCfg/setL2tpServerCfg.md +CVE-2024-42742 - https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/setUrlFilterRules/setUrlFilterRules.md +CVE-2024-42743 - https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/setSyslogCfg/setSyslogCfg.md +CVE-2024-42744 - https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/setModifyVpnUser/setModifyVpnUser.md +CVE-2024-42745 - https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/setUPnPCfg/setUPnPCfg.md +CVE-2024-42747 - https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/setWanIeCfg/setWanIeCfg.md +CVE-2024-42748 - https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/setWiFiWpsCfg/setWiFiWpsCfg.md CVE-2024-4289 - https://wpscan.com/vulnerability/072785de-0ce5-42a4-a3fd-4eb1d1a2f1be/ CVE-2024-4290 - https://wpscan.com/vulnerability/a9a10d0f-d8f2-4f3e-92bf-94fc08416d87/ CVE-2024-4291 - https://github.com/L1ziang/Vulnerability/blob/main/formAddMacfilterRule.md