From bc4580b7799602bfe4618c8fe9ddff9c2dfdfc86 Mon Sep 17 00:00:00 2001 From: 0xMarcio Date: Fri, 7 Jun 2024 04:52:01 +0000 Subject: [PATCH] Update CVE sources 2024-06-07 04:52 --- 2000/CVE-2000-0114.md | 1 + 2006/CVE-2006-4469.md | 1 + 2007/CVE-2007-5464.md | 1 + 2007/CVE-2007-5686.md | 1 + 2008/CVE-2008-0166.md | 3 + 2008/CVE-2008-0176.md | 17 + 2008/CVE-2008-0590.md | 1 + 2008/CVE-2008-4250.md | 1 + 2009/CVE-2009-2629.md | 1 + 2009/CVE-2009-3555.md | 1 + 2010/CVE-2010-3124.md | 1 + 2010/CVE-2010-4597.md | 2 +- 2011/CVE-2011-1562.md | 17 + 2011/CVE-2011-1563.md | 2 +- 2011/CVE-2011-3374.md | 1 + 2012/CVE-2012-1823.md | 1 + 2012/CVE-2012-2611.md | 1 + 2013/CVE-2013-0007.md | 1 + 2013/CVE-2013-1445.md | 1 + 2013/CVE-2013-2566.md | 1 + 2013/CVE-2013-3900.md | 1 + 2013/CVE-2013-4378.md | 1 + 2014/CVE-2014-0160.md | 2 + 2014/CVE-2014-2024.md | 2 +- 2014/CVE-2014-3566.md | 1 + 2014/CVE-2014-4060.md | 1 + 2014/CVE-2014-4210.md | 1 + 2014/CVE-2014-4880.md | 2 +- 2014/CVE-2014-6271.md | 2 + 2014/CVE-2014-6277.md | 1 + 2014/CVE-2014-7169.md | 1 + 2015/CVE-2015-2515.md | 1 + 2015/CVE-2015-2712.md | 2 +- 2015/CVE-2015-2743.md | 2 +- 2015/CVE-2015-3276.md | 1 + 2015/CVE-2015-3306.md | 1 + 2015/CVE-2015-4852.md | 1 + 2016/CVE-2016-0143.md | 1 + 2016/CVE-2016-0171.md | 1 + 2016/CVE-2016-0638.md | 1 + 2016/CVE-2016-10033.md | 1 + 2016/CVE-2016-10045.md | 1 + 2016/CVE-2016-1409.md | 17 + 2016/CVE-2016-2107.md | 1 + 2016/CVE-2016-3088.md | 2 + 2016/CVE-2016-3510.md | 1 + 2016/CVE-2016-5423.md | 17 + 2016/CVE-2016-6380.md | 17 + 2017/CVE-2017-0143.md | 3 + 2017/CVE-2017-0144.md | 3 + 2017/CVE-2017-0145.md | 2 + 2017/CVE-2017-0146.md | 2 + 2017/CVE-2017-0147.md | 1 + 2017/CVE-2017-0148.md | 2 + 2017/CVE-2017-0785.md | 1 + 2017/CVE-2017-1000250.md | 1 + 2017/CVE-2017-1000251.md | 2 + 2017/CVE-2017-10125.md | 2 +- 2017/CVE-2017-10271.md | 1 + 2017/CVE-2017-11283.md | 1 + 2017/CVE-2017-12087.md | 17 + 2017/CVE-2017-12130.md | 2 +- 2017/CVE-2017-12149.md | 1 + 2017/CVE-2017-12615.md | 3 + 2017/CVE-2017-12629.md | 1 + 2017/CVE-2017-13716.md | 1 + 2017/CVE-2017-14159.md | 1 + 2017/CVE-2017-16905.md | 1 + 2017/CVE-2017-17740.md | 1 + 2017/CVE-2017-18018.md | 1 + 2017/CVE-2017-18861.md | 17 + 2017/CVE-2017-2624.md | 2 +- 2017/CVE-2017-2625.md | 2 +- 2017/CVE-2017-2626.md | 1 + 2017/CVE-2017-3248.md | 1 + 2017/CVE-2017-3506.md | 1 + 2017/CVE-2017-5223.md | 1 + 2017/CVE-2017-5244.md | 1 + 2017/CVE-2017-6770.md | 17 + 2017/CVE-2017-7243.md | 1 + 2017/CVE-2017-7269.md | 1 + 2017/CVE-2017-8360.md | 1 + 2017/CVE-2017-8514.md | 1 + 2017/CVE-2017-8759.md | 1 + 2017/CVE-2017-9805.md | 1 + 2018/CVE-2018-0893.md | 1 + 2018/CVE-2018-1000021.md | 1 + 2018/CVE-2018-1000861.md | 1 + 2018/CVE-2018-1058.md | 1 + 2018/CVE-2018-1260.md | 1 + 2018/CVE-2018-1261.md | 1 + 2018/CVE-2018-12679.md | 17 + 2018/CVE-2018-16845.md | 1 + 2018/CVE-2018-18264.md | 1 + 2018/CVE-2018-18428.md | 2 +- 2018/CVE-2018-18483.md | 1 + 2018/CVE-2018-19067.md | 2 +- 2018/CVE-2018-19077.md | 2 +- 2018/CVE-2018-19417.md | 17 + 2018/CVE-2018-19518.md | 1 + 2018/CVE-2018-19860.md | 17 + 2018/CVE-2018-20225.md | 1 + 2018/CVE-2018-20250.md | 1 + 2018/CVE-2018-20673.md | 1 + 2018/CVE-2018-20712.md | 1 + 2018/CVE-2018-2628.md | 1 + 2018/CVE-2018-2893.md | 1 + 2018/CVE-2018-2894.md | 3 + 2018/CVE-2018-5144.md | 1 + 2018/CVE-2018-5178.md | 1 + 2018/CVE-2018-5383.md | 1 + 2018/CVE-2018-6376.md | 1 + 2018/CVE-2018-6389.md | 2 + 2018/CVE-2018-6829.md | 1 + 2018/CVE-2018-6981.md | 1 + 2018/CVE-2018-7600.md | 2 + 2018/CVE-2018-8120.md | 1 + 2018/CVE-2018-9996.md | 1 + 2019/CVE-2019-0570.md | 1 + 2019/CVE-2019-0583.md | 27 + 2019/CVE-2019-0604.md | 1 + 2019/CVE-2019-0708.md | 3 + 2019/CVE-2019-0717.md | 10 +- 2019/CVE-2019-0803.md | 1 + 2019/CVE-2019-0863.md | 1 + 2019/CVE-2019-10028.md | 1 + 2019/CVE-2019-1003000.md | 1 + 2019/CVE-2019-1003005.md | 1 + 2019/CVE-2019-1003029.md | 1 + 2019/CVE-2019-10173.md | 1 + 2019/CVE-2019-10758.md | 1 + 2019/CVE-2019-11043.md | 2 + 2019/CVE-2019-11247.md | 1 + 2019/CVE-2019-11249.md | 1 + 2019/CVE-2019-1125.md | 35 +- 2019/CVE-2019-11358.md | 5 + 2019/CVE-2019-1144.md | 35 +- 2019/CVE-2019-1145.md | 35 +- 2019/CVE-2019-1148.md | 38 +- 2019/CVE-2019-1149.md | 38 +- 2019/CVE-2019-1150.md | 35 +- 2019/CVE-2019-1151.md | 38 +- 2019/CVE-2019-11510.md | 1 + 2019/CVE-2019-1152.md | 35 +- 2019/CVE-2019-1153.md | 38 +- 2019/CVE-2019-1158.md | 35 +- 2019/CVE-2019-1159.md | 35 +- 2019/CVE-2019-1161.md | 36 +- 2019/CVE-2019-1170.md | 11 +- 2019/CVE-2019-11708.md | 1 + 2019/CVE-2019-1172.md | 22 +- 2019/CVE-2019-1181.md | 30 +- 2019/CVE-2019-1182.md | 30 +- 2019/CVE-2019-1184.md | 11 +- 2019/CVE-2019-1205.md | 12 +- 2019/CVE-2019-1211.md | 11 +- 2019/CVE-2019-1218.md | 4 +- 2019/CVE-2019-1222.md | 11 +- 2019/CVE-2019-1226.md | 13 +- 2019/CVE-2019-12409.md | 1 + 2019/CVE-2019-1253.md | 1 + 2019/CVE-2019-12727.md | 2 +- 2019/CVE-2019-13051.md | 1 + 2019/CVE-2019-1322.md | 1 + 2019/CVE-2019-13272.md | 1 + 2019/CVE-2019-1388.md | 1 + 2019/CVE-2019-1405.md | 1 + 2019/CVE-2019-14323.md | 17 + 2019/CVE-2019-14431.md | 17 + 2019/CVE-2019-1458.md | 2 + 2019/CVE-2019-15107.md | 1 + 2019/CVE-2019-15642.md | 1 + 2019/CVE-2019-16131.md | 1 + 2019/CVE-2019-16132.md | 1 + 2019/CVE-2019-16278.md | 1 + 2019/CVE-2019-16279.md | 1 + 2019/CVE-2019-16309.md | 1 + 2019/CVE-2019-16313.md | 1 + 2019/CVE-2019-16314.md | 1 + 2019/CVE-2019-16336.md | 1 + 2019/CVE-2019-16346.md | 1 + 2019/CVE-2019-16347.md | 1 + 2019/CVE-2019-16759.md | 1 + 2019/CVE-2019-16920.md | 1 + 2019/CVE-2019-17003.md | 1 + 2019/CVE-2019-17060.md | 1 + 2019/CVE-2019-17061.md | 1 + 2019/CVE-2019-17424.md | 1 + 2019/CVE-2019-17506.md | 1 + 2019/CVE-2019-17556.md | 1 + 2019/CVE-2019-17558.md | 1 + 2019/CVE-2019-17564.md | 1 + 2019/CVE-2019-17621.md | 1 + 2019/CVE-2019-17662.md | 1 + 2019/CVE-2019-18370.md | 1 + 2019/CVE-2019-18371.md | 1 + 2019/CVE-2019-18634.md | 1 + 2019/CVE-2019-18939.md | 1 + 2019/CVE-2019-19011.md | 2 +- 2019/CVE-2019-19192.md | 1 + 2019/CVE-2019-19634.md | 1 + 2019/CVE-2019-19781.md | 1 + 2019/CVE-2019-19844.md | 1 + 2019/CVE-2019-19882.md | 1 + 2019/CVE-2019-20215.md | 1 + 2019/CVE-2019-2107.md | 1 + 2019/CVE-2019-2725.md | 4 + 2019/CVE-2019-2729.md | 1 + 2019/CVE-2019-2890.md | 1 + 2019/CVE-2019-7580.md | 1 + 2019/CVE-2019-7609.md | 1 + 2019/CVE-2019-8286.md | 2 +- 2019/CVE-2019-8341.md | 1 + 2019/CVE-2019-9004.md | 1 + 2019/CVE-2019-9506.md | 1 + 2019/CVE-2019-9621.md | 1 + 2019/CVE-2019-9747.md | 17 + 2019/CVE-2019-9749.md | 17 + 2019/CVE-2019-9750.md | 17 + 2019/CVE-2019-9928.md | 17 + 2020/CVE-2020-0554.md | 1 + 2020/CVE-2020-0601.md | 1 + 2020/CVE-2020-0609.md | 1 + 2020/CVE-2020-0610.md | 1 + 2020/CVE-2020-0618.md | 1 + 2020/CVE-2020-0668.md | 1 + 2020/CVE-2020-0674.md | 1 + 2020/CVE-2020-0683.md | 1 + 2020/CVE-2020-0688.md | 1 + 2020/CVE-2020-0728.md | 1 + 2020/CVE-2020-0767.md | 1 + 2020/CVE-2020-0787.md | 1 + 2020/CVE-2020-0796.md | 2 + 2020/CVE-2020-10134.md | 1 + 2020/CVE-2020-10135.md | 1 + 2020/CVE-2020-10189.md | 1 + 2020/CVE-2020-10199.md | 1 + 2020/CVE-2020-10204.md | 1 + 2020/CVE-2020-10238.md | 1 + 2020/CVE-2020-10239.md | 1 + 2020/CVE-2020-1048.md | 1 + 2020/CVE-2020-1054.md | 2 + 2020/CVE-2020-1066.md | 1 + 2020/CVE-2020-10673.md | 1 + 2020/CVE-2020-10713.md | 1 + 2020/CVE-2020-10749.md | 1 + 2020/CVE-2020-1088.md | 1 + 2020/CVE-2020-11154.md | 1 + 2020/CVE-2020-11155.md | 1 + 2020/CVE-2020-11156.md | 1 + 2020/CVE-2020-11651.md | 2 + 2020/CVE-2020-11652.md | 2 + 2020/CVE-2020-11890.md | 1 + 2020/CVE-2020-11996.md | 1 + 2020/CVE-2020-12351.md | 1 + 2020/CVE-2020-12352.md | 1 + 2020/CVE-2020-12695.md | 1 + 2020/CVE-2020-12753.md | 1 + 2020/CVE-2020-1281.md | 1 + 2020/CVE-2020-1313.md | 1 + 2020/CVE-2020-1337.md | 1 + 2020/CVE-2020-1350.md | 1 + 2020/CVE-2020-1362.md | 1 + 2020/CVE-2020-14181.md | 1 + 2020/CVE-2020-14644.md | 1 + 2020/CVE-2020-14645.md | 1 + 2020/CVE-2020-1472.md | 2 + 2020/CVE-2020-14882.md | 2 + 2020/CVE-2020-15257.md | 1 + 2020/CVE-2020-15531.md | 2 +- 2020/CVE-2020-15719.md | 1 + 2020/CVE-2020-15778.md | 1 + 2020/CVE-2020-15802.md | 1 + 2020/CVE-2020-16040.md | 1 + 2020/CVE-2020-1938.md | 1 + 2020/CVE-2020-1947.md | 1 + 2020/CVE-2020-1948.md | 1 + 2020/CVE-2020-24490.md | 1 + 2020/CVE-2020-25078.md | 1 + 2020/CVE-2020-2546.md | 1 + 2020/CVE-2020-2551.md | 1 + 2020/CVE-2020-2555.md | 1 + 2020/CVE-2020-26555.md | 1 + 2020/CVE-2020-26556.md | 1 + 2020/CVE-2020-26557.md | 1 + 2020/CVE-2020-26558.md | 1 + 2020/CVE-2020-26559.md | 1 + 2020/CVE-2020-26560.md | 1 + 2020/CVE-2020-2696.md | 1 + 2020/CVE-2020-2798.md | 1 + 2020/CVE-2020-2801.md | 1 + 2020/CVE-2020-2883.md | 1 + 2020/CVE-2020-2884.md | 1 + 2020/CVE-2020-2915.md | 1 + 2020/CVE-2020-2950.md | 1 + 2020/CVE-2020-3452.md | 1 + 2020/CVE-2020-3543.md | 17 + 2020/CVE-2020-35473.md | 1 + 2020/CVE-2020-36325.md | 17 + 2020/CVE-2020-3703.md | 1 + 2020/CVE-2020-5245.md | 4 +- 2020/CVE-2020-5260.md | 1 + 2020/CVE-2020-5398.md | 1 + 2020/CVE-2020-5410.md | 1 + 2020/CVE-2020-5504.md | 1 + 2020/CVE-2020-5509.md | 1 + 2020/CVE-2020-5551.md | 17 + 2020/CVE-2020-5902.md | 2 + 2020/CVE-2020-6286.md | 1 + 2020/CVE-2020-6287.md | 1 + 2020/CVE-2020-7246.md | 1 + 2020/CVE-2020-7471.md | 1 + 2020/CVE-2020-8163.md | 1 + 2020/CVE-2020-8193.md | 1 + 2020/CVE-2020-8558.md | 1 + 2020/CVE-2020-8559.md | 1 + 2020/CVE-2020-8597.md | 1 + 2020/CVE-2020-8634.md | 1 + 2020/CVE-2020-8635.md | 1 + 2020/CVE-2020-8794.md | 1 + 2020/CVE-2020-8813.md | 1 + 2020/CVE-2020-8840.md | 1 + 2020/CVE-2020-9374.md | 1 + 2020/CVE-2020-9376.md | 1 + 2020/CVE-2020-9377.md | 1 + 2020/CVE-2020-9402.md | 1 + 2020/CVE-2020-9484.md | 1 + 2020/CVE-2020-9496.md | 1 + 2020/CVE-2020-9547.md | 1 + 2020/CVE-2020-9548.md | 1 + 2021/CVE-2021-1675.md | 1 + 2021/CVE-2021-20090.md | 1 + 2021/CVE-2021-21315.md | 1 + 2021/CVE-2021-21972.md | 1 + 2021/CVE-2021-22005.md | 1 + 2021/CVE-2021-22205.md | 1 + 2021/CVE-2021-22986.md | 2 + 2021/CVE-2021-25735.md | 1 + 2021/CVE-2021-25737.md | 1 + 2021/CVE-2021-25740.md | 1 + 2021/CVE-2021-25741.md | 1 + 2021/CVE-2021-26084.md | 1 + 2021/CVE-2021-26295.md | 1 + 2021/CVE-2021-28139.md | 1 + 2021/CVE-2021-28310.md | 1 + 2021/CVE-2021-29441.md | 1 + 2021/CVE-2021-30461.md | 1 + 2021/CVE-2021-30465.md | 1 + 2021/CVE-2021-32256.md | 2 +- 2021/CVE-2021-35068.md | 1 + 2021/CVE-2021-3520.md | 1 + 2021/CVE-2021-37580.md | 1 + 2021/CVE-2021-3899.md | 24 + 2021/CVE-2021-3942.md | 17 + 2021/CVE-2021-4034.md | 1 + 2021/CVE-2021-40655.md | 2 +- 2021/CVE-2021-41773.md | 1 + 2021/CVE-2021-42013.md | 1 + 2021/CVE-2021-42306.md | 3 +- 2021/CVE-2021-43798.md | 1 + 2021/CVE-2021-43890.md | 2 +- 2021/CVE-2021-44228.md | 3 + 2021/CVE-2021-45232.md | 1 + 2021/CVE-2021-45346.md | 1 + 2021/CVE-2021-46905.md | 2 +- 2022/CVE-2022-0563.md | 1 + 2022/CVE-2022-0847.md | 1 + 2022/CVE-2022-1388.md | 1 + 2022/CVE-2022-1970.md | 8 +- 2022/CVE-2022-22075.md | 17 + 2022/CVE-2022-22088.md | 17 + 2022/CVE-2022-22916.md | 1 + 2022/CVE-2022-22947.md | 1 + 2022/CVE-2022-22954.md | 1 + 2022/CVE-2022-22963.md | 1 + 2022/CVE-2022-22965.md | 1 + 2022/CVE-2022-2297.md | 1 + 2022/CVE-2022-23131.md | 1 + 2022/CVE-2022-23221.md | 1 + 2022/CVE-2022-24695.md | 17 + 2022/CVE-2022-24975.md | 1 + 2022/CVE-2022-25836.md | 1 + 2022/CVE-2022-25837.md | 1 + 2022/CVE-2022-26134.md | 4 + 2022/CVE-2022-2699.md | 17 + 2022/CVE-2022-27225.md | 1 + 2022/CVE-2022-2724.md | 1 + 2022/CVE-2022-27255.md | 1 + 2022/CVE-2022-27925.md | 1 + 2022/CVE-2022-27943.md | 1 + 2022/CVE-2022-27948.md | 17 + 2022/CVE-2022-2843.md | 2 +- 2022/CVE-2022-29098.md | 17 + 2022/CVE-2022-29266.md | 1 + 2022/CVE-2022-29303.md | 1 + 2022/CVE-2022-29464.md | 1 + 2022/CVE-2022-30190.md | 2 +- 2022/CVE-2022-30221.md | 2 + 2022/CVE-2022-30525.md | 1 + 2022/CVE-2022-30858.md | 1 + 2022/CVE-2022-31793.md | 1 + 2022/CVE-2022-3205.md | 2 +- 2022/CVE-2022-3219.md | 1 + 2022/CVE-2022-33255.md | 17 + 2022/CVE-2022-33280.md | 17 + 2022/CVE-2022-37968.md | 2 +- 2022/CVE-2022-40503.md | 17 + 2022/CVE-2022-40537.md | 17 + 2022/CVE-2022-41120.md | 1 + 2022/CVE-2022-41678.md | 4 +- 2022/CVE-2022-43216.md | 17 + 2022/CVE-2022-44704.md | 1 + 2022/CVE-2022-45171.md | 17 + 2022/CVE-2022-46463.md | 2 + 2022/CVE-2022-48303.md | 1 + 2022/CVE-2022-48681.md | 17 + 2023/CVE-2023-1389.md | 1 + 2023/CVE-2023-1972.md | 1 + 2023/CVE-2023-21529.md | 2 +- 2023/CVE-2023-21536.md | 2 +- 2023/CVE-2023-21537.md | 4 +- 2023/CVE-2023-21538.md | 2 +- 2023/CVE-2023-21543.md | 4 +- 2023/CVE-2023-21554.md | 6 +- 2023/CVE-2023-21563.md | 2 + 2023/CVE-2023-21567.md | 2 +- 2023/CVE-2023-21647.md | 17 + 2023/CVE-2023-21674.md | 2 +- 2023/CVE-2023-21675.md | 4 +- 2023/CVE-2023-21707.md | 2 +- 2023/CVE-2023-21716.md | 2 +- 2023/CVE-2023-21721.md | 2 +- 2023/CVE-2023-21722.md | 2 +- 2023/CVE-2023-21734.md | 2 +- 2023/CVE-2023-21739.md | 2 +- 2023/CVE-2023-21742.md | 2 +- 2023/CVE-2023-21744.md | 2 +- 2023/CVE-2023-21746.md | 2 + 2023/CVE-2023-21747.md | 4 +- 2023/CVE-2023-21748.md | 2 + 2023/CVE-2023-21749.md | 4 +- 2023/CVE-2023-21750.md | 4 +- 2023/CVE-2023-21752.md | 2 +- 2023/CVE-2023-21753.md | 2 +- 2023/CVE-2023-21755.md | 2 +- 2023/CVE-2023-21766.md | 2 +- 2023/CVE-2023-21768.md | 2 +- 2023/CVE-2023-21772.md | 4 +- 2023/CVE-2023-21773.md | 4 +- 2023/CVE-2023-21774.md | 4 +- 2023/CVE-2023-21776.md | 4 +- 2023/CVE-2023-21779.md | 2 +- 2023/CVE-2023-21808.md | 4 +- 2023/CVE-2023-21812.md | 4 +- 2023/CVE-2023-21817.md | 4 +- 2023/CVE-2023-21822.md | 4 +- 2023/CVE-2023-21823.md | 4 +- 2023/CVE-2023-22527.md | 1 + 2023/CVE-2023-22726.md | 2 +- 2023/CVE-2023-23349.md | 1 + 2023/CVE-2023-23376.md | 4 +- 2023/CVE-2023-23391.md | 2 +- 2023/CVE-2023-23392.md | 2 +- 2023/CVE-2023-23396.md | 2 +- 2023/CVE-2023-23397.md | 2 +- 2023/CVE-2023-23399.md | 2 +- 2023/CVE-2023-23408.md | 2 +- 2023/CVE-2023-23410.md | 4 +- 2023/CVE-2023-23415.md | 4 +- 2023/CVE-2023-23416.md | 2 +- 2023/CVE-2023-23420.md | 4 +- 2023/CVE-2023-23421.md | 4 +- 2023/CVE-2023-23422.md | 2 + 2023/CVE-2023-23423.md | 2 + 2023/CVE-2023-23752.md | 1 + 2023/CVE-2023-24023.md | 1 + 2023/CVE-2023-24893.md | 2 +- 2023/CVE-2023-24930.md | 2 +- 2023/CVE-2023-24932.md | 1 + 2023/CVE-2023-24934.md | 2 +- 2023/CVE-2023-24941.md | 2 +- 2023/CVE-2023-24955.md | 2 +- 2023/CVE-2023-25330.md | 2 +- 2023/CVE-2023-26756.md | 2 +- 2023/CVE-2023-27372.md | 1 + 2023/CVE-2023-28218.md | 4 +- 2023/CVE-2023-28222.md | 4 +- 2023/CVE-2023-28226.md | 2 +- 2023/CVE-2023-28228.md | 4 +- 2023/CVE-2023-28229.md | 4 +- 2023/CVE-2023-28231.md | 5 +- 2023/CVE-2023-28244.md | 4 +- 2023/CVE-2023-28248.md | 2 +- 2023/CVE-2023-28250.md | 4 +- 2023/CVE-2023-28252.md | 4 +- 2023/CVE-2023-28271.md | 4 +- 2023/CVE-2023-28285.md | 2 +- 2023/CVE-2023-28287.md | 2 +- 2023/CVE-2023-28288.md | 2 +- 2023/CVE-2023-28293.md | 4 +- 2023/CVE-2023-28295.md | 2 +- 2023/CVE-2023-28302.md | 4 +- 2023/CVE-2023-28303.md | 2 +- 2023/CVE-2023-28310.md | 2 +- 2023/CVE-2023-28311.md | 2 +- 2023/CVE-2023-28343.md | 1 + 2023/CVE-2023-28432.md | 2 + 2023/CVE-2023-28531.md | 1 + 2023/CVE-2023-29324.md | 2 +- 2023/CVE-2023-29325.md | 2 +- 2023/CVE-2023-29332.md | 2 +- 2023/CVE-2023-29336.md | 2 +- 2023/CVE-2023-29338.md | 2 +- 2023/CVE-2023-29343.md | 2 +- 2023/CVE-2023-29357.md | 2 +- 2023/CVE-2023-29360.md | 2 +- 2023/CVE-2023-2975.md | 1 + 2023/CVE-2023-31468.md | 2 +- 2023/CVE-2023-32031.md | 2 +- 2023/CVE-2023-32046.md | 2 + 2023/CVE-2023-32054.md | 42 + 2023/CVE-2023-33137.md | 2 +- 2023/CVE-2023-33144.md | 2 +- 2023/CVE-2023-33148.md | 2 +- 2023/CVE-2023-3390.md | 1 + 2023/CVE-2023-3446.md | 1 + 2023/CVE-2023-34960.md | 1 + 2023/CVE-2023-35311.md | 2 +- 2023/CVE-2023-35313.md | 2 +- 2023/CVE-2023-35353.md | 2 +- 2023/CVE-2023-35356.md | 2 +- 2023/CVE-2023-35357.md | 2 +- 2023/CVE-2023-35358.md | 2 +- 2023/CVE-2023-35359.md | 2 +- 2023/CVE-2023-35360.md | 2 +- 2023/CVE-2023-35361.md | 2 +- 2023/CVE-2023-35362.md | 2 +- 2023/CVE-2023-35363.md | 2 +- 2023/CVE-2023-35364.md | 2 +- 2023/CVE-2023-35365.md | 4 +- 2023/CVE-2023-35368.md | 2 +- 2023/CVE-2023-35382.md | 2 +- 2023/CVE-2023-35386.md | 2 +- 2023/CVE-2023-35388.md | 2 +- 2023/CVE-2023-35390.md | 2 +- 2023/CVE-2023-35618.md | 2 +- 2023/CVE-2023-35628.md | 2 +- 2023/CVE-2023-35630.md | 2 +- 2023/CVE-2023-35632.md | 2 +- 2023/CVE-2023-35633.md | 2 +- 2023/CVE-2023-35636.md | 2 +- 2023/CVE-2023-35639.md | 2 +- 2023/CVE-2023-35641.md | 2 +- 2023/CVE-2023-35644.md | 2 +- 2023/CVE-2023-36003.md | 2 +- 2023/CVE-2023-36005.md | 2 +- 2023/CVE-2023-36006.md | 2 +- 2023/CVE-2023-36011.md | 2 +- 2023/CVE-2023-36019.md | 2 +- 2023/CVE-2023-36033.md | 2 +- 2023/CVE-2023-36034.md | 2 +- 2023/CVE-2023-36036.md | 2 +- 2023/CVE-2023-36041.md | 2 +- 2023/CVE-2023-36047.md | 2 +- 2023/CVE-2023-36052.md | 2 +- 2023/CVE-2023-36054.md | 1 + 2023/CVE-2023-36085.md | 2 +- 2023/CVE-2023-36391.md | 3 +- 2023/CVE-2023-36396.md | 20 + 2023/CVE-2023-36403.md | 2 +- 2023/CVE-2023-36404.md | 2 +- 2023/CVE-2023-36407.md | 2 +- 2023/CVE-2023-36414.md | 2 +- 2023/CVE-2023-36424.md | 2 +- 2023/CVE-2023-36434.md | 4 +- 2023/CVE-2023-36439.md | 2 +- 2023/CVE-2023-36562.md | 2 +- 2023/CVE-2023-36563.md | 4 +- 2023/CVE-2023-36576.md | 2 +- 2023/CVE-2023-36584.md | 2 + 2023/CVE-2023-36696.md | 2 +- 2023/CVE-2023-36723.md | 2 +- 2023/CVE-2023-36728.md | 2 +- 2023/CVE-2023-36735.md | 2 +- 2023/CVE-2023-36741.md | 2 +- 2023/CVE-2023-36745.md | 2 +- 2023/CVE-2023-36761.md | 2 +- 2023/CVE-2023-36764.md | 2 +- 2023/CVE-2023-36778.md | 2 +- 2023/CVE-2023-36787.md | 2 +- 2023/CVE-2023-36802.md | 2 +- 2023/CVE-2023-36803.md | 2 +- 2023/CVE-2023-36874.md | 4 +- 2023/CVE-2023-36884.md | 2 +- 2023/CVE-2023-36895.md | 2 +- 2023/CVE-2023-36899.md | 3 +- 2023/CVE-2023-36900.md | 2 +- 2023/CVE-2023-38039.md | 1 + 2023/CVE-2023-38139.md | 4 +- 2023/CVE-2023-38140.md | 2 +- 2023/CVE-2023-38141.md | 4 +- 2023/CVE-2023-38146.md | 2 +- 2023/CVE-2023-38154.md | 2 +- 2023/CVE-2023-3817.md | 1 + 2023/CVE-2023-38175.md | 2 +- 2023/CVE-2023-38176.md | 2 +- 2023/CVE-2023-38178.md | 2 +- 2023/CVE-2023-38181.md | 2 +- 2023/CVE-2023-38182.md | 2 +- 2023/CVE-2023-38184.md | 2 +- 2023/CVE-2023-38408.md | 1 + 2023/CVE-2023-38545.md | 1 + 2023/CVE-2023-38546.md | 1 + 2023/CVE-2023-38646.md | 1 + 2023/CVE-2023-38706.md | 17 + 2023/CVE-2023-39113.md | 2 +- 2023/CVE-2023-39114.md | 2 +- 2023/CVE-2023-39318.md | 17 + 2023/CVE-2023-39319.md | 17 + 2023/CVE-2023-39325.md | 1 + 2023/CVE-2023-39326.md | 17 + 2023/CVE-2023-39804.md | 17 + 2023/CVE-2023-39848.md | 4 + 2023/CVE-2023-40588.md | 17 + 2023/CVE-2023-41042.md | 17 + 2023/CVE-2023-41043.md | 17 + 2023/CVE-2023-41763.md | 2 +- 2023/CVE-2023-41772.md | 2 +- 2023/CVE-2023-41892.md | 1 + 2023/CVE-2023-42757.md | 17 + 2023/CVE-2023-43208.md | 2 + 2023/CVE-2023-43659.md | 17 + 2023/CVE-2023-43814.md | 18 + 2023/CVE-2023-44271.md | 1 + 2023/CVE-2023-44388.md | 17 + 2023/CVE-2023-44391.md | 17 + 2023/CVE-2023-44487.md | 1 + 2023/CVE-2023-45131.md | 17 + 2023/CVE-2023-45147.md | 17 + 2023/CVE-2023-4527.md | 1 + 2023/CVE-2023-45283.md | 1 + 2023/CVE-2023-45284.md | 1 + 2023/CVE-2023-45287.md | 17 + 2023/CVE-2023-45288.md | 1 + 2023/CVE-2023-45289.md | 18 + 2023/CVE-2023-45290.md | 17 + 2023/CVE-2023-45806.md | 17 + 2023/CVE-2023-45816.md | 17 + 2023/CVE-2023-45866.md | 1 + 2023/CVE-2023-46130.md | 17 + 2023/CVE-2023-46218.md | 1 + 2023/CVE-2023-46219.md | 1 + 2023/CVE-2023-46234.md | 1 + 2023/CVE-2023-46574.md | 1 + 2023/CVE-2023-46604.md | 2 + 2023/CVE-2023-47038.md | 3 +- 2023/CVE-2023-47119.md | 1 + 2023/CVE-2023-47120.md | 17 + 2023/CVE-2023-47121.md | 17 + 2023/CVE-2023-4806.md | 1 + 2023/CVE-2023-4813.md | 1 + 2023/CVE-2023-48297.md | 17 + 2023/CVE-2023-48795.md | 1 + 2023/CVE-2023-49086.md | 4 +- 2023/CVE-2023-49099.md | 17 + 2023/CVE-2023-49103.md | 1 + 2023/CVE-2023-4911.md | 1 + 2023/CVE-2023-50044.md | 17 + 2023/CVE-2023-50628.md | 2 +- 2023/CVE-2023-51257.md | 2 +- 2023/CVE-2023-51384.md | 1 + 2023/CVE-2023-51385.md | 1 + 2023/CVE-2023-52426.md | 1 + 2023/CVE-2023-5363.md | 1 + 2023/CVE-2023-5981.md | 1 + 2023/CVE-2023-6240.md | 1 + 2023/CVE-2023-6246.md | 1 + 2023/CVE-2023-6612.md | 1 + 2023/CVE-2023-6702.md | 17 + 2023/CVE-2023-6779.md | 1 + 2023/CVE-2023-6780.md | 1 + 2023/CVE-2023-7008.md | 1 + 2024/CVE-2024-0039.md | 17 + 2024/CVE-2024-0235.md | 1 + 2024/CVE-2024-0517.md | 1 + 2024/CVE-2024-0553.md | 1 + 2024/CVE-2024-0567.md | 1 + 2024/CVE-2024-0582.md | 1 + 2024/CVE-2024-0756.md | 17 + 2024/CVE-2024-0757.md | 17 + 2024/CVE-2024-1023.md | 2 +- 2024/CVE-2024-1086.md | 2 + 2024/CVE-2024-1102.md | 2 + 2024/CVE-2024-1300.md | 2 +- 2024/CVE-2024-1402.md | 2 +- 2024/CVE-2024-1459.md | 1 - 2024/CVE-2024-1635.md | 4 +- 2024/CVE-2024-1800.md | 3 + 2024/CVE-2024-20654.md | 2 +- 2024/CVE-2024-20655.md | 2 +- 2024/CVE-2024-20676.md | 2 +- 2024/CVE-2024-20677.md | 8 +- 2024/CVE-2024-21412.md | 1 + 2024/CVE-2024-21413.md | 1 + 2024/CVE-2024-21506.md | 8 +- 2024/CVE-2024-21512.md | 20 + 2024/CVE-2024-21655.md | 17 + 2024/CVE-2024-21683.md | 1 + 2024/CVE-2024-2174.md | 2 +- 2024/CVE-2024-2176.md | 2 +- 2024/CVE-2024-2182.md | 1 - 2024/CVE-2024-21893.md | 1 + 2024/CVE-2024-2197.md | 6 +- 2024/CVE-2024-22074.md | 17 + 2024/CVE-2024-22120.md | 1 + 2024/CVE-2024-22590.md | 17 + 2024/CVE-2024-22641.md | 18 + 2024/CVE-2024-23081.md | 17 + 2024/CVE-2024-23082.md | 17 + 2024/CVE-2024-23108.md | 1 + 2024/CVE-2024-2353.md | 1 + 2024/CVE-2024-23692.md | 17 + 2024/CVE-2024-23897.md | 2 + 2024/CVE-2024-23917.md | 1 + 2024/CVE-2024-24576.md | 1 + 2024/CVE-2024-2470.md | 17 + 2024/CVE-2024-24748.md | 1 + 2024/CVE-2024-24783.md | 17 + 2024/CVE-2024-24784.md | 1 + 2024/CVE-2024-24785.md | 1 + 2024/CVE-2024-24827.md | 1 + 2024/CVE-2024-24862.md | 8 +- 2024/CVE-2024-24863.md | 8 +- 2024/CVE-2024-24919.md | 21 + 2024/CVE-2024-25600.md | 39 + 2024/CVE-2024-25975.md | 17 + 2024/CVE-2024-25976.md | 17 + 2024/CVE-2024-25977.md | 17 + 2024/CVE-2024-26026.md | 1 + 2024/CVE-2024-26163.md | 1 - 2024/CVE-2024-26209.md | 1 + 2024/CVE-2024-2631.md | 2 +- 2024/CVE-2024-2700.md | 1 + 2024/CVE-2024-27085.md | 1 + 2024/CVE-2024-27100.md | 1 + 2024/CVE-2024-27348.md | 2 + 2024/CVE-2024-27822.md | 17 + 2024/CVE-2024-28085.md | 1 + 2024/CVE-2024-28242.md | 1 + 2024/CVE-2024-28736.md | 17 + 2024/CVE-2024-28757.md | 1 + 2024/CVE-2024-28886.md | 17 + 2024/CVE-2024-2961.md | 10 + 2024/CVE-2024-29895.md | 1 + 2024/CVE-2024-29972.md | 19 + 2024/CVE-2024-29973.md | 19 + 2024/CVE-2024-29974.md | 19 + 2024/CVE-2024-29975.md | 19 + 2024/CVE-2024-29976.md | 19 + 2024/CVE-2024-30018.md | 34 + 2024/CVE-2024-30043.md | 22 + 2024/CVE-2024-30165.md | 17 + 2024/CVE-2024-3050.md | 17 + 2024/CVE-2024-3094.md | 4 + 2024/CVE-2024-31099.md | 4 +- 2024/CVE-2024-31380.md | 5 +- 2024/CVE-2024-3154.md | 1 + 2024/CVE-2024-32002.md | 2 + 2024/CVE-2024-32004.md | 1 + 2024/CVE-2024-32020.md | 17 + 2024/CVE-2024-32021.md | 17 + 2024/CVE-2024-32113.md | 3 + 2024/CVE-2024-32114.md | 1 + 2024/CVE-2024-32465.md | 17 + 2024/CVE-2024-32752.md | 17 + 2024/CVE-2024-3293.md | 1 + 2024/CVE-2024-32944.md | 17 + 2024/CVE-2024-3322.md | 17 + 2024/CVE-2024-33599.md | 1 + 2024/CVE-2024-33600.md | 1 + 2024/CVE-2024-33601.md | 1 + 2024/CVE-2024-33602.md | 1 + 2024/CVE-2024-33655.md | 18 + 2024/CVE-2024-34002.md | 17 + 2024/CVE-2024-34003.md | 17 + 2024/CVE-2024-34004.md | 17 + 2024/CVE-2024-34005.md | 17 + 2024/CVE-2024-34051.md | 17 + 2024/CVE-2024-34342.md | 1 + 2024/CVE-2024-34470.md | 1 + 2024/CVE-2024-34832.md | 17 + 2024/CVE-2024-3495.md | 1 + 2024/CVE-2024-35195.md | 1 + 2024/CVE-2024-35333.md | 17 + 2024/CVE-2024-35374.md | 2 +- 2024/CVE-2024-35468.md | 17 + 2024/CVE-2024-35469.md | 17 + 2024/CVE-2024-35511.md | 18 + 2024/CVE-2024-35581.md | 17 + 2024/CVE-2024-35582.md | 17 + 2024/CVE-2024-35583.md | 17 + 2024/CVE-2024-36104.md | 19 + 2024/CVE-2024-36105.md | 2 +- 2024/CVE-2024-36108.md | 17 + 2024/CVE-2024-36109.md | 17 + 2024/CVE-2024-36118.md | 17 + 2024/CVE-2024-36120.md | 17 + 2024/CVE-2024-36123.md | 17 + 2024/CVE-2024-36127.md | 18 + 2024/CVE-2024-36129.md | 17 + 2024/CVE-2024-36399.md | 19 + 2024/CVE-2024-36400.md | 17 + 2024/CVE-2024-36428.md | 2 + 2024/CVE-2024-36547.md | 17 + 2024/CVE-2024-36548.md | 17 + 2024/CVE-2024-36549.md | 17 + 2024/CVE-2024-36550.md | 17 + 2024/CVE-2024-3657.md | 22 + 2024/CVE-2024-36667.md | 17 + 2024/CVE-2024-36668.md | 17 + 2024/CVE-2024-36669.md | 17 + 2024/CVE-2024-36670.md | 17 + 2024/CVE-2024-36674.md | 17 + 2024/CVE-2024-36675.md | 17 + 2024/CVE-2024-36774.md | 17 + 2024/CVE-2024-36775.md | 17 + 2024/CVE-2024-36779.md | 17 + 2024/CVE-2024-36783.md | 17 + 2024/CVE-2024-36795.md | 17 + 2024/CVE-2024-36800.md | 17 + 2024/CVE-2024-36801.md | 17 + 2024/CVE-2024-36843.md | 17 + 2024/CVE-2024-36844.md | 17 + 2024/CVE-2024-36845.md | 17 + 2024/CVE-2024-36857.md | 17 + 2024/CVE-2024-36858.md | 17 + 2024/CVE-2024-37273.md | 17 + 2024/CVE-2024-3768.md | 2 +- 2024/CVE-2024-3844.md | 2 +- 2024/CVE-2024-3846.md | 2 +- 2024/CVE-2024-3882.md | 17 + 2024/CVE-2024-3921.md | 17 + 2024/CVE-2024-3928.md | 2 +- 2024/CVE-2024-3931.md | 1 + 2024/CVE-2024-3932.md | 2 +- 2024/CVE-2024-3937.md | 17 + 2024/CVE-2024-3979.md | 2 +- 2024/CVE-2024-4057.md | 17 + 2024/CVE-2024-4180.md | 17 + 2024/CVE-2024-4295.md | 17 + 2024/CVE-2024-4358.md | 21 + 2024/CVE-2024-4367.md | 1 + 2024/CVE-2024-4443.md | 1 + 2024/CVE-2024-4469.md | 17 + 2024/CVE-2024-4611.md | 17 + 2024/CVE-2024-4718.md | 17 + 2024/CVE-2024-4749.md | 17 + 2024/CVE-2024-4750.md | 17 + 2024/CVE-2024-4810.md | 8 +- 2024/CVE-2024-4856.md | 17 + 2024/CVE-2024-4857.md | 17 + 2024/CVE-2024-4886.md | 17 + 2024/CVE-2024-4956.md | 3 + 2024/CVE-2024-4985.md | 1 + 2024/CVE-2024-5084.md | 1 + 2024/CVE-2024-5138.md | 17 + 2024/CVE-2024-5187.md | 17 + 2024/CVE-2024-5274.md | 17 + 2024/CVE-2024-5326.md | 17 + 2024/CVE-2024-5410.md | 17 + 2024/CVE-2024-5411.md | 17 + 2024/CVE-2024-5420.md | 19 + 2024/CVE-2024-5421.md | 19 + 2024/CVE-2024-5422.md | 19 + 2024/CVE-2024-5565.md | 17 + 2024/CVE-2024-5656.md | 17 + github.txt | 661 +++++++++++++ references.txt | 2017 ++++++++++++++++++++++++++++++++++++++ 878 files changed, 7144 insertions(+), 379 deletions(-) create mode 100644 2008/CVE-2008-0176.md create mode 100644 2011/CVE-2011-1562.md create mode 100644 2016/CVE-2016-1409.md create mode 100644 2016/CVE-2016-5423.md create mode 100644 2016/CVE-2016-6380.md create mode 100644 2017/CVE-2017-12087.md create mode 100644 2017/CVE-2017-18861.md create mode 100644 2017/CVE-2017-6770.md create mode 100644 2018/CVE-2018-12679.md create mode 100644 2018/CVE-2018-19417.md create mode 100644 2018/CVE-2018-19860.md create mode 100644 2019/CVE-2019-0583.md create mode 100644 2019/CVE-2019-14323.md create mode 100644 2019/CVE-2019-14431.md create mode 100644 2019/CVE-2019-9747.md create mode 100644 2019/CVE-2019-9749.md create mode 100644 2019/CVE-2019-9750.md create mode 100644 2019/CVE-2019-9928.md create mode 100644 2020/CVE-2020-3543.md create mode 100644 2020/CVE-2020-36325.md create mode 100644 2020/CVE-2020-5551.md create mode 100644 2021/CVE-2021-3899.md create mode 100644 2021/CVE-2021-3942.md create mode 100644 2022/CVE-2022-22075.md create mode 100644 2022/CVE-2022-22088.md create mode 100644 2022/CVE-2022-24695.md create mode 100644 2022/CVE-2022-2699.md create mode 100644 2022/CVE-2022-27948.md create mode 100644 2022/CVE-2022-29098.md create mode 100644 2022/CVE-2022-33255.md create mode 100644 2022/CVE-2022-33280.md create mode 100644 2022/CVE-2022-40503.md create mode 100644 2022/CVE-2022-40537.md create mode 100644 2022/CVE-2022-43216.md create mode 100644 2022/CVE-2022-45171.md create mode 100644 2022/CVE-2022-48681.md create mode 100644 2023/CVE-2023-21647.md create mode 100644 2023/CVE-2023-32054.md create mode 100644 2023/CVE-2023-36396.md create mode 100644 2023/CVE-2023-38706.md create mode 100644 2023/CVE-2023-39318.md create mode 100644 2023/CVE-2023-39319.md create mode 100644 2023/CVE-2023-39326.md create mode 100644 2023/CVE-2023-39804.md create mode 100644 2023/CVE-2023-40588.md create mode 100644 2023/CVE-2023-41042.md create mode 100644 2023/CVE-2023-41043.md create mode 100644 2023/CVE-2023-42757.md create mode 100644 2023/CVE-2023-43659.md create mode 100644 2023/CVE-2023-43814.md create mode 100644 2023/CVE-2023-44388.md create mode 100644 2023/CVE-2023-44391.md create mode 100644 2023/CVE-2023-45131.md create mode 100644 2023/CVE-2023-45147.md create mode 100644 2023/CVE-2023-45287.md create mode 100644 2023/CVE-2023-45289.md create mode 100644 2023/CVE-2023-45290.md create mode 100644 2023/CVE-2023-45806.md create mode 100644 2023/CVE-2023-45816.md create mode 100644 2023/CVE-2023-46130.md create mode 100644 2023/CVE-2023-47120.md create mode 100644 2023/CVE-2023-47121.md create mode 100644 2023/CVE-2023-48297.md create mode 100644 2023/CVE-2023-49099.md create mode 100644 2023/CVE-2023-50044.md create mode 100644 2023/CVE-2023-6702.md create mode 100644 2024/CVE-2024-0039.md create mode 100644 2024/CVE-2024-0756.md create mode 100644 2024/CVE-2024-0757.md create mode 100644 2024/CVE-2024-21512.md create mode 100644 2024/CVE-2024-21655.md create mode 100644 2024/CVE-2024-22074.md create mode 100644 2024/CVE-2024-22590.md create mode 100644 2024/CVE-2024-22641.md create mode 100644 2024/CVE-2024-23081.md create mode 100644 2024/CVE-2024-23082.md create mode 100644 2024/CVE-2024-23692.md create mode 100644 2024/CVE-2024-2470.md create mode 100644 2024/CVE-2024-24783.md create mode 100644 2024/CVE-2024-24919.md create mode 100644 2024/CVE-2024-25600.md create mode 100644 2024/CVE-2024-25975.md create mode 100644 2024/CVE-2024-25976.md create mode 100644 2024/CVE-2024-25977.md create mode 100644 2024/CVE-2024-27822.md create mode 100644 2024/CVE-2024-28736.md create mode 100644 2024/CVE-2024-28886.md create mode 100644 2024/CVE-2024-29972.md create mode 100644 2024/CVE-2024-29973.md create mode 100644 2024/CVE-2024-29974.md create mode 100644 2024/CVE-2024-29975.md create mode 100644 2024/CVE-2024-29976.md create mode 100644 2024/CVE-2024-30018.md create mode 100644 2024/CVE-2024-30043.md create mode 100644 2024/CVE-2024-30165.md create mode 100644 2024/CVE-2024-3050.md create mode 100644 2024/CVE-2024-32020.md create mode 100644 2024/CVE-2024-32021.md create mode 100644 2024/CVE-2024-32465.md create mode 100644 2024/CVE-2024-32752.md create mode 100644 2024/CVE-2024-32944.md create mode 100644 2024/CVE-2024-3322.md create mode 100644 2024/CVE-2024-33655.md create mode 100644 2024/CVE-2024-34002.md create mode 100644 2024/CVE-2024-34003.md create mode 100644 2024/CVE-2024-34004.md create mode 100644 2024/CVE-2024-34005.md create mode 100644 2024/CVE-2024-34051.md create mode 100644 2024/CVE-2024-34832.md create mode 100644 2024/CVE-2024-35333.md create mode 100644 2024/CVE-2024-35468.md create mode 100644 2024/CVE-2024-35469.md create mode 100644 2024/CVE-2024-35511.md create mode 100644 2024/CVE-2024-35581.md create mode 100644 2024/CVE-2024-35582.md create mode 100644 2024/CVE-2024-35583.md create mode 100644 2024/CVE-2024-36104.md create mode 100644 2024/CVE-2024-36108.md create mode 100644 2024/CVE-2024-36109.md create mode 100644 2024/CVE-2024-36118.md create mode 100644 2024/CVE-2024-36120.md create mode 100644 2024/CVE-2024-36123.md create mode 100644 2024/CVE-2024-36127.md create mode 100644 2024/CVE-2024-36129.md create mode 100644 2024/CVE-2024-36399.md create mode 100644 2024/CVE-2024-36400.md create mode 100644 2024/CVE-2024-36547.md create mode 100644 2024/CVE-2024-36548.md create mode 100644 2024/CVE-2024-36549.md create mode 100644 2024/CVE-2024-36550.md create mode 100644 2024/CVE-2024-3657.md create mode 100644 2024/CVE-2024-36667.md create mode 100644 2024/CVE-2024-36668.md create mode 100644 2024/CVE-2024-36669.md create mode 100644 2024/CVE-2024-36670.md create mode 100644 2024/CVE-2024-36674.md create mode 100644 2024/CVE-2024-36675.md create mode 100644 2024/CVE-2024-36774.md create mode 100644 2024/CVE-2024-36775.md create mode 100644 2024/CVE-2024-36779.md create mode 100644 2024/CVE-2024-36783.md create mode 100644 2024/CVE-2024-36795.md create mode 100644 2024/CVE-2024-36800.md create mode 100644 2024/CVE-2024-36801.md create mode 100644 2024/CVE-2024-36843.md create mode 100644 2024/CVE-2024-36844.md create mode 100644 2024/CVE-2024-36845.md create mode 100644 2024/CVE-2024-36857.md create mode 100644 2024/CVE-2024-36858.md create mode 100644 2024/CVE-2024-37273.md create mode 100644 2024/CVE-2024-3882.md create mode 100644 2024/CVE-2024-3921.md create mode 100644 2024/CVE-2024-3937.md create mode 100644 2024/CVE-2024-4057.md create mode 100644 2024/CVE-2024-4180.md create mode 100644 2024/CVE-2024-4295.md create mode 100644 2024/CVE-2024-4358.md create mode 100644 2024/CVE-2024-4469.md create mode 100644 2024/CVE-2024-4611.md create mode 100644 2024/CVE-2024-4718.md create mode 100644 2024/CVE-2024-4749.md create mode 100644 2024/CVE-2024-4750.md create mode 100644 2024/CVE-2024-4856.md create mode 100644 2024/CVE-2024-4857.md create mode 100644 2024/CVE-2024-4886.md create mode 100644 2024/CVE-2024-5138.md create mode 100644 2024/CVE-2024-5187.md create mode 100644 2024/CVE-2024-5274.md create mode 100644 2024/CVE-2024-5326.md create mode 100644 2024/CVE-2024-5410.md create mode 100644 2024/CVE-2024-5411.md create mode 100644 2024/CVE-2024-5420.md create mode 100644 2024/CVE-2024-5421.md create mode 100644 2024/CVE-2024-5422.md create mode 100644 2024/CVE-2024-5565.md create mode 100644 2024/CVE-2024-5656.md diff --git a/2000/CVE-2000-0114.md b/2000/CVE-2000-0114.md index 20cfd0cd96..5f256bf28b 100644 --- a/2000/CVE-2000-0114.md +++ b/2000/CVE-2000-0114.md @@ -16,6 +16,7 @@ No PoCs from references. - https://github.com/0xPugal/One-Liners - https://github.com/0xPugazh/One-Liners - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/Cappricio-Securities/CVE-2000-0114 - https://github.com/Live-Hack-CVE/CVE-2000-0114 - https://github.com/POORVAJA-195/Nuclei-Analysis-main - https://github.com/bhavesh-pardhi/One-Liner diff --git a/2006/CVE-2006-4469.md b/2006/CVE-2006-4469.md index f47a6c3951..76d94bac4c 100644 --- a/2006/CVE-2006-4469.md +++ b/2006/CVE-2006-4469.md @@ -13,5 +13,6 @@ Unspecified vulnerability in PEAR.php in Joomla! before 1.0.11 allows remote att No PoCs from references. #### Github +- https://github.com/muchdogesec/cve2stix - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2007/CVE-2007-5464.md b/2007/CVE-2007-5464.md index a2ec8187cd..49d5803e11 100644 --- a/2007/CVE-2007-5464.md +++ b/2007/CVE-2007-5464.md @@ -11,6 +11,7 @@ Stack-based buffer overflow in Live for Speed 0.5X10 and earlier allows remote a #### Reference - http://aluigi.altervista.org/adv/lfscbof-adv.txt +- http://securityreason.com/securityalert/3234 #### Github No PoCs found on GitHub currently. diff --git a/2007/CVE-2007-5686.md b/2007/CVE-2007-5686.md index 48ebc29089..fafbfc2d1c 100644 --- a/2007/CVE-2007-5686.md +++ b/2007/CVE-2007-5686.md @@ -24,5 +24,6 @@ No PoCs from references. - https://github.com/jasona7/ChatCVE - https://github.com/joelckwong/anchore - https://github.com/mauraneh/WIK-DPS-TP02 +- https://github.com/testing-felickz/docker-scout-demo - https://github.com/valancej/anchore-five-minutes diff --git a/2008/CVE-2008-0166.md b/2008/CVE-2008-0166.md index 5903ed5589..c33aa5fb81 100644 --- a/2008/CVE-2008-0166.md +++ b/2008/CVE-2008-0166.md @@ -32,7 +32,10 @@ OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating system - https://github.com/badkeys/debianopenssl - https://github.com/brimstone/stars - https://github.com/chnzzh/OpenSSL-CVE-lib +- https://github.com/demining/Chinese-version-of-Bitcoin-blockchain-cryptanalysis - https://github.com/demining/CryptoDeepTools +- https://github.com/demining/Japanese-version-of-Bitcoin-blockchain-cryptanalysis +- https://github.com/demining/Korean-version-of-Bitcoin-blockchain-cryptanalysis - https://github.com/demining/Vulnerable-to-Debian-OpenSSL-bug-CVE-2008-0166 - https://github.com/g0tmi1k/debian-ssh - https://github.com/google/paranoid_crypto diff --git a/2008/CVE-2008-0176.md b/2008/CVE-2008-0176.md new file mode 100644 index 0000000000..5d15cebc7b --- /dev/null +++ b/2008/CVE-2008-0176.md @@ -0,0 +1,17 @@ +### [CVE-2008-0176](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0176) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Heap-based buffer overflow in w32rtr.exe in GE Fanuc CIMPLICITY HMI SCADA system 7.0 before 7.0 SIM 9, and earlier versions before 6.1 SP6 Hot fix - 010708_162517_6106, allow remote attackers to execute arbitrary code via unknown vectors. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Angelina612/CVSS-Severity-Predictor + diff --git a/2008/CVE-2008-0590.md b/2008/CVE-2008-0590.md index f7aaf41cf3..3f644bfa31 100644 --- a/2008/CVE-2008-0590.md +++ b/2008/CVE-2008-0590.md @@ -10,6 +10,7 @@ Buffer overflow in Ipswitch WS_FTP Server with SSH 6.1.0.0 allows remote authent ### POC #### Reference +- http://securityreason.com/securityalert/3609 - https://www.exploit-db.com/exploits/5044 #### Github diff --git a/2008/CVE-2008-4250.md b/2008/CVE-2008-4250.md index 004d7a8ae4..52d24116c6 100644 --- a/2008/CVE-2008-4250.md +++ b/2008/CVE-2008-4250.md @@ -50,6 +50,7 @@ The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP - https://github.com/nanotechz9l/cvesearch - https://github.com/nitishbadole/oscp-note-2 - https://github.com/notsag-dev/htb-legacy +- https://github.com/pxcs/CVE-29343-Sysmon-list - https://github.com/rmsbpro/rmsbpro - https://github.com/shashihacks/OSCP - https://github.com/shashihacks/OSWE diff --git a/2009/CVE-2009-2629.md b/2009/CVE-2009-2629.md index a89f807cab..bc41d7e262 100644 --- a/2009/CVE-2009-2629.md +++ b/2009/CVE-2009-2629.md @@ -13,6 +13,7 @@ Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6 No PoCs from references. #### Github +- https://github.com/alisaesage/Disclosures - https://github.com/andrebro242/https-github.com-andrebro242-13-01.md - https://github.com/badd1e/Disclosures - https://github.com/secure-rewind-and-discard/sdrad_utils diff --git a/2009/CVE-2009-3555.md b/2009/CVE-2009-3555.md index a618c18c43..25f2a1d08a 100644 --- a/2009/CVE-2009-3555.md +++ b/2009/CVE-2009-3555.md @@ -48,6 +48,7 @@ The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Micr - https://github.com/kasem545/vulnsearch - https://github.com/matoweb/Enumeration-Script - https://github.com/palmerabollo/egov +- https://github.com/pyllyukko/user.js - https://github.com/smabramov/Vulnerabilities-and-attacks-on-information-systems - https://github.com/withdk/pulse-secure-vpn-mitm-research - https://github.com/zzzWTF/db-13-01 diff --git a/2010/CVE-2010-3124.md b/2010/CVE-2010-3124.md index e4142fc0db..423c0f776c 100644 --- a/2010/CVE-2010-3124.md +++ b/2010/CVE-2010-3124.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/CVEDB/awesome-cve-repo +- https://github.com/KOBUKOVUI/DLL_Injection_On_VLC diff --git a/2010/CVE-2010-4597.md b/2010/CVE-2010-4597.md index ac691a6659..31d6613248 100644 --- a/2010/CVE-2010-4597.md +++ b/2010/CVE-2010-4597.md @@ -13,5 +13,5 @@ Stack-based buffer overflow in the save method in the IntegraXor.Project ActiveX - http://www.exploit-db.com/exploits/15767 #### Github -No PoCs found on GitHub currently. +- https://github.com/Angelina612/CVSS-Severity-Predictor diff --git a/2011/CVE-2011-1562.md b/2011/CVE-2011-1562.md new file mode 100644 index 0000000000..2be0170593 --- /dev/null +++ b/2011/CVE-2011-1562.md @@ -0,0 +1,17 @@ +### [CVE-2011-1562](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1562) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Ecava IntegraXor HMI before n 3.60 (Build 4032) allows remote attackers to bypass authentication and execute arbitrary SQL statements via unspecified vectors related to a crafted POST request. NOTE: some sources have reported this issue as SQL injection, but this might not be accurate. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Angelina612/CVSS-Severity-Predictor + diff --git a/2011/CVE-2011-1563.md b/2011/CVE-2011-1563.md index cdf359b1a8..1d1fca5e50 100644 --- a/2011/CVE-2011-1563.md +++ b/2011/CVE-2011-1563.md @@ -20,5 +20,5 @@ Multiple stack-based buffer overflows in the HMI application in DATAC RealFlex R - http://www.exploit-db.com/exploits/17025 #### Github -No PoCs found on GitHub currently. +- https://github.com/Angelina612/CVSS-Severity-Predictor diff --git a/2011/CVE-2011-3374.md b/2011/CVE-2011-3374.md index 4711f5f0ff..ad0ac59fac 100644 --- a/2011/CVE-2011-3374.md +++ b/2011/CVE-2011-3374.md @@ -42,5 +42,6 @@ No PoCs from references. - https://github.com/simiyo/trivy - https://github.com/snyk-labs/helm-snyk - https://github.com/t31m0/Vulnerability-Scanner-for-Containers +- https://github.com/testing-felickz/docker-scout-demo - https://github.com/umahari/security diff --git a/2012/CVE-2012-1823.md b/2012/CVE-2012-1823.md index 40bf141351..44e0c67507 100644 --- a/2012/CVE-2012-1823.md +++ b/2012/CVE-2012-1823.md @@ -24,6 +24,7 @@ No PoCs from references. - https://github.com/CVEDB/PoC-List - https://github.com/CVEDB/awesome-cve-repo - https://github.com/CyberSavvy/python-pySecurity +- https://github.com/Fatalitysec/CVE-2012-1823 - https://github.com/J-16/Pentester-Bootcamp - https://github.com/Jean-Francois-C/Boot2root-CTFs-Writeups - https://github.com/MrScytheLULZ/covid diff --git a/2012/CVE-2012-2611.md b/2012/CVE-2012-2611.md index f1d5b08055..8b5b7a3772 100644 --- a/2012/CVE-2012-2611.md +++ b/2012/CVE-2012-2611.md @@ -13,5 +13,6 @@ The DiagTraceR3Info function in the Dialog processor in disp+work.exe 7010.29.15 - http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities #### Github +- https://github.com/Jean-Francois-C/SAP-Security-Audit - https://github.com/martingalloar/martingalloar diff --git a/2013/CVE-2013-0007.md b/2013/CVE-2013-0007.md index 7d22e96cf1..2dfea6f5b3 100644 --- a/2013/CVE-2013-0007.md +++ b/2013/CVE-2013-0007.md @@ -13,6 +13,7 @@ Microsoft XML Core Services (aka MSXML) 4.0, 5.0, and 6.0 does not properly pars No PoCs from references. #### Github +- https://github.com/alisaesage/Disclosures - https://github.com/alphaSeclab/sec-daily-2019 - https://github.com/badd1e/Disclosures diff --git a/2013/CVE-2013-1445.md b/2013/CVE-2013-1445.md index eabb17b9e3..719a133c43 100644 --- a/2013/CVE-2013-1445.md +++ b/2013/CVE-2013-1445.md @@ -13,5 +13,6 @@ The Crypto.Random.atfork function in PyCrypto before 2.6.1 does not properly res No PoCs from references. #### Github +- https://github.com/isidroas/fortuna - https://github.com/jdacode/Blockchain-Electronic-Voting-System diff --git a/2013/CVE-2013-2566.md b/2013/CVE-2013-2566.md index e2d3484d93..1461445b8e 100644 --- a/2013/CVE-2013-2566.md +++ b/2013/CVE-2013-2566.md @@ -38,6 +38,7 @@ The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single - https://github.com/mikemackintosh/ruby-qualys - https://github.com/nikolay480/devops-netology - https://github.com/pashicop/3.9_1 +- https://github.com/pyllyukko/user.js - https://github.com/stanmay77/security - https://github.com/tzaffi/testssl-report - https://github.com/vitaliivakhr/NETOLOGY diff --git a/2013/CVE-2013-3900.md b/2013/CVE-2013-3900.md index 23a0800dfd..85968465a5 100644 --- a/2013/CVE-2013-3900.md +++ b/2013/CVE-2013-3900.md @@ -26,6 +26,7 @@ No PoCs from references. - https://github.com/SaimSA/Vulnerability-Management-with-Nessus - https://github.com/Securenetology/CVE-2013-3900 - https://github.com/The-Education-and-Skills-Partnership/WinVerifyTrust-Signature-Mitigation +- https://github.com/ellikt1/Vulnerability-Assessment - https://github.com/florylsk/SignatureGate - https://github.com/hiba-ahmad1/NessusVulnManagement - https://github.com/izj007/wechat diff --git a/2013/CVE-2013-4378.md b/2013/CVE-2013-4378.md index f5828bf66d..b748a09391 100644 --- a/2013/CVE-2013-4378.md +++ b/2013/CVE-2013-4378.md @@ -13,6 +13,7 @@ Cross-site scripting (XSS) vulnerability in HtmlSessionInformationsReport.java i - http://seclists.org/oss-sec/2013/q3/679 #### Github +- https://github.com/epicosy/VUL4J-50 - https://github.com/theratpack/grails-javamelody-sample-app - https://github.com/tuhh-softsec/APR4Vul diff --git a/2014/CVE-2014-0160.md b/2014/CVE-2014-0160.md index 40df2f2f9d..39917b3297 100644 --- a/2014/CVE-2014-0160.md +++ b/2014/CVE-2014-0160.md @@ -313,6 +313,7 @@ The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not p - https://github.com/feiteira2/Pentest-Tools - https://github.com/fireorb/SSL-Scanner - https://github.com/fireorb/sslscanner +- https://github.com/forget-eve/Computer-Safety - https://github.com/froyo75/Heartbleed_Dockerfile_with_Nginx - https://github.com/fuzzr/example-openssl-1.0.1f - https://github.com/gbnv/temp @@ -433,6 +434,7 @@ The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not p - https://github.com/oneplus-x/Awesome-Pentest - https://github.com/oneplus-x/Sn1per - https://github.com/oneplush/hacking_tutorials +- https://github.com/orhun/flawz - https://github.com/oubaidHL/Security-Pack- - https://github.com/ozkanbilge/Payloads - https://github.com/paolokalvo/Ferramentas-Cyber-Security diff --git a/2014/CVE-2014-2024.md b/2014/CVE-2014-2024.md index b89510578f..9fc8231a23 100644 --- a/2014/CVE-2014-2024.md +++ b/2014/CVE-2014-2024.md @@ -13,5 +13,5 @@ Cross-site scripting (XSS) vulnerability in classes/controller/error.php in Open - https://github.com/open-classifieds/openclassifieds2/issues/556 #### Github -No PoCs found on GitHub currently. +- https://github.com/pxcs/CVE-29343-Sysmon-list diff --git a/2014/CVE-2014-3566.md b/2014/CVE-2014-3566.md index 4ad3f04dae..f0c99387cb 100644 --- a/2014/CVE-2014-3566.md +++ b/2014/CVE-2014-3566.md @@ -102,6 +102,7 @@ The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses - https://github.com/odolezal/D-Link-DIR-655 - https://github.com/pashicop/3.9_1 - https://github.com/puppetlabs/puppetlabs-compliance_profile +- https://github.com/r0metheus/poodle-attack - https://github.com/r3p3r/1N3-MassBleed - https://github.com/rameezts/poodle_check - https://github.com/rvaralda/aws_poodle_fix diff --git a/2014/CVE-2014-4060.md b/2014/CVE-2014-4060.md index e8ae8f119f..c45e511146 100644 --- a/2014/CVE-2014-4060.md +++ b/2014/CVE-2014-4060.md @@ -13,5 +13,6 @@ Use-after-free vulnerability in MCPlayer.dll in Microsoft Windows Media Center T No PoCs from references. #### Github +- https://github.com/alisaesage/Disclosures - https://github.com/badd1e/Disclosures diff --git a/2014/CVE-2014-4210.md b/2014/CVE-2014-4210.md index 0ec9d43564..76beeef56f 100644 --- a/2014/CVE-2014-4210.md +++ b/2014/CVE-2014-4210.md @@ -84,6 +84,7 @@ Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusi - https://github.com/password520/RedTeamer - https://github.com/pwnagelabs/VEF - https://github.com/qi4L/WeblogicScan.go +- https://github.com/rabbitmask/WeblogicScan - https://github.com/rabbitmask/WeblogicScanLot - https://github.com/ronoski/j2ee-rscan - https://github.com/skyblueflag/WebSecurityStudy diff --git a/2014/CVE-2014-4880.md b/2014/CVE-2014-4880.md index 09606835a1..5d8f35797a 100644 --- a/2014/CVE-2014-4880.md +++ b/2014/CVE-2014-4880.md @@ -13,5 +13,5 @@ Buffer overflow in Hikvision DVR DS-7204 Firmware 2.2.10 build 131009, and other - http://packetstormsecurity.com/files/129187/Hikvision-DVR-RTSP-Request-Remote-Code-Execution.html #### Github -No PoCs found on GitHub currently. +- https://github.com/Samsung/cotopaxi diff --git a/2014/CVE-2014-6271.md b/2014/CVE-2014-6271.md index 17dbafa6ad..2ae40466a1 100644 --- a/2014/CVE-2014-6271.md +++ b/2014/CVE-2014-6271.md @@ -147,6 +147,7 @@ GNU Bash through 4.3 processes trailing strings after function definitions in th - https://github.com/HttpEduardo/ShellTHEbest - https://github.com/Hunter-404/shmilytly - https://github.com/IAmATeaPot418/insecure-deployments +- https://github.com/IZAORICASTm/CHARQITO_NET - https://github.com/ImranTheThirdEye/awesome-web-hacking - https://github.com/InfoSecDion/Splunk-Incident-Response-Lab - https://github.com/JERRY123S/all-poc @@ -190,6 +191,7 @@ GNU Bash through 4.3 processes trailing strings after function definitions in th - https://github.com/NCSU-DANCE-Research-Group/CDL - https://github.com/Nieuport/Awesome-Security - https://github.com/Nieuport/PayloadsAllTheThings +- https://github.com/NikolaKostadinov01/Cyber-Security-Base-project-two - https://github.com/OshekharO/Penetration-Testing - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors diff --git a/2014/CVE-2014-6277.md b/2014/CVE-2014-6277.md index f2b93fc97f..8d992177e7 100644 --- a/2014/CVE-2014-6277.md +++ b/2014/CVE-2014-6277.md @@ -18,6 +18,7 @@ GNU Bash through 4.3 bash43-026 does not properly parse function definitions in #### Github - https://github.com/EvanK/shocktrooper +- https://github.com/IZAORICASTm/CHARQITO_NET - https://github.com/MrCl0wnLab/ShellShockHunter - https://github.com/demining/ShellShock-Attack - https://github.com/giterlizzi/secdb-feeds diff --git a/2014/CVE-2014-7169.md b/2014/CVE-2014-7169.md index 3fee371899..543807939b 100644 --- a/2014/CVE-2014-7169.md +++ b/2014/CVE-2014-7169.md @@ -27,6 +27,7 @@ GNU Bash through 4.3 bash43-025 processes trailing strings after certain malform - https://github.com/CyberlearnbyVK/redteam-notebook - https://github.com/EvanK/shocktrooper - https://github.com/Gobinath-B/SHELL-SCHOCK +- https://github.com/IZAORICASTm/CHARQITO_NET - https://github.com/JPedroVentura/Shocker - https://github.com/Jean-Francois-C/Boot2root-CTFs-Writeups - https://github.com/LubinLew/WEB-CVE diff --git a/2015/CVE-2015-2515.md b/2015/CVE-2015-2515.md index 626b4c9455..9c86f277c9 100644 --- a/2015/CVE-2015-2515.md +++ b/2015/CVE-2015-2515.md @@ -13,5 +13,6 @@ Use-after-free vulnerability in Windows Shell in Microsoft Windows Vista SP2, Wi No PoCs from references. #### Github +- https://github.com/alisaesage/Disclosures - https://github.com/badd1e/Disclosures diff --git a/2015/CVE-2015-2712.md b/2015/CVE-2015-2712.md index f722d3e44c..875c77a015 100644 --- a/2015/CVE-2015-2712.md +++ b/2015/CVE-2015-2712.md @@ -14,5 +14,5 @@ The asm.js implementation in Mozilla Firefox before 38.0 does not properly deter - https://bugzilla.mozilla.org/show_bug.cgi?id=1152280 #### Github -No PoCs found on GitHub currently. +- https://github.com/pyllyukko/user.js diff --git a/2015/CVE-2015-2743.md b/2015/CVE-2015-2743.md index 4ed08746b1..1a064f91bd 100644 --- a/2015/CVE-2015-2743.md +++ b/2015/CVE-2015-2743.md @@ -14,5 +14,5 @@ PDF.js in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x - http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html #### Github -No PoCs found on GitHub currently. +- https://github.com/pyllyukko/user.js diff --git a/2015/CVE-2015-3276.md b/2015/CVE-2015-3276.md index 54ff2a9079..f86571e466 100644 --- a/2015/CVE-2015-3276.md +++ b/2015/CVE-2015-3276.md @@ -15,4 +15,5 @@ The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/chnzzh/OpenSSL-CVE-lib +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2015/CVE-2015-3306.md b/2015/CVE-2015-3306.md index e3fea627c5..d763269f11 100644 --- a/2015/CVE-2015-3306.md +++ b/2015/CVE-2015-3306.md @@ -55,6 +55,7 @@ The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write t - https://github.com/lnick2023/nicenice - https://github.com/m4udSec/ProFTPD_CVE-2015-3306 - https://github.com/maxbardreausupdevinci/jokertitoolbox +- https://github.com/mr-exo/shodan-dorks - https://github.com/nodoyuna09/eHacking_LABS - https://github.com/nootropics/propane - https://github.com/qazbnm456/awesome-cve-poc diff --git a/2015/CVE-2015-4852.md b/2015/CVE-2015-4852.md index 74b44338a7..d6325a9aad 100644 --- a/2015/CVE-2015-4852.md +++ b/2015/CVE-2015-4852.md @@ -67,6 +67,7 @@ The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3. - https://github.com/password520/RedTeamer - https://github.com/psadmin-io/weblogic-patching-scripts - https://github.com/qiqiApink/apkRepair +- https://github.com/rabbitmask/WeblogicScan - https://github.com/roo7break/serialator - https://github.com/rosewachera-rw/vulnassessment - https://github.com/safe6Sec/WeblogicVuln diff --git a/2016/CVE-2016-0143.md b/2016/CVE-2016-0143.md index f210dadc08..a3d054563a 100644 --- a/2016/CVE-2016-0143.md +++ b/2016/CVE-2016-0143.md @@ -13,5 +13,6 @@ The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 a - https://www.exploit-db.com/exploits/39712/ #### Github +- https://github.com/alisaesage/Disclosures - https://github.com/badd1e/Disclosures diff --git a/2016/CVE-2016-0171.md b/2016/CVE-2016-0171.md index 3c20b45c0b..40acc92375 100644 --- a/2016/CVE-2016-0171.md +++ b/2016/CVE-2016-0171.md @@ -15,5 +15,6 @@ The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 #### Github - https://github.com/CyberRoute/rdpscan +- https://github.com/alisaesage/Disclosures - https://github.com/badd1e/Disclosures diff --git a/2016/CVE-2016-0638.md b/2016/CVE-2016-0638.md index 6a30bd2f9e..85cde6095d 100644 --- a/2016/CVE-2016-0638.md +++ b/2016/CVE-2016-0638.md @@ -57,6 +57,7 @@ Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusi - https://github.com/openx-org/BLEN - https://github.com/password520/RedTeamer - https://github.com/qi4L/WeblogicScan.go +- https://github.com/rabbitmask/WeblogicScan - https://github.com/rabbitmask/WeblogicScanLot - https://github.com/safe6Sec/WeblogicVuln - https://github.com/safe6Sec/wlsEnv diff --git a/2016/CVE-2016-10033.md b/2016/CVE-2016-10033.md index fcda2eeea0..9cad681333 100644 --- a/2016/CVE-2016-10033.md +++ b/2016/CVE-2016-10033.md @@ -172,6 +172,7 @@ The mailSend function in the isMail transport in PHPMailer before 5.2.18 might a - https://github.com/morkamimi/poop - https://github.com/nFnK/PHPMailer - https://github.com/natsootail/alumni +- https://github.com/nh0k016/Haki-Store - https://github.com/nyamleeze/commit_testing - https://github.com/opsxcq/exploit-CVE-2016-10033 - https://github.com/paralelo14/CVE_2016-10033 diff --git a/2016/CVE-2016-10045.md b/2016/CVE-2016-10045.md index 0593003b8b..47fc0585ed 100644 --- a/2016/CVE-2016-10045.md +++ b/2016/CVE-2016-10045.md @@ -123,6 +123,7 @@ The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to - https://github.com/morkamimi/poop - https://github.com/nFnK/PHPMailer - https://github.com/natsootail/alumni +- https://github.com/nh0k016/Haki-Store - https://github.com/nyamleeze/commit_testing - https://github.com/pctechsupport123/php - https://github.com/pedro823/cve-2016-10033-45 diff --git a/2016/CVE-2016-1409.md b/2016/CVE-2016-1409.md new file mode 100644 index 0000000000..90e9824a7a --- /dev/null +++ b/2016/CVE-2016-1409.md @@ -0,0 +1,17 @@ +### [CVE-2016-1409](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1409) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 through 3.17S, IOS XR 2.0.0 through 5.3.2, and NX-OS allows remote attackers to cause a denial of service (packet-processing outage) via crafted ND messages, aka Bug ID CSCuz66542, as exploited in the wild in May 2016. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/muchdogesec/cve2stix + diff --git a/2016/CVE-2016-2107.md b/2016/CVE-2016-2107.md index 00d00261ce..cbb1b3a0e0 100644 --- a/2016/CVE-2016-2107.md +++ b/2016/CVE-2016-2107.md @@ -29,6 +29,7 @@ The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does #### Github - https://github.com/1o24er/Python- +- https://github.com/20142995/sectool - https://github.com/ARPSyndicate/cvemon - https://github.com/CVEDB/PoC-List - https://github.com/CVEDB/awesome-cve-repo diff --git a/2016/CVE-2016-3088.md b/2016/CVE-2016-3088.md index bc43cb12e8..515ab3dd2b 100644 --- a/2016/CVE-2016-3088.md +++ b/2016/CVE-2016-3088.md @@ -46,7 +46,9 @@ The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remot - https://github.com/hktalent/bug-bounty - https://github.com/jiushill/haq5201314 - https://github.com/jweny/pocassistdb +- https://github.com/k8gege/Aggressor - https://github.com/k8gege/Ladon +- https://github.com/k8gege/PowerLadon - https://github.com/lnick2023/nicenice - https://github.com/openx-org/BLEN - https://github.com/pravinsrc/NOTES-windows-kernel-links diff --git a/2016/CVE-2016-3510.md b/2016/CVE-2016-3510.md index 4d0e572f1a..8514477c66 100644 --- a/2016/CVE-2016-3510.md +++ b/2016/CVE-2016-3510.md @@ -87,6 +87,7 @@ Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusi - https://github.com/orgTestCodacy11KRepos110MB/repo-5832-java-deserialization-exploits - https://github.com/password520/RedTeamer - https://github.com/qi4L/WeblogicScan.go +- https://github.com/rabbitmask/WeblogicScan - https://github.com/rabbitmask/WeblogicScanLot - https://github.com/ranjan-prp/PayloadsAllTheThings - https://github.com/ravijainpro/payloads_xss diff --git a/2016/CVE-2016-5423.md b/2016/CVE-2016-5423.md new file mode 100644 index 0000000000..bd892f7275 --- /dev/null +++ b/2016/CVE-2016-5423.md @@ -0,0 +1,17 @@ +### [CVE-2016-5423](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5423) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 allow remote authenticated users to cause a denial of service (NULL pointer dereference and server crash), obtain sensitive memory information, or possibly execute arbitrary code via (1) a CASE expression within the test value subexpression of another CASE or (2) inlining of an SQL function that implements the equality operator used for a CASE expression involving values of different types. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/digoal/blog + diff --git a/2016/CVE-2016-6380.md b/2016/CVE-2016-6380.md new file mode 100644 index 0000000000..fb3ac47877 --- /dev/null +++ b/2016/CVE-2016-6380.md @@ -0,0 +1,17 @@ +### [CVE-2016-6380](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6380) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +The DNS forwarder in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.15 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (data corruption or device reload) via a crafted DNS response, aka Bug ID CSCup90532. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/muchdogesec/cve2stix + diff --git a/2017/CVE-2017-0143.md b/2017/CVE-2017-0143.md index 9113099833..133b63c7f8 100644 --- a/2017/CVE-2017-0143.md +++ b/2017/CVE-2017-0143.md @@ -33,6 +33,7 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 - https://github.com/Cyberwatch/cyberwatch_api_powershell - https://github.com/ErdemOzgen/ActiveDirectoryAttacks - https://github.com/Esther7171/Ice +- https://github.com/GhostTroops/scan4all - https://github.com/Guccifer808/doublepulsar-scanner-golang - https://github.com/H3xL00m/MS17-010_CVE-2017-0143 - https://github.com/HacTF/poc--exp @@ -102,7 +103,9 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 - https://github.com/infosecn1nja/AD-Attack-Defense - https://github.com/jeredbare/ms17-010_to_slack - https://github.com/k4u5h41/MS17-010_CVE-2017-0143 +- https://github.com/k8gege/Aggressor - https://github.com/k8gege/Ladon +- https://github.com/k8gege/PowerLadon - https://github.com/khansiddique/VulnHub-Boot2root-CTFs-Writeups - https://github.com/liorsivan/hackthebox-machines - https://github.com/lnick2023/nicenice diff --git a/2017/CVE-2017-0144.md b/2017/CVE-2017-0144.md index de22718aa6..80555f69b4 100644 --- a/2017/CVE-2017-0144.md +++ b/2017/CVE-2017-0144.md @@ -39,6 +39,7 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 - https://github.com/Frat1n/Escalibur_Framework - https://github.com/FutureComputing4AI/ClarAVy - https://github.com/GhostTroops/TOP +- https://github.com/GhostTroops/scan4all - https://github.com/GoDsUnReAL/fun - https://github.com/Guccifer808/doublepulsar-scanner-golang - https://github.com/Itz-Ayanokoji/All-in-one-termux-tools @@ -105,7 +106,9 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 - https://github.com/jbmihoub/all-poc - https://github.com/joyce8/MalDICT - https://github.com/just0rg/Security-Interview +- https://github.com/k8gege/Aggressor - https://github.com/k8gege/Ladon +- https://github.com/k8gege/PowerLadon - https://github.com/kdcloverkid/https-github.com-kdcloverkid-awesome-termux-hacking - https://github.com/kgwanjala/oscp-cheatsheet - https://github.com/kimocoder/eternalblue diff --git a/2017/CVE-2017-0145.md b/2017/CVE-2017-0145.md index db3bd6a0c2..83cd9e38f1 100644 --- a/2017/CVE-2017-0145.md +++ b/2017/CVE-2017-0145.md @@ -30,6 +30,7 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 - https://github.com/Cyberwatch/cyberwatch_api_powershell - https://github.com/ErdemOzgen/ActiveDirectoryAttacks - https://github.com/GhostTroops/TOP +- https://github.com/GhostTroops/scan4all - https://github.com/GoDsUnReAL/fun - https://github.com/Guccifer808/doublepulsar-scanner-golang - https://github.com/Itz-Ayanokoji/All-in-one-termux-tools @@ -72,6 +73,7 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 - https://github.com/hktalent/scan4all - https://github.com/infosecn1nja/AD-Attack-Defense - https://github.com/jbmihoub/all-poc +- https://github.com/k8gege/PowerLadon - https://github.com/kdcloverkid/https-github.com-kdcloverkid-awesome-termux-hacking - https://github.com/lnick2023/nicenice - https://github.com/may215/awesome-termux-hacking diff --git a/2017/CVE-2017-0146.md b/2017/CVE-2017-0146.md index 9bf3118fae..188abf50e0 100644 --- a/2017/CVE-2017-0146.md +++ b/2017/CVE-2017-0146.md @@ -22,6 +22,7 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 - https://github.com/Cruxer8Mech/Idk - https://github.com/Cyberwatch/cyberwatch_api_powershell - https://github.com/ErdemOzgen/ActiveDirectoryAttacks +- https://github.com/GhostTroops/scan4all - https://github.com/Guccifer808/doublepulsar-scanner-golang - https://github.com/Kiz619ao630/StepwisePolicy3 - https://github.com/Nieuport/Active-Directory-Kill-Chain-Attack-Defense @@ -51,6 +52,7 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 - https://github.com/hackeremmen/Active-Directory-Kill-Chain-Attack-Defense- - https://github.com/hktalent/scan4all - https://github.com/infosecn1nja/AD-Attack-Defense +- https://github.com/k8gege/PowerLadon - https://github.com/lnick2023/nicenice - https://github.com/merlinepedra/SCAN4LL - https://github.com/merlinepedra25/SCAN4ALL-1 diff --git a/2017/CVE-2017-0147.md b/2017/CVE-2017-0147.md index 800424a416..3e3d78cb0b 100644 --- a/2017/CVE-2017-0147.md +++ b/2017/CVE-2017-0147.md @@ -19,6 +19,7 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/FutureComputing4AI/ClarAVy +- https://github.com/GhostTroops/scan4all - https://github.com/Guccifer808/doublepulsar-scanner-golang - https://github.com/Kiz619ao630/StepwisePolicy3 - https://github.com/Lynk4/Windows-Server-2008-VAPT diff --git a/2017/CVE-2017-0148.md b/2017/CVE-2017-0148.md index c976819e26..0bfbbaf7c3 100644 --- a/2017/CVE-2017-0148.md +++ b/2017/CVE-2017-0148.md @@ -21,6 +21,7 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 - https://github.com/Cruxer8Mech/Idk - https://github.com/Cyberwatch/cyberwatch_api_powershell - https://github.com/ErdemOzgen/ActiveDirectoryAttacks +- https://github.com/GhostTroops/scan4all - https://github.com/Guccifer808/doublepulsar-scanner-golang - https://github.com/HakaKali/CVE-2017-0148 - https://github.com/Kiz619ao630/StepwisePolicy3 @@ -51,6 +52,7 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 - https://github.com/hackeremmen/Active-Directory-Kill-Chain-Attack-Defense- - https://github.com/hktalent/scan4all - https://github.com/infosecn1nja/AD-Attack-Defense +- https://github.com/k8gege/PowerLadon - https://github.com/lnick2023/nicenice - https://github.com/maragard/genestealer - https://github.com/merlinepedra/SCAN4LL diff --git a/2017/CVE-2017-0785.md b/2017/CVE-2017-0785.md index 81cb45af2c..5f2fa464e4 100644 --- a/2017/CVE-2017-0785.md +++ b/2017/CVE-2017-0785.md @@ -79,6 +79,7 @@ A information disclosure vulnerability in the Android system (bluetooth). Produc - https://github.com/rootabeta/shellfish - https://github.com/rootcode369/shellfish - https://github.com/severnake/Pentest-Tools +- https://github.com/sgxgsx/BlueToolkit - https://github.com/sh4rknado/BlueBorn - https://github.com/sigbitsadmin/diff - https://github.com/skhjacksonheights/blSCAN_skh diff --git a/2017/CVE-2017-1000250.md b/2017/CVE-2017-1000250.md index 9e2c13e962..6ebe1d44d6 100644 --- a/2017/CVE-2017-1000250.md +++ b/2017/CVE-2017-1000250.md @@ -21,4 +21,5 @@ All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an in - https://github.com/giterlizzi/secdb-feeds - https://github.com/hw5773/blueborne - https://github.com/olav-st/CVE-2017-1000250-PoC +- https://github.com/sgxgsx/BlueToolkit diff --git a/2017/CVE-2017-1000251.md b/2017/CVE-2017-1000251.md index f43988500b..a9dd5736e6 100644 --- a/2017/CVE-2017-1000251.md +++ b/2017/CVE-2017-1000251.md @@ -19,6 +19,7 @@ The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux ke - https://github.com/ArmisSecurity/blueborne - https://github.com/AxelRoudaut/THC_BlueBorne - https://github.com/CrackSoft900/Blue-Borne +- https://github.com/Cyber-Cole/Network_Analysis_with_NMAP_and_Wireshark - https://github.com/JeffroMF/awesome-bluetooth-security321 - https://github.com/Lexus89/blueborne - https://github.com/Lukembou/Vulnerability-Scanning @@ -46,6 +47,7 @@ The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux ke - https://github.com/ndk191/linux-kernel-exploitation - https://github.com/own2pwn/blueborne-CVE-2017-1000251-POC - https://github.com/qazbnm456/awesome-cve-poc +- https://github.com/sgxgsx/BlueToolkit - https://github.com/ssr-111/linux-kernel-exploitation - https://github.com/tlatkdgus1/blueborne-CVE-2017-1000251 - https://github.com/xairy/linux-kernel-exploitation diff --git a/2017/CVE-2017-10125.md b/2017/CVE-2017-10125.md index 458c4651c0..1258738229 100644 --- a/2017/CVE-2017-10125.md +++ b/2017/CVE-2017-10125.md @@ -13,5 +13,5 @@ Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployme - http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html #### Github -No PoCs found on GitHub currently. +- https://github.com/RoganDawes/P4wnP1 diff --git a/2017/CVE-2017-10271.md b/2017/CVE-2017-10271.md index 5939a52e1b..a3ea7a4bb0 100644 --- a/2017/CVE-2017-10271.md +++ b/2017/CVE-2017-10271.md @@ -207,6 +207,7 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - https://github.com/qince1455373819/awesome-honeypots - https://github.com/r0eXpeR/redteam_vul - https://github.com/r4b3rt/CVE-2017-10271 +- https://github.com/rabbitmask/WeblogicScan - https://github.com/rabbitmask/WeblogicScanLot - https://github.com/rambleZzz/weblogic_CVE_2017_10271 - https://github.com/ranjan-prp/PayloadsAllTheThings diff --git a/2017/CVE-2017-11283.md b/2017/CVE-2017-11283.md index 8884fc0c1f..c2a09fb848 100644 --- a/2017/CVE-2017-11283.md +++ b/2017/CVE-2017-11283.md @@ -17,6 +17,7 @@ No PoCs from references. - https://github.com/BrittanyKuhn/javascript-tutorial - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +- https://github.com/gyyyy/footprint - https://github.com/klausware/Java-Deserialization-Cheat-Sheet - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet diff --git a/2017/CVE-2017-12087.md b/2017/CVE-2017-12087.md new file mode 100644 index 0000000000..8d7bbd25e0 --- /dev/null +++ b/2017/CVE-2017-12087.md @@ -0,0 +1,17 @@ +### [CVE-2017-12087](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12087) +![](https://img.shields.io/static/v1?label=Product&message=Tinysvcmdns&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=heap%20overflow&color=brighgreen) + +### Description + +An exploitable heap overflow vulnerability exists in the tinysvcmdns library version 2016-07-18. A specially crafted packet can make the library overwrite an arbitrary amount of data on the heap with attacker controlled values. An attacker needs send a dns packet to trigger this vulnerability. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Samsung/cotopaxi + diff --git a/2017/CVE-2017-12130.md b/2017/CVE-2017-12130.md index f3121c58e6..5da51589a2 100644 --- a/2017/CVE-2017-12130.md +++ b/2017/CVE-2017-12130.md @@ -13,5 +13,5 @@ An exploitable NULL pointer dereference vulnerability exists in the tinysvcmdns - https://talosintelligence.com/vulnerability_reports/TALOS-2017-0486 #### Github -No PoCs found on GitHub currently. +- https://github.com/Samsung/cotopaxi diff --git a/2017/CVE-2017-12149.md b/2017/CVE-2017-12149.md index ee16e1a3c5..58b929ce4d 100644 --- a/2017/CVE-2017-12149.md +++ b/2017/CVE-2017-12149.md @@ -56,6 +56,7 @@ In Jboss Application Server as shipped with Red Hat Enterprise Application Platf - https://github.com/TSY244/scan_node - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/Vulhub-Reproduce +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/VVeakee/CVE-2017-12149 - https://github.com/Weik1/Artillery - https://github.com/Xcatolin/jboss-deserialization diff --git a/2017/CVE-2017-12615.md b/2017/CVE-2017-12615.md index 727404a636..d569134811 100644 --- a/2017/CVE-2017-12615.md +++ b/2017/CVE-2017-12615.md @@ -45,6 +45,7 @@ When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e. - https://github.com/SexyBeast233/SecBooks - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/Vulhub-Reproduce +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/Weik1/Artillery - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/YgorAlberto/Ethical-Hacker @@ -73,7 +74,9 @@ When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e. - https://github.com/ianxtianxt/CVE-2017-12615 - https://github.com/ilhamrzr/ApacheTomcat - https://github.com/jweny/pocassistdb +- https://github.com/k8gege/Aggressor - https://github.com/k8gege/Ladon +- https://github.com/k8gege/PowerLadon - https://github.com/lions2012/Penetration_Testing_POC - https://github.com/lnick2023/nicenice - https://github.com/lp008/Hack-readme diff --git a/2017/CVE-2017-12629.md b/2017/CVE-2017-12629.md index 4b0e92a783..363b618c34 100644 --- a/2017/CVE-2017-12629.md +++ b/2017/CVE-2017-12629.md @@ -45,6 +45,7 @@ Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before - https://github.com/mustblade/solr_hacktool - https://github.com/p4d0rn/Siren - https://github.com/password520/RedTeamer +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/ronoski/j2ee-rscan - https://github.com/tdwyer/PoC_CVE-2017-3164_CVE-2017-1262 - https://github.com/veracode-research/solr-injection diff --git a/2017/CVE-2017-13716.md b/2017/CVE-2017-13716.md index 879ba6730b..0fb97f6fdf 100644 --- a/2017/CVE-2017-13716.md +++ b/2017/CVE-2017-13716.md @@ -19,5 +19,6 @@ No PoCs from references. - https://github.com/siddharthraopotukuchi/trivy - https://github.com/simiyo/trivy - https://github.com/t31m0/Vulnerability-Scanner-for-Containers +- https://github.com/testing-felickz/docker-scout-demo - https://github.com/umahari/security diff --git a/2017/CVE-2017-14159.md b/2017/CVE-2017-14159.md index 033a124fb4..8d36ac853d 100644 --- a/2017/CVE-2017-14159.md +++ b/2017/CVE-2017-14159.md @@ -15,4 +15,5 @@ slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privilege #### Github - https://github.com/andir/nixos-issue-db-example - https://github.com/jparrill/preview-grafeas +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2017/CVE-2017-16905.md b/2017/CVE-2017-16905.md index df2571fbc2..29e07a2e20 100644 --- a/2017/CVE-2017-16905.md +++ b/2017/CVE-2017-16905.md @@ -18,6 +18,7 @@ No PoCs from references. - https://github.com/Fa1c0n35/Awesome-Bugbounty-Writeups - https://github.com/Hacker-Fighter001/Bug-Bounty-Hunter-Articles - https://github.com/ImranTheThirdEye/Awesome-Bugbounty-Writeups +- https://github.com/Neelakandan-A/BugBounty_CheatSheet - https://github.com/Prabirrimi/Awesome-Bugbounty-Writeups - https://github.com/Prodrious/writeups - https://github.com/R3dg0/writeups diff --git a/2017/CVE-2017-17740.md b/2017/CVE-2017-17740.md index 7bb72765c8..385ce9e638 100644 --- a/2017/CVE-2017-17740.md +++ b/2017/CVE-2017-17740.md @@ -15,4 +15,5 @@ contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops #### Github - https://github.com/andir/nixos-issue-db-example +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2017/CVE-2017-18018.md b/2017/CVE-2017-18018.md index c078f9687c..c4e6083cc2 100644 --- a/2017/CVE-2017-18018.md +++ b/2017/CVE-2017-18018.md @@ -27,4 +27,5 @@ No PoCs from references. - https://github.com/garethr/snykout - https://github.com/mauraneh/WIK-DPS-TP02 - https://github.com/phonito/phonito-scanner-action +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2017/CVE-2017-18861.md b/2017/CVE-2017-18861.md new file mode 100644 index 0000000000..4cd33d0729 --- /dev/null +++ b/2017/CVE-2017-18861.md @@ -0,0 +1,17 @@ +### [CVE-2017-18861](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18861) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Certain NETGEAR devices are affected by CSRF. This affects ReadyNAS Surveillance 1.4.3-15-x86 and earlier and ReadyNAS Surveillance 1.1.4-5-ARM and earlier. + +### POC + +#### Reference +- https://kb.netgear.com/000038435/Security-Advisory-for-ReadyNAS-Surveillance-CSRF-Remote-Code-Execution-PSV-2017-0578 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-2624.md b/2017/CVE-2017-2624.md index 4cda735848..5dac8e36a7 100644 --- a/2017/CVE-2017-2624.md +++ b/2017/CVE-2017-2624.md @@ -13,5 +13,5 @@ It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check - https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/ #### Github -No PoCs found on GitHub currently. +- https://github.com/nediazla/LinuxFundamentals diff --git a/2017/CVE-2017-2625.md b/2017/CVE-2017-2625.md index bf5cc65f60..ab0603b70d 100644 --- a/2017/CVE-2017-2625.md +++ b/2017/CVE-2017-2625.md @@ -13,5 +13,5 @@ It was discovered that libXdmcp before 1.1.2 including used weak entropy to gene - https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/ #### Github -No PoCs found on GitHub currently. +- https://github.com/nediazla/LinuxFundamentals diff --git a/2017/CVE-2017-2626.md b/2017/CVE-2017-2626.md index 7b7ae86baf..1373ee6aae 100644 --- a/2017/CVE-2017-2626.md +++ b/2017/CVE-2017-2626.md @@ -14,4 +14,5 @@ It was discovered that libICE before 1.0.9-8 used a weak entropy to generate key #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/nediazla/LinuxFundamentals diff --git a/2017/CVE-2017-3248.md b/2017/CVE-2017-3248.md index 8c328827ea..84d4e8eff8 100644 --- a/2017/CVE-2017-3248.md +++ b/2017/CVE-2017-3248.md @@ -67,6 +67,7 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/qi4L/WeblogicScan.go - https://github.com/quentinhardy/scriptsAndExploits +- https://github.com/rabbitmask/WeblogicScan - https://github.com/rabbitmask/WeblogicScanLot - https://github.com/rockmelodies/rocComExpRce - https://github.com/rudinyu/KB diff --git a/2017/CVE-2017-3506.md b/2017/CVE-2017-3506.md index fe1c418dba..51b03cd8d9 100644 --- a/2017/CVE-2017-3506.md +++ b/2017/CVE-2017-3506.md @@ -81,6 +81,7 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - https://github.com/pwnagelabs/VEF - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/qi4L/WeblogicScan.go +- https://github.com/rabbitmask/WeblogicScan - https://github.com/rabbitmask/WeblogicScanLot - https://github.com/safe6Sec/WeblogicVuln - https://github.com/safe6Sec/wlsEnv diff --git a/2017/CVE-2017-5223.md b/2017/CVE-2017-5223.md index 697b6609fd..dbb05752ba 100644 --- a/2017/CVE-2017-5223.md +++ b/2017/CVE-2017-5223.md @@ -113,6 +113,7 @@ An issue was discovered in PHPMailer before 5.2.22. PHPMailer's msgHTML method a - https://github.com/morkamimi/poop - https://github.com/nFnK/PHPMailer - https://github.com/natsootail/alumni +- https://github.com/nh0k016/Haki-Store - https://github.com/nyamleeze/commit_testing - https://github.com/pctechsupport123/php - https://github.com/prakashshubham13/portfolio diff --git a/2017/CVE-2017-5244.md b/2017/CVE-2017-5244.md index 8bfe48c423..a9962697ad 100644 --- a/2017/CVE-2017-5244.md +++ b/2017/CVE-2017-5244.md @@ -18,6 +18,7 @@ Routes used to stop running Metasploit tasks (either particular ones or all task - https://github.com/Fa1c0n35/Awesome-Bugbounty-Writeups - https://github.com/Hacker-Fighter001/Bug-Bounty-Hunter-Articles - https://github.com/ImranTheThirdEye/Awesome-Bugbounty-Writeups +- https://github.com/Neelakandan-A/BugBounty_CheatSheet - https://github.com/Prabirrimi/Awesome-Bugbounty-Writeups - https://github.com/Prodrious/writeups - https://github.com/R3dg0/writeups diff --git a/2017/CVE-2017-6770.md b/2017/CVE-2017-6770.md new file mode 100644 index 0000000000..05ff15fa87 --- /dev/null +++ b/2017/CVE-2017-6770.md @@ -0,0 +1,17 @@ +### [CVE-2017-6770](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6770) +![](https://img.shields.io/static/v1?label=Product&message=Multiple%20Cisco%20Products&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20&color=brighgreen) + +### Description + +Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS 4.0 through 12.0, and IOS XE 3.6 through 3.18 are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. This vulnerability could allow an unauthenticated, remote attacker to take full control of the OSPF Autonomous System (AS) domain routing table, allowing the attacker to intercept or black-hole traffic. The attacker could exploit this vulnerability by injecting crafted OSPF packets. Successful exploitation could cause the targeted router to flush its routing table and propagate the crafted OSPF LSA type 1 update throughout the OSPF AS domain. To exploit this vulnerability, an attacker must accurately determine certain parameters within the LSA database on the target router. This vulnerability can only be triggered by sending crafted unicast or multicast OSPF LSA type 1 packets. No other LSA type packets can trigger this vulnerability. OSPFv3 is not affected by this vulnerability. Fabric Shortest Path First (FSPF) protocol is not affected by this vulnerability. Cisco Bug IDs: CSCva74756, CSCve47393, CSCve47401. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/muchdogesec/cve2stix + diff --git a/2017/CVE-2017-7243.md b/2017/CVE-2017-7243.md index 048f35c2b6..1e1afb08ae 100644 --- a/2017/CVE-2017-7243.md +++ b/2017/CVE-2017-7243.md @@ -13,5 +13,6 @@ Eclipse tinydtls 0.8.2 for Eclipse IoT allows remote attackers to cause a denial No PoCs from references. #### Github +- https://github.com/Samsung/cotopaxi - https://github.com/q40603/Continuous-Invivo-Fuzz diff --git a/2017/CVE-2017-7269.md b/2017/CVE-2017-7269.md index d422903ac6..3c940cd609 100644 --- a/2017/CVE-2017-7269.md +++ b/2017/CVE-2017-7269.md @@ -46,6 +46,7 @@ Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in In - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/SexyBeast233/SecBooks - https://github.com/ThanHuuTuan/CVE-2017-7269 +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/ZTK-009/RedTeamer diff --git a/2017/CVE-2017-8360.md b/2017/CVE-2017-8360.md index 2a91a16cf7..882ffcd48a 100644 --- a/2017/CVE-2017-8360.md +++ b/2017/CVE-2017-8360.md @@ -14,5 +14,6 @@ Conexant Systems mictray64 task, as used on HP Elite, EliteBook, ProBook, and ZB #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/ffffffff0x/Dork-Admin - https://github.com/thom-s/nessus-compliance diff --git a/2017/CVE-2017-8514.md b/2017/CVE-2017-8514.md index 36b18490cc..838b238156 100644 --- a/2017/CVE-2017-8514.md +++ b/2017/CVE-2017-8514.md @@ -19,6 +19,7 @@ No PoCs from references. - https://github.com/Fa1c0n35/Awesome-Bugbounty-Writeups - https://github.com/Hacker-Fighter001/Bug-Bounty-Hunter-Articles - https://github.com/ImranTheThirdEye/Awesome-Bugbounty-Writeups +- https://github.com/Neelakandan-A/BugBounty_CheatSheet - https://github.com/Prabirrimi/Awesome-Bugbounty-Writeups - https://github.com/Prodrious/writeups - https://github.com/R3dg0/writeups diff --git a/2017/CVE-2017-8759.md b/2017/CVE-2017-8759.md index 59585964a3..e967e2679d 100644 --- a/2017/CVE-2017-8759.md +++ b/2017/CVE-2017-8759.md @@ -120,6 +120,7 @@ Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow - https://github.com/smashinu/CVE-2017-8759Expoit - https://github.com/sumas/APT_CyberCriminal_Campagin_Collections - https://github.com/svbjdbk123/- +- https://github.com/sythass/CVE-2017-8759 - https://github.com/t31m0/Red-Teaming-Toolkit - https://github.com/thezimtex/red-team - https://github.com/twensoo/PersistentThreat diff --git a/2017/CVE-2017-9805.md b/2017/CVE-2017-9805.md index fefde3aca6..c5e8026c59 100644 --- a/2017/CVE-2017-9805.md +++ b/2017/CVE-2017-9805.md @@ -52,6 +52,7 @@ The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x bef - https://github.com/Lone-Ranger/apache-struts-pwn_CVE-2017-9805 - https://github.com/Muhammd/Awesome-Payloads - https://github.com/Nieuport/PayloadsAllTheThings +- https://github.com/NikolaKostadinov01/Cyber-Security-Base-project-two - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/PalindromeLabs/Java-Deserialization-CVEs diff --git a/2018/CVE-2018-0893.md b/2018/CVE-2018-0893.md index c349e67de0..7bd0b545f8 100644 --- a/2018/CVE-2018-0893.md +++ b/2018/CVE-2018-0893.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/alisaesage/Disclosures - https://github.com/badd1e/Disclosures - https://github.com/lnick2023/nicenice - https://github.com/qazbnm456/awesome-cve-poc diff --git a/2018/CVE-2018-1000021.md b/2018/CVE-2018-1000021.md index c79605b060..1f7d5f351f 100644 --- a/2018/CVE-2018-1000021.md +++ b/2018/CVE-2018-1000021.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/adegoodyer/ubuntu +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2018/CVE-2018-1000861.md b/2018/CVE-2018-1000861.md index 1a2b178ead..8711efe38c 100644 --- a/2018/CVE-2018-1000861.md +++ b/2018/CVE-2018-1000861.md @@ -45,6 +45,7 @@ A code execution vulnerability exists in the Stapler web framework used by Jenki - https://github.com/TheBeastofwar/JenkinsExploit-GUI - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/Vulhub-Reproduce +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/Zompire/cc_talk_2021 diff --git a/2018/CVE-2018-1058.md b/2018/CVE-2018-1058.md index fe5249d1aa..60d10a5675 100644 --- a/2018/CVE-2018-1058.md +++ b/2018/CVE-2018-1058.md @@ -24,6 +24,7 @@ No PoCs from references. - https://github.com/claranet/terraform-azurerm-db-postgresql - https://github.com/claranet/terraform-azurerm-db-postgresql-flexible - https://github.com/claranet/terraform-postgresql-database-configuration +- https://github.com/digoal/blog - https://github.com/hxysaury/saury-vulnhub - https://github.com/ngadminq/Bei-Gai-penetration-test-guide - https://github.com/stilet/postgraphile-simple-express-starter diff --git a/2018/CVE-2018-1260.md b/2018/CVE-2018-1260.md index c93651e3fe..fa2cac85e0 100644 --- a/2018/CVE-2018-1260.md +++ b/2018/CVE-2018-1260.md @@ -18,5 +18,6 @@ No PoCs from references. - https://github.com/Drun1baby/CVE-Reproduction-And-Analysis - https://github.com/SexyBeast233/SecBooks - https://github.com/ax1sX/SpringSecurity +- https://github.com/gyyyy/footprint - https://github.com/langu-xyz/JavaVulnMap diff --git a/2018/CVE-2018-1261.md b/2018/CVE-2018-1261.md index c85318b680..ae15816ce6 100644 --- a/2018/CVE-2018-1261.md +++ b/2018/CVE-2018-1261.md @@ -16,6 +16,7 @@ No PoCs from references. - https://github.com/ARPSyndicate/cvemon - https://github.com/ExpLangcn/FuYao-Go - https://github.com/ax1sX/SpringSecurity +- https://github.com/gyyyy/footprint - https://github.com/jpbprakash/vuln - https://github.com/mile9299/zip-slip-vulnerability - https://github.com/snyk/zip-slip-vulnerability diff --git a/2018/CVE-2018-12679.md b/2018/CVE-2018-12679.md new file mode 100644 index 0000000000..e0dd1b3573 --- /dev/null +++ b/2018/CVE-2018-12679.md @@ -0,0 +1,17 @@ +### [CVE-2018-12679](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12679) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +The Serialize.deserialize() method in CoAPthon3 1.0 and 1.0.1 mishandles certain exceptions, leading to a denial of service in applications that use this library (e.g., the standard CoAP server, CoAP client, example collect CoAP server and client) when they receive crafted CoAP messages. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Samsung/cotopaxi + diff --git a/2018/CVE-2018-16845.md b/2018/CVE-2018-16845.md index 2fa4527808..abd3f23e46 100644 --- a/2018/CVE-2018-16845.md +++ b/2018/CVE-2018-16845.md @@ -17,6 +17,7 @@ nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_mod - https://github.com/ConstantaNF/RPM - https://github.com/Dekkert/dz6_soft_distribution - https://github.com/adastraaero/OTUS_LinuxProf +- https://github.com/alisaesage/Disclosures - https://github.com/anitazhaochen/anitazhaochen.github.io - https://github.com/badd1e/Disclosures - https://github.com/rmtec/modeswitcher diff --git a/2018/CVE-2018-18264.md b/2018/CVE-2018-18264.md index 20fb263c35..0d39966a1f 100644 --- a/2018/CVE-2018-18264.md +++ b/2018/CVE-2018-18264.md @@ -19,4 +19,5 @@ No PoCs from references. - https://github.com/d4n-sec/d4n-sec.github.io - https://github.com/g3rzi/HackingKubernetes - https://github.com/hacking-kubernetes/hacking-kubernetes.info +- https://github.com/magnologan/awesome-k8s-security diff --git a/2018/CVE-2018-18428.md b/2018/CVE-2018-18428.md index 0988c2ef2d..f0dee6a95d 100644 --- a/2018/CVE-2018-18428.md +++ b/2018/CVE-2018-18428.md @@ -15,5 +15,5 @@ TP-Link TL-SC3130 1.6.18P12_121101 devices allow unauthenticated RTSP stream acc - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5497.php #### Github -No PoCs found on GitHub currently. +- https://github.com/Samsung/cotopaxi diff --git a/2018/CVE-2018-18483.md b/2018/CVE-2018-18483.md index 8633c9b9b3..758e875d5e 100644 --- a/2018/CVE-2018-18483.md +++ b/2018/CVE-2018-18483.md @@ -16,5 +16,6 @@ The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Bi #### Github - https://github.com/fokypoky/places-list - https://github.com/fuzz-evaluator/MemLock-Fuzz-eval +- https://github.com/testing-felickz/docker-scout-demo - https://github.com/wcventure/MemLock-Fuzz diff --git a/2018/CVE-2018-19067.md b/2018/CVE-2018-19067.md index f59a72754b..174556116c 100644 --- a/2018/CVE-2018-19067.md +++ b/2018/CVE-2018-19067.md @@ -13,5 +13,5 @@ An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and A - https://sintonen.fi/advisories/foscam-ip-camera-multiple-vulnerabilities.txt #### Github -No PoCs found on GitHub currently. +- https://github.com/Samsung/cotopaxi diff --git a/2018/CVE-2018-19077.md b/2018/CVE-2018-19077.md index 7889f55c90..615b0825ec 100644 --- a/2018/CVE-2018-19077.md +++ b/2018/CVE-2018-19077.md @@ -13,5 +13,5 @@ An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2. - https://sintonen.fi/advisories/foscam-ip-camera-multiple-vulnerabilities.txt #### Github -No PoCs found on GitHub currently. +- https://github.com/Samsung/cotopaxi diff --git a/2018/CVE-2018-19417.md b/2018/CVE-2018-19417.md new file mode 100644 index 0000000000..21a984f5e4 --- /dev/null +++ b/2018/CVE-2018-19417.md @@ -0,0 +1,17 @@ +### [CVE-2018-19417](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19417) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in the MQTT server in Contiki-NG before 4.2. The function parse_publish_vhdr() that parses MQTT PUBLISH messages with a variable length header uses memcpy to input data into a fixed size buffer. The allocated buffer can fit only MQTT_MAX_TOPIC_LENGTH (default 64) bytes, and a length check is missing. This could lead to Remote Code Execution via a stack-smashing attack (overwriting the function return address). Contiki-NG does not separate the MQTT server from other servers and the OS modules, so access to all memory regions is possible. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Samsung/cotopaxi + diff --git a/2018/CVE-2018-19518.md b/2018/CVE-2018-19518.md index a5357b4c8c..1ebea7ed3d 100644 --- a/2018/CVE-2018-19518.md +++ b/2018/CVE-2018-19518.md @@ -23,6 +23,7 @@ University of Washington IMAP Toolkit 2007f on UNIX, as used in imap_open() in P - https://github.com/C-starm/PoC-and-Exp-of-Vulnerabilities - https://github.com/HacTF/poc--exp - https://github.com/SexyBeast233/SecBooks +- https://github.com/Threekiii/Awesome-POC - https://github.com/avboy1337/Vulnerabilities - https://github.com/bb33bb/Vulnerabilities - https://github.com/ensimag-security/CVE-2018-19518 diff --git a/2018/CVE-2018-19860.md b/2018/CVE-2018-19860.md new file mode 100644 index 0000000000..baee6d9b6d --- /dev/null +++ b/2018/CVE-2018-19860.md @@ -0,0 +1,17 @@ +### [CVE-2018-19860](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19860) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Broadcom firmware before summer 2014 on Nexus 5 BCM4335C0 2012-12-11, Raspberry Pi 3 BCM43438A1 2014-06-02, and unspecifed other devices does not properly restrict LMP commnds and executes certain memory contents upon receiving an LMP command, as demonstrated by executing an HCI command. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/sgxgsx/BlueToolkit + diff --git a/2018/CVE-2018-20225.md b/2018/CVE-2018-20225.md index dd9afa5f11..d38d78f129 100644 --- a/2018/CVE-2018-20225.md +++ b/2018/CVE-2018-20225.md @@ -16,5 +16,6 @@ No PoCs from references. - https://github.com/ARPSyndicate/cvemon - https://github.com/cbdq-io/docker-grype - https://github.com/jedie/manage_django_project +- https://github.com/pkjmesra/PKScreener - https://github.com/sonatype-nexus-community/ossindex-python diff --git a/2018/CVE-2018-20250.md b/2018/CVE-2018-20250.md index 7d75e090b9..f2cc9d4136 100644 --- a/2018/CVE-2018-20250.md +++ b/2018/CVE-2018-20250.md @@ -61,6 +61,7 @@ In WinRAR versions prior to and including 5.61, There is path traversal vulnerab - https://github.com/Saidul-M-Khan/Red-Teaming-Toolkit - https://github.com/Team-BT5/WinAFL-RDP - https://github.com/Th3k33n/RedTeam +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/WyAtu/CVE-2018-20250 - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC diff --git a/2018/CVE-2018-20673.md b/2018/CVE-2018-20673.md index 9697296423..bf902cbce8 100644 --- a/2018/CVE-2018-20673.md +++ b/2018/CVE-2018-20673.md @@ -16,4 +16,5 @@ The demangle_template function in cplus-dem.c in GNU libiberty, as distributed i - https://github.com/ARPSyndicate/cvemon - https://github.com/fokypoky/places-list - https://github.com/phonito/phonito-vulnerable-container +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2018/CVE-2018-20712.md b/2018/CVE-2018-20712.md index d37a364a35..85d2cfdd38 100644 --- a/2018/CVE-2018-20712.md +++ b/2018/CVE-2018-20712.md @@ -15,4 +15,5 @@ A heap-based buffer over-read exists in the function d_expression_1 in cp-demang #### Github - https://github.com/phonito/phonito-vulnerable-container +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2018/CVE-2018-2628.md b/2018/CVE-2018-2628.md index 833ebf87e8..037284d0fe 100644 --- a/2018/CVE-2018-2628.md +++ b/2018/CVE-2018-2628.md @@ -105,6 +105,7 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - https://github.com/password520/RedTeamer - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/qi4L/WeblogicScan.go +- https://github.com/rabbitmask/WeblogicScan - https://github.com/rabbitmask/WeblogicScanLot - https://github.com/reph0r/Poc-Exp-Tools - https://github.com/reph0r/poc-exp diff --git a/2018/CVE-2018-2893.md b/2018/CVE-2018-2893.md index 87727cd8aa..7fd8d3079e 100644 --- a/2018/CVE-2018-2893.md +++ b/2018/CVE-2018-2893.md @@ -89,6 +89,7 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/qi4L/WeblogicScan.go - https://github.com/qianl0ng/CVE-2018-2893 +- https://github.com/rabbitmask/WeblogicScan - https://github.com/rabbitmask/WeblogicScanLot - https://github.com/ryanInf/CVE-2018-2893 - https://github.com/safe6Sec/WeblogicVuln diff --git a/2018/CVE-2018-2894.md b/2018/CVE-2018-2894.md index 46f9017e77..9b3ca31ffc 100644 --- a/2018/CVE-2018-2894.md +++ b/2018/CVE-2018-2894.md @@ -98,7 +98,9 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - https://github.com/jbmihoub/all-poc - https://github.com/jiangsir404/POC-S - https://github.com/jwxa2015/pocs +- https://github.com/k8gege/Aggressor - https://github.com/k8gege/Ladon +- https://github.com/k8gege/PowerLadon - https://github.com/k8gege/PyLadon - https://github.com/kdandy/pentest_tools - https://github.com/kenuoseclab/Weblogic-scan @@ -119,6 +121,7 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - https://github.com/pwnagelabs/VEF - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/qi4L/WeblogicScan.go +- https://github.com/rabbitmask/WeblogicScan - https://github.com/rabbitmask/WeblogicScanLot - https://github.com/ranjan-prp/PayloadsAllTheThings - https://github.com/ravijainpro/payloads_xss diff --git a/2018/CVE-2018-5144.md b/2018/CVE-2018-5144.md index cb1c4d7a82..8281843a1d 100644 --- a/2018/CVE-2018-5144.md +++ b/2018/CVE-2018-5144.md @@ -14,5 +14,6 @@ An integer overflow can occur during conversion of text to some Unicode characte No PoCs from references. #### Github +- https://github.com/alisaesage/Disclosures - https://github.com/badd1e/Disclosures diff --git a/2018/CVE-2018-5178.md b/2018/CVE-2018-5178.md index 382dde848c..5dd606aa22 100644 --- a/2018/CVE-2018-5178.md +++ b/2018/CVE-2018-5178.md @@ -16,5 +16,6 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/alisaesage/Disclosures - https://github.com/badd1e/Disclosures diff --git a/2018/CVE-2018-5383.md b/2018/CVE-2018-5383.md index 7a970d6f0c..e5aed72345 100644 --- a/2018/CVE-2018-5383.md +++ b/2018/CVE-2018-5383.md @@ -20,5 +20,6 @@ Bluetooth firmware or operating system software drivers in macOS versions before - https://github.com/AlexandrBing/broadcom-bt-firmware - https://github.com/JeffroMF/awesome-bluetooth-security321 - https://github.com/engn33r/awesome-bluetooth-security +- https://github.com/sgxgsx/BlueToolkit - https://github.com/winterheart/broadcom-bt-firmware diff --git a/2018/CVE-2018-6376.md b/2018/CVE-2018-6376.md index c524913886..79816b54af 100644 --- a/2018/CVE-2018-6376.md +++ b/2018/CVE-2018-6376.md @@ -55,6 +55,7 @@ No PoCs from references. - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/readloud/Pentesting-Bible - https://github.com/ridhopratama29/zimbohack +- https://github.com/sp4rkw/Cyberspace_Security_Learning - https://github.com/t31m0/PENTESTING-BIBLE - https://github.com/vincentfer/PENTESTING-BIBLE- - https://github.com/whoami-chmod777/Pentesting-Bible diff --git a/2018/CVE-2018-6389.md b/2018/CVE-2018-6389.md index 763b9eb5fe..13083335f3 100644 --- a/2018/CVE-2018-6389.md +++ b/2018/CVE-2018-6389.md @@ -45,6 +45,7 @@ In WordPress through 4.9.2, unauthenticated attackers can cause a denial of serv - https://github.com/Jetserver/CVE-2018-6389-FIX - https://github.com/JulienGadanho/cve-2018-6389-php-patcher - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Neelakandan-A/BugBounty_CheatSheet - https://github.com/Prabirrimi/Awesome-Bugbounty-Writeups - https://github.com/Prodrious/writeups - https://github.com/R3dg0/writeups @@ -56,6 +57,7 @@ In WordPress through 4.9.2, unauthenticated attackers can cause a denial of serv - https://github.com/SunDance29/for-learning - https://github.com/Tanvi20/Week-7-Alternative-Assignment-wp-cve - https://github.com/TheBountyBox/Awesome-Writeups +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/WazeHell/CVE-2018-6389 - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/YemiBeshe/Codepath-WP1 diff --git a/2018/CVE-2018-6829.md b/2018/CVE-2018-6829.md index 83919eb63c..6baed829c5 100644 --- a/2018/CVE-2018-6829.md +++ b/2018/CVE-2018-6829.md @@ -24,4 +24,5 @@ cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages direc - https://github.com/fokypoky/places-list - https://github.com/garethr/snykout - https://github.com/mauraneh/WIK-DPS-TP02 +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2018/CVE-2018-6981.md b/2018/CVE-2018-6981.md index a74a455320..0e14100373 100644 --- a/2018/CVE-2018-6981.md +++ b/2018/CVE-2018-6981.md @@ -20,6 +20,7 @@ No PoCs from references. - https://github.com/Apri1y/Red-Team-links - https://github.com/Echocipher/Resource-list - https://github.com/Ondrik8/RED-Team +- https://github.com/alisaesage/Disclosures - https://github.com/badd1e/Disclosures - https://github.com/dk47os3r/hongduiziliao - https://github.com/hasee2018/Safety-net-information diff --git a/2018/CVE-2018-7600.md b/2018/CVE-2018-7600.md index 64f09c04b0..5d76ba23eb 100644 --- a/2018/CVE-2018-7600.md +++ b/2018/CVE-2018-7600.md @@ -227,6 +227,7 @@ Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 - https://github.com/sobinge/--1 - https://github.com/sobinge/PayloadsAllTheThings - https://github.com/sobinge/PayloadsAllThesobinge +- https://github.com/soch4n/CVE-2018-7600 - https://github.com/stillHere3000/KnownMalware - https://github.com/superfish9/pt - https://github.com/t0m4too/t0m4to @@ -244,6 +245,7 @@ Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 - https://github.com/winterwolf32/PayloadsAllTheThings - https://github.com/xbl3/awesome-cve-poc_qazbnm456 - https://github.com/xhref/OSCP +- https://github.com/xonoxitron/INE-eJPT-Certification-Exam-Notes-Cheat-Sheet - https://github.com/yak0d3/dDumper - https://github.com/ynsmroztas/drupalhunter - https://github.com/zeralot/Dectect-CVE diff --git a/2018/CVE-2018-8120.md b/2018/CVE-2018-8120.md index b0311f2eb9..ee3b8b00b4 100644 --- a/2018/CVE-2018-8120.md +++ b/2018/CVE-2018-8120.md @@ -60,6 +60,7 @@ An elevation of privilege vulnerability exists in Windows when the Win32k compon - https://github.com/SomUrim/windows-kernel-exploits-clone - https://github.com/StartZYP/CVE-2018-8120 - https://github.com/ThunderJie/CVE +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/Y0n0Y/cve-2018-8120-exp - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC diff --git a/2018/CVE-2018-9996.md b/2018/CVE-2018-9996.md index 5f6c950d4b..b9d2d51e8e 100644 --- a/2018/CVE-2018-9996.md +++ b/2018/CVE-2018-9996.md @@ -18,6 +18,7 @@ An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU B - https://github.com/SZU-SE/Stack-overflow-Fuzzer-TestSuite - https://github.com/andir/nixos-issue-db-example - https://github.com/junxzm1990/afl-pt +- https://github.com/testing-felickz/docker-scout-demo - https://github.com/tzf-key/MemLock_Benchmark - https://github.com/tzf-omkey/MemLock_Benchmark - https://github.com/wcventure/MemLock_Benchmark diff --git a/2019/CVE-2019-0570.md b/2019/CVE-2019-0570.md index cae0129ee5..84ac1b98f8 100644 --- a/2019/CVE-2019-0570.md +++ b/2019/CVE-2019-0570.md @@ -20,5 +20,6 @@ An elevation of privilege vulnerability exists when the Windows Runtime improper - https://www.exploit-db.com/exploits/46184/ #### Github +- https://github.com/Cyber-Cole/Network_Analysis_with_NMAP_and_Wireshark - https://github.com/punishell/WindowsLegacyCVE diff --git a/2019/CVE-2019-0583.md b/2019/CVE-2019-0583.md new file mode 100644 index 0000000000..4ae189f1af --- /dev/null +++ b/2019/CVE-2019-0583.md @@ -0,0 +1,27 @@ +### [CVE-2019-0583](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0583) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Servers&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20RT%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) + +### Description + +A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2019-0538, CVE-2019-0575, CVE-2019-0576, CVE-2019-0577, CVE-2019-0578, CVE-2019-0579, CVE-2019-0580, CVE-2019-0581, CVE-2019-0582, CVE-2019-0584. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Cyber-Cole/Network_Analysis_with_NMAP_and_Wireshark + diff --git a/2019/CVE-2019-0604.md b/2019/CVE-2019-0604.md index e665cfaa6c..d4c2b352f7 100644 --- a/2019/CVE-2019-0604.md +++ b/2019/CVE-2019-0604.md @@ -56,6 +56,7 @@ No PoCs from references. - https://github.com/hktalent/ysoserial.net - https://github.com/jbmihoub/all-poc - https://github.com/k8gege/CVE-2019-0604 +- https://github.com/k8gege/PowerLadon - https://github.com/likescam/CVE-2019-0604_sharepoint_CVE - https://github.com/linhlhq/CVE-2019-0604 - https://github.com/lnick2023/nicenice diff --git a/2019/CVE-2019-0708.md b/2019/CVE-2019-0708.md index 23ec763802..c00aa02dcf 100644 --- a/2019/CVE-2019-0708.md +++ b/2019/CVE-2019-0708.md @@ -149,6 +149,7 @@ A remote code execution vulnerability exists in Remote Desktop Services formerly - https://github.com/TinToSer/bluekeep-exploit - https://github.com/Tk369/Rdp0708 - https://github.com/Tracehowler/Bible +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/UraSecTeam/CVE-2019-0708 - https://github.com/Wh1teZe/solo-blog - https://github.com/Whiteh4tWolf/Attack-Defense @@ -281,6 +282,7 @@ A remote code execution vulnerability exists in Remote Desktop Services formerly - https://github.com/jwmoss/PSTenable - https://github.com/k4yt3x/pwsearch - https://github.com/k8gege/CVE-2019-0708 +- https://github.com/k8gege/PowerLadon - https://github.com/kenuoseclab/HostScan - https://github.com/kevthehermit/attackerkb-api - https://github.com/kryptoslogic/rdppot @@ -411,6 +413,7 @@ A remote code execution vulnerability exists in Remote Desktop Services formerly - https://github.com/xiaoqin00/PwnDatas-DB-Project - https://github.com/xiaoy-sec/Pentest_Note - https://github.com/xinyu2428/Nessus_CSV +- https://github.com/xonoxitron/INE-eJPT-Certification-Exam-Notes-Cheat-Sheet - https://github.com/xuetusummer/Penetration_Testing_POC - https://github.com/ycdxsb/PocOrExp_in_Github - https://github.com/ycdxsb/WindowsPrivilegeEscalation diff --git a/2019/CVE-2019-0717.md b/2019/CVE-2019-0717.md index 587ce565ba..fbd7d109ad 100644 --- a/2019/CVE-2019-0717.md +++ b/2019/CVE-2019-0717.md @@ -1,14 +1,15 @@ ### [CVE-2019-0717](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0717) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Denial%20of%20Service&color=brighgreen) ### Description -A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0714, CVE-2019-0715, CVE-2019-0718, CVE-2019-0723. +A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash.To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash.The update addresses the vulnerability by modifying how virtual machines access the Hyper-V Network Switch. ### POC @@ -16,5 +17,6 @@ A denial of service vulnerability exists when Microsoft Hyper-V Network Switch o No PoCs from references. #### Github +- https://github.com/alisaesage/Disclosures - https://github.com/badd1e/Disclosures diff --git a/2019/CVE-2019-0803.md b/2019/CVE-2019-0803.md index 94a348e142..58bb447f01 100644 --- a/2019/CVE-2019-0803.md +++ b/2019/CVE-2019-0803.md @@ -35,6 +35,7 @@ An elevation of privilege vulnerability exists in Windows when the Win32k compon - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/SecWiki/windows-kernel-exploits - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/ZTK-009/RedTeamer diff --git a/2019/CVE-2019-0863.md b/2019/CVE-2019-0863.md index 89f7f7bc0d..bf8ffe210a 100644 --- a/2019/CVE-2019-0863.md +++ b/2019/CVE-2019-0863.md @@ -28,6 +28,7 @@ An elevation of privilege vulnerability exists in the way Windows Error Reportin - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/alphaSeclab/sec-daily-2019 diff --git a/2019/CVE-2019-10028.md b/2019/CVE-2019-10028.md index 3a6224c76e..84df634c27 100644 --- a/2019/CVE-2019-10028.md +++ b/2019/CVE-2019-10028.md @@ -17,5 +17,6 @@ No PoCs from references. - https://github.com/ForAllSecure/Mayhem-with-TravisCI-netflix-dial-example - https://github.com/ForAllSecure/VulnerabilitiesLab - https://github.com/ForAllSecure/fuzzing-essentials-federal +- https://github.com/Samsung/cotopaxi - https://github.com/devdevdany/Mayhem-with-TravisCI-netflix-dial-example diff --git a/2019/CVE-2019-1003000.md b/2019/CVE-2019-1003000.md index 856ce2c773..4029a2d4a2 100644 --- a/2019/CVE-2019-1003000.md +++ b/2019/CVE-2019-1003000.md @@ -46,6 +46,7 @@ A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier - https://github.com/huimzjty/vulwiki - https://github.com/jaychouzzk/- - https://github.com/jbmihoub/all-poc +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/purple-WL/Jenkins_CVE-2019-1003000 - https://github.com/reph0r/poc-exp - https://github.com/reph0r/poc-exp-tools diff --git a/2019/CVE-2019-1003005.md b/2019/CVE-2019-1003005.md index dbd548f25d..8714edc6cb 100644 --- a/2019/CVE-2019-1003005.md +++ b/2019/CVE-2019-1003005.md @@ -20,6 +20,7 @@ A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.50 and - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/N0body007/jenkins-rce-2017-2018-2019 - https://github.com/TheBeastofwar/JenkinsExploit-GUI +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/alphaSeclab/sec-daily-2019 diff --git a/2019/CVE-2019-1003029.md b/2019/CVE-2019-1003029.md index 2da08ad232..d90f0eb924 100644 --- a/2019/CVE-2019-1003029.md +++ b/2019/CVE-2019-1003029.md @@ -27,6 +27,7 @@ A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.53 and - https://github.com/PwnAwan/Pwn_Jenkins - https://github.com/Rajchowdhury420/Secure-or-Break-Jenkins - https://github.com/TheBeastofwar/JenkinsExploit-GUI +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/alphaSeclab/sec-daily-2019 diff --git a/2019/CVE-2019-10173.md b/2019/CVE-2019-10173.md index f2ba69e879..bd12e064be 100644 --- a/2019/CVE-2019-10173.md +++ b/2019/CVE-2019-10173.md @@ -26,6 +26,7 @@ It was found that xstream API version 1.4.10 before 1.4.11 introduced a regressi - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/OWASP/www-project-ide-vulscanner - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/chalern/Pentest-Tools diff --git a/2019/CVE-2019-10758.md b/2019/CVE-2019-10758.md index 4a0314cb3e..02549fb650 100644 --- a/2019/CVE-2019-10758.md +++ b/2019/CVE-2019-10758.md @@ -30,6 +30,7 @@ mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints - https://github.com/SexyBeast233/SecBooks - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/Vulhub-Reproduce +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/Z0fhack/Goby_POC - https://github.com/ZTK-009/Penetration_PoC diff --git a/2019/CVE-2019-11043.md b/2019/CVE-2019-11043.md index eb2c3e999d..c3a50cf168 100644 --- a/2019/CVE-2019-11043.md +++ b/2019/CVE-2019-11043.md @@ -47,6 +47,7 @@ In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in - https://github.com/SexyBeast233/SecBooks - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/Vulhub-Reproduce +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/aaron3238/phpfpmexploit @@ -89,6 +90,7 @@ In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in - https://github.com/johnkilene/CUDB - https://github.com/jptr218/php_hack - https://github.com/k8gege/CVE-2019-11043 +- https://github.com/k8gege/PowerLadon - https://github.com/konterlim/nextcloud - https://github.com/kriskhub/CVE-2019-11043 - https://github.com/lindemer/CVE-2019-11043 diff --git a/2019/CVE-2019-11247.md b/2019/CVE-2019-11247.md index 5f95a826d1..bbe8e60bdc 100644 --- a/2019/CVE-2019-11247.md +++ b/2019/CVE-2019-11247.md @@ -19,5 +19,6 @@ No PoCs from references. - https://github.com/cloudnative-security/hacking-kubernetes - https://github.com/g3rzi/HackingKubernetes - https://github.com/hacking-kubernetes/hacking-kubernetes.info +- https://github.com/magnologan/awesome-k8s-security - https://github.com/stackrox/blog-examples diff --git a/2019/CVE-2019-11249.md b/2019/CVE-2019-11249.md index 423c6047ab..b50233c853 100644 --- a/2019/CVE-2019-11249.md +++ b/2019/CVE-2019-11249.md @@ -22,5 +22,6 @@ No PoCs from references. - https://github.com/atesemre/awesome-cloud-native-security - https://github.com/hacking-kubernetes/hacking-kubernetes.info - https://github.com/iridium-soda/container-escape-exploits +- https://github.com/magnologan/awesome-k8s-security - https://github.com/noirfate/k8s_debug diff --git a/2019/CVE-2019-1125.md b/2019/CVE-2019-1125.md index 901a73f115..46b88b4470 100644 --- a/2019/CVE-2019-1125.md +++ b/2019/CVE-2019-1125.md @@ -1,16 +1,43 @@ ### [CVE-2019-1125](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1125) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201703&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Systems%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) ### Description -An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071, CVE-2019-1073. +An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to elevate user rights directly, but it could be used to obtain information that could be used to try to compromise the affected system further.On January 3, 2018, Microsoft released an advisory and security updates related to a newly-discovered class of hardware vulnerabilities (known as Spectre) involving speculative execution side channels that affect AMD, ARM, and Intel CPUs to varying degrees. This vulnerability, released on August 6, 2019, is a variant of the Spectre Variant 1 speculative execution side channel vulnerability and has been assigned CVE-2019-1125.Microsoft released a security update on July 9, 2019 that addresses the vulnerability through a software change that mitigates how the CPU speculatively accesses memory. Note that this vulnerability does not require a microcode update from your device OEM. ### POC diff --git a/2019/CVE-2019-11358.md b/2019/CVE-2019-11358.md index 1d7e16a978..e641d46082 100644 --- a/2019/CVE-2019-11358.md +++ b/2019/CVE-2019-11358.md @@ -269,6 +269,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/Andrew-Renfro/Andrew-Renfro - https://github.com/AndrewF1234/ftc_2022_0117 - https://github.com/Andy3153/BroBotsFTC_2019-2020 +- https://github.com/AndyLiang925/FTC16093-2024 - https://github.com/AnikaMahesh/FirstTechChallengeFreightFrenzy - https://github.com/AnirudhJagannathan/FTC18108RobotController-7.0 - https://github.com/AnishJag/FTCFreightFrenzy @@ -323,6 +324,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/AuslinD/PowerPlay2022-2023 - https://github.com/AuslinD/rookiecamp2021 - https://github.com/AusreisserSF/FtcUltimateGoal +- https://github.com/AvivDukhovich/Centerstage_22993 - https://github.com/AvocadoRobotics/AvocadoBot - https://github.com/Avon-Roborioles/2023-21945 - https://github.com/Avyuuu/Philobots-2020-2021 @@ -2277,6 +2279,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/TudorFerecus/Programare - https://github.com/TudorFerecus/Programare-Brave-Bots-Freight-Frenzy - https://github.com/TudorFerecus/cod27-2 +- https://github.com/Tudorix/FTC_Research - https://github.com/TullyNYGuy/FtcRobotController - https://github.com/Tundrabots7083/18190-robot-code-2021-2022 - https://github.com/Tundrabots7083/7083-2023-2024 @@ -3561,6 +3564,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/rh-robotics/Panda-WMI - https://github.com/rh-robotics/Robot-Games-2022-T3 - https://github.com/rhindle/FF_Om_FtcRobotController2021-22 +- https://github.com/rhindle/FtcRobotController-LK-91 - https://github.com/rhindle/FtcRobotController-ftc265-example - https://github.com/rhindle/FtcRobotController80 - https://github.com/rhindle/Old_FF_Om_FtcRobotController2021-22 @@ -3865,6 +3869,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/thvulpe/Geneva - https://github.com/tia-tai/SLAM-Shady-22279 - https://github.com/tieburke/13105_2021-22_FINAL +- https://github.com/tikhonsmovzh/PackCollect - https://github.com/timmyjr11/Team14436-FTC-Power-Play-2022-2023 - https://github.com/titanium-knights/all-knighters-23-24 - https://github.com/titanium-knights/bakedbreadbot diff --git a/2019/CVE-2019-1144.md b/2019/CVE-2019-1144.md index 52e8f3775c..932153c029 100644 --- a/2019/CVE-2019-1144.md +++ b/2019/CVE-2019-1144.md @@ -1,16 +1,43 @@ ### [CVE-2019-1144](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1144) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201703&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Systems%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) ### Description -A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1145, CVE-2019-1149, CVE-2019-1150, CVE-2019-1151, CVE-2019-1152. +A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.There are multiple ways an attacker could exploit the vulnerability:In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability and then convince users to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email or instant message that takes users to the attacker's website, or by opening an attachment sent through email.In a file-sharing attack scenario, an attacker could provide a specially crafted document file designed to exploit the vulnerability and then convince users to open the document file.The security update addresses the vulnerability by correcting how the Windows font library handles embedded fonts. ### POC diff --git a/2019/CVE-2019-1145.md b/2019/CVE-2019-1145.md index cef9ab0776..01f2044508 100644 --- a/2019/CVE-2019-1145.md +++ b/2019/CVE-2019-1145.md @@ -1,16 +1,43 @@ ### [CVE-2019-1145](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1145) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201703&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Systems%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) ### Description -A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1149, CVE-2019-1150, CVE-2019-1151, CVE-2019-1152. +A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.There are multiple ways an attacker could exploit the vulnerability:In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability and then convince users to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email or instant message that takes users to the attacker's website, or by opening an attachment sent through email.In a file-sharing attack scenario, an attacker could provide a specially crafted document file designed to exploit the vulnerability and then convince users to open the document file.The security update addresses the vulnerability by correcting how the Windows font library handles embedded fonts. ### POC diff --git a/2019/CVE-2019-1148.md b/2019/CVE-2019-1148.md index b0b55d1cb9..0a2192a332 100644 --- a/2019/CVE-2019-1148.md +++ b/2019/CVE-2019-1148.md @@ -1,17 +1,45 @@ ### [CVE-2019-1148](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1148) -![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office%202019%20for%20Mac&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201703&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Systems%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) ### Description -An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1078, CVE-2019-1153. +An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The update addresses the vulnerability by correcting the way in which the Windows Graphics Component handles objects in memory. ### POC diff --git a/2019/CVE-2019-1149.md b/2019/CVE-2019-1149.md index 79d4303ed4..2ba0bcbaf5 100644 --- a/2019/CVE-2019-1149.md +++ b/2019/CVE-2019-1149.md @@ -1,17 +1,45 @@ ### [CVE-2019-1149](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1149) -![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office%202019%20for%20Mac&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201703&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Systems%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) ### Description -A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1145, CVE-2019-1150, CVE-2019-1151, CVE-2019-1152. +A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.There are multiple ways an attacker could exploit the vulnerability:In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability and then convince users to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email or instant message that takes users to the attacker's website, or by opening an attachment sent through email.In a file-sharing attack scenario, an attacker could provide a specially crafted document file designed to exploit the vulnerability and then convince users to open the document file.The security update addresses the vulnerability by correcting how the Windows font library handles embedded fonts. ### POC diff --git a/2019/CVE-2019-1150.md b/2019/CVE-2019-1150.md index 6fe12bf2c3..01edc6e178 100644 --- a/2019/CVE-2019-1150.md +++ b/2019/CVE-2019-1150.md @@ -1,16 +1,43 @@ ### [CVE-2019-1150](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1150) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201703&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Systems%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) ### Description -A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1145, CVE-2019-1149, CVE-2019-1151, CVE-2019-1152. +A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.There are multiple ways an attacker could exploit the vulnerability:In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability and then convince users to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email or instant message that takes users to the attacker's website, or by opening an attachment sent through email.In a file-sharing attack scenario, an attacker could provide a specially crafted document file designed to exploit the vulnerability and then convince users to open the document file.The security update addresses the vulnerability by correcting how the Windows font library handles embedded fonts. ### POC diff --git a/2019/CVE-2019-1151.md b/2019/CVE-2019-1151.md index 15f1b519de..6abeda095f 100644 --- a/2019/CVE-2019-1151.md +++ b/2019/CVE-2019-1151.md @@ -1,17 +1,45 @@ ### [CVE-2019-1151](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1151) -![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office%202019%20for%20Mac&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201703&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Systems%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) ### Description -A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1145, CVE-2019-1149, CVE-2019-1150, CVE-2019-1152. +A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.There are multiple ways an attacker could exploit the vulnerability:In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability and then convince users to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email or instant message that takes users to the attacker's website, or by opening an attachment sent through email.In a file-sharing attack scenario, an attacker could provide a specially crafted document file designed to exploit the vulnerability and then convince users to open the document file.The security update addresses the vulnerability by correcting how the Windows font library handles embedded fonts. ### POC diff --git a/2019/CVE-2019-11510.md b/2019/CVE-2019-11510.md index 0f2a8733e7..f1226e223e 100644 --- a/2019/CVE-2019-11510.md +++ b/2019/CVE-2019-11510.md @@ -46,6 +46,7 @@ In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7 - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/Z0fhack/Goby_POC - https://github.com/ZTK-009/Penetration_PoC diff --git a/2019/CVE-2019-1152.md b/2019/CVE-2019-1152.md index 4817537265..6a51aa1437 100644 --- a/2019/CVE-2019-1152.md +++ b/2019/CVE-2019-1152.md @@ -1,16 +1,43 @@ ### [CVE-2019-1152](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1152) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201703&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Systems%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) ### Description -A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1145, CVE-2019-1149, CVE-2019-1150, CVE-2019-1151. +A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.There are multiple ways an attacker could exploit the vulnerability:In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability and then convince users to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email or instant message that takes users to the attacker's website, or by opening an attachment sent through email.In a file-sharing attack scenario, an attacker could provide a specially crafted document file designed to exploit the vulnerability and then convince users to open the document file.The security update addresses the vulnerability by correcting how the Windows font library handles embedded fonts. ### POC diff --git a/2019/CVE-2019-1153.md b/2019/CVE-2019-1153.md index 1052ef69eb..258f2648ee 100644 --- a/2019/CVE-2019-1153.md +++ b/2019/CVE-2019-1153.md @@ -1,17 +1,45 @@ ### [CVE-2019-1153](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1153) -![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office%202019%20for%20Mac&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201703&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Systems%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) ### Description -An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1078, CVE-2019-1148. +An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The update addresses the vulnerability by correcting the way in which the Windows Graphics Component handles objects in memory. ### POC diff --git a/2019/CVE-2019-1158.md b/2019/CVE-2019-1158.md index 9c7437fa05..b8cef056be 100644 --- a/2019/CVE-2019-1158.md +++ b/2019/CVE-2019-1158.md @@ -1,16 +1,43 @@ ### [CVE-2019-1158](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1158) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201703&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Systems%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) ### Description -An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1143, CVE-2019-1154. +An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system.There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document or by convincing a user to visit an untrusted webpage.The update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. ### POC diff --git a/2019/CVE-2019-1159.md b/2019/CVE-2019-1159.md index 39c2a198b3..f6dc0a5bae 100644 --- a/2019/CVE-2019-1159.md +++ b/2019/CVE-2019-1159.md @@ -1,16 +1,43 @@ ### [CVE-2019-1159](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1159) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201703&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Systems%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) ### Description -An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1164. +An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application to take control of an affected system.The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. ### POC diff --git a/2019/CVE-2019-1161.md b/2019/CVE-2019-1161.md index 1ce515638e..cbf56d2102 100644 --- a/2019/CVE-2019-1161.md +++ b/2019/CVE-2019-1161.md @@ -1,38 +1,16 @@ ### [CVE-2019-1161](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1161) -![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Forefront%20Endpoint%20Protection&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Forefront%20Endpoint%20Protection%202010&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Security%20Essentials&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20System%20Center&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%2010%20Version%201607%20for%2032-bit%20Systems&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%2010%20Version%201607%20for%20x64-based%20Systems&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%2010%20Version%201703%20for%2032-bit%20Systems&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%2010%20Version%201703%20for%20x64-based%20Systems&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%2010%20Version%201709%20for%2032-bit%20Systems&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%2010%20Version%201709%20for%20x64-based%20Systems&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%2010%20for%2032-bit%20Systems&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%2010%20for%20x64-based%20Systems&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%207%20for%2032-bit%20Systems&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%207%20for%20x64-based%20Systems&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%208.1%20for%2032-bit%20systems&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%208.1%20for%20x64-based%20systems&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%20RT%208.1&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%20Server%202008%20R2%20for%20Itanium-Based%20Systems&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%20Server%202008%20R2%20for%20x64-based%20Systems%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%20Server%202008%20R2%20for%20x64-based%20Systems&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%20Server%202008%20for%2032-bit%20Systems%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%20Server%202008%20for%2032-bit%20Systems&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%20Server%202008%20for%20Itanium-Based%20Systems&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%20Server%202012%20R2&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%20Server%202012&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%20Server%202016%20%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%20Server%202016&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20System%20Center%202012%20Endpoint%20Protection&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20System%20Center%202012%20R2%20Endpoint%20Protection&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20System%20Center%20Endpoint%20Protection&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20N%2FA%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) ### Description -An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Defender Elevation of Privilege Vulnerability'. +An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted command that could exploit the vulnerability and delete protected files on an affected system once MpSigStub.exe ran again.The update addresses the vulnerability and blocks the arbitrary deletion. ### POC diff --git a/2019/CVE-2019-1170.md b/2019/CVE-2019-1170.md index 9dd27c7f37..e1e60944a1 100644 --- a/2019/CVE-2019-1170.md +++ b/2019/CVE-2019-1170.md @@ -1,16 +1,17 @@ ### [CVE-2019-1170](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1170) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Security%20Feature%20Bypass&color=brighgreen) ### Description -An elevation of privilege vulnerability exists when reparse points are created by sandboxed processes allowing sandbox escape, aka 'Windows NTFS Elevation of Privilege Vulnerability'. +An elevation of privilege vulnerability exists when reparse points are created by sandboxed processes allowing sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system.To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application to take control over the affected system.The security update addresses the vulnerability by preventing sandboxed processes from creating reparse points targeting inaccessible files. ### POC diff --git a/2019/CVE-2019-11708.md b/2019/CVE-2019-11708.md index c31ddb5412..388717bc0d 100644 --- a/2019/CVE-2019-11708.md +++ b/2019/CVE-2019-11708.md @@ -34,6 +34,7 @@ Insufficient vetting of parameters passed with the Prompt:Open IPC message betwe - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/Sp0pielar/CVE-2019-9791 +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/alphaSeclab/sec-daily-2019 diff --git a/2019/CVE-2019-1172.md b/2019/CVE-2019-1172.md index 63e53b5a9d..43212ab9a4 100644 --- a/2019/CVE-2019-1172.md +++ b/2019/CVE-2019-1172.md @@ -1,16 +1,30 @@ ### [CVE-2019-1172](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1172) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201703&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) ### Description -An information disclosure vulnerability exists in Azure Active Directory (AAD) Microsoft Account (MSA) during the login request session, aka 'Windows Information Disclosure Vulnerability'. +An information disclosure vulnerability exists in Azure Active Directory (AAD) Microsoft Account (MSA) during the login request session. An attacker who successfully exploited the vulnerability could take over a user's account.To exploit the vulnerability, an attacker would have to trick a user into browsing to a specially crafted website, allowing the attacker to steal the user's token.The security update addresses the vulnerability by correcting how MSA handles cookies. ### POC diff --git a/2019/CVE-2019-1181.md b/2019/CVE-2019-1181.md index 182c5b8dbd..e991b04a05 100644 --- a/2019/CVE-2019-1181.md +++ b/2019/CVE-2019-1181.md @@ -1,16 +1,38 @@ ### [CVE-2019-1181](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1181) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Remote%20Desktop%20for%20Android&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Remote%20Desktop%20for%20IoS&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Remote%20Desktop%20for%20Mac&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201703&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=1.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) ### Description -A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1182, CVE-2019-1222, CVE-2019-1226. +A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP.The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests. ### POC diff --git a/2019/CVE-2019-1182.md b/2019/CVE-2019-1182.md index 31979a2958..9640cc407b 100644 --- a/2019/CVE-2019-1182.md +++ b/2019/CVE-2019-1182.md @@ -1,16 +1,38 @@ ### [CVE-2019-1182](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1182) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Remote%20Desktop%20for%20Android&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Remote%20Desktop%20for%20IoS&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Remote%20Desktop%20for%20Mac&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201703&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=1.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) ### Description -A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1181, CVE-2019-1222, CVE-2019-1226. +A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP.The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests. ### POC diff --git a/2019/CVE-2019-1184.md b/2019/CVE-2019-1184.md index 95f5dbbac7..1039f1b55c 100644 --- a/2019/CVE-2019-1184.md +++ b/2019/CVE-2019-1184.md @@ -1,16 +1,19 @@ ### [CVE-2019-1184](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1184) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) ### Description -An elevation of privilege vulnerability exists when Windows Core Shell COM Server Registrar improperly handles COM calls, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1174, CVE-2019-1175, CVE-2019-1177, CVE-2019-1178, CVE-2019-1179, CVE-2019-1180, CVE-2019-1186. +An elevation of privilege vulnerability exists when Windows Core Shell COM Server Registrar improperly handles COM calls. An attacker who successfully exploited this vulnerability could potentially set certain items to run at a higher level and thereby elevate permissions.To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.The update addresses this vulnerability by correcting unprotected COM calls. ### POC diff --git a/2019/CVE-2019-1205.md b/2019/CVE-2019-1205.md index be8c70752c..d86d105ccf 100644 --- a/2019/CVE-2019-1205.md +++ b/2019/CVE-2019-1205.md @@ -1,14 +1,18 @@ ### [CVE-2019-1205](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1205) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office%202016%20for%20Mac&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office%202019%20for%20Mac&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office%202019&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office%20Online%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20SharePoint%20Server&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20SharePoint%20Server%202019&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Office%20365%20ProPlus&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=19.0.0%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) ### Description -A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1201. +A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. The file could then take actions on behalf of the logged-on user with the same permissions as the current user.To exploit the vulnerability, a user must open a specially crafted file with an affected version of Microsoft Word software.Two possible email attack scenarios exist for this vulnerability:With the first email attack scenario, an attacker could send a specially crafted email message to the user and wait for the user to click on the message. When the message renders via Microsoft Word in the Outlook Preview Pane, an attack could be triggered.With the second scenario, an attacker could attach a specially crafted file to an email, send it to a user, and convince them to open it.In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or other message, and then convince the user to open the specially crafted file.The security update addresses the vulnerability by correcting how Microsoft Word handles files in memory.For users who view their emails in Outlook, the Preview Pane attack vector can be mitigated by disabling this feature. The following registry keys can be set to disable the Preview Pane in Outlook on Windows, either via manual editing of the registry or by modifying Group Policy.Note Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk. For information about how to edit the registry, view the "Changing Keys and Values" Help topic in Registry Editor (Regedit.exe) or view the "Add and Delete Information in the Registry" and "Edit Registry Data" Help topics in Regedt32.exe.Outlook 2010:HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Outlook\OptionsDWORD: DisableReadingPaneValue: 1Outlook 2013:HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Outlook\OptionsDWORD: DisableReadingPaneValue: 1Outlook 2016, Outlook 2019, and Office 365 ProPlus:HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\OptionsDWORD: DisableReadingPaneValue: 1 ### POC diff --git a/2019/CVE-2019-1211.md b/2019/CVE-2019-1211.md index 197f42380c..a343e12d62 100644 --- a/2019/CVE-2019-1211.md +++ b/2019/CVE-2019-1211.md @@ -1,13 +1,16 @@ ### [CVE-2019-1211](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1211) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Visual%20Studio%202017%20version%2015.9%20(includes%2015.0%20-%2015.8)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Visual%20Studio%202017&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Visual%20Studio%202019&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Visual%20Studio&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Visual%20Studio%202019%20version%2016.0&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Visual%20Studio%202019%20version%2016.2&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=15.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=15.9.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=16.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) ### Description -An elevation of privilege vulnerability exists in Git for Visual Studio when it improperly parses configuration files, aka 'Git for Visual Studio Elevation of Privilege Vulnerability'. +An elevation of privilege vulnerability exists in Git for Visual Studio when it improperly parses configuration files. An attacker who successfully exploited the vulnerability could execute code in the context of another local user.To exploit the vulnerability, an authenticated attacker would need to modify Git configuration files on a system prior to a full installation of the application. The attacker would then need to convince another user on the system to execute specific Git commands.The update addresses the issue by changing the permissions required to edit configuration files. ### POC diff --git a/2019/CVE-2019-1218.md b/2019/CVE-2019-1218.md index 3065d44a86..0098caf0fa 100644 --- a/2019/CVE-2019-1218.md +++ b/2019/CVE-2019-1218.md @@ -1,11 +1,11 @@ ### [CVE-2019-1218](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1218) ![](https://img.shields.io/static/v1?label=Product&message=Outlook%20for%20iOS&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Spoofing&color=brighgreen) ### Description -A spoofing vulnerability exists in the way Microsoft Outlook iOS software parses specifically crafted email messages, aka 'Outlook iOS Spoofing Vulnerability'. +A spoofing vulnerability exists in the way Microsoft Outlook iOS software parses specifically crafted email messages. An authenticated attacker could exploit the vulnerability by sending a specially crafted email message to a victim.The attacker who successfully exploited this vulnerability could then perform cross-site scripting attacks on the affected systems and run scripts in the security context of the current user.The security update addresses the vulnerability by correcting how Outlook iOS parses specially crafted email messages. ### POC diff --git a/2019/CVE-2019-1222.md b/2019/CVE-2019-1222.md index 3e8697dffe..2cc61fde31 100644 --- a/2019/CVE-2019-1222.md +++ b/2019/CVE-2019-1222.md @@ -1,16 +1,19 @@ ### [CVE-2019-1222](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1222) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) ### Description -A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1181, CVE-2019-1182, CVE-2019-1226. +A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP.The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests. ### POC diff --git a/2019/CVE-2019-1226.md b/2019/CVE-2019-1226.md index 0b71759532..cd78a45430 100644 --- a/2019/CVE-2019-1226.md +++ b/2019/CVE-2019-1226.md @@ -1,16 +1,21 @@ ### [CVE-2019-1226](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1226) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201909&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201909%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) ### Description -A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1181, CVE-2019-1182, CVE-2019-1222. +A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP.The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests. ### POC diff --git a/2019/CVE-2019-12409.md b/2019/CVE-2019-12409.md index 1c3a32093f..4be71be6e7 100644 --- a/2019/CVE-2019-12409.md +++ b/2019/CVE-2019-12409.md @@ -32,6 +32,7 @@ The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/SexyBeast233/SecBooks - https://github.com/Threekiii/Awesome-POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/d4n-sec/d4n-sec.github.io diff --git a/2019/CVE-2019-1253.md b/2019/CVE-2019-1253.md index 8d6dad242b..98774a9f80 100644 --- a/2019/CVE-2019-1253.md +++ b/2019/CVE-2019-1253.md @@ -33,6 +33,7 @@ An elevation of privilege vulnerability exists when the Windows AppX Deployment - https://github.com/SexurityAnalyst/Watson - https://github.com/SofianeHamlaoui/Conti-Clear - https://github.com/TheJoyOfHacking/rasta-mouse-Watson +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/deadjakk/patch-checker diff --git a/2019/CVE-2019-12727.md b/2019/CVE-2019-12727.md index 98bf3a5b93..61dd4ccd98 100644 --- a/2019/CVE-2019-12727.md +++ b/2019/CVE-2019-12727.md @@ -13,5 +13,5 @@ On Ubiquiti airCam 3.1.4 devices, a Denial of Service vulnerability exists in th - https://github.com/X-C3LL/PoC-CVEs/blob/master/Aircam-DoS/Aircam-DoS.py #### Github -No PoCs found on GitHub currently. +- https://github.com/Samsung/cotopaxi diff --git a/2019/CVE-2019-13051.md b/2019/CVE-2019-13051.md index 5b4c1b392a..4ec3f30bbe 100644 --- a/2019/CVE-2019-13051.md +++ b/2019/CVE-2019-13051.md @@ -20,6 +20,7 @@ No PoCs from references. - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/developer3000S/PoC-in-GitHub diff --git a/2019/CVE-2019-1322.md b/2019/CVE-2019-1322.md index 90a898bcf3..60936dc73b 100644 --- a/2019/CVE-2019-1322.md +++ b/2019/CVE-2019-1322.md @@ -37,6 +37,7 @@ An elevation of privilege vulnerability exists when Windows improperly handles a - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/SofianeHamlaoui/Conti-Clear +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/ZTK-009/RedTeamer diff --git a/2019/CVE-2019-13272.md b/2019/CVE-2019-13272.md index 3200ceebfa..73d9dd429f 100644 --- a/2019/CVE-2019-13272.md +++ b/2019/CVE-2019-13272.md @@ -60,6 +60,7 @@ In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the - https://github.com/Snoopy-Sec/Localroot-ALL-CVE - https://github.com/Tharana/Exploiting-a-Linux-kernel-vulnerability - https://github.com/Tharana/vulnerability-exploitation +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/Waseem27-art/ART-TOOLKIT - https://github.com/Whiteh4tWolf/xcoderootsploit - https://github.com/YIXINSHUWU/Penetration_Testing_POC diff --git a/2019/CVE-2019-1388.md b/2019/CVE-2019-1388.md index 5b4ae63f32..20d1ad89f0 100644 --- a/2019/CVE-2019-1388.md +++ b/2019/CVE-2019-1388.md @@ -45,6 +45,7 @@ No PoCs from references. - https://github.com/Shadowven/Vulnerability_Reproduction - https://github.com/SofianeHamlaoui/Conti-Clear - https://github.com/TCM-Course-Resources/Windows-Privilege-Escalation-Resources +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/YgorAlberto/Ethical-Hacker - https://github.com/YgorAlberto/ygoralberto.github.io diff --git a/2019/CVE-2019-1405.md b/2019/CVE-2019-1405.md index af533d4702..ac1842d231 100644 --- a/2019/CVE-2019-1405.md +++ b/2019/CVE-2019-1405.md @@ -38,6 +38,7 @@ An elevation of privilege vulnerability exists when the Windows Universal Plug a - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/SofianeHamlaoui/Conti-Clear +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/ZTK-009/RedTeamer diff --git a/2019/CVE-2019-14323.md b/2019/CVE-2019-14323.md new file mode 100644 index 0000000000..2486cf6a87 --- /dev/null +++ b/2019/CVE-2019-14323.md @@ -0,0 +1,17 @@ +### [CVE-2019-14323](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14323) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +SSDP Responder 1.x through 1.5 mishandles incoming network messages, leading to a stack-based buffer overflow by 1 byte. This results in a crash of the server, but only when strict stack checking is enabled. This is caused by an off-by-one error in ssdp_recv in ssdpd.c. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Samsung/cotopaxi + diff --git a/2019/CVE-2019-14431.md b/2019/CVE-2019-14431.md new file mode 100644 index 0000000000..7370a38817 --- /dev/null +++ b/2019/CVE-2019-14431.md @@ -0,0 +1,17 @@ +### [CVE-2019-14431](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14431) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In MatrixSSL 3.8.3 Open through 4.2.1 Open, the DTLS server mishandles incoming network messages leading to a heap-based buffer overflow of up to 256 bytes and possible Remote Code Execution in parseSSLHandshake in sslDecode.c. During processing of a crafted packet, the server mishandles the fragment length value provided in the DTLS message. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Samsung/cotopaxi + diff --git a/2019/CVE-2019-1458.md b/2019/CVE-2019-1458.md index 181d63223b..21e6fac292 100644 --- a/2019/CVE-2019-1458.md +++ b/2019/CVE-2019-1458.md @@ -41,6 +41,7 @@ An elevation of privilege vulnerability exists in Windows when the Win32k compon - https://github.com/SexyBeast233/SecBooks - https://github.com/SofianeHamlaoui/Conti-Clear - https://github.com/TamilHackz/windows-exploitation +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/albinjoshy03/windows-kernel-exploits @@ -74,6 +75,7 @@ An elevation of privilege vulnerability exists in Windows when the Win32k compon - https://github.com/whitfieldsdad/epss - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +- https://github.com/xonoxitron/INE-eJPT-Certification-Exam-Notes-Cheat-Sheet - https://github.com/xuetusummer/Penetration_Testing_POC - https://github.com/ycdxsb/WindowsPrivilegeEscalation - https://github.com/yedada-wei/- diff --git a/2019/CVE-2019-15107.md b/2019/CVE-2019-15107.md index e6223838bd..0a34b0ee96 100644 --- a/2019/CVE-2019-15107.md +++ b/2019/CVE-2019-15107.md @@ -62,6 +62,7 @@ An issue was discovered in Webmin <=1.920. The parameter old in password_change. - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/Vulhub-Reproduce - https://github.com/Tuz-Wwsd/CVE-2019-15107_detection +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/YeezyTaughtMe1/HTB-Postman - https://github.com/Z0fhack/Goby_POC diff --git a/2019/CVE-2019-15642.md b/2019/CVE-2019-15642.md index 5dcbf40517..525a16c714 100644 --- a/2019/CVE-2019-15642.md +++ b/2019/CVE-2019-15642.md @@ -27,6 +27,7 @@ No PoCs from references. - https://github.com/Miraitowa70/POC-Notes - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/Threekiii/Awesome-POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/chalern/Pentest-Tools diff --git a/2019/CVE-2019-16131.md b/2019/CVE-2019-16131.md index d566a6b73e..dcd9b82c6a 100644 --- a/2019/CVE-2019-16131.md +++ b/2019/CVE-2019-16131.md @@ -24,6 +24,7 @@ No PoCs from references. - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks - https://github.com/Threekiii/Awesome-POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/chalern/Pentest-Tools diff --git a/2019/CVE-2019-16132.md b/2019/CVE-2019-16132.md index 29a3f216e9..49acaeb702 100644 --- a/2019/CVE-2019-16132.md +++ b/2019/CVE-2019-16132.md @@ -24,6 +24,7 @@ No PoCs from references. - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks - https://github.com/Threekiii/Awesome-POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/chalern/Pentest-Tools diff --git a/2019/CVE-2019-16278.md b/2019/CVE-2019-16278.md index 298052d8bc..c0afad30dd 100644 --- a/2019/CVE-2019-16278.md +++ b/2019/CVE-2019-16278.md @@ -32,6 +32,7 @@ Directory Traversal in the function http_verify in nostromo nhttpd through 1.9.6 - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/NHPT/CVE-2019-16278 - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/YeezyTaughtMe1/Traverxec - https://github.com/ZTK-009/Penetration_PoC diff --git a/2019/CVE-2019-16279.md b/2019/CVE-2019-16279.md index bb4de3faac..7ba04caeda 100644 --- a/2019/CVE-2019-16279.md +++ b/2019/CVE-2019-16279.md @@ -21,6 +21,7 @@ No PoCs from references. - https://github.com/InesMartins31/iot-cves - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/alphaSeclab/sec-daily-2019 diff --git a/2019/CVE-2019-16309.md b/2019/CVE-2019-16309.md index fed16343f6..7bf5f322fb 100644 --- a/2019/CVE-2019-16309.md +++ b/2019/CVE-2019-16309.md @@ -18,6 +18,7 @@ No PoCs from references. - https://github.com/EchoGin404/- - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/chalern/Pentest-Tools diff --git a/2019/CVE-2019-16313.md b/2019/CVE-2019-16313.md index 4238dd1b0d..c2df760b17 100644 --- a/2019/CVE-2019-16313.md +++ b/2019/CVE-2019-16313.md @@ -29,6 +29,7 @@ No PoCs from references. - https://github.com/SexyBeast233/SecBooks - https://github.com/StarCrossPortal/scalpel - https://github.com/Threekiii/Awesome-POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/Z0fhack/Goby_POC - https://github.com/ZTK-009/Penetration_PoC diff --git a/2019/CVE-2019-16314.md b/2019/CVE-2019-16314.md index 7dab04a3da..2d89bd521f 100644 --- a/2019/CVE-2019-16314.md +++ b/2019/CVE-2019-16314.md @@ -18,6 +18,7 @@ No PoCs from references. - https://github.com/EchoGin404/- - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/chalern/Pentest-Tools diff --git a/2019/CVE-2019-16336.md b/2019/CVE-2019-16336.md index e36a6eef5f..32ad831e57 100644 --- a/2019/CVE-2019-16336.md +++ b/2019/CVE-2019-16336.md @@ -16,4 +16,5 @@ The Bluetooth Low Energy implementation in Cypress PSoC 4 BLE component 3.61 and - https://github.com/JeffroMF/awesome-bluetooth-security321 - https://github.com/Matheus-Garbelini/sweyntooth_bluetooth_low_energy_attacks - https://github.com/engn33r/awesome-bluetooth-security +- https://github.com/sgxgsx/BlueToolkit diff --git a/2019/CVE-2019-16346.md b/2019/CVE-2019-16346.md index db09d65cc0..b04cf34a0f 100644 --- a/2019/CVE-2019-16346.md +++ b/2019/CVE-2019-16346.md @@ -14,4 +14,5 @@ ngiflib 0.4 has a heap-based buffer overflow in WritePixel() in ngiflib.c when c #### Github - https://github.com/Marsman1996/pocs +- https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2019/CVE-2019-16347.md b/2019/CVE-2019-16347.md index ff26472b42..10c20c695d 100644 --- a/2019/CVE-2019-16347.md +++ b/2019/CVE-2019-16347.md @@ -14,4 +14,5 @@ ngiflib 0.4 has a heap-based buffer overflow in WritePixels() in ngiflib.c when #### Github - https://github.com/Marsman1996/pocs +- https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2019/CVE-2019-16759.md b/2019/CVE-2019-16759.md index ffbdd3a005..290aa551b5 100644 --- a/2019/CVE-2019-16759.md +++ b/2019/CVE-2019-16759.md @@ -38,6 +38,7 @@ vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/VengfullSecurityOperations/BTCMixingBowl - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/Z0fhack/Goby_POC diff --git a/2019/CVE-2019-16920.md b/2019/CVE-2019-16920.md index cfda7d92b1..41e4343e8f 100644 --- a/2019/CVE-2019-16920.md +++ b/2019/CVE-2019-16920.md @@ -27,6 +27,7 @@ Unauthenticated remote code execution occurs in D-Link products such as DIR-655C - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/Z0fhack/Goby_POC - https://github.com/ZTK-009/Penetration_PoC diff --git a/2019/CVE-2019-17003.md b/2019/CVE-2019-17003.md index 12c85dd6be..48f63ffba2 100644 --- a/2019/CVE-2019-17003.md +++ b/2019/CVE-2019-17003.md @@ -19,6 +19,7 @@ Scanning a QR code that contained a javascript: URL would have resulted in the J - https://github.com/Fa1c0n35/Awesome-Bugbounty-Writeups - https://github.com/Hacker-Fighter001/Bug-Bounty-Hunter-Articles - https://github.com/ImranTheThirdEye/Awesome-Bugbounty-Writeups +- https://github.com/Neelakandan-A/BugBounty_CheatSheet - https://github.com/Prabirrimi/Awesome-Bugbounty-Writeups - https://github.com/Prodrious/writeups - https://github.com/R3dg0/writeups diff --git a/2019/CVE-2019-17060.md b/2019/CVE-2019-17060.md index 655e7dead1..f65ef4084e 100644 --- a/2019/CVE-2019-17060.md +++ b/2019/CVE-2019-17060.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/JeffroMF/awesome-bluetooth-security321 - https://github.com/Matheus-Garbelini/sweyntooth_bluetooth_low_energy_attacks - https://github.com/engn33r/awesome-bluetooth-security +- https://github.com/sgxgsx/BlueToolkit diff --git a/2019/CVE-2019-17061.md b/2019/CVE-2019-17061.md index a7df86e1ea..be86acdaf5 100644 --- a/2019/CVE-2019-17061.md +++ b/2019/CVE-2019-17061.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/JeffroMF/awesome-bluetooth-security321 - https://github.com/Matheus-Garbelini/sweyntooth_bluetooth_low_energy_attacks - https://github.com/engn33r/awesome-bluetooth-security +- https://github.com/sgxgsx/BlueToolkit diff --git a/2019/CVE-2019-17424.md b/2019/CVE-2019-17424.md index 0d47a36da7..22f7ba7722 100644 --- a/2019/CVE-2019-17424.md +++ b/2019/CVE-2019-17424.md @@ -19,6 +19,7 @@ A stack-based buffer overflow in the processPrivilage() function in IOS/process- - https://github.com/EchoGin404/- - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/alphaSeclab/sec-daily-2019 diff --git a/2019/CVE-2019-17506.md b/2019/CVE-2019-17506.md index 651cb4c9ee..20a7e578cb 100644 --- a/2019/CVE-2019-17506.md +++ b/2019/CVE-2019-17506.md @@ -28,5 +28,6 @@ No PoCs from references. - https://github.com/bigblackhat/oFx - https://github.com/d4n-sec/d4n-sec.github.io - https://github.com/openx-org/BLEN +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/sobinge/nuclei-templates diff --git a/2019/CVE-2019-17556.md b/2019/CVE-2019-17556.md index 286382221d..83488dd208 100644 --- a/2019/CVE-2019-17556.md +++ b/2019/CVE-2019-17556.md @@ -22,6 +22,7 @@ No PoCs from references. - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/alphaSeclab/sec-daily-2019 diff --git a/2019/CVE-2019-17558.md b/2019/CVE-2019-17558.md index 1c46884e0e..e4b74171b2 100644 --- a/2019/CVE-2019-17558.md +++ b/2019/CVE-2019-17558.md @@ -65,6 +65,7 @@ Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution - https://github.com/neilzhang1/Chinese-Charts - https://github.com/openx-org/BLEN - https://github.com/p4d0rn/Siren +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pinkieli/GitHub-Chinese-Top-Charts - https://github.com/qingyuanfeiniao/Chinese-Top-Charts - https://github.com/rockmelodies/rocComExpRce diff --git a/2019/CVE-2019-17564.md b/2019/CVE-2019-17564.md index fd83110b7a..762114f9c9 100644 --- a/2019/CVE-2019-17564.md +++ b/2019/CVE-2019-17564.md @@ -32,6 +32,7 @@ No PoCs from references. - https://github.com/Threekiii/Awesome-Exploit - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/Vulhub-Reproduce +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/Whoopsunix/PPPRASP - https://github.com/Whoopsunix/PPPVULNS - https://github.com/YIXINSHUWU/Penetration_Testing_POC diff --git a/2019/CVE-2019-17621.md b/2019/CVE-2019-17621.md index acfc262ddb..b1b03160b3 100644 --- a/2019/CVE-2019-17621.md +++ b/2019/CVE-2019-17621.md @@ -24,6 +24,7 @@ The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/SexyBeast233/SecBooks - https://github.com/Squirre17/CVE-2019-17621 +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/Vu1nT0tal/IoT-vulhub - https://github.com/VulnTotal-Team/IoT-vulhub - https://github.com/YIXINSHUWU/Penetration_Testing_POC diff --git a/2019/CVE-2019-17662.md b/2019/CVE-2019-17662.md index 5bd44ea952..8e8ec902be 100644 --- a/2019/CVE-2019-17662.md +++ b/2019/CVE-2019-17662.md @@ -24,6 +24,7 @@ ThinVNC 1.0b1 is vulnerable to arbitrary file read, which leads to a compromise - https://github.com/MuirlandOracle/CVE-2019-17662 - https://github.com/OriGlassman/Workshop-in-Information-Security - https://github.com/Tamagaft/CVE-2019-17662 +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/bl4ck574r/CVE-2019-17662 diff --git a/2019/CVE-2019-18370.md b/2019/CVE-2019-18370.md index 4c5a7bf290..5661a14c52 100644 --- a/2019/CVE-2019-18370.md +++ b/2019/CVE-2019-18370.md @@ -28,6 +28,7 @@ An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-stable. The - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks - https://github.com/Threekiii/Awesome-POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/UltramanGaia/POC-EXP - https://github.com/UltramanGaia/Xiaomi_Mi_WiFi_R3G_Vulnerability_POC - https://github.com/YIXINSHUWU/Penetration_Testing_POC diff --git a/2019/CVE-2019-18371.md b/2019/CVE-2019-18371.md index 6903201ec3..4c929c79bf 100644 --- a/2019/CVE-2019-18371.md +++ b/2019/CVE-2019-18371.md @@ -29,6 +29,7 @@ An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-stable. The - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks - https://github.com/Threekiii/Awesome-POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/UltramanGaia/POC-EXP - https://github.com/UltramanGaia/Xiaomi_Mi_WiFi_R3G_Vulnerability_POC - https://github.com/YIXINSHUWU/Penetration_Testing_POC diff --git a/2019/CVE-2019-18634.md b/2019/CVE-2019-18634.md index d82652a034..dddcadabd5 100644 --- a/2019/CVE-2019-18634.md +++ b/2019/CVE-2019-18634.md @@ -38,6 +38,7 @@ In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigg - https://github.com/SirElmard/ethical_hacking - https://github.com/Srinunaik000/Srinunaik000 - https://github.com/TCM-Course-Resources/Linux-Privilege-Escalation-Resources +- https://github.com/TH3xACE/SUDO_KILLER - https://github.com/TheJoyOfHacking/saleemrashid-sudo-cve-2019-18634 - https://github.com/Timirepo/CVE_Exploits - https://github.com/Y3A/CVE-2019-18634 diff --git a/2019/CVE-2019-18939.md b/2019/CVE-2019-18939.md index fb62ff16e0..0b7f564912 100644 --- a/2019/CVE-2019-18939.md +++ b/2019/CVE-2019-18939.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/abhav/nvd_scrapper +- https://github.com/muchdogesec/cve2stix diff --git a/2019/CVE-2019-19011.md b/2019/CVE-2019-19011.md index c13b151096..5d1641ffdc 100644 --- a/2019/CVE-2019-19011.md +++ b/2019/CVE-2019-19011.md @@ -13,5 +13,5 @@ MiniUPnP ngiflib 0.4 has a NULL pointer dereference in GifIndexToTrueColor in ng - https://github.com/miniupnp/ngiflib/issues/16 #### Github -No PoCs found on GitHub currently. +- https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2019/CVE-2019-19192.md b/2019/CVE-2019-19192.md index 29d647d3a7..b9abe22e54 100644 --- a/2019/CVE-2019-19192.md +++ b/2019/CVE-2019-19192.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/JeffroMF/awesome-bluetooth-security321 - https://github.com/Matheus-Garbelini/sweyntooth_bluetooth_low_energy_attacks - https://github.com/engn33r/awesome-bluetooth-security +- https://github.com/sgxgsx/BlueToolkit diff --git a/2019/CVE-2019-19634.md b/2019/CVE-2019-19634.md index 505f925820..cb9b831884 100644 --- a/2019/CVE-2019-19634.md +++ b/2019/CVE-2019-19634.md @@ -20,6 +20,7 @@ class.upload.php in verot.net class.upload through 1.0.3 and 2.x through 2.0.4, - https://github.com/EchoGin404/- - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/developer3000S/PoC-in-GitHub diff --git a/2019/CVE-2019-19781.md b/2019/CVE-2019-19781.md index 9f996ba36d..d10922a81d 100644 --- a/2019/CVE-2019-19781.md +++ b/2019/CVE-2019-19781.md @@ -77,6 +77,7 @@ An issue was discovered in Citrix Application Delivery Controller (ADC) and Gate - https://github.com/StarCrossPortal/scalpel - https://github.com/Staubgeborener/stars - https://github.com/Threekiii/Awesome-POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/Underwood12/CVE-2019-19782 - https://github.com/VDISEC/CVE-2019-19871-AuditGuide - https://github.com/VladRico/CVE-2019-19781 diff --git a/2019/CVE-2019-19844.md b/2019/CVE-2019-19844.md index 5fa757a04e..9c2dbf21af 100644 --- a/2019/CVE-2019-19844.md +++ b/2019/CVE-2019-19844.md @@ -25,6 +25,7 @@ Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account tak - https://github.com/Mohzeela/external-secret - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/Pad0y/Django2_dailyfresh +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/andripwn/django_cve201919844 diff --git a/2019/CVE-2019-19882.md b/2019/CVE-2019-19882.md index 69c184b492..27394f990f 100644 --- a/2019/CVE-2019-19882.md +++ b/2019/CVE-2019-19882.md @@ -21,4 +21,5 @@ No PoCs from references. - https://github.com/fokypoky/places-list - https://github.com/garethr/snykout - https://github.com/mauraneh/WIK-DPS-TP02 +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2019/CVE-2019-20215.md b/2019/CVE-2019-20215.md index 46eb70cb2e..0d9f1281ee 100644 --- a/2019/CVE-2019-20215.md +++ b/2019/CVE-2019-20215.md @@ -19,6 +19,7 @@ D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute - https://github.com/EchoGin404/- - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/hasee2018/Penetration_Testing_POC diff --git a/2019/CVE-2019-2107.md b/2019/CVE-2019-2107.md index b7b3f6302c..8e7c3ff132 100644 --- a/2019/CVE-2019-2107.md +++ b/2019/CVE-2019-2107.md @@ -25,6 +25,7 @@ In ihevcd_parse_pps of ihevcd_parse_headers.c, there is a possible out of bounds - https://github.com/GhostTroops/TOP - https://github.com/JERRY123S/all-poc - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/alphaSeclab/sec-daily-2019 diff --git a/2019/CVE-2019-2725.md b/2019/CVE-2019-2725.md index f609b2da00..ea01e44001 100644 --- a/2019/CVE-2019-2725.md +++ b/2019/CVE-2019-2725.md @@ -80,6 +80,7 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - https://github.com/Soundaryakambhampati/test-6 - https://github.com/Threekiii/Awesome-POC - https://github.com/TopScrew/CVE-2019-2725 +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/Waseem27-art/ART-TOOLKIT - https://github.com/Weik1/Artillery - https://github.com/WingsSec/Meppo @@ -134,7 +135,9 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - https://github.com/jiangsir404/POC-S - https://github.com/jiansiting/CVE-2019-2725 - https://github.com/jweny/pocassistdb +- https://github.com/k8gege/Aggressor - https://github.com/k8gege/Ladon +- https://github.com/k8gege/PowerLadon - https://github.com/kdandy/pentest_tools - https://github.com/kenuoseclab/Weblogic-scan - https://github.com/kerlingcode/CVE-2019-2725 @@ -170,6 +173,7 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - https://github.com/qazbnm456/awesome-web-security - https://github.com/qi4L/WeblogicScan.go - https://github.com/r0eXpeR/redteam_vul +- https://github.com/rabbitmask/WeblogicScan - https://github.com/rabbitmask/WeblogicScanLot - https://github.com/retr0-13/Pentest-Tools - https://github.com/rockmelodies/rocComExpRce diff --git a/2019/CVE-2019-2729.md b/2019/CVE-2019-2729.md index 8b8d5eaec9..3f0a3362f9 100644 --- a/2019/CVE-2019-2729.md +++ b/2019/CVE-2019-2729.md @@ -71,6 +71,7 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - https://github.com/pwnagelabs/VEF - https://github.com/qi4L/WeblogicScan.go - https://github.com/qianxiao996/FrameScan +- https://github.com/rabbitmask/WeblogicScan - https://github.com/rabbitmask/WeblogicScanLot - https://github.com/rockmelodies/rocComExpRce - https://github.com/ruthlezs/CVE-2019-2729-Exploit diff --git a/2019/CVE-2019-2890.md b/2019/CVE-2019-2890.md index 20e34ce0ca..b13d0cee9a 100644 --- a/2019/CVE-2019-2890.md +++ b/2019/CVE-2019-2890.md @@ -72,6 +72,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - https://github.com/pjgmonteiro/Pentest-tools - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/qi4L/WeblogicScan.go +- https://github.com/rabbitmask/WeblogicScan - https://github.com/readloud/Awesome-Stars - https://github.com/retr0-13/Pentest-Tools - https://github.com/severnake/Pentest-Tools diff --git a/2019/CVE-2019-7580.md b/2019/CVE-2019-7580.md index 943842b5d0..8aa5bad760 100644 --- a/2019/CVE-2019-7580.md +++ b/2019/CVE-2019-7580.md @@ -21,6 +21,7 @@ ThinkCMF 5.0.190111 allows remote attackers to execute arbitrary PHP code via th - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks - https://github.com/Shenkongyin/CUC-2023 +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/hasee2018/Penetration_Testing_POC diff --git a/2019/CVE-2019-7609.md b/2019/CVE-2019-7609.md index 75b7c1f44d..1db1dc92bc 100644 --- a/2019/CVE-2019-7609.md +++ b/2019/CVE-2019-7609.md @@ -40,6 +40,7 @@ Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw - https://github.com/SexyBeast233/SecBooks - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/Vulhub-Reproduce +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/alphaSeclab/sec-daily-2019 diff --git a/2019/CVE-2019-8286.md b/2019/CVE-2019-8286.md index 5bdea42667..492f1b59ae 100644 --- a/2019/CVE-2019-8286.md +++ b/2019/CVE-2019-8286.md @@ -13,5 +13,5 @@ Information Disclosure in Kaspersky Anti-Virus, Kaspersky Internet Security, Kas - https://support.kaspersky.com/general/vulnerability.aspx?el=12430#110719 #### Github -No PoCs found on GitHub currently. +- https://github.com/ffffffff0x/Digital-Privacy diff --git a/2019/CVE-2019-8341.md b/2019/CVE-2019-8341.md index 104723338e..ee76d78063 100644 --- a/2019/CVE-2019-8341.md +++ b/2019/CVE-2019-8341.md @@ -16,4 +16,5 @@ - https://github.com/ARPSyndicate/cvemon - https://github.com/TesterCC/exp_poc_library - https://github.com/adindrabkin/llama_facts +- https://github.com/vin01/bogus-cves diff --git a/2019/CVE-2019-9004.md b/2019/CVE-2019-9004.md index 2142a40e08..bf6c7cebd5 100644 --- a/2019/CVE-2019-9004.md +++ b/2019/CVE-2019-9004.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/Samsung/cotopaxi - https://github.com/ThingzDefense/IoT-Flock - https://github.com/eclipse-wakaama/wakaama - https://github.com/eclipse/wakaama diff --git a/2019/CVE-2019-9506.md b/2019/CVE-2019-9506.md index 28b09bfd04..cff77776ea 100644 --- a/2019/CVE-2019-9506.md +++ b/2019/CVE-2019-9506.md @@ -24,6 +24,7 @@ The Bluetooth BR/EDR specification up to and including version 5.1 permits suffi - https://github.com/engn33r/awesome-bluetooth-security - https://github.com/francozappa/knob - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/sgxgsx/BlueToolkit - https://github.com/u10427687/bluetooth-KNOB - https://github.com/winterheart/broadcom-bt-firmware diff --git a/2019/CVE-2019-9621.md b/2019/CVE-2019-9621.md index ee372b132c..75b5059f01 100644 --- a/2019/CVE-2019-9621.md +++ b/2019/CVE-2019-9621.md @@ -23,6 +23,7 @@ Zimbra Collaboration Suite before 8.6 patch 13, 8.7.x before 8.7.11 patch 10, an - https://github.com/anquanscan/sec-tools - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/k8gege/PowerLadon - https://github.com/k8gege/ZimbraExploit - https://github.com/nth347/Zimbra-RCE-exploit diff --git a/2019/CVE-2019-9747.md b/2019/CVE-2019-9747.md new file mode 100644 index 0000000000..d986508157 --- /dev/null +++ b/2019/CVE-2019-9747.md @@ -0,0 +1,17 @@ +### [CVE-2019-9747](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9747) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In tinysvcmdns through 2018-01-16, a maliciously crafted mDNS (Multicast DNS) packet triggers an infinite loop while parsing an mDNS query. When mDNS compressed labels point to each other, the function uncompress_nlabel goes into an infinite loop trying to analyze the packet with an mDNS query. As a result, the mDNS server hangs after receiving the malicious mDNS packet. NOTE: the product's web site states "This project is un-maintained, and has been since 2013. ... There are known vulnerabilities ... You are advised to NOT use this library for any new projects / products." + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Samsung/cotopaxi + diff --git a/2019/CVE-2019-9749.md b/2019/CVE-2019-9749.md new file mode 100644 index 0000000000..b820161ab0 --- /dev/null +++ b/2019/CVE-2019-9749.md @@ -0,0 +1,17 @@ +### [CVE-2019-9749](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9749) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in the MQTT input plugin in Fluent Bit through 1.0.4. When this plugin acts as an MQTT broker (server), it mishandles incoming network messages. After processing a crafted packet, the plugin's mqtt_packet_drop function (in /plugins/in_mqtt/mqtt_prot.c) executes the memmove() function with a negative size parameter. That leads to a crash of the whole Fluent Bit server via a SIGSEGV signal. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Samsung/cotopaxi + diff --git a/2019/CVE-2019-9750.md b/2019/CVE-2019-9750.md new file mode 100644 index 0000000000..7bc2e0e5ff --- /dev/null +++ b/2019/CVE-2019-9750.md @@ -0,0 +1,17 @@ +### [CVE-2019-9750](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9750) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In IoTivity through 1.3.1, the CoAP server interface can be used for Distributed Denial of Service attacks using source IP address spoofing and UDP-based traffic amplification. The reflected traffic is 6 times bigger than spoofed requests. This occurs because the construction of a "4.01 Unauthorized" response is mishandled. NOTE: the vendor states "While this is an interesting attack, there is no plan for maintainer to fix, as we are migrating to IoTivity Lite." + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Samsung/cotopaxi + diff --git a/2019/CVE-2019-9928.md b/2019/CVE-2019-9928.md new file mode 100644 index 0000000000..19a8d1c520 --- /dev/null +++ b/2019/CVE-2019-9928.md @@ -0,0 +1,17 @@ +### [CVE-2019-9928](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9928) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing remote code execution. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Samsung/cotopaxi + diff --git a/2020/CVE-2020-0554.md b/2020/CVE-2020-0554.md index 0bd7a19211..7908ffd74b 100644 --- a/2020/CVE-2020-0554.md +++ b/2020/CVE-2020-0554.md @@ -18,6 +18,7 @@ No PoCs from references. - https://github.com/EchoGin404/- - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/apachecn-archive/Middleware-Vulnerability-detection diff --git a/2020/CVE-2020-0601.md b/2020/CVE-2020-0601.md index e6e3296f9b..664d243e8b 100644 --- a/2020/CVE-2020-0601.md +++ b/2020/CVE-2020-0601.md @@ -71,6 +71,7 @@ A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) valid - https://github.com/ShayNehmad/twoplustwo - https://github.com/SherlockSec/CVE-2020-0601 - https://github.com/Threekiii/Awesome-POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/Yamato-Security/EnableWindowsLogSettings - https://github.com/YoannDqr/CVE-2020-0601 diff --git a/2020/CVE-2020-0609.md b/2020/CVE-2020-0609.md index e2e9fa52f3..84ebbdd77e 100644 --- a/2020/CVE-2020-0609.md +++ b/2020/CVE-2020-0609.md @@ -29,6 +29,7 @@ No PoCs from references. - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/Sh0ckFR/Infosec-Useful-Stuff - https://github.com/SofianeHamlaoui/Conti-Clear +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/cyberanand1337x/bug-bounty-2022 diff --git a/2020/CVE-2020-0610.md b/2020/CVE-2020-0610.md index 77d06e904b..1f6a5324d9 100644 --- a/2020/CVE-2020-0610.md +++ b/2020/CVE-2020-0610.md @@ -27,6 +27,7 @@ No PoCs from references. - https://github.com/MalwareTech/RDGScanner - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/Sh0ckFR/Infosec-Useful-Stuff +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/cyberanand1337x/bug-bounty-2022 diff --git a/2020/CVE-2020-0618.md b/2020/CVE-2020-0618.md index 058274b2f8..2a9f22ad39 100644 --- a/2020/CVE-2020-0618.md +++ b/2020/CVE-2020-0618.md @@ -40,6 +40,7 @@ A remote code execution vulnerability exists in Microsoft SQL Server Reporting S - https://github.com/Saidul-M-Khan/PENTESTING-BIBLE - https://github.com/SexyBeast233/SecBooks - https://github.com/SohelParashar/.Net-Deserialization-Cheat-Sheet +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/apachecn-archive/Middleware-Vulnerability-detection diff --git a/2020/CVE-2020-0668.md b/2020/CVE-2020-0668.md index 7871fd849d..8d17ad94e9 100644 --- a/2020/CVE-2020-0668.md +++ b/2020/CVE-2020-0668.md @@ -39,6 +39,7 @@ An elevation of privilege vulnerability exists in the way that the Windows Kerne - https://github.com/Nan3r/CVE-2020-0668 - https://github.com/Offensive-Penetration-Security/OPSEC-Hall-of-fame - https://github.com/RedCursorSecurityConsulting/CVE-2020-0668 +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/Wh04m1001/CVE-2023-29343 - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC diff --git a/2020/CVE-2020-0674.md b/2020/CVE-2020-0674.md index 3f1719b127..a0775d8980 100644 --- a/2020/CVE-2020-0674.md +++ b/2020/CVE-2020-0674.md @@ -42,6 +42,7 @@ A remote code execution vulnerability exists in the way that the scripting engin - https://github.com/Neko-chanQwQ/CVE-2020-0674-PoC - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/alphaSeclab/sec-daily-2020 diff --git a/2020/CVE-2020-0683.md b/2020/CVE-2020-0683.md index 4c752dd86c..80beccc915 100644 --- a/2020/CVE-2020-0683.md +++ b/2020/CVE-2020-0683.md @@ -47,6 +47,7 @@ An elevation of privilege vulnerability exists in the Windows Installer when MSI - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/cyberanand1337x/bug-bounty-2022 diff --git a/2020/CVE-2020-0688.md b/2020/CVE-2020-0688.md index 73fd838ffd..e1bea8ac87 100644 --- a/2020/CVE-2020-0688.md +++ b/2020/CVE-2020-0688.md @@ -68,6 +68,7 @@ A remote code execution vulnerability exists in Microsoft Exchange software when - https://github.com/ShawnDEvans/smbmap - https://github.com/SofianeHamlaoui/Conti-Clear - https://github.com/TheKickPuncher/CVE-2020-0688-Python3 +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/ViperXSecurity/OpenResearch - https://github.com/W01fh4cker/CVE-2020-0688-GUI - https://github.com/Waseem27-art/ART-TOOLKIT diff --git a/2020/CVE-2020-0728.md b/2020/CVE-2020-0728.md index 659683a7e0..c6f0db6471 100644 --- a/2020/CVE-2020-0728.md +++ b/2020/CVE-2020-0728.md @@ -30,6 +30,7 @@ An information vulnerability exists when Windows Modules Installer Service impro - https://github.com/EchoGin404/- - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/hasee2018/Penetration_Testing_POC diff --git a/2020/CVE-2020-0767.md b/2020/CVE-2020-0767.md index acd6825edb..375fd3862b 100644 --- a/2020/CVE-2020-0767.md +++ b/2020/CVE-2020-0767.md @@ -41,6 +41,7 @@ No PoCs from references. - https://github.com/EchoGin404/- - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/developer3000S/PoC-in-GitHub diff --git a/2020/CVE-2020-0787.md b/2020/CVE-2020-0787.md index 62f2819866..7d7a8eb539 100644 --- a/2020/CVE-2020-0787.md +++ b/2020/CVE-2020-0787.md @@ -48,6 +48,7 @@ An elevation of privilege vulnerability exists when the Windows Background Intel - https://github.com/SexurityAnalyst/WinPwn - https://github.com/SexyBeast233/SecBooks - https://github.com/SofianeHamlaoui/Conti-Clear +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/albinjoshy03/windows-kernel-exploits diff --git a/2020/CVE-2020-0796.md b/2020/CVE-2020-0796.md index b8658309aa..1ffc6d7d67 100644 --- a/2020/CVE-2020-0796.md +++ b/2020/CVE-2020-0796.md @@ -148,6 +148,7 @@ A remote code execution vulnerability exists in the way that the Microsoft Serve - https://github.com/Threekiii/Awesome-POC - https://github.com/TinToSer/CVE-2020-0796-LPE - https://github.com/TinToSer/cve2020-0796 +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/UraSecTeam/smbee - https://github.com/WinMin/Protocol-Vul - https://github.com/YIXINSHUWU/Penetration_Testing_POC @@ -243,6 +244,7 @@ A remote code execution vulnerability exists in the way that the Microsoft Serve - https://github.com/jweny/pocassistdb - https://github.com/k0imet/CVE-POCs - https://github.com/k4t3pro/SMBGhost +- https://github.com/k8gege/Aggressor - https://github.com/k8gege/Ladon - https://github.com/k8gege/PyLadon - https://github.com/kdandy/WinPwn diff --git a/2020/CVE-2020-10134.md b/2020/CVE-2020-10134.md index b77d70cd01..102d1c4ee2 100644 --- a/2020/CVE-2020-10134.md +++ b/2020/CVE-2020-10134.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/JeffroMF/awesome-bluetooth-security321 - https://github.com/engn33r/awesome-bluetooth-security +- https://github.com/sgxgsx/BlueToolkit diff --git a/2020/CVE-2020-10135.md b/2020/CVE-2020-10135.md index 203e9e5833..db9438e612 100644 --- a/2020/CVE-2020-10135.md +++ b/2020/CVE-2020-10135.md @@ -26,6 +26,7 @@ Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/marcinguy/CVE-2020-10135-BIAS - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/sgxgsx/BlueToolkit - https://github.com/soosmile/POC - https://github.com/winterheart/broadcom-bt-firmware diff --git a/2020/CVE-2020-10189.md b/2020/CVE-2020-10189.md index 5c3474cb36..9d8eebe295 100644 --- a/2020/CVE-2020-10189.md +++ b/2020/CVE-2020-10189.md @@ -35,6 +35,7 @@ Zoho ManageEngine Desktop Central before 10.0.474 allows remote code execution b - https://github.com/PalindromeLabs/Java-Deserialization-CVEs - https://github.com/SexyBeast233/SecBooks - https://github.com/SouthWind0/southwind0.github.io +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/XRSec/AWVS14-Update - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/Z0fhack/Goby_POC diff --git a/2020/CVE-2020-10199.md b/2020/CVE-2020-10199.md index 6e08432ae4..671f073fb1 100644 --- a/2020/CVE-2020-10199.md +++ b/2020/CVE-2020-10199.md @@ -45,6 +45,7 @@ Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection (issue 1 of 2). - https://github.com/Threekiii/Awesome-Exploit - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/Vulhub-Reproduce +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/aleenzz/CVE-2020-10199 diff --git a/2020/CVE-2020-10204.md b/2020/CVE-2020-10204.md index 1193a79452..53ee228cf5 100644 --- a/2020/CVE-2020-10204.md +++ b/2020/CVE-2020-10204.md @@ -39,6 +39,7 @@ Sonatype Nexus Repository before 3.21.2 allows Remote Code Execution. - https://github.com/Threekiii/Awesome-Exploit - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/Vulhub-Reproduce +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/apachecn-archive/Middleware-Vulnerability-detection diff --git a/2020/CVE-2020-10238.md b/2020/CVE-2020-10238.md index ab95b660c4..9094a038da 100644 --- a/2020/CVE-2020-10238.md +++ b/2020/CVE-2020-10238.md @@ -20,6 +20,7 @@ No PoCs from references. - https://github.com/HoangKien1020/CVE-2020-10238 - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/developer3000S/PoC-in-GitHub diff --git a/2020/CVE-2020-10239.md b/2020/CVE-2020-10239.md index a66b555342..7fd6073f0b 100644 --- a/2020/CVE-2020-10239.md +++ b/2020/CVE-2020-10239.md @@ -20,6 +20,7 @@ No PoCs from references. - https://github.com/HoangKien1020/CVE-2020-10238 - https://github.com/HoangKien1020/CVE-2020-10239 - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/developer3000S/PoC-in-GitHub diff --git a/2020/CVE-2020-1048.md b/2020/CVE-2020-1048.md index 2114e355bd..d0d8c59c84 100644 --- a/2020/CVE-2020-1048.md +++ b/2020/CVE-2020-1048.md @@ -40,6 +40,7 @@ An elevation of privilege vulnerability exists when the Windows Print Spooler se - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SafeBreach-Labs/Spooler - https://github.com/ScioShield/sibyl-gpt +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/VoidSec/CVE-2020-1337 - https://github.com/Y3A/cve-2020-1048 - https://github.com/YIXINSHUWU/Penetration_Testing_POC diff --git a/2020/CVE-2020-1054.md b/2020/CVE-2020-1054.md index 89cf65fba4..c9c35151e0 100644 --- a/2020/CVE-2020-1054.md +++ b/2020/CVE-2020-1054.md @@ -46,6 +46,7 @@ An elevation of privilege vulnerability exists in Windows when the Windows kerne - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/SexyBeast233/SecBooks - https://github.com/TamilHackz/windows-exploitation +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/alphaSeclab/sec-daily-2020 @@ -62,6 +63,7 @@ An elevation of privilege vulnerability exists in Windows when the Windows kerne - https://github.com/password520/Penetration_PoC - https://github.com/soosmile/POC - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- +- https://github.com/xonoxitron/INE-eJPT-Certification-Exam-Notes-Cheat-Sheet - https://github.com/xuetusummer/Penetration_Testing_POC - https://github.com/ycdxsb/Exploits - https://github.com/ycdxsb/WindowsPrivilegeEscalation diff --git a/2020/CVE-2020-1066.md b/2020/CVE-2020-1066.md index c153dcf8ee..84da615e2d 100644 --- a/2020/CVE-2020-1066.md +++ b/2020/CVE-2020-1066.md @@ -27,6 +27,7 @@ No PoCs from references. - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/NetW0rK1le3r/awesome-hacking-lists +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/cbwang505/CVE-2020-1066-EXP diff --git a/2020/CVE-2020-10673.md b/2020/CVE-2020-10673.md index d98c8038ea..3e89529e1d 100644 --- a/2020/CVE-2020-10673.md +++ b/2020/CVE-2020-10673.md @@ -28,6 +28,7 @@ FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction betwee - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/developer3000S/PoC-in-GitHub diff --git a/2020/CVE-2020-10713.md b/2020/CVE-2020-10713.md index ae0ef248b8..cc51b1232c 100644 --- a/2020/CVE-2020-10713.md +++ b/2020/CVE-2020-10713.md @@ -25,6 +25,7 @@ A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/NaverCloudPlatform/shim-review - https://github.com/Rodrigo-NR/shim-review +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/YeongSeokLee/shim-review - https://github.com/ZTK-009/Penetration_PoC diff --git a/2020/CVE-2020-10749.md b/2020/CVE-2020-10749.md index da326e1f32..990b5afa1b 100644 --- a/2020/CVE-2020-10749.md +++ b/2020/CVE-2020-10749.md @@ -22,6 +22,7 @@ No PoCs from references. - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/knqyf263/CVE-2020-10749 +- https://github.com/magnologan/awesome-k8s-security - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/reni2study/Cloud-Native-Security2 - https://github.com/soosmile/POC diff --git a/2020/CVE-2020-1088.md b/2020/CVE-2020-1088.md index 31f02b3a24..cfc0c7fb2d 100644 --- a/2020/CVE-2020-1088.md +++ b/2020/CVE-2020-1088.md @@ -27,6 +27,7 @@ No PoCs from references. - https://github.com/EchoGin404/- - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/alphaSeclab/sec-daily-2020 diff --git a/2020/CVE-2020-11154.md b/2020/CVE-2020-11154.md index 07bb42c8b7..55449c55e2 100644 --- a/2020/CVE-2020-11154.md +++ b/2020/CVE-2020-11154.md @@ -14,4 +14,5 @@ u'Buffer overflow while processing a crafted PDU data packet in bluetooth due to #### Github - https://github.com/TinyNiko/android_bulletin_notes +- https://github.com/sgxgsx/BlueToolkit diff --git a/2020/CVE-2020-11155.md b/2020/CVE-2020-11155.md index 9f6813c219..105d779483 100644 --- a/2020/CVE-2020-11155.md +++ b/2020/CVE-2020-11155.md @@ -14,4 +14,5 @@ u'Buffer overflow while processing PDU packet in bluetooth due to lack of check #### Github - https://github.com/TinyNiko/android_bulletin_notes +- https://github.com/sgxgsx/BlueToolkit diff --git a/2020/CVE-2020-11156.md b/2020/CVE-2020-11156.md index 4780536b37..841859b38d 100644 --- a/2020/CVE-2020-11156.md +++ b/2020/CVE-2020-11156.md @@ -14,4 +14,5 @@ u'Buffer over-read issue in Bluetooth estack due to lack of check for invalid le #### Github - https://github.com/TinyNiko/android_bulletin_notes +- https://github.com/sgxgsx/BlueToolkit diff --git a/2020/CVE-2020-11651.md b/2020/CVE-2020-11651.md index c41fe88478..8806ea75a7 100644 --- a/2020/CVE-2020-11651.md +++ b/2020/CVE-2020-11651.md @@ -47,6 +47,7 @@ An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2 - https://github.com/Threekiii/Awesome-Exploit - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/Vulhub-Reproduce +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/Z0fhack/Goby_POC - https://github.com/ZTK-009/Penetration_PoC @@ -61,6 +62,7 @@ An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2 - https://github.com/dozernz/cve-2020-11651 - https://github.com/dwoz/salt-rekey - https://github.com/fanjq99/CVE-2020-11652 +- https://github.com/ffffffff0x/Dork-Admin - https://github.com/fofapro/vulfocus - https://github.com/gobysec/Goby - https://github.com/hardsoftsecurity/CVE-2020-11651-PoC diff --git a/2020/CVE-2020-11652.md b/2020/CVE-2020-11652.md index 81a6825172..1bcbd7acfc 100644 --- a/2020/CVE-2020-11652.md +++ b/2020/CVE-2020-11652.md @@ -36,6 +36,7 @@ An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2 - https://github.com/Threekiii/Awesome-Exploit - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/Vulhub-Reproduce +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/apachecn-archive/Middleware-Vulnerability-detection @@ -47,6 +48,7 @@ An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/dwoz/salt-rekey - https://github.com/fanjq99/CVE-2020-11652 +- https://github.com/ffffffff0x/Dork-Admin - https://github.com/fofapro/vulfocus - https://github.com/hardsoftsecurity/CVE-2020-11651-PoC - https://github.com/hasee2018/Penetration_Testing_POC diff --git a/2020/CVE-2020-11890.md b/2020/CVE-2020-11890.md index c8cd1e1ec9..0b118515b9 100644 --- a/2020/CVE-2020-11890.md +++ b/2020/CVE-2020-11890.md @@ -21,6 +21,7 @@ No PoCs from references. - https://github.com/HoangKien1020/CVE-2020-11890 - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/developer3000S/PoC-in-GitHub diff --git a/2020/CVE-2020-11996.md b/2020/CVE-2020-11996.md index d6b635fb84..90f5b6cc4f 100644 --- a/2020/CVE-2020-11996.md +++ b/2020/CVE-2020-11996.md @@ -18,6 +18,7 @@ A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 - https://github.com/ARPSyndicate/cvemon - https://github.com/Dzmitry-Basiachenka/dist-foreign-aliakh - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/dromara/J2EEFAST - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/rusakovichma/tomcat-embed-core-9.0.31-CVE-2020-11996 diff --git a/2020/CVE-2020-12351.md b/2020/CVE-2020-12351.md index aabf2b965e..5d8711893e 100644 --- a/2020/CVE-2020-12351.md +++ b/2020/CVE-2020-12351.md @@ -38,6 +38,7 @@ Improper input validation in BlueZ may allow an unauthenticated user to potentia - https://github.com/ndk191/linux-kernel-exploitation - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/sereok3/buffer-overflow-writeups +- https://github.com/sgxgsx/BlueToolkit - https://github.com/shannonmullins/hopp - https://github.com/soosmile/POC - https://github.com/ssr-111/linux-kernel-exploitation diff --git a/2020/CVE-2020-12352.md b/2020/CVE-2020-12352.md index bc1532d18e..de02cc6cc4 100644 --- a/2020/CVE-2020-12352.md +++ b/2020/CVE-2020-12352.md @@ -35,6 +35,7 @@ Improper access control in BlueZ may allow an unauthenticated user to potentiall - https://github.com/khanhnd123/linux-kernel-exploitation - https://github.com/knd06/linux-kernel-exploitation - https://github.com/ndk191/linux-kernel-exploitation +- https://github.com/sgxgsx/BlueToolkit - https://github.com/shannonmullins/hopp - https://github.com/ssr-111/linux-kernel-exploitation - https://github.com/xairy/linux-kernel-exploitation diff --git a/2020/CVE-2020-12695.md b/2020/CVE-2020-12695.md index 08243f424b..2ecfd568fd 100644 --- a/2020/CVE-2020-12695.md +++ b/2020/CVE-2020-12695.md @@ -25,6 +25,7 @@ The Open Connectivity Foundation UPnP specification before 2020-04-17 does not f - https://github.com/EchoGin404/- - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/WinMin/Protocol-Vul - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC diff --git a/2020/CVE-2020-12753.md b/2020/CVE-2020-12753.md index 25af341485..1751d828b3 100644 --- a/2020/CVE-2020-12753.md +++ b/2020/CVE-2020-12753.md @@ -20,6 +20,7 @@ An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, a - https://github.com/EchoGin404/- - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/alphaSeclab/sec-daily-2020 diff --git a/2020/CVE-2020-1281.md b/2020/CVE-2020-1281.md index fce4305807..d1ed197480 100644 --- a/2020/CVE-2020-1281.md +++ b/2020/CVE-2020-1281.md @@ -31,6 +31,7 @@ A remote code execution vulnerability exists when Microsoft Windows OLE fails to - https://github.com/EchoGin404/- - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/alphaSeclab/sec-daily-2020 diff --git a/2020/CVE-2020-1313.md b/2020/CVE-2020-1313.md index c31fdf90cc..ddada6dcfe 100644 --- a/2020/CVE-2020-1313.md +++ b/2020/CVE-2020-1313.md @@ -33,6 +33,7 @@ An elevation of privilege vulnerability exists when the Windows Update Orchestra - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/NetW0rK1le3r/awesome-hacking-lists +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/developer3000S/PoC-in-GitHub diff --git a/2020/CVE-2020-1337.md b/2020/CVE-2020-1337.md index 497e54b0b5..fb7bd56c49 100644 --- a/2020/CVE-2020-1337.md +++ b/2020/CVE-2020-1337.md @@ -59,6 +59,7 @@ An elevation of privilege vulnerability exists when the Windows Print Spooler se - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SafeBreach-Labs/Spooler - https://github.com/ScioShield/sibyl-gpt +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/VoidSec/CVE-2020-1337 - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC diff --git a/2020/CVE-2020-1350.md b/2020/CVE-2020-1350.md index 128aa27027..d34368f27c 100644 --- a/2020/CVE-2020-1350.md +++ b/2020/CVE-2020-1350.md @@ -39,6 +39,7 @@ A remote code execution vulnerability exists in Windows Domain Name System serve - https://github.com/T13nn3s/CVE-2020-1350 - https://github.com/TheCyberViking/Insider_Threat_Bait - https://github.com/TrinityCryptx/OSCP-Resources +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/WinMin/Protocol-Vul - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC diff --git a/2020/CVE-2020-1362.md b/2020/CVE-2020-1362.md index 770ec1a124..ce6d988ee0 100644 --- a/2020/CVE-2020-1362.md +++ b/2020/CVE-2020-1362.md @@ -38,6 +38,7 @@ No PoCs from references. - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/NetW0rK1le3r/awesome-hacking-lists - https://github.com/Q4n/CVE-2020-1362 +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/cyberanand1337x/bug-bounty-2022 diff --git a/2020/CVE-2020-14181.md b/2020/CVE-2020-14181.md index eb244e9ac5..0fbe6ef8da 100644 --- a/2020/CVE-2020-14181.md +++ b/2020/CVE-2020-14181.md @@ -44,6 +44,7 @@ Affected versions of Atlassian Jira Server and Data Center allow an unauthentica - https://github.com/merlinepedra/nuclei-templates - https://github.com/merlinepedra25/nuclei-templates - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pen4uin/awesome-vulnerability-research - https://github.com/pen4uin/vulnerability-research - https://github.com/pen4uin/vulnerability-research-list diff --git a/2020/CVE-2020-14644.md b/2020/CVE-2020-14644.md index 5dfdfff52a..9a0959ac77 100644 --- a/2020/CVE-2020-14644.md +++ b/2020/CVE-2020-14644.md @@ -26,6 +26,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/NetW0rK1le3r/awesome-hacking-lists +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/developer3000S/PoC-in-GitHub diff --git a/2020/CVE-2020-14645.md b/2020/CVE-2020-14645.md index 906d4fffac..0a0ec95659 100644 --- a/2020/CVE-2020-14645.md +++ b/2020/CVE-2020-14645.md @@ -31,6 +31,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - https://github.com/NetW0rK1le3r/awesome-hacking-lists - https://github.com/Schira4396/CVE-2020-14645 - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/Y4er/CVE-2020-14645 - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC diff --git a/2020/CVE-2020-1472.md b/2020/CVE-2020-1472.md index 3b27c8f20c..93e9147289 100644 --- a/2020/CVE-2020-1472.md +++ b/2020/CVE-2020-1472.md @@ -68,6 +68,7 @@ An elevation of privilege vulnerability exists when an attacker establishes a vu - https://github.com/Austin-Src/CVE-Checker - https://github.com/Awrrays/Pentest-Tips - https://github.com/B-nD/report +- https://github.com/B34MR/zeroscan - https://github.com/BC-SECURITY/Invoke-ZeroLogon - https://github.com/CPO-EH/CVE-2020-1472_ZeroLogonChecker - https://github.com/CPO-EH/SharpZeroLogon @@ -377,6 +378,7 @@ An elevation of privilege vulnerability exists when an attacker establishes a vu - https://github.com/zareefrj/ZeroLogon - https://github.com/zer010bs/zeroscan - https://github.com/zeronetworks/zerologon +- https://github.com/zflemingg1/AM0N-Eye - https://github.com/zha0/CVE-2020-1474 - https://github.com/zha0/WeaponizeKali.sh - https://github.com/zizzs3228/PENTEST diff --git a/2020/CVE-2020-14882.md b/2020/CVE-2020-14882.md index d92ba9aa6b..6757ac24b4 100644 --- a/2020/CVE-2020-14882.md +++ b/2020/CVE-2020-14882.md @@ -55,6 +55,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - https://github.com/MacAsure/WL_Scan_GO - https://github.com/Manor99/CVE-2020-14882- - https://github.com/MicahFleming/Risk-Assessment-Cap-Stone- +- https://github.com/MichaelKoczwara/Awesome-CobaltStrike-Defence - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/N0Coriander/CVE-2020-14882-14883 - https://github.com/NS-Sp4ce/CVE-2020-14882 @@ -178,6 +179,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - https://github.com/xinyisleep/pocscan - https://github.com/xuetusummer/Penetration_Testing_POC - https://github.com/yaklang/vulinone +- https://github.com/yhy0/ExpDemo-JavaFX - https://github.com/yichensec/Bug_writer - https://github.com/yyzsec/2021SecWinterTask - https://github.com/zer0yu/Awesome-CobaltStrike diff --git a/2020/CVE-2020-15257.md b/2020/CVE-2020-15257.md index 00fda5177f..6e37bffd75 100644 --- a/2020/CVE-2020-15257.md +++ b/2020/CVE-2020-15257.md @@ -30,6 +30,7 @@ No PoCs from references. - https://github.com/brant-ruan/awesome-container-escape - https://github.com/cdk-team/CDK - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/eriksjolund/podman-networking-docs - https://github.com/h4ckm310n/Container-Vulnerability-Exploit - https://github.com/hktalent/bug-bounty - https://github.com/iridium-soda/container-escape-exploits diff --git a/2020/CVE-2020-15531.md b/2020/CVE-2020-15531.md index 1a2be41daa..049183ddd9 100644 --- a/2020/CVE-2020-15531.md +++ b/2020/CVE-2020-15531.md @@ -14,5 +14,5 @@ Silicon Labs Bluetooth Low Energy SDK before 2.13.3 has a buffer overflow via pa - https://www.youtube.com/watch?v=saoTr1NwdzM #### Github -No PoCs found on GitHub currently. +- https://github.com/sgxgsx/BlueToolkit diff --git a/2020/CVE-2020-15719.md b/2020/CVE-2020-15719.md index ac41d34b01..2575ddb4f1 100644 --- a/2020/CVE-2020-15719.md +++ b/2020/CVE-2020-15719.md @@ -16,4 +16,5 @@ libldap in certain third-party OpenLDAP packages has a certificate-validation fl #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/cyr3con-ai/cyRating-check-k8s-webhook +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2020/CVE-2020-15778.md b/2020/CVE-2020-15778.md index 07b44b326b..d61d21893b 100644 --- a/2020/CVE-2020-15778.md +++ b/2020/CVE-2020-15778.md @@ -33,6 +33,7 @@ No PoCs from references. - https://github.com/TarikVUT/secure-fedora38 - https://github.com/Threekiii/Awesome-POC - https://github.com/Totes5706/TotesHTB +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network diff --git a/2020/CVE-2020-15802.md b/2020/CVE-2020-15802.md index 81b091c2be..dd2b44b09d 100644 --- a/2020/CVE-2020-15802.md +++ b/2020/CVE-2020-15802.md @@ -24,4 +24,5 @@ No PoCs from references. - https://github.com/engn33r/awesome-bluetooth-security - https://github.com/francozappa/blur - https://github.com/goblimey/learn-unix +- https://github.com/sgxgsx/BlueToolkit diff --git a/2020/CVE-2020-16040.md b/2020/CVE-2020-16040.md index 89cd4881c1..d70ed68aaf 100644 --- a/2020/CVE-2020-16040.md +++ b/2020/CVE-2020-16040.md @@ -29,5 +29,6 @@ Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowe - https://github.com/ret2eax/exploits - https://github.com/ret2eax/ret2eax - https://github.com/singularseclab/Browser_Exploits +- https://github.com/tanjiti/sec_profile - https://github.com/yuvaly0/exploits diff --git a/2020/CVE-2020-1938.md b/2020/CVE-2020-1938.md index 14221bf50b..3f9add2d3a 100644 --- a/2020/CVE-2020-1938.md +++ b/2020/CVE-2020-1938.md @@ -79,6 +79,7 @@ When using the Apache JServ Protocol (AJP), care must be taken when trusting inc - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/Awesome-Redteam - https://github.com/Threekiii/Vulhub-Reproduce +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/Umesh2807/Ghostcat - https://github.com/Warelock/cve-2020-1938 - https://github.com/Waseem27-art/ART-TOOLKIT diff --git a/2020/CVE-2020-1947.md b/2020/CVE-2020-1947.md index 9e76384923..e8ef53ed89 100644 --- a/2020/CVE-2020-1947.md +++ b/2020/CVE-2020-1947.md @@ -31,6 +31,7 @@ No PoCs from references. - https://github.com/PalindromeLabs/Java-Deserialization-CVEs - https://github.com/SexyBeast233/SecBooks - https://github.com/StarkChristmas/CVE-2020-1947 +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/developer3000S/PoC-in-GitHub diff --git a/2020/CVE-2020-1948.md b/2020/CVE-2020-1948.md index 57ed4fc534..925f8ca35c 100644 --- a/2020/CVE-2020-1948.md +++ b/2020/CVE-2020-1948.md @@ -30,6 +30,7 @@ No PoCs from references. - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/PalindromeLabs/Java-Deserialization-CVEs - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/Whoopsunix/PPPRASP - https://github.com/Whoopsunix/PPPVULNS - https://github.com/YIXINSHUWU/Penetration_Testing_POC diff --git a/2020/CVE-2020-24490.md b/2020/CVE-2020-24490.md index e605ba0d85..b3740ff88e 100644 --- a/2020/CVE-2020-24490.md +++ b/2020/CVE-2020-24490.md @@ -35,6 +35,7 @@ No PoCs from references. - https://github.com/ndk191/linux-kernel-exploitation - https://github.com/oscomp/proj283-Automated-Security-Testing-of-Protocol-Stacks-in-OS-kernels - https://github.com/sereok3/buffer-overflow-writeups +- https://github.com/sgxgsx/BlueToolkit - https://github.com/shannonmullins/hopp - https://github.com/ssr-111/linux-kernel-exploitation - https://github.com/xairy/linux-kernel-exploitation diff --git a/2020/CVE-2020-25078.md b/2020/CVE-2020-25078.md index 020ad7a7f1..b93ae98968 100644 --- a/2020/CVE-2020-25078.md +++ b/2020/CVE-2020-25078.md @@ -47,6 +47,7 @@ No PoCs from references. - https://github.com/jorhelp/Ingram - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pen4uin/awesome-vulnerability-research - https://github.com/pen4uin/vulnerability-research - https://github.com/pen4uin/vulnerability-research-list diff --git a/2020/CVE-2020-2546.md b/2020/CVE-2020-2546.md index 6639356164..1658b92752 100644 --- a/2020/CVE-2020-2546.md +++ b/2020/CVE-2020-2546.md @@ -29,6 +29,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - https://github.com/Live-Hack-CVE/CVE-2020-2884 - https://github.com/Live-Hack-CVE/CVE-2020-2915 - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/cyberanand1337x/bug-bounty-2022 diff --git a/2020/CVE-2020-2551.md b/2020/CVE-2020-2551.md index d4392f568e..821343ca7c 100644 --- a/2020/CVE-2020-2551.md +++ b/2020/CVE-2020-2551.md @@ -70,6 +70,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - https://github.com/SummerSec/BlogPapers - https://github.com/SummerSec/BlogParpers - https://github.com/TacticsTeam/sg_ysoserial +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/Waseem27-art/ART-TOOLKIT - https://github.com/Weik1/Artillery - https://github.com/WhiteHSBG/JNDIExploit diff --git a/2020/CVE-2020-2555.md b/2020/CVE-2020-2555.md index 50071f34d1..17e3064145 100644 --- a/2020/CVE-2020-2555.md +++ b/2020/CVE-2020-2555.md @@ -74,6 +74,7 @@ Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (compo - https://github.com/R0ser1/GadgetInspector - https://github.com/SexyBeast233/SecBooks - https://github.com/TacticsTeam/sg_ysoserial +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/Uvemode/CVE-2020-2555 - https://github.com/Weik1/Artillery - https://github.com/WhiteHSBG/JNDIExploit diff --git a/2020/CVE-2020-26555.md b/2020/CVE-2020-26555.md index e0a1d50286..239cdfc104 100644 --- a/2020/CVE-2020-26555.md +++ b/2020/CVE-2020-26555.md @@ -17,4 +17,5 @@ Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B th - https://github.com/Live-Hack-CVE/CVE-2020-26555 - https://github.com/engn33r/awesome-bluetooth-security - https://github.com/goblimey/learn-unix +- https://github.com/sgxgsx/BlueToolkit diff --git a/2020/CVE-2020-26556.md b/2020/CVE-2020-26556.md index 955ab28a3e..a8f04ca43c 100644 --- a/2020/CVE-2020-26556.md +++ b/2020/CVE-2020-26556.md @@ -16,4 +16,5 @@ Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearb - https://github.com/ARPSyndicate/cvemon - https://github.com/JeffroMF/awesome-bluetooth-security321 - https://github.com/engn33r/awesome-bluetooth-security +- https://github.com/sgxgsx/BlueToolkit diff --git a/2020/CVE-2020-26557.md b/2020/CVE-2020-26557.md index 12ca588e00..a8f7de27fb 100644 --- a/2020/CVE-2020-26557.md +++ b/2020/CVE-2020-26557.md @@ -15,4 +15,5 @@ Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearb #### Github - https://github.com/JeffroMF/awesome-bluetooth-security321 - https://github.com/engn33r/awesome-bluetooth-security +- https://github.com/sgxgsx/BlueToolkit diff --git a/2020/CVE-2020-26558.md b/2020/CVE-2020-26558.md index c5cfc76941..0ed97f3ee8 100644 --- a/2020/CVE-2020-26558.md +++ b/2020/CVE-2020-26558.md @@ -17,4 +17,5 @@ Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 throu - https://github.com/JeffroMF/awesome-bluetooth-security321 - https://github.com/Live-Hack-CVE/CVE-2020-26558 - https://github.com/engn33r/awesome-bluetooth-security +- https://github.com/sgxgsx/BlueToolkit diff --git a/2020/CVE-2020-26559.md b/2020/CVE-2020-26559.md index 9f5be2b0bc..475b082d7b 100644 --- a/2020/CVE-2020-26559.md +++ b/2020/CVE-2020-26559.md @@ -15,4 +15,5 @@ Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may perm #### Github - https://github.com/JeffroMF/awesome-bluetooth-security321 - https://github.com/engn33r/awesome-bluetooth-security +- https://github.com/sgxgsx/BlueToolkit diff --git a/2020/CVE-2020-26560.md b/2020/CVE-2020-26560.md index d4d914d284..2eacd8cbef 100644 --- a/2020/CVE-2020-26560.md +++ b/2020/CVE-2020-26560.md @@ -15,4 +15,5 @@ Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may perm #### Github - https://github.com/JeffroMF/awesome-bluetooth-security321 - https://github.com/engn33r/awesome-bluetooth-security +- https://github.com/sgxgsx/BlueToolkit diff --git a/2020/CVE-2020-2696.md b/2020/CVE-2020-2696.md index 4b3f0615f1..1c48bb0c3a 100644 --- a/2020/CVE-2020-2696.md +++ b/2020/CVE-2020-2696.md @@ -24,6 +24,7 @@ Vulnerability in the Oracle Solaris product of Oracle Systems (component: Common - https://github.com/EchoGin404/gongkaishouji - https://github.com/Live-Hack-CVE/CVE-2020-2696 - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/hasee2018/Penetration_Testing_POC diff --git a/2020/CVE-2020-2798.md b/2020/CVE-2020-2798.md index 11720355ee..192aefd637 100644 --- a/2020/CVE-2020-2798.md +++ b/2020/CVE-2020-2798.md @@ -25,6 +25,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - https://github.com/JERRY123S/all-poc - https://github.com/Live-Hack-CVE/CVE-2020-2798 - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/cyberanand1337x/bug-bounty-2022 diff --git a/2020/CVE-2020-2801.md b/2020/CVE-2020-2801.md index e95ada135b..b5d2acbfbe 100644 --- a/2020/CVE-2020-2801.md +++ b/2020/CVE-2020-2801.md @@ -24,6 +24,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - https://github.com/JERRY123S/all-poc - https://github.com/Live-Hack-CVE/CVE-2020-2801 - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/cyberanand1337x/bug-bounty-2022 diff --git a/2020/CVE-2020-2883.md b/2020/CVE-2020-2883.md index 561f6be67f..ada27d4385 100644 --- a/2020/CVE-2020-2883.md +++ b/2020/CVE-2020-2883.md @@ -58,6 +58,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - https://github.com/Qynklee/POC_CVE-2020-2883 - https://github.com/SexyBeast233/SecBooks - https://github.com/Shadowven/Vulnerability_Reproduction +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/Weik1/Artillery - https://github.com/WhiteHSBG/JNDIExploit - https://github.com/Y4er/CVE-2020-2883 diff --git a/2020/CVE-2020-2884.md b/2020/CVE-2020-2884.md index 1b8c86a847..ae9c400561 100644 --- a/2020/CVE-2020-2884.md +++ b/2020/CVE-2020-2884.md @@ -25,6 +25,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - https://github.com/JERRY123S/all-poc - https://github.com/Live-Hack-CVE/CVE-2020-2884 - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/cyberanand1337x/bug-bounty-2022 diff --git a/2020/CVE-2020-2915.md b/2020/CVE-2020-2915.md index fdbe93e2ec..11b80cba4f 100644 --- a/2020/CVE-2020-2915.md +++ b/2020/CVE-2020-2915.md @@ -24,6 +24,7 @@ Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (compo - https://github.com/JERRY123S/all-poc - https://github.com/Live-Hack-CVE/CVE-2020-2915 - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/cyberanand1337x/bug-bounty-2022 diff --git a/2020/CVE-2020-2950.md b/2020/CVE-2020-2950.md index b4ee3c6a97..35eaf08dce 100644 --- a/2020/CVE-2020-2950.md +++ b/2020/CVE-2020-2950.md @@ -27,6 +27,7 @@ Vulnerability in the Oracle Business Intelligence Enterprise Edition product of - https://github.com/JERRY123S/all-poc - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/cyberanand1337x/bug-bounty-2022 diff --git a/2020/CVE-2020-3452.md b/2020/CVE-2020-3452.md index 68e165bf85..c202cc3d68 100644 --- a/2020/CVE-2020-3452.md +++ b/2020/CVE-2020-3452.md @@ -63,6 +63,7 @@ A vulnerability in the web services interface of Cisco Adaptive Security Applian - https://github.com/SexyBeast233/SecBooks - https://github.com/SouthWind0/southwind0.github.io - https://github.com/Threekiii/Awesome-POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/Veids/CVE-2020-3452_auto - https://github.com/XDev05/CVE-2020-3452-PoC - https://github.com/YIXINSHUWU/Penetration_Testing_POC diff --git a/2020/CVE-2020-3543.md b/2020/CVE-2020-3543.md new file mode 100644 index 0000000000..361b659f44 --- /dev/null +++ b/2020/CVE-2020-3543.md @@ -0,0 +1,17 @@ +### [CVE-2020-3543](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3543) +![](https://img.shields.io/static/v1?label=Product&message=Cisco%20Video%20Surveillance%208000%20Series%20IP%20Cameras%20&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-400&color=brighgreen) + +### Description + +A vulnerability in the Cisco Discovery Protocol of Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause a memory leak, which could lead to a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect processing of certain Cisco Discovery Protocol packets. An attacker could exploit this vulnerability by sending certain Cisco Discovery Protocol packets to an affected device. A successful exploit could allow the attacker to cause the affected device to continuously consume memory, which could cause the device to crash and reload, resulting in a DOS condition. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/muchdogesec/cve2stix + diff --git a/2020/CVE-2020-35473.md b/2020/CVE-2020-35473.md index e0663e0e0b..faaf76b3fa 100644 --- a/2020/CVE-2020-35473.md +++ b/2020/CVE-2020-35473.md @@ -14,4 +14,5 @@ An information leakage vulnerability in the Bluetooth Low Energy advertisement s #### Github - https://github.com/Live-Hack-CVE/CVE-2020-35473 +- https://github.com/sgxgsx/BlueToolkit diff --git a/2020/CVE-2020-36325.md b/2020/CVE-2020-36325.md new file mode 100644 index 0000000000..940377bab1 --- /dev/null +++ b/2020/CVE-2020-36325.md @@ -0,0 +1,17 @@ +### [CVE-2020-36325](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36325) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +** DISPUTED ** An issue was discovered in Jansson through 2.13.1. Due to a parsing error in json_loads, there's an out-of-bounds read-access bug. NOTE: the vendor reports that this only occurs when a programmer fails to follow the API specification. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/testing-felickz/docker-scout-demo + diff --git a/2020/CVE-2020-3703.md b/2020/CVE-2020-3703.md index e3847efb2e..ec288f1449 100644 --- a/2020/CVE-2020-3703.md +++ b/2020/CVE-2020-3703.md @@ -14,4 +14,5 @@ u'Buffer over-read issue in Bluetooth peripheral firmware due to lack of check f #### Github - https://github.com/TinyNiko/android_bulletin_notes +- https://github.com/sgxgsx/BlueToolkit diff --git a/2020/CVE-2020-5245.md b/2020/CVE-2020-5245.md index 105579103a..984405327a 100644 --- a/2020/CVE-2020-5245.md +++ b/2020/CVE-2020-5245.md @@ -1,11 +1,11 @@ ### [CVE-2020-5245](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5245) ![](https://img.shields.io/static/v1?label=Product&message=dropwizard-validation&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3E%3D%201.3.0%2C%20%3C%201.3.19%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-74%3A%20Improper%20Neutralization%20of%20Special%20Elements%20in%20Output%20Used%20by%20a%20Downstream%20Component%20('Injection')&color=brighgreen) ### Description -Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. The issue has been fixed in dropwizard-validation 1.3.19 and 2.0.2. +Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature.The issue has been fixed in dropwizard-validation 1.3.19 and 2.0.2. ### POC diff --git a/2020/CVE-2020-5260.md b/2020/CVE-2020-5260.md index 1d8ecca119..5fa6e7f220 100644 --- a/2020/CVE-2020-5260.md +++ b/2020/CVE-2020-5260.md @@ -21,6 +21,7 @@ Affected versions of Git have a vulnerability whereby Git can be tricked into se - https://github.com/EchoGin404/- - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/Yutaro-B18016/Use-wslgit - https://github.com/ZTK-009/Penetration_PoC diff --git a/2020/CVE-2020-5398.md b/2020/CVE-2020-5398.md index a8106a3c96..2d1060f220 100644 --- a/2020/CVE-2020-5398.md +++ b/2020/CVE-2020-5398.md @@ -30,6 +30,7 @@ In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1. - https://github.com/IkerSaint/VULNAPP-vulnerable-app - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/NetW0rK1le3r/awesome-hacking-lists +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/ax1sX/SpringSecurity diff --git a/2020/CVE-2020-5410.md b/2020/CVE-2020-5410.md index d823884329..2c597a5225 100644 --- a/2020/CVE-2020-5410.md +++ b/2020/CVE-2020-5410.md @@ -36,6 +36,7 @@ No PoCs from references. - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/Z0fhack/Goby_POC - https://github.com/ZTK-009/Penetration_PoC diff --git a/2020/CVE-2020-5504.md b/2020/CVE-2020-5504.md index 63ebec3235..013ec62d3a 100644 --- a/2020/CVE-2020-5504.md +++ b/2020/CVE-2020-5504.md @@ -19,6 +19,7 @@ In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the use - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/hasee2018/Penetration_Testing_POC diff --git a/2020/CVE-2020-5509.md b/2020/CVE-2020-5509.md index 77f4a85989..9531144298 100644 --- a/2020/CVE-2020-5509.md +++ b/2020/CVE-2020-5509.md @@ -22,6 +22,7 @@ PHPGurukul Car Rental Project v1.0 allows Remote Code Execution via an executabl - https://github.com/EchoGin404/gongkaishouji - https://github.com/FULLSHADE/CVE-2020-5509 - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/hasee2018/Penetration_Testing_POC diff --git a/2020/CVE-2020-5551.md b/2020/CVE-2020-5551.md new file mode 100644 index 0000000000..28e9968901 --- /dev/null +++ b/2020/CVE-2020-5551.md @@ -0,0 +1,17 @@ +### [CVE-2020-5551](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5551) +![](https://img.shields.io/static/v1?label=Product&message=DCU%20(Display%20Control%20Unit)&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Denial-of-service%20(DoS)&color=brighgreen) + +### Description + +Toyota 2017 Model Year DCU (Display Control Unit) allows an unauthenticated attacker within Bluetooth range to cause a denial of service attack and/or execute an arbitrary command. The affected DCUs are installed in Lexus (LC, LS, NX, RC, RC F), TOYOTA CAMRY, and TOYOTA SIENNA manufactured in the regions other than Japan from Oct. 2016 to Oct. 2019. An attacker with certain knowledge on the target vehicle control system may be able to send some diagnostic commands to ECUs with some limited availability impacts; the vendor states critical vehicle controls such as driving, turning, and stopping are not affected. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/sgxgsx/BlueToolkit + diff --git a/2020/CVE-2020-5902.md b/2020/CVE-2020-5902.md index 3a6588904d..5a17b4da0d 100644 --- a/2020/CVE-2020-5902.md +++ b/2020/CVE-2020-5902.md @@ -54,6 +54,7 @@ In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12. - https://github.com/CVEDB/awesome-cve-repo - https://github.com/CVEDB/top - https://github.com/CnHack3r/Penetration_PoC +- https://github.com/DinoBytes/RVASec-2024-Consumer-Routers-Still-Suck - https://github.com/EchoGin404/- - https://github.com/EchoGin404/gongkaishouji - https://github.com/ElcapitanoO7x/bugbounty-Tips @@ -100,6 +101,7 @@ In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12. - https://github.com/TheCyberViking/CVE-2020-5902-Vuln-Checker - https://github.com/TheCyberViking/TheCyberViking - https://github.com/Threekiii/Awesome-POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/Un4gi/CVE-2020-5902 - https://github.com/Waseem27-art/ART-TOOLKIT - https://github.com/WingsSec/Meppo diff --git a/2020/CVE-2020-6286.md b/2020/CVE-2020-6286.md index 6c74d2bef3..56bc6729d7 100644 --- a/2020/CVE-2020-6286.md +++ b/2020/CVE-2020-6286.md @@ -25,6 +25,7 @@ No PoCs from references. - https://github.com/GhostTroops/TOP - https://github.com/JERRY123S/all-poc - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/alphaSeclab/sec-daily-2020 diff --git a/2020/CVE-2020-6287.md b/2020/CVE-2020-6287.md index db69775d8d..17f9fb113c 100644 --- a/2020/CVE-2020-6287.md +++ b/2020/CVE-2020-6287.md @@ -34,6 +34,7 @@ SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7. - https://github.com/Onapsis/vulnerability_advisories - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/Z0fhack/Goby_POC - https://github.com/ZTK-009/Penetration_PoC diff --git a/2020/CVE-2020-7246.md b/2020/CVE-2020-7246.md index 2db1668faa..c481f869fd 100644 --- a/2020/CVE-2020-7246.md +++ b/2020/CVE-2020-7246.md @@ -30,6 +30,7 @@ A remote code execution (RCE) vulnerability exists in qdPM 9.1 and earlier. An a - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks - https://github.com/TobinShields/qdPM9.1_Exploit +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/arafatansari/QDPMSEC diff --git a/2020/CVE-2020-7471.md b/2020/CVE-2020-7471.md index 4ffa722a4d..225f2f9d8d 100644 --- a/2020/CVE-2020-7471.md +++ b/2020/CVE-2020-7471.md @@ -29,6 +29,7 @@ No PoCs from references. - https://github.com/SexyBeast233/SecBooks - https://github.com/SurfRid3r/Django_vulnerability_analysis - https://github.com/Tempuss/CTF_CVE-2020-7471 +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/aeyesec/CVE-2022-34265 diff --git a/2020/CVE-2020-8163.md b/2020/CVE-2020-8163.md index aa5c3f3160..2833a95941 100644 --- a/2020/CVE-2020-8163.md +++ b/2020/CVE-2020-8163.md @@ -24,6 +24,7 @@ The is a code injection vulnerability in versions of Rails prior to 5.0.1 that w - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/TK-Elliot/CVE-2020-8163 - https://github.com/TKLinux966/CVE-2020-8163 +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/aalexpereira/pipelines-tricks diff --git a/2020/CVE-2020-8193.md b/2020/CVE-2020-8193.md index 0c93ce707d..6129870700 100644 --- a/2020/CVE-2020-8193.md +++ b/2020/CVE-2020-8193.md @@ -34,6 +34,7 @@ Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58 - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/PR3R00T/CVE-2020-8193-Citrix-Scanner +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/XRSec/AWVS14-Update - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/Z0fhack/Goby_POC diff --git a/2020/CVE-2020-8558.md b/2020/CVE-2020-8558.md index 9a7b734f3f..06792fa193 100644 --- a/2020/CVE-2020-8558.md +++ b/2020/CVE-2020-8558.md @@ -38,6 +38,7 @@ No PoCs from references. - https://github.com/jassics/awesome-aws-security - https://github.com/jqsl2012/TopNews - https://github.com/leveryd/leveryd +- https://github.com/magnologan/awesome-k8s-security - https://github.com/noirfate/k8s_debug - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/reni2study/Cloud-Native-Security2 diff --git a/2020/CVE-2020-8559.md b/2020/CVE-2020-8559.md index 8017082b6b..39aa8105ba 100644 --- a/2020/CVE-2020-8559.md +++ b/2020/CVE-2020-8559.md @@ -26,6 +26,7 @@ The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions prior to v1.1 - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/iakat/stars - https://github.com/katlol/stars +- https://github.com/magnologan/awesome-k8s-security - https://github.com/noirfate/k8s_debug - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/pen4uin/awesome-cloud-native-security diff --git a/2020/CVE-2020-8597.md b/2020/CVE-2020-8597.md index 5cddecdf5b..18c35f6701 100644 --- a/2020/CVE-2020-8597.md +++ b/2020/CVE-2020-8597.md @@ -24,6 +24,7 @@ eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the - https://github.com/JLLeitschuh/bulk-security-pr-generator - https://github.com/Juanezm/openwrt-redmi-ac2100 - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/WinMin/CVE-2020-8597 - https://github.com/WinMin/Protocol-Vul - https://github.com/YIXINSHUWU/Penetration_Testing_POC diff --git a/2020/CVE-2020-8634.md b/2020/CVE-2020-8634.md index a6a99915f0..797e9b5bb1 100644 --- a/2020/CVE-2020-8634.md +++ b/2020/CVE-2020-8634.md @@ -18,6 +18,7 @@ No PoCs from references. - https://github.com/EchoGin404/- - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/hasee2018/Penetration_Testing_POC diff --git a/2020/CVE-2020-8635.md b/2020/CVE-2020-8635.md index c6a00aa482..1a7fe5f7e2 100644 --- a/2020/CVE-2020-8635.md +++ b/2020/CVE-2020-8635.md @@ -19,6 +19,7 @@ No PoCs from references. - https://github.com/EchoGin404/- - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/developer3000S/PoC-in-GitHub diff --git a/2020/CVE-2020-8794.md b/2020/CVE-2020-8794.md index 3c6bff4af2..e5c84bd7aa 100644 --- a/2020/CVE-2020-8794.md +++ b/2020/CVE-2020-8794.md @@ -20,6 +20,7 @@ OpenSMTPD before 6.6.4 allows remote code execution because of an out-of-bounds - https://github.com/EchoGin404/gongkaishouji - https://github.com/Live-Hack-CVE/CVE-2020-8794 - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/hasee2018/Penetration_Testing_POC diff --git a/2020/CVE-2020-8813.md b/2020/CVE-2020-8813.md index 0ecaf09841..5819be92af 100644 --- a/2020/CVE-2020-8813.md +++ b/2020/CVE-2020-8813.md @@ -28,6 +28,7 @@ graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary O - https://github.com/Live-Hack-CVE/CVE-2020-8813 - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/apachecn-archive/Middleware-Vulnerability-detection diff --git a/2020/CVE-2020-8840.md b/2020/CVE-2020-8840.md index 98aed4c060..de3603f5e2 100644 --- a/2020/CVE-2020-8840.md +++ b/2020/CVE-2020-8840.md @@ -33,6 +33,7 @@ FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean-reflect/JN - https://github.com/OWASP/www-project-ide-vulscanner - https://github.com/PalindromeLabs/Java-Deserialization-CVEs - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/Veraxy00/CVE-2020-8840 - https://github.com/Wfzsec/FastJson1.2.62-RCE - https://github.com/YIXINSHUWU/Penetration_Testing_POC diff --git a/2020/CVE-2020-9374.md b/2020/CVE-2020-9374.md index aedfc58673..acc072932f 100644 --- a/2020/CVE-2020-9374.md +++ b/2020/CVE-2020-9374.md @@ -22,6 +22,7 @@ On TP-Link TL-WR849N 0.9.1 4.16 devices, a remote command execution vulnerabilit - https://github.com/ElberTavares/routers-exploit - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/hasee2018/Penetration_Testing_POC diff --git a/2020/CVE-2020-9376.md b/2020/CVE-2020-9376.md index f3aa44759e..4d473ea744 100644 --- a/2020/CVE-2020-9376.md +++ b/2020/CVE-2020-9376.md @@ -22,6 +22,7 @@ - https://github.com/EchoGin404/gongkaishouji - https://github.com/HimmelAward/Goby_POC - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/Z0fhack/Goby_POC - https://github.com/ZTK-009/Penetration_PoC diff --git a/2020/CVE-2020-9377.md b/2020/CVE-2020-9377.md index 8270dc98f9..1ca5b35645 100644 --- a/2020/CVE-2020-9377.md +++ b/2020/CVE-2020-9377.md @@ -20,6 +20,7 @@ - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/hasee2018/Penetration_Testing_POC diff --git a/2020/CVE-2020-9402.md b/2020/CVE-2020-9402.md index 11e1dbd11f..ac530791e6 100644 --- a/2020/CVE-2020-9402.md +++ b/2020/CVE-2020-9402.md @@ -24,6 +24,7 @@ No PoCs from references. - https://github.com/SexyBeast233/SecBooks - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/Vulhub-Reproduce +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/bakery312/Vulhub-Reproduce diff --git a/2020/CVE-2020-9484.md b/2020/CVE-2020-9484.md index 666102c061..e79472efb1 100644 --- a/2020/CVE-2020-9484.md +++ b/2020/CVE-2020-9484.md @@ -56,6 +56,7 @@ When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8. - https://github.com/RepublicR0K/CVE-2020-9484 - https://github.com/SexyBeast233/SecBooks - https://github.com/Spacial/awesome-csirt +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/VICXOR/CVE-2020-9484 - https://github.com/Xslover/CVE-2020-9484-Scanner - https://github.com/Y4tacker/JavaSec diff --git a/2020/CVE-2020-9496.md b/2020/CVE-2020-9496.md index 05cb87180e..c8baefff19 100644 --- a/2020/CVE-2020-9496.md +++ b/2020/CVE-2020-9496.md @@ -49,6 +49,7 @@ XML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scriptin - https://github.com/merlinepedra25/nuclei-templates - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pen4uin/awesome-vulnerability-research - https://github.com/pen4uin/vulnerability-research - https://github.com/pen4uin/vulnerability-research-list diff --git a/2020/CVE-2020-9547.md b/2020/CVE-2020-9547.md index 642c1b148c..a41ddd01e4 100644 --- a/2020/CVE-2020-9547.md +++ b/2020/CVE-2020-9547.md @@ -28,6 +28,7 @@ FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction betwee - https://github.com/NetW0rK1le3r/awesome-hacking-lists - https://github.com/OWASP/www-project-ide-vulscanner - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/developer3000S/PoC-in-GitHub diff --git a/2020/CVE-2020-9548.md b/2020/CVE-2020-9548.md index 140ec7a3fc..ada21a7378 100644 --- a/2020/CVE-2020-9548.md +++ b/2020/CVE-2020-9548.md @@ -27,6 +27,7 @@ FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction betwee - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/OWASP/www-project-ide-vulscanner - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/developer3000S/PoC-in-GitHub diff --git a/2021/CVE-2021-1675.md b/2021/CVE-2021-1675.md index 8b0dfe2cd6..e0115e35d5 100644 --- a/2021/CVE-2021-1675.md +++ b/2021/CVE-2021-1675.md @@ -70,6 +70,7 @@ Windows Print Spooler Remote Code Execution Vulnerability - https://github.com/AndrewTrube/CVE-2021-1675 - https://github.com/Anonymous-Family/Zero-day-scanning - https://github.com/AshikAhmed007/Active-Directory-Exploitation-Cheat-Sheet +- https://github.com/B34MR/zeroscan - https://github.com/BC-SECURITY/Moriarty - https://github.com/BOFs/CobaltStrike - https://github.com/BeetleChunks/SpoolSploit diff --git a/2021/CVE-2021-20090.md b/2021/CVE-2021-20090.md index 2df61c7818..f6dc79a55d 100644 --- a/2021/CVE-2021-20090.md +++ b/2021/CVE-2021-20090.md @@ -18,6 +18,7 @@ A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 fi - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/ArrestX/--POC +- https://github.com/DinoBytes/RVASec-2024-Consumer-Routers-Still-Suck - https://github.com/HimmelAward/Goby_POC - https://github.com/KayCHENvip/vulnerability-poc - https://github.com/Miraitowa70/POC-Notes diff --git a/2021/CVE-2021-21315.md b/2021/CVE-2021-21315.md index 797787d8d0..62a5fabe5c 100644 --- a/2021/CVE-2021-21315.md +++ b/2021/CVE-2021-21315.md @@ -46,6 +46,7 @@ No PoCs from references. - https://github.com/mintoolkit/mint - https://github.com/mmk-1/kubernetes-poc - https://github.com/n1sh1th/CVE-POC +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/slimtoolkit/slim - https://github.com/soosmile/POC - https://github.com/superlink996/chunqiuyunjingbachang diff --git a/2021/CVE-2021-21972.md b/2021/CVE-2021-21972.md index 9cf1fdfafd..e9a0142008 100644 --- a/2021/CVE-2021-21972.md +++ b/2021/CVE-2021-21972.md @@ -126,6 +126,7 @@ The vSphere Client (HTML5) contains a remote code execution vulnerability in a v - https://github.com/oscpname/OSCP_cheat - https://github.com/password520/CVE-2021-21972 - https://github.com/password520/LadonGo +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pen4uin/awesome-vulnerability-research - https://github.com/pen4uin/vulnerability-research - https://github.com/pen4uin/vulnerability-research-list diff --git a/2021/CVE-2021-22005.md b/2021/CVE-2021-22005.md index 81a30deec5..65f061d45c 100644 --- a/2021/CVE-2021-22005.md +++ b/2021/CVE-2021-22005.md @@ -67,6 +67,7 @@ The vCenter Server contains an arbitrary file upload vulnerability in the Analyt - https://github.com/manas3c/CVE-POC - https://github.com/nday-ldgz/ZoomEye-dork - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pen4uin/awesome-vulnerability-research - https://github.com/pen4uin/vulnerability-research - https://github.com/pen4uin/vulnerability-research-list diff --git a/2021/CVE-2021-22205.md b/2021/CVE-2021-22205.md index c728bab24d..11e895390b 100644 --- a/2021/CVE-2021-22205.md +++ b/2021/CVE-2021-22205.md @@ -95,6 +95,7 @@ An issue has been discovered in GitLab CE/EE affecting all versions starting fro - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/octane23/CASE-STUDY-1 - https://github.com/overgrowncarrot1/DejaVu-CVE-2021-22205 +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pen4uin/awesome-vulnerability-research - https://github.com/pen4uin/vulnerability-research - https://github.com/pen4uin/vulnerability-research-list diff --git a/2021/CVE-2021-22986.md b/2021/CVE-2021-22986.md index 83e228a3d4..14e84a1dd3 100644 --- a/2021/CVE-2021-22986.md +++ b/2021/CVE-2021-22986.md @@ -79,6 +79,7 @@ On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/openx-org/BLEN - https://github.com/papa-anniekey/CustomSignatures +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pen4uin/awesome-vulnerability-research - https://github.com/pen4uin/vulnerability-research - https://github.com/pen4uin/vulnerability-research-list @@ -101,6 +102,7 @@ On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before - https://github.com/xinyisleep/pocscan - https://github.com/xuetusummer/Penetration_Testing_POC - https://github.com/yaunsky/CVE-202122986-EXP +- https://github.com/yhy0/ExpDemo-JavaFX - https://github.com/youwizard/CVE-POC - https://github.com/zecool/cve - https://github.com/zmylml/yangzifun diff --git a/2021/CVE-2021-25735.md b/2021/CVE-2021-25735.md index 8a24b0197d..a4be016f14 100644 --- a/2021/CVE-2021-25735.md +++ b/2021/CVE-2021-25735.md @@ -27,6 +27,7 @@ No PoCs from references. - https://github.com/developer-guy/awesome-falco - https://github.com/k0mi-tg/CVE-POC - https://github.com/khu-capstone-design/kubernetes-vulnerability-investigation +- https://github.com/magnologan/awesome-k8s-security - https://github.com/manas3c/CVE-POC - https://github.com/noirfate/k8s_debug - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2021/CVE-2021-25737.md b/2021/CVE-2021-25737.md index c41fdc0e39..128b4a96e8 100644 --- a/2021/CVE-2021-25737.md +++ b/2021/CVE-2021-25737.md @@ -20,5 +20,6 @@ No PoCs from references. - https://github.com/adavarski/HomeLab-k8s-DevSecOps-playground - https://github.com/atesemre/awesome-cloud-native-security - https://github.com/kajogo777/kubernetes-misconfigured +- https://github.com/magnologan/awesome-k8s-security - https://github.com/reni2study/Cloud-Native-Security2 diff --git a/2021/CVE-2021-25740.md b/2021/CVE-2021-25740.md index 08d69d69a2..c12f41c50a 100644 --- a/2021/CVE-2021-25740.md +++ b/2021/CVE-2021-25740.md @@ -18,4 +18,5 @@ No PoCs from references. - https://github.com/adavarski/HomeLab-k8s-DevSecOps-playground - https://github.com/hacking-kubernetes/hacking-kubernetes.info - https://github.com/kajogo777/kubernetes-misconfigured +- https://github.com/magnologan/awesome-k8s-security diff --git a/2021/CVE-2021-25741.md b/2021/CVE-2021-25741.md index d4c3e6c7bb..c74540bd93 100644 --- a/2021/CVE-2021-25741.md +++ b/2021/CVE-2021-25741.md @@ -31,6 +31,7 @@ No PoCs from references. - https://github.com/iridium-soda/container-escape-exploits - https://github.com/k0mi-tg/CVE-POC - https://github.com/khu-capstone-design/kubernetes-vulnerability-investigation +- https://github.com/magnologan/awesome-k8s-security - https://github.com/manas3c/CVE-POC - https://github.com/noirfate/k8s_debug - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2021/CVE-2021-26084.md b/2021/CVE-2021-26084.md index 030c53e82a..08b6952dbe 100644 --- a/2021/CVE-2021-26084.md +++ b/2021/CVE-2021-26084.md @@ -146,6 +146,7 @@ In affected versions of Confluence Server and Data Center, an OGNL injection vul - https://github.com/ouwenjin/- - https://github.com/p0nymc1/CVE-2021-26084 - https://github.com/pathakabhi24/Pentest-Tools +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pen4uin/awesome-pentest-note - https://github.com/pen4uin/awesome-vulnerability-research - https://github.com/pen4uin/pentest-note diff --git a/2021/CVE-2021-26295.md b/2021/CVE-2021-26295.md index 537b3f98e8..9e3e0a8d23 100644 --- a/2021/CVE-2021-26295.md +++ b/2021/CVE-2021-26295.md @@ -58,6 +58,7 @@ Apache OFBiz has unsafe deserialization prior to 17.12.06. An unauthenticated at - https://github.com/manas3c/CVE-POC - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pen4uin/awesome-vulnerability-research - https://github.com/pen4uin/vulnerability-research - https://github.com/pen4uin/vulnerability-research-list diff --git a/2021/CVE-2021-28139.md b/2021/CVE-2021-28139.md index 023b944091..92f63f49f5 100644 --- a/2021/CVE-2021-28139.md +++ b/2021/CVE-2021-28139.md @@ -15,4 +15,5 @@ The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does n #### Github - https://github.com/JeffroMF/awesome-bluetooth-security321 - https://github.com/engn33r/awesome-bluetooth-security +- https://github.com/sgxgsx/BlueToolkit diff --git a/2021/CVE-2021-28310.md b/2021/CVE-2021-28310.md index 4089743eb8..affbbaacd7 100644 --- a/2021/CVE-2021-28310.md +++ b/2021/CVE-2021-28310.md @@ -31,6 +31,7 @@ No PoCs from references. - https://github.com/Rafael-Svechinskaya/IOC_for_CVE-2021-28310 - https://github.com/SYRTI/POC_to_review - https://github.com/WhooAmii/POC_to_review +- https://github.com/cylaris/awesomekql - https://github.com/k0mi-tg/CVE-POC - https://github.com/manas3c/CVE-POC - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2021/CVE-2021-29441.md b/2021/CVE-2021-29441.md index 9e7cbce176..3014121fae 100644 --- a/2021/CVE-2021-29441.md +++ b/2021/CVE-2021-29441.md @@ -28,6 +28,7 @@ No PoCs from references. - https://github.com/Threekiii/Awesome-Exploit - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/Vulhub-Reproduce +- https://github.com/Tsojan/TsojanScan - https://github.com/WhooAmii/POC_to_review - https://github.com/Whoopsunix/nacosScan - https://github.com/bakery312/Vulhub-Reproduce diff --git a/2021/CVE-2021-30461.md b/2021/CVE-2021-30461.md index 57d1b8a78f..53c673716a 100644 --- a/2021/CVE-2021-30461.md +++ b/2021/CVE-2021-30461.md @@ -35,6 +35,7 @@ No PoCs from references. - https://github.com/daedalus/CVE-2021-30461 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/openx-org/BLEN +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/puckiestyle/CVE-2021-30461 - https://github.com/soosmile/POC - https://github.com/trhacknon/Pocingit diff --git a/2021/CVE-2021-30465.md b/2021/CVE-2021-30465.md index 064e4af9ff..b44a7ad021 100644 --- a/2021/CVE-2021-30465.md +++ b/2021/CVE-2021-30465.md @@ -30,6 +30,7 @@ No PoCs from references. - https://github.com/h4ckm310n/Container-Vulnerability-Exploit - https://github.com/iridium-soda/container-escape-exploits - https://github.com/kaosagnt/ansible-everyday +- https://github.com/magnologan/awesome-k8s-security - https://github.com/reni2study/Cloud-Native-Security2 - https://github.com/superfish9/pt - https://github.com/wllenyj/safe-path-rs diff --git a/2021/CVE-2021-32256.md b/2021/CVE-2021-32256.md index 95e9179119..159783e20c 100644 --- a/2021/CVE-2021-32256.md +++ b/2021/CVE-2021-32256.md @@ -13,5 +13,5 @@ An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. I - https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1927070 #### Github -No PoCs found on GitHub currently. +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2021/CVE-2021-35068.md b/2021/CVE-2021-35068.md index 2279e4a341..7571aed522 100644 --- a/2021/CVE-2021-35068.md +++ b/2021/CVE-2021-35068.md @@ -14,5 +14,6 @@ Lack of null check while freeing the device information buffer in the Bluetooth #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/sgxgsx/BlueToolkit - https://github.com/xmpf/qualcomm-bulletins diff --git a/2021/CVE-2021-3520.md b/2021/CVE-2021-3520.md index 2d6243e8b2..0bf33965df 100644 --- a/2021/CVE-2021-3520.md +++ b/2021/CVE-2021-3520.md @@ -16,4 +16,5 @@ There's a flaw in lz4. An attacker who submits a crafted file to an application #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2021/CVE-2021-37580.md b/2021/CVE-2021-37580.md index 32b77c97b4..3b165d9cc0 100644 --- a/2021/CVE-2021-37580.md +++ b/2021/CVE-2021-37580.md @@ -39,6 +39,7 @@ No PoCs from references. - https://github.com/langligelang/langligelang - https://github.com/lions2012/Penetration_Testing_POC - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pen4uin/awesome-vulnerability-research - https://github.com/pen4uin/vulnerability-research - https://github.com/pen4uin/vulnerability-research-list diff --git a/2021/CVE-2021-3899.md b/2021/CVE-2021-3899.md new file mode 100644 index 0000000000..2fc28a68bf --- /dev/null +++ b/2021/CVE-2021-3899.md @@ -0,0 +1,24 @@ +### [CVE-2021-3899](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3899) +![](https://img.shields.io/static/v1?label=Product&message=Apport&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=0%3C%202.21.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +There is a race condition in the 'replaced executable' detection that, with the correct local configuration, allow an attacker to execute arbitrary code as root. + +### POC + +#### Reference +- https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1948376 + +#### Github +- https://github.com/NaInSec/CVE-PoC-in-GitHub +- https://github.com/WhooAmii/POC_to_review +- https://github.com/k0mi-tg/CVE-POC +- https://github.com/liumuqing/CVE-2021-3899_PoC +- https://github.com/manas3c/CVE-POC +- https://github.com/whoforget/CVE-POC +- https://github.com/youwizard/CVE-POC +- https://github.com/zecool/cve + diff --git a/2021/CVE-2021-3942.md b/2021/CVE-2021-3942.md new file mode 100644 index 0000000000..496c2a55a3 --- /dev/null +++ b/2021/CVE-2021-3942.md @@ -0,0 +1,17 @@ +### [CVE-2021-3942](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3942) +![](https://img.shields.io/static/v1?label=Product&message=HP%20Print%20products%20and%20Digital%20Sending%20products&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20See%20HP%20Security%20Bulletin%20reference%20for%20affected%20versions.%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Certain HP Print products and Digital Sending products may be vulnerable to potential remote code execution and buffer overflow with use of Link-Local Multicast Name Resolution or LLMNR. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/muchdogesec/cve2stix + diff --git a/2021/CVE-2021-4034.md b/2021/CVE-2021-4034.md index bb35b098f8..550f8ed135 100644 --- a/2021/CVE-2021-4034.md +++ b/2021/CVE-2021-4034.md @@ -231,6 +231,7 @@ A local privilege escalation vulnerability was found on polkit's pkexec utility. - https://github.com/darkerego/pwnkit - https://github.com/deathsticksguy/CEHv12Practical - https://github.com/defhacks/cve-2021-4034 +- https://github.com/dejavudwh/dejavudwh - https://github.com/deoxykev/CVE-2021-4034-Rust - https://github.com/drapl0n/pwnKit - https://github.com/dzonerzy/poc-cve-2021-4034 diff --git a/2021/CVE-2021-40655.md b/2021/CVE-2021-40655.md index 1ce0dad0a1..cce11d28e8 100644 --- a/2021/CVE-2021-40655.md +++ b/2021/CVE-2021-40655.md @@ -13,5 +13,5 @@ An informtion disclosure issue exists in D-LINK-DIR-605 B2 Firmware Version : 2. - https://www.dlink.com/en/security-bulletin/ #### Github -No PoCs found on GitHub currently. +- https://github.com/Ostorlab/KEV diff --git a/2021/CVE-2021-41773.md b/2021/CVE-2021-41773.md index ba43f722ab..ac671851ba 100644 --- a/2021/CVE-2021-41773.md +++ b/2021/CVE-2021-41773.md @@ -248,6 +248,7 @@ A flaw was found in a change made to path normalization in Apache HTTP Server 2. - https://github.com/numanturle/CVE-2021-41773 - https://github.com/orangmuda/CVE-2021-41773 - https://github.com/oscpname/OSCP_cheat +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pen4uin/awesome-vulnerability-research - https://github.com/pen4uin/vulnerability-research - https://github.com/pen4uin/vulnerability-research-list diff --git a/2021/CVE-2021-42013.md b/2021/CVE-2021-42013.md index 36421247d0..afa4bc87ea 100644 --- a/2021/CVE-2021-42013.md +++ b/2021/CVE-2021-42013.md @@ -139,6 +139,7 @@ It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was in - https://github.com/nitishbadole/oscp-note-3 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/oscpname/OSCP_cheat +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pen4uin/awesome-vulnerability-research - https://github.com/pen4uin/vulnerability-research - https://github.com/pen4uin/vulnerability-research-list diff --git a/2021/CVE-2021-42306.md b/2021/CVE-2021-42306.md index 24c0a22893..36800f8e5c 100644 --- a/2021/CVE-2021-42306.md +++ b/2021/CVE-2021-42306.md @@ -9,7 +9,7 @@ ### Description -

An information disclosure vulnerability manifests when a user or an application uploads unprotected private key data as part of an authentication certificate keyCredential  on an Azure AD Application or Service Principal (which is not recommended). This vulnerability allows a user or service in the tenant with application read access to read the private key data that was added to the application.

Azure AD addressed this vulnerability by preventing disclosure of any private key values added to the application.

Microsoft has identified services that could manifest this vulnerability, and steps that customers should take to be protected. Refer to the FAQ section for more information.

For more details on this issue, please refer to the MSRC Blog Entry.

+An information disclosure vulnerability manifests when a user or an application uploads unprotected private key data as part of an authentication certificate keyCredential  on an Azure AD Application or Service Principal (which is not recommended). This vulnerability allows a user or service in the tenant with application read access to read the private key data that was added to the application.Azure AD addressed this vulnerability by preventing disclosure of any private key values added to the application.Microsoft has identified services that could manifest this vulnerability, and steps that customers should take to be protected. Refer to the FAQ section for more information.For more details on this issue, please refer to the MSRC Blog Entry. ### POC @@ -18,5 +18,6 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/Azure/Azure-Sentinel-Notebooks - https://github.com/SummitRoute/csp_security_mistakes diff --git a/2021/CVE-2021-43798.md b/2021/CVE-2021-43798.md index 4efc6c2958..28e4ac7b4f 100644 --- a/2021/CVE-2021-43798.md +++ b/2021/CVE-2021-43798.md @@ -111,6 +111,7 @@ Grafana is an open-source platform for monitoring and observability. Grafana ver - https://github.com/nuker/CVE-2021-43798 - https://github.com/openx-org/BLEN - https://github.com/pedrohavay/exploit-grafana-CVE-2021-43798 +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/persees/grafana_exploits - https://github.com/rnsss/CVE-2021-43798-poc - https://github.com/rodpwn/CVE-2021-43798-mass_scanner diff --git a/2021/CVE-2021-43890.md b/2021/CVE-2021-43890.md index f2f5cb195b..02211070f7 100644 --- a/2021/CVE-2021-43890.md +++ b/2021/CVE-2021-43890.md @@ -5,7 +5,7 @@ ### Description -

We have investigated reports of a spoofing vulnerability in AppX installer that affects Microsoft Windows. Microsoft is aware of attacks that attempt to exploit this vulnerability by using specially crafted packages that include the malware family known as Emotet/Trickbot/Bazaloader.

An attacker could craft a malicious attachment to be used in phishing campaigns. The attacker would then have to convince the user to open the specially crafted attachment. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Please see the Security Updates table for the link to the updated app. Alternatively you can download and install the Installer using the links provided in the FAQ section.

Please see the Mitigations and Workaround sections for important information about steps you can take to protect your system from this vulnerability.

December 27 2023 Update:

In recent months, Microsoft Threat Intelligence has seen an increase in activity from threat actors leveraging social engineering and phishing techniques to target Windows OS users and utilizing the ms-appinstaller URI scheme.

To address this increase in activity, we have updated the App Installer to disable the ms-appinstaller protocol by default and recommend other potential mitigations.

+We have investigated reports of a spoofing vulnerability in AppX installer that affects Microsoft Windows. Microsoft is aware of attacks that attempt to exploit this vulnerability by using specially crafted packages that include the malware family known as Emotet/Trickbot/Bazaloader.An attacker could craft a malicious attachment to be used in phishing campaigns. The attacker would then have to convince the user to open the specially crafted attachment. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.Please see the Security Updates table for the link to the updated app. Alternatively you can download and install the Installer using the links provided in the FAQ section.Please see the Mitigations and Workaround sections for important information about steps you can take to protect your system from this vulnerability.December 27 2023 Update:In recent months, Microsoft Threat Intelligence has seen an increase in activity from threat actors leveraging social engineering and phishing techniques to target Windows OS users and utilizing the ms-appinstaller URI scheme.To address this increase in activity, we have updated the App Installer to disable the ms-appinstaller protocol by default and recommend other potential mitigations. ### POC diff --git a/2021/CVE-2021-44228.md b/2021/CVE-2021-44228.md index b4a304ce16..4491e06e14 100644 --- a/2021/CVE-2021-44228.md +++ b/2021/CVE-2021-44228.md @@ -717,6 +717,9 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12 - https://github.com/defcon250/log4jScanner - https://github.com/dehlirious/LogIPAnalyzer - https://github.com/demilson/Log4Shell +- https://github.com/demining/Chinese-version-of-Bitcoin-blockchain-cryptanalysis +- https://github.com/demining/Japanese-version-of-Bitcoin-blockchain-cryptanalysis +- https://github.com/demining/Korean-version-of-Bitcoin-blockchain-cryptanalysis - https://github.com/demining/Log4j-Vulnerability - https://github.com/demonrvm/Log4ShellRemediation - https://github.com/desquezzee/Jpg-Png-Exploit-Slient-Builder-Exploit-Database-Cve-2023-Malware diff --git a/2021/CVE-2021-45232.md b/2021/CVE-2021-45232.md index c1b0a5f5a2..304d11c090 100644 --- a/2021/CVE-2021-45232.md +++ b/2021/CVE-2021-45232.md @@ -52,6 +52,7 @@ No PoCs from references. - https://github.com/lions2012/Penetration_Testing_POC - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/openx-org/BLEN +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pen4uin/awesome-vulnerability-research - https://github.com/pen4uin/vulnerability-research - https://github.com/pen4uin/vulnerability-research-list diff --git a/2021/CVE-2021-45346.md b/2021/CVE-2021-45346.md index fe5b5e5ed1..2705867adf 100644 --- a/2021/CVE-2021-45346.md +++ b/2021/CVE-2021-45346.md @@ -16,4 +16,5 @@ - https://github.com/ARPSyndicate/cvemon - https://github.com/GrigGM/05-virt-04-docker-hw - https://github.com/guyinatuxedo/Beyond_Oblivion +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2021/CVE-2021-46905.md b/2021/CVE-2021-46905.md index e38724b02b..01b38a9b5d 100644 --- a/2021/CVE-2021-46905.md +++ b/2021/CVE-2021-46905.md @@ -1,6 +1,6 @@ ### [CVE-2021-46905](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46905) ![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=92028d7a31e5%3C%205c17cfe155d2%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=a462067d7c8e%3C%205871761c5f0f%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) ### Description diff --git a/2022/CVE-2022-0563.md b/2022/CVE-2022-0563.md index b5e0660480..222cd791d9 100644 --- a/2022/CVE-2022-0563.md +++ b/2022/CVE-2022-0563.md @@ -23,5 +23,6 @@ No PoCs from references. - https://github.com/denoslab/ensf400-lab10-ssc - https://github.com/fokypoky/places-list - https://github.com/mauraneh/WIK-DPS-TP02 +- https://github.com/testing-felickz/docker-scout-demo - https://github.com/toyhoshi/helm diff --git a/2022/CVE-2022-0847.md b/2022/CVE-2022-0847.md index 3dc182b6cd..81c74a3110 100644 --- a/2022/CVE-2022-0847.md +++ b/2022/CVE-2022-0847.md @@ -58,6 +58,7 @@ A flaw was found in the way the "flags" member of the new pipe buffer structure - https://github.com/DataDog/dirtypipe-container-breakout-poc - https://github.com/DataFox/CVE-2022-0847 - https://github.com/DevataDev/PiracyTools +- https://github.com/Disturbante/Linux-Pentest - https://github.com/DylanBarbe/dirty-pipe-clone-4-root - https://github.com/DylanBarbe/hj - https://github.com/EGI-Federation/SVG-advisories diff --git a/2022/CVE-2022-1388.md b/2022/CVE-2022-1388.md index 762a773b25..3bf62f6197 100644 --- a/2022/CVE-2022-1388.md +++ b/2022/CVE-2022-1388.md @@ -153,6 +153,7 @@ On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5. - https://github.com/nvk0x/CVE-2022-1388-exploit - https://github.com/omnigodz/CVE-2022-1388 - https://github.com/pauloink/CVE-2022-1388 +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/psc4re/nuclei-templates - https://github.com/qusaialhaddad/F5-BigIP-CVE-2022-1388 - https://github.com/revanmalang/CVE-2022-1388 diff --git a/2022/CVE-2022-1970.md b/2022/CVE-2022-1970.md index 775d1ce6fb..4ed6d4c5ec 100644 --- a/2022/CVE-2022-1970.md +++ b/2022/CVE-2022-1970.md @@ -1,11 +1,11 @@ ### [CVE-2022-1970](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1970) -![](https://img.shields.io/static/v1?label=Product&message=Keycloak&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=%3D%2018.0.0%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=URL%20Redirection%20to%20Untrusted%20Site%20('Open%20Redirect')&color=brighgreen) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=blue) ### Description -keycloak 18.0.0: open redirect in auth endpoint via the redirect_uri parameter. +** REJECT ** The originally reported issue in https://github.com/syedsohaibkarim/OpenRedirect-Keycloak18.0.0 is a known misconfiguration, and recommendation already exists in the Keycloak documentation to mitigate the issue: https://www.keycloak.org/docs/latest/server_admin/index.html#open-redirectors. ### POC diff --git a/2022/CVE-2022-22075.md b/2022/CVE-2022-22075.md new file mode 100644 index 0000000000..d414474500 --- /dev/null +++ b/2022/CVE-2022-22075.md @@ -0,0 +1,17 @@ +### [CVE-2022-22075](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22075) +![](https://img.shields.io/static/v1?label=Product&message=Snapdragon&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20APQ8009%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-200%20Information%20Exposure&color=brighgreen) + +### Description + +Information Disclosure in Graphics during GPU context switch. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/pittisl/perfinfer-code + diff --git a/2022/CVE-2022-22088.md b/2022/CVE-2022-22088.md new file mode 100644 index 0000000000..ff5a563310 --- /dev/null +++ b/2022/CVE-2022-22088.md @@ -0,0 +1,17 @@ +### [CVE-2022-22088](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22088) +![](https://img.shields.io/static/v1?label=Product&message=Snapdragon&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20APQ8009%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Memory corruption in Bluetooth HOST due to buffer overflow while parsing the command response received from remote + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/sgxgsx/BlueToolkit + diff --git a/2022/CVE-2022-22916.md b/2022/CVE-2022-22916.md index cf64396e75..777a73fc75 100644 --- a/2022/CVE-2022-22916.md +++ b/2022/CVE-2022-22916.md @@ -24,6 +24,7 @@ O2OA v6.4.7 was discovered to contain a remote code execution (RCE) vulnerabilit - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/trhacknon/Pocingit - https://github.com/whoforget/CVE-POC +- https://github.com/wy876/POC - https://github.com/youwizard/CVE-POC - https://github.com/zecool/cve diff --git a/2022/CVE-2022-22947.md b/2022/CVE-2022-22947.md index d0b45f9bac..aede5d5bc8 100644 --- a/2022/CVE-2022-22947.md +++ b/2022/CVE-2022-22947.md @@ -160,6 +160,7 @@ In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are v - https://github.com/nu0l/cve-2022-22947 - https://github.com/nu1r/yak-module-Nu - https://github.com/open-source-agenda/new-open-source-projects +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pen4uin/java-memshell-generator-release - https://github.com/qq87234770/CVE-2022-22947 - https://github.com/reph0r/poc-exp diff --git a/2022/CVE-2022-22954.md b/2022/CVE-2022-22954.md index 3ab01ed470..cb1ea0a4fd 100644 --- a/2022/CVE-2022-22954.md +++ b/2022/CVE-2022-22954.md @@ -102,6 +102,7 @@ VMware Workspace ONE Access and Identity Manager contain a remote code execution - https://github.com/nguyenv1nK/CVE-2022-22954 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/orwagodfather/CVE-2022-22954 +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/rat857/AtomsPanic - https://github.com/secfb/CVE-2022-22954 - https://github.com/shengshengli/fscan-POC diff --git a/2022/CVE-2022-22963.md b/2022/CVE-2022-22963.md index 6b2ecdfcf8..81cf65bba6 100644 --- a/2022/CVE-2022-22963.md +++ b/2022/CVE-2022-22963.md @@ -138,6 +138,7 @@ In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, w - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/onurgule/S4S-Scanner - https://github.com/oscpname/OSCP_cheat +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/puckiestyle/CVE-2022-22963 - https://github.com/radiusmethod/awesome-gists - https://github.com/randallbanner/Spring-Cloud-Function-Vulnerability-CVE-2022-22963-RCE diff --git a/2022/CVE-2022-22965.md b/2022/CVE-2022-22965.md index b8906a7793..065306f309 100644 --- a/2022/CVE-2022-22965.md +++ b/2022/CVE-2022-22965.md @@ -265,6 +265,7 @@ A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable t - https://github.com/opennms-forge/opennms-spring-patched - https://github.com/p1ckzi/CVE-2022-22965 - https://github.com/paulseo0827/Amazon-EKS-Security +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pipiscrew/timeline - https://github.com/pvnovarese/2022-04-enterprise-demo - https://github.com/pwnwriter/CVE-2022-22965 diff --git a/2022/CVE-2022-2297.md b/2022/CVE-2022-2297.md index afb3092c39..12915f249e 100644 --- a/2022/CVE-2022-2297.md +++ b/2022/CVE-2022-2297.md @@ -11,6 +11,7 @@ A vulnerability, which was classified as critical, was found in SourceCodester C #### Reference - https://github.com/CyberThoth/CVE/blob/8c6b66919be1bd66a54c16cc27cbdd9793221d3e/CVE/Clinic's%20Patient%20Management%20System/Unrestricted%20file%20upload%20(RCE)/POC.md +- https://vuldb.com/?id.203178 #### Github No PoCs found on GitHub currently. diff --git a/2022/CVE-2022-23131.md b/2022/CVE-2022-23131.md index 6fb5b8b603..eee2e807c7 100644 --- a/2022/CVE-2022-23131.md +++ b/2022/CVE-2022-23131.md @@ -71,6 +71,7 @@ No PoCs from references. - https://github.com/murchie85/twitterCyberMonitor - https://github.com/nirsarkar/Nuclei-Templates-Collection - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pykiller/CVE-2022-23131 - https://github.com/r10lab/CVE-2022-23131 - https://github.com/random-robbie/cve-2022-23131-exp diff --git a/2022/CVE-2022-23221.md b/2022/CVE-2022-23221.md index 1509969f26..9e2c2214e1 100644 --- a/2022/CVE-2022-23221.md +++ b/2022/CVE-2022-23221.md @@ -34,5 +34,6 @@ H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via - https://github.com/mbianchi/e-voting - https://github.com/mosaic-hgw/WildFly - https://github.com/nscuro/dtapac +- https://github.com/tanjiti/sec_profile - https://github.com/zhaoolee/garss diff --git a/2022/CVE-2022-24695.md b/2022/CVE-2022-24695.md new file mode 100644 index 0000000000..05a2a1b9c1 --- /dev/null +++ b/2022/CVE-2022-24695.md @@ -0,0 +1,17 @@ +### [CVE-2022-24695](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24695) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Bluetooth Classic in Bluetooth Core Specification through 5.3 does not properly conceal device information for Bluetooth transceivers in Non-Discoverable mode. By conducting an efficient over-the-air attack, an attacker can fully extract the permanent, unique Bluetooth MAC identifier, along with device capabilities and identifiers, some of which may contain identifying information about the device owner. This additionally allows the attacker to establish a connection to the target device. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/sgxgsx/BlueToolkit + diff --git a/2022/CVE-2022-24975.md b/2022/CVE-2022-24975.md index 744324697d..d1251369cc 100644 --- a/2022/CVE-2022-24975.md +++ b/2022/CVE-2022-24975.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/fkie-cad/nvd-json-data-feeds +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2022/CVE-2022-25836.md b/2022/CVE-2022-25836.md index 89cf72e9c7..29b7e61a63 100644 --- a/2022/CVE-2022-25836.md +++ b/2022/CVE-2022-25836.md @@ -14,4 +14,5 @@ Bluetooth® Low Energy Pairing in Bluetooth Core Specification v4.0 through v5.3 #### Github - https://github.com/engn33r/awesome-bluetooth-security +- https://github.com/sgxgsx/BlueToolkit diff --git a/2022/CVE-2022-25837.md b/2022/CVE-2022-25837.md index e321c353f3..1ece09e94a 100644 --- a/2022/CVE-2022-25837.md +++ b/2022/CVE-2022-25837.md @@ -14,4 +14,5 @@ Bluetooth® Pairing in Bluetooth Core Specification v1.0B through v5.3 may permi #### Github - https://github.com/engn33r/awesome-bluetooth-security +- https://github.com/sgxgsx/BlueToolkit diff --git a/2022/CVE-2022-26134.md b/2022/CVE-2022-26134.md index 357f758601..2833fdf255 100644 --- a/2022/CVE-2022-26134.md +++ b/2022/CVE-2022-26134.md @@ -29,6 +29,7 @@ In affected versions of Confluence Server and Data Center, an OGNL injection vul - https://github.com/1rm/Confluence-CVE-2022-26134 - https://github.com/20142995/Goby - https://github.com/20142995/pocsuite3 +- https://github.com/20142995/sectool - https://github.com/2212970396/CVE_2022_26134 - https://github.com/2591014574/all-Def-Tool - https://github.com/2lambda123/panopticon-unattributed @@ -89,6 +90,7 @@ In affected versions of Confluence Server and Data Center, an OGNL injection vul - https://github.com/StarCrossPortal/scalpel - https://github.com/Sylon001/Common-tool - https://github.com/Threekiii/Awesome-POC +- https://github.com/Threekiii/Awesome-Redteam - https://github.com/Threekiii/Vulhub-Reproduce - https://github.com/UsagiB4/An_Idiots_writeups_on_THM - https://github.com/Vulnmachines/Confluence-CVE-2022-26134 @@ -111,6 +113,7 @@ In affected versions of Confluence Server and Data Center, an OGNL injection vul - https://github.com/b4dboy17/CVE-2022-26134 - https://github.com/badboy-sft/CVE-2022-26134 - https://github.com/bakery312/Vulhub-Reproduce +- https://github.com/bigblackhat/oFx - https://github.com/cai-niao98/CVE-2022-26134 - https://github.com/cbk914/CVE-2022-26134_check - https://github.com/chaosec2021/EXP-POC @@ -170,6 +173,7 @@ In affected versions of Confluence Server and Data Center, an OGNL injection vul - https://github.com/openx-org/BLEN - https://github.com/oscpname/OSCP_cheat - https://github.com/p4b3l1t0/confusploit +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pipiscrew/timeline - https://github.com/r1skkam/TryHackMe-Atlassian-CVE-2022-26134 - https://github.com/ravro-ir/golang_bug_hunting diff --git a/2022/CVE-2022-2699.md b/2022/CVE-2022-2699.md new file mode 100644 index 0000000000..d9f7ff2380 --- /dev/null +++ b/2022/CVE-2022-2699.md @@ -0,0 +1,17 @@ +### [CVE-2022-2699](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2699) +![](https://img.shields.io/static/v1?label=Product&message=Simple%20E-Learning%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability was found in SourceCodester Simple E-Learning System. It has been rated as critical. Affected by this issue is some unknown functionality of the file /claire_blake. The manipulation of the argument phoneNumber leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-205820. + +### POC + +#### Reference +- https://vuldb.com/?id.205820 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2022/CVE-2022-27225.md b/2022/CVE-2022-27225.md index 95eba0c37d..ff9b0246b4 100644 --- a/2022/CVE-2022-27225.md +++ b/2022/CVE-2022-27225.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/ARPSyndicate/cvemon - https://github.com/PowerCommands/SecTools - https://github.com/meddlin/epss-browser +- https://github.com/muchdogesec/cve2stix diff --git a/2022/CVE-2022-2724.md b/2022/CVE-2022-2724.md index 0a2e38eab2..97b65bdce1 100644 --- a/2022/CVE-2022-2724.md +++ b/2022/CVE-2022-2724.md @@ -11,6 +11,7 @@ A vulnerability was found in SourceCodester Employee Management System. It has b #### Reference - https://bewhale.github.io/post/PHP%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1%E2%80%94Employee%20Management%20System%20aprocess.php%20SQL%20Injection/ +- https://vuldb.com/?id.205837 #### Github No PoCs found on GitHub currently. diff --git a/2022/CVE-2022-27255.md b/2022/CVE-2022-27255.md index 6bbcbbb546..8f7c081f8f 100644 --- a/2022/CVE-2022-27255.md +++ b/2022/CVE-2022-27255.md @@ -17,6 +17,7 @@ No PoCs from references. - https://github.com/CVEDB/PoC-List - https://github.com/CVEDB/awesome-cve-repo - https://github.com/CVEDB/top +- https://github.com/DinoBytes/RVASec-2024-Consumer-Routers-Still-Suck - https://github.com/GhostTroops/TOP - https://github.com/H4lo/awesome-IoT-security-article - https://github.com/NaInSec/CVE-PoC-in-GitHub diff --git a/2022/CVE-2022-27925.md b/2022/CVE-2022-27925.md index b84db9f708..4b549e0ef5 100644 --- a/2022/CVE-2022-27925.md +++ b/2022/CVE-2022-27925.md @@ -42,6 +42,7 @@ Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that - https://github.com/navokus/CVE-2022-27925 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/onlyHerold22/CVE-2022-27925-PoC +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/sponkmonk/Ladon_english_update - https://github.com/touchmycrazyredhat/CVE-2022-27925-Revshell - https://github.com/trhacknon/Pocingit diff --git a/2022/CVE-2022-27943.md b/2022/CVE-2022-27943.md index b5ff81ea93..56800a785d 100644 --- a/2022/CVE-2022-27943.md +++ b/2022/CVE-2022-27943.md @@ -18,4 +18,5 @@ No PoCs from references. - https://github.com/GrigGM/05-virt-04-docker-hw - https://github.com/adegoodyer/kubernetes-admin-toolkit - https://github.com/mauraneh/WIK-DPS-TP02 +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2022/CVE-2022-27948.md b/2022/CVE-2022-27948.md new file mode 100644 index 0000000000..45db5d0f8d --- /dev/null +++ b/2022/CVE-2022-27948.md @@ -0,0 +1,17 @@ +### [CVE-2022-27948](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27948) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +** DISPUTED ** Certain Tesla vehicles through 2022-03-26 allow attackers to open the charging port via a 315 MHz RF signal containing a fixed sequence of approximately one hundred symbols. NOTE: the vendor's perspective is that the behavior is as intended. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/muchdogesec/cve2stix + diff --git a/2022/CVE-2022-2843.md b/2022/CVE-2022-2843.md index b31ca7549a..f6e1dcf8c7 100644 --- a/2022/CVE-2022-2843.md +++ b/2022/CVE-2022-2843.md @@ -10,7 +10,7 @@ A vulnerability was found in MotoPress Timetable and Event Schedule. It has been ### POC #### Reference -No PoCs from references. +- https://vuldb.com/?id.206486 #### Github - https://github.com/karimhabush/cyberowl diff --git a/2022/CVE-2022-29098.md b/2022/CVE-2022-29098.md new file mode 100644 index 0000000000..632f9455ec --- /dev/null +++ b/2022/CVE-2022-29098.md @@ -0,0 +1,17 @@ +### [CVE-2022-29098](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29098) +![](https://img.shields.io/static/v1?label=Product&message=PowerScale%20OneFS&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%208.2.x%2C%209.0.0.x%2C%209.1.0.x%2C%209.2.0.x%2C%209.2.1.x%2C%209.3.0.x%20%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-521%3A%20Weak%20Password%20Requirements&color=brighgreen) + +### Description + +Dell PowerScale OneFS versions 8.2.0.x through 9.3.0.x, contain a weak password requirement vulnerability. An administrator may create an account with no password. A remote attacker may potentially exploit this leading to a user account compromise. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/muchdogesec/cve2stix + diff --git a/2022/CVE-2022-29266.md b/2022/CVE-2022-29266.md index cdd2ad5d61..e2ad2e6e40 100644 --- a/2022/CVE-2022-29266.md +++ b/2022/CVE-2022-29266.md @@ -18,4 +18,5 @@ No PoCs from references. - https://github.com/GRQForCloud/cloud-security-guides - https://github.com/YDCloudSecurity/cloud-security-guides - https://github.com/karimhabush/cyberowl +- https://github.com/teamssix/awesome-cloud-security diff --git a/2022/CVE-2022-29303.md b/2022/CVE-2022-29303.md index 9565213821..13e6e9b0ef 100644 --- a/2022/CVE-2022-29303.md +++ b/2022/CVE-2022-29303.md @@ -30,6 +30,7 @@ SolarView Compact ver.6.00 was discovered to contain a command injection vulnera - https://github.com/emanueldosreis/nmap-CVE-2023-23333-exploit - https://github.com/k0mi-tg/CVE-POC - https://github.com/manas3c/CVE-POC +- https://github.com/muchdogesec/cve2stix - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/trhacknon/CVE-2022-29303 - https://github.com/trhacknon/Pocingit diff --git a/2022/CVE-2022-29464.md b/2022/CVE-2022-29464.md index 861288338f..463396e5e3 100644 --- a/2022/CVE-2022-29464.md +++ b/2022/CVE-2022-29464.md @@ -96,6 +96,7 @@ Certain WSO2 products allow unrestricted file upload with resultant remote code - https://github.com/mr-r3bot/WSO2-CVE-2022-29464 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/oppsec/WSOB +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/r4x0r1337/-CVE-2022-29464 - https://github.com/rootxyash/learn365days - https://github.com/superlink996/chunqiuyunjingbachang diff --git a/2022/CVE-2022-30190.md b/2022/CVE-2022-30190.md index 1941f4b93c..1bef1534ab 100644 --- a/2022/CVE-2022-30190.md +++ b/2022/CVE-2022-30190.md @@ -37,7 +37,7 @@ ### Description -

A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the context allowed by the user’s rights.

Please see the MSRC Blog Entry for important information about steps you can take to protect your system from this vulnerability.

+A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the context allowed by the user’s rights.Please see the MSRC Blog Entry for important information about steps you can take to protect your system from this vulnerability. ### POC diff --git a/2022/CVE-2022-30221.md b/2022/CVE-2022-30221.md index fc2d1fa973..56487f18dd 100644 --- a/2022/CVE-2022-30221.md +++ b/2022/CVE-2022-30221.md @@ -1,4 +1,5 @@ ### [CVE-2022-30221](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30221) +![](https://img.shields.io/static/v1?label=Product&message=Remote%20Desktop%20client%20for%20Windows%20Desktop&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) @@ -19,6 +20,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202022&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%20version%2020H2&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=1.2.0.0%3C%201.2.3317.0%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.10240.19360%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.14393.5246%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.17763.3165%20&color=brighgreen) diff --git a/2022/CVE-2022-30525.md b/2022/CVE-2022-30525.md index 505f0d2c93..5f8e3421a5 100644 --- a/2022/CVE-2022-30525.md +++ b/2022/CVE-2022-30525.md @@ -64,6 +64,7 @@ A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) - https://github.com/luck-ying/Library-POC - https://github.com/manas3c/CVE-POC - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/savior-only/CVE-2022-30525 - https://github.com/shuai06/CVE-2022-30525 - https://github.com/superzerosec/CVE-2022-30525 diff --git a/2022/CVE-2022-30858.md b/2022/CVE-2022-30858.md index ca1d596f14..27b89fc660 100644 --- a/2022/CVE-2022-30858.md +++ b/2022/CVE-2022-30858.md @@ -15,4 +15,5 @@ An issue was discovered in ngiflib 0.4. There is SEGV in SDL_LoadAnimatedGif whe #### Github - https://github.com/Marsman1996/pocs +- https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2022/CVE-2022-31793.md b/2022/CVE-2022-31793.md index 8043efbbd6..63af92876a 100644 --- a/2022/CVE-2022-31793.md +++ b/2022/CVE-2022-31793.md @@ -17,6 +17,7 @@ do_request in request.c in muhttpd before 1.1.7 allows remote attackers to read - https://github.com/0day404/vulnerability-poc - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/DinoBytes/RVASec-2024-Consumer-Routers-Still-Suck - https://github.com/KayCHENvip/vulnerability-poc - https://github.com/Miraitowa70/POC-Notes - https://github.com/NaInSec/CVE-PoC-in-GitHub diff --git a/2022/CVE-2022-3205.md b/2022/CVE-2022-3205.md index 5d08fce022..9888565cd5 100644 --- a/2022/CVE-2022-3205.md +++ b/2022/CVE-2022-3205.md @@ -1,6 +1,6 @@ ### [CVE-2022-3205](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3205) ![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Ansible%20Automation%20Platform%201.2&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Ansible%20Automation%20Platform%202.0&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Ansible%20Automation%20Platform%202&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen) diff --git a/2022/CVE-2022-3219.md b/2022/CVE-2022-3219.md index 79246ff210..68f4230c26 100644 --- a/2022/CVE-2022-3219.md +++ b/2022/CVE-2022-3219.md @@ -19,5 +19,6 @@ No PoCs from references. - https://github.com/adegoodyer/ubuntu - https://github.com/fokypoky/places-list - https://github.com/mauraneh/WIK-DPS-TP02 +- https://github.com/testing-felickz/docker-scout-demo - https://github.com/tl87/container-scanner diff --git a/2022/CVE-2022-33255.md b/2022/CVE-2022-33255.md new file mode 100644 index 0000000000..8781c31d64 --- /dev/null +++ b/2022/CVE-2022-33255.md @@ -0,0 +1,17 @@ +### [CVE-2022-33255](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33255) +![](https://img.shields.io/static/v1?label=Product&message=Snapdragon&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20APQ8009%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Information disclosure due to buffer over-read in Bluetooth HOST while processing GetFolderItems and GetItemAttribute Cmds from peer device. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/sgxgsx/BlueToolkit + diff --git a/2022/CVE-2022-33280.md b/2022/CVE-2022-33280.md new file mode 100644 index 0000000000..5b26a644eb --- /dev/null +++ b/2022/CVE-2022-33280.md @@ -0,0 +1,17 @@ +### [CVE-2022-33280](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33280) +![](https://img.shields.io/static/v1?label=Product&message=Snapdragon&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20APQ8096AU%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-824%20Access%20of%20Uninitialized%20Pointer&color=brighgreen) + +### Description + +Memory corruption due to access of uninitialized pointer in Bluetooth HOST while processing the AVRCP packet. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/sgxgsx/BlueToolkit + diff --git a/2022/CVE-2022-37968.md b/2022/CVE-2022-37968.md index 3a740ecefb..3901d5100b 100644 --- a/2022/CVE-2022-37968.md +++ b/2022/CVE-2022-37968.md @@ -13,7 +13,7 @@ ### Description -

Microsoft has identified a vulnerability affecting the cluster connect feature of Azure Arc-enabled Kubernetes clusters. This vulnerability could allow an unauthenticated user to elevate their privileges and potentially gain administrative control over the Kubernetes cluster. Additionally, because Azure Stack Edge allows customers to deploy Kubernetes workloads on their devices via Azure Arc, Azure Stack Edge devices are also vulnerable to this vulnerability.

+Microsoft has identified a vulnerability affecting the cluster connect feature of Azure Arc-enabled Kubernetes clusters. This vulnerability could allow an unauthenticated user to elevate their privileges and potentially gain administrative control over the Kubernetes cluster. Additionally, because Azure Stack Edge allows customers to deploy Kubernetes workloads on their devices via Azure Arc, Azure Stack Edge devices are also vulnerable to this vulnerability. ### POC diff --git a/2022/CVE-2022-40503.md b/2022/CVE-2022-40503.md new file mode 100644 index 0000000000..3caf1a3bd2 --- /dev/null +++ b/2022/CVE-2022-40503.md @@ -0,0 +1,17 @@ +### [CVE-2022-40503](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40503) +![](https://img.shields.io/static/v1?label=Product&message=Snapdragon&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%209206%20LTE%20Modem%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-126%20Buffer%20Over-read&color=brighgreen) + +### Description + +Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/sgxgsx/BlueToolkit + diff --git a/2022/CVE-2022-40537.md b/2022/CVE-2022-40537.md new file mode 100644 index 0000000000..d36f6316b0 --- /dev/null +++ b/2022/CVE-2022-40537.md @@ -0,0 +1,17 @@ +### [CVE-2022-40537](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40537) +![](https://img.shields.io/static/v1?label=Product&message=Snapdragon&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20APQ8009%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-129%20Improper%20Validation%20of%20Array%20Index&color=brighgreen) + +### Description + +Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP response. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/sgxgsx/BlueToolkit + diff --git a/2022/CVE-2022-41120.md b/2022/CVE-2022-41120.md index c48442d175..ca5a0b052d 100644 --- a/2022/CVE-2022-41120.md +++ b/2022/CVE-2022-41120.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/Wh04m1001/SysmonEoP +- https://github.com/pxcs/CVE-29343-Sysmon-list diff --git a/2022/CVE-2022-41678.md b/2022/CVE-2022-41678.md index a1f2af75a0..ac4b334208 100644 --- a/2022/CVE-2022-41678.md +++ b/2022/CVE-2022-41678.md @@ -1,11 +1,11 @@ ### [CVE-2022-41678](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41678) ![](https://img.shields.io/static/v1?label=Product&message=Apache%20ActiveMQ&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) -![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%20Deserialization%20of%20Untrusted%20Data&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-287%20Improper%20Authentication&color=brighgreen) ### Description -Once an user is authenticated on Jolokia, he can potentially trigger arbitrary code execution. In details, in ActiveMQ configurations, jetty allowsorg.jolokia.http.AgentServlet to handler request to /api/jolokiaorg.jolokia.http.HttpRequestHandler#handlePostRequest is able tocreate JmxRequest through JSONObject. And calls toorg.jolokia.http.HttpRequestHandler#executeRequest.Into deeper calling stacks,org.jolokia.handler.ExecHandler#doHandleRequest is able to invokethrough refection.And then, RCE is able to be achieved viajdk.management.jfr.FlightRecorderMXBeanImpl which exists on Java version above 11.1 Call newRecording.2 Call setConfiguration. And a webshell data hides in it.3 Call startRecording.4 Call copyTo method. The webshell will be written to a .jsp file.The mitigation is to restrict (by default) the actions authorized on Jolokia, or disable Jolokia.A more restrictive Jolokia configuration has been defined in default ActiveMQ distribution. We encourage users to upgrade to ActiveMQ distributions version including updated Jolokia configuration: 5.16.6, 5.17.4, 5.18.0, 6.0.0. +Once an user is authenticated on Jolokia, he can potentially trigger arbitrary code execution. In details, in ActiveMQ configurations, jetty allowsorg.jolokia.http.AgentServlet to handler request to /api/jolokiaorg.jolokia.http.HttpRequestHandler#handlePostRequest is able tocreate JmxRequest through JSONObject. And calls toorg.jolokia.http.HttpRequestHandler#executeRequest.Into deeper calling stacks,org.jolokia.handler.ExecHandler#doHandleRequest can be invokedthrough refection. This could lead to RCE through viavarious mbeans. One example is unrestricted deserialization in jdk.management.jfr.FlightRecorderMXBeanImpl which exists on Java version above 11.1 Call newRecording.2 Call setConfiguration. And a webshell data hides in it.3 Call startRecording.4 Call copyTo method. The webshell will be written to a .jsp file.The mitigation is to restrict (by default) the actions authorized on Jolokia, or disable Jolokia.A more restrictive Jolokia configuration has been defined in default ActiveMQ distribution. We encourage users to upgrade to ActiveMQ distributions version including updated Jolokia configuration: 5.16.6, 5.17.4, 5.18.0, 6.0.0. ### POC diff --git a/2022/CVE-2022-43216.md b/2022/CVE-2022-43216.md new file mode 100644 index 0000000000..67e651ae76 --- /dev/null +++ b/2022/CVE-2022-43216.md @@ -0,0 +1,17 @@ +### [CVE-2022-43216](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43216) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +AbrhilSoft Employee's Portal before v5.6.2 was discovered to contain a SQL injection vulnerability in the login page. + +### POC + +#### Reference +- https://github.com/blackarrowsec/advisories/tree/master/2022/CVE-2022-43216 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2022/CVE-2022-44704.md b/2022/CVE-2022-44704.md index db27b784a9..6ff127ea9b 100644 --- a/2022/CVE-2022-44704.md +++ b/2022/CVE-2022-44704.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/Wh04m1001/SysmonEoP +- https://github.com/pxcs/CVE-29343-Sysmon-list diff --git a/2022/CVE-2022-45171.md b/2022/CVE-2022-45171.md new file mode 100644 index 0000000000..6866deaef6 --- /dev/null +++ b/2022/CVE-2022-45171.md @@ -0,0 +1,17 @@ +### [CVE-2022-45171](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45171) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in LIVEBOX Collaboration vDesk through v018. An Unrestricted Upload of a File with a Dangerous Type can occur under the vShare web site section. A remote user, authenticated to the product, can arbitrarily upload potentially dangerous files without restrictions. + +### POC + +#### Reference +- https://www.gruppotim.it/it/footer/red-team.html + +#### Github +No PoCs found on GitHub currently. + diff --git a/2022/CVE-2022-46463.md b/2022/CVE-2022-46463.md index a5e8f7e3a4..463f70f4d4 100644 --- a/2022/CVE-2022-46463.md +++ b/2022/CVE-2022-46463.md @@ -16,11 +16,13 @@ No PoCs from references. - https://github.com/404tk/CVE-2022-46463 - https://github.com/ARPSyndicate/cvemon - https://github.com/TheKingOfDuck/SBCVE +- https://github.com/Threekiii/Awesome-POC - https://github.com/k0mi-tg/CVE-POC - https://github.com/lanqingaa/123 - https://github.com/manas3c/CVE-POC - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/nu0l/CVE-2022-46463 +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/wh-gov/CVE-2022-46463 - https://github.com/whoforget/CVE-POC - https://github.com/youwizard/CVE-POC diff --git a/2022/CVE-2022-48303.md b/2022/CVE-2022-48303.md index 9d3a875205..efe66c30f5 100644 --- a/2022/CVE-2022-48303.md +++ b/2022/CVE-2022-48303.md @@ -18,4 +18,5 @@ GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of un - https://github.com/PajakAlexandre/wik-dps-tp02 - https://github.com/mauraneh/WIK-DPS-TP02 - https://github.com/seal-community/patches +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2022/CVE-2022-48681.md b/2022/CVE-2022-48681.md new file mode 100644 index 0000000000..b23d2a20ee --- /dev/null +++ b/2022/CVE-2022-48681.md @@ -0,0 +1,17 @@ +### [CVE-2022-48681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48681) +![](https://img.shields.io/static/v1?label=Product&message=EGRT-00&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%202.1.0.20(H100SP30C00)%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-119%20Improper%20Restriction%20of%20Operations%20within%20the%20Bounds%20of%20a%20Memory%20Buffer&color=brighgreen) + +### Description + +Some Huawei smart speakers have a memory overflow vulnerability. Successful exploitation of this vulnerability may cause certain functions to fail. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2023/CVE-2023-1389.md b/2023/CVE-2023-1389.md index 8d54a5c05a..2d0d6a80b1 100644 --- a/2023/CVE-2023-1389.md +++ b/2023/CVE-2023-1389.md @@ -15,6 +15,7 @@ TP-Link Archer AX21 (AX1800) firmware versions before 1.1.4 Build 20230219 conta #### Github - https://github.com/Co5mos/nuclei-tps +- https://github.com/DinoBytes/RVASec-2024-Consumer-Routers-Still-Suck - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/Terminal1337/CVE-2023-1389 diff --git a/2023/CVE-2023-1972.md b/2023/CVE-2023-1972.md index c6c28036a7..de9dd2e533 100644 --- a/2023/CVE-2023-1972.md +++ b/2023/CVE-2023-1972.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/13579and2468/Wei-fuzz - https://github.com/fokypoky/places-list +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2023/CVE-2023-21529.md b/2023/CVE-2023-21529.md index e1ef47336b..0556dcad66 100644 --- a/2023/CVE-2023-21529.md +++ b/2023/CVE-2023-21529.md @@ -7,7 +7,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=15.01.0%3C%2015.01.2507.021%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.0986.041%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1118.025%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%3A%20Deserialization%20of%20Untrusted%20Data&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21536.md b/2023/CVE-2023-21536.md index ee7494a4a2..5dadb4fb09 100644 --- a/2023/CVE-2023-21536.md +++ b/2023/CVE-2023-21536.md @@ -15,7 +15,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1487%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-125%3A%20Out-of-bounds%20Read&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21537.md b/2023/CVE-2023-21537.md index 63b35f8f46..2ff0f32cf7 100644 --- a/2023/CVE-2023-21537.md +++ b/2023/CVE-2023-21537.md @@ -11,6 +11,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -33,10 +34,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21872%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24075%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20778%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-367%3A%20Time-of-check%20Time-of-use%20(TOCTOU)%20Race%20Condition&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21538.md b/2023/CVE-2023-21538.md index 27a3f3a93f..4e3af28982 100644 --- a/2023/CVE-2023-21538.md +++ b/2023/CVE-2023-21538.md @@ -3,7 +3,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=PowerShell%207.2&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.13%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=7.2.0%3C%207.2.9%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Denial%20of%20Service&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%3A%20Deserialization%20of%20Untrusted%20Data&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21543.md b/2023/CVE-2023-21543.md index c775544b4f..af72ccc0ef 100644 --- a/2023/CVE-2023-21543.md +++ b/2023/CVE-2023-21543.md @@ -11,6 +11,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -33,10 +34,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21872%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24075%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20778%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-400%3A%20Uncontrolled%20Resource%20Consumption&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21554.md b/2023/CVE-2023-21554.md index 7cc0e6db85..01a657272c 100644 --- a/2023/CVE-2023-21554.md +++ b/2023/CVE-2023-21554.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,14 +31,15 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1817%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1555%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22015%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24216%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20919%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%3A%20Improper%20Input%20Validation&color=brighgreen) ### Description -Microsoft Message Queuing Remote Code Execution Vulnerability +Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability ### POC diff --git a/2023/CVE-2023-21563.md b/2023/CVE-2023-21563.md index 344508ce3d..2b6cc1b697 100644 --- a/2023/CVE-2023-21563.md +++ b/2023/CVE-2023-21563.md @@ -11,6 +11,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -33,6 +34,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21872%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24075%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20778%20&color=brighgreen) diff --git a/2023/CVE-2023-21567.md b/2023/CVE-2023-21567.md index 9a00f4a8ba..1ac5f163d6 100644 --- a/2023/CVE-2023-21567.md +++ b/2023/CVE-2023-21567.md @@ -9,7 +9,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=17.0.0%3C%2017.0.19%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=17.2.0%3C%2017.2.13%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=17.4.0%3C%2017.4.5%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Denial%20of%20Service&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-59%3A%20Improper%20Link%20Resolution%20Before%20File%20Access%20('Link%20Following')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21647.md b/2023/CVE-2023-21647.md new file mode 100644 index 0000000000..c7eba42243 --- /dev/null +++ b/2023/CVE-2023-21647.md @@ -0,0 +1,17 @@ +### [CVE-2023-21647](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21647) +![](https://img.shields.io/static/v1?label=Product&message=Snapdragon&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20QCA6390%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%20Improper%20Input%20Validation&color=brighgreen) + +### Description + +Information disclosure in Bluetooth when an GATT packet is received due to improper input validation. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/sgxgsx/BlueToolkit + diff --git a/2023/CVE-2023-21674.md b/2023/CVE-2023-21674.md index 67c2fa3f91..63643d726f 100644 --- a/2023/CVE-2023-21674.md +++ b/2023/CVE-2023-21674.md @@ -25,7 +25,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20778%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21675.md b/2023/CVE-2023-21675.md index dbbb7a4efc..629cd1fa2b 100644 --- a/2023/CVE-2023-21675.md +++ b/2023/CVE-2023-21675.md @@ -11,6 +11,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -33,10 +34,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21872%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24075%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20778%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-843%3A%20Access%20of%20Resource%20Using%20Incompatible%20Type%20('Type%20Confusion')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21707.md b/2023/CVE-2023-21707.md index b93532b724..2b6d280a3c 100644 --- a/2023/CVE-2023-21707.md +++ b/2023/CVE-2023-21707.md @@ -7,7 +7,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=15.01.0%3C%2015.01.2507.023%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.0986.042%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1118.026%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%3A%20Deserialization%20of%20Untrusted%20Data&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21716.md b/2023/CVE-2023-21716.md index a03f973d0a..6489b26fcb 100644 --- a/2023/CVE-2023-21716.md +++ b/2023/CVE-2023-21716.md @@ -26,7 +26,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%2016.70.23021201%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=19.0.0%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-190%3A%20Integer%20Overflow%20or%20Wraparound&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21721.md b/2023/CVE-2023-21721.md index 67e94c120c..ef2c056365 100644 --- a/2023/CVE-2023-21721.md +++ b/2023/CVE-2023-21721.md @@ -1,7 +1,7 @@ ### [CVE-2023-21721](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21721) ![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20OneNote%20for%20Android&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%2016.0.16026.20158%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-287%3A%20Improper%20Authentication&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21722.md b/2023/CVE-2023-21722.md index 9cdc09f25e..0c06b0c107 100644 --- a/2023/CVE-2023-21722.md +++ b/2023/CVE-2023-21722.md @@ -20,7 +20,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=4.8.0%3C%2010.0.04614.06%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=4.8.0%3C%204.8.4614.08%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=4.8.1%3C%2010.0.09139.02%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Denial%20of%20Service&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-59%3A%20Improper%20Link%20Resolution%20Before%20File%20Access%20('Link%20Following')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21734.md b/2023/CVE-2023-21734.md index 7c6da64305..74e669a74f 100644 --- a/2023/CVE-2023-21734.md +++ b/2023/CVE-2023-21734.md @@ -5,7 +5,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.69.23010700%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%2016.69.23010700%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21739.md b/2023/CVE-2023-21739.md index fd3158bae5..cc709414fa 100644 --- a/2023/CVE-2023-21739.md +++ b/2023/CVE-2023-21739.md @@ -17,7 +17,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20778%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-591%3A%20Sensitive%20Data%20Storage%20in%20Improperly%20Locked%20Memory&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21742.md b/2023/CVE-2023-21742.md index bc8a23208e..6a99604ee8 100644 --- a/2023/CVE-2023-21742.md +++ b/2023/CVE-2023-21742.md @@ -8,7 +8,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.10394.20021%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.15601.20418%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.5378.1000%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-284%3A%20Improper%20Access%20Control&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21744.md b/2023/CVE-2023-21744.md index ded1dbf786..44c02abcaf 100644 --- a/2023/CVE-2023-21744.md +++ b/2023/CVE-2023-21744.md @@ -8,7 +8,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.10394.20021%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.15601.20418%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.5378.1000%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%3A%20Deserialization%20of%20Untrusted%20Data&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21746.md b/2023/CVE-2023-21746.md index cd55298fef..84cd376c0c 100644 --- a/2023/CVE-2023-21746.md +++ b/2023/CVE-2023-21746.md @@ -10,6 +10,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%207%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) @@ -29,6 +30,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1487%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24075%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20778%20&color=brighgreen) diff --git a/2023/CVE-2023-21747.md b/2023/CVE-2023-21747.md index 0a4797fc13..d69cd3f8d7 100644 --- a/2023/CVE-2023-21747.md +++ b/2023/CVE-2023-21747.md @@ -11,6 +11,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -33,10 +34,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21872%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24075%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20778%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21748.md b/2023/CVE-2023-21748.md index 6c5036fe52..f39537e58c 100644 --- a/2023/CVE-2023-21748.md +++ b/2023/CVE-2023-21748.md @@ -11,6 +11,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -33,6 +34,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21872%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24075%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20778%20&color=brighgreen) diff --git a/2023/CVE-2023-21749.md b/2023/CVE-2023-21749.md index bc011d47d8..ae11dc6b7a 100644 --- a/2023/CVE-2023-21749.md +++ b/2023/CVE-2023-21749.md @@ -11,6 +11,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -33,10 +34,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21872%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24075%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20778%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%3A%20Improper%20Input%20Validation&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21750.md b/2023/CVE-2023-21750.md index a41331bcd6..624d676ab2 100644 --- a/2023/CVE-2023-21750.md +++ b/2023/CVE-2023-21750.md @@ -11,6 +11,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -33,10 +34,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21872%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24075%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20778%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-284%3A%20Improper%20Access%20Control&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21752.md b/2023/CVE-2023-21752.md index 0a9ce8ca8b..437a039521 100644 --- a/2023/CVE-2023-21752.md +++ b/2023/CVE-2023-21752.md @@ -18,7 +18,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26321%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-284%3A%20Improper%20Access%20Control&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21753.md b/2023/CVE-2023-21753.md index 6e98cb8d6b..0cdd7e868d 100644 --- a/2023/CVE-2023-21753.md +++ b/2023/CVE-2023-21753.md @@ -3,7 +3,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.17763.3887%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-908%3A%20Use%20of%20Uninitialized%20Resource&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21755.md b/2023/CVE-2023-21755.md index a2ef6a9602..ef421df65b 100644 --- a/2023/CVE-2023-21755.md +++ b/2023/CVE-2023-21755.md @@ -11,7 +11,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.19045.2486%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21766.md b/2023/CVE-2023-21766.md index c5b602268e..64daa5c5a1 100644 --- a/2023/CVE-2023-21766.md +++ b/2023/CVE-2023-21766.md @@ -21,7 +21,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1487%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-591%3A%20Sensitive%20Data%20Storage%20in%20Improperly%20Locked%20Memory&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21768.md b/2023/CVE-2023-21768.md index b4285a0dcb..8e90d558ce 100644 --- a/2023/CVE-2023-21768.md +++ b/2023/CVE-2023-21768.md @@ -5,7 +5,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1487%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-822%3A%20Untrusted%20Pointer%20Dereference&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21772.md b/2023/CVE-2023-21772.md index 533fc74842..4da27411fb 100644 --- a/2023/CVE-2023-21772.md +++ b/2023/CVE-2023-21772.md @@ -11,6 +11,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -33,10 +34,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21872%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24075%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20778%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-125%3A%20Out-of-bounds%20Read&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21773.md b/2023/CVE-2023-21773.md index cdea5885f4..76cc12313f 100644 --- a/2023/CVE-2023-21773.md +++ b/2023/CVE-2023-21773.md @@ -11,6 +11,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -33,10 +34,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21872%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24075%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20778%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21774.md b/2023/CVE-2023-21774.md index 17d3fff049..1adaf58bdf 100644 --- a/2023/CVE-2023-21774.md +++ b/2023/CVE-2023-21774.md @@ -11,6 +11,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -33,10 +34,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21872%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24075%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20778%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21776.md b/2023/CVE-2023-21776.md index 5b02f14c48..aa6d8876f4 100644 --- a/2023/CVE-2023-21776.md +++ b/2023/CVE-2023-21776.md @@ -11,6 +11,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -33,10 +34,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21872%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24075%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20778%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-125%3A%20Out-of-bounds%20Read&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21779.md b/2023/CVE-2023-21779.md index b83071f56f..9cfccedfd4 100644 --- a/2023/CVE-2023-21779.md +++ b/2023/CVE-2023-21779.md @@ -1,7 +1,7 @@ ### [CVE-2023-21779](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21779) ![](https://img.shields.io/static/v1?label=Product&message=Visual%20Studio%20Code&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=1.0.0%3C%201.74.3%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%3A%20Deserialization%20of%20Untrusted%20Data&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21808.md b/2023/CVE-2023-21808.md index df01b6bae0..30fa8fadb4 100644 --- a/2023/CVE-2023-21808.md +++ b/2023/CVE-2023-21808.md @@ -25,15 +25,15 @@ ![](https://img.shields.io/static/v1?label=Version&message=17.4.0%3C%2017.4.5%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=4.7.0%3C%2010.0.04038.03%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=4.7.0%3C%2010.0.10240.19747%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Version&message=4.7.0%3C%204.7.04038.03%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=4.7.0%3C%204.7.04038.06%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=4.7.0%3C%204.7.04614.08%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=4.8.0%3C%2010.0.04614.06%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=4.8.0%3C%204.8.04614.05%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=4.8.1%3C%2010.0.09139.02%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.14%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=7.0.0%3C%207.0.3%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=7.2.0%3C%207.2.10%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21812.md b/2023/CVE-2023-21812.md index f97525c06c..9e63e65d5a 100644 --- a/2023/CVE-2023-21812.md +++ b/2023/CVE-2023-21812.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,10 +31,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1265%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1574%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21915%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26366%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26366%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24116%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20821%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-122%3A%20Heap-based%20Buffer%20Overflow&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21817.md b/2023/CVE-2023-21817.md index 00c3eb0a35..b50891e4cf 100644 --- a/2023/CVE-2023-21817.md +++ b/2023/CVE-2023-21817.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,10 +31,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1265%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1574%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21915%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26366%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26366%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24116%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20821%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-287%3A%20Improper%20Authentication&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21822.md b/2023/CVE-2023-21822.md index 7ff1f4353e..31b1fec087 100644 --- a/2023/CVE-2023-21822.md +++ b/2023/CVE-2023-21822.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,10 +31,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1265%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1574%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21915%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26366%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26366%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24116%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20821%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21823.md b/2023/CVE-2023-21823.md index ee66213bff..b22a7e9328 100644 --- a/2023/CVE-2023-21823.md +++ b/2023/CVE-2023-21823.md @@ -11,6 +11,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -36,10 +37,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%2016.0.16130.20156%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=2.0.0%3C%202.70.23021003%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21915%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26366%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26366%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24116%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20821%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-190%3A%20Integer%20Overflow%20or%20Wraparound&color=brighgreen) ### Description diff --git a/2023/CVE-2023-22527.md b/2023/CVE-2023-22527.md index d9c4706905..7ca274e684 100644 --- a/2023/CVE-2023-22527.md +++ b/2023/CVE-2023-22527.md @@ -47,6 +47,7 @@ A template injection vulnerability on older versions of Confluence Data Center a - https://github.com/bad-sector-labs/ansible-role-vulhub - https://github.com/badsectorlabs/ludus_vulhub - https://github.com/cleverg0d/CVE-2023-22527 +- https://github.com/cve-sandbox-bot/cve_sandbox - https://github.com/d4n-sec/d4n-sec.github.io - https://github.com/dddinmx/POC-Pocsuite3 - https://github.com/farukokutan/Threat-Intelligence-Research-Reports diff --git a/2023/CVE-2023-22726.md b/2023/CVE-2023-22726.md index 4ac77a50cd..c02f62941d 100644 --- a/2023/CVE-2023-22726.md +++ b/2023/CVE-2023-22726.md @@ -14,5 +14,5 @@ act is a project which allows for local running of github actions. The artifact - https://securitylab.github.com/advisories/GHSL-2023-004_act/ #### Github -No PoCs found on GitHub currently. +- https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2023/CVE-2023-23349.md b/2023/CVE-2023-23349.md index 3b043f53df..ae65cf9adf 100644 --- a/2023/CVE-2023-23349.md +++ b/2023/CVE-2023-23349.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/NaInSec/CVE-LIST +- https://github.com/efchatz/pandora diff --git a/2023/CVE-2023-23376.md b/2023/CVE-2023-23376.md index dfdf7d9771..56224c6418 100644 --- a/2023/CVE-2023-23376.md +++ b/2023/CVE-2023-23376.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,10 +31,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1265%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1574%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21915%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26366%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26366%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24116%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20821%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-122%3A%20Heap-based%20Buffer%20Overflow&color=brighgreen) ### Description diff --git a/2023/CVE-2023-23391.md b/2023/CVE-2023-23391.md index e38140b506..c5a146d48a 100644 --- a/2023/CVE-2023-23391.md +++ b/2023/CVE-2023-23391.md @@ -1,7 +1,7 @@ ### [CVE-2023-23391](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23391) ![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office%20for%20Android&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%2016.0.16026.20172%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Spoofing&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-23%3A%20Relative%20Path%20Traversal&color=brighgreen) ### Description diff --git a/2023/CVE-2023-23392.md b/2023/CVE-2023-23392.md index 735c4b2ee6..a2ac59957c 100644 --- a/2023/CVE-2023-23392.md +++ b/2023/CVE-2023-23392.md @@ -5,7 +5,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1607%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1696%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1413%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-23396.md b/2023/CVE-2023-23396.md index 619aba1548..2fded14cbf 100644 --- a/2023/CVE-2023-23396.md +++ b/2023/CVE-2023-23396.md @@ -3,7 +3,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office%20Web%20Apps%20Server%202013%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=15.0.1%3C%2015.0.5537.1000%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%2016.0.10396.20000%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Denial%20of%20Service&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-400%3A%20Uncontrolled%20Resource%20Consumption&color=brighgreen) ### Description diff --git a/2023/CVE-2023-23397.md b/2023/CVE-2023-23397.md index 313b7f1250..49e3006127 100644 --- a/2023/CVE-2023-23397.md +++ b/2023/CVE-2023-23397.md @@ -8,7 +8,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.0.0%3C%2016.0.5387.1000%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=19.0.0%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%3A%20Improper%20Input%20Validation&color=brighgreen) ### Description diff --git a/2023/CVE-2023-23399.md b/2023/CVE-2023-23399.md index b407ea6c69..a731ca1252 100644 --- a/2023/CVE-2023-23399.md +++ b/2023/CVE-2023-23399.md @@ -20,7 +20,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%2016.71.23031200%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=19.0.0%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-125%3A%20Out-of-bounds%20Read&color=brighgreen) ### Description diff --git a/2023/CVE-2023-23408.md b/2023/CVE-2023-23408.md index 1066d8a247..1d576bd18e 100644 --- a/2023/CVE-2023-23408.md +++ b/2023/CVE-2023-23408.md @@ -1,7 +1,7 @@ ### [CVE-2023-23408](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23408) ![](https://img.shields.io/static/v1?label=Product&message=Azure%20HDInsight&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=1.0%3C%202302250400%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Spoofing&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%3A%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-23410.md b/2023/CVE-2023-23410.md index e2536e598e..37d8b84f87 100644 --- a/2023/CVE-2023-23410.md +++ b/2023/CVE-2023-23410.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,10 +31,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1696%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1413%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21966%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26415%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26415%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24168%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20865%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-190%3A%20Integer%20Overflow%20or%20Wraparound&color=brighgreen) ### Description diff --git a/2023/CVE-2023-23415.md b/2023/CVE-2023-23415.md index 489052e352..ebd67fbe4e 100644 --- a/2023/CVE-2023-23415.md +++ b/2023/CVE-2023-23415.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,10 +31,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1696%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1413%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21966%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26415%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26415%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24168%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20865%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-122%3A%20Heap-based%20Buffer%20Overflow&color=brighgreen) ### Description diff --git a/2023/CVE-2023-23416.md b/2023/CVE-2023-23416.md index f0e9fb0e2c..0c4940e767 100644 --- a/2023/CVE-2023-23416.md +++ b/2023/CVE-2023-23416.md @@ -27,7 +27,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1413%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24168%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20865%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%3A%20Improper%20Input%20Validation&color=brighgreen) ### Description diff --git a/2023/CVE-2023-23420.md b/2023/CVE-2023-23420.md index 613d075ffb..bb81a77436 100644 --- a/2023/CVE-2023-23420.md +++ b/2023/CVE-2023-23420.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,10 +31,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1696%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1413%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21966%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26415%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26415%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24168%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20865%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-23421.md b/2023/CVE-2023-23421.md index 8cd6441524..99958a0177 100644 --- a/2023/CVE-2023-23421.md +++ b/2023/CVE-2023-23421.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,10 +31,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1696%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1413%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21966%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26415%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26415%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24168%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20865%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-23422.md b/2023/CVE-2023-23422.md index d9f6f70049..f5a448fafa 100644 --- a/2023/CVE-2023-23422.md +++ b/2023/CVE-2023-23422.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,6 +31,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1696%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1413%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21966%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26415%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26415%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24168%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20865%20&color=brighgreen) diff --git a/2023/CVE-2023-23423.md b/2023/CVE-2023-23423.md index d3ed1f0784..3dbfff2755 100644 --- a/2023/CVE-2023-23423.md +++ b/2023/CVE-2023-23423.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,6 +31,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1696%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1413%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21966%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26415%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26415%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24168%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20865%20&color=brighgreen) diff --git a/2023/CVE-2023-23752.md b/2023/CVE-2023-23752.md index cce95a4b71..2445561a1b 100644 --- a/2023/CVE-2023-23752.md +++ b/2023/CVE-2023-23752.md @@ -18,6 +18,7 @@ No PoCs from references. - https://github.com/0xNahim/CVE-2023-23752 - https://github.com/0xWhoami35/CVE-2023-23752 - https://github.com/0xWhoami35/Devvorte-Writeup +- https://github.com/0xsyr0/OSCP - https://github.com/20142995/Goby - https://github.com/20142995/pocsuite3 - https://github.com/ARPSyndicate/cvemon diff --git a/2023/CVE-2023-24023.md b/2023/CVE-2023-24023.md index a53505f39c..70bd328e5e 100644 --- a/2023/CVE-2023-24023.md +++ b/2023/CVE-2023-24023.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/engn33r/awesome-bluetooth-security - https://github.com/francozappa/bluffs +- https://github.com/sgxgsx/BlueToolkit diff --git a/2023/CVE-2023-24893.md b/2023/CVE-2023-24893.md index 92eba34a7d..1e5777445c 100644 --- a/2023/CVE-2023-24893.md +++ b/2023/CVE-2023-24893.md @@ -1,7 +1,7 @@ ### [CVE-2023-24893](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24893) ![](https://img.shields.io/static/v1?label=Product&message=Visual%20Studio%20Code&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=1.0.0%3C%201.77.0%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%3A%20Improper%20Input%20Validation&color=brighgreen) ### Description diff --git a/2023/CVE-2023-24930.md b/2023/CVE-2023-24930.md index ecad0a9c0a..48818b9284 100644 --- a/2023/CVE-2023-24930.md +++ b/2023/CVE-2023-24930.md @@ -1,7 +1,7 @@ ### [CVE-2023-24930](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24930) ![](https://img.shields.io/static/v1?label=Product&message=OneDrive%20for%20MacOS%20Installer&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=22.0.0.0%3C%2023.020.0125.0002%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-59%3A%20Improper%20Link%20Resolution%20Before%20File%20Access%20('Link%20Following')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-24932.md b/2023/CVE-2023-24932.md index 4cd212bf0d..0b7628fbc2 100644 --- a/2023/CVE-2023-24932.md +++ b/2023/CVE-2023-24932.md @@ -57,4 +57,5 @@ No PoCs from references. - https://github.com/MHimken/WinRE-Customization - https://github.com/Wack0/CVE-2022-21894 - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/petripaavola/Intune diff --git a/2023/CVE-2023-24934.md b/2023/CVE-2023-24934.md index 1dc13a5919..4613d6a66d 100644 --- a/2023/CVE-2023-24934.md +++ b/2023/CVE-2023-24934.md @@ -1,7 +1,7 @@ ### [CVE-2023-24934](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24934) ![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Malware%20Protection%20Platform&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=4.0.0.0%3C%204.18.2303.8%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Security%20Feature%20Bypass&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-306%3A%20Missing%20Authentication%20for%20Critical%20Function&color=brighgreen) ### Description diff --git a/2023/CVE-2023-24941.md b/2023/CVE-2023-24941.md index 4a05ceb1db..c24648ebe3 100644 --- a/2023/CVE-2023-24941.md +++ b/2023/CVE-2023-24941.md @@ -13,7 +13,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1726%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24266%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20969%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-908%3A%20Use%20of%20Uninitialized%20Resource&color=brighgreen) ### Description diff --git a/2023/CVE-2023-24955.md b/2023/CVE-2023-24955.md index 90d72466e7..6f5af26410 100644 --- a/2023/CVE-2023-24955.md +++ b/2023/CVE-2023-24955.md @@ -5,7 +5,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.10398.20000%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.16130.20420%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.5395.1000%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-94%3A%20Improper%20Control%20of%20Generation%20of%20Code%20('Code%20Injection')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-25330.md b/2023/CVE-2023-25330.md index 5fe5e7a3ec..515b4d8c61 100644 --- a/2023/CVE-2023-25330.md +++ b/2023/CVE-2023-25330.md @@ -5,7 +5,7 @@ ### Description -A SQL injection vulnerability in Mybatis plus below 3.5.3.1 allows remote attackers to execute arbitrary SQL commands via the tenant ID valuer. +** DISPUTED ** A SQL injection vulnerability in Mybatis plus below 3.5.3.1 allows remote attackers to execute arbitrary SQL commands via the tenant ID valuer. NOTE: the vendor's position is that this can only occur in a misconfigured application; the documentation discusses how to develop applications that avoid SQL injection. ### POC diff --git a/2023/CVE-2023-26756.md b/2023/CVE-2023-26756.md index 261af02849..5a8797962c 100644 --- a/2023/CVE-2023-26756.md +++ b/2023/CVE-2023-26756.md @@ -5,7 +5,7 @@ ### Description -The login page of Revive Adserver v5.4.1 is vulnerable to brute force attacks. +** DISPUTED ** The login page of Revive Adserver v5.4.1 is vulnerable to brute force attacks. NOTE: The vendor's position is that this is effectively mitigated by rate limits and password-quality features. ### POC diff --git a/2023/CVE-2023-27372.md b/2023/CVE-2023-27372.md index 37c5cc19c2..3732685dd4 100644 --- a/2023/CVE-2023-27372.md +++ b/2023/CVE-2023-27372.md @@ -24,6 +24,7 @@ SPIP before 4.2.1 allows Remote Code Execution via form values in the public are - https://github.com/izzz0/CVE-2023-27372-POC - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/nuts7/CVE-2023-27372 +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/redboltsec/CVE-2023-27372-PoC - https://github.com/tucommenceapousser/CVE-2023-27372 diff --git a/2023/CVE-2023-28218.md b/2023/CVE-2023-28218.md index 2beaeaf73b..01442ce803 100644 --- a/2023/CVE-2023-28218.md +++ b/2023/CVE-2023-28218.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,10 +31,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1817%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1555%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22015%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24216%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20919%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-122%3A%20Heap-based%20Buffer%20Overflow&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28222.md b/2023/CVE-2023-28222.md index fb957bbebb..1f9f9f1d4f 100644 --- a/2023/CVE-2023-28222.md +++ b/2023/CVE-2023-28222.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,10 +31,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1817%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1555%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22015%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24216%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20919%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-59%3A%20Improper%20Link%20Resolution%20Before%20File%20Access%20('Link%20Following')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28226.md b/2023/CVE-2023-28226.md index eb4ed6c53e..1fb03588c4 100644 --- a/2023/CVE-2023-28226.md +++ b/2023/CVE-2023-28226.md @@ -15,7 +15,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.19045.2846%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1817%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1555%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Security%20Feature%20Bypass&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-347%3A%20Improper%20Verification%20of%20Cryptographic%20Signature&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28228.md b/2023/CVE-2023-28228.md index 9e7321e837..ccc6e52d99 100644 --- a/2023/CVE-2023-28228.md +++ b/2023/CVE-2023-28228.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,10 +31,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1817%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1555%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22015%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24216%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20919%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Spoofing&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-347%3A%20Improper%20Verification%20of%20Cryptographic%20Signature&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28229.md b/2023/CVE-2023-28229.md index e8f196470c..67c0e39132 100644 --- a/2023/CVE-2023-28229.md +++ b/2023/CVE-2023-28229.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,10 +31,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1817%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1555%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22015%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24216%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20919%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-591%3A%20Sensitive%20Data%20Storage%20in%20Improperly%20Locked%20Memory&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28231.md b/2023/CVE-2023-28231.md index 45c623abc5..d864b5b257 100644 --- a/2023/CVE-2023-28231.md +++ b/2023/CVE-2023-28231.md @@ -1,5 +1,6 @@ ### [CVE-2023-28231](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28231) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -16,10 +17,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.17763.4252%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1668%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22015%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24216%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20919%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-122%3A%20Heap-based%20Buffer%20Overflow&color=brighgreen) ### Description @@ -33,6 +35,7 @@ No PoCs from references. #### Github - https://github.com/2lambda123/diaphora - https://github.com/ARPSyndicate/cvemon +- https://github.com/TheHermione/CVE-2023-28231 - https://github.com/elefantesagradodeluzinfinita/elefantesagradodeluzinfinita - https://github.com/glavstroy/CVE-2023-28231 - https://github.com/joxeankoret/diaphora diff --git a/2023/CVE-2023-28244.md b/2023/CVE-2023-28244.md index 9019707b32..8e3efcc21d 100644 --- a/2023/CVE-2023-28244.md +++ b/2023/CVE-2023-28244.md @@ -1,5 +1,6 @@ ### [CVE-2023-28244](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28244) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -16,10 +17,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.17763.4252%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1668%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22015%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24216%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20919%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-327%3A%20Use%20of%20a%20Broken%20or%20Risky%20Cryptographic%20Algorithm&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28248.md b/2023/CVE-2023-28248.md index abb622db89..57b702bc65 100644 --- a/2023/CVE-2023-28248.md +++ b/2023/CVE-2023-28248.md @@ -19,7 +19,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1668%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1817%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1555%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-190%3A%20Integer%20Overflow%20or%20Wraparound&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28250.md b/2023/CVE-2023-28250.md index aadb9438e8..aa9d31d198 100644 --- a/2023/CVE-2023-28250.md +++ b/2023/CVE-2023-28250.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,10 +31,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1817%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1555%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22015%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24216%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20919%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-191%3A%20Integer%20Underflow%20(Wrap%20or%20Wraparound)&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28252.md b/2023/CVE-2023-28252.md index a5ca458b95..6a633ac411 100644 --- a/2023/CVE-2023-28252.md +++ b/2023/CVE-2023-28252.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,10 +31,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1817%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1555%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22015%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24216%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20919%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-122%3A%20Heap-based%20Buffer%20Overflow&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28271.md b/2023/CVE-2023-28271.md index c2bf5a1f25..55408b6713 100644 --- a/2023/CVE-2023-28271.md +++ b/2023/CVE-2023-28271.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,10 +31,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1817%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1555%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22015%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24216%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20919%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-200%3A%20Exposure%20of%20Sensitive%20Information%20to%20an%20Unauthorized%20Actor&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28285.md b/2023/CVE-2023-28285.md index 19a1f8a61c..a229fd987c 100644 --- a/2023/CVE-2023-28285.md +++ b/2023/CVE-2023-28285.md @@ -5,7 +5,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.72.23040900%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%2016.72.23040900%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28287.md b/2023/CVE-2023-28287.md index 47abed311d..6b455d15d3 100644 --- a/2023/CVE-2023-28287.md +++ b/2023/CVE-2023-28287.md @@ -8,7 +8,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.5391.1000%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=19.0.0%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28288.md b/2023/CVE-2023-28288.md index 004ee65657..4074767a5c 100644 --- a/2023/CVE-2023-28288.md +++ b/2023/CVE-2023-28288.md @@ -8,7 +8,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.10397.20002%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.16130.20314%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.5391.1000%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Spoofing&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-918%3A%20Server-Side%20Request%20Forgery%20(SSRF)&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28293.md b/2023/CVE-2023-28293.md index cb3c504608..2d4eb3c22d 100644 --- a/2023/CVE-2023-28293.md +++ b/2023/CVE-2023-28293.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,10 +31,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1817%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1555%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22015%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24216%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20919%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-191%3A%20Integer%20Underflow%20(Wrap%20or%20Wraparound)&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28295.md b/2023/CVE-2023-28295.md index 86a15f27af..3f9fa47f0d 100644 --- a/2023/CVE-2023-28295.md +++ b/2023/CVE-2023-28295.md @@ -8,7 +8,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.5391.1000%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=19.0.0%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-190%3A%20Integer%20Overflow%20or%20Wraparound&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28302.md b/2023/CVE-2023-28302.md index 4af272510c..30f8e8551c 100644 --- a/2023/CVE-2023-28302.md +++ b/2023/CVE-2023-28302.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,10 +31,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1817%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1555%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22015%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24216%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20919%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Denial%20of%20Service&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%3A%20Improper%20Input%20Validation&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28303.md b/2023/CVE-2023-28303.md index 770d48c03d..693877dd3d 100644 --- a/2023/CVE-2023-28303.md +++ b/2023/CVE-2023-28303.md @@ -3,7 +3,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Snipping%20Tool&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=11.0.0%3C%2011.2302.20.0%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=9.0%3C%2010.2008.3001.0%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-359%3A%20Exposure%20of%20Private%20Personal%20Information%20to%20an%20Unauthorized%20Actor&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28310.md b/2023/CVE-2023-28310.md index 9d32fbc627..72b7d005ef 100644 --- a/2023/CVE-2023-28310.md +++ b/2023/CVE-2023-28310.md @@ -5,7 +5,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=15.01.0%3C%2015.01.2507.027%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1118.030%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1258.016%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%3A%20Deserialization%20of%20Untrusted%20Data&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28311.md b/2023/CVE-2023-28311.md index c8ad03b96d..b56c13bd89 100644 --- a/2023/CVE-2023-28311.md +++ b/2023/CVE-2023-28311.md @@ -5,7 +5,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.72.23040900%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%2016.72.23040900%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-122%3A%20Heap-based%20Buffer%20Overflow&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28343.md b/2023/CVE-2023-28343.md index 874dd3cd62..0e13731ff9 100644 --- a/2023/CVE-2023-28343.md +++ b/2023/CVE-2023-28343.md @@ -19,6 +19,7 @@ OS command injection affects Altenergy Power Control Software C1.2.5 via shell m - https://github.com/hba343434/CVE-2023-28343 - https://github.com/karimhabush/cyberowl - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/superzerosec/CVE-2023-28343 - https://github.com/superzerosec/poc-exploit-index diff --git a/2023/CVE-2023-28432.md b/2023/CVE-2023-28432.md index 54759c09cb..b03116179a 100644 --- a/2023/CVE-2023-28432.md +++ b/2023/CVE-2023-28432.md @@ -59,11 +59,13 @@ No PoCs from references. - https://github.com/komodoooo/some-things - https://github.com/netuseradministrator/CVE-2023-28432 - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/soxoj/information-disclosure-writeups-and-pocs - https://github.com/steponeerror/Cve-2023-28432- - https://github.com/trailofbits/awesome-ml-security - https://github.com/unam4/CVE-2023-28432-minio_update_rce - https://github.com/whoami13apt/files2 +- https://github.com/wy876/POC - https://github.com/xk-mt/CVE-2023-28432 - https://github.com/yTxZx/CVE-2023-28432 - https://github.com/yuyongxr/minio_cve-2023-28432 diff --git a/2023/CVE-2023-28531.md b/2023/CVE-2023-28531.md index bf0953a9d3..ac05158094 100644 --- a/2023/CVE-2023-28531.md +++ b/2023/CVE-2023-28531.md @@ -17,4 +17,5 @@ No PoCs from references. - https://github.com/drg3nz0/gpt-analyzer - https://github.com/fkie-cad/nvd-json-data-feeds - https://github.com/morpheuslord/GPT_Vuln-analyzer +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2023/CVE-2023-29324.md b/2023/CVE-2023-29324.md index e39896adf4..2a1032d430 100644 --- a/2023/CVE-2023-29324.md +++ b/2023/CVE-2023-29324.md @@ -35,7 +35,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26519%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24266%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20969%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Security%20Feature%20Bypass&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-73%3A%20External%20Control%20of%20File%20Name%20or%20Path&color=brighgreen) ### Description diff --git a/2023/CVE-2023-29325.md b/2023/CVE-2023-29325.md index 942b6863cf..fb6e7399f0 100644 --- a/2023/CVE-2023-29325.md +++ b/2023/CVE-2023-29325.md @@ -35,7 +35,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26519%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24266%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20969%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-29332.md b/2023/CVE-2023-29332.md index af385217e6..4acd294069 100644 --- a/2023/CVE-2023-29332.md +++ b/2023/CVE-2023-29332.md @@ -1,7 +1,7 @@ ### [CVE-2023-29332](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29332) ![](https://img.shields.io/static/v1?label=Product&message=Azure%20Kubernetes%20Service&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=1.0%3C%20VHD%20202308%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-330%3A%20Use%20of%20Insufficiently%20Random%20Values&color=brighgreen) ### Description diff --git a/2023/CVE-2023-29336.md b/2023/CVE-2023-29336.md index 737846cb7a..d3050d3fa8 100644 --- a/2023/CVE-2023-29336.md +++ b/2023/CVE-2023-29336.md @@ -19,7 +19,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26519%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24266%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20969%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-29338.md b/2023/CVE-2023-29338.md index a3d64cdf64..0d408160d0 100644 --- a/2023/CVE-2023-29338.md +++ b/2023/CVE-2023-29338.md @@ -1,7 +1,7 @@ ### [CVE-2023-29338](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29338) ![](https://img.shields.io/static/v1?label=Product&message=Visual%20Studio%20Code&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=1.0.0%3C%201.78.1%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Spoofing&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-285%3A%20Improper%20Authorization&color=brighgreen) ### Description diff --git a/2023/CVE-2023-29343.md b/2023/CVE-2023-29343.md index 7a6a74626a..81d2227f57 100644 --- a/2023/CVE-2023-29343.md +++ b/2023/CVE-2023-29343.md @@ -1,7 +1,7 @@ ### [CVE-2023-29343](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29343) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Sysmon&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=1.0%3C%2014.16%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-59%3A%20Improper%20Link%20Resolution%20Before%20File%20Access%20('Link%20Following')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-29357.md b/2023/CVE-2023-29357.md index f134cb9799..da37df7bc8 100644 --- a/2023/CVE-2023-29357.md +++ b/2023/CVE-2023-29357.md @@ -1,7 +1,7 @@ ### [CVE-2023-29357](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29357) ![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20SharePoint%20Server%202019&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.10399.20005%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-303%3A%20Incorrect%20Implementation%20of%20Authentication%20Algorithm&color=brighgreen) ### Description diff --git a/2023/CVE-2023-29360.md b/2023/CVE-2023-29360.md index 10c3f7523c..c354d5e8c3 100644 --- a/2023/CVE-2023-29360.md +++ b/2023/CVE-2023-29360.md @@ -17,7 +17,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1787%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2057%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1848%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-822%3A%20Untrusted%20Pointer%20Dereference&color=brighgreen) ### Description diff --git a/2023/CVE-2023-2975.md b/2023/CVE-2023-2975.md index 359242d6db..05b3524634 100644 --- a/2023/CVE-2023-2975.md +++ b/2023/CVE-2023-2975.md @@ -17,5 +17,6 @@ No PoCs from references. - https://github.com/chnzzh/OpenSSL-CVE-lib - https://github.com/fkie-cad/nvd-json-data-feeds - https://github.com/seal-community/patches +- https://github.com/testing-felickz/docker-scout-demo - https://github.com/tquizzle/clamav-alpine diff --git a/2023/CVE-2023-31468.md b/2023/CVE-2023-31468.md index e6362af341..95763d8018 100644 --- a/2023/CVE-2023-31468.md +++ b/2023/CVE-2023-31468.md @@ -5,7 +5,7 @@ ### Description -An issue was discovered in Inosoft VisiWin 7 through 2022-2.1 (Runtime RT7.3 RC3 20221209.5). The "%PROGRAMFILES(X86)%\INOSOFT GmbH" folder has weak permissions for Everyone, allowing an attacker to insert a Trojan horse file that runs as SYSTEM. +An issue was discovered in Inosoft VisiWin 7 through 2022-2.1 (Runtime RT7.3 RC3 20221209.5). The "%PROGRAMFILES(X86)%\INOSOFT GmbH" folder has weak permissions for Everyone, allowing an attacker to insert a Trojan horse file that runs as SYSTEM. 2024-1 is a fixed version. ### POC diff --git a/2023/CVE-2023-32031.md b/2023/CVE-2023-32031.md index 385a6a3fd1..80330cf8ab 100644 --- a/2023/CVE-2023-32031.md +++ b/2023/CVE-2023-32031.md @@ -5,7 +5,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=15.01.0%3C%2015.01.2507.027%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1118.030%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1258.016%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%3A%20Deserialization%20of%20Untrusted%20Data&color=brighgreen) ### Description diff --git a/2023/CVE-2023-32046.md b/2023/CVE-2023-32046.md index 8ac93e7c67..9a46ef7fc9 100644 --- a/2023/CVE-2023-32046.md +++ b/2023/CVE-2023-32046.md @@ -7,6 +7,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -28,6 +29,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2176%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1992%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22175%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26623%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26623%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24374%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21063%20&color=brighgreen) diff --git a/2023/CVE-2023-32054.md b/2023/CVE-2023-32054.md new file mode 100644 index 0000000000..ed072ee0c9 --- /dev/null +++ b/2023/CVE-2023-32054.md @@ -0,0 +1,42 @@ +### [CVE-2023-32054](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32054) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2021H2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2022H2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202022&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.10240.20048%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.14393.6085%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.17763.4645%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.19044.3208%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.19045.3208%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1850%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2176%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1992%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26623%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26623%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24374%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-36%3A%20Absolute%20Path%20Traversal&color=brighgreen) + +### Description + +Volume Shadow Copy Elevation of Privilege Vulnerability + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/SafeBreach-Labs/MagicDot + diff --git a/2023/CVE-2023-33137.md b/2023/CVE-2023-33137.md index 5da24f481b..c6fb899bfd 100644 --- a/2023/CVE-2023-33137.md +++ b/2023/CVE-2023-33137.md @@ -7,7 +7,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.0.0%3C%2016.0.5400.1000%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%2016.0.10399.20000%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=19.0.0%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-415%3A%20Double%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-33144.md b/2023/CVE-2023-33144.md index 085362c882..624bbfe75b 100644 --- a/2023/CVE-2023-33144.md +++ b/2023/CVE-2023-33144.md @@ -1,7 +1,7 @@ ### [CVE-2023-33144](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33144) ![](https://img.shields.io/static/v1?label=Product&message=Visual%20Studio%20Code&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=1.0.0%3C%201.79%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Spoofing&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-23%3A%20Relative%20Path%20Traversal&color=brighgreen) ### Description diff --git a/2023/CVE-2023-33148.md b/2023/CVE-2023-33148.md index e7cb9e8635..502793030f 100644 --- a/2023/CVE-2023-33148.md +++ b/2023/CVE-2023-33148.md @@ -6,7 +6,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=15.0.0.0%3C%2015.0.5571.1000%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=19.0.0%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-59%3A%20Improper%20Link%20Resolution%20Before%20File%20Access%20('Link%20Following')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-3390.md b/2023/CVE-2023-3390.md index a2ff693bf0..0687c0c86f 100644 --- a/2023/CVE-2023-3390.md +++ b/2023/CVE-2023-3390.md @@ -15,5 +15,6 @@ A use-after-free vulnerability was found in the Linux kernel's netfilter subsyst #### Github - https://github.com/c0m0r1/c0m0r1 - https://github.com/fkie-cad/nvd-json-data-feeds +- https://github.com/tanjiti/sec_profile - https://github.com/xairy/linux-kernel-exploitation diff --git a/2023/CVE-2023-3446.md b/2023/CVE-2023-3446.md index 7d0b785f35..304d275c62 100644 --- a/2023/CVE-2023-3446.md +++ b/2023/CVE-2023-3446.md @@ -17,4 +17,5 @@ No PoCs from references. - https://github.com/chnzzh/OpenSSL-CVE-lib - https://github.com/fkie-cad/nvd-json-data-feeds - https://github.com/seal-community/patches +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2023/CVE-2023-34960.md b/2023/CVE-2023-34960.md index 4995d96edd..0075881665 100644 --- a/2023/CVE-2023-34960.md +++ b/2023/CVE-2023-34960.md @@ -32,6 +32,7 @@ A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11 - https://github.com/laohuan12138/exp-collect - https://github.com/lions2012/Penetration_Testing_POC - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/tucommenceapousser/CVE-2023-34960-ex - https://github.com/whoami13apt/files2 diff --git a/2023/CVE-2023-35311.md b/2023/CVE-2023-35311.md index b816ba2b8a..a033e33646 100644 --- a/2023/CVE-2023-35311.md +++ b/2023/CVE-2023-35311.md @@ -10,7 +10,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.0.0%3C%2016.0.5404.1000%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=19.0.0%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Security%20Feature%20Bypass&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-367%3A%20Time-of-check%20Time-of-use%20(TOCTOU)%20Race%20Condition&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35313.md b/2023/CVE-2023-35313.md index 9dba6424c4..94c7fa0227 100644 --- a/2023/CVE-2023-35313.md +++ b/2023/CVE-2023-35313.md @@ -19,7 +19,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1850%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2176%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1992%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35353.md b/2023/CVE-2023-35353.md index d2aa2eda48..aba3e0c732 100644 --- a/2023/CVE-2023-35353.md +++ b/2023/CVE-2023-35353.md @@ -17,7 +17,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1850%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2176%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1992%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-59%3A%20Improper%20Link%20Resolution%20Before%20File%20Access%20('Link%20Following')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35356.md b/2023/CVE-2023-35356.md index 3bf3147f41..ea34b594b3 100644 --- a/2023/CVE-2023-35356.md +++ b/2023/CVE-2023-35356.md @@ -17,7 +17,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1850%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2176%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1992%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-843%3A%20Access%20of%20Resource%20Using%20Incompatible%20Type%20('Type%20Confusion')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35357.md b/2023/CVE-2023-35357.md index 10057358a7..e1268784aa 100644 --- a/2023/CVE-2023-35357.md +++ b/2023/CVE-2023-35357.md @@ -17,7 +17,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1850%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2176%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1992%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-125%3A%20Out-of-bounds%20Read&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35358.md b/2023/CVE-2023-35358.md index f77740c40e..5af24dae18 100644 --- a/2023/CVE-2023-35358.md +++ b/2023/CVE-2023-35358.md @@ -17,7 +17,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1850%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2176%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1992%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-125%3A%20Out-of-bounds%20Read&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35359.md b/2023/CVE-2023-35359.md index 60c7cf1923..50ef0e6fb7 100644 --- a/2023/CVE-2023-35359.md +++ b/2023/CVE-2023-35359.md @@ -33,7 +33,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26664%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24414%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21503%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-23%3A%20Relative%20Path%20Traversal&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35360.md b/2023/CVE-2023-35360.md index 2ccfc4674a..05244703a2 100644 --- a/2023/CVE-2023-35360.md +++ b/2023/CVE-2023-35360.md @@ -25,7 +25,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1992%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24374%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21063%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-591%3A%20Sensitive%20Data%20Storage%20in%20Improperly%20Locked%20Memory&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35361.md b/2023/CVE-2023-35361.md index e4be821476..70230b9269 100644 --- a/2023/CVE-2023-35361.md +++ b/2023/CVE-2023-35361.md @@ -25,7 +25,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1992%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24374%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21063%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-362%3A%20Concurrent%20Execution%20using%20Shared%20Resource%20with%20Improper%20Synchronization%20('Race%20Condition')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35362.md b/2023/CVE-2023-35362.md index 87be768722..8d10d8051b 100644 --- a/2023/CVE-2023-35362.md +++ b/2023/CVE-2023-35362.md @@ -19,7 +19,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1850%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2176%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1992%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-591%3A%20Sensitive%20Data%20Storage%20in%20Improperly%20Locked%20Memory&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35363.md b/2023/CVE-2023-35363.md index 2e2eee131d..cf5ef82e13 100644 --- a/2023/CVE-2023-35363.md +++ b/2023/CVE-2023-35363.md @@ -13,7 +13,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1850%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2176%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1992%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-122%3A%20Heap-based%20Buffer%20Overflow&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35364.md b/2023/CVE-2023-35364.md index 7f1d1411ff..8b1a0a495d 100644 --- a/2023/CVE-2023-35364.md +++ b/2023/CVE-2023-35364.md @@ -13,7 +13,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1850%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2176%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1992%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-190%3A%20Integer%20Overflow%20or%20Wraparound&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35365.md b/2023/CVE-2023-35365.md index dd077a47ea..f969bebd06 100644 --- a/2023/CVE-2023-35365.md +++ b/2023/CVE-2023-35365.md @@ -7,6 +7,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -28,10 +29,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2176%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1992%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22175%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26623%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26623%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24374%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21063%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%3A%20Improper%20Input%20Validation&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35368.md b/2023/CVE-2023-35368.md index a8d08627da..781cb1f6d2 100644 --- a/2023/CVE-2023-35368.md +++ b/2023/CVE-2023-35368.md @@ -5,7 +5,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=15.01.0%3C%2015.01.2507.032%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1118.037%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1258.025%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%3A%20Improper%20Input%20Validation&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35382.md b/2023/CVE-2023-35382.md index 5cc3722202..a95d7a29e5 100644 --- a/2023/CVE-2023-35382.md +++ b/2023/CVE-2023-35382.md @@ -13,7 +13,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1906%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2295%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2134%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35386.md b/2023/CVE-2023-35386.md index e800c67b91..6297529422 100644 --- a/2023/CVE-2023-35386.md +++ b/2023/CVE-2023-35386.md @@ -19,7 +19,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1906%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2295%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2134%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-125%3A%20Out-of-bounds%20Read&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35388.md b/2023/CVE-2023-35388.md index 79a692c4ae..0c6f7f4775 100644 --- a/2023/CVE-2023-35388.md +++ b/2023/CVE-2023-35388.md @@ -5,7 +5,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=15.01.0%3C%2015.01.2507.032%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1118.037%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1258.025%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%3A%20Deserialization%20of%20Untrusted%20Data&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35390.md b/2023/CVE-2023-35390.md index c8b0fa60c7..febc573c57 100644 --- a/2023/CVE-2023-35390.md +++ b/2023/CVE-2023-35390.md @@ -9,7 +9,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=17.6.0%3C%2017.6.6%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.21%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=7.0.0%3C%207.0.10%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-77%3A%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20a%20Command%20('Command%20Injection')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35618.md b/2023/CVE-2023-35618.md index 02bfdbe190..add24f4bb0 100644 --- a/2023/CVE-2023-35618.md +++ b/2023/CVE-2023-35618.md @@ -1,7 +1,7 @@ ### [CVE-2023-35618](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35618) ![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Edge%20(Chromium-based)&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=1.0.0%3C%20120.0.2210.61%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35628.md b/2023/CVE-2023-35628.md index 826a9f4c2f..7f319a7eb5 100644 --- a/2023/CVE-2023-35628.md +++ b/2023/CVE-2023-35628.md @@ -34,7 +34,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26864%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24614%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21715%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35630.md b/2023/CVE-2023-35630.md index e4748c331f..5eb291aa42 100644 --- a/2023/CVE-2023-35630.md +++ b/2023/CVE-2023-35630.md @@ -38,7 +38,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26864%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24614%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21715%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-122%3A%20Heap-based%20Buffer%20Overflow&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35632.md b/2023/CVE-2023-35632.md index 6f6038083a..097aec9467 100644 --- a/2023/CVE-2023-35632.md +++ b/2023/CVE-2023-35632.md @@ -23,7 +23,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26864%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24614%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21715%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-190%3A%20Integer%20Overflow%20or%20Wraparound&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35633.md b/2023/CVE-2023-35633.md index 0ca2a0ab8d..358e2a801c 100644 --- a/2023/CVE-2023-35633.md +++ b/2023/CVE-2023-35633.md @@ -15,7 +15,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26864%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24614%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21715%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-59%3A%20Improper%20Link%20Resolution%20Before%20File%20Access%20('Link%20Following')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35636.md b/2023/CVE-2023-35636.md index e0d66dd986..92c6ed9053 100644 --- a/2023/CVE-2023-35636.md +++ b/2023/CVE-2023-35636.md @@ -6,7 +6,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.5426.1000%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=19.0.0%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-200%3A%20Exposure%20of%20Sensitive%20Information%20to%20an%20Unauthorized%20Actor&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35639.md b/2023/CVE-2023-35639.md index 1c21c75864..8d0c42fe9d 100644 --- a/2023/CVE-2023-35639.md +++ b/2023/CVE-2023-35639.md @@ -38,7 +38,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26864%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24614%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21715%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-122%3A%20Heap-based%20Buffer%20Overflow&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35641.md b/2023/CVE-2023-35641.md index 61c5401d75..3820c3a3da 100644 --- a/2023/CVE-2023-35641.md +++ b/2023/CVE-2023-35641.md @@ -38,7 +38,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26864%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24614%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21715%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-682%3A%20Incorrect%20Calculation&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35644.md b/2023/CVE-2023-35644.md index 88d1438c85..97e43c6f61 100644 --- a/2023/CVE-2023-35644.md +++ b/2023/CVE-2023-35644.md @@ -18,7 +18,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2861%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22631.2861%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.25398.584%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-190%3A%20Integer%20Overflow%20or%20Wraparound&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36003.md b/2023/CVE-2023-36003.md index be7c2beb23..84368b0ad5 100644 --- a/2023/CVE-2023-36003.md +++ b/2023/CVE-2023-36003.md @@ -24,7 +24,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2861%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22631.2861%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.25398.584%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-426%3A%20Untrusted%20Search%20Path&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36005.md b/2023/CVE-2023-36005.md index 94b1644e2c..24c09a7caa 100644 --- a/2023/CVE-2023-36005.md +++ b/2023/CVE-2023-36005.md @@ -38,7 +38,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26864%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24614%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21715%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-591%3A%20Sensitive%20Data%20Storage%20in%20Improperly%20Locked%20Memory&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36006.md b/2023/CVE-2023-36006.md index efde0c4124..9a53cdcfde 100644 --- a/2023/CVE-2023-36006.md +++ b/2023/CVE-2023-36006.md @@ -38,7 +38,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26864%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24614%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21715%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-121%3A%20Stack-based%20Buffer%20Overflow&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36011.md b/2023/CVE-2023-36011.md index 06f9ea1507..7ff292d23d 100644 --- a/2023/CVE-2023-36011.md +++ b/2023/CVE-2023-36011.md @@ -30,7 +30,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.25398.584%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24614%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21715%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-822%3A%20Untrusted%20Pointer%20Dereference&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36019.md b/2023/CVE-2023-36019.md index a4948c79a5..39185cdb68 100644 --- a/2023/CVE-2023-36019.md +++ b/2023/CVE-2023-36019.md @@ -3,7 +3,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Power%20Platform&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=1.0.0%3C%203.23113%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=3.0%3C%203.23113%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Spoofing&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-73%3A%20External%20Control%20of%20File%20Name%20or%20Path&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36033.md b/2023/CVE-2023-36033.md index 7744994806..b071168b57 100644 --- a/2023/CVE-2023-36033.md +++ b/2023/CVE-2023-36033.md @@ -18,7 +18,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2715%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22631.2715%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.25398.531%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-822%3A%20Untrusted%20Pointer%20Dereference&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36034.md b/2023/CVE-2023-36034.md index a11f3489b1..2b05ae6419 100644 --- a/2023/CVE-2023-36034.md +++ b/2023/CVE-2023-36034.md @@ -3,7 +3,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Edge%20(Chromium-based)&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=1.0.0%3C%20118.0.2088.88%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=1.0.0%3C%20119.0.2151.44%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36036.md b/2023/CVE-2023-36036.md index 8f6a11ba06..727880b0bf 100644 --- a/2023/CVE-2023-36036.md +++ b/2023/CVE-2023-36036.md @@ -38,7 +38,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26816%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24569%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21668%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-122%3A%20Heap-based%20Buffer%20Overflow&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36041.md b/2023/CVE-2023-36041.md index c8a823d425..ea882e624b 100644 --- a/2023/CVE-2023-36041.md +++ b/2023/CVE-2023-36041.md @@ -8,7 +8,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%2016.79.23111019%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=19.0.0%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36047.md b/2023/CVE-2023-36047.md index 903e42a318..3bef39900a 100644 --- a/2023/CVE-2023-36047.md +++ b/2023/CVE-2023-36047.md @@ -18,7 +18,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2715%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22631.2715%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.25398.531%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-59%3A%20Improper%20Link%20Resolution%20Before%20File%20Access%20('Link%20Following')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36052.md b/2023/CVE-2023-36052.md index 3d612b2486..7a030bd426 100644 --- a/2023/CVE-2023-36052.md +++ b/2023/CVE-2023-36052.md @@ -3,7 +3,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Azure%20Function%20App&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Azure%20Logic%20App&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=1.0.0%3C%202.53.1%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-359%3A%20Exposure%20of%20Private%20Personal%20Information%20to%20an%20Unauthorized%20Actor&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36054.md b/2023/CVE-2023-36054.md index a129f48c87..8285c4c481 100644 --- a/2023/CVE-2023-36054.md +++ b/2023/CVE-2023-36054.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/adegoodyer/kubernetes-admin-toolkit - https://github.com/ecperth/check-aws-inspector +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2023/CVE-2023-36085.md b/2023/CVE-2023-36085.md index 1c329ae56f..30a14946f0 100644 --- a/2023/CVE-2023-36085.md +++ b/2023/CVE-2023-36085.md @@ -14,5 +14,5 @@ The sisqualWFM 7.1.319.103 thru 7.1.319.111 for Android, has a host header injec - https://github.com/omershaik0/Handmade_Exploits/tree/main/SISQUALWFM-Host-Header-Injection-CVE-2023-36085 #### Github -No PoCs found on GitHub currently. +- https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2023/CVE-2023-36391.md b/2023/CVE-2023-36391.md index 1c281baea7..6c63caa776 100644 --- a/2023/CVE-2023-36391.md +++ b/2023/CVE-2023-36391.md @@ -1,8 +1,9 @@ ### [CVE-2023-36391](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36391) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20Version%2023H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H3&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2861%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22631.2861%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-59%3A%20Improper%20Link%20Resolution%20Before%20File%20Access%20('Link%20Following')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36396.md b/2023/CVE-2023-36396.md new file mode 100644 index 0000000000..e082fe6688 --- /dev/null +++ b/2023/CVE-2023-36396.md @@ -0,0 +1,20 @@ +### [CVE-2023-36396](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36396) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20Version%2023H2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H3&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2715%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22631.2715%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-41%3A%20Improper%20Resolution%20of%20Path%20Equivalence&color=brighgreen) + +### Description + +Windows Compressed Folder Remote Code Execution Vulnerability + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/SafeBreach-Labs/MagicDot + diff --git a/2023/CVE-2023-36403.md b/2023/CVE-2023-36403.md index fcf26b9582..069434538f 100644 --- a/2023/CVE-2023-36403.md +++ b/2023/CVE-2023-36403.md @@ -38,7 +38,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26816%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24569%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21668%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-591%3A%20Sensitive%20Data%20Storage%20in%20Improperly%20Locked%20Memory&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36404.md b/2023/CVE-2023-36404.md index f8cdefbd3f..91a8733d49 100644 --- a/2023/CVE-2023-36404.md +++ b/2023/CVE-2023-36404.md @@ -22,7 +22,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2715%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22631.2715%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.25398.531%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-284%3A%20Improper%20Access%20Control&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36407.md b/2023/CVE-2023-36407.md index aaac6b0880..0cb92c4563 100644 --- a/2023/CVE-2023-36407.md +++ b/2023/CVE-2023-36407.md @@ -10,7 +10,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2715%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22631.2715%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.25398.531%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%3A%20Improper%20Input%20Validation&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36414.md b/2023/CVE-2023-36414.md index 170ee3a921..9b91490324 100644 --- a/2023/CVE-2023-36414.md +++ b/2023/CVE-2023-36414.md @@ -1,7 +1,7 @@ ### [CVE-2023-36414](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36414) ![](https://img.shields.io/static/v1?label=Product&message=Azure%20Identity%20SDK%20for%20.NET&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=1.0.0%3C%201.10.2%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-77%3A%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20a%20Command%20('Command%20Injection')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36424.md b/2023/CVE-2023-36424.md index 491df6bc5a..297d22f75d 100644 --- a/2023/CVE-2023-36424.md +++ b/2023/CVE-2023-36424.md @@ -38,7 +38,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26816%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24569%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21668%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-125%3A%20Out-of-bounds%20Read&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36434.md b/2023/CVE-2023-36434.md index ed7e6e4d7b..402d488c76 100644 --- a/2023/CVE-2023-36434.md +++ b/2023/CVE-2023-36434.md @@ -7,6 +7,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -28,10 +29,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2538%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2428%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22317%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26769%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26769%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24523%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21620%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-307%3A%20Improper%20Restriction%20of%20Excessive%20Authentication%20Attempts&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36439.md b/2023/CVE-2023-36439.md index fc6c2795c0..ec23a26c1a 100644 --- a/2023/CVE-2023-36439.md +++ b/2023/CVE-2023-36439.md @@ -5,7 +5,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=15.01.0%3C%2015.01.2507.035%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1118.040%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1258.028%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%3A%20Deserialization%20of%20Untrusted%20Data&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36562.md b/2023/CVE-2023-36562.md index 207880c7e6..72638e5e0e 100644 --- a/2023/CVE-2023-36562.md +++ b/2023/CVE-2023-36562.md @@ -1,7 +1,7 @@ ### [CVE-2023-36562](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36562) ![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Edge%20(Chromium-based)&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=1.0.0%3C%20117.0.2045.31%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36563.md b/2023/CVE-2023-36563.md index 7903f1d211..38ed208bb0 100644 --- a/2023/CVE-2023-36563.md +++ b/2023/CVE-2023-36563.md @@ -7,6 +7,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -28,10 +29,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2538%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2428%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22317%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26769%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26769%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24523%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21620%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%3A%20Improper%20Input%20Validation&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36576.md b/2023/CVE-2023-36576.md index 906a8e6d1d..770c6d5992 100644 --- a/2023/CVE-2023-36576.md +++ b/2023/CVE-2023-36576.md @@ -17,7 +17,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.2031%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2538%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2428%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-190%3A%20Integer%20Overflow%20or%20Wraparound&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36584.md b/2023/CVE-2023-36584.md index 8cc085ab7e..7d7b1be19e 100644 --- a/2023/CVE-2023-36584.md +++ b/2023/CVE-2023-36584.md @@ -7,6 +7,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -28,6 +29,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2538%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2428%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22317%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26769%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26769%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24523%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21620%20&color=brighgreen) diff --git a/2023/CVE-2023-36696.md b/2023/CVE-2023-36696.md index 27dd33afff..4d249fa0d4 100644 --- a/2023/CVE-2023-36696.md +++ b/2023/CVE-2023-36696.md @@ -18,7 +18,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2861%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22631.2861%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.25398.584%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-125%3A%20Out-of-bounds%20Read&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36723.md b/2023/CVE-2023-36723.md index 81be36d5e3..f4c1aaee35 100644 --- a/2023/CVE-2023-36723.md +++ b/2023/CVE-2023-36723.md @@ -13,7 +13,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.2031%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2538%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2428%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-59%3A%20Improper%20Link%20Resolution%20Before%20File%20Access%20('Link%20Following')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36728.md b/2023/CVE-2023-36728.md index 8f829edbeb..fcd0e68440 100644 --- a/2023/CVE-2023-36728.md +++ b/2023/CVE-2023-36728.md @@ -31,7 +31,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=18.0.0%3C%2018.6.0007.0%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=18.0.0.0%3C%2018.3.2.1%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=19.0.0%3C%2019.3.0002.0%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Denial%20of%20Service&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-125%3A%20Out-of-bounds%20Read&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36735.md b/2023/CVE-2023-36735.md index 67b85bb81d..629f4a238d 100644 --- a/2023/CVE-2023-36735.md +++ b/2023/CVE-2023-36735.md @@ -1,7 +1,7 @@ ### [CVE-2023-36735](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36735) ![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Edge%20(Chromium-based)&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=1.0.0%3C%20117.0.2045.31%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36741.md b/2023/CVE-2023-36741.md index 81ca921932..0006ff1c59 100644 --- a/2023/CVE-2023-36741.md +++ b/2023/CVE-2023-36741.md @@ -1,7 +1,7 @@ ### [CVE-2023-36741](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36741) ![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Edge%20(Chromium-based)&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=1.0.0%3C%20116.0.1938.62%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36745.md b/2023/CVE-2023-36745.md index db62273410..d3be5f56a1 100644 --- a/2023/CVE-2023-36745.md +++ b/2023/CVE-2023-36745.md @@ -5,7 +5,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=15.01.0%3C%2015.01.2507.032%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1118.037%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1258.025%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%3A%20Deserialization%20of%20Untrusted%20Data&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36761.md b/2023/CVE-2023-36761.md index d550fa048f..1b26192fec 100644 --- a/2023/CVE-2023-36761.md +++ b/2023/CVE-2023-36761.md @@ -9,7 +9,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%2016.0.5413.1000%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=19.0.0%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%3A%20Improper%20Input%20Validation&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36764.md b/2023/CVE-2023-36764.md index f3e19101bd..5bdbee7335 100644 --- a/2023/CVE-2023-36764.md +++ b/2023/CVE-2023-36764.md @@ -5,7 +5,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.10402.20016%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.16731.20180%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.5413.1001%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-73%3A%20External%20Control%20of%20File%20Name%20or%20Path&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36778.md b/2023/CVE-2023-36778.md index f174c60b08..ef2f43e372 100644 --- a/2023/CVE-2023-36778.md +++ b/2023/CVE-2023-36778.md @@ -5,7 +5,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=15.01.0%3C%2015.01.2507.034%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1118.039%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1258.027%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-426%3A%20Untrusted%20Search%20Path&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36787.md b/2023/CVE-2023-36787.md index 414fe95e87..6aed8dfc23 100644 --- a/2023/CVE-2023-36787.md +++ b/2023/CVE-2023-36787.md @@ -1,7 +1,7 @@ ### [CVE-2023-36787](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36787) ![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Edge%20(Chromium-based)&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=1.0.0%3C%20116.0.1938.54%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36802.md b/2023/CVE-2023-36802.md index 5293195101..146616e10e 100644 --- a/2023/CVE-2023-36802.md +++ b/2023/CVE-2023-36802.md @@ -13,7 +13,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1970%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2416%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2283%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36803.md b/2023/CVE-2023-36803.md index d5034e73df..67800e3997 100644 --- a/2023/CVE-2023-36803.md +++ b/2023/CVE-2023-36803.md @@ -17,7 +17,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1970%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2416%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2283%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-126%3A%20Buffer%20Over-read&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36874.md b/2023/CVE-2023-36874.md index 2b4541d41e..551d614a10 100644 --- a/2023/CVE-2023-36874.md +++ b/2023/CVE-2023-36874.md @@ -7,6 +7,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -28,10 +29,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2176%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1992%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22175%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26623%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26623%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24374%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21063%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-59%3A%20Improper%20Link%20Resolution%20Before%20File%20Access%20('Link%20Following')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36884.md b/2023/CVE-2023-36884.md index d4fd3b6f0c..84fbb0b1d9 100644 --- a/2023/CVE-2023-36884.md +++ b/2023/CVE-2023-36884.md @@ -33,7 +33,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26664%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24414%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21503%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-362%3A%20Concurrent%20Execution%20using%20Shared%20Resource%20with%20Improper%20Synchronization%20('Race%20Condition')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36895.md b/2023/CVE-2023-36895.md index 8fd5f52c59..c120c905cc 100644 --- a/2023/CVE-2023-36895.md +++ b/2023/CVE-2023-36895.md @@ -13,7 +13,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%2016.76.23081101%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=19.0.0%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36899.md b/2023/CVE-2023-36899.md index 14c05bb9de..fb1ab5a425 100644 --- a/2023/CVE-2023-36899.md +++ b/2023/CVE-2023-36899.md @@ -16,7 +16,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=4.8.0%3C%204.8.04654.06%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=4.8.0%3C%204.8.4654.06%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=4.8.1%3C%204.8.09176.01%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%3A%20Improper%20Input%20Validation&color=brighgreen) ### Description @@ -33,5 +33,6 @@ No PoCs from references. - https://github.com/hktalent/bug-bounty - https://github.com/midisec/CVE-2023-36899 - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/riramar/Web-Attack-Cheat-Sheet - https://github.com/w181496/Web-CTF-Cheatsheet diff --git a/2023/CVE-2023-36900.md b/2023/CVE-2023-36900.md index ce7bf0dcbe..d4a62548a1 100644 --- a/2023/CVE-2023-36900.md +++ b/2023/CVE-2023-36900.md @@ -33,7 +33,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26664%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24414%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21503%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-190%3A%20Integer%20Overflow%20or%20Wraparound&color=brighgreen) ### Description diff --git a/2023/CVE-2023-38039.md b/2023/CVE-2023-38039.md index 92114c5180..9e4e1fcf99 100644 --- a/2023/CVE-2023-38039.md +++ b/2023/CVE-2023-38039.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/fkie-cad/nvd-json-data-feeds - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2023/CVE-2023-38139.md b/2023/CVE-2023-38139.md index 9f64bda90f..a78df3d757 100644 --- a/2023/CVE-2023-38139.md +++ b/2023/CVE-2023-38139.md @@ -7,6 +7,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -28,10 +29,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2416%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2283%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22264%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26713%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26713%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24462%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21563%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-38140.md b/2023/CVE-2023-38140.md index 23486833a4..64d000ef6b 100644 --- a/2023/CVE-2023-38140.md +++ b/2023/CVE-2023-38140.md @@ -15,7 +15,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.19045.3448%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1970%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2416%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-908%3A%20Use%20of%20Uninitialized%20Resource&color=brighgreen) ### Description diff --git a/2023/CVE-2023-38141.md b/2023/CVE-2023-38141.md index 03b78b3636..f343c42191 100644 --- a/2023/CVE-2023-38141.md +++ b/2023/CVE-2023-38141.md @@ -7,6 +7,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -28,10 +29,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2416%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2283%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22264%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26713%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26713%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24462%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21563%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-367%3A%20Time-of-check%20Time-of-use%20(TOCTOU)%20Race%20Condition&color=brighgreen) ### Description diff --git a/2023/CVE-2023-38146.md b/2023/CVE-2023-38146.md index 0907be719c..003f9f48fc 100644 --- a/2023/CVE-2023-38146.md +++ b/2023/CVE-2023-38146.md @@ -3,7 +3,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2416%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2283%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-367%3A%20Time-of-check%20Time-of-use%20(TOCTOU)%20Race%20Condition&color=brighgreen) ### Description diff --git a/2023/CVE-2023-38154.md b/2023/CVE-2023-38154.md index 349a6f8ded..ab0727864e 100644 --- a/2023/CVE-2023-38154.md +++ b/2023/CVE-2023-38154.md @@ -3,7 +3,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.17763.4737%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-122%3A%20Heap-based%20Buffer%20Overflow&color=brighgreen) ### Description diff --git a/2023/CVE-2023-3817.md b/2023/CVE-2023-3817.md index ce861fc209..c443a194f6 100644 --- a/2023/CVE-2023-3817.md +++ b/2023/CVE-2023-3817.md @@ -18,5 +18,6 @@ Issue summary: Checking excessively long DH keys or parameters may be very slow. - https://github.com/fkie-cad/nvd-json-data-feeds - https://github.com/ksoclabs/image-vulnerability-search - https://github.com/seal-community/patches +- https://github.com/testing-felickz/docker-scout-demo - https://github.com/tquizzle/clamav-alpine diff --git a/2023/CVE-2023-38175.md b/2023/CVE-2023-38175.md index 6a62d5942d..47ff2480ba 100644 --- a/2023/CVE-2023-38175.md +++ b/2023/CVE-2023-38175.md @@ -1,7 +1,7 @@ ### [CVE-2023-38175](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38175) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20Antimalware%20Platform&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=4.0.0.0%3C%201.1.23060.3001%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-59%3A%20Improper%20Link%20Resolution%20Before%20File%20Access%20('Link%20Following')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-38176.md b/2023/CVE-2023-38176.md index df6b523da0..c1c2441f6d 100644 --- a/2023/CVE-2023-38176.md +++ b/2023/CVE-2023-38176.md @@ -1,7 +1,7 @@ ### [CVE-2023-38176](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38176) ![](https://img.shields.io/static/v1?label=Product&message=Azure%20Arc-Enabled%20Servers&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=1.0.0.0%3C%201.33.02399.0%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-22%3A%20Improper%20Limitation%20of%20a%20Pathname%20to%20a%20Restricted%20Directory%20('Path%20Traversal')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-38178.md b/2023/CVE-2023-38178.md index bbcdd101e6..3c1c43ae44 100644 --- a/2023/CVE-2023-38178.md +++ b/2023/CVE-2023-38178.md @@ -5,7 +5,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=17.2.0%3C%2017.2.18%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=17.4.0%3C%2017.4.10%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.21%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Denial%20of%20Service&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-400%3A%20Uncontrolled%20Resource%20Consumption&color=brighgreen) ### Description diff --git a/2023/CVE-2023-38181.md b/2023/CVE-2023-38181.md index d819279491..a420d413e3 100644 --- a/2023/CVE-2023-38181.md +++ b/2023/CVE-2023-38181.md @@ -5,7 +5,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=15.01.0%3C%2015.01.2507.032%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1118.037%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1258.025%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Spoofing&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%3A%20Deserialization%20of%20Untrusted%20Data&color=brighgreen) ### Description diff --git a/2023/CVE-2023-38182.md b/2023/CVE-2023-38182.md index 1cc859e23d..27caef74be 100644 --- a/2023/CVE-2023-38182.md +++ b/2023/CVE-2023-38182.md @@ -5,7 +5,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=15.01.0%3C%2015.01.2507.032%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1118.037%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1258.025%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%3A%20Deserialization%20of%20Untrusted%20Data&color=brighgreen) ### Description diff --git a/2023/CVE-2023-38184.md b/2023/CVE-2023-38184.md index ae4d5d6e83..a77469e4aa 100644 --- a/2023/CVE-2023-38184.md +++ b/2023/CVE-2023-38184.md @@ -33,7 +33,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26664%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24414%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21503%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-38408.md b/2023/CVE-2023-38408.md index 1239507e06..6ef99733f2 100644 --- a/2023/CVE-2023-38408.md +++ b/2023/CVE-2023-38408.md @@ -32,6 +32,7 @@ The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently t - https://github.com/scmanjarrez/CVEScannerV2 - https://github.com/scmanjarrez/test - https://github.com/snowcra5h/CVE-2023-38408 +- https://github.com/testing-felickz/docker-scout-demo - https://github.com/thesakibrahman/THM-Free-Room - https://github.com/wxrdnx/CVE-2023-38408 diff --git a/2023/CVE-2023-38545.md b/2023/CVE-2023-38545.md index 11c7473c3e..1316e890c3 100644 --- a/2023/CVE-2023-38545.md +++ b/2023/CVE-2023-38545.md @@ -31,6 +31,7 @@ No PoCs from references. - https://github.com/mayur-esh/vuln-liners - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/tanjiti/sec_profile +- https://github.com/testing-felickz/docker-scout-demo - https://github.com/vanigori/CVE-2023-38545-sample - https://github.com/whoami13apt/files2 diff --git a/2023/CVE-2023-38546.md b/2023/CVE-2023-38546.md index c72e5b37b3..68a474dcde 100644 --- a/2023/CVE-2023-38546.md +++ b/2023/CVE-2023-38546.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/alex-grandson/docker-python-example - https://github.com/fokypoky/places-list - https://github.com/malinkamedok/devops_sandbox +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2023/CVE-2023-38646.md b/2023/CVE-2023-38646.md index 135d7efa33..9e3c714741 100644 --- a/2023/CVE-2023-38646.md +++ b/2023/CVE-2023-38646.md @@ -79,6 +79,7 @@ Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 all - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/passwa11/2023Hvv_ - https://github.com/passwa11/CVE-2023-38646 +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/raytheon0x21/CVE-2023-38646 - https://github.com/robotmikhro/CVE-2023-38646 - https://github.com/samurai411/toolbox diff --git a/2023/CVE-2023-38706.md b/2023/CVE-2023-38706.md new file mode 100644 index 0000000000..1525a83368 --- /dev/null +++ b/2023/CVE-2023-38706.md @@ -0,0 +1,17 @@ +### [CVE-2023-38706](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38706) +![](https://img.shields.io/static/v1?label=Product&message=discourse&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20stable%20%3C%203.1.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-770%3A%20Allocation%20of%20Resources%20Without%20Limits%20or%20Throttling&color=brighgreen) + +### Description + +Discourse is an open-source discussion platform. Prior to version 3.1.1 of the `stable` branch and version 3.2.0.beta1 of the `beta` and `tests-passed` branches, a malicious user can create an unlimited number of drafts with very long draft keys which may end up exhausting the resources on the server. The issue is patched in version 3.1.1 of the `stable` branch and version 3.2.0.beta1 of the `beta` and `tests-passed` branches. There are no known workarounds. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/kip93/kip93 + diff --git a/2023/CVE-2023-39113.md b/2023/CVE-2023-39113.md index 4ff4e814e5..d18bb2a2bc 100644 --- a/2023/CVE-2023-39113.md +++ b/2023/CVE-2023-39113.md @@ -13,5 +13,5 @@ ngiflib commit fb271 was discovered to contain a segmentation violation via the - https://github.com/miniupnp/ngiflib/issues/27 #### Github -No PoCs found on GitHub currently. +- https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2023/CVE-2023-39114.md b/2023/CVE-2023-39114.md index 8fc3b48fa1..63ac4cefd2 100644 --- a/2023/CVE-2023-39114.md +++ b/2023/CVE-2023-39114.md @@ -13,5 +13,5 @@ ngiflib commit 84a75 was discovered to contain a segmentation violation via the - https://github.com/miniupnp/ngiflib/issues/29 #### Github -No PoCs found on GitHub currently. +- https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2023/CVE-2023-39318.md b/2023/CVE-2023-39318.md new file mode 100644 index 0000000000..0b0dcdb65a --- /dev/null +++ b/2023/CVE-2023-39318.md @@ -0,0 +1,17 @@ +### [CVE-2023-39318](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39318) +![](https://img.shields.io/static/v1?label=Product&message=html%2Ftemplate&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=0%3C%201.20.8%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%3A%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen) + +### Description + +The html/template package does not properly handle HTML-like "" comment tokens, nor hashbang "#!" comment tokens, in